Bluejacking is not mobile hacking or
hijacking its totaly different.
Bluejacking is a harmless prank
played on people who have
switched Bluetooth on their phones.
blue is taken from Bluetooth, the
technology bluejacking uses.
jacking is derived from both
"ajack" and "hijacking"
Even thought bluejacking does not
resemble hijacking There is no
accessing or taking private data
from your victim's device.
Bluejacking is totally limited to
Bluetooth enabled devices.Bluetooth
has a very limited range, usually
around 10 metres on mobile
phones, but laptops and other
instrument with high power
transmitters can reach up to 100
meters.
Bluejacking Explained
“Bluejacking” is define as sending of
unsolicited messages over Bluetooth
to Bluetooth-enabled devices such
as mobile phones, PDAs, Laptops,
sending a contact which typically
contains a message in the name
field to another bluetooth enabled
device via the OBEX protocol.
Few prople say the term
“Bluejacking” originated with a user
named ajack on esato.com. Some
people say that the term bluejacking
comes from Bluetooth and
hijacking. While that certainly
sounds logical, a bluejacker doesn't
hijack anything, he just send a
contact to the recipient's device.
Both parties have absolute control
over their devices, and a bluejacker
will not be able to take control of
your phone or steal your personal
information.
You can create a phonebook contact
and write a message, eg. 'Hello,
you've been bluejacked', in the
'Name' field. Then you can search
for other phones with Bluetooth and
send that phonebook contact to
them. On their phone, a message
will popup saying "'Hello, you've
been bluejacked' has just been
received by Bluetooth" or
something along those lines. For
most 'victims' they will have no idea
as to how the message appeared on
their phone. So, personalised
messages like 'I like your pink top'
and the startled expressions that
result is where the fun really starts.
Bluejacking is quite harmless, but
because bluejacked people don't
know what is happening, they think
their phone is malfunctioning.
Usually, a bluejacker will only send a
text message, but with modern
phones it's possible to send images
or sounds as well.
But with the increase in the
availability of bluetooth enabled
devices, these devices have become
vulnarable to virus attacks and even
complete take over of devices
through a trojan horse program.
Bluejacking Process
Go to Contacts.
Create a new contact.
Write the short message you want
to send on the line next to 'Last
name'
Save this contact.
Select this contact and send via
Bluetooth.
Your phone will search for devices
All the Bluetooth devices near you
will be displayed.
Select any one you like and send.
You have bluejacked someone.
You can also send pictures to your
victim by adding them to your
bluejack contact. The best thing
about this is even if the victim
rejects the contact that you sent
him/her, the picture gets
automatically saved in the victim's
My Pictures section.
Note:
It is not that interesting after 2 or 3
trials. Its just a prank. Do NOT
harass anyone with this. Be careful
at some places and with some
peoples, especially in airports where
the tolerance level is very low. Also
don't send threatening messages.
Technically you cannot be traced,
but if the victim notices you
behaving in a suspicious way with
your mobile phone in your hand,
you better run for your life.
11 Jun 2011
ChangingStartup and Log-off screens
Startup Screen
1. Create a 320x400 bitmap in the root
directory and name it LOGO.SYS
2. You can use LOGOW.SYS file in the
Windows directory as a starter
Logoff Screens
1. There are many system file that
constitutes Lofoff screen.
2. They are actually bitmaps 320x400
that just have a different extension
3. The hidden file in the root directory
LOGO.SYS is the startup logo.
4. There are two files in the Windows
directory.
5. LOGOW.SYS is the Wait while
Shutting down ... screen.
6. LOGOS.SYS is the You may now
shut-off or Reboot screen.
7. Make two new image files of your
chice in Paint and name it as
LOGOW.SYS and LOGOS.SYS and
replce the actual windows file by
this two.
8. But make sure they should be of the
same size
1. Create a 320x400 bitmap in the root
directory and name it LOGO.SYS
2. You can use LOGOW.SYS file in the
Windows directory as a starter
Logoff Screens
1. There are many system file that
constitutes Lofoff screen.
2. They are actually bitmaps 320x400
that just have a different extension
3. The hidden file in the root directory
LOGO.SYS is the startup logo.
4. There are two files in the Windows
directory.
5. LOGOW.SYS is the Wait while
Shutting down ... screen.
6. LOGOS.SYS is the You may now
shut-off or Reboot screen.
7. Make two new image files of your
chice in Paint and name it as
LOGOW.SYS and LOGOS.SYS and
replce the actual windows file by
this two.
8. But make sure they should be of the
same size
increase p.c ram
To boost performance of your
PC or to increase RAM virtually,
Right click on My Computer Icon on
Desktop
>> Go to Properties
>> Go to Advanced
>> Go to Performance - Settings
>> Go to Advanced
>> Go to Virtual Memory - Change
Keep the initial size same as
recommended and maximum size
double of it then restart your
system.
It will improve speed of windows
and you can play some games
which require higher RAM.
PC or to increase RAM virtually,
Right click on My Computer Icon on
Desktop
>> Go to Properties
>> Go to Advanced
>> Go to Performance - Settings
>> Go to Advanced
>> Go to Virtual Memory - Change
Keep the initial size same as
recommended and maximum size
double of it then restart your
system.
It will improve speed of windows
and you can play some games
which require higher RAM.
LOCK A FOLDER IN WINDOWS
To Lock a folder in windows XP
without any software. Follow the
steps Below.
1. Make a Folder in C drive rename it as
"abc" without quotes.
2. Now open Command Prompt from
Start Menu.
3. Type "attrib +s +h C:\abc" without
quotes and press enter.
4. This command will Make your
folder invisble and it can not be seen
even in hidden files and folders
5. To make it visible again type "attrib -
s -h C:\abc"
6. You can lock any other folder also
by changing the location C:\abc to
address of your folder.
#2
without any software. Follow the
steps Below.
1. Make a Folder in C drive rename it as
"abc" without quotes.
2. Now open Command Prompt from
Start Menu.
3. Type "attrib +s +h C:\abc" without
quotes and press enter.
4. This command will Make your
folder invisble and it can not be seen
even in hidden files and folders
5. To make it visible again type "attrib -
s -h C:\abc"
6. You can lock any other folder also
by changing the location C:\abc to
address of your folder.
#2
LOCK A FOLDER IN WINDOWS
To Lock a folder in windows XP
without any software. Follow the
steps Below.
1. Make a Folder in C drive rename it as
"abc" without quotes.
2. Now open Command Prompt from
Start Menu.
3. Type "attrib +s +h C:\abc" without
quotes and press enter.
4. This command will Make your
folder invisble and it can not be seen
even in hidden files and folders
5. To make it visible again type "attrib -
s -h C:\abc"
6. You can lock any other folder also
by changing the location C:\abc to
address of your folder.
#2
without any software. Follow the
steps Below.
1. Make a Folder in C drive rename it as
"abc" without quotes.
2. Now open Command Prompt from
Start Menu.
3. Type "attrib +s +h C:\abc" without
quotes and press enter.
4. This command will Make your
folder invisble and it can not be seen
even in hidden files and folders
5. To make it visible again type "attrib -
s -h C:\abc"
6. You can lock any other folder also
by changing the location C:\abc to
address of your folder.
#2
How to Alter WindowsProduct ID
...INTRO...
If
you
are
running
a
Microsoft
Windows
operating
system
on
your
computer,
then you are most likely aware of
the fact that your PC will have a
Product ID. This Product ID is a
system specific alphanumeric code
which is derived/calculated based
on the Windows product key you
use and the hardware configuration
of your Computer. In simple words,
Product ID is the alphanumericcode
that you see when you Right-Click
on the My Computer icon and select
the Properties option.
Ever wondered how
to alter the Windows
Product ID?
It is possible to alter the Windows
Product ID and change it to what
ever you like. For example, you can
change the Product ID and put your
nickname in place of the formal
Product ID displayed by the
Operating System. This hack is too
easy and can be done within
minutes.
...INSTRUCTIONS...
1. Goto Start->Run and type the
following in the Run dialog box
regedit
2. After you open the Registry
Editor, navigate to the following key
HKey_Local_Machine\Software
\Microsoft\Windows NT\Current
Version
3. On the right hand side, you can
see an entry by name ProductID
listed under the heading Name.
4. Double-Click on ProductID, a
dialog box will pop-up showing
your Windows PID. Now you can
delete the original PID and enter
anything of your choice.
5. Once you are done, just click on
OK and close the Registry Editor.
Now you can see the altered
Product ID in the Windows
Properties window.
...NOTE...: This trick works on Win
7, Vista and Win XP
If
you
are
running
a
Microsoft
Windows
operating
system
on
your
computer,
then you are most likely aware of
the fact that your PC will have a
Product ID. This Product ID is a
system specific alphanumeric code
which is derived/calculated based
on the Windows product key you
use and the hardware configuration
of your Computer. In simple words,
Product ID is the alphanumericcode
that you see when you Right-Click
on the My Computer icon and select
the Properties option.
Ever wondered how
to alter the Windows
Product ID?
It is possible to alter the Windows
Product ID and change it to what
ever you like. For example, you can
change the Product ID and put your
nickname in place of the formal
Product ID displayed by the
Operating System. This hack is too
easy and can be done within
minutes.
...INSTRUCTIONS...
1. Goto Start->Run and type the
following in the Run dialog box
regedit
2. After you open the Registry
Editor, navigate to the following key
HKey_Local_Machine\Software
\Microsoft\Windows NT\Current
Version
3. On the right hand side, you can
see an entry by name ProductID
listed under the heading Name.
4. Double-Click on ProductID, a
dialog box will pop-up showing
your Windows PID. Now you can
delete the original PID and enter
anything of your choice.
5. Once you are done, just click on
OK and close the Registry Editor.
Now you can see the altered
Product ID in the Windows
Properties window.
...NOTE...: This trick works on Win
7, Vista and Win XP
10 Jun 2011
WIRELESS HACK
This Process is called “Man in the Middle Attack”. Man in the middle attack has been done by the help of a Sniffer. We are going Learn How to Implement a Sniffer in the LAN and Get the Passwords and other information.
Remember it is a Direct Hacking method. Wireless LAN Network simply means “Local Area Network”.
First of all we need learn about, What is sniffer?. Sniffer is Tool which is used in Data Theft and Grabbing the private information. For example in a Local LAN or WLAN, if we can implement a Sniffer on the LOCAL Gateway. Then you are ready to get all the traffic information including Passwords, Chats, FTP , Telnet sessions and many more things from the users of the Network, This Means that if a Sniffer is implemented in a Cafe and you browse there, Your Login details and other Information will be Logged and that means someone else also have access to you info.
TOOLS FOR IMPLEMENTING A SNIFFER ON A WLAN
To implement Man in the Middle attack we need some Applications like sniffer Tool, Packet analyzer, Network identifier.To get this Tools see the below list and Download the Applications from there.
1. Nmap – You can Download this from www.nmap.org
2. Cain – It is a Sniffer tool with Lots of Scripts and Options.You can download this from www.oxid.it/ cain.html
3. Wireshark Network Analyzer – Network Packet Analyzer : Download at http:// www.wireshark.org/download.html After downloading these applications you are ready to Hack your LAN or WLAN. In this tutorial we are majorly using Cain-Sniffer.
HOW TO IMPLEMENT MAN IN THE MIDDLE ATTACK USING SNIFFER:
To implement Man in the Middle Attack using Sniffer, we need to follow a Step by step Procedure.
1. First know your IP Address: To see your IP details in the command Prompt type ipconfig / all .You will see the complete IP address,Gateway,DNS etc,note them all.
2. After that now the real part will Start, just Open Cain Sniffer which is on your desktop or in Start menu. It will Look like the bellow image. Now click on the Start sniffer Icon in the Cain, Please see the bellow. After that A pop up will appear which ask you to choose the Network Adapter. Just choose it and Press Apply and OK
3. Now again Click on the Start Sniffer Button,now the sniffer will be Started, this time Sniffer will activate and you will see your Internal LAN gateway. It indicates that your Sniffer is activated. Now Right Click the idle space and you will see an Option called as Scan MAC Addresses. Just click on it, so this time it will Start scanning of MAC addresses and live IP’s. See image below.
4. After that you will get the entire IP’s which are alive in your LAN or WLAN, So now you need to select the Target IP, After choosing the Target its time to Prepare the attack, So now in the below section you will see ARP, in this ARP section you will get two columns. Now click in the Free space and after that you will see a “+ ” indication in the above of Selection Tools.
5. Now just click on the same Add button, now a new Window will appear with all the IP’s which will displayed is the results of first Scanning process, you will see Both sides same IP Addresses, but in the left side you need to Choose your Gateway, for example if your IP is 10.0.0.2, then you gateway will be 10.0.0.1, see the below image, after choosing the Gateway in the right side section you need to choose target IP, after that press OK. See image pictorial diagram for help. So after selecting the Target and gateway, we need to Start Poisoning the target IP address, To poisoning it, Click Poisoning button which will appear in the Yellow color. See the bellow image. This will start the Poisoning of the target IP. Now you will get each and every information about that IP address. You will get his Wlan Password, Mail Passwords ( Except SSL Protected), Telnet Sessions, Browsing URL’s almost every Data. So see the Passwords and Telnet Sessions, in the below section of this Tool you will see a Section called Passwords in which we can get the entire information send from that Target IP. So this is the use of Cain Sniffer, but you might ask why we Downloaded, Nmap and Wireshark Network Analyzer? Well, Nmap is to find the HostName and Mac Addresses of you IP’s in your LAN and Wireshark is to Analyze the Packets, with this tool we can analyze each packet send by the Target IP. All you have to do is just Run the Wireshark while Using Cain Sniffer. So it will show you each and every packet and its information.
Remember it is a Direct Hacking method. Wireless LAN Network simply means “Local Area Network”.
First of all we need learn about, What is sniffer?. Sniffer is Tool which is used in Data Theft and Grabbing the private information. For example in a Local LAN or WLAN, if we can implement a Sniffer on the LOCAL Gateway. Then you are ready to get all the traffic information including Passwords, Chats, FTP , Telnet sessions and many more things from the users of the Network, This Means that if a Sniffer is implemented in a Cafe and you browse there, Your Login details and other Information will be Logged and that means someone else also have access to you info.
TOOLS FOR IMPLEMENTING A SNIFFER ON A WLAN
To implement Man in the Middle attack we need some Applications like sniffer Tool, Packet analyzer, Network identifier.To get this Tools see the below list and Download the Applications from there.
1. Nmap – You can Download this from www.nmap.org
2. Cain – It is a Sniffer tool with Lots of Scripts and Options.You can download this from www.oxid.it/ cain.html
3. Wireshark Network Analyzer – Network Packet Analyzer : Download at http:// www.wireshark.org/download.html After downloading these applications you are ready to Hack your LAN or WLAN. In this tutorial we are majorly using Cain-Sniffer.
HOW TO IMPLEMENT MAN IN THE MIDDLE ATTACK USING SNIFFER:
To implement Man in the Middle Attack using Sniffer, we need to follow a Step by step Procedure.
1. First know your IP Address: To see your IP details in the command Prompt type ipconfig / all .You will see the complete IP address,Gateway,DNS etc,note them all.
2. After that now the real part will Start, just Open Cain Sniffer which is on your desktop or in Start menu. It will Look like the bellow image. Now click on the Start sniffer Icon in the Cain, Please see the bellow. After that A pop up will appear which ask you to choose the Network Adapter. Just choose it and Press Apply and OK
3. Now again Click on the Start Sniffer Button,now the sniffer will be Started, this time Sniffer will activate and you will see your Internal LAN gateway. It indicates that your Sniffer is activated. Now Right Click the idle space and you will see an Option called as Scan MAC Addresses. Just click on it, so this time it will Start scanning of MAC addresses and live IP’s. See image below.
4. After that you will get the entire IP’s which are alive in your LAN or WLAN, So now you need to select the Target IP, After choosing the Target its time to Prepare the attack, So now in the below section you will see ARP, in this ARP section you will get two columns. Now click in the Free space and after that you will see a “+ ” indication in the above of Selection Tools.
5. Now just click on the same Add button, now a new Window will appear with all the IP’s which will displayed is the results of first Scanning process, you will see Both sides same IP Addresses, but in the left side you need to Choose your Gateway, for example if your IP is 10.0.0.2, then you gateway will be 10.0.0.1, see the below image, after choosing the Gateway in the right side section you need to choose target IP, after that press OK. See image pictorial diagram for help. So after selecting the Target and gateway, we need to Start Poisoning the target IP address, To poisoning it, Click Poisoning button which will appear in the Yellow color. See the bellow image. This will start the Poisoning of the target IP. Now you will get each and every information about that IP address. You will get his Wlan Password, Mail Passwords ( Except SSL Protected), Telnet Sessions, Browsing URL’s almost every Data. So see the Passwords and Telnet Sessions, in the below section of this Tool you will see a Section called Passwords in which we can get the entire information send from that Target IP. So this is the use of Cain Sniffer, but you might ask why we Downloaded, Nmap and Wireshark Network Analyzer? Well, Nmap is to find the HostName and Mac Addresses of you IP’s in your LAN and Wireshark is to Analyze the Packets, with this tool we can analyze each packet send by the Target IP. All you have to do is just Run the Wireshark while Using Cain Sniffer. So it will show you each and every packet and its information.
How to Sniff Passwords Using USB Drive
As
we
all
know,
Windows
stores
most
of
the
passwords
which
are used on a daily basis, including
instant messenger passwords such
as MSN, Yahoo, AOL, Windows
messenger etc. Along with these,
Windows also stores passwords of
Outlook Express, SMTP, POP, FTP
accounts and auto-complete
passwords of many browsers like
IE and Firefox. There exists many
tools for recovering these
passswords from their stored
places. Using these tools and an
USB pendrive you can create your
own rootkit to sniff passwords from
anycomputer. We need the
following tools to create our rootkit.
MessenPass: Recovers the
passwords of most popular Instant
Messenger programs: MSN
Messenger, Windows Messenger,
Yahoo Messenger, ICQ Lite
4.x/2003, AOL Instant Messenger
provided with Netscape 7, Trillian,
Miranda, and GAIM.
Mail PassView: Recovers the
passwords of the following email
programs:
Outlook Express,
Microsoft Outlook 2000 (POP3 and
SMTP Accounts only),
Microsoft
Outlook 2002/2003 (POP3, IMAP,
HTTP and SMTP Accounts),
IncrediMail, Eudora, Netscape Mail,
Mozilla Thunderbird, Group Mail
Free.
MailPassView can also recover the
passwords of Web-based email
accounts (HotMail, Yahoo!, Gmail), if
you use the associated programs of
these accounts.
IE Passview: IE PassView is a
small utility that reveals the
passwords stored by Internet
Explorer browser. It supports the
new Internet Explorer 7.0, as well as
older versions of Internet explorer,
v4.0 – v6.0
Protected Storage PassView:
Recovers all passwords stored
inside the Protected Storage,
including the AutoComplete
passwords of Internet Explorer,
passwords of Password-protected
sites, MSN Explorer Passwords, and
more…
PasswordFox: PasswordFox is a
small password recovery tool that
allows you to view the user names
and passwords stored by Mozilla
Firefox Web browser. By default,
PasswordFox displays the
passwords stored in your current
profile, but you can easily select to
watch the passwords of any other
Firefox profile. For each password
entry, the following information is
displayed: Record Index, Web Site,
User Name, Password, User Name
Field, Password Field, and the
Signons filename.
we
all
know,
Windows
stores
most
of
the
passwords
which
are used on a daily basis, including
instant messenger passwords such
as MSN, Yahoo, AOL, Windows
messenger etc. Along with these,
Windows also stores passwords of
Outlook Express, SMTP, POP, FTP
accounts and auto-complete
passwords of many browsers like
IE and Firefox. There exists many
tools for recovering these
passswords from their stored
places. Using these tools and an
USB pendrive you can create your
own rootkit to sniff passwords from
anycomputer. We need the
following tools to create our rootkit.
MessenPass: Recovers the
passwords of most popular Instant
Messenger programs: MSN
Messenger, Windows Messenger,
Yahoo Messenger, ICQ Lite
4.x/2003, AOL Instant Messenger
provided with Netscape 7, Trillian,
Miranda, and GAIM.
Mail PassView: Recovers the
passwords of the following email
programs:
Outlook Express,
Microsoft Outlook 2000 (POP3 and
SMTP Accounts only),
Microsoft
Outlook 2002/2003 (POP3, IMAP,
HTTP and SMTP Accounts),
IncrediMail, Eudora, Netscape Mail,
Mozilla Thunderbird, Group Mail
Free.
MailPassView can also recover the
passwords of Web-based email
accounts (HotMail, Yahoo!, Gmail), if
you use the associated programs of
these accounts.
IE Passview: IE PassView is a
small utility that reveals the
passwords stored by Internet
Explorer browser. It supports the
new Internet Explorer 7.0, as well as
older versions of Internet explorer,
v4.0 – v6.0
Protected Storage PassView:
Recovers all passwords stored
inside the Protected Storage,
including the AutoComplete
passwords of Internet Explorer,
passwords of Password-protected
sites, MSN Explorer Passwords, and
more…
PasswordFox: PasswordFox is a
small password recovery tool that
allows you to view the user names
and passwords stored by Mozilla
Firefox Web browser. By default,
PasswordFox displays the
passwords stored in your current
profile, but you can easily select to
watch the passwords of any other
Firefox profile. For each password
entry, the following information is
displayed: Record Index, Web Site,
User Name, Password, User Name
Field, Password Field, and the
Signons filename.
ABOUT KEYLOGGERS
Here
is
a
DETAILED
tutorial
which
contains
every
possible information that you need
to know about keyloggers which
includes how to use it, how it works
etc.
WARNING: I highly recommend
that you read this post
completely since every single
piece of information is
important.
I know most of you are new to the
concept of keyloggers. For some of
you, this might be the first time you
heard about the term “keylogger”.
So to give you a clear picture and
make you understand better I
would like to take up this post in the
form of FAQs (Frequently Asked
Questions). Here we go…
1. What is a Keylogger?
A keylogger (also called as spy
software) is a small program that
monitors each and every keystroke
a user types on a specific
computer’s keyboard. A keylogger
program can be installed just in a
few seconds and once installed you
are only a step away from getting
the victim’s password.
2. How Keylogger works?
Once the keylogger is installed on a
PC, it starts operating in the
background (stealth mode) and
captures every keystroke of the
victim on that PC. Let’s take up a
small example: The victim goes to
http://mail.yahoo.com and types
his “username” and the “password”
in the respective fields to login. The
keylogger silently records these
keystrokes and stores them in the
logs. These logs when opened up
shows the captured “username”
and “password” and will also tell
you that they were typed in the
Yahoo login page. Thus the
keylogger loads upon every startup,
runs in the background and
captures each and every keystroke.
3. How to install the keylogger?
A keylogger can be installed just like
any other program. Just follow the
screen instructions and you’re done.
4. Do I need any special
knowledge to install and use
the keylogger?
Absolutely NOT! Anyone with a
basic computer knowledge can
install and use the keylogger. It
requires no special skills.
5. Once I install the keylogger
can the victim come to know
about it’s presence?
No. The victim will never come to
know about the presence of the
keylogger on his/her computer.
This is because, once installed the
keylogger will run in total stealth
mode. Unlike other programs it will
never show up in start-menu, start-
up, program files, add/remove
programs and task manager. So the
victim can no way identify it’s
presence on his/her PC.
6. Can I be traced back if I
install the keylogger on some
other computer?
No, it’s almost impossible to trace
back to you for installing the
keylogger on other’s PC.
7. Which keylogger is the best?
Today there exists hundreds of
keyloggers on the market and most
of them are no more than a scam.
So I tested some of the top
keyloggers and conclude that the
following is the best one.
>> SniperSpy
8. How SniperSpy works?
I will try to explain the working of
Sniperspy in simple steps.
A. After you purchase Sniperspy,
you’ll be able to create the
installation module using easy set-
up program. You need to email this
module to the remote user as an
attachment.
B. When the remote user runs the
module it’ll get installed silently and
monitoring process will begin. The
keystrokes are captured and
uploaded to the SniperSpy servers
continously.
C. You can login to your Sniperspy
account (you get this after purchase)
tosee the logs which contains the
password.
9. I don’t have physical access
to the traget computer. Can I
still use SniperSpy?
Yes you can. SniperSpy supports
REMOTE INSTALLATION feature
which allows you to remotely install
the program on any PC even if you
have no physical access to it. For
remote installation all you need to
do is just place the module (refer
FAQ-8) in a .zip/.rar file and send it
as an attachment to the target email
address (for which you need the
password).
10. Can I install SniperSpy on a
local computer?
If you need to install to your local
(current) computer instead of your
remote computer, then the process
is simple. Simply navigate to the
folder in which you saved your
module ( Refer FAQ-8). Double-click
the module filename to execute it.
Nothing will appear on the screen as
the software is installed.
11. What if the antivirus block
from sending it as an email
attachment?
Instead of sending the keylogger as
an email attachment, it is
recommended that you place the file
in .ZIP/.RARformat and upload it to
www.fileden.com. After
uploading, just send the direct
download link to the victim via
email. Once he downloads the file
from this link and run it, the
keylogger will get installed
automatically.
12. Why SniperSpy is the best?
SniperSpy supports REMOTE
INSTALLATION feature. This
feature is not present on most of the
keyloggers.
SniperSpy is fully compatible with
Windows 98/ME/2000/XP/Vista
and bypasses ANY Firewall.
SniperSpy is more reliable than
any other keylogger program. You
need not rely on your email account
to receive the logs. Instead you can
just login to your online SniperSpy
account to receive the logs.
SniperSpy captures full-size
screenshots of the activities on the
target PC.
Records BOTH sides of chats /
IMs in Google Talk, Yahoo IM,
Windows Live and more.
SniperSpy is more easy to install
and requires no extra knowledge.
SniperSpy is recognized by BBC,
CNN, CBS and other news
networks. Hence it isreputed and
trustworthy.
13. How safe is to use
SniperSpy?
Sniperspy is completely safe to use
since all the customer databases
remain confidential and private.
SniperSpy do not collect any
information from your system
other than the information required
for the product’s successful
operation. They will not contact you
in any way unless you request
assistance.
14. Is my online order 100%
Safe and Secure?
Absolutely Yes! All the e-commerce
transactions for SniperSpy is
handled by Plimus – they are a
trusted online retailer specializing in
digitally delivered products. All your
information remains private and
secure. The safety and protection of
your personal information is 100%
guaranteed. So you can place your
order for SniperSpy with no worries
of scam!
SniperSpy is completely reliable,
safe and best keylogger out there. It
is really worth the price that you
pay for it. I promise that you cannot
get a better keylogger than this. So
what are you waiting for? Go grab
SniperSpy now!
is
a
DETAILED
tutorial
which
contains
every
possible information that you need
to know about keyloggers which
includes how to use it, how it works
etc.
WARNING: I highly recommend
that you read this post
completely since every single
piece of information is
important.
I know most of you are new to the
concept of keyloggers. For some of
you, this might be the first time you
heard about the term “keylogger”.
So to give you a clear picture and
make you understand better I
would like to take up this post in the
form of FAQs (Frequently Asked
Questions). Here we go…
1. What is a Keylogger?
A keylogger (also called as spy
software) is a small program that
monitors each and every keystroke
a user types on a specific
computer’s keyboard. A keylogger
program can be installed just in a
few seconds and once installed you
are only a step away from getting
the victim’s password.
2. How Keylogger works?
Once the keylogger is installed on a
PC, it starts operating in the
background (stealth mode) and
captures every keystroke of the
victim on that PC. Let’s take up a
small example: The victim goes to
http://mail.yahoo.com and types
his “username” and the “password”
in the respective fields to login. The
keylogger silently records these
keystrokes and stores them in the
logs. These logs when opened up
shows the captured “username”
and “password” and will also tell
you that they were typed in the
Yahoo login page. Thus the
keylogger loads upon every startup,
runs in the background and
captures each and every keystroke.
3. How to install the keylogger?
A keylogger can be installed just like
any other program. Just follow the
screen instructions and you’re done.
4. Do I need any special
knowledge to install and use
the keylogger?
Absolutely NOT! Anyone with a
basic computer knowledge can
install and use the keylogger. It
requires no special skills.
5. Once I install the keylogger
can the victim come to know
about it’s presence?
No. The victim will never come to
know about the presence of the
keylogger on his/her computer.
This is because, once installed the
keylogger will run in total stealth
mode. Unlike other programs it will
never show up in start-menu, start-
up, program files, add/remove
programs and task manager. So the
victim can no way identify it’s
presence on his/her PC.
6. Can I be traced back if I
install the keylogger on some
other computer?
No, it’s almost impossible to trace
back to you for installing the
keylogger on other’s PC.
7. Which keylogger is the best?
Today there exists hundreds of
keyloggers on the market and most
of them are no more than a scam.
So I tested some of the top
keyloggers and conclude that the
following is the best one.
>> SniperSpy
8. How SniperSpy works?
I will try to explain the working of
Sniperspy in simple steps.
A. After you purchase Sniperspy,
you’ll be able to create the
installation module using easy set-
up program. You need to email this
module to the remote user as an
attachment.
B. When the remote user runs the
module it’ll get installed silently and
monitoring process will begin. The
keystrokes are captured and
uploaded to the SniperSpy servers
continously.
C. You can login to your Sniperspy
account (you get this after purchase)
tosee the logs which contains the
password.
9. I don’t have physical access
to the traget computer. Can I
still use SniperSpy?
Yes you can. SniperSpy supports
REMOTE INSTALLATION feature
which allows you to remotely install
the program on any PC even if you
have no physical access to it. For
remote installation all you need to
do is just place the module (refer
FAQ-8) in a .zip/.rar file and send it
as an attachment to the target email
address (for which you need the
password).
10. Can I install SniperSpy on a
local computer?
If you need to install to your local
(current) computer instead of your
remote computer, then the process
is simple. Simply navigate to the
folder in which you saved your
module ( Refer FAQ-8). Double-click
the module filename to execute it.
Nothing will appear on the screen as
the software is installed.
11. What if the antivirus block
from sending it as an email
attachment?
Instead of sending the keylogger as
an email attachment, it is
recommended that you place the file
in .ZIP/.RARformat and upload it to
www.fileden.com. After
uploading, just send the direct
download link to the victim via
email. Once he downloads the file
from this link and run it, the
keylogger will get installed
automatically.
12. Why SniperSpy is the best?
SniperSpy supports REMOTE
INSTALLATION feature. This
feature is not present on most of the
keyloggers.
SniperSpy is fully compatible with
Windows 98/ME/2000/XP/Vista
and bypasses ANY Firewall.
SniperSpy is more reliable than
any other keylogger program. You
need not rely on your email account
to receive the logs. Instead you can
just login to your online SniperSpy
account to receive the logs.
SniperSpy captures full-size
screenshots of the activities on the
target PC.
Records BOTH sides of chats /
IMs in Google Talk, Yahoo IM,
Windows Live and more.
SniperSpy is more easy to install
and requires no extra knowledge.
SniperSpy is recognized by BBC,
CNN, CBS and other news
networks. Hence it isreputed and
trustworthy.
13. How safe is to use
SniperSpy?
Sniperspy is completely safe to use
since all the customer databases
remain confidential and private.
SniperSpy do not collect any
information from your system
other than the information required
for the product’s successful
operation. They will not contact you
in any way unless you request
assistance.
14. Is my online order 100%
Safe and Secure?
Absolutely Yes! All the e-commerce
transactions for SniperSpy is
handled by Plimus – they are a
trusted online retailer specializing in
digitally delivered products. All your
information remains private and
secure. The safety and protection of
your personal information is 100%
guaranteed. So you can place your
order for SniperSpy with no worries
of scam!
SniperSpy is completely reliable,
safe and best keylogger out there. It
is really worth the price that you
pay for it. I promise that you cannot
get a better keylogger than this. So
what are you waiting for? Go grab
SniperSpy now!
file duplicate DELETER
I do my best to have files on my PC organized and sorted so I know where every file is. And yet, when I ran this free software, during 3 minutes it found 1038 duplicate files on my system totaling 39 GBs. What a surprise! Imagine then how many duplicate files you have if you don’t pay much attention to organizing files on your PC? Removing duplicate files from your PC will boost your system performance and speed it up immensely. Whether it be photos, mp3 files, text documents… Removing those files will enable you to have more disk space, reduce antivirus scan time, reduce the time it takes to defragment your hard drive and help you easily organize your files. DuplicateFinder is a freeware program that will detect all the cloned files that you might have on your computer. DuplicateFinder uses optimized detection algorithms and file filters so the scanning time is greatly minimized. The detected files can be removed in no time with the help of the automatic file selector and the predefined set of actions (copying, moving or deleting). I must say it was pretty fast and efficient. Now I have additional 39 Gigabytes of space available when I cleaned up the unnecessary files in just 3 minutes. Of course, if you don’t want to delete them right away, you can always group them into a folder using“Move” option, and there you can see whether you want to keep some of them. It works on Windows
NT 4.0, 2K, XP, Vista, and Windows 7.
Download link: www.ziddu.com/download/14770034/BDF.zip.html
NT 4.0, 2K, XP, Vista, and Windows 7.
Download link: www.ziddu.com/download/14770034/BDF.zip.html
TIPS TO MAKE FIREFOX SURF FASTER
....INTRO....
To improve performance when navigating (studies show that 39% of all page navigations are renavigations to pages visited less than 10 pages ago, usually using the back button), Firefox implements a Back-Forward cache that retains the rendered document for the last five session history entries for each tab. This is a lot of data. If you have a lot of tabs, Firefox’s RAM memory usage can climb dramatically. It’s a trade-off. What you get out of it is faster performance as you navigate the web. Now a lot of us have found the ’secrets’ on how to manipulate settings in “about:config” to drop the memory usage as long as possible and to increase the speed at which Firefox loads sites. Read on to find out how to do this. Remember: Firefox is the best internet browser available (in my opinion), and these tweaks below will make it even greater and faster. So enjoy!
...INSTRUCTIONS...
A. Reduce the amount of RAM Firefox uses for it’s cache feature Here’s how to do it:
1. Type “about:config” (no quotes) in the adress bar in the browser.
2. Find “browser.sessionhistory.max_total_viewer”
3. Set it’s value to “0“;(Zero)
B. Increase the Speed in Which Firefox loads pages:
1. Type “about:config” into the address bar and hit Enter. (Normally the browser will make one request to a web page at a time. When you enable pipelining it will make several at once, which really speeds up page loading.)
2. Alter the entries as follows: Set “network.http.pipelining” to “true” Set “network.http.proxy.pipelining” to “true” Set “network.http.pipelining.maxrequests” to some number like 10. This means it will make 10 requests at once.
3. Lastly, right-click anywhere and select New-> Integer. Name it “nglayout.initialpaint.delay” and set its value to “0“;.(Zero) This value is the amount of time the browser waits before it acts on information it receives. If you’re using a broadband connection you’ll load pages faster now. Optionally (for even faster web browsing) here are some more options for your about:config (you might have to create some of these entries by Right Click –> New– > Interger or String network.dns.disableIPv6: set “false” “content.notify.backoffcount”: set “5“; (Five) “plugin.expose_full_path”: set “true”. “ui.submenuDelay”: set “0; (zero)
...BONUS...Reduce RAM usage to 10mb when Firefox is minimized: This little hack will drop Firefox’s RAM usage down to 10 Mb when minimized:
1. Open Firefox and go to the Address Bar. Type in about:config and then press Enter.
2. Right Click in the page and select New -> Boolean. 3. In the box that pops up enter “config.trim_on_minimize”. Press Enter.
4. Now select True and then press Enter. 5. Restart Firefox. These simple tweaks will make your web browsing with Mozilla Firefox 2-3 times faster and easier. And I think they are fairly easy to apply.
Enjoy!
To improve performance when navigating (studies show that 39% of all page navigations are renavigations to pages visited less than 10 pages ago, usually using the back button), Firefox implements a Back-Forward cache that retains the rendered document for the last five session history entries for each tab. This is a lot of data. If you have a lot of tabs, Firefox’s RAM memory usage can climb dramatically. It’s a trade-off. What you get out of it is faster performance as you navigate the web. Now a lot of us have found the ’secrets’ on how to manipulate settings in “about:config” to drop the memory usage as long as possible and to increase the speed at which Firefox loads sites. Read on to find out how to do this. Remember: Firefox is the best internet browser available (in my opinion), and these tweaks below will make it even greater and faster. So enjoy!
...INSTRUCTIONS...
A. Reduce the amount of RAM Firefox uses for it’s cache feature Here’s how to do it:
1. Type “about:config” (no quotes) in the adress bar in the browser.
2. Find “browser.sessionhistory.max_total_viewer”
3. Set it’s value to “0“;(Zero)
B. Increase the Speed in Which Firefox loads pages:
1. Type “about:config” into the address bar and hit Enter. (Normally the browser will make one request to a web page at a time. When you enable pipelining it will make several at once, which really speeds up page loading.)
2. Alter the entries as follows: Set “network.http.pipelining” to “true” Set “network.http.proxy.pipelining” to “true” Set “network.http.pipelining.maxrequests” to some number like 10. This means it will make 10 requests at once.
3. Lastly, right-click anywhere and select New-> Integer. Name it “nglayout.initialpaint.delay” and set its value to “0“;.(Zero) This value is the amount of time the browser waits before it acts on information it receives. If you’re using a broadband connection you’ll load pages faster now. Optionally (for even faster web browsing) here are some more options for your about:config (you might have to create some of these entries by Right Click –> New– > Interger or String network.dns.disableIPv6: set “false” “content.notify.backoffcount”: set “5“; (Five) “plugin.expose_full_path”: set “true”. “ui.submenuDelay”: set “0; (zero)
...BONUS...Reduce RAM usage to 10mb when Firefox is minimized: This little hack will drop Firefox’s RAM usage down to 10 Mb when minimized:
1. Open Firefox and go to the Address Bar. Type in about:config and then press Enter.
2. Right Click in the page and select New -> Boolean. 3. In the box that pops up enter “config.trim_on_minimize”. Press Enter.
4. Now select True and then press Enter. 5. Restart Firefox. These simple tweaks will make your web browsing with Mozilla Firefox 2-3 times faster and easier. And I think they are fairly easy to apply.
Enjoy!
How to Recover HackedFacebook Account
Previously i've been posting how to
hack Facebook account
using Phishing or Keylogging. These
two methods for hacking facebook
are very effectively and easy to
understand, you don't have to have
any additional knowledge to
implement them to hack facebook
account. That's the reason why
these days so many people are
falling victims to the hackers,
because today anyone with a bit
knowledge of computers and
programming can be a hacker.
Š•specially if you are a newbie and
don't know what you're doing, its
very easy to get trapped by
hackers. So here i will show you
some things that can be done to get
your Hacked FaceBook Account
Back.
How to Get Back
Hacked Facebook
Account
1. First of all you can try resetting
your account password on
facebook. But this could help only in
rare cases, because most hackers
are intelligent and they surely will
have changed the default email
address. But if some body have
accidentally (though the chances are
extremely narrow) logged into your
account and has changed only the
password of your facebook
account, this might help you in
recovering your account password
and gain access to your
compromised account.
2. But things get much more worse
when the hacker changes the email
address in your FaceBook Account.
You’ll no longer be able to reset the
account password and gain access
to the account.
But there is a way.
FaceBook provides a contact page
for you to help you to in recovering
the hacked account .
Visit http://www.facebook.com/
help/contact.php?
show_form=account_compromised
Inside the contact Form You need to
Fill in the Following Details Correctly.
Full name on the account:
Enter the Full Name as you have
given in Your FaceBook Account.
Network(s) the account
belongs to:
Enter the names of the networks
you have joined. Include as many
as possible.
Email addresses that may be
affiliated with the account:
This is the email address you used
as username to login to facebook.
Your contact email address:
Enter a email address you can be
contacted by facebook. They will
contact you regarding this issue.
URL (web address link) of the
profile page:
Give the link to your facebook profile
address.
Description and steps to
reproduce the issue:
Provide as much as information in
here regarding how your facebook
account was hacked etc. It is
recommended to include the time
and date when you were able to
access your account for the last
time.
3. Tthe best way to prevent this is to
makea new account! Thats the
easiest way, but you loose a bunch
of stuff.
If you dont want to go the easy
way you can:
1. Change FB security question
2. Change email password
3. Change FB Password
4. Change email security question.
The hacker can use one account to
go to another and eventually get
more and more information that
can steal info. (credit, idenity, etc.)
Hope this tutorial helped you. Good
luck ;)
hack Facebook account
using Phishing or Keylogging. These
two methods for hacking facebook
are very effectively and easy to
understand, you don't have to have
any additional knowledge to
implement them to hack facebook
account. That's the reason why
these days so many people are
falling victims to the hackers,
because today anyone with a bit
knowledge of computers and
programming can be a hacker.
Š•specially if you are a newbie and
don't know what you're doing, its
very easy to get trapped by
hackers. So here i will show you
some things that can be done to get
your Hacked FaceBook Account
Back.
How to Get Back
Hacked Facebook
Account
1. First of all you can try resetting
your account password on
facebook. But this could help only in
rare cases, because most hackers
are intelligent and they surely will
have changed the default email
address. But if some body have
accidentally (though the chances are
extremely narrow) logged into your
account and has changed only the
password of your facebook
account, this might help you in
recovering your account password
and gain access to your
compromised account.
2. But things get much more worse
when the hacker changes the email
address in your FaceBook Account.
You’ll no longer be able to reset the
account password and gain access
to the account.
But there is a way.
FaceBook provides a contact page
for you to help you to in recovering
the hacked account .
Visit http://www.facebook.com/
help/contact.php?
show_form=account_compromised
Inside the contact Form You need to
Fill in the Following Details Correctly.
Full name on the account:
Enter the Full Name as you have
given in Your FaceBook Account.
Network(s) the account
belongs to:
Enter the names of the networks
you have joined. Include as many
as possible.
Email addresses that may be
affiliated with the account:
This is the email address you used
as username to login to facebook.
Your contact email address:
Enter a email address you can be
contacted by facebook. They will
contact you regarding this issue.
URL (web address link) of the
profile page:
Give the link to your facebook profile
address.
Description and steps to
reproduce the issue:
Provide as much as information in
here regarding how your facebook
account was hacked etc. It is
recommended to include the time
and date when you were able to
access your account for the last
time.
3. Tthe best way to prevent this is to
makea new account! Thats the
easiest way, but you loose a bunch
of stuff.
If you dont want to go the easy
way you can:
1. Change FB security question
2. Change email password
3. Change FB Password
4. Change email security question.
The hacker can use one account to
go to another and eventually get
more and more information that
can steal info. (credit, idenity, etc.)
Hope this tutorial helped you. Good
luck ;)
How to Hack into a LiveSecurity Camera
Well this is an interesting article. It is
a sub-section of a Hacking
Technique known as “Google
Hacking”. All what we are looking at
are unsecured cams from around
the world that are interfaced with
the internet. So how do you find
such cameras. Just google these
following strings and select any
result. Whoa, you can see a (LIVE
CAM) on your PC screen!! The
strings are given below:
inurl:”CgiStart?page=”
inurl:/view.shtml
intitle:”Live View / – AXIS
inurl:view/view.shtml
inurl:ViewerFrame?Mode=
inurl:ViewerFrame?Mode=Refresh
inurl:axis-cgi/jpg
inurl:axis-cgi/mjpg (motion-JPEG)
(disconnected)
inurl:view/indexFrame.shtml
inurl:view/index.shtml
inurl:view/view.shtml
liveapplet
intitle:”live view” intitle:axis
intitle:liveapplet
allintitle:”Network Camera
NetworkCamera” (disconnected)
intitle:axis intitle:”video server”
intitle:liveapplet inurl:LvAppl
intitle:”EvoCam”
inurl:”webcam.html”
intitle:”Live NetSnap Cam-Server
feed”
intitle:”Live View / – AXIS”
intitle:”Live View / – AXIS 206M”
intitle:”Live View / – AXIS 206W”
intitle:”Live View / – AXIS 210?
inurl:indexFrame.shtml Axis
inurl:”MultiCameraFrame?
Mode=Motion” (disconnected)
intitle:start inurl:cgistart
intitle:”WJ-NT104 Main Page”
intitle:snc-z20 inurl:home/
intitle:snc-cs3 inurl:home/
intitle:snc-rz30 inurl:home/
intitle:”sony network camera snc-p1?
intitle:”sony network camera snc-
m1?
site:.viewnetcam.com -
www.viewnetcam.com
intitle:”Toshiba Network Camera”
user login
intitle:”netcam live
image” (disconnected)
intitle:”i-Catcher Console – Web
Monitor”
Enjoy hacking cam!!!
a sub-section of a Hacking
Technique known as “Google
Hacking”. All what we are looking at
are unsecured cams from around
the world that are interfaced with
the internet. So how do you find
such cameras. Just google these
following strings and select any
result. Whoa, you can see a (LIVE
CAM) on your PC screen!! The
strings are given below:
inurl:”CgiStart?page=”
inurl:/view.shtml
intitle:”Live View / – AXIS
inurl:view/view.shtml
inurl:ViewerFrame?Mode=
inurl:ViewerFrame?Mode=Refresh
inurl:axis-cgi/jpg
inurl:axis-cgi/mjpg (motion-JPEG)
(disconnected)
inurl:view/indexFrame.shtml
inurl:view/index.shtml
inurl:view/view.shtml
liveapplet
intitle:”live view” intitle:axis
intitle:liveapplet
allintitle:”Network Camera
NetworkCamera” (disconnected)
intitle:axis intitle:”video server”
intitle:liveapplet inurl:LvAppl
intitle:”EvoCam”
inurl:”webcam.html”
intitle:”Live NetSnap Cam-Server
feed”
intitle:”Live View / – AXIS”
intitle:”Live View / – AXIS 206M”
intitle:”Live View / – AXIS 206W”
intitle:”Live View / – AXIS 210?
inurl:indexFrame.shtml Axis
inurl:”MultiCameraFrame?
Mode=Motion” (disconnected)
intitle:start inurl:cgistart
intitle:”WJ-NT104 Main Page”
intitle:snc-z20 inurl:home/
intitle:snc-cs3 inurl:home/
intitle:snc-rz30 inurl:home/
intitle:”sony network camera snc-p1?
intitle:”sony network camera snc-
m1?
site:.viewnetcam.com -
www.viewnetcam.com
intitle:”Toshiba Network Camera”
user login
intitle:”netcam live
image” (disconnected)
intitle:”i-Catcher Console – Web
Monitor”
Enjoy hacking cam!!!
Top Facebook Tips,Tricks and Hacks
...INTRO...
You might have heard about the
Konami code that makes red blurry
circles on your Facebook page. This
might be one of the most popular
Facebook hidden tricks.
...INSTRUCTIONS...
Press Up, Up, Down, Down, Left,
Right, Left, Right, B, A, Enter key
then press up & down & Magic
circles will appear!
...REMEDY...
To stop them simply reload your
page.
You might have heard about the
Konami code that makes red blurry
circles on your Facebook page. This
might be one of the most popular
Facebook hidden tricks.
...INSTRUCTIONS...
Press Up, Up, Down, Down, Left,
Right, Left, Right, B, A, Enter key
then press up & down & Magic
circles will appear!
...REMEDY...
To stop them simply reload your
page.
3 Jun 2011
Trick your webpage
..DESCRIPTION..
A simple text file edit makes sites
redirect to another. When you type
address in address bar in any
browser and enter it then it will
display another web page, for
example:- when you type
Google.com you will be redirected
to yahoo.com
..INSTRUCTIONS..
1) Go to this directory [c:\windows
\system32\drivers\etc], directory
may change according to drive
used for os installation
2) then hit enter
3) find a file named "hosts"
4) Right click on it and open with
word pad.
5) In the last link of the document
type the IP* address of yahoo space
www.Google.com (Vice versa for
other sites)
6) now save it
7) restart the browser if its already
running
8) Now try it, It works perfect
..REMEDY..
Repeat the first four
steps and remove the last line that
you have inserted and save it and
restart browser. Now its back to
normal
try this on your frieds pc and public
pc and make them blink.
A simple text file edit makes sites
redirect to another. When you type
address in address bar in any
browser and enter it then it will
display another web page, for
example:- when you type
Google.com you will be redirected
to yahoo.com
..INSTRUCTIONS..
1) Go to this directory [c:\windows
\system32\drivers\etc], directory
may change according to drive
used for os installation
2) then hit enter
3) find a file named "hosts"
4) Right click on it and open with
word pad.
5) In the last link of the document
type the IP* address of yahoo space
www.Google.com (Vice versa for
other sites)
6) now save it
7) restart the browser if its already
running
8) Now try it, It works perfect
..REMEDY..
Repeat the first four
steps and remove the last line that
you have inserted and save it and
restart browser. Now its back to
normal
try this on your frieds pc and public
pc and make them blink.
Google search tips for hacking
Google search engine can be used
to hack into remote servers or
gather confidential or sensitive
information which are not visible
through common searches.
Google is the world’s most popular
and powerful search engine. It has
the ability to accept pre-defined
commands as inputs which then
produces unbelievable results.
Google’s Advanced Search Query
Syntax
Discussed below are various
Google’s special commands and I
shall be explaining each command
in brief and will show how it can be
used for getting confidential data.
[ intitle: ]
The “intitle:” syntax helps Google
restrict the search results to pages
containing that word in the title.
intitle: login password
will return links to those pages that
has the word "login" in their title,
and the word "password"
anywhere in the page.
Similarly, if one has to query for
more than one word in the page title
then in that case“allintitle:” can be
used instead of “intitle” to get the list
of pages containing all those words
in its title.
intitle: login intitle: password
is same as
allintitle: login password
[ inurl: ]
The “inurl:” syntax restricts the
search results to those URLs
containing the search keyword. For
example:“inurl: passwd” (without
quotes) will return only links to
those pages that have "passwd" in
the URL.
Similarly, if one has to query for
more than one word in an URL then
in that case“allinurl:” can be used
instead of “inurl” to get the list of
URLs containing all those search
keywords in it.
allinurl: etc/passwd
will look for the URLs containing
“etc” and “passwd”. The slash (“/”)
between the words will be ignored
by Google.
[ site: ]
The “site:” syntax restricts Google to
query for certain keywords in a
particular site or domain.
exploits site:hackingspirits.com
will look for the keyword “exploits”
in those pages present in all the links
of the domain“hackingspirits.com”.
There should not be any space
between“site:” and the “domain
name”.
[ filetype: ]
This “filetype:” syntax restricts
Google search for files on internet
with particular extensions (i.e. doc,
pdf or ppt etc).
filetype:doc site:gov confidential
will look for files with “.doc”
extension in all government
domains with“.gov” extension and
containing the word “confidential”
either in the pages or in the “.doc”
file. i.e. the result will contain the
links to all confidential word
document files on the government
sites.
[ link: ]
“link:” syntax will list down
webpages that have links to the
specified webpage.
link:www.expertsforge.com
will list webpages that have links
pointing to the SecurityFocus
homepage. Note there can be no
space between the "link:" and the
web page url.
[ related: ]
The “related:” will list web pages that
are "similar" to a specified
web page.
related:www.expertsforge.com
will list web pages that are similar to
the Securityfocus homepage. Note
there can be no space between the
"related:" and the web page url.
[ cache: ]
The query “cache:” will show the
version of the web page that Google
has in its cache.
cache:www.hackingspirits.com
will show Google's cache of the
Google homepage. Note there can
be no space between the "cache:"
and the web page url.
If you include other words in the
query, Google will highlight those
words within the cached document.
cache:www.hackingspirits.com
guest
will show the cached content with
the word "guest" highlighted.
[ intext: ]
The “intext:” syntax searches for
words in a particular website. It
ignores links or URLs and page titles.
intext:exploits
will return only links to those web
pages that has the search keyword
"exploits" in its webpage.
[ phonebook: ]
“phonebook” searches for U.S.
street address and phone number
information.
phonebook:Lisa+CA
will list down all names of person
having“Lisa” in their names and
located in “California (CA)”. This can
be used as a great tool for hackers
incase someone want to do dig
personal information for social
engineering.
Google Hacks
Well, the Google’s query syntaxes
discussed above can really help
people to precise their search and
get what they are exactly looking
for.
Now Google being so intelligent
search engine, hackers don’t mind
exploiting its ability to dig much
confidential and secret information
from the net which they are not
supposed to know. Now I shall
discuss those techniques in details
how hackers dig information from
the net using Google and how that
information can be used to break
into remote servers.
Index Of
Using “Index of ” syntax to find sites
enabled with Index browsing
A webserver with Index browsing
enabled means anyone can browse
the webserver directories like
ordinary local directories. The use of
“index of” syntax to get a list links to
webserver which has got directory
browsing enabled will be discussd
below. This becomes an easy
source for information gathering for
a hacker. Imagine if the get hold of
password files or others sensitive
files which are not normally visible
to the internet. Below given are few
examples using which one can get
access to many sensitive
information much easily.
Index of /admin
Index of /passwd
Index of /password
Index of /mail
"Index of /" +passwd
"Index of /" +password.txt
"Index of /" +.htaccess
"Index of /secret"
"Index of /confidential"
"Index of /root"
"Index of /cgi-bin"
"Index of /credit-card"
"Index of /logs"
"Index of /config"
Looking for vulnerable sites or
servers using“inurl:” or “allinurl:”
a. Using “allinurl:winnt/
system32/” (without quotes) will list
down all the links to the server
which gives access to restricted
directories like“system32” through
web. If you are lucky enough then
you might get access to the
cmd.exe in the“system32”
directory. Once you have the access
to“cmd.exe” and is able to execute
it.
b. Using “allinurl:wwwboard/
passwd.txt”(without quotes) in the
Google search will list down all the
links to the server which are
vulnerable to“WWWBoard
Password vulnerability”. To know
more about this vulnerability you
can have a look at the following link:
http://www.securiteam.com/
exploits/2BUQ4S0SAW.html
c. Using
“inurl:.bash_history” (without
quotes) will list down all the links to
the server which gives access to
“.bash_history” file through web.
This is a command history file. This
file includes the list of command
executed by the administrator, and
sometimes includes sensitive
information such as password
typed in by the administrator. If this
file is compromised and if contains
the encrypted unix (or *nix)
password then it can be easily
cracked using“John The Ripper”.
d. Using “inurl:config.txt” (without
quotes) will list down all the links to
the servers which gives access to
“config.txt” file through web. This
file contains sensitive information,
including the hash value of the
administrative password and
database authentication credentials.
For Example: Ingenium Learning
Management System is a Web-
based application for Windows
based systems developed by
Click2learn, Inc. Ingenium Learning
Management System versions 5.1
and 6.1 stores sensitive information
insecurely in the config.txt file. For
more information refer the following
links: http://www.securiteam.com/
securitynews/6M00H2K5PG.html
Other similar search using “inurl:” or
“allinurl:” combined with other
syntax
inurl:admin filetype:txt
inurl:admin filetype:db
inurl:admin filetype:cfg
inurl:mysql filetype:cfg
inurl:passwd filetype:txt
inurl:iisadmin
inurl:auth_user_file.txt
inurl:orders.txt
inurl:"wwwroot/*."
inurl:adpassword.txt
inurl:webeditor.php
inurl:file_upload.php
inurl:gov filetype:xls "restricted"
index of ftp +.mdb allinurl:/cgi-bin/
+mailto
Looking for vulnerable sites or
servers using“intitle:” or “allintitle:”
a. Using [allintitle: "index of /root”]
(without brackets) will list down the
links to the web server which gives
access to restricted directories like
“root” through web. This directory
sometimes contains sensitive
information which can be easily
retrieved through simple web
requests.
b. Using [allintitle: "index of /admin”]
(without brackets) will list down the
links to the websites which has got
index browsing enabled for
restricted directories like“admin”
through web. Most of the web
application sometimes uses names
like“admin” to store admin
credentials in it. This directory
sometimes contains sensitive
information which can be easily
retrieved through simple web
requests.
Other similar search using “intitle:”
or “allintitle:” combined with other
syntax
intitle:"Index of" .sh_history
intitle:"Index of" .bash_history
intitle:"index of" passwd
intitle:"index of" people.lst
intitle:"index of" pwd.db
intitle:"index of" etc/shadow
intitle:"index of" spwd
intitle:"index of" master.passwd
intitle:"index of" htpasswd
intitle:"index of" members OR
accounts
intitle:"index of" user_carts OR
user_cart
allintitle: sensitive filetype:doc
allintitle: restricted filetype :mail
allintitle: restricted filetype:doc
site:gov
Other interesting Search Queries
· To search for sites vulnerable to
Cross-Sites Scripting (XSS) attacks:
allinurl:/scripts/cart32.exe
allinurl:/CuteNews/
show_archives.php
allinurl:/phpinfo.php
· To search for sites vulnerable to
SQL Injection attacks:
allinurl:/privmsg.php
allinurl:/privmsg.php
to hack into remote servers or
gather confidential or sensitive
information which are not visible
through common searches.
Google is the world’s most popular
and powerful search engine. It has
the ability to accept pre-defined
commands as inputs which then
produces unbelievable results.
Google’s Advanced Search Query
Syntax
Discussed below are various
Google’s special commands and I
shall be explaining each command
in brief and will show how it can be
used for getting confidential data.
[ intitle: ]
The “intitle:” syntax helps Google
restrict the search results to pages
containing that word in the title.
intitle: login password
will return links to those pages that
has the word "login" in their title,
and the word "password"
anywhere in the page.
Similarly, if one has to query for
more than one word in the page title
then in that case“allintitle:” can be
used instead of “intitle” to get the list
of pages containing all those words
in its title.
intitle: login intitle: password
is same as
allintitle: login password
[ inurl: ]
The “inurl:” syntax restricts the
search results to those URLs
containing the search keyword. For
example:“inurl: passwd” (without
quotes) will return only links to
those pages that have "passwd" in
the URL.
Similarly, if one has to query for
more than one word in an URL then
in that case“allinurl:” can be used
instead of “inurl” to get the list of
URLs containing all those search
keywords in it.
allinurl: etc/passwd
will look for the URLs containing
“etc” and “passwd”. The slash (“/”)
between the words will be ignored
by Google.
[ site: ]
The “site:” syntax restricts Google to
query for certain keywords in a
particular site or domain.
exploits site:hackingspirits.com
will look for the keyword “exploits”
in those pages present in all the links
of the domain“hackingspirits.com”.
There should not be any space
between“site:” and the “domain
name”.
[ filetype: ]
This “filetype:” syntax restricts
Google search for files on internet
with particular extensions (i.e. doc,
pdf or ppt etc).
filetype:doc site:gov confidential
will look for files with “.doc”
extension in all government
domains with“.gov” extension and
containing the word “confidential”
either in the pages or in the “.doc”
file. i.e. the result will contain the
links to all confidential word
document files on the government
sites.
[ link: ]
“link:” syntax will list down
webpages that have links to the
specified webpage.
link:www.expertsforge.com
will list webpages that have links
pointing to the SecurityFocus
homepage. Note there can be no
space between the "link:" and the
web page url.
[ related: ]
The “related:” will list web pages that
are "similar" to a specified
web page.
related:www.expertsforge.com
will list web pages that are similar to
the Securityfocus homepage. Note
there can be no space between the
"related:" and the web page url.
[ cache: ]
The query “cache:” will show the
version of the web page that Google
has in its cache.
cache:www.hackingspirits.com
will show Google's cache of the
Google homepage. Note there can
be no space between the "cache:"
and the web page url.
If you include other words in the
query, Google will highlight those
words within the cached document.
cache:www.hackingspirits.com
guest
will show the cached content with
the word "guest" highlighted.
[ intext: ]
The “intext:” syntax searches for
words in a particular website. It
ignores links or URLs and page titles.
intext:exploits
will return only links to those web
pages that has the search keyword
"exploits" in its webpage.
[ phonebook: ]
“phonebook” searches for U.S.
street address and phone number
information.
phonebook:Lisa+CA
will list down all names of person
having“Lisa” in their names and
located in “California (CA)”. This can
be used as a great tool for hackers
incase someone want to do dig
personal information for social
engineering.
Google Hacks
Well, the Google’s query syntaxes
discussed above can really help
people to precise their search and
get what they are exactly looking
for.
Now Google being so intelligent
search engine, hackers don’t mind
exploiting its ability to dig much
confidential and secret information
from the net which they are not
supposed to know. Now I shall
discuss those techniques in details
how hackers dig information from
the net using Google and how that
information can be used to break
into remote servers.
Index Of
Using “Index of ” syntax to find sites
enabled with Index browsing
A webserver with Index browsing
enabled means anyone can browse
the webserver directories like
ordinary local directories. The use of
“index of” syntax to get a list links to
webserver which has got directory
browsing enabled will be discussd
below. This becomes an easy
source for information gathering for
a hacker. Imagine if the get hold of
password files or others sensitive
files which are not normally visible
to the internet. Below given are few
examples using which one can get
access to many sensitive
information much easily.
Index of /admin
Index of /passwd
Index of /password
Index of /mail
"Index of /" +passwd
"Index of /" +password.txt
"Index of /" +.htaccess
"Index of /secret"
"Index of /confidential"
"Index of /root"
"Index of /cgi-bin"
"Index of /credit-card"
"Index of /logs"
"Index of /config"
Looking for vulnerable sites or
servers using“inurl:” or “allinurl:”
a. Using “allinurl:winnt/
system32/” (without quotes) will list
down all the links to the server
which gives access to restricted
directories like“system32” through
web. If you are lucky enough then
you might get access to the
cmd.exe in the“system32”
directory. Once you have the access
to“cmd.exe” and is able to execute
it.
b. Using “allinurl:wwwboard/
passwd.txt”(without quotes) in the
Google search will list down all the
links to the server which are
vulnerable to“WWWBoard
Password vulnerability”. To know
more about this vulnerability you
can have a look at the following link:
http://www.securiteam.com/
exploits/2BUQ4S0SAW.html
c. Using
“inurl:.bash_history” (without
quotes) will list down all the links to
the server which gives access to
“.bash_history” file through web.
This is a command history file. This
file includes the list of command
executed by the administrator, and
sometimes includes sensitive
information such as password
typed in by the administrator. If this
file is compromised and if contains
the encrypted unix (or *nix)
password then it can be easily
cracked using“John The Ripper”.
d. Using “inurl:config.txt” (without
quotes) will list down all the links to
the servers which gives access to
“config.txt” file through web. This
file contains sensitive information,
including the hash value of the
administrative password and
database authentication credentials.
For Example: Ingenium Learning
Management System is a Web-
based application for Windows
based systems developed by
Click2learn, Inc. Ingenium Learning
Management System versions 5.1
and 6.1 stores sensitive information
insecurely in the config.txt file. For
more information refer the following
links: http://www.securiteam.com/
securitynews/6M00H2K5PG.html
Other similar search using “inurl:” or
“allinurl:” combined with other
syntax
inurl:admin filetype:txt
inurl:admin filetype:db
inurl:admin filetype:cfg
inurl:mysql filetype:cfg
inurl:passwd filetype:txt
inurl:iisadmin
inurl:auth_user_file.txt
inurl:orders.txt
inurl:"wwwroot/*."
inurl:adpassword.txt
inurl:webeditor.php
inurl:file_upload.php
inurl:gov filetype:xls "restricted"
index of ftp +.mdb allinurl:/cgi-bin/
+mailto
Looking for vulnerable sites or
servers using“intitle:” or “allintitle:”
a. Using [allintitle: "index of /root”]
(without brackets) will list down the
links to the web server which gives
access to restricted directories like
“root” through web. This directory
sometimes contains sensitive
information which can be easily
retrieved through simple web
requests.
b. Using [allintitle: "index of /admin”]
(without brackets) will list down the
links to the websites which has got
index browsing enabled for
restricted directories like“admin”
through web. Most of the web
application sometimes uses names
like“admin” to store admin
credentials in it. This directory
sometimes contains sensitive
information which can be easily
retrieved through simple web
requests.
Other similar search using “intitle:”
or “allintitle:” combined with other
syntax
intitle:"Index of" .sh_history
intitle:"Index of" .bash_history
intitle:"index of" passwd
intitle:"index of" people.lst
intitle:"index of" pwd.db
intitle:"index of" etc/shadow
intitle:"index of" spwd
intitle:"index of" master.passwd
intitle:"index of" htpasswd
intitle:"index of" members OR
accounts
intitle:"index of" user_carts OR
user_cart
allintitle: sensitive filetype:doc
allintitle: restricted filetype :mail
allintitle: restricted filetype:doc
site:gov
Other interesting Search Queries
· To search for sites vulnerable to
Cross-Sites Scripting (XSS) attacks:
allinurl:/scripts/cart32.exe
allinurl:/CuteNews/
show_archives.php
allinurl:/phpinfo.php
· To search for sites vulnerable to
SQL Injection attacks:
allinurl:/privmsg.php
allinurl:/privmsg.php
All Keyboard Shortcuts
List of F1-F9 Key Commands for the
Command Prompt
F1 / right arrow: Repeats the letters
of the last command line, one by
one.
F2: Displays a dialog asking user to
"enter the char to copy up to" of the
last command line
F3: Repeats the last command line
F4: Displays a dialog asking user to
"enter the char to delete up to" of
the last command line
F5: Goes back one command line
F6: Enters the traditional CTRL+Z (^z)
F7: Displays a menu with the
command line history
F8: Cycles back through previous
command lines (beginning with
most recent)
F9: Displays a dialog asking user to
enter a command number, where 0
is for first command line entered.
Alt+Enter: toggle full Screen mode.
up/down: scroll thru/repeat
previous entries
Esc: delete line
Note: The buffer allows a maximum
of 50 command lines. After this
number is reached, the first line will
be replaced in sequence.
Helpful accessibility keyboard
shortcuts
Switch FilterKeys on and off. Right
SHIFT for eight seconds
Switch High Contrast on and off.
Left ALT +left SHIFT +PRINT SCREEN
Switch MouseKeys on and off. Left
ALT +left SHIFT +NUM LOCK
Switch StickyKeys on and off. SHIFT
five times
Switch ToggleKeys on and off. NUM
LOCK for five seconds.
Command Prompt
F1 / right arrow: Repeats the letters
of the last command line, one by
one.
F2: Displays a dialog asking user to
"enter the char to copy up to" of the
last command line
F3: Repeats the last command line
F4: Displays a dialog asking user to
"enter the char to delete up to" of
the last command line
F5: Goes back one command line
F6: Enters the traditional CTRL+Z (^z)
F7: Displays a menu with the
command line history
F8: Cycles back through previous
command lines (beginning with
most recent)
F9: Displays a dialog asking user to
enter a command number, where 0
is for first command line entered.
Alt+Enter: toggle full Screen mode.
up/down: scroll thru/repeat
previous entries
Esc: delete line
Note: The buffer allows a maximum
of 50 command lines. After this
number is reached, the first line will
be replaced in sequence.
Helpful accessibility keyboard
shortcuts
Switch FilterKeys on and off. Right
SHIFT for eight seconds
Switch High Contrast on and off.
Left ALT +left SHIFT +PRINT SCREEN
Switch MouseKeys on and off. Left
ALT +left SHIFT +NUM LOCK
Switch StickyKeys on and off. SHIFT
five times
Switch ToggleKeys on and off. NUM
LOCK for five seconds.
How to create a virus to crash your p.c(Fork Bomb)
..DESCRIPTION..
This 'virus' creates a series of processes which gradually multiplies to fill up your RAM and thus crashing your P.C in minutes
..PROCEDURES..
1. Open your Notepad;
2. Type or copy and paste %0|%0 into your notepad.
3. save it with any name and with .bat extension (e.g fork.bat).
4. Save your 'VIRUS'.
5. Double click the file to execute.
Your system MUST crash within minutes!
..REMEDY..
1. After opening the file.
2. Go to TaskManager-processes. Right click on fork.bat (or the name you used to save your virus) and terminate the process.
This 'virus' creates a series of processes which gradually multiplies to fill up your RAM and thus crashing your P.C in minutes
..PROCEDURES..
1. Open your Notepad;
2. Type or copy and paste %0|%0 into your notepad.
3. save it with any name and with .bat extension (e.g fork.bat).
4. Save your 'VIRUS'.
5. Double click the file to execute.
Your system MUST crash within minutes!
..REMEDY..
1. After opening the file.
2. Go to TaskManager-processes. Right click on fork.bat (or the name you used to save your virus) and terminate the process.
Subscribe to:
Comments (Atom)