Friday, 14 November 2014

Hack Gmail, Facebook,Yahoo with Ardamax Keylogger (Free and full version)

Today i am going to show you how to hack gmail, facebook, Yahoo! Passwords using ardamax keylogger.

Procedure to hack.
Step 1) First downoad Ardamax keylogger from here. Extract the keylogger from RAR into your desired folder and open it.

Double Click the setup file and install it as normal setup by clicking next.
Once if you complete your installation, it shows an icon at the right bottom corner of your screen as shown in the figure below..

Step 2) Now right click the ardamax kelogger icon and select “enter registration key “ Enter the name and key which are there in the downloaded folder.

Step 3) Now right click the icon and select “remote installation”. Click next by checking all the boxes until you see the following window and then follow the following pictures.

Step 4) Once you are done with the above, you will see the following window. Selecting delivery method via FTP is the better option, but in this tutorial i am going with email deliverymethod.

Now fill the email options as mentioned here.
Send to- your email id
Send from- your email id
Smtp host –smtp.gmail.com
And finally your username and password. You can test whether it is working or not by clicking the test button. And finally click next to proceed.

Step 5) Now you can change your icon by selecting change icon option and then click next.

Finally you will see the following window, if you have done everything correctly.

Now send the created server file to your victim. It logs all his keystrokes and sends them to you via email.
Note: The server file you have created will be detected as a virus by your antivirus. I will write few articles on bypassing antivirus detection in my upcoming posts.

Hope you enjoyed this article,

WWW.SOFTSANDTIPS.COM

Hack Windows Passwords Using OphCrack

Have you ever thought of breaking into your friend’s password protected computer to steal his confidential files? What if you forget the password of your computer? This article will answer all these questions.

In this article i am going to show you how you can hack windows password using OPHCRACK LIVE CD.

What is OPHCRACK??

Ophcrack is a free open source program that cracks Windows passwords by using NTLM hashes through rainbow tables. By default, ophcrack is bundled with tables that allows it to crack passwords no longer than 14 characters using only alphanumeric characters. For more about rainbow tables please visit this link.

Procedure to Hack:

Step 1: Download ophcrack live cd from here.

Step 2: Make abootable CD/DVD with the downloaded iso file.

Follow the steps to create a bootable CD/DVD.

First download the ISO burner software from here. I selected this software because there is no need of installation. You can use it just by double clicking the file you downloaded.

Now put your blank CD in CD drive.

When you double click isoburner software, it shows the following screen.You can locate the file by clicking on the “open” option. and then click Burn button.

Step 3: put the CD/DVD in your CD-DRIVE

Restart your computer and change your boot options to “boot from CD/DVD”

You can do this by continuously pressing F12 or F10 when it is restarting. You may use del or esc also. This option changes computer to computer.

Then follow the instructions that shows. It is self explanatory so you can easily understand that. Once if ophcrack loads completely, it will automatically get your Windows password.

WWW.SOFTSANDTIPS.COM

Hack Remote Computers using EXTREME RAT

Hack Remote Computers using EXTREME RAT FULL Method

What is RAT?

RAT is commonly known as REMOTE ADMINISTRATION TOOL. We can control a remote pc right from our computer using these RATs.

In one of my previous articles, i have explained about team viewer which can be treated as legal. In this article i am going to show you how you can hack remote computers using RATs that are commonly known as illegal ones.

Things you require

1) EXTREME RAT

This is the RAT you are going to use. You can get it from HERE

2) No-ip.biz account

As our IP-Address is dynamic(in general), we need to make it static.

3) DUC client

We can automatically update our dynamic IP-Adress, by installing DUC client.

4) VPN (If you are behind a router)

We must enable our router to allow us to connect to a remote PC. So we need to port forward.

Instead of port forwarding we use a VPN(Virtual Private Network).

You can use Proxpn.

Procedure:

Step 1:

First you need to create an account in www.no-ip.com

Step 2:

After creating an account, login with your account and create a host. You can do this by just following the steps.

Goto this link, and login. Then follow the steps as shown in the picture.

Finally click “Create Host”.

Step 3: Setting up your server.

Open the xtreme.exe file you have downloaded.

By default, the language is Portuguese. So you can change it into English as shown in the figure below.

Now goto FIile->create server. It is shown in the figure below.

When you are done, it opens a new window and then select the “+” symbol as shown in the following figure.

Then it opens a new window and you can give any name you want as your profile name.

In my case it is “profile1”.

After this, you need to give your no-ip domain name by selecting the option “add dns”. This can be done by clicking the ”+” symbol next to your profile name.

Fill this as “yourhost.no-ip.biz:81”

Now click on “install options” and uncheck the two options as shown in the figure and then click on “create server” option which is the last one in the figure. You can follow these steps from the following figure.

Then simply click the tick mark which is green in color and save your server file. You are done.

Now upload this server file on any file hosting site and prompt your victim to download it. Or you can send it via email. When he clicks it, your client will connect to his system as shown below.

Now you will access all his files right from your computer. I have added a screen shot of how it looks like.

Legal disclaimer:

Using RATs on remote systems without their permission is illegal. This article is for educational purpose only. Dont do anything illegal. I will not be held responsible for that.

WWW.SOFTSANDTIPS.COM

Thursday, 13 November 2014

Hacking Friends PC Using Neptune

Hacking Friends PC Using Neptune Full Method

Key logger are the set of codes which can be used to record the keystrokes of Victim's PC by directly stealing the input from Kernel. In this tutorial we will show you how to make an Keylogger file using a revolutionary software PROJECT NEPTUNE V1.78 keylogger which is available as both freeware & shareware.(Before starting this procedure disable your antivirus for best results)

Software required:

*Neptune keylogger(Download link)

Step 1:Download this keylogger from the Download link above.

Step 2: open Project Neptune v1.78 from the downloaded files.

Step 3: In email settings enter your email id in “ENTER EMAIL TO SEND KEYSTROKE LOGS”(this id should be your fake id since generally email service providers recognize them as spam and delete them in 7 days)

Step 4: Provide your password in “SENDING EMAIL ACCOUNTS PASSWORD”

Step 5: provide your same email ID or different ID where you want to receive (ex:science404error@gmail.com)

Also if you have known about FTP and have a FTP account you can use that too.

Step 6 (optional): If you want to disable mouse clicking /Internet explorer/Registry commands/Run dialog box/Task manger you can do that through going to “SYSTEM WIDE “ tab and checking the necessary check boxes. You can also prevent user from accessing specific websites (ex :any online scanners)

Step 7: In Installation tab you can specify the directory where your key logger is going to RUN on your friends PC .It is best to select “system Files Folder-C:\windows\system32”

Step 8(optional): Using “EXTRA OPTIONS” tab you can display an fake error messages like “Disable Antivirus for best performance”. Also using this tab we can destroy our own key logger files after certain period of time.

During execution the error message will be displayed as

Step 9: The most important step in this process is server creation which needs bit logic .Go to “Server creation” tab on server settings type the required description, Company, Copyright for ex

*Description: windows security alert

*Company: Microsoft

*Copyright: Microsoft Corporation

You can provide anything but it must be doubtless in regarding because these details will be displayed at task manager during execution

Step 10: Next on “server generation” provide any name to your key logger file (ex:iexplorer.exe) on “SET SERVER NAME’S PROCESS AS”

Step 11: Click on “GENERATE NEW SERVER” and save it to desired location.whoa ! you created an keylogger now send that file to victim.

NOTE: these .exe files are easily detectable and cannot be send by gmail, for this purpose try to compile it with any of other games or word documents and send it to your victim.

If you have any clarifications comment on these post and we will try to solve it at best

WWW.SOFTSANDTIPS.COM

Tuesday, 11 November 2014

Hacking Website Using Havij Sql

Hacking Website Using Havij Sql

Now Lets start---->
Things you will need -->

1. Havij SQL injection Tool, download it from

Download Havij

2. A sql vunerable site, I am taking this site
http://toyonorte.com.co/catalogo_nuevos_...e.php?id=2 as an example.

Checking for sql vulnerability --->

Here i am taking http://toyonorte.com.co/catalogo_nuevos_detalle.php?id=2 as an example.

Now to check is this site vulnerable to sql, I will simply add ' after the site url

like this http://toyonorte.com.co/catalogo_nuevos_detalle.php?id=2'

and i get this error on the site

You have an error in
your SQL syntax; check the manual that corresponds to your MySQL server
version for the right syntax to use near '\'' at line 1

It means that site is vulnerable to sql injection.
Exploiting the vulnerable site --->

1. Open Havij and paste site url in target field and hit enter
2. Now wait for Havij to get all the databases of the website.

3. Now click on available databse of site and click on Get Tables like i am gonna select 535480_toyonorte of my site like in image.

4. By clicking Get Tables Havij will look after the tables available in the database.
5. Now after the
scanning Havij will get all tables, now the main work start , you have
to check it there table available named as admin, users and something
similar to these words like i get usuario in my website and select it and click on Get Columns. Like in pic given below.

6. Now after clicking Get Columns havij will get all the columns available in users table.
7. In my case i found diffrent columns like id, login, pass an many more.
8. Now select the columns and click on Get Data like in pic given below.

9. Now havij will look after the data available in columns login and password i.e admin username and passowrd like i get

username --> admin password--> 21232f297a57a5a743894a0e4a801fc3 (in encrypted form)

Like in image below

10. Now after i get
username and password there is a problem that passowrd i s encrypted in
mdm language , so we have to crack it .

11. To crack encrypted password just copy password click on MD5 tab in havij and paste the encrypted password in MD5 hash field and hit start.Now havij will try to crack the password. Like i cracked in image given below.

12. Now i get Password cracked as admin.

13. Now we will check for admin panel where we gonna login with username and passoword.

The Tutorial is Maked by Umair Abubakkar - Software Market DGK

In my case i found http://toyonorte.com.co/admin/ as admin panel, now open it in a web browser and login with username and password and now you are in admin panel.

Notes--->
1. Website hacking is illegal
2. Use proxy, tor, VPN for your security.

WWW.SOFTSANDTIPS.COM