Thursday 10 October 2013

How to Hack a Website in Four Easy Steps


How to Hack a Website in Four Easy Steps

Every wondered how Anonymous and other hacktivists manage to steal the data or crash the servers of websites belonging to some of the world biggest organisations? Thanks to freely available online tools, hacking is no long the preserve of geeks, so we've decided to show you how easy it is to do, in just four easy steps.
Step 1: Identify your target

While Anonymous and other online hacktivists may choose their targets in order to protest against perceived wrong-doing, for a beginner wanting to get the taste of success with their first hack, the best thing to do is to identify a any website which has a vulnerability.

Recently a hacker posted a list of 5,000 websites online which were vulnerable to attack. How did he/she identify these websites? Well, the key to creating a list of websites which are likely to be more open to attack, is to carry out a search for what is called a Google Dork.

Google Dorking, also known as Google Hacking, enables you find sensitive data or evidence of vulnerabilities by querying a search engine like Google or Bing. It basically allows you to enter a search term into Google and find websites which may have these vulnerabilities somewhere on the site.

Don't worry about needing technical expertise to know what to look for. Kind-hearted hackers have produced lists of these Google Dorks, neatly categorised into the type of vulnerability you are looking for. Looking for files containing passwords? There's got a Dork for that. Login credentials? There's a Dork for that.

For example, if you are looking for files stored on websites containing passwords, then a sample search query we found openly listed on one indexing site was: intitle:"Index of" master.passwd. This returns the results shown in the screengrab above.

So now you have a list of potential victims. Next you need to narrow this down even further.

Step 2: Check for vulnerabilities

Having a huge number of sites which may or may not be vulnerable is not much use unless you can pinpoint one which is actually open to attack. This is when a programme called a vulnerability scanner comes into its own and the most popular is called Acunetix.

Acunetix, developed by a UK-based company, was designed, and is still used, as a tool for web developers to test sites they are building. However the hacking community has commandeered the tool and uses it to identify existing vulnerable sites.

You can download a trial version of the software for free from the official Acunetix website or if you venture into the murky depths of a hacker forum and search for Acunetix, you can find cracked versions of the full application freely available.

Acunetix, as you can see from the screen shots above, is a simple, straight-forward Windows application and all you need to do is enter the URL of the site you want to target, and press Process. Acunetix will scan the entire website, including all pages associated with it, and return a list of vulnerabilities it finds. If you find the type you are looking for, you will need to move onto Step 3, as Acunetix does not perform any website penetration.

Step 3: Attack the website

Attacking a website is done by two main methods. The first is by carrying out a Distributed Denial of Service (DDoS) attack which overwhelms a website's servers and forces it to shut down. We will deal with this type of attack later, but first we will look at how you can hack into an account and steal some information contained within databases on the site.

This type of attack is known as a SQL (pronounced sequel) Injection. A SQL Injection attack aims to capture information stored in a database on the particular website by introducing some SQL code. SQL is a programming language designed for managing data in a database.

But fear not, you won't need to understand a single line of SQL to carry out this attack. Thankfully another freely-available and easy-to-use application, originally developed in Iran, can be downloaded from the web saving you the trouble of dealing with any complex code.

The program is called Havij, the Farsi word for carrot, which is also a slang word for penis and so, unsurprisingly, this is the piece of software required to penetrate a website.

Again there are free and paid-for versions of Havij available with the paid-for version having more powerful capabilities. Again the world of hacker forums is your friend here and cracked versions of the full Havij application are available if you look for them.

The Havij interface is once again like any other Windows program and all a virgin hacker needs to do is simply copy-and-paste the address of their target website and press a button.

Havij allows you to perform a number of different types of operation including one called a Get, which unsurprisingly gets all the information stored on databases on that particular site which can be usernames, passwords, addresses, email addresses, phone numbers and bank details.

And that's it, within minutes you can search for, download and use a couple of automated tools which will allow you to access websites which are vulnerable to this type of attack. While most high profile companies' websites will be protected from this type of attack, the fact that Sony's website and the personal information of its customers was stolen in a manner similar to this, shows just how vulnerable the web is.

Step 4: If all else fails, DDoS

Hacktivist collective Anonymous changed their tactics in the last 12 months moving away from DDoS as their primary tool for attacking websites, preferring if possible to use SQL Injection instead. However, when this is not possible, they will revert to DDoS attacks, and you can to, with the help of another freely available tool.

And it turns out that DDoSing a website is no more difficult than carrying out a SQL Injection. The programme used is called Low-Orbit Ion Canon (LOIC) which was developed for web designers to stress test websites, but has been high-jacked by hackers in order to attack websites.

Available as a free download from Source Forge, LOIC employs a very user-friendly interface and all potential hackers need to is type in the URL of the site they want to crash and LOIC will do the rest. What the application will do is send up to 200 requests per second to the site in question.

While most bigger sites might be able to deal with this request without crashing, most websites out there will not, especially if you get together with some other hacking virgins and combine your efforts.

So easy is it to use this technology that you can even control it from your BlackBerry, meaning you can be enjoying a pint in the pub with your friends while carrying out a DDoS attack on a website of your choice.

If our tutorial has not provided you with enough information, there are dozens of other tutorials on various hacker forums around the web and even video tutorials on YouTube which you can watch.


download full version of the hacking software here

Hostel Management System


Hostel Management System


This is the Hostel Management System Software. This is mostly used in hostels. Here the user can save all the details of the students who are staying in the hostel. there are many modules in the software, fee details, leave details, in and out time of the students, total expenditure of a particular student and also all the expenditure of all students. All the bills which are received by the hostel, is divided between all the student depending on the leave details. Even the fee information is also stored. All thereports are also showed here. according to particular month and year. Advantage of this software is all the details of the students will be store in the computer, no chance of loosing the details. and also the fees is calculated properly.
This software is error free. Anyone can use this software . you can download this software by clicking on download below. So use this software and get more benefit from from this. If have any doubts then post your doubts below.
Front End : VB.Net
Back End : SQL Server
Here is a video tutorial to how to download this project , just check it http://www.youtube.com/watch?v=fTImm0Ym6oU

Hospital Management System


Hospital Management System


This hospital management system. Almost all the concepts which are there in hospital are included in this software. Modules under this software are appointment, patient details, treatment details, dosage, creditors details, billing, calculation of bills, reports and statistics. This software is one of the best software . All the report of the patients is stored under this software. Advantages are, multiple doctors and receptionist can use this software. there is no risk of losing data.

This software is error free. Anyone can use this software . you can download this software by clicking on download below. So use this software and get more benefit from from this. If have any doubts then post your doubts below.
Front End : VB.Net
Back End : SQL Server
Enter your email address to subscribe to this website and receive notifications to your email id.
Here is a video tutorial to how to download this project , just check it http://www.youtube.com/watch?v=fTImm0Ym6oU

Hospital Management System


This hospital management system. Almost all the concepts which are there in hospital are included in this software. Modules under this software are appointment, patient details, treatment details, dosage, creditors details, billing, calculation of bills, reports and statistics. This software is one of the best software . All the report of the patients is stored under this software. Advantages are, multiple doctors and receptionist can use this software. there is no risk of losing data.

This software is error free. Anyone can use this software . you can download this software by clicking on download below. So use this software and get more benefit from from this. If have any doubts then post your doubts below.
Front End : VB.Net
Back End : SQL Server
Enter your email address to subscribe to this website and receive notifications to your email id.
Here is a video tutorial to how to download this project , just check it http://www.youtube.com/watch?v=fTImm0Ym6oU

VOTE PLUS

vote plus

This is the VOTE PLUS management software developed in vb.net. It is mainly done for the college purpose. All the candidates names of the different section will be displayed in the screen according to their post. Student have to just go and click the button to vote. calculation of the vote is done automatically which can be viewed only to the Admin.

E-School Management System

eschool
This is E-School Management system. This software manages all the activities held in a particular institution. First the school mainly concentrates on the student. As soon as the students get the admission, his/her details will be saved in the database and a unique number will be given to them. According to it, the classes will be allocated. The fee payment by the student will also be stored. If a student doesn’t pay the complete fee, the balance amount will be displayed.
Monthly attendance will also stored. The system will set exam dates for each class. As soon as the exam is done, each students marks will be saved and for each student, this marks card will be printed. Any reports can be viewed. The system will also store the information of the awards gained by the institution. Any functions, meetings will also be noted down. The system will take care of the expenses and income of the school.
This software is error free. Anyone can use this software . you can download this software by clicking on download below. So use this software and get more benefit from from this. If have any doubts then post your doubts below.
Enter your email address to subscribe to this website and receive notifications to your email id.

Project title: E-School Management System

Hard ware Specification:
  • Processor : Intel Pentium 4
  • RAM : 512MB
  • Hard disk : 2GB

Online Hotel reservation System

This is Online Hotel reservation System software. The project Hotel Management System is used for maintaining the information for each and every customer. Each and every customer has own personal details. If there is no perfect software then it will be a very tough task to maintain all the records perfectly without any mistakes. Even to find a particular record it takes lot of time.








In this software we can do mass check in. even reservation can be done. And to find any particular record we just need to click a single button. And whole information about that customer will given by the software. Even we can see the past details of the customers. So this software is user friendly use. And it saves lot of time.

Online Hotel reservation system

Objective of the Project:
Main aim of developing: Hotel Management System is to provide an easy way not only to automate all functionality of a Hotel Management, but also to provide full functional reports to top management.
We are committed to bring the best way of management in the various forms of Hotel Management System. We understand that Hotel Management System in not a product to be sold, it is to manage the inner operation of Hotel management from Guest Check In to Check-Out and Reports.
Scope:
This software is developed specifically to cater the needs of the office of International Hotels. It is totally self contained and works efficiently. It provides simple database rather than complex ones for high requirements and it provides good and easy graphical user interface to both new as well as experienced user of the computer.
The project will be supposed to implement the storage of Guest Details so that a large collection could be maintained with minimum storage space. This project will also be able to provide reports of Check In, Check Out, Reservation, Mass Check In, Shifting Room, Block Rooms, Expense and Collection.

Project Category : RDBMS

  • Process Description including DFDs and ER diagram:
Admin:
This module is going deal with the authorization rights related to the application and also rights to maintain the details of the Master tables/Forms included in the applications.
Check In-Check Out:
This module is used to store from the point of the Guest personal information including their Occupancy details and until they make Check Out.
Reservation:
This module will handle the Room Booking with Guest details for a particular day.
Mass Check In-Check Out:
This module is used to deal the aspects like when Guest want to Occupy Multiple Rooms and also making Check Out with Multiple Rooms.
Billing:
This module is used to generate Guest Billing according to their daily Occupancy details and also viewing these bills.
Reports:
This module is to generate all types of Administrative reports like Check In Report, Expense and Reservations etc

E-Learning system Gatein source java source code



e-Learning

e-Learning is a coursware system distributed under GPL license. Project goal is to create a simple,platform independent courseware system for creating distant e-Learning courses for domain experts. Project is divided into two parts
  • e-Learning Lesson Designer - a standalone application for designing and publishing lesson files
  • e-Learning Lesson Viewer - is an applet capable of standalone running for viewing lesson files
This project was created as a implementation part of my master thesis at Faculty of Mathematics, Physics and Informatics at Comenius University. You you want to contribute to this project or give any comments, feel free to contact me.
Thank you for your interest in this project
Julius Loman

Getting documentation

You can download JavaDoc (in English) or my master thesis (in Slovak) from nearest sourceforge mirror.

Building from source code

Projects needs operating system with Java 2 Standard Edition 1.4 or higher. For installation check installation guide.

Binary distribution

You can download and use binary, precompiled version with installer, if you wish so. Get it from binary distribution page.

Wednesday 9 October 2013

steps guiding on hacking computer in LAN


How to hack computer in LAN


Hello Friends!
I hope you will enjoy my previous post and now I am sharing with you "How to hack computer in LAN".
Tools Required:
1) USER2SID & SID2USER


2) NetBios Auditing Tool

Download USER2SID & SID2USER
Download NetBios Auditing Tool

After Download then extract both  in C:\ drive
Note: Rename "NetBios Auditing Tool" to "nat"

You now need to create a null session to the target computer
Code: write in CMD(command prompt) 
net use \\192.168.1.3\ipc$ "" /u:""
Note:Replace 192.168.1.3 with your victim Computer IP address.



Now open USER2SID & SID2USER folder in cmd
First we open USER2SID tools in CMD
Code: user2sid \\192.168.40.128 guest
Note : Replace IP address with your address. 













We will test against the Guest account because Guest account is a built in account.

After we get the ID,we need to do some modification on the ID.

We take the ID we get from the guest account and modified it become
"5 21 861567501 1383384898 839522115 500".

Please leave out the S-1-,leave out all the - too.
Code: sid2user \\192.168.40.128  5 21 861567501 1383384898 839522115 500


 




Now you will see that you get the username of the Administrator account.

In this case,the Administrator account is Administrator.


Create a text file called user.txt and the content will be the username of the Admin account.(If it is already create on tool then do not create it)




















Prepare yourself a good wordlist for Passwords

























Now we are going to crack the Admin account for the password in order to access to the target computer.

Browse to the NetBios Auditing Tool directory.
 In this case,I have get the password.



Note: Most of User have administrator password empty mean there is no password for administrator so leave above if administrator password is blank.

In order to proof that I can get access to the target computer using this password.

After you press enter,it will prompt you for the username and password.
 Therefore,just input them inside the prompt and continue.

Target C drive will be on your screen.




Thanks for Reading this article if you have any problem then  post it in comment box