Well, this is not new, but already posted somewhere by me in this community.

So posting it for messenger windows this time.

Let us develop a chat bot.
What we are going to do is, create a shell object instance in vbs and then send keys to the currently activated (selected) window.

Open notepad and create a file named bot.vbs with following code
:



set x=CreateObject("Wscript.Shell")

Wscript.Sleep(3000)
x.SendKeys "{H}{i}"+chr(13)
Wscript.Sleep(3000)
x.SendKeys "{H}{o}{w}{ }{a}{r}{e}{ }{y}{o}{u}{?}"+chr(13)
Wscript.Sleep(3000)
x.SendKeys "{I}{ }{a}{m}{ }{f}{i}{n}{e}"+chr(13)
Wscript.Sleep(3000)
x.SendKeys "{K}{e}{e}{p}{ }{o}{n}{ }{m}{a}{n}"+chr(13)
Wscript.Sleep(3000)
x.SendKeys "{:}{)}"+chr(13)
Wscript.Sleep(3000)
x.SendKeys "{;}{x}"+chr(13)


And save bot.vbs


Now open up the chat window in gtalk or in yahoo messenger or whatever messenger.

Double click the bot.vbs and immediately select the person whome u want to automate the chat.

The code will automatically send the sentences to the selected chat window.


and with random delays:



set x=CreateObject("Wscript.Shell")

Wscript.Sleep(Int((10000-1000+1)*Rnd+1000))
x.SendKeys "{H}{i}"+chr(13)
Wscript.Sleep(Int((10000-1000+1)*Rnd+1000))
x.SendKeys "{H}{o}{w}{ }{a}{r}{e}{ }{y}{o}{u}{?}"+chr(13)
Wscript.Sleep(Int((10000-1000+1)*Rnd+1000))
x.SendKeys "{I}{ }{a}{m}{ }{f}{i}{n}{e}"+chr(13)
Wscript.Sleep(Int((10000-1000+1)*Rnd+1000))
x.SendKeys "{K}{e}{e}{p}{ }{o}{n}{ }{m}{a}{n}"+chr(13)
Wscript.Sleep(Int((10000-1000+1)*Rnd+1000))
x.SendKeys "{:}{)}"+chr(13)
Wscript.Sleep(Int((10000-1000+1)*Rnd+1000))
x.SendKeys "{;}{x}"+chr(13)

Google Chrome a new hacking tool.. !!!!

This tutorial is dedicated to all those men & women who shed their blood & sweat for the sake of my beloved country....For Educational purpose only. I shall not be responsible for any damage.
Let us discuss about Sniffers and process of Sniffing. Before starting this topic I assume that you have basic understanding of concepts of Networking.
A snifer is basically a program or software or hardware that can capture packets travelling through the network.
The process of capturing data by the sniffer is known as snffing. Remember Sniffing is done in LAN not in WAN.

Sniffing is of two types:
Active sniffing

Passive sniffingPassive sniffing is carried out in common collision domain. Collision Domain is a network in which whenever packet is sent by any host,
all hosts response to that packet in that network & if during same time some other machine transmitts a packet then a collision will occur in network. For eg: HUB is a layer 1 device which operates at physical layer of OSI model. It creates a single collision domain. The internal structure of HUB is based on Bus topology. It operates at layer 1 of OSI model.
So when any packet is sent by one machine connected to HUB then this packet will be broadcasted to all other machines attached to that same HUB.
This type of network is called Colision Domain.
So in order to perform this type of sniffing we only need to install sniffer on one of the machine in collision domain & we'll get all packets that transmit through the network. I know there was no much fun in this.

How to prevent your network from passive sniffing ?
In order to prevent the passive sniffing, we need to prevent the broadcasting of the packets in our packet.Now how to prevent braodcasting ?
As HUB is broadcasting device so we need to use some intelligent device instead of HUB. The solution is to replace HUB with Switch. Beware this will increase cost of your n/w too.
How a switch works ?
Switch is layer 2 device & works using MAC addresses. There are also switches that work at layer 3 of OSI model. The internal structure of switch is based on start topology. Switch basically has a Content Addressable Memory(CAM). This memory contains a table in which there is information about the MAC address of machines attached to its ports. In starting the CAM is empty & it is filled slowly when the communication starts within the network.
The switch functions in three steps:
1. Broadcasting (Packets are sent to all machines in n/w)
2. Multicasting (Packets are sent to specific group of machines in n/w)
3. Unicasting (Packets are sent to single specific machine in n/w)
Consider a new switch is installed in network,So at first time when a machine 'A' attached to switch send a packet to other machine 'B' using its IP address, now as switch doesn't understand IP address so it will broadcast this packet to all ports, to all the machines attached to the switch. Now all the machines other than 'B' will discard the packet and only machine 'B' will reply. So, now the switch will note the MAC address of the machine 'A' and 'B' in its table in CAM. Now switch knows on which ports the machine 'A' and 'B' are attached. Now if machine 'A' send packet to 'B' then now switch will not broadcast the packet but it will directly be sent to 'B' machine. This is called unicasting. Now if machine 'A' sends packet to machine other than 'B'
then switch will broadcast packet to all other machines but not to 'B' machine. This is called multicasting. Multicasting is special type of broadcasting in which broadcasting is done to specific group only.
Switch notes the MAC address of the machines whenever a communication takes place untill all the MAC addresses are collected in table in CAM. When all MAC addresses are collected in CAM now switch will perform unicasting.
Now let us discuss Active sniffing.

Active sniffing is carried out in network that have different collision domains. eg: A switch network have different collision domains.Each port of switch is one
collision domain. There are following ways to carry out Active sniffing.
1. Arp Spoofing
2. MAC flooding
3. MAC duplicatingArp Spoofing:
ARP is Address Resolution Protocol. It is used to resolve the IP address of machine to its MAC address. which means it is used to get MAC of machine who's IP
is known. Now ARP is stateless, which mean you can make an ARP reply even if no ARP request is made..!! ;-) Now when an attacker's machine wants to sniff it will send fake malacious ARP packets to other victim machine so that, the victim machine sends packets to attacker machine. In this attack basically the gateway of network is spoofed.This is how it works. Let an attacker machine 'A'with IP address 10.0.0.1 wants to get packets of victim machine with IP 10.0.0.2, let the IP address of gateway is 10.0.0.3, Now the attacker machine 10.0.0.1 will send malacious ARP reply packet to gateway 10.0.0.3, associating its MAC address with 10.0.0.2(victim IP)
now gateway will think that attacker's machine is victim's machine. At same time attacker send malacious ARP packet to victim machine 10.0.0.2, associating it MAC address with 10.0.0.3(gatewy IP), now the Victim's machinw will think that attacker's machine is gateway. Now the gateway will send all the packets belonging to victim machine 10.0.0.2 to attacker's machine and victim's machine will send all packets belonging to gateway 10.0.0.3 to attacker's machine. Thus attackers now sits between Gateway & Victim machine. It is like MAN in Middle Attack. Now the attacker uses IP forwarding technique to send all packets from victim to gateway through it & vice-versa. Now as all packets are being sent and received between gateway and victim machine so, victim remains unaware about the interception of packets by the attacker..!!
MAC Flooding:
This type of attack targets the limited capability of a switch to hold MAC address to physical port mappings. In this we try to make switch to operate like HUB(to broadcast all packets). As I told you before that a switch has table in memory(CAM).
This memory has a limited size. It can hold only some specific number of MAC entries. Now in this type of attack the attacker will send lot of spoofed ARP reply packets in the network. Now when there ar so many entries in a switch, thid causes a switch to operate
in failopen mode. In this mode the switch will broadcast all the packets to all ports, like HUB. Now attacker can sniff every packet on network.

MAC duplicating:
In this attack the attacker first sniffs the network for MAC addresses of other machines on n/w. Then it try to use one of that MAC addresses. By this intruder can get all packets that are destined for that
MAC address. This attack works as follow:
Suppose a n/w is already functioning. Let victim's IP be 10.0.0.1 & MAC be ab:1c:4b:2b:56:0b , and victim is already communicating in network. Now attacker with IP 10.0.0.2 joins the network.
Now attacker sniffs the MAC of victim, then the attacker will start making ARP reply in network by associating its IP 10.0.0.2 with MAC ab:1c:4b:2b:56:0b ,
now every machine on network will consider attacker's machine as victim's machine, and all packets destined to victim will now be recieved to attacker.
This attack is mainly used in Wireless networks.
In order to implement these type of attacks we first need to get IP, MAC of machines working on network. After getting this information then u can implement sniffing attacks.
The arp attack can be done by using arp command. type arp/? in cmd to know more. There are many sniffer software available to perform sniffing. As follow:

In order to sniff IP & MAC of machines u can use following s/w:
Wireshark, Look@LAN, The Dude sniffer, Network view. etc

For ARP attack:
ARP spoof, ArpSpyX, Ethercap, Cain and Abel etc.

For MAC flooding:
Macof, Etherflood.

There are also tools available to halt sniffing known as anti-sniffers.

Once again Hacking is a crime. Beware when you use this information & these tools...!!!
Crypto will not be held responsible for any damage..!!!

Any suggestion is welcome.
How to prevent Active sniffing ?
It can be prevented to some extent by using Port Security feature of a switch.In this feature we manually allocate or assign MAC address to the ports of the switch.
Now the switch will only receive packets from the MAC address that are defined by us. For eg: If i define fastethernet port 1 to MAC address a0:bc:1d:67:0a:2a
now the fastethernet port 1 of switch will accept packets from this a0:bc:1d:67:0a:2a MAC only.

Hello. Now u can make your own key logger. Jus download this notepad file. Copy dthe code n compile it using DEV C++ or Visual C++

Heres the Link: http://www.megafileupload.com/en/file/144380/klg-in-C-txt.html

SDK: Microsoft visual basic 6.0

--> open visual basic 6.0

--> select standard exe

--> resize the form according to your choice 

--> Our requirements in the form are: 2 textboxes

1 listbox
3 commandbuttons
1 timer
1 winsock control

--> these all can be added from the tool tab on the left side

--> why do we need them? the answer :

text1 = IP to scan
text2 = ports
list1 = list where all open ports are shown
command1 = start
command2 = stop and reset
command3 = clear port list
timer1 = will make the winsock control to try ports
finally after all addition and editing, in the File menu select the option make and your exe is ready. Enjoy!!
----------------------------------------------------------------------------------------------------------------

In the coming days I will post a tutorial on making port scanner in Python. It will be interesting!! till then enjoy hacking 

Most of the keyloggers capture the data before it is wriiten to any application like notepad, browser etc. They use different methods like hooks, polling etc.
In polling they keep inquiring the OS that has any key been pressed ? if any key is pressed it is then notified to the keylogger. It is passive method.
In hooks the keylogger is informed in advance when data is to be written.
Keylogger captures data by features like:

1.Screen shots:

Some keylogger log data by taking screen shots of the pc. They take photos of your screen – usually just around your mouse – either at periodic intervals, or every time you do a mouse click. They programattically take a screenshot of the control (button, text box etc) that is under the mouse using Windows API commands.

2. Mouse Position logging
Each time you click, the coordinates of your mouse are captured by the keylogger. As everytime the onscreen keyboard opens at same position so it is easy to guess the key pressed by knowing the coordinates at which the mouse clicked.

3. Field scraping
Field scraping is a term we use to discribe a technique used by quite a few commercial keyloggers to grab your passwords directly from the password field. How does it work? Using Windows API commands, programs can ask Windows for a list of controls in a program (like buttons, text boxes and picture controls). From this, they know about the text boxes in the program. They then ask Windows whether the text boxes have a password mask (ie. if password is written in ***** form). If yes they can then even get the password in plaintext.

4.Clipboard logging
It is a common feature of keyloggers. Whatever you copy to the clipboard is stored, then transmitted to the keylogger. What ever u cut , copy , paste is recorded in clipboard and his can be captured by keylogger too.


I'll recommend u people to develop ur own keylogger & use it for better resluts.
Here are list of some keyloggers available on internet:
1. E-mail keylogger
www.soft-central.net
2. Revealer Keylogger
www.revelerkeylogger.com
3. Handy Keylogger
www.handy-keylogger.com/more-information.html
4. Ardamax Keylogger
www.ardamax.com/keylogger/www.mykeylogger.com/keystroke-logger/powered-keylogger/
6. ELITE keylogger
www.elite-keylogger.com/elite-keylogger-spy-software.html
7. Quick kylogger
www.quick-keylogger.com/more-information.html
8. Spy keylogger
www.spy-key-logger.com
9. Perfect keylogger
http://blazingtools.com/bpk.html
10. Invisible keylogger
www.invisiblekeylogger.com
11. Actual spy
www.actualspy.com
12. Spytector ftp keylogger
www.spytector.com
13. IKS software keylogger
http://amecisco.com/iks2000.htm
14. Ghost keylogger
www.sureshotsoftware.com/keyloggerlite/index.htmlI think this is enough.
Remember in hacking google.com is only ur pet (doggy), that can sniff treasures for U.

Access Hidden Tools and Applications Through Commands

1. Character Map (Command Name = charmap.exe) – To get some other characters like scientific characters

2. Disk Cleanup (Command Name= cleanmgr.exe) – To clean up and delete un necessary disk files and dead shortcuts.

3) Clipboard Viewer (Command Name=clipbrd.exe) - all copy paste contents on windows)

4) Dr Watson (Command Name=drwtsn32.exe) - Troubleshooting tool in built in windows xp)


5) DirectX diagnosis (Command Name=dxdiag.exe) - Diagnose and test video cards

6) Private character editor(Command Name=eudcedit.exe) – create characters in windows

7) IExpress Wizard (Command Name=iexpress.exe) - Create self-extracting / self-installing packages.

Microsoft Synchronization Manager (Command Name=mobsync.exe)

9) Windows Media Player 5.1 (Command Name=mplay32.exe) - Classic version of Media Player.

10) ODBC Data Source Administrator (Command Name=odbcad32.exe) – change the ODBC Data settings

11) Object Packager (Command Name=packager.exe) – packaging of help files.

12) System Monitor (Command Name=perfmon.exe) - monitors system process and performance

13) Program Manager (Command Name=progman.exe) - Legacy Windows 3.x desktop shell

14) Remote Access phone book (Command Name=rasphone.exe)

15) Registry Editor = (Command Name=regedt32.exe or regedit.exe) – For tweaking Windows Registry

16) Network shared folder wizard (Command Name=shrpubw.exe) - creates administrative and other shares on the network

17) File signature verification tool (Command Name=sigverif.exe)

18) Volume Contro (Command Name=sndvol32.exe) – will help when volume icon disappear.

19) System Configuration Editor (Command Name=sysedit.exe) - To modify System.ini & Win.ini just like in Win98

20) Syskey = syskey.exe (Encrypt all the password in windows).

Syskey = syskey.exe (Encrypt all the password in windows).

21) Microsoft Telnet Client(Command Name=telnet.exe) - For connecting and communication to remote host via telnet protocol

How to defend urself from keyloggers...!!

Google hacking is a technique in which we make complex queries in Google in order to extract the information that we can use to hack website and many more stuff. Google hacking technique don't hack a website, but it provides information that assisst in hacking. This information is not available by making simple query in google.
Many people have misconsideration that in this technique we hack google.com, this is incorrect we don't hack google.com, 

no one does (after all it is a great search engine ;-) )
Before trying ur hand on google hacking i would like u to take care of some tips.
1. Don't use Google chrome for google hacking.
2. Open google.com now if u see ur email id on top right corner of ur browser then sign out first before performing google hacking.
3. Every website is not vulnerable to google hacking.
4. "|" used in google hacking means OR.
So now how to make complex queries. Complex queries are made by using google operators and ur innovation. There are several operators each have different function and give different result when used in google search query.
But it depends upon ur thinking power that how u make a query to find specific results. You can also use more than one operator at a time.Lets start with all operators 1 by 1.
1. Site operator:
This operator is basically used for searching basic information about a target website.
type in google the following:
site:website address
Following is example to how to use it:
type site:yahoo.com in google and see the results. You can now see all the other domains of yahoo.com. you can use any site instead of yahoo.com
Howover u may be thinking this information is very common. But hackers uasually use this information to learn all the links of a site.
A long time before i tried site:hotmail.com in google query and i got so only 2 links in result.
Google hacking is a technique in which we make complex queries in Google in order to extract the information that we can use to hack website and many more stuff. Google hacking technique don't hack a website, but it provides information that assisst in hacking. This information is not available by making simple query in google.
Many people have misconsideration that in this technique we hack google.com, this is incorrect we don't hack google.com,
no one does (after all it is a great search engine ;-) )
Before trying ur hand on google hacking i would like u to take care of some tips.
1. Don't use Google chrome for google hacking.
2. Open google.com now if u see ur email id on top right corner of ur browser then sign out first before performing google hacking.
3. Every website is not vulnerable to google hacking.
4. "|" used in google hacking means OR.
So now how to make complex queries. Complex queries are made by using google operators and ur innovation. There are several operators each have different function and give different result when used in google search query.
But it depends upon ur thinking power that how u make a query to find specific results. You can also use more than one operator at a time.Lets start with all operators 1 by 1.
1. Site operator:
This operator is basically used for searching basic information about a target website.
type in google the following:
site:website address
Following is example to how to use it:
type site:yahoo.com in google and see the results. You can now see all the other domains of yahoo.com. you can use any site instead of yahoo.com
Howover u may be thinking this information is very common. But hackers uasually use this information to learn all the links of a site.
A long time before i tried site:hotmail.com in google query and i got so only 2 links in result.
5. Username|Userid|employe.id|your username is
This operator can be used to obtain username from target. You sholud use "your username is" string with
intext operator. like intext:"your uesrname is"
Enter the follwoing code in Google:
username|userid|employee.id|your username is
if u get username then u can try to get the password of that site.
for example enter the following code to see in results ucan get username of some persons:
site:myspace.com username|userid|employee.id|your username is
or
site:myspace.com intext:username|userid|employee.id|your username is6. password|passcode|passkey|key|pwd|your password is
This operator can be used to reveal password from a website. It could also reveal the login authentication procedure. This query must used with site operator for specific results. Enter the follwoing in google:
password|passcode|key|pwd|your password is7. admin|administrator
This operator can get information about admin of website. However this operator give many irrevelant results too. Many times when error occurs we are provided with message to contact your administrator. So this query can also lead u too such results.
type following in google:
admin|administrator8. admin logon
This operator can reveal the admin login pages that is the page where admin logins a website.However this operator needs to be used along with inurl operator for better results. like
inurl:admin logon
If u get password of admin then u can own a site.
9. -ext or filetype:
This operator is similar to operator filetype: Both operators can be used to get file os particular formats.
-ext is synonym of filetype: operator. -ext is -ve operator that means it wont give any result if used alone. So use it with site: operator like: site:website name -ext:pdf
In case of filetype operator. For eg. if u want to get file of pdf format then type following in google:
filetype:pdf

It will give u all pdf files. but if u want a specific pdf file like crypto.pdf then try following
code in google:

intext:crypto filetype:pdf

This operator is very important if u are looking for some specfic file on internet. Suppose u want a file named crypto.mp3 from a specific website eg. so in order to find such file type u shall type following code

intext:crypto filetype:mp3

This operator can be used to search books, software, songs, videos, games etc.
for eg. try this :
filetype:pdf intext:Hacking

The filetype: operator can aslo be used to get passwords. For example we can search specific registry files that can contain password. The password is usually in encrypted form or in hexadecimal.
type following in google:

filetype:reg intext:"internet account manager"

similarily u can extract passwords from a .mdb, .pwd and other database extension files.

filetype:pwd intext:"password is"|"passcode"

try this:

filetype:pwd inurl:_vti_pvt inurl:authors|administrators10. inurl:temp|inurl:tmp|inurl:backup|inurl:bak
This operator basically searches for backup files on internet. This operator must be used with site: operator in order to find temperory or backup files of the target website. The temperory files and backup files can contain sensitive information.
The above query can also be written as inurl:temp|temperory|bak|backup
but remember when we use lots of OR's that is "|" in our query then we don't get much good results.
11. inurl:
This operator is also very useful one. Suppose u want to get the names of websites that contain a specific word. Then use this operator to assisst u. just type follwoing in google:
inurl:keyword
here keyword is the word that u want in url or web address.for eg. if I want to know ebsites that ontain crypto36 in their URLs I enter following in google:
inurl:crypto36
you can see it gives URLs that belong to my blogspot...!!!
Remember:
1. Avoid using lot of "|" in query.
2. The google hacking depends on ur thinking power & innovation. you can create ur own queries by using different operators.
3. Every website is not vulnerable to google hacking. Besause of awareness of google hacking many websites have started avoiding their specific pages to be displayed in google's result.
For example as i told u before the case of site:hotmail.com , now u wont find that result that i saw year ago.

inurls to hack security cameras