Web Hacking with DVNA - Free to Download

Tweet

(DVNA) Damn Vulnerable Web Application  is a collection of website hacking tool based on PHP / mySQL. DVWA may be an option for beginners to learn web hacking web hacking techniques from scratch. Various techniques web hacking attacks can be obtained from this tool. Besides easy to use, lightweight and complete, DVWA run through a local server (localhost) using WAMP / XAMP / LAMP and others.

Key Features

DVWA include some web hacking tools such as :

• SQL Injection
• XSS (Cross Site Scripting)
• LFI (Local File Inclusion)
• RFI (Remote File Inclusion)
• Command Execution
• Upload Script
• Login Brute Force

Download

• CLICK HERE to Download

Read More

Collection Of Best PHP and ASP shells : Free

Tweet

Collection Of Best PHP and ASP shells : Free

C99 Shell 

R57 Shell 

ASPXspy2 

dQ99shell 

Cmd Asp Shell 

Vb Hacker Shell 

CWShellDumper 

C100 Shell 

Tryag Bypass Cgi.Pl 

User.Pl User list perl Safe0ver Bypass Shell 

Sosyete Safe Mode Bypass Shell 

Liz0zim Bypass Shell 

Kacak Fso Shell v1.0 Ekin0x Shell 

Zehir4 Asp Shell 

Sim Attacker Shell 

MySQL Shell 

Remview Shell 

Ajax Command Shell AntiChat Shell 

Efso Asp Shell

Read More

BSQL Hacker : Automated SQL Injection Framework Tool

Tweet

It's easy to use for beginners and provide great amount of customisation and automation support for experienced users. Features a nice metasploit alike exploit repository to share and update SQL Injection exploits.

BSQL Hacker is an automated SQL Injection Framework / Tool designed to exploit SQL injection vulnerabilities virtually in any database.

BSQL Hacker aims for experienced users as well as beginners who want to automate SQL Injections (especially Blind SQL Injections).

Videos

• Sample exploitation and Injection Wizard Demo
• Error Based Injections and Attack Template Usage

Download

• New version is out, it's mostly bug fixed, CLICK HERE to download.

Screenshot

 

Key Features

• Easy Mode
• SQL Injection Wizard
• Automated Attack Support (database dump)
• ORACLE
• MSSQL
• MySQL (experimental)
• General
• Fast and Multithreaded
• 4 Different SQL Injection Support
• Blind SQL Injection
• Time Based Blind SQL Injection
• Deep Blind (based on advanced time delays) SQL Injection
• Error Based SQL Injection
• Can automate most of the new SQL Injection methods those relies on Blind SQL Injection
• RegEx Signature support
• Console and GUI Support
• Load / Save Support
• Token / Nonce / ViewState etc. Support
• Session Sharing Support
• Advanced Configuration Support
• Automated Attack mode, Automatically extract all database schema and data mode

• Update / Exploit Repository Features
• Metasploit alike but exploit repository support
• Allows to save and share SQL Injection exploits
• Supports auto-update
• Custom GUI support for exploits (cookie input, URL input etc.)

• GUI Features
• Load and Save
• Template and Attack File Support (Users can save sessions and share them. Some sections like username, password or cookie in the templates can be show to the user in a GUI)
• Visually view true and false responses as well as full HTML response, including time and stats

• Connection Related
• Proxy Support (Authenticated Proxy Support)
• NTLM, Basic Auth Support, use default credentials of current user/application
• SSL (also invalid certificates) Support
• Custom Header Support

• Injection Points (only one of them or combination)
• Query String
• Post
• HTTP Headers
• Cookies

• Other
• Post Injection data can be stored in a separated file
• XML Output (not stable)
• CSRF protection support (one time session tokens or asp.net viewstate ort similar can be used for separated login sessions, bypassing proxy pages etc.)

Read More

Attack An IP With Metasploit & NMAP

Tweet

Hello guys, howz you all ? Vandan here. First of all I want to say thanks to XEO Hacker for giving me chance to write for this blog and I will try my best to give you guys the best I can. I have chosen "GOOGLE WORM" as my nick in hacking world hope you guys like it as well.Lets come to the tutorial. Tomorrow I have posted about ClickJacking Attack in which I have given an idea about ClickJacking and the ways how to do it. Today I am going to write about Nmap with Metasploit. Let's start .

Steps to Follow

• First download Metasploit 3.3 from the official website.
• Let it install and towards the end of the installation it will ask if you would like Nmap installed also, choose YES. 
• Once you have installed the Metasploit, the below screen will open up.

• Now type db_create. 
• Once you have typed that type nmap, it will load nmap as shown in below image.

• You need to configure your scan now, I usually do a simple -sT -sV scan which will tell us the open ports and services running on the victims computer. 
• Now type nmap -sT -sV xxx.xxx.xxx.x (X's being victims Ip number)

• Now give it 5 minutes to complete the scan,Once that is complete if you are lucky you should get a response like this...

• This is basically a list of the open ports and services running on the target machine. 
• Now the handy feature of the metasploit 3.3 framework is the autopwn feature, this basically searches and runs all matching exploits in the Metasploit database against the target machine and if successful will create a shell or similar privilege for the attacker.
• Now once you have the nmap results delivered back to you showing the open ports and services type db_autopwn -p -t -e.
• From this point you will either have access to the victims computer through a successfully launched exploit or you will get a response saying the machine wasn't vulnerable to any of the exploits in the Metasploit database. 
• Unfortunately on this particular machine I found it wasn't vulnerable as the image below proves.But if you are in luck and the targeted computer is vulnerable to exploits then BOOM.
• Good luck. Have fun !!!

Note : This tutorial is just for educational purposes and HWS team is not responsible for any kind of misusse. Use it on your own risk. This tutorial is written by " Google Worm ".

Read More

Click Jacking Attack

Tweet

Definition

"Clickjacking is a malicious technique of tricking web users into revealing confidential information or taking control of their computer while clicking on seemingly innocuous web pages."

Introduction

A vulnerability across a variety of browsers and platforms, a clickjacking takes the form of embedded code or script that can execute without the user's knowledge, such as clicking on a button that appears to perform another function.
The long list of vulnerabilities involves browsers, Web sites and plug-ins like Flash."

How It Works?

ClickJacking is a little bit difficult to explain however try to imagine any button that you see in your browser from the Wire Transfer Button on your Bank, Post Blog button on your blog, Add user button on your web-site, Google Gadgets etc.

ClickJacking gives the attacker to ability to invisibly float these buttons on-top of other innocent looking objects in your browser.

So when you try to click on the innocent object, you are actually clicking on the malicious button that is floating on top invisibly.

In other words, the attack is thrown by a malicious web page embedding objects, possibly from a different site, such as framed documents or plugin content (Flash, Silverlight, Java…) which may lead to unwanted results if clicked by the current user (e.g. a “Delete all messages” button in your webmail or an advertisement banner in a click fraud scheme). Using DHTML, and especially CSS, the attacker can disguise or hide the click target in several ways which go completely undetected by the user, who’s easily tricked into clicking it in a more or less blind way.

JavaScript increases the effectiveness of these attacks hugely, because it can make our invisible target constantly follow the mouse pointer, intercepting user’s first click with no failure.
We can however imagine a few less effective but still feasible scriptless scenarios, e.g. covering the whole window with hidden duplicates of the target or overlaying an attractive element of the page, likely to be clicked (e.g. a game or a porn image link), with a transparent target instance.

Examples

• Malicious camera spying using Adobe's Flash.
•  Flash, Java, SilverLight, DHTML Game or Application used to Spy on your Webcam and/or Microphone.
• The best defense against ClickJacking attacks is to use Firefox with the NoScript add-on installed.    

Read More

Basics about Shell Uploading

Tweet

I am sure many have you have read about "Hacked / Defaced with shells", So I am pretty sure that the first thing that comes to your mind is "What the heck are these shells?" . So this article would give you complete idea about shells and its use.

I will soon write about "RFI, LFI" which are somewhat connected with shells. Meanwhile, keep playing with it and learn more. As without practice you won't get anything.

Difference between FTP & Shells:

Many times I see that some of us know how to use the shell but once they have uploaded they get confused. So to start with, Let me give you some information about FTP:

• File Transfer Protocol

Whenever you want to open your website, the first thing you will do is to get some web hosting for your self. That cud be either free or paid. When your get your hosting services, you create a website on your computer first and then upload it to your hosting server so it becomes a World Wide Web. This process of uploading the documents from your computer to your hosting server is done through FTP [File Transfer Protocol]. It basically looks like a program with 2 columns, one column shows your computer files and another shows your servers files. Just like when you copy the stuffs from some USB drive to your computer. So here, I will show you an example is how you would connect if you own example.com. So when you want to connect your self to your web hosting server, following information is required in order to authenticate yourself:

Server : ftp.example.com
Username: XEO
Password: whatever

So, once you put in this information, server understands that you are XEO and gives you access to all the files on the server so you can work on it.

•   Shells

Since you understand the FTP now, we know that none of us will get access to Go4expert's server because we don't have the username and password authenticate yourself. Somehow we can manage to get the access to G4E's FTP we can easily remove/edit/replace files. So we can destroy this entire forum and upload our own stuffs. That is when shells comes into the picture. Shells are a malicious PHP files which you will need to upload to any website, and once you execute it you will get access to its server directly WITHOUT authenticating your self.

• Moral of the Story:

I wrote the difference between FTP and shells so that you guyz can understand it, because lots of people tends to get confused between them. So again to make it clear, you can following thing:

FTP is a protocol that lets you connect your computer to your hosting server so that you can upload/edit/delete/replace your files. Since we wouldn't have the username & password to connect to any website's ftp, thats why we will use the SHELL to get access. SO SHELL IS NOT FTP BUT IT GIVES YOU ACCESS TO THE HOSTING SERVER.

• Funny Incidents:

Let me tell you guyz why i gave time to write this much about FTP in this article.I remember i saw couple of threads which said following thing:

"Hi guyz, i managed to hack my 1st website today! YAY, I am really happy! But theres only 1 problem, i uploaded the shell and ran it and it worked fine. The only problem is i dont have access to FTP."

Y0, i hacked a website today, uploaded a shell and it worked fine, now i am trying to get access to FTP

• Main Logic

Shell is not a tool that you can run and complete your work. As I said, its just a normal ".php" file, you have to find a way in any website to upload that shell. The Idea is, you upload the shell to any website so it will be saved on their server and it will give you the access to it.

Phase 1 : Uploading a shell:

Suppose you want to hack "something.com". So the first thing that you will do is, open up "something.com", and try to find some place from where you can upload the files on the website. There are many such places for example, "file uploads, avatars, resume upload, cooking recipe uploads, upload your photo". So these are the places which will give you an opportunity to upload your shell. All you have to do is, try to upload the shell.php which is located in your computer and click on submit. So suppose you went to the webpage "something.com/submit_resume.php" and you uploaded your resume.

Phase 2 : Executing your uploaded shelll:

Once we have uploaded the shell as shown in "Phase:1", we know that its sitting on the server. The only thing we need to do now is to execute the shell from a browser so we get access to it.

• Example:

So suppose i uploaded my shell as an attachment in any thread. SO now that attachment is sitting on that thread's server. Now if we want to executive it, we will use following URL:

Code: http://www.something.com/forums/attachment.php?attachmentid=456&d=1249607339

So that is the DIRECT url to the attachment which is called EXECUTION. In the same way if you execute your shell, it will take you to a webpage where you will see everything thats on the server. And you will have FULL ACCESS to remove/edit/replace/delete the files. So you are another XEO !

Phase 3 : Defacing:

Defacing is a word which means "replacing the current index file with our own index with our motive and slogan on it". So once you have access to the server, you are the king

• Different types of shells:

There are many shells available, most of them are public and some of them are private. Most of them does the samething to give you the access of the server. "c99, r57, b0yzone, j32" are some very common and easily available shells.

• Where do I get them from?

The best way is Google search with "inurl:c99.txt". You can replace c99 with r57, j32 or anything else.

Important Piece of advice

I would suggest you to download WAMP SERVER, which lets you make your own server on your comptuer. And then try to use shells on it. Which will help you avoid hacking in live environment. Because, if webmaster is smart then, he can simply check the logs for that shell fine and track down your IP which executed the shell. Then you might be in problem.

Thanks for your time to read the article . Hope you liked it . PEACE!

Read More

Use Facebook in Hackers's Language "1337"

Tweet

Hey guys howz you all. Today I am going to share this news, every hacker loves the 1337 decoding language atleast most of the hackers do. So, if you Love 1337 then its a Good News for you, Facebook officially Launched H4X0R's Language (Hackers) 1337 (leet speak).

I really enjoyed while using it and it yours chance to give it a try and do let me know how's you find it. I think Facebook is now finally doing some kool changes after that shitty timeline. 

How to apply 1337 On your Facebook ?

• Login to your Facebook account
• Goto account setting
• Search for language Option
• Now set it to "Leet Speak"
• You've done !

 If you want to use Facebook in your old language then set it to English (US) again and enjoy :)

Read More

How to Earn Money from a Hacking Blog

Tweet

Of course adsense is Good revenue Program For Blog & websites, but you can't use adsense on your hacking blogs, even you having lot of traffic on your blog. because its againest adsense's TOS, adsense doesn't allow Hacking contest. but don't worry you can earn money online by your hacking Blog using others ways.



 

Infolinks

• Infolinks is a Good  Pay Per Click Advertising program for blogs, you can use it on your information security & hacking Blogs ! infolinks provides “in-text advertising”, search widget, Tags cloud, releted tags etc !

VgLink Advertising Program

• Some days ago i heard about Vglink and i started using it. vglink is also “in-text advertising” program, you can install it easily on your wordpress & blogger blogs. Signup For Vglink 

Direct Advertising

• Contact advertisers and Publish Thier banners etc on your website/ blog, you can add "advertise here" banners on your blog to sell the place for Advertisement. you can also try buyselladds for direct advertisement. 
• As you can see above my posts there you will find this image , if you want your add to display there you can contact me.

Paid Reviews

• Paid reviews can boost your earnings, you need to post review of any tool, software, website or any product. Its a Quick way of make money online !!!
• You can see one such post here .

Write and Sell E-Books

• If you got Good skills in information security & Hacking you can write and sell own e-books, make it attractive and sell via amazon, ebady and your blog/website.
• I have written two books which are open rite now but I am thinking of binding them and publish them online. I will tell you the way how to do it in my coming posts.

Paid serivces

• You can start own services, its depends on your skills, like i'm Good in SEO and blog designing so i'm running this Paid Web Designing and SEO service, for example see this blog which I have designed .

Read More

Check the Suspicious link before Clicking it

Tweet

Today while surfing net i came to this site and i really find it kool. Now a days hackers usually hack account or inject virus in your system by sending you a long link and you don't know whats behind it and because of suspense you just click that link and got infected.

This website allows you to first check whether the given link is suspicious or not and also the short link behind that long link. so if you have some doubt on any link then first use this site and check your link and when you get sure that its safe then click it .

• CLICK HERE to visit the site.

Hope it helped you in some way. Have fun take care.

 

Read More

How to Contact Facebook ?

Tweet

Hello guys hope you all are fine and happy. I was busy in my MS exams because of which I couldn't write any article for such a long time. Anyways here I am with a new article. Hope it will help you in some way.

Have you ever tried to contact Facebook to report a problem with your account or report a bug? It can be as hard as trying to draw blood from a stone. Here is a list of links that can help make contacting Facebook a little easier. Just note that you are not guaranteed a response from Facebook as their motto is You get what you pay for.

• Login / Password
• Friends
• Networks
• Search
• Problems sending or receiving gifts
• Like
• Events
• Notes
• Links
• Confirm Facebook Account
• Add Your City to Facebook’s Database

Mobile

• Mobile
• Facebook mobile
• Unable to log in using phone
• Credits: mobile payments and Facebook credits

Photos

• Unable to select photos
• Photos: I don’t have the ability to use the advanced uploader
• Photos
• Cannot upload or change profile picture

Video

• Video
• My Video Has Disappeared
• I can’t upload my video

Pages

• Create a Page as an authorised representative
• Page not displaying in search

Groups

• Unable to become admin of a group you have left
• Groups
• I can’t find a member when searching in a group I admin
• My group or event is unavailable
• Delays in message and invitation delivery
• I Can’t Send a Message to My Group

Errors

• Could Not Open Socket Error
• Site maintenance
• Database Down Error
• Profile Unavailable Error
• Oops Error Message
• Operation Aborted Error
• Database Write Failed Error
• AJAX Transport Error
• Memory Error On Line
• Stack Overflow Error
• Authentication Failure Error
• Validation Error
• Bad Parameter Error
• Page not found error

Contacts

• My Contact File or Address Book won’t import to Facebook
• Remove Imported Contacts
• I tried to use the Friend Finder

Ads

• Adverts: Report an advert enquiry
• Your Facebook adverts success story
• Facebook Adverts credits enquiry
• Report a Facebook Advert
• Report an advert from an application

Inbox

• Inbox
• Inbox not loading
• Oops error when reading messages
• Inbox retrieval error
• Unavailable message threads
• My inbox keeps telling me I have an unread message

News Feeds

• News feed shifted down
• Blank News Feed

Home Page

• Home Page
• Your Home Page feedback

Wall

• Overlapping comments
• Older Wall posts are not displayed
• No older posts link
• Posts not appearing In News Feed
• Wall posts disappearing
• Wall is not visible to friends
• Wall

Notifications

• Not receiving site notifications
• I’m not receiving email notifications

Disabled Account

• My Personal Profile was Disabled
• My Facebook Page was disabled
• Delete my account

Lost Content After Reactivated Account

• Content lost through reactivation
• If content still has not been restored within 24 hours – Fix button
• Pages I Admin have disappeared
• Pages still not restored – Fix button

Chat

• Chat disconnection
• Chat bar not loading
• Online Friends Appear Offline
• Chat

Suggestions

• Your Home Page suggestion
• Your Inbox suggestion
• Your Profile suggestion
• Your Search suggestion
• Your Chat suggestion
• Your Events suggestion
• Your Groups suggestion
• Your Photos suggestion
• Your Video suggestion
• Your links suggestion
• Your Notes suggestion
• Your Mobile suggestion
• Your pages suggestion
• Your Privacy suggestion
• Your email feedback
• Your application feedback
• Your general suggestion

Hacked

• My account has been hacked and I have access to my login email address
• My account has been hacked and my login email address has been changed
• My account has been hacked and I don’t have access to my login email address
• My friend’s account has been hacked

Scam

• 419 Scam
• 419 Scam — friend report
• Report a malicious link or website

Death

• Report a deceased person’s profile
• Report suicidal content

Illegal

• Report a convicted sex offender
• Terrorist Content

Minors

• Report an unauthorised photo – under 13 year old child
• Report unauthorised content – under 13 year old child
• Report an underage child
• Child data request
• Report an underage child (Spain)

Copyright Infringement

• DMCA (United States Digital Millennium Copyright Act) Notice of Copyright Infringement
• Notice of Intellectual Property Infringement (Non-Copyright Claim)
• Notice of infringement by a third-party application
• Report an infringing username
• DMCA Counter-Notice (for copyright claims only)

(These links are correct at the time of publication)
If you have found another Facebook contact form that I have missed.. please leave a comment below.

Read More

Earn online money in Pakistan

Tweet

I have posted about earning through internet in Pakistan a few days ago and received a lot of response but that time I was really very busy so I have given just one class on it only to those persons who used Contact Us form and write to me directly but now I am totally free and I have decided an online class tomorrow at 8:00 pm according to Pakistan Times.

Its really easy to earn online money.We have seen a lot of things related to online earning but usually we believe that these are all scam .... don't pay .....

That's not right at all ..... people are earning handsome amount through online earning without any effort ...... particularly INDIANS .... they are earning a lot from internet ..... we are going to make a campaign through which we will make PAKISTANIS to earn big through internet so if u r with us then join hands .....

Timings

Timing : 8:00 pm according to Pakistan Times.

Please make sure to come online exact on time as I will not respond to late users.

Procedure to attend

• You should be a PAKISTANI as this is totally about the people of PAKISTAN.
• First of all come to the CHAT ROOM and I will ask some questions and will provide you the access to the main chat room if I find that you are really interested and not here for just time waste.
• In the main chat room ,we will start the class at exact 8:15 pm (according to Pakistan Times) .
• This class is only for 10 members and selection is on the basis of first come first serve because I dont want to handle more people ,it mostly creates fussiness ( my past experiences are really bad ).
• You can also use Contact Form but in the message tell me in detail about your city and occupation and first preference will obviously be given to them. So hurry up guys !!!

Note : If you dont receive any invitation then dont be upset as I have said I am free these days I will setup at least 5 such meetings so to give this knowledge to maximum PAKISTANIS.

Read More

Check if your computer is infected or not using Backtrack [VIDEO]

Tweet

Hey guys how you been ?
Hope everything allright :D

well here is another tutorial you might enjoy .. give it a try

VIDEO

For download links of those tools visit : http://www.pwnscar.in/2012/04/check-if-your-computer-is-infected-or.html



Stay Tuned !!
Thanks :)

Read More

Scanning websites with Vulnerability master.

Tweet

Hey guys... in this post m giving u a video which is made by Danial shaikh. He used a tool called Vulnerability Master to scan the web and very successfully scanned it! Enjoy

video

Thats all for this post.

Stay tuned ! And thank you !

Read More

Write Anything in Your Facebook Status in Blue Link Style

Tweet

In my previous post I have shared such a trick but soon it was blocked by facebook as they upgraded the site. Now I have found another script with which we can do the same thing easily lets check it out .We have seen that these days people usually tag different pages in comments and status in Facebook but usually its very difficult to find the related page which we want to tag, like once I want to tag a page some thing like "WHAT A SHIT??" but I didn't find it.So here's a simple trick to write whatever you want to write in blue link style to make fun of your friends ;->

Steps to Follow

• Copy the following code and Paste this on your status or in your comment :

@[1: ]@@[1:[0:1: Your Text Here ]]

• Replace "YOUR TEXT" with whatever you want to write in "BLUE"... " . 

NOTE : Works Only On Profile Walls Not in Groups.

Check the example

• As an example check this :
• When I paste this as my status :

•  It appears like this ..... ;))

•  Enjoy guys .... and don't forget to make comment .... :))

Read More

How to do Post exploitation with metasploit

Tweet

How to do Post exploitation with metasploit

Hey guys , how u been. this is a requested tutorial .
I made a tutorial before some days on how to hack a computer with metasploit . In this video i explained what else interesting things you can do after you break-in or in other words POST EXPLOITATION Techniques .
Hope you guys enjoy it .
There are some really cool things in the video ;-)

VIDEO

Guys plz comment and share and like .... thanks
Stay Tuned !!!!

SUBSCRIBE TO MY CHANNEL FOLKS :)


Copyright © 2012. All rights reserved by “Kumar Sourav"

Read More

Effective DoS /DDoS with slowloris

Tweet

Effective DoS/DDoS with slowloris .

Hey guys how you been ? well if u ask about me ... i'll say " hahahaha.. " :D
anyway in this post i'll explain how to use slowloris.pl for DoS or DDoS attacks. Slowloris is very effective in DoS.

VIDEO

slowloris download

You can download slowloris.pl from HERE.



Hope you guys enjoyed it . Thanks for watching .
Stay Tuned !!!
(comment and like plz )


 Copyright © 2012. All rights reserved by “Kumar Sourav"

Read More

Command Prompt Tricks+Hacks Premier | part 1 ~ HACK WITH STYLE

Tweet

Command Prompt Tricks+Hacks Premier | part 1 ~ HACK WITH STYLE

Read More

Command Prompt Tricks+Hacks Premier | part 1

Tweet

Hey guys how you been ? Hope you rockin it ;-)
Its been requested to make post on Command prompt commands , usage and other tricks. So i'll cover this part in parts .
Anyway if you want to know how to get IP then i have already posted on that , here is the link

>>Get IP of remote PC

Basic commands

• dir : it lists all the files and directory in current location
• cd : it takes the control to specified path. eg- suppose you are at c:\> and you type command cd users\public then it'll take you to c:\Users\Public>
• cd.. : it takes you one directory back
• systeminfo : it gives you all the information like processor,speed,hotfixes,RAM,hard-disk etc
• md  : it makes a folder of a name which u have to specify. eg md hello
• color : sets the color of command prompt and its text
• echo : it displays the message 
• echo message >> name.txt : it saves the message you have written to a file ,in this case , name.txt. 

SHUTDOWN

you can use command shutdown with various parameter . eg >>shutdown /s

• /l : it loggs you off
• /s : it shutdowns the computer
• /r : restarts the computer
• /a : it aborts the shutdown. suppose you have used shutdown /s . it'll shutdown the computer in less then a minute and within that minute if you use shutdown /a then the shutdown process will be aborted
• /p : turn offs the computer without any delay
• /h : it hibernates the computer 
• /s /c message : this combination shutdowns the computer with a message which you have to specify
• /m : it is used to shutdown a remote computer but for that you have to know the login ID and Password of remote computer :-)

SPECAIL COMMANDS

THERE ARE TWO COMMANDS WHICH ARE HELPFUL IN EVERY SITUATION

• HELP : THIS DISPLAYS ALL THE COMMANDS YOU CAN USE
• command /? : this is used to get the information about the specified command . suppose you want to know about md then you have to type md /?  and it'll display the information about that command.

These are very basic commands remember these . In next post i'll start batch file programming.  batch files are really interesting :-)


Hope you enjoyed this .. thanks for reading :)
Stay Tuned !!!
(comment and like plz )


" Copyright © 2012. All rights reserved by “Kumar Sourav"

Read More

Access any other computer over the internet.

Tweet

(For google chrome users only)

Access other computers or allow another user to access your computer securely over the Internet

Chrome Remote Desktop Beta enables you to enlist the help of a trusted resource for help in diagnosing and resolving problems with your computer through the internet.  Using Chrome Remote Desktop you can share access to your computer with an individual you trust, who will then be able to view your computer screen and control your computer remotely, just as if they were sitting beside you helping in person.  Sharing is fully secured, access is given only to the specific person you identify, and only on a one-time basis. If you are an IT helpdesk professional, Chrome Remote Desktop provides you with a simple and secure means to troubleshoot and resolve problems with your users' systems without having to leave your desk.

Chrome Remote Desktop is fully cross-platform, so you can connect any two computers that have a Chrome browser, including Windows, Linux, Mac and ChromeOS machines.  

                                         Get Chrome Remote Desktop Beta

I hope you guys enjoy it  :)

Regards,

Sheharyar Sikandar

Read More

ARP-DNS Spoofing Attack using Cain & Abel.

Tweet

Hey guys today i'm writing a very simple and interesting tutorial on DNS spoofing or poisoning attack using Cain & Abel.

DNS SPOOFING

DNS spoofing or DNS cache poisoning is a computer hacking attack in which data is introduced into a Domain Name System(DNS) name servers cache database, which causes the name server to return to an incorrect ip address, diverting traffic to another computer.

In simple words, it redirects the traffic to another website.

For example the victim wants to open www.facebook.com but is redirected to www.myspace.com

CAIN & ABEL

                                                                   Download Here

TUTORIAL

• Install Cain & Abel and open it, go to configure and select your adapter.

• Select Sniffer option and then select the start/stop sniffer option from the toolbar. Right click in the white area and then click on scan MAC addreses. 

• After scanning click on the APR option in the left bottom corner. Then click on the + sign in the top and select the computers you want to mess with.

• After that select APR-DNS and again click on + sign to add websites. (Now here i have entered www.facebook.com), then click on resolve and type the website name that  you want to open up instead of www.facebook.com. (i have given www.myspace.com)

• Now click on the start/stop option. 

• Now wait for a minute and see what happens to the victim. (In my case when the victim will open www.facebook.com he will be redirected to www.myspace.com). You can use any websites of your choice.

VIDEO TUTORIAL

So this is it guys, hope you like it, comment for any queries  :)


Regards,
Sheharyar Sikandar

Read More

BackTrack 5: Using Metasploit to Hack computers

Tweet

BackTrack 5 : using Metasploit

Hey guys , how u been. Long time since i posted . anyway m back with new tutorials :)
some day ago smarty ujjwal suggested me that i should make videos with explanation by myself instead of putting songs . So thanks to ujjwal and here i am with my first video on how to hack PC on your LAN with metasploit.   Although i used xp cause this is for education purpose. Anyway , you'll the idea on how to use metasploit.


 i dont want you guys to be a script kiddie and use watever u see , i want you to do a little research and make a better hacker :)

Video

Guys plz comment and share and like .... thanks
Stay Tuned !!!!

SUBSCRIBE TO MY CHANNEL FOLKS :)


Copyright © 2012. All rights reserved by “Kumar Sourav" & "xeo hacker" 

Read More

Convert a text into mp3

Tweet

Hi friends,

Today i'm sharing a website with you, its specially for those of you who want to convert their text  into  .mp3.
You just copy and paste your text or may be type the text in their given space and you can get it downloaded in mp3.
No matter how long the text is, it will convert that. You can also select between male and female voice and also you have multiple languages option. So here is the link,

  http://www.vozme.com

Hope you guys like it :))

Thanks,
Sheharyar Sikandar

Read More

Hack Wi-Fi named blink/thomson : tutorial by Michel Daoud

Tweet

Hey guys , how you doing ?
hope you all fine . well its long since i posted . Actually m doing a little research on something. Soon i'll post tons of stuffs.

WELL HERE IS A TUTORIAL MADE MY Michel Daoud ! Hope you guys appreciate his work.

Intro

Ok so in this video he show you how to get password of wi-fi network if it name starts with blink or thomson !

Video

Thats all guys :-)

Stay Tuned !
and say thanks to Michel Daoud ! :-)

thanks for watching

Read More

Hacking into someones pc using keylogger.

Tweet

Hi friends this is Sheharyar Sikandar, hope u all are doing well :)
This a revised version of our post on hacking into someones's pc using keylogger. A lot of people have been asking about the newer cracked version of  keylogger. We had already provided you guys with ardamax keylogger 2.9. So now im posting ardamax keylogger 3.8.9.            

Ardamax keylogger 3.8.9

                                                 Download here


    Install the keylogger and register it using given key.

Remote installation

• Make account on any web hosting site like  www.000webhost.com
• Go to FTP options and make new dir 
• Now go to Remote installation option,
• Once its open, click next 
• Keep the installation folder to windows system folder, additional components to log viewer, check the box that say append the keylogger engine to file and select the file (This is optional, if you select any file here, it will also open once the keylogger file is opened), click next
• Check all boxes in inadvisability, click next
• Enable security, keep any password, check all boxes and click next
• Leave the options to default (you may change them according to your wish), click next
• Check send logs and select your desired time after which the logs will be sent to you, select delivery method to FTP, log format to HTML, and in include select everything as per your wish, click next
• Now you have to give your web host details. In send to enter your webhost address like http://ftp.000webhost.com, then your username and password of that web host and then your dir name in which you want the logs to appear, test it, if it connects then click next, otherwise you might have made some mistake there, so review.
• Then select the controls, screenshots, webcam, destination, icon as per your wish (icon should be such that it can trap the victim easily)
• Click finish and here you are done with you remote keylogger file.

Now all you have to do is share this file and make someone open it. Once its opened you will start getting the logs on your FTP host.

VIDEO TUTORIAL

Note : Any anti virus can detect this file, so if  you are smart enough to make the victim turn off his anti virus and then open it , thats really cool, otherwise if you want it to go undetected then you will have to crypt it. For that you will have to use any FUD (Fully undetectable ) crypter.

What is FUD crypter?

A FUD crypter is a software that can be used to encrypt your executable files, so that they can become undetectable with Antivirus & Anti-Spyware programs.
These executable files are mainly viruses, RATs, Keyloggers and other spyware programs.

Any FUD crypter stays undetected for a week or two and then the antivirus can detect its crypted file again. 

I couldn't find any working FUD crypter rightnow, but i will update you guys with a working FUD crypter soon :)


Feel free to comment about any of your queries .

                                                                                 

Read More