Monday, January 31, 2011

Know More About Secure Sockets Layer (SSL)



Secure Sockets Layer (SSL) is the most widely used technology for providing a secure communication between the web client and the web server. Most of us are familiar with many sites such as Gmail, Yahoo etc. using https protocol in their login pages. When we see this, we may wonder what’s the difference between http and https. In simple words HTTP protocol is used for standard communication between the Web server and the client. HTTPS is used for a SECURE communication.

What exactly is Secure Communication ?

Suppose there exists two communication parties A (client) and B (server).
Working of HTTP
When A sends a message to B, the message is sent as a plain text in an unencrypted manner. This is acceptable in normal situations where the messages exchanged are not confidential. But imagine a situation where A sends a PASSWORD to B. In this case, the password is also sent as a plain text. This has a serious security problem because, if an intruder (hacker) can gain unauthorised access to the ongoing communication between Aand B , he can see the PASSWORDS since they remain unencrypted. This scenario is illustrated using the following figure

Now lets see the working of HTTPS
When A sends a PASSWORD (say “mypass“) to B, the message is sent in an encrypted format. The encrypted message is decrypted on B‘s side. So even if the Hacker gains an unauthorised access to the ongoing communication between A and he gets only the encrypted password (“xz54p6kd“) and not the original password. This is shown below

How is HTTPS implemented ?

HTTPS is implemented using Secure Sockets Layer (SSL). A website can implement HTTPS by purchasing an SSL Certificate. Secure Sockets Layer (SSL) technology protects a Web site and makes it easy for the Web site visitors to trust it. It has the following uses
  1. An SSL Certificate enables encryption of sensitive information during online transactions.
  2. Each SSL Certificate contains unique, authenticated information about the certificate owner.
  3. A Certificate Authority verifies the identity of the certificate owner when it is issued.
How Encryption Works ?
Each SSL Certificate consists of a Public key and a Private key. The public key is used to encrypt the information and the private key is used to decrypt it. When your browser connects to a secure domain, the server sends a Public key to the browser to perform the encryption. The public key is made available to every one but the private key(used for decryption) is kept secret. So during a secure communication, the browser encrypts the message using the public key and sends it to the server. The message is decrypted on the server side using the Private key(Secret key).
How to identify a Secure Connection ?
In Internet Explorer, you will see a lock icon Picture of the Lock icon in the Security Status bar. The Security Status bar is located on the right side of the Address bar. You can click the lock to view the identity of the website.
In high-security browsers, the authenticated organization name is prominently displayed and the address bar turns GREEN when an Extended Validation SSL Certificate is detected. If the information does not match or the certificate has expired, the browser displays an error message or warning and the status bar may turn RED.
So the bottom line is, whenever you perform an online transaction such as Credit card payment, Bank login or Email login always ensure that you have a secure communication. A secure communication is a must in these situations. Otherwise there are chances of Phishing using a Fake login Page.

Tuesday, January 25, 2011

What is MD5 Hash and How to Use it?



In this post I will explain you about one of my favorite and interesting cryptographic algorithm called MD5 (Message-Digest algorithm 5). This algorithm is mainly used to perform file integrity checks under most circumstances. Here I will not jump into the technical aspects of this algorithm, rather will tell you about how to make use of this algorithm in your daily life. Before I tell you about how to use MD5, I would like to share one of my recent experience which made me start using MD5 algorithm.
Recently I made some significant changes and updates to my website and as obvious I generated a complete backup of the site on my server. I downloaded this backup onto my PC and deleted the original one on the server. But after a few days something went wrong and I wanted to restore the backup that I downloaded. When I tried to restore the backup I was shocked! The backup file that I used to restore was corrupted. That means, the backup file that I downloaded onto my PC wasn’t exactly the one that was on my server. The reason is that there occured some data loss during the download process. Yes, this data loss can happen often when a file is downloaded from the Internet. The file can be corrupted due to any of the following reasons.
  • Data loss during the download process, due to instability in the Internet connection/server
  • The file can be tampered due to virus infections or
  • Due to Hacker attacks
So whenever you download any valuable data from the Internet it is completely necessary that you check the integrity of the downloaded file. That is you need to ensure that the downloaded file is exactly the same as that of the original one. In this scenario the MD5 hash can become handy. All you have to do is generate MD5 hash (or MD5 check-sum) for the intended file on your server. After you download the file onto your PC, again generate MD5 hash for the downloaded file. Compare these two hashes and if it matches then it means that the file is downloaded perfectly without any data loss.
A MD5 hash is nothing but a 32 digit hexadicimal number which can be something as follows
A Sample MD5 Hash
e4d909c290d0fb1ca068ffaddf22cbd0
This hash is unique for every file irrespective of it’s size and type. That means two .exe files with the same size will not have the same MD5 hash even though they are of same type and size. So MD5 hash can be used to uniquely identify a file. 

How to use MD5 Hash to check the Integrity of Files?

Suppose you have a file called backup.tar on your server. Before you download, you need to generate MD5 hash for this file on your server. To do so use the following command.
For UNIX:
md5sum backup.tar
When you hit ENTER you’ll see something as follows
e4d909c290d0fb1ca068ffaddf22cbd0
This is the MD5 hash for the file backup.tar. After you download this file onto your PC, you can cross check it’s integrity by again re-generating MD5 hash for the downloaded file. If both the hash matches then it means that the file is perfect. Otherwise it means that the file is corrupt. To generate the MD5 hash for the downloaded file on your Windows PC use the following freeware tool
MD5 Summer (Click on the link to download)

Saturday, January 22, 2011

Reverse A Phisher Program

Step 1 -Head to http://reflector.red-gate.com/Download.aspx and download .NET reflector
Step 2 - Run .NET reflector



 

Step 3 - Download the phisher you want to reverse
Step 4 - Go into your Downloads folder and grab your phisher into .NET Reflector



 

Step 5 - expand your phisher


 

Step 6 - Open the one that is the name of the file, not the ".MY", ".MY.RESOURCES", or "-" or "references"


 

Step 7 - Theirs usually a form1, expand it


 

Step 8 - Look for button1_click, or something very similar, it's usually near the top, right click it and click 
"Disassemble"


 

Step 9 - Now look for Network credentials, and you have the email info



Step 10 - Go to the email, check the inbox
 

[How to find phishers on youtube]
 
What to search for

MapleStory:
 
Meso Generator

NX Generator 

Rapidshare:
Point Generator

XBL:
 
Xboxlive generator
Points Generator

RuneScape:
 
Item generator
Gold Generator
Skill Changer

Thursday, January 20, 2011

Download Free WebProxy Trojen Creator V.1.2

W3bPr0xy Tr0j4n Creator V.1.2 By fLaSh
This tool create a fully proxy trojan to use as private proxy..
The trojan has just only about 47kb (no icon)!
Coded by me with VB.NET and C# (.net framework v.2)

Features:
-Fully proxy server trojan with Hijacking EXE with embebbed the trojan;
-Supports multi-listening ports;
-Supports multi-connections from various clients (multi-thread system);
-Supports cookies;
-Supports SSL;
-Report IP/Ports to mail of the trojan owner.
-Assembly Manipulation(version info, change icon, etc..);
-Trojan compressed binary (anti-embebbed detection AV);
-Etc..

Screen Shots:


Download Link:
http://rapidshare.com/files/21358005...0j4n_v.1.2.rar

Video torturial:
http://rapidshare.com/files/21397609...0j4n_v.1.2.wmv

Tuesday, January 18, 2011

Download Free Core Impact v7.5 Cracked


Download Free Core Impact v7.5 Cracked
With the addition of web application testing to its comprehensive network and end-user security testing capabilities, CORE IMPACT v7.5 now enables users to safely assess an organization´s security posture against the top three attack methods that jeopardize data today: penetration of network defenses through server vulnerabilities, deception of end users through social engineering attacks, and manipulation of web applications to access backend data.

The product´s unified interface provides a consistent methodology for replicating data breach attempts that spread among these attack vectors. Only IMPACT allows users to test information security in such an integrated, comprehensive, in-depth and seamless fashion.

Key new features in CORE IMPACT v7.5 include:

New Web Application Rapid Penetration Test (RPT) reduces time and experience required to test web application security
Through a series of step-by-step wizards, IMPACT streamlines the testing of web applications by automating tasks that would traditionally require significant time, effort and expertise to perform. IMPACT v7.5 extends the product’s proven RPT methodology with new Information Gathering and Attack and Penetration stages specifically designed to test web applications. The new Information Gathering stage crawls a website to identify pages to be tested, and the Attack and Penetration stage leverages dynamically created exploits to test the security of both custom and out-of-the-box
web applications.

Two new reports identify exposure to web application attacks and assist with remediation and
compliance activities
The Web Application Executive Report and the Web Application Vulnerability Report help developers and security professionals to identify and resolve web application security weaknesses. The Web Application Vulnerability Report provides detailed information about vulnerable fields and other paths of attack revealed during the testing process, identifying exactly which parts of the exposed application require development changes or other security fixes. The Web Application Executive Report provides a high-level summary of tested web applications and results to inform management of test results and to justify remediation resource requirements.

Dynamically produced exploits test custom and customized web applications
Because most web applications are either created in-house or purchased and then heavily customized, testing them for security vulnerabilities requires the creation of custom exploits. CORE IMPACT v7.5 first analyzes web applications for weaknesses and then leverages the results to dynamically create exploits that leverage real-world attack techniques – replicating the actions of an actual hacker.
When CORE IMPACT v7.5 discovers an exploitable vulnerability in a Web Application, it records the successful attack technique as a Remote File Inclusion (RFI) Agent or a SQL Agent (as applicable). The new agents allow testers to repeatedly take advantage of found vulnerabilities without having to manually manipulate the target web applications or running any code on vulnerable servers. This is done without writing code to the targeted web application server.

New Remote File Inclusion (RFI) Agent emulates attacks against PHP applications
The RFI Agent allows testers to demonstrate the consequences of a successful remote file inclusion attack by interacting with compromised PHP applications to:

Open a PHP Console – enables the tester to interact with the web application and server using PHP commands; provides direct access to backend databases and programs associated with the
web application
Open a Command Shell – enables the tester to run operating system commands on the web server
Install an IMPACT Network Agent – replicates multistaged attacks by leveraging the compromised web server as a beachhead from which to test other network systems against exploits for OS and services vulnerabilities

New SQL Agent assesses risks to backend databases
The SQL Agent allows testers to demonstrate the consequences of a successful SQL injection inclusion attack by interacting with compromised applications to:

Get Database Logins – provides a list of accounts that can access the database
Get Database Schema – retrieves the complete schema from the database, including all tables and rows
SQL Console – allows the tester to directly interact with the
SQL database
Get Database Version – retrieves the specific version information about the database that has been exposed.

http://rapidshare.com/files/247132816/CI7.rar

Crack with Immunity Debugger and Sheriff Key Generator:

Code:
http://www.sheriff-software.com/download.asp

..........................................................................................................................................................

Sunday, January 16, 2011

How to hack websites using Auto SQL I Helper V.2.7 - with images

"SQL I Helper V.2.7" tool.
At the beginning "SQLI HelperV.2.7" is a tool that can hack vulnerable websites using SQL injection. You don't have to spend hours and hours trying to find your way in a website and trying hundreds of combination's and codes to hack a website.
This tool will do it all by itself. You only have to tell it what to do.
You can download it from here: Download Link: (this should link to reiluke.i.ph and nowhere else!)
http://reiluke.i.ph/blogs/reiluke/20...download-link/

And
Download Video Tutorial Here
Lets start.
First you need to find the potential website that you think it might be possible to hack it. Remember that some websites are simply unhackable.
After you find your website ( better to end with "article.php?id=[number]" ) example: "http://encycl.anthropology.ru/article.php?id=1"

I will explain my tut on how to hack this website.

Check if your website can be hacked by trying to go this address :
http://encycl.anthropology.ru/article.php?id='1 <------ notice the ' before the number 1.

you should get this message:
Code:
Query failedYou have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'1 ORDER BY lastname' at line 1 SELECT * FROM person_old WHERE id=\'1 ORDER BY lastname

This mean that this website can be hacked because you get an error.

Now open your SQL I Helper V.2.7
and write the link :
http://encycl.anthropology.ru/article.php?id=1 <---- without the '
here
[Image: 2n8wtow.jpg]

and press the inject button.

Now you should wait until the tool finish searching for columns . Time may vary depending on your connection speed , your pc speed , and the number of columns in the website.
So now you should have this:
[Image: 15xvl2v.jpg]

then select "Get database" and you get this:
http://i40.tinypic.com/znq9tz.jpg

Now select any element from the "database name" box and press the "Get tables" button , I will select "anthropo_encycl":
[Image:  668zs6.jpg]


then select any element from the "table name" box and press the "Get columns" button , I will select "user":
[Image: 24e3vyo.jpg]

then select any elements you want from the "columns name" box and press "Dump Now" , i will select "usr_login" and "usr_pass"
[Image: 2vb4ndj.jpg]

After clicking "Dump Now" , you should see this new window
[Image:  fxwj2p.jpg]

Now copy the hash on a peace of paper and go to this website:
http://www.md5crack.com/

enter the hash and press the button "Crack that hash baby!" and you should get the source of the hash.
hash:21232f297a57a5a743894a0e4a801fc3
username: admin

hash:202cb962ac59075b964b07152d234b70
Password: 123
......................................................

Wednesday, January 12, 2011

Recover windows xp after virus attack

Hello guys , as we all know nowadays virus attacks are very common and we have to have lot of problems because of viruses like task manager does not opens,folder options missing, registry has been disabled by administrator,cannot find dll and so on. These are very common problems and can happen with any of us so we must know to fix these problems without formatting your windows XP. Most of the virus infects your basic programs i.e task manager,registry,group policy editor,boot up,folder properties etc. Today i will tell how to Fix windows Xp after virus attack in this article. So guys read on...
          
software,tool,hack tool,fix windows


There are several free tool in the market that can help you to fix your windows xp after virus attacks but i always come with complete package. Don't worry friends its also a free tool but using this you can recover almost everywindows services and functionality within few seconds and that's also without formatting. Why i am telling all this is because we must know how to recover along with how to hack and hacking...

The features of the tool that i have discussed above is called QUICK FIX.
Quick fix is really an outstanding tool. Its an complete solution of a to z windows XP problems. You can recover back from all types of virus attacks using this tool.

Below are some Important Features:
1. Enable Task Manager
2. Enable Registry
3. Enable Folder Options
4. Restore missing run dialog
5. Enable Command Prompt(cmd)
6. Stop My Documents to open at start up
7. Restore Device manager.
8. Fix Delay at start up.
9 Fix Recovery Console
and much more....

So Guys why are you waiting Download Quick Fix and Fix your windows problems wasily in a single click..


DOWNLOAD QUICK FIX:

Tuesday, January 11, 2011

How To hack facebook password Via Keylogger

Hello friends today i will explain you how to hack the Facebook password or accounts remotely usingkeylogger. Its a 100% working hack and you can easily hack anyone's Facebook account or password using this hack. In this tutorial i will explain you how to hack Facebook and other passwords of any user using 100% FUD keylogger. The keylogger in this tutorial we will discuss is L33ts keylogger and its 100% FUD(fully undetectable).

Hacking Facebook account is very easy and just requires not more than 10 minutes of work. Don't worry i will also tell you how to protect your facebook account or passwords from such hacks and hackers. But for this you must know how hackers hack your facebook account. So first i teach you how to hack facebook account remotely and then i will tell how to protect yourself from this.

NOTE: This tutorial is for Educational purposes only i.e. to make you aware how hackers hack your Facebook accounts. Please don't misuse it. I am not responsible for any damage caused by you. 
 So guys lets start hacking Facebook account or passwords....
Steps to hack Facebook account using Keylogger:
1. Creating the Keylogger Server to hack Facebook passwords.
2. Extracting the Icon from installer.
3. Bind the keylogger server with any software setup.
4. How to spread your keylogger or send it to your friends to hack their Facebook accounts or passwords.


Step 1. Creating the Keylogger Server
1. Download the keylogger.
2. Extract the file, Now you will get two folders:
a. First one contains Keylogger and Binder
b. Second Contains resource hacker tool.( to extract the icons from installers).

3. Now open the Keylogger. It contains two files one for gmail email and other for password. For this create one test account on Gmail and enter it's details in this.

hack facebook password,how to hack facebook,how to hack a facebook account

4. After entering email and password. Set the time interval usually set 3 mins i.e. after how much time you want to receive logs from the user.
5. Now click on send verification mail. This mail is to test that your keylogger is working correctly or not.
6. After you click this you will receive a confirmation mail on test account which will confirm that keylogger is working.
7. Now click on generate to set the mutex (any secret key to make your keylogger FUD) and then click on compile server.
8. Now save the file to desktop or any other location of your choice. Now your server is ready but it can be easily detected.


Step 2.: Extracting the Icon file from any installer(resource hacker)
1. Open the Resource hacker folder and open the reshacker file.
2. Now go to its menu and open any setup file. Suppose we want to attach our keylogger to Ccleaner setup file. So open the Ccleaner setup with resource hacker. 
3. Now in menu there is one action button click on it and then click save all resources.

how to hack facebook passwords,facebook hack, how to hack into someones facebook


4. Now save all the resources to desktop or any other location of your choice.
5. It consists of two files one is icon file and other is res file . We only need icon file, so you can delete the other file i.e res file.
6. Now we have Icon of installer file(as discussed above Ccleaner setup Icon).


Step 3: Bind the Keylogger server with any software
1. Now Go to keylogger folder and open the Binder.
2. Now Click on + button given below to add files.
3. Now add the keylogger server and the set up of software (i.e. in our case it's Ccleaner setup).
4. Now in menu of Binder, Go to Settings. There select the icon that we have generated in the previous step and set the location of output file as shown in figure.

facebook password hack,how to hack someones facebook,facebook password hacker,facebook hacking


5. Now again go to File's menu in Binder and click on Bind files.
6. Now your Binded keylogger is ready. Now you have to spread it or send it to the victim that is your friend.


Step4 : How to Spread Keylogger or send it to victim or friend
1. Now you have one Software setup file with keylogger attached with it.(In our case we have Ccleaner setup with keylogger attached with it.
2. Now Spread your keylogger through forums. You might be a member of various forums use them to spread your keylogger in form of software posts. You can use various software's to spread them that users frequently download.
3. Spread it through pendrives or USB hard drives. Suppose a friend asked you for a software give it the software that has keylogger attached with it. 
Note: you can also attach keylogger with images also. But that can be detectable by antivirus. So avoid such type of hacking.
So isn't that so easy to hack anyone's Facebook account in just few minutes. 

How to protect yourself from these hacks?
Prevention is always better than cure so always follow these steps:
1. Don't use cracked softwares and don't download them from unauthorized websites.
2. Always keep your antivirus and anti-spyware up to date.
3. Always scan the files before transferring them to your USB.
4. Do not allow other users to use your PC i.e password protect it.

Monday, January 10, 2011

Hack Computers Inside LAN Network

Today,I will write about hacking computer inside the LAN network.

This technique will be taking advantage of Port 139.

Most of the time,Port 139 will be opened.

First of all,I will do a port scanning at the target computer which is 192.168.40.128.

This computer is inside my LAN network.

I will scan it using Nmap.

[Image: 1_13.jpg]

I get the result and it shows Port 139 is opened up for me.

Now you will need both of these tools:
** USER2SID & SID2USER
** NetBios Auditing Tool

You can get both of them on the Internet.

After you get both of them,put them in the C:\ directory.

[Image: 2_1.jpg]

You now need to create a null session to the target computer.

[Image: 3_3.jpg]

Now open the Command Prompt and browse to the USER2SID & SID2USER folder.There will be 2 tools inside it,one will be USER2SID and another one will be SID2USER.

We will first using USER2SID to get the ID.

[Image: 4_10.jpg]

We will test against the Guest account because Guest account is a built in account.

After we get the ID,we need to do some modification on the ID.

We take the ID we get from the guest account and modified it become 
"5 21 861567501 1383384898 839522115 500".

Please leave out the S-1-,leave out all the - too.

[Image: 5_8.jpg]

Now you will see that you get the username of the Administrator account.

In this case,the Administrator account is Administrator.

Create a text file called user.txt and the content will be the username of the Admin account.

[Image: 6.jpg]

Prepare yourself a good wordlist.

[Image: 7.jpg]

Now put both of them in the same directory with the NetBios Auditing Tool.

[Image: 8.jpg]

Now we are going to crack the Admin account for the password in order to access to the target computer.

Browse to the NetBios Auditing Tool directory.

[Image: 9_1.jpg]

Press on enter and the tool will run through the passlist.

[Image: 10.jpg]

In this case,I have get the password.

In order to proof that I can get access to the target computer using this password.

[Image: 11.jpg]

After you press enter,it will prompt you for the username and password.

[Image: 12_6.jpg]

Therefore,just input them inside the prompt and continue.

[Image: 13.jpg]

Target C drive will be on your screen.

[Image: 14.jpg]

In order to prevent from this attack,close down port that you do not want to use such as Port 135,Port 136,Port 137,Port 138 and Port 139.