Get FREE lessons from "Hack It Easy Hacking Course"

Enter your email and instantly receive the lessons in your inbox for free

Saturday, September 4, 2010

REFOG Keylogger – Look after your family members


Computers can be useful tools for entertainment, education and communication but in the misguided keeping they can be parlous. Children can interact with online predators. Teenagers can supply improper info on their ethnic networking profiles. Spouses can attain romanticistic connections with members of the opposite sex.
But with REFOG Keylogger none of these activities feature to stay a story. This keylogger software can cook excerpt of confabulation gathering and present messaging conversations then rewrite them so users can indicate them with repose. In gain, the software will save a log of all the web position’s visited by each soul, as symptomless as the applications apiece overladen image of what was being done on the computers .
Pulsed screenshots embezzled automatically by the software also wage added multipurpose entropy in exactly what your admired ones bang been up to online. Unequal galore examples of keylogger software for the place, this one can run invisibly and undetected behindhand the scenes 24 hours a day because it is maintenance-free. Bloodline members won’t hump the keylogger software has been more on so they won’t suppose to uninstall it or tool with the logs.
If by both miracle they did, all of those things would be protected by a combatant arcanum that you make upon start. Because all of the logs are serviced for each personal individual and because you invite happening what your children, your adolescents, or your mate is doing on the computers again.

For further information about this product visit here:

Tuesday, August 10, 2010

10 best hacking tools for Linux

Linux is a hacker’s dream computer operating system. It supports tons of tools and utilities for cracking passwords, scanning network vulnerabilities, and detecting possible intrusions. I have here a collection of 10 of the besthacking and security software tools for Linux. Please always keep in mind that these tools are not meant to harm, but to protect.

1. John the Ripper
John the Ripper is a free password cracking software tool initially developed for the UNIX operating system. It is one of the most popular password testing/breaking programs as it combines a number of password crackers into one package, autodetects password hash types, and includes a customizable cracker. It can be run against various encrypted password formats including several crypt password hash types most commonly found on various Unix flavors (based on DES, MD5, or Blowfish), Kerberos AFS, and Windows NT/2000/XP/2003 LM hash. Additional modules have extended its ability to include MD4-based password hashes and passwords stored in LDAP, MySQL and others.

2. Nmap 

Nmap is my favorite network security scanner. It is used to discover computers and services on a computer network, thus creating a "map" of the network. Just like many simple port scanners, Nmap is capable of discovering passive services on a network despite the fact that such services aren't advertising themselves with a service discovery protocol. In addition Nmap may be able to determine various details about the remote computers. These include operating system, device type, uptime, software product used to run a service, exact version number of that product, presence of some firewall techniques and, on a local area network, even vendor of the remote network card.

Nmap runs on Linux, Microsoft Windows, Solaris, and BSD (including Mac OS X), and also on AmigaOS. Linux is the most popular nmap platform and Windows the second most popular.

3. Nessus

Nessus is a comprehensive vulnerability scanning software. Its goal is to detect potential vulnerabilities on the tested systems such as:

-Vulnerabilities that allow a remote cracker to control or access sensitive data on a system.
-Misconfiguration (e.g. open mail relay, missing patches, etc).
-Default passwords, a few common passwords, and blank/absent passwords on some system accounts. Nessus can also call Hydra (an external tool) to launch a dictionary attack.
-Denials of service against the TCP/IP stack by using mangled packets

Nessus is the world's most popular vulnerability scanner, estimated to be used by over 75,000 organizations worldwide. It took first place in the 2000, 2003, and 2006 security tools survey from SecTools.Org.

4. chkrootkit

chkrootkit (Check Rootkit) is a common Unix-based program intended to help system administrators check their system for known rootkits. It is a shell script using common UNIX/Linux tools like the strings and grep commands to search core system programs for signatures and for comparing a traversal of the /proc filesystem with the output of the ps (process status) command to look for discrepancies.

It can be used from a "rescue disc" (typically a Live CD) or it can optionally use an alternative directory from which to run all of its own commands. These techniques allow chkrootkit to trust the commands upon which it depend a bit more.

There are inherent limitations to the reliability of any program that attempts to detect compromises (such as rootkits and computer viruses). Newer rootkits may specifically attempt to detect and compromise copies of the chkrootkit programs or take other measures to evade detection by them.

5. Wireshark

Wireshark is a free packet sniffer computer application used for network troubleshooting, analysis, software and communications protocol development, and education. In June 2006, the project was renamed from Ethereal due to trademark issues.

The functionality Wireshark provides is very similar to tcpdump, but it has a GUI front-end, and many more information sorting and filtering options. It allows the user to see all traffic being passed over the network (usually an Ethernet network but support is being added for others) by putting the network interface into promiscuous mode.

Wireshark uses the cross-platform GTK+ widget toolkit, and is cross-platform, running on various computer operating systems including Linux, Mac OS X, and Microsoft Windows. Released under the terms of the GNU General Public License, Wireshark is free software.

6. netcat

netcat is a computer networking utility for reading from and writing to network connections on either TCP or UDP.

Netcat was voted the second most useful network security tool in a 2000 poll conducted by on the nmap users mailing list. In 2003, it gained fourth place, a position it also held in the 2006 poll.

The original version of netcat is a UNIX program. Its author is known as *Hobbit*. He released version 1.1 in March of 1996.

Netcat is fully POSIX compatible and there exist several implementations, including a rewrite from scratch known as GNU netcat.

7. Kismet

Kismet is a network detector, packet sniffer, and intrusion detection system for 802.11 wireless LANs. Kismet will work with any wireless card which supports raw monitoring mode, and can sniff 802.11a, 802.11b and 802.11g traffic.

Kismet is unlike most other wireless network detectors in that it works passively. This means that without sending any loggable packets, it is able to detect the presence of both wireless access points and wireless clients, and associate them with each other.

Kismet also includes basic wireless IDS features such as detecting active wireless sniffing programs including NetStumbler, as well as a number of wireless network attacks.

8. hping

hping is a free packet generator and analyzer for the TCP/IP protocol. Hping is one of the de facto tools for security auditing and testing of firewalls and networks, and was used to exploit the idle scan scanning technique (also invented by the hping author), and now implemented in the Nmap Security Scanner. The new version of hping, hping3, is scriptable using the Tcl language and implements an engine for string based, human readable description of TCP/IP packets, so that the programmer can write scripts related to low level TCP/IP packet manipulation and analysis in very short time.

Like most tools used in computer security, hping is useful to both system administrators and crackers (or script kiddies).

9. Snort

Snort is a free and open source Network Intrusion prevention system (NIPS) and network intrusion detection (NIDS) capable of performing packet logging and real-time traffic analysis on IP networks.

Snort performs protocol analysis, content searching/matching, and is commonly used to actively block or passively detect a variety of attacks and probes, such as buffer overflows, stealth port scans, web application attacks, SMB probes, and OS fingerprinting attempts, amongst other features. The software is mostly used for intrusion prevention purposes, by dropping attacks as they are taking place. Snort can be combined with other software such as SnortSnarf, sguil, OSSIM, and the Basic Analysis and Security Engine (BASE) to provide a visual representation of intrusion data. With patches for the Snort source from Bleeding Edge Threats, support for packet stream antivirus scanning with ClamAV and network abnormality with SPADE in network layers 3 and 4 is possible with historical observation.

10. tcpdump

tcpdump is a common computer network debugging tool that runs under the command line. It allows the user to intercept and display TCP/IP and other packets being transmitted or received over a network to which the computer is attached.

In some Unix-like operating systems, a user must have superuser privileges to use tcpdump because the packet capturing mechanisms on those systems require elevated privileges. However, the -Z option may be used to drop privileges to a specific unprivileged user after capturing has been set up. In other Unix-like operating systems, the packet capturing mechanism can be configured to allow non-privileged users to use it; if that is done, superuser privileges are not required.

The user may optionally apply a BPF-based filter to limit the number of packets seen by tcpdump; this renders the output more usable on networks with a high volume of traffic.

The world's top 5 criminal hackers

The Black Hat Hackers - CriminalsThese hackers are the ones that you've seen in shackles arrested for cybercrimes when they were just getting out of puberty. Some have done it for financial gain others just for fun.

1. Kevin Mitnick.

Mitnick is perhaps synonymous with Hacker. The Department of Justice still refers to him as "the most wanted computer criminal in United States history." His accomplishments were memorialized into two Hollywood movies: Takedown and Freedom Downtime.
Mitnick got his start by exploiting the Los Angeles bus punch card system and getting free rides. Then similar to Steve Wozniak, of Apple, Mitnick tried Phone Phreaking. Mitnick was first convicted for hacking into the Digital Equipment Corporation's computer network and stealing software.
Mitnick then embarked on a two and a half year coast to coast hacking spree. He has stated that he hacked into computers, scrambled phone networks, stole corporate secrets and hacked into the national defense warning system. His fall came when he hacked into fellow computer expert and hacker Tsutomu Shimomura's home computer.
Mitnick is now a productive member of society. After serving 5 years and 8 months in solitary confinement, he is now a computer security author, consultant and speaker.

2. Adrian Lamo

Lamo hit major organizations hard, hacking into Microsoft and The New York Times. Lamo would use Internet connections at coffee shops, Kinko's and libraries to achieve his feats earning him the nickname "The Homeless Hacker". Lamo frequently found security flaws and exploited them. He would often inform the companies of the flaw.
Lamo's hit list includes Yahoo!, Citigroup, Bank of America and Cingular. Of course White Hat Hackers do this legally because they are hired by the company to such, Lamo however was breaking the law.
Lamo's intrusion into The New York Times intranet placed him squarely into the eyes of the top cyber crime offenders. For this crime, Lamo was ordered to pay $65,000 in restitution. Additionally, he was sentenced to six months home confinement and 2 years probation. Probation expired January of 2007. Lamo now is a notable public speaker and award winning journalist.

3. Jonathan James

At 16 years old, James gained enormous notoriety when he was the first minor to be sent to prison for hacking. He later admitted that he was just having fun and looking around and enjoyed the challenge.
James hit high profile organizations including the Defense Threat Reduction Agency, which is an agency of the Department of the Defense. With this hack he was able to capture usernames and passwords and view highly confidential emails.
High on James list, James also hacked in NASA computers and stole software valued at over $1.7 million. The Justice Department was quoted as saying: "The software stolen by James supported the International Space Station's physical environment, including control of the temperature and humidity within the living space." Upon discovering this hack, NASA had to shut dow its entire computer system costing taxpayers $41,000. Today James aspires to start a computer security company.

4. Robert Tappan Morris

Morris is the son of a former National Security Agency scientist named Robert Morris. Robert is the creator of the Morris worm. This worm was credited as the first computer worm spread through the Internet. Because of his actions, he was the first person to be prosecuted under the 1986 Computer Fraud and Abuse Act.
Morris created the worm while at Cornell as a student claiming that he intended to use the worm to see how large the Internet was at the time. The worm, however, reproduced itself uncontrollably, shutting down many computers until they had completely malfunctioned. Experts claim 6,000 machines were destroyed. Morris was ultimately sentenced to three years' probation, 400 hours of community service and assessed a $10,500 fine.
Morris is now a tenured professor at the MIT Computer Science and Artificial Intelligence Laboratory. His focus is computer network architecture.

5. Kevin Poulsen

Frequently referred to as Dark Dante, Poulsen gained national recognition for his hack into Los Angeles radio's KIIS-FM phone lines. These actions earned him a Porsche among many other items.
The FBI began to search for Poulson, when he hacked into the FBI database and federal computers for sensitive wiretap information. Poulsen's specialty was hacking into phone lines and he frequently took over all of a station's phone lines. Poulson also reactivated old Yellow Page escort telephone numbers for a partner who operated a virtual escort agency. Poulson was featured on Unsolved Mysteries and then captured in a supermarket. He was assessed a sentence of five years.
Since his time in prison, Poulsen has worked as a journalist and was promoted to senior editor for Wired News. His most popular article details his work on identifying 744 sex offenders with Myspace profiles.

Did we miss any?Tell us your thoughts

Also See the Top (5) Non-Criminal Computer Hackers of All Time at the link below:

Wednesday, July 28, 2010

Display your latest tweet without a plug-in

8 in 15 Useful Twitter Hacks and Plug-Ins For WordPressIf people like your blog, they would probably also enjoy your tweets. Displaying your latest tweets on your WordPress blog is a good way to gain new subscribers. A plug-in can do that, but for such a simple task, I prefer a hack. This one grabs your latest tweet and displays it on your blog.
This ready-to-use code can be pasted anywhere in your theme files. Just don’t forget to change the value of the $username on line 4. The $prefix and $suffix variable can be used to insert a title, and the div element can be used for further CSS styling.
// Your twitter username.
$username = "TwitterUsername";

// Prefix - some text you want displayed before your latest tweet.
// (HTML is OK, but be sure to escape quotes with backslashes: for example href=\"link.html\")
$prefix = "

My last Tweet

"; // Suffix - some text you want display after your latest tweet. (Same rules as the prefix.) $suffix = ""; $feed = "" . $username . "&rpp=1"; function parse_feed($feed) { $stepOne = explode("", $feed); $stepTwo = explode("", $stepOne[1]); $tweet = $stepTwo[0]; $tweet = str_replace("<", "<", $tweet); $tweet = str_replace(">", ">", $tweet); return $tweet; } $twitterFeed = file_get_contents($feed); echo stripslashes($prefix) . parse_feed($twitterFeed) . stripslashes($suffix); ?>
Save the file, and your latest tweet is displayed on your blog. Nice, huh?

Create a Page that shows twitter updates on your blog/site

Twitter is the best way to publicize and advertise your blog or site and to stay in touch with followers. We already showed you how to display your latest tweet on your blog, in your sidebar for example. Another good way to introduce readers to your Twitter updates is to create a dedicated page for displaying your tweets, using the powerful “Page template” WordPress option.
To perform this hack, you need to know how to create and use page templates. If you’re not familiar with this, this article will tell you all you need to know.
Here’s the code to create a Twitter page template. Paste it in a new file, name the file something like twitter-page.php, for example, and then add it to your blog.
04Template Name: Twitter page
This code uses the wp_rss() function from WordPress core, which is an RSS reader. In the first argument I pass my Twitter RSS feed, and in the second argument I determine the number of entries to display.

Saturday, July 24, 2010

Hack-It - Modify the way windows are on your system.

Hack-It is a window manipulation program. It allows you to control any window on your system in several different ways not normally available to you through the standard Windows user interface. The major functions you can perform on windows are: making a window visible or hidden, causing a window to stay on top of others or not stay on top of others, adding an icon to the system tray for a window, and having that window minimize to the tray, adjusting the transparency of a window, manipulating process priorities to give a window's process more CPU time, standard window functions such as restoring, minimizing, maximizing, and closing, and forcibly terminating a process.

Download Now (488.82K)
Tested spyware free

Sunday, July 18, 2010

10 awesome hidden features of Facebook

Facebook hacks or mods to reveal hidden features. We share 10 awesome hidden facebook features that usually are there right on our social networking page but we ignore them.

Facebook that we'd share with you.

1. See people's limited profile without adding as a friend

Suppose you wanna add someone in your Facebook friends but you can't view his/her profile. What you gotta do is send a message like  hello to the one who's profile you want to see. When that person replies you can easily view his/her Facebook profile without having him/her to add you as a friend.

2. Recover hidden Facebook friends

Often it occurs that that you remove your noisy Facebook friends, only to realize later that you need him/her badly. Well, don't you need to worry, if you know where to look for. In case you've no ideas just follow as I say
To get the list of your hidden page go to the Home page then scroll your browser all the way to the bottom. Look for link Edit Options and Click it.  A pop-up window would show all your hidden friends.
Click on Add to News Feed to restore your friend to your Home page. What you can't get back is the removed entries on your Wall posted by your friend.

3.  Reverting to older profile pictures

Whenever you upload a new picture in your Facebook profile the old one disappears. What if you want your old picture on your profile. Well, Facebook had keeps a running tab of all your old shots in the form of a special hidden album. To revert back to your old picture just choose the Make Profile Picture option on the list of links in the bottom right hand corner. Further you can get rid of the pictures that seem horribly outdated.

4. Adding or removing  links under your picture

When you are installing one or more Facebook application, often you skip the prompt that asks you whether to put the little blue link below your profile picture. At the end you have a tower of blue links under your name and on everyone's profile you visit. Feel like cutting down the clutter. Click on the little x button that shows up when you mouse over the box. This can be done for all the links except for the Edit My Pofile link.
Now if you want the links back just visit the Edit page under Application and find the applications that have profile links disabled. Hit the Edit button and you have to find the option that will turn the links back on.

5. Pull a Twitter

Long before tweets were born, Facebook had the status message that described what you are up to that everybody could view. This information shows up on your profile and on various news and mini-feeds.
Now how many of you know that there's a page that lists the last 70+ status updates of all your friends? You can easily sign up to get mobile alerts and update your own status from mobile phone using the web portal or by sending text messages to a special Facebook number. There's also a simple RSS feed you can grab to add to your favorite feed reader.

6. Minimize Applications

Often the links under your profile picture can get a little cluttered . In case you have a few applications cluttering your profile and better you don't see the applications. You can just minimize the application logo by clicking them into a down-facing triangle. Your friends might be able to see the application box on your profile. It would show up in your profile as minimized. If you run across one that's appealing you most and that several of your friends have installed, you might not see it unless you want it.

7. People You May Not Want to Know

This might be one of the most craving features on Facebook if you only know. Already Facebook offers the feature People You May Know.   This feature might display the exact opposite results by showing which friend you wanna interact with the least on Facebook. Most importantly it would also tell you why you shouldn't know them.

8. Facebook's only official game

Well, there's an iPod music quiz game that involves playing a track and choosing a handful of selections before time runs out. There's a similar game in Facebook Friends menu that requires you to guess whose profile to which a snippet of text belongs. It might be anything from a quote to a favorite book or movie. Gradually the incorrect friends would fade away with friends leaving a smaller pool from which to guess. Given all this, just don't blame Facebook for not providing a scorecard. It one of the only official games offered by Facebook.

9. I think i'm busy That Day

Well, one of the most interesting features in Facebook is the ability to create and invite people to different events. Most of you must be clicking the No for any event even without knowing what it is. To sought out this forever you need to click on the new and improved fourth button that would show you as not attending the event and auto-decline future event invitation from the person who invited you.

10. Hide your profile on Facebook

What if you don't want others to visit your profile and yet have you on Facebook. Here are the step that would allow you to hide your Facebook profile.

Step 1:
Sign on to the Facebook home page
Step 2: Click on My Privacy to change who can see your profile. The My Privacy page allows you to adjust each feature of your Facebook account separately. If you just wanna hide certain features, such as mini-feed or photos, then adjust only those preferences.
Step 3: Click on Edit Settings for the limited profile. You will land on a page with a preview of your current limited profile.
Step 4: Choose all or none of the Facebook features you want people to see on your limited profile. To completely hide your profile, make sure all boxes are unchecked before hitting the Save button.
Step 5: From the My Privacy page add people to the limited profile list. People you put on the list can only view the features you let them see. They will still be your friends, however.

Some Facebook hacks to ease you

Facebook hacksFacebook is the hottest property going around everywhere. We worked a few tricks and hacks to ease you in accessing the best social network site and connect to your friends faster.

The hack are based on Firefox web browser which you can get easily from here.
You also need to install Greasemonkey a famous firefox plugin for the hacks to work.

Automated Login : If you feel lazy to type in your personal info every time, this might be the tool that you can looking for. By installing this you can save up your time & you will be logged in to your account/profile automatically!
Account/Profile Colour customization : Feel free to customize the colour that you like & add it to your account/profile.

Saturday, July 17, 2010

The Top ten hacking techniques of 2009

Hackers are always on the go to crack the internet and find new hacking techniques an hacks. So here we have compiled a list of the best 10 hacks from 2009 that we felt are worth knowing by the internet techies around the world. .

Top Ten Web Hacking Techniques of 2009!
1. Creating a rogue CA certificate
Alexander Sotirov, Marc Stevens, Jacob Appelbaum, Arjen Lenstra, David Molnar, Dag Arne Osvik, Benne de Weger

2. HTTP Parameter Pollution (HPP)
Luca Carettoni, Stefano diPaola

3. Flickr's API Signature Forgery Vulnerability (MD5 extension attack)
Thai Duong and Juliano Rizzo

4. Cross-domain search timing
Chris Evans

5. Slowloris HTTP DoS
Robert Hansen, (additional credit for earlier discovery to Adrian Ilarion Ciobanu & Ivan Ristic - “Programming Model Attacks” section of Apache Security for describing the attack, but did not produce a tool)

6. Microsoft IIS 0-Day Vulnerability Parsing Files (semi‐colon bug)
Soroush Dalili

7. Exploiting unexploitable XSS
Stephen Sclafani

8. Our Favorite XSS Filters and how to Attack them
Eduardo Vela (sirdarckcat), David Lindsay (thornmaker)

9. RFC1918 Caching Security Issues
Robert Hansen

10. DNS Rebinding (3-part series Persistent Cookies, Scraping & Spamming, and Session Fixation)
Robert Hansen

Saturday, June 5, 2010

Use telnet to send email for anyone's email to anyone

Send anonymous email from anyone to anyone. You hear it right from any email ID to any email ID. You can send any email to your friend from their email ID. Or you might even send someone an email from Steve Jobs's email. Here is the simple hack that let's you do just that using the most common feature available in all computers. Just follow the simple procedure. And so comment for any help.

1 Open the cmd prompt. (Start -> Run or press win key + R, then type cmd and presss OK )

2 Type telnet 25 (where "" is the name of the smtp (outgoing) server of your email provider, such as This can be found by checking your account info in the program you normally use for email.

3 Type HELO (Or "EHLO")

4Type MAIL

5You may get a message saying "250 ok"

6Type RCPT,,, etc.

7 again, You may get a message saying "250 ok"

8 To write the message, type DATA and press Enter.
  1. On the first line type SUBJECT:yoursubject and press Enter twice.
  2. Continue typing your message.
  3. Put a single period (.) on a line by itself and press Enter to send your message. The server should say 'Message accepted for delivery'. (Or it says 250 OK id=`a long id`)
9Type QUIT to exit Telnet.

This will not work if your ISP uses dynamic IP to give you internet access. If you could try using some botnet server that is quite easy. If you would request would post a tutorial for that as well.

Well use the hack at your own risk as you can easily be traced back, as each email also sends your IP. You might use some IP re-routing software like anonymizer. But still use it cautiously. And this post was only for educational purpose.

Wednesday, June 2, 2010

Google Chrome OS launching mid-year !

Originally announced with a planned second half of 2010 launch, today Google has narrowed the launch of its Chrome OS to fall. This, according to Sundar Pichai, Google VP of product management speaking at Computex. By our calculation that is sometime between 22 September and 21 December in the northern hemisphere if you want to take the man literally... and you do, don't you. Wonder if we'll see a Chrome OS tablet launch at the same time?

Sunday, April 25, 2010

How to Recover and Reset Password in windows 7/Vista/XP/2003/2K/NT

Forgetting your Windows administrator login password. With no way to get into the system, you can’t even perform basic maintenance, let alone a thorough tune-up. Formatting is always an option, but we consider that a last resort. (Plus, guess who’s going to have to help reinstall all the programs lost after a wipe?) But all hope is not lost. There are a few ways to actually retrieve a lost Windows account password. Read on, and we’ll show you the light.

The first thing which you check if you forget login password. When we install Windows, it automatically creates an account “Administrator” and sets its password to blank. So if you have forget your user account password then try this:
Start system and when you see Windows Welcome screen / Login screen, press ctrl+alt+del keys twice and it’ll show Classic Login box. Now type “Administrator” (without quotes) in Username and leave Password field blank. Now press Enter and you should be able to log in Windows.
Now you can reset your account password from “Control Panel -> User Accounts”.
Same thing can be done using Safe Mode. In Safe Mode Windows will show this in-built Administrator account in Login screen.

If you sure that you had completely no idea what your password is, then keep trying these methods.

Method 1: Take a rest

Sometimes, human being is a little weird. You won’t get the thing that you urgently need. So have a coffee, take a snap or even come back after a few days, you may found that you suddenly ‘remember’ your Windows password.

Method 2: Reset password with RESET DISK if you made before.

Windows XP and further versions also provide another method to recover forgotten password by using “Reset Disk”. If you created a Password Reset Disk in past, you can use that disk to reset the password. To know more about it, please visit following links:

Method 3: Reset password from another administrator account

If you cannot log on to Windows by using a particular user account, but you can log on to another account that has administrative credentials, follow these steps on how to do the trick:

1. Log on to Windows by using an administrator account that has a password that you remember. You may need to start WinXP in safe mode.

2. Click Start, and then click Run.

3. In the Open box, type “control userpasswords2?, and then click OK.

4. Click the user account that you forgot the password for, and then click Reset Password.

5. Type a new password in both the New password and the Confirm new password boxes, and then click OK.

Method 4: TRY command prompt about password reset trick

1. Log in with any valid account.

2. Bring up the command prompt.

Type: net user

You get a list of accounts

Type: net user Administrator *

Type: net user (any account on that list) *

3. It prompts for a password. Enter one, then enter it again when prompted to confirm.

Now, try to log on as ‘Administrator’ with your new password.

* Please note that this might not work on a LIMITED account


Method 5: Make third party recovery tool yourself

There are a lot of tools and utilities that can be downloaded and used to recover, reset, retrieve or reveal existing password. These windows password recovery utilities, free or paid, are usually a Linux boot disk or CD that able to comes with NT file system (NTFS) drivers and software that will read the registry and rewrite the password hashes, or can brute force crack the password for any user account including the Administrators. The advantage is that there is no fear of leaking your password to outsiders, while the process requires physical access to the console and a floppy or CD drive, depending on which tool you choose. And it’s not easy, although it always work!

Below is the most famous recovery tool I found:

Windows Password Recovery Tool 3.0 – it is the most popular Windows password cracker . It is a very efficient implementation of windows any versions. It comes with a Graphical User Interface and runs on multiple platforms.

For more information:

Password Recovery Bundle –This is a utility to reset the password of any user that has a valid (local) account on your windows system. You do not need to know the old password to set a new one. It works offline, that is, you have to shutdown your computer and boot off a floppydisk or CD. It’ll detect and offer to unlock locked or disabled out user accounts. It is also an almost fully functional registry editor.

For more information:

Windows Password Key 8.0 -It is considered as the best tool to reset local administrator and user passwords on any Windows system. It creates a password recovery CD/DVD, USB Flash Drive for home, business and enterprise. And most of all, it's the most popular and safe solution for removing your Windows password until now.

For more information:

Method 6: Make a Wish!

If it doesn’t work above, I hope that you have some hacker friends.

Thursday, January 21, 2010

Top 10 Password Crackers

After the tremendously successful 2000 and 2003 security tools surveys, Insecure.Org is delighted to release this 2006 survey. I (Fyodor) asked users from the nmap-hackers mailing list to share their favorite tools, and 3,243 people responded. This allowed me to expand the list to 100 tools, and even subdivide them into categories. This is the category page for password crackers -- the full network security list is available here. Anyone in the security field would be well advised to go over the list and investigate tools they are unfamiliar with. I discovered several powerful new tools this way. I also point newbies to this site whenever they write me saying “I don't know where to start”.
Respondents were allowed to list open source or commercial tools on any platform. Commercial tools are noted as such in the list below. No votes for the Nmap Security Scanner were counted because the survey was taken on a Nmap mailing list. This audience also biases the list slightly toward “attack” hacking tools rather than defensive ones.
Each tool is described by one ore more attributes:
newDid not appear on the 2003 list
  TITLE=Generally costs money. A free limited/demo/trial version may be available.
LinuxWorks natively on Linux
*BSDWorks natively on OpenBSD, FreeBSD, Solaris, and/or other UNIX variants
OS XWorks natively on Apple Mac OS X
WindowsWorks natively on Microsoft Windows
Command-line interfaceFeatures a command-line interface
GUI InterfaceOffers a GUI (point and click) interface
Source codeSource code available for inspection.
Please send updates and suggestions (or better tool logos) to Fyodor. If your tool is featured or you think your site visitors might enjoy this list, you are welcome to use our link banners. Here is the list, starting with the most popular:

GUI Interface
Cain and Abel : The top password recovery tool for Windows
UNIX users often smugly assert that the best free security tools support their platform first, and Windows ports are often an afterthought. They are usually right, but Cain & Abel is a glaring exception. This Windows-only password recovery tool handles an enormous variety of tasks. It can recover passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols. It is also well documented. Also categorized as: packet sniffers

Command-line interface
Source code
John the Ripper : A powerful, flexible, and fast multi-platform password hash cracker
John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types which are most commonly found on various Unix flavors, as well as Kerberos AFS and Windows NT/2000/XP LM hashes. Several other hash types are added with contributed patches. You will want to start with some wordlists, which you can find here, here, or here.

Command-line interface
GUI Interface
Source code
THC Hydra : A Fast network authentication cracker which supports many different services
When you need to brute force crack a remote authentication service, Hydra is often the tool of choice. It can perform rapid dictionary attacks against more then 30 protocols, including telnet, ftp, http, https, smb, several databases, and much more. Like THC Amap this release is from the fine folks at THC.

Command-line interface
Source code
Aircrack : The fastest available WEP/WPA cracking tool
Aircrack is a suite of tools for 802.11a/b/g WEP and WPA cracking. It can recover a 40 through 512-bit WEP key once enough encrypted packets have been gathered. It can also attack WPA 1 or 2 networks using advanced cryptographic methods or by brute force. The suite includes airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), and airdecap (decrypts WEP/WPA capture files). Also categorized as: wireless tools

GUI Interface
L0phtcrack : Windows password auditing and recovery application
L0phtCrack attempts to crack Windows passwords from hashes which it can obtain (given proper access) from stand-alone Windows workstations, networked servers, primary domain controllers, or Active Directory. In some cases it can sniff the hashes off the wire. It also has numerous methods of generating password guesses (dictionary, brute force, etc). LC5 was discontinued by Symantec in 2006, then re-acquired by the original L0pht guys and reborn as LC6 in 2009. For free alternatives, consider Ophcrack, Cain and Abel, or John the Ripper.

Command-line interface
Source code
Airsnort : 802.11 WEP Encryption Cracking Tool
AirSnort is a wireless LAN (WLAN) tool that recovers encryption keys. It was developed by the Shmoo Group and operates by passively monitoring transmissions, computing the encryption key when enough packets have been gathered. You may also be interested in the similar Aircrack. Also categorized as: wireless tools

GUI Interface
SolarWinds : A plethora of network discovery/monitoring/attack tools
SolarWinds has created and sells dozens of special-purpose tools targeted at systems administrators. Security-related tools include many network discovery scanners, an SNMP brute-force cracker, router password decryption, a TCP connection reset program, one of the fastest and easiest router config download/upload applications available and more. Also categorized as: traffic monitoring tools

Command-line interface
Source code
Pwdump : A window password recovery tool
Pwdump is able to extract NTLM and LanMan hashes from a Windows target, regardless of whether Syskey is enabled. It is also capable of displaying password histories if they are available. It outputs the data in L0phtcrack-compatible form, and can write to an output file.

Command-line interface
Source code
RainbowCrack : An Innovative Password Hash Cracker
The RainbowCrack tool is a hash cracker that makes use of a large-scale time-memory trade-off. A traditional brute force cracker tries all possible plaintexts one by one, which can be time consuming for complex passwords. RainbowCrack uses a time-memory trade-off to do all the cracking-time computation in advance and store the results in so-called "rainbow tables". It does take a long time to precompute the tables but RainbowCrack can be hundreds of times faster than a brute force cracker once the precomputation is finished.

GUI Interface
Brutus : A network brute-force authentication cracker
This Windows-only cracker bangs against network services of remote systems trying to guess passwords by using a dictionary and permutations thereof. It supports HTTP, POP3, FTP, SMB, TELNET, IMAP, NTP, and more. No source code is available. UNIX users should take a look at THC Hydra


   First Name:
* Your Email Address:


Twitter Delicious Facebook Digg Stumbleupon Favorites More