Posts

Showing posts from 2016

Social Engineering:- To Hack The Human Mind

Social Engineering:- To Hack The Human Mind   This has become one of the hottest topics today and it seems to work out most of the times. Social Engineering doesn’t deal with the network security issues, vulnerabilities, exploits, etc. It just deals with simple psychological tricks that help to get the information we want. This really works!! But it requires a lot of patience. We are all talking about network security and fixing the vulnerabilities in networks. But what happens if some internal person of a network accidentally gives out the passwords. After all we are all humans; we are also vulnerable and can be easily exploited and compromised than the computers. Social Engineering attacks have become most common during the chat sessions. With the increase in use of Instant Messengers, any anonymous person may have a chat with another any where in the world. The most crucial part of this attack is to win the trust of the victim. It may take a long time (ma...

Social Engineering Toolkits

Image
Social Engineering Toolkits are as follows : SET :- The Social-Engineering Toolkit (SET) is a python-driven suite of custom tools which solely focuses on attacking the human element of pentesting. It’s main purpose is to augment and simulate social-engineering attacks and allow the tester to effectively test how a targeted attack may succeed. Currently SET has two main methods of attack, one is utilizing Metasploit payloads and Java-based attacks by setting up a malicious website (which you can clone whatever one you want) that ultimately delivers your payload. The second method is through file-format bugs and e-mail phishing. The second method supports your own open-mail relay, a customized sendmail open-relay, or Gmail integration to deliver your payloads through e-mail. The goal of SET is to bring awareness to the often forgotten attack vector of social-engineering.   Download SET SUBSCRIBE US ON YOUTUBE :- https://www.youtube.com/channel/UC...

Social Engineering with Maltego

Image
MALTEGO :- Maltego is a program that can be used to determine the relationships and real world links between: People, Groups of people (social networks), Companies, Organizations, Web sites, Internet infrastructure such as: Domains, DNS names, Netblocks, IP addresses, Phrases, Affiliations, Documents and files. These entities are linked using open source intelligence. Maltego is easy and quick to install – it uses Java, so it runs on Windows, Mac and Linux. Maltego provides you with a graphical interface that makes seeing these relationships instant and accurate – making it possible to see hidden connections. Using the graphical user interface (GUI) you can see relationships easily – even if they are three or four degrees of separation away. Maltego is unique because it uses a powerful, flexible framework that makes customizing possible. As such, Maltego can be adapted to your own, unique requirements.   Download Maltego SUBSCRIBE US ON YOUTUB...

How to Hack PayPal Account

Image
Mr. Yasser tells that How the security breach in paypal and hackers can hijack account just single click. He mentioned in his blog . In the POC Video Mr. Yasser successfully bypassed the PayPal security to generate exploit code for targeted attacks. 1- Reusable CSRF Token: The CSRF token “that authenticate every single request made by the user” which can be also found in the request body of every request with the parameter name “Auth” get changed with every request made by user for security measures, but after a deep investigation I found out that the CSRF Auth is Reusable for that specific user email address or username, this means If an attacker found any of these CSRF Tokens, He can then make actions in the behave of any logged in user. Hmm, it seems interesting but still not exploitable, as there is no way for an attacker to get the “Auth” value from a victim session. 2- Bypassing the CSRF Auth System: The CSRF Auth verifies every single ...

How to Crack Windows password

Image
  Today, i am going to show you many aspects of the Windows Password Storage path, Method of Encryption, and breaking into Windows by cracking the admin password. We need this often for many reasons: 1) Sometime we have forgotten our old password and Hint isn’t helping out. 2) We want to break into someone computer to get the information. 3) Just want to take revenge from someone. 4) Stealing computer data. Lets, take a deep dive in Cracking Windows password and also where these are stored and in which format. SAM file and Password Hashes~Place where these passwords are stored in Hashes: Password Hashes – When you type your password into a Windows NT, 2000, or XP login Windows Seven, Vista etc Windows encrypts your password using a specific encryption scheme that turns your password into something that looks like this: 7524248b4d2c9a9eadd3b435c51404eddc5 This is a password Hash. This is what is actually being checked against when you type your pas...

Using ophcrack to Hack into Admin Account

Image
 Using ophcrack to Hack into Admin Account: Ophcrack is a Windows password cracker based on a time-memory trade-off using rainbow tables. This is a new variant of Hellman’s original trade-off, with better performance. It recovers 99.9% of alphanumeric passwords in seconds. This is a type of offline cracking, Just grab .iso of ophcrack from here . Burn it and enjoy using. 1. Opchrack can crack passwords for Windows 7, Windows Vista, and Windows XP. 2. Ophcrack can recover 99.9% of passwords from Windows XP, usually in a matter of seconds. Any 14-character or smaller password that uses any combination of numbers, small letters, and capital letters should be crackable. 3. Ophcrack can recover 99% of passwords from Windows 7 or Windows Vista. A dictionary attack is used in Windows 7 and Vista. 4. The Ophcrack LiveCD option allows for completely automatic password recovery. 5. LiveCD method requires no installation in Windows, making it a safe alternative to many oth...

How To Hack & Access Same LAN Computers

Image
  How To Hack & Access Same LAN Computers?  If you are working in Office / Colleges and want to hack your friends & college mate PC then here is a trick. First Step press win+ R Go to Run> Type Cmd now type command net view It will look as below C:\>net view Server Name Remark ————————– \\xyz \\abc Here you can get all the names of all the computers machine names which connect with your LAN. Now you got the name. Lets start hacking into the systems. After you get server name now type tracert command for knowing IP of the victim machine. Example: C:\> tracert xyz Here you get the IP address of the XYZ computer machine. Now go to windows start button and type Remote Desktop Connection. After click on Remote Desktop Connection you get below image. Now type the IP address or computer name of victim machine. Click on Connect <-| It will also ask administrator password which is common as usual you known about. A...

How to crack wep key using Backtrack

Step 1:- First Download Backtrack Step 2:- Burn the iso image on CD and boot your laptop from CD drive Step 3:- Select the third boot option(VESA/KDE). Step 4:- Once in BT3, click the tiny black box in the lower left corner to load up a “Konsole” window. Step 5:- Type the following command airmon-ng Note down the interface name. In this example wifi0 Step 6:- airmon-ng stop wifi0 Step 7:- ifconfig wifi0 down Step 8:- macchanger –mac 00:11:22:33:44:66 wifi0 Step 9:- airmon-ng start wifi0 Step 10:- airodump-ng wifi0 This will start populating Wifi networks. Press Ctrl + C to stop. Check the network with WEP encryption. Notedown BSSID, CH and ESSID somewhere in notepad or paper Note that if the same BSSID is available in the second part with STATION associated with it, means you some one is accessing that network and our task will be little easier. If not than don’t worry we will still crack it. Step 11:- airodump-ng -c (channel) -w (file name) Replace (ch...

How a wireless network works

Wireless networks are everywhere; they are widely available, cheap, and easy to setup. To avoid the hassle of setting up a wired network in my own home, I chose to go wireless. After a day of enjoying this wireless freedom, I began thinking about security. How secure is my wireless network? I searched the Internet for many days, reading articles, gathering information, and participating on message boards and forums. I soon came to the realization that the best way for me to understand the security of my wireless network would be to test it myself. Many sources said it was easy, few said it was hard. How a wireless network works A wireless local area network (WLAN) is the linking of 2 or more computers with Network Interface Cards (NICs) through a technology based on radio waves. All devices that can connect to a wireless network are known as stations. Stations can be access points (APs), or clients. Access points are base stations for the wireless network. They ...

Send Fake Mail

Send Fake Mail Now You Can Send Email from Any Mail Address To Any One. This Process is known as Email Forging and Email Spoofing.. Emkei http://viid.me/qyLMTc More links coming soon… SUBSCRIBE US ON YOUTUBE :- https://www.youtube.com/channel/UC3SdJHbnRGaeatRYFfFLMvw LIKE US ON FACEBOOK :- http://viid.me/qtGbUW

SMS Global

Send fake sms from this website.. Make sign up and u will get 25 sms as trial.. www.smsglobal.com SUBSCRIBE US ON YOUTUBE :- https://www.youtube.com/channel/UC3SdJHbnRGaeatRYFfFLMvw LIKE US ON FACEBOOK :- http://viid.me/qtGbUW

SMS Mafia

SMS Mafia SmsMafia is a web texting application. This Service Is Completely Anonymous.Your Mobile No. Will Not Be Shown Anywhere. snsmafia.in SUBSCRIBE US ON YOUTUBE :- https://www.youtube.com/channel/UC3SdJHbnRGaeatRYFfFLMvw LIKE US ON FACEBOOK :- http://viid.me/qtGbUW

Recover My Files

Image
Recover My Files  Recover My Files data recovery software will recover deleted files emptied from the Windows Recycle Bin, or lost due to the format or corruption of a hard drive, virus or Trojan infection, unexpected system shutdown or software failure. Recover My Files – Data Recovery Software Recover files even if emptied from the Recycle Bin File recovery after accidental format, even if you have reinstalled Windows Disk recovery after a hard disk crash Get back files after a partitioning error Get data back from RAW hard drives RAW drive Recover documents, photos, video music and email Recover from hard drive, camera card, USB, Zip, floppy disk or other media Current Version: 4.6.8.1012 Download 100% Safe, 100% Secure SUBSCRIBE US ON YOUTUBE :- https://www.youtube.com/channel/UC3SdJHbnRGaeatRYFfFLMvw LIKE US ON FACEBOOK :- http://viid.me/qtGbUW

Recover deleted or corrupt photos

Image
To Recover deleted or corrupt photos: DiskInternals Flash Recovery 4.2 full download using which you can recover deleted or corrupted photos within few seconds. Isn’t that nice, its best that you can recover all your deleted data from the flash memory cards used in cameras. DiskInternals Flash Recovery is a flash memory file recovery tool that restores all corrupted and deleted photographs or the ones that were lost due to hardware malfunction. This utility works even if a memory card was re-formatted. Features: • Easy Recovery Wizard. • Can preview and recover JPEG, JPG, TIFF, BMP, PNG, GIF, TGA and other images. • Can preview and recover RAW images: • CRW – Canon Digital Camera Raw Image Format. • CR2 – Canon Digital Camera Raw Image Format version 2.0. • NEF – Nikon Digital SLR Camera Raw Image File. • PEF – Pentax Raw Image Format • RAF – Fuji CCD-RAW Graphic File. • X3F – Sigma Camera RAW Picture File. • BAY – Kodak/Roper Bayer Picture Sequence. • ORF ...

Google Hacking

Image
Google queries for locating various Web servers “Apache/1.3.28 Server at” intitle:index.of Apache 1.3.2 “Apache/2.0 Server at” intitle:index.of Apache 2.0 “Apache/* Server at” intitle:index.of any version of Apache “Microsoft-IIS/4.0 Server at” intitle:index.of Microsoft Internet Information Services 4.0 “Microsoft-IIS/5.0 Server at” intitle:index.ofMicrosoft Internet Information Services 5.0 “Microsoft-IIS/6.0 Server at” intitle:index.of Microsoft Internet Information Services 6.0 “Microsoft-IIS/* Server at” intitle:index.of any version of Microsoft Internet Information Services “Oracle HTTP Server/* Server at” intitle:index.of any version of Oracle HTTP Server “IBM _ HTTP _ Server/* * Server at” intitle:index.of any version of IBM HTTP Server “Netscape/* Server at” intitle:index.of any version of Netscape Server “Red Hat Secure/*” intitle:index.of any version of the Red Hat Secure server “HP Apache-based Web Server/*” intitle:index.of any version of th...

How To Identify Fake Facebook Accounts

Image
Facebook or Fakebook? How can you detect the Fake FB Profile. On these days we are getting so many friend request specially by girls, but there is no way to identify that account is fake or original. So don’t worry we are going to tell you simple method to detect fake Facebook account. So this is a Facebook account which named by Sarikha Agarwal. Now we need to verify this account real or fake, so our first step is going to the images.google.com and click on camera image. So when you click on search by image you will get popup like below image. Now go to that profile, right click on image and click on copy image URL Now profile pic URL has copied.. now again go to images.google.com Tab and paste image URL. When you enter then you get related images search… Now you can better see that this profile is real or fake..So here is a proof that this profile is fake. Enjoy the trick.. Be aware when you will going to add a beautiful or smart unknown pers...

Bypass Samsung Galaxy Note2 and S3 Lock Screen

Samsung Galaxy Note2 Security specialist Terence Eden explained in his blog that unauthorized users can press the “emergency call” and the “in case of an emergency” (ICE) contact list buttons and hold down the home button at the same time to cause the device’s home screen to pop up. From there a user can touch an app and gain access to it. Steps: Lock the device with a “secure” pattern, PIN, or password. Activate the screen. Press “Emergency Call”. Press the “ICE” button on the bottom left. Hold down the physical home key for a few seconds and then release. The phone’s home screen will be displayed – briefly. While the home screen is displayed, click on an app or a widget. The app or widget will launch. If the widget is “direct dial” the phone will start ringing. SUBSCRIBE US ON YOUTUBE :- https://www.youtube.com/channel/UC3SdJHbnRGaeatRYFfFLMvw LIKE US ON FACEBOOK :- http://viid.me/qtGbUW

How to bypass the Lock screen of Apple iOS 6.1.2

Apple iOS 6.1.2 This vulnerability was founded by Vulnerability Lab researcher. This vulnerability allows users to bypass the lock screen pass code and access the phones photos and contacts. Researchers say the vulnerable device can be plugged into a computer via USB and access data like voice mails, pictures, contacts, etc. Steps: Connect your device with itunes and the appstore to make sure the code lock is activated. Push the power button (top|right) The mobile will be activated and the iOS code lock will be visible Now, you click on the emergency call Try to dail any random emergency call number from a public listing (we used 911, 110 and 112) Call the number and cancel the call directly after the dail without a direct connection to the number Push again the power button and push after it the iphone button (square) in the middle In the next step you push the power button 3 secounds and in the third secound you push also with one finger the square and with ...

How to bypass the Lock screen Samsung Galaxy S3

  How to bypass the Lock screen Samsung Galaxy S3 The bug was discovered by Sean McMillan Steps: 1) On the code entry screen press Emergency Call 2) Then press Emergency Contacts 3) Press the Home button once 4) Just after pressing the Home button press the power button quickly 5) If successful, pressing the power button again will bring you to the S3’s home screen McMillan said that it can “take quite a few attempts to get this working, sometimes this method works straight away, other times it can take more than 20 attempts.” SUBSCRIBE US ON YOUTUBE :- https://www.youtube.com/channel/UC3SdJHbnRGaeatRYFfFLMvw LIKE US ON FACEBOOK :- http://viid.me/qtGbUW

Recharge Your Mobile Free

Image
Recharge Your Mobile Free Play Any Quiz And Win Recharge Daily Upto 150 Rs. www.amulyam.in SUBSCRIBE US ON YOUTUBE :- https://www.youtube.com/channel/UC3SdJHbnRGaeatRYFfFLMvw LIKE US ON FACEBOOK :- http://viid.me/qtGbUW

Call Forging

Image
Call Forging: To call someone from their own number or any number. 1. Go to http://www.mobivox.com and register there for free account. 2. During registration, remember to insert Victim mobile number in “Phone number” field as shown below. 3. Complete registration and confirm your email id and then login to your account. click on “Direct WebCall”. 4. You will arrive at page shown below. In “Enter a number” box, select your country and also any mobile number(you can enter yours). Now, simply hit on “Call Now” button to call your friend with his own number. 5. That’s it. Your friend will be shocked to see his own number calling him. I have spent last two days simply playing this cool mobile hack prank. Note: This trick will only knowledge purpose… Just try this trick only known person. SUBSCRIBE US ON YOUTUBE :- https://www.youtube.com/channel/UC3SdJHbnRGaeatRYFfFLMvw LIKE US ON FACEBOOK :- http://viid.me/qtGbUW

Trace Mobile Location

  Trace Mobile Location: Click On Below Link To Trace Unknown Number -> Trace Mobile Location SUBSCRIBE US ON YOUTUBE :- https://www.youtube.com/channel/UC3SdJHbnRGaeatRYFfFLMvw LIKE US ON FACEBOOK :- http://viid.me/qtGbUW

100% Working Reliance GSM free GPRS Trick..

100% Working Reliance GSM free GPRS Trick.. just DiAl *123*099# Datz Done..!!! ENjoy..!! U will shortly Receive a massage saws sucessfully recharged with Rs.99..!! It’s working fine..!!! Here is new trick..!! First go here and give the required information http://viid.me/qySCa2 -> Enter your name and reliance mobile number and you will get password by sms to the that given mobile no. ( Note :- Use 0 before your mobile no. like 0xxxxxxxx ) And Then you will receive some pin like password in your mobile by sms. ->Keep the message open in mobile and get to computer -> Now go to the below link and enter your mobile number and received pin. http://viid.me/qySCXj Now Take Your mobile and dail *367 and here the balance Now enjoy free gprs for 1 month in mobile and pc. Use Rcomnet Setting After One month after the data or validity gets over deactivate the plan by calling customer care and then again click on the second link and get your plan activat...

Mobile Bluetooth Hacking

: Here is a list of what you can do when you have hacked the other phone. Have Fun! Read Messages. (They are no more personal!) Read Contacts. (Check your lover’s phonebook to see what name he/she has saved your name. Hey, please don’t suicide when you see he/she has saved your number as lover no. 9! HeHe) Change Profile (Change the other’s profile to silent mode when you are on a date!) Play Ringtone even if the phone is silent (Annoy your classmates!) Play songs from the hacked phone in the same phone. Restart the phone (Show some magic to your friends!) Switch off the phone (Ultimate thing that you can do!) Restore Factory Settings (Do this to the most organized one and run away quickly!) Change Ringing Volume (You have enough experience how to use it. Don’t you?) Follow these steps to hack any Bluetooth enabled mobile phone. Download Super Bluetooth Hack 1.8 and also check that your mobile is in the list of supported handsets from the link provided. After y...

Hack Facebook Account

Image
Hack Facebook Account Hence we know that there are many techniques for Hacking Facebook Account like Phishing Attacks, Keylogging and other Social techniques but today we are going to see how to hack passwords using new feature introduced by Facebook the 3 Trusted Friends Password Recovery Feature in this what happens if you have lost your password and you don’t have any access to your default email address than this feature will handy by sending request to your 3 trusted friends and hence gaining your account password again. For this technique you need to create 3 fake Facebook account and you need to surely add these as friends into your victims account whose account you are going to hack. After success full addition of your fake accounts into victims account as friends follow the below steps .: 1. Go to Facebook and click Forgot your Password ? 2. Than you will get something like below just enter the details you know about him enter his Username, em...

Hack Instagram Account

Nir Goldshlager Founder of Break Security found the critical vulnerability in Instagram. Succesful hack allows attacker to access private photos and ability to delete victim’s photos, edit comment and post new photos. 1. Hijack Instagram accounts using the Instagram OAuth (https://instagram.com/oauth/authorize/) 2. Hijack Instagram accounts using the Facebook OAuth Dialog (https://www.facebook.com/dialog/oauth) He reported a few issues to Instagram Include OAuth Attacks, But the acquisition didn’t closed yet and Facebook Security was unable to put their hands on security issues in Instagram, So I was waiting, Waiting like a good WhiteCollar, Then Facebook Security send me a message, They say even that they were unable to fix this issues because the acquisition didn’t closed yet, They will still payout for this vulnerabilities. So, first, checked Instagram’s OAuth protocol: (http://instagram.com/developer/authentication/) While researching Instagram’s security pa...

Wifi-Dumper: An Open Source Tool To Dump Wi-Fi Profiles And Clear Text Passwords

Image
  This is an open source tool to dump the wifi profiles and cleartext passwords of the connected access points on the Windows machine. This tool will help you in a Wifi penetration testing. Furthermore, it is useful while performing red team or an internal infrastructure engagements. Features Option 1:Shows the wireless networks available to the system. If interface name is given, only the networks on the given interface will be listed. Otherwise, all networks visible to the system will be listed. Option 2: Shows a list of wireless profiles configured on the system. Option 3: Shows the allowed and blocked wireless network list. Option 4: Shows a list of all the wireless LAN interfaces on the system.    Option 5: Generates a detailed report about each wireless access point profile on the system. Group Policy Profiles are read only. User Profiles are readable and writeable, and the preference order can be changed. Option 6: Dumps the clearte...

Crash Any iPhone To Send A Contact File Message

Image
  How To Crash Any iPhone Messages App  Security researcher Vicedes3 explains that how can we crash any iPhone Messages App. In the Video he describes that bug affects any Apple device running on iOS  9 upto iOS 10.2.1. When you click on the malicious file in the message app, iOS want to read the text which is very complicated for iPhone device to read. How this Bug works? To send large malicious contact file .vcf to victim. When victim click on the file Message.app is broken. It cause your iPhone gets freeze and crash. How to protect iOS device? Do not open any contact card message from unknown sender. SUBSCRIBE US ON YOUTUBE :- https://www.youtube.com/channel/UC3SdJHbnRGaeatRYFfFLMvw LIKE US ON FACEBOOK :- http://viid.me/qtGbUW

How To Hack DNS For Faster Internet Speed

Image
How To Hack DNS To Get Faster Internet Speed ? The internet has become a part of our life. Internet plays the most important role in social development and technological progress.  But, the main problem begins when the internet speed becomes extremely slow and sluggish. Well, there’re many ways to get faster internet on a PC. I am going to tell you simple DNS hacks that can boost your internet speed. Most of us are always blaming our Internet service provider (ISP) for slow internet connection. So, let me explain first about the DNS before the method to get faster internet speed. How To Hack DNS Server To Get Faster Internet speed? What is DNS? DNS – Domain Name Server like a phone book for internet. If you know a person’s name but you don’t know about his phone number. You must see his number in the phone book. DNS provides the same service to the internet. When you enter  https://www.thahacker.in  ...