How to Detect Vulnerability in PHP Application

How to Detect Vulnerability in PHP Application

PHP Vulnerability Hunter is a PHP fuzzing tool that scans for several different vulnerabilities by performing dynamic program analysis. It can detect arbitrary command execution, local file inclusion, arbitrary upload, and several other types of vulnerabilities.

Read more..

5 Best Boot Screens For Windows 7

Microsoft’s fastest selling operating system, Windows 7, features a cool boot screen but users who have been watching the same boot screen ever since the Beta days might want to replace the default boot screen animation with a custom one.

Unlike, earlier versions of Windows, changing the default boot screen animation is not a simple task in Windows 7. But it’s possible with the help of a free tool named Windows 7 Boot Screen Updater. We reported about this awesome tool few months back.

Now if you are looking forward to change the default Windows 7 boot animation usingWindows 7 Boot Screen Updater, here are some good boot screen animations.

Note: Since Windows 7 Boot Screen Updater is in beta state, we recommend backing up your system before replacing the default boot screen. Use at your own risk! And, please try these boot screens in a Virtual Machine before trying it on your primary machine.

Click on the boot animation image to proceed to the download link. Please use Windows 7 Boot Screen Updater or follow the procedure mentioned in the download page to apply the custom boot screen.

1. Default boot screen with custom touch

2. Windows logo animation

3. Glowing Apple boot screen

4. Another cool boot animation for Windows 7

5. Apple logo boot screen animation

Read more..

HOW TO HACK E-MAIL ACCOUNT PASSWORD - EMAIL HACKING SOFTWARE

HOW TO HACK E-MAIL ACCOUNT PASSWORD - EMAIL HACKING SOFTWARE


Now you know that there are many ways to hack email password, like bruteforcing, social engineering or Reverting, but the main two methods used to hack email passwords are Remote Keylogging and Phishing. In this article i'll show you how to hack email account password using keyloggers and trojans. Here I am demonstrating using PRORAT trojan. You can use any trojan or keylogger as per your ease. The basic functionality of all backdoors are same. Pls make note that all these hacking tools and softwares are detected by antivirus. You have to uninstall or close you running antivirus first. Now we can start.

How to Hack Email Account Passwords Using ProRat?

1. First of all Download ProRat. Once it is downloaded right click on the folder and choose to extract it. A password prompt will come up. The password will be "pro".

2. Open up the program. You should see the following:


3. Next we will create the ProRat Trojan server. Click on the "Create" button in the bottom. Choose "Create ProRat Server".


4. Next put in your IP address so the server could connect to you. If you don’t know your IP address click on the little arrow to have it filled in for you automatically. Next put in your e-mail so that when and if a victim gets infected it will send you a message. We will not be using the rest of the options.


5. Now Open General settings. This tab is the most important tab. In the check boxes, we will choose the server port the program will connect through, the password you will be asked to enter when the victim is infected and you wish to connect with them, and the victim name. As you can see ProRat has the ability to disable the windows firewall and hide itself from being displayed in the task manager.

Here is a quick overview of what they mean and which should be checked:


6. Click on the Bind with File button to continue. Here you will have the option to bind the trojan server file with another file. Remember a trojan can only be executed if a human runs it. So by binding it with a legitimate file like a text document or a game, the chances of someone clicking it go up. Check the bind option and select a file to bind it to. A good suggestion is a picture or an ordinary text document because that is a small file and its easier to send to the people you need.


7. Click on the Server Extensions button to continue. Here you choose what kind of server file to generate. I prefer using .exe files, because it is cryptable and has icon support, but exe’s looks suspicious so it would be smart to change it.


8. Click on Server Icon to continue. Here you will choose an icon for your server file to have. The icons help mask what the file actually is. For my example I will choose the regular text document icon since my file is a text document.

9. After this, press Create server, your server will be in the same folder as ProRat. A new file with name "binded_server" will be created. Rename this file to something describing the picture. A hacker could also put it up as a torrent pretending it is something else, like the latest game that just came out so he could get people to download it.

Very important: Do not open the "binded_server" file on your system.

10. You can send this trojan server via email, pendrive or if you have physical access to the system, go and run the file. You can not send this file via email as "server.exe", because it will be detected as trojan or virus. Password protect this file with ZIP and then email it. Once your victim download this ZIP file, ask him to unlock it using ZIP password. When the victim will double click on the file, he will be in your control.

11. Now, I will show you what happens when a victim installs the server onto his computer and what the hacker could do next.

Once the victim runs the server on his computer, the trojan will be installed onto his computer in the background. The hacker would then get a message telling him that the victim was infected. He would then connect to his computer by typing in his IP address, port and clicking Connect. He will be asked for the password that he made when he created the server. Once he types it in, he will be connected to the victims computer and have full control over it.


12. Now the hacker has a lot of options to choose from as you can see on the right. He has access to all victim's computer files, he can shut down his pc, get all the saved passwords off his computer, send a message to his computer, format his whole hard drive, take a screen shot of his computer, and so much more. Below I’ll show you a few examples.


13. The image below shows the message that the victim would get on his screen if the hacker chose to message him.


14. Below is an image of the victims task bar after the hacker clicks on Hide Start Button.


15. Below is an image of what the hacker would see if he chose to take a screen shot of the victims screen.


As you saw in the above example, a hacker can do a lot of silly things or a lot of damage to the victim. ProRat is a very well known trojan so if the victim has an anti-virus program installed he most likely won’t get infected. Many skilled hackers can program their own viruses and Trojans that can easily bypass anti-virus programs.

Read more..

"Add Testimonial" ~ remote File upload vulnerability.

"Add Testimonial" ~ remote File upload vulnerability.

"Add Testimonial" ~  remote File upload vulnerability.





[#1] Open website ..

[#2] Go to this URL : testimonial/add.html.php 

For example :  http://Site.com/testimonial/add.html.php

[#3] Now Upload Your Deface or any file

[#4] to view you upload file go to /images/testimonial/ , you'll se index of files here ... click on last file, its urs !!

[#5] enjOy =) Leave a Comment beLow if you Like it

Demo :

http://sdhealingarts.com/testimonial/add.html.php?
http://slangmediagroup.com/testimonial/add.html.php?

http://thepharmcollective.com/testimonial/add.html.php?

http://www.ganjadaddy.com/demo/firestation/testimonial/add.html.php?

Result : http://slangmediagroup.com/images/testimonial/testim_20111218213043

http://www.ganjadaddy.com/demo/firestation//images/testimonial/testim_20111218215509

Read more..

LIST OF HOSTING SITES FOR PHISHING

LIST OF HOSTING SITES FOR PHISHING

110mb - http://110mb.com

Ripway - http://ripway.com

SuperFreeHost - http://superfreehost.info

Freehostia - http://freehostia.com

Freeweb7 - http://freeweb7.com

t35 - http://t35.com

Awardspace - http://awardspace.com

PHPNet - http://phpnet.us

Free Web Hosting Pro - http://freewebhostingpro.com

ProHosts - http://prohosts.org

FreeZoka - http://www.freezoka.com/

000webhost - http://000webhost.com/

AtSpace - http://atspace.com

* 110mb - http://110mb.com

* Ripway - http://ripway.com

* SuperFreeHost - http://superfreehost.info

* Freehostia - http://freehostia.com

* Funpic - http://funpic.de (How to remove ads?)

* Funpic - http://funpic.org (How to remove ads?)

* Freeweb7 - http://freeweb7.com

*

* Awardspace - http://awardspace.com

* PHPNet - http://phpnet.us

* Free Web Hosting Pro - http://freewebhostingpro.com

* ProHosts - http://prohosts.org

* AtSpace - http://atspace.com

* ByetHost - http://byethost.com/

* 000webhost - http://000webhost.com/

*

* Oxyhost - http://www.oxyhost.com/

* Rack111 - http://www.rack111.com/

* Ocostwebhost - http://0costwebhost.com/

* FreeZoka - http://www.freezoka.com/

phpzilla.net

tohostfree.com

http://0fees.net/

Zymic

Sitesfree

Your Free Hosting

www.mjhosting.com

Read more..

Supprimer Trojan.Spy.ProAgent.121

---

Trojan.Spy.ProAgent.121 est un trojan qui a des fonctionnalités de keylogger (enregistre les frappes claviers).
Le trojan peut donc voler les mots de passe, les numéros de carte bancaire si vous faites des achats en ligne et les envoyer par mail au pirate.

Détection de Trojan.Spy.ProAgent.121

Ajoute les fichiers suivants :
c:WINDOWSSYSTEMdtxservice.exe
c:WINDOWSCRSS.EXE
c:WINDOWSfps.atm
c:WINDOWSfps.exe
c:WINDOWSicq.dll
c:WINDOWSiss32.exe
c:WINDOWSkdd32.atm
c:WINDOWSkt.atm
c:WINDOWSktd32.atm
c:WINDOWSmps.atm
c:WINDOWSmps.exe
c:WINDOWSSYSTEMdtxservice.exe

Ajoute les clefs suivantes :
HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerRun « DirectX For Microsoft® Windows »
HKEY_LOCAL_MACHINESoftwareMicrosoftProtected Storage System Provider*Default*Data 2Windows « Value »
HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerRun « DirectX For Microsoft® Windows »

Complete scanning result of « CRSS.EXE », received in VirusTotal at 05.22.2007, 07:31:53 (CET).

Antivirus    Version    Update    Result
AhnLab-V3    2007.5.21.1    05.21.2007    Win-Trojan/ProAgent.13312
AntiVir    7.4.0.23    05.21.2007    no virus found
Authentium    4.93.8    05.21.2007    W32/Progent.A@pws
Avast    4.7.997.0    05.21.2007    Win32:Trojan-gen. {Other}
AVG    7.5.0.467    05.21.2007    PSW.Proagent.B
BitDefender    7.2    05.21.2007    Trojan.Spy.ProAgent.121
CAT-QuickHeal    9.00    05.21.2007    no virus found
ClamAV    devel-20070416    05.22.2007    Trojan.ProAgent.121.B
DrWeb    4.33    05.21.2007    Trojan.ProAgent.12
eSafe    7.0.15.0    05.21.2007    Win32.TrojanHorse
eTrust-Vet    30.7.3651    05.21.2007    Win32/Progent.A
Ewido    4.0    05.21.2007    Not-A-Virus.Monitor.Win32.FamilyKeyLogger.230
FileAdvisor    1    05.22.2007    no virus found
Fortinet    2.85.0.0    05.22.2007    W32/Progent.DLL!tr
F-Prot    4.3.2.48    05.21.2007    W32/Progent.A@pws
F-Secure    6.70.13030.0    05.22.2007    W32/ProAgent.HT
Ikarus    T3.1.1.7    05.22.2007    not-a-virus:Monitor.Win32.FamilyKeyLogger.230
Kaspersky    4.0.2.24    05.22.2007    not-a-virus:Monitor.Win32.FamilyKeyLogger.230
McAfee    5035    05.21.2007    Keylog-Progent
Microsoft    1.2503    05.22.2007    Backdoor:Win32/Turkspy
NOD32v2    2283    05.21.2007    Win32/Spy.ProAgent.12
Norman    5.80.02    05.21.2007    W32/ProAgent.HT
Panda    9.0.0.4    05.21.2007    Trj/FamilyKeyLogger.A
Prevx1    V2    05.22.2007    Trojan.Spy.ProAgent.121
Sophos    4.17.0    05.21.2007    Troj/Keylogg-E
Sunbelt    2.2.907.0    05.17.2007    Backdoor.Evel Passw
Symantec    10    05.22.2007    Trojan Horse
TheHacker    6.1.6.120    05.21.2007    Aplicacion/FamilyKeyLogger.230
VBA32    3.12.0    05.21.2007    Trojan.Win32.Spy.ProAgent.12
VirusBuster    4.3.23:9    05.21.2007    no virus found
Webwasher-Gateway    6.0.1    05.22.2007    Riskware.FamilyKeyLogger

Aditional Information
File size: 13312 bytes
MD5: 067c3c377e0346290862dc8791e81fb0
SHA1: 9a4d3a6ad5fd102eb32a6f1229c80c15dc495409
packers: ASPACK
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=20c34384
Sunbelt info: This is a backdoor tool that sends passwords to a predefined e-mail address without the victim’s consent.



Complete scanning result of « dtxservice.exe », received in VirusTotal at 05.22.2007, 07:39:30 (CET).

Antivirus    Version    Update    Result
AhnLab-V3    2007.5.21.1    05.21.2007    no virus found
AntiVir    7.4.0.23    05.21.2007    TR/Spy.ProAgen.121
Authentium    4.93.8    05.21.2007    W32/ProAgent.spy
Avast    4.7.997.0    05.21.2007    Win32:Trojan-gen. {Other}
AVG    7.5.0.467    05.21.2007    PSW.Proagent.A
BitDefender    7.2    05.21.2007    Trojan.Spy.ProAgent.121
CAT-QuickHeal    9.00    05.21.2007    no virus found
ClamAV    devel-20070416    05.22.2007    Trojan.ProAgent.121.A
DrWeb    4.33    05.21.2007    Trojan.ProAgent.121
eSafe    7.0.15.0    05.21.2007    suspicious Trojan/Worm
eTrust-Vet    30.7.3651    05.21.2007    Win32/Malum.BWDM
Ewido    4.0    05.21.2007    Logger.ProAgent.121
FileAdvisor    1    05.22.2007    no virus found
Fortinet    2.85.0.0    05.22.2007    W32/ProAgent.121!tr
F-Prot    4.3.2.48    05.21.2007    W32/ProAgent.spy
F-Secure    6.70.13030.0    05.22.2007    Trojan-Spy.Win32.ProAgent.121
Ikarus    T3.1.1.7    05.22.2007    Trojan-Spy.Win32.ProAgent.G
Kaspersky    4.0.2.24    05.22.2007    Trojan-Spy.Win32.ProAgent.121
McAfee    5035    05.21.2007    PWS-Progent
Microsoft    1.2503    05.22.2007    TrojanSpy:Win32/ProAgent.1_21
NOD32v2    2283    05.21.2007    a variant of Win32/Spy.ProAgent
Norman    5.80.02    05.21.2007    W32/ProAgent.DE
Panda    9.0.0.4    05.21.2007    Trj/ProAgent.A
Prevx1    V2    05.22.2007    no virus found
Sophos    4.17.0    05.21.2007    Troj/Proagen-A
Sunbelt    2.2.907.0    05.17.2007    no virus found
Symantec    10    05.22.2007    Trojan.Progent
TheHacker    6.1.6.120    05.21.2007    no virus found
VBA32    3.12.0    05.21.2007    Trojan-Spy.Win32.ProAgent.121
VirusBuster    4.3.23:9    05.21.2007    TrojanSpy.ProAgent.Z
Webwasher-Gateway    6.0.1    05.22.2007    Trojan.Spy.ProAgen.121

Aditional Information
File size: 375808 bytes
MD5: 076c28ff322b5907164fbe56bcc2ca9f
SHA1: 76538e41a344437cf9c6369eae1b63d210256d59
packers: UPX
packers: UPX
packers: UPX
packers: UPX

Suppression de Trojan.Spy.ProAgent.121

• Téléchargez et installez Malwarebyte’s Anti-Malware anti-malware recommandé
• Téléchargez eScan Antivirus Toolkit : http://www.malekal.com/tutorial_eScan_antivirus_toolkit.html
• Installez eScan Antivirus Toolkit dans le dossier : C:Kaspersky
• Ouvrez le dossier C:Kaspersky et double-cliquez sur kavupd.exe pour le mettre à jour
• Démarrez Windows en mode sans échec : Guide pour redémarrer en mode sans échec
• Ouvrez le dossier clean qui se trouve sur ton bureau, et double-cliquez sur clean.cmd, une fenêtre noire, choisissez l’option 2 et laissez vous guider.
• Ouvrez le fichier mwavscan.com
• Cochez les options comme indiquées sur cette page
• Cliquez Scan Clean pour démarrer le scan et laissez le scan se faire jusqu’au bout. 
• Afin de supprimer toutes traces du spyware et d’autres élements qu’il aurait pu installer, scannez votre ordinateur avec :
• Malwarebyte’s Anti-Malware anti-malware recommandé
• Redémarrez l’ordinateur
• Je vous conseil aussi de scanner votre ordinateur avec un antivirus à jour, si vous êtes infecté, il y a des chances que vous n’en aillez pas, utilisez alors un antivirus en ligne : 
• Scan par Secuser
• Scan par Symantec
• Scan par Panda
• Nettoyez votre base de registre à l’aide de l’utilitaire regcleaner
• Nettoyez les fichiers temporaires/caches etc.. avec CCleaner
• Si vous rencontrez toujours des problèmes, générez un log à l’aide HijackThis – mode d’emploi et venez le poster sur le forum du site

Redémarrez votre ordinateur en mode normal, si le spyware est encore là, rescannez votre ordinateur avec SpyBot et Ad-Aware.

Consulter le forum malware-complaints et créez votre message selon votre type d’infection, plus vous serez nombreux,plus nous aurons de poids pour faire réagir les autorités face aux malwares !

Cela prend 5 minutes! 

Read more..

Internet Download Manager( With Lifetime Crack )

Internet Download Manager( With Lifetime Crack )

 Internet Download Manager( With Lifetime Crack )


Internet Download Manageris a tool to increase download speeds by up to 5 times, resume and schedule downloads. Comprehensive error recovery and resume capability will restart broken or interrupted downloads due to lost connections, network problems, computer shutdowns, or unexpected power outages. Simple graphic user interface makes IDM user friendly and easy to use.Internet Download Manager has a smart download logic accelerator that features intelligent dynamic file segmentation and safe multipart downloading technology to accelerate your downloads. Unlike other download managers and accelerators Internet Download Manager segments downloaded files dynamically during download process and reuses available connections without additional connect and login stages to achieve best acceleration performance.

Official Website

http://www.internetdownloadmanager.com/

PLEASE DOWNLOAD THE INTERNET DOWNLOAD MANAGER FROM THIS WEBSITE

----How To Use The Lifetime Crack----

1) Install IDM as usual (I suggest you to install it in the default directory)

2) Open The IDM Cracker Tool and click start.

3) You Are Done!!!

----How To Update IDM----

1) Click Update in the IDM Cracker Tool.

2) Then Update the IDM as Usual.

3) Then again click the start button in the Cracker Tool ( Same As The Step 2 In Previous Instructions )

4) Enjoy It For Lifetime

Download The Crack

Read more..