Saturday 18 August 2012

A protection check list

Here is a checklist of things you can do to make password cracking more difficult:

Audit your organization! Do a walk through and make sure passwords are not stuck to monitors or under keyboards.
Set up dummy accounts. Get rid of the administrator (or admin) account or set it up as a trap and audit it for attempts.
Use strong, difficult to guess passwords, and never leave a console unlocked.
Backups are necessary in case you are compromised. You need a working set of data, so make sure you have it. Keep the tapes secure too, or the data there will be compromised as well.
Prevent dumpster diving. Don't throw sensitive information away; shred it or lock it up.
Check IDs and question people you don't know. When you have visitors, check them out and make sure they belong.
Educate your end users. Make sure they aren't prone to social engineering and educate and remind internal users of the company's security policies.

Tools of the trade

One of the most popular tools is L0phtCrack (now called LC4). L0phtCrack is a tool that allows an attacker to take encrypted Windows NT/2000 passwords and convert them to plain text. NT/2000 passwords are in cryptographic hashes and cannot be read without a tool like L0phtCrack. It works by attempting every alphanumeric combination possible to try to crack passwords.

Password cracking doesn't always involve sophisticated tools. It can be as simple as finding a sticky note with the password written on it stuck right to the monitor or hidden under a keyboard. Another crude technique is known as "dumpster diving," which basically involves an attacker going through your garbage to find discarded documentation that may contain passwords.

Of course attacks can involve far greater levels of sophistication. Here are some of the more common techniques used in password cracking:

Steganography

NEW TRICK FOR HIDING FILE

Encrypting and decrypting any data has been very old fashion in today’s era. Technology has developed so much that these are something in reach of every Tom, Dick and Harry. So, to be an odd one out in this era, we have to do something new…like Steganography. This is an art of hiding data into data. Merely Steganography is an idea developed in 1950 by a chemical engineer who invented a new way to write with invisible ink between the lines, by scientist Morse. From that era, till today much more have been developed.

Steganography is the science of hiding information. Whereas the goal of cryptography is to make

TYPES OF HACKERS

White hat
A white hat hacker breaks security for non-malicious reasons, perhaps to test their own security system or while working for a security company which makes security software. The term "white hat" in Internet slang refers to an ethical hacker. This classification also includes individuals who perform penetration tests and vulnerability assessments within a contractual agreement. The EC-Council, also known as the International Council of Electronic Commerce Consultants has developed certifications, course ware, classes, and online training covering the diverse arena of Ethical Hacking.

C PROGRAM

C PROGRAM FOR CREATING A SIMPLE CLOCK

This is a simple program which will show you the current time and the clock will keep ticking.

It actually picks the time from the system clock and then display it on the console.

Here is the code of the your home made clock.

ABOUT CHEAT ENGINE

Cheat Engine is an open source tool designed to help you with modifying single player games running under windows so you can make them harder or easier depending on your preference(e.g: Find that 100hp is too easy, try playing a game with a max of 1 HP), but also contains other useful tools to help debugging games and even normal applications.

Download Cheat Engine from

ABOUT PHISHING

The problem with phishing is that most of the people are unaware of the whole issue of phishing. Web users, who are already in threat from various elements like virus, spyware etc, are facing a larger threat than any of them, but what is phishing? And how can it harm you? These are the questions, which will be answered in the next few lines.

Phishing

Phishing is an online scam, where people associated with it pose as legitimate website or links and ask for the details of the user, like the personal, contact and financial details. Then they

SET YOUR NAME ON YOUR WELCOME SCREEN

Open Notepad
Paste the bellow code in NpDim speaks,

speechspeaks="Welcome Back, Username"Set speech=CreateObject("sapi.spvoice")speech.Speak speaks

Replace Username with your Name

HOW TO MANUALLY DELETE AUTORUN VIRUS

Once it happened to a friend of mine, when his newly bought laptop was infected with this autorun.inf virus. This virus corrupted almost all the drives on the Hard disk, and when ever he tried to double click on the drive or opening any drive it opened in a new window. In some cases, when your drive is infected with this Autorun.inf virus, you won’t be able to access the drive completely. You have to browse the drive by Exploring it i.e; Ctrl+E keys from the keyboard.

ABOUT NETWORK HACKING

Network Hacking is any technical effort to manipulate the normal behavior of network connections and connected systems.

Hacking on computer networks is often done through scripts or other network programming. These programs generally manipulate data passing through a network connection in ways designed to obtain more information about how the target system works. Many such pre-packaged scripts are posted on the Internet for anyone, typically entry-level hackers, to use. More advanced hackers may study and modify these scripts to develop new methods. A few highly skilled hackers work for commercial firms with the job to protect that company's software and data from outside hacking.

Network Hacking is generally means gathering information about domain by using tools like Telnet, NslookUp, Ping, Tracert, Netstat, etc.
It also includes OS Fingerprinting, Port Scaning and Port Surfing using various tools.

Ping :- Ping is part of ICMP (Internet Control Message Protocol) which is used to troubleshoot TCP/IP networks. So, Ping is basically a command that allows you to check whether the host is alive or not.
To ping a particular host the syntax is (at command prompt)--
c:/>ping hostname.com

Various attributes used with 'Ping' command and their usage can be viewed by just typing c:/>ping at the command prompt.

BRUTE FORCE ATTACK

In cryptanalysis, a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example, exhaustively working through all possible keys in order to decrypt a message.Well, to put it in simple words, brute-force attack guess a password by trying all probable variants by given character set. Eg. checking all combination in lower Latin character set, that is 'abcdefghijklmnopqrstuvwxyz'. Brute-force attack is very slow. For example, once you set lower Latin charset for your brute-force attack, you'll have to look through 217 180 147 158 variants for 1-8 symbol password. It must be used only if other attacks have failed to recover your password.For attacking any account using this technique you should need high patience and it will take a lot of time depending upon the number of characters.

HOW TO CONVERT FAT INTO NTFS

To convert a FAT to NTFS System file, follow this step:
This tutorial will show you how to convert FAT or FAT32 Volume to NTFS Format.

Carefully read:
Backup your any important data before doing this we highly recommend to do so because
there is a chance to corruption or data loss during the conversion is minimal, So we recommend that you perform a backup of the data on the volume that you want to convert before you start the conversion.
Now I’m going to show you how to convert Fat,Fat32 to NTFS format by 5 steps:
First Click “Start” , Then “All Programs”, “Accessories”, and then click “Command Prompt”. (open with admin right)
Type following command to covert FAT to NTFS
convert drive letter: /fs:ntfs
Ex: convert d:/fs:ntfs
If the operating system is on the drive that you are converting, you will be prompted to schedule the task when you restart the computer because the conversion cannot be completed while the operating system is running. When you are prompted, click “YES”.
When you receive the following message at the command prompt, type the volume label of the drive that you are converting, and then press ENTER:
The type of the file system is FAT.
Enter the current volume label for drive drive letter
When the conversion to NTFS is complete, you receive the following message at the command prompt:
Conversion complete!!

Monday 18 June 2012

BOOTABLE PENDRIVE

Installing Windows from a USB flash drive has several advantages – First of all, the overall speed of the installation process will increase significantly, carrying a USB stick is much more convenient than a DVD, and finally it becomes possible to install the OS even on those systems that do not have a DVD drive, such as a netbook.

In this post, I will show you how to load the Windows installation on to your USB flash drive and make it bootable just like the DVD.

C LANGUAGE VIRUS

Open the Notepad and copy the below code into it:

HOW TO REGISTER IDM FOR LIFETIME WITHOUT ANY SOFTWARE

Hello Friends, today i am going to explain how to hack or crack Internet Download Manager (IDM) manually. IDM is the best Internet download manager available on internet but its not free and its cracked or patched versions contains viruses.

NO MORE WARNING OF FAKE SERIAL KEY AT ALL….

internet download manager idm

Using this hack you can register the Internet Download Manager (IDM) for free using you own credentials i.e register on your Name and email ID.

CMD COMMANDS

COMMANDS THEIR FUNCTIONS

ADDUSERS Add or list users to/from a CSV file

ADmodcmd Active Directory Bulk Modify

ARP Address Resolution Protocol

ASSOC Change file extension associations•

ASSOCIAT One step file association

ATTRIB Change file attributes

How To Hack Content Advisor Password

Content Advisor is a feature in Internet Explorer that allows supervisors to restrict the web sites that the users can browse. The supervisor can set a password in order to prevent from other users from changing the Content Advisor properties.

Weel, for this, We need to edit the registry..So First of all Backup Your registry.
Right After That, u need to do d following.

Open regedit ( Press WINDOW Key + R, Type regedit.exe ), and browse to

HOW TO SAVE A VIDEO WITHOUT DOWNLOADING

Download the software from here:- http://www.nirsoft.net
NAME OF SOFTWARE:- "VideoCacheView"
After watching a video in a Web site, you may want to save the video file
into your local disk for playing it offline in the future. If the video
file is stored in your browser's cache, this utility can help you.

NEW FUNCTION OF FUNCTION KEYS

Function Keys, F1, F2, F3, F4, F5, F6, F7, F8, F9, F10, F11, F12

Every one of us has seen these 12 function keys on the Keyboard. Does any1 use that daily? .. DO you all thought of why those keys are there. Aplications of them??... how many of us used these keys to have our jobs performed easier? These function keys perform different functions in different applications and programs. In combination with other keys these function keys perform different functions differently. For the benefit of all of us I have codified the ‘Function Keys’ performances.

What is a botnet?

A botnet is where you send a trojan to someone and when they open it a "bot" joins your channel on IRC(secretly, they don't know this)Once done the computer is now refered to as a "zombie".
Depending on the source you used, the bot can do several things.
I myself have helped write one of the most advanced and secure bot sources out there.
(Off topic)

What is SQL Injection? and how to find SQL vul Site and DOrks

SQL ( structure Query Language) is a technique to attack database of the website which can contains usernames, Passwords, Credit card Info and other confidential data.It mainly occur in the web application. It occurs when there is a bug in the my SQL syntax. By this attacker enter into the database and cause damage to the site. The main reason for sql injection because the admins don't pay that much attention to the security of the site.
You can hack Site by the followings methods ( mostly used )

Manual SQL Injection

How to hack facebook accounts by Tabnapping

Today i am going to teach you How to hack “Facebook” accounts by Tabnapping. I am going to share my private Tabnapping files with you guys . You just have to download and Follow these simple steps

*Download phishing files from here :- Click here

Best keyloggers for hacking Accounts

Hello friends today o am going to share the Best Key loggers for hacking email accounts. Keylogger are the tools which are made for capturing the keystrokes and send them to the attacker by email or ftp port. In Keystrokes attacker also get the username and password typed by the victim of Facebook , gmail , Credit Cards etc..

So here are the Best Key loggers and mostly used by the hacker to Hack the Email accounts :-

Emisarry Keylogger :- A small and easy to use key logger for hackers .
download link :- www.4shared.com/zip/5bQwn_BJ/emisarry_keylogger.html

Maya is a password stealer By the Prince-Ali . It is used to steal the stored passwords in the web-browsers . It is very efficient tool for hacking the Email accounts. It is very easy to use. Just in simple three steps you are able to create the server of this trojan. It also acts as a keylogger and send the Log file via three methods :-

Mail Delivery
PHP Delivery
Save locally.

How to setup the Maya By Mail Delivery

Data Tampering :- Tampering data we use it when we have access to the admin panel. then we try to upload our shell but it doesn’t allow it to upload the shell as extension .php .Then we are not able to deface it. In that case we use Data Tampering to upload our shell and make it perfectly executable. By Data Tampering we can change the file extension by the Add on of the Firefox called ” Data Tamper “.
Things required for Data Tampering

FireFox
Tamper Data Add on for firefox (Click here to get)
Site ( In which you want to upload shell )

How to hack a whm panel by lfi exploit

How to Hack a WHM Panel By Lfi Exploit

WHM ( Web Host Manager ) is a reseller account in which the sites are hosted. If a attacker gets the access to the whm panel he can deface all sites hosted in the WHM panel. There are many exploits for hacking whm panel this time i will teach you how to hack a whm panel by LFI exploit. Local File Inclusion in the cart.php file of the site.

Things you required :-

A lfi vulnerable whm site ( cart.php )
A lfi exploit ( cart.php?a=projectx&templatefile=../../../configuration.php )

Dark Comet is a remote administrative tool. It is one of the best and awesome tool for hacking PC.
It is easy to use. It has been great and mostly used for hacking PC’s . Dark Comet is Coded on Delphi XE and Delphi 2007 . It steals the keystrokes and records the desktop. You can even also damage the victim PC by this great efficient tool.
Download the Dark Comet 5 from here .

How to setup the Dark Comet 5 for hacking email accounts & PC

After downloading the tool. Open it >Click on Dark Comet Rat> Client Settings> No ip updater

UNINSTALL DEEP FREEZE WITHOUT PROGRAM

You can uninstall deep freeze without using any programs or bootble disc to delete the driver and keys. Here's what I did when I hack a windows xp in an internet cafe. You should be quick to do this or else failure.

1. Just goto bios setup and change the date 3 years backward from now because deep freeze doesn't exist that year save it and restart your computer.

2. After restarting your compute r press F8 to select the boot option. Select Windows Debugging mode.

NEW LIST FOR FACEBOOK smilies:

Hello Readers After searching a lot came up with these new facebook Chat Codes !

Smiley Description Code
Smile – smiling face [[F9.laugh]] Sad – sad emoticons [[F9.sad]]
Angry – face red with anger [[F9.angry]]
Kiss – Kiss [[F9.kiss]]

Reaver – WiFi Protected Setup Brute Force Attack Tool

Reaver implements a brute force attack against Wifi Protected Setup (WPS) registrar PINs in order to recover WPA/WPA2 passphrases, as described in http://sviehb.files.wordpress.com/2011/12/viehboeck_wps.pdf.

Reaver has been designed to be a robust and practical attack against WPS, and has been tested against a wide variety of access points and WPS implementations.

On average Reaver will recover the target AP’s plain text WPA/WPA2 passphrase in 4-10 hours, depending on the AP. In practice, it will generally take half this time to guess the correct WPS pin and recover the passphrase.

sqlmap 0.9 Released – SQL Injection Tool

sqlmap 0.9After a year of hardcore development, sqlmap 0.9 is out!

Introduction:
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a kick-ass detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.

WEP Crack

WEPCrack is a tool that cracks 802.11 WEP encryption keys using the latest discovered weakness of RC4 key scheduling.

Tool Capabilities :
The current tools are Perl based, and are composed of the following scripts:
1) WeakIVGen.pl – This script allows a simple emulation of IV/encrypted output that one might observe with a WEP enable 802.11 Access Point. The script generates IV combinations that can weaken the secret key used to encrypt the WEP traffic

ACTIVATION

WINDOWS 7 ACTIVATION

Friends today i'm posting a cool trick to activate the windows 7 and make it registered with you own name,

This is the patch of windows 7,its easy to use and it will register you windows within 2 mints,

you can download it free from ziddu:

http://www.ziddu.com/download/15292105/Windows7.Activater.v1.76.rar.html

(based on book with full instruction)
INFO
DOWNLOAD LINK GIVEN AT LAST LINE
1) Unzip and install Commview, then paste the included "cv.exe" to the directory you installed it to (c:\program files\commviewwifi)

2) Open commview and install the commview drivers to a card. It should prompt you about your card and than automatically install the driver. It is important that you have 1 card that works with commview or else the rest of the tutorial will not work