This is default featured slide 1 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 2 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 3 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 4 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 5 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

Shutdown your PC remotely using Twitter and TweetMyPC

By Anonymous March 30, 2010  No comments

Learn how to hack


Hello to all the readers of Hacking Articles.


Feel Free to DIGG THIS POST guys.


Twitter is powerful and simple indeed. But then developers were not stopping on creating and obviously developing new applications to make it even stronger. TweetMyPC is a freeware application which enables you to utilize Twitter as a way of sending commands to your PC remotely.

Sending commands to your PC remotely sounds very cool. But the negative thing here is that TweetMyPC only provides Shutdown, restart, and log off commands for now.

Though, it is still a very good application. So, to start things up, it’s recommended to create a separate Twitter account for this one. Then download and install TweetMyPC on your computer. Login your Twitter account on TweetMyPC and you’re on the go. Just tweet the command and TweetMyPC will do it for you. Very simple.


Learn how to hack


Available Commands:


  • Shutdown

  • Restart

  • Logoff


Take note that these commands are case sensitive.

Download TweetMyPC here.


Read More

Get Free Demonoid Invitation Codes (Code Generator)

By Anonymous March 30, 2010  No comments

Learn how to hack


Hey Friends,


This is an amazing website which can help you create free Demonoid invitation codes but it takes a lot of time (it’s worth a try !).I got this amazing video at Youtube and was quite useful though it is a slow process



First go to this site Getinvites.org and then follow the given steps.


1.Create an account over there and do all the activation and stuff. 2.Then click on “Get An Invite” and this might take some days for your invitation to arrive ! And here is the video : CLICK HERE TO WATCH THE VIDEO ON YOUTUBE!



Read More

Google Wave Invite Giveaway

By Anonymous March 30, 2010  No comments

Google Wave


I received my supply of invites for Google Wave recently. Its been almost one month since I am using Wave but did not have he capacity to invite others. Today, Google bestowed in me the power to invite 8 people to Google Wave.


For those, unfamiliar with the term, Google Wave is a kind of collaboration tool which works in realtime. What this means is that you can see your friends type each alphabet as and when they type.


I like to call it :


Demise of the Backspace Key


Its a plus point and a negative point also. Imagine, typing something which gets viewed the same instant as you punch in the keys!


Google Wave is still in development phase and it would not be fair to jump to conclusions so soon. To draw an analogy “Who knew twitter could be such a rage?” Let’s wait and watch how Wave matures with time.


For readers of Hacking Articles, I would be giving away Google Wave invites!


How to get Google Wave Invite?


Each participant stands a chance to win a invite to Google Wave on a first-come-first-serve basis. All you have to do is :


READ CAREFULLY



  • Subscribe to HackingArticles via Email [Do remember to confirm your subsciption]

  • Tweet about this Post & follow us on Twitter

  • Join us on Google Friend Connect

  • Leave a comment confirming your entry after you are done with above 3 steps

    • How will I know if I won?


    I will email the winners personally because Wave invites are not sent by Google immediately, it may take a day or two to arrive at your inbox. Google is overworked with wave invites so I’ll confirm the winners with the news till they receive the invite from Google. Just be sure to follow the above mentioned steps in totality.


    How many invites are up for Grabs?


    Originally, Google has granted us with the power to invite 8 people to Wave. As the invites are sent out, the number of available invites will keep reducing so hurry up!


    For proof, image is shown below:


Google Wave


Number of invites left : 7


All the best guys! See you on Wave.

Read More

How To Access Blocked Websites?

By Anonymous March 30, 2010  No comments

Access Denied


How to access blocked websites like Facebook, MySpace, Bebo at school or office?


This article suggests workarounds to help you unblock access to restricted websites at universities, school and offices.


Background: Blocking access to undesirable Web sites has been a common government tactic but China, Iran, Saudi Arabia are believed to extend greater censorship over the net than any other country in the world.


Most of the blocked or blacklisted sites in Saudi Arabia, Kuwait and all other GCC countries are about sex, religion, women, health, politics and pop culture. They even block access to websites that sell swimming or bathing suits. In China, websites that talk about sex, Tibet or Democracy are blocked.


Social sites that are often blocked include Google News, Typepad, ebay, Blogger blogs, YouTube, Facebook, Bebo, Myspace, Orkut, MySpace, Pandora, Bebo, Photobucket, Yahoo! Messenger, AOL AIM, Flickr, last.fm, etc.


Proxy websites allows us to bypass our current ISP’s IP and connect to targeted website with a different IP; thus hiding our actual origin from detectable. Internet users use proxy websites for various reasons, some to access websites potentially blocked by their colleges or workplace, some use it to test their scripts. I frequently used them to test geo-location ads or to check if DNS are properly propagated when I adjust their settings.

Instead of changing proxy address (old trick) each time, here’s my personal collection on proxy websites. Full list.

90+ Proxy Websites To Access Blocked Websites



  1. http://www.hidemyass.com

  2. http://www.anonymizer.com

  3. http://www.wujie.net

  4. http://www.ultrareach.net

  5. http://surfshield.net

  6. http://www.guardster.com/subscription/proxy_free.php

  7. http://anonymouse.ws/anonwww.html

  8. http://www.browser-x.com

  9. http://www.spysurfing.com

  10. http://www.xerohour.org/hideme

  11. http://www.proxyz.be

  12. http://www.sc0rian.com/prox

  13. https://www.proxify.us

  14. http://kproxy.com/index.jsp

  15. http://www.brawl-hall.com/pages/proxy.php

  16. http://www.proxify.net

  17. http://proxy.computersteroids.com/index0.php

  18. http://www.unipeak.com

  19. http://flyproxy.com

  20. http://alienproxy.com

  21. http://proxify.com/

  22. http://www.unfilter.net

  23. http://www.proxymouse.com

  24. http://www.surfonym.com/cgi-bin/nph-proxy

  25. http://www.superproxy.be/browse.pl

  26. http://www.websiteguru.com/mrnewguy

  27. http://www.letsproxy.com

  28. http://www.fsurf.com

  29. http://indianproxy.com

  30. http://www.letmeby.com

  31. http://Boredatschool.net

  32. http://www.ibypass.org

  33. http://www.ipzap.com/

  34. https://proxify.biz

  35. http://kproxy.com/index.jsp

  36. http://www.attackcensorship.com/attack-censorship.html

  37. http://mrnewguy.com

  38. http://www.evilsprouts.co.uk/defilter

  39. http://www.proxify.info

  40. http://www.torify.com

  41. http://www.switchproxy.com

  42. http://www.proxifree.com

  43. http://www.secure-tunnel.com/

  44. http://www.proxify.cn

  45. http://www.arnit.net/utilities/webproxy/new

  46. http://www.proxify.co.uk

  47. http://www.betaproxy.com

  48. http://www.proxify.org

  49. http://www.proxychoice.com

  50. http://www.proxysnail.com

  51. http://www.anonypost.com

  52. http://www.thestrongestlinks.com

  53. http://www.hujiko.com

  54. http://www.anonproxy.info

  55. http://www.peoplesproxy.com

  56. http://www.freeproxy.us

  57. http://www.proxyweb.net

  58. http://www.nopath.com

  59. http://urlencoded.com

  60. http://www.pole.ws

  61. http://www.browseany.com

  62. http://www.spiderproxy.com

  63. http://www.clickcop.com

  64. http://www.sneakysurf.com

  65. http://www.mywebtunnel.com

  66. http://www.thewebtunnel.com

  67. http://www.3proxy.com

  68. http://www.yourfreeproxy.com

  69. http://www.proxy7.com

  70. http://www.fireprox.com

  71. http://www.stupidcensorship.com

  72. http://www.letsproxy.com

  73. http://www.sneak2.com

  74. http://www.cecid.com

  75. http://www.freeproxy.ca

  76. http://www.ibypass.org

  77. http://www.goproxing.com

  78. http://www.projectbypass.com/

  79. http://www.ipsecret.com

  80. http://www.nomorelimits.net

  81. http://www.proxify.de

  82. http://www.bywhat.com

  83. http://www.snoopblocker.com

  84. http://www.anonymizer.ru

  85. http://www.proxyking.net/

  86. http://www.perlproxy.com

  87. http://www.proxylord.com

  88. http://tntproxy.com

  89. http://satanproxy.com

  90. http://zombieinvasion.info

  91. http://demonproxy.com

  92. http://www.myfreeproxy.com

  93. http://www.gezcem.com/nph-proxy.pl.old

  94. http://mpleger.de

  95. http://www.the-cloak.com/login.html


Disclaimer


Note that not all of them are working perfectly; some of these websites could be offline too. I’m not encouraging you to use this to bypass sites that you are banned from surfing in colleges, work place, etc. Use them with cautions make sure you know what you are doing. I shall not be responsible for any damages or rules and regulation you violate from using these proxies.

Read More

Enable the (Hidden) Administrator Account on Windows 7 or Vista

By Anonymous March 30, 2010  No comments
Many people familiar with prior versions of Windows are curious what happened to the built-in Administrator account that was always created by default. Does this account still exist, and how can you access it?


The account is created in Windows 7 or Vista, but since it’s not enabled you can’t use it. If you are troubleshooting something that needs to run as administrator, you can enable it with a simple command.


Note: You really shouldn’t use this account for anything other than troubleshooting. In fact, you probably shouldn’t use it at all.


Enable Built-in Administrator Account


First you’ll need to open a command prompt in administrator mode by right-clicking and choosing “Run as administrator” (or use the Ctrl+Shift+Enter shortcut from the search box)


Run Command Prompt as Administrator


Now type the following command:


net user administrator /active:yes



The Command Complete Successfully


You should see a message that the command completed successfully. Log out, and you’ll now see the Administrator account as a choice. (Note that the screenshots are from Vista, but this works on Windows 7 too)


Administrator Account


You’ll note that there’s no password for this account, so if you want to leave it enabled you should change the password.


Disable Built-in Administrator Account


Make sure you are logged on as your regular user account, and then open an administrator mode command prompt as above. Type the following command:


net user administrator /active:no


The Command Completed Successfully


The administrator account will now be disabled, and shouldn’t show up on the login screen anymore.

Read More

Hacking Gmail account using GX Cookie

By Anonymous March 30, 2010  No comments

gmailDisclaimer: This post is only for educational purpose.


Introduction


Hacking web application was always curious for the script kiddies. And hacking free web email account is every geek first attempt. The method which I will describe in this post is not new; the same method can be applied to yahoo and other free web email services too.


The method we will be using is cookie stealing and replaying the same back to the Gmail server. There are many ways you can steal cookie, one of them is XSS (Cross site scripting) discussed by other is earlier post. But we won’t be using any XSS here, in our part of attack we will use some local tool to steal cookie and use that cookie to get an access to Gmail account.


Assumption:



  • You are in Local Area Network (LAN) in a switched / wireless environment : example : office , cyber café, Mall etc.

  • You know basic networking.


Tool used for this attack:



  • Cain & Abel

  • Network Miner

  • Firefox web browser with Cookie Editor add-ons


Attack in detail:


We assume you are connected to LAN/Wireless network. Our main goal is to capture Gmail GX cookie from the network. We can only capture cookie when someone is actually using his gmail. I’ve noticed normally in lunch time in office, or during shift start people normally check their emails. If you are in cyber café or in Mall then there are more chances of catching people using Gmail.


We will go step by step,

If you are using Wireless network then you can skip this Step A.


A] Using Cain to do ARP poisoning and routing:


Switch allows unicast traffic mainly to pass through its ports. When X and Y are communicating eachother in switch network then Z will not come to know what X & Y are communicating, so inorder to sniff that communication you would have to poison ARP table of switch for X & Y. In Wireless you don’t have to do poisoning because Wireless Access points act like HUB which forwards any communication to all its ports (recipients).



  • Start Cain from Start > Program > Cain > Cain

  • Click on Start/Stop Sniffer tool icon from the tool bar, we will first scan the network to see what all IPs are used in the network and this list will also help us to launch an attack on the victim.

  • Then click on Sniffer Tab then Host Tab below. Right click within that spreadsheet and click on Scan Mac Addresses, from the Target section select


All hosts in my subnet and then press Ok. This will list all host connected in your network. You will notice you won’t see your Physical IP of your machine in that list.

How to check your physical IP ?

> Click on start > Run type cmd and press enter, in the command prompt type

Ipconfig and enter. This should show your IP address assign to your PC.

It will have following outputs:


Ethernet adapter Local Area Connection:


Connection-specific DNS Suffix . : xyz.com

IP Address. . . . . . . . . . . . : 192.168.1.2

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

Main thing to know here is your IP address and your Default Gateway.


Make a note of your IP Address & default gateway. From Cain you will see list of IP addresses, here you have to choose any free IP address which is not used anywhere. We assume IP 192.168.1.10 is not used anywhere in the network.



  • Click on Configure > APR > Use Spoofed IP and MAC Address > IP


Type in 192.168.1.10 and from the poisoning section click on “Use ARP request Packets” and click on OK.



  • Within the Sniffer Tab , below click on APR Tab, from the left hand side click on APR and now click on the right hand top spreadsheet then click on plus sign tool from top. The moment you click that it will show you list of IP address on left hand side. Here we will target the victim IP address and the default gateway.


The purpose is to do ARP poisoning between victim and the default gateway and route the victim traffic via your machine. From the left side click on Victim IP address, we assume victim is using 192.168.1.15. The moment you click on victim IP you will see remaining list on the right hand side here you have to select default gateway IP address i.e. 192.168.1.1 then click on OK.



  • Finally, Click on Start/Stop Sniffer tool menu once again and next click on Start/Stop APR. This will start poisoning victim and default gateway.


B] Using Network Miner to capture cookie in plain text


We are using Network miner to capture cookie, but Network miner can be used for manythings from capturing text , image, HTTP parameters, files. Network Miner is normally used in Passive reconnaissance to collect IP, domain and OS finger print of the connected device to your machine. If you don’t have Network miner you can use any other sniffer available like Wireshark, Iris network scanner, NetWitness etc.


We are using This tool because of its ease to use.



  • Open Network Miner by clicking its exe (pls note it requires .Net framework to work).

  • From the “—Select network adaptor in the list—“ click on down arrow and select your adaptor If you are using Ethernet wired network then your adaptor would have Ethernet name and IP address of your machine and if you are using wireless then adaptor name would contain wireless and your IP address. Select the one which you are using and click on start.


Important thing before you start this make sure you are not browsing any websites, or using any Instant Mesaging and you have cleared all cookies from firefox.



  • Click on Credential Tab above. This tab will capture all HTTP cookies , pay a close look on “Host” column you should see somewhere mail.google.com. If you could locate mail.google.com entry then in the same entry right click at Username column and click on “copy username” then open notepad and paste the copied content there.

  • Remove word wrap from notepad and search for GX in the line. Cookie which you have captured will contain many cookies from gmail each would be separated by semicolon ( GX cookie will start with GX= and will end with semicolon you would have to copy everything between = and semicolon


Example : GX= axcvb1mzdwkfefv ; ßcopy only axcvb1mzdwkfefv


Now we have captured GX cookie its time now to use this cookie and replay the attack and log in to victim email id, for this we will use firefox and cookie editor add-ons.


C] Using Firefox & cookie Editor to replay attack.



  • Open Firefox and log in your gmail email account.

  • from firefox click on Tools > cookie Editor.

  • In the filter box type .google.com and Press Filter and from below list search for cookiename GX. If you locate GX then double click on that GX cookie and then from content box delete everything and paste your captured GX cookie from stepB.4 and click on save and then close.

  • From the Address bar of Firefox type mail.google.com and press enter, this should replay victim GX cookie to Gmail server and you would get logged in to victim Gmail email account.

  • Sorry! You can’t change password with cookie attack.


How to be saved from this kind of attack?

Google has provided a way out for this attack where you can use secure cookie instead of unsecure cookie. You can enable secure cookie option to always use https from Gmail settings.

Settings > Browser connection > Always use https

Read More

A Port Scanner in VB

By Anonymous March 30, 2010  No comments
port


A small but effective tool (if you know the right way to use it..you might do wonders..)


——————–

you need:


2 textboxes

1 listbox

3 commandbuttons

1 timer

1 winsock control

——————–



 
 
Private Sub Command1_Click() 
  Timer1.Enabled = True 
End Sub 
 
Private Sub Command2_Click() 
  Timer1.Enabled = False 
  Text2.Text = "0" 
End Sub 
 
Private Sub Command3_Click() 
  List1.Clear 
End Sub 
 
Private Sub Timer1_Timer() 
  On Error Resume Next 
  Winsock1.Close 
  Text2.Text = Int(Text2.Text) + 1 
  Winsock1.RemoteHost = Text1.Text 
  Winsock1.RemotePort = Text2.Text 
  Winsock1.Connect 
End Sub 
 
Private Sub Winsock1_Connect() 
 List1.AddItem Winsock1.RemotePort & " is open!" 
End Sub

——————–

Explanation:


text1 = IP to scan

text2 = starting port

list1 = list where all open ports are shown

command1 = start

command2 = stop and reset

command3 = clear port list

timer1 = will make the winsock control to try ports

Read More