Skip to main content

Posts

Showing posts from 2015

How To Hack WAP or WPA2 WiFi Security Fully Explained

As Compared to WEP WiFi Hacking as explained on our previous tutorial, WPA/WPA2 is quite difficult and time consuming because of its Security. Cracking the password sometimes depends on your luck and success is not guaranteed.
..:: How to launch a Dictionary Attack on WPA Handshake ::..
You might get lucky and your nearest WiFi password may be based on a common dictionary word or number sequence. In such a case, you may succeed with a dictionary attack.

Step 1: Enable monitor mode on wireless interface

#airmon-ng start wlan0
This will start the monitor mode.

Step 2: Take note of the nearest WiFi networks.

#airodump-ng mon0
Step 3: Take note of the channel of your target network, dump packets from that channel and save them to a local capture file.

#airodump-ng -c6 mon0 -w capture_file
Step 4: Wait for WPA handshake capture

At this point, you can use 'aireplay-ng' to de-authenticate an associated legitimate client from the network. The point is that as he/she will authenticate again s…

How To Hack WEP WiFi Security Fully Explained

Hello Friends, Today We are going to learn the methods to hack any WEP WiFi by cracking its Password.

WiFi Security mostly contains WEP, WPA or WPA2 Psk Security. Out of which WEP is the weakest and the easiest to hack while WPA and WPA2 contains advance Encryption Security. In this tutorial we will cover WEP Hacking.

Things Required -> Backtrack or Kali Linux

..:: WEP Cracking ::..

No doubt, WEP is the easiest to crack .Here's how to crack WEP:

Step 1 : First we need to start the Monitoring Mode. Many people may face the no interface issues while giving the command airmon-ng so check the solution here -> http://sh.st/cXO1I

#airmon-ng start wlan0




Notice that the monitor mode is enabled on mon1 on wlan0 ,take note of this. We will need this interface later on.

Step 2 : Now Start dumping data packets with airodump

#airodump-ng mon1



You'll see all the WiFi Channels available in your area. Here we see different security like WEP, WPA and WPA 2. So we are going to use WEP.

Also,…

Resolution Airmon-ng showing No Interface

Today we are going to show you all a solution for the most common Error people face while performing Airmon-ng i.e. there will be no interface as shown below :







So how to fix this issue?

Step 1 : Before starting Make sure that you have Internet connection on your Backtrack or Kali Linux machine.If you are using  VM then make sure your VM network adapter is Bridged with the Physical Network.

Step 2 : Next Click here : http://linuxwireless.org/download/compat-wireless-2.6/ and Download compat-wireless-2010-06-26-p.tar.bz2 file on your Backtrack or Kali Machine.

Step 3 : After downloading we have to extract the file since its in compressed form(*.tar).so to extract it Go to the path where you have saved that file and then give the command :

tar -jxvf compat-wireless-2010-06-26-p.tar.bz2

Step 4 : After extracting go to that folder that is created after extraction, and give the command > make unload and then make load(for loading the new interface) and now you will be able to see the interf…

How to hack VP-ASP Shopping websites and get all the Database details

Hello Friends, Today we are going to learn how to hack VP-ASP cart of a Shopping website and download all their Database details like Customer details, Credit card details, Product details etc.

So some basic idea before starting the Tutorial, 
What we are going to do here?
Firstly we will hack a shopadmin website then we will download the database file which will be in the form of *.mdb. This database file contains all the client details like credit card information and also login name and passwords.
How to do this ?
Note : This tutorial is tested on "VP-ASP Shopping Cart Version:5.00"
Step 1 : First thing to do is to find VP-ASP 5.00 Sites, to do this -> Go to Google.com -> Type "VP-ASP Shopping Cart 5.00"[ Without Quotes ] . See the image for reference 



Step 2 :In this tutorial, we are going to target www.surfstats.com You can also select your website which is having "shopdisplaycategories.asp","shopadmin.asp" at the end of the URL. Since SU…

How to make your SmartPhone work as Mouse and Keyboard

Hello friends, today we will learn how to make our Smartphone work as a Mouse and Keyboard remotely. We can also perform the below activities through this :

1. You can Manage your System Drives
2. Play Music of System
3. Restart, Log off, Shutdown and Lock the System Remotely
4. Control Youtube, VLC media player etc.

Okay so lets begin, for performing this you will require :

Unified Remote Server -> Click here to downloadUnified Remote App( To be installed on your SmartPhone)-> Click here to download
Step 1 : Download the Unified Remote Server file from the link provided above and Install it.
Step 2 : While Installing it, remember to check the "Windows Firewall Exception". After Installing it, Double click on the icon of Unified Remote Server. It will look like this :

If you want to see what all things we can do remotely then check the Remotes tab.
Step 3 : Since now our Server is up we are ready to make a connection with the App. Download the "Unified Remote App" f…

How to clear all the Event Logs with just a Click

Hello Friends, today we are going to learn how to clear all the event logs with a few clicks. Before that understand first what is Event logs and how can we view them.

What are Event Logs ?

According to Microsoft , Event logs are special files that record significant events on your computer, such as when a user logs on to the computer or when a program encounters an error. Whenever these types of events occur, Windows records the event in an event log that you can read by using Event Viewer.

How to View them ?
Go to Run Prompt ( WINDOWS +R ) -> Type "Eventvwr" -> Enter -> Now you will be able to see the event viewer console. This is the place where windows store all the event logs of your computer.
Now the main question is, what is the need of clearing all this logs ?
Whether you do some unauthorized access into a machine or run your own virus on the machine, everything is being recorded in the form of logs. So people can anytime go through this logs and can easily un…

How to Find which USB devices were Plugged in your system

Hello guyz, once again we are back with another interesting trick. Just Imagine, you are running a company where you have disabled the USB Access for your employees. But since there are many clever minded peoples,they will always try to connect some or the other USB devices.
So in this case, today we have are going to show you all a way to knw wat all USB Devices are plugged into a specific System.
2 WAYS TO DO THIS ::
1. REGISTRY 2. POWERSHELL COMMAND
>_ THROUGH REGISTRY
STEP 1 :Press "WINDOWS + R" button to open Run prompt -> Type "regedit.exe" and Enter STEP 2 : Now you are on the Registry window -> Expand HKEY_LOCAL_MACHINE -> SYSTEM -> CurrentControlSet -> Enum -> USBSTOR STEP 3 : That's it done.. U can see the list of USB's devices connected on that system( Here we connected a Samsung mobile).

>_ THROUGH POWERSHELL COMMAND
STEP 1 :Press "WINDOWS + R" button to open Run prompt -> Type "powershell" and Enter STEP 2 …

Hacking Facebook or any Email Account using IP Tab napping Method

Hi guyz, Today we r going to learn how to hack any Facebook or Email accounts using IP Tabnapping method. IP Tabnapping is similar to "Phishing technique" but here instead of using a web hosting site we will use own system IP address to get he email id and password. So for this you will require :

1. BackTrack OS ( We are using Backtrack5 R2 version, download it frm www.backtrack-linux.org)
2. Some social engineering tricks + Brain(most important thing)

okay so lets begin :

Step 1 : Open Backtrack, Click on Applications > BackTrack > Exploiting Tools > Social Engineering Tools > Social Engineering Toolkit > Set

Step 2 : Now u are in the set console, you can see several options there like Social Engineering attack, Fast track penetration testing etc. Just type 1 and press Enter . This will open "Social Engineering attack". 

Step 3 : Now another window will appear Just type "2" i.e. Website Attack Vectors .

Step 4 : Now another window will appear, Ju…

How to Bypass SMS Verification send by any email Provider

In most of the websites, it asks to enter your phone number for verification. Sometimes you don't want to give it because of your privacy reasons. Even when we register in websites like Gmail, Yahoo , hotmail, rediffmail etc. they asks for SMS Verification. So today we will learn how to bypass this SMS Verification method using external number.
For this method u can use the below mentioned website :
1. http://receive-sms-online.com/ 2. http://sms-verification.com
So how it works. This websites will provide you with some numbers . For example we are using http://receive-sms-online.com/ , In the below image u can see it is providing with some numbers. we will use this number to verify our account.


Now give any of this number where it asking for number and for the verification click on the Number u gave, and refresh the page. You will get your code as shown on the image below :
For any clarification do comment below.
CREDITS :- Amar Helloween & KIIT Hackers Team

How to find Someone's IP & Location details in just 1 mins

Hello guyz, Today I'm gonna show you "How to find the IP address and Geographical Location of someone in just 1 minute", Easy and quick. This method is 100% working and accurate as tested by me so no useless comments!
So lets start :
Step 1 : Go to this website : http://www.whatstheirip.com/ Step 2 : Enter your mail id and click get link. See the image for details.

Step 3 : You'll see 2 links, Just copy either one of the link and send to your victim and make him open it, say "check out my new pic" or something like that (Don't open it by yourself).

Step 4 : Check your Inbox in the mail provided in step2. You'll see a mail with an IP address, You got his IP and Geo Location !!

When your Victim or Friend opens that link he'll see an error page and he'll think it as a random error.
Hope u guyz like this trick. Do comment if u have any problem in the above steps.
Credits :- Amar Helloween, Haxor Nitrox & KIIT Hackers

How to hack websites using Manual SQL injection

Hello Friends, Today we are going to learn how to hack a website using Manual SQL injection.
The website which we will be using in this demo is : www.unitedpurpose.org/

So, here is the Vulnerable link : www.unitedpurpose.org/archive/article.php?id='100

So lets begin :

Step 1: First we have to find the number of columns present in the database. So to do that we have to implement the "order by" command in the vulnerable site. Example: 

http://www.unitedpurpose.org/archive/article.php?id=100 order by 7 (any no. u have to guess it, i m using 13 )

*Remember if u get error in "order by 7" that means site has less than 7 columns,if we get the same page then the no. of columns is more than 7.. In my case the number of columns are 13.

Step 2 : After getting the columns, its time to get the vulnerable column by using "UNION SELECT" no. of all columns 1 after another separated by commas(,). See the example for more clarification :

Example : http://www.unitedpurpose.org/…

Changing File formats of your Friends Machine

Hello Guyz, today we are going to teach you a very simple but very dangerous trick which you can try out in your friends system :P
>_What are we going to do : We will change some of the important file formats like( exe, cpl, bat, msc, mp3 , mp4 , flv or any other of ur choice) into txt format.
>_ What will happen : Whenever ur friend will open any file with the above mentioned extensions for example suppose if they open any video file of format mp4 it will open as notepad and they will never be able to play that.
So lets get started :
Step 1 : We need to access ur victims/friends machine at least for 10 minutes.
Step 2 : Type regedit.exe (registry) in run prompt of the victims machine.

Step 3 : Now you are on the Registry window -> Click on "HKEY_CLASSES_ROOT" and search for the extension you want to change. Here we are changing any executable file (.exe) to text file(.txt). Similarly you can also change of you own.
Step 4 : Click on the file format(.exe) -> On the ri…