Pages

Hack Virus

Saturday, 22 February 2014

How To Hack WhatsApp using Sniffers

Three Ways to hack WhatsApp

 WhatsAppSniffer is a tool for root terminals to read WhatsApp conversations of a WIFI network (Open, WEP, WPA/WPA2). It captures the conversations, pictures / videos and coordinates that aresent or received by an Android phone, iPhone or Nokia on the same WIFI network. It has not been tested with W indows Phone terminals. It can’t read the messages written or received by the BlackBerry’s, as they use their own servers and not WhatsApp’s.

This application is designed to demonstrate that the security of WhatsApp’s communications is null. WhatsAppSniffer just use the TCPDump program which reads all the WIFI network packets and filters those which has origin or destination WhatsApp’s servers. All messages are in plain text, so it does not decrypt anything, complying fully with the legal terms of WhatsApp (3.C: “While we do not disallow the use of sniffers Such as Ethereal, tcpdump or HttpWatch in general, Any we do going efforts to disallow reverse-engineer our system, our protocols, or explore outside the boundaries of the ordinary requests made by clients WhatsApp …. “)
For WPA/WPA2 encrypted networks, if uses the tool ARPSpoof (optional).

 Requirements

  1. Rooted Android Device.
  2. Your Victim Should Use Same Wi-Fi Through Which you are connected.
  3. WhatsAppSniffer Donate ★ root v1.03.

                                       

2. Decrypting Conversations

have your victim locked his whatsapp? or you want all his conversation on your PC. Generally for security reasons WhatsApp encrypt Conversation while taking backup in SD Card or Phone Memory.But i have found a tool on XDA that claims to decrypt all the whatsapp conversation down to your PC.
If you have some access over his device you can also send files from Bluetooth to your device and later read all the conversations.
This tool is called WhatsApp Xtract and for this all credits goes to ztedd
Some general advice on how to backup Whatsapp and get the database file:

Android

- In Whatsapp go to settings – more – Backup Chats
- Copy the folder “Whatsapp” on the SD card to your backup location (e.g., PC)
- (ideally also) use the app Titanium Backup to backup the full whatsapp application together with its data, copy the backup from the folder “TitaniumBackup” on the SD card to your backup location (e.g., PC)
- Use this tool Whatsapp Backup Extractor (download in this thread) to show the chats in a friendly readable format. The necessary files “wa.db” and “msgstore.db” you will find inside the Titanium Backup archive “com.whatsapp-[Date]-[some digits].tar.gz”, alternatively (without Titanium Backup) you can use the msgstore.db.crypt file from the folder Whatsapp/Databases on the SD card.

iPhone

- use Itunes to create an unencrypted Backup
- use an Iphone Backup Tool to get the file net.whatsapp.WhatsApp/Documents/ChatStorage.sqlite, e.g. I-Twin or Iphone Backup Extractor. Make sure to create an unencrypted backup with Itunes, as these tools can’t handle encrypted backups. Another possibility are forensic tools like UFED Physical Analyzer.)

Blackberry

- sync your blackberry with desktop manager and then copy the messagestore.db file from SD
- however, it seems that this file is encrypted? Currently we don’t know how to get the unencrypted messagestore.db file
- Blackberry not supported yet!

Nokia

 - not known yet
- Nokia not supported yet!
For Further Detail about this Method you can move to this Forum of XDA.

3. Using Spywares

Using 3rd Party Spywares can be very useful for spying not only WhatsApp Conversation but also many things like, you can able to Track GPS Location, you can capture the lock screen passwords and they can be also used for monitoring Websites. there are many spywares in the market but i recommend is BOSSPY. Because it’s free :)

Misconceptions about WhatsApp hacking

 I have received a number of E-Mail Most of them were asking for help for hacking their partner’s WhatsApp and I have replied them all. but lots of people were having misconceptions about whatsapp hacking so let me discuss over here.
  1. Hacking WhatsApp is Much Harder than Hacking Facebook and Twitter as Facebook and Twitter can be Hacked using Social Engeenering Techniques like Phising and many others when we compare to hack someones WhatsApp Account and Gain Full Access over his Account – It is nearly Impossible.
  2. There is no tool that can hack whatsapp and give you a full access over someone’s whatsapp account. Yes, there are Lot’s of Youtube Video’s ,Websites Filled with “WhatsApp Hack Tool” which claim that they can but the reality is they can’t.


* This article is for educational purposes only. we are not responsible for actions of any individual

Sunday, 6 October 2013

How to Show/Hide Files using Command Prompt

This Trick will help you to show/hide files & folders using command prompt.
This trick is not similar to hiding files from folder options area which is not that secured compared to this.
Only you can make it visible if you know the file name or folder name.
It is useful when you want to see some system folders and files because these type of operations can't be possible by general method.
And if your PC is virus infected,in that case this command will help you to find and that delete virus containing file and often we see sometimes we stored some data in PEN DRIVE but when we open explore PD the data is not visible and we think that maybe file is deleted and but when check space in PD,some space is covered because the file or folder is hidden due to virus or may be due to other reason.
so Just try it out.Only a two step process.

  1.   Press windowkey+R: Run command dialog box appears. or go to start and click run.
  2. Now type "cmd" and hit enter. A command prompt window displays.
  3. Now type attrib +s +h E:\myfolder and hit enter.

  4. The folder "myfolder" will be hidden which cannot be viewed by any search options.
  5.  To view this folder again, use the same command but replace '+' with '-' on both flags 's' and 'h'

Friday, 10 May 2013

Transparent Proxies in Squid

With, the extremely uncontrollable growth in the number of Hackers, not only system administrators of servers have to worry about the security of their system, but even if you are running a standalone PPP Linux box, you simply cannot afford to ignore your system's security.
If your system is the main server which communicates with the external untrusted network called the Internet, or even if you simply use your linux box to connect to your ISP and surf the net through PPP, then you should definitely think about installing a firewall on your system.
The preferable and the best option in this case is to install a commercial firewall. However, this option is not always possible and is more often than not unnecesarry. Buying, installing and configuring a good commercial firewall is not only expensive but most beginners find it pretty formidable. OK, I do not want to go through the hassle of a commercial firewall, what do I do? Well, 'ipchains' hold the key for you.
The Firewalling code in the Linux Kernel chnaged considerably after the release of Kernel 2.2. Since then, a lot of new utilites and features have been added. Amongst these improvements, is a kewl feature called 'ipchains', which is primariarly used for configuring the firewalling rules and other such related details.
*************************
HACKING TRUTH: The usage of ipchains is very much similiar to that of ipfwadm. For more information(like,help on setting rules.) refer to the wrapper script:
                                                      /sbin/ipfwadm_wrapper
**************************
Anyway, in this manual, we will learn about how to use ipchains to configure a transparent proxy on your linux box.
So what exactly is a transparent proxy?
Well, a transparent proxy is basically something which fools the client (who connect to the server running the
transparent proxy) into believing that they are directly connected to the web server (and not through a proxy.). OK, I am sorry, that is not exactly the correct way to describe it. ;-) Read on for a better description.
Well, a transparent proxy works in the following manner: It listens to a specific port (like the HTTP port i.e. 80) for any connections. As soon as it gets a request for a connection (in this case a HTTP request for a file.) then it redirects the user i.e. connection to another port on the same machine. Now this new port to which the connection is transferred is actually running a Proxy.
So, in affect what happens is, the client i.e. the user who connects to the server where the transparent proxy installed, assumes that it is directly connected and is communicating with the HTTP daemon. However, the truth of the matter is that all communication is being carried out via the proxy running on the server. All this would be clearer when you see the below picture of what happens:

Client --------> Server(Port 80 or HTTP)

The rules of the ipchains transfers client to the port where the proxy is running. So, now the communication takes place in the following manner:
Transparent proxies with Squid By Ankit fadia hackingtruths.box.sk Proxy Servers

Client --------> Server(Port of Proxy) --------> Server (Port 80 or HTTP)

So, the connection to Port 80 is indirect, however the client has little idea about it.
Now, that you know the working of transparent proxies, let us get down to configuring them on your machine.
However, before we get down to the actual process, you need to check whether this is possible on you system or not.
Simply look for the file:

                                                        /proct/net/ip_fwchains

If you have this file, then well and good, else you will have to recompile your Kernel. However, I am sure almost 98% of you would definitely have this file.
NOTE: In this case, we will be transferring all connections from Port 80 to Port 8080 where Squid runs by default.
You could always transfer connections to any proxy port of your choice, by changing the revelant parts. I have taken up Squid, as it is the most common one.
Firstly, in order to transfer all connections from Port 80 to Port 8080, add the following lines to your startup script, so that they are executed each time you boot up.
Note: The server IP is xxx.xx.xx.xx

ipchains -A input -p TCP -d 127.0.0.1/32 www-j ACCEPT
ipchains -A input -p TCP -d xxx.xx.xx.xx/32 www-j ACCEPT
ipchains -A input -p TCP -d 0/0 www-j REDIRECT 8080
NOTE: If you are using ipfwadm, then add the following lines to the startup script:
ipfwadm -I -a-a -P tcp-s any/0 -D 127.0.0.1
ipfwadm -I -a-a -P tcp-s any/0 -D xxx.xx.xx.xx
ipfwadm -I -a-a -P tcp-s any/0 -D any/0 80 -r 8080

Once this is done, then configure Squid by following the below process. Please note that you need atleast Squid 2.x to be able to make use of Transparent Proxies. Anyway, to configure Squid, edit the,                                                                          /etc/squid/squid.conf file and
make the following changes:

httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

Then,restart Squid by typing:
                                                      /etc/rc.d/init.d/squid.init restart
Linux Users: I also suggest you compile and execute the following C program. It is simply great and allows you to configure or control Firewall rules etc.
Yup, your transparent proxy is configured and running!!!

Sunday, 21 April 2013

Kali Linux offers new brand of pen-testing tools



BackTrack Linux, a specialized distribution of penetration testing tools, has long been a favorite of security specialists and IT pros. It is often a tool recommended in TechRepublic discussions and in round-ups of open source tools for IT pros. The creators of BackTrack recently announced that in lieu of a new version, they have instead built a brand new distribution called Kali Linux that fulfills the same general purpose.
Writing five days after its initial release, the Kali team reported over 90,000 downloads and had already added more documentation and even an early bugfix. But what exactly is new in Kali and why did they scrap BackTrack and start all over? After putting together a wishlist of what they wanted in the next version of BackTrack, the developers realized they were looking at major changes:
We realized it would be easier to start afresh, using new technologies and processes than to try to patch up our existing environment to conform to Debian policies and standards.
So the first big change was platform — from Ubuntu to Debian. Debian-compliant packages and Filesystem Hierarchy Standard (FHS) compliance were two things that fed into this decision: “What this means is that instead of having to navigate through the /pentest tree, you will be able to call any tool from anywhere on the system as every application is included in the system path.”
Here are some of the highlights of Kali:
  • More than 300 penetration testing tools included
  • Still funded by Offensive Security
  • ARMEL and ARMHF support, including for these arm devices: rk3306 mk/ss808, Raspberry Pi, ODROID U2/X2, and Samsung Chromebook
  • Fully customizable
  • Multilingual support
  • Still free!
Here is a link to the download page, where you can read more about their recommendations and the versions available.

Friday, 22 March 2013

Hack Gmail/ Yahoo /Facebook Password by brute force attack using Hydra - Backtrack

First, lets take a quick overview about what we're going to do here. We'll apply different passwords on the target's Gmail id from a password list using Hydra which is available with Backtrack. That's why I still love it. :) It'll easily get back the password on successful login.

Requirements:

  • A password.txt file with a list of expected passwords, Either write your own
  • Backtrack 5 (any version)
  • Internet Connection
Lets Hack something for real,

Turn on your Backtrack machine :P
Navigate to Applications > Backtrack > Privilege Escalation > Password Attacks > Online Attacks > hydra-gtk and launch the hydra tool


 Now, under the Target tab set following parameters
Single target > smtp.gmail.com
port > 465
Protocol > smtp
and check > use SSL, show attempts and Be Verbose




Click on Password tab, set these parameters
Username > target email address
Password List > select the Password.txt file
check the option > try Login as password



Now move to start tab and click on start button at the bottom to begin the attack.

If everything goes well, then you'll get the password.



Note: Using a brute force attack from a Password list will never guarantee any successful result it depends how lucky you're. Hacking someones account without their permission is a crime so do use at your own risk. I'm not at all responsible in case you get your ass behind the bars.

Happy Hacking. :)

"The quieter you become, the more you are able to hear."
SOURCE: www.hackthedark.com
POSTED BY: INCR3DIBL3 H4CK3R

Thursday, 14 June 2012

How to Format a Pen Drive in NTFS Type in Windows 7

We all know that All Pen Drive Default Type is FAT/FAT32 but sometimes if we want to use Pen Drive as System Drive or for window installation purpose then we need some modification...
In this Post i guide you how to convert a FAT Drive in NTFS(System)Type.....
Step 1:-Insert Pendrive and Run a Virus scan and delete all the Viruses,becauseVirus may effect ur USB drive efficiency.
Step 2:-Now BackUp all the Data of Pendrive.
Step 3:-Go to My Computer and press Right Click of Mouse on PenDrive icon.
 Step 4:-Now go to Format Option and Click on 'Restore Device Defaults'.


             After This Open File System Coloumn and select NTFS,


And Now Click on 'Start' and wait for few second....

After Formating Message Come "Format Complete" and Press 'Ok'


Your Device is ready for use and now you use device as System Device.

NOTE: If u want to format pendrive with NTFS and use as Bootable Device using command Prompt.then view my earlier POST

Tuesday, 12 June 2012

SEARCH ENGINE OPTIMIZATION

SEARCH ENGINE OPTIMIZATION

Nowwards we will moov 2 SEO[SEARCH ENGINE OPTIMIZATION],thenwards SOFTWARES ND CRACKING ,THEN WARDS PROXY ND THENWARDS HACKING IN 2 OTHER'S COMUTER.
THESE R D NEXTCHAPTERS.
LET'S START learning seo.
Well,SEO gives us d exact thing vch we want 2 get 4m google.suppose dt u r searching 4 something on google then google gives u more than 100000 pages nd it is very much difficult 2 find ur exact needed thing in a single shot.SEO gives u d exact thing vch u need exactly.let's start SEO
go here,
http://newyears.noo.com/noo/m/browse...wevent/id/518/
here u can see written dis line
"New Years Eve at Pink Elephant"
this is dCOLOR="RED"] "title"[/color] of dis web page
d link vch i posted above is d "url"
nd all d data vch has written der is "text"
now,suppose dt u vant 2 search anything on google nd u want 2 search 4 forum then simpally type
inurl:forum
i mean wenever u hv 2 search anything in url ,write
inurl:desired thing
wenever u hv 2 search in text write
intext:desired thing
wenever u hv 2 search anything in text write
intext:desired thing
well, i know most of u r knowing these things already bt d ppl who r nt knowing these,plz try 2 understand dis thing,vdout SEO,u ppl vl feel a lot of problem while hacking a website 4 sql injection,searching cracks on internet nd 4 deirectry transeversal ,it is very much essential thing
well,

Now do some practice vd d thing vch i wrote here

suppose dt u want 2 search d new year celebration then simpally write in google
intitle:new year celebration
if u vant 2 search any websit's login page then type
intext:login inurl:website address
nd search 4 .
now suppose dt u want 2 find anything in a specific website then use dis syntax
site:website fulll address d thing vch u want2 search in dt website
dis syntax is really very good.
NOW SUPPOSE DT U WANT 2 SEARCH ANY PDF TYPEFILE OR doc type file then simpally use dis syntax
filetype:pdf
d next thing in SEO IS
RELATED NAMED STUFF,u know dt yahoo is a search

D SUMMARY OF D CHAPTER

[1]4 searching something in url use"inurl:"
[2]4 srching in title use"intitle:"
[3]4 srhcing in text use "intext:"
[4]2 get a file of specific type use "filetype::
[5]2 restrct ur search in a website use "site:websiteaddress urdesired seacrhing item"
[6]2 get information about a website use"info:website full addres"
[7]2 get related type sites type"related:website ful address"
[8]2 nt appear a syntax in ur srch results use a minus[dash] sign.
to d person who r reading this type thing first time,i m requsting them 2 do very much practice vd all of dese syntaxes.
a good person always searches by dese techniques.u can find many books related on google ,i hv read all of dem nd thenwards i hv written all d results driven 4m dem.
do a hell of practice plz