0 Ratting and Make 100% Working Server with DarkComet RAT

R

AT or Remote Administration Tool is a tool which helps to administers the system of a person without physical access to the system.This tool is highly used by a hacker and is very efficient.If a hacker is able to get installed a server (which can easily be done) in victims system then entire system of the victim is with the hacker! He can check logs,take screenshots,browse your folders,disable your anti-virus and much more !

RAT is basically a Trojan which has two parts :

Client : It can be considered as King which plays with or manipulates with the server(slave) which he has made.

Server: It can be considered as a Slave which is installed on the host (remote).

So now I'll talk about  how to create a successful Server with one of the Best RAT's available, that is DarkComet (v5.1) which is coded in Delphi XE and Delphi 2007.

So here it goes :

1. Download DarkComet (v5.1 is what I'll use here,but the basic process is same for all version so don't worry)

                                          http://www.darkcomet-rat.com/

2.Now we will start building up the server.exe file.

   Click on the Blue Icon saying "DarkComet", go to "Server module" and choose ''Full editor" option.

   You'll get something like this -

                          

   

   Keep a security password if you want to.               

   Click on Random 4-5 times to generate new Mutex and see to it that Active FWB is checked.

2.Now proceed to Network Settings.Here you need need to sign up in https://www.no-ip.com/. 

Sign up here and make your own new host and you will get a new ip.Like this-

                               

The ip (which i have made blurred) which you get from no-ip has to pe pasted in IP column in Network Settings of the Server module.And also download NO-IP DUC and install it in your system and sign in there with you no-ip account followed by logging in it.

Another column which you will see there is of PORT . DarkComet uses port 1604 so make sure it is open and forwarded.To know how to forward your port,visit http://portforward.com/ -here you will get all the information about how to forward your port for your type of Modem.

3.Keep the following setting in module startup -

  

You can also check ''persistence installation'' if you want to(i recommend it).

 4.Following setting are ideal for Module Shield -

                   

                                

5.After this all the options may vary from person to person as per your requirement but i recommend to Activate the Offline Keylogger .

6.Compress the server if you want and you are done,click on ''Build the Stub" and a process will take place in which you will be able to see the algorithms and your server.exe is made (name it as per your requirement but keep .EXE intact)

                                   

                                  

Your server is Built now ! :)

But now problem arises that how will you send the server to the victim over internet as .EXE files cannot be transferred via facebook,yahoo,gmail or other sites.

So here come crypters and binders into play !

Crypters - It is software which is used to crypt your server to make it FUD (Fully Undetectable )

Binders - A binder is software which pumps up the size of your RAT which is usually in Kb's to some Mb's!

You can do this by binding your RAT with some song ,image etc..

There are a number of crypters and binders available and you can download any of them and use :)

P.S. - I'll soon post a detailed tutorial on Binders and Crypters and How to Send an .EXE file via internet ! 

Related : Make over 1,000 folders in Seconds!

            How to Download Videos from some Famous sites

            Know Location,IP of Unknown People on Omegle/Chat Rooms,Even if the stranger doesn't tell

           New Malware Detected in Angry Birds !

           Java script to see passwords!!

           Make an Undeletable Folder

0 || ByPass Symlink On Lite Speed Server ||

Video Link
http://www.mediafire.com/?58dfixtz4vv2sbi

0 Cara Bom komentar di Facebook Menggunakan aplikasi

New aplication aplikasi terbaru Bom komentar di facebook ,
yg biasa di denger yaitu Bom jempol tapi ini Beda dari itu
cara Pengunaan Tulis Text yg ingin kamu kometra kan pada  tab bawah atack 

Kemudian masuk facebook cari status yg ingin kamu bom komentar

Kemudian atack

               

Download aplication
Download Here
jika anda di minta memasukan pasword
pasword :hackerinside

0 Hack Facebook Accounts With Reverting

Facebook pays millions of dollars to security experts and penetration tester to keep the privacy of their users as safe as possible. So therefore we cannot use direct methods such as bruteforcing, dictionary attacks in order to hack facebook account due to account lockout feature. However, Also i would like to clear one more doubt that there is no such software which will hack a facebook password for you by just entering your email address. There are also methods such as Phishing, keylogging etc, which can help you hack facebook account, which are also suggested ones.

However here in this tutorial we will be exploiting a bug inside facebook in order to hack a facebook account. The vulnerability exploits trusted friends feature inside facebook which could be used to reset some one's facebook password. 

Note: If you would like to learn about more advanced methods to hack a facebook account, Kindly refer my post How To Hack Facebook Password.


1. The thing which we use is to trick the Three Friend Account Recovery Method of facebook

2. The homework i was talking about is that you will have to make three fake account and make sure that they are in the friend list of the person you want to hack.

3. Once you are done with the above two steps you can start the hacking business.

4. Go to Forgot Password area of facebook.

5. It will show victims e-mail address and may be mobile phone at which he can be reached,choose ''no longer access to these'' option.

6. Now you will be prompted to enter an alternate e-mail address, type your e-mail address or create a new one.

7. Now you will be asked the ''Security question". Make random guesses,if you know the victim you might just get the right answer,if you don't-no worries !

8. If you have not succeeded in getting the answer right you will get to our main aim ''The Trusted Friends" recovery option.

 

                                 

9. Here click on ''continue'',choose  3 trusted friends-The Three fake accounts you have created and they are friends with the victim.

   

                           

10. After you have chosen them,facebook will supply you with some codes on those fake accounts,follow the procedure and victims account is yours ! You've hacked them ! :)

0 A Beginners Guide to Ethical Hacking launched

 I am very happy to tell you that my book "A Beginners guide to Ethical Hacking" has just launched.I have been working on this book for past few months.I have dedicated this book completely to beginners who want to become hackers.

 

How will the information in the book affect me?

• You will learn All Ethical hacking techniques and also you will learn to apply them in real world situation
• You will start to think like hackers
• Secure your computer from trojans,worms, Adwares etc
• Amaze your friends with your newly learned tricks
• You will be able to protect your self from future hack attacks

And Much more...

Reality about Password Hacking softwares

You might have heard about some paid password hacking softwares which claim to hack a password on entering the email account.But in reality all those softwares are fake.If you believe what they say then you are just wasting your time and money.These all softwares are fake.If there exists such a software, will there be any security on web. And all expert engineers at Google, Yahoo and other services are not mad. They are all engaged in ensuring security of their customers ie email account owners. So, no such software exists.
So stop wasting your time and money on these foolish softwares and services and learn real Ethical Hacking methods which hackers use to access email accounts.

For Download Link visit the following site
IRZZAT - Ethical Hacking Book

0 Top 10 Ways How Hackers Can Hack Facebook Accounts In 2012

Facebook is one of the most widely used social networking site with more than 750 million users, as a reason if which it has become the number 1 target of hackers, I have written a couple of post related to facebook hacking here at RHA, In my previous post which I wrote in 2010 related to facebook hacking and security 4 ways on How to hack facebook password, I mentioned the top methods which were used by hackers to hack facebook accounts, however lots of things have changed in 2012, Lots of methods have went outdated or have been patched up by facebook and lots of new methods have been introduced, So in this post I will write the top 10 methods how hackers can hack facebook accounts in 2011.

10 Ways How Hackers Can Hack Facebook Accounts In 2011

So here are the top 10 methods which have been the most popular in 2011:

1. Facebook Phishing 

Phishing still is the most popular attack vector used for hacking facebook accounts, There are variety of methods to carry out phishing attack, In a simple phishing attacks a hacker creates a fake login page which exactly looks like the real facebook page and then asks the victim to login into that page, Once the victim logins through the fake page the victims "Email Address" and "Password" is stored in to a text file, The hacker then downloads the text file and get's his hands on the victims credentials.

I have explained the step by step phishing process in my post below:

• How To Hack Facebook Password

2. Keylogging 

Keylogging, according to me is the easiest way to hack a facebook password, Keylogging sometimes can be so dangerous that even a person with good knowledge of computers can fall for it. A keylogger is basically a small program which once is installed on victims computer will record every thing which victim types on his/her computer. The logs are then send back to the attacker by either FTP or directly to hackers email address. I have dedicated a half of my newsest book "An introduction to keyloggers, RATS And Malware" to this topic.

3. Stealers 

Almost 80% percent people use stored passwords in their browser to access the facebook, This is is quite convenient but can sometimes be extremely dangerous, Stealers are software's specially designed to capture the saved passwords stored in the victims browser, Stealers once FUD can be extremely powerful. If you want to how stealers work and how you can set up your own one?, Kindly refer the book above.

4. Session Hijacking

Session Hijacking can be often very dangerous if you are accessing Facebook on a http:// connection, In a Session Hijacking attack a hacker steals the victims browser cookie which is used to authenticate a user on a website and uses to it to access victims account, Session hijacking is widely used on Lan's. I have already written a three part series on How session hijacking works? and also a separate post on Facebook session hijacking.

Further Information

• Gmail Cookie Stealing And Session Hijacking Part 
• Gmail Cookie Stealing And Session Hijacking Part 2
• Gmail Cookie Stealing And Session Hijacking Part 
• Facebook Session Hijacking Attack(Recommended)

5. Sidejacking With Firesheep

Sidejacking attack went common in late 2010, however it's still popular now a days, Firesheep is widely used to carry out sidejacking attacks, Firesheep only works when the attacker and victim is on the same wifi network. A sidejacking attack is basically another name for http session hijacking, but it's more targeted towards wifi users.

To know more about sidejacking attack and firesheep, read the post mentioned below:

• Firesheep Makes Facebook Hacking Easy

6. Mobile Phone Hacking

Millions of Facebook users access Facebook through their mobile phones. In case the hacker can gain access to the victims mobile phone then he can probably gain access to his/her Facebook account. Their are lots of Mobile Spying softwares used to monitor a Cellphone.

The most popular Mobile Phone Spying softwares are:

1. Mobile Spy
2. Spy Phone Gold

7. DNS Spoofing 


If both the victim and attacker are on the same network, an attacker can use a DNS spoofing attack and change the original facebook.com page to his own fake page and hence can get access to victims facebook account.

8. USB Hacking 

If an attacker has physical access to your computer, he could just insert a USB programmed with a function to automatically extract saved passwords in the browser, I have also posted related to this attack which you can read by accessing the link below:

• Usb password stealer To Hack Facebook Passwords

9. Man In the Middle Attacks


If the victim and attacker are on the same lan and on a switch based network, A hacker can place himself b/w the client and the server or he could also act as a default gateway and hence capturing all the traffic in between, ARP Poisoning which is the other name for man in the middle attacks is a very broad topic and is beyond the scope of this article, We have written a couple of articles on man in the middle attacks which canb be accessed from the links mentioned below:

• Man In the Middle Attacks With SSL Strip

If you are really interested in learning how man in the middle attacks, you can view the presentation below by oxid.it.

10. Botnets 

Botnets are not commonly used for hacking facebook accounts, because of it's high setup costs, They are used to carry more advanced attacks, A botnet is basically a collection of compromised computer, The infection process is same as the keylogging, however a botnet gives you, additional options in for carrying out attacks with the compromised computer. Some of the most popular botnets include Spyeye and Zeus.


Facebook Hacking Course

Facebook hacking course is a facebook security course created by me, which tells you exactly how how hackers can compromise your facebook accounts and what can you do to protect your facebook accounts from getting hacked.

Click here to get access to the course

Hope you have enjoyed reading the post as much i did while writing.

Note: Copying or reproducing this article is strictly prohibited and will lead to certain consequences, If you are reproducing or copying this article, make sure that you give a proper credit.

0 Protect Your Website Against SQL Injection

Hacker-one: “ YES, I DID IT !!! “

Hacker-two: “What ? “

Hacker-one:” I HACKED ANOTHER SITE!!! “

Hacker-two: “Great!!! How did you do that? “

Hacker-one:” SQL INJECTION !!! :p “


Yes, one of the common methods that are being used by hackers is SQL INJECTION.

Sites get hacked by the sql injection due to the loop hole that is left by developers most of the times while developing a web application.

I will be explaining you today how to avoid SQL INJECTION when you are developing a web application with PHP.

I will be explaining with the help of an example, suppose we have text fields on our form

1. User Name

2. Password

and a login button.

When we login, the validation for the valid user is checked on the back-end. If the user is a valid user, he logs into the system else an error message “incorrect username or password” is shown.

What happens on the back-end,

$userName=$_POST[‘userName’];


$password =$_POST[‘password’];

$sqlQuery=”select * from users where user_name= ‘”.$userName.”’ and user_password= ‘”.$password.”’ ;  ”;

This is where the developer has left a loop hole if instead of password I enter  ‘ or ‘a’=’a the password field has the value


$password is  ‘or ‘a’=’a

Lets place this value in query and the query becomes

$sqlQuery=”select * from users where user_name= ‘”.$userName.”’ and user_password=’ ‘or ‘a’=’a’;   ”;

You can see clearly , password doesn’t match but the other statement  a=a matches so  OR operator will work and the user will login into the system without knowing the actual password. I can even give you the names of some famous websites  where you can inject sql or use this technique.

HOW TO AVOID IT ???

Don’t treat the field values as mentioned above

Use this function

function BlockSQL Injection($str){           

return str_replace(array("'",""","'",'"'), array("'",""","'","""), $str);

}

This will replace the characters( that can break the string) in the string.

So you can use this function as

$userName= BlockSQL Injection ($_POST[‘userName’]);


$password = BlockSQL Injection ($_POST[‘password’]);


Now the hacker wont be able to break the QUERY STRING.

We have many frameworks in PHP that provide this functionality such as quotes_to_entities($string) in CODE IGNITER.

Use some desgin pattern when you are building a big application, model, controller, your view layers and DAO (data access object layer) must be implemented to make it losely coupled and extensible.

A huge number of sites have been developed in core php, where we don’t use any framework. Wordpress is very secure but when it comes to PLUGINS (that we donwload and use), they can have the loop holes inside them. Stay alert while developing web applications, you never know when you are gonna get hacked. Stay blessed! :)

Good Luck !

0 How To Hack Windows 7 And Bypass Firewall And Kaspersky Antivirus

Ringkasan ini tidak tersedia. Harap klik di sini untuk melihat postingan.