Hide your files in jpeg File without any Software

You will only need to download WinRAR. You just need to have a little knowledge about

Command Prompt and have WinRAR installed.


1.Gather all the files that you wish to hide in a folder anywhere in your PC (make it in
   C:\hidden - RECOMMENDED).

2.Now, add those files in a RAR archive (e.g. secret.rar). This file should also be in the
   same directory (C:\hidden).

3.Now, look for a simple JPEG picture file (e.g. logo.jpg). Copy/Paste that file also in
   C:\hidden.

4.Now, open Command Prompt (Go to Run and type ‘cmd‘). Make your working
   directory C:\hidden.

5.Now type: “COPY /b logo.jpg + secret.rar output.jpg” (without quotes) - Now,
   logo.jpg is the picture you want to show, secret.rar is the file to be hidden, and
   output.jpg is the file which contains both.

6.Now, after you have done this, you will see a file output.jpg in C:\hidden. Open it
  (double-click) and it will show the picture you wanted to show. Now try opening the
  same file with WinRAR, it will show the hidden archive...

video demo:--> http://www.youtube.com/watch?v=JkS0-QY1Qf8 and www.youtube.com/watch?v=a9FtG1cebAw&feature=related

Change any folder to Recycle Bin (for data security)

Change any folder to Recycle Bin (for data security)

For changing any folder to recycle bin type these lines in notepad:
-----------------------------------------------------------------
[.ShellClassInfo]
CLSID={645FF040-5081-101B-9F08-00AA002F954E}
----------------------------------------------------------------
And save as: Desktop.ini  in your folder( which you want to change into recycle bin ) to
change recycle bin.

We save desktop.ini in  D:\data2 folder and then we open dos prompt and type the above
command, which will convert the data2 folder into recycle bin.
------------------------------------------ 
D:\> attrib +a +r +s data2 /s /d
-----------------------------------

HOW TO HACK DATABASE ONLINE TUTORIAL PART 1 - BASICS OF DATABASE HACKING

Hello friends, welcome to worlds one of the best Ethical Hacking Teaching blog online. Today we will learn basics of Database Hacking, how to hack database online. In this tutorial we will learn what should we know prior to begin database hacking like what is database? Different types of Databases? What is Query? What all things we must know before starting to hack a Database? Most of us have heard things daily in the news that some website is Hacked? 1000's of customers crucial information is leaked. Millions of credit card information stolen by some Hacking Group. What is that? Well that is nothing just Hackers have owned the Database of the Company or website. In layman terms, Database is the heart of any Website. Like our heart pumps in blood in our veins similarly Queries flow though the database to and fro on all requests. Similarly like heart, if we own the database that means we have captured everything because its the database where everything small piece of information is stored. So Hackers only rule should be forget the rest OWN the database.  Lets learn what all things hacker should know or have before hacking any database online.

Hacking Databases Online 

What Is a Database?

A database is a system of software to store and retrieve information in a structured format. Early databases were flat files, kind of like a big Excel file. As databases got bigger and bigger, this simple structure proved inefficient.

As a result, a scientist at IBM, Dr. Codd, developed a structure that came to be known as the relational database model. It is this model that about 97% of all databases now use, and this includes all the major software companies.

The basics of the relational model is that data should be placed in separate tables with unique keys that link the tables to avoid data duplication and to ease the retrieval of this data.

The Structure of a Database

This relational database model links data from separate tables by using a shared column or "key". The diagram below is of a simple relational database model where all the tables are linked by the column "ID". Structure sample is shown below:

Relational Structure of Tables

Major Vendors in the Database Market

The enterprise database market has multiple vendors offering products that can accomplish the same task, but in different ways. The major players in this market are:

Oracle : They are the behemoth in this market with nearly 50% market share. They own multiple different database software products, including their namesake and MySQL.

Microsoft SQL Server : Microsoft entered this market in the early '90s by teaming up with Sybase to develop an enterprise database offering. As a result, MS SQL Server and Sybase still share many similarities. Originally, Microsoft was only a player in the small business market, but is slowly gaining traction in the larger enterprise market.

MySQL : This is an open-source database that you will find behind so many web sites, in part, because it's free.

IBM DB2 : IBM was the original enterprise database provider and made many the major developments in database design, but like everything about IBM, it has been in decline in recent decades.

Other major vendors include Sybase, SAS, PostgreSQL (open source), and many others. Generally, like any hack, we need to do good recon to determine the software and version to be successful as most of the database hacks are vendor specific.

Structured Query Language (SQL)

When IBM developed the early databases, they also developed a programming language for managing and manipulation this data. They called it "Structured Query Language" or as it is generally known, SQL.

This is a simple language that uses English words in similar ways that humans who speak English use them. For instance...

SELECT means "select some data from columns in a table"
FROM means "get the data from this table"
WHERE means select the data that meets this condition (lastname = 'Singh').

Furthermore, words such as UPDATE, INSERT, and DROP mean in SQL exactly what you would expect them to mean.

SQL is not picky about syntax, but it is picky about logic. Although best practice is to CAPITALIZE all keywords (SELECT, FROM, WHERE), it's not required. In addition, white space is ignored. All but Microsoft, though, require that a SQL statement to end in a semicolon (;). On Microsoft products, it's optional.

SQL is standardized by ANSI, but this standardization only includes about 80% of the language or the core of SQL. Software publishers are free to add additional commands and features that are not part of the standard. This can sometimes make it difficult to transport SQL code between DBMS. It also makes it critical to do good reconnaissance on the database to know the manufacturer and the version before attacking as the attacks are often specific to the manufacturer and the version.

Each of the DBMS can be used from a command line, but each has its own GUI. Recently, MySQL released a new GUI called Workbench as seen in the previous section.

Oracle, Microsoft, and the others have similar GUIs that allow the administrator to access their systems.

Basic SQL Query

When we need to extract data from the database, it's said that we are "querying" the database. As databases are repositories for data, the ability to extract or query data is among the most important functions. As a hacker, we want to extract data, so the query is critical to getting the goods.

The basic structure of the query looks like this:

SELECT <columns>
FROM <table>
WHERE <conditions>

This statement says "give me the data in the columns listed in the SELECT statement from the table that comes after the FROM keyword but only give me the rows that meet the conditions that come after the WHERE keyword."

So, if we wanted to get first name, last name, username, and password from the staff table for employees with the last name of "Singh" we could construct a statement like this:

SELECT first_name, last_name, username, password
FROM staff
WHERE last_name = 'Singh";

SQL Injection

SQL injection is the most common database attack and is probably responsible for the largest dollar volume of losses from cyber crime and advanced persistent threat (APT).

It basically involves putting SQL commands in the data forms of webpages that connect to a database. These forms then send these SQL commands back to the database and the database will either authenticate the user (yes, authentication is a database function) or give up the target data.

In future tutorials, we will spend quite a bit of time using SQL injection tools and executing SQL injection attacks.

Other Vulnerabilities

Besides showing you how to do SQL injection, we will examine some of the other of vulnerabilities in databases. These involve authentication, using the database to compromising the operating system, and several others.

Now that we having covered the basics things related to databases, in future tutorials I will show you how to hack into these databases, so keep coming back!

If you have any queries ask me in form of comments. 

HOW TO SHARE REMOTE SCREENS AND CONTROL PC WITHOUT ANY SOFTWARE IN WINDOWS

Remote sharing is nowadays on its peak, people use remote sharing to provide live support or for sharing screens. Most of us always use third party software's for sharing or controlling remote systems using software's like Teamviewer or Radmin etc.  Today i am going to teach you guys how to connect any two or as many as windows PC through remote without using any third party tool like team viewer etc. So lets learn how to share screens without any third party tool.

Windows Remote assistance without any external software

As we all knows Windows OS is  full of hidden programs that are only limited to developer or geeks. Today we are going to learn about MSRA (windows remote assistance) executable. MSRA is windows inbuilt remote assistance program using which you can control remote pc's, share remote screens, provide remote support and much more. Lets learn how to use MSRA for remote sharing.

Steps to Share or Control Remote PC using MSRA:

1. First of all click on startup and type command "MSRA" and press enter as shown below:

Type msra in search option

2. Now you will see screen like below having title "Windows Remote Assistance" , there are two options displayed:
a. Invite someone you trust to help you : Choose this option if you want to share your screen with someone.
b. Help someone who invited you : Choose this option if you want to control someone others PC remotely.

Click on Option a "Invite someone you trust to help you" to share your screen:

Select shown option to continue

Once you click the above option then you will see below panel with multiple options:

Options displayed for Windows remote assistance

Now you can see three different options :
a. Send this invitation as file : On clicking this option you can save the invitation file and send it to anyone from which you require help. After saving the file another window will open containing the password. You have to provide that password to person whom you want to connect to your machine.

b. Use email to send an invitation: You can send invitation directly via email but it requires email client on your machine to send email like outlook etc.

c. Use Easy connect: Another method to directly connect two PC is using Easy connect but this require some basic settings at your routers end i.e. If the computer has IPv6 disabled or is behind a NAT router that blocks Teredo traffic, the Easy Connect option will be unavailable.

Now once you have send the  remote assistance invitation file to user, he can connect to your PC by double clicking the invitation file and then entering the password.

Note: You need to enable remote assistance service.

3. Help someone who invited you : By clicking this option you can provide help to anyone who has done the above task. You will need two things : Invitation file and password to connect remote PC.


Woohooo... Did you know there is another smart option by which you can directly connect to any PC using IP address? If not, well lets learn that too. Yup we can also provide windows remote assistance support using IP address too. Here are options.

1. First of all click on startup and type command "MSRA" and press enter.
2. Now you will see screen where two options are displayed, Select "Help someone who invited you".
3. After that you will see some option, click on the bottom one "Advanced connection option for help desk" as shown below :

Select advanced connection option for help desk

After clicking option you see below panel to enter IP address:

Enter IP address or computer name

After entering IP address press Next to connect to IP address. That's all.

Hope you all enjoyed the learning. If you have any queries ask me in form of comments.

Resetting nokia phones(HARD RESET AND SOFT RESET)

Many people are facing problem with nokia phones. symbians phones have a problem of getting hang and even memory full error. If you are facing these problems very often then you have to reset your phone.

I am showing you how to reset your nokia phone with simplest method:

*#7370# , *#7780# and three buttons reset

1)

*#7780# FOR SOFT-RESET- does not delete user info such as contacts, sms, etc

How to do it:

 at Standby Screen type-in => *#7780#

It will ask for “Restore all phone settings-phone’ll restart….”

Then it asks for security code enter factory default => 12345

2)

*#7370# FOR HARD-RESET- deletes all user info

How to do it:
- at Standby Screen type-in => *#7370#
It will ask for “Restore all phone settings-phone’ll restart….”
Then it asks for security code enter factory default => 12345

3)

FOR FLASHING- TOTAL RESTORE: (Do this if your phone does not boot up) - you can say this one gives you the "New" OS, and of course deletes all user info

How to do it:
1) Remove the battery, and then wait for about 20 min or so before putting it back

2) Press and hold these three keys together -Green dial key, Star key[*], Three key [3]

3) switch ON the phone.

4) Do not let go the three keys until you see the WELCOME screen displayed and just let it complete the boot process

FACEBOOK SHORTCUTS

It would be so nice if the easiest thing in the world(i.e. facebook) become even easier. Yes facebook is providing lots of keyboard shortcuts but we dont know that yet. shortcut for posting status sending message and even to scroll between news feeds. You will hardly use mouse while using facebook after reading this .

How to Bypass youtube age restrictions

hey there!

I am going to show you an interesting thing. Many times opening youtube video it says this video is age restricted and we have to verify our age by providing our username and password, what if you don't own a account? yeah you can surely make one. but for watching one simple video or a horror or a action movie you dont need to create an account which is time consuming and even sign in up for watching just a simple video doesnt worth it.

so i will show you how to bypass these irritating things!

Its a simple thing and you just have to change the url a little bit.

first of all when you will observe the url you will see the "watch?v=" part. you have to replace it by "v/"

press enter with the modified url. anf bingo! enjoy the video.

Facebook accept 3 'PASSWORDS'

 

Hello,

For today's generation basic needs are not just food cloths and shelter but facebook too. Most of the people (all) must be starting their day with logging in facebook and even ends their day with facebook. our generation can stay without water for a day but not without facebook.

But still many of us dont know that facebook accept 3 passwords. Yes we have logged in to facebook for thousands of time and we have entered our passwords for thousands of time. But still people are unaware of the fact of 3 passwords. I have listed it below:

1) The first one is your original password . That is obvious lets take an example as my password is rAjDesaI.

2) the second password is just toggle the letters of your password. That is Capital to small and small to Capital. In our case if you enter "RaJdESAi" facebook will accept it This is not some kind of issue with facebook security . facebook has intentionally provided this so that some times when our capalock is on by mistake we dont need to re enter the password, And it is too common to get irritate with the error "incorrect user ID or PASSWORD" .

3)The third password is the same password with first letter capital. This is the function provided because in mobiles by default the first letter is capital so we have turn off the caps lock first. well facebook gives us freedom to write the password without turning off the caps in mobile. In our case

 the password RAjDesaI wtll be the correct pass.

SMTP,POP3,FTP & VoIP

SMTP

(SIMPLE MAIL TRANSFER PROTOCOL)

SMTP stands for Simple Mail Transfer Protocol. SMTP is used when email is delivered from an email client, such as Outlook Express, to an email server or when email is delivered from one email server to another. SMTP uses port 25.

POP3

(POST OFFICE PROTOCOL)

POP3 stands for Post Office Protocol. POP3 allows an email client to download an email from an email server. The POP3 protocol is simple and does not offer many features except for download. Its design assumes that the email client downloads all available email from the server, deletes them from the server and then disconnects. POP3 normally uses port 110.

COMPARISON  BETWEEN SMTP &POP

  POP is a protocol for storage of email. SMTP is a protocol for sending and receiving.

     

              To give a real-world illustration, SMTP would be like a letter carrier or mailman. He or she can deliver or pick up mail for transfer to another location. POP is like a mailbox or Post Office Box. It is the location the mail is delivered to and where it stays until the recipient is ready to read it. Outgoing mail can also be put in the mailbox.

           SMTP is the standard by which the vast majority of mail of transferred on the Internet. Though invented in the early 1980s, it has a reputation for being very reliable. Most mail goes through without problems and gets to the recipient quickly.

           However, SMTP also has some shortcomings that were not anticipated when it was first created, and that has created issues for many modern users. SMTP has no way of verifying senders are who they claim they are. Back in the 1980s, when the Internet was used among a select group of people mainly in government and academia, this was not a big issue.

      Since the 1990s, it has become a major problem. SMTP’s shortcomings, have given rise not only to spam, but a host of other more malicious enterprises, such as virus transfers. If a program can search an inbox and send a virus as an attachment to everyone on a certain person’s contact list, using that person’s name, it is more likely to be opened by the recipient, who trusts the person they think it is coming from. Though efforts have been made to increase the security of the SMTP standard, it is still a long way from being truly effective.

     POP was first designed in 1984 with the idea of allowing users to access an e-mail server, retrieve messages to a local folder located on the computer, and then go offline for reading and writing replies. In part, the offline capabilities were developed at a time when logging on to the Internet was relatively expensive and users were charged per minute. Currently, most of those using the POP standard are using the third version, developed in 1988. This is often referred to as POP3.

FTP

(FILE TRANSFER PROTOCOL) 

FTP means File Transfer Protocol, it is used to send larger packets of data than the traditional TCP/IP protocol. This is usually used when you download programs or documents from the internet.FTP normally uses port 21.

   As an example if u are owning a website,which obviously contains files and data s according to the requirement.. we have to transfer our files to display on the webpage or to execute on the website.FTP is used for transfering our file to the website or to download updated files from the website. basically FTP is the way of communication to the web server.

VOIP

 VOICE OVER IP (VOICE OVER INTERNET PROTOCOL, VOIP)

Voip is a methodology and group of technologies for the delivery of voice communication and multimedia sessions over Internet Protocol (IP) networks, such as the Internet. Other terms commonly associated with VoIP are IP telephony, Internet telephony, voice over broadband (VoBB), broadband telephony, IP communications, and broadband phone service.

        VoIP is a technology that allows telephone calls to be made over computer networks like the Internet. VoIP converts analog voice signals into digital data packets and supports real-time, two-way transmission of conversations using Internet Protocol (IP).

       VoIP calls can be made on the Internet using a VoIP service provider and standard computer audio systems. Alternatively, some service providers support VoIP through ordinary telephones that use special adapters to connect to a home computer network. Many VoIP implementations are based on the H.323 technology standard.
     
     VoIP offers a substantial cost savings over traditional long distance telephone calls. The main disadvantage of VoIP is a greater potential for dropped calls and degraded voice quality when the underlying network links are under heavy load.

What is Authentication

AUTHENTICATION

Authentication is the process which allows a sender and receiver of information to validate each other. If the sender and receiver of information cannot properly authenticate each other, there is no trust in the activities or information provided by either party.  Authentication can involve highly complex and secure methods or can be very simple.  The simplest form of authentication is the transmission of a shared password between entities wishing to authenticate each other. Today’s authentication methods uses some of the below factors.

1) What you know:

An example of this type of Authentication is a "Password". The simple logic here is that if you know the secret password for an account, then you must be the owner of that account. The problems associated with this type of Authentication is that the password can be stolen, someone might read it if you wrote it somewhere. If anyone came to know your password, he might tell someone else. If you have a simple dictionary password, it is easy to crack it by using password cracking software. 

2) What you have:

Examples of this type of Authentication are smart cards, tokens etc.  The logic here is if you have the smart card with you, you must be the owner of the account. The problems associated with this type of authentication are you might lose the smart card, it can be stolen, or someone canduplicate the smart card etc. 

3) What you are:

Examples of this type of authentication are your fingerprint, handprint, retina pattern, voice,keystroke pattern etc. Problems associated with this type of authentication are that there is a chance of false positives and false negatives. Chances are there that a valid user is rejected and an invalid user is accepted. Often people are not comfortable with this type of authentication.

Network Authentication are usually based on Authentication protocols, Digital Certificates,Username/Password, smart card etc. Some of the most important authentication protocols which are used today are Kerberos, Challenge Handshake Authentication Protocol (CHAP), Microsoft Challenge Handshake Authentication Protocol (MSCHAP) etc

How to see the mac adress of your phone

I ll show you how to see the mac address of your phone.

Get mac address on your android phone
ANDROID:

Finding MAC address on a Android Phones
1. On your HOME screen, click on MENU, goto SETTINGS.
2. click on  About Phone.
3. Click on Status. 

And VIEW your Wi-Fi MAC address!

Finding MAC address on an Android Tablet

1. On your HOME screen, click on MENU, goto SETTINGS.

2. click on  About Tablet.
3. Click on Status. 

And VIEW your Wi-Fi MAC address!

iOS [ iPad, i pod or iPhone Touch]

Finding MAC address on in iPad, iPhone or iPod Touch-.
1.  Click on Settings.
2.  Select General -> About.
MAC address can be seen in Wi-Fi Address.

 Windows Phones

Finding  MAC address  on a windows phone.1. On Start,  flick left to App  list.

2. Tap Setting, then About, then More info.
3. MAC Address  can be seen.

HOW TO MAKE MOBILE PHONE JAMMER

MOBILE PHONE JAMMER

     A mobile phone jammer is an instrument used to prevent cellular phones from receiving signals from base stations.Smaller jamming devices are battery operated. Some look like cellphones and use cellphone batteries. Stronger devices can be plugged into a standard outlet or wired into a vehicle's electrical system.

     Many cell phones use GSM800 mobile standard to operate, thus our VCO (sweeping oscillator) is tuned to the 800MHz frequency range. It may be quite difficult to make this one to work properly without some skills and good testing tools, but in result you will have the efficient VCO

 

HOW TO MAKE MOBILE PHONE JAMMER

1. Used mixer was originally made for 600MHz but We modified it a little and it works perfectly for 800MHz.

2. The amplifier makes fantastic thing with output power. Despite it draws additional power supply, it is worth it.

 

3. Jammer case was made from old aluminium box and UHF connectors So we took body of old Motorola phone.

 

4. Those connectors must be soldered to the mini-circuit to work properly.

 

5. To supply this little signal jammer the nine volts battery with voltage regulator is enough. We have separated it from other electronic components with foam plastic. 

 

6. Don't forget to make a power switch for your new creation.

7. Attach antennas to the UHF connectors. 

 Jammer Scheme:

Classes of IP Addresses

Class A - IP addresses

"Class A" IP addresses are for very large networks. The left most bit of the left most octet of a "Class A" network is reserved as "0". The first octet of a "Class A" IP address is used to identify the Network and the three remaining octets are used to identify the host in that particular network (Network.Host.Host.Host). 

The 32 bits of a "Class A" IP address can be represented as 0xxxxxxx.xxxxxxxx.xxxxxxxx.xxxxxxxx.

The minimum possible value for the leftmost octet in binaries is 00000000 (decimal equivalent is 0) and the maximum possible value for the leftmost octet is 01111111 (decimal equivalent is 127). Therefore for a "Class A" IP address, leftmost octet must have a value between 0-127 (0.X.X.X to 127.X.X.X).

The network 127.0.0.0 is known as loopback network. The IP address 127.0.0.1 is used by the host computer to send a message back to itself. It is commonly used for troubleshooting andnetwork testing. 

Computers not connected directly to the Internet need not have globally-unique IP addresses. They need an IP addresses unique to that network only. 10.0.0.0 network belongs to "Class A" is reserved for private use and can be used inside any organization.

Class B - IP addresses

"Class B" IP addresses are used for medium-sized networks. Two left most bits of the left most octet of a "Class B" network is reserved as "10". The first two octets of a "Class B" IP address is used to identify the Network and the remaining two octets are used to identify the host in that particular network (Network.Network.Host.Host).

The 32 bits of a "Class B" IP address can be represented as 10xxxxxx.xxxxxxxx.xxxxxxxx.xxxxxxxx.

The minimum possible value for the leftmost octet in binaries is 10000000 (decimal equivalent is 128) and the maximum possible value for the leftmost octet is 10111111 (decimal equivalent is 191). Therefore for a "Class B" IP address, leftmost octet must have a value between 128-191 (128.X.X.X to 191.X.X.X).

Network 169.254.0.0 is known as APIPA (Automatic Private IP Addresses). APIPA range of IP addresses are used when a client is configured to automatically obtain an IP address from the DHCP server was unable to contact the DHCP server for dynamic IP address.

Networks starting from 172.16.0.0 to 172.31.0.0 are reserved for private use.

Class C- IP addresses

"Class C" IP addresses are commonly used for small to mid-size businesses. Three left most bits of the left most octet of a "Class C" network is reserved as "110". The first three octets of a "Class C" IP address is used to identify the Network and the remaining one octet is used to identify the host in that particular network (Network.Network.Networkt.Host).

The 32 bits of a "Class C" IP address can be represented as 110xxxxx.xxxxxxxx.xxxxxxxx.xxxxxxxx.

The minimum possible value for the leftmost octet in binaries is 11000000 (decimal equivalent is 192) and the maximum possible value for the leftmost octet is 11011111 (decimal equivalent is 223). Therefore for a "Class C" IP address, leftmost octet must have a value between 192-223 (192.X.X.X to 223.X.X.X). 

Networks starting from 192.168.0.0 to 192.168.255.0 are reserved for private use.

Class D- IP addresses

Class D IP addresses are known as multicast IP addresses. Multicasting is a technique developed to send packets from one device to many other devices, without any unnecessary packet duplication. In multicasting, one packet is sent from a source and is replicated as needed in the network to reach as many end-users as necessary. You cannot assign these IP addresses to your devices.

Four left most bits of the left most octet of a "Class D" network is reserved as "1110". The other 28 bits are used to identify the group of computers the multicast message is intended for.

The minimum possible value for the left most octet in binaries is 11100000 (decimal equivalent is 224) and the maximum possible value for the leftmost octet is 11101111 (decimal equivalent is 239). Therefore for a "Class D" IP address, leftmost octet must have a value between 223-239 (223.X.X.X to 239.X.X.X).

Class E -IP addresses

Class E is used for experimental purposes only and you cannot assign these IP addresses to your devices.

Four left most bits of the left most octet of a "Class E" network is reserved as "1111".

The minimum possible value for the left most octet in binaries is 11110000 (decimal equivalent is 240) and the maximum possible value for the leftmost octet is 11111111 (decimal equivalent is 255). Therefore for a "Class E" IP address, leftmost octet must have a value between 240-255 (240.X.X.X to 255.X.X.X).

Limited Broadcast

255.255.255.255 is used to send messages to all devices in the LAN and this IP addrress is known as limited broadcast IP address.

You have learned IP addresses, different classes of IP addresses, Class A IP address, Class B IP address, Class C IP address, Class D IP address, Class E IP Address, public IP address, private IP address, multicast IP address, Limited broadcast IP address and Automatic Private IP Addresses (APIPA).