Posts

Showing posts from 2012
Image
15.COMPLETE TUTORIAL ON MAKING XSS ATTACK:                                           XSS (PERSISTENT & NON-PERSISTENT                                                   Hi XSS CAN BE DONE  in 2 ways, Persistent and Non-Persistent type. For XSS we will use something called a cookie catcher. Question will be that why we would need someone else's cookie? The answer is that we can change our browser's cookies to login as them!!! So lets call it Session Hijacking First go to a free hosting site like http://www.110mb.com or other php hosting sites and register there. Then download this cookie catcher and upload it. Cookie Catcher: http://adf.ly/Tdbm What does the cookie catcher do? It grabs the user's: Cookies IP Referral link which what page it got to that link Time and Date Get Vulnerable sites: Ok first we need sites that are vulnerable to XSS so it will work on them. To test it we will need to add a code after the link. I will use this si
Image
14.C|EH V7.1  MODULES  TOTAL COLLECTION   Hi Friends This New Post On My Blog is To  Provide And Educate You  With The Greatest Resource C|EH V7.1 MODULES COLLECTION. Before Getting InTo The Link , I Think Everybody Had Heared of  C|EH(Certified Ethical Hacker)   Program that Had Been Established By EC Council. To Know More About It Just Google For It and Search Over In Wikipedia.                                    H3R3 15 7h6 D0wn104d  1ink/....               Click Here To Download.     <== DOWNLOAD HERE     If The RAR File Asked For Password Enter :k3lvinmitnick                                                                                                                       
Image
13.HOW TO BLOCK AND UNBLOCK WEBSITES. Go to Start and then Run . Type in this C:\ WINDOWS \system32\drivers\etc Now you will see file name Host open that in Notepad . Below " 127.0.0.1 localhost " add IP address of site to be blocked. To unblock any site just reversed the process.         EXAMPLE      127.0.0.1 localhost      69.171.224.14    (This will block Facebook)      NOTE: For each site you block just add " 1 " to the IP (127.0.0.1)  
Image
12.HOW TO GET PASSWORD BEHIND ASTERISKS.  This is trick will let you see password behind asterisks . You might be thinking what is asterisks. It is dots or stars you see when you type password. This trick will let you see password behind asterisks . often people save their password on browser so this trick will let you get their password easily. Go to the page that contain password in asterisks . Now copy the following code . javascript :(function(){var s,F,j,f,i; s = ""; F = document .forms; for(j=0; j<F. length ; ++j) { f = F[j]; for (i=0; i<f.length; ++i) { if (f[i].type.toLowerCase() == "password") s += f[i].value + "\n"; } } if (s) alert("Passwords in forms on this page:\n\n" + s); else alert("There are no passwords in forms on this page.");})(); Paste the code into address bar of the page. Now you will get the password on that page.        NOTE : This trick works on internet explorer and mig
Image
11.SOME OF TOPPEST PROXY SITES TO SURF ANONYMOUS.            Below is the list of some good proxy site which you can use to surf anoymously on the internet . Even you can use this proxy sites to open block website in school or offices. For example you can use facebook if it is block at your school or office. http://aniscartujo.com/webproxy http://www.badboysproxy.com http://www.surfscreened.com http://www.hagiomusic.info http://www.greenpips.info http://urlbrowse.com http://www.hideipaddress.net http://www.sneakfilter.com http://www.browsestealth.com http://www.sneak1.info http://proxiesrus.com http://www.surfindark.com http://www.navydog.com http://falsario.com http://www.proxypit.com http://www.proxypan.com http://myspacewebproxy.org/ http://www.allfreehere.info http://www.takefreely.info http://autobypass.com http://www.proxcity.info http://www.proxyzip.org http://www.cheekyproxy.com http://www.eggproxy.com http://www.theschoolcloak.com htt
Image
10.XSS ATTACKS What is XSS? Cross Site Scripting also known as XSS , is one of the most common web appliction vulnerability that allows an attacker to run his own client side scripts(especially Javascript) into web pages viewed by other users. In a typical XSS attack, a hacker inject his malicious javascript code in the legitimate website . When a user visit the infected or a specially-crafted link , it will execute the malicious javascript. A successfully exploited XSS vulnerability will allow attackers to do phishing attacks, steal accounts and even worms.  Example : Let us imagine, a hacker has discovered XSS vulnerability in Gmail and inject malicious script. When a user visit the site, it will execute the malicious script. The malicious code can be used to redirect users to fake gmail page or capture cookies. Using this stolen cookies, he can login into your account and change password. It will be helpful for understanding XSS , if you have the following prerequisite:
Image
9. SQL Injection: A Step-by-Step Tutorial   SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. It is an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another. SQL injection attacks are also known as SQL insertion attacks. Step-by-Step tutorial for SQL Injection Step 1:  Find a website that is vulnerable to the attack. This is the first step in SQLi and like every other hack attack is the most time consuming, and is the only time consuming step. Once you get through this, rest is a cake-walk. Now, let us all know what kind of pages are vulnerable to this attack. We are providing you wit