John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes. On top of this, many other hash types are added with contributed patches, and some are added in John the Ripper Pro.
Tuesday, December 27, 2011
HACK : Download F.B.I RAT with Full source coding
F.B.I RAT (Full Backdoor Intergration) V0.1. Supports
xp/Vista/Windows 7, all features have been tested on these OS's
including injection, but there have been some limitations on the
sniffer.
GSM Mobile hacking : Sim cloning
Let's talk about the fun stuff. The first trick I will discuss is an
activity that is becoming quite prevalant, SIM cloning. If you have
paid attention to any cell phone related tutorials in the past, then
you may remember cloning being made popular by certain public figures.
Well, even with GSM this trick still holds relevant. How
could such a flaw exist in a system that is obviously concentrated on
preventing such fraudulant use?
The flaw is within the COMP128
authentication algorithm used as an instantiation of A3/A8 widely used
by gsm providers. Unfortunately for these providers, the COMP128
algorithm is just not strong enough to prevent fraud. We attack the
algorithm by using a chosen-challenge attack, which works by forming a
number of specially-chosen challenges and querying the SIM card for
each one. Then by analyzing the responses from these queries, we are
able to determine the value of the secret key that is used for
authentication. So how do we perform this attack?
SQL Injection : False SQL Injection / Advance Blind SQL Injection
This is a brief whitepaper called False SQL Injection and Advanced Blind SQL Injection. This document is written for publicizing of new SQL injection method about detour some web firewall or some security solution.
In order to read this document, you have to understand basic MySQL principles. I classified the term "SQL Injection" as 2 meanings. The first is a general SQL Injection, we usually call this "True SQL Injection", and the second is a "False SQL Injection". Though in this documentation, you can know something special about "True SQL Injection"
Windows Media Player 11.0.5721.5262 Denial Of Service
Microsoft Windows Media Player version 11.0.5721.5262 remote denial of service exploit.
HOW TO : Android updates with daster menus & bulk uploading
Android:
Dropbox just rolled out an update for their Android mobile client; grab
it today to enjoy a slew of new features including faster menus, bulk
upload, and more.
How to hack keylogger/RAT's password?
Keylogger's and RAT's nowadays are everybody's problem across the internet. Hackers use keyloggers to hack the email passwords
of the victim which they receive in the form of emails or text files on
their respective FTP servers. They spread their keyloggers with the
help of cracks, keygen's or patches of popular software's or simply
through hack tools. So friends, today i will teach you how to reverse engineer the keylogger or RAT to hack the hackers FTP server or email password.
Hack windows admin/administrator password
This is one of the best
method to Hack Windows
XP Administrator
Password. For hacking admin you must have log in
as guest or limited account. This methodod
hacking sdmin is very easy. You don't need any
software or live cd. All
hacking is done manual. To hack XP admin password follow these steps. Please
backup your files which we are going to use here.
Monday, December 26, 2011
PHP Shell - mass mailer, ddoser, connect-back shell, bind shell & more
Ani-Shell is a simple PHP shell with some unique features like Mass Mailer ,
A simple Web-Server Fuzzer , DDoser, Back Connect , Bind Shell etc etc ! This shell
has immense capabilities and have been written with some coding standards in mind for better editing and customization.
Customization
1. Email Trace back is set to Off as default and emails will not be sent , If you are setting
This feature on make sure you change the default email address (lionaneesh@gmail.com) to Your email
Address, Please Change it before using.
2. As default Lock Mode is set to on! This should not be change unless you want your shell exposed.
3. As default the Anti-Crawler Feature is set to “off” ! Change it to “on” for anti-crawler support , and longer Shell life!
4. A variable named greatings can be changed to change the Shell's greating message.
Linux vs Windows
As anyone who is knowledgeable about computer systems might know, there has long been a war between the operating systems of Linux and Windows. What, precisely does each operating system
have, which is better suited for the average user’s needs ? To answer
that, the pros and cons of the differing systems will be examined.
How to protect facebook timeline?
Facebook Timeline brings great new set of features to give totally a new facebook experience. The recent Facebook Christmas Theme spam gone viral couple of days ago and many profile got infected. It is important to protect your facebook timeline
against such spam attacks, as you will stand as the origin to spread
the same spam message to your friends profile. You should do little
modification of privacy settings to prevent your friends or friends of friends posting on your timeline.
Create Android apps free for blog/website
Android is one of the fast growing
mobile platform in the existing ones. It is because of the interactive
user interface and applications available for android. Officially more than one million apps are available for android and each one of them have a unique functionality. If you have your own android application for your blog or website surely it will generate a good traffic for your blog.
Here are the steps to create your own android application for free, to be more specific, this tutorial will help you to create an android application for website or create an android app for your rss feeds.
Saturday, December 24, 2011
Auto rooting script : Hack PC with script
This is the auto-rooting script that is written for Linux, SunOS, Mac OS X, and FreeBSD.
Web Backdoor Cookie
WeBaCoo (Web Backdoor Cookie) is a web backdoor script-kit, aiming to provide a stealth terminal-like connection over HTTP between client and web server. It is a post exploitation tool capable to maintain access to a compromised web server. WeBaCoo was designed to operate under the radar of modern up-to-dated AV, NIDS, IPS, Network Firewalls and Application Firewalls, proving a stealth mechanism to execute system commands to the compromised server. The obfuscated communication is accomplished using HTTP header's Cookie fields under valid client HTTP requests and relative web server's responses.
Friday, December 23, 2011
How to Send Password Protected Email?
Some people send themselves important work documents by email so they can work on them at home. But most email accounts can be accessed from any computer that can connect to the Internet. With this wide access, security is a concern, especially when email is used for business. A password can protect such a business document sent in an email.
How to send self-destructing messages
Many times there is the need of sending a written data to a person but you do not want him/her to keep that data for further reading or as a record. Today i am going to tell you how can you send the self-destructing messages. After reading the message, it will not be availabe again for reading.
How to get passwords stored by popular Windows applications?
This utility scans the passwords stored by popular Windows applications
(Microsoft Outlook, Internet Explorer, Mozilla Firefox, and more...)
and displays security information about all these passwords.
The security information of every stored password includes the total
number of characters,
number of numeric characters, number of lowercase/uppercase characters,
number of repeating characters,
and password strength.
You can use this tool to determine whether the passwords used by other
users are secured enough,
without watching the passwords themselves.
Create fake mail sender.
Sending fake email or email spoofing is really easy as there are many
websites available online for this. You can get hundreds of results by
searching in Google. But you can also create your own fake email sender
website to send fake emails.
How to transfer data from your computer to your iPhone?
One of the great things about Android is its fantastic integration
with Google services. One of the handiest things is the ability to
instantly push links, directions, and phone numbers directly from your
computer to your phone. For a while now, I’ve been looking for a similar
solution for my phone, and I finally found a great one in Pastefire.
Read on through to find out more about this great app that allows you to
push information from your computer’s browser to your phone.
Hack email account/password using cookies.
Hi friends,Today i will show you the practical implementation of session hijacking that how can we take over others sessions and hack his email accounts and other website passwords. In this tutorial of hacking email accounts using session cookies, i will explain you with the help of yahoo account. I will tell you how to hack yahoo account using session cookies.
What are Session Cookies or Magic Cookie or Session ID?
Lets discuss this in very simple language, Whenever we login in our account, it generates a unique string that contains the path of automatic login for particular time then after that limited time it expires by itself.Note its life is only up to when your web browser is open. If you close your web browser it will be get deleted(Its latest up gradation in cookie's field for providing more security).
Now this unique string or simply called Magic cookie is stored at two places first copy is stored on server(of which we cannot do anything) and second is stored in our web browser in form of cookie.
This cookie is destroyed by three ways first is when you close your web browser, second is when you sign out of your account and third is if you left your account open for more than 20 minutes idle.
How to access the cookies on local system?
As
i am explaining this tutorial for hacking yahoo email account. So in
your web browser just open yahoo.com and login into your account.After that type the below code exactly and then press enter:
javascript:alert(document.cookie);Now a popup box will appear showing the cookies something like this:
Now create one fake account on yahoo.com and login in that account and retrieve the cookie in same manner and notice the changes in session ID's.
For hacking the session cookies we first need the session cookies of the victim and its quite simple to get the session cookies of the victim. You just need to send him one link as soon as he clicks on that we will get his session cookie.
After hacking the session cookies, we can use stolen session cookie to login into victim's account even without providing username and password as i already explained that session hacking removes the authentication on the server as we have the AUTO LOGIN cookie. In this type of attack when victim sign out , then hacker will also sign out. But in case of YAHOO its little bit different, when victim signout but attacker still have the access to his account. Yahoo maintains the session for 24 hours and then destroy the session ID's from its server.
How to Steal the Session Cookies?
1. Go to the Website and register there: http://www.my3gb.com/register.jsp
2. Download the Cookie stealer files:
3. Now upload the four files on the website and create one empty directory naming Cookies as shown below:
4.
Now Send the link of yahoo.php to victim. Now what will happen when
user clicks on the yahoo.php is that its cookies are get stored into
directory Cookies and simultaneously he is redirected to his account.
5.
Now open the link Hacked.PHP to access the cookies. In my files the
password is "password". You need to put that to access the files.
6.
You must have got the username of victim's account. Simply Click on it
and it would take you to inbox of victim's yahoo account
without asking for any password.
Now it doesn't matter if victim signs out from his account, you would remain logged into it.
Note: You can try this attack by using two browsers. Sign into yahoo account in one browser and run the code. Then sign in through other browser using stolen session.
Note: You can try this attack by using two browsers. Sign into yahoo account in one browser and run the code. Then sign in through other browser using stolen session.
How to Access Any Website Or Forum Without Registering?
All websites and forums will block unregistered users, but they won’t
block Google Bot. What we will do is to switch our User Agent to that of
Google Bot and freely browse any website or forum without registering.
Hack facebook account password via internet (remotely).
Hello
friends today i will explain you how to hack the Facebook password or
accounts remotely using keylogger. Its a 100% working hack and you can
easily hack anyone's Facebook account or password using this hack. In this tutorial i will explain you how to hack Facebook and other passwords of any user using 100% FUD keylogger. The keylogger in this tutorial we will discuss is L33ts keylogger adn its 100% FUD(fully undetectable).
Hacking Facebook account is very easy and just requires not more than 10 minutes of work. Don't worry i will also tell you how to protect your facebook account or passwords from such hacks and hackers. But for this you must know how hackers hack your facebook account. So first i teach you how to hack facebook account remotely and then i will tell how to protect yourself from this.
NOTE: This tutorial is for Educational purposes only i.e. to make you aware how hackers hack your Facebook accounts. Please don't misuse it. I am not responsible for any damage caused by you.
Dangers of facebook...
Facebook claims that it has 400 million users. But are they well-protected from prying eyes, scammers, and unwanted marketers?
Not according to Joan Goodchild, senior editor of CSO (Chief Security Officer) Online.
She says your privacy may be at far greater risk of being violated than
you know, when you log onto the social-networking site, due to security gaffes or marketing efforts by the company.
Facebook came under fire this past week, when 15 privacy and consumer protection organizations filed a complaint with the Federal Trade Commission,
charging that the site, among other things, manipulates privacy
settings to make users' personal information available for commercial
use. Also, some Facebook users found their private chats accessible to
everyone on their contact list--a major security breach that's left a
lot of people wondering just how secure the site is.
In two words, asserts Goodchild: not very.
SQL Injection : Updated ;)
If you're looking for string injections, or WAF bypassing please look this post. Its updated :)
How to hack
Hacking can be difficult and there are many different ways to hack and many different exploits to use. Hacking is neither defined nor limited by exploitation or exploration. Hacking into someone else's system may be illegal, so don't do it unless you are sure you have permission from the owner of the system you are trying to hack or you are sure it's worth it AND you won't get caught.
Hacking was primarily used for learning new things about systems and computing in general, 'in the good old days'. In recent years it has taken dark connotations and in general has been looked down upon. Likewise, many corporations now employ "hackers" to test the strengths and weaknesses of their own systems. These hackers know when to stop, and it is the positive trust they have built that earn them large salaries.
There is a major difference between a hacker and a cracker. A cracker is motivated by malicious (namely: money) reasons; a hacker is attempting to gain knowledge through exploration, at any cost and in any way - not always legal. Along with the permission, you NEED TO HAVE a written consent showing proof that you got permission from that person or company.
Wednesday, December 21, 2011
'PCTipsbyAnu' on mobile... :)
Download our mobile apps for Symbian, Android, iPhone, iPad, Smartphone and stay in touch every time.....
Monday, December 19, 2011
How to protect facebook account from hackers?
Today facebook is the main target of hackers n they will post some XXX photo/video/link on your wall or send them to your friends from your account. So, here is a way to protect your account from hackers ...
How to Protect Your Facebook Profile from Spam Links?
Hello Friends. Today I am going write something about Protecting your Facebook
Profile From Nasty Spam Links. Currently maximum of People using
Facebook. Starting from a Standard 3 Student to 80 Yrs OLD Person
everybody using Facebook. Slowly Slowly people are getting addicted of
using Facebook. They are spending Hours and Hours over Facebook like
Adding Friends, Commenting Friends, Reading News Streams or Updates from
their Friend’s Wall etc…
Subscribe to:
Posts (Atom)