FireSale HackBoy

Knowledge Shared By FireSale HackBoy...

Hacking

The Art Of Exploitation...

Ethical Hacking

Security Experts...Same Techniques To Make Hacker's Stuff Useless.

Black Hat Hacking

Dark Side Of Hacking... In Short Destruction Of Cyber Stuff.

Digital Stuff

All The Digital Stuff Is Under The Influence Of Cyber Attacks... Be Safe

Sunday, October 9, 2011

9 Alternative Ways To Access Blocked Sites

Is you school, college or office blocking you from getting on social network sites like Friendster, Facebook, Myspace, Bebo, Hi5, Orkut, etc? Here’s few ways you can bypass the restrictions and surf like normal, but please check with your local authorities before using them. We will not held any responsibility if you’ve breach the regulations of any.
Full list after jump.

  1. Using IP Instead of URL

    This depends on the software/application used. Sometimes blocked sites are stored as a list of URLs (eg. www.yahoo.com, www.donwload.com,etc) and typing the IP instead of the URL might sometimes work. In a local computer, doing a ping domain.com command in Command Prompt (Mac users use Terminal) will return you the IP address. You can also do it online via www.whatsmyip.org
  2. Redirection with Short URL service

    Sometimes the URL you intend to browse might be ban, but converting them to another a shorter URL with short URL services might just help you to bypass the settings.
    Here’s 2 Short URL service we’ve previously mentioned – MooURL, SnipURL
  3. Google Cache

    Search engines like Google and Yahoo cache webpages and these cached pages are stored in search engines themselves, which likely will be added to the blocked list. Click on the ‘cache’ will bring you to a cache version of the page, as updated as how Google caches it.
    google cache 9 Alternative Ways To Access Blocked Sites
  4. Internet Archive – Wayback Machine

    Wayback Machine is a internet service that periodically keeps a copy of almost all websites in the Internet way from the date they’re started. Clicking on the latest copy of what Wayback Machine have should be somewhat similar to the real site. Another way to access blocked sites via caches.
    wayback machine 9 Alternative Ways To Access Blocked Sites
  5. Anonymous Surfing

    Some site allows you to take advantage of their proxy or domain to surf other sites as anonymous. Here’s 90+ proxy websites we’ve previously mentioned.
    More anonymous surfing services: 90+ Proxy Websites To Access Blocked Websites
  6. Use Proxy in Browsers

    There are tons of sites out there that distributes free proxies of almost any country. Here’s an example. Check out the following methods on how/where to insert proxies in your web browsers.
    Proxy Surfing – Firefox
    proxy firefox 9 Alternative Ways To Access Blocked Sites
    Under Advanced tab, select Network tab, then click inside Connection Settings. Select Manual proxy configuration, put proxy under HTTP proxy.
    Proxy Surfing – Internet Explorer
    proxy ie 9 Alternative Ways To Access Blocked Sites
    Go to Tools -> Internet Options. Select Connections tab. Click into LAN Settings, check Proxy Server. Insert your proxy URL inside Address.
  7. Bypass with Translations services

    Online translation services like AltaVista BabelFish, Google Translate allows you to translate a website from one language to another and display the translated results on their own page.The trick here is to enter the URL (website you’re blocked), retranslate it even if you don’t need to and let Google or AltaVista fetch you the content.
  8. Subscribe to RSS Feed

  9. This might not work for all sites, but if the site you intended to visit provides RSS feeds, you can subscribe and read it with a RSS reader, or have it regularly send the contents to your email
  10. Retrieve web pages via Email

  11. Web2Mail is a free service that sends websites you want to read right into your inbox. All you need to do is send an email to www@web2mail.com with the URL as subject title.

Saturday, October 8, 2011

Great Password Hacking

  • Install CAIN.
  • Now after installation start it.
  • go to the configure option in menu bar and in 'SNIFFER' tab choose 'start sniffer on startup' and in 'APR(Arp poison routing)' tab you can fake your ip and mac address .
  • Start sniffer by clicking a 'PCB' symbol next to the open button on the toolbar.
  • Now in the main pane go to 'Sniffer' and press the '+' button in the toolbar.
  • A window will popup select your range and select the 'All tests' option and click ok.
  • A list of available hosts is printed.
  • Now go to the APR tab in the lower part of the list pane.
  • Then go to DOS Prompt, type 'ipconfig /all' without 's and note down the ipaddress of the gateway.
  • Select the your target and the default gateway from the list and choose Start.
  • Let the app do its work. The whole communication is filtered/routed (sniffed) through your computer.
  • While you were ARP Poisoning if the target entered any password which was directed to the default gateway the password will be logged.
  • You can check the password in the PASSWORD pane.
NOTE:-
  • Do not misuse.
  • CAIN can be only installed if you have administrator on the system.
  • The local passwords will not be logged, only the passwords and usernames exchanged between the targets is logged.
  • If you have a switched network some exploits or a simple DoS attack on the device could make it behave like hub this activity is possibly detectable.
  • Anyway I am not responsible for any kind of harm by this tutorial.

Friday, October 7, 2011

Download Hackers Best Tools - Hacking Tools

In this article I'll tell you some best tools for HACKERS. I have collect some best hacking tools for you. You can try all there tools and feel how HACKERS Hack with the help of this tool.  All tools are for educational purpose please use it Ethically. 



LIST OF Best Tools for HACKING :
The “Nessus” Project aims to provide to the internet community a free, powerful, up-to-date and easy to use remote security scanner for Linux, BSD, Solaris, and other flavors of Unix. 

 Acunetix WVS automatically checks your web applications for SQL Injection, XSS & other web vulnerabilities. Web application attacks, launched on port 80/443, go straight through the firewall, past operating system and network level security, and right in to the heart of your application and corporate data.

Wireshark is the world's foremost network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. 

Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks.

 TCPdump is the most used network sniffer/analyzer for UNIX. TCPTrace analyzes the dump file format generated by TCPdump and other applications.

 Hping is a command-line oriented TCP/IP packet assembler/analyzer, kind of like the “ping” program (but with a lot of extensions).

 DNSiff is a collection of tools for network auditing and penetration testing. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data (passwords, e-mail, files, etc.).

 Ettercap is a multipurpose sniffer/interceptor/logger for switched LAN. It supports active and passive dissection of many protocols (even ciphered ones)and includes many feature for network and host analysis.

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 2500 potentially dangerous files/CGIs, versions on over 375 servers, and version specific problems on over 230 servers.

 John the Ripper is a fast password cracker, currently available for many flavors of Unix.

 OpenSSH is a FREE version of the SSH protocol suite of network connectivity tools, which encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other network-level attacks.

 Tripwire is a tool that can be used for data and program integrity assurance.

 Kismet is an 802.11 wireless network sniffer – this is different from a normal network sniffer (such as Ethereal or tcpdump) because it separates and identifies different wireless networks in the area. 

SAINT network vulnerability assessment scanner detects vulnerabilities in your network’s security before they can be exploited. 

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations,  uncovering cached passwords and analyzing routing protocols. 

Zenmap is the official Nmap Security Scanner GUI. It is a multi-platform free and open source application which aims to make Nmap easy for beginners to use while providing advanced features for experienced Nmap users.

Basic Setup Of Hacker Lab

An approach to introduce people with the truth of HACKING". In this article we discus how can we setup a lab for HACKING practice. Firstly a hacker need 3-4 system to practice but for basic we work on 2 systems like me for basic with Wired or Wireless Internet connection. I personally have two systems and 1 laptop.
So guys ready to experience the LAB of HACK for your own hope you like it  very much and please send us feedback.

My Lab
          Requirements for HACKING LAB 
  • System 
Firstly you have a system with minimum configuration. 
  1. 240+ Hard Disk
  2. i3 Processor
  3. 2GB RAM
  4. Wi fi Enable.
  •  Virtual PC Emulator
A virtual PC emulator is needed since I assumed you don't have multiple PC's to setup your lab, even if you have it I would prefer to advice you to use a Virtual PC Emulator.
You can prefer "Oracle's Virtual Box" && "VM-Ware".
VM-Ware have several advantages over Virtual Box, virtual box is just good to go. 
  • Online Storage
I personally think if you want a hacker lab you need online storage. 
you can log into DROP BOX && CLOUDO.
  • Live CD
Hackers work on different platform so its very easy to make several live CD to work on it without consuming time on installation.   Make you own live cd of BACK TRACK, UBUNTU, REB HAT etc.
  • IP hiding tools and MAC spoofing
As we discus previous we have to use IP hiding tools and change our MAC address time by time. 
Related Post ::   
  • Static IP
Hackers always need static IP for work but in Indian its cost very high to purchase & i think HACKER never pay for any thing so for alternative you can use different things to resolve this.
  • High Speed Internet
If you think GPRS or DIAL UP is good enough to teach you hacking then you are wrong. I recommend you to use broadband connection like BSNL, CONNECT etc for high speed Internet.
  • Web Cam
  • Speaker and Mic
  • Wireless Router
  •  HACKING Tools 
Related Post :: 

Download Magic Password Stealer

Be very carefull with this software.. it is a trojan.. and if u want to use this u hav to disable your antivirus and then open it and set it properly and then it will create a file and that file u should not open.. u hav to send it to your frnd and the password will be sent to you when he opens it.. and if u do something wrong your own password will be sent to you.. and next time please dont ask for hacking softwares.. thnx.

password - 123456
username - samjohny4u

Download Magic Password Stealer from HERE
Enjoy :D

Introduction Of 'How Hackers Work'

Thanks to the media, the word "hacker" has gotten a bad reputation. The word summons up thoughts of malicious computer users finding new ways to harass people, defraud corporations, steal information and maybe even destroy the economy or start a war by infiltrating military computer systems. While there's no denying that there are hackers out there with bad intentions, they make up only a small percentage of the hacker community.

Hackers from around the world gather at camps to
practice their hobby and trade tips.

The term computer hacker first showed up in the mid-1960s. A hacker was a programmer -- someone who hacked out computer code. Hackers were visionaries who could see new ways to use computers, creating programs that no one else could conceive. They were the pioneers of the computer industry, building everything from small applications to operating systems. In this sense, people like Bill Gates, Steve Jobs and Steve Wozniak were all hackers -- they saw the potential of what computers could do and created ways to achieve that potential.

A unifying trait among these hackers was a strong sense of curiosity, sometimes bordering on obsession. These hackers prided themselves on not only their ability to create new programs, but also to learn how other programs and systems worked. When a program had a bug -- a section of bad code that prevented the program from working properly -- hackers would often create and distribute small sections of code called patches to fix the problem. Some managed to land a job that leveraged their skills, getting paid for what they'd happily do for free.

As computers evolved, computer engineers began to network individual machines together into a system. Soon, the term hacker had a new meaning -- a person using computers to explore a network to which he or she didn't belong. Usually hackers didn't have any malicious intent. They just wanted to know how computer networks worked and saw any barrier between them and that knowledge as a challenge.

In fact, that's still the case today. While there are plenty of stories about malicious hackers sabotaging computer systems, infiltrating networks and spreading computer viruses, most hackers are just curious -- they want to know all the intricacies of the computer world. Some use their knowledge to help corporations and governments construct better security measures. Others might use their skills for more unethical endeavors.

In this article, we'll explore common techniques hackers use to infiltrate systems. We'll examine hacker culture and the various kinds of hackers as well as learn about famous hackers, some of whom have run afoul of the law.

Hackers and Crackers
Many computer programmers insist that the word "hacker" applies only to law-abiding enthusiasts who help create programs and applications or improve computer security. Anyone using his or her skills maliciously isn't a hacker at all, but a cracker.
Crackers infiltrate systems and cause mischief, or worse. Unfortunately, most people outside the hacker community use the word as a negative term because they don't understand the distinction between hackers and crackers.



The Hacker Toolbox

The main resource hackers rely upon, apart from their own ingenuity, is computer code. While there is a large community of hackers on the Internet, only a relatively small number of hackers actually program code. Many hackers seek out and download code written by other people. There are thousands of different programs hackers use to explore computers and networks. These programs give hackers a lot of power over innocent users and organizations -- once a skilled hacker knows how a system works, he can design programs that exploit it.

The ILOVEYOU Computer Virus was a malicious program

that plagued computers worldwide and caused millions of dollars in damages.

Malicious hackers use programs to:

* Hack passwords:There are many ways to hack someone's password, from educated guesses to simple algorithms that generate combinations of letters, numbers and symbols. The trial and error method of hacking passwords is called a brute force attack,meaning the hacker tries to generate every possible combination to gain access. Another way to hack passwords is to use a dictionary attack, program that inserts common words into password fields.
*Infect a computer or system with a virus: Computer viruses are programs designed to duplicate themselves and cause problems ranging from crashing a computer to wiping out everything on a system's hard drive. A hacker might install a virus by infiltrating a system, but it's much more common for hackers to create simple viruses and send them out to potential victims via email, instant messages, Web sites with downloadable content or peer-to-peer networks.
* Log keystrokes: Some programs allow hackers to review every keystroke a computer user makes. Once installed on a victim's computer, the programs record each keystroke, giving the hacker everything he needs to infiltrate a system or even steal someone's identity.
Gain backdoor access: Similar to hacking passwords, some hackers create programs that search for unprotected pathways into network systems and computers. In the early days of the Internet, many computer systems had limited security, making it possible for a hacker to find a pathway into the system without a username or password. Another way a hacker might gain backdoor access is to infect a computer or system with a Trojan horse.
*Create zombie computers: A zombie computer, or bot, is a computer that a hacker can use to send spam or commit Distributed Denial of Service (DDoS) attacks. After a victim executes seemingly innocent code, a connection opens between his computer and the hacker's system. The hacker can secretly control the victim's computer, using it to commit crimes or spread spam.
*Spy on e-mail: Hackers have created code that lets them intercept and read e-mail messages -- the Internet's equivalent to wiretapping. Today, most e-mail programs use encryption formulas so complex that even if a hacker intercepts the message, he won't be able to read it.

Hacker Hierarchy
Psychologist Marc Rogers says there are several subgroups of hackers -- newbies, cyberpunks, coders and cyber terrorists. Newbies are hackers who have access to hacking tools but aren't really aware of how computers and programs work. Cyberpunks are savvier and are less likely to get caught than a newbie while hacking a system, but they have a tendency to boast about their accomplishments. Coders write the programs other hackers use to infiltrate and navigate computer systems. A cyber terrorist is a professional hacker who infiltrates systems for profit -- he might sabotage a company or raid a corporation's databases for proprietary information [source: Knittel and Soto]



Hackers Culture

Individually, many hackers are antisocial. Their intense interest in computers and programming can become a communication barrier. Left to his or her own devices, a hacker can spend hours working on a computer program while neglecting everything else.

Computer networks gave hackers a way to associate with other people with their same interests. Before the Internet became easily accessible, hackers would set up and visit bulletin board systems (BBS). A hacker could host a bulletin board system on his or her computer and let people dial into the system to send messages, share information, play games and download programs. As hackers found one another, information exchanges increased dramatically.

Some hackers posted their accomplishments on a BBS, boasting about infiltrating secure systems. Often they would upload a document from their victims' databases to prove their claims. By the early 1990s, law enforcement officials considered hackers an enormous security threat. There seemed to be hundreds of people who could hack into the world's most secure systems at will .

There are many Web sites dedicated to hacking. The hacker journal "2600: The Hacker Quarterly" has its own site, complete with a live broadcast section dedicated to hacker topics. The print version is still available on newsstands. Web sites like Hacker.org promote learning and include puzzles and competitions for hackers to test their skills.

Super Phreak
Before computer hackers, curious and clever individuals found ways to manipulate the phone system in a phenomenon called phreaking. Through phreaking, these individuals found ways to make long distance calls for free or sometimes just played pranks on other telephone users.



When caught -- either by law enforcement or corporations -- some hackers admit that they could have caused massive problems. Most hackers don't want to cause trouble; instead, they hack into systems just because they wanted to know how the systems work. To a hacker, a secure system is like Mt. Everest -- he or she infiltrates it for the sheer challenge. In the United States, a hacker can get into trouble for just entering a system. The Computer Fraud and Abuse Act outlaws unauthorized access to computer systems [source: Hacking Laws].

Not all hackers try to explore forbidden computer systems. Some use their talents and knowledge to create better software and security measures. In fact, many hackers who once used their skills to break into systems now put that knowledge and ingenuity to use by creating more comprehensive security measures. In a way, the Internet is a battleground between different kinds of hackers -- the bad guys, or black hats, who try to infiltrate systems or spread viruses, and the good guys, or white hats, who bolster security systems and develop powerful virus protection software.


Hackers work together to create "mashups" of
Yahoo applications at Yahoo Hack Day 2006.

Hackers on both sides overwhelmingly support open source software, programs in which the source code is available for anyone to study, copy, distribute and modify. With open source software, hackers can learn from other hackers' experiences and help make programs work better than they did before. Programs might range from simple applications to complex operating systems like Linux.

There are several annual hacker events, most of which promote responsible behavior. A yearly convention in Las Vegas called DEFCON sees thousands of attendees gather to exchange programs, compete in contests, participate in panel discussions about hacking and computer development and generally promote the pursuit of satisfying curiosity. A similar event called the Chaos Communication Camp combines low-tech living arrangements -- most attendees stay in tents -- and high-tech conversation and activities.

Hackers and the Law

In general, most governments aren't too crazy about hackers. Hackers' ability to slip in and out of computers undetected, stealing classified information when it amuses them, is enough to give a government official a nightmare. Secret information, or intelligence, is incredibly important. Many government agents won't take the time to differentiate between a curious hacker who wants to test his skills on an advanced security system and a spy.

Laws reflect this attitude. In the United States, there are several laws forbidding the practice of hacking. Some, like 18 U.S.C. § 1029, concentrate on the creation, distribution and use of codes and devices that give hackers unauthorized access to computer systems. The language of the law only specifies using or creating such a device with the intent to defraud, so an accused hacker could argue he just used the devices to learn how security systems worked.
Concern about hackers reaches up to the highest levels of
government. Here, former Attorney General
Janet Reno testifies about hacker activity.


Another important law is 18 U.S.C. § 1030, part of which forbids unauthorized access to government computers. Even if a hacker just wants to get into the system, he or she could be breaking the law and be punished for accessing a nonpublic government computer [Source: U.S. Department of Justice].

Punishments range from hefty fines to jail time. Minor offenses may earn a hacker as little as six months' probation, while other offenses can result in a maximum sentence of 20 years in jail. One formula on the Department of Justice's Web page factors in the financial damage a hacker causes, added to the number of his victims to determine an appropriate punishment [Source: U.S. Department of Justice].

Other countries have similar laws, some much more vague than legislation in the U.S. A recent German law forbids possession of "hacker tools." Critics say that the law is too broad and that many legitimate applications fall under its vague definition of hacker tools. Some point out that under this legislation, companies would be breaking the law if they hired hackers to look for flaws in their security systems [source: IDG News Service].

Hackers can commit crimes in one country while sitting comfortably in front of their computers on the other side of the world. Therefore, prosecuting a hacker is a complicated process. Law enforcement officials have to petition countries to extradite suspects in order to hold a trial, and this process can take years. One famous case is the United States' indictment of hacker Gary McKinnon. Since 2002, McKinnon fought extradition charges to the U.S. for hacking into the Department of Defense and NASA computer systems. McKinnon, who hacked from the United Kingdom, defended himself by claiming that he merely pointed out flaws in important security systems. In April 2007, his battle against extradition came to an end when the British courts denied his appeal [Source: BBC News].

Hacking a Living
Hackers who obey the law can make a good living. Several companies hire hackers to test their security systems for flaws. Hackers can also make their fortunes by creating useful programs and applications, like Stanford University students Larry Page and Sergey Brin. Page and Brin worked together to create a search engine they eventually named Google. Today, they are tied for 26th place on Forbes' list of the world's most wealthy billionaires

Black Hat: Hacker Tricks ATMs Into Raining Cash


Security researcher Barnaby Jack on Wednesday showed how easy it can be to trigger a waterfall of cash from a standard bank ATM using readily-available software applications.
In a presentation at the Black Hat USA 2010 conference in Las Vegas, Jack, director of research at IOActive, a Seattle-based security consulting company, used software to trick two standard ATMs into spitting out wads of cash while displaying "jackpot" on the screens.
According to a Wednesday report from Venturebeat, Jack was able to hack two ATMs built around the Windows CE operating system and either ARM or XScale processors.
He did so by using a common universal key and a USB stick to load a rootkit software application, along with another program to take over the ATMs. Jack claims to have hacked at least four different ATM machines, a couple of which have since been patched, VentureBeat said.
Jack also disclosed a couple of easy countermeasures to his hack, including physical locks with unique keys on the ATMs to stop thieves from easily accessing the machines. Vendors should also use a trusted software environment to prevent software hacks, VentureBeat said.
In Jack's description of his presentation on the Black Hat 2010 Website, he says he was originally scheduled to give his ATM hacking demo last year, but the talk was pulled at the last minute "due to circumstances beyond my control."
Jack also notes that most ATM attacks depend on external devices to skim data from customers' ATM cards, or on physically removing the ATMs to steal the cash, and that attacking the ATM software is rare.

Sunday, October 2, 2011

Website Hacking Tools Pack - Hacking Tools

Tool List:
Apache Hacking Tools Directory:
Apache Chunked Scanner
Apache Hacker Tool v 2.0
Apache H4x0r Script


Remote File Inclusion And Remote Command Execution Directory :
IIS 5 Dav Scanner & Exploiter
PHP Attacker
PHP Injection Scanner & Exploiter
XML-RPC Scanner & Exploiter


Databases & SQL Injection & XSS Tools Directory :
Casi 4.0
ForceSQL
Mssql BruteForce TooL
SQL Ping 2
SQL Recon
SQL Vuln Scanner
SQL & XSS TooL


PHP Shells :
rootshell v2.0
c99shell #16
Backdoor php v0.1
r57shell
ajan
casus15
cmd (asp)
CyberEye (asp)
CyberSpy5 (asp)
Indexer (asp)
Ntdaddy (asp)
News Remote PHP Shell Injection
PHP Shell
phpRemoteView

nstview php shell


Download Here: