Monday, December 27, 2010
2. Make sure you have installed .Net framework. If not you install that.
3. Extract the files with the help of Winrar or Winzip.
4. Run the Emissary keylogging software on your PC .
5. Open the Emissary keylogging . It will be like the below given figure.
8. Then Download and Execute the Trojan Downloader on the target PC . (Some antiviruses can report Trojan as malicious)
Lots of readers often ask me How can I be good at website hacking and web application security, The thing is that even if you have an idea of how some popular website application attack work but still you need a safe environment to practice what you have learned because you are not allowed to access any website even for testing purposes unless and until you are not authorized to do that, This is where Damn vulnerable web app(DVWA) comes into play
Basically Damn vulnerable web app(DVWA) PHP/MySQL web app which is Damn vulnerable, DVWA web app allows you to learn and practice web application attacks in a safe environment, It's latest version is DVWA 1.7.
Web Hacking and Security related articles on RHA
- Flood a website with denial of service attack
- Common methods to hack a website
- Website Hacking with Directory Transversal attacks
Vulnerabilities
- SQL Injection
- XSS (Cross Site Scripting)
- LFI (Local File Inclusion)
- RFI (Remote File Inclusion)
- Command Execution
- Upload Script
- Login Brute Force
- Blind SQL Injection
Official warning
It should come as no shock..but this application is damn vulnerable! Do not upload it to your hosting provider’s public html folder or any working web server as it will be hacked. It’s recommend that you download and install XAMP onto a local machine inside your LAN which is used solely for testing.
Installation Guide
You can download DVWA 1.0.4 here, below I am posting a video which will tell you step by step how to install DVWA tools on your computer and practice website Hacking.
First thing any hacker would do to compromise any network is gathering information passively and seeking vulnerable services as well as ports. And this is where Honeypots play a role of fake vulnerability in network.
Honeypots are fake theoretically, but not practically. They are real vulnerabilities in Network intentionally kept open & designed to gather information about the possible attack / attacker.
This fake vulnerability attracts any hacker towards it & he would try to compromise it. The Honeypot will itself stores the data regarding how hacker is trying to break it, what tools he might be using, his intentions, keystrokes and many such things.
This information is useful to network security administrator in many ways. Generally the attack is not done in one shot. Hackers try some initial attacks. And based on its results he hacks into major network flaws after some days.
So Honeypots help security people to secure the networks from the information they have gathered from initial attack. They are called as honey pots only because they are made available in network of vulnerabilities like Honey Comb.
Are Honeypots Vulnerable itself?
Sure they are. There are lot of smart ass hackers – who if anyhow come to know that they are dealing with Honeypots, They can totally screw things up.
Because, they are actually dealing with the system file in the network. So they are already inside it without any breakdown. If they can compromise this fake vulnerability Honeypot i.e. that they can surely break in to the system in less time.
Vulnerability is a vulnerable after all & Honeypots too. But there are very rare chances for attacker to identify it & needs great experience. So, planting Honeypot into any network architecture would be a more secure scenario for any host or network.
In this post I will tell you how your can hack facebook chat application to run it from any windows, Using this hack you will be able to chat with your freinds on other browser pages, So here is the step by step guide to hack facebook chat application.
Note:This trick to hack facebook chat application works for firefox browser only
1.First of all log into your Facebook account
2.Next visit the following link:
http://www.facebook.com/presence/popout.php
3.Next press control D and bookmark the Page
4.Next click on the bookmark option at the top beside history button and right click Facebook chat at the bottom and Check load this bookmark in the sidebar and click on ok.
Now you can load Facebook chat application from any browser
Friday, June 18, 2010
A hacker is known to build things, solve problems and not break or crack any system. The computer industry initially hired good programmers to make sure how to full proof their system. However, over the years, the media, journalism and writers have played a very important role in changing the real meaning of the word hacker. They themselves are very confused in the term Hacker and a Cracker. A typical definition of a Hacker, that today comes to you mind is that a Hacker, is a person who tries to gain unauthorized access to any property and computers. The term Hacker came as slang from the computer world. So, different people have given different definitions to it. But what remains the common point is, that whenever you hear the word hacker, the first think that comes to your mind is always negative and bad. However, the real meaning of a hacker is a programmer who really finds it thrilling to learn more about it, who likes to explore more details about the programming language and hence stretches his or her capabilities more than any average person.
Crackers are people who get cheap thrill out of cracking computer codes, and breaking into systems. Hence, these are the people who have negativity around them and they only believe in breaking or cracking an access to any kind of system that they have no authorization to. They are malicious annoying people who try to uncover sensitive information by poking their unwanted nose everywhere. Hackers on the other hand are knowledgeable and responsible people. They like to take intellectual challenges and like to overcome all limitations that are there in a particular system. Learning to hack is not very easy. It is a special gift that is only given to a selected few. Only people who are good in searching and keeping themselves updated about the latest technology are the one who are blessed with it. Only being good with computers does not qualify one to be a good hacker. Some people also reapply their hacking knowledge to different fields like music and electronic. It is also said the every hacker is independent of any kind of hack he does, call it in the computer field or elsewhere. Hackers are known to be ethical, wise in their practice.
The realty is: 'Hackers build things, crackers break them.'
Today the hacker world has been given 3 different names. The White hat hackers, who do all the good things and are positively motivated people, Then we have the Black hat hackers also called the crackers who are usually into negative work of cracking and breaking into someone's system and finally the third and the last are the grey hat hackers who explore the best of both the worlds. To conclude, we can say that Hackers are people who are skilled programmers that work for a positive cause or a goal, either for themselves or for an organization which could be private as in an industry or for the government.
›Thinking of A Hacker
The thinking of a hacker is very much the same as that of a good program developer. Hackers who have been successful have developed a common strategy over a period of time. This strategy is to very patiently and carefully document every step, which is what the programmers do. They are good at analyzing and following a methodical approach of investigation. So when they start they don't have much as in the background, they start from the starch and gradually build what is called the entire roadmap or game plan.
It is a known fact that in order to think like a master hacker one should imitated all the big hackers both intellectually and emotionally. As they always work on a different platform and it is the platform of Self Belief.
1. The typical thinking of a Hacker is that, they believe that the world is full of ongoing problems which continuously need solutions to it. So looking for solutions should be the ultimate aim and not giving up till the time the problem is cracked.
2. Another fundamental that they work on is that, the same wheel should not be invented twice as it will be a waste of time and effort both. Brains with creativity should be used for new proposes and not older ones. So, they believe in the theory that time is precious and make the best out of it.
3. The third fundamental truth that they believe in is that, repetition is what leads to success and no word like boredom can be found in their dictionary.
4. The next good thing they believe in is Freedom. Most of the hackers work independently and that is a strong foundation for them to grow. It is said that freedom has no limit to the growth of an individual.
5. No replacement for a good attitude. An attitude to fight and not flight. One can give up whenever he or she wants. It is only the attitude that makes you different from the other.
6. Hackers believe in a value system that is not negotiable and do not compromise on it, because if they do then they would be crackers and not hackers.
Documentation is said to be the wisest thing that any developer a simple programmer or a hacker maintains. At times finding solutions is so difficult that is only the documentation that can help one understand the entire process all over again. It is like hunting for a treasure hunt in a jungle with small clues that take you to the next clue and one step closer to the final gift.
Tuesday, June 15, 2010
Friday, June 11, 2010
Orkut is the famous online social networking site and is liked by almost every one of us. Orkut is a feature to interact with other peoples in the world by Google. But Orkut have added a feature to restrict viewing of our personal photo album and scrapbookfrom public viewing. Now since the world is full of hackers and crackers looking for things like these, they had managed to find a way to view the albums and scrapbook earlier and the trick was working absolutely fine few months back. But when the Orkut people came to know about the trick, they fixed that instantaneously. It is my sincere advice for you people to not to use any Java code as this can have adverse effects like banning your Orkut account or even you may end up revealing your password. So the best way available till now to view the Blocked Albums is to send the person a "Friend Request" 
Yes it's still possible to copy the photos from Orkut.Here's a step-by-step procedure to copy the photo. 1. Login into your Orkut Account. 2. Goto your friend's album and open the photo that you need to copy. 3. Once the photo is loaded to it's full size just place the mouse cursor on the photo. 4. Press the left click button and drag and drop the photo onto the ADDRESS BAR. I think this trick is no longer working. So I have a new trick…. Just DRAG and DROP the PHOTO onto the current/new TAB (If you have IE 7). Alternatively you can also Drag and Drop the photo onto the Desktop. That's it. This trick is working now!! 5. You can Right-Click and select the Save As option to save the photo onto your PC. The browser also displays the direct link to the photo. This link can be used to share the Orkut photos with your friends without the need to login to your Orkut account to access photos. Please express your opinions through comments. Cheer Up.. Happy Orkut Hacking.
4. Now the photo gets displayed seperately on your browser.
Recently Orkut moved the ad placement in the upper right corner. Earlier the place was used to display the friends list, but now you can only see someone selling weight loss products there. Like me, you are probably very annoyed with this move, since its almost an habit to click there to search friends. I think this may be one of the reason why Orkut moved the ads there, they'll be clicked more often because of the habit of Orkut's users. Well, now you can easily remove the ad. All you have to do is to use the Orkut Advertising Banner Remover Firefox addon. Obviously you need firefox installed to use this addon. Get Firefox here. Now go to the addon's page from Firefox browser and click on the Add to Firefox button. That's it. You'll never see that ad again. Enjoy!
Here are some of the tips for Orkut users to prevent from getting their own Orkut profile hacked!Orkutting in Public Computer
Make sure you do not check the button "Remember Me" when you log in to your Orkut account from a publicly accessible Internet (Cyber Cafe).Someone might peep when you are typing the password,in such case strong password with numbers and capitalization are recommended.Anti Keylogger
If you are visiting a local browsing center then try to check the programs installed in the computer.If you find keylogger (which stores password) then remove it immediately (Complain about this to the person who manages the browsing center).You can also install a Anti Keylogger to protect and safely log in to your Orkut account.Another solution for this is to make use of On Screen keyboard which is installed on every Windows Operation System.Never use Javascript code
If a friend scraps you to copy the javascript code and paste it in your browser address bar then re check the Javascript to understand the code.If you are familiar with the code then make a search or better ignore such javascript scraps,no matter what they do! They are a time waster..Re-Check Links via Scraps
Some people will blindly click on the website links sent by anonymous orkut user to the scrapbook.Re check the links once again and make sure you do not enter your password to any fake login page or give out any of the Orkut details if you are visiting a website or any link via orkut scrapbook.Strong Google Gmail password
If you are having a password which is easy to remember then change is as soon as possible.Because hackers can make use of programs such as "Brute Force" to easily detect your password (If the password is short and is a dictionary word).Make use of Password generators and take a note of your password.Also make sure you have a good security question & answer which none of your friend can easily guess.Check the address bar
Everytime you visit someone's profile via links or any orkut community then check the address bar to ensure that you are on Orkut.com website.If you detect any different url then do not panic, immediately change your orkut password!Stay away from Orkut Strangers
If someone requests for friendship then checkout his/her profile, check scraps, orkut communities and mutual friends joined by the person.So that you get a clear idea if the person is genuine or a orkut hacker who want to abuse your profile.Maintain Orkut Privacy Profile
Keep your profile private if you are too much concerned about your privacy.Generally this will help you a great deal if you are orkutting to connect with Well-Known friends as it eliminates anonymous scraping and friendship with strangers!Remember to Logout
Make sure you do NOT forgot to Log out from the Orkut website if you are accessing Internet from a public area.Once again double check Orkut,Gmail and Google services.
Now you can get your orkut scraps on your mobile phone even if you are away from your computer system.
I found a very interesting and working trick for this alert.
As you know Orkut is a widely used social networking website in India and millions of people have accounts on Orkut. Why not use your mobile phone to get free scrap alerts from your Orkut account? Orkut charges for the scrap alerts but our trick will help you do this for free. Just follow some simple steps and you are done with receiving free scrap alerts on your mobile phone.
If you want to know how you can do this then just follow these simple steps.
Step 1 - Login to your orkut account and get the url of your Orkut Scrapbook. This will be a unique URL that will be useful for you to know the user id of your account. You can just copy paste the link of your account homepage from the address bar.
Step 2 - Now open the URL
http://www.orkutfeeds.com/feed.php?uid=???????
and paste the digits you have copied from your orkut account. '
Now this is your orkut scrapbook feed url. Your account must be activated to show scrapbook to everyone else.And if you are not login to your orkut account and you have disabled Public Scrapbook showing then this url does not show anything.
Step 3 - If you have opened the url in step 2 and it is showing data then open this url
http://labs.google.co.in/smschannels/subscribe/vaseemansari (This is my google channel, you can subscribe it to get alerts on your mobile phone from my this blog).You must login to Google account to view this url.
Step 4 - Now open this url
http://labs.google.co.in/smschannels/create_channel
and create a new channel for receiving messages like i created mine is VaseemOrkut.
Step 5 - There will be a form, fill it accordingly and place the Step 2 URL in the right place as shown in picture. Hit the Create Channel button and you're done.
If you want noone can view your scrapbook then use this
Who can subscribe: By invitation only (choose this)
Now you can start receiving messages from Google on your mobile phone.
I am here to help you so you can ask me if you are having trouble understanding anything written above.
If you are searching for a trick to View locked albums in Orkut than let me tell you first that this thing is not possible as Orkut increased Security in its online system. As Orkutis more secure so i am sure nobody can provide you any script to view orkut locked albums and scrapbook of other users profile.
Still you are able to found some article explaining this thing than i want you to share that article here as I am 100% sure that this thing cant not be done in any way.
Although most of the websites are providing some Greasemonkey script to view the orkut locked profiles scrapbook and album pics.
So i have posted an article on How to use Greasemonkey scrip to enable profile view of any orkut user.
If you are free and desperately want give yourself a shot to do this than view this article for How to View locaked Scrapbook and Albums pics/photos of Orkut/Facebook users.
If you are searching for a trick to view Scrapbook and Albums pics of Orkut andFacebook users than this article will definitely useful for you. You can easily view all locked photos and scraps on orkut by just adding Adds-On in your browser, to unlock Album and scraps of any orkut profile just do following steps. This is a sure way to get it.
Step 1. You must download firefox browser, because it has the capability to keep Adds-on script. This is a free browser. You can download it from MOZILLA. This browser is more powerful than internet explorer browser. If you are already using firefox, it's OK.
Step 2. Download Greasemonkey . This is an adds-on for firefox browser. Install it for firefox. Close all firefox browser after installing. Open firefox browser, you will see a monkey figure at the bottom of browser. Insure it is glowing. If this is glowing, it's O.K. This is to insure that user-defied java script code will run on it.
Step 3. Now use java script code for various purpose, all script will work fine. Click here to install View Locked Scrapbook Script. After enabling it, open orkut.com in firefox browser. Now you can view locked scrapbook of any profile.
Step 4. To view any locked album click here and install script. This required script to view photo of locked album of orkut may change frequently. so use latest script fromhttp://userscripts.org.
Both the script is available at http://userscripts.org . you can do various other works from different scripts like you can scrap all your friends by single click (HTML included). You can make same new topic in all of your community by a single click or you can send friend invitation to all members of a community etc. Just check here
Above methods is also misused to hack orkut, and it is misused for spamming everywhere. Orkut team should work hard to fight from this scripts.
Note: This trick were working in past and today i have tested it again for my blog visitors and i found that this trick is no more working as Google programmer fixed this loophole.
These are the few steps every Social Networking Person must follow to secure their Accounts from being hacked by someone else.
To Secure your account you must follow these simple steps
You need to go to the settings of your Orkut Account and then click on the privacy tab:Steps To Secure Your Orkut Profile/Account
1) Restrict Access To Your Content
Allow only your friends to view and access your contents. This will help to keep strangers away from your profile. Scrapbook, videos and testimonials contains a lot of personal information, if accessed by others, may result in threats.2) Friends Request By Known Persons
Under the friends request section, select the option “anyone who fits one of the following selected options” and then the first option will be automatically checked, leave the other two options as it is. This options will make sure that only your friends will be able to send you the friends request, only if they know your email address. This is an very important feature inOrkut’s security. After enabling this option, you will not get useless and irritating friends request from strangers.
3) Hide Cell Phone Number
If you verify your Orkut account or any other services related to Orkut, you cell phone number is automatically attached to your account. If you don’t want to invite any troubles, select “myself” in the options, as shown above.
4) Show Email Address Only To Friends
If you don’t want to be a winner of some lottery from South Africa or if you don’t want to buy cheap stuffs at a heavy discount, just show your email address only to your friends and no one else. Many of my friends who haven’t hidden their email address, received as many as 500 spam messages everyday.
5) Don’t Allow Others To Find You Through Email
You may have used your email address in thousands of forums as well as in many other websites. Any one who knows your email address can easily find you onOrkut . Hence it is recommended not to allow people to find you through your email address. Many of you may agree with this but there may be a large amount of people who would disagree as their long lost friends would not be able to find them on Orkut. The choice is yours.
Following these steps would definitely make your account much secure and you will no more receive unnecessary friends request. Parents can assure that, their kids are miles away from strangers.
Your Suggestion are always required.
