New: session hijacking attack Now possible with Firefox Add-on ?

Today we are disclose a hack trick recently using in session hijacking. Firefox is well known Internet browser in cyber world. Some of good hackers found a way to use Firefox in hacking and Network testing. Firesheep is an extension developed by Eric Butler for the Firefox web browser. This extension sniff unencrypted cookies of certain website like ( facebook or twitter ). The extension was created as a demonstration of the security risk to users of web sites that only...

XSS Vulnerability Founded on Ask.com, Museum Of Paris, Decent Tools websites

Ask.com, Museum Of Paris, Decent Tools websites xss Vulnerability found by XcodeR aka Nandu . Ask.com Vulnerable Link http://goo.gl/eFQOI Museum Of Paris Vulnerable Link http://goo.gl/k2RDw Decent Tools Vulnerable Link http://goo.gl/tn...

More than 10,000 Facebook account hacked by TeamSwaSTika Another group of Hackers, self titled Team Swastika, have caused panic amongst Facebook users after releasing the details of 10,000 accounts onto popular text sharing site, Pastebin. Pastebin, usually used to share source code, has frequently been host to a number of text files that contain the details of specific hacks by hackitivists and hacker groups. Team Swastika is just one of these hackitivist groups but claims to be the most...

Adobe Flash bug allow spying Webcam hole

Adobe Flash bug allow spying Webcam hole The flaw was disclosed in 2008 and can be exploited to turn on people's webcams or microphones without their knowledge. Attack involved putting the Adobe Flash Settings Manager page into an iFrame and masking it with a game, so that when the user clicked on the buttons he would actually change the settings and turn on the webcam. Adobe is working on a fix for a Flash Player vulnerability that can be exploited via clickjacking techniques to turn...

Metasploit 4.1.0 Web UI Cross Site Scripting vulnerability

Metasploit 4.1.0 Web UI Cross Site Scripting vulnerability The Web UI in Metasploit version 4.1.0 suffers from a stored cross site scripting vulnerability discovered by "Stefan Schurtz". Technical Details Login to Web UI -> Create New Project -> Project name -> '"</script><script>alert(document.cookie)</script&...

Famous VPN service Proxpn compromised

Famous VPN service Proxpn compromised proXPN is one of the famous VPN client based on OpenVPN Service, today hacked by hacked named "TurkisH-RuleZ". The Server is seems to be Compromised in this Hacking case. Compromised url is http://proxpn.com/whmcs1/downloads and Mirror of Hack is available he...

There’s something “Human” to Social Engineering !

There’s something “Human” to  Social Engineering! At the psychological skill of Social EngineeringSocial engineering is the human side of breaking into corporate or personal pc’s to gain information. Even companies that have an authentication process, firewalls, vpn’s and network monitoring software are subject to the skill of a good social engineer. In hacking we rely on our technical skill and in social engineering it is a game of getting your subject to tell you what you want to get...

Google Enable SSL-based searches, Will impact Google Analytic !

Google Enable SSL-based searches, Will impact Google Analytic ! According to a blog post by Google, the company is taking steps towards making search more secure for its users. Users will be redirected to https:// instead of http:// when going to do a Google search. By forcing SSL on http://google.com, all keyword data will be hidden. The company is dedicated to SSL and securing search and privacy for its signed in users. But This will restricting search terms availability and also when...

iPad 2 iOS 5 Lock Screen Bypass Vulnerability [Video Demonstration]

iPad 2 iOS 5 Lock Screen Bypass Vulnerability Marc Gurman at 9to5Mac has discovered a vulnerability on the iPad that allows for a limited bypass of the device’s lockscreen. Anyone with an iPad Smart Cover can gain access to the previously-open app (or the home screen if no app was open). By holding the power button to bring up the ‘Power Off’ screen, closing the smart cover, re-opening it, and clicking cancel, the attacker will be dropped into the screen that was open before the iPad was locked....

Million ASP.Net web sites affected with mass SQL injection attack

Million ASP.Net web sites affected with mass SQL injection attack Hackers are in the midst of a massively successful SQL injection attack targeting websites built on Microsoft's ASP.Net platform. About 180,000 pages have been affected so far, security researchers say. Attackers have planted malicious JavaScript on ASP.Net sites that causes the browser to load an iframe with one of two remote sites: www3.strongdefenseiz.in and www2.safetosecurity.rr.nu, according to security researchers...

Stuxnet's Son "Duqu" Removal Tool released by Bitdefender

Stuxnet's Son "Duqu" Removal Tool released by Bitdefender Rootkit.Duqu is a new e-threat that combines the technology of the military-grade Stuxnet with an advanced keylogger and backdoor application. Due to its rootkit technology, the piece of malware can stay hidden from the user, the operating system’s defense mechanism and even from regular antivirus utilities.Just like its predecessor – the Stuxnet rootkit - Rootkit.Duqu.A is digitally signed with a stolen digital certificate that has...

Beware - Gaddafi malware on Internet

Beware - Gaddafi malware on Internet As is not unusual when big news breaks, malware authors try to take advantage of the situation.A global computer virus that hides in an email about Gaddafi's death has been detected by internet security firm Sophos. The malware was caught in its worldwide network of spam traps. The email below was sent to a mailing list that receives information pertaining to the Uighur people. The mail appears to have been sent from Korea. Malicious hackers have spammed out...

Occupy Wall Street : Anonymous Hackers Publish Law Enforcement Data

Occupy Wall Street : Anonymous Hackers Publish Law Enforcement Data Anonymous, the Internet “hactivist” group, today, apparently in support of the Occupy Wall Street protest movement, hacked into several different police databases and leaked sensitive personal data, among them passwords, names, addresses, phone numbers and social security numbers from the Boston Police Patrolmens’ Association (BPPA) and Birmingham, Alabama Police Department, according to several reports. Additionally, Anonymous...

Stop Google Tracing Your Browsing History

===> Secure Your Searching <=== In our daily life we often used GOOGLE to search any information regarding any fields. It is wide search engine having the No.1 ranking. But you know whatever we search in google is traced by google itself. But some of the people rarely knows this fact. Now How you can stop GOOGLE to trace our searching history. Step 1 : Just Login in Google account. step 2 : Now Click Here! Step 3 : This page lists out the history search you recently made. these lists divided...

Hackers Leak Citigroup CEO’s Personal Data

Addresses, phone numbers and other personal data of Citigroup CEO Vikram Pandit have been leaked by hacker group CabinCr3w after two dozen Occupy Wall Street protesters were arrested at a Citibank location. In retaliation for the arrest of protesters who tried to close their Citibank accounts, hackers sympathetic to the Occupy Wall Street movement have released personal information about Citigroup Chief Executive Officer Vikram Pandit.Data, including cell and office phone numbers, an email address, two home addresses, legal and financial information and information about Pandit’s family, were all posted online by members of a hacker group known as CabinCr3w. The group affiliates itself with the loose-knit group Anonymous, which has a long history of high-profile hacks and data leaks.Anonymous...

Security Firm Finds Hackers Forums Who Offer n00b Hackers Training

IT security experts have long loved to troll through hacker forums to gather intelligence on emerging threats and even (as in the ill-fated case of HBGary Federal CEO Aaron Barr) try to profile the hackers themselves. But as a report from IT security firm Imperva shows, many of the so-called hacker portals out there are more hangouts for newbie hackers (and possibly a few budding FBI informants) looking at how to get started in the game. In its fifth entry of its series of “Hacker Intelligence...

Study claims people losing patience with firms that endanger their data

It looks as the great British public is finally losing its patience with those businesses that it views as endangering their personal data, as a survey from LogRhythm claims to show that many people are now aware of the need for data disclosure legislation.According to the research – which took in responses from 2,000 people – many users now have an overwhelming desire for data loss disclosure laws. Researchers found that 80% of respondents said that they now have reservations about trusting...

Stop Complaining About Our Web Censorship, China says

China’s long history of Internet censorship is what’s best for the public, Foreign Ministry spokeswoman Jiang Yu told reporters yesterday. According to Reuters, which spoke with Yu in an interview published today, China believes that its “Internet management” is not only “lawful,” but is designed to “safeguard the public.” “We are willing to work with countries and communicate with them on the development of the Internet and to work together to promote the sound development of the Internet,”...

Disabling A Windows Firewall Using Batch Files

guys.. this is a simple batch script that will disable the firewall on a windows computer. simply open up notepad and copy this in: “netsh firewall set opmode disable” *without the quotesnow save it as disable.bat <– hint the (.bat) this makes it a batch file now to enable the firewall again to clear your steps just use this simple batch file. open up notepad and copy this in: “netsh firewall set opmode enable” *once again without the quotes save it as enamble.bat or watever… now another...

Introduction To Reverse Engineering

Reverse engineering,software cracking, and ASM may sounds like black magic to some of you. It does in the beginning cause we don’t know what all the code actually means. If one reads and practices enough, it’s really not very complicated. Reverse engineering can give you some real understanding of the inner workings of computers. ASM is a very powerful programming language itself as it works on the very low level and gives you better access to all the resources. Today we are sharing...

How To Get Windows 8 Interface Instantly On Your Windows 7

Windows already release, but buzz has started regarding it. We bring you an opportunity to try its desktop interface. Note that, It’s not the OS. It is just an application that gives your PC a look that resembles with widget-based look of Windows 8. You should have Windows 7 and .Net Frame v4 installed on your PC. Now, follow the steps below: Visit this link. Download the application ‘Mosaic Beta 1 Refresh’ (0.5Mb only). Unzip the file Nothing to install, just run the Mozaic application...

Differences Between a DoS and DDoS

DoS A DoS Attack is a Denial of Service attack. This means that one computer and one internet connection is used to flood a server with packets (TCP / UDP). The point of such a denial of service attack is to overload the targeted server’s bandwidth and other resources. This will make the server inaccessible to others, thereby blocking the website or whatever else is hosted there. DDoS A DDoS Attack is a Distributed Denial of Service Attack. In most respects it is similar to a DoS attack but the...

Hack a WEBSITE with DNN?

Pls read our Disclaimer This is a really effective way of hacking a website. This way is very common and according to some researchers 10% of sites are vulnerable to this. So to start first thing that we need is vulnerable site which can be found from the following dork : inurl:"Fck/fcklinkgallery.aspx" (for all the sites) inurl:"Fck/fcklinkgallery.aspx" site:{domain of site} (for specified attack) NOW Select the third option and type following into the address bar: javascript:__doPostBack(‘ctlURL$cmdUpload’,”) Now...

Hacking a Remote Computer or Web Server With Metasploit

Before continuing, read our Disclaimer BEFORE I START LETS KNOW WHAT IS METASPLOIT Metasploit is a Penetration testing tool by Rapid7 Download Metasploit here Now install it. METASPLOIT is an exploitation framEwork, written in Ruby. It has a wide range of pre developed exploits and few usefull application like "nmap" attached with it.It was primarily developed for penetration testing but now it has come out to be must needed tool for hackers So lets start hacking! start msfconsole Start>Search>msfconsole or...

How to protect your privacy while browsing the internet

Online privacy protection is the most basic and essential need of an Internet user. However, since most of our work is now dependent on online activities, there is a possibility that our personal information might get hacked by some unethical elements. Therefore, it is very important to find out the different ways to achieve privacy on the Internet. We all perform various activities on the Internet like banking, shopping, social networking, chatting, and many more that require personal information...

14 Year Old Hacker Hired By Microsoft After Doing Phishing via Call of Duty Server

These are the kinds of things dreams are made of, a 14 year old hacker on Call of Duty was just recruited by Microsoft. You heard me right, Microsoft. This is exactly what Sony should have done with George Hotz – given him a job as a security specialist, instead of sueing him in court and getting its PlayStation Network and other Sony websites hacked day in and out. Microsoft is reported to be working with the 14-year-old Irish hacker who managed to stir up a little trouble with his Call of Duty:...

How to Hack a Credit Card

Hi there. This is my first serious "black hat hacking" post of credit cards hacking. Here will be explained all methods used to hack credit cards and bank accounts with lots of $$ it. Now I'm sure most of you think that this is fake or scam, but i want to just tell u this is real and the only working method (in my opinion) to hack a credit card and make your wish come true...... Note: Hacking credit cards is an illegal act, this is only informational post and I am not responsible for any actions...

CyanogenMod 7.1 brings support for Xperias and 20 other handsets

CyanogenMod-7.1 Released! It’s been far too long since our last official release, but I’m happy to present CyanogenMod-7.1! I apologize for the long delay, and I hope to speed up our release process in the future. We originally planned to release this last weekend at the Big Android BBQ but some issues with our automated build system held it back. You’ll find many new featuresand support for building on 68 devices! Upgrading from any previous CM-7 release or nightly build should be smooth and...

Nod32 Eset Website Hacked

Nod32 and Eset Thailand Websites hacked by Turkey Cyber Army . ESET NOD32 Antivirus, commonly known as NOD32, is an antivirus software package made by the Slovak company ESET. ESET NOD32 Antivirus is sold in two editions, Home Edition and Business Edition. The Business Edition packages add ESET Remote Administrator allowing for server deployment and management, mirroring of threat signature database updates and the ability to install on Microsoft Windows Server operating systems.You Can see the...

Desktop Hacking Tutorial (Win Xp Hacking Tutorial) For Newbies

AM GOING TO SHOW YHU TIPS AND TRICKS OF DESKTOP[WIN XP HACKS TIPS AND TRICKS] 2o Tips 4 increasing XP performance. 1] Your Pc Must have 256MB RAM , 512 MB Cache , Intel Pentium 4 Processor, 40 GB HDD. These are the minimum requirements. 2] If you see a ‘virtual memory low’ message then increase its virtual memory. To increase virtual memory, Go to My Computer->Properties->Advanced->Performance Settings->Advanced->Virtual Memory->Change->Select the appropriate drive->Custom size->set appropriate level(our it is 600(min.) & 700(max.)->Ok. 3] Increase ‘Visual Performance’. Go to My Computer->Properties->Advanced->Performance Settings->Visual Settings->Custom->Select only the following options. a)Slide taskbar buttons. b)Smooth edges...