Tuesday, September 28, 2010

Easily Boot Window From Pendrive

I have make it easy to follow, there are still some of you having some difficulty in the process. Recently, I have found this little cool application that is able to do all the things covered in the command prompt.

The application that I am talking about is Window7 USB DVD Tool. This is a small application (only 1.08MB) that allows you to convert your Windows installer CD/DVD or ISO File to a bootable USB drive. Not only is it easy to use (nearly idiot-proof and does not require you to have any technical knowledge), it is also fully portable.

Preparation : 
Before you start, here are some stuffs that you need to take note of:

1) You need to have a USB drive of at least 3GB space in order to create a Windows 7 bootable USB drive.

2) The process will format and wipe off all your files in the USB drive. Remember to backup before you proceed.

3) You need to have a Windows 7 installer DVD and an optical drive to read the DVD. If you have only the ISO file (downloaded directly from Microsoft), if you no have ISO file just have Window DVD you can use Power ISO to convert your DVD window to ISO file in your computer.

4) It just a simple program i think you all also will know use it without any tutorial. 

Window7 USB DVD Tool -- download 
Power ISO                        -- download

Thanks for spend your time to read my blog .

DoS Command Using Command Prompt

Long time already no update my blog , because got some problem with internet connection that was very slow and some problem with mediafire file hosting to upload some video tutorial . So today i want to share with all my visitor and reader some DDoS command that can run in Command Prompt . It can run in all window . Me like to DDoS people using command prompt from using software , it because it very easy to do it . So let start our lesson . 


1) Open Command Prompt (CMD) - press start then write in the search box CMD . 
2) Write command in the CMD box , ( ping www.example123.com ) then press enter . After a while then CMD will out the website server IP . 
3) Write this command below the server IP. "ping 123.456.790.123 -t -l 15500" 
  ( make sure that the IP is same with the server IP , then the 15500 is the data that you want  to fold the data )
 If you don understand here are some tutorial that i have upload that will very usefull . click here


Thanks for spend your time to read my blog . 

Saturday, September 18, 2010

The Difference Of DoS vs DDoS

DoS = Denial Of Service
DDoS = Distributed Denial Of Service

Whilst DoS and DDoS sound remarkably similar there are in fact differences between the two :
DoS
- A DoS Attack is a Denial of Service attack.
- This means that one computer and one internet connection is used to flood a server with packets (TCP / UDP).
- The point of such a denial of service attack is to overload the targeted server’s bandwidth and other resources.
- This will make the server inaccessible to others, thereby blocking the website or whatever else is hosted there.
DDoS
- A DDoS Attack is a Distributed Denial of Service Attack.
- In most respects it is similar to a DoS attack but the results are much, much different.
- Instead of one computer and one internet connection the DDoS attack utilises many  computers and many connections.
- The computers behind such an attack are often distributed around the whole world and will be part of what is known as a botnet.

      What Is Botnet ?
  • A large number of computers that have been infected, and effectively hijacked, can be grouped together to achieve a common purpose. This group of hijacked computers is commonly referred to as a ‘botnet’.
  • Cyber criminals, who are often part of global syndicates, can remotely control all of the machines in a botnet whilst retaining almost complete anonymity.Botnets are often utilised for a variety of purposes, all without the user’s knowledge.
  • These nefarious tasks include -
  1. sending huge amounts of spam emails
  2. launching denial of service attacks against targeted websites
  3. spreading viruses
  4. stealing personal information for identity theft attacks
  • Additionally, because botnets are controlled remotely, they can be used to install software, such as keyloggers, which can then be used for monitoring keystrokes on a computer keyboard. This will then typically yield passwords and information about various accounts, such as bank accounts and social networking profiles, allowing the controller(s) of the botnet to commit fraud or propagate the hijacking through other sites.At this moment in time there is no easy method of disabling botnets as those behind them are extremely clever at hiding their work and re-routing information in order to evade detection. There are a large number of botnets in existence across the globe, the most notable of which is probably Waledec which is linked to the notorious Conficker worm, and may have several millions of computers in its network.
    - The main difference between a DDoS attack vs a DoS attack, therefore, is that the target server will be overload by hundreds or even thousands of requests in the case of the former as opposed to just one attacker in the case of the latter.
    - Therefore it is much, much harder for a server to withstand a DDoS attack as opposed to the simpler DoS incursion.

    Wednesday, September 15, 2010

    rDoS and Port Scanner ~ DDOS Application

    Hi all reader , long time no update my blog because got some trouble with mediafire file hosting to upload . It because i want to share some of my hacking application . Today i want to share some of my DDoS application, it is rDoS and Port Scanner .  Every body all ready know right ? what is ddos ? from my last article that have a little bit explain that about ddos and how was ddos working . If you still don know please take a moment to know about DDOS Attack .  

    Here i want to teach how rDoS and Port Scanner working . 
    1) You download it and then extract it . 
    2) Open port scanner > put the victim URL . Example : www.testing123.com > then press enter > after that the victim server ip address will out at the bottom of the URL . 
    3) Open rDos > put in the victim ip address > press enter > then put the value that want the port to flood ip . Default is 80 . You can how much port that you want . 
    4) Wait for the DoS attack done . 
    *** Do it at your Own risk *** 
    My advice is please make some security on your IP before you want to Hacking. 

    >>> Please leave your email at comment for the password of rDos and Port scanner .  Thank .

    Thanks for spend you time to read my post and visit my blog . 

    Thursday, September 9, 2010

    Window 7 Godmode

    Hi to all reader or dear visitor , today i want to share some new trick in window 7 , it called Godmode , it not about GOD , just a God to your computer system only . 

    1) Just go to your desktop > right click > New > Folder . 
    2) Copy this code for the folder name " GodMode.{ED7BA470-8E54-465E-825C-99712043E01C} " , ( just copy the word that i bold ) . 
    3) Make sure your icon will be like this . See below . 

    4) Settle . Now you can enjoy it , use your computer in Godmode that got many shortcut inside there, if you want to change your computer system you don need to go find it 1 by 1 . Enjoy it.

    Thanks for spend your time to read and visit my blog . 

    Tuesday, September 7, 2010

    My SQL injection

    SQL Injection is a hacking technique which attempts to pass SQL commands through a web application for execution against a backend database.SQL Injection is one of the many web attack mechanisms used by hackers to steal data from organisations. It is perhaps one of the most common application layer attack techniques used today.

    Web applications allow legitimate website visitors to submit and retrieve data to/from a database over the Internet using their preferred web browser.

    Databases are central to modern websites – they store data needed for websites to deliver specific content to visitors and render information to customers, suppliers, employees and a host of stakeholders. User credentials, financial and payment information, company statistics may all be resident within a database and accessed by legitimate users through off-the-shelf and custom web applications. Web applications and databases allow you to regularly run your business.

    SQL Injection is the hacking technique which attempts to pass SQL commands through a web application for execution by the backend database. If not santised properly, web applications may result in SQL Injection attacks that allow hackers to view information from the database and/or even wipe it out.

    Such features as login pages, support and product request forms, feedback forms, search pages, shopping carts and the general delivery of dynamic content, shape modern websites and provide businesses with the means necessary to communicate with prospects and customers. These website features are all examples of web applications which may be either purchased off-the-shelf or developed as bespoke programs.

    These website features are all susceptible to SQL Injection attacks.

    (Example of SQL Injection)



    SQL injection : A Simple Example

    Take a simple login page where a legitimate user would enter his username and password combination to enter a secure area to view his personal details or upload his comments in a forum.

    When the legitimate user submits his details, an SQL query is generated from these details and submitted to the database for verification. If valid, the user is allowed access. In other words, the web application that controls the login page will communicate with the database through a series of planned commands so as to verify the username and password combination. On verification, the legitimate user is granted appropriate access.

    Through SQL Injection, the hacker may input specifically crafted SQL commands with the intent of bypassing the login form barrier and seeing what lies behind it. This is only possible if the inputs are not properly sanitised (i.e., made invulnerable) and sent directly with the SQL query to the database. SQL Injection vulnerabilities provide the means for a hacker to communicate directly to the database.

    The technologies vulnerable to this attack are dynamic script languages including ASP, ASP.NET, PHP, JSP, and CGI. All an attacker needs to perform an SQL Injection hacking attack is a web browser, knowledge of SQL queries and creative guess work to important table and field names. The sheer simplicity of SQL Injection has fuelled its popularity.

    Is It Database Got Risk To SQL Injection ???

    SQL Injection is one of the most common application layer attacks currently being used on the Internet. Despite the fact that it is relatively easy to protect against SQL Injection, there are a large number of web applications that remain vulnerable.

    According to the Web Application Security Consortium (WASC) 9% of the total hacking incidents reported in the media until 27th July 2006 were due to SQL Injection. More recent data from our own research shows that about 50% of the websites we have scanned this year are susceptible to SQL Injection vulnerabilities.

    It may be difficult to answer the question whether your web site and web applications are vulnerable to SQL Injection especially if you are not a programmer or you are not the person who has coded your web applications.

    Our experience leads us to believe that there is a significant chance that your data is already at risk from SQL Injection.

    Whether an attacker is able to see the data stored on the database or not, really depends on how your website is coded to display the results of the queries sent. What is certain is that the attacker will be able to execute arbitrary SQL Commands on the vulnerable system, either to compromise it or else to obtain information.

    If improperly coded, then you run the risk of having your customer and company data compromised.

    What an attacker gains access to also depends on the level of security set by the database. The database could be set to restrict to certain commands only. A read access normally is enabled for use by web application back ends.

    Even if an attacker is not able to modify the system, he would still be able to read valuable information.

    Impact Of The SQL Injection .

    Once an attacker realizes that a system is vulnerable to SQL Injection, he is able to inject SQL Query / Commands through an input form field. This is equivalent to handing the attacker your database and allowing him to execute any SQL command including DROP TABLE to the database!

    An attacker may execute arbitrary SQL statements on the vulnerable system. This may compromise the integrity of your database and/or expose sensitive information. Depending on the back-end database in use, SQL injection vulnerabilities lead to varying levels of data/system access for the attacker. It may be possible to manipulate existing queries, to UNION (used to select related information from two tables) arbitrary data, use subselects, or append additional queries.

    In some cases, it may be possible to read in or write out to files, or to execute shell commands on the underlying operating system.[break][break]Certain SQL Servers such as Microsoft SQL Server contain stored and extended procedures (database server functions). If an attacker can obtain access to these procedures it.

    Unfortunately the impact of SQL Injection is only uncoveredwhen the theft is discovered. Data is being unwittingly stolen through various hack attacks all the time. The more expert of hackers rarely get caught.

    How To Protect From SQL Injection .

    Firewalls and similar intrusion detection mechanisms provide little defense against full-scale web attacks. Since your website needs to be public, security mechanisms will allow public web traffic to communicate with your databases servers through web applications. Isn’t this what they have been designed to do?

    Patching your servers, databases, programming languages and operating systems is critical but will in no way the best way to prevent SQL Injection Attacks.

    Saturday, September 4, 2010

    Download Free MP3 Song In The Fast Way

    Lazy go free download mp3 website and click 1 by 1 ??? I also lazy to do that , it because many link to pass then just can download a song . In here i want to share the fastest way to download a song . I think this step will be more easy , from we go to Ares and Limewire software that can download also but we still don know how the song quality . Here is the trick that we just can do in GOOGLE search engine , not in yahoo , msn and what else search engine .

    1) Go to GOOGLE
    2) Put the artists name , the song name , file hosting name .
    Example : Eminem Love the way you lie mediafire
    • In here i want to share that i think file hosting that the fastest is mediafire , hotfile , rapidshare , megaupload and somemore also fast but u must to have premium account just can get fast . So if you want this step i teach work in fast please use mediafire file hosting . If you want more fast please use downloader like Orbit Downloader and Internet Download Manager ( IDM ) to feel more fast . I think if you download with browser downloader it will very slow , you can't feel the different . No have downloader ? you can download in Software in my blog .
    3) Done . Enjoy the song .

    This trick 100% working , because i use this way to download song . Easy and Fast .
    Thanks for spend your time to read .

    Turn On Your Notebook And PC In 10 Second

    So you wanna know how to turn the pc and notebook on in 10 seconds (may vary) here's what u have to do to turn ur pc on in 10 seconds

    Click on the start button then press R it will take u to Run well go to RUN
    and type Regedit > press enter > this will open Registery Editor > now look for the key.

    HKEY_LOACAL_MECHINE\SYSTEM\CurrentControlSet\Control\ContentIndex

    now there find the Key Called
    "Startup Delay"
    Double Click On It
    Now where its Base
    Click Decimal
    Now its Default Value Is 4800000 (75300:hexadecimal)
    Change The Value To 40000
    here u go u have done it
    now close the Registery Editor and Restart Your Computer

    You'll See The Result
    This trick is for window XP , not for window vista and window 7 it because in Registry Editor the Startup Delay was no have if have also will no same , for who still use window XP you can enjoy it.

    Thanks for spend your time to read my trick .