Archive for June 2011
In IIS Exploit we can upload the Defaced page on the Vulnerable Server without any Login. It is most Easiest way to Hack any site.
STEP 1: Click on Start button and open "RUN".
STEP 2: Now Type this in RUN
Now A Folder named "Web Folders" will open.
STEP 3: Now "Right-Click" in the folder and Goto "New" and then "Web Folder".
STEP 4: Now type the name of the Vulnerable site in this. e.g." http://autoqingdao.com/ " and click "Next".
STEP 5: Now Click on "Finish"
STEP 6: Now the folder will appear. You can open it and put any deface page or anything.
STEP 7: I put text file in that folder. Named "securityalert.txt" (you can put a shell or HTML file also). If the file appear in the folder then the Hack is successful but if it don't then the site is not Vulnerable.
.Now to view the uploaded site i will go to "http://autoqingdao.com/securityalert.txt"
In your case it will be " www.[sitename].com/[file name that you uploaded] "
Now, this hack that i am going to teach you give you access to the unprotected Security Cameras. Like this you can view what is happening in front of those cameras and also you can change the direction of the Cameras.
Following is step by step guide.
STEP 1: Open www.google.com and Type the following in search bar:
STEP 2: Now open any site like http://188.8.131.52/ViewerFrame?Mode=Motion It will look like following:
As you can see that you can view through that security camera.
STEP 3: You can also move the camera with these buttons.
So now you can have fun and impress others.
HERE IS LIST OF OTHER DORKS: http://hackthepc.blogspot.com/2011/06/google-dorks-for-hacking-security.html
The first step is to download the Ardamax from http://hackthepc.blogspot.com/2011/04/ardamax-keylogger-v376-full-free-crack.html and install it.
After installation you will see the icon of Ardamax in the lower-left corner of the PC. Left-Click on it and goto "Options". Like shown below:
Then a Window will open. In this first 'Goto" Invisibility Tab. and TICK all the options as shown below. This will make the keylogger fully Invisible on the PC.
After that goto Option and select the Hotkey by which you will again open the Ardamax as shown below ,because it will no more visible any where.
Now the keylogger is fully Invisible and will record the keystrokes and pictures. You will need Hotkey to open this Viewer again.
Remote Package Creation
This part is easy just follow the following steps:
- Right-Click on the Ardamax icon and goto "Remote Installation.."
Then just click "Next" till you reach "Control", Here you select the information that will be sent.
Then click "Next" and you will come to the "Email" here fill the information about the email which will receive the information.
Then just click "Next" and then on the "Destination" page select the Icon of the Package, then click "Finish". Now you have completed the work. The package that has been created can now be sent to anyone and then it will sent you the Keystrokes and Pictures on the "Email" that you gave.
Metasploit Framework comes in command-line as well as GUI version. This article will deal with the command-line version. Followings are the basic commands of Metasploit that you should Learn by Heart.
1: help (show the commands.)
2: show info XXXX (to show the information on specified XXXX value, that is can be exploit or payload)
3: show options ( to show the options for a exploit and payload. Like RHOST, LHOST)
4: show exploits/payloads (to get a list of exploits/payloads)
5: use XXXX (to select the name of the exploit.)
6: set XXXX (to set the value of RHOST, LHOST or payload)
7: exploit (to launch a exploit on targeted machine.)
Note: To hack a computer using Metasploit first you should have the enough information of the target including
1: IP address
2: Open Ports
3: services running
4: Version of software running
All of these need a little work. A famous tool to do all of these is NMAP on which I have written some articles.
Now the first step is choosing a right exploit for the vulnerabilities in the machine. To determine the exploit for the attack you need all the things noted above. For example the computer is running a SMTP server on Port 25 and there is a exploit on it than you hack that computer.
To choose an exploit following command is there:
Use [exploits address . e.g. Exploit/windows/smtp/xxx. ]
Now you need a payload (payload is a piece of program that will be executed if vulnerability is exploited). To get a list of all the payloads available for the exploit Just type following command.
Now choose an appropriate a payload from it. The only thing left is to set the fields for the attack. List of Most Probable fields to be set is given bellow.
RHOST = The IP address of the computer to be attacked.
RPORT = The Port of the service to exploited (it set by default)
LHOST = The IP address of your computer (it set by default)
LPORT = The default port of your Metasploit program (it set by default)
Now the Last step is to type the following command and Launch attack to the computer.
After typing this command the attack will be launched and if vulnerability is successfully exploited the payload will be executed and a shell (you can take it as command prompt) will be launched which will allow you to do anything with the computer that you have attacked.
If You have forgotten the real password of the BIOS then it is very difficult to get it back. One alternative is to guess the Backdoor Password which will give you access to the machine.
Award BIOS backdoor passwords:
shift + syxz
AMI BIOS Backdoor Passwords:
Phoenix BIOS Backdoor Passwords:
Misc. Common Passwords
Other BIOS Passwords by Manufacturer
VOBIS & IBM---- merlin
AND I TAKE NO CREDIT OF IT! I AM ONLY SPREADING THE WORD.