Showing posts with label Hacking. Show all posts

How To Pentest With Your Android Device - dSploit

An Awesome video tutorial created by Security Geeks about how to hack computers and routers using your smart phone.


For this purpose the phone must be rooted.
Alright guys check out this video.

Video available in HD as well. Just change the quality.
Credits : Security Geeks ;)

Biggest Cyber Attack In History Is Taking Place Right Now

Global internet slows after 'biggest attack in history'

The Biggest Cyber Attack In History Is Taking Place Right Now
Internet speeds around the world have noticeably slowed down due to a massive "distributed denial of service" attack, reports the BBC.
These DDoS attacks bombard targeted web servers with so much dummy traffic that people trying to access a site for legitimate purposes are unable to do so. It's most analogous to a traffic jam on a highway with no one able to move.
The BBC says that security experts are describing it as "the biggest cyber-attack in history."
The attacks were focused on a company called Spamhaus, which maintains a "domain name system" to connect a typed-in URL to the correct server hosting the appropriate content. With this company's services compromised, large portions of the web became less stable.

A Dutch web host called Cyberbunker states that it will host anything except child pornography or terrorism-related content. Spamhaus blocked Cyberbunker's servers in an effort to weed out any spammers that might host their content with the company.

Now Spamhaus is alleging that Cyberbunker is collaborating with a Russian and Eastern European criminal organizations to facilitate the attacks.

A DDoS attack of 50 gigabits per second is usually enough to take out a major bank. Spamhaus is seeing sustained attacks of 300 gigabits per second. It's only because of its distributed structure helping to effectively reduce the load that it's still operational.

Read More at BBC News: Global internet slows after 'biggest attack in history'

Burger King Twitter account 'HACKED'.

US fast-food company Burger King has said its Twitter account may have been hacked, after its profile picture was changed to a McDonalds logo.

Somebody hacked Burger King's Twitter account on Monday, posting obscene messages and changing its profile picture to a McDonald's logo.

The tweets stopped after a little more than an hour, and Burger King said it had reached out to Twitter to suspend the account. 

The Burger King account was suspended, but a screengrab posted by @AnonymousPress showed the @BurgerKing's Twitter page where it was written: "Burger King USA official Twitter account. Just got sold to McDonalds because the whopper flopped."

The Twitter mishap isn't all bad news for Burger King though — the account added 5,000 new followers in the first 30 minutes since the hackers took over.

A spokesman for Burger King said: "It has come to our attention that the Twitter account of BURGER KING has been hacked.

"We have worked directly with administrators to suspend the account until we are able to re-establish our legitimate site and authentic postings.

"We apologize to our followers who have been receiving erroneous tweets about other members of our industry and additional inappropriate topics."

Please keep visiting "" for more updates.
Please comment for any questions or suggestions.

Top 10 Hacking Websites of 2012

Top 10 Hacking Websites of 2012
Here is the list of Top 10 Hacking resource websites of 2012.
# 1.

News and editorials on security related topics, along with a database of security knowledge. This is symentic Technical poratl managed by Symentic Research Team.

Link : -

Hack A Day
# 2. Hack A Day

A Hardware Hack Every Day. This website is updated everyday with at least one hardware hack. i love this one. 

Metasploit Project
# 3. Metasploit Project

Open-source platform for developing, testing, and using exploit code. Downloads and release notes. [Windows, Unix]

Link :-

Packet Storm
# 4. Packet Storm

Security information portal. Offers database of advisories, exploits, tools, papers and security news.

Link :-
# 5.

Network Security Tools/Software (Free Download) including Nmap Open Source Network Security Scanner; Redhat Linux,Microsoft Windows,FreeBSD,UNIX Hacking.

Links : -
# 6.

Exploit database separated by exploit type (local, remote, DoS, etc.)

Link: -

By the way Milworm is shut down now. you can visit for exploits. By Inject0r Team
# 7. By Inject0r Team

Inj3ct0r is the ultimate database of exploits and vulnerabilities and a great resource for vulnerability researchers and security professionals.

Link :-

# 8. Ophcrack

Ophcrack is a Windows Password cracker based on Rainbow Tables.

Link :-

# 9. gHacks

A daily update website with software reviews, Windows and Linux tutorials as well as Internet news.

Link :-

Hack This Site!
# 10. Hack This Site!

HackThisSite! is a legal and safe network security resource where users test their hacking skills on various challenges and learn about hacking and network security. Also provided are articles, comprehensive and active forums, and guides and tutorials. Learn how to hack!

Link : -

I Hope you will enjoy reading this article and you will enjoy visiting these site as well.
Keep visiting for more Techno Updates.
You may like to download some latest Bollywood movies and Video Songs go here :-

Comment and share your comments here.. :)

George Bush's family emails, photos hacked

A hacker apparently accessed private photos and emails sent between members of the Bush Family, including both former presidents, and a spokesman for George HW Bush said a criminal investigation is under way. George Bush's family emails, photos hacked

George Bush's family emails, photos hacked

The Smoking Gun website said the hacker, who went by the online moniker "Guccifer," gained access to emails, photos, private telephone numbers and addresses of Bush family members and friends.
The website displayed photos it said came from the hacker, including one that purported to show the elder Bush during his recent near-two-month stay in a Houston hospital where the 88-year-old was treated for complications arising from a bronchial infection.

The authenticity of the photos and other details on the website could not immediately be confirmed. A spokesman for former president George HW Bush declined to comment on the reports.

"There's a criminal investigation and, as such, there's nothing else we can say," Jim McGrath told The Associated Press Friday.

The FBI in Houston, where Bush lives, was similarly tight-lipped.

"We do not confirm or deny the existence of any investigation," Houston FBI spokeswoman Shauna Dunlap said.

Freddy Ford, a spokesman for former president George W Bush, who has a home in Dallas, also said Friday he "won't be commenting."

The word "Guccifer" is plastered across the photos published on the Smoking Gun website in translucent, neon blue print. The website quotes "Guccifer" as describing himself as a veteran hacker who has long been in the government's sights.

DRDO and PMO Websites Hacked By Algerian hackers !

DRDO and PMO Websites Hacked By Algerian hackers !

DRDO and PMO Websites Hacked !
DRDO and PMO Websites Hacked !

Algerian hackers carried out a successful cyber attack on a government server which hosts websites of extremely sensitive organisations and defaced websites operated by the Defence Research and Development Organisation (DRDO) and the Prime Minister’s Office (PMO). 

The most sensitive website that came under attack was the one operated by the Recruitment and Assessment Centre (RAC) of the DRDO (

The RAC recruits scientists for various DRDO laboratories and also assesses the suitability of DRDO scientists for promotions. The other most important website was the one hosted by the Advisor to the Prime Minister on Public Information, Infrastructure and Innovations (

The other victim websites were: West Bengal police (; Directorate of Estates of Ministry of Urban Development (, Biotechnology Industry research Assistance Council (, UT of Diu ( and’.

A Hyderabad-based cyber security expert Kusumba S. told ‘The Hindu’ that the hacker had apparently accessed the host server and modified the root files of respective websites. “This could be dangerous because the hacker could have stolen data as he had complete access to root files,” he felt.

The Hindu : News / National : DRDO website hacked

How a malicious help file can install a spyware keylogger

According to a research done by SOPHOS malware analysis team. hackers are using windows help file (.HLP) to infect victims computer.
Malware authors can create BODYTRAPPED .HLP files that will infect your computer with a keylogger.
The below screeenshot presents an example how a cyber criminal can use Social Engineering to trick unsuspecting users into infecting their computers.

Administrator.hlp file
Administrator.hlp file

If the victim will open this file he will receive this error message:

Error after opening HLP file
Error after opening HLP file

"Help could not read the current Help file.
Make sure there are no errors on the disk, or if the file is on a network drive, that the server is active. (163)"

However in the background a file called Windows Security Center will be dropped on to computer which in turn creates a file called RECYLER.DLL.

Files Associated with this threat.
Files Associated with this threat.
 Recycler.dll file is a keylogger which stores your keystroke in following file:
\Documents and Settings\username\Local Settings\Application Data\UserData.dat

The Malware attempts to send this data to

So Stay safe- Do not click on HLP files without verifying the source of the file.


Read about How to find hidden files on your computer without changing the folder properties here

GoDaddy's downtime was No hack !

GoDaddy's downtime was No hack !
GoDaddy says that the downtime was caused due to some technical failure, it was Not a Denial of Service attack  It was Not a Hack.

GoDaddy declined that there system was under attack.

But the company blamed a "series of internal network events".

"At no time was any customer data at risk or were any of our systems compromised," the site's chief executive Scott Wagner said in a press release issued on Tuesday.

"The service outage was not caused by external influences. It was not a 'hack' and it was not a denial of service attack.

"We have determined the service outage was due to a series of internal network events that corrupted router data tables.

"Once the issues were identified, we took corrective actions to restore services for our customers and We have implemented measures to prevent this from occurring again."

Source: bbc News

Read about GoDaddy Downtime: GoDaddy's DNS Servers Go Down, Taking Thousands of Sites With It

GoDaddy's DNS Servers Go Down, Taking Thousands of Sites With It

World's largest domain registrar and largest web host GoDaddy is experiencing major downtime. GoDaddy's name-servers and DNS are completely down. Any domain/website that is using GoDaddy web hosting or Godaddy's DNS and Name servers are completely down.

From the Internet resources it appears that the Godaddy servers was attacked by AnonynousOwn3r - The security lead of Anonymous.

AnonynousOwn3r - Takes responsibilty for the attack
Anonymous hacker Takes the complete responsibility personally on his twitter profile.

"@wordwhacker nah it's not Anonymous coletive the attack is coming just from me— Anonymous Own3r (@AnonymousOwn3r) September 10, 2012"

Go Daddy says on twitter that -"they are aware of the issue and their team is working on the issue to get it fixed.

Source: Yahoo news.

Al-Jazeera website defaced by pro-Syrian hackers

Al-Jazeera website defaced by pro-Syrian hackers
Al-Jazeera website defaced by pro-Syrian hackers
The official website of Arabic news network "Al-Jazeera" got hacked by Pro-Syrian Hackers.

The message on defacement was  "This is in response to your position against the people and government of Syria, especially your support of the armed terrorist groups and spreading false fabricated news."

Check the defacement page here

A group calling itself al-Rashedon is claiming responsibility for the most recent al-Jazeera attack.A statement from al-Jazeera confirmed that the issue was "quickly resolved". The website is now operating normally.

The group called "Syrian Electronic Army (SEA)" hacked the English website of news organisation in February 2012. Back in July the same group gained access over the news network's Twitter account and started posting stories denouncing opposition fighters.
The SEA has also targeted Saudi-owned Al-Arabiya News and the Harvard University website.

The Saudi Government has also thrown their support against this group.

How to create System Recovery Disk from a USB Key

How to create System Recovery Device from a USB Key
In our daily life sometime situation occurs when we decide to just wipe everything from our computer and do a clean installation and just start it over.

Using the computer makes your computer slow if you don't optimize your computer frequently. We use web browsers to browse websites and we use several programes for our office or home uses, they all store some temp data and this data keeps growing with time and makes your computer slow. So to overcome this problem you need to optimize your computer. I will write a post describing about how to optimize the computer.

Sometime you keep getting a blue screen whenever you turn on your computer and it does not allow you to do anything on your computer, so on these cases you want to do a clean installation or recover the computer from a restore point or do a factory restore by recovery partition or recovery disk.

A reader asked me about how to create a recovery media from a USB drive. So here is a solution. Dell provides a option to create your own recovery key. All the computer that comes with Dell Datasafe or Alienware Respawn have a feature/ability to make their own recovery media. You will get an option to create a recovery disk on both DVD or USB key. The USB or DVD will format your hard drive, creare appropriate partition, and restore the computer to its out of the box factory state.

The following video will help you in understanding the process better. : Chinmaya Vidyalaya (Bokaro) website hacked

The official website of  Chinmaya Vidyalaya  Bokaro is been hacked recently.
This is the first of its kind of cyber crime, previously a few case was lodged related to threat emails about financial funds.

Bokaro SP Kuldip Dwivedi said "Police have immediately taken up investigation towards this crime".

Chinmaya Vidyalaya is famous in bakaro for preparing students for IIT-JEE.

The Principle said that he logged in to website as usual but on that day after logging into the website he found that apart from Index Page (Home Page) nothing is appearing there. He called their technical expert and after checking it he told that the website is been hacked.

Principle said that the website contains a lot of information like assignments given to students, results,  programmes and other. But since the website is hacked they have closed these activities. They have lodged a complaint against in in a local Police station.

Dwivedi said Chief Technology officer (Special Branch) is investing the case, and hackers will be identified soon.
Kumar said that the website was hosted on Ranchi based company, they were collecting information from those involved in hosting and maintaining the website.

Source: Times of India News

Password hack: Yahoo fixes security glitch

Password hack: Yahoo fixes security glitch

Yahoo has announced that it has fixed a glitch in its security software that allowed hackers access to 450,000 email addresses and passwords.
In a statement on the company blog, a Yahoo spokesman said the firm has deployed additional security measures for its affected users.
"Yahoo recently confirmed that an older file containing approximately 450,000 email addresses and passwords was compromised," the spokesman wrote.
"We have taken swift action and have now fixed this vulnerability, deployed additional security measures for affected Yahoo users, enhanced our underlying security controls and are in the process of notifying affected users.
In addition, we will continue to take significant measures to protect our users and their data," he added.
According to The Telegraph, hackers belonging to a group called D33Ds Company posted the Yahoo account information on a public website in what they described as 'a wake-up call' last week.
"We hope that the parties responsible for managing the security of this sub-domain will take this as a wake-up call, and not as a threat," the hackers said in a message posted along with the leaked data.
"There have been many security holes exploited in web servers belonging to Yahoo. that have caused far greater damage than our disclosure. Please do not take them lightly. The sub-domain and vulnerable parameters have not been posted to avoid further damage," they added.

Source: Times of India

Seven journalists charged over British phone hacking

Seven journalists charged over British phone hacking
Seven journalists charged over British phone hacking

LONDON: Seven senior journalists, including two former editors, have been charged in Britain with conspiring to intercept the voicemails of 600 victims, The Independentreported Tuesday. 

Rebekah Brooks and Andy Coulson, Rupert Murdoch's former editors, are charged with conspiring to hack the phone of missing schoolgirl Milly Dowler, the Crown Prosecution announced. 

Glenn Mulcaire, the paper's private detective, will also face charges in relation to four victims, including former home secretary Charles Clarke and TV cook Delia Smith. 

They are the first charges for phone hacking to be brought for six years, since 2006 when the News of the World royal editor, Clive Goodman, was prosecuted for hacking the phones of three royal aides, the newspaper said. 

Rupert Murdoch closed the News of the World in July last year after it emerged that the Sunday paper had hacked the mobile phone of Milly Dowler. 

Anger over the news led to Prime Minister David Cameron establishing the Leveson Inquiry into press standards. 

All seven journalists - including former managing editor Stuart Kuttner and news editor Ian Edmondson - will be charged. 

At a press conference in central London, the Crown Prosecution Service's senior lawyer Alison Levitt said they were being charged at with conspiring to hack the phones of 600 as yet un-named victims between 2000 and 2006. 

They are also all charged with additional conspiracy to intercept communications offences linked to specific victims, according to the newspaper. 

Levitt said: "All, with the exception of Glenn Mulcaire, will be charged with conspiring to intercept communications without lawful authority, from Oct 3, 2000 to Aug 9, 2006."

Source: Times of India

ATM card clone case: Crooks reveal tricks of trade to cops

ATM card clone case: Crooks reveal tricks of trade to cops
ATM card clone case: Crooks reveal tricks of trade to cops
RANCHI: A team of cyber experts, based in Bangalore and Kolkata, is cloning debit cards to withdraw money unlawfully from the ATM.

Police sources said "engineers" behind the scene provide technical know-how as to how can one duplicate ATM cards and use stolen PIN numbers to withdraw bucks.
Three cyber criminals, brought from Bangalore on transit remand on Friday, have revealed to the cops here about a fake ATM card racket that operates all across the country. On a two-day police remand the trio, accused of unlawfully withdrawing crores of rupees via dubious ATM cards in Ranchi last year, is being interrogated by cyber experts and district police.

Ranchi SSP Saket Kumar Singh said the criminals have made important revelations that police would use to crack other cases too. "The investigation is still on," said the SSP.

Varun Kamal Kumar from Hyderabad, Ajay Lal Mathur from Delhi, and Jamir Sheikh from Mumbai have confessed to the crime. They are also wanted by cops in Bangalore, Hyderabad, and other cities for unlawfully withdrawing money from the bank accounts of gullible people.

The criminals use unique methods to swindle money from people. They put up car polish selling counters by the roadside in Ranchi in June 2011. At the shops, local workers were hired to sale the car polish lotions at a discount. It drew crowds of car owners and as they did not have immediate cash, the fraudsters made them swipe ATM cards to purchase the polish. The special machines used to swipe the ATM cards were able to copy data and PIN numbers.

Jagannathpur police inspector Arvind Chaudhary said that the criminals have confessed that they used to send the data and PIN to their masterminds in Kolkata and Bangalore. "The crooks used to duplicate ATM cards with the information they received and withdrew money," said Chaudhary.
Sources in the police informed that similar cases were recorded in Bangalore, Hyderabad, Kolkata and other cities as well. Cases of unlawful withdrawal were reported from an ATM in Jagannathpur locality on June 19 last year. Cash was also withdrawn on June 18 from a bank's ATM in Doranda locality. Following the incident, several FIRs were lodged with Jagannathpur, Doranda and Argora police stations.
"All the previous cases are being reviewed and the criminals are being interrogated accordingly," said Ranchi SP (city) Vipul Shukla.

Meanwhile, Jharkhand police is set to conduct a daylong workshop on cyber defence at DPS Ranchi campus on Tuesday. "It is an initiative to sensitize the students about cyber defence. Today the world can't run without computers and internet. Thus the risks of security have also gone up," said Shukla.

"The workshop, which is being organized in association with NIIT, will be held in other parts of the state later."

Source: Times of India.

Store your Passwords using KeePassX


At the specific Tutorial will present the way to store your passwords using the KeePassX tool. We will analyze the way to generate a strong password using the same tool combined with some parameters. Also we will see the way to add our own database in the case we using KeePass tool.

KeePass was one of the first password management utilities to use security-enhanced password edit controls. Access to the database is restricted by either a master password or a key file. Both methods may be combined to create a "composite master key". If both methods are used, then both must be present to access the password database.

KeePass also encrypts the database with the AES or Twofish symmetric ciphers. AES is the default option, and Twofish is available in 1.x, but is not available in version 2.x. However a separate plugin provides Twofish as an encryption algorithm. Passwords are protected in memory while KeePass is running.

KeePassX Features:
Password management
Import and export
Auto-type, global hot keys, drag-and-drop
Browser Support
Built-in password generator

(Note: For the Purpose of this tutorial we will use Ubuntu as OS and KeePassX tool. You can download KeePassx both for Open Source Os and Windows system from official site.) 

Yahoo Security Breach — More than 450,000 username and passwords were compromised in the breach.

Yahoo Security Breach
Yahoo Security Breach — More than 450,000 username and passwords were compromised in the breach.
A new name can be added to the list of companies who have been hacked this year:  Yahoo. If you know anyone with a Yahoo account, there’s a chance you received a strange e-mail from them recently. More than 450,000 username and passwords were compromised in the breach.
The group responsible released a statement on their reasoning behind the hack:
“We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat. There have been many security holes exploited in Web servers belonging to Yahoo Inc. that have caused far greater damage than our disclosure. Please do not take them lightly. The subdomain and vulnerable parameters have not been posted to avoid further damage.”
Hopefully this is a wake up call everyone involved, Yahoo users included.
Many people find creating a password to be a daunting task that they usually just blow off and use anything they can remember easily. News flash! Anything you think is easy, hackers will think is even easier. Using a password like startrek, 123456, password, ninja, or anything else that’s obvious is more likely to get hacked than using symbols, upper and lowercase letters and numbers.
Don’t get me wrong here. I’m not saying that complicated passwords can’t be hacked. I am saying that someone who uses starwars is going to get hacked before someone who uses F1r3F17Ru13s.
To keep yourself and your accounts secured, here are some guidelines for creating a password:
  • Change your password often — every 90 days is the standard
  • Keep the length to eight characters or more
  • Substitute symbols for letters or numbers. C@t@nd7h2H@t (Cat and the hat)
  • Intentionally misspell a word (Superamin, B@tmyn)
  • Avoid anything you can find in the dictionary (in any language)
  • Avoid words spelled backwards and common abbreviations
  • Don’t use personal information (such as birthday, anniversary, driver’s license number, etc…)
  • Use at least one number, symbol and lower case/upper case letter.
  • Use a different password for each account (if one account gets hacked, they wont all be left vulnerable).
If you are unsure if your password is strong enough, head on over to Microsoft’s Password Strength Checker. This tool can help you figure out if the Force is with you.
Now go forth and apply these guidelines to all of your passwords. I know it’s scary, but it’s better than the alternative.

How to send Emails from Command Prompt.

This is my first post. one of my Friends asked me how to send email from command prompt. So i decided to publish it on my blog.

To send an email from SMTP Telnet client must be installed on your computer.
In windows XP Telnet is already installed but on Windows Vista/Seven you have to install telnet from Control Panel. 

Install Telnet on Windows Vista/Seven :
To install Telnet in Windows Vista/Seven go to Control Panel > Programs and Features > Turn Windows feature on or off  > Check telnet client on this box and click ok.
Telnet is installed on your machine now.
How to send Emails from Command Prompt.
How to send Emails from Command Prompt.

Send Email From Command Prompt (Telnet/Smtp): 
To send an email to particular email address first you need to connect that server by telnet.
Here i am taking as an example.

Step 1. Go to type "" in MXLOOKUP box. once you will submit it will give you the IP address and Mail servers host name. For the IP address and mail server host names are as shown below.

How to send Emails from Command Prompt.
How to send Emails from Command Prompt.

Step 2. Copy the first IP address and Go to command prompt.
            Type: " telnet 25 "  and hit enter.
How to send Emails from Command Prompt.
How to send Emails from Command Prompt.

Once you will hit enter you will get a banner of smtp server that will look like this:
How to send Emails from Command Prompt.
Step 3. Now Type " ehlo hi "  and hit enter.

Once you hit enter you will get following response. at your service, []
250-SIZE 35882577

Step 4. once you get response from SMTP server type  " mail from:<>" here is the email address from which you want to send email.
Note: This email address can be anything it does not need to be email address.
for example here you can type : :D

You will get following response.

250 2.1.0 OK bl9si5353282obb.40

Step 5. Now type " rcpt to:<> " and hit enter.

You will get following response.

250 2.1.5 OK t2si6832220oef.28

Step 5. Now type " data " and hit enter.

For gmail you will get following response, but different server may give different response so don't worry.

354  Go ahead t2si6832220oef.28

Step 6. Now type following commands and hit enter

subject: Hi This is a test email
Hi buddy how are you. this is a
Don't reply to this email. :P

Once you finish typing your message here..
Just hit enter twice and then type dot "." and hit enter.

You will get the following response.

220  Mail queued for delivery.

How to send Emails from Command Prompt.
220  Mail queued for delivery.
if you are sending email to your own gmail or some other account then please check it spam folder, they have SPF record checking enabled so the email might go to spam folder.

If you have any queries then Email Me :