these are all the tricks available !!
working too!
It cannot go beyond this!!
~cheers~
You need a PC or a Laptop and the required connectivity tools ,ie.,
Serial/USB cable OR Infrared Device OR Bluetooth dongle
1) Activate Airtel Live! ( Itâs FREE so no probs)
2) Create TWO Airtel gprs data accounts (yep TWO) and select the
FIRST as the active profile.
3) Connect your mobile to the PC (or Laptop) and install the driver for
your mobileâs modem.
4) Create a new dial-up connection using the NEW CONNECTION
WIZARD as follows
Connecting Device : Your mobileâs modem
ISP Name : Airtel (or anything you like)
Phone Number : *99***2# / Try 99***1
Username and Password : blank
5) Configure your browser and download manager to use the proxy
100.1.200.99 and port 8080.( My advice is to use Opera since you
can browse both wap and regular websites)
6) Connect to the dial-up account. You will be connected at 115.2
kbps (but remember, that is a bad joke).
7) Pick up your mobile and try to access any site. You will get âAccess
Deniedâ(except for Airtel Live!). IT DOES NOT MATTER.
Keep the mobile down.
8 ) On the PC ( or Laptop) open your browser, enter any address ,
press ENTER andâ¦Ã¢¦.WAIT
9) After a few seconds the page will start to load and you have the
WHOLE internet at your disposal. ***************************************************************************************************************
TWO
Under DATA COMM
~~~~~~~~~~~~
APN : airtelfun.com
USERNAME : blank
PASSWORD : blank
PASS REQ : OFF
ALLOW CALLS : AUTOMATIC
IPADDRESS :
DNSADDRESS :
DATA COMP : OFF
HEADER COMP : OFF
Under INTERNET PROFILES
~~~~~~~~~~~~~~~~
INTERNET MODE : HTTP or WAP (both worked for me)
USE PROXY : YES
IP ADDRESS : 100.1.200.99
PORT : 8080
USERNAME :
PASSWORD :
No Risk Here, Try it and Enjoy
Three
1st go to settings menu then to connectivity tab now choose the option Data comm. then "DATA ACCOUNTS" go to new account now the settings r as follows
ACCOUNT TYPE:GPRS
NEW ACCOUNT NAME:A1
APN:airtelfun.com
usr name: (blank)
password: (blank)
now save it
NOW!
go to Internet Setting in connectivity here choose intrnet profile--go to new profile setting are as below
NAME:A1
CONNECT USING:A1(which was created in data comm.)
save it
now u would be able to see it now selest it and take "more" option then select setting here in use proxy option it will be selected no if it is no then change it into yes
now go to proxy adress and give the adress as
100.1.200.99 and then the port number as 8080
Usr name:
password:
now save all the settings u made . come back 2 connectivity
choose streaming settings now in connect using option choose a1 that we created leave the use proxy option as no itself
THESE R THE SETTINGS
now access airtellive! from ur activated SE phone goto VIDEO GALLERY OR VIDEO UNLIMITED(varies according to states) choose live streaming then choose CNBC OR AAJTAK WHILE CONNECTING TO MEDIA SERVER cancel AFTER 9 or 10 sec then type any web adress if it shows access denied then once again select CNBC and wait for a few more sec than before if its fully connected also no prob its free then cancel it or if ur connected then stop it and the internet is ready to take of .GOOD LUCK SE AIRTEL USERS
alternate
For All Airtel Users
Requirements:
1. Airtel live (available 4 free)
2. Nokia series60 handset eg 6600,6630,n series,7610,6670 etc
3. Opera wap browser 4 mobile
Procedure:-
1. Go to ur connection settings and make a new internet profile using the default settings of airtel live. name that new profile as nething(for eg masala); change the home page of that profile to nething u like for eg www.google.com.
2. Go to ur Opera browser and set the default connection as AIRTEL LIVE. this is the original settings u received thru airtel.
3. Go to the services(in n6600) and Web(N6630) and change the default profile for connection as masala (newer one).
**Note: always make sure that ur access point is airtelfun.com
Apply:-
1. Open Opera and u will see that homepage of Airtel Live is opened. Minimize the application.
2. Now open web using the duplicate Profile and u will see that two gprs connections will work simultaneously and at the web or the services page it will show "Unable to connect" or any error. well thats the signal of ur success.
3. Simply go on the Opera with web on and open any site u want for free. No Charges No nothing.
U can also use it through ur computer..........
someone said dis too
The main principle behind this is we hav 2 fool the bsnl techies 2 activate portal and thus get gprs activated / get "G" signal on ur cell as bsnl portal (wap.cellone.in) needs "gprs signal on ur cel (whether gprs is formaly activated/registerd or not (by my method )i dont know)
NORMALLY THEY DONT DO THAT INSPITE OF THE FACT THAT THEY SHOULD ACTIVATE GPRS SIGNAL SERVICE FOR PORTAL!!!
AND THEY WILL GIVE U NO OF REASONS----
---THAT portal is message based , so go to cellone icon in menu and use that sms based portal (what the f**k)
---THAT portal service will be activated when u will activate gprs by filling up form and registering at nearest CCN!!
---THAT ur handset has some problems (if u say that "G" signal is not present)
----etc,etc!!
U HAVE 2 ACTIVATE PORTAL FIRST WHICH IS FREE AND U CAN EAT UP CC'S FOR THIS REASON!!
SO WHAT U HAV 2 DO IS--
1) SEND PORTAL to 3733 AND CONFIRMATION SHD COME WITH 5 MIN AT-MAXIMM !!
2) SEND FOR ATLEAST 20-30 TIMES (CAN B ANY MORE THAN THAT)
JUST S**K UP THE NETWORK(3733) WITH THESE MESSAGES !!!
THAT'S FREE NO!! BOTH ON POST AND PRE!!
3) NOW ALONG ALSO SEND 20-40 SMS AS GPRS TO 3733
(NO OF SMS DIRECTLY PROPORTIONAL 2 HATE FOR BSNL AND HOW EARLY U WNAN GET UR GPRS ACTIVATED) this is also free both on post and pre!!
4) U WILL GET CONFIRMATION IN BOTH CASES AND MSG TELLS U 2 GET SETTINGS FROM 9400024365, THE NO OF CC!!
HERE AT MY PLACE I CAN DIAL 9419024365 ALSO!
BOTH R TOLL FREE AND BOTH R LOCATED IN CHANDIGARH!!!
(((((((AND SOME OF THE CC'S SAY they cant give such sensitive information that where they r located, as if thay have a 3 rd world of their own! and the other dumbs said that they r in chandigarh!!!!)))))
I WOULD ADVISE ALL FIRST, 2 call them once 2 get the settings!!
(most of the times that is incorect but gives u an idea of settings in ur area))
Try and in ur 1 st call only,
talk roughly and tell them u r calling 10-20th time just for settings and is that their service!!!
5) Now when u get them save them AND plz post them here!!!
6) now GET ATLEAST 2-3 COMPLAINTS REGISTERED( each after 1 day) THAT UR PORTAL HAS NOT ACTIVATED AND GET THEIR SERIAL NO.
and in the end bombard them abt the status of all those complaints !!
b4 registering ur complaint they will hesitate much and always say taht they will b sendin new settings which r accurate! but dont belive them and just register complaints!!
6)AFTER THAT, u have 2 only wait until "G" signal is there on ur screen!!
LOOK, WHAT I HAVE WRIITEN ABV IS METHOD by which i got activated my "G" service !!! without fillin any form or such and without any money drain!!
may be since it bypasses the formal way of registeration, that is why this trick is working !!!!!!!!!!!!
U may also Try this
first open ur msg window and type LIVE and send it to 2567 so that after 5 min u get the setting of Airtel Live or if u have already no need for this procedure.
now then open that setting and copy all the settings from it and create one access point manually which has all the settings like Airtel Live has.
now only one change will be there and it would be in access point name which is "Airtelmms.com" instead of originally "Airtelgprs.com".
ok u've done it just active that setting and access free airtel gprs on ur phone.
Another Trick
somya_cse
You need a PC or a Laptop and the required connectivity tools ,ie.,
Serial/USB cable OR Infrared Device OR Bluetooth dongle
1) Activate Airtel Live! ( Its FREE so no probs)
2) Create TWO Airtel gprs data accounts (yep TWO) and select the
FIRST as the active profile.
3) Connect your mobile to the PC (or Laptop) and install the driver for
your mobileâs modem.
4) Create a new dial-up connection using the NEW CONNECTION
WIZARD as follows
Connecting Device : Your mobileâs modem
ISP Name : Airtel (or anything you like)
Phone Number : *99***2#
Username and Password : blank
5) Configure your browser and download manager to use the proxy
100.1.200.99 and port 8080.( My advice is to use Opera since you
can browse both wap and regular websites)
6) Connect to the dial-up account. You will be connected at 115.2
kbps (but remember, that is a bad joke).
7) Pick up your mobile and try to access any site. You will get âAccess
Deniedâ¦Ã¢(except for Airtel Live!). IT DOES NOT MATTER.
Keep the mobile down.
8 ) On the PC ( or Laptop) open your browser, enter any address ,
press ENTER andâ¦Ã¢¦.WAIT
9) After a few seconds the page will start to load
main thing is the advance initialization command.
Posted in Airtel Hack for free internet all methods by prakash | 1 comments
Links to this post Email this post
nice tutorial on using brutus
2008-03-26
This article is designed to demonstrate how to accomplish a brute force attack, and what it looks like from the receiving end. Brute force means password guessing. This can only feasibly be accomplished with the aid of good target reconnaissance and some automated programs. While it is very easy to write your own brute force program, there are several available for free online. I find Brutus to be one of the best brute force tools. You can find it at Hoobie.net.
The first step in a brute force attack (or for that matter, any attack) is target enumeration. This is the process by which we find where and how a target is vulnerable. I use NMAP for almost all of my initial cursory scans of networks. Lets use the target of my own desktop server and run an NMAP scan to find out what we have to play with. The output from my scan follows:
nmap -sS -O 216.25.200.135
Starting nmap V. 2.30BETA17 by fyodor@insecure.org (
http://www.insecure.org/nmap/ )
Interesting ports on ip-216-25-200-135.covad.dsl.fcc.net
(216.25.200.135):
Port State Service
21/tcp open ftp
25/tcp open smtp
80/tcp open http
135/tcp open loc-srv
139/tcp open netbios-ssn
443/tcp open https
445/tcp open microsoft-ds
1025/tcp open listen
1026/tcp open nterm
1031/tcp open iad2
TCP Sequence Prediction: Class=random positive increments
Difficulty=7635 (Worthy challenge)
Remote operating system guess: Windows 2000 RC1 through final release
Nmap run completed -- 1 IP address (1 host up) scanned in 1 second
Ok, so we’ve got several services to choose from on this target. The first one that catches my eye is FTP. We can use this to brute force passwords, and we can use smtp to check for user accounts. Now the fun begins. I’ll first try ftp to find if anonymous ftp is enabled (which could potentially make my task a lot easier, there are rare computers with completely open upload/download ftp servers without strong restrictions (allowing you to upload and download to the web root folder)).
C:\>ftp 216.25.200.135
Connected to 216.25.200.135.
220 WIN2KSERVER Microsoft FTP Service (Version 5.0).
User (216.25.200.135:(none)): anonymous
331 Password required for anonymous.
Password:foo@nowhere.com
530 User anonymous cannot log in.
Login failed.
ftp> quit
221 Fuck off!
It seems that anonymous ftp isn’t enabled, and not only that the server is quite rude when I leave. The server did give some confirmation that it is running Windows NT, or in this case Windows 2000 (dead giveaway in the machine’s name ‘WIN2KSERVER’). We’ll try the SMTP server now to check for user names.
220 WIN2KSERVER Microsoft ESMTP MAIL Service, Version: 5.0.2195.2966
ready at Fri, 22 Jun 2001 09:08:49 –0400
vrfy smellydell
252 2.1.5 Cannot VRFY user, but will take message for smellydell
vrfy administrator
252 2.1.5 Cannot VRFY user, but will take message for administrator
well, there’s no use in verifying anyone on this server as it seems that the server will give the same message for real and bogus accounts (all NT servers have an ‘administrator’ account, in much the same way that *nix have root accounts). The ‘expn’ command didn’t work at all on this server (replied with ‘unknown command’ at expn postmaster). So at this point I’m S.O.L., but some machines will give a very good list of users and or active accounts using the smtp server.
Ok, so I’m off to brute forcing. The first thing I do is fire up Brutus.
Screenshot of brutus at startup
Next I’ll have to modify my users list (found in users.txt in the Brutus directory) to include users I suspect to be on an NT server. NT always has a ‘Guest’ account and an ‘Administrator’ account. I’ll add a few more guesses. In the end my users list looks like this:
A text file list of users
The next step is to fire Brutus at the target, when configured for an ftp attack, Brutus appears thus:
Configuring brutus
You’ll notice I set the timeout higher than the default. Brutus nicely circumvents connection limits by creating new connections for every request. This is useful because some servers will cut your connection after 3 bad guesses at passwords. Brutus uses the targets ability to take multiple ftp requests and creates a new request for every guess (I have set the program to make 10 requests simultaneously). The timeout is the lag time that the program will allow before it makes a new request. If you don’t set this high enough you are likely to flood the target and either crash its server, or simply hang Brutus. You can use a really high connection and low timeout rate as an effective DoS attack that will knock weak servers completely off the net.
So now I’ll fire Brutus at the target. I’m using the default password list that comes with the program, but there are several larger, and more complete word lists available online. What Brutus will do is try every username listed in the users file with every password in the word list (and can even generate its own random word list to include all combinations of letters, characters, and numbers). Remember that most passwords are 8 characters long, so its usually not worthwhile to try and brute force very short passwords. Here’s what Brutus looks like in action:
Screenshot of brutus attacking a target
Now, the downside to brute forcing is that it is extremely noisy, and even the worst sysadmin should notice it. During my demonstration my server immediately popped an alert that the system log was full. A quick examination of the system log reveals the problem immediately:
Screenshot of an NT event log
All those warnings you see are bad FTP login attempts. A double click on the alert shows:
Screenshot of an event log detail showing the brute force attack
It isn’t hard to figure out exactly what is going on. Even more disturbing is the log file left behind. Here’s a snippit:
13:30:18 216.25.200.135 [5]USER admin 331
13:30:18 216.25.200.135 [6]USER admin 331
13:30:18 216.25.200.135 [7]USER admin 331
13:30:18 216.25.200.135 [8]USER admin 331
13:30:18 216.25.200.135 [9]USER admin 331
13:30:18 216.25.200.135 [10]USER admin 331
13:30:18 216.25.200.135 [11]USER admin 331
13:30:18 216.25.200.135 [12]USER admin 331
13:30:18 216.25.200.135 [13]USER admin 331
13:30:18 216.25.200.135 [4]PASS - 530
13:30:18 216.25.200.135 [14]USER admin 331
13:30:18 216.25.200.135 [5]PASS - 530
13:30:18 216.25.200.135 [6]PASS - 530
13:30:18 216.25.200.135 [7]PASS - 530
13:30:18 216.25.200.135 [8]PASS - 530
13:30:18 216.25.200.135 [9]PASS - 530
13:30:18 216.25.200.135 [10]PASS - 530
13:30:18 216.25.200.135 [11]PASS - 530
13:30:18 216.25.200.135 [15]USER admin 331
13:30:18 216.25.200.135 [16]USER admin 331
Not only do you notice all the tries for the same account, but you can tell it is an automated attempt to brute force because the times of the attempts are so close together (60 or so attempts a second). Even more damning is that my IP address is logged all over the huge log file. Its not hard to spot me or figure out what I’m attempting to do. Be warned if you attempt a brute force that you are probably going to get notice.
Now, I happened to be successful on this attempt and got on username and password. The results are displayed in Brutus under the ‘Positive Authentication Results’ window:
Screenshot showing brutus successfully identifying login information
You can see the username ‘user’ and password ‘charles’ worked on the server. Lets try them out:
C:\>ftp 216.25.200.135
Connected to 216.25.200.135.
220 WIN2KSERVER Microsoft FTP Service (Version 5.0).
User (216.25.200.135:(none)): user
331 Password required for user.
Password: charles
230-Fuck you!
230 User user logged in.
ftp>
Boom, and its just that easy. Now that I’m in my first step should be to attempt to clean up the traces of my attack (i.e. the log files and system event logs). Accomplishing this task takes more explanation than I have time for here, but hopefully you get the idea.
If nothing else, this short article should show you the value of good passwords. If I hadn’t set up the account ‘user’ with such a crappy password this attack most likely would have been unsuccessful. See my article on passwords for a good run down of how to pick a good password to keep your accounts safe from brute force attempts.
working too!
It cannot go beyond this!!
~cheers~
You need a PC or a Laptop and the required connectivity tools ,ie.,
Serial/USB cable OR Infrared Device OR Bluetooth dongle
1) Activate Airtel Live! ( Itâs FREE so no probs)
2) Create TWO Airtel gprs data accounts (yep TWO) and select the
FIRST as the active profile.
3) Connect your mobile to the PC (or Laptop) and install the driver for
your mobileâs modem.
4) Create a new dial-up connection using the NEW CONNECTION
WIZARD as follows
Connecting Device : Your mobileâs modem
ISP Name : Airtel (or anything you like)
Phone Number : *99***2# / Try 99***1
Username and Password : blank
5) Configure your browser and download manager to use the proxy
100.1.200.99 and port 8080.( My advice is to use Opera since you
can browse both wap and regular websites)
6) Connect to the dial-up account. You will be connected at 115.2
kbps (but remember, that is a bad joke).
7) Pick up your mobile and try to access any site. You will get âAccess
Deniedâ(except for Airtel Live!). IT DOES NOT MATTER.
Keep the mobile down.
8 ) On the PC ( or Laptop) open your browser, enter any address ,
press ENTER andâ¦Ã¢¦.WAIT
9) After a few seconds the page will start to load and you have the
WHOLE internet at your disposal. ***************************************************************************************************************
TWO
Under DATA COMM
~~~~~~~~~~~~
APN : airtelfun.com
USERNAME : blank
PASSWORD : blank
PASS REQ : OFF
ALLOW CALLS : AUTOMATIC
IPADDRESS :
DNSADDRESS :
DATA COMP : OFF
HEADER COMP : OFF
Under INTERNET PROFILES
~~~~~~~~~~~~~~~~
INTERNET MODE : HTTP or WAP (both worked for me)
USE PROXY : YES
IP ADDRESS : 100.1.200.99
PORT : 8080
USERNAME :
PASSWORD :
No Risk Here, Try it and Enjoy
Three
1st go to settings menu then to connectivity tab now choose the option Data comm. then "DATA ACCOUNTS" go to new account now the settings r as follows
ACCOUNT TYPE:GPRS
NEW ACCOUNT NAME:A1
APN:airtelfun.com
usr name: (blank)
password: (blank)
now save it
NOW!
go to Internet Setting in connectivity here choose intrnet profile--go to new profile setting are as below
NAME:A1
CONNECT USING:A1(which was created in data comm.)
save it
now u would be able to see it now selest it and take "more" option then select setting here in use proxy option it will be selected no if it is no then change it into yes
now go to proxy adress and give the adress as
100.1.200.99 and then the port number as 8080
Usr name:
password:
now save all the settings u made . come back 2 connectivity
choose streaming settings now in connect using option choose a1 that we created leave the use proxy option as no itself
THESE R THE SETTINGS
now access airtellive! from ur activated SE phone goto VIDEO GALLERY OR VIDEO UNLIMITED(varies according to states) choose live streaming then choose CNBC OR AAJTAK WHILE CONNECTING TO MEDIA SERVER cancel AFTER 9 or 10 sec then type any web adress if it shows access denied then once again select CNBC and wait for a few more sec than before if its fully connected also no prob its free then cancel it or if ur connected then stop it and the internet is ready to take of .GOOD LUCK SE AIRTEL USERS
alternate
For All Airtel Users
Requirements:
1. Airtel live (available 4 free)
2. Nokia series60 handset eg 6600,6630,n series,7610,6670 etc
3. Opera wap browser 4 mobile
Procedure:-
1. Go to ur connection settings and make a new internet profile using the default settings of airtel live. name that new profile as nething(for eg masala); change the home page of that profile to nething u like for eg www.google.com.
2. Go to ur Opera browser and set the default connection as AIRTEL LIVE. this is the original settings u received thru airtel.
3. Go to the services(in n6600) and Web(N6630) and change the default profile for connection as masala (newer one).
**Note: always make sure that ur access point is airtelfun.com
Apply:-
1. Open Opera and u will see that homepage of Airtel Live is opened. Minimize the application.
2. Now open web using the duplicate Profile and u will see that two gprs connections will work simultaneously and at the web or the services page it will show "Unable to connect" or any error. well thats the signal of ur success.
3. Simply go on the Opera with web on and open any site u want for free. No Charges No nothing.
U can also use it through ur computer..........
someone said dis too
The main principle behind this is we hav 2 fool the bsnl techies 2 activate portal and thus get gprs activated / get "G" signal on ur cell as bsnl portal (wap.cellone.in) needs "gprs signal on ur cel (whether gprs is formaly activated/registerd or not (by my method )i dont know)
NORMALLY THEY DONT DO THAT INSPITE OF THE FACT THAT THEY SHOULD ACTIVATE GPRS SIGNAL SERVICE FOR PORTAL!!!
AND THEY WILL GIVE U NO OF REASONS----
---THAT portal is message based , so go to cellone icon in menu and use that sms based portal (what the f**k)
---THAT portal service will be activated when u will activate gprs by filling up form and registering at nearest CCN!!
---THAT ur handset has some problems (if u say that "G" signal is not present)
----etc,etc!!
U HAVE 2 ACTIVATE PORTAL FIRST WHICH IS FREE AND U CAN EAT UP CC'S FOR THIS REASON!!
SO WHAT U HAV 2 DO IS--
1) SEND PORTAL to 3733 AND CONFIRMATION SHD COME WITH 5 MIN AT-MAXIMM !!
2) SEND FOR ATLEAST 20-30 TIMES (CAN B ANY MORE THAN THAT)
JUST S**K UP THE NETWORK(3733) WITH THESE MESSAGES !!!
THAT'S FREE NO!! BOTH ON POST AND PRE!!
3) NOW ALONG ALSO SEND 20-40 SMS AS GPRS TO 3733
(NO OF SMS DIRECTLY PROPORTIONAL 2 HATE FOR BSNL AND HOW EARLY U WNAN GET UR GPRS ACTIVATED) this is also free both on post and pre!!
4) U WILL GET CONFIRMATION IN BOTH CASES AND MSG TELLS U 2 GET SETTINGS FROM 9400024365, THE NO OF CC!!
HERE AT MY PLACE I CAN DIAL 9419024365 ALSO!
BOTH R TOLL FREE AND BOTH R LOCATED IN CHANDIGARH!!!
(((((((AND SOME OF THE CC'S SAY they cant give such sensitive information that where they r located, as if thay have a 3 rd world of their own! and the other dumbs said that they r in chandigarh!!!!)))))
I WOULD ADVISE ALL FIRST, 2 call them once 2 get the settings!!
(most of the times that is incorect but gives u an idea of settings in ur area))
Try and in ur 1 st call only,
talk roughly and tell them u r calling 10-20th time just for settings and is that their service!!!
5) Now when u get them save them AND plz post them here!!!
6) now GET ATLEAST 2-3 COMPLAINTS REGISTERED( each after 1 day) THAT UR PORTAL HAS NOT ACTIVATED AND GET THEIR SERIAL NO.
and in the end bombard them abt the status of all those complaints !!
b4 registering ur complaint they will hesitate much and always say taht they will b sendin new settings which r accurate! but dont belive them and just register complaints!!
6)AFTER THAT, u have 2 only wait until "G" signal is there on ur screen!!
LOOK, WHAT I HAVE WRIITEN ABV IS METHOD by which i got activated my "G" service !!! without fillin any form or such and without any money drain!!
may be since it bypasses the formal way of registeration, that is why this trick is working !!!!!!!!!!!!
U may also Try this
first open ur msg window and type LIVE and send it to 2567 so that after 5 min u get the setting of Airtel Live or if u have already no need for this procedure.
now then open that setting and copy all the settings from it and create one access point manually which has all the settings like Airtel Live has.
now only one change will be there and it would be in access point name which is "Airtelmms.com" instead of originally "Airtelgprs.com".
ok u've done it just active that setting and access free airtel gprs on ur phone.
Another Trick
somya_cse
You need a PC or a Laptop and the required connectivity tools ,ie.,
Serial/USB cable OR Infrared Device OR Bluetooth dongle
1) Activate Airtel Live! ( Its FREE so no probs)
2) Create TWO Airtel gprs data accounts (yep TWO) and select the
FIRST as the active profile.
3) Connect your mobile to the PC (or Laptop) and install the driver for
your mobileâs modem.
4) Create a new dial-up connection using the NEW CONNECTION
WIZARD as follows
Connecting Device : Your mobileâs modem
ISP Name : Airtel (or anything you like)
Phone Number : *99***2#
Username and Password : blank
5) Configure your browser and download manager to use the proxy
100.1.200.99 and port 8080.( My advice is to use Opera since you
can browse both wap and regular websites)
6) Connect to the dial-up account. You will be connected at 115.2
kbps (but remember, that is a bad joke).
7) Pick up your mobile and try to access any site. You will get âAccess
Deniedâ¦Ã¢(except for Airtel Live!). IT DOES NOT MATTER.
Keep the mobile down.
8 ) On the PC ( or Laptop) open your browser, enter any address ,
press ENTER andâ¦Ã¢¦.WAIT
9) After a few seconds the page will start to load
main thing is the advance initialization command.
Posted in Airtel Hack for free internet all methods by prakash | 1 comments
Links to this post Email this post
nice tutorial on using brutus
2008-03-26
This article is designed to demonstrate how to accomplish a brute force attack, and what it looks like from the receiving end. Brute force means password guessing. This can only feasibly be accomplished with the aid of good target reconnaissance and some automated programs. While it is very easy to write your own brute force program, there are several available for free online. I find Brutus to be one of the best brute force tools. You can find it at Hoobie.net.
The first step in a brute force attack (or for that matter, any attack) is target enumeration. This is the process by which we find where and how a target is vulnerable. I use NMAP for almost all of my initial cursory scans of networks. Lets use the target of my own desktop server and run an NMAP scan to find out what we have to play with. The output from my scan follows:
nmap -sS -O 216.25.200.135
Starting nmap V. 2.30BETA17 by fyodor@insecure.org (
http://www.insecure.org/nmap/ )
Interesting ports on ip-216-25-200-135.covad.dsl.fcc.net
(216.25.200.135):
Port State Service
21/tcp open ftp
25/tcp open smtp
80/tcp open http
135/tcp open loc-srv
139/tcp open netbios-ssn
443/tcp open https
445/tcp open microsoft-ds
1025/tcp open listen
1026/tcp open nterm
1031/tcp open iad2
TCP Sequence Prediction: Class=random positive increments
Difficulty=7635 (Worthy challenge)
Remote operating system guess: Windows 2000 RC1 through final release
Nmap run completed -- 1 IP address (1 host up) scanned in 1 second
Ok, so we’ve got several services to choose from on this target. The first one that catches my eye is FTP. We can use this to brute force passwords, and we can use smtp to check for user accounts. Now the fun begins. I’ll first try ftp to find if anonymous ftp is enabled (which could potentially make my task a lot easier, there are rare computers with completely open upload/download ftp servers without strong restrictions (allowing you to upload and download to the web root folder)).
C:\>ftp 216.25.200.135
Connected to 216.25.200.135.
220 WIN2KSERVER Microsoft FTP Service (Version 5.0).
User (216.25.200.135:(none)): anonymous
331 Password required for anonymous.
Password:foo@nowhere.com
530 User anonymous cannot log in.
Login failed.
ftp> quit
221 Fuck off!
It seems that anonymous ftp isn’t enabled, and not only that the server is quite rude when I leave. The server did give some confirmation that it is running Windows NT, or in this case Windows 2000 (dead giveaway in the machine’s name ‘WIN2KSERVER’). We’ll try the SMTP server now to check for user names.
220 WIN2KSERVER Microsoft ESMTP MAIL Service, Version: 5.0.2195.2966
ready at Fri, 22 Jun 2001 09:08:49 –0400
vrfy smellydell
252 2.1.5 Cannot VRFY user, but will take message for smellydell
vrfy administrator
252 2.1.5 Cannot VRFY user, but will take message for administrator
well, there’s no use in verifying anyone on this server as it seems that the server will give the same message for real and bogus accounts (all NT servers have an ‘administrator’ account, in much the same way that *nix have root accounts). The ‘expn’ command didn’t work at all on this server (replied with ‘unknown command’ at expn postmaster). So at this point I’m S.O.L., but some machines will give a very good list of users and or active accounts using the smtp server.
Ok, so I’m off to brute forcing. The first thing I do is fire up Brutus.
Screenshot of brutus at startup
Next I’ll have to modify my users list (found in users.txt in the Brutus directory) to include users I suspect to be on an NT server. NT always has a ‘Guest’ account and an ‘Administrator’ account. I’ll add a few more guesses. In the end my users list looks like this:
A text file list of users
The next step is to fire Brutus at the target, when configured for an ftp attack, Brutus appears thus:
Configuring brutus
You’ll notice I set the timeout higher than the default. Brutus nicely circumvents connection limits by creating new connections for every request. This is useful because some servers will cut your connection after 3 bad guesses at passwords. Brutus uses the targets ability to take multiple ftp requests and creates a new request for every guess (I have set the program to make 10 requests simultaneously). The timeout is the lag time that the program will allow before it makes a new request. If you don’t set this high enough you are likely to flood the target and either crash its server, or simply hang Brutus. You can use a really high connection and low timeout rate as an effective DoS attack that will knock weak servers completely off the net.
So now I’ll fire Brutus at the target. I’m using the default password list that comes with the program, but there are several larger, and more complete word lists available online. What Brutus will do is try every username listed in the users file with every password in the word list (and can even generate its own random word list to include all combinations of letters, characters, and numbers). Remember that most passwords are 8 characters long, so its usually not worthwhile to try and brute force very short passwords. Here’s what Brutus looks like in action:
Screenshot of brutus attacking a target
Now, the downside to brute forcing is that it is extremely noisy, and even the worst sysadmin should notice it. During my demonstration my server immediately popped an alert that the system log was full. A quick examination of the system log reveals the problem immediately:
Screenshot of an NT event log
All those warnings you see are bad FTP login attempts. A double click on the alert shows:
Screenshot of an event log detail showing the brute force attack
It isn’t hard to figure out exactly what is going on. Even more disturbing is the log file left behind. Here’s a snippit:
13:30:18 216.25.200.135 [5]USER admin 331
13:30:18 216.25.200.135 [6]USER admin 331
13:30:18 216.25.200.135 [7]USER admin 331
13:30:18 216.25.200.135 [8]USER admin 331
13:30:18 216.25.200.135 [9]USER admin 331
13:30:18 216.25.200.135 [10]USER admin 331
13:30:18 216.25.200.135 [11]USER admin 331
13:30:18 216.25.200.135 [12]USER admin 331
13:30:18 216.25.200.135 [13]USER admin 331
13:30:18 216.25.200.135 [4]PASS - 530
13:30:18 216.25.200.135 [14]USER admin 331
13:30:18 216.25.200.135 [5]PASS - 530
13:30:18 216.25.200.135 [6]PASS - 530
13:30:18 216.25.200.135 [7]PASS - 530
13:30:18 216.25.200.135 [8]PASS - 530
13:30:18 216.25.200.135 [9]PASS - 530
13:30:18 216.25.200.135 [10]PASS - 530
13:30:18 216.25.200.135 [11]PASS - 530
13:30:18 216.25.200.135 [15]USER admin 331
13:30:18 216.25.200.135 [16]USER admin 331
Not only do you notice all the tries for the same account, but you can tell it is an automated attempt to brute force because the times of the attempts are so close together (60 or so attempts a second). Even more damning is that my IP address is logged all over the huge log file. Its not hard to spot me or figure out what I’m attempting to do. Be warned if you attempt a brute force that you are probably going to get notice.
Now, I happened to be successful on this attempt and got on username and password. The results are displayed in Brutus under the ‘Positive Authentication Results’ window:
Screenshot showing brutus successfully identifying login information
You can see the username ‘user’ and password ‘charles’ worked on the server. Lets try them out:
C:\>ftp 216.25.200.135
Connected to 216.25.200.135.
220 WIN2KSERVER Microsoft FTP Service (Version 5.0).
User (216.25.200.135:(none)): user
331 Password required for user.
Password: charles
230-Fuck you!
230 User user logged in.
ftp>
Boom, and its just that easy. Now that I’m in my first step should be to attempt to clean up the traces of my attack (i.e. the log files and system event logs). Accomplishing this task takes more explanation than I have time for here, but hopefully you get the idea.
If nothing else, this short article should show you the value of good passwords. If I hadn’t set up the account ‘user’ with such a crappy password this attack most likely would have been unsuccessful. See my article on passwords for a good run down of how to pick a good password to keep your accounts safe from brute force attempts.