Archive for November 2011
How To: Make a email spoofing site.
One of the most simple and effective way to scare the hell out of someone is to just spoof a email ID and send someone email form whom so ever you want.
Those who don't know about the Email Spoofing:
Email spoofing is a hack in which you send someone email and the your ID is what ever you want, that means you can send someone email from Barrack H. Obama's email account without logging into it. This is really old hack but was really difficult in the beginning, a Tutorial on how to do it manually with SMTP server is here: and a ready made site is Over here:
So lets make our own email spoofer site, I will guide you step by step!
STEP 1: Make an account on www.000webhost.com
STEP 2: Download this php script: http://www.mediafire.com/?vltc0283wdekj8l
STEP 3: Register any sub-domain in www.000webhost.com and goto its CPanel from List Accounts.
STEP 4: Then open File Manager under Files.
STEP 5: Here goto public_html folder and upload the php file that you have just downloaded.
Thats all your Email spoofer will be functioning just goto the sub-domain that you have registered.
Screen-Shot:
=========
The Biggest Facebook Phishing attack in France.
Recently it has been discovered that a Facebook Phishing site hit the French Facebook users and it is reported that more then 5000 accounts were hacked using it. So decided to take a look at it. and following is a screenshot of it:
And this is the screen shot of the hacked users:
It appears that the phishing site was certainly the one in most use. Now the news has reached far and wide so all the users who might have opened it should change their password, especailly ones from France.
Update: The as per 2-12-11 the account of the phishing site was suspended! So no worries!
Update: The as per 2-12-11 the account of the phishing site was suspended! So no worries!
Tag :
Phishing
How To: Have Custom log-on Screen in Windows 7
Tutorial:
=======
Step 1: Press "Start" and type "regidit" in "search programme and files"
Step 2: Navigate to HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\Background
Step 3: Double-click the DWORD key called OEMBackground and set the value to "1"
NOTE: if you can't see the DWORD key, just create a new one and name it as "OEMBackgrounds" and set the value to "1"
Step 4: Now put your desired photo to this folder " %windir%\system32\oobe\info\backgrounds " but keep in mind the picture should br less then 256 kb and the dimensions should be same as older picture present there.
Step 5: Now just reboot your computer and you will have the Picture :)
Hope you liked it!
ARMITAGE AND METASPLOIT TRAINING: Team Tactics!
Today is the last episode of this training and it deals with the team tactics involved in using Metasploit!
==========
Team Tactics:
==========
Hacking Facebook through Social Manipulation.
One the way to hack Facebook is Social Engineering, but the question asked by nearly all the people who are new to hacking scene is that "What is social Engineering and how to hack a (Facebook) account by it?"
So i decided to write this article to explain what it is and give a real life example of my own.
First lets see what Wikipedia have to say:
"Social engineering is commonly understood to mean the art of manipulating people into performing actions or divulging confidential information."
According to Hacker's Jargon Dictionary:
"Social Engineering: n. Term used among crackers and samurai for cracking
techniques that rely on weaknesses in wetware rather than software; the aim is to trick people into revealing passwords or other information that compromises a target system's security. Classic scams include phoning up a mark who has the required information and posing as a field service tech or a fellow employee with an urgent access problem. "So actually if you trick some one to give you the confidential information he is manipulated by you. So now its clear that our beloved Phishing is also a kind of social manipulation. This might give you the size of it!
||For those who don't know about Phishing, read this > http://hackthepc.blogspot.com/2011/03/making-facebook-phishing-site-tutorial.html||
Lets get started:
So Phishing is a way to hack and its social engineering, but what are the other ways? Well apart from this you could trick the other person to give you his password. I know this might be really difficult but once you have mastered you could really make your name. Because the most wanted hacker of all times Kevin Mithnik actually used Social manipulation to hack though he himself couldn't write his own exploit!
An easy way is to guess the password from the information given, normally people use following things as their password:
- Date of birth
- Surname
- Phone Number
- School's name
- Girl Friend's name :)
- Favourite Movie
- Favourite Band
- Favourite Hero/Heroine
- Favourite Fruit! (I used one when I was young!)
These are only some, but if you know the other person very well these might work!
Another idea is to manipulate the other person in giving you the Answer to their security Question! This is what I am going to cover in Real Life Example!
"THE MAIN TRICK IS TO EXPLOIT THE TRUST BASE TO HACK!"
So it means you should exploit the trust that victim have in you to get the information, the trust could be of a friend, colleague or official (If you are pretending to be a Facebook guy who need their password).
REAL LIFE EXAMPLE:
Some months back my best friend challenged me to hack his Facebook account, unfortunately he was a reader of my blog and knew all the ways like Phishing or Keylogging. So I couldn't hack him for much time every time i tried i failed. So I though of social engineering.
What I did first was to got the primary Email Address of Facebook, I got that easily by Visiting his Profile page. The email was in Hotmail!
So I opened the Hotmail password reset page > https://account.live.com/password/reset and gave his email this gave me the following page:
Here the security Question was " Name of Best Friend from Childhood?", it seemed pretty easy so started entering the name of all his friends but to my amazement the name was someone's whom i didn't knew.
So I went to the Chat and manipulated him. Following is some text from chat:
====================================================
Me: Hello, how are you/
He: Fine. whatsup!
Me: Nothing, just getting ready for your party.
He: Ohh great, it is going to be fun!
Me: Yah i know, who else is comming?
He: Only you and [He named some which were not the answer]
Me: Hey havent you called you old friends? I wanted to meet them.He: Nupp!!!
Me: Are in contact with them, BTW who is your best friend apart from our group?
He : Ohh my best friend apart form you people is Arslan.
Me: ohh great looking forward to the party! bye.
====================================================
So those people who don't know ARSLAN is a name and to my Good Luck it was also the password! So I hacked his email and from their I hacked his Facebook account,
Don't worry no harm was done I just showed him that i did it and returned him the account because it is unethical to hack people to harm them. Real Hackers don't do this and I for my self only hack my dearest friends (who don't mind) for fun that all for me!
So from this example you people might have learn that how easy it is to hack through Social Engineering. But ALAS! the success rate is very low, but still where nothing works this works!
ARMITAGE AND METASPLOIT TRAINING: Maneuver
=========
Maneuver:
=========
ARMITAGE AND METASPLOIT TRAINING: Post-Exploitation
This Video Tutorial deals with the Post-Exploitation Stuff and details.
============
Post-Exploitation:
============
Armitage And Metasploit Training: Access
Today is turn for the third part of the instalment it is about exploiting and accessing the compromised machine.
=======
ACCESS:
=======
Armitage And Metasploit Training: METASPLOIT.
Today is second intallment of the Metasploit and Armitage Training. This video will deal with operating Metasploit Framework.
===========
METASPLOIT:
===========
How to Hack Gmail account using Phishing.
First I have shown you people how to set up Facebook Phishing site , In this Tutorial I will show you how to set up Gmail Phishing site, step by step with pictures.
Step 1: The First Step in Making the site is to regester an account at http://www.000webhost.com/order.php (if you have account than you can skip first 2 steps)
Step 2: Now Goto your email account that you gave and confirm your account with confirmation link
Step 3: Now Download this FILE (http://adf.ly/9zLzx ) .
Step 4: Now Goto http://members.000webhost.com/ and Log into your account.
Step 5: Now when you are logged into your account click on the Go to Cpanel in front of your domain that you had registered, and then Go to File Manager under Files and log into it.
.
Step 6: Now Click on the Public_html.
Step 7: Now click on the Upload button, choose the file under the Archives that you have downloaded, to be uploaded.
Step 7: Now any one who visits your site would be taken to the Fake Facebook Login Page. After they enter their Username and Password, they will be taken to another page that will show them error. So there is less chance that it will be detected.
NOTE::: To access the input data ( Usernames and Password ) Goto the Following Address:
http://www.yoursitesadress.p4o.net/lol.html
If I am not clear in any point Please ask me in comments below.
Tag :
Gmail Hack,
Phishing
Armitage And Metasploit Training: Introduction.
Today I am going to share a very good Video Training on the Pen testing about the famous Metasploit and Armitage, Today comes the first part that covers the introduction others will soon follow.
==============
INTRODUCTION:
INTRODUCTION:
==============
Internet Download Manager 6.12 Crack and Patch
Internet Download Manager is everyone's Favourite Download Managing Software, but like all good soft wares it is not freeware so I have this crack and patch that will make your Trial Software free and it will have no 30 Days Limit!
Multilingual: English, Spanish, French, Italian, Deustch, Japanese, Portugues, etc
Compatible with: Windows 95/98/Me/2000/NT/XP/2003/Vista/Server 2008/7 (32/64-bit)
.............................................................
HOW TO USE IT! ::
Internet Download Manager v6.07 Build 15
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
1) Install idman607.exe
2) Exit the program. (Right click on the green icon of IDM found in the system tray --> Exit)
3) Copy the file "IDMan" from the folder crack, in install folder, by default:
C:\Program Files\Internet Download Manager
and confirm to overwrite existing file.
4) Run the file "regkey" from folder "crack" to register the program.
** If after install you get the message "Fake serial number...", uninstall IDM, run "Unregister.IDM" to remove any previous serial from registry, reboot PC, install IDM again, use the crack & regfile to activate it.
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
1) Install idman607.exe
2) Exit the program. (Right click on the green icon of IDM found in the system tray --> Exit)
3) Copy the file "IDMan" from the folder crack, in install folder, by default:
C:\Program Files\Internet Download Manager
and confirm to overwrite existing file.
4) Run the file "regkey" from folder "crack" to register the program.
** If after install you get the message "Fake serial number...", uninstall IDM, run "Unregister.IDM" to remove any previous serial from registry, reboot PC, install IDM again, use the crack & regfile to activate it.
Download:
How to: Get free premium account on Megaupload using Megakey.
This summary is not available. Please
click here to view the post.
Acunetix Web Vulnerability Scanner 7.0 [Crack] [Full]
Audit your website security with Acunetix Web Vulnerability Scanner
As many as 70% of web sites have vulnerabilities that could lead to the theft of sensitive corporate data such as credit card information and customer lists.
Hackers are concentrating their efforts on web-based applications - shopping carts, forms, login pages, dynamic content, etc. Accessible 24/7 from anywhere in the world, insecure web applications provide easy access to backend corporate databases.
Firewalls, SSL and locked-down servers are futile against web application hacking!
Web application attacks, launched on port 80/443, go straight through the firewall, past operating system and network level security, and right in to the heart of your application and corporate data. Tailor-made web applications are often insufficiently tested, have undiscovered vulnerabilities and are therefore easy prey for hackers.
Acunetix - a world-wide leader in web application security
Acunetix has pioneered the web application security scanning technology: Its engineers have focused on web security as early as 1997 and developed an engineering lead in web site analysis and vulnerability detection.
Acunetix Web Vulnerability Scanner includes many innovative features:
- AcuSensor Technology
An automatic client script analyzer allowing for security testing of Ajax and Web 2.0 applications
Industries' most advanced and in-depth SQL injection and Cross site scripting testing
Advanced penetration testing tools, such as the HTTP Editor and the HTTP Fuzzer
Visual macro recorder makes testing web forms and password protected areas easy
Support for pages with CAPTHCA, single sign-on and Two Factor authentication mechanisms
Extensive reporting facilities including VISA PCI compliance reports
Multi-threaded and lightning fast scanner crawls hundreds of thousands of pages with ease
Intelligent crawler detects web server type and application language
Acunetix crawls and analyzes websites including flash content, SOAP and AJAX
Port scans a web server and runs security checks against network services running on the server
DOWNLOAD:>
Nickelback- Here and Now (2011) LEAKED!
Alternative Rock
320 kbps
01. This Means War
02. Bottoms Up
03. When We Stand Together
04. Midnight Queen
05. Gotta Get Me Some
06. Lullaby
07. Kiss It Goodbye
08. Trying Not To Love You
09. Holding On To Heaven
10. Everything I Wanna Do
11. Don't Ever Let It End
DOWNLOAD:
http://www.filesonic.pk/file/3862638595
Tag :
warez
"C" Programming code that accept Password.
The following is a simple code that accept the given password, and masks each entered character as "*" and even accept backspace. This is not for practical usage but for the beginners.
#include<stdio.h>
#include<conio.h>
char pw[25],ch;
int i;
void main()
{
clrscr();
puts(“Enter password”);
while(1)
{
if(i<0)
i=0;
ch=getch();
if(ch==13)
break; /*13 is ASCII value of ENTER*/
if(ch==8) /*ASCII value of BACKSPACE*/
{
putch(‘b’);
putch(NULL);
putch(‘b’);
–i;
continue;
}
pw[i++]=ch;
ch=’*’;
putch(ch);
}
pw[i]=’?;
printf(“nn%s”,pw);
getch();
}
BitDefender Total Security 2012 [Crack] [Free] [Final]
BitDefender Total Security 2012 Build 15.0.34.1416 Final | 460MB
BitDefenderTotal Security 2012 - comprehensive protection against viruses,spyware, hacker attacks and other cyber threats that could lead toidentity theft, data loss and decreased performance. BitDefender TotalSecurity is the first among its competitors due to effective protectionagainst spam and viruses, robust firewalling and the availability oftools to optimize and backup systems in one package.
BitDefenderTotal Security 2012 provides a special kind of quiet protection regimeAutopilot: no pop-ups, no settings, does not interrupt your activityon the computer.
Antivirus, antispyware, anti-phishing, firewall -firewall, parental controls, integrated, safe social networking, remotecontrol functions. Total Security includes functions - file encryption,data backup, configure, and optimize the system.
The main components of BitDefender Total Security 2012
• Antivirus and antispyware
• Phishing
• Secure Search
• A quick scan
• Control your home network
• Encrypt chats
• Privacy in social networks
• Antsipam
• Firewall
• Parental Control
• Encryption of files
• Optimization of
• Destruction of files
• Online backup (2GB)
New in BitDefender Total Security 2012
• Autopilot
Autopilot mode provides optimum security without user intervention. That means - no pop-ups and alerts do not need to configure anything.
• Scan Manager
Scan Manager finds and uses the time intervals when the system utilization is below a certain threshold, perform repetitive inspections for your entire system. Thus, BitDefender does not interfere with user tasks and has no effect on system performance.
• Recovery Mode
If Internet-based threats such as rootkits, can not be removed as part of Windows, your computer downloads in recovery mode a trusted environment that is used for cleaning and restoration.
• Integrated cloud services
The global exchange of data in real time between the servers and BitDefender BitDefender 2012 products ensures rapid identification of emerging internet threats such as epidemics and large flows of spam.
• Synchronize the files
BitDefender Total Security 2012 offers space Safebox, which allows you to synchronize files between your computers (for example, between your desktop and laptop). Changes made in one system are automatically applied to other systems.
• Online Backup
Updated online backup monitor tracks the status of your important files and copies them instantly to a secure remote server. BitDefender Total Security 2012 comes with 2GB of online storage.
• Safety on social networks
Has a function to prevent Internet threats specific to social networks, by scanning the references received from friends from Facebook and Twitter, by controlling the privacy settings and much more.
• Customizable interface
Drag-and-drop modules that allow you to access the most frequently performed operations directly from the main window.
• Simplified installation
BitDefender Total Security 2012 is installed in a few clicks, taking up half the time required for the previous version.
On the file:
Language: English
File format: rar
Platform / OS: XP, Vista, 7
DOWNLOAD:
BITDEFENDER TOTAL SECURITY 2012 (32 Bit = 228 MB)
http://download.bitdefender.com/windows/desktop/t_security/2012/en-us/bitdefender_ts_2012_32b.exe
BITDEFENDER TOTAL SECURITY 2012 (64 Bit = 248 MB)
http://download.bitdefender.com/windows/desktop/t_security/2012/en-us/bitdefender_ts_2012_64b.exe
PATCH:
http://www.fileserve.com/file/QKv72jj
http://rapidshare.com/files/457094837/Box_BD2011_3.1.rar
http://www.wupload.com/file/7800553/Box_BD2011_3.1.rar
WPA/WEP/WPA2 Cracking Dictionary Wordlist
Somedays back i got a request from my blog's reader about the WEP,WPA,WP2 or Wifi cracking Dictionary files. As all the people who have tried wireless hacking and used the cracking software, they all know that the dictionary or wordlist provided by the Software is not enough and lack alot. So following are links to the websites where you can download the wordlist for free.
- http://ftp.sunet.se/pub/security/too…all/wordlists/
- ftp://ftp.ox.ac.uk/pub/wordlists/
- http://gdataonline.com/downloads/GDict/
- ftp://ftp.openwall.com/pub/wordlists/
- ftp://ftp.cerias.purdue.edu/pub/dict/
- http://www.indianz.ch/tools/doc/wordlist.zip
- http://www.outpost9.com/files/WordLists.html
- ftp://ftp.openwall.com/pub/wordlists/passwords/
- English and French: https://www.securinfos.info/wordlists_dictionnaires.php
- Virtually every language: ftp://ftp.ox.ac.uk/pub/wordlists/
- http://www.lostpassword.com/f/wl/bigdict.zip
- http://www.lostpassword.com/f/wl/French.zip
- http://www.lostpassword.com/f/wl/Spanish.zip
- http://www.lostpassword.com/f/wl/German.zip
- http://www.vulnerabilityassessment.co.uk/passwords.htm
- http://packetstormsecurity.org/Crackers/wordlists/
- http://www.ai.uga.edu/ftplib/natural-language/moby/
- Cotse has possibly one of the largest collections of word lists (including French). http://www.cotse.com
- http://www.cotse.com/tools/wordlists1.htm
- http://www.cotse.com/tools/wordlists2.htm
- Various language dictionaries at: http://www.openwall.com/mirrors/
- ftp://dl.openwall.com/pvt/sample/
Source: http://wifi0wn.wordpress.com/wepwpawpa2-cracking-dictionary/
===============
AND here is the torrent link to the biggest wordlist available on the internet. It is more then 13 GB of size and contain Billions of passwords!
Link:> http://torcache.net/torrent/6C89DF058F71559DEC6C5C7C9F2CB419182B3294.torrent?title=[kat.ph]collection.of.wordlist.dictionaries.for.cracking.wifi.wpa.wpa2
A thanks is all i need and BTW if any one of you have any request let me know!
