Hack facebook by phishing mehod.

Step 1)
First you must sign for a free webhosting service like www.byethost.com or www.t35.com  or www.000webhost.com  And register your subdomain.
after signing you will have a subdomain like www.yourname.byethost.com

Step 2)
Now login to your account go to "control panel" then in site management option go to "online file manager" and open the folder "htdocs".

Step 3)
Now Click Here to DOWNLOAD THIS FILE to your computer add extract the file. Inside the folder you will find three files index.php and hello.php and login_again.htm.

Step 4)
Now replace the index.php file in the "htdocs" of the "online file manager" with the file index.php of the phisher folder in your computer and also upload hello.php and login_again.htm files in "htdocs" thats it! you are done.

Step 5)
Now your homepage www.yourname.byethost.com has become a phisher. open it, you will see that your page www.yourname.byethost.com has become the login page of the site you want to hack.now all you have to do is send this link to the person whose account you want to hack.when he tries to login through it you will receive a file password.html in your "htdocs" folder of your phpnet.us account which contains the username and password of your victim.

Step 6)
Go to http://www.yourname.byethost.com/lol.htm for see the stored passwords !

Personal Note:- The attacker must have a very good convincing power to hack the facebook password with this method. Please try this method carefully as now it is widel

How to hack wpa/wpa2 wifi?

How to hack wpa/wpa2 wifi?
Step 1: Setting up your network device on your laptop

To capture network traffic without being associated with an access point, we need to set the wireless network card in monitor mode.
To do that, type:
Command # iwconfig (to find all wireless network interfaces and their status).

Command # airmon-ng start wlan0 (to set in monitor mode, you may have to substitute wlan0 for your own interface name)

Step 2 : Reconnaissance

This step assumes you've already set your wireless network interface in monitor mode. It can be checked by executing the iwconfig command. Next step is finding available wireless networks, and choosing your target:

Command # airodump-ng mon0 (Monitors all channels, listing available access points and associated clients within range.

Step 3 : Capturing Packets

To capture data into a file, we use the airodump-ng tool again, with some additional switches to target a specific AP and channel. Assuming our wireless card is mon0, and we want to capture packets on channel 1 into a text file called data:

Command # airodump-ng -c 1 bssid AP_MAC -w data mon0

Step 4 : De-Authentication Technique

To successfully crack a WPA-PSK network, you first need a capture file containing handshake data. You may also try to deauthenticate an associated client to speed up this process of capturing a handshake, using:

Command # aireplay-ng --deauth 3 -a MAC_AP -c MAC_Client mon0 (where MAC_AP is the MAC address of the access point, MAC_Client is the MAC address of an associated client.

So, now we have successfully acquired a WPA Handshake.


Step 5 : Cracking WPA/WAP2

Once you have captured a four-way handshake, you also need a large/relevant dictinary file (commonly known as wordlists) with common pass phrases.

Command # aircrack-ng -w wordlist ‘capture_file’.cap (where wordlist is your dictionary file, and capture_file is a .cap file with a valid WPA handshake)

Cracking WPA-PSK and WPA2-PSK only needs (a handshake). After that, an offline dictionary attack on that handshake takes much longer, and will only succeed with weak pass phrases and good dictionary files.

Cracking WPA/WPA2 usually takes many hours, testing tens of millions of possible keys for the chance to stumble on a combination of common numerals or dictionary words. Still, a Weak/short/common/human-readable pass phrase can be broken within a few minutes using an offline dictionary attack.

Download duc set uup for free.

 no-ip duc set-up




Download

what is RAT?

what is RAT?
computers they have been installed on. The applications are often used by hackers as the payload of a Trojan horse, giving the user access to the victim’s machine without their knowledge or consent.

History

Back Orifice

The RAT program “Back Orifice” was created by the hacker group Cult of the Dead Cow (CDC) and allows users to control Internet-connected machines running Microsoft Windows from a remote location. The application name was intended to be a parody of Microsoft BackOffice server products. The tool was released by the CDC on August 1st, 1998, at the DEF CON hacker convention in Las Vegas, Nevada. According to the group, the program was created to illustrate the lack of security in Microsoft’s Windows 98 operating system. Back Orifice was often delivered to machines as a Trojan horse program, a type of malware unintentionally installed by users. On July 10th, 1999, an updated version of the tool named “Back Orifice 2000” (BO2k) was released by the CDC at DEF CON 7. The new version had several additional features, including a plugin architecture and the ability to be installed on several different versions of Windows.

what is SQL injection?

 SQL Injection defination=====================================================
SQL Injection is one of the many web attack mechanisms used by hackers to steal data from organizations. It is perhaps one of the most common application layer attack techniques used today. It is the type of attack that takes advantage of improper coding of your web applications that allows hacker to inject SQL commands into say a login form to allow them to gain access to the data held within your database.
In essence, SQL Injection arises because the fields available for user input allow SQL statements to pass through and query the database directly.
SQL Injection: An In-depth Explanation
Web applications allow legitimate website visitors to submit and retrieve data to/from a database over the Internet using their preferred web browser. Databases are central to modern websites – they store data needed for websites to deliver specific content to visitors and render information to customers, suppliers, employees and a host of stakeholders. User credentials, financial and payment information, company statistics may all be resident within a database and accessed by legitimate users through off-the-shelf and custom web applications. Web applications and databases allow you to regularly run your business.
SQL Injection is the hacking technique which attempts to pass SQL commands (statements) through a web application for execution by the backend database. If not sanitized properly, web applications may result in SQL Injection attacks that allow hackers to view information from the database and/or even wipe it out.
Such features as login pages, support and product request forms, feedback forms, search pages, shopping carts and the general delivery of dynamic content, shape modern websites and provide businesses with the means necessary to communicate with prospects and customers. These website features are all examples of web applications which may be either purchased off-the-shelf or developed as bespoke programs.
These website features are all susceptible to SQL Injection attacks which arise because the fields available for user input allow SQL statements to pass through and query the database directly.
SQL Injection: A Simple Example
Take a simple login page where a legitimate user would enter his username and password combination to enter a secure area to view his personal details or upload his comments in a forum.
When the legitimate user submits his details, an SQL query is generated from these details and submitted to the database for verification. If valid, the user is allowed access. In other words, the web application that controls the login page will communicate with the database through a series of planned commands so as to verify the username and password combination. On verification, the legitimate user is granted appropriate access.
Through SQL Injection, the hacker may input specifically crafted SQL commands with the intent of bypassing the login form barrier and seeing what lies behind it. This is only possible if the inputs are not properly sanitised (i.e., made invulnerable) and sent directly with the SQL query to the database. SQL Injection vulnerabilities provide the means for a hacker to communicate directly to the database.
The technologies vulnerable to this attack are dynamic script languages including ASP, ASP.NET, PHP, JSP, and CGI. All an attacker needs to perform an SQL Injection hacking attack is a web browser, knowledge of SQL queries and creative guess work to important table and field names. The sheer simplicity of SQL Injection has fuelled its popularity.

How to use havij ?

Tutorial=how to use havij?
Now Let's start

Open havij and copy and paste infected link as shown in figure


Click here to view the original image of 1600x900px.


Now click in the "Analyze"



Then It shows some messages there....Be alert on it and be show patience for sometime to find it's vulernable and type of injection and if db server is mysql and it will find database name.Then after get it's database is name like xxxx_xxxx



Then Move to another operation to find tables by clicking "tables" as figure shown.Now click "Get tables" Then wait some time if needed



After founded the tables ,you can see there will be "users" Put mark on it and click in the " get columns " tab as shown in figure



In that Just put mark username and password and click "Get data"


Click here to view the original image of 817x772px.


Bingo Got now id and pass that may be admin...
The pass will get as md5 you can crack it also using this tool as shown in figure...



Have Fun With Admin Password!!!!!!!!!!!

---

What is havij ?

What is havij ?

Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page.

It can take advantage of a vulnerable web application. By using this software user can perform back-end database fingerprint, retrieve DBMS users and password hashes, dump tables and columns, fetching data from the database, running SQL statements and even accessing the underlying file system and executing commands on the operating system.

The power of Havij that makes it different from similar tools is its injection methods. The success rate is more than 95% at injecting vulnerable targets using Havij.

The user friendly GUI (Graphical User Interface) of Havij and automated settings and detections makes it easy to use for everyone even amateur users.

DOWNLOAD HAVIJ FOR FREE

Download

Types of hacker?

                               Types of  hacker

         Hackers are three types:-

 

1.    White hat hacker

2.    Gray hat hacker 

3.    Black hat hacker

White Hat and Grey Hat Hacker & What is the Real Difference? 

What is worse, the public is not able to understand terms like grey hat, white hat, Linux OS, or cracker.
However, the truth is that the subculture of the hacker world is more complex than we think. Especially if we consider that, these are very intelligent people.

So, what is ethical hacking white hat and how does it differentiate from grey hackers? The only way to find out is to submerge ourselves in the world of hackers and understand, at least, the most basic concepts. 
  

What Is A White Hat Hacker?
 

A hacker can be a wiz kid who spends too much time with computers and suddenly finds himself submerged in the world of  cyber-security or criminal conspirators. On the other hand, he can be a master criminal who wants to obtain huge amounts of money for him, or even worse, dominate the world.

In the movie Matrix, the concept of hackers changed a bit. Although the agents of the Matrix considered them terrorists, the truth is that they were rebels fighting for the liberty of humanity. Things do not need to reach that extreme, though. We are not at war with intelligent ma chines so that kind of scenario is a bit dramatic.

Therefore, a hacker is an individual who is capable of modifying computer hardware, or software. They made their appearance before the advent of computers, when determined individuals were fascinated with the possibility of modifying machines. For example, entering a determine code in a telephone in order to make free international calls.
 

 When computers appeared, this people found a new realm where they could exploit their skills. Now they were not limited to the constraints of the physical world, instead, they could travel through the virtual world of computers. Before the internet, they used Bulletin Board Systems (BBS) to communicate and exchange information. However, the real explosion occurred when the Internet appeared.

Today, anyone can become a hacker. Within that denomination, there are three types of hackers. The first one is the black hacker, also known as a cracker, someone who uses his computer knowledge in criminal activities in order to obtain personal benefits. A typical example is a person who exploits the weaknesses of the systems of a financial institution for making some money.

On the other side is the white hat hacker. Although white hat hacking can be considered similar to a black hacker, there is an important difference. A white hacker does it with no criminal intention in mind. Companies around the world, who want to test their systems, contract white hackers. They will test how secure are their systems, and point any faults that they may found. If you want to become a hacker with a white hat, Linux, a PC and an internet connection is all you need.

---

Grey Hat Hackers
A grey hat hacker is someone who is in between these two concepts. He may use his skills for legal or illegal acts, but not for personal gains. Grey hackers use their skills in
order to prove themselves that they can accomplish a determined feat, but never do it in order to make money out of it. The moment they cross that boundary, they become black hackers.

For example, they may hack the computer network of a public agency, let us say, NOAA. That is a federal crime.

If the authorities capture them, they will feel the long arm of justice. However, if they only get inside, and post, let us say, their handle, and get out without causing any kind of damage, then they can be considered grey hackers.

If you want to know more about hackers, then you can attend one of their annual conventions. Every year, hackers from all over the US, and from different parts of the world, reunite and meet at DEF CON. These conventions are much concurred. In the last one, 6,600 people attended it.

Every year, DEF CON is celebrated at Las Vegas, Nevada. However, hackers are not the only ones who go to this event. There are also computer journalists, computer security professionals, lawyers, and employees of the federal government. The event is composed by tracks of different kind, all of them related, in some way, to the world of hackers (computer security, worms, viruses, new technologies, coding, etc). Besides the tracks, there are contests that involve hacking computers, l ock picking and even robot related events. Ethical hacking, white hat hacking or whatever names you wish to use, at the end, it has a purpose: to protect the systems of organizations, public or private, around the world. After all, hackers can now be located anywhere, and they can be counted by the millions. Soon, concepts like white hat, linux operating system or grey hat will become common knowledge. A real proof of how much has our society been influenced by technology.

---

Black Hat Hackers

Black hat hackers have become the iconic image of all hackers around the world. For the majority of computer users, the word hacker has become a synonym for social misfits and criminals.
Of course, that is an injustice created by our own interpretation of the mass media, so it is important for us to learn what a hacker is and what a black hacker (or cracker) does. So, let's learn about black hat techniques and how they make our lives a little more difficult.
Black hat is used to describe a hacker (or, if you prefer, cracker) who breaks into a computer system or network with malicious intent. Unlike a white hat hacker, the black hat hacker takes advantage of the break-in, perhaps destroying files or stealing data for some future purpose. The black hat hacker may also make the exploit known to other hackers and/or the public without notifying the victim. This gives others the opportunity to exploit the vulnerability before the organization is able to secure it.
 

What Is Black Hat Hacking?
 

A black hat hacker, also known as a cracker or a dark side hacker (this last definition is a direct reference to the Star Wars movies and the dark side of the force), is someone who uses his skills with a criminal intent. Some examples are: cracking bank accounts in order to make transfernces to their own accounts, stealing information to be sold in the black market, or attacking the computer network of an organization for money.

Some famous cases of black hat hacking include Kevin Mitnick, who used his black hat hackers skills to enter the computers of organizations such as Nokia, Fujitsu, Motorola and Sun Microsystems (it must be mentioned that he is now a white hat hacker); Kevin Poulsen, who took control of all the phone lines in Los Angeles in order to win a radio contest (the prize was a Porsche 944 S2); and Vladimir Levin, which is the handle of the mastermind behind the stealing of $10'000,000 to Citigrou. 

              

what is hacking?

What is hacking?

Hacking is the practice of modifying the features of a system, in order to accomplish a goal outside of the creator's original purpose. The person who is consistently engaging in hacking activities, and has accepted hacking as a lifestyle and philosophy of their choice, is called a hacker.

Computer hacking is the most popular form of hacking nowadays, especially in the field of computer security, but hacking exists in many other forms, such as phone hacking, brain hacking, etc. and it's not limited to either of them.

Due to the mass attention given to blackhat hackers from the media, the whole hacking term is often mistaken for any security related cyber crime. This damages the reputation of all hackers, and is very cruel and unfair to the law abiding ones of them, from who the term itself originated. The goal of this website is to introduce people the true philosophy and ethics of hackers, hopefully clearing their name and giving them the social status they deserve.