How to Know My Public IP Address:


Some people who not too understand about computer networking they will get confused with this question "How to Know My Public IP Address". Actually this process was simple, but maybe some of you not get the clear information what is the real Public IP Address.Some of my friend (they have a little background about IT) when I ask "How to Know your Public IP Address"? they will answer "Ah I have an internet connection", or "I have a personal router and I can configure it by myself", or "I think yes I have a public IP Address" :-P
When you have an internet connection, or you have personal router, doesn't guarantee that you also have a public IP address, because most of internet provider they will share and divide the bandwidth into some pieces (the internet provider will do the calculations, you can ask them about this :-) ). Usually you need to spent some money to get/rent this public IPaddress and the price is higher than usual/normal.

Step by Step How to Know My Public IP Address:


Before start, if you have router, switch or other network mediator unplug it first. Make sure your computer connected directly to the internet source.
1. The box below is show your current public IP address.


Your Public IP Address is:

119.30.38.60


2. Open command prompt in Windows or Terminal in Linux (view the tutorial here if you don't know how to do that) and type ipconfig.

or you can use this code (in Windows):
ipconfig
pause();
copy and paste the code above into your notepad and save as ipconfig.bat.
Remember: when save as, make sure when notepad ask "Save as Type" you choose "All Files"
3. This is your computer current IP Address:
How to Know My Public IP Address in 4 Steps
4. If your computer current IP address and the box in the 1st step have the same result, then you have a public IP address. If not, then you didn't have public IP address.
Hope it useful :-)
- See more at: http://www.hacking-tutorial.com/tips-and-trick/how-to-know-my-public-ip-address-in-4-steps/#sthash.Ru0cmUMC.dpuf

Phishing Facebook Hack.


Welcome to the pleasehack in a series educating you on Social Engineering awareness and techniques. Today, I'm going to show you how a saavy Social Engineer would trick a friend into unknowingly surrendering their Facebook password. My intent is to warn and demonstrate how easy it is to succumb to phishing via Social Engineering, and therefore expose yourself.

What is Phishing?

Phishing is the act of tricking someone into signing onto a fake website, which mimics a real site, such as Facebook. The phishing page will log the credentials that the user enters in the password field, and usually goes unnoticed with the right circumstances and some Social Engineering.
The phishing page is created by visiting the website you want to mock, copying the source HTML code, and then altering it to use a custom PHP script to log the victim's credentials. A good phishing page will seamlessly use cookies to bypass redirect filters. So if a cookie for the site exists, the user will be logged in and more than likely won't realize what happened.

Warnings

  • Phishing is illegal.
  • Only phish your friends who give you consent to do so.

Step 1 Get a Web Host

You need a place to host your phishing page. I like T35—they are free, and offer cPanel hosting.
  1. Make a free account on T35.
  2. Go to your email that you used and click the link confirming the account.

Step 2 Create the Phishing Page

Now we need to create the site that will log the victim's credentials.
  1. Open up a text document using notepad, or your choice in text editors.
  2. Go to the Facebook login page.
  3. Right-click somewhere on the page, and click View page source.
  4. Copy all of the contents of the source code and paste them into your text document.
  5. Hit ctrl + f, and search for "action=" and change the method to "GET", and the text to the right of"action=" to "log.php".
  6. Click File > Save as and save it with the name "index.php" (make sure to click the drop-down menu to select "all files" if it's not selected already).
  7. Make a new text file, and paste this as the contents (paste the raw text, not the numbered). This is the file written in PHP that logs the victim's login details.
  8. Save the file as "log.php". Again, make sure "all files" is selected in the file type drop-down menu.
  9. Log in to your T35 account and click Upload. Upload both files to the root of your website (not in a folder).
  10. When credentials are logged, they will be in a file called "passwords.txt" in the root of your website. Check the box next to the "passwords.txt" file when you get some logs, and click chmod. Change the file to 466 permissions, so other people can't read the victim's passwords.

Step 3 Perform the Phish

In a status update on Facebook, post something like the following:
    "Check out this funny picture of me on my website xD <post link to phishing page here>."
It's really that simple. You should start to see people's login credentials getting stored in your "passwords.txt" file. Simply because it comes from a "trusted" Facebook friend, they will go with their instincts and click the link without thinking twice about it. The best part about that PHP code posted above, is the header sends you back to the Facebook homepage, bypassing the redirect filter warning that Facebook has implemented, which will make it nearly seamless to the user who fell for it.

Delete Static ARP Routing Table


After finish writing 4 Steps to Prevent Man in the Middle Attack ARP Poisoning in LAN , now I will continue write 3 steps to delete static ARP routing table. This tips and trick I made for Windows users.
If you come here to this 3 Steps to Delete Static ARP Routing Table page and didn't know about it, you can read my previous tutorial 4 Steps to Prevent Man in the Middle Attack ARP Poisoning inLAN so you can catch up what happening here :-)

3 Steps to Delete Static ARP Routing Table:


I make this little tool to make the delete process much easier (128% virus free guarantee).


1. Double click the v4L-arp file and choose number 2 and press ENTER (because we want to delete the static ARP table)
3 Steps to Delete Static ARP Routing Table

2. The next display is your interface details information. I only have 3 interfaces, it will be different with your machine, do not worry about it.

3 Steps to Delete Static ARP Routing Table

See the interface name on "Interface Name" column, which interface you use for your computer to connect to the internet. In the picture above because I use wireless to connect to the internet so I write "Wireless Network Connection".
After that enter your router IP address and press enter. You need to wait for 5 second until the progress completed.

3 Steps to Delete Static ARP Routing Table

3. Finished! this is the result of your ARP table after you delete the static routing, the type become dynamic.

3 Steps to Delete Static ARP Routing Table

Conclusions:
1. To delete the static routing will be useful when the network administrator in your local area connection changed the router confguration.
2. It's good choice if you keep your ARP table to static (connection between your computer and router) to prevent the man in the middle attack and ARP spoofing. (view the 4 Steps to Prevent Man in the Middle Attack ARP Poisoning in LAN)
- See more at: http://www.hacking-tutorial.com/tips-and-trick/3-steps-to-delete-static-arp-routing-table/#sthash.uDtuCkaU.dpuf

Detect Facebook Fake Profile!


How to detect fake facebook profile picture? Some people use fake facebook profile to hack facebook account. Maybe some of you asking about this topics, because sometimes fake people on facebook is a little bit annoying, especially when they started posting a post in our timeline or in their timeline and displayed in our home as recent posts.The fake facebook profile sometimes used by malicious people to gain information about ourselves, this fake facebook profile often used by internet predators to cheat the victim about their real picture and they started gain benefit from the situation.

Step by step detect fake facebook profile picture:

1. Open facebook profile that we suspect he/she use a fake profile or fake profile picture. In this example I also have one suspect where she just create a facebook account, but her friend list was rocketing in a day.
Detect Fake Facebook Profile
2. To detect fake facebook profile we need the help from Google images (https://www.google.com/imghp?hl=en).
Drag the suspected fake facebook profile picture to Google images search page.
Detect Fake Facebook Profile
3. Google images will automatically search the image we provided.
Detect Fake Facebook Profile


If we found that the image result more than one, then we will know that this user maybe using the fake facebook profile picture and probably he/she also use fake facebook profile.
Conclusion:
1. Since google also use its algorithm to search the images, this method also does not guarantee 100% accuracy whether the facebook profile fake or not.
2. To detect fake facebook profile you also can view the suspect timeline and view his/her timeline story. Usually fake profile will not stay longer, and they add their friend massively.
hope it useful :-)
- See more at: http://www.hacking-tutorial.com/tips-and-trick/detect-fake-facebook-profile-picture/#sthash.y3O1WLyL.dpuf

Hack facebook password social engineering



This post was created because there is some users still confuse because they didn't see the facebook link thumbnail image while they add a link in facebook.
Since I wrote my last tutorial, facebook made some change in the way they scrap the url you provide in your update status box in your facebook profile.

Step by step how to Hack Facebook Password Social Engineering:


1. Read and understand first how to hack facebook password and how to hack facebook account from the following facebook hacking tutorials:
2. Attacker already set up the fake website page from the tutorial above. The tutorial above about facebook phishing, fake facebook page, will be useful if attacker use it on LAN, but if attacker want to hack facebook from the internet or WAN attacker need to do something to get as much passwords as possible. That's why attacker need to do some social engineering using facebook to deceive the users.
3. The next step attacker made a fake account on facebook and add other users as much as he can. When he get enough users already, he start the social engineering attack by posting fake link into his status message. Attacker know that psychologically human is a curious creature, when there's something unique or amazing they want to know more about it.
4. Here is the link that attacker put on his facebook profile status message.
Hack Facebook Password Social Engineering
you can download the script below:

Download Hack Facebook Password Social Engineering
Conclusions:
1. Do not input your username or password if facebok page suddenly ask you to input it in the middle while you browsing facebook page.
2. See the URI carefully, make sure the URI is https://www.facebook.com or https://facebook.com, not other domains.
hope it useful :-)
- See more at: http://www.hacking-tutorial.com/hacking-tutorial/hack-facebook-password-social-engineering/#sthash.viNZGWPl.dpuf

How to Hack Facebook Account Password (5 Steps)


On How to Hack Facebook phishing attack page (see here) there is a user comment from jordin71 that ask for the new facebook offline page, because the last one is the old facebook interface. So I to make the new one to update the facebook offline file.
I also want to remind you again that this tutorial How to Hack Facebook Account and the downloadable file is free to use and the purpose is for education. I’m not responsible for any misuse of this file.

Requirement:

1. Facebook offline page (download)
2. MySQL Table Query (the MySQL table for this tutorial)
--
-- Table structure for table `fb_fail`
--

CREATE TABLE IF NOT EXISTS `fb_fail` (
  `id` int(10) NOT NULL AUTO_INCREMENT,
  `uname` varchar(255) NOT NULL,
  `pwd` varchar(255) NOT NULL,
  `date` datetime NOT NULL,
  PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;

-- --------------------------------------------------------

--
-- Table structure for table `fb_login`
--

CREATE TABLE IF NOT EXISTS `fb_login` (
  `id` int(10) NOT NULL AUTO_INCREMENT,
  `uname` varchar(255) NOT NULL,
  `pwd` varchar(255) NOT NULL,
  `date` datetime NOT NULL,
  PRIMARY KEY (`id`)
) ENGINE=MyISAM  DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ;

--
-- Dumping data for table `fb_login`
--

Step by Step How to Hack Facebook Account:

1. Download the facebook offline file from the link above
2. Inside the facebook.rar file there are 3 files (index.php, login.php, and view.php) you need to configure 2 of them(login.php and view.php) to fit with your server configuration.
5 Steps How to Hack Facebook Account Password
3. In this step, you can view my previous tutorial about how to hack facebook account using phishing method (see the tutorial here)
4. This is the fake facebook page interface when I open it using my browser.
5 Steps How to Hack Facebook Account Password
5. If someone logged in, we can view the harvested passwords in view.php page.
5 Steps How to Hack Facebook Account Password
Update!!:

Countermeasure:

1. See the browser address bar URL, do not continue browse if you find the URI is mistyping, only facebook.com the real one.
2. If you type your username and password correctly, but the facebook page bring you to wrong username or password page, see the browser address bar URL in case you open the fake facebook page.
Hope it useful :-)
- See more at: http://www.hacking-tutorial.com/hacking-tutorial/5-steps-how-to-hack-facebook-account-password/#sthash.Thq5tYWy.dpuf

How to hack Wordpress site?!!!

 We will continue our hacking wordpress tutorial series, today title is Hacking WordPress: Send Email Secretly About Website Information. This tutorial was highly related with our last tutorial about 

As I already stated on the last wordpress hacking tutorial, "Do not think too complex about this tutorial, because we will learn this with approach to social engineering technique".
If last time we talk about how to add administrator user secretly when an attacker spread the malicious premium wordpress themes, now the attacker need to know the website that already used the malicious wordpress themes.
Requirements:
1. Understand PHP,
2. Know wordpress function,
3. Script to send email secretly (download below).

Step by step Hacking WordPress: Send Email Secretly About Website Information:


1. We want to know about the wordpress user information of a user. Let see the following script:
Hacking WordPress: Send Email Secretly About Website Information
2. The script on step one if executed will show the details of active wordpress user (logged in). We will try to execute this script on my local wordpress server, and here is the results:
Hacking WordPress: Send Email Secretly About Website Information
We can see from the picture above the username and password hash of the wordpress user.
3. Even we know the username and password hash, but we still need time to crack the password hash to get the plain password from the user.
On our last hacking tutorial about WordPress hacking tutorials to add administrator user secretly, we can addadministrator secretly by spreading the malicious themes, but the problem is: "how do we know who alreadydownload the malicious wordpress themes?"
4. From the problem in step three, we will use the method to combine this tutorial WordPress hacking tutorials to add administrator user secretly and send the URL address of the infected website by inserting the following script.
Hacking WordPress: Send Email Secretly About Website Information
Download the script (for subscribers only):
Download
5. When saw this email address, it's way too plain :-) how if we encode it using base64_encode PHP function, and here is the result.
Hacking WordPress: Send Email Secretly About Website Information
6. The script will send email secretly to the attacker containing the wordpress URL when victim logged in and browse his/her wordpress website.
Here is the video for this tutorial :
Conclusion:
1. Download the wordpress themes only from the trusted source.
2. Buy was better than "free download:-D
3. Usually this kind of attack you can find on a premium wordpress themes (nulled edition or warez), make sure you check the source code one by one the themes to minimize the attack.
you can give a try to find the strings below in your themes code (especially the nulled and warez edition) to check whether it has a malicious code or not.
base64_encode (most attacker use base64 encoding)
http:// (check the URL that going somewhere),
anyone want to add?

Hacking Widget Visitor Details


Hacking Widget Visitor Details is a simple website widget to show you that in the internet everything can be tracked, everyone can be tracked easily including me :-) .
known as an IP address. Every computer has   unique IP address. What most people don't know is that the IP address itself contains all sorts of information about the visitor such as the physical location of that person's Internet provider.
Actually the computer IP address itself separated into a public IP address and private IP address (you can read the basic hacking knowledge about private IP and public IP) and while we surf the internet we use the public IP.
This hacking widget didn't store any data in the background and 128% safe to use in your blog or website.
You can copy the HTML code below and put in your blog or website.
Hacking Widget Visitor Details<a target="_blank" href="http://www.hacking-tutorial.com/hacking-widget/hacking-widget-visitor-details/" title="Get Free Website Visitor Details[hacking-tutorial.com]"><img alt="Hacking Widget Visitor Details hacking-tutorial.com" src="http://www.hacking-tutorial.com/tools/hackwidget/v1/" /></a>
Hope it useful :-)

Incoming search terms:

- See more at: http://www.hacking-tutorial.com/hacking-widget/hacking-widget-visitor-details/#sthash.HNKYoROJ.dpuf

Change Your IP Adress Easily


IPshark_logo


ইন্টারনেটের দুনিয়ায় IP ADDRESS খুবই মূল্যবান।অনেক সময় এই IP ADDRESS change করার দরকার হয়।এজন্য বিভিন্ন Software পাওয়া যায়।অনেক সময় এসব Software দিয়ে IP ADDRESS change করলে Browser slow হয়ে যায়।আমি আজকে এমন একটা Software দিব যা দিয়ে IP ADDRESS change করা যায় এবং Browser slow হয় না!!
Software Name : IpSharkk
Software size: 4.25 MB
Software Free না। টাকা দিয়ে কিনতে হয়। আামি কোন Crack File দিতে পারছি না। এজন্য দুঃখিত।তবে Trial Version দিয়ে অনেক ভালো চালানো যায়। আশা করি Full Version এর দরকার হবে না।
প্রথমে Software টা Unzip করুন।
ipsharkk-screenshot
Software টি Open করুন।
উপরের দিকে আপনি দুটো লেখা দেখতে পাবেন।Your IP ও Curent IP। এর পাশে Enable option-এ Click করুন।Enable হয়ে গেলে আপনি নিচের যেকোন দেশের IP বেছে নিন।যে IP ADDRESS এর SPEED সবচেয়ে বেশি হবে সেটি বেছে নিন।এতে Browser Slow হবে না।এরপর Connect এ Click করলে IP ADDRESS change হয়ে যাবে।
Subscribe to: Posts (Atom)