Hack website using SQL map | automatic SQL injection tool
SQL map v.0.9 Released
Today i am going to write a sql injection tool. It's V 0.9 is just released. There are many changes in this tool from it's previous version. Sql injection is one of the top web application vulnerabilities. It's very important to check a website against this vulnerability.
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a kick-ass detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.
Download Here:
http://sourceforge.net/projects/sqlmap/files/
IP SPOOFING TOOLS
In my last Post i gave a simple introduction about IP Spoofing .Now i am writing about some IP spoofing tools:
Tools - For Windows
Engage Packet Builder v2.20 - Scriptable packet builder for Windows
HPing v2.0.0 - Command-line oriented TCP/IP packet assembler/analyzer
Nemesis v1.4 beta3 - Command-line portable IP stack
Colasoft Packet Builder v1.0 - Tool for creating custom network packets
Colasoft Packet Player v1.1 - Packet replay tool
PacketExcalibur v1.0.2 - Graphical and scriptable network packet engine
Scapy v2.0.0.10 - Interactive packet manipulation tool
Spoofer v0.5 - IP Spoofing Tester
NMap v4.68 - Utility for network exploration and security auditing
Tools - For Linux
LSRscan v1.0 - Loose Source Route Scanning Tool
Scapy v2.0.0.10 - Interactive packet manipulation tool
Sendip v2.5-1 - Send completely arbitrary packets out over the network
Spoofer v0.5 - IP Spoofing Tester
Yersina v0.7.1 - Tool to exploit weakenesses in different network protocols
HPing v2.0.0 - Command-line TCP/IP packet assembler/analyzer
IRPAS v0.8 - Internetwork Routing Portocol Attack Suite (File2Cable etc.)
LSRtunnel v0.2.1 - Loose Source Route Tunneling Tool
Nemesis v1.4 beta3 - Command-line portable IP stack
NMap v4.76 - Utility for network exploration and security auditing
PacketExcalibur v1.0.2 - Graphical and scriptable network packet engine
Download Here:
The Torrent file.
http://torrents.thepiratebay.org/4428715/Network_hacking_tools_-_IP_Spoofing.4428715.TPB.torrent
Tools - For Windows
Engage Packet Builder v2.20 - Scriptable packet builder for Windows
HPing v2.0.0 - Command-line oriented TCP/IP packet assembler/analyzer
Nemesis v1.4 beta3 - Command-line portable IP stack
Colasoft Packet Builder v1.0 - Tool for creating custom network packets
Colasoft Packet Player v1.1 - Packet replay tool
PacketExcalibur v1.0.2 - Graphical and scriptable network packet engine
Scapy v2.0.0.10 - Interactive packet manipulation tool
Spoofer v0.5 - IP Spoofing Tester
NMap v4.68 - Utility for network exploration and security auditing
Tools - For Linux
LSRscan v1.0 - Loose Source Route Scanning Tool
Scapy v2.0.0.10 - Interactive packet manipulation tool
Sendip v2.5-1 - Send completely arbitrary packets out over the network
Spoofer v0.5 - IP Spoofing Tester
Yersina v0.7.1 - Tool to exploit weakenesses in different network protocols
HPing v2.0.0 - Command-line TCP/IP packet assembler/analyzer
IRPAS v0.8 - Internetwork Routing Portocol Attack Suite (File2Cable etc.)
LSRtunnel v0.2.1 - Loose Source Route Tunneling Tool
Nemesis v1.4 beta3 - Command-line portable IP stack
NMap v4.76 - Utility for network exploration and security auditing
PacketExcalibur v1.0.2 - Graphical and scriptable network packet engine
Download Here:
The Torrent file.
http://torrents.thepiratebay.org/4428715/Network_hacking_tools_-_IP_Spoofing.4428715.TPB.torrent
IP spoofing A Simple Introduction
IP spoofing is the process of creating IP packets with a spoofed source with the purpose of hiding the identity of sender. IP spoofing is a common method that is used by spammers and scammers to mislead others on the origin of the information they send. Hackers use IP spoofing so they do not get caught spamming and to perpetrate denial of service attacks.
To understand How it works, we must examine the structure of TCP/IP protocol header.The header of each IP packet contains, among other things, the numerical source and destination address of the packet. The source address is normally the address that the packet was sent from. By forging the header so it contains a different address, an attacker can make it appear that the packet was sent by a different machine. The machine that receives spoofed packets will send a response back to the forged source address, which means that this technique is mainly used when the attacker does not care about the response or the attacker has some way of guessing the response.
Defense against spoofing
Filtering at the router
Avoid using the source address authentication. Implement cryptographic authentication system-wide.
Configuring your network to reject packets from the Net that claim to originate from a local address.
Implementing ingress and egress filtering on the border routers and implement an ACL (access control list) that blocks private IP addresses on your downstream interface.
please comment below if this post is useful for you..
To understand How it works, we must examine the structure of TCP/IP protocol header.The header of each IP packet contains, among other things, the numerical source and destination address of the packet. The source address is normally the address that the packet was sent from. By forging the header so it contains a different address, an attacker can make it appear that the packet was sent by a different machine. The machine that receives spoofed packets will send a response back to the forged source address, which means that this technique is mainly used when the attacker does not care about the response or the attacker has some way of guessing the response.
Defense against spoofing
Filtering at the router
Avoid using the source address authentication. Implement cryptographic authentication system-wide.
Configuring your network to reject packets from the Net that claim to originate from a local address.
Implementing ingress and egress filtering on the border routers and implement an ACL (access control list) that blocks private IP addresses on your downstream interface.
please comment below if this post is useful for you..
Ebomb-Virus-For-Fun
This is a simple attack that enables running multiple applications in victims pc just to harass him. There are many ways to ebomb but this is the most easiest way to do it. Simply open notepad and type
@echo off
start iexplore
start notepad
start firefox
and save it as anyname.bat (note: paste the code with "start " in many times to annoy them)
you can also do some additional stuff like enter the message for victim eg. msg * "(Now your pc is getting Hacked)"
and also you can open some websites to irritate victim eg.
start iexplore "www.vishalthehacker.blogspot.com"
start firefox "www.vishalthehacker.blogspot.com"
(simply add them in the .bat file you created)
Now just like always upload the file on any online storage (rapidshare, ziddu,hotfile or fileserve)
and send the link to your victim (you can probably make him believe that its game or just any other app simply by converting the .bat in .exe by using any batch to exe converter. You can also send it via pen drive. The main purpose is to send it to victim.
When victim will open it .............. :D
and then simply save it as "anyname.bat"
Note : The only way to get out of any ebomb attack is simply by System restart
please comment below if this post is useful for you..
:)
@echo off
start iexplore
start notepad
start firefox
and save it as anyname.bat (note: paste the code with "start " in many times to annoy them)
you can also do some additional stuff like enter the message for victim eg. msg * "(Now your pc is getting Hacked)"
and also you can open some websites to irritate victim eg.
start iexplore "www.vishalthehacker.blogspot.com"
start firefox "www.vishalthehacker.blogspot.com"
(simply add them in the .bat file you created)
Now just like always upload the file on any online storage (rapidshare, ziddu,hotfile or fileserve)
and send the link to your victim (you can probably make him believe that its game or just any other app simply by converting the .bat in .exe by using any batch to exe converter. You can also send it via pen drive. The main purpose is to send it to victim.
When victim will open it .............. :D
and then simply save it as "anyname.bat"
Note : The only way to get out of any ebomb attack is simply by System restart
please comment below if this post is useful for you..
:)
Microsoft Safety Scanner, free on demand antivirus tool from microsoft
Microsoft Safety Scanner, free on demand antivirus tool from microsoft
Today i have a good news for windows user. Now you have one more antiVirus tool. Microsoft has released an on demand antivirus tool. This tool is named as The Microsoft Safety Scanner. This tool is free to download for windows user and provide on demand scanning of viruses, spyware and other malicious softwares. This tool is portable and comes in both 32-bit and 64-bit versions for Windows XP and later.
It does not have update functionality and does not need any installation. The Microsoft Safety Scanner expires 10 days after being downloaded. To re-run a scan with the latest anti-malware definitions, download and run the Microsoft Safety Scanner again.
Download Here:
http://www.microsoft.com/security/scanner/en-us/default.aspx
Today i have a good news for windows user. Now you have one more antiVirus tool. Microsoft has released an on demand antivirus tool. This tool is named as The Microsoft Safety Scanner. This tool is free to download for windows user and provide on demand scanning of viruses, spyware and other malicious softwares. This tool is portable and comes in both 32-bit and 64-bit versions for Windows XP and later.
It does not have update functionality and does not need any installation. The Microsoft Safety Scanner expires 10 days after being downloaded. To re-run a scan with the latest anti-malware definitions, download and run the Microsoft Safety Scanner again.
Download Here:
http://www.microsoft.com/security/scanner/en-us/default.aspx
sessionthief | HTTP Session Cloning Tool | Hack facebook, Gmail, twitter over insecure LAN
HTTP Session Cloning & Cookie Stealing Tool
Facebook hacking, Gmail hacking, twitter hacking tool
Sessionthief is the best tool to hack into another email accounts of facebook accounts in open wireless connections. it has the ability to hack into most websites accounts of another user on the same LAN is logged into.
sessionthief tool performs HTTP session cloning by cookie stealing on the insecure LAN and let you use that cloned session to access other's account.
It can issue basic nmap and nbtscan commands to see which IPs are on the subnet, or just listen for IPs broadcasting packets. It can quickly perform ARP poison routing to get packets given the IP of the client if not on an open network or hub, and should also work with interfaces in monitor mode. It integrates automatically with Firefox, dynamically creating a temporary profile for each attack performed. In this way, in contrast to tools like the middler, it doesn’t require any additional configuration, and makes it easy to simultaneously own multiple logins to the same site.
Steps for hacking:
Start the program
Select your interface
Hit watch
Select a request from each of them to facebook or Gmail and click the session button.
The program will automatically start a new instance of firefox for each hacked session, and let you control the login of all of them at once. It compiles and runs on linux and windows depending on the pcap and wxwidgets libraries.
Download Here:
http://scriptjunkie1.110mb.com/security/sessionthief.zip
Facebook hacking, Gmail hacking, twitter hacking tool
Sessionthief is the best tool to hack into another email accounts of facebook accounts in open wireless connections. it has the ability to hack into most websites accounts of another user on the same LAN is logged into.
sessionthief tool performs HTTP session cloning by cookie stealing on the insecure LAN and let you use that cloned session to access other's account.
It can issue basic nmap and nbtscan commands to see which IPs are on the subnet, or just listen for IPs broadcasting packets. It can quickly perform ARP poison routing to get packets given the IP of the client if not on an open network or hub, and should also work with interfaces in monitor mode. It integrates automatically with Firefox, dynamically creating a temporary profile for each attack performed. In this way, in contrast to tools like the middler, it doesn’t require any additional configuration, and makes it easy to simultaneously own multiple logins to the same site.
Steps for hacking:
Start the program
Select your interface
Hit watch
Select a request from each of them to facebook or Gmail and click the session button.
The program will automatically start a new instance of firefox for each hacked session, and let you control the login of all of them at once. It compiles and runs on linux and windows depending on the pcap and wxwidgets libraries.
Download Here:
http://scriptjunkie1.110mb.com/security/sessionthief.zip
Firesheep – Social Network Session Stealing/Hijacking Tool
Stealing sessions/password is now easy with Firesheep and anyone can do it,very easily, which is somewhat scary. This tool provides you a single click hack.
After downloading FireSheep as add-on your mozilla firefox, now you get a side bar.Now log in to a public WiFi spot and click a button "start capturing. You’ll then be shown images and user names of various people using networks such as Facebook, Twitter, Flickr, bit.ly, Google and Amazon in that side bar. With a double click on their image, you’ll be logged in as them immediately. You can log in to any people's account who is using his account in that network.
Download Here
http://github.com/downloads/codebutler/firesheep/firesheep-0.1-1.xpi
After downloading FireSheep as add-on your mozilla firefox, now you get a side bar.Now log in to a public WiFi spot and click a button "start capturing. You’ll then be shown images and user names of various people using networks such as Facebook, Twitter, Flickr, bit.ly, Google and Amazon in that side bar. With a double click on their image, you’ll be logged in as them immediately. You can log in to any people's account who is using his account in that network.
Download Here
http://github.com/downloads/codebutler/firesheep/firesheep-0.1-1.xpi
Website development and SEO tips: Search engine optimisation (SEO)
Website development and SEO tips: Search engine optimisation (SEO): "Search engine optimisation (SEO)Search engine optimisation – commonly abbreviated to SEO – is the process in which a web site, or a web page..."
complete list of all facebook emoticons / smileys | Fb emoticons
Do you know facebook?? just kidding lolzz.
We all use facebook as a social networking website and chat with online people with its chat service. It's our life's part as a daily routine. But very less people know all facebook smileys. Well it is very simple to send smileys in facebook chat.You have to just enter a code and it will automatically convert into a smiley.I am providing here a complete list of smiley codes that can be used on facebook.Even if you already use or know some of the codes even then you will find this list very useful becuase you will find a lot of new codes.
Please comment and subscribe on your email address..
:)
We all use facebook as a social networking website and chat with online people with its chat service. It's our life's part as a daily routine. But very less people know all facebook smileys. Well it is very simple to send smileys in facebook chat.You have to just enter a code and it will automatically convert into a smiley.I am providing here a complete list of smiley codes that can be used on facebook.Even if you already use or know some of the codes even then you will find this list very useful becuase you will find a lot of new codes.
Please comment and subscribe on your email address..
:)
Trace IP address and MOBILE Numbers
Trace IP address and MOBILE Numbers
Many people want this type of services and searched over internet a waste their time but unable to get desired results.
A few days ago i got a website which have a lots of tracing services. It shows tracing results in a map along with all suitable information you want to know.
You can trace a Mobile number. For example , when we enter the 10 digit mobile number, then we get the Mobile Service provider, Location, City along with area in a map.
Thats really awesome.
You can also trace IP Address of a person. Enter your IP address and it will show you the location of this IP address and complete details of the ISP with the contact number of that IP Address.
Features of this site is
Trace Mobile Number
Trace Vehical Number
Trace Pin Code
Trace IP AddressWHOIS Trace
GO TO THIS LINK:
http://www.indiatrace.com
please comment below if this post is useful for you..
:)
Many people want this type of services and searched over internet a waste their time but unable to get desired results.
A few days ago i got a website which have a lots of tracing services. It shows tracing results in a map along with all suitable information you want to know.
You can trace a Mobile number. For example , when we enter the 10 digit mobile number, then we get the Mobile Service provider, Location, City along with area in a map.
Thats really awesome.
You can also trace IP Address of a person. Enter your IP address and it will show you the location of this IP address and complete details of the ISP with the contact number of that IP Address.
Features of this site is
Trace Mobile Number
Trace Vehical Number
Trace Pin Code
Trace IP AddressWHOIS Trace
GO TO THIS LINK:
http://www.indiatrace.com
please comment below if this post is useful for you..
:)
Repair Usb drive | Pen drive repair_v_2.9.1.1 free download
Repair Usb drive | Pen drive repair_v_2.9.1.1 free download
Remove write protection from pendrive
This software is the best solution for many of the problems related to your removable disk. Sometimes pen drive becomes read only drive due ti many viruses and you can't be able to copy data into your pen drive. You can only access the data in the PD as a CD.
:P
This software is the best solution to remove read only attribute from your pen drive
Download Here:
http://www.ziddu.com/downloadlink/12620735/Repair_v2.9.1.1.zip
Remove write protection from pendrive
This software is the best solution for many of the problems related to your removable disk. Sometimes pen drive becomes read only drive due ti many viruses and you can't be able to copy data into your pen drive. You can only access the data in the PD as a CD.
:P
This software is the best solution to remove read only attribute from your pen drive
Download Here:
http://www.ziddu.com/downloadlink/12620735/Repair_v2.9.1.1.zip
download virus effect remover | remove virus effect from your system
Today i am going to write about a nice tool for your windows protection from malwares. It's name is Virus effect remover . This is a nice tool to remove all the common effects caused by viruses and other type of malwares. It helps you to monitor your system process and helps you to easily delete autorun.inf file from the system and removable media.
Virus effect remover | 1.8 MB
Features:
Remove Error: After cleaning virus from the system run this to unblock the virus infected tools such as task manager, registry editor cmd and many other windows tools.
Generate Process list:
Find Clone file:
unlock a file from a process:
delete a locked file:
block a specific virus:
This software enables your Admin restricted application and remove the changes which a virus does to protect itself.
It enables :
1: Registry Tools (e.g : regedit)
2: Task manager
3: Group Policy Editor (e.g. gpedit.msc)
4: Run command option in start Menu
5: Folder Option in Explorer & Control panel
6: Update check
7: File Menu
8: Find Menu
9: Log Off
10: Task Bar
It repairs :
1: Folder Option Show Hidden Tab
2: Folder Option Show Supper Hidden Tab
Requirement:
windows
DotNet framework
Download Here:
http://www.ziddu.com/downloadlink/12847867/viruseffectremover.rar
Virus effect remover | 1.8 MB
Features:
Remove Error: After cleaning virus from the system run this to unblock the virus infected tools such as task manager, registry editor cmd and many other windows tools.
Generate Process list:
Find Clone file:
unlock a file from a process:
delete a locked file:
block a specific virus:
This software enables your Admin restricted application and remove the changes which a virus does to protect itself.
It enables :
1: Registry Tools (e.g : regedit)
2: Task manager
3: Group Policy Editor (e.g. gpedit.msc)
4: Run command option in start Menu
5: Folder Option in Explorer & Control panel
6: Update check
7: File Menu
8: Find Menu
9: Log Off
10: Task Bar
It repairs :
1: Folder Option Show Hidden Tab
2: Folder Option Show Supper Hidden Tab
Requirement:
windows
DotNet framework
Download Here:
http://www.ziddu.com/downloadlink/12847867/viruseffectremover.rar
How do i fake my IP address? Is there an easy way to make it think i come from another country?
- to stream tv shows from US websites
- ip change
- easy way?
If you aren’t a fan of Hide My IP I would suggest Hide My Ass as the best alternate solution.Don’t agree?? Post your comments below.
Vishal Mittal | Create your badge
How to hide a url | Mask url
Vishal Mittal | Create your badge
We discussed about Phishing in my previous article How to hack someone's Facebook account. While sending mail, you have to include in mail, the link to your phisher page. So, instead of sending mail with actual url which can create a sense of doubt in victim's mind, we can hide the url. Dot.tk is an online service which enables you tohide/mask the url.The article below mentions the way to hide a url using Dot.tk service.
Consider you have hosted your phisher at 0009.ws and your phisher link is something like:
http://yourusername.0009.ws/index.html
So, whenever victim checks out this link, he will find the link suspicious. This can be detrimental for our hack. So, the best way is to make this link less suspicious i.e. to hide/mask the url.
1. So, go to Dot.tk to hide a url.
2. Enter your phisher link in the textbox and hit on Next.
3. Enter the link you want to rename your phisher link to.
So friends, I hope you are now able to hide a url using this url masker service. Try your best to get the most matching link as possible. If you have any problem in this tutorial onhow to hide/mask a url,please mention it in comments.
Enjoy .tk domain to hide a url...
We discussed about Phishing in my previous article How to hack someone's Facebook account. While sending mail, you have to include in mail, the link to your phisher page. So, instead of sending mail with actual url which can create a sense of doubt in victim's mind, we can hide the url. Dot.tk is an online service which enables you tohide/mask the url.The article below mentions the way to hide a url using Dot.tk service.
Hide/Mask a url:
Consider you have hosted your phisher at 0009.ws and your phisher link is something like:
http://yourusername.0009.ws/index.html
So, whenever victim checks out this link, he will find the link suspicious. This can be detrimental for our hack. So, the best way is to make this link less suspicious i.e. to hide/mask the url.
1. So, go to Dot.tk to hide a url.
2. Enter your phisher link in the textbox and hit on Next.
3. Enter the link you want to rename your phisher link to.
4. Now, you can send this masked phisher link to your victim. The victim will now find our phisher link less suspicious as we have hidden the actual phisher link using .tk domain.
So friends, I hope you are now able to hide a url using this url masker service. Try your best to get the most matching link as possible. If you have any problem in this tutorial onhow to hide/mask a url,please mention it in comments.
Enjoy .tk domain to hide a url...
How to bypass antivirus using Exe Icon changer software
I have been posting on Undetection Techniques since last few days. Today, I am adding one more article to this section.Exe Icon changeris pretty handy tool to bypass antivirus detection on victim computer. Most antiviruses check a file for a virus signature to determine if it is a virus or not. Changing icon of the file using Exe icon changer at many times helps in bypassing antivirus detection. I have provided link to download exe icon changer... just read on.
In the following article, I will demonstrate how Exe icon changer can be used to bypass Avira antivirus. I have created my keylogger server using Star Toolskeylogger (pretty old now) and it is detectable by my Avira. Avira shows my server as TR/Dropper.Gen. Friends, whenever Avira detects your server as TR/Dropper.Gen, use Icon Changer software. You are most probable to bypassAvira antivirus, though not everytime.
So, lets start with method to use exe icon changer.
1. Free download Exe Icon Changer software to bypass antivirus detection.
Password: techotoys.blogspot.com
2. Run this exe icon changer software on your computer to see:
3. Hit on "Browse" and select the .ico icon file from Icon Pack folder. Also, hit on "Browse" next to Exe file and select your server file. Now, hit on "Change" and you will find the icon of your server file changed.
4. Now, on scanning this modified server file, Avira doesn't show any virus detection as shown in below image:
Thus, we have successfully bypassed Avira antivirus detection using exe icon changer software.
So friends, I hope now you will be able to useexe icon changer software to bypass Avira antivirus.This icon changer software is pretty handy tool to bypass antivirus detection. If you find any problem in using this exe icon changer software, please mention it in comments.
Enjoy exe icon changer software to bypass antivirus...
Exe Icon changer to bypass antivirus:
In the following article, I will demonstrate how Exe icon changer can be used to bypass Avira antivirus. I have created my keylogger server using Star Toolskeylogger (pretty old now) and it is detectable by my Avira. Avira shows my server as TR/Dropper.Gen. Friends, whenever Avira detects your server as TR/Dropper.Gen, use Icon Changer software. You are most probable to bypassAvira antivirus, though not everytime.
So, lets start with method to use exe icon changer.
1. Free download Exe Icon Changer software to bypass antivirus detection.
Password: techotoys.blogspot.com
2. Run this exe icon changer software on your computer to see:
3. Hit on "Browse" and select the .ico icon file from Icon Pack folder. Also, hit on "Browse" next to Exe file and select your server file. Now, hit on "Change" and you will find the icon of your server file changed.
4. Now, on scanning this modified server file, Avira doesn't show any virus detection as shown in below image:
Thus, we have successfully bypassed Avira antivirus detection using exe icon changer software.
So friends, I hope now you will be able to useexe icon changer software to bypass Avira antivirus.This icon changer software is pretty handy tool to bypass antivirus detection. If you find any problem in using this exe icon changer software, please mention it in comments.
Enjoy exe icon changer software to bypass antivirus...
Autosave Firefox Passwords to Hack Email Accounts
hack Email account passwordssaved in victim's Firefox. In this article, instead of stealing signons we willconfigure our Firefox to autsave all login information. Thus, if your friend tries to login to his account by using your Firefox browser, his login information will be automatically saved in your Firefox and thus, you will be able to hack email account password of your friend.
Usually, whenever you try to login to your account, Firefox asks you whether your login information should be saved or not. Firefox will remember your password only if you hit on "Remember".
But, this confirmation bar becomes a headache when victim tries to login to his account using your computer. So, to hack Email account password of your victim, we will remove this confirmation bar and configure Firefox to autosave every password without asking for any confirmation.
Note: If you are trying this hack, remember to backup your nsloginmanagerprompter.js file before moving to further section. For backup, go to
1. Download Notepad++ and install it on your computer.
Password: techotoys.blogspot.com
2. Go to
3. Now, move to line 804. Replace the entire code from line 804 to line 869 with the following code:
How to hack Email Account password:
Usually, whenever you try to login to your account, Firefox asks you whether your login information should be saved or not. Firefox will remember your password only if you hit on "Remember".
But, this confirmation bar becomes a headache when victim tries to login to his account using your computer. So, to hack Email account password of your victim, we will remove this confirmation bar and configure Firefox to autosave every password without asking for any confirmation.
Note: If you are trying this hack, remember to backup your nsloginmanagerprompter.js file before moving to further section. For backup, go to
C:\Program Files\Mozilla Firefox\Componenetsand copy nsloginmanagerprompter.js file. Save this copied file to a safe location so that you can use this file to rollback your default Firefox configuration.
Steps to Hack Email Account:
1. Download Notepad++ and install it on your computer.
Password: techotoys.blogspot.com
2. Go to
C:\Program Files\Mozilla Firefox\Componentsand look for nsloginmanagerprompter.js file. Right click on it and hit on "Edit with Notepad++".
3. Now, move to line 804. Replace the entire code from line 804 to line 869 with the following code:
var pwmgr = this._pwmgr;
pwmgr.addLogin(aLogin);
4. Now, go to File ->Save As and save the file on your Desktop. Now, copy this file and paste it in Components folder (C:\Program Files\Mozilla Firefox\Components). You will be asked whether to replace the existing file. Hit on "Copy and Replace".
That's it. We have configured Firefox and now, whenever anyone tries to login to his account using Firefox, his login information will be autosaved by Firefox without asking for any confirmation. You can try this in your Firefox.
To see the autosaved passwords go to Tools ->Options ->Security. Hit on "Saved Passwords" and on the popup box, hit on "Show Passwords". You can thus hackemail account of your friend by using this Firefox hack.
So friends, this was a littleFirefox hack to hack Email accountof your friends. Note that for this hack to work, your friend should login to his account using your Firefox. If you have any problem in this Firefox trick to hackEmail account password, please mention it in comments.
Enjoy Firefox trick to hack Email account...
That's it. We have configured Firefox and now, whenever anyone tries to login to his account using Firefox, his login information will be autosaved by Firefox without asking for any confirmation. You can try this in your Firefox.
To see the autosaved passwords go to Tools ->Options ->Security. Hit on "Saved Passwords" and on the popup box, hit on "Show Passwords". You can thus hackemail account of your friend by using this Firefox hack.
So friends, this was a littleFirefox hack to hack Email accountof your friends. Note that for this hack to work, your friend should login to his account using your Firefox. If you have any problem in this Firefox trick to hackEmail account password, please mention it in comments.
Enjoy Firefox trick to hack Email account...
Facebook Hack: How to hack a Facebook Account | Cookie Stealing
We talked about How to hack Facebook account using Phishing. Today, I am gonna inform you the method to
hack a Facebook account using Cookie Stealing.
If you have not yet gone through my previous Cookie stealing articles, please read them before you proceed further in this article on how to hack a Facebook account.
Facebook usually authenticates its user using cookies. So, whenever user logs in to his account, Facebook server sends a session cookie to user browser and this cookie is used by server to authenticate the user. So, if you are possessing the victim account's cookie, Facebook will grant you the access to victim account.
1. Using Wireshark or HTTP Debugger Pro, capture the cookie of victim Facebookaccount. Refer the Wireshark tutorial for more information on how to captureFacebook cookie.
2. Install Greasemonkey and CookieInjector script in your Firefox. Restart Firefox.
3. Now, go to Facebook.com. Make sure you are not logged in. Using keyboard, press Alt+C to see a text box. Enter the victim cookie you have copied in Step 1 in this text box and hit on Enter.
4. Now, simply refresh your Facebook page and you will find yourself logged in to victim's Facebook account.
That's it friends. You are now able tohack a Facebook account using Cookie stealingmethod. This method works perfect if victim is not using any SSL encryption i.e. HTTPs while logging in to his Facebook account. If you face any problem in this tutorial on how to hack a Facebook account using Cookie stealing, please mention it in comments.
Enjoy n hack a Facebook account using Cookie stealing...
hack a Facebook account using Cookie Stealing.
If you have not yet gone through my previous Cookie stealing articles, please read them before you proceed further in this article on how to hack a Facebook account.
How to hack a Facebook account:
Facebook usually authenticates its user using cookies. So, whenever user logs in to his account, Facebook server sends a session cookie to user browser and this cookie is used by server to authenticate the user. So, if you are possessing the victim account's cookie, Facebook will grant you the access to victim account.
Steps to hack Facebook account:
1. Using Wireshark or HTTP Debugger Pro, capture the cookie of victim Facebookaccount. Refer the Wireshark tutorial for more information on how to captureFacebook cookie.
2. Install Greasemonkey and CookieInjector script in your Firefox. Restart Firefox.
4. Now, simply refresh your Facebook page and you will find yourself logged in to victim's Facebook account.
That's it friends. You are now able tohack a Facebook account using Cookie stealingmethod. This method works perfect if victim is not using any SSL encryption i.e. HTTPs while logging in to his Facebook account. If you face any problem in this tutorial on how to hack a Facebook account using Cookie stealing, please mention it in comments.
Enjoy n hack a Facebook account using Cookie stealing...
Common methods to hack a website
Gone are the days when website hacking was a sophisticated art. Today any body can access through the Internet and start hacking your website. All that is needed is doing a search on google with keywords like “how to hack website”, “hack into a website”, “Hacking a website” etc. The following article is not an effort to teach you website hacking, but it has more to do with raising awareness on some common website hacking methods.
The Simple SQL Injection Hack
SQL Injection involves entering SQL code into web forms, eg. login fields, or into the browser address field, to access and manipulate the database behind the site, system or application.
When you enter text in the Username and Password fields of a login screen, the data you input is typically inserted into an SQL command. This command checks the data you've entered against the relevant table in the database. If your input matches table/row data, you're granted access (in the case of a login screen). If not, you're knocked back out.
In its simplest form, this is how the SQL Injection works. It's impossible to explain this without reverting to code for just a moment. Don't worry, it will all be over soon.
Suppose we enter the following string in a User name field:
' OR 1=1 double-dash-txt.png
The authorization SQL query that is run by the server, the command which must be satisfied to allow access, will be something along the lines of:
SELECT * FROM users WHERE username = ‘USRTEXT '
AND password = ‘PASSTEXT’
…where USRTEXT and PASSTEXT are what the user enters in the login fields of the web form.
So entering `OR 1=1 — as your username, could result in the following actually being run:
SELECT * FROM users WHERE username = ‘' OR 1=1 — 'AND password = '’
Two things you need to know about this:
['] closes the [user-name] text field.
'double-dash-txt.png' is the SQL convention for Commenting code, and everything after Comment is ignored. So the actual routine now becomes:
SELECT * FROM users WHERE user name = '' OR 1=1
1 is always equal to 1, last time I checked. So the authorization routine is now validated, and we are ushered in the front door to wreck havoc.
Let's hope you got the gist of that, and move briskly on.
Brilliant! I'm gonna go hack me a Bank!
Slow down, cowboy. This half-cooked method won't beat the systems they have in place up at Citibank,
evidently
But the process does serve to illustrate just what SQL Injection is all about — injecting code to manipulate a routine via a form, or indeed via the URL. In terms of login bypass via Injection, the hoary old ' OR 1=1 is just one option. If a hacker thinks a site is vulnerable, there are cheat-sheets all over the web for login strings which can gain access to weak systems. Here are a couple more common strings which are used to dupe SQL validation routines:
username field examples:
admin'—
') or ('a'='a
”) or (“a”=”a
hi” or “a”=”a
… and so on.
Cross site scripting ( XSS ):
Cross-site scripting or XSS is a threat to a website's security. It is the most common and popular hacking a websiteto gain access information from a user on a website. There are hackers with malicious objectives that utilize this to attack certain websites on the Internet. But mostly good hackers do this to find security holes for websites and help them find solutions. Cross-site scripting is a security loophole on a website that is hard to detect and stop, making the site vulnerable to attacks from malicious hackers. This security threat leaves the site and its users open to identity theft, financial theft and data theft. It would be advantageous for website owners to understand how cross-site scripting works and how it can affect them and their users so they could place the necessary security systems to block cross-site scripting on their website.
Denial of service ( Ddos attack ):
A denial of service attack (DOS) is an attack through which a person can render a system unusable or significantly slow down the system for legitimate users by overloading the resources, so that no one can access it.this is not actually hacking a webite but it is used to take down a website.
If an attacker is unable to gain access to a machine, the attacker most probably will just crash the machine to accomplish a denial of service attack,this one of the most used method for website hacking
I recently wrote an article on Hack a website using denial of service
Cookie Poisoning:
Well, for a starters i can begin with saying that Cookie Poisoning is alot like SQL Injection
Both have 'OR'1'='1 or maybe '1'='1'
But in cookie poisoning you begin with alerting your cookies
Javascript:alert(document.cookie)
Then you will perharps see "username=JohnDoe" and "password=iloveJaneDoe"
in this case the cookie poisoning could be:
Javascript:void(document.cookie="username='OR'1'='1"); void(document.cookie="password='OR'1'='1");
It is also many versions of this kind... like for example
'
'1'='1'
'OR'1'='1
'OR'1'='1'OR'
and so on...
You may have to try 13 things before you get it completely right...
Password Cracking
Hashed strings can often be deciphered through 'brute forcing'. Bad news, eh? Yes, and particularly if your encrypted passwords/usernames are floating around in an unprotected file somewhere, and some Google hacker comes across it.
You might think that just because your password now looks something like XWE42GH64223JHTF6533H in one of those files, it means that it can't be cracked? Wrong. Tools are freely available which will decipher a certain proportion of hashed and similarly encoded passwords.
Know more about Brute force attack
A Few Defensive Measures
* If you utilize a web content management system, subscribe to the development blog. Update to new versions soon as possible.
* Update all 3rd party modules as a matter of course — any modules incorporating web forms or enabling member file uploads are a potential threat. Module vulnerabilities can offer access to your full database.
* Harden your Web CMS or publishing platform. For example, if you use WordPress, use this guide as a reference.
* If you have an admin login page for your custom built CMS, why not call it 'Flowers.php' or something, instead of “AdminLogin.php” etc.?
* Enter some confusing data into your login fields like the sample Injection strings shown above, and any else which you think might confuse the server. If you get an unusual error message disclosing server-generated code then this may betray vulnerability.
* Do a few Google hacks on your name and your website. Just in case…
* When in doubt, pull the yellow cable out! It won't do you any good, but hey, it rhymes.
The Simple SQL Injection Hack
SQL Injection involves entering SQL code into web forms, eg. login fields, or into the browser address field, to access and manipulate the database behind the site, system or application.
When you enter text in the Username and Password fields of a login screen, the data you input is typically inserted into an SQL command. This command checks the data you've entered against the relevant table in the database. If your input matches table/row data, you're granted access (in the case of a login screen). If not, you're knocked back out.
In its simplest form, this is how the SQL Injection works. It's impossible to explain this without reverting to code for just a moment. Don't worry, it will all be over soon.
Suppose we enter the following string in a User name field:
' OR 1=1 double-dash-txt.png
The authorization SQL query that is run by the server, the command which must be satisfied to allow access, will be something along the lines of:
SELECT * FROM users WHERE username = ‘USRTEXT '
AND password = ‘PASSTEXT’
…where USRTEXT and PASSTEXT are what the user enters in the login fields of the web form.
So entering `OR 1=1 — as your username, could result in the following actually being run:
SELECT * FROM users WHERE username = ‘' OR 1=1 — 'AND password = '’
Two things you need to know about this:
['] closes the [user-name] text field.
'double-dash-txt.png' is the SQL convention for Commenting code, and everything after Comment is ignored. So the actual routine now becomes:
SELECT * FROM users WHERE user name = '' OR 1=1
1 is always equal to 1, last time I checked. So the authorization routine is now validated, and we are ushered in the front door to wreck havoc.
Let's hope you got the gist of that, and move briskly on.
Brilliant! I'm gonna go hack me a Bank!
Slow down, cowboy. This half-cooked method won't beat the systems they have in place up at Citibank,
evidently
But the process does serve to illustrate just what SQL Injection is all about — injecting code to manipulate a routine via a form, or indeed via the URL. In terms of login bypass via Injection, the hoary old ' OR 1=1 is just one option. If a hacker thinks a site is vulnerable, there are cheat-sheets all over the web for login strings which can gain access to weak systems. Here are a couple more common strings which are used to dupe SQL validation routines:
username field examples:
admin'—
') or ('a'='a
”) or (“a”=”a
hi” or “a”=”a
… and so on.
Cross site scripting ( XSS ):
Cross-site scripting or XSS is a threat to a website's security. It is the most common and popular hacking a websiteto gain access information from a user on a website. There are hackers with malicious objectives that utilize this to attack certain websites on the Internet. But mostly good hackers do this to find security holes for websites and help them find solutions. Cross-site scripting is a security loophole on a website that is hard to detect and stop, making the site vulnerable to attacks from malicious hackers. This security threat leaves the site and its users open to identity theft, financial theft and data theft. It would be advantageous for website owners to understand how cross-site scripting works and how it can affect them and their users so they could place the necessary security systems to block cross-site scripting on their website.
Denial of service ( Ddos attack ):
A denial of service attack (DOS) is an attack through which a person can render a system unusable or significantly slow down the system for legitimate users by overloading the resources, so that no one can access it.this is not actually hacking a webite but it is used to take down a website.
If an attacker is unable to gain access to a machine, the attacker most probably will just crash the machine to accomplish a denial of service attack,this one of the most used method for website hacking
I recently wrote an article on Hack a website using denial of service
Cookie Poisoning:
Well, for a starters i can begin with saying that Cookie Poisoning is alot like SQL Injection
Both have 'OR'1'='1 or maybe '1'='1'
But in cookie poisoning you begin with alerting your cookies
Javascript:alert(document.cookie)
Then you will perharps see "username=JohnDoe" and "password=iloveJaneDoe"
in this case the cookie poisoning could be:
Javascript:void(document.cookie="username='OR'1'='1"); void(document.cookie="password='OR'1'='1");
It is also many versions of this kind... like for example
'
'1'='1'
'OR'1'='1
'OR'1'='1'OR'
and so on...
You may have to try 13 things before you get it completely right...
Password Cracking
Hashed strings can often be deciphered through 'brute forcing'. Bad news, eh? Yes, and particularly if your encrypted passwords/usernames are floating around in an unprotected file somewhere, and some Google hacker comes across it.
You might think that just because your password now looks something like XWE42GH64223JHTF6533H in one of those files, it means that it can't be cracked? Wrong. Tools are freely available which will decipher a certain proportion of hashed and similarly encoded passwords.
Know more about Brute force attack
A Few Defensive Measures
* If you utilize a web content management system, subscribe to the development blog. Update to new versions soon as possible.
* Update all 3rd party modules as a matter of course — any modules incorporating web forms or enabling member file uploads are a potential threat. Module vulnerabilities can offer access to your full database.
* Harden your Web CMS or publishing platform. For example, if you use WordPress, use this guide as a reference.
* If you have an admin login page for your custom built CMS, why not call it 'Flowers.php' or something, instead of “AdminLogin.php” etc.?
* Enter some confusing data into your login fields like the sample Injection strings shown above, and any else which you think might confuse the server. If you get an unusual error message disclosing server-generated code then this may betray vulnerability.
* Do a few Google hacks on your name and your website. Just in case…
* When in doubt, pull the yellow cable out! It won't do you any good, but hey, it rhymes.
Flood a website with denial of service attack
What is a Denial Of Service Attack?
A denial of service attack (DOS) is an attack through which a person can render a system unusable or significantly slow down the system for legitimate users by overloading the resources, so that no one can access it.
If an attacker is unable to gain access to a machine, the attacker most probably will just crash the machine to accomplish a denial of service attack,this one of the most used method for website hacking
Types of denial of service attacks
There are several general categories of DoS attacks.Popularly, the attacks are divided into three classes:
bandwidth attacks,
protocol attacks
logic attacks
What is Distributed Denial of Service Attack?
In DDOS attack, The attacker launches the attack using several machines. In this case, an attacker breaks into several machines, or coordinates with several zombies to launch an attack against a target or network at the same time.
This makes it difficult to detect because attacks originate from several IP addresses.If a single IP address is attacking a company, it can block that address at its firewall. If it is 30000 this is extremely difficult.
Damages made By Denial of service attack:
Over past years Denial of service attack has made huge amount of damage,Many of the have been victimed of this attack
Its Real,On February 6th, 2000, Yahoo portal was shut down for 3 hours. Then retailer Buy.com Inc. (BUYX) was hit the next day, hours after going public. By that evening, eBay (EBAY), Amazon.com (AMZN), and CNN (TWX) had gone dark. And in the morning, the mayhem continued with online broker E*Trade (EGRP) and others having traffic to their sites virtually choked off.
This attack also recently hit twitter on 6th August 2009,lot of people had trouble on logging on twitter,It was brought down by denial of service attack,They tired up there server so no one can get on log on it.Websites like facebook,ebay etc have also been victim of this attack.
Now i will show you how you can flood a website with Denial of service attack. For this tutorial we will be using one of the most effective and one of the least known tools called "Low Orbit Ion Cannon", created by Anonymous members from 4chan.org, this program is one of the best for DDoS'ing, and I have successfully used it to DDoS websites. An internet connection as bad as mine (2,500 kb/s) was able to keep a site down for a day with this program running. Remember that this tool will work best with high internet speeds, and try not to go for impossible targets (like Google, Myspace,Yahoo). LOIC is used on a single computer, but with friends it's enough to give sites a great deal of downtime.
Prerequisites: Download LOIC (Low Orbit Ion Cannon). Open up LOIC.
(I am not giving a download link because then i will be accused for exiting hackers,try goggling).
Step 1: Type the target URL in the URL box.
Step 2: Click lock on.
Step 3: Change the threads to 9001 for maximum efficiency.
Step 4: Click the big button "IMMA FIRIN MAH LAZAR!"
Feel free to tweak around with these settings and play around with the program to get the best performance. Then minimize and go do whatever you need to do, the program will take care of the rest!
A denial of service attack (DOS) is an attack through which a person can render a system unusable or significantly slow down the system for legitimate users by overloading the resources, so that no one can access it.
If an attacker is unable to gain access to a machine, the attacker most probably will just crash the machine to accomplish a denial of service attack,this one of the most used method for website hacking
Types of denial of service attacks
There are several general categories of DoS attacks.Popularly, the attacks are divided into three classes:
bandwidth attacks,
protocol attacks
logic attacks
What is Distributed Denial of Service Attack?
In DDOS attack, The attacker launches the attack using several machines. In this case, an attacker breaks into several machines, or coordinates with several zombies to launch an attack against a target or network at the same time.
This makes it difficult to detect because attacks originate from several IP addresses.If a single IP address is attacking a company, it can block that address at its firewall. If it is 30000 this is extremely difficult.
Damages made By Denial of service attack:
Over past years Denial of service attack has made huge amount of damage,Many of the have been victimed of this attack
Its Real,On February 6th, 2000, Yahoo portal was shut down for 3 hours. Then retailer Buy.com Inc. (BUYX) was hit the next day, hours after going public. By that evening, eBay (EBAY), Amazon.com (AMZN), and CNN (TWX) had gone dark. And in the morning, the mayhem continued with online broker E*Trade (EGRP) and others having traffic to their sites virtually choked off.
This attack also recently hit twitter on 6th August 2009,lot of people had trouble on logging on twitter,It was brought down by denial of service attack,They tired up there server so no one can get on log on it.Websites like facebook,ebay etc have also been victim of this attack.
Now i will show you how you can flood a website with Denial of service attack. For this tutorial we will be using one of the most effective and one of the least known tools called "Low Orbit Ion Cannon", created by Anonymous members from 4chan.org, this program is one of the best for DDoS'ing, and I have successfully used it to DDoS websites. An internet connection as bad as mine (2,500 kb/s) was able to keep a site down for a day with this program running. Remember that this tool will work best with high internet speeds, and try not to go for impossible targets (like Google, Myspace,Yahoo). LOIC is used on a single computer, but with friends it's enough to give sites a great deal of downtime.
Prerequisites: Download LOIC (Low Orbit Ion Cannon). Open up LOIC.
(I am not giving a download link because then i will be accused for exiting hackers,try goggling).
Step 1: Type the target URL in the URL box.
Step 2: Click lock on.
Step 3: Change the threads to 9001 for maximum efficiency.
Step 4: Click the big button "IMMA FIRIN MAH LAZAR!"
Feel free to tweak around with these settings and play around with the program to get the best performance. Then minimize and go do whatever you need to do, the program will take care of the rest!
Hack an email account
constantly get emails of people asking me how to hack hotmail, hack yahoo, and all the other popular email services. Usually it’s for one of the following moronic cover-ups: It’s my password, I just forgot it. , or my boyfriend this or my girlfriend that. I just don’t understand what possesses them to possibly think that I give a hoot. Nah, I love you guys, I’m just kidding! Everyone seems to think that there’s some hacking trick that will magically get them the password. Too bad you have to actually learn something. Bummer… eh? Below I have briefly described the most common methods.
Malware - Attackers can infect computers with malware such as Trojan horses that could extract all the saved passwords on a computer or a key logger that will log all the victims typed passwords.
Guessing - The attacker could literally guess the password if the victim uses an easy password like his/her name, birthday, favorite something, pets name, or something similar. If the attacker knows the victim well enough this attack won’t be that difficult to carry out.
Social Engineering - The attacker could literally ask for your password by calling up the victim and pretending to be an IT employee of the company. Once the victims trust is gained, the attacker would then make up a story saying something like the victims password is needed to do some updates because the user database is down or some other bogus. The attacker could also use social engineering along with a phishing page. This would be done by sending the victim a n email that looks like it is from the real email provider. In the email would be a link to his phishing page telling the victim that he/she needs to login and update or change some information immediately for whatever reason.
If you would like to see in detail how to excecute every one of these methods, see The Hacker’s Underground Handbook.
Phishing - Phishing is by far the most used and easiest method. The attacker simply sets up a page that looks exactly like the real email login page and tricks people into entering their login information.
Update: Check out the new post on how to create your own phishing page here.
Update: Check out the new post on how to create your own phishing page here.
Malware - Attackers can infect computers with malware such as Trojan horses that could extract all the saved passwords on a computer or a key logger that will log all the victims typed passwords.
Guessing - The attacker could literally guess the password if the victim uses an easy password like his/her name, birthday, favorite something, pets name, or something similar. If the attacker knows the victim well enough this attack won’t be that difficult to carry out.
Social Engineering - The attacker could literally ask for your password by calling up the victim and pretending to be an IT employee of the company. Once the victims trust is gained, the attacker would then make up a story saying something like the victims password is needed to do some updates because the user database is down or some other bogus. The attacker could also use social engineering along with a phishing page. This would be done by sending the victim a n email that looks like it is from the real email provider. In the email would be a link to his phishing page telling the victim that he/she needs to login and update or change some information immediately for whatever reason.
If you would like to see in detail how to excecute every one of these methods, see The Hacker’s Underground Handbook.
Windows Commands and Shortcuts
Commands
calc - Calculator
cfgwiz32 - ISDN Configuration Wizard
charmap - Character Map
chkdisk - Repair damaged files
cleanmgr - Cleans up hard drives
clipbrd - Windows Clipboard viewer
cmd - Opens a new Command Window (cmd.exe)
control - Displays Control Panel
dcomcnfg - DCOM user security
debug - Assembly language programming tool
defrag - Defragmentation tool
drwatson - Records programs crash & snapshots
dxdiag - DirectX Diagnostic Utility
explorer - Windows Explorer
fontview - Graphical font viewer
ftp - ftp.exe program
hostname - Returns Computer's name
ipconfig - Displays IP configuration for all network adapters
jview - Microsoft Command-line Loader for Java classes
MMC - Microsoft Management Console
msconfig - Configuration to edit startup files
msinfo32 - Microsoft System Information Utility
nbtstat - Displays stats and current connections using NetBios over TCP/IP
netstat - Displays all active network connections
nslookup - Returns your local DNS server
odbcad32 - ODBC Data Source Administrator
ping - Sends data to a specified host/IP
regedit - registry Editor
regsvr32 - register/de-register DLL/OCX/ActiveX
regwiz - Reistration wizard
sfc /scannow - Sytem File Checker
sndrec32 - Sound Recorder
sndvol32 - Volume control for soundcard
sysedit - Edit system startup files (config.sys, autoexec.bat, win.ini, etc.)
systeminfo - display various system information in text console
taskmgr - Task manager
telnet - Telnet program
taskkill - kill processes using command line interface
tskill - reduced version of Taskkill from Windows XP Home
tracert - Traces and displays all paths required to reach an internet host
winchat - simple chat program for Windows networks
winipcfg - Displays IP configuration
Management Console Commands
certmgr.msc - Certificate Manager
ciadv.msc - Indexing Service
compmgmt.msc - Computer management
devmgmt.msc - Device Manager
dfrg.msc - Defragment
diskmgmt.msc - Disk Management
fsmgmt.msc - Folder Sharing Management
eventvwr.msc - Event Viewer
gpedit.msc - Group Policy -XP Pro only
iis.msc - Internet Information Services
lusrmgr.msc - Local Users and Groups
mscorcfg.msc - Net configurations
ntmsmgr.msc - Removable Storage
perfmon.msc - Performance Manager
secpol.msc - Local Security Policy
services.msc - System Services
wmimgmt.msc - Windows Manag
Microsoft natural keyboard shortcuts
Windows Logo+BREAK -Display the System Properties dialog box
Windows Logo+D -Display the desktop
Windows Logo+M -Minimize all of the windows
Windows Logo+SHIFT+M -Restore the minimized windows
Windows Logo+E -Open My Computer
Windows Logo+F -Search for a file or a folder
CTRL+Windows Logo+F -Search for computers
Windows Logo+F1 -Display Windows Help
Windows Logo+ L -Lock the windows
Windows Logo+R -Open the Run dialog box
Windows Logo+U -Open Utility Manager)
Accessibility keyboard shortcuts
Right SHIFT for 8 seconds -Switch FilterKeys either on or off
Left ALT+left SHIFT+PRINT SCREEN -Switch High Contrast either on or off
Left ALT+left SHIFT+NUM LOCK -Switch the MouseKeys either on or off
SHIFT five times -Switch the StickyKeys either on or off
NUM LOCK for 5 seconds -Switch the ToggleKeys either on or off
Windows Logo +U -Open Utility Manager
Windows Explorer keyboard shortcuts
END -Display the bottom of the active window
HOME -Display the top of the active window
NUM LOCK+Asterisk (*) -Display all of the subfolders that are under the selected folder
NUM LOCK+Plus sign (+) -Display the contents of the selected folder
NUM LOCK+Minus sign (-) -Collapse the selected folder
LEFT ARROW -Collapse current selection if expanded, or select parent folder
RIGHT ARROW -Display current selection if collapsed, or select first subfolder
Shortcut keys for Character Map
After you double-click a character on the grid of characters, you can move through the grid by using the keyboard shortcuts
RIGHT ARROW -Move to the right or to the beginning of the next line
LEFT ARROW -Move to the left or to the end of the previous line
UP ARROW -Move up one row
DOWN ARROW -Move down one row
PAGE UP -Move up one screen at a time
PAGE DOWN -Move down one screen at a time
HOME -Move to the beginning of the line
END -Move to the end of the line
CTRL+HOME -Move to the first character
CTRL+END -Move to the last character
SPACEBAR -Switch Enlarged or Normal mode when a character is selected
Microsoft Management Console (MMC) main window keyboard shortcuts
CTRL+O -Open a saved console
CTRL+N -Open a new console
CTRL+S -Save the open console
CTRL+M -Add or remove a console item
CTRL+W -Open a new window
F5 key -Update the content of all console windows
ALT+SPACEBAR -Display the MMC window menu
ALT+F4 -Close the console
MMC console window keyboard shortcuts
CTRL+P -Print the current page or active pane
ALT+Minus sign (-) -Display the window menu for the active console window
SHIFT+F10 -Display the Action shortcut menu for the selected item
F1 key -Open the Help topic, if any, for the selected item
F5 key -Update the content of all console windows
CTRL+F10 -Maximize the active console window
CTRL+F5 -Restore the active console window
ALT+ENTER -Display the Properties dialog box, if any, for the selected item
F2 key -Rename the selected item
CTRL+F4 -Close the active console window. When a console has only one console window, this shortcut closes the console
Remote desktop connection navigation
CTRL+ALT+END -Open the Microsoft Windows NT Security dialog box
ALT+PAGE UP -Switch between programs from left to right
ALT+PAGE DOWN -Switch between programs from right to left
ALT+INSERT -Cycle through the programs in most recently used order
ALT+HOME -Display the Start menu
CTRL+ALT+BREAK -Switch the client computer between a window and a full screen
ALT+DELETE -Display the Windows menu
CTRL+ALT+Minus sign (-) -Place a snapshot of the entire client window area on the Terminal server clipboard and provide the same functionality as pressing ALT+PRINT SCREEN on a local computer.
CTRL+ALT+Plus sign (+) -Place a snapshot of the active window in the client on the Terminal server clipboard and provide the same functionality as pressing PRINT SCREEN on a local computer.
Microsoft Internet Explorer navigation
CTRL+B -Open the Organize Favorites dialog box
CTRL+E -Open the Search bar
CTRL+F -Start the Find
CTRL+L -Open the Open dialog box
CTRL+N -Start another instance of the browser with the Web address
CTRL+O -Open the Open dialog box, the same as CTRL+L
CTRL+R -Update the current Web page
CTRL+ CTRL+P -Open the Print dialog box
W -Close the current window
CTRL+H -Open the History bar
utilityCTRL+I -Open the Favorites bar
Note: Some keyboard shortcuts may not work if StickyKeys is turned on in Accessibility Options; some of the Terminal Services client shortcuts that are similar to the shortcuts in Remote Desktop Sharing are not available when you use Remote Assistance in Windows XP Home Edition.
calc - Calculator
cfgwiz32 - ISDN Configuration Wizard
charmap - Character Map
chkdisk - Repair damaged files
cleanmgr - Cleans up hard drives
clipbrd - Windows Clipboard viewer
cmd - Opens a new Command Window (cmd.exe)
control - Displays Control Panel
dcomcnfg - DCOM user security
debug - Assembly language programming tool
defrag - Defragmentation tool
drwatson - Records programs crash & snapshots
dxdiag - DirectX Diagnostic Utility
explorer - Windows Explorer
fontview - Graphical font viewer
ftp - ftp.exe program
hostname - Returns Computer's name
ipconfig - Displays IP configuration for all network adapters
jview - Microsoft Command-line Loader for Java classes
MMC - Microsoft Management Console
msconfig - Configuration to edit startup files
msinfo32 - Microsoft System Information Utility
nbtstat - Displays stats and current connections using NetBios over TCP/IP
netstat - Displays all active network connections
nslookup - Returns your local DNS server
odbcad32 - ODBC Data Source Administrator
ping - Sends data to a specified host/IP
regedit - registry Editor
regsvr32 - register/de-register DLL/OCX/ActiveX
regwiz - Reistration wizard
sfc /scannow - Sytem File Checker
sndrec32 - Sound Recorder
sndvol32 - Volume control for soundcard
sysedit - Edit system startup files (config.sys, autoexec.bat, win.ini, etc.)
systeminfo - display various system information in text console
taskmgr - Task manager
telnet - Telnet program
taskkill - kill processes using command line interface
tskill - reduced version of Taskkill from Windows XP Home
tracert - Traces and displays all paths required to reach an internet host
winchat - simple chat program for Windows networks
winipcfg - Displays IP configuration
Management Console Commands
certmgr.msc - Certificate Manager
ciadv.msc - Indexing Service
compmgmt.msc - Computer management
devmgmt.msc - Device Manager
dfrg.msc - Defragment
diskmgmt.msc - Disk Management
fsmgmt.msc - Folder Sharing Management
eventvwr.msc - Event Viewer
gpedit.msc - Group Policy -XP Pro only
iis.msc - Internet Information Services
lusrmgr.msc - Local Users and Groups
mscorcfg.msc - Net configurations
ntmsmgr.msc - Removable Storage
perfmon.msc - Performance Manager
secpol.msc - Local Security Policy
services.msc - System Services
wmimgmt.msc - Windows Manag
Shortcuts
access.cpl - Accessibility Options
hdwwiz.cpl - Add New Hardware Wizard
appwiz.cpl - Add/Remove Programs
timedate.cpl - Date and Time Properties
desk.cpl - Display Properties
inetcpl.cpl - Internet Properties
joy.cpl - Joystick Properties
main.cpl keboard - Keyboard Properties
main.cpl - Mouse Properties
ncpa.cpl - Network Connections
ncpl.cpl - Network Properties
telephon.cpl - Phone and Modem options
powercfg.cpl - Power Management
intl.cpl - Regional settings
mmsys.cpl sounds - Sound Properties
mmsys.cpl - Sounds and Audio Device Properties
sysdm.cpl - System Properties
nusrmgr.cpl - User settings
firewall.cpl - Firewall Settings (sp2)
wscui.cpl - Security Center (sp2)
Windows Environment Commands
%ALLUSERSPROFILE% - Open the All User's Profile
%HomeDrive% - Opens your home drive e.g. C:
%UserProfile% - Opens you User's Profile
%temp% Opens - Temporary file Folder
%systemroot% - Opens Windows folder
Wupdmgr - Takes you to Microsoft Windows Update
access.cpl - Accessibility Options
hdwwiz.cpl - Add New Hardware Wizard
appwiz.cpl - Add/Remove Programs
timedate.cpl - Date and Time Properties
desk.cpl - Display Properties
inetcpl.cpl - Internet Properties
joy.cpl - Joystick Properties
main.cpl keboard - Keyboard Properties
main.cpl - Mouse Properties
ncpa.cpl - Network Connections
ncpl.cpl - Network Properties
telephon.cpl - Phone and Modem options
powercfg.cpl - Power Management
intl.cpl - Regional settings
mmsys.cpl sounds - Sound Properties
mmsys.cpl - Sounds and Audio Device Properties
sysdm.cpl - System Properties
nusrmgr.cpl - User settings
firewall.cpl - Firewall Settings (sp2)
wscui.cpl - Security Center (sp2)
Windows Environment Commands
%ALLUSERSPROFILE% - Open the All User's Profile
%HomeDrive% - Opens your home drive e.g. C:
%UserProfile% - Opens you User's Profile
%temp% Opens - Temporary file Folder
%systemroot% - Opens Windows folder
Wupdmgr - Takes you to Microsoft Windows Update
General keyboard shortcuts
CTRL+C -Copy
CTRL+X -Cut
CTRL+Z -Undo
DELETE -Delete
SHIFT+DELETE -Delete the selected item permanently
CTRL while dragging an item-Copy the selected item
F2 key -Rename the selected item
CTRL+RIGHT ARROW -Move insertion point to beginning of the next word
CTRL+LEFT ARROW -Move insertion point to beginning of the previous word
CTRL+DOWN ARROW -Move insertion point to beginning of the next paragraph
CTRL+SHIFT with any of the arrow keys -Highlight a block of text
CTRL+UP ARROW -Move insertion point to beginning of the previous paragraph
SHIFT with any of the arrow keys -Select more than one item in a window
CTRL+A -Select all
F3 key -Search for a file or a folder
ALT+ENTER -View the properties for the selected item
ALT+F4 -Close the active item, or quit the active program
ALT+ENTER -Display the properties of the selected object
ALT+SPACEBAR -Open the shortcut menu for the active window
CTRL+F4 -Close the active document from multiple documents
ALT+TAB -Switch between the open items
ALT+ESC -Cycle through items in the order that they had been opened
F6 key -Cycle through the screen elements in a window
F4 key -Display the Address bar list in My Computer
SHIFT+F10 -Display the shortcut menu for the selected item
ALT+SPACEBAR -Display the System menu for the active window
CTRL+ESC -Display the Start menu
ALT+Underlined letter -Display the corresponding menu
Underlined letter in a command name on an open menu (Perform the corresponding command)
F10 key -Activate the menu bar in the active program
RIGHT ARROW -Open the next menu to the right, or open a submenu
LEFT ARROW -Open the next menu to the left, or close a submenu
F5 key -Update the active window
BACKSPACE -View the folder one level up in Windows Explorer
ESC -Cancel the current task
SHIFT while inserting CD -Prevent the CD-ROM from automatically playing
CTRL+SHIFT+ESC -Open Task Manager Dialog box keyboard shortcuts
If you press SHIFT+F8 in extended selection list boxes, you enable extended selection mode. In this mode, you can use an arrow key to move a cursor without changing the selection. You can press CTRL+SPACEBAR or SHIFT+SPACEBAR to adjust the selection. To cancel extended selection mode, press SHIFT+F8 again. Extended selection mode cancels itself when you move the focus to another control.
CTRL+TAB -Move forward through the tabs
CTRL+SHIFT+TAB -Move backward through the tabs
TAB -Move forward through the options
SHIFT+TAB -Move backward through the options
ALT+Underlined letter -Perform the corresponding command
ENTER -Perform the command for the active option or button
SPACEBAR -Select or clear the check box if the active option is a check box
Arrow keys -Select a button if the active option is a group of option buttons
F1 key -Display Help
F4 key -Display the items in the active list
BACKSPACE -Open a folder one level up if a folder is selected in the Save As
CTRL+C -Copy
CTRL+X -Cut
CTRL+Z -Undo
DELETE -Delete
SHIFT+DELETE -Delete the selected item permanently
CTRL while dragging an item-Copy the selected item
F2 key -Rename the selected item
CTRL+RIGHT ARROW -Move insertion point to beginning of the next word
CTRL+LEFT ARROW -Move insertion point to beginning of the previous word
CTRL+DOWN ARROW -Move insertion point to beginning of the next paragraph
CTRL+SHIFT with any of the arrow keys -Highlight a block of text
CTRL+UP ARROW -Move insertion point to beginning of the previous paragraph
SHIFT with any of the arrow keys -Select more than one item in a window
CTRL+A -Select all
F3 key -Search for a file or a folder
ALT+ENTER -View the properties for the selected item
ALT+F4 -Close the active item, or quit the active program
ALT+ENTER -Display the properties of the selected object
ALT+SPACEBAR -Open the shortcut menu for the active window
CTRL+F4 -Close the active document from multiple documents
ALT+TAB -Switch between the open items
ALT+ESC -Cycle through items in the order that they had been opened
F6 key -Cycle through the screen elements in a window
F4 key -Display the Address bar list in My Computer
SHIFT+F10 -Display the shortcut menu for the selected item
ALT+SPACEBAR -Display the System menu for the active window
CTRL+ESC -Display the Start menu
ALT+Underlined letter -Display the corresponding menu
Underlined letter in a command name on an open menu (Perform the corresponding command)
F10 key -Activate the menu bar in the active program
RIGHT ARROW -Open the next menu to the right, or open a submenu
LEFT ARROW -Open the next menu to the left, or close a submenu
F5 key -Update the active window
BACKSPACE -View the folder one level up in Windows Explorer
ESC -Cancel the current task
SHIFT while inserting CD -Prevent the CD-ROM from automatically playing
CTRL+SHIFT+ESC -Open Task Manager Dialog box keyboard shortcuts
If you press SHIFT+F8 in extended selection list boxes, you enable extended selection mode. In this mode, you can use an arrow key to move a cursor without changing the selection. You can press CTRL+SPACEBAR or SHIFT+SPACEBAR to adjust the selection. To cancel extended selection mode, press SHIFT+F8 again. Extended selection mode cancels itself when you move the focus to another control.
CTRL+TAB -Move forward through the tabs
CTRL+SHIFT+TAB -Move backward through the tabs
TAB -Move forward through the options
SHIFT+TAB -Move backward through the options
ALT+Underlined letter -Perform the corresponding command
ENTER -Perform the command for the active option or button
SPACEBAR -Select or clear the check box if the active option is a check box
Arrow keys -Select a button if the active option is a group of option buttons
F1 key -Display Help
F4 key -Display the items in the active list
BACKSPACE -Open a folder one level up if a folder is selected in the Save As
Microsoft natural keyboard shortcuts
Windows Logo+BREAK -Display the System Properties dialog box
Windows Logo+D -Display the desktop
Windows Logo+M -Minimize all of the windows
Windows Logo+SHIFT+M -Restore the minimized windows
Windows Logo+E -Open My Computer
Windows Logo+F -Search for a file or a folder
CTRL+Windows Logo+F -Search for computers
Windows Logo+F1 -Display Windows Help
Windows Logo+ L -Lock the windows
Windows Logo+R -Open the Run dialog box
Windows Logo+U -Open Utility Manager)
Accessibility keyboard shortcuts
Right SHIFT for 8 seconds -Switch FilterKeys either on or off
Left ALT+left SHIFT+PRINT SCREEN -Switch High Contrast either on or off
Left ALT+left SHIFT+NUM LOCK -Switch the MouseKeys either on or off
SHIFT five times -Switch the StickyKeys either on or off
NUM LOCK for 5 seconds -Switch the ToggleKeys either on or off
Windows Logo +U -Open Utility Manager
Windows Explorer keyboard shortcuts
END -Display the bottom of the active window
HOME -Display the top of the active window
NUM LOCK+Asterisk (*) -Display all of the subfolders that are under the selected folder
NUM LOCK+Plus sign (+) -Display the contents of the selected folder
NUM LOCK+Minus sign (-) -Collapse the selected folder
LEFT ARROW -Collapse current selection if expanded, or select parent folder
RIGHT ARROW -Display current selection if collapsed, or select first subfolder
Shortcut keys for Character Map
After you double-click a character on the grid of characters, you can move through the grid by using the keyboard shortcuts
RIGHT ARROW -Move to the right or to the beginning of the next line
LEFT ARROW -Move to the left or to the end of the previous line
UP ARROW -Move up one row
DOWN ARROW -Move down one row
PAGE UP -Move up one screen at a time
PAGE DOWN -Move down one screen at a time
HOME -Move to the beginning of the line
END -Move to the end of the line
CTRL+HOME -Move to the first character
CTRL+END -Move to the last character
SPACEBAR -Switch Enlarged or Normal mode when a character is selected
Microsoft Management Console (MMC) main window keyboard shortcuts
CTRL+O -Open a saved console
CTRL+N -Open a new console
CTRL+S -Save the open console
CTRL+M -Add or remove a console item
CTRL+W -Open a new window
F5 key -Update the content of all console windows
ALT+SPACEBAR -Display the MMC window menu
ALT+F4 -Close the console
ALT+A -Display the Action menu
ALT+V -Display the View menu
ALT+F -Display the File menu
ALT+O -Display the Favorites menu
ALT+V -Display the View menu
ALT+F -Display the File menu
ALT+O -Display the Favorites menu
MMC console window keyboard shortcuts
CTRL+P -Print the current page or active pane
ALT+Minus sign (-) -Display the window menu for the active console window
SHIFT+F10 -Display the Action shortcut menu for the selected item
F1 key -Open the Help topic, if any, for the selected item
F5 key -Update the content of all console windows
CTRL+F10 -Maximize the active console window
CTRL+F5 -Restore the active console window
ALT+ENTER -Display the Properties dialog box, if any, for the selected item
F2 key -Rename the selected item
CTRL+F4 -Close the active console window. When a console has only one console window, this shortcut closes the console
Remote desktop connection navigation
CTRL+ALT+END -Open the Microsoft Windows NT Security dialog box
ALT+PAGE UP -Switch between programs from left to right
ALT+PAGE DOWN -Switch between programs from right to left
ALT+INSERT -Cycle through the programs in most recently used order
ALT+HOME -Display the Start menu
CTRL+ALT+BREAK -Switch the client computer between a window and a full screen
ALT+DELETE -Display the Windows menu
CTRL+ALT+Minus sign (-) -Place a snapshot of the entire client window area on the Terminal server clipboard and provide the same functionality as pressing ALT+PRINT SCREEN on a local computer.
CTRL+ALT+Plus sign (+) -Place a snapshot of the active window in the client on the Terminal server clipboard and provide the same functionality as pressing PRINT SCREEN on a local computer.
Microsoft Internet Explorer navigation
CTRL+B -Open the Organize Favorites dialog box
CTRL+E -Open the Search bar
CTRL+F -Start the Find
CTRL+L -Open the Open dialog box
CTRL+N -Start another instance of the browser with the Web address
CTRL+O -Open the Open dialog box, the same as CTRL+L
CTRL+R -Update the current Web page
CTRL+ CTRL+P -Open the Print dialog box
W -Close the current window
CTRL+H -Open the History bar
utilityCTRL+I -Open the Favorites bar
Note: Some keyboard shortcuts may not work if StickyKeys is turned on in Accessibility Options; some of the Terminal Services client shortcuts that are similar to the shortcuts in Remote Desktop Sharing are not available when you use Remote Assistance in Windows XP Home Edition.
Microsoft Office commands
If the Microsoft Office is installed you can use following run commands to run its components:
winword –Microsoft Word
excel –Microsoft Excel
powerpnt –Microsoft PowerPoint
msaccess –Microsoft Access
outlook –Microsoft Outlook
ois –Microsoft Picture Manager
If the Microsoft Office is installed you can use following run commands to run its components:
winword –Microsoft Word
excel –Microsoft Excel
powerpnt –Microsoft PowerPoint
msaccess –Microsoft Access
outlook –Microsoft Outlook
ois –Microsoft Picture Manager
Subscribe to:
Posts (Atom)