Monday, February 3, 2014

MD5 Cracker - Download


MD5 Cracker is the tool used to crack MD5 Hash. Normally many sites and applications store sensitive informattion like passwords in the hexadecimal format i.e. MD5 hash...

Nmap Scanning Tutorial


Nmap ("Network Mapper") is a free and open source (license) utility for network exploration or security auditing. Nmap is a perfect scanning tool for hackers out there and boy..they use it extensively.Many systems and network administrators NMAP running on Windows XP command promptalso find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime .I will be discussing about how to do simple scanning in Nmap.

Hack Websites Using Havij [SQL Injection Tutorial]

According to a survey the most common technique of hacking a website is SQL Injection. SQL Injection is a technique in which hacker insert SQL codes into web Forum to get Sensitive Information like (User Name , Passwords) to access the site and Deface it. The traditional SQL injection method is quite difficult, but now a days there are many tools available online through which any script kiddie can use SQL Injection to deface a webite, because of these tools websites have became more vulnerable to these types of attacks.

One of the popular tools is Havij, Havij is an advanced SQL injection tool which makes SQL Injection very easy for you, Along with SQL injection it has a built in admin page finder which makes it very effective.

How to Crack WEP Key With Backtrack 5 [wifi hacking]

As announced before we would be writing related to wifi attacks and security, This post is the second part of our series on wifi attacks and Security, In the first part we discussed about various terminologies related to wifi attacks and security and discussed couple of attacks. This post will also show you how one can easily crack WEP keys in no time.

Create A Gmail Phishing (Mobile)

See Demo- http://gemall.wapka.mobi

What is Phishing ?
Phishing is a way of deceiving your victim by making him login through one of your webpages which is a copy of the original one. By doing so the fake webpage will save his E-mail ID or username and password. This is used for criminal activities for stealing Credits Cards and So on.
Now we are going to make a fake login page of Gmail Mobile.
Lets start the tutorial...

Step 1:
Register a new Wapka Account First create a new wapka account from the link below.
Wapka.Mobi

Step 2: Go to Admin Mode.

Step 3: Edit Site >>mail form>>
**Remember: Enable CAPTCHA pictures: Must UnMark it ..**

Now press Submit & Remember Don't set it admin mode.
Step 4: Now Make a source of ur site. Don't no about source view?
Go to http://wap0fbd.tk/wapmaster/source_viewer & put your site link in the box and view the source.....
Now the main work of this tutorial is collecting like the value="117465354" code by source.
You have to search that value carefully....

Next step>> After collecting the
value="XXXXXXXX" code u Must hide the mailform in Admin Mode.
How to hide it on Admin Mode???
Ans: Go To Edit Site>user>Items visibility>Now click on X.

Now its Done.

Step 5:
Go Here http://pastebin.com/ckj1hh1L and copy the main Code Of Wapka Phishing Page..

Step 6:
At Last After Finishing All Work Now U Can Put This Code on your site at last.... For This Code Wapka Advertise will be remove from foot of your site......
Enjoy
Go EDIT SITE>WML/XHTML>PUT THIS


Remember: U have to keep this code below of all codes.

Remember to
replace value="XXXXXXX" to Yours.
**U have done it.**

Now the main Question that How can i get The Hacked User Name and Passaword?
Yes, U can get The hacked User name & Password at your Mail inbox which U have used in Wapka.mobi Registrating.
Thanks to all.
Note: This method only for Advanced WapMaster.

Courtesy: Hacker University

How To Hack A Website

Ways Hackers Hack Your Site
Pop quiz: what does Microsoft, Twitter, Facebook, NBC, ZenDesk, and Drupal all have in common?
They’ve all been recently hacked.
Yes, hacking is a growing threat for every business both large and small.
Whether it’s stealing private data, taking control of your computer, or shutting down your website, hackers can seriously impact any business, at any time.
Hackers can attack in so many ways, but here’s the ten most popular ways they can threaten the security of your site, and your business:

10.  Injection Attacks

Injection Attacking occurs when there are flaws in your SQL Database, SQL libraries, or even the operating system itself. Employees open seemingly credible files with hidden commands, or “injections”, unknowingly.
In doing so, they’ve allowed hackers to gain unauthorized access to private data such as social security numbers, credit card number or other financial data.

Technical Injection Attack Example:

An Injection Attack could have this command line:
String query = “SELECT * FROM accounts WHERE custID=’” + request.getParameter(“id”) +”‘”;
The hacker modifies the ‘id’ parameter in their browser to send: ‘ or ’1′=’1. This changes the meaning of the query to return all the records from the accounts database to the hacker, instead of only the intended customers.

LFI exploitation via php://input [Shelling Sites]

Hey guys,
Today I'll be explaining how to shell a website using "php://input" method via LFI.

So let's get started.
Now let's have our target shall we. As an example, your target URL should look like this:

Code:
http://www.site.com/index.php?page=
You can have anything similar to that as long as you can be able to read files and obtain an "include" error.

First things first, give it a shot and see if you can read "/etc/passwd"