Friday 28 December 2012

How to hack a website with Havij – SQL injection




Welcome to hackers World!!!!!


SQL Injection is one of the most found vulnerabilities in the websites and web applications. Developers know how to kow the website but they eaasily forget to filter the date sent to the website in forms and queries. This mistake makes website vulnerable to SQL injection. i am gloing to write about the most famous SQLi Tool which do all the work for you and extract the whole database of the vulnerable website.
If you do not have Havij, then download fromthe given link.
Download havij
Now run the tool in your system. I am not including the detailed snapshots because i do not want to target on a website at a public post.
Enter the target URL with a query string as a get parameter. http://targetwebsite.com/index.aspx?id=12
Then click on analyze.
The tool will scan the website and will give the details about the server and technology it is using.
After the tool had done with its work and found the name of the database.
Now click on Tables to fetch the tables of the database. After the tables have been retrieved by the tool, you can easily fetch the data inside the tables.


Thanks for reading this article…..Hope you will like this post!!!!!

Be a Good Hacker and save the nation!!!!!


Thanks & Regards
Tarun Arora
Tarora89@gmail.com


Posted by at 09:13 0 comments

Friday 14 September 2012

Ankit Fadia's Website Hacked Again


Welcome to Hackers World!!!!!




Shocking News for Ankit Fadia’s Fan

India's popular security expert Ankit Fadia's official website (AnkitFadia.in) hacked again by Ganster. This is not the first time his website had been hacked. His website has been hacked countless time by many hackers around the world.

Hacker had also added a nice deface page which was later changed and the website is currently in the suspended mode.



You can also see the deface page mirror at the link below.


http://indonesiandefacer.org/mirror/2012/09/ankitfadia.html 

Ankit Fadia is a self claimed hacker who know nothing other than claimaing. He claimed many things but don’t know anything. Yeah, at this stage when he has to go for workshop around the India, he has learnt many things but all those things are kids play. All his books are copy pasted and are the biggest example of Plagiarism. There is not a single work of him in the security field has been identified. All his claimes have been found wrong. But he is able to market himself by the power of money.

This is the reason why hackers always target him. A hacker named Himanshu also hacked the server of Ankit Fadia and got the part of his upcoming book. 



Thanks for reading this article.....Hope you will like this!!!!!



Be A good Hacker and Save the Nation!!!!!

Thanks & Regards
Tarun Arora
Tarora89@gmail.com



Posted by at 23:33 0 comments

Friday 7 September 2012

Comodo Dragon Popular Security Browser




Welcome to Hackers World!!!!!

Hi Friends, After a long time I have brought for you a Popular security software developer Comodo has developed a Chrome remix said to have higher security features than its predecessors. Comodo Dragon is an aesthetically minimalist browser that is attractive, responsive, and secure.
Apart from the red hue, the Chromium-based browser's interface is identical to that of market contender Google Chrome. From the detachable tabs at the top of the screen to the bookmark-syncing option, it is impossible to instantly recognize where the "remix" takes place. The Help tab even redirects you to Google Chrome's Help page and the Extensions tab redirects you to Google as well. It also keeps Chrome's incognito mode option, where all browsing information and cookies are deleted following the user's Web session. Upon poking around the Options menu, there are a couple of visible differences: there are no location settings and Dragon does not present an option to send "usage statistics and crash reports to Google."
A browser developed by a company that is best known for its firewall software can leave people feeling more secure about their Internet usage. Comodo Dragon will pull up a bright-yellow caution message warning people that sending information may be unsafe when they are entering a Web site with an unstable security certificate. One such message pops up even when logging into large sites like Facebook. Also, Dragon does not send browsing information to a remote server.
Based on simple timer tests run on Microsoft Windows XP Service Pack 3, the average cold start-up time was 4.53 seconds, warm start-up was 0.92s, and navigation time from nytimes.com to facebook.com was 0.87s. Comodo Dragon proves to have slightly faster page-loading speed than Google Chrome 5.0.375.70, which had results of 5.71s, 1.27s, and 1.23s, respectively. However, in Sunspider JavaScript benchmark testing, Comodo Dragon received an average score of 929.6 milliseconds, whereas Google got 734ms. Based on these results, Google may have faster JavaScript performance than Comodo.
Dragon is not only fast, but like Google Chrome, it is not strewn with numerous icons, leaving more room for Web viewing. For those who are extra cautious about their online security, or for those who are worried about Google's data-mining, this fast browser is a great choice. 



Thanks for Reading this article…hope you like this!!!!
Be a Good Hacker and save the Nation!!!!!

Thanks & Regards
Tarun Arora

Posted by at 00:38 0 comments

Friday 10 August 2012

Hack a PC by USB




Welcome to Hackers World!!!!!

Hello friends this is very useful post for you,Hacking passwords or any information using USB(pendrives).Here is the small tricks guys for stealing information or passwords of your friends or enemies using pendrives...


Download this software:

http://www.ziddu.com/download/20089328/USBSwitchblade_noU3.rar.html
  1. Extract it.
  2. open pcinfo
  3. select all the files and paste it in ur USB(pendrive)
  4. it in the pc u wanna hack...
  5. Open the USB drive, give it 5 sec and and your job is done...

And now open the dump folder in your pc and u will have all the info u want....


Thanks for reading this article. Hope you will like……..



Be a Good Hacker and Save the Nation!!!!!



Thanks & Regards
Tarun Arora
Tarora89@gmail.com

Posted by at 02:56 0 comments

Saturday 28 July 2012

HOW TO HACK GMAIL AND FACEBOOK WITH BACKTRACK 5




Welcome to Hackers World!!!!!

 
Requirement 
Attracker :: Backtrack 5

Open Backtrack
Type ifconfig to check IP

 Now Again Open Your Backtrack terminal and click on application-backtrack-exploitation tool-Social Engineering Toolkit-SET

Now SET tool kit is Open
 

  Choose option 2, Website Attack Vectors


  Choose option 1, Social Engineering Attack

 Choose option 4, “Tabnabbing Attack Method
Choose option 2, "Site Cloner"

Enter the URL of the site you want to clone. In this case http://www.facebook.com and hit enter.

 Now send your IP to victim and when victim open IP is browser a fake Facebook page start working and when user input Username and Password in fake page. The Username and Password displayed on SET.


 Thanks for Reading this article.Hope you will like this……..

 Be a Good Hacker and Save the Nation!!!!!


Thanks & Regards
Tarun Arora
Tarora89@gmail.com










Posted by at 04:24 0 comments

Friday 13 July 2012

Network monitoring software


Welcome to Hackers World!!!!!

1. Employee monitoring software and network monitoring software are becoming more and more popular recently. With the tendency of improving productivity, the employers have paid more attention to their employees' working efficiency.
2. OsMonitor is the powerful employee monitoring software for companies in all size. OsMonitor is also a powerful network monitoring software you have been looking for. OsMonitor employee monitoring software records and tracks computer activities such as screenshot, IM conversation, website visited. You can find every detail about your employees' PC and Internet usage on server, and prevents them from doing something that is not allowed as well. OsMonitor is a guard of high productivity and internet security.
3.With OsMonitor employee monitoring software, you can view and record your employees' PC activities such as their online conversation, the documents they processed, the websites they visited, the software they ran, the emails they sent, the business information in their computer and even the screenshots of their online activities.



 
The effect of screenshot monitoring view

 4. OsMonitor is a kind of friendly network management software designed for LAN environment. It adopts client-server mode with one server monitoring all client computers. OsMonitor is suitable for the environment of LAN, which is a kind of fool-style network management software. It is in the working mode of Client/Server, using a server to monitor all network clients. Its features are as follow:

 
1. Forbiddance, restriction, surveillance and monitoring. The settings on all client computers take effect automatically following the server. It's much easier for you to manage and monitoring your employees' activities by setting up everything at one time. You don't have to do settings on the clients one by one.
2. OsMonitor has no specific any requirement for the target computers, network structure, distribution and it is fully compatible with all versions of operating system. High security with the hidden running in client PCs' background and can never be closed by Windows task management. . 
3. Block any chatting program like AIM, ICQ, MSN, any downloading program like Bit Torrent and any P2P software which occupy company’s bandwidth.
4. Forbid any USB ports and any USB storage device, such as portable hard disk and flash memory disk, etc., to avoid confidential information leak. Record all of the AIM conversation, Google Talk, ICQ conversation and MSN messenger conversation.
5. Forbid surfing on the Internet. It can assign which particular computers and employees can access to Internet, when the employees can access to Internet, and which particular Websites cannot be accessed, such as sex sites, stock sites and more. It also can grant access to or block some particular websites as well.
6. Forbid installing illegal software like games. Only permit working related software, for example, you can allow your employees' computer only run Word or Excel, in that case, other programs are not allowed running.
7. Do you want to know who is downloading? Which computer is infecting the worm virus? OsMonitor allows you to view the downloading and uploading stream of every employee’s computer. All of the data are saved for your later review.
8. The LAN administrator can control the whole LAN without any difficulty due to the user-defined feature of the forbiddance and surveillance functions. 
9. Record the employees' windows opened, program run, web sites visited and conversation in chatting program.
10. Monitoring files operation, record the files copied, pasted and deleted, and report the information of USB storage devices plugged in. 
11. Besides the instant forbiddance of the employees' appropriate activities, it also saves these records for later review with indices. All of the report forms can be printed in the form of Word or Html.

Main functions of OsMonitor employee monitoring software: restriction and monitoring

Employee Restriction Option

Restrict all chatting tools running. Block chatting, block AIM, MSN, block games, block Internet Games, block special programs, block special software, and block all software you don't want to run. Different employees have different rights. Forbid all online chatting programs like AIM, ICQ, MSN, Google Talk, all games like ICQ game and all unallowed software. It can recognize and forbid the games and the software automatically and intelligently. Employees enjoy their authority level on their Online and PC activities.
Customize white list. You can customize employees' computer to only run software related with work, for example, you can customize their computers to only run Word, Excel, in that case, other software are not allowed to run. (recognize the condition code instead of the application filename.)
Forbid downloading and all P2P software which takes up the bandwidth.
Block USB devices. Block flash memory disk, block CD driver, block USB port to avoid information leak and security threat.
Monitor and restrict accessing the Internet. It can nominate the users, the computers and times for accessing the Internet, and only permit the visit of specific Websites. OsMonitor also can help you to block porn websites and stock websites.
Forbid illegal installation of programs and software like games. Forbid the entrance of safe mode, and any modification on control panel.
Forbid accessing movie and music entertainment online.
Forbid changing IP address illegally and support the binding of MAC address and IP address. It also forbids the illegal disconnection of Lan, which will result automatic turning off. 
All of the functions are controlled by the server administrator without any difficulty.

Employee Monitoring option

See and record all of the widows your employees open, the programs they run, and the websites they visit. With the records are saved in the server’s database automatically for your later review, the employees' working status is easy to be checked.
Document tracking feature allows you to record the files the employees copied to removable media such as USB storage devices, CD, DVD, flash disk, etc. , which are pasted and deleted. You can even record when the removable media was removed from the computer. All of the records can be saved in server’s database for later review.
Monitor and record network card flow of every employees' computer in real time. All the data are saved for your later reviewing.
The employees' screen capture function allows you to view their instant screen (motive picture) via server at any time.
Application installation monitoring function allows you to view the software your employees installed in their computer on OsMonitor Server at any time.
Monitor process. You can view what software is running on your employees' computer on Server at any time and you can end process you want to end.
Monitor chatting conversation. Monitor and record all AIM conversation, ICQ conversation, MSN conversation and Yahoo Messenger conversation, Skype conversation, Google Talk. All the records can be saved on Server database for your later reviewing at anytime.
Backup files. Backup automatically all increased and modified work files (word document, program code, etc.) on Server from your employees' computer.
Email recorder provides you the every details of Emails via Outlook Express or Outlook. You even have the option of recording Email attachment. OsMonitor is the only one software in the world which supports the monitoring and backup of SSL secured Emails.
System information monitoring allows you to check the client computers’ hardware information and the hard disk storage usage.

The function of monitoring Internet activity:

Forbid the sex websites intelligently.
Forbid the URL containing specific words. For example, if you enter ‘girl’ as the key word, any URL with this word will be blocked automatically. 
Only permit some particular websites. If other websites are opened, it will close them and alarm.
Forbid the web page containing specific words. For example, if you enter ‘stock’, ‘game’ and ‘movie’, all web pages with those words will be blocked. If the users try to visit them more than once, it will alarm.

The function of blocking USB storage devices

Block any USB storage devices, like flash disk, portable hard disk, digital camera, mobile phone memory card.
Only forbid USB storage devices, rather than USB mouse, keyboard etc.
Can only monitor the use of USB storage devices, record the files copied without forbidding the use of USB storage devices.

Download  Monitoring Software


Thanks for Reading This Article. Hope you will like…..

Be a Good Hacker and Save the Nation!!!!!


Thanks & Regards
Tarun Arora
Tarora89@gmail.com



Posted by at 01:24 0 comments

Wednesday 4 July 2012

Send & Receive Faxes Online At Free Of Cost


Welcome to Hackers World!!!!!

Fax or Function of Automatic Xerox , this telecommunication system is mainly use for office or business purpose.So people hardly use it for home purpose.Fax is very useful to send office file or any copy.If you are one of the people who send office project via fax to your boss then you can use this method to send fax at free of cost or if you are in hurry to submit some file to your boss but the fax machine goes wrong as you if your file are in a doc format then you can fax it via online without any fax machine.


Free online Fax Sending Service


There are many website who provide you to send fax online , I am just highlighting some of them which are free.
  1. GotFreeFax
  2. MyFax
  3. PopFax  
      In these above three site you have to just put information of sender and receiver then upload your .doc or .pdf file and send fax online.


    Free Online Fax Receiving Service


    If you want to receive Fax online , then there is option to do this , you need to visit eFax ,but the problem is it is free for only 30 days.The best part of this service is
  4. Get a local fax number
  5. Send & receive faxes by email
  6. No risk/no obligation
  7. Secure and private
Free Online Fax Sending & Receiving Using Google Chrome Apps


I have a another one to send and receive free online fax service .This is not a website ,this is a Google chrome apps or extension called HelloFax. Just download HalloFax and install it on Google Chrome to send and receive Fax online just for free.This apps also provide you to Signing documents & filling out forms.







So why use fax machine where you can send it online at free of cost.So next time you need to fax a document of PDF file have a try this service, and comment please if it really work for you.

  
Thanks for Reading this article. Hope you will like.........

Be a Good Hacker and Save the Nation!!!!!

Thanks & Regards
Tarun Arora
tarora89@gmail.com




Posted by at 23:19 0 comments

Thursday 10 May 2012

HOW TO POST PICTURE IN FACEBOOK CHATBOX


Welcome to Hackers World!!!!!


Good Evening Friends, Welcome back to Hackers World. Today i am going to show you how can you send any picture or image in your Facebook friend chat box .

Just Follow Simple Steps :

1.) Open this Website Click Here

2.) Click the “Choose File” Button and choose an image from your computer.

3.) Click the “Browse” button.

4.) After Few Seconds you will get picture code, When You will click on Show Codes .Then just copy it Paste the code to Facebook Chat

Let's Enjoy This Cool Trick Of Facebook  

Thanks for Reading this article.Hope You will like…..

Be a Good Hacker and save the Nation!!!!!


Thanks & Regards
Tarun Arora
Tarora89@gmail.com

Posted by at 07:35 0 comments

Wednesday 18 April 2012

Cracking a Facebook Account


WELCOME TO HACKERS WORLD!!!!

We have discussed alot about popular password cracking methods such as Bruteforce, Dictionary attack and Rainbow tables. However a question I get asked frequently is if it's possible to crack a Facebook account. So I wish to clear concepts related to Hacking/Cracking Facebook accounts. First of all "Hacking a Facebook account" and "Cracking a facebook account" are both different terminologies.

Hacking a facebook account refers to foolproof methods such as Phishing, key logging, Social engineering etc.
However the terminology cracking refers to the methods such as Bruteforce, Dictionary attacksetc.

Brute Force Attacks


Bruteforce is one of the most common and most reliable password cracking methodologies. A bruteforce attack tries all possible combinations against the medium, until the correct password is found. However the problem with a bruteforce attack is that as the password complexity increases, the time taken to crack a password also increases.

The chart above illustrates the time the estimated time taken by a computer in order to bruteforce a password, assuming that if it's capable of trying 10,000 passwords per second. However, the time taken can be reduced by adding the number of processors to the task. Therefore the only flaw with the attack is that it requires lots of potential. 

Dictionary Attacks

The only difference with a bruteforce attack and Dictionary attack is that "A Dictionary attack tries the passwords which we want it to try". Confusing?. In a dictionary attack we have the freedom to choose a huge list of words that people commonly use in their password (Depending upon the situation). The following video will help you understand more about Dictionary attacks.



Is It Possible To Crack A Facebook Account?


Coming back to the main topic of this article. A few hours back while I was watching hacking related videos on securitytube.net, I came across to a video in which the hacker claimed that one can use"Hydra To Crack A Facebook Password". However here is why a bruteforce attack won't work against a facebeook account.



Facebook and all other popular social networking websites lock an email account, after few unsuccessful login attempts. They either have introduced an "Account Lockout Feature" or they either have introduced an "Account Lockout" feature, which prevents an automated password cracking method to work. However, even if you get it working, A minimum facebook password length is about 6-characters. kindly refer to the chart and find out your success rate.



-Thanks For Reading This Article.Hope you will like this…….

Be a Good Hacker and Save the Nation!!!!!

Thanks & Regards
Tarun Arora
Tarora89@gmail.com

Posted by at 06:05 0 comments

Thursday 9 February 2012

How to install full version Internet download manager in your computer


Welcome to Hackers World!!!!!

Internet Download Manager is a download (full version) accelerator. By using this software we are able download from the Internet at a high speed. But when we are downloading the software from its official site it is not a full version. That is a 30 day trial pack. After these days are past it will ask you to enter serial key or to buy. So here is the process to make any downloaded IDM full version. After making this it will be registered for lifetime and not ask to register it further.



Process:


1. Download latest version of IDM from here 
3. After installing the IDM click on "registration" on the menu bar.
4. When you click on registration, now a new window will be open ask your First Name, Last Name, Email Address and Serial Key.
5. Enter your First name, Last Name, Email address in the required field.
6. In the serial key field enter any of the following given below

     RLDGN-OV9WU-5W589-6VZH1

     HUDWE-UO689-6D27B-YM28M

     UK3DV-E0MNW-MLQYX-GENA1

     398ND-QNAGY-CMMZU-ZPI39

     GZLJY-X50S3-0S20D-NFRF9

     W3J5U-8U66N-D0B9M-54SLM

     EC0Q6-QN7UH-5S3JB-YZMEK

     UVQW0-X54FE-QW35Q-SNZF5

     FJJTJ-J0FLF-QCVBK-A287M


    And click on ok to register.

7. After you click OK, it will show an error message that you have registered IDM using fake serial key and IDM will exit.


Now the actual hacking process starts:

8. First of all go to "C:/" drive then go to "Windows" Folder and then go to "System32" folder and then go to "Drivers" folder and then go to "Etc" Folder.
    Path is: C:\Windows\System32\drivers\etc
    or Simply "C:\Windows\System32\drivers\etc" pastes this (without quotes) in the address bar and hit enter. It will open the required folder.

9. In the Etc folder you will see the hosts file. Open the file with notepad.

Now copy the below lines of code and add to hosts.:


127.0.0.1 tonec.com

127.0.0.1 www.tonec.com

127.0.0.1 registeridm.com

127.0.0.1 www.registeridm.com

127.0.0.1 secure.registeridm.com

127.0.0.1 internetdownloadmanager.com

127.0.0.1 www.internetdownloadmanager.com

127.0.0.1 secure.internetdownloadmanager.com

127.0.0.1 mirror.internetdownloadmanager.com

127.0.0.1 mirror2.internetdownloadmanager.com


10. After adding these codes, save the notepad file. And exit from there.

Reboot or restart your PC. After restart now open your IDM it will be full version and not ask you to register.


Thanks for Reading This Article .Hope you will like this…….

Be a Good Hacker and save the nation!!!!!

Thanks & Regards
Tarun Arora
Tarora89@gmail.com


Posted by at 00:46 0 comments

INTRODUCTION TO PING SWEEP


Welcome to Hackers world!!!!!

Before writing about Ping sweep, i would like to introduce Ping. Ping is a network based utility which is used to know if a host is alive or dead on the network. if we get the response it means website is live. You can check for a system by its IP address or a website by its domain name. We can use this program to detect host like website, computer system, printer, network or any device.


Ping Sweep :Ping Sweep also known as ICMP sweep is a network scanning technique which is used to determine which of a range of IP addresses map to live hosts. As we have seen in Ping, which is used for single computer. This is used for a range of IP address for various computers. ping sweep consists of ICMP (Internet Control Message Protocol) ECHO requests sent to multiple hosts. If a system (HOST) is live, it will reply with ICMP ECHO reply.
There are a various tools available that can be used to do a ping sweep, such as fping, gping, and nmap.

Download Fping here: http://fping.sourceforge.net/


Thanks for Reading this article .Hope you will like…..



Be a good Hacker and Save the Nation!!!!!


Thanks & Regards
Tarun Arora
Tarora89@gmail.com


Posted by at 00:35 0 comments

Saturday 4 February 2012

How to create a virus in “C” to block websites


Welcome to Hackers World!!!!!

Today i am going to write a post on a simple virus written in C. It will block websites on your computer system. I am implementing that process by a C program to create it as a virus. Once the virus is clicked, it will block the some specific websites on victim's computer. The website which you want to block is mentioned in the source code of the program. Change the list according to your choice.


Download source code of Virus Here:

http://www.ziddu.com/download/18504818/Virus-createdbyTarunArora.rar.html


How to use:
  • You need to have a C compiler for that.
  • Compile and build the C program and generate the EXE file.
  • Run the EXE on your computer to check it's working. 
  • Go to the browser and try to open google or facebook. ;)
  • to unblock those websites Just delete the new entries in the file hosts created by this virus.  C:/windows/system32/drivers/ect/hosts
  • Now send this EXE to the victim through the email as a game or any other software.



THIS IS FOR EDUCATIONAL PURPOSE. PLEASE DO NOT USE THIS TO HARM ANYONE

Thanks for Reading This Article. Hope you will like…


Be a Good Hacker and Save the Nation!!!!!

Thanks & Regards
Tarun Arora
Tarora89@gmail.com






Posted by at 01:44 0 comments
Subscribe to: Posts (Atom)