Jones Guide: Windows Hacks

Hello Readers, I heard some of you are not getting out tutorials because u have no knowledge about Web hacking and you wanna learn web hacking .. So today i decided to write this tutorial for no0bs.

Because in this tutorial we are going to learn about IIS Web Hacking Exploit the Easiest way to hack for Noobs..

NOTE: THIS IS ONLY FOR EDUCATION PURPOSES, AND FOR SAFETY PURPOSE. WE ARE NOT RESPONSIBLE ANY HARM DONE BY YOU.

By using this Exploit an attacker can upload shell , Deface web site delete data etc. etc can do every thing without login..:D . Yeah you heard Right.. I know you all are getting exited, So lets's start :-

Note:- this is only for Windows XP users. For Windows 7 user , i will post soon ...

Follow the Instructions:-

1). First Of all we need to find Vulnerable site. Go to google and type the following dork:-

Dork- Intext:"Powered by IIS

Actually there is no particular dork be Creative use mind and create your own unique dork :) ..

If you are unable to find Don't worry ..See the end of the tutorial i have posted some sites :)

2). After Finding Vuln Site .Click on Start button And open "RUN"

3). Now type the following code in "RUN"

%WINDIR%\EXPLORER.EXE ,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}\::{BDEADF00-C265-11d0-BCED-00A0C90AB50F}

4). Now a FOlder will open named "Web Folders"

Now Right Click in that folder then "New" And then "Web Folder"..

5). Now paste the url of the Vulnerable site And CLick Next..

6). Now it will ask you to give Name for that Web Folder leave as it is Click Finish..

7). Congratulations! Now you are in the web site..If you wanna upload shell copy your Shell.php in to that folder and your shell will be uploded.. to path

Example : site.com/shell.php

Do the same to upload your deface also :D

Here are some site For Practicing ....
http://www.houtai123.cn/
http://news.rhvacnet.com/
http://israelshamir.net/
http://intellectual.members.easyspace.com/
http://hoodstarsports.com/
http://jennylo.co.uk/
http://hurrelvisualarts.com/

Soon i will post list of Vuln. sites of IIS Exploit/....

Senin, 14 April 2014

Hacking Metaspolit pentesting Windows Hacks

Hack Remote Windows 7 | XP PC With Metasploit (Browser Auto Pwn Vulnerability)

Unknown 02.28

Hi all this is one of the popular attack know as browser auto pwn Vulnerability which we are going to use in this tutorial.

This is a simple vulnerability that allow attacker to hack to remote machine just by a single click by the victim.
NOTE: THIS IS ONLY FOR EDUCATION PURPOSES, AND FOR SAFETY PURPOSE. WE ARE NOT RESPONSIBLE ANY HARM DONE BY YOU.

-::Using Metasploit::-

In Metasploit there is a module known as browser autopwn. The basic idea behind that module is that it creates a web server in our local machine which will contain different kind of browser exploits. When the user will open the malicious link then the execution of the exploits will start against the browser of the user and if one of the exploits is successful a meterpreter session will open.

Follow these steps to carry out the attack :-

1). Open you backtrack/kali terminal make sure metasploit is there (which is present by default :D ).

2). Type #msfconsole on terminal

3). Now follow these steps as show in image

4). Use the browser_autopwn module

5).We have set up the LHOST with our IP address,the port to be 4445 and the URIPATH with / in order to prevent metasploit to set up random URL’s.now you will see below image.

Server started with 16 module.

6). Next we need to send the link to victim (like here http://192.168.205.131:8080/).as soon as the victim open the link its all done.

We have the meterpreter shell control in out hand you can do various activity you wish with meterpreter shell functionality.

Enjoy the hack of your victim machine have fun .!!!!

Kamis, 09 Agustus 2012

cracking Hash Codes Cracking password Crack Windows Hacks

How to hack the Windows 7 or Vista passwords-Become a hacker

Unknown 06.54

Hello friends,
"How to Hack windows admin?" This will teach you how to hack the windows password. You can use the above tutorial for hacking any type of windows Operating system. For Example: you can hack the latest Windows 7 also.

There is only one change is required to do. i.e., You have to choose the correct Rainbow table corresponding to the Operating system that you are going to hack.

You can get all type of rainbow table from here:
http://ophcrack.sourceforge.net/tables.php

Hacking Windows XP

If you are going to hack the windows xp accounts(usually admin) password. Then you have to download the XP free fast (703MB) rainbow table.

Hacking Windows 7 or Windows vista

We all know that windows 7 is upgraded version of Vista. So the same rainbow table is used.(because same type of Hash code created by both).
So You have to download the Vista free (461MB) rainbow table.

How ophcrack tool impressed me?
Recently i have tested this tool in my system. In order to test , i create new account with "secure123" password. When i click the crack button, i got the password within seconds. I know this is weak password. So i thought it is not big issue to crack this silly password.

But when i try with my friend system, i am really impressed. Do you know why? He put the strong password for his windows 7 os( a password with upper&lower case combination,Special character,numbers). Because the ophcrack takes less than 1 seconds to crack this password. It is so interesting how the design this wonderful software.

cracking Hash Codes Cracking OphCrack password Crack pentesting Windows Hacks

How to Hack the Windows Admin Password Using OphCrack in Backtrack tutorial

Unknown 06.50

if you are college/school students, you may curious to hack the admin password in your college or school system. This post is going to help you to crack the any type of windows accounts passwords. Learn how to hack the windows admin password like a geek.

Refer this link also: How to hack the windows 7 or vista using the following method

Requirements:

BackTrack Linux 4 or 5. Download it from http://backtrack-linux.org
Two Pen drives [if you are going to test in your own system, one pen drive is enough]
Xp Free Fast RainBow table [tables_xp_free_fast.zip]. Download it from here:http://ophcrack.sourceforge.net/tables.php

Install the Backtrack Linux in one pen drive. Leave another pen drive as empty.

Step 1: Booting From Back Track
Insert the Backtrack installed pen drive in target computer[when turned off]. We are going to boot the operating system from pen drive, so insert when the system is turned off.
Now Turn on the system.
Press F10 [boot menu, differs for system] before booting and select boot from Pen drive.
Now it will boot the Backtrack.
Select "Graphical User Interface "
Now wait for a while ( it will execute some commands}
Now you can see the "root:"
type "startx" and hit enter. It will bring you to the GUI view of Backtrack.

Step 2:Copy the SAM and System files
Click the Start button(dragon symbol)
Select System Menu
Select Storage Media(if you see nothing, close the window open it again).

You can see the list of Hard disk and Your pen drive.
Open the windows installed Hard disk and Navigate to this path:
WINDOWS/system32/config/

There you can see two files named as "SAM" and "System".

Copy the both SAM and system files.
[ Just proceed to next step without closing the window]

Step 3:Insert your Empty Pen Drive
Now again go to System Menu->Storage Media
Open Your pen drive(Empty Pen drive) ,Create a new folder and paste the sam and system files inside that folder

[note: you may not paste into your backtrack installed pen drive. that's why i asked you to bring 2 pen drives. If you testing in your system, then you can copy to any other hard drive.]

You can not directly copy the sam and system files from same operating system. That's why we are using Backtrack.

Step 4:Now go to your home.
Boot into windows. Extract the "tables_xp_free_fast.zip" in any hard drive.
Copy the folder that contains sam and system files from your pen drive.
Paste in any hard drive.
---
Restart the windows.
Insert the Backtrack installed pen drive and boot from Pen drive.

Step 5: Mounting the Hard drive in Backtrack

Now go to System Menu->Storage Media(if you see nothing, close the window open it again).
and open the hard drives that contains sam files and rainbow tables. Then close it.

Don't be confused. I asked you to open those hard drive for mounting purpose. In linux , it won't mount automatically until you open the drive

Step 6: Run OphCrack Tool in Backtrack
Open the ophcrack GUI(start->Backtrack->Privilege Escalation->Password Attack->offline Attacks-ophCrack GUI).

Ophcrack GUI application will run now.

Step 7: Loading the folder that contains sam and system files

Click the Load and select "Encrypted SAM" in ophcrack tool.
Now it will ask you to select directory that contains SAM folder.

[Select Computer in file selecting window. click '/' browse to /media/your_Hard_Disk]
Select the directory(don't open the directory, just select it).

Now it will load and display the list of user accounts in the windows.

Step 8: Target the Admin Account
Here i am going to hack the one of the administrator account "secure" of my computer.
So remove all other accounts except the target admin account.[This is not necessary, but it will increase the cracking speed] by clicking delete button.

Step 9: Install the Rainbow Table
Now let us install the Rainbow table.
Click the Table button in ophcrack tool.
Now it will ask you to selec the table.
we are going to crack windows password right?. So choose the first one. and click the install button.
[note: i have installed the rainbow table already. So it showing green.]

Now browse to the Rain bow table directory. I mean to the "tables_xp_free_fast" folder.
[here also, don't open the foler, just choose it]

now click ok.

Step 10: Cracking Begins
Click the Crack button.
Wait for a while [ophcrack is the fastest cracking tool. so it won't take too much time]

Step 11: Password is cracked
Yes..!! we got the password. Now go to your school/college and login with that password.
Enjoy. Don't forget to share with your friends. This is interesting one na..!
Actually i missed the fun. I didn't know this hack when i study in college. if i know that time itself,
i may have fun with my college system.

Using Backtrack Installed CD Or single Pen drive:

You will need only one pen drive, if you are going to hack the admin password in the target system itself. Don't forget to bring the rainbow table in your backtrack pen drive in this case.

you can use cd instead of Pen drive for backtrack installation.
If you use cd, you can not bring the SAM file to your home. You have to crack it in that computer itself

ENJOY CRACKING !!!