SPY HUNTER

HOW TO GET SOMEONE PASSWORD

2013-10-03T12:36:00.001-07:00

Google is a treasure trove full of important information, especially for the underground world. This Potential fact can also be utilized in the data for the username and password stored on a server.

If the administrator save important data not in the complete system authentication folder, then most likely be reached by the google search engine. If data is successfully steal in by the unauthorized person, then the will be in misuse.

Here, some google search syntax to crawl the password:

1. "Login: *" "password =*" filetype: xls (searching data command to the system files that are stored in Microsoft Excel)

2. allinurl: auth_user_file.txt (to find files auth_user_file.txt containing password on server).

3. filetype: xls inurl: "password.xls" (looking for username and password in ms excel format). This command can change with admin.xls)

4. intitle: login password (get link to the login page with the login words on the title and password words anywhere. If you want to the query index more pages, type allintitle)

5. intitle: "Index of" master.passwd (index the master password page)

6. index of / backup (will search the index backup file on server)

7. intitle: index.of people.lst (will find web pages that contain user list).

8. intitle: index.of passwd.bak ( will search the index backup password files)

9. intitle: "Index of" pwd.db (searching database password files).

10. intitle: "Index of .. etc" passwd (this command will index the password sequence page).

11. index.of passlist.txt (will load the page containing password list in the clear text format).

12. index.of.secret (google will bring on the page contains confidential document). This syntax also changed with government query site: gov to search for government secret files, including password data) or use syntax: index.of.private

13. filetype: xls username password email (will find spreadsheets filese containing a list of username and password).

14. "# PhpMyAdmin MySQL-Dump" filetype: txt (will index the page containing sensitive data administration that build with php)

15. inurl: ipsec.secrets-history-bugs (contains confidential data that have only by the super user). or order with inurl: ipsec.secrets "holds shared secrets"

16. inurl: ipsec.conf-intitle: manpage (useful to find files containing important data for hacking)

17. inurl: "wvdial.conf" intext: "password" (display the dialup connection that contain phone number, username and password)

18. inurl: "user.xls" intext: "password" (showing url that save username and passwords in spread sheet files)

19. filetype: ldb admin (web server will look for the store password in a database that dos not delete by googledork)

20.inurl: search / admin.php (will look for php web page for admin login). If you are lucky, you will find admin configuration page to create a new user.

21. inurl: password.log filetype:log (this keyword is to search for log files in a specific url)

22. filetype: reg HKEY_CURRENT_USER username (this keyword used to look for reg files (registyry) to the path HCU (Hkey_Current_User))

Here, some of the other syntax google that we need to look for confidential data :

"Http://username: password @ www ..." filetype: bak inurl: "htaccess | passwd | shadow | ht users"
(this command is to take the user names and passwords for backup files)

filetype:mdb inurl:”account|users|admin|administrators|passwd|password” mdb files (this command is to take the password information)

filetype:ini ws_ftp pwd (searching admin password with ws_ftp.ini file)

intitle: "Index of" pwd.db (searching the encrypted usernames and passwords)

inurl:admin inurl:backup intitle:index.of (searching directories whose names contain the words admin and backup)

“Index of/” “Parent Directory” “WS _ FTP.ini” filetype:ini WS _ FTP PWD (WS_FTP configuration files is to take FTP server access passwords)

ext:pwd inurl:(service|authors|administrators|users) “# -FrontPage-” (there is Microsoft FrontPage passwords)

filetype: sql ( "passwd values ****" |" password values ****" | "pass values ****") searching a SQL code and passwords stored in the database)

intitle:index.of trillian.ini (configuration files for the Trillian IM)

eggdrop filetype:user (user configuration files for the Eggdrop ircbot)

filetype:conf slapd.conf (configuration files for OpenLDAP)

inurl:”wvdial.conf” intext:”password” (configuration files for WV Dial)

ext:ini eudora.ini (configuration files for the Eudora mail client)

filetype: mdb inurl: users.mdb (potentially to take user account information with Microsoft Access files)

intext:”powered by Web Wiz Journal” (websites using Web Wiz Journal, which in its standard configuration allows access to the passwords file – just enter http:///journal/journal.mdb instead of the default http:///journal/)

“Powered by DUclassified” -site:duware.com "Powered by DUclassified"-site: duware.com
“Powered by DUcalendar” -site:duware.com "Powered by DUcalendar"-site: duware.com
“Powered by DUdirectory” -site:duware.com "Powered by DUdirectory"-site: duware.com
“Powered by DUclassmate” -site:duware.com "Powered by DUclassmate"-site: duware.com
“Powered by DUdownload” -site:duware.com "Powered by DUdownload"-site: duware.com
“Powered by DUpaypal” -site:duware.com "Powered by DUpaypal"-site: duware.com
“Powered by DUforum” -site:duware.com "Powered by DUforum"-site: duware.com
intitle:dupics inurl:(add.asp | default.asp |view.asp | voting.asp) -site:duware.com (websites that use DUclassified, DUcalendar, DUdirectory, DUclassmate, DUdownload, DUpaypal, DUforum or DUpics applications, by default allows us to retrieve passwords file)

To DUclassified, just visit http:///duClassified/ _private / duclassified.mdb
or http:///duClassified/ or http:///duClassified/

intext: "BiTBOARD v2.0" "BiTSHiFTERS Bulletin Board" (Bitboard2 use the website bulletin board, the default settings make it possible to retrieve the passwords files to be obtained with the ways http:///forum/admin/data _ passwd.dat
or http:///forum/forum.php) or http:///forum/forum.php)

Searching for specific documents :

filetype: xls inurl: "email.xls" (potentially to take the information contact)

“phone * * *” “address *” “e-mail” intitle:”curriculum vitae”
CVs "not for distribution" (confidential documents containing the confidential clause
buddylist.blt)

AIM contacts list AIM contacts list

intitle:index.of mystuff.xml intitle: index.of mystuff.xml

Trillian IM contacts list Trillian IM contacts list

filetype:ctt “msn” filetype: Note "msn"

MSN contacts list MSN contacts list

filetype:QDF (QDF database files for the Quicken financial application)

intitle: index.of finances.xls (finances.xls files, potentially to take information on bank accounts, financial Summaries and credit card numbers)

intitle: "Index Of"-inurl: maillog (potentially to retrieve e-mail account)

Our Partner Site:

Visit https://www.faadoocoupons.com

2013-09-28T10:14:00.000-07:00

View or Hack Unprotected Live Cameras Using Google

21:13 Posted by Nakib Momin
Labels: GOOGLE TRICKS, HACKING

In this tutorial i will teach you to hack or view unprotected cam using a simple google trick. Using this trick you can see live view of streets in china or america. Inner view of some office and lot more. Lets dive into it.

How To View Unprotected Cam ?

1. Go to Google and search for "inurl:view/view.shtml" (without quote).

2. Now open any of the link from the search result and enjoy.
3. Below is the list of google dork you can use to see more cams.

List Of Google Dork

inurl:/view.shtml
intitle:”Live View / - AXIS” | inurl:view/view.shtml^
inurl:ViewerFrame?Mode=
inurl:ViewerFrame?Mode=Refresh
inurl:axis-cgi/jpg
inurl:axis-cgi/mjpg (motion-JPEG)
inurl:view/indexFrame.shtml
inurl:view/index.shtml
inurl:view/view.shtml
intitle:start inurl:cgistart
intitle:”live view” intitle:axis
liveapplet
intitle:snc-z20 inurl:home/
intitle:liveapplet
intitle:”i-Catcher Console - Web Monitor”
intitle:axis intitle:”video server”
intitle:liveapplet inurl:LvAppl
intitle:”EvoCam” inurl:”webcam.html”
intitle:”Live NetSnap Cam-Server feed”
intitle:”Live View / - AXIS”
intitle:”Live View / - AXIS 206W”
intitle:”Live View / - AXIS 210″
inurl:indexFrame.shtml Axis
intitle:”Live View / - AXIS 206M”
inurl:”MultiCameraFrame?Mode=Motion”
allintitle:”Network Camera NetworkCamera”
intitle:”WJ-NT104 Main Page”
intext:”MOBOTIX M1″ intext:”Open Menu”
intext:”MOBOTIX M10″ intext:”Open Menu”
intext:”MOBOTIX D10″ intext:”Open Menu”
intitle:”netcam live image”
intitle:snc-cs3 inurl:home/
intitle:snc-rz30 inurl:home/
intitle:”sony network camera snc-p1″
intitle:”sony network camera snc-m1″
site:.viewnetcam.com -www.viewnetcam.com
intitle:”Toshiba Network Camera” user login

- See more at: http://www.coolhackingtrick.com/2011/11/see-unprotected-cam-using-google.html#sthash.SogbfUXx.dpuf

BOOTABLE USB/FLASH DRIVE|MAKE BOOTABLE PEN DRIVE

2013-09-28T10:02:00.001-07:00

MAKE BOOTABLE PEN DRIVE|BOOT FROM USB DRIV

--::REQUIRED::--

***USB Flash Drive (Minimum 4GB)****Windows 7 or Vista installation files(the ISO file or DVD)*
--::PROCESS::--
Follow the below steps to create bootable Windows 7/Vista USB drive using which you can install Windows 7/Vista easily.
1. Plug-in your USB flash drive to USB port and move all the contents from USB drive to a safe location on your system.
2. Open Command Prompt with admin rights. Use any of the below methods to open Command Prompt with admin rights.
*Type cmd in Start menu search box and hit Ctrl+ Shift+ Enter.
Or
*Go to Start menu > All programs > Accessories, right click on Command Prompt and select Run as administrator.
3. You need to know about the USB drive a little bit. Type in the following commands in the command prompt:
First type DISKPART and hit enter to see the below message.
Next type LIST DISK command and note down the Disk number (ex: Disk 2 IN THE IMAGE) of your USB flash drive. In the below screenshot my Flash Drive Disk no is Disk 1.
4. Next type all the below commands one by one. Here I assume that your disk drive no is “Disk 2”.If you have Disk 2 as your USB flash drive then use Disk 2.Refer the above step to confirm it.
So below are the commands you need to type and execute one by one:
SELECT DISK 1
CLEAN
CREATE PARTITION PRIMARY
SELECT PARTITION 1
ACTIVE
FORMAT FS=NTFS(Format process may take few seconds)
ASSIGN
EXIT
Don’t close the command prompt as we need to execute one more command at the next step. Just minimize it.
5. Next insert your Windows7/Vista DVD into the optical drive and check the drive letter of the DVD drive. In this guide I will assume(in the picture) that your DVD drive letter is “J” and USB drive letter is “M” (open my computer to know about it).

6. Maximize the minimized Command Prompt in the 4th step.Type the following command now:
M: CD BOOT and hit enter.Where “J” is your DVD drive letter.
CD BOOT and hit enter to see the below message.
7. Type another command given below to update the USB drive with BOOTMGR compatible code.
BOOTSECT.EXE /NT60 J:

Where “J” is your USB drive letter. Once you enter the above command you will see the below message.
8. Copy your Windows 7/Vista DVD contents(INSIDE THE ISO) to the USB flash drive.

9. Your USB drive is ready to boot and install Windows 7/Vista. Only thing you need to change the boot priority at the BIOS to USB from the HDD or CD ROM drive. I won’t explain it as it’s just the matter the changing the boot priority or enabling the USB boot option in the BIOS.
Note: If you are not able to boot after following this guide means you haven’t set the BIOS priority to USB. If you got any problem in following this guide feel free to ask questions by leaving comment.

Our Partner Site:

Visit https://www.faadoocoupons.com

Request a new IP address from your ISP server

2013-09-28T08:53:00.002-07:00

Request a new IP address from your ISP server

By this method now you can request for a new IP address from your ISP Server

Here's how to do it in windows:

1. Click On Start

2.Now go on run

3. In the run box type cmd.exe and then click OK

4. After the command prompt open- type the following codes in it-

ipconfig /flushdns

ipconfig /release

ipconfig /renew

exit

5. Last step is to delete your all cookies from browser and you are done

Immediately you will be assigned a new IP address when this happens. If you are on a fixed IP address, this method will not work. If this works for you, you may want to save the above commands into a batch file, and just run it when you need it

How to Hack Google Search

2013-09-28T08:51:00.001-07:00

How to Hack Google Search

ts something you won’t find so easily. Have you ever wondered if you could Hack Google Search, well in this post we are exactly going to do the same.

I am using simple Javascript that I wrote. In my next post I would be providing the explaination for the same along with bookmarklets for the same. If you don’t know much about “What is a bookmarklet” and “what is the use of a bookmarklet” then you may google it.

Now back to topic, about the java scripts.. In this post I would be providing only 5 java scripts which you can use to download Songs , Ebooks , Images , Applications and Games. Though I have made scripts for many more things but right now I would be writing about the most commonly used ones.

NOTE:- To use the Javascript , Just copy the code and paste it in the address bar of your browser ( the same plzce where you enter the url of any site) and press Enter.

Its as simple as that.

Script 1 :- Download any Song

javascript:Qr=”;if(!Qr){void(Qr=prompt(‘http://learnhacking.in/’,'ENTER ARTIST OR SONG NAME:’,”))};if(Qr)location.href=’http://www.google.com/search?q=%22parent+directory%22+%22‘+escape(Qr)+’%22+mp3+OR+wma+OR+ogg+-html+-htm&num=100&hl=en&lr=&ie=UTF-8&oe=UTF-8&safe=active&sa=N’

Script 2 :- Download any Ebook

javascript:Qr=”;if(!Qr){void(Qr=prompt(‘http://learnhacking.in/’,'Enter Author name OR Book name:’,”))};if(Qr)location.href=’http://www.google.com/search?q=%22parent+directory%22+%22‘+escape(Qr)+’%22+pdf+OR+rar+OR+zip+OR+lit+OR+djvu+OR+pdb+-html+-htm&num=100&hl=en&lr=&ie=UTF-8&oe=UTF-8&safe=active&sa=N’

Script 3 ownload any Image

javascript:Qr=”;if(!Qr){void(Qr=prompt(‘http://learnhacking.in/’,'ENTER IMAGE NAME:’,”))};if(Qr)location.href=’http://www.google.com/search?q=%22parent+directory%22+%22‘+escape(Qr)+’%22+jpg+OR+png+OR+bmp+-html+-htm&num=100&hl=en&lr=&ie=UTF-8&oe=UTF-8&safe=active&sa=N’

Script 4:- Download any Application

javascript:Qr=”;if(!Qr){void(Qr=prompt(‘http://learnhacking.in/’,'ENTER Application NAME:’,”))};if(Qr)location.href=’http://www.google.com/search?q=%22parent+directory%22+%22‘+escape(Qr)+’%22+exe+OR+rar+OR+zip+-html+-htm&num=100&hl=en&lr=&ie=UTF-8&oe=UTF-8&safe=active&sa=N’

Script 5:- Download any Game

javascript:Qr=”;if(!Qr){void(Qr=prompt(‘http://learnhacking.in/‘,’ENTER GAME NAME:’,”))};if(Qr)location.href=’http://www.google.com/search?q=%22parent+directory%22+%22‘+escape(Qr)+’%22+exe+OR+iso+OR+rar+-html+-htm&num=100&hl=en&lr=&ie=UTF-8&oe=UTF-8&safe=active&sa=N’

Well this is one cool script that will help you in your everyday life. Just enjoy and keep learning

Our Partner Site:

Visit https://www.faadoocoupons.com

Remove Write Protection On Any USB Device

2013-09-28T08:50:00.001-07:00

Remove Write Protection On Any USB Device

Write Protection on any portable USB Device can be applied by the physical lock provided on the card adjuster or some times provided on the pen drives, so make sure to make your drive not write protected by moving the lock in right direction. But even after moving the physical lock for write protection the problem can happen due to some virus action. This happens when some virus or script which applies the registry hack to make any drive write protect when connected to the computer, In that case follow the procedure below to remove write protection from your pen drive.

1. Open Start Menu >> Run, type regedit and press Enter, this will open the registry editor.

2. Navigate to the following path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\StorageDevicePolicies

Note: If the registry key StorageDevicePolicies key does not exist, you will need to create it Download the batch file called add.bat by clicking below link, and double click after download the key will be automatically added to registry.   DOWNLOAD

3. Double click the key WriteProtect in the right pane and set the value to 0 in the Value Data Box and press OK button

4. Exit Registry, restart your computer and then again re-connect your USB pendrive on your computer.
That is it, done.

Our Partner Site:

Visit https://www.faadoocoupons.com

Hack Website using Local File Inclusion Vulnerability

2013-09-28T08:49:00.001-07:00

Hack Website using Local File Inclusion Vulnerability

Hello friends, after a short break m back with an interesting post on Web-Hacking. So today m gonna teach you one of the most dangerous vulnerability called "Local File Inclusion-(LFI)". OWASP Top 10 - A4 Insecure Direct Object References.

Local File Inclusion - (LFI)
Local File Inclusion (LFI) is a type of vulnerability most often found on websites. It allows an attacker to include a local file, usually through a script on the web server. The vulnerability occurs due to the use of user-supplied input without proper validation.

In Simple words LFI Vulnerability allows an attacker to add any local file to Website Server through script. LFI is very dangerous vulnerability can lead to website Defacement, Command Execution, Creating more vulnerabilities, Website Defacement and Complete Database takeover. So let's learn LFI Today.

An attacker can do following things :

Open Redirects

Shell Upload

Website Defacement

Directory Travesal

Sensitive Data Leakage

Database Takeover

Creating Multiple Vulnerabilities

LFI Vulnerability Exploitation and Website Hacking : As you know guys our all post doesn't teach any kind of Black hat Hacking or Cyber Crime. We Always use Penetration testing lab to teach Pure Ethical Hacking tutorials with Complete Guide. So same we're using DVWA Penetration testing lab for this tutorial. If you don't have Vulnerable Website Always use Penetration testing lab.

Requirements :

DVWA Pentest Lab [Click to Created]

Little bit knowledge of HTTP and Networking

Understanding LFI Vulnerability :

Start DVWA and Click on [File Inclusion] - Security on [Low]

Click on Image to Enlarge it

Mostly in LFI Vulnerabilities URL looks little bit different and if you're experienced hacker, you'll understand that the Website is vulnerable to LFI. So look carefully in URL.

Okay let's just replace include.php with http://google.com/robots.txt

As I said LFI vulnerability can include any local file to web-pages,http://127.0.0.1/dvwa/vulnerabilities/fi/?page=http://google.com/robots.txt Enter

Now you'll see that google Robots.txt file will comes into DVWA Web-page. did you understand? that means the web-page is including any file and that is really very dangerous this can lead to Shell Upload and Command Execution so web server can be Hacked.

Click on Image to Enlarge it

An attacker can do many things with this vulnerability.

Now as you know if you can include any local file than how about to include some Source file on Web Server like password :D

Guess some file inclusion commands like : ../../etc/passwd but in DVWA this will work try it in URL ../../../../../etc/passwd

Click on Image to Enlarge it

Now try to include .html file : As m using my own Hackw0rm .html post like :
http://192.168.32.133/dvwa/vulnerabilities/fi/?page=http://hackw0rm.blogspot.in/2013/03/facebook-message-spoofing-trick-send.html

Click on Image to Enlarge it

#Cool, I hope you can understand how an attacker can include his own .php, .html or any other file to Hack Website Server.

Click on Image to Enlarge it

Okay! now just look into Source code on Web-Page to know why this vulnerability occurred : [Click on View Source]

Click on Image to Enlarge it

I hope you can understand that coding : Its simply easy - the code is $_GET['Page']without any type of filter or Protection. Simply it will add any type of file on web-pages? Now use some more evil mind : What if we'll create one Shell and include it in Web Server. So simply we can completely Deface Website and Get Database :D. well this is just study of Vulnerability in our upcoming post Part 2 of LFI will contain more advance methods and techniques of LFI Vulnerability exploitation.

Our Partner Site:

Visit https://www.faadoocoupons.com

How to compress 1 Gb data to 10 mb

2013-09-28T08:48:00.001-07:00

How to compress 1 Gb data to 10 mb

Hey guyz this time i has brought something very interesting for you guyz. Many times ourhard disk runs out of space and we have to delete some data or the other for no reason. Even I used to face the problem sometime back in history and by doing some research on the topic, I actually found a working and an awesome way to save my hard disk space.

How effective is it?

Well by this method I converted NFS UNDERGROUND 2 which is somewhat around 2 Gb tb 21 Mb. And same is the case with everything important I wanted to save.

How did I do it?

You are just about to know… Read on.

I used a software named KGB Archiver.

About KGB archiver: KGB Archiver , an open source compression tool like 7zip and UHARC with an unbelievably high compression rate .It uses AES-256 encryption (one of the strongest encryptionknown for man) to encrypt archives . The disappointing thing with KGB Archiver is due to its high compression rate its minimum hardware requirement is high ( recommend processor with 1,5GHz clock and 256MB of RAM ) and compression and decompression process is time consuming.

Its strength: Very high compression power with very accurate results and no loss of data.

Its weeknss: Due to high compression , the time required to compress and decompress the file is high. High system requirement

From where can you download this software.?

Learn Hacking has already done that for you. Just click on the link given to Download KGB archiver for free.

Click Here to Download KGB Archiver for free.

I am sure you loved this post

Just enjoy and keep learning

Our Partner Site:

Visit https://www.faadoocoupons.com

Finding Serial Key Of Any Software Using Simple Google Trick

2013-09-28T08:46:00.001-07:00

FINDING SERIAL KEY OF ANY SOFTWARE USING SIMPLE GOOGLE TRICK

Most of you download and use pirated software from torrents or any such other sites, but sometime it gets very difficult to find serial key of those softwares. I will make it easy for you by showing you simple yet very intersting google trick which will allow you to find serial key of any software very easily.

How To Find Serial Key Of Any Software ?

The key 94FBR is a part of Office 2000 Pro CD activation key that is widely distributed as it bypasses the activation requirements of Office 2000 Pro. By searching for 94fbr and the product name, you are guarantee that the pages that are returned are pages dealing specifically with the product you're wanting a serial for. Follow simple steps given below to learn this trick

1. Go to Google
2. Then type Software Name 94FBR

Replace Software Name with the name of software whose serial key you want to find
Eg: To find serial key of Nero i will type Nero 94fbr

3. Now press Enter and you will find serial key of software you are looking for as shown below.

DEFACING A WEBSITE WITH HAVIJ TOOL

2013-08-24T21:51:00.003-07:00

How to use Havij Tool to Hack and Deface a websites.

As per Request we are Posting Hacking Tool and how to use it. Firstly, if you haven’t downloaded Havij, I strongly recommend you do download before moving on with this tutorial. Click Download Button at the End of the tutorial and if you have not read Sql Injection Tutorial i suggest you also do that before moving ahead for your own good so Click Here To Read about It
=>NOW TO TODAY'S TUTORIAL

Step 1: Run Havij. Now copy paste the SQL Injection vulnerable website into TARGET and click the ANALYZE BUTTON .To find vulnerable sites Learn More

Step 2: Be patient while havij gets all the information about the website like Database Name, Server, Etc.

Step 3: Now, we need to get the table of the website. Now click on Tables and click on Get tables and exercise some patience to get the database tables .

After founded the tables ,you can see there will be "users" Put mark on it and click in the " get columns " tab as shown in figure.

Now to the final stage, Click on 'get data' to get the password and username of admin.

Now you have the admin usernames and password. Simply take note of only the username.

The password you got is in Md5 format and cannot be used to login to the website directly. What we need to do is too simply click on the MD5 tab on havij and paste the password into the text field and click on start.

Our Partner Site:

Visit https://www.faadoocoupons.com

MOST FAMOUS HACKER GROUP EVER

2013-08-22T22:55:00.000-07:00

10 Most Famous Hacker Groups Ever

The word “hack” began as a term for an “ingenious solution to a problem.” Then, with the onset of computer programming, it evolved to mean “a feat of programming prowess.” Teenage boys, attracted to the elite power they could wield, immersed themselves in a world of Internet bulletin boards and telephone systems. The lure of the next big challenge, hacker-group rivalries, political activism and personal gain all come into play in this fascinating underground world – in which everything is painted in shades of gray.

10. Chaos Computer Club

The Chaos Computer Club was formed on September 12, 1981 in Berlin. The group gained worldwide notoriety by hacking into the German Bildschirmtext computer network and debiting 134,000 Deutsch Marks from a Hamburg bank. They returned the money the next day, having proven their point: the system’s security was flawed.
Some members of the club were also involved in a cyberespionage case in 1989. They hacked into corporate and government computers in the US and sold the source code to the KGB. The Chaos Computer Club also used hacking to protest French nuclear testing, to publish the fingerprints of Germany’s Minister of the Interior, Wolfgang Schäuble, and to expose a government Trojan horse spyware device.

9. Global KOS

The goal of Global kOS (pronounced “chaos”) was exactly that: to create as much online disorder as possible on a global scale. Consisting of members with handles like AcidAngel, The Assassin and Shadow Hunter, the group was responsible for providing a slew of automated hacker tools to the online community. This meant that so-called “script-kiddies,” who don’t necessarily have any true computer programming abilities, could wreak havoc without much technical knowhow.
Created in 1996 by AcidAngel, “Up Yours!” was a denial of service tool used to bring down the websites of 40 politicians, including that of Rush Limbaugh, as well as those of MTV and the Ku Klux Klan. Other tools developed by Global kOS include the kOS Crack, for cracking passwords, and BattlePong, an IRC flooding utility.

8. The Level Seven Crew

The Level Seven Crew is believed to have taken its name from the seventh level of hell (“the violent”) in Dante’s famous poetic allegory, “The Inferno.”
In 1999 alone, Level Seven illegally infiltrated over 60 computer systems, including those of NASA, The First American National Bank, and Sheraton Hotels. They also broke into the website of the US Embassy in China and defaced it with racist slogans to protest the United States’ accidental bombing of the Chinese Embassy in Belgrade. And they were apparently the first group to hack into a .ma (Moroccan) domain. Most of their exploits tended towards “hacktivism,” a form of online activism, rather than being motivated by personal gain. The group disbanded in 2000.

7. globalHell

The hacker group globalHell has been compared to a gang of thugs; but instead of battling it out on the streets, they took their fight into cyberspace. The group is said to have attacked and destroyed data on 115 websites, caused millions of dollars in damages, and trafficked stolen information.
Ironically, globalHell was co-founded by a known Houston street gang member named Patrick Gregory, who turned to computers as a “way out” of gang life. However, he ended up transferring his gang-related activity to the web, where he helped coordinate a 60-member syndicate.
Global Hell not only carried out an online version of extortion; they also went as far as attacking and defacing the United States Army’s website, vandalizing it with the message, “globalHell will not die.” Twenty-year-old Wisconsin-based co-founder Chad Davis was arrested in 1999, sentenced to six months in prison, and ordered to pay $8,054. In an amusing twist, he has since gone on to become an independent security consultant.

6. TeaMp0isoN

A 16-year-old hacker who goes by the online name TriCk started TeaMp0isoN in 2010. The group was responsible for hacking into Facebook, NATO, and the English Defense League. They also hacked into an email account and retrieved personal data about former British Prime Minister Tony Blair. And when Research In Motion, the company responsible for developing the BlackBerry smartphone, planned to help police during the 2011 England riots, TeaMp0isoN defaced the official BlackBerry blog, writing, “We are all for the rioters that are engaging in attacks on the police and government.”
The group also hacked the British Anti-terrorism Hotline to protest the extradition of suspects to the US. The group claims to be politically motivated, aiming to expose international governments hiding their wrongdoings.

5. Network Crack Program Hacker Group

The Network Crack Program Hacker Group (NCPH) was formed in 1994, in Zigong, China. In 2006, the group was thought to consist of around 10 members, with four key players at the helm. It’s actually said that the group’s leader, Wicked Rose (real name Tan Dailin), works for the Chinese Army. The current size of the group is unknown.
Initially, NCPH got their kicks hacking into a large proportion of Chinese hacker association websites. Yet their attacks soon evolved. In 2006, Wicked Rose’s GinWui rootkit was employed in attacks on the US Department of Defense. And later that year, Internet security consultancy iDefense linked the group with a number of notable online attacks.
The group is also well known for the remote-network-control and network-infiltration programs they have available for download. What’s more, according Wicked Rose, NCPH is paid for their work by a mysterious sponsor. It is believed that the group’s benefactor is the People’s Liberation Army.

4. LulzSec

One of LulzSec’s mottos is “Laughing at your security since 2011.” The group enjoys exposing security weaknesses and flaws, and their targets have included Fox.com, an X-Factor database (they released the contact information for 73,000 contestants), Sony, the CIA, and the FBI. They are said to have caused billions of dollars in damages.
In March 2012, top members of LulzSec were arrested, after their leader, code-named Sabu, turned them over to the FBI to face charges of conspiracy. A mere three months later, the group reemerged, hacking into a dating website for singles in the military. They dumped 170,937 email accounts, claiming that Lulzsec had been “reborn.”

3. Masters of Deception

New York hacker group Masters of Deception was formed in 1989, as a bitter rival to Texas-based hackers Legion of Doom. The groups’ one-upmanship soon evolved into all out war, with racial and class overtones adding extra tension.
To prove their hacking prowess, Masters of Deception members allegedly carried out what has been dubbed “one of the most extensive thefts of computer information ever reported.” According to reports, they broke into tough-to-crack servers and stole confidential information, which they later sold. Secret Service members carried out major raids and succeeded in indicting five top hackers in the group. They were charged with “computer tampering, computer and wire fraud, illegal wiretapping, and conspiracy.” All five pleaded guilty.

2. Milw0rm

On June 3, 1998, a group of hacktivists known as Milw0rm targeted the computers of India’s primary nuclear facility, the Bhabha Atomic Research Center. The group operated from the UK, the US, Russia and New Zealand, and they broke through the center’s firewalls. They lifted five megabytes of classified files about India’s last five nuclear tests, erased data from two servers, and posted anti-nuclear messages on the center’s website. The implications of the hack were huge and caused major upheaval as other institutions heightened their security.
One month later, Milw0rm hacked into a web hosting company named EasySpace, and within an hour they had posted their anti-nuclear message on 300 websites, including those of the FIFA World Cup, Drew Barrymore, Wimbledon, and the Saudi Royal Family.

1. Anonymous

Anonymous is a huge, amorphous group of hackers that has gained considerable momentum over the past couple of years. On January 19, 2012, more than 5,635 people (some unknowingly) joined a distributed denial-of-service attack against supporters of the Stop Online Piracy Act. The sites they disabled included the FBI website, as well as those of the Justice Department, the Motion Picture Association of America, and Universal Music Group.
Other Anonymous activities include protesting UK extradition policies, tracking down cyber-criminals (such as “Internet predator” Chris Forcand), and taking down child porn sites hidden in the depths of the worldwide web. Anonymous has threatened Mexican drug cartel group “Los Zetas,” attacked the Pentagon, threatened to take down Facebook, and waged war on Scientology. The group’s motto is “We are Anonymous. We are Legion. We do not forgive. We do not forget. Expect us.”

Our Partner Site:

Visit https://www.faadoocoupons.com

INSTALLING BACKTRACK 5

2013-08-22T22:47:00.000-07:00

Installing BackTrack

In the last post i showed you how to install virtual box and after that setting up environment
for BackTrack. Today i will show you how to install BackTrack on Virtual machine.

Installing BackTrack on the virtual disk image

1. Open the VirtualBox Manager and select Let's_Hack guest machine on the left of the
screen. Click on the large Start .
2. Your machine will now boot up. As far we have not selected an image to be used to
boot the system with, we will need to select this using the menu options that will appear
prior to the initial system initialization.
3. The First Run Wizard will only appear the virtual machine is started. It allows you to choose
the ISO you wish to boot up from.
4. It is also possible to add the installation media in the Virtual Machine Settings in the Storage
category.
5. Click on Next to continue.
7. On the Select Installation Media screen you will need to set the location of the BackTrack iso
file which you have downloaded. Click on Next when ready.
8. Click on Start .

9. Type startx at the root@root:~# prompt.

10.Now that we have the BackTrack ISO up and running on our virtual machine, Now click on
the Install BackTrack icon to begin the short installation process:
11.Select your preferred language and click on Forward.
12.Select your location date and time.Click on Forward to continue.
13.Select your preferred keyboard layout and click on Forward.
14.Choose the Erase and use the entire disk radial button and click on Forward.
15.Click on Install to initialize the changes. This may take a few minutes to complete.
16.When the install has finished you will be required to reboot the system. Click on the
Restart Now button and then unload the ISO. You will need to choose Devices >
CD/DVD Devices> BackTrack Iso file name.This will eject the ISO image before
the system reboots. Press Enter to reboot.

Our Partner Site:

Visit https://www.faadoocoupons.com

HACKERS OF ALL TIME

2013-08-22T21:46:00.001-07:00

Science

Next Previous Random List

Technology

Top 10 Notorious Black Hat Hackers

Chandler Grant May 8, 2012

Check out our new companion site: http://knowledgenuts.com

To accompany the technological advancements of the computer world and the constant changing definition of a hacker, we thought it was time to look back at ten of the most notorious black hat hackers and the legendary hacks that earned them such a title. First, it should be known that a black hat hacker is computing slang for a person who engages in illegal or malicious hacking. A white hat hacker is a computer hacker who intends to improve internet security. It is note-worthy that many white hat hackers, such as Steve Jobs of apple, Mark Zuckerberg of Facebook, and even many hackers listed below, were once black hat hackers.

Kevin Poulsen

a.k.a. Dark Dante

The notorious ’80s black hat hacker, Kevin Poulsen, gained recognition for his hacking of the telephone lines for LA radio station KIIS-FM, securing himself a place as the 102nd caller and winning a brand new Porsche 944, among other prizes. Law enforcement dubbed Poulsen the “Hannibal Lecter of computer crime.” Poulsen went underground as a fugitive when the FBI began its search for him, but in 1991, he was finally captured.
He pleaded guilty to seven counts of mail, wire and computer fraud, money laundering, obstruction of justice, and for obtaining information on covert businesses run by the FBI. Kevin Poulsen was sentenced to 51 months in prison (4 years and 3 months), which was the longest sentence ever given for hacking at the time. However, since serving time, Poulsen has worked as a journalist and is now a senior editor for Wired News. Poulsen’s most note-worthy article details his work on identifying 744 sex offenders with MySpace profiles.

Albert Gonzalez

Cyber-criminal Albert Gonzalez has been accused of masterminding the biggest ATM and credit card theft in history; from 2005 to 2007, he and his cybergroup had allegedly sold more than 170 million card and ATM numbers. Gonzalez’s team used SQL injection techniques to create malware backdoors on several corporate systems in order to launch packet-sniffing (specifically, ARP Spoofing) attacks, allowing him to steal computer data from internal corporate networks. When he was arrested, authorities seized $1.6 million in cash including $1.1 million found in plastic bags placed in a three-foot drum which had been buried in his parents’ backyard. In 2010, Gonzalez was sentenced to 20 years in federal prison.

Vladimir Levin

It’s almost like the opening of a James Bond movie: in 1994, while working from his laptop from his Russian apartment in St. Petersburg, Vladimir Levin transferred $10 million from the accounts of Citibank clients to his own accounts around the world.
However, Levin’s career as a hacker was only short lived, with a capture, imprisonment and recovery of all but $400,000 of the original $10 million. During Levin’s 1997 trial in the United States, he was said to have coordinated the first ever internet bank raid. The truth is Levin’s ability to transfer Citibank client funds to his own accounts was possible through stolen account numbers and PINs. Levin’s scam was a simple interception of clients’ calls while recording the punched in account numbers.

Robert Tappan Morris

On November 2, 1988, Robert Morris released a worm that took down one-tenth of the Internet, crippling 6,000 plus computer systems. It didn’t take long for the police to track him down. Due in part to the need for social acceptance that seems to be common amongst many young hackers, Morris made the fault of chatting about his worm for months before its release on the Internet. Morris claimed it was just a stunt, and added that he truly regretted causing $15 million worth of damage: the estimated amount of carnage his worm left behind.
Morris was one of the first to be tried and convicted under the Computer Fraud and Abuse Act but only had community service and a fine as his penalty. The defense for such a light sentence was that Morris’ worm didn’t destroy the actual contents of affected computers. Morris now works in the department of Electrical Engineering and Computer Science at Massachusetts Institute of Technology (MIT).

Michael Calce

a.k.a. MafiaBoy

In February of 2000, Michael Calce launched a series of widely known denial-of-service attacks against large commercial websites, including Yahoo!, Amazon.com, Dell, eBay, and CNN. He hacked Yahoo! when it was still the web’s leading search engine and caused it to shutdown for about an hour. Like many hackers, Calce exploited websites primarily for pride and establishing dominance for himself and his cybergroup, TNT. In 2001, the Montreal Youth Court sentenced Calce to eight months of open custody, one year of probation, restricted use of the Internet, and a minimal fine.

David Smith

Smith’s fame is due to being the author of the infamous e-mail virus, Melissa. Smith claims that the Melissa virus was never intended to cause harm, but its simple means of propagation (each infected computer sent out multiple infected emails) overloaded computer systems and servers around the world. Smith’s virus takes an unusual turn in that it was originally hidden in a file that contained passwords to 80 well-known pornography websites. The name Melissa was derived from a lap dancer Smith met while on a trip in Florida. Even though over 60,000 email viruses have been discovered, Smith is the only person to go to federal prison in the United States for sending one.

Adrian Lamo

Nicknamed “the homeless hacker,” Adrian Lamo used coffee shops, libraries and internet cafés as his locations for hacking. Apart from being the homeless hacker, Lamo is widely-known for breaking into a series of high-profile computer networks, which include The New York Times, Microsoft, Yahoo!, and MCI WorldCom. In 2002, he added his name to the The New York Times’ internal database of expert sources and utilized LexisNexis account to conduct research on high-profile subjects. The Times filed a complaint, and a warrant for Lamo’s arrest was issued, followed by a 15-month investigation by federal prosecutors in New York.
After several days in hiding, he finally surrendered to the US Marshals, and then to the FBI. Lamo was ordered to pay approximately $65,000 in damages and was sentenced to six months house arrest at his parents’ home, with an additional two years of probation. In June 2010, Lamo disclosed the name of Bradley Manning to U.S. Army authorities as the source of the July 12, 2007 Baghdad airstrike video leak to Wikileaks. Lamo is presently working as a threat analyst and donates his time and skills to a Sacramento-based nonprofit organization.

George Hotz

The name of the acclaimed jailbreak artist, George Hotz, will forever be associated with the April 2011 PlayStation breach. Being one of the first hackers ever to jailbreak the Sony PlayStation 3, Hotz found himself in the midst of a very relentless, public and messy court battle with Sony – perhaps worsened by Hotz’s public release of his jail breaking methods. In a stated retaliation to Sony’s gap of the unstated rules of jail breaking – never prosecute – the hacker group Anonymous attacked Sony in what would be the dubbed as the most costly security break of all time to date.
Hackers broke into the PlayStation Network and stole personal information of some 77 million users. However, Hotz denied any responsibility for the attack, and added “Running homebrew and exploring security on your devices is cool; hacking into someone else’s server and stealing databases of user info. is not cool.”

Jonathan James

a.k.a. c0mrade

Jonathan James, 16-year-old black hat hacker, became the first juvenile imprisoned for cybercrime in the United States. James gained his notoriety by implementing a series of successful intrusions into various systems. At an amazingly young age of 15, James specialized in hacking high-profile government systems such as NASA and the Department of Defense. He was reported to have stolen software worth over $1.7 million. He also hacked into the Defense Threat Reduction Agency and intercepted over 3,000 highly secretive messages passing to and from the DTRA employees, while collecting many usernames and passwords.
On May 18, 2008, at the age of 25, James committed suicide using a gun. The words in his suicide note provide some insight into this obviously brilliant but troubled youth who thought he would be a scapegoat and blamed for cyber crimes he did not commit: “I have no faith in the ‘justice’ system. Perhaps my actions today, and this letter, will send a stronger message to the public. Either way, I have lost control over this situation, and this is my only way to regain control.”

Gary McKinnon

In 2002, an exceptionally odd message appeared on a US Army computer screen: “Your security system is crap,” it read. “I am Solo. I will continue to disrupt at the highest levels.” It was later identified as the work of Scottish systems administrator, Gary McKinnon.
McKinnon suffers from Asperger’s syndrome, which is the least severe form of autism. The symptoms of Asperger’s syndrome certainly match Gary’s actions: that is, highly intelligent with an exceptional understanding of complex systems. Though sufferers often have difficulty reading social cues and acknowledging the impact of their often-obsessive behavior, they tend to be geniuses in one particular subject. For Gary, it was computers.
Gary has been accused of executing the largest ever hack of United States government computer networks — including Army, Air Force, Navy and NASA systems. The court had recommended that McKinnon be apprehended to the United States to face charges of illegally accessing 97 computers, causing a total of $700,000 in damage. Even more interesting are McKinnon’s motives for the large scale hackings, which he claims were in search of information on UFOs. He believed the US government was hiding such information in its military computers.

Kevin Mitnick

Kevin David Mitnick (born on August 6, 1963) is an American computer security consultant, author, and hacker. In the late 20th century, he was convicted of various computer- and communications-related crimes. At the time of his arrest, he was the most-wanted computer criminal in the United States. Mitnick gained unauthorized access to his first computer network in 1979, at 16, when a friend gave him the phone number for the Ark, the computer system Digital Equipment Corporation (DEC) used for developing their RSTS/E operating system software. He broke into DEC’s computer network and copied their software, a crime he was charged with and convicted of in 1988.
According to the U.S. Department of Justice, Mitnick gained unauthorized access to dozens of computer networks while he was a fugitive. He used cloned cellular phones to hide his location and, among other things, copied valuable proprietary software from some of the country’s largest cellular telephone and computer companies. Mitnick also intercepted and stole computer passwords, altered computer networks, and broke into and read private e-mail.
Due to his fame he is included as a bonus entry here.

Our Partner Site:

Visit https://www.faadoocoupons.com

HOW TO DEFACE A WEBSITE USING SQL AND PHP SCRIPTING

2013-08-22T21:42:00.001-07:00

Note: I and thesspyhunter.blogspot.in is Not responsible for any Misuse of these Tutorials. These are Just for Educational Purposes...So Don't Misuse Them!

Now Our Todays Discussion is on " How to Deface Websites using the SQL injection and PHP shell code Scripting".. Today I will show you the 100% working method for Hacking Websites and then Defacing them...

FIRST OF ALL YOU SHOULD KNOW WHAT IS DEFACEMENT??
Defacing a website simply means that we replace the index.html file of a site by our file. Now all the Users that open it will see our Page(i.e being uploaded by us).
For Defacing a website, three things that you need Most are:
1. SQL Injection(For analyzing website loops)
2. Admin Password
3. Shell Script (for getting Admin Controls)

Now Lets Start the Tutorial:
First of all I would Like to say that I have took some part of SQL injection Tutorial from my previous posts and a site http://www.milw0rm.com/ .Most of the Part is written by me so if you have any doubts I will clear them....

1. Finding the Target and the Admin Password
First of all we must find out our target website. I have collected a lot of dorks i.e the vulnerability points of the websites. Some Google Searches can be awesomely utilized to find out vulnerable Websites.. Below is example of some queries..
Examples: Open the Google and copy paste these queries...

inurl:index.php?id=

inurl:trainers.php?id=

inurl:buy.php?category=

inurl:article.php?ID=

inurl:play_old.php?id=

inurl:declaration_more.php?decl_id=

inurl:pageid=

inurl:games.php?id=

inurl:page.php?file=

inurl:newsDetail.php?id=

inurl:gallery.php?id=

Here are some More Queries (use them without quotation marks)..

"add.asp?bookid="
"add_cart.asp?num="
"addcart.asp?"
"addItem.asp"
"add-to-cart.asp?ID="
"addToCart.asp?idProduct="
"addtomylist.asp?ProdId="
"adminEditProductFields.asp?intProdID="
"advSearch_h.asp?idCategory="
"affiliate.asp?ID="
"affiliate-agreement.cfm?storeid="
"affiliates.asp?id="
"ancillary.asp?ID="
"archive.asp?id="
"article.asp?id="
"aspx?PageID"
"basket.asp?id="
"Book.asp?bookID="
"book_list.asp?bookid="
"book_view.asp?bookid="
"BookDetails.asp?ID="
"browse.asp?catid="
"browse_item_details.asp"
"Browse_Item_Details.asp?Store_Id="
"buy.asp?"
"buy.asp?bookid="
"bycategory.asp?id="
"cardinfo.asp?card="
"cart.asp?action="
"cart.asp?cart_id="
"cart.asp?id="
"cart_additem.asp?id="
"cart_validate.asp?id="
"cartadd.asp?id="
"cat.asp?iCat="
"catalog.asp"
"catalog.asp?CatalogID="
"catalog_item.asp?ID="
"catalog_main.asp?catid="
"category.asp"
"category.asp?catid="
"category_list.asp?id="
"categorydisplay.asp?catid="
"checkout.asp?cartid="
"checkout.asp?UserID="
"checkout_confirmed.asp?order_id="
"checkout1.asp?cartid="
"comersus_listCategoriesAndProducts.asp?idCategory ="
"comersus_optEmailToFriendForm.asp?idProduct="
"comersus_optReviewReadExec.asp?idProduct="
"comersus_viewItem.asp?idProduct="
"comments_form.asp?ID="
"contact.asp?cartId="
"content.asp?id="
"customerService.asp?TextID1="
"default.asp?catID="
"description.asp?bookid="
"details.asp?BookID="
"details.asp?Press_Release_ID="
"details.asp?Product_ID="
"details.asp?Service_ID="
"display_item.asp?id="
"displayproducts.asp"
"downloadTrial.asp?intProdID="
"emailproduct.asp?itemid="
"emailToFriend.asp?idProduct="
"events.asp?ID="
"faq.asp?cartID="
"faq_list.asp?id="
"faqs.asp?id="
"feedback.asp?title="
"freedownload.asp?bookid="
"fullDisplay.asp?item="
"getbook.asp?bookid="
"GetItems.asp?itemid="
"giftDetail.asp?id="
"help.asp?CartId="
"home.asp?id="
"index.asp?cart="
"index.asp?cartID="
"index.asp?ID="
"info.asp?ID="
"item.asp?eid="
"item.asp?item_id="
"item.asp?itemid="
"item.asp?model="
"item.asp?prodtype="
"item.asp?shopcd="
"item_details.asp?catid="
"item_list.asp?maingroup"
"item_show.asp?code_no="
"itemDesc.asp?CartId="
"itemdetail.asp?item="
"itemdetails.asp?catalogid="
"learnmore.asp?cartID="
"links.asp?catid="
"list.asp?bookid="
"List.asp?CatID="
"listcategoriesandproducts.asp?idCategory="
"modline.asp?id="
"myaccount.asp?catid="
"news.asp?id="
"order.asp?BookID="
"order.asp?id="
"order.asp?item_ID="
"OrderForm.asp?Cart="
"page.asp?PartID="
"payment.asp?CartID="
"pdetail.asp?item_id="
"powersearch.asp?CartId="
"price.asp"
"privacy.asp?cartID="
"prodbycat.asp?intCatalogID="
"prodetails.asp?prodid="
"prodlist.asp?catid="
"product.asp?bookID="
"product.asp?intProdID="
"product_info.asp?item_id="
"productDetails.asp?idProduct="
"productDisplay.asp"
"productinfo.asp?item="
"productlist.asp?ViewType=Category&CategoryID= "
"productpage.asp"
"products.asp?ID="
"products.asp?keyword="
"products_category.asp?CategoryID="
"products_detail.asp?CategoryID="
"productsByCategory.asp?intCatalogID="
"prodView.asp?idProduct="
"promo.asp?id="
"promotion.asp?catid="
"pview.asp?Item="
"resellers.asp?idCategory="
"results.asp?cat="
"savecart.asp?CartId="
"search.asp?CartID="
"searchcat.asp?search_id="
"Select_Item.asp?id="
"Services.asp?ID="
"shippinginfo.asp?CartId="
"shop.asp?a="
"shop.asp?action="
"shop.asp?bookid="
"shop.asp?cartID="
"shop_details.asp?prodid="
"shopaddtocart.asp"
"shopaddtocart.asp?catalogid="
"shopbasket.asp?bookid="
"shopbycategory.asp?catid="
"shopcart.asp?title="
"shopcreatorder.asp"
"shopcurrency.asp?cid="
"shopdc.asp?bookid="
"shopdisplaycategories.asp"
"shopdisplayproduct.asp?catalogid="
"shopdisplayproducts.asp"
"shopexd.asp"
"shopexd.asp?catalogid="
"shopping_basket.asp?cartID="
"shopprojectlogin.asp"
"shopquery.asp?catalogid="
"shopremoveitem.asp?cartid="
"shopreviewadd.asp?id="
"shopreviewlist.asp?id="
"ShopSearch.asp?CategoryID="
"shoptellafriend.asp?id="
"shopthanks.asp"
"shopwelcome.asp?title="
"show_item.asp?id="
"show_item_details.asp?item_id="
"showbook.asp?bookid="
"showStore.asp?catID="
"shprodde.asp?SKU="
"specials.asp?id="
"store.asp?id="
"store_bycat.asp?id="
"store_listing.asp?id="
"Store_ViewProducts.asp?Cat="
"store-details.asp?id="
"storefront.asp?id="
"storefronts.asp?title="
"storeitem.asp?item="
"StoreRedirect.asp?ID="
"subcategories.asp?id="
"tek9.asp?"
"template.asp?Action=Item&pid="
"topic.asp?ID="
"tuangou.asp?bookid="
"type.asp?iType="
"updatebasket.asp?bookid="
"updates.asp?ID="
"view.asp?cid="
"view_cart.asp?title="
"view_detail.asp?ID="
"viewcart.asp?CartId="
"viewCart.asp?userID="
"viewCat_h.asp?idCategory="
"viewevent.asp?EventID="
"viewitem.asp?recor="
"viewPrd.asp?idcategory="
"ViewProduct.asp?misc="
"voteList.asp?item_ID="
"whatsnew.asp?idCategory="
"WsAncillary.asp?ID

Now The Admin password Hacking procedure starts:

You can also refer to my previous post of hacking websites:

Hacking websites : How to hack websites By using SQL Injection

SQL INJECTION USING HAVIJ

2013-08-22T21:29:00.000-07:00

SQL Injection using havij

Hello friends today i am going to teach you that how to conduct SQL Injection using automated tool
like havij.
warning:-This tutorial is for educational purpose only.

First of all download havij click here to download.

Now use google to find sql vulnerable website say "www.mysite.com/index.php?id=12".
Checking for sql vulnerability for just open web browser and type www.mysite.com/index.php?id=12' you will get some error message like You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''' at line.....

Now you need to follow these steps:-

1. open havij and paste the vulnerable link in target area.
2. Now click on analyze button this will list you the available database.
3. Now click on Get DB tab this will list you the available database in the website.you need to select
the database name whose data you want to steal.
4. Now click on Get Column tab this will list you the available column in the database.
5. Now select the column and click on Get data tab this will show you the data you have the
option to save all the information just click on save data tab.
You can do many things with havij just go through the software.If you have any queries regarding
this post or you want to send me some feedback then mail me coalfieldexpress@gmail.com

Our Partner Site:

Visit https://www.faadoocoupons.com

TYPING SYMBOLS WITH KEYBOARD

2013-08-22T20:54:00.000-07:00

HOW TO TYPE SYMBOLS WITH KEYBOARD

Alt + 0153..... ™... trademark symbol

Alt + 0174..... ®....registered ¬ trademark symbol

Alt + 0176 ...°......degree symbol

Alt + 0177 ...±....plus-or -minus sign

Alt + 0182 ...¶.....paragraph mark

Alt + 0190 ...¾....fraction, three-fourths

Alt + 0215 ....×.....multi plication sign

Alt + 0162...¢....the cent sign

Alt + 0161.....¡..... .upside down exclamation point

Alt + 0191.....¿..... upside down question mark

Alt + 1...........smiley face

Alt + 2 ......☻.....black smiley face Alt + 15.....☼.....sun

Alt + 12......♀.....female sign

Alt + 11.....♂......male sign

Alt + 6.......♠.....spade

Alt + 5.......♣...... Club

Alt + 3............. Heart

Alt + 4.......♦...... Diamond

Alt + 13......♪.....eighth note

Alt + 14......♫...... beamed eighth note

Alt + 8721.... ∑.... Narysummation (auto sum)

Alt + 251.....√.....square root checkmark

Alt + 8236.....∞..... infinity

Alt + 24.......↑..... up arrow

Alt + 25......↓...... down arrow Alt + 26.....→.....right arrow

Alt + 27......←.....left arrow

Alt + 18.....↕......up/down arrow

Alt + 29......↔...lef t right arrow

Our Partner Site:

Visit https://www.faadoocoupons.com