How to Detect Vulnerability in PHP Application

How to Detect Vulnerability in PHP Application

PHP Vulnerability Hunter is a PHP fuzzing tool that scans for several different vulnerabilities by performing dynamic program analysis. It can detect arbitrary command execution, local file inclusion, arbitrary upload, and several other types of vulnerabilities.

Read more...

5 Best Boot Screens For Windows 7

Microsoft’s fastest selling operating system, Windows 7, features a cool boot screen but users who have been watching the same boot screen ever since the Beta days might want to replace the default boot screen animation with a custom one.

Unlike, earlier versions of Windows, changing the default boot screen animation is not a simple task in Windows 7. But it’s possible with the help of a free tool named Windows 7 Boot Screen Updater. We reported about this awesome tool few months back.

Now if you are looking forward to change the default Windows 7 boot animation usingWindows 7 Boot Screen Updater, here are some good boot screen animations.

Note: Since Windows 7 Boot Screen Updater is in beta state, we recommend backing up your system before replacing the default boot screen. Use at your own risk! And, please try these boot screens in a Virtual Machine before trying it on your primary machine.

Click on the boot animation image to proceed to the download link. Please use Windows 7 Boot Screen Updater or follow the procedure mentioned in the download page to apply the custom boot screen.

1. Default boot screen with custom touch

2. Windows logo animation

3. Glowing Apple boot screen

4. Another cool boot animation for Windows 7

5. Apple logo boot screen animation

Read more...

HOW TO HACK E-MAIL ACCOUNT PASSWORD - EMAIL HACKING SOFTWARE

HOW TO HACK E-MAIL ACCOUNT PASSWORD - EMAIL HACKING SOFTWARE


Now you know that there are many ways to hack email password, like bruteforcing, social engineering or Reverting, but the main two methods used to hack email passwords are Remote Keylogging and Phishing. In this article i'll show you how to hack email account password using keyloggers and trojans. Here I am demonstrating using PRORAT trojan. You can use any trojan or keylogger as per your ease. The basic functionality of all backdoors are same. Pls make note that all these hacking tools and softwares are detected by antivirus. You have to uninstall or close you running antivirus first. Now we can start.

How to Hack Email Account Passwords Using ProRat?

1. First of all Download ProRat. Once it is downloaded right click on the folder and choose to extract it. A password prompt will come up. The password will be "pro".

2. Open up the program. You should see the following:


3. Next we will create the ProRat Trojan server. Click on the "Create" button in the bottom. Choose "Create ProRat Server".


4. Next put in your IP address so the server could connect to you. If you don’t know your IP address click on the little arrow to have it filled in for you automatically. Next put in your e-mail so that when and if a victim gets infected it will send you a message. We will not be using the rest of the options.


5. Now Open General settings. This tab is the most important tab. In the check boxes, we will choose the server port the program will connect through, the password you will be asked to enter when the victim is infected and you wish to connect with them, and the victim name. As you can see ProRat has the ability to disable the windows firewall and hide itself from being displayed in the task manager.

Here is a quick overview of what they mean and which should be checked:


6. Click on the Bind with File button to continue. Here you will have the option to bind the trojan server file with another file. Remember a trojan can only be executed if a human runs it. So by binding it with a legitimate file like a text document or a game, the chances of someone clicking it go up. Check the bind option and select a file to bind it to. A good suggestion is a picture or an ordinary text document because that is a small file and its easier to send to the people you need.


7. Click on the Server Extensions button to continue. Here you choose what kind of server file to generate. I prefer using .exe files, because it is cryptable and has icon support, but exe’s looks suspicious so it would be smart to change it.


8. Click on Server Icon to continue. Here you will choose an icon for your server file to have. The icons help mask what the file actually is. For my example I will choose the regular text document icon since my file is a text document.

9. After this, press Create server, your server will be in the same folder as ProRat. A new file with name "binded_server" will be created. Rename this file to something describing the picture. A hacker could also put it up as a torrent pretending it is something else, like the latest game that just came out so he could get people to download it.

Very important: Do not open the "binded_server" file on your system.

10. You can send this trojan server via email, pendrive or if you have physical access to the system, go and run the file. You can not send this file via email as "server.exe", because it will be detected as trojan or virus. Password protect this file with ZIP and then email it. Once your victim download this ZIP file, ask him to unlock it using ZIP password. When the victim will double click on the file, he will be in your control.

11. Now, I will show you what happens when a victim installs the server onto his computer and what the hacker could do next.

Once the victim runs the server on his computer, the trojan will be installed onto his computer in the background. The hacker would then get a message telling him that the victim was infected. He would then connect to his computer by typing in his IP address, port and clicking Connect. He will be asked for the password that he made when he created the server. Once he types it in, he will be connected to the victims computer and have full control over it.


12. Now the hacker has a lot of options to choose from as you can see on the right. He has access to all victim's computer files, he can shut down his pc, get all the saved passwords off his computer, send a message to his computer, format his whole hard drive, take a screen shot of his computer, and so much more. Below I’ll show you a few examples.


13. The image below shows the message that the victim would get on his screen if the hacker chose to message him.


14. Below is an image of the victims task bar after the hacker clicks on Hide Start Button.


15. Below is an image of what the hacker would see if he chose to take a screen shot of the victims screen.


As you saw in the above example, a hacker can do a lot of silly things or a lot of damage to the victim. ProRat is a very well known trojan so if the victim has an anti-virus program installed he most likely won’t get infected. Many skilled hackers can program their own viruses and Trojans that can easily bypass anti-virus programs.

Read more...

"Add Testimonial" ~ remote File upload vulnerability.

"Add Testimonial" ~ remote File upload vulnerability.

"Add Testimonial" ~  remote File upload vulnerability.





[#1] Open website ..

[#2] Go to this URL : testimonial/add.html.php 

For example :  http://Site.com/testimonial/add.html.php

[#3] Now Upload Your Deface or any file

[#4] to view you upload file go to /images/testimonial/ , you'll se index of files here ... click on last file, its urs !!

[#5] enjOy =) Leave a Comment beLow if you Like it

Demo :

http://sdhealingarts.com/testimonial/add.html.php?
http://slangmediagroup.com/testimonial/add.html.php?

http://thepharmcollective.com/testimonial/add.html.php?

http://www.ganjadaddy.com/demo/firestation/testimonial/add.html.php?

Result : http://slangmediagroup.com/images/testimonial/testim_20111218213043

http://www.ganjadaddy.com/demo/firestation//images/testimonial/testim_20111218215509

Read more...

How to Make Password Protected ZIP Files using WinRAR

How to Make Password Protected ZIP Files using WinRARWinrar is a popular archive management software that can be used to open or create archive (rar,zip etc) files.There are lot of freeware softwares like Axcrypt,Disguise Folders that can encrypt your files and password protect them.If you have winrar installed in your pc then you can use its inbuilt password protection feature

How To make Password Protected ZIP Files using WinRAR:-

• Right click on the folder/file which has to be  Password Protected and select ADD to Archive option.

• From the pop up window select the Advanced Tab.
• Now click on the Set Password.

• Enter and Verify your Password (Use both Alphabets and Numeric words to make a strong Password).

• Now a new compressed file will be generated at the same location of your original file

Now whenever somebody will try to open or extract the files in archive it will ask for the password.

Read more...

VanishCrypt – Virtual Encryption Tool by SecurityLabs

VanishCrypt – Virtual Encryption Tool by SecurityLabs

SecurityLabs Experts from India release a new Virtual Encryption Tool called “VanishCrypt“. A Freeware Utility to Secure Your Data. It creates a virtual disk that contains your secret files. Data is protected with a Encrypted Password. The files are completely inaccessible without the correct password. Stored files are encrypted with strong CryptoAPI.

Additional Features:

It have “Advanced Mode” with you can create a real virtual drive accessible in Explorer that contains your files stored in the vdisk image.

It uses Win32 API for I/O operations for a great speed improvements

Download VanishCrypt

Video Tutorial

Read more...

Comment savoir si votre pc est infecté par un virus ?

Comment savoir si votre pc est infecté par un virus ?
Avant de commencer un virus est un petit programme qui perturbe le fonctionnement de l'ordinateur ou le rend inutilisable. Certains ont des noms multiples et peuvent changer de nom à chaque transmission. Beaucoup ont plusieurs actions: ils peuvent détruire vos données personnelles, vos programmes, et le système lui même; ils se retransmettent souvent, à partir de votre ordinateur à d'autres internautes sans que vous vous en aperceviez; ils peuvent désactiver votre "pare-feu"  et même votre antivirus, ouvrir une "porte arrière" qui permettra à un pirate de venir s'emparer de votre ordinateur, Alors comment savoir si j'ai un virus? ne vous inquiétez pas je vais vous montré une astuce très simple et efficace pour savoir si votre ordinateur est infecté par des virus ou non.

L'astuce est facile, veuillez bien suivre les étapes!

1. Appuyez sur Démarrer > Exécuter + (Run)

2. Tapez "cmd" sans les guillemets et appuyez sur OK

3. Une fenêtre MS DOS va apparaitre



4. Écrire "cd c:\windows\system32" sans les guillemets puis tapez la touche Entrée



5. Écrire "Setup" sans les guillemets puis tapez la touche Entrée



6. Ensuite une fenêtre avec un message s'affiche : veuillez utiliser le panneau de configuration pour installer et configurer les composant du système.

 

Si ce message ne s'affiche pas sur votre ordinateur alors il est temps pour vous de faire un scan complet de votre antivirus et le mettre à jour.

J' espère que ce tuto vous aura plus, un merci fait toujours plaisir :D

Read more...