Professional Documents
Culture Documents
1. Download the .jar file to your computer from any mobile application site(eg-Getjar,
Mobile9 etc) .Now open it with WinRAR or any other compression client. Open the
folder "META-INF".There you will find a file MANIFEST.MF. Open the file with
notepad. It will look something like this.
Manifest-Version: 1.0
.BrowserMidlet
dition.io.Connector.file.read, javax.microedition.io.Connector.file.w
onnector.rtsp
MIDlet-Vendor: TRISTIT
MIDlet-Version: 1.2
MicroEdition-Configuration: CLDC-1.1
MicroEdition-Profile: MIDP-2.0
TOUCHSCREEN: true
NUMPAD: true
MIDlet-Touch-Support: true
SCREEN_WIDTH: 240
SCREEN_HEIGHT: 320
Manifest-Version: 1.0
.BrowserMidlet
dition.io.Connector.file.read, javax.microedition.io.Connector.file.w
onnector.rtsp
MIDlet-Vendor: TRISTIT
MIDlet-Version: 1.2
MicroEdition-Configuration: CLDC-1.1
MicroEdition-Profile: MIDP-2.0
TOUCHSCREEN: true
NUMPAD: true
MIDlet-Touch-Support: true
SCREEN_WIDTH: 240
SCREEN_HEIGHT: 320
Save the file and close it , WinRAR will now ask you whether you want to update the
archive? Click yes.
4. Now copy this modified jar file to your memory card and install it.
This tutorial works for most of the Samsung touch phones(especially S-Series).All you
need is to change the screen width & height to your phone Screen height and Width.
Since Corby's Screen width and height are 240,320 px respectively I have used 240,320.
If you do not have WinRAR open MANIFEST.MF in the same way as mentioned above
with the compression client you have. Save the file to desktop. Check the file extension
while saving. Now delete MANIFEST.MF from the archive. Drag and drop the saved file
from desktop to the archive window and update the archive.
WARNING: I highly recommend that you read this post completely since every single piece of
information is important.
I know most of you are new to the concept of keyloggers. For some of you, this might be the first
time you heard about the term “keylogger”. So to give you a clear picture and make you
understand better I would like to take up this post in the form of FAQs (Frequently Asked
Questions). Here we go…
1. What is a Keylogger?
A keylogger (also called as spy software) is a small program that monitors each and every
keystroke a user types on a specific computer’s keyboard. A keylogger program can be installed
just in a few seconds and once installed you are only a step away from getting the victim’s
password.
Once the keylogger is installed on a PC, it starts operating in the background (stealth mode) and
captures every keystroke of the victim on that PC. Let’s take up a small example: The victim
goes to http://mail.yahoo.com and types his “username” and the “password” in the respective
fields to login. The keylogger silently records these keystrokes and stores them in the logs. These
logs when opened up shows the captured “username” and “password” and will also tell you that
they were typed in the Yahoo login page. Thus the keylogger loads upon every startup, runs in
the background and captures each and every keystroke.
A keylogger can be installed just like any other program. Just follow the screen instructions and
you’re done.
Absolutely NOT! Anyone with a basic computer knowledge can install and use the keylogger. It
requires no special skills.
5. Once I install the keylogger can the victim come to know about it’s presence?
No. The victim will never come to know about the presence of the keylogger on his/her
computer. This is because, once installed the keylogger will run in total stealth mode.
Unlike other programs it will never show up in start-menu, start-up, program files, add/remove
programs and task manager. So the victim can no way identify it’s presence on his/her PC.
6. Can I be traced back if I install the keylogger on some other computer?
No, it’s almost impossible to trace back to you for installing the keylogger on other’s PC.
Today there exists hundreds of keyloggers on the market and most of them are no more than a
scam. So I tested some of the top keyloggers and conclude that the following is the best one.
>> SniperSpy
1. After you purchase Sniperspy, you’ll be able to create the installation module using easy set-
up program. You need to email this module to the remote user as an attachment.
2. When the remote user runs the module it’ll get installed silently and monitoring process will
begin. The keystrokes are captured and uploaded to the SniperSpy servers continously.
3. You can login to your Sniperspy account (you get this after purchase) to see the logs which
contains the password.
9. I don’t have physical access to the traget computer. Can I still use SniperSpy?
If you need to install to your local (current) computer instead of your remote computer, then the
process is simple. Simply navigate to the folder in which you saved your module ( Refer FAQ-
8). Double-click the module filename to execute it. Nothing will appear on the screen as the
software is installed.
11. What if the antivirus block from sending it as an email attachment?
Instead of sending the keylogger as an email attachment, it is recommended that you place the
file in .ZIP/.RAR format and upload it to www.fileden.com. After uploading, just send the direct
download link to the victim via email. Once he downloads the file from this link and run it, the
keylogger will get installed automatically.
Sniperspy is completely safe to use since all the customer databases remain confidential and
private. SniperSpy do not collect any information from your system other than the information
required for the product’s successful operation. They will not contact you in any way unless you
request assistance.
Absolutely Yes! All the e-commerce transactions for SniperSpy is handled by Plimus – they are
a trusted online retailer specializing in digitally delivered products. All your information remains
private and secure. The safety and protection of your personal information is 100% guaranteed.
So you can place your order for SniperSpy with no worries of scam!
SniperSpy is completely reliable, safe and best keylogger out there. It is really worth the price
that you pay for it. I promise that you cannot get a better keylogger than this. So what are you
waiting for? Go grab SniperSpy now!
Click Here to Download SniperSpy for Windows
Click Here to Download SniperSpy for Mac
2. Region
3. City
4. Latitude/Longitude
5. Zip Code
6. Time Zone
8. Internet Speed
9. Weather Station
You can also visually trace route any IP address back to it’s location. For this just visit
http://www.yougetsignal.com/tools/visual-tracert/ and enter the IP you want to trace in the dialog
box and hit the “Proxy Trace” button. Wait for few seconds and the visual trace route tool
displays the path Internet packets traverse to reach a specified destination
Hackers can install keylogger programs in the victim’s computer. This program can spy on what
the user types from the keyboard. If you think that you can just uninstall such programs, you are
wrong as they are completely hidden. After installation, the hacker will use a password and hot
keys to enable the keylogger. He can then use the hot keys and password to access your key
entry details.
A keylogger program is widely available on the internet.some of them are listed below
Win-Spy Monitor
Realtime Spy
SpyAgent Stealth
Spy Anywhere
For more information on keyloggers and it’s usage refer my post Hacking an email account.
Even if direct access to your computer is not possible, hackers can still install a key logger from
a remote place and access your computer using Remote Administration Tools (RATs).
Another way of getting your password is the use of fake login pages that look exactly like the
real one. So, beware of the web pages you visit. Also if you find your computer behaving oddly,
there is a chance that some spy program is running. On such occasions it is better to try and
remove the malware or reformat the entire hard disk.A detailed Email Hacking tutorial is
discussed in the post Hacking an email account.
1. Credit Card Frauds
For example, say a Nigerian fraudster tries to purchase goods online with a stolen credit card for
which the billing address is associated with New York. Most credit card merchants use Geo-
location to block orders from countries like Nigeria and other high risk countries. So in order to
bypass this restriction the credit card fraudster uses a proxy to spoof his IP address so that it
appears to have come from New York. The IP address location appears to be legitimate since it is
in the same city as the billing address. A proxy check would be needed to flag this order.
Some website services are restricted to users form only a selected list of countries. For example,
a paid survey may be restricted only to countries like United States and Canada. So a user from
say China may use a proxy so as to make his IP appear to have come from U.S. so that he can
earn from participating in the paid survey.
So in order to stop such online frauds, Proxy Detection has become a critical component. Today
most companies, credit card merchants and websites that deal with e-commerce transactions
make use of Proxy Detection Services like MaxMind and FraudLabs to detect the usage of
proxy or spoofed IP from users participating online.
Proxy Detection web services allow instant detection of anonymous IP addresses. Even though
the use of proxy address by users is not a direct indication of fraudulent behaviour, it can often
indicate the intention of the user to hide his or her real IP. In fact, some of the most used ISPs
like AOL and MSN are forms of proxies and are used by both good and bad consumers.
Proxy detection services often rely on IP addresses to determine whether or not the IP is a proxy.
Merchants can obtain the IP address of the users from the HTTP header on the order that comes
into their website. This IP address is sent to the proxy detecting service in real time to confirm
it’s authenticity.
The proxy detection services on the other hand compare this IP against a known list of flagged
IPs that belong to proxy services. If the IP is not on the list then it is authenticated and the
confirmation is sent back to the merchant. Otherwise it is reported to be a suspected proxy. These
proxy detection services work continuously to grab a list or range of IPs that are commonly used
for proxy services. With this it is possible to tell whether or not a given IP address is a proxy or
spoofed IP.
There are a few free sites that help you determine whether or not a given IP is a proxy. You can
use free services like WhatisMyIPAddress to detect proxy IPs. Just enter the suspected IP in the
field and click on “Lookup IP Address” button to check the IP address. If it is a suspected proxy
then you will see the results something as follows.
So for all those who think that they can escape by using a spoofed IP, this post is the answer. I
hope this information helps. Pass your comments.
Popularity: 5% [?]
Firewall – is a system that acts as a barrier between your computer network and the Internet. A
firewall controls the flow of information according to security policies.
Hacker – can be anyone specializing in accessing computer based systems for illegal purposes
or just for the fun of it.
IP spoofing – is an attempt to access your system by pretending like another system. This is
done by setting up a system with an IP address that you normally trust.
Sniffing – is the spying on electronic transmissions to access data. This mostly occurs in
privately owned LAN networks connected to the web.
Trojan horse – a program pretending like useful software, while its actual strategy is to access,
steal or destroy user data and access authorization. Apart from destroying information, trojans
can also create a backdoor on your system for stealing confidential information.
Virus – is a program that attaches itself to a program or file. This allows it to spread across
networks and cause damage to software and hardware. To operate, viruses require the execution
of the attached file.
Worm - A worm is almost similar to a virus, except that it doesn’t need the execution of any
executable file to get activated. It can also replicate itself as it travels across networks.
Port Scanning
Port Scanning is one of the most popular techniques used by hackers to discover services that can
be compromised.
A potential target computer runs many ‘services’ that listen at ‘well-known’ ‘ports’.
By scanning which ports are available on the victim, the hacker finds potential
vulnerabilities that can be exploited.
Scan techniques can be differentiated broadly into Vanilla, Strobe, Stealth, FTP Bounce,
Fragmented Packets, Sweep and UDP Scans.
Open scan
Half- open scan
Stealth scan
Sweeps
Misc
Proxy is a network computer that can serve as an intermediate for connection with other
computers. They are usually used for the following purposes:
Anonymizers
Anonymizers are services that help make your own web surfing anonymous.
The first anonymizer developed was Anonymizer.com, created in 1997 by Lance Cottrell.
An anonymizer removes all the identifying information from a user’s computers while
the user surfs the Internet, thereby ensuring the privacy of the user.
Popularity: 5% [?]
Spector is a spy ware and it will record everything anyone does on the internet.
Spector automatically takes hundreds of snapshots every hour, very much like a
surveillance camera. With spector, you will be able to see exactly what your surveillance
targets have been doing online and offline.
Spector works by taking a snapshot of whatever is on your computer screen and saves it
away in a hidden location on your computer’s hard drive.
eBlaster lets you know EXACTLY what your surveillance targets are doing on the
internet even if you are thousands of miles away.
eBlaster records their emails, chats, instant messages, websites visited and keystrokes
typed and then automatically sends this recorded information to your own email address.
Within seconds of them sending or receiving an email, you will receive your own copy of
that email.
eBlaster lets you know EXACTLY what your surveillance targets are doing on the
internet even if you are thousands of miles away.
eBlaster records their emails, chats, instant messages, websites visited and keystrokes
typed and then automatically sends this recorded information to your own email address.
Within seconds of them sending or receiving an email, you will receive your own copy of
that email.
The Hardware Key Logger is a tiny hardware device that can be attached in between a
keyboard and a computer.
It keeps a record of all key strokes typed on the keyboard. The recording process is
totally transparent to the end user.
Popularity: 5% [?]
It is a legitimate program that has been altered by the placement of unauthorized code
within it; this code performs functions unknown (and probably unwanted) by the user.
Any program that appears to perform a desirable and necessary function but that
(because of unauthorized code within it that is unknown to the user) performs functions
unknown (and definitely unwanted) by the user.
Working of Trojans
Attacker gets access to the trojaned system as the system goes online
By way of the access provided by the trojan attacker can stage attacks of different types.
Modes of Transmission
Attachments
Physical Access
Browser And E-mail Software Bugs
NetBIOS (File Sharing)
Fake Programs
Un-trusted Sites And Freeware Software
Backdoor Countermeasures
Most commercial ant-virus products can automatically scan and detect backdoor
programs before they can cause damage (Eg. before accessing a floppy, running exe or
downloading mail)
An inexpensive tool called Cleaner (http://www.moosoft.com/cleanet.html) can identify
and eradicate 1000 types of backdoor programs and trojans.
Educate your users not to install applications downloaded from the internet and e-mail
attachments.
Popularity: 4% [?]
Its Real,On February 6th, 2000, Yahoo portal was shut down for 3 hours. Then retailer Buy.com
Inc. (BUYX) was hit the next day, hours after going public. By that evening, eBay (EBAY),
Amazon.com (AMZN), and CNN (TWX) had gone dark. And in the morning, the mayhem
continued with online broker E*Trade (EGRP) and others having traffic to their sites virtually
choked off.
There are several general categories of DoS attacks.Popularly, the attacks are divided into three
classes:
bandwidth attacks,
protocol attacks, and
logic attacks
Popularity: 5% [?]
Windows IP Utilities
Submitted by Srikanth on Friday, 15 August 200813 Comments
The following are the IP utilities available in Windows that help in finding out the information
about IP Hosts and domains. These are the basic IP Hacking Commands that everyone must
know!
Please note that the the term Host used in this article can also be assumed as a Website for
simple understanding purpose.
1. PING
PING is a simple application (command) used to determine whether a host is online and
available. PING command sends one or more ICMP Echo messages to a specified host
requesting a reply. The receiver (Target Host) responds to this ICMP Echo message and returns
it back to the sender. This confirms that the Host is online and available. Otherwise the host is
said to be unavailable.
Syntax:
C:\>ping gohacking.com
2. TELNET
Telnet command is used to connect to a desired host on a specified port number. For example
Syntax:
C:\>telnet yahoo.com 25
C:\>telnet yahoo.com
NOTE: The default port number is 23. When the port number is not specified the default number
is assumed.
3. NSLOOKUP
Many times we think about finding out the IP address of a given site. Say for example
google.com, yahoo.com, microsoft.com etc. But how to do this? For this there are some websites
that can be used to find out the IP address of a given site. But in Windows we have an inbuilt
tool to do this job for us. It is nslookup. Yes this tool can be used for resolving a given domain
name into it’s IP address (determine the IP of a given site name). Not only this it can also be
used for reverse IP lookup. That is if the IP address is given it determines the corresponding
domain name for that IP address.
Syntax:
C:\>nslookup google.com
4. NETSTAT
The netstat command can be used to display the current TCP/IP network connections. For
example the following netstat command displays all connections and their corresponding
listening port numbers.
Eg: C:\>netstat -a
This command can be used to determine the IP address/Host names of all the applications
connected to your computer. If a hacker is connected to your system even the hacker’s IP is
displayed. So the netstat command can be used to get an idea of all the active connections to a
given system.
Popularity: 6% [?]
What is Phishing ?
Recent phishing attempts have targeted the customers of banks and online payment services.
Social networking sites such as Orkut are also a target of phishing.
Spoofed/Fraudulent e-mails are the most widely used tools to carry out the phishing attack. In
most cases we get a fake e-mail that appears to have come from a Trusted Website . Here the
hacker may request us to verify username & password by replaying to a given email address.
1. Link Manipulation
Most methods of phishing use some form of technical deception designed to make a link in an
email appear to belong to some trusted organization or spoofed organization. Misspelled URLs
or the use of subdomains are common tricks used by phishers, such as this example URL
www.micosoft.com
www.mircosoft.com
www.verify-microsoft.com
instead of www.microsoft.com
2. Filter Evasion
Phishers have used images instead of text to make it harder for anti-phishing filters to detect text
commonly used in phishing emails. This is the reason Gmail or Yahoo will disable the images by
default for incoming mails.
As scam artists become more sophisticated, so do their phishing e-mail messages and pop-up
windows. They often include official-looking logos from real organizations and other identifying
information taken directly from legitimate Web sites. Here is an example of how the phishing
scam email looks like
Example of a phishing e-mail message, including a deceptive URL address linking to a scam
Web site.
To make these phishing e-mail messages look even more legitimate, the scam artists may place a
link in them that appears to go to the legitimate Web site (1), but it actually takes you to a
phishing site (2) or possibly a pop-up window that looks exactly like the official site.
These copycat sites are also called “spoofed” Web sites. Once you’re at one of these spoofed
sites, you may send personal information to the hackers.
Here are a few phrases to look for if you think an e-mail message is a phishing scam.
Legitimate sites will never ask you to send passwords, login names, Social Security numbers, or
any other personal information through e-mail.
“If you don’t respond within 48 hours, your account will be closed.”
These messages convey a sense of urgency so that you’ll respond immediately without thinking.
“Dear Valued Customer.”
Phishing e-mail messages are usually sent out in bulk andoften do not contain your first or last
name.
HTML-formatted messages can contain links or forms that you can fill out just as you’d fill out a
form on a Web site. The links that you are urged to click may contain all or part of a real
company’s name and are usually “masked,” meaning that the link you see does not take you to
that address but somewhere different, usually a scam Web site.
Notice in the following example that resting the mouse pointer on the link reveals the real Web
address, as shown in the box with the yellow background. The string of cryptic numbers looks
nothing like the company’s Web address, which is a suspicious sign.
1. Never assume that an email is valid based on the sender’s email address.
2. A trusted bank/organization such as paypal will never ask you for your full name and
password in a PayPal email.
4. Clicking on a link in an email is the most insecure way to get to your account.
Popularity: 8% [?]
Once you have installed the QK SMTP server on your comp you must perform the following
configuration.
C:\>telnet 127.0.0.1 25
Here 127.0.0.1 is the default IP of every computer.25 is the port number. SO you are connecting
to the SMTP server running on your own computer. This step is very importand to send fake
email.
Heres the snapshot of what you see after step 3. Click on it to enlarge
4. After typing the telnet command in the command prompt you get entry to the server which
displays the following message. The response of a OK SMTP server is given below. Message
within Green color is only explanation.
<HERE IS YOUR DATA>End the body of email by pressing [ENTER] .(dot) [ENTER]
250 Mail queued for delivery (Sever indicates that the email is ready for sending)
quit (Type this command to quit from server)
221 Closing connection. Good bye.
Connection to host lost
(You will get the above 2 lines of message after typing “quit” command)
(Your fake email is sent to the recipient)
NOTE: THE ABOVE METHOD HAS A VERY LOW SUCCESS RATE. FOR A
COMPLETELY WORKING METHOD PLEASE REFER MY NEW POST - How to Send
Anonymous Emails – A New Working Way
Popularity: 8% [?]
Netbios Hacking
Submitted by Srikanth on Friday, 14 December 200763 Comments
THIS NETBIOS HACKING GUIDE WILL TELL YOU ABOUT HACKING REMOTE
COMPUTER AND GAINING ACCESS TO IT’S HARD-DISK OR PRINTER. NETBIOS
HACK IS THE EASIEST WAY TO BREAK INTO A REMOTE COMPUTER.
The above is an example for operation using command prompt. “net view” is one of the
netbios command to view the shared resources of the remote computer. Here
“219.64.55.112″ is an IP address of remote computer that is to be hacked through Netbios.
You have to substitute a vlaid IP address in it’s place. If succeeded a list of HARD-DISK
DRIVES & PRINTERS are shown. If not an error message is displayed. So repeat the procedure
2 with a different IP address.
3. After succeeding, use the “net use” command in the command prompt. The “net use” is
another netbios command which makes it possible to hack remote drives or printers.
Example-1:
C:\>net use D: \\219.64.55.112\F
Example-2:
C:\>net use G: \\219.64.55.112\SharedDocs
Example-3:
C:\>net use I: \\219.64.55.112\Myprint
NOTE: In Examples 1,2 & 3, D:,G: & I: are the Network Drive Names that are to be created on
your computer to access remote computer’s hard-disk.
NOTE: GIVE DRIVE NAMES THAT ARE NOT USED BY ANY OTHER DRIVES
INCLUDING HARD-DISK DRIVES, FLOPPY DRIVES AND ROM-DRIVES ON YOUR
COMPUTER. THAT IS, IF YOU HAVE C: & D: AS HARD DIRVES, A: AS FLOPPY
DIVE AND E: AS CD-DRIVE, GIVE F: AS YOUR SHARED DRIVE IN THE
COMMAND PROMPT
F:,”SharedDocs” are the names of remote computer’s hard-disk’s drives that you want to hack.
“Myprint” is the name of remote computer’s printer. These are displayed after giving “net use”
command. “219.64.55.112″ is the IP address of remote computer that you want to hack.
4. After succeeding your computer will give a message that “The command completed
successfully“. Once you get the above message you are only one step away from hacking the
computer.
Now open “My Computer” you will see a new “Hard-Disk drive”(Shared) with the specified
name. You can open it and access remote computer’s Hard-Drive. You can copy files, music,
folders etc. from victim’s hard-drive. You can delete/modify data on victim’s hard-drive only if
WRITE-ACCESS is enabled on victim’s system. You can access files/folders quickly through
“Command Prompt”.
NOTE: If Remote Computer’s Firewall Is Enabled Your Computer Will Not Succeed In
Gaining Access To Remote Computer Through Netbios. That is Netbios Hacking Is Not
Possible In This Situation.(An Error Message Is Displayed). So Repeat The Procedure 2,3
With Different IP Address.
Web Proxies
In computer networks, a proxy server is a server (a computer system or an application program)
which services the requests of its clients by forwarding requests to other servers. A client
connects to the proxy server, requesting some service, such as a file, connection, web page, or
other resource, available from a different server. The proxy server provides the resource by
connecting to the specified server and requesting the service on behalf of the client.
A proxy server may optionally alter the client’s request or the server’s response, and sometimes
it may serve the request without contacting the specified server. In this case, it would ‘cache’ the
first request to the remote server, so it could save the information for later, and make everything
as fast as possible.
A proxy server that passes all requests and replies unmodified is usually called a gateway or
sometimes tunneling proxy.
A proxy server can be placed in the user’s local computer or at specific key points between the
user and the destination servers or the Internet.
A proxy server can service requests without contacting the specified server, by retrieving content
saved from a previous request, made by the same client or even other clients. This is called
caching. Caching proxies keep local copies of frequently requested resources, allowing large
organizations and Internet Service Providers to significantly reduce their upstream bandwidth
usage and cost, while significantly increasing performance. There are well-defined rules for
caching. Some poorly-implemented caching proxies have had downsides (e.g., an inability to use
user authentication). Some problems are described in RFC 3143 (Known HTTP Proxy/Caching
Problems).
Web proxy
Proxies that focus on WWW traffic are called web proxies. Many web proxies attempt to block
offensive web content. Other web proxies reformat web pages for a specific purpose or audience
(e.g., cell phones and PDAs)
Access control: Some proxy servers implement a logon requirement. In large organizations,
authorized users must log on to gain access to the ‘WWW.’ . The organization can thereby track
usage to individuals.
A proxy server that removes identifying information from the client’s requests for the purpose of
anonymity is called an anonymizing proxy server or anonymizer.
The term “transparent proxy” is most often used incorrectly to mean “intercepting proxy”
(because the client does not need to configure a proxy and cannot directly detect that its requests
are being proxied).
However, RFC 2616 (Hypertext Transfer Protocol — HTTP/1.1) offers different definitions:
“A ‘transparent proxy’ is a proxy that does not modify the request or response beyond what is
required for proxy authentication and identification.”
“A ‘non-transparent proxy’ is a proxy that modifies the request or response in order to provide
some added service to the user agent, such as group annotation services, media type
transformation, protocol reduction, or anonymity filtering.”
Popularity: 2% [?]
What are IP Addresses
An IP address (Internet Protocol address) is a unique address that certain electronic devices
currently use in order to identify and communicate with each other on a computer network
utilizing the Internet Protocol standard (IP)—in simpler terms, a computer address.
The IP address acts as a locator for one IP device to find another and interact with it. It is not
intended, however, to act as an identifier that always uniquely identifies a particular device. In
current practice, an IP address is less likely to be an identifier, due to technologies such as
Dynamic assignment and Network address translation.
Popularity: 2% [?]
Every router comes with a username and password using which it is possible to gain access to
the router settings and configure the device. The vulnerability actually lies in the Default
username and password that comes with the factory settings. Usually the routers come
preconfigured from the Internet Service provider and hence the users do not bother to change the
password later. This makes it possible for the attackers to gain unauthorized access and modify
the router settings using a common set of default usernames and passwords. Here is how you can
do it.
Before you proceed, you need the following tool in the process
Angry IP Scanner
Step-1: Go to www.whatismyipaddress.com. Once the page is loaded you will find your IP
address. Note it down.
Step-2: Open Angry IP Scanner, here you will see an option called IP Range: where you need to
enter the range of IP address to scan for.
Suppose your IP is 117.192.195.101, you can set the range something as 117.192.194.0 to
117.192.200.255 so that there exists atleast 200-300 IP addresses in the range.
Step-3: Go to Tools->Preferences and select the Ports tab. Under Port selection enter 80 (we
need to scan for port 80). Now switch to the Display tab, select the option “Hosts with open
ports only” and click on OK.
I have used Angry IP Scanner v3.0 beta-4. If you are using a different version, you need to Go to Options
instead of Tools
Step-4: Now click on Start. After a few minutes, the IP scanner will show a list of IPs with Port
80 open as shown in the below image.
Step-5: Now copy any of the IP from the list, paste it in your browser’s address bar and hit enter.
A window will popup asking for username and password. Since most users do not change the
passwords, it should most likely work with the default username and password. For most routers
the default username-password pair will be admin-admin or admin-password.
Just enter the username-password as specified above and hit enter. If you are lucky you should
gain access to the router settings page where you can modify any of the router settings. The
settings page can vary from router to router. A sample router settings page is shown below.
If you do not succeed to gain access, select another IP from the list and repeat the step-5. Atleast
1 out of 5 IPs will have a default password and hence you will surely be able to gain access.
What can an Attacker do by Gaining Access to the Router Settings?
By gaining access to the router settings, it is possible for an attacker to modify any of the router
settings which results in the malfunction of the router. As a result the target user’s computer will
be disconnected from the Internet. In the worst case the attacker can copy the ISP login details
from the router to steal the Internet connection or play any kind of prank with the router settings.
So the victim has to reconfigure the router in order to bring it back to action.
The Verdict:
If you are using an ADSL router to connect to the Internet, it is highly recommended that you
immediately change your password to prevent any such attacks in the future. Who knows, you
may be the next victim of such an attack.
Since the configuration varies from router to router, you need to contact your ISP for details on
how to change the password for your model.
Warning!
All the information provided in this post are for educational purposes only. Please do not use this
information for illegal purposes.
Popularity: 5% [?]
Just try the following steps and you’ll get a call to your cell phone from your own number.
+41445804650
2. Wait for a few seconds and you’ll get a call to your cell phone from your own number
3. Receive the call. You’ll hear a lady voice asking for a PIN number. Just enter some rubbish
number.
4. She say’s- Your PIN cannot be processed and the call disconnects..
ANOTHER TRICK
Instead of giving a missed call, just continue calling. The call will not be received and will get
disconnected just after a while. But now do you know what happen’s?
+501
Just try and pass your comments. Tell me whether the second trick worked or not!!
Nokia is one of the largest selling phones across the globe. Most of us own a Nokia phone but
are unaware of it’s originality. Are you keen to know whether your Nokia mobile phone is
original or not? Then you are in the right place and this information is specially meant for you.
Your phones IMEI (International Mobile Equipment Identity) number confirms your phone’s
originality.
Press the following on your mobile *#06# to see your Phone’s IMEI number(serial
number).
IF the Seventh & Eighth digits of your cell phone are 08 or 80 this means your cell phone was
manufactured in Germany which is fair quality
IF the Seventh & Eighth digits of your cell phone are 01 or 10 this means your cell phone was
manufactured in Finland which is very Good
IF the Seventh & Eighth digits of your cell phone are 00 this means your cell phone was
manufactured in original factory which is the best Mobile Quality
IF the Seventh & Eighth digits of your cell phone are 13 this means your cell phone was
assembled in Azerbaijan which is very Bad quality and also dangerous for your health.
Popularity: 6% [?]
Have you ever wondered how to perform Caller ID spoofing? Read on to know more
information on Caller ID spoofing and find out how it is performed.
Unlike what most people think, an incoming call may not be from the number that is displayed
on the Caller ID display unit. Because of the high trust that the people have in the Caller ID
system, it is possible for the caller to easily fool them and make them believe that the number
displayed on the Caller ID display is real. This is all possible through Caller ID spoofing.
You can easily spoof any Caller ID using services like SpoofCard. In order to use the spoofcard
service, you need to pay in advance and obtain a PIN (Personal Identification Number) which
grants access to make a call using the Caller ID spoofing service. Once you have purchased the
service, you will be given access to login to your SpoofCard account. To begin with, you need to
call the number given by SpoofCard and enter the PIN. Now you will be given access to enter
the number you wish to call and the number you wish to appear as the Caller ID. Once you select
the options and initiate the calling process, the call is bridged and the person on the other end
receives your call. The receiver would normally assume that the call was coming from a different
phone number ie: the spoofed number chosen by you - thus tricking the receiver into thinking
that the call was coming from a different individual or organization than the caller’s. In this way
it is just a cakewalk to spoof Caller ID and trick the receiver on the other end. Thus you
neither need to be a computer expert nor have any technical knowledge to perform Caller ID
spoofing. For more information on SpoofCard service visit the following link.
SpoofCard
Caller ID spoofing is done through various methods and using different technologies. The most
commonly used technologies to spoof Caller ID is VOIP (Voice Over IP) and PRI (Primary Rate
Interface) lines.
Today most VOIP systems provide an option for it’s users to enter whatever number they want in
the calling party field and this number is sent out when they make a call. Hence it is easily
possible for any user to spoof Caller ID provided they have a VOIP system and know how to
properly configure it to spoof the Caller ID. However sites like SpoofCard provide an easy and
cheap spoofing services for those who aren’t using VOIP systems that they can configure
themselves.
Caller ID spoofing is possible and being performed right from the days Called ID system was
introduced. However most people are unaware of the fact that it is possible to spoof Caller
ID and make any number to be displayed on the receiver’s end. In the past, Caller ID spoofing
service was mostly used by telemarketers, collection agencies, law-enforcement officials, and
private investigators but today it is available to any Internet user who wish to perform Caller ID
spoofing.
Popularity: 6% [?]