Android custom roms basics

hey guys wassup whoa such a long time sorry i couldn't post anything awesome as i was busy with my life and some major up downs. ok so now i got a galaxy Y for testing purposes and i was just messing with the phone and the best way of messing is installing different roms and etc. So i start with the basics, the kernel is the basic part of every working computer or handheld device on earth. It is the bridge between hardware and software and its installed on rom that can be changed or erased but with some proper procedure. Android truely shares the same kernel as of what we have in linux for desktop but with some modifications So if you see this diagram you will know how critical a kernel is.... Ok how does...

Read more »

Difference between integer based and string based SQL injection

Hi friends  this one i had posted a question on hackforums about difference between string based and integer based SQL injection it can be explained as follows integer SELECT * FROM pages WHERE page_id=10 [inject] order by title limit 1,1  so the injection would be ?id=10 union select 1,2,3-- finallly you get SELECT * FROM pages WHERE page_id=10 union select 1,2,3-- order by title limit 1,1 string SELECT * FROM pages WHERE page_id="10" [inject] order by title limit 1,1  so the injection would be ?id=10' union select 1,2,3--+ final: select * from pages where page_id="10"' union select 1,2,3--+ order by title limit 1,1 so in integer based SQL injection you...

Read more »

Will ultrabooks eliminate DVDs and Blue ray dics

Hi guys wassup how are you doing? yesterday my brother bought a lenovo ultrabook it was almost copy of a macbook with the hardware but the its slim, keyboard is easy to type and fast. but the fact that it had SSD and no DVD drive only some USB ports, HDMI ports and ethernet port etc and some touch pad changes. so the question is due to new emerging race of ultrabooks will CDs and DVDs will become outdated. maybe not coz still most of the games, blue-ray movies,etc come in DVDs. they are cheap but still they can't just get outdated and what i expect to be that new ultrabooks will have a dvd drive or they wont get apropriate market in india. i am still happy with my old laptop. and i am going to college this month for studies of computer engineering the thing i had loved to do the mo...

Read more »

Call For Papers for the first edition of Hzine(Hacking Magazine)

Hcon has decided to release hacking magazine for you guys. it will be an online magazine free for all but for now it needs contributions. Contributions in the sense, Articles. For releasing anything you need good fleshy information which is not possible for one man. So here by i ask you all to contribute to this great effort made by Ashish Mistry and also if you cannot for any reasons atleast share it on your blog like me or on your facebook homepage. Hcon, Information security Training and Tools provider, launched their own PenTesting Magazine ‘Hzine’. We are inviting unique and interesting articles for our First Edition of Hzine. Theme for the articles : Operating Systems (OS) Articles can be on Topics : 1. Penetration testing...

Read more »

computer knowledge megacollection

hi guys i have got an awesome collection of computer books on internet its like 19 GB of books of all types have a look here   have fun dont forget to add trackers  udp://tracker.publicbt.com:80/announce udp://tracker.openbittorrent.com:80/announce http://fr33dom.h33t.com:3310/announce http://cpleft.com:2710/announce http://tracker.ex.ua/announce http://exodus.desync.com:6969/announce http://tracker.torrentbay.to:6969/announce udp://tracker.1337x.org:80/announce udp://fr33domtracker.h33t.com:3310/announce udp://tracker.ccc.de:80 udp://11.rarbg.com/announce udp://9.rarbg.com:2710/announce udp://10.rarbg.com/announce ...

Read more »

python based Shell analyser

hi guys wassup how you doing? this time i have got an awesome idea and i have started working on it. we already have a python based script called neopi.py to scan and analyse encoded and obfuscated. i am writing my own php and python code in such a way that when a file is uploaded it is checked for both unencoded signatures and encoded things. the first thing i have to find is a common signature for all shells and then combine code of mine and neopi and a php upload page that will initialize a scan after files uploaded and  change its perms to obviously to not let execute. and i think the php one is the most hard part for me as i am totally not familiar with php but i have some good friends to help me out, and guess what last month this blog has completed its 2 years thanks for all yours...

Read more »

Update your facebook status via your own name

hi guys wassup sorry for not bringing any post So you might have seen that there are many apps that post on your wall and it has a small link at the bottom right corner telling VIA (app name). so how did they do that its very easy you need API(application programming interface) key of any app to do that. we will make a app of our name so that we can use our apps` api and update facebook status via it STEPS goto facebook developers then create an app by selecting app tab on the upper side then there will be a small box asking for app names in app display name you can fill out any name which is 3 words long and then click i agree facebook platform policies (even if you dont lol ) then fill the security check(captcha) and then you will be taken to app settings then save changes...

Read more »

Cracked first app

hello guys wassup ?? sorry i could not post anything from many days but still people visit my blog and share it thanks to you all guys. and my e-book has been downloaded 150 times thanks for all people's support. So my life is having many ups and downs right now. today i tried to crack an app called rontgen it is used in making patient reports it is made in visual foxpro its was pretty EASY to crack it, then i made a simple installer to install it and boom it works awesome. now i will post more on SCADA and ASM software crack...

Read more »

Censorship in India, beginning of sunset of internet .... or a political game?

Before some months Govt. of india passed rules to censor websites like pastebin, thepiratebay, vimeo etc first of all reliance started blocking websites and some were even not told by govt to block. then Anonymous india hacked gateway of reliance and we all are aware of that stuff. but just think once what is need of censorship? why govt is having problems with sites like pastebin etc . Because lots of websites databases getting hacked everyday ?? and pastebin was used to post hacked data ?? the main reason what i think is Piracy because torrents are the biggest source of pirated contents. even songspk.pk was blocked long ago. though some ISP are not in QUE for blocking. On one side govt passes bill for broadband in every home for development. of the country and increasing phones etc. so now...

Read more »

Researching and pentesting DTH services for fun and profit

  Hi guys sorry for not posting from long time but i have lots of work currently i am making videos on HCON STF for more easy pentesting and research . will post soon...... today i was thinking to hack or pentest the DTH devices that are bit modern that regular cable connections and they also have so called firmware for good organization of content. the transmission in tata sky is mpeg-2 type while others use mpeg-4. the transmission is encrypted (of course :P) and that is decrypted  by the card so called as smart card. the card stores the customers information its like its identitiy card of the box :D and that can be read using external devices and can also be connected to a computer the thing is most of the cards are not generic...

Read more »

Learning Assembly language from basics

hi guys sorry for posting late as i dont have much time from school and other things after learning some basic python i am going with assembly language yeah its hard as some of hardware things are important for it. its 1 level up from binary and the programs work hell fast in assembly. Directly jumping to assembly is risky first you need to study architecture of your computer and its working there are some selected book which cover from basics to advanced i am posting some of them if you are totally new to ASM consider reading "programming from ground up" the things are quite good in it and easy to understand another great book is the art of assembly. basically ASM and its code is based on type of processor there are major 2 types of processor CISC (pentium, asus, etc) RISC (SCADA devices...

Read more »

Reading and Editing metadata using exiftool

hi guys this is helpful to many to trace people and reading data and adding information sometimes wrong information for misdirection. ExifTool is a platform-independent Perl library plus a command-line application for reading, writing and editing meta information in a wide variety of files. Features  Powerful, fast, flexible and customizable Supports a large number of different file formats Reads EXIF, GPS, IPTC, XMP, JFIF, MakerNotes, GeoTIFF, ICC Profile, Photoshop IRB, FlashPix, AFCP, ID3 and more... Writes EXIF, GPS, IPTC, XMP, JFIF, MakerNotes, ICC Profile, Photoshop IRB, AFCP and more... Reads and writes maker notes of many digital cameras Decodes a riddle wrapped in a mystery inside an enigma Numerous output...

Read more »

WHMCS pentesting tool

hi guys wassup today i found a good tool for pentesting WHMCS servers it has many types of payloads and exploits so have fun and happy hacking its made by team of projectx blog Features: *GUI *In .EXE Format * 10 payloads = 10 directories * Gets the db_username, db_password, db_license, db_host, db_name, cc_enryption_hash, and templates_compiledir * Allows the user to use their own directory by putting it after the target link * Added a song entitled Cowboys From Hell by Pantera (because we love Metal Rock! m/) Download Link: http://www.4shared.com/file/6ebvAUgy/ProjectX_WHMCS_Pentesting_Tool.html oR http://www.mediafire.com/?3f00r95dodjij...

Read more »

My book on hacking A guide, A representation of todays condition of cyber lif3 of hackers

hi guys wassup i was a skid before but i left that path and went in the search of truth and knowledge. SQL injection is fun but then i realized that thats not true hacking and now i am changed....... Looking at the current condition of skids and new beginners i wrote a small book to start with. it does not contain any article,tutorial,or 0day exploits it contains real life and experiences that are experienced by young hackers it contains inspirational things that will help people a lot. hope you like it. my main motive was to direct young progressing hackers to a path that will lead to a good hacking carrier omg too much philosophy :P but its important too downl...

Read more »

How to become d0x pr00f

hi friends after exams i am free now will write some posts. yesterday i saw 1 one of my friends exposing s3rverexe. and s3rverexe also tried to expose him but failed. so today i will give you some tips on not letting your identities exposed. so first never share any information on forums, dating sites. matrimonial websites, or not even Facebook as now Google indexes its posts and comments. and be aware of adding unknown friend in your real account and never put a connection between your real and fake account. mostly if you are in INDIA you don't need to worry much as there are not any public records. but for countries like USA there are sites which have many information about you by credit-card etc. Only hiding everything is not fun always. sometimes even misdirection also makes fun. real...

Read more »

Introduction to SCADA hacking

hi guys wassup today i will tell you about SCADA hacking some other reosurces  so first what is SCADA ? its abbreviated as Supervisory Control and Data Acquisition so basically there are lots of hardwares in it ans used in power grids, Dams and many other industires. they use primitive softwares that are easy to exploit. remember Stuxnet that exploited Iran`s windows computer to exploit iran`s nuclear facility which was of Siemens. same way there are lots of companies who make SCADA and for ease of use and to control them from remote places they have internet connection so basically there are PLC (programmable logic contoller) which are exploited mostly. the I/O cycles are controlled by RISC (Reduced instruction set computing) processor PLCs use RISC processors to run continuous,...

Read more »

ROOTCON 6 Philippines premier hacking conference

One of my friends from cebu city (Philippines) is a blogger at theprojectxblog.net and blog.rootcon.org its a awesome conference for hackers and security professionals registration is not that expensive every body can visit these conference... the main language of communication will be english for more visit here =>>https://rootcon....

Read more »

Social engineering- The art of human hacking

you might be confused that why this thing is here right ? social engineering is also a type of hacking with humans. so i thought lets do something new!! the official portal of social engineering defines it like this..... Social Engineering (SE) is both incredibly complex and amazingly simple. What really is social engineering? We define  it as the act of manipulating a person to accomplish goals that may or may not be in the “target’s” best interest. This may include obtaining information, gaining access, or getting the target to take certain action. Due to the mystery surrounding this dark art many people are afraid of it, or they feel they will never be able to accomplish a successful social engineering test. However, every...

Read more »

convert python programs to standalone windows exe file

hi guys wassup i found a interesting thing that i would like to share as a python programmer the program is py2exe as the name suggests it converts python files to an exe standalone file here is the method Create your setup script (setup.py) py2exe extends Distutils with a new "command". If you've installed third party Python modules then there's a good chance you've seen at least one distutils command: C:\Tutorial>python setup.py install "install" is a Distutils command that installs something (typically a Python module or package). The details Distutils needs to do that installation are contained in setup.py (and sometimes other associated files). "py2exe" is a new Distutils command that is added when you import py2exe. To use py2exe you need to create a setup.py...

Read more »

python program to get facebook users data

hi guys  after 3 days of python learning i wrote my first prgram which downloads a users info (public one) using graph API its very useful API It can be accessed like this  Users: https://graph.facebook.com/btaylor (Bret Taylor) Pages: https://graph.facebook.com/cocacola (Coca-Cola page) Events: https://graph.facebook.com/251906384206 (Facebook Developer Garage Austin) Groups: https://graph.facebook.com/195466193802264 (Facebook Developers group) Applications: https://graph.facebook.com/2439131959 (the Graffiti app) Status messages: https://graph.facebook.com/367501354973 (A status message from Bret) Photos: https://graph.facebook.com/98423808305 (A photo from the Coca-Cola page) Photo albums: https://graph.facebook.com/99394368305...

Read more »

Netsniff-NG High Performance Sniffer 0.5.6

netsniff-ng is a free, performant Linux networking toolkit. The gain of performance is reached by zero-copy mechanisms, so that on packet reception and transmission the kernel does not need to copy packets from kernel space to user space and vice versa. For this purpose, the netsniff-ng toolkit is libpcap independent, but neverthelesssupports the pcap file format for capturing, replaying and performing offline-analysis of pcap dumps. Furthermore, we are focussing on building a robust and clean analyzer and utilities that complete netsniff-ng asa support for network development, debugging or network reconnaissance. The netsniff-ng toolkit consists of the following utilities: *. netsniff-ng , a zero-copy analyzer, pcap capturer and replayer *. trafgen , a high-performance zero-copynetwork traffic...

Read more »

SQLMap Gui - Automatic SQL injection and database takeover tool

This is a awesome sqlmap python gui made by xcedz.To make it work get andinstall python 2.7 and download the last version of sqlMap-dev svn checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmapsqlMap-dev after doing that download the gui scriptfrom : http://code.google.com/p/gui-for-sqlmap/downloads/list sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, toaccessing the underlying file system andexecuting commands on the operating...

Read more »

how to find someones profile ID from photo links

i know you have some idea that in deface pages people put their photo graphs with messages or sometimes if you wanna know who uploaded this photo to facebook then open the URL of image then see the middle number for eg for this one www.some.fcbdn.akamahid.net/216512_204732556226334_100000687732419_582854_6270883_n.jpg etc the highlighted one is our profile ID then how to get info for that ID so we use facebook graph API so goto http://graph.facebook.com/?id=  then put what you got and yes you got the user info you can simply search him/her on facebook and if you have a URL of photo with all facebook like,tag stuff then it will look like this so the highlighted portion is your ID photo.php?fbid=231188996914023&set=a.231188663580723.62289.100000687732419&type=3 i am also thinking...

Read more »

how to be a Ghost on internet by lulzsec

Its a very interesting post by lulzec members i would like to share it Want to stay safe online? By @AntiSecOp Required files:VMWare Workstation: http://www.demonoid.me/files/details/2787488/008172892720/Windows 7 Ultimate: http://www.demonoid.me/files/details/2811393/003064834770/BackTrack 5 R1 VMWare: http://www.backtrack-linux.org/ajax/download_redirect.php?id=BT5R1-GNOME-VM-32.7zpfsense: http://files.chi.pfsense.org/mirror/downloads/pfSense-2.0.1-RELEASE-amd64.iso.gzUbuntu Live CD: http://www.ubuntu.com/start-download?distro=desktop&bits=32&release=latest Required Hardware:Virtualization supported CPU4GB RAMUSB wifi adapter supporting packet injection:http://www.amazon.com/Alfa-802-11b-Wireless-Original-9dBi/dp/B001O9X9EU/ref=sr_1_2?ie=UTF8&qid=1328768355&sr=8-2 VPN...

Read more »