Jumat, 17 Agustus 2012

USB Hacking : Turn Any USB Into A Keylogger (Hacking Software)

Unlimited amount of keylogs over a billion can be stored using this undetectable and portable keylogger. The storage of logs and information is in the form of (FAT) file system. This keylogger works with any sort of computer and keyboard that you may have: Dell, Hp, or PS/2 or USB. 

  • Fast File and Info transfer, up to 148kB/s
  • Invisible/Undetectable
  • No Processing Power
  • Portable
  • No installation Required 
  • Can't be manually erased

Instructions :-


STEP 1:Plug your USB flash drive into your computer. As a precaution, make sure that information stored on your USB drive is backed up.


STEP 2: Download your keylogger software. Keep in mind that you usually must purchase a registration key to do this. The more registration keys you purchase, the more of discounted price you receive. When prompted whether to run or save file, choose Save File and select your USB device’s location.

STEP 3
Save, and safely remove you USB drive and plug into the computer you’d like to install the program on

STEP 4Launch your keylogger software.

STEP 5:Enter your registration key. 

STEP 6:Next you will be prompted to choose the type of installation. You will have three choices: Visible mode installation, Invisible mode installation, and Logs viewer installation. You can also do a custom installation where you pick and choose the components you’d like to install. Your keylogger software should now up and running! You do not need to hide the keylogger program. It is automatically hidden and no action on your part is required to hide it.

STEP 7: Next let’s learn how to view logs. Go to the Start Menu and select Run.

STEP 8Type the phrase, unhide. You do not need to press Enter or select OK. Most keyloggers automatically track the sequence and will be unhidden automatically if the keyword is typed. The Log Viewer window will then pop up.

STEP 9Go to the Logs tab and select the dates you would like to view in the calendar.

STEP 10Press View logs for (Day/Month) and the log will begin to generate.

STEP 11:There are several customizations you can make with keyloggers. Go to the Options Tab in the main menu to browse and select them.

STEP 12:After you unhide the software, and get to the user interface of your keylogger, you just need to close it to hide it again.

STEP 13:Unplug you USB flash drive and repeat as many times as necessary.


Note: Be careful with which keylogger you decide to use, many keyloggers claiming to be “free” have viruses and Trojans attached to them that can be extremely harmful to your computer.

Download Keylogger From Here

    Read more

    DNS Spoofing Tutorial : Website Hacking Attack Guide


    DNS spoofing or DNS cache poisoning is a computer hacking attack in which data is introduced into a Domain Name System(DNS) name servers cache database, which causes the name server to return to an incorrect ip address, diverting traffic to another computer.
    In simple words, it redirects the traffic to another website.


    For example the victim wants to open www.facebook.com but is redirected to www.myspace.com

    TUTORIAL



    • Install Cain & Abel from HERE and open it, go to configure and select your adapter.



    • Select Sniffer option and then select the start/stop sniffer option from the toolbar. Right click in the white area and then click on scan MAC addreses. 





    • After scanning click on the APR option in the left bottom corner. Then click on the + sign in the top and select the computers you want to mess with.


    • After that select APR-DNS and again click on + sign to add websites. (Now here i have entered www.facebook.com), then click on resolve and type the website name that  you want to open up instead of www.facebook.com. (i have given www.myspace.com)








    • Now click on the start/stop option. 

    • Now wait for a minute and see what happens to the victim. (In my case when the victim will open www.facebook.com he will be redirected to www.myspace.com). You can use any websites of your choice.

      Hope You Like The Tutorial
    Read more

    Spy Phone Gold : How To Monitor a Cellphone Record Calls Msgs Information

    Most of the peoples want to know what their kids are doing on CellPhone. So in this article i will mention you some of the features of Spy Phone Gold. So in which you can secretly record their messages, calls, history, GPRS location and many more. I have mentioned many other spy softwares but this one is the best for capturing all the happening on your phone. It's a very powerful & complete program which works Invisibly on Mobile Device.

    How Spy Phone Gold Works?

    The Installation of Spy Phone Gold is very simple, no need for extra knowledge. Simple Follow Below Instructions.

    Step1. After you purchase this software, you can directly download this program on your mobile device, and it takes approx ( 15minutes ).

    Step2.
    After the installation, this would secretly and invisibly records all the happening of your mobile, including Call, Messages, GPR location and many other private information.

    Step3. To See the Logs of your mobile device, login to your web account and you would know what's going on in your device.


    Compatibility:

    BlackBerry 
    Android 
    Apple 
    Windows Mobile 
    Symbian phones

    Some Features of Spy Phone Gold

    1) Records Call.
    2) Captures Screenshot of Mobile.
    3) Records Messages.
    4) GPRS Location
    5) Powerful & Stealth Monitor
    6) Works Invisibly.
    7) Environment listening.
    8) Duration of Calls
    9) Sim Changing Notifications.
    10) Email Logs.

    Read more

    Kamis, 16 Agustus 2012

    How to Hack Facebook Accounts : Hijacking and Stealing Cookies Session 2012

    Hello Everyone, I have recently posted many tutorials on facebook hacking like phishing and others. Today i am going to show you a quick and easy method for hijacking someones account for free or you can say a free access. In this method you will learn how to hack someones facebook account for free. As everyone wants their victim/enemy password but are tired from cheap hacking method so this is why i have posted this tutorial for newbies and for those who are crazy in hacking.
    First of all let me explain you the word Cookie?
    Cookie is a HTTP cookie or a web, which is used for admin sensitive information access.
    There are many various and different Programs which are used for stealing cookies but the best and the easiest is Wireshark.

    So Lets Start Facebook Cookies Stealing Method

    1) Download and install the Program wireshark.

    2) Now Run the Program and go to interfaces and push the button start.


    3) Wait 10 minutes for finding out the cookies and sessions which are opened recently.

    4) After 10 minutes all the cookies and sessions will open and display. Now You just have to enter the code in filter box  http.cookie contains “datr” and hit enter.


    5) Next step click on facebook cookie and right click -Bytes -Printed text only.

    6) Now Open firefox and install  Greasemonkey and  cookieinjector script. 

    7) Run www.facebook.com from firefox, make sure your addons should remains enabled


    8) You are done now paste the cookie inside the Wireshark cookie dump and hit Ok/enter.You will Be redirected to Facebook Home. Thats It!


    This Method will be only done if your friend or victim is on a secure network like Http:// connection or more secure. Now Please Subscribe my site! Good bye & Thankyou.
    Read more

    iStealer 6.3 Legends : Hack Facebook, Twitter Password "TUTORIALS"


    Istealer is an efficient windows password stealer software used for hacking various email account password such paypal password hacking, facebook password hacking etc. I have already explained about RATs and keyloggers to hack email account passwords, where you have to send your keylogged file to victim. In the same way, Istealer can be used to hack email account password and find passwords of various emails. I have provided link for software download. Using Istealer you can easily hack or steal the password of Twitter account, Facebook Account, Gmail Account, Hotmail Account, Yahoo Accounts and many other account password easily.
    Basically, in this trick you create server file which is used to capture the keystrokes of your slave, after creating server file you have to send that file to slave and use a bit of social engineering to get them to click on the server file and run the server file. Once the server file is run, it will start his working like capturing keystrokes etc.



    Istealer Password stealer - hack email passwords:

    1. Free Download Istealer password stealer software to hack email account password.


    2. Unzip the downloaded windows password stealer using Winzix or Winrar to obtain Istealer.

    3. Go to a free webhosting service like 000webhost and sign up for free account. After creating free ftp server account, enable FTP Access and create a new folder named "Istealer" at your FTP.


    [Image: 49442116.jpg]


    Here we are signing up for our free webhost for iStealer.

    When we go to Sign Up page,we will get this page.Follow as I explained on the picture.


    [Image: 66303407.jpg]

    At end press Create My Account


    Making a MySQL Database

    So,when we maked a free webhost,we will make a MySQL Database.
    When you register to 000Webhost,wait 1 minute.Then go to Control Panel of your domain.
    Now,scroll down and go to MySQL under » Software / Services.


    [Image: lol4w.png]

    Follow all as it on picture.
    [Image: lol1u.png]

    4. Run the iStealer6.3Legends.exe file present in iStealer6.3 folder to get something like:




    5. Now, simply fill the following in Istealer: Url:yourdomainname.com/index.php

    You can bind Istealer to any other file by checking "Bind with another file" and giving file path to bind with. Also, you can use Icon Change to change Istealer file icon. This step is optional but, necessary for hiding password stealer from victim's eyes. You can bind password stealer file with fake error message as I have explained in "Fake Error Message generator" to make it look real.

    To check whether you have entered right ftp server information, hit "Test Url" and if you have done it right, you will get message "Works perfect!". If it says "Logger not found, check the Url", you have entered something wrong... just check it again.

    When you've done all above steps, simply hit on "Build" and save the password stealer file as you want.

    You can also use Crypter to avoid antivirus detection.

    CONGRATS ! Your server is now ready !! Now, simply send this password stealer file to victim and make him run this windows password stealer file on his computer(Social Engineering). After he runs our sent password stealer file on his computer, you will get all passwords and records saved on his computer at your FTP server. That's it. Thus, you can hack email account password using Istealer- the windows password stealer software.

    Remember to crypt this windows Password stealer to make it undetectable by antivirus. If you have any problem in using this Istealer password stealer software to hack email account password, please mention it in comments. 

    Enjoy Istealer to hack email account password...
    Read more

    Rabu, 15 Agustus 2012

    How to protect email account getting hacked

    "My Email account is hacked" or " Some hacker has hacked my email account", did these quotes sound familiar to you Guys, if not then soon gonna be if you are not aware of latest techniques used by hackers to hack into your email accounts. After reading such comments there are two things that always come to my mind, either hacking email account is to easy for hackers or protecting email account for getting hacked is too difficult. And after thinking about both above points, i starts laughing because both are true for Hackers and both are false for unaware users.
    Note: If a Hacker wants to hack you Email or system, he will hack it. The only thing you can do is, just make it harder for him to do the same.

    Friends, after spending my precious 5 years in field of Hacking and Cyber security, i reached a very simple conclusion. Email accounts can only be hacked by means of Social Engineering technique, and whoever says that he can hack email account using some other technique then friends he is a liar.

    Now what all topics are covered in Social Engineering Technique:

    1. Phishing or fake page login technique.
    2. Spreading Keyloggers in form of cracks, keygens, or hack tools(RAT's , keyloggers, etc).
    3. Shouldering passwords.
    4. Guessing Weak Passwords.
    5. Compromising Accounts with Friends or team mates
    6. Using Accounts from Cyber cafe's or other insecure places like friends PC or college PC's.

    So friends let's start from one by one, how you all can protect yourself from hackers.

    1. Phishing or Fake Pages Login Technique

    In this technique, what hacker does is that, he makes a local(fake) copy of original website which looks absolutely similar to original one and attaches his PHP action scripts to record the passwords and then uploads that local copy to some free web hosting server. After uploading, he shares the links with friends or victims by three different ways:
    a. By Sending Emails : Emails can be spoofed and looks like they are coming from genuine sources like Gmail Support or Yahoo Support etc or Simply from your most trusted friends.
    Now which type of emails you should not open:
    1. Emails asking for account verification:  These emails ask for you email account username or passwords to verify your details.
    2. Emails showing Prize Money or lotteries: Nowadays, we all receive a lot of email messages like "You have Won Prize Money or Lottery of so and so amount. These emails usually ask your name, age occupation, mobile number, sometimes credit card details. And when you provide all these information they ask you to verify your Mobile number. They usually say you will receive one unique verification code on your mobile and ask you to enter that verification code in some unknown website.  Note: This is mobile phone verification  loophole of all Email services. They all sent verification in below format: " Your Google Verification Code is 123456 or Your Yahoo verification code is 123456 or Your Hotmail verification code is 123456". Means these services doesn't mention that "your Gmail or Yahoo or Hotmail password reset code is 123456" so user is easily get fooled by such offers and become the prey to hackers.
    3. Emails from unsolicited or unknown sources: Never open the emails which comes from unknown sources.
    4. Never access any social networking website link from your email as it can be a Phish Page link.

    Some useful and handy guidelines to identify Phish Pages:
    1. Always check the URL in the address bar ( both source and destination). Never login in the URL which has website URL other than the original one.
    2. Most important: Always use web security toolbar(avg,avira or crawler etc), most of them are available for free. They will detect the fake pages and warn you from opening them.

    b. Using Chat services
    Never open the links that are being posted in chat rooms, there are lots of Ajax and java scripts available in market that can retrieve all your stored passwords from your web browser.

    c. Sharing Content on some website and that website is asking for registration with is followed by email verification. Hackers share their links on famous forums or torrents, when user open these link either of the above two things happen or a key logger or RAT is attached with them that will record you email address and password and send the information to hackers email account or FTP mail.

    2. Spreading Keyloggers in form of cracks, keygens, or hack tools(RAT's , keyloggers, etc).

    This is the most used hacking technique used by almost every hacker to hack the users email accounts. In this technique, hackers attach their keylogger or RAT servers with the crack or keygen or patch or hack tools and whenever user executes that it got installed automatically. 
    In this case hackers use the below loophole: Whenever you open a keygen or patch or crack or hack tool, your antivirus shows you are warning message but users always ignore these as hackers or cracks provider has already instructed the users that turn off the antivirus before running patch or keygen.

    So friends 4 things to note here:
    a. Never use cracked or patched software's as they already contains Trojan's which are controlled on basis of timestamp. 
    Solution: Look for any freeware providing the same features. If you request i will give you the list for freeware alternatives for all paid software's.
    b. Never turn off your antiviruses or anti-spywares or web security toolbar.
    c. Regularly update your antivirus and anti spyware programs.
    d. If you wanna try any hacking software or hack tool, then always use sandbox browser or use Deep Freeze

    3. Shouldering passwords

    Seeing or watching the user, while he/she is typing his password is called shouldering. Most of time we types our passwords in front of our friends or colleagues. Nowadays what usually friends or classmates do is that, they stand in back of you and keep a eye on you while you are typing passwords. This technique is also used at ATM machines, thieves or malicious people watch people while they were entering the ATM pin and then misuse that online.
    Solution: Always take care that nobody is watching you while you are typing passwords. If not possible to do so try to avoid logging into your accounts when your friends are near you.
    Note: Never store passwords in your web browsers. Otherwise, friends like me ask you to bring water for me and when you go out, i will see you all saved passwords :P..

    4. Guessing Weak Passwords

    Its not a new thing, i have told people more than hundreds of time not to use weak or very common passwords but they will never learn. Few basic passwords that unaware or novice IT people use:
    a. 6 to 8 consecutive character on the keyboard or alphabets like qwerty, 1234567, abcdefgh etc.
    b. Atleast 30% of people keep their current or previous mobile numbers as their passwords.
    c. More than 10% keep their girlfriend name or her mobile number as password.
    d. But nowadays password policy are quite good, so novice people also became smart as most of websites ask atleast one Capital letter, one number and one special character in password. Now friends, guess what will be their passwords:
    1. Suppose its december then their password will be like: Dec@2011 or Dec123! or Dec2011@.
    2. How can they forget keyboards consequite keys like qwert123!, qwerty123$, abc123! etc.
    3. Offcourse, none can forget his girlfriend name : girlfrindfirstname123! or more smart people GFNAME1!.
    Hahaha.... thats really foolish.

    Some tips for strong passwords:
    1. Always keep your password atleast 8 chars long.
    2. Use special characters and number and small n upper case combination in your password.
    3. Verify your mobile numbers if available.
    4. Keep changing your passwords at-least once a month.

    5. Compromising Accounts with Friends or team mates

    Its one of the most common problem with team mates and friends. "Today i am not coming to office or college, please use my login ID and password and forward the details or some files" or "Your friend went to your home and suppose you are away from your house, now what you will do, hey use my username and password and take your files or documents". What the hell is this? You call yourself professional, and every time you yourself violating the password and account policy norms.
    Never share your account information with anyone. People like me are very dangerous, if you share your pass with me then you are done :P..
    Solution: Never tell your account information to anyone. If its urgent, you can share it but you need to change your details as soon as possible.

    6. Using Accounts from Cyber cafe's or other insecure places like friends PC or college PC's. 

    Most of cyber cafe's or college computers have keyloggers or rats installed on them. Whenever you login into your account through cybercafe, none can give you assurance that your account is safe or hacked. So always play it safe. If you login into your account through cyber cafe's, always change them as soon as possible. 

    Now friends, if you follow all the above steps told by me, then your account can never be hacked and for sure you will never get a chance to say "My EMail account is hacked" or "Someone has hacked my email".

    Read more

    How to hack keyloggers or RAT's server password

    Keylogger's and RAT's nowadays are everybody's problem across the internet. Hackers use keyloggers to hack the email passwords of the victim which they receive in the form of emails or text files on their respective FTP servers. They spread their keyloggers with the help of cracks, keygen's or patches of popular software's or simply through hack tools. So friends, today i will teach you how to reverse engineer the keylogger or RAT to hack the hackers FTP server or email password

    Most of hackers thinks that they are too smart, so what they do bind their keylogger or Rat servers with popular programs and when user open that their system got infected and hence what ever they type is get recorded and sent to hacker. 

    Now all keyloggers sent data to hacker in regular intervals (usually every 5 to 10 minutes) by using below to ways:

    1. Using the Emails : where hacker configures his email ID and password while creating the server. Keylogger records the key strokes in a temp file and sends it to the hacker in form of emails. But this has a limit as most free email servers like Gmail or Yahoo or Hotmail has limit of 500 composed and received mails. So most hackers use the second method.

    2. FTP server : While creating the keylogger server, hacker configure their FTP server, where they receive the logs of key strokes in the form of text file( usally labeled on the basis of current system time stamp). Hackers keylogger server uploads the files to FTP server after every few minutes interval.

    So friends, here the actual trick or loophole in above technique lies. If we monitor the everything coming in and going out of our Ethernet card or Wireless then we can detect that what is going out of our system. Its nothing but just monitoring your your system's traffic, where its going and from where its coming. You can use any of the tool that monitor the packet flow of your Ethernet or wireless card.
    ok...ok.. let me tell you my favorite tool for doing the same. I love Wireshark because its simply superb.

    Wireshark is a very famous network scanning hack tool which is used by hackers or network forensic experts to monitor the packet flow of their network cards like Ethernet or WLAN. It records the each and every packet coming and going out of your system's Network card. Now you all must be thinking wth is this Packet. Packet is nothing but just a bunch of bits(data in form of 0 & 1) usually 32bit or 64bit. In network terminology, data is termed as packet which can be either TCP or UDP( both contains the header n other stuff accordingly). 

    So friends, whenever you feel anything suspicious in your system like your system is compromised or you are infected from a keylogger or RAT or simply you want to test a hack tool and you are not aware that hack tool is safe to use or not. Just follow the below procedure to reverse engineer these noob hacking tools.
    Note: Every keylogger or RAT sends the logs to hacker's FTP server or email account after few minutes interval( when you are connected to internet) but some novice keyloggers even tries to send data while you are offline and hence the data sending keep on failing. In some situations it displays warning message and in some situations you PC gets hanged or SVHOST service CPU usage increases. But nothing matters whether it sends logs online or offline, the only thing matter is time period, after what interval it sends data.

    Steps to Hack or reverse engineer the Hacker's Keylogger server password:

    1. First of all download and install the wireshark. You can easily get this using by Googling it. 

    Note: While Wireshark is getting installed, ensure that it installs the Winpcap with it other it won't work properly.
    2. Now go to the Capture button in the top menu of the Wireshark as shown below and select the interface( means your network card which can be Ethernet or WLAN).




    3. Now it will start capturing the packets through that Network card. What you have to do is just keep capturing the records for atleast 20 - 30 minutes for getting the best results. After 20- 30 minutes, again  go to capture and stop capturing the packets.

    4. Now you need to filter your results, for this Go to the filter box and type FTP and SMTP one by one. Note: if you get records for FTP then hacker has used FTP server and if you didn't got FTP that means hacker has used SMTP, so give SMTP in Filter box.

    5. As you scroll down you will find the “FTP username” and “Password” for victims ftp account in case FTP server is used.  And if hacker has used SMTP then you will find "email address" and its "password" that hacker has used to create keylogger.

    6. That's all my friends. Isn't that too easy.
    Read more

    How to Protect yourself from Keyloggers using Keyscrambler

    KeyScrambler encrypts your keystrokes in the kernel and decrypts it at the destination application, leaving Keyloggers with indecipherable keys to record. For your personal office, family, and business, KeyScrambler adds a reliable layer of defense.
    When you try do something online, for example access your checking account on your bank's website, your keystrokes will travel along a path in the operating system to reach the destination application. Many places along this path, malware(keyloggers and Rats or simply keyboard hookers) can be physically or remotely installed by hackers to log your keystrokes so they can steal your user name and password and this is really a very dangerous threat.

    How does key Scrambler Work?

    Any Idea, yes most of you might know that but today i will disclose the internal details of key scrambler step wise.

    Actually any key scrambler works in three basic steps namely: Encrypt Keys, Bypass Malwares like keyloggers, rats or keyboard API hook programs and at last decrypt keys. I have explained the steps in detail below:

    1. As you're typing on the keyboard, Key Scrambler is simultaneously encrypting your keystrokes at the keyboard driver level. Because Key Scrambler is located in the kernel, deep in the operating system, it is difficult for keyloggers to bypass the encryption.

     2. As the encrypted keystrokes travel along the crucial path, it doesn't matter if they get logged, or whether the keyloggers are known or brand new, because your keystrokes are completely indecipherable the whole time.

     3. When the encrypted keystrokes finally arrive at the destination app, the decryption component of Key Scrambler goes to work, and you see exactly the keys you've typed.

    Few misconceptions about key scramblers:

    1. Key scrambling is not key stroke obfuscation. Actually key scrambler uses cryptography (namely state-of-the-art cryptography) for encryption and decryption which makes it a reliable defense against keyloggers and api hookers.

    2. Key scrambler does not depend on type of keylogger or signature of keylogger. But some advanced keyloggers nowadays bypass key scramblers too, so never rely completely on key scramblers.

    Note: " Prevention is better than cure", so keep yourself  protected and avoid being prey to any such noobish trap.

    There are lots of key scramblers available in the market but i have chosen key scrambler pro for you guys, as i found it to be the best:



    Read more