Recent Articles
Showing posts with label hacking. Show all posts
Showing posts with label hacking. Show all posts
Tuesday, June 4, 2013
Tuesday, June 4, 2013
- 2 Comments
Google serves almost 80 percent of all search queries on the Internet, proving itself as the most popular search engine. However Google makes it possible to reach not only the publicly available information resources, but also gives access to some of the most confidential information that should never have been revealed. In this post I will show how to use Google for exploiting security vulnerabilities within websites. The following are some of the hacks that can be accomplished using Google.
1. Hacking Security Cameras
There exists many security cameras used for monitoring places like parking lots, college campus, road traffic etc. which can be hacked using Google so that you can view the images captured by those cameras in real time. All you have to do is use the following search query in Google. Type in Google search box exactly as follows and hit enter
inurl:”viewerframe?mode=motion”
Click on any of the search results (Top 5 recommended) and you will gain access to the live camera which has full controls.
you now have access to the Live cameras which work in real-time. You can also move the cameras in all the four directions, perform actions such as zoom in and zoom out. This camera has really a less refresh rate. But there are other search queries through which you can gain access to other cameras which have faster refresh rates. So to access them just use the following search query.
intitle:”Live View / – AXIS”
Click on any of the search results to access a different set of live cameras. Thus you have hacked Security Cameras using Google.
2. Hacking Personal and Confidential Documents
Using Google it is possible to gain access to an email repository containing CV of hundreds of people which were created when applying for their jobs. The documents containing their Address, Phone, DOB, Education, Work experience etc. can be found just in seconds.
intitle:”curriculum vitae” “phone * * *” “address *” “e-mail”
You can gain access to a list of .xls (excel documents) which contain contact details including email addresses of large group of people. To do so type the following search query and hit enter.
filetype:xls inurl:”email.xls”
Also it’s possible to gain access to documents potentially containing information on bank accounts, financial summaries and credit card numbers using the following search query
intitle:index.of finances.xls
3. Hacking Google to gain access to Free Stuffs
Ever wondered how to hack Google for free music or ebooks. Well here is a way to do that. To download free music just enter the following query on google search box and hit enter.
“?intitle:index.of?mp3 eminem“
Now you’ll gain access to the whole index of eminem album where in you can download the songs of your choice. Instead of eminem you can subtitute the name of your favorite album. To search for the ebooks all you have to do is replace “eminem” with your favorite book name. Also replace “mp3″ with “pdf” or “zip” or “rar”.
4. Using Google, and some finely crafted searches we can find a lot of interesting information.
For Example we can find:
Credit Card Numbers
Passwords
Software / MP3′s
…… (and on and on and on) Presented below is just a sample of interesting searches that we can send to google to obtain info that some people might not want us having.. After you get a taste using some of these, try your own crafted searches to find info that you would be interested in.
Credit Card Numbers
Passwords
Software / MP3′s
…… (and on and on and on) Presented below is just a sample of interesting searches that we can send to google to obtain info that some people might not want us having.. After you get a taste using some of these, try your own crafted searches to find info that you would be interested in.
Try a few of these searches:
intitle:”Index of” passwords modified
allinurl:authuserfile.txt
“access denied for user” “using password”
“A syntax error has occurred” filetype:ihtml
allinurl: admin mdb
“ORA-00921: unexpected end of SQL command”
inurl:passlist.txt
“Index of /backup”
“Chatologica MetaSearch” “stack tracking:”
intitle:”Index of” passwords modified
allinurl:authuserfile.txt
“access denied for user” “using password”
“A syntax error has occurred” filetype:ihtml
allinurl: admin mdb
“ORA-00921: unexpected end of SQL command”
inurl:passlist.txt
“Index of /backup”
“Chatologica MetaSearch” “stack tracking:”
Amex Numbers: 300000000000000..399999999999999
MC Numbers: 5178000000000000..5178999999999999
visa 4356000000000000..4356999999999999
MC Numbers: 5178000000000000..5178999999999999
visa 4356000000000000..4356999999999999
“parent directory ” /appz/ -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
“parent directory ” DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
“parent directory “Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
“parent directory ” Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
“parent directory ” MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
“parent directory ” Name of Singer or album -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
Notice that I am only changing the word after the parent directory, change it to what you want and you will get a lot of stuff.
“parent directory ” DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
“parent directory “Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
“parent directory ” Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
“parent directory ” MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
“parent directory ” Name of Singer or album -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
Notice that I am only changing the word after the parent directory, change it to what you want and you will get a lot of stuff.
METHOD 2
put this string in google search:
?intitle:index.of? mp3
You only need add the name of the song/artist/singer.
Example: ?intitle:index.of? mp3 jackson
?intitle:index.of? mp3
You only need add the name of the song/artist/singer.
Example: ?intitle:index.of? mp3 jackson
METHOD 3
put this string in google search:
inurl:microsoft filetype:iso
You can change the string to watever you want, ex. microsoft to adobe, iso to zip etc…
“# -FrontPage-” inurl:service.pwd
Frontpage passwords.. very nice clean search results listing !!
inurl:microsoft filetype:iso
You can change the string to watever you want, ex. microsoft to adobe, iso to zip etc…
“# -FrontPage-” inurl:service.pwd
Frontpage passwords.. very nice clean search results listing !!
“AutoCreate=TRUE password=”
This searches the password for “Website Access Analyzer”, a Japanese software that creates webstatistics. For those who can read Japanese, check out the author’s site at: coara.or.jp/~passy/ [or.jp]
“http://:@www” domainname
This is a query to get inline passwords from search engines (not just Google), you must type in the query followed with the the domain name without the .com or .net
This is a query to get inline passwords from search engines (not just Google), you must type in the query followed with the the domain name without the .com or .net
Another way is by just typing
“http://bob:bob@www”
“http://bob:bob@www”
“sets mode: +k”
This search reveals channel keys (passwords) on IRC as revealed from IRC chat logs.
allinurl: admin mdb
Not all of these pages are administrator’s access databases containing usernames, passwords and other sensitive information, but many are!
This search reveals channel keys (passwords) on IRC as revealed from IRC chat logs.
allinurl: admin mdb
Not all of these pages are administrator’s access databases containing usernames, passwords and other sensitive information, but many are!
allinurl:authuserfile.txt
DCForum’s password file. This file gives a list of (crackable) passwords, usernames and email addresses for DCForum and for DCShop (a shopping cart program(!!!). Some lists are bigger than others, all are fun, and all belong to googledorks. =)
DCForum’s password file. This file gives a list of (crackable) passwords, usernames and email addresses for DCForum and for DCShop (a shopping cart program(!!!). Some lists are bigger than others, all are fun, and all belong to googledorks. =)
intitle:”Index of” config.php
This search brings up sites with “config.php” files. To skip the technical discussion, this configuration file contains both a username and a password for an SQL database. Most sites with forums run a PHP message base. This file gives you the keys to that forum, including FULL ADMIN access to the database.
This search brings up sites with “config.php” files. To skip the technical discussion, this configuration file contains both a username and a password for an SQL database. Most sites with forums run a PHP message base. This file gives you the keys to that forum, including FULL ADMIN access to the database.
eggdrop filetype:user user These are eggdrop config files. Avoiding a full-blown descussion about eggdrops and IRC bots, suffice it to say that this file contains usernames and passwords for IRC users.
intitle:index.of.etc This search gets you access to the etc directory, where many many many types of password files can be found. This link is not as reliable, but crawling etc directories can be really fun!
filetype:bak inurl:”htaccess|passwd|shadow|htusers” This will search for backup files (*.bak) created by some editors or even by the administrator himself (before activating a new version). Every attacker knows that changing the extenstion of a file on a webserver can have ugly consequences.
Let’s pretend you need a serial number for windows xp pro.
In the google search bar type in just like this – “Windows XP Professional” 94FBR
the key is the 94FBR code.. it was included with many MS Office registration codes so this will help you dramatically reduce the amount of ‘fake’ porn sites that trick you.
or if you want to find the serial for winzip 8.1 – “Winzip 8.1″ 94FBR
Credits and More Info http://harshvaghela.blogspot.com
I have shown you this info to let you know that there is a real risk putting your info online. If you do want to buy stuff online make sure the site you are using is secure normally if a site is secure you will see a pop up saying you are now entering a secure part of the site or a symbal of a padlock at the bottom of your browser or just use pay pal, pay pal is very safe to use. But most of the time just use common sense if a site looks cheap it normally hasn’t got the protection to keep your info safe. I am not saying don’t buy stuff online because that is one of the best thing’s about the internet i am just saying be aware of websites that want your bank details and there is no symbal of a padlock at the bottom of your browser
5.Crash a Computer using Flash and Google.
Open up a new flash document. Open up the Actions panel for the stage of the first frame. If it’s in Actionscript 2, write the following:
| onEnterFrame = function () { getURL(“http://www.google.com”, “_blank”); } |
Or if it’s actionscript 3 write the following:
| function openGoogle(e:Event):void { navigateToURL(“http://www.google.com”, “_blank”); } stage.addEventListener(Event.ENTER_FRAME, openGoogle); |
Press Control-Enter when you’re ready to crash your computer. What this does is repeatedly open up new tabs of Google. But it opens so many Google tabs every second that after maybe 20-30 seconds your computer will barely be able to respond to you mouse clicks or even mouse movements. Usually, any attempt to stop it will result in processing overload and cause the computer to freeze. The only real way to stop this is to force-quit BOTH flash.exe and iexplorer.exe. Some teachers may know enough to do this, but might accidentally close explorer.exe
hope you enjoyed this post. Pass your comments. Cheers!
Friday, May 10, 2013
Friday, May 10, 2013
- 0 Comments
Here, you will be find an easy way to remove passwords in such a way that Windows will automatically get to the desktop without asking you to enter the system password. Though, you can restore it back whenever you feel that your system is not safe anymore.
How to Bypass Password Login
- Start typing "netplwiz" (without quotes) in the Windows 8 start screen and hit enter to launch the "User Accounts" control panel (on older versions of Windows, click "User Accounts Control Panel").
- Enter your password if prompted.
- In the window that opens, uncheck the box stating "Users must enter a username and passwords to use this computer" and click OK (on older versions of windows, first double-click the account you wish to automatically log in).
.jpg)
- Enter and reenter the existing account password(s) if you're asked.
.jpg)
That's it. From now on, you will not see the password screen anymore.
However, If you don't want to use this feature anymore and are interested in getting your old Windows 8 password screen back, you can restore it by following the above steps—except the 3rd one where you need to select the check box, which we have de-selected previously.
You can follow the same steps to bypass password screen on previous version of Windows too, not just Windows 8.
Tuesday, May 7, 2013
Tuesday, May 7, 2013
- 0 Comments
Phishing attacks are one of the most common scams on Facebook. The goal of these scams is to obtain your Facebook user name and password. If successful, the scammers can totally take over your Facebook account and use it to spread more spam and scams to your friends. They can also mine everyone in your network for data they can later use for identity theft or other socially engineered attacks.
Here are some examples of popular phishing schemes on Facebook:
- Facebook Lottery – You’re likely to receive an email stating you’ve won a sum of money. These can also be advanced fee scams.
- Confirm Your Account – Any messages asking you to confirm your account should be viewed with extreme suspicion. If you receive an email like this, don’t follow any links. A better option is to log in to Facebook directly.
- Violated a Policy – Hacked accounts often send messages posing as ‘Facebook Security.’ If you encounter one of these scams, you’ll notice that Facebook Security will be spelled with non-traditional characters. This is done to bypass Facebook’s filters.
- Photos & Videos - The scammers attempt to capitalize on our curious nature. You will receive a message from a compromised friend’s account asking you to look at this photo or video. A popular theme is to say the picture is embarrassing or they can’t believe you did that, etc. Other variants of this scam contain files laden with malware.
Most all of these scams direct you to external links to pages designed to look like Facebook. Before logging in to any site, always verify that you are indeed on the main site. Careless and unsuspecting users are often fooled by these tricks.
Below is one example of the photo phishing scheme mentioned above.
“do you notice that they were rrecording u lol this is unpleasant lol !!”
Other Alternate Messages:
Is this you in this video on facebook, what are you doing LOL? Search on this website for your name
HAHAHAHAHA i can not believe whaat you did in thisss videeo it’s sooo stupid its all overfacebook! Coooopy and Paaaste the url below into your web browser to seeeee , its craazy!Removeee thee Spaces —>
OMG have u seen ur video on here. u should check this out!
Clicking on the link in the scam post will at first direct the user to a Facebook application and then ultimately to a phishing URL:
Scams like this are very common on the Facebook platform. Humans are curious by nature, and the scammers often use this and other emotions to their advantage. Also consider that these messages or updates may come from a friend’s hacked account. Don’t assume any links or messages are legitimate just because they came from a friend. In fact, if you receive them via Facebook chat / message, then there is a good chance that your friend’s account has been compromised. Double check your friends list and remove or block any name that looks suspicious (awkward and non-traditional spellings of Facebook Security, Account Confirmation, etc.)
Never enter your login information when a web page redirects you without first double checking to make sure you are on the legitimate site. A better option is to bookmark Facebook, and only log in from there.
Friday, April 12, 2013
Friday, April 12, 2013
- 0 Comments
Get all the passwords on LAN
Here is a great tutorial of how to know the passwords on LAN ..... This trick is very efficient . You can know all the passwords on the lan using this . The software CAIN AND ABEL is necessary for that.
Download from this link : download CAIN AND ABEL
-=Step One=-
You want to activate "Sniffer" by activating the button next to the "Open" icon. You will also want to turn on APR which stands for APR Poison Routing. (Don't take POISON literally, It will not actually harm the computer you are piggybacking on)
-=Step Two=-
Switch your active/current tab to "Sniffer," after doing so right click in the middle of the blank fields and click on "Scan MAC Addresses" and make sure "All hosts in my subnet" is clicked with a dot in the circle. You should see several hosts pop up, if they did then you are doing everything correctly so far.
-=Step Three=-
At the bottom of Cain and Abel, you will see a tab called "APR," make that your active/current tab you are viewing under the "Sniffer" tab. Now click on the top white blank box in the "APR" subtab, and go up top and click on the "Add" button. Click on what ever you Routers IP is. Then click the IP of the target computer or whatever you want to piggyback on. Then press OK.
You want to activate "Sniffer" by activating the button next to the "Open" icon. You will also want to turn on APR which stands for APR Poison Routing. (Don't take POISON literally, It will not actually harm the computer you are piggybacking on)
-=Step Two=-
Switch your active/current tab to "Sniffer," after doing so right click in the middle of the blank fields and click on "Scan MAC Addresses" and make sure "All hosts in my subnet" is clicked with a dot in the circle. You should see several hosts pop up, if they did then you are doing everything correctly so far.
-=Step Three=-
At the bottom of Cain and Abel, you will see a tab called "APR," make that your active/current tab you are viewing under the "Sniffer" tab. Now click on the top white blank box in the "APR" subtab, and go up top and click on the "Add" button. Click on what ever you Routers IP is. Then click the IP of the target computer or whatever you want to piggyback on. Then press OK.
-=Step Four=-
After pressing OK you should see a line in the top box and it will either say IDLE or POISONING. If it says IDLE just give it a couple of seconds for it to start the poisoning. If it is POISONING go down to the bottom again and find "Passwords," make that your current/active subtab. Now passwords and usernames should be popping up under any of the select categories, mine are usually HTTP passwords but, yours might be different.
After pressing OK you should see a line in the top box and it will either say IDLE or POISONING. If it says IDLE just give it a couple of seconds for it to start the poisoning. If it is POISONING go down to the bottom again and find "Passwords," make that your current/active subtab. Now passwords and usernames should be popping up under any of the select categories, mine are usually HTTP passwords but, yours might be different.
_________________________________________________________________________________________________
How to detect and block an ARP spoofing
attack on a LAN
ARP poisoning attacks are the most dangerous MITM attacks when working on a LAN. The most hazardous thing about this attack is that they go unnoticed for a very long time or in some cases they would never be detected if not checked for. No naive internet user is gonna check if he is being poisoned. This would go undetected in a trusted environment like an office or at college. Well then it is the responsibility of the admins to protect their clients from attack.
Detecting an ARP Spoofing attack
Well detecting an ARP attack is fairly easy assuming that the malware responds to standard ARP requests. Here's how you go about detecting a possible attack.
1. Start a network capture using a tool such as tcpdump or Wireshark.
2. Generate some traffic on your machine and then stop the capture.
3. Now analyze the traffic. You don't have to be an expert to do this. Check if you are getting ARP requests or responses from multiple addresses.
If you are getting ARP traffic from sources other than your default gateway there is possibly an eavesdropper. This eavesdropper could also modify what you recieve. A very good application of MITM is 'login credentials stealing', especially from SSL secured websites. Tools such as Ettercap and Cain & Abel can make this possible even for a script kiddie.
This was about detecting an MITM, but there is no manual way to block an MITM, other than bashing up the intruder sitting at the poisoning host machine.
Blocking an ARP Spoofing Attack:
ArpON (Arp handler inspectiON) is a portable handler daemon that make Arp secure in order to avoid Arp Spoofing/Poisoning & co.
This is possible using two kinds of anti Arp Poisoning techniques, the first is based on SARPI or "Static Arp Inspection", the second on DARPI or "Dynamic Arp Inspection" approach.
Keep in mind other common tools fighting ARP poisoning usually limit their activity only to point out the problem instead of blocking it, ArpON does it using SARPI and DARPI policies. Finally you can use ArpON to pentest some switched/hubbed LAN with/without DHCP protocol, in fact you can disable the daemon in order to use the tools to poison the ARP Cache.
Well detecting an ARP attack is fairly easy assuming that the malware responds to standard ARP requests. Here's how you go about detecting a possible attack.
1. Start a network capture using a tool such as tcpdump or Wireshark.
2. Generate some traffic on your machine and then stop the capture.
3. Now analyze the traffic. You don't have to be an expert to do this. Check if you are getting ARP requests or responses from multiple addresses.
If you are getting ARP traffic from sources other than your default gateway there is possibly an eavesdropper. This eavesdropper could also modify what you recieve. A very good application of MITM is 'login credentials stealing', especially from SSL secured websites. Tools such as Ettercap and Cain & Abel can make this possible even for a script kiddie.
This was about detecting an MITM, but there is no manual way to block an MITM, other than bashing up the intruder sitting at the poisoning host machine.
Blocking an ARP Spoofing Attack:
ArpON (Arp handler inspectiON) is a portable handler daemon that make Arp secure in order to avoid Arp Spoofing/Poisoning & co.
This is possible using two kinds of anti Arp Poisoning techniques, the first is based on SARPI or "Static Arp Inspection", the second on DARPI or "Dynamic Arp Inspection" approach.
Keep in mind other common tools fighting ARP poisoning usually limit their activity only to point out the problem instead of blocking it, ArpON does it using SARPI and DARPI policies. Finally you can use ArpON to pentest some switched/hubbed LAN with/without DHCP protocol, in fact you can disable the daemon in order to use the tools to poison the ARP Cache.
Download link: ARP handler inspection
Subscribe to:
Posts (Atom)
