Subscribe For Free Updates!

We'll not spam mate! We promise.

Sunday 1 September 2013

Common Methods For Hacking Any Website

Common Methods For Hacking Any Website
 

Starting from the base, Gone days when website hacking was a sophisticated art, and I was in 10th standard when I heard that Ankit Fadia hacks into CHIP magazine website but today any body can access hacking tips through the Internet and start hacking your website. All that is needed is doing a search on google with keywords like "how to hack website‖, "hack into a website‖, "Hacking a website‖ etc. The following article is not an effort to teach you website hacking, but it has more to do with raising awareness on some common website hacking methods.

The Simple SQL Injection Hack 

SQL Injection involves entering SQL code into web forms, eg. login fields, or into the browser address field, to access and manipulate the database behind the site, system or application. When you enter text in the Username and Password fields of a login screen, the data you input is typically inserted into an SQL command. This command checks the data against the relevant table in the database. If you‘re input matches table/row data, you're granted access (in the case of a login screen). If not, you're knocked back out.
In its simplest form, this is how the SQL Injection works. It's impossible to explain this without reverting to code for just a moment.Here is the code
 Suppose we enter the following string in a User name field:
 ' OR 1=1
The authorization SQL query that is run by the server, the command which must be satisfied to allow access, will be something along the lines of:
SELECT * FROM users
WHERE username = „USRTEXT ' AND password = „PASSTEXT‟ Where USRTEXT and PASSTEXT are what the user enters in the login fields of the web form. So entering `OR 1=1 — as your username, could result in the following actually being run: SELECT * FROM users WHERE username = ‗' OR 1=1 — 'AND password = '‘

Here is The example In terms of login bypass via Injection, the hoary old ' OR 1=1 is just one option. If a hacker thinks a site is vulnerable, there are cheat-sheets all over the web for login strings which can gain access to weak systems. Here are a couple more common strings

which are used to dupe SQL validation routines: username field examples:
 admin'—
 ') or ('a'='a
 ”) or ("a”=”a
 hi” or "a”=”a

Cross site scripting ( XSS ):

Cross-site scripting or XSS is a threat to a website's security. It is the most common and popular hacking a website to gain access information from a user on a website. There are hackers with malicious objectives that utilize this to attack certain websites on the Internet. But mostly good hackers do this to find security holes for websites and help them find solutions. Cross-site scripting is a security loophole on a website that is hard to detect and stop, making the site vulnerable to attacks from malicious hackers. This security threat leaves the site and its users open to identity theft, financial theft and data theft. It would be advantageous for website owners to understand how cross-site scripting works and how it can affect them and their users so they could place the necessary security systems to block cross-site scripting on their website.

Denial of service ( Ddos attack ):

 A denial of service attack (DOS) is an attack through which a person can render a system unusable or slow down the system for legitimate users by overloading the resources, so that no one can access it.this is not actually hacking a webite but it is used to take down a website. If an attacker is unable to gain access to a machine, the attacker

most probably will just crash the machine to accomplish a denial of service attack,this one of the most used method for website hacking I recently wrote an article on www.ethicalhacking.do.am on Denial Service

Cookie Poisoning:

Well, for a starters i can begin with saying that Cookie Poisoning is alot like SQL Injection Both have 'OR'1'='1 or maybe '1'='1' But in cookie poisoning you begin with alerting your cookies Javascript:alert(document.cookie) Then you will perharps see "username=rahul" and "password=hacking123" in this case the cookie poisoning could be: Javascript:void(document.cookie="username='OR'1'='1"); void(document.cookie="password='OR'1'='1"); It is also many versions of this kind... like for example ' '1'='1' 'OR'1'='1

'OR'1'='1'OR' and so on...

Password Cracking

Hashed strings can often be deciphered through 'brute forcing'. Bad news, eh? Yes, and particularly if your encrypted passwords/usernames are floating around in an unprotected file somewhere, and some Google hacker comes across it. You might think that just because your password now looks something like XWE42GH64223JHTF6533H in one of those files, it means that it can't be cracked? Wrong. Tools are freely available which will decipher a certain proportion of hashed and similarly encoded passwords.

Tips To Secure Your Wifi Connection

Tips To Secure Your Wifi Connection 



1. Install a Firewall A firewall helps protect your PC by preventing unauthorized users from gaining access to your computer through the Internet or a network. It acts as a barrier that checks any information coming from the Internet or a network, and then either blocks the information or allows it to pass through to your computer. 

2. Change the Administrative Password on your Wireless Routers Each manufacturer ships their wireless routers with a default password for easy initial access. These passwords are easy to find on vendor support sites, and should therefore be changed immediately. 

3. Change the Default SSID Name and Turn Off SSID Broadcasting This will require your wireless client computers to manually enter the name of your SSID (Service Set Identifier) before they can connect to your network, greatly minimizing the damage from the casual user whose laptop is configured to connect to any available SSID broadcast it finds. You should also change the SSID name from the factory default, since these are just as well-known as the default passwords 33

4. Disable DHCP For a SOHO network with only a few computers, consider disabling DHCP (Dynamic Host Configuration Protocol) on your router and assigning IP addresses to your client computers manually. On newer wireless routers, you can even restrict access to the router to specific MAC addresses. 


5. Replace WEP with WPA WEP (Wired Equivalent Privacy) is a security protocol that was designed to provide a wireless computer network with a level of security and privacy comparable to what is usually expected of a wired computer network. WEP is a very weak form of security that uses common 60 or 108 bit key shared among all of the devices on the network to encrypt the wireless data. Hackers can access tools freely available on the Internet that can crack a WEP key in as little as 15 minutes. Once the WEP key is cracked, the network traffic instantly turns into clear text – making it easy for the hacker to treat the network like any open network. WPA (Wi-Fi Protected Access) is a powerful, standards-based, interoperable security technology for wireless computer networks. It provides strong data protection by using 128-bit encryption keys and dynamic session keys to ensure a wireless computer network's privacy and security. Many cryptographers are confident that WPA addresses all the known attacks on WEP. It also adds strong user authentication, which was absent in WEP.

Protect Email Accounts From Spam

Protect Email Accounts From Spam

The following methods can be used to combat email spam.

1. Use spam filters for your email account. If you‘re using email services like Gmail, Yahoo, Hotmail etc. then spam filters are used by default. Each Spam filter has it‘s algorithm to detect spam emails and will automatically move them to SPAM folder. This keeps your inbox free from spam. However some spam emails become successful to make their way into the inbox by successfully bypassing the filters.

2. Do not post your email address in public forums, user comments and chat-rooms. Give your email address only to trustworthy websites while signing up for newsletters.

3. While taking up online surveys and filling up feedback forms, it is better not to give your personal email address. Instead signup for a dummy email account and use this for surveys and feedback forms.



4. While posting your contact email address on your website use this format: emailaddress [at] mysite.com instead of emailaddress@mysite.com. This protects your email address from being indexed by spam bots.

5. Do not respond to unknown messages. When you receive a unknown email, avoid forwarding it to your friends. Examples of unknown messages can be found at www.hoax-slayer.com. If you really want to forward it to your friends, make sure that you use ?Bcc? (blind certified copy) option to send the email. This will hide all the email IDs to which the mail is forwarded.

How to Boost Your Laptop Sound Level

How to Boost Your Laptop Sound Level

As all we know Laptops doesn't generate the perfect amount of sound that the user can get out from a Desktop PC. Laptop PCs can't give the best and the highest sound level to hear some low voices. Even though we can Increase the Laptop Sound Level
to the max than it can give. This trick is a simple tweak configuration steps that's provided by Windows Vista,
Windows 7 and probably Windows 8.




Here are the few steps I did to Boost my Laptop Sound Level to the
maximum.

How to Boost/Increase Laptop Sound to the Max

1) Go to Start > Control Panel

2) Click Hardware and Sound

3) Click the Manage audio devices link.

4) Select the device that you are using (e.g: Speakers ) then click Properties

5) Click Enhancements tab for all list of amelioration.

6) Check the effect that says "Loudness Equalization"

7) Click OK to apply all changes.

Done! Now open any media audio file and test the new Perfect sound without any noises that can be generated by the speakers (totally perfect and clean).


Enjoy

Saturday 31 August 2013

How to hide computer account in your computer

How to hide computer account in your computer!
 




1. Open Start menu then click on RUN.
2. Type "Regedit" press enter
3. Windows Registry editor will open then navigate from the left panel and go to:
HKLM\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon\SpecialAccounts\UserList
4. Create a new DWOR
5. setting its name to the name of the account you wish to
hide.
6. Then set its value to "0" to hide it.
Now your account is hidden!!!
This account isn't completely hidden because it is visible to administrators in Local User and Groups and also the profile is visible in the Documents and Settings.
 

To Login after you have hidden the account
 

1. At Welcome screen, and you want to login to this account.
2. Press Ctrl+Alt+Deletetwice (Onlydelete is twice)
3. It will display the log-on promt.
3. Type the username, and the password and hit enter.

Important Abbreviations for Computer Terms

Important Abbreviations for Computer Terms
 

Today I am going to tell you some very important Abbreviations that are going to help you in future. it will also help you in your competitive exams .
 

DO READ IT CAREFULLY:
 

HTTP:-Hyper Text Transfer Protocol
HTTPS:-Hyper Text Transfer Protocol Secure
IP:-Internet Protocol
URL:-Uniform Resource Locator
USB:-Universal Serial Bus
VIRUS:-Vital Information ResourceUnder Sezied
3G:-3rd Generation
GSM:-Global System for Mobile Communication
CDMA:-Code Division Multiple Access
UMTS:-UniversalMobile Telecommunication System
SIM:-SubscriberIdentity Module
AVI:-Audio Video Interleave
RTS:-Real time Streaming
SIS:-Symbian OS Installer File
AMR:-Adaptive Multi-Rate Codec
JAD:-Java Application Descriptor
JAR:-Java Archive
3GPP:-3rd Generation Partnership Project
3GP:-3rd Generation Project
MP3:-MPEG Player 3
MP4:-MPEG -4 video Files
AAC:-Advanced Audio Coding
GIF:-Grapjic InterchangeableFormat
BMP:-Bitmap
SWF:-Shock Wave Flash
WMV:-Windows media Audio
WMA:-Window Media Audio
PNG:-Portable Network Graphic
DOC:-Document (Microsoft Corporation)
PDF:-Portable Document Format
M3G:-Mobile 3D Graphics
M4A:-MPEG-4 Audio File
NTH:-Nokia Themes
THM:-Themes(Sony Ericsson)
MMF:-Synthetic Music Mobile Application File
NRT:-Nokia Ringones
XMF:-ExtensibleMusic Files
WBMP:-Wireless Bitmap Image
DVX:-DivX Video
HTML:-Hyper Text Markup Language
WML:-Wireless Markup Language
CD:-Compact Disk
DVD:-Digital Versatile Disk
CRT:- Cathode Ray Tube
DAT:-Digital Audio Tape
DOS:-Disk Operating System
GUI:-Graphical User Interface
TCP:-Transsmission Control Protocol
UPS:-Uninterruptible Power Supply
HSDPA:- High Speed Downlink Packet Access
EDGE:-Enhanced Data Rate for GSM Evolution
VHF:-Very High Frequency
UHF:-Ultra High Frequency
GPRS:-General Packet Radio Services
WAP:-Wireless Application Protocol
ARPANET:-Advanced Research Project Agency Network
IBM:-International Bussiness Machines
HP:-Hewlett Packard
AM/FM:-Amplitute/Frequency Modulation
LAN:- Local Area Network
WLAN:-Wireless Local Area Network


Create Your Own Wi-Fi Network

Below are the simple steps using which you can create your own Wi-Fi Network:
 




1) You should have Windows7 or 8 installed on your computer. It
should have internet connection to be shared over Wi-Fi network.

 

2) Most of today's computer comealready enabled with Wi-Fi capabilities (wireless network card). So if you computer is not too old, it must have already equipped with built-in Wi Fi. If your computer is too old, you can also buy a USB network adapter.
 

3) Finally, download and install a simple, free utility called Virtual
Router. After installation, open the
Virtual Router. You can choose your own network name and password to connect.
the

connection you want to share over Wi-Fi. Click “Start Virtual Router” and you are done! You can now easily find and connect to your Wi-Fi network using your phone, tablet or another computer.

4. Download it HERE