WAR1OCKS

Most of us are very curious to know a method to send anonymous emails to our friends for fun. But the question is, is it possible to send anonymous emails in spite of the advanced spam filtering technology adopted by email service provides like Gmail, Yahoo etc? The answer is YES, it is still possible to bypass their spam filters and send anonymous emails to your friends. For example, you can send an email to your friend with the following sender details.
The art of sending this kind emails is known as Email Spoofing. In my previous post on How to Send Fake Email I insisted on using your own SMTP server to send anonymous emails. This method used to work successfully in the past, but today it has a very low success rate since Gmail and Yahoo(all major email service providers) blocks the emails that are sent directly from a PC. In this post I have come up with a new way to send anonymous emails (spoofed emails) that has 100% success rate. If you have to successfully send an anonymous email or spoofed email, you should send it using a relay server.
What is a Relay Server?
In simple words, a relay server is an SMTP Server that is trusted by Google or Yahoo as an authorised sender of the email. So, when you send an email using a relay server, the email service providers like Yahoo and Gmail blindly accept the emails and deliver it to the inbox of the recipient. If the SMTP server is not authorised, Google and Yahoo will reject all the emails sent from this SMTP server. This is the reason for which using our own SMTP server to send emails fail.
So What’s Next?
Now all we have to do is, find a trusted SMTP server to Send Spoofed Emails. Usually all the emails that are sent from web hosting providers are trusted and authorised. So, you have to find a free web hosting provider that allows you to send emails. But, most of the free Web Hosts disable the Mail feature and do not allow the users to send emails. This is done just to avoid spamming. However all the paid hosting plans allow you to send any number of emails. Once you find a hosting service that allows to send emails from their servers, it’s just a cakewalk to send anonymous emails. All we have to do is just modify the email headers to insert the spoofed From address field into it.
I have created a PHP script that allows you to send emails from any name and email address of your choice. Here is a step-by-step procedure to setup your own Anonymous Email Sender Script
1. Goto X10 Hosting  and register a new account.
2. Download my Anonymous Email Sender Script (sendmail.rar).
3. Login to your FreeWebHostingArea Account and click on File Manager.
4. Upload the sendmail.php, pngimg.php and bg1.PNG files to the server.
5. Set permissions for sendmail.php, pngimg.php and bg1.PNG to 777.
6. Now type the following URL
7. Use the script to send Anonymous Emails. Enjoy!!!
Tell me whether it worked or not. Please pass your comments…

Installing Windows from a USB flash drive has several advantages – First of all, the overall speed of the installation process will increase significantly, carrying a USB stick is much more convenient than a DVD, and finally it becomes possible to install the OS even on those systems that do not have a DVD drive, such as a netbook.

DISKPART

This will start the Microsoft DiskPart utility as shown below:

Now issue the following command:

LIST DISK

This will show you a list of  available disks on your system.

Disk 0 is usually the hard disk.

In my case, Disk 5 is the USB drive (this can be a different one in your case).

Now issue the command as shown below:

This article will help you to change your IP address within a minute. Just follow the following step and you will be thru.

1. Click on "Start" in the bottom left hand corner of screen
2. Click on "Run"
3. Type in "command" and hit ok

You should now be at an MSDOS prompt screen.

4. Type "ipconfig /release" just like that, and hit "enter"
5. Type "exit" and leave the prompt
6. Right-click on "Network Places" or "My Network Places" on your desktop.
7. Click on "properties"

You should now be on a screen with something titled "Local Area Connection", or something close to that, and, if you have a network hooked up, all of your other networks.

8. Right click on "Local Area Connection" and click "properties"
9. Double-click on the "Internet Protocol (TCP/IP)" from the list under the "General" tab
10. Click on "Use the following IP address" under the "General" tab
11. Create an IP address (It doesn't matter what it is. I just type 1 and 2 until i fill the area up).
12. Press "Tab" and it should automatically fill in the "Subnet Mask" section with default numbers.
13. Hit the "Ok" button here
14. Hit the "Ok" button again

You should now be back to the "Local Area Connection" screen.

15. Right-click back on "Local Area Connection" and go to properties again.
16. Go back to the "TCP/IP" settings
17. This time, select "Obtain an IP address automatically"
tongue.gif 18. Hit "Ok"
19. Hit "Ok" again
20. You now have a new IP address

With a little practice, you can easily get this process down to 15 seconds.

P.S:
This only changes your dynamic IP address, not your ISP/IP address. If you plan on hacking a website with this trick be extremely careful, because if they try a little, they can trace it back
Posted in Hardcore Hacking, Internet Hacking, Windows Hacking by bcracker

If you deal with Computer Security and Penetration testing , you must be knowing the importance on IP address . To perform any kind of penetration testing or hacking you first need to know the IP address . Here I am going to discuss how to obtain IP address from Gmail , Yahoo and Hotmail .

Gmail

Open the mail you have received from your friend and click on the down arrow to the
 right of the reply button. Now click on Show Original.


 You will get to see the complete headers of the mail from which you have to find 
the IP from which this mail   was sent. Mostly in case of a static IP, the IP is
shown as in the figure

Hotmail:

Right click on the received mail and select 'view message source'


 
You will get the complete message with source. This is how the originating IP looks in hotmail

Yahoo:


Open the mail and at the right bottom of the mail, click on 'Full headers'




 Again over here you will get to see the IP in the same format as in hotmail and gmail, shown above.

PART A: CONFIGURING SMTP SERVER
Once you have installed the QK SMTP server on your comp you must perform the following configuration.
1. Click on “Settings” button on the main screen,the Settings window pops up
2. On Settings window click on “Basic Parameter” tab
3. Set binding IP to “127.0.0.1″
4. Set port to “25″
PART B: SENDING FAKE EMAIL (EMAIL FORGING)
220 Welcome to QK SMTP Server 3
helo hacker (Type helo & any name followed by space)
250 Hello hacker (Server Welcomes You)
mail from:billg@microsoft.com (email ID can be anything of your choice. This is the ID from which fake email appears to have come from)
250 billg@microsoft.com Address Okay (Server gives a positive response)
rcpt to:admin@gmail.com (Type any valid recipient email address)
250 admin@gmail.com Address Okay (Server gives a positive response)
data (type this command to start input data)
354 Please start mail input
From:Gates <billg@microsoft.com>
To:admin@gmail.com
Date:Sat Jan 5,2008 9:45 PM
Subject:Test to send fake email
You can create as many headers followed by the “:” symbol.
<HERE IS YOUR DATA>End the body of email by pressing [ENTER] .(dot) [ENTER]
250 Mail queued for delivery (Sever indicates that the email is ready for sending)
quit (Type this command to quit from server)
221 Closing connection. Good bye.
Connection to host lost
(You will get the above 2 lines of message after typing “quit” command)
(Your fake email is sent to the recipient)

In this tutorial i will show you how to hack How fast you click? game in facebook by Dll injection




In computer programming, DLL injection is a technique used to run code within the address space of another process by forcing it to load a dynamic-link library. DLL injection is often used by third-party developers to influence the behavior of a program in a way its authors did not anticipate or intend  




Follow the steps to hack How fast You can click ?


1. Download cheat engine from Here
2. Open how fast you can  click game in your browser


3. Select process to open as shown 


4. Selct you browser In my case it is firefox

5. Start the game 
6. Now select enable speed hack from cheat engine and set the timer to zero 


7. Thats it you can see the timer freezed 

8. After clicking you can disable  speed hack and post your score on your wall




Note:- You can use the same hack for other games like pinball and minesweeper

In my previous article WiFi Hacking Part 1, i wrote about the necessary tools and stuff  that you require for WiFi Hacking .If you have not read the article, please go through it before reading this one

In this article i will explain how you can crack wireless network's WEP key using Backtrack in six easy steps



WiFi Hacking Part 2 


I believe all my blog readers have read the previous article WiFi Hacking Part 1, and know what are the tools and stuff that you require for WiFi hacking

Commonly Used Terms :- 

• WEP - Wired Equivalency Privacy, it is a security protocol for Wi-Fi networks
• Access Point (AP)- A wireless router
• MAC Address - Media Access Control address, a unique id assigned to wireless adapters and routers .It comes in hexadecimal format (ie 00:15:eR:21:a3:63)
• BSSID - Access Point’s MAC address
• ESSID - Access Point’s Broadcast name

Cracking WEP Using Backtrack 


Step -1 Booting Backtrack

Boot your copy of Backtrack from your USB drive (refer my article on how to make a bootable Backtrack USB ),Once booted you will be prompted for the login details, enter usename as "root" and password as "toor", finally enter "startx " to start backtrack .Now once you have logged in, launch a new konsole terminal by clicking the konsole terminal icon which is there on the task bar .Now plug in your Wifi usb card and type in the following commands in the terminal as shown

ifconfig wlan0 up

where wlan0 is the name of the wireless card ,it can be different .To see all wireless cards connected to your system simply type" iwconfig "

Step -2 Putting your WiFi card on Monitor Mode

The purpose of this step is to put your card into what is called monitor mode. Monitor mode is the mode whereby your card can listen to every packet in the air ,It is similar to a Promiscuous mode which is used for packet sniffing in a LAN .You can put your card into Monitor mode by entering the following commands in a terminal

airmon-ng  start (your interface)

Example :- airmon-ng  start wlan0

Now a new interface mon0 or ath0 will be created , You can see the new interface is in monitor mode by entering "iwconfig" as shown


Step -3  Monitor the air for WiFI connections 


Now after putting the card in monitor mode you will need to monitor the air for available wireless networks (WiFi connections)around  you , For this you'll have to use a tool called "airodump" .

So you can start monitoring the air with airodump by enter the following commands

airodump-ng  mon0

where mon0 is the new interface which we created in the previous step

Bssid shows the mac address of the AP, CH shows the channel in which AP is broadcasted and Essid shows the name broadcasted by the AP, Cipher shows the encryption type ,

Stop the process by pressing  "ctrl +c " and select your target  ,Since i am only cracking WEP  i will take "johny" as my target from now on

Step -4 Capturing Data with Airodump 

Now to crack the WEP key you'll have to capture the targets data into a file, To do this we use airodump tool again, but with some additional switches to target a specific AP and channel. Most importantly, you should restrict monitoring to a single channel to speed up data collection, otherwise the wireless card has to alternate between all channels .You can restrict the capture by giving in the following commands

airodump-ng mon0 --bssid -c (channel ) -w (file name to save )

As my target is broadcasted in channel 2 and has bssid  "98:fc:11:c9:14:22" ,I give in the following commands and save the captured data as "johnywep"

airodump-ng   mon0 --bssid  98:fc:11:c9:14:22   -c 2  -w  johnywep

Do not close this terminal (run the other commends simultaneously in an another terminal)


Step -5 Using Airepaly to Speed up the cracking  

You will have to capture at least 25,000 data packets to crack WEP .This can be done in two ways, The first one would be a (passive attack ) wait for a client to connect to the AP and then start capturing the data packets but this method is very slow, it can take days or even weeks to capture that many data packets

The second method would be an (active attack )this method is fast and only takes minutes to generate and inject that many packets .

In an active attack  you'll have do a Fake authentication (connect) with the  AP ,then you'll have to generate and inject data packets.This can be done very easily by using a tool called "airepaly"

So you can do a Fake authentication with the AP using airepaly by entering the following commands in a new terminal

airepaly-ng - 1  3  -a (bssid fo the target )  (interface)

In my case i enter the following

airepaly-ng -1 3  -a 98:fc:11:c9:14:22 mon0 

After doing a fake auth ,now its time to generate and inject Arp (data )packets . To this you'll have to open a terminal simultaneously and enter the following commands

airepaly-ng 3  -b (bssid of target)  -h ( address of your card (mon0))   (interface)

In my case i enter
airepaly-ng 3  -b 98:fc:11:c9:14:22   -h 00:c0:ca:50:f8:32 mon0

If this step was successful  you'll see Lot of data packets in the airodump capture ( step 4  ) as shown


Wait till it reaches at least 25000 packets , best would be to wait till it reaches around 80,000 to 90,000 packets .Its simple more the data packets  less the time to crack .once you captured enough number of packets, close all the process's by pressing "Ctrl +c" or by simply clicking the into mark which is there on the terminal

Strep -6 Cracking WEP  key using Aircrack 

Now its time crack the WEP key from the captured data, we use Aircrack to achieve this

Enter the following commands to crack the WEP key

aircrack-ng  (name of the captured file (step 4) )

In my case i enter 

aircrack-ng johnywep-0.1-cap

Voila you have successfully  cracked the WEP key in Six simple steps

Hope you enjoyed the post, For further doubts and clarifications please pass your comments