Friday, December 17, 2010

Google is going to map human anatomy

Google after mapped the entire earth as google earth , now planned to map into ourself , it is creating a project which enables the viewer to view the human anatomy . It uses the technology called Web GL , which  is used to render 2d and 3d graphics in web browser without the need for flash etc .

This is a google labs project , click the below link to goto that site ,

http://bodybrowser.googlelabs.com

Use a web browser such as Google chrome to view the above site , it is a JavaScript intensive page .

Thursday, December 16, 2010

Sunday, December 12, 2010

WikiLeaks backlash: The first global cyber war has begun, claim hackers

Julian Assange
WikiLeaks founder Julian Assange. Photograph: Lennart Preiss/AP

He is one of the newest recruits to Operation Payback. In a London bedroom, the 24-year-old computer hacker is preparing his weaponry for this week's battles in an evolving cyberwar. He is a self-styled defender of free speech, his weapon a laptop and his enemy the US corporations responsible for attacking the website WikiLeaks.
He had seen the flyers that began springing up on the web in mid-September. In chatrooms, on discussion boards and inboxes from Manchester to New York to Sydney the grinning face of a Guy Fawkes mask had appeared with a call to arms. Across the world a battalion of hackers was being summoned.
"Greetings, fellow anons," it said beneath the headline Operation Payback. Alongside were a series of software programs dubbed "our weapons of choice" and a stark message: people needed to show their "hatred".
Like most international conflicts, last week's internet war began over a relatively modest squabble, escalating in days into a global fight.
Before WikiLeaks, Operation Payback's initial target was America's recording industry, chosen for its prosecutions of music file downloaders. From those humble origins, Payback's anti-censorship, anti-copyright, freedom of speech manifesto would go viral, last week pitting an amorphous army of online hackers against the US government and some of the biggest corporations in the world.
Charles Dodd, a consultant to US government agencies on internet security, said: "[The hackers] attack from the shadows and they have no fear of retaliation. There are no rules of engagement in this kind of emerging warfare."
The battle now centres on Washington's fierce attempts to close down WikiLeaks and shut off the supply of confidential US government cables. By Thursday, the hacktivists were routinely attacking those who had targeted WikiLeaks, among them icons of the corporate world, credit card firms and some of the largest online companies. It seemed to be the first sustained clash between the established order and the organic, grassroots culture of the net.
But the clash has cast the spotlight wider, on the net's power to act as a thorn not only in the side of authoritarian regimes but western democracies, on our right to information and the responsibility of holding secrets. It has also asked profound questions over the role of the net itself. One blogger dubbed it the "first world information war".
At the heart of the conflict is the WikiLeaks founder, the enigmatic figure of Julian Assange – lionised by some as the Ned Kelly of the digital age for his continued defiance of a superpower, condemned by his US detractors as a threat to national security.
Calls for Assange to be extradited to the US to face charges of espionage will return this week. The counteroffensive by Operation Payback is likely to escalate.
The targets include the world's biggest online retailer, Amazon – already assaulted once for its decision to stop hosting WikiLeaks-related material – Washington, Scotland Yard and the websites of senior US politicians. There is talk of infecting Facebook, which last week removed a page used by pro-WikiLeaks hackers, with a virus that spreads from profile to profile causing it to crash. No one seems certain where the febrile cyber conflict will lead, only that it has just begun.

Thursday, December 9, 2010

Remote Spy Software

Are you looking for the Best Remote Spy Software? Do you need to spy on your remote computer without the need for physical access? But wait! Before you go for any remote spy software you should read our shocking reviews!
Well today there exists hundreds of spy software on the market and most of them are no more than a scam. Also most of these spy softwares do not support the remote monitoring feature at all. Hence as a result of these substandard products people often end up buying some crap spy software which fail to meet their needs. However there exists only a handful of Spy Softwares that support both remote installation and remote monitoring feature.

In order to help our readers to choose the best remote spy software, we decided to test and review some of the top remote spy software out there on the market. After a thorough review we conclude SniperSpy as the best Remote Spy Software. Here are the reasons for it to become our No.1 Rated Remote Spy Software.

Top features of Sniperspy which is not present in most of the other remote spy software
  • With Sniperspy you can remote watch your computer like a television! Watch what happens on the screen LIVE!
  • It is the only remote spy software with a secure control panel
  • You can remote install this software without the need for physical access
  • Sniperspy can bypass any firewall

Sniperspy is the most powerful Remote Spy Software of it’s kind. Perfect for monitoring your children, employees or any other user of your computer. You can also view chats, websites, keystrokes in any language and more, with screenshots.

Wednesday, December 8, 2010

Email spoofing .

Email spoofing is a term used to describe e-mail activity in which the sender address and other parts of the e-mail are altered and this is generally combined with phishing by hackers.


LIST OF SITES WHICH PROVIDE FAKE EMAIL SERVICES

1) deadfake.com

All you need to do is click Send Fake Email Tab and then enter From and to address and then type the mail and send it.Guys don't do this to earn any financial benefits and this is purely for educational purpose.Just prank you friends.

2) fakesend.com

This is another famous site which offer the same service.No need to create a user account you just need to enter the concerned fields and send the mail.

3) hoaxmail.co.uk

This is a very famous site which provides both email spoofing and SMS spoofing.All you need to do is create an user account and start sending spoofing emails for free.Spoofing SMS cost you based on number of SMS you want to.

These are the list of sites which I have use and found worth mentioning here.If I had left out any major site just update that as a comment.You ideas are always encouraged.

Monday, December 6, 2010

sim card cloning , the state of the art.

Hi t3ch viewers , i am here with a brand new way of hack  called sim card cloning , where a sim card similar to the orginal one can be created , and call / sms can be made using any one the sim card .
This is a punishable by law , so try at your home and don't try to implement it publicly .

In this video, Limor and Philip from Citizen Engineer, demonstrate how to clone SIM cards and hack payphones to do interesting things. The SIM card section starts with a primer on how the authentication works in the GSM world - challenge / response where the SIM contains the encryption key which is used to encrypt the challenge sent by the base station. Now the problem seems to be that there is no way to retrieve the encryption key directly from the SIM cards and the only way (which also only works for older cards) is to use a chosen plain text attack. This attack is carried out by connecting the SIM to a computer and bombarding it with encryption requests for known plain texts. After enough samples go through, the encryption key can be  cracked. Once the encryption key is known it is trivial to clone the card using a writer. The video demonstrates the whole hardware hack on how to build your own reader, however, if you do not have the patience or the necessary skills / equipment then you can purchase one from them directly.

In the later part of the video, Limor demonstrates how to modify Western Electric payphones so that they can be used as a home telephone, for VoIP (Skype) and to make it accept quarters. The whole video is more of a "hardware hacking" session than much of software. Its very well made and is definitely a recommended watch.







Denial of services . what is it ?how it is implemented ?

Hope u all heard that wiki leaks web site is made unavailable  due to various attacks , one of such attacks is denial of service attack , where a high amount of traffic is sen to the website , thus disabling the site being accessed by other , lets now check about this attack .

What is a denial-of-service (DoS) attack?

In a denial-of-service (DoS) attack, an attacker attempts to prevent legitimate users from accessing information or services. By targeting your computer and its network connection, or the computers and network of the sites you are trying to use, an attacker may be able to prevent you from accessing email, websites, online accounts (banking, etc.), or other services that rely on the affected computer. The most common and obvious type of DoS attack occurs when an attacker "floods" a network with information. When you type a URL for a particular website into your browser, you are sending a request to that site's computer server to view the page. The server can only process a certain number of requests at once, so if an attacker overloads the server with requests, it can't process your request. This is a "denial of service" because you can't access that site.
An attacker can use spam email messages to launch a similar attack on your email account. Whether you have an email account supplied by your employer or one available through a free service such as Yahoo or Hotmail, you are assigned a specific quota, which limits the amount of data you can have in your account at any given time. By sending many, or large, email messages to the account, an attacker can consume your quota, preventing you from receiving legitimate messages.

What is a distributed denial-of-service (DDoS) attack?

In a distributed denial-of-service (DDoS) attack, an attacker may use your computer to attack another computer. By taking advantage of security vulnerabilities or weaknesses, an attacker could take control of your computer. He or she could then force your computer to send huge amounts of data to a website or send spam to particular email addresses. The attack is "distributed" because the attacker is using multiple computers, including yours, to launch the denial-of-service attack.

How do you avoid being part of the problem?

Unfortunately, there are no effective ways to prevent being the victim of a DoS or DDoS attack, but there are steps you can take to reduce the likelihood that an attacker will use your computer to attack other computers:
  • Install and maintain anti-virus software
  • Install a firewall, and configure it to restrict traffic coming into and leaving your computer
  • Follow good security practices for distributing your email address . Applying email filters may help you manage unwanted traffic.

How do you know if an attack is happening?

Not all disruptions to service are the result of a denial-of-service attack. There may be technical problems with a particular network, or system administrators may be performing maintenance. However, the following symptoms could indicate a DoS or DDoS attack:
  • unusually slow network performance (opening files or accessing websites)
  • unavailability of a particular website
  • inability to access any website
  • dramatic increase in the amount of spam you receive in your account

What do you do if you think you are experiencing an attack?

Even if you do correctly identify a DoS or DDoS attack, it is unlikely that you will be able to determine the actual target or source of the attack. Contact the appropriate technical professionals for assistance.
  • If you notice that you cannot access your own files or reach any external websites from your work computer, contact your network administrators. This may indicate that your computer or your organization's network is being attacked.
  • If you are having a similar experience on your home computer, consider contacting your internet service provider (ISP). If there is a problem, the ISP might be able to advise you of an appropriate course of action.

Saturday, December 4, 2010

Google Chrome OS Netbook Set for Dec. 7 Unveiling



Google will unveil a Chrome OS netbook Dec. 7. Key questions include: 

when can the public get them, and will the iPad and Android machines 

allow them to prosper?


Google is hosting an event Dec. 7 where it will likely demonstrate a netbook based on its long-awaited Chrome operating system.
Chrome OS is Google's support platform for its increasingly popular Chrome Web browser, which accounts for 9.27 percent of browser use, according to Net Applications.
Google intends the platform to run on netbooks and other machines with keyboards, booting up in seconds as an alternative to computers based on Microsoft Windows, Apple Mac OS and Linux.
Google late Dec. 3 e-mailed eWEEK a media invitation to a Chrome-related event, stating simply: "On Dec. 7, we will host an event in San Francisco where we plan to share some exciting news about Chrome."
Engadget and other tech blogs said that this event will feature Chrome OS on a Google-branded netbook, and possibly the formal launch of the Chrome Web Store, which will provide an outlet for programmers to showcase and sell Web applications for the platform.
Engadget said the Intel Atom chip-powered machine "isn't going to be a mass market device" and that there will only be around 65,000 units available to Googlers and their friends and family.
Chrome OS is still very much in a beta stage unfit for mass consumption. The blog also offers pictures of a Chrome OS netbook keyboard here.
Google released Chrome OS to open source in November 2009 with the stated goal of getting Chrome OS machines from partners such as Acer, Asus, HP, Lenovo and Toshiba to consumers in time for the holiday shopping season.
Black Friday, the prime time for selling such consumer electronics devices, has come and gone with no Chrome OS machines launched.
Google CEO Eric Schmidt said at the Web 2.0 Summit Nov. 15 that Chrome OS was a few months from public launch on netbooks.
Google has clearly been testing Chrome OS netbooks in house, which is what company engineers will show off at an event in San Francisco Tuesday. Expect a mass consumer launch of Chrome OS netbooks in 2011.
Tthe market's reception of the device should be interesting to watch. Apple's iPad and Android-based tablet computers such as Samsung's Galaxy Tab havechomped PC and netbook share in the latter half of 2010.

SQL bug in Madurai kamraj university site!

SQL injection discovered  by Hussain , on Madurai Kamraj University site , this allow the user to see the results of all students without specifying  a register number .

POC:

1. link : http://www.mkuniversity.org/results_new.php

2. Select any course , instead of register number copy and paste this code and press get results button .




3.You can see results of all student without requiring  a register number , this works on similar site , to bypass authentication.


this injection can be also used to insert malicious sql command which can delete all the marks of the student from the database . :(


Enjoy .

Friday, December 3, 2010

China phone , fly phone , benq and other mobiles all in one code .

Hi viewers here are some of the service code for various china mobiles , hope u enjoy the collection


ALL CHINA MOBILES CODE


*#66*# Set Factory Mode CONFIRMED
*#8375# Show Software Version CONFIRMED
*#1234# A2DP ACP Mode CONFIRMED
*#1234# A2DP INT Mode CONFIRMED
*#0000# + Send : Set Default Language CONFIRMED
*#0007# + Send : Set Language to Russian CONFIRMED
*#0033# + Send : Set Language to French CONFIRMED
*#0034# + Send : Set Language to Spanish CONFIRMED
*#0039# + Send : Set Language to Italian CONFIRMED
*#0044# + Send : Set Language to English CONFIRMED
*#0049# + Send : Set Language to German CONFIRMED
*#0066# + Send : Set Language to Thai CONFIRMED
*#0084# + Send : Set Language to Vietnamese CONFIRMED
*default user code: 1122, 3344, 1234, 5678

Engineer mode: *#110*01#
Factory mode: *#987#
Enable COM port: *#110*01# -> Device -> Set UART -> PS Config -> UART1/115200
Restore factory settings: *#987*99#
LCD contrast: *#369#
software version: *#800#
software version: *#900#
set default language: *#0000# Send
set English language: *#0044# Send

set English language (new firmware): *#001# Send also#0966# + Send : Set Language to Arabic CONFIRMED




Service codes for FLY mobile .



M100 software version: ####0000#
2040(i) reset defaults: *#987*99# Send
MX200 reset defaults: *#987*99# Send
MX200 software version: *#900# Send
SL300m reset defaults: *#987*99# Send
SL300m software version: *#900# Send
SL500m reset defaults: *#987*99# Send
SL500m software version: *#900# Send
MP500 reset defaults: *#987*99# Send
MP500 software version: *#900# Send
Set language to English: *#0044#
Set language to Russian: *#0007#
Service codes Konka:
C926 software version: *320# Send
C926 set default language: *#0000# Send
C926 set English language: *#0044# Send
Service codes GStar:
GM208 (Chinese Nokea 6230+) engineering menu: *#66*#
Set language to English: *#0044#
Set language to Russian: *#0007#
Service codes Motofone-F3:
Motofone F3 software version: **9999* Send
***300* Set SIM Pin
***310* / ***311* SIM Pin ON | OFF
***000* Reset Factory settings
***644* Set Voicemail number
***260* / ***261* Auto keypad lock ON | OFF
***510* / ***511* Voice Prompts ON | OFF
***160* / ***161* Restricted Calling (Phonebook only) ON | OFF
***200608* Send: software version
***200606* Send: software version
***200806* Send: flex version
***250* / ***251* Keypad tones ON | OFF
***470* Select time format
***500* /***501* Prepaid Balance Display ON | OFF
***520* Change language
Service codes Motorola:
C113, C114, C115, C115i, C116, C117, C118 software version: #02#*
C138, C139, C140 software version: #02#*
C155, C156, C157 software version: #02#*
C257, C261 software version: #02#*
V171, V172, V173 software version: #02#*
V175, V176, V176 software version: #02#*
C168, W220 software version: *#**837#
W208, W375 software version: #02#*
and "yes"''







Service codes for BenQ:

software version: *#300#
test mode: *#302*20040615#
Service codes Pantech:
software version: *01763*79837#
service menu: *01763*476#
reset defaults (phone/user code reset to default): *01763*737381#
Service codes 3xx, 5xx:
software version: *#79#
software version: *#837#
Service codes VK200, VK2000, VK2010, VK2020, VK4000:
software version: *#79#
service menu: *#9998*8336# (hold #)
reset defaults (phone/user code reset to default): *#9998*7328# (hold #)
Service codes LG:
software version: 2945#*#
Service codes Sony-Ericsson:
J100 software version: #82#
Service codes Fly:
2040(i) reset defaults: *#987*99# Send
MX200 reset defaults: *#987*99# Send
MX200 software version: *#900# Send
SL300m reset defaults: *#987*99# Send
SL300m software version: *#900# Send
SL500m reset defaults: *#987*99# Send
SL500m software version: *#900# Send
MP500 reset defaults: *#987*99# Send
MP500 software version: *#900# Send
Set language to English: *#0044#
Set language to Russian: *#0007#
Service codes Konka:
C926 software version: *320# Send
C926 set default language: *#0000# Send
C926 set English language: *#0044# Send
Service codes GStar:
GM208 (Chinese Nokea 6230+) engineering menu: *#66*#
Set language to English: *#0044#
Set language to Russian: *#0007#
Service codes Motorola:
Motofone F3 software version: **9999* Send
C113, C114, C115, C115i, C116, C117, C118 software version: #02#*
C138, C139, C140 software version: #02#*
C155, C156, C157 software version: #02#*
C257, C261 software version: #02#*
V171, V172, V173 software version: #02#*
V175, V176, V176 software version: #02#*
C168, W220 software version: *#**837#
W208, W375 software version: #02#*
ZTE Mobile:>1- *938*737381#
2- PHONE WILL DIPLAYED DONE
3- POWER OFF YOUR PHONE AND POWER ON AGAIN
alcatel:>E205
unlocking phone code,only press***847# without simcard
E900 software version: *#5002*8376263#
E900 full reset: *2767*3855#
Service codes Spice:
S404 enable COM port: *#42253646633# -> Device -> Set UART -> PS -> UART1/115200
S410 engineer mode: *#3646633#
S900 software version: *#8375#
S900 serial no: *#33778#
Service codes Philips:
S200 enable COM port: *#3338913# -> Device -> Set UART -> PS -> UART1/115200
Service codes "Chinese" models:
default user code: 1122, 3344, 1234, 5678
Engineer mode: *#110*01#
Factory mode: *#987#
Enable COM port: *#110*01# -> Device -> Set UART -> PS Config -> UART1/115200
Restore factory settings: *#987*99#
LCD contrast: *#369#
software version: *#800#
software version: *#900#
Service codes BenQ:
software version: *#300#
test mode: *#302*20040615#
Service codes Pantech:
software version: *01763*79837#
service menu: *01763*476#
reset defaults (phone/user code reset to default): *01763*737381#
Service codes VK-Mobile 3xx, 5xx:
software version: *#79#
software version: *#837#
service menu: *#85*364# (hold #)
Service codes VK200, VK2000, VK2010, VK2020, VK4000:
software version: *#79#
service menu: *#9998*8336# (hold #)
reset defaults (phone/user code reset to default): *#9998*7328# (hold #)
Service codes LG:
software version: 2945#*#
KG300 NVRAM format: 2945#*# -> menu 15
Service codes Sony-Ericsson:
J100 software version: #82#
Service codes Fly:
M100 software version: ####0000#
2040(i) reset defaults: *#987*99# Send
MX200 reset defaults: *#987*99# Send
MX200 software version: *#900# Send
SL300m reset defaults: *#987*99# Send
SL300m software version: *#900# Send
SL500m reset defaults: *#987*99# Send
SL500m software version: *#900# Send
MP500 reset defaults: *#987*99# Send
MP500 software version: *#900# Send
Set language to English: *#0044#
Set language to Russian: *#0007#
Service codes Konka:
C926 software version: *320# Send
C926 set default language: *#0000# Send
C926 set English language: *#0044# Send
Service codes GStar:
GM208 (Chinese Nokea 6230+) engineering menu: *#66*#
Set language to English: *#0044#
Set language to Russian: *#0007#
Service codes Motofone-F3:
Motofone F3 software version: **9999* Send
***300* Set SIM Pin
***310* / ***311* SIM Pin ON | OFF
***000* Reset Factory settings
***644* Set Voicemail number
***260* / ***261* Auto keypad lock ON | OFF
***510* / ***511* Voice Prompts ON | OFF
***160* / ***161* Restricted Calling (Phonebook only) ON | OFF
***200608* Send: software version
***200606* Send: software version
***200806* Send: flex version
***250* / ***251* Keypad tones ON | OFF
***470* Select time format
***500* /***501* Prepaid Balance Display ON | OFF
***520* Change language
Service codes Motorola:
C113, C114, C115, C115i, C116, C117, C118 software version: #02#*
C138, C139, C140 software version: #02#*
C155, C156, C157 software version: #02#*
C257, C261 software version: #02#*
V171, V172, V173 software version: #02#*
V175, V176, V176 software version: #02#*
C168, W220 software version: *#**837#
W208, W375 software version: #02#*
and "yes"''
chiniss cord & pin out
some chinese Mobile Code And Pinouts ::::::::::::>>>>>>>>>>
Service codes BenQ:
software version: *#300#
test mode: *#302*20040615#
Service codes Pantech:
software version: *01763*79837#
service menu: *01763*476#
reset defaults (phone/user code reset to default): *01763*737381#
Service codes 3xx, 5xx:
software version: *#79#
software version: *#837#
Service codes VK200, VK2000, VK2010, VK2020, VK4000:
software version: *#79#
service menu: *#9998*8336# (hold #)
reset defaults (phone/user code reset to default): *#9998*7328# (hold #)
Service codes LG:
software version: 2945#*#
Service codes Sony-Ericsson:
J100 software version: #82#
Service codes Fly:
2040(i) reset defaults: *#987*99# Send
MX200 reset defaults: *#987*99# Send
MX200 software version: *#900# Send
SL300m reset defaults: *#987*99# Send
SL300m software version: *#900# Send
SL500m reset defaults: *#987*99# Send
SL500m software version: *#900# Send
MP500 reset defaults: *#987*99# Send
MP500 software version: *#900# Send
Set language to English: *#0044#
Set language to Russian: *#0007#
Service codes Konka:
C926 software version: *320# Send
C926 set default language: *#0000# Send
C926 set English language: *#0044# Send
Service codes GStar:
GM208 (Chinese Nokea 6230+) engineering menu: *#66*#
Set language to English: *#0044#
Set language to Russian: *#0007#
Service codes Motorola:
Motofone F3 software version: **9999* Send
C113, C114, C115, C115i, C116, C117, C118 software version: #02#*
C138, C139, C140 software version: #02#*
C155, C156, C157 software version: #02#*
C257, C261 software version: #02#*
V171, V172, V173 software version: #02#*
V175, V176, V176 software version: #02#*
C168, W220 software version: *#**837#
W208, W375 software version: #02#*
ZTE Mobile:>1- *938*737381#
2- PHONE WILL DIPLAYED DONE
3- POWER OFF YOUR PHONE AND POWER ON AGAIN
alcatel:>E205
unlocking phone code,only press***847# without simcard
E900 software version: *#5002*8376263#
E900 full reset: *2767*3855#
Service codes Spice:
S404 enable COM port: *#42253646633# -> Device -> Set UART -> PS -> UART1/115200
S410 engineer mode: *#3646633#
S900 software version: *#8375#
S900 serial no: *#33778#
Service codes Philips:
S200 enable COM port: *#3338913# -> Device -> Set UART -> PS -> UART1/115200
Service codes "Chinese" models:
default user code: 1122, 3344, 1234, 5678
Engineer mode: *#110*01#
Factory mode: *#987#
Enable COM port: *#110*01# -> Device -> Set UART -> PS Config -> UART1/115200
Restore factory settings: *#987*99#
LCD contrast: *#369#
software version: *#800#
software version: *#900#
Service codes BenQ:
software version: *#300#
test mode: *#302*20040615#
Service codes Pantech:
software version: *01763*79837#
service menu: *01763*476#
reset defaults (phone/user code reset to default): *01763*737381#
Service codes VK-Mobile 3xx, 5xx:
software version: *#79#
software version: *#837#
service menu: *#85*364# (hold #)
Service codes VK200, VK2000, VK2010, VK2020, VK4000:
software version: *#79#
service menu: *#9998*8336# (hold #)
reset defaults (phone/user code reset to default): *#9998*7328# (hold #)
Service codes LG:
software version: 2945#*#
KG300 NVRAM format: 2945#*# -> menu 15
Service codes Sony-Ericsson:
J100 software version: #82#
[Quote] [Report] [Reply]
[Adv.] China Phones Flash Box 






Back door in ProFTPD FTP server

Back door in ProFTPD FTP server

ProFTPD LogoUnknown attackers penetrated the server hosting the open source ProFTPD FTP server project and concealed a back door in the source code. The back door provides the attackers with complete access to systems on which the modified version of the server has been installed. On installation, the modified version informs the group behind the back door by contacting an IP address in the Saudi Arabia area. Entering the command 'HELP ACIDBITCHEZ' results in the modified server displaying a root shell.
Ironically, to place their back door, the attackers used a zero day vulnerability in ProFTPD itself, which the developers were using to make the source code available to users. The modification was carried out on the 28th November and discovered and reverted on 1st December. Because the project's main server, which also feeds various mirrors via rsync, was affected, the modified code has probably been delivered via official mirrors right up until today.
Users can use the MD5 hash or PGP signature to determine whether they have downloaded the bad version of the source code. The developers have not revealed any details of the vulnerability used to penetrate the project server. The attackers may have exploited the still unpatched vulnerability in the SQL module highlighted in the hacker magazine Phrack in mid November.

Mind blowing google tips .

Google offers you a wide variety of helpful search keywords , check it out !!!

1.Get Whether Information from Google.

2.listen to music on google .




3.Use google as a calculator .

4.search your mail effectively .


5. get the current time from google .



6. get notifications from google when u receive a mail .


This Google Chrome extension sends a pop-up notification to your desktop whenever you receive a new Gmail message. There is also an application,Google Notifier for Mac, that "shows you alerts in your menu bar, so you can see when you have new Gmail messages or upcoming Google Calendar events without having to open a web browser."


7. get directly to your search.



Google's "I'm Feeling Lucky" button, featured on Google's home page since 1998, sidesteps the Google results page and takes the user directly to the website of the first search result. Typing "huffpo" into the search bar and clicking the Lucky button opens the Huffington Post's front page.


GOOGLE rocks .

Thursday, December 2, 2010

40 Pakistani government websites hacked


Nearly 40 Pakistani government websites were cyber attacked Tuesday by a group of hackers calling itself the “Indian Cyber Army,” The Express Tribune reports.
The websites were hosted on a single server, which allowed the hackers to take over multiple sites simultaneously, according to an email sent by the hackers. The hackers defaced several of the websites, displaying messages such as “Indian Cyber Army owns you. Rest in peace, the heroes of 26/11 who laid their precious lives for the country … because of some Pakistanis, whole of Pakistan is being given bad words.”
Nov. 26, 2008 marks the date when more than 10 coordinated shooting and bombing attacks occurred across Mumbai by Islamic terrorists from Pakistan. The attacks began Nov. 26, 2008, and lasted three days, killing at least 163 people, according to The New York Times.
Along with the written messages on the websites was an image of U.S. soldiers raising a flag on Iwo Jima, with the flag transformed into the Indian national flag. Background music also played a “highly patriotic Indian song,”according to two of the hackers involved, Jackh4x0r and LuCkY, who spoke to Hacker Regiment.
The two hackers also said this particular attack was to convey a message to the Pakistanis “on opposing the terror route being followed by their nation to disturb neighbours.”
“And 26/11 was the ideal time for conveying this message when our brave soldiers laid their precious life for the country people,” Jackh4x0r said.

Windows 7 rearm hack

Most of you might be aware of the fact that it is possible to use Windows 7 and Vista for 120 days without activation. This is actually possible using the slmgr -rearm command which will extend the grace period from 30 days to 120 days. However in this post I will show you a small trick using which it is possible to use Windows 7 without activation for approximately an year! Here is a way to do that.
1. Goto “Start Menu -> All Programs -> Accessories” . Right click on “Command Prompt” and select “Run as Administrator“. If you are not the administrator then you are prompted to enter the password, or else you can proceed to step-2.
2. Now type the following command and hit enter
slmgr -rearm
3. You will be prompted to restart the computer. Once restarted the trial period will be once again reset to 30 days. You can use the above command for up to 3 times by which you can extend the trial period to 120 days without activation.
4. Now comes the actual trick by which you can extend the trial period for another 240 days. Open Registry Editor (type regedit in “Run” and hit Enter) and navigate to the following location

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform

5. In right-side pane, change value of SkipRearm to 1.
6. Now you will be able to use the slmgr -rearm command for another 8 times so that you can skip activation process for another 240 days. So you will get 120 + 240 = 360 days of free Windows 7 usage.
120 days using “slmgr -rearm” command before registry edit
+
240 days using “slmgr -rearm” command after registry edit
= 360 Days

Wednesday, December 1, 2010

Programming competition at Bengalooru .

Any programmer cum Hacker in and around bangalooru can participate in this contest by a community called
Random Hacks of Kindness.  It is a world level contest , where  participators are request to give   innovative ideas and design application that would help a large community of peoples .Example tsunami predictor  etc .The best innovative idea and application will be given cash prizes .
Sponsors :  Microsoft , NASA , Google, Yahoo , World Bank .
Click here for more info and registration :
http://www.rhok.org/2010/10/registration-for-rhok-2-is-open/
Register fast.
Other locations of the event worldwide

Main Stages:

Global Satellites:

XSS bug on infolinks website spotted by rascal .

Before introducing the bugs , i want to say about info links site ,
about this infolinks.com


Infolinks intelligently scans web pages using its dynamic proprietary algorithm and converts carefully selected keywords into relevant Pay Per Click (PPC) in-text ads. These ads appear as double underlined hyperlinks in the Web content itself. The process of integrating in-text ads into websites is short and simple. The basic integration requires the insertion of one line of Javascript code into the website’s html.
Infolinks in-text ads are seen on thousands of websites and are used by content based web publishers as an effective means to monetize.
Infolinks was established in 2007 and is headquarter in Mountain View, California.

this site has a xss bug , 
click the below link

screen shot using another xss bug ,



Biggest collection of Hacked Emails and Passwords .

The ultimate hack by the Rascal , check it out
It is a collection of 100s of user IDs and passwords hacked by me

Download Link:


Password is: t3ch.in

How to Trace Mobile Numbers

With the rapid growth of mobile phone usage in recent years, we have often observed that the mobile phone has become a part of many illegal and criminal activities. So in most cases, tracing the mobile number becomes a vital part of the investigation process. Also sometimes we just want to trace a mobile number for reasons like annoying prank calls, blackmails, unknown number in a missed call list or similar.

Even though it is not possible to trace the number back to the caller, it is possible to trace it to the location of the caller and also find the network operator. Just have a look at this page on tracing Indian mobile numbers from Wikipedia. Using the information provided on this page, it is possible to certainly trace any mobile number from India and find out the location (state/city) and network operator (mobile operator) of the caller. All you need for this is only the first 4-digit of the mobile number. In this Wiki page you will find all the mobile number series listed in a nice tabular column where they are categorized based on mobile operator and the zone (state/city). This Wiki page is updated regularly so as to provide up-to-date information on newly added mobile number series and operators. I have used this page many a time and have never been disappointed.

If you would like to use a simpler interface where in you can just enter the target mobile number and trace the desired details, you can try this link from Numbering Plans. Using this link, you can trace any number in the world.

By using the information in this article, you can only know “where” the call is from and not “who” the caller is. Only the mobile operator is able to tell you ”who” the caller is. So if you’re in an emergency and need to find out the actual person behind the call, I would recommend that you file a complaint and take the help of police. I hope this information has helped you!

Links available for tracing mobiles are ,

http://www.indiatrace.com/trace-mobile-number-location/trace-mobile-number.php

http://trace.bharatiyamobile.com/

mobile application available:
http://www.getjar.com/mobile/18195/indian-mobile-no-locator---shaplus-mobile-info/

http://www.getjar.com/mobile/48172/mobile-number-tracer-v1/

best security tools .


here are some of the popular security / hacking tools that range from port scanning to password cracking , check it out .
1. Nmap
I think everyone has heard of this one, recently evolved into the 4.x series.
Nmap (“Network Mapper”) is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of comuters and both console and graphical versions are available. Nmap is free and open source.
Can be used by beginners (-sT) or by pros alike (–packet_trace). A very versatile tool, once you fully understand the results.
2. Nessus Remote Security Scanner
Recently went closed source, but is still essentially free. Works with a client-server framework.
Nessus is the world’s most popular vulnerability scanner used in over 75,000 organizations world-wide. Many of the world’s largest organizations are realizing significant cost savings by using Nessus to audit business-critical enterprise devices and applications.
3. John the Ripper
John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches.
4. Nikto
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3200 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired).
Nikto is a good CGI scanner, there are some other tools that go well with Nikto (focus on http fingerprinting or Google hacking/info gathering etc, another article for just those).
5. SuperScan
Powerful TCP port scanner, pinger, resolver. SuperScan 4 is an update of the highly popular Windows port scanning tool, SuperScan.
If you need an alternative for nmap on Windows with a decent interface, I suggest you check this out, it’s pretty nice.
6. p0f
P0f v2 is a versatile passive OS fingerprinting tool. P0f can identify the operating system on:
– machines that connect to your box (SYN mode),
– machines you connect to (SYN+ACK mode),
– machine you cannot connect to (RST+ mode),
– machines whose communications you can observe.
Basically it can fingerprint anything, just by listening, it doesn’t make ANY active connections to the target machine.
7. Wireshark (Formely Ethereal)
Wireshark is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Wireshark features that are missing from closed-source sniffers.
Works great on both Linux and Windows (with a GUI), easy to use and can reconstruct TCP/IP Streams! Will do a tutorial on Wireshark later.
8. Yersinia
Yersinia is a network tool designed to take advantage of some weakeness in different Layer 2 protocols. It pretends to be a solid framework for analyzing and testing the deployed networks and systems. Currently, the following network protocols are implemented: Spanning Tree Protocol (STP), Cisco Discovery Protocol (CDP), Dynamic Trunking Protocol (DTP), Dynamic Host Configuration Protocol (DHCP), Hot Standby Router Protocol (HSRP), IEEE 802.1q, Inter-Switch Link Protocol (ISL), VLAN Trunking Protocol (VTP).
The best Layer 2 kit there is.
9. Eraser
Eraser is an advanced security tool (for Windows), which allows you to completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns. Works with Windows 95, 98, ME, NT, 2000, XP and DOS. Eraser is Free software and its source code is released under GNU General Public License.
An excellent tool for keeping your data really safe, if you’ve deleted it..make sure it’s really gone, you don’t want it hanging around to bite you in the ass.
10. PuTTY
PuTTY is a free implementation of Telnet and SSH for Win32 and Unix platforms, along with an xterm terminal emulator. A must have for any h4x0r wanting to telnet or SSH from Windows without having to use the crappy default MS command line clients.
11. LCP
Main purpose of LCP program is user account passwords auditing and recovery in Windows NT/2000/XP/2003. Accounts information import, Passwords recovery, Brute force session distribution, Hashes computing.
A good free alternative to L0phtcrack.
12. Cain and Abel
My personal favourite for password cracking of any kind.
Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols. The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort.
13. Kismet
Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic.
A good wireless tool as long as your card supports rfmon (look for an orinocco gold).
14. NetStumbler
Yes a decent wireless tool for Windows ! Sadly not as powerful as it’s Linux counterparts, but it’s easy to use and has a nice interface, good for the basics of war-driving.
NetStumbler is a tool for Windows that allows you to detect Wireless Local Area Networks (WLANs) using 802.11b, 802.11a and 802.11g. It has many uses:
  • Verify that your network is set up the way you intended.
  • Find locations with poor coverage in your WLAN.
  • Detect other networks that may be causing interference on your network.
  • Detect unauthorized “rogue” access points in your workplace.
  • Help aim directional antennas for long-haul WLAN links.
  • Use it recreationally for WarDriving.
15. hping
To finish off, something a little more advanced if you want to test your TCP/IP packet monkey skills.
hping is a command-line oriented TCP/IP packet assembler/analyzer. The interface is inspired to the ping unix command, but hping isn’t only able to send ICMP echo requests. It supports TCP, UDP, ICMP and RAW-IP protocols, has a traceroute mode, the ability to send files between a covered channel, and many other features.

Twitter Delicious Facebook Digg Stumbleupon Favorites More

 
Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | Best Web Host