Hacker's Tools: PC Tips by Anu

Showing posts with label Hacker's Tools. Show all posts

Tuesday, July 5, 2011

Wire Shark...

Tuesday, July 05, 2011

Anu

How to hack remote router using Telnet?

Tuesday, July 05, 2011

Anu

Monday, April 11, 2011

How to taking down a website (DDOS)?

Monday, April 11, 2011

Anu

Wednesday, April 6, 2011

How to hack Facebook, Gmail, Yahoo, Twitter, Skype, Hotmail, Youtube Accounts ?

Wednesday, April 06, 2011

Anu

Monday, April 4, 2011

Hacking tools for XSS and SQL Injection...

Monday, April 04, 2011

Anu

Sunday, March 20, 2011

How to hack your computer on LAN?

Sunday, March 20, 2011

Anu

I think there are already many tut on lan hacking but i found this tut .... its really nice .... so i decided to share it with u all.

Hacking Computer Inside LAN Network

This technique will be taking advantage of Port 139.

Most of the time,Port 139 will be opened.

First of all,I will do a port scanning at the target computer which is 192.168.40.128.

This computer is inside my LAN network.

scan it using Nmap.
I get the result and it shows Port 139 is opened up for me.

Now you will need both of these tools:
** USER2SID & SID2USER
** NetBios Auditing Tool
You can get both of them from HERE

After you get both of them,put them in the C: directory.

You now need to create a null session to the target computer.

Now open the Command Prompt and browse to the USER2SID & SID2USER folder.There will be 2 tools inside it,one will be USER2SID and another one will be SID2USER.

We will first using USER2SID to get the ID.

We will test against the Guest account because Guest account is a built in account.

After we get the ID,we need to do some modification on the ID.

We take the ID we get from the guest account and modified it become
"5 21 861567501 1383384898 839522115 500".

Please leave out the S-1-,leave out all the - too.

Now you will see that you get the username of the Administrator account.

In this case,the Administrator account is Administrator.

Create a text file called user.txt and the content will be the username of the Admin account.

Prepare yourself a good wordlist.

Now put both of them in the same directory with the NetBios Auditing Tool.

MAIN PART

Now we are going to crack the Admin account for the password in order to access to the target computer.

Browse to the NetBios Auditing Tool directory.

Press on enter and the tool will run through the passlist.

In this case,I have get the password.

In order to proof that I can get access to the target computer using this password.

After you press enter,it will prompt you for the username and password.

Therefore,just input them inside the prompt and continue.

Target C drive will be on your screen.

In order to prevent from this attack,close down port that you do not want to use such as Port 135,Port 136,Port 137,Port 138 and Port 139.

CLICK HERE to download Software .

Thanks...

Friday, March 4, 2011

Tools for hacking remote computer...

Friday, March 04, 2011

Anu

In this article on remote computer hacking, I will inform you about
hacking software to hack computer remotely.
This software is called "Prorat" is a RAT (Remote administration Tool) used to hack computer remotely.

RATs :
RATs also called as Remote Administration tools are popularly used softwares to control other computer remotely and considering hacking aspects, hack computer remotely. There are many RATs such as:
Prorat
Turkojan
Yuri RAT and many other.

Working of RATs:

To hack computer remotely using a RAT, you have to create a server and then send this server to victim whose you wanna hack computer remotely. Generally, this server is binded to any file say picture or song, so that whenever victim opens this file on his computer, our server is installed and this server opens port of victim computer and by using this opened port, you are able to hack computer remotely.

It is this RAT server that then sends all system information to PRORAT and we can then hack computer remotely using PRORAT.

Things you can do by hacking computer remotely:

Once you gain access to remote computer, you can hack computer remotely and perform any of following:

# Install a keylogger
# Monitor Chat windows
# Shutdown computer remotely
# Take control of system registry
# Hack locally stored passwords and licence keys
# Download additional malware and servers to gain stronger control
# Control and access all Control Panel options(including add or remover programs)
# Send various Error messages
# Access Printer services
# Erase all disk data by formatting drives
# Open FTP connection and start file transaction

Thus, you are able to hack computer remotely 100%. This software to hack computer remotely is hence very popular.

Disadvantage of remote hacking software RAT:

The main disadvantage of this software - RAT is that the server created to hack computer remotely is recognized by most antiviruses as hacktool and hence, antiviruses send alert messages when installing RAT server.
But, there are many softwares like Binders or Crypters to hide RAT server and prevent antiviruses from sending alerts. Even there are softwares like AVkiller which is used to turn antivirus inactive and then our server (used to hack computer remotely) can be installed on victim computer very easily.

This is all about RATs - softwares to hack computer remotely. In my next article, I will inform about server creation and installation on remote computer. If you have any problem with this article on how to hack computer remotely, please mention it in comments section.

Enjoy N hack computer remotely...

How to hack n control remote computer (RealTime Spy)?

Friday, March 04, 2011

Anu

I get this question asked daily "How to hack a computer remotely" OR "How to install a keylogger in a remote machine".As we know that in order to install a keylogger we must have physical access to victims computer.There are lots of methods to gain physical access such as Netbios hacking ,Trojans, Rats etc.However these methods require alot of skill and its very difficuly for newbies to do it.Alternatively we use a keylogger(Remote installation supported).All we have to do is to make sure that the remote file gets installed into victims computer and your done.Below we will go through the necessary steps required to hack a computer remotely and install a keylogger.I will be using Realtime spy.

Step 1

First of all download Realtime spy.After downloading your copy of Realtime-Spy navigate to where you downloaded (in this case it is on the Windows desktop). Double click the Realtime-Spy installer file to start the install.
NOTE: After install is complete you can delete this file!

Step 2

Upon finishing the installation you will be able to run Realtime-Spy's configuration file immediately. Do this and continue to the next step.

Step 3

You will now see the Realtime-Spy configuration window. Enter in your username and password that you received after purchasing Realtime-Spy. These must be entered EXACTLY as given. They are case sensitive, and take care not to mix up 0's with O's and I's with l's.
After you enter your username and password, choose whether or not you want Realtime-Spy to display a splash warning whenever it is ran, and how often you want it to clear its logs.
After you enter your username/password and select the options you want - press "next" to go to the next configuration panel.

Step 4
When you click "next" Realtime-Spy will verify your settings. If they are correct you will be able to configure your monitoring options, as shown below. Once you have your options set click "create" to create your logging module.

Step 5

Click "create" to create your logging module Or Remote file. You will be prompted for a name to give the file you are creating. In this example we have named it 'test' - you can name it whatever you want. Click Save and you will receive a message similar to the one below.
Remember the location of the file you have just created!

Step 6

Now it is time to send out the file to the remote PC. In this guide we are using Outlook Express on Windows XP.
Click the Create Mail button to open a new mail window.

Step 7

Click ATTACH and navigate to where you saved your Realtime-Spy file you created previously. Click on the file and then click 'Attach' to attach the file to your email.

Step 8

You will now have to enter a recipient for the file you are sending, as well as an email subject and body. Notice the size of the Realtime-Spy file - it should be approximately 100-120kb at all times!
Once you are ready to go click Send to send the email!

Step 9

Once you send out the file you can then login to your Realtime-Spy webspace.
Enter in your username/password at the prompt to continue!

Step 10

You will be presented with your Realtime-Spy webspace. Here you can select and view users that were logged with the file you sent out.
Note: Users will only appear after they have downloaded and executed the file you have sent them.

If you have any problem regarding the installation feel free to comment. ................................................................................

Sunday, February 27, 2011

Wireless hacking tools...

Sunday, February 27, 2011

Anu

Anyone interested in gaining a deeper knowledge of wireless security and exploiting vulnerabilities will need a good set of base tools with which to work. Fortunately, there are an abundance of free tools available on the Internet. This list is not meant to be comprehensive in nature but rather to provide some general guidance on recommended tools to build your toolkit.

Locating a wireless network is the first step in trying to exploit it. There are two tools that are commonly used in this regard:

Network Stumbler a.k.a NetStumbler – This Windows based tool easily finds wireless signals being broadcast within range – A must have. It also has ability to determine Signal/Noise info that can be used for site surveys. I actually know of one highly known public wireless hotspot provider that uses this utility for their site surveys.

Kismet – One of the key functional elements missing from NetStumbler is the ability to display Wireless Networks that are not broadcasting their SSID. As a potential wireless security expert, you should realize that Access Points are routinely broadcasting this info; it just isn’t being read/deciphered. Kismet will detect and display SSIDs that are not being broadcast which is very critical in finding wireless networks.

Attaching to the Found Wireless Network

Once you’ve found a wireless network, the next step is to try to connect to it. If the network isn’t using any type of authentication or encryption security, you can simply connect to the SSID. If the SSID isn’t being broadcast, you can create a profile with the name of the SSID that is not being broadcast. Of course you found the non-broadcast SSID with Kismet, right? If the wireless network is using authentication and/or encryption, you may need one of the following tools.

Airsnort – This is a very easy to use tool that can be used to sniff and crack WEP keys. While many people bash the use of WEP, it is certainly better than using nothing at all. Something you’ll find in using this tool is that it takes a lot of sniffed packets to crack the WEP key. There are additional tools and strategies that can be used to force the generation of traffic on the wireless network to shorten the amount of time needed to crack the key, but this feature is not included in Airsnort.

CowPatty – This tool is used as a brute force tool for cracking WPA-PSK, considered the “New WEP” for home Wireless Security. This program simply tries a bunch of different options from a dictionary file to see if one ends up matching what is defined as the Pre-Shared Key.

ASLeap – If a network is using LEAP, this tool can be used to gather the authentication data that is being passed across the network, and these sniffed credentials can be cracked. LEAP doesn’t protect the authentication like other “real” EAP types, which is the main reason why LEAP can be broken.

Sniffing Wireless Data

Whether you are directly connected to a wireless network or not, if there is wireless network in range, there is data flying through the air at any given moment. You will need a tool to be able to see this data.
Wireshark (formerly Ethereal) – While there has been much debate on the proper way to pronounce this utility, there is no question that it is an extremely valuable tool. Ethereal can scan wireless and Ethernet data and comes with some robust filtering capabilities. It can also be used to sniff-out 802.11 management beacons and probes and subsequently could be used as a tool to sniff-out non-broadcast SSIDs.

The aforementioned utilities, or similar ones, will be necessities in your own wireless security toolkit. The easiest way to become familiar with these tools is to simply use them in a controlled lab environment. And cost is no excuse as all of these tools are available freely on the Internet.

Protecting Against These Tools

Just as it’s important to know how to utilize the aforementioned tools, it is important to know best practices on how to secure your Wireless Network Against these tools.

NetStumbler – Do not broadcast your SSID. Ensure your WLAN is protected by using advanced Authentication and Encryption.

Kismet – There’s really nothing you can do to stop Kismet from finding your WLAN, so ensure your WLAN is protected by using advanced Authentication and Encryption

Airsnort – Use a 128-bit, not a 40-bit WEP encryption key. This would take longer to crack. If your equipment supports it, use WPA or WPA2 instead of WEP (may require firmware or software update).

Cowpatty – Use a long and complex WPA Pre-Shared Key. This type of key would have less of a chance of residing in a dictionary file that would be used to try and guess your key and/or would take longer. If in a corporate scenario, don’t use WPA with Pre-Shared Key, use a good EAP type to protect the authentication and limit the amount of incorrect guesses that would take place before the account is locked-out. If using certificate-like functionality, it could also validate the remote system trying to gain access to the WLAN and not allow a rogue system access.

ASLeap – Use long and complex credentials, or better yet, switch to EAP-FAST or a different EAP type.

Ethereal – Use encryption, so that anything sniffed would be difficult or nearly impossible to break. WPA2, which uses AES, is essentially unrealistic to break by a normal hacker. Even WEP will encrypt the data. When in a Public Wireless Hotspot (which generally do not offer encryption), use application layer encryption, like Simplite to encrypt your IM sessions, or use SSL. For corporate users, use IPSec VPN with split-tunneling disabled. This will force all traffic leaving the machine through an encrypted tunnel that would be encrypted with DES, 3DES or AES.

feel free to comments n also ask your questions via comments,,,

Thanks...

Tuesday, February 15, 2011

How to become ROOT and UNROOT in Samsung Galaxy S / Android 2.2?

Tuesday, February 15, 2011

Anu

While z4root is one of the easiest ways to root most Android phones, it does not work on Samsung Galaxy 3 if it is running Android 2.2 FroYo. While other methods are available to do this, most can be complicated and some don’t allow for unrooting. Using the following guide, you can easily root as well as unroot your Galaxy 3 running FroYo, courtesy of the community at XDA-Developers forums.

Disclaimer: Please follow this guide at your own risk. AddictiveTips will not be liable if your device gets damaged or bricked during the process.

You must see :-

HOW TO BECOME ROOT IN SAMSUNG GALAXY S / ANDROID 2.X? (Z4ROOT)

XDA-Developers forum member addicted2088 has recently posted this method of rooting and unrooting the Galaxy S, and requires that you have your phone’s drivers already installed on your computer. You will also need to download SuperOneClick v1.5, which is provided at the end of this article.
To root your phone:

Download ‘SuperOneClick v1.5 from the link given below, and extract the contents of SuperOneClickv1.5.zip to a folder on your computer.
Run the ‘SuperOneClick’ application from the contents of the extracted folder.
Power your phone OFF and connect it to your computer via USB. Do NOT turn the phone on yet.
In Superoneclick, click the ‘Root’ button and wait till it says ‘Waiting for device’.
Switch your phone on now and wait till SuperOneClick detects it.
Wait while SuperOneClick reboots your phone for the rooting process, and you’re done. Your phone is now rooted.
Once your phone has been rooted, download ‘BusyBox’ from the link given below, extract the .apk file from the zip archive and install it to your phone, and that should fix any slowdown issues that you might come across after rooting.

To unroot your phone:

Download ‘Root Explorer’ from the link given below, extract the .apk file from the zip archive and install it on your phone.
Run ‘Root Explorer’ from your phone.
It will ask you for Superuser privileges. Tap allow to continue.
Tap ‘Mount R/W’ in ‘Root Explorer’. It should now change to ‘Mount R/O’.
Scroll down enter the ‘system’ folder and once there, enter the ‘bin’ folder.
Scroll to find a file named ‘su’, and tap and hold on it and select ‘Delete’ from the popup menu.
Press the back button once to go back to the ‘system’ folder, and enter the ‘app’ folder in the ‘system’ folder.
Scroll to find a file named ‘superuser.apk’, tap and hold on it to get the menu and select ‘Delete’.
Exit Root Explorer. Your phone will now be unrooted.

How to unroot your phone (alternative method):

Download ‘Terminal Emulator’ from the link given below, extract the .apk file from the zip archive and install it to your phone.
Run Terminal Emulator on your phone. In case the keyboard doesn’t show up, press menu and tap ‘Toggle Soft Keyboard’.
Type ‘su’ and press enter. Once it requests you for Superuser privileges, tap ‘Allow’. Now the $ prompt will change to #.

Type the following commands exactly as they appears here, tapping Enter after each one:

mount -o rw,remount /dev/block/mtdblock3 /system

rm /system/bin/su

rm /system/app/superuser.apk

There will be no output of any of these commands so don’t if you do not see any results.
Exit System Emulator. Your phone will now be unrooted.

If anything goes wrong, you can consult the official XDA-Developers forum thread.

Download SuperOneClick v1.5
Download BusyBox
Download Root Explorer
Download Terminal Emulator

Thanks...

Sunday, February 13, 2011

How to hack websites via DDOS (Denial of Service Attack)?

Sunday, February 13, 2011

Anu

There are many tools like SQLI Helper, Admin Finder and many ways like SQL Injection used to hack website or in proper words, deface a website.
Today, I am posting a simple but useful website hacking software- LOIC (Low Orbit Ion Cannon). LOIC is used to hack website by implementing DOS or DDOS attack which temporarily takes a website down. I have provided link for software download... just read on.

Note: The article is meant for educational purpose only. I am not responsible for any act done by you. Remember, hacking website is legally offensive and can take you behind the bars.

Hack Website using DOS attack:

A DOS (Denial Of Service) attack is implemented by sending large number of requests to a web server. Due to large requests, web server clogs up and is unable to respond to other requests. Excess packet traffic in the network leads to congestion and consequently, the web server shuts down, restarts or atleast is unable to serve other clients. Thus, it appears that the website it down. And we are able to temporarily hack website using DOS attack.

How to use LOIC to hack Website???

1. Free download Low Orbit Ion Cannon software to hack website.
Password: qq

2. Run LOIC.exe file on your computer to see:

3. Now, enter the target website url which you want to hack and hit on Lock On.

4. In Attack Options, assign "9001" as timeout value. Enter any number of threads you want LOIC to use. The number of threads refers to the number of virtual computers, LOIC will try to immitate.

5. Now, hit on "IMMA CHARGIN MAH LAZER" so that LOIC starts DOS attack on the website.

Note: A single instance of this software doesn't take a website down. If you really want to hack website using LOIC, run multiple instances of LOIC on multiple computers and DOS the website using these hundreds of LOIC instances. Then, you have hope of taking down a website.

So guys, this was all about how to hack website using DOS attack and LOIC. As you might have seen, you can hack website if you are running multiple instances of LOIC. If you have any problem in this tutorial to hack website using LOIC, please mention it in comments.

Enjoy LOIC to hack website using DOS attack...

Hack Websites...

Sunday, February 13, 2011

Anu

Here is tool tht will reduce your efforts to hack any websites...

Download Havij v1.14

1.First Find a sqli infected site

2-Open havij and copy and paste infected link as shown in figure

3. Then It shows some messages there....Be alert on it and be show patience for sometime to find it's vulernable and type of injection and if db server is mysql and it will find database name.Then after get it's database is name like xxxx_xxxx

[Image: thirdk.jpg]

4.Then Move to another operation to find tables by clicking "tables" as figure shown.Now click "Get tables" Then wait some time if needed

[Image: 37846594.jpg]

5. After founded the tables ,you can see there will be "users" Put mark on it and click in the " get columns " tab as shown in figure

[Image: 4tgh.jpg]

6. In that Just put mark username and password and click "Get data"

[Image: 5tht.jpg]

8. Bingo Got now id and pass that may be admin...
The pass will get as md5 you can crack it also using this tool as shown in figure..

[Image: srfile201088142733796.jpg]

*************************************************************************

HOW TO FInD SQL VU SITES
GO HERE

Quote:http://lnk.co/GP51L

THE GREEN COLLOUR MEAN there is SQL Injection Vulnerability

like this in the pic

[Image: 580714054.jpg]

SQL Dorks

Quote:Aqui les dejo unas cuantas Dorks para buscar webs vulnerables:

inurl:index.php?id=
inurl:trainers.php?id=
inurl:buy.php?category=
inurl:article.php?ID=
inurl:lay_old.php?id=
inurl:declaration_more.php?decl_id=
inurl:ageid=
inurl:games.php?id=
inurl:age.php?file=
inurl:newsDetail.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:show.php?id=
inurl:staff_id=
inurl:newsitem.php?num=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:historialeer.php?num=
inurl:rtray-Questions-View.php?num=
inurl:forum_bds.php?num=
inurl:game.php?id=
inurl:view_product.php?id=
inurl:newsone.php?id=
inurl:sw_comment.php?id=
inurl:news.php?id=
inurl:avd_start.php?avd=
inurl:event.php?id=
inurlroduct-item.php?id=
inurl:sql.php?id=
inurl:news_view.php?id=
inurl:select_biblio.php?id=
inurl:humor.php?id=
inurl:aboutbook.php?id=
inurl:fiche_spectacle.php?id=
inurl:communique_detail.php?id=
inurl:sem.php3?id=
inurl:kategorie.php4?id=
inurl:news.php?id=
inurl:index.php?id=
inurl:faq2.php?id=
inurl:show_an.php?id=
inurl:review.php?id=
inurl:loadpsb.php?id=
inurlinions.php?id=
inurl:spr.php?id=
inurl:ages.php?id=
inurl:announce.php?id=
inurl:clanek.php4?id=
inurl:articipant.php?id=
inurl:download.php?id=
inurl:main.php?id=
inurl:review.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:rod_detail.php?id=
inurl:viewphoto.php?id=
inurl:article.php?id=
inurl:erson.php?id=
inurlroductinfo.php?id=
inurl:showimg.php?id=
inurl:view.php?id=
inurl:website.php?id=
inurl:hosting_info.php?id=
inurl:gallery.php?id=
inurl:rub.php?idr=
inurl:view_faq.php?id=
inurl:artikelinfo.php?id=
inurl:detail.php?ID=
inurl:index.php?=
inurl:rofile_view.php?id=
inurl:category.php?id=
inurl:ublications.php?id=
inurl:fellows.php?id=
inurl:downloads_info.php?id=
inurl:rod_info.php?id=
inurl:shop.php?do=part&id=
inurl:roductinfo.php?id=
inurl:collectionitem.php?id=
inurl:band_info.php?id=
inurlroduct.php?id=
inurl:releases.php?id=
inurl:ray.php?id=
inurl:roduit.php?id=
inurlp.php?id=
inurl:shopping.php?id=
inurl:roductdetail.php?id=
inurlst.php?id=
inurl:viewshowdetail.php?id=
inurl:clubpage.php?id=
inurl:memberInfo.php?id=
inurl:section.php?id=
inurl:theme.php?id=
inurl:age.php?id=
inurl:shredder-categories.php?id=
inurl:tradeCategory.php?id=
inurl:roduct_ranges_view.php?ID=
inurl:shop_category.php?id=
inurl:transcript.php?id=
inurl:channel_id=
inurl:item_id=
inurl:newsid=
inurl:trainers.php?id=
inurl:news-full.php?id=
inurl:news_display.php?getid=
inurl:index2.php?option=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:newsone.php?id=
inurl:event.php?id=
inurlroduct-item.php?id=
inurl:sql.php?id=
inurl:aboutbook.php?id=
inurl:review.php?id=
inurl:loadpsb.php?id=
inurl:ages.php?id=
inurl:material.php?id=
inurl:clanek.php4?id=
inurl:announce.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:viewapp.php?id=
inurl:viewphoto.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:review.php?id=
inurl:iniziativa.php?in=
inurl:curriculum.php?id=
inurl:labels.php?id=
inurl:story.php?id=
inurl:look.php?ID=
inurl:newsone.php?id=
inurl:aboutbook.php?id=
inurl:material.php?id=
inurlinions.php?id=
inurl:announce.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:tekst.php?idt=
inurl:newscat.php?id=
inurl:newsticker_info.php?idn=
inurl:rubrika.php?idr=
inurl:rubp.php?idr=
inurl:ffer.php?idf=
inurl:art.php?idm=
inurl:title.php?id=

Thanks....

Blog Archive

Popular Posts

Tuesday, July 5, 2011

Wire Shark...

How to hack remote router using Telnet?

Monday, April 11, 2011

How to taking down a website (DDOS)?

Wednesday, April 6, 2011

How to hack Facebook, Gmail, Yahoo, Twitter, Skype, Hotmail, Youtube Accounts ?

Monday, April 4, 2011

Hacking tools for XSS and SQL Injection...

Sunday, March 20, 2011

How to hack your computer on LAN?

Hacking Computer Inside LAN Network

Friday, March 4, 2011

Tools for hacking remote computer...

How to hack n control remote computer (RealTime Spy)?

Sunday, February 27, 2011

Wireless hacking tools...

Attaching to the Found Wireless Network

Sniffing Wireless Data

Protecting Against These Tools

Tuesday, February 15, 2011

How to become ROOT and UNROOT in Samsung Galaxy S / Android 2.2?

Sunday, February 13, 2011

How to hack websites via DDOS (Denial of Service Attack)?

Hack Website using DOS attack:

How to use LOIC to hack Website???

Hack Websites...

Followers

Facebook

Networked Blogs