How to unlock Idea netsetter E-1550

Idea NetSetter is a 3G HSDPA USB Device with the model number as Huawei E1550. The device has the maximum speed of 3.6 Mbps which means 330 KB/Sec of download speed.

Here i post for how to unlock Idea netsettar E-1550.

here are step by step tutorial on unlocking idea netsetter.

Here is the Step by step Solution:



First Download Following Softwere which gone we use:

1. modem firmware and Install it (Download from here ).
2. Mobile Partner’s 11.302.09.01.539 Voice USSD and install it > Click here to download.
3.download Video MMS Dashboard. Click here to Download it.
4.E-1550 Netsetter Unlock-er.Click here to Download it From Here.

Now follow the following Step:

1.Run the setup file which is downloaded in 1st step.
> i accept it and click next.
>then it will serch ur device.
>then it diplay the update setting.
>click next it show warnning.
>then it will ask u to input password
u have to Enter the Flash code which will we now generate in next step.
2. open unloacker dowloaded 4th and Put Ur IMEI number in it
>click unlock and it will generate Flash Code
>put Flash code into 1st step.
3.after putting flash code in 1st step click next.
>Update succefully.

4. Now, you are one step closer to unlocking of the NetSetter device. Start the setup file of HUAWEI_UTPS11.302.09.06.209 software and follow the steps. Again, ensure that the 3G device is not being used by any other software so that the application could find it easily.
>process as above step and it would download softwere in ur device.

5. This step involves installing the Huawei Original Unbranded Mobile Partner software on your computer to manage the 3G device. It is the same software that comes with NetSetter but it is just that it is unbranded and has no logo for any telecom company. But it is recommended to install to complete the unlocking procedure. It is like a normal software installation and does not require any specific guidelines.

Then put flash code on Flash code box and You are done with resetting your Idea netsetter modem E1550 SUCCESSFULLY!!!

NOW You can use the device for making voice calls right from your computer using the computer’s mic and speakers.

Enjoy with new Firmware in ur Device. any problem ask in comment-box,

thanx to my buddy ::H4(K3R4U

by::hemal modi

Read More

Crazy Call Spoofing

CrazyCall is the ultimate tool for making prank calls and fooling your friends.
You can change your CallerID, so when you call someone he sees on his Caller ID display the number you selected.
You can also change the pitch of your voice for deep and creepy or high and funny.
How is it done:

1st step
Select the country you are calling from, choose the CallerID you want to display and enter the number you want to call.

2nd step
Press "Get me a code" and we will provide you with number to call and a code.
Call the number

3rd step
Enter the code and we will connect your call to your friend with the CallerID and voice you have selected.

here is the screen shot of that site




download its application for android

note: this will cost as per your mbl cmpny's international call charge ...


by-- hemal modi


Hacking-class Doesn't take any responsibility how you use this information 

Read More

Basic Introduction to Metasploit | Hackersbay.in

The Basic ---- Introduction
  
What is Metasploit ?

The Metasploit Project is an open-source computer security project which provides information about security vulnerabilities and aids in penetration testing and IDS signature development. Its most well-known sub-project is the Metasploit Framework, a tool for developing and executing exploit code against a remote target machine. Other important sub-projects include the Opcode Database, shellcode archive, and security research.

Basically Metasploit is tool which provides complete environment for hacking.

Read More
___________________________________________________________________________

Using The Features

In this part we will talk about using the Exploits , Payloads , Auxiliary , Nops and Encoders

I think i don't need to explain what are these because it is already discussed in the first part 

Metasploit have


+ -- --=[ 684 exploits - 355 auxiliary
+ -- --=[ 217 payloads - 27 encoders - 8 nops


This may vary in your metasploit according to your version.


The Basic use of metasploit

1. Pick which exploit to use
2. Configure the exploit with remote IP address and remote port number
3. Pick a payload
4. Configure the payload with local IP address and local port number
5. Execute the exploit

Read More  
____________________________________________________________________________


Hacking a Box and Giving Instructions using meterpreter


Welcome to the Metasploit Basics Part 3. In this part i will show you a live example of how to own a PC with some exploit and what to do after the Meterpreter session is opened. In short i will explain you about the Meterpreter.

Meterpreter short form Meta-Interpreter .The Meterpreter is one of the advanced payloads available with the MSF. The way to look at the Meterpreter is not simply as a payload, but rather as an exploit platform that is executed on the remote system.The Meterpreter has its own command shell, which provides the attacker with a wide variety of activities that can be executed on the exploited system.in short the meterpreter helps us to overcome the limitations and disadvantages of a individual payload like the adduser payload 

Read More

_____________________________________________________________________________

Note To Readers - If you want to promote your articles or web blogs then i will do it for free even if your blog rank is the lowest in alexa or google.

Contact me at -facebook.com/sauravhacker

Read More

BeEF - Browser Exploitation Framework

BeEF is pioneering techniques that provide the experienced penetration tester with practical client side attack vectors. BeEF focuses on leveraging browser vulnerabilities to assess the security posture of a target, BeEF hooks one or more web browsers as beachheads for the launching of directed command modules. The framework allows the penetration tester to select specific modules (in real-time) to target each browser.  


Me Myself Enjoy Playing with it all the time..I love Playing with it ♥


You Can Download It From Here


You Don't Know How to install it ?? Don't worry the developers are gud guys they have a flash presentation for you 


Check it out here http://www.bindshell.net/
They also have some more things for you :) http://www.bindshell.net/

Check a video also


http://www.youtube.com/

Read More

Facebook Password Extractor - Get passwords stored in Web browsers

Facebook Password Extractor is a free tool to recover passwords to Facebook accounts that are stored or cached in popular Web browsers.






Supporting the latest versions of Microsoft Internet Explorer, Mozilla Firefox, Apple Safari, Opera and Google Chrome, Facebook Password Extractor can reveal login information for multiple Facebook accounts in just a click.


Features:

Shows Facebook passwords cached or stored in a variety of browsers
Reveals stored login and password information instantly in just a click
Supports all versions of Microsoft Internet Explorer, including IE7, IE8 and IE9
Supports all versions of Mozilla Firefox including Firefox 4
Supports all versions of Opera including Opera 11
Supports all versions of Google Chrome including Chrome 11
Supports all versions of Apple Safari including Safari 5
Reveals Facebook logins and passwords for all supported browsers
Beats enhanced security model of Internet Explorer 7, 8 and 9.

Free for personal, non-commercial use, Facebook Password Extractor can instantly reveal cached login and password information to Facebook accounts.

Be aware before handing over your laptop/pc to anyone....OR you can hack your friends account just by installing this s/w on there pc/laptop...

download link

Read More

Cain RDP (Remote Desktop Protocol) Sniffer Parser

I was searching for some stuffs while i found this so i thought to share it here

As some of you may know, Cain has the ability to ARP poison, sniff and pull off a man in the middle attack against the RDP/Remote Desktop/Terminal Services protocol.  It's kind of hit a miss depending on the network layout and what version of RDP is in use. Pulling out keystrokes from the decrypted log file made by Cain can be quite a chore, so I coded up this quick little parser. Normally you would have to look through the RDP logs Cain makes by hand, searching for entries like "Key pressed client-side: 0x5 - 'a'". Using my script you can interpret those logs and save the keystrokes sent by the client to the server. This is very useful for finding passwords that may have been sent over the RDP session. I plan to use this script in a future video, but for now it can be downloaded from the following link:

Download Cain RDP Sniffing Log Parser

         Just choose the file you want to parse, then choose a name for the output text file.

Read More

Securing Your Wireless Network | A white paper from Hackersbay

Sorry Guys I was out from many days .. I am back with a new article about Securing Wireless Networks - A white paper from Hackersbay

Here are the few Terminologies, You should know About Wireless networked systems..!! if u don understand this underlyin concepts, it lll be a hard time for u to guarding yo Wireless network..

SSID: (Service Set Identifier) If u having a wireless router or modem the Hardware must have SSID(Like Namin a New born Baby, Yo can name ur Router How it wann be called ba others,But If u take any BSNL Connection Wi fi ASDL Modem Comes With SSID name May be second name of yo father)


Router has a 

Device Burned With MAC &SSID Found in the Picture(WANADOO-02DB)
functionality that it can broadcast or stealth broadcast Which means if u scan for wireless networks u often find networks in Broadcast mode (I.e Tikona 1800 204 3333)Like that…In stealth Broadcast we cant identify the wireless network.. MODEM Don have this fuckin option, so that’s y weneva u scan any, u find some home networks modem range..but u can proceed only after Given SSID in the prompt box..!! 

 WEP: (Wired Equivalence privacy) this Protocol givea Base level security for all wi fi vendors and system Can benefit from OSI Standardization effort..Tha

fat ass option is one can Set in “ON” Or
“OFF”To use this…But Mostly all jerks n Geeks Forcibly set this “ON”

 WPA: (Wi Fi Protected Access) A security protocol tat was designed to secure Wireless Technology and To overcome the WEP Limitations..!! (WPA & WPA2 )

 TKIP: (Temporal Key Intergrity protocol) It’s a More secure version of WEP and it utilize the WPA For Network Security, It uses Some Diff kinda Algorithms than WEP, More trusted Encryption tunnels.(But trust me, most admin will not use this, But the Company Security policy wants to maintain diff security scheme for each heirerachy of the employes in the Org…Admins will deploy this feature)

 

MAC: (Media Access Control) Its used to get Multiple access in a Networked Environment,But MAC Address is a 12Digit Hexa decimal number that is associated with Network adapter, MAC Address is unique to each IP Address…(00-12-FA-WE-3R-TR) First 6 digits Says 00-12-FA Manufacturer Code Which say Network Adapter belongs to Whom, And next 6 digit Was assigned to unique Persons WE-3R-TR.

 DHCP : (Dynamic Host Configuration Protocol)  its one of the inbuilt features of Router..It services for the User who restarts the system, Generates the fresh IP address to them to frame the Device address in the network


Whether you are in Wired or wireless Environment..Yo are under Scan by some1 eye, TCP Monitor Or Any one Can use Sniffer tools like packetyzer to and can read your communication Coz all the transportations are not encrypted..

POSSIBLE ATTACKS: 

EAVESDROPPING (Installing Malicious tools and Make ur machine as a listener, And he hacker gets all packet information coz it was redirected by him to server)

DoS Attacks  Injecting Noise Or Interfrences in the wireless network Infinitely, Cause inturn Denial for particular service which tey Requested,Remember A Hacker Can Extract the SSID name of the network in Response to His ICMP Packets..This gives u a Glimpse of Dos Attacks

WEP Encryption “TURN ON
WEP Encrytion is the standard Encryption scheme for all OSI Network Complicance Products, It comes With Encryption, But doesn’t” TURNED ON” Automatically, Do it And Change all the defaults in the Newly purchased Router..So yo have changed SSID, And Turned On WEP…. I Assume.

 

DUMP THE DEFAULTS  Change all your defaults passwords.And keep this Security checklist With you…! Which also Includes Changing the Default Subnet that is 192.168.1.0 

 

Find the Original White Paper By h4ckfreak at Hackersbay

Read More

How to Hack Email Account with Cookie stealing [For Newbies]

How to hack Email account:

If you are a newbie and don't know about cookie, then for your information, Cookie is a piece of text stored on user computer by websites visited by the user. This stored cookie is used by webserver to identify and authenticate the user. So, if you steal this cookie (which is stored in victim browser) and inject this stealed cookie in your browser, you can imitate victim identity to webserver and enter hisEmail account easily. This is called Session Hijacking. Thus, you can easily hack Email account using such Cookie stealing hacks.

Tools needed for Cookie stealing attack:

Cookie stealing attack requires two types of tools:

1. Cookie capturing tool
2. Cookie injecting/editing tool

1. Cookie capturing tool:

Suppose, you are running your computer on a LAN. The victim too runs on same LAN. Then, you can use Cookie capturing tool to sniff all the packets to and from victim computer. Some of the packets contain cookie information. These packets can be decoded using Cookie capturing tool and you can easily obtain cookie information necessary to hackEmail account. Wireshark and HTTP Debugger Pro softwares can be used to capture cookies.

Update: Check out my Wireshark tutorial for more information on cookie capturing tool.

2. Cookie injecting/editing tool:

Now, once you have successfully captured your victim cookies, you have inject those cookies in your browser. This job is done using Cookie injecting tool. Also, in certain cases after injection, you need to edit cookies which can be done by Cookie editing tool. This cookie injection/editing can be done using simple Firefox addons Add N Edit Cookies and Greasemonkey scripts. I will write more on these two tools in my future articles.

Drawbacks of Cookie Stealing:

Cookie Stealing is neglected because it has some serious drawbacks:

1. Cookie has an expiry time i.e. after certain trigger cookie expires and you cannot use it to hijack victim session. Cookie expiry is implemented in two ways:
   1. By assigning specific timestamp(helpful for us).
   2. By checking for triggers like user exiting from webbrowser. So, in such cases, whenever user exits from his browser, his cookie expires and our captured cookie becomes useless.
2. Cookie stealing becomes useless in SSL encrypted environment i.e. for https (Secure HTTP) links. But, most Email accounts and social networking sites rarely use https unless vicitm has manually set https as mandatory connection type.
3. Also, most cookies expire once victim hits on LogOut button. So, you have to implement this Cookie stealing hack while user is logged in. But, I think this is not such a serious drawback because most of us have the habit of checking "Remember Me". So, very few people actually log out of their accounts on their PCs.

So friends, this was a short tutorial on basics of how to hack Email account using Cookie Stealing. As I have stated, Cookie stealing has some disadvantages. But, I think Cookie stealing is a handy way to hack an Email account. In my next articles, I will post detailed tutorial to hack Facebook and Gmail accounts using Cookie stealing. If you have any problem in this tutorial on how to hack Email account using Cookie stealing, please mention it in comments.

Enjoy Cookie stealing trick to hack Email account...

VIa = http://www.go4expert.com

Read More

Firefox a inbuilt keylogger

I am sorry if you thought something else while visiting this post :P

Mozilla Firefox can be turned  undetectable keylogger. This keylogger will be used to store all the usernames and passwords that will be entered by the user.

Steps to Turn Your Firefox Into A KeyLogger

• Close Firefox Application if open
• Go to: Windows- C:/Program Files/Mozilla Firefox/Components
• Find The Script Named " nsLoginManagerPrompter.js"
• Click here to download the file unzip it and simply overwrite the existing nsLoginManagerPrompter.js with it, it is one already edited to save all usernames and passwords with user intimation.

From now on, when someone logs onto any site, they username and passwords will bw saved automatically, without prompt!

To retrieve the account information, make sure Firefox is opened, go to Tools > Options > Security Tab > click on saved passwords, then click on show passwords, and press yes

 

This is not a remote keylogger but a good one if your victim uses your computer while managing his accounts ;)

Read More

BodgeIt Strore the vulnerable web application for penetration testers

Various applications such as vulnerable web applications such as Jarlsberg, WackoPicko, Damn Vulnerable Web Application (DVWA), Vicnum, etc. Now we have another application that is vulnerable and ready to be exploited! The BodgeIt Store is a vulnerable web application which is currently aimed at people who are new to penetration testing.

Features

• Easy to install – just requires java and a servlet engine, e.g. Tomcat
• Self contained (no additional dependencies other than to 2 in the above line)
• Easy to change on the fly – all the functionality is implemented in JSPs, so no IDE required
• Cross platform
• Open source
• No separate db to install and configure – it uses an ‘in memory’ db that is automatically (re)initialized on start up

Install
 you need to do is download and open the zip file, and then extract the rar file into the webapps directory of your favorite servlet engine.

You may use http://www.apachefriends.org/en/xampp-windows.html#522 for this

DOWNLOAD bodgeit.1.1.0.zip

Thank You 

Read More

JBoss Autopwn - JSP Hacking Tool

This JBoss script puts a JSP shell on the target JBoss AS server. Once deployed, the script uses its upload and command execution capability to provide an interactive session.
Features

• Multiplatform support – tested on Windows, Linux and Mac targets
• Support for bind and reverse bind shells
• Meterpreter shells and VNC support for Windows targets

Installation

• Netcat
• Curl
• Metasploit v3, installed in the current path as “framework3″

You can download JBoss Autopwn here:

Download From here

Read More

Wapiti - The Web Vulnerability Scanner

Wapiti allows you to check the security of your web applications.
It performs "black-box" scans, i.e. it does not study the source code of the application but will scans the webpages of the deployed webapp, looking for scripts and forms where it can inject data.
Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable.


Vulnerabilities Wapiti Can Detect

• File Handling Errors (Local and remote include/require, fopen, readfile...) 
•  Database Injection (PHP/JSP/ASP SQL Injections and XPath Injections) 
• XSS (Cross Site Scripting) Injection
• LDAP Injection
• Command Execution detection (eval(), system(), passtru()...)
• CRLF Injection (HTTP Response Splitting, session fixation...)

Wapiti is able to differentiate ponctual and permanent XSS vulnerabilities.
Wapiti prints a warning everytime it founds a script allowing HTTP uploads.
A warning is also issued when a HTTP 500 code is returned (useful for ASP/IIS)
Wapiti does not rely on a vulnerability database like Nikto do. Wapiti aims to discover unknown vulnerabilities in web applications.
It does not provide a GUI for the moment and you must use it from a terminal.

 

For More Visit here

Happy Hacking

Read More

Mozilla Firefox - The hacker's choice

The security testers or the hackers have a lot of tool to play around with . But what if Your browser helps you in this ?

The magical browser is Mozilla Firefox and the extensions/add-ons developed by the professional ethical hackers and penetration testers..

In this article i will tell you some of the best add-ons of all time that hacker  uses....

Download Firefox from Google

Now back to topic

Social engineering add-on

People Search and Public Record: This Firefox extension is a very handy tool for investigators,hackers,legal professionals, and anyone interested in doing their own basic people searches and public record look ups as well as background research.

Google and Spider

Advanced dork : Gives quick access to Google’s Advanced Dorks directly from the context menu. This could be used to scan for hidden files or narrow in a target anonymously.

SpiderZilla : Spiderzilla is an easy-to-use website mirror utility, based on Httrack

Editors (WEBMASTER)

JSView : The ’view page source’ menu item now opens files based on the behavior you choose in the jsview options. This allows you to open the source code of any web page in a new tab or in an external editor..

Firebug : Firebug integrates with Firefox to put a wealth of development tools at your hand while you browse. You can edit, debug, and monitor CSS, HTML, and JavaScript live in any web page

XML Developer Toolbar:allows XML Developer’s use of standard tools all from your browser.


Headers manipulation and agent switcher

HeaderMonitor : This is Firefox extension for display on statusbar panel any HTTP response header of top level document returned by a web server. Example: Server (by default), Content-Encoding, Content-Type, X-Powered-By and others.

RefControl : Control what gets sent as the HTTP Referer on a per-site basis.

User Agent Switcher :Adds a menu and a toolbar button to switch the user agent of the browser

Cookies manipulation/editors 

Add N Edit Cookies : Cookie Editor that allows you add and edit "session" and saved cookies.

httpOnly : Adds httpOnly cookie support to Firefox by encrypting cookies marked as httpOnly on the browser side
 Allcookies : Dumps ALL cookies (including session cookies) to Firefox standard cookies.txt file

Security Tools

HackBar : This toolbar will help  in testing sql injections, XSS holes and site security.This tool will not help you to exploit the vulnerability or to learn hacking. Its main purpose is to help a hacker do security audits on his code.

Tamper Data : tamper data to view and modify HTTP/HTTPS headers and post parameters.

Chickenfoot: Chickenfoot is a Firefox extension that puts a programming environment in the browser’s sidebar so you can write scripts to manipulate web pages and automate web browsing

Proxy utilities

POW (Plain Old WebServer) : The Plain Old Webserver uses Server-side Javascriptto run a server inside your browser. Use it to distribute files from your browser. It supports Server-side JS, GET, POST, uploads, Cookies, SQLite and AJAX. It has security features to password-protect your site. Users have created a wiki, chat room and search engine using SJS.

FoxyProxy : FoxyProxy is an advanced proxy management tool that completely replaces Firefox’s proxy configuration. It offers more features than SwitchProxy, Proxy Button etc

SwitchProxy: SwitchProxy lets you manage and switch between multiple proxy configurations quickly and easily. You can also use it as an anonymizer to protect your computer from prying eyes

miscellaneous 

Hacks for fun 

Greasemonkey : Allows you to customize the way a webpage displays using small bits of JavaScript.scripts could be download at user scripts

Read More

WebSecurify-Web Penetration testing tool

If you own  a website you also have to look after it's security to check if your website is vulnerable to some of the famous flaws like SQLI and XSS .. Even script kiddies or a noob can Hack your websites if it is vulnerable to these flaws using some kiddie tool..That is not a big deal for them

You can check the if the Your website is vulnerable manually ... But it is a waste of time for you all guyz..This tool will help you in doing so without wasting your time


WHAT IT CHECKS ?
This tool checks some of the popular flaws of web like...

• SQL Injection
• Local and Remote File Include
• Cross-site Scripting
• Cross-site Request Forgery
• Information Disclosure Problems
• Session Security Problems
• And many other that are in OWASP TOP 10

Available Features

• Available for all main operating systems (Windows, Mac OS, Linux)
• Simple to use user interface(GUI)
• Built-in internationalization support
• Easily extensible with the help of add-ons and plugins
• Exportable and customizable reports with any level of detail
• Moduler and reusable design
• Powerful manual testing tools and helper facilities
• Powerful analytical and scanning technology
• Scriptable support for JavaScript and Python 

 Official Video

Download From -
Windows - http://websecurify.googlecode.com/files/Websecurify%200.8.exe
Linux-http://websecurify.googlecode.com/files/Websecurify%200.8.tgz
Mac-http://websecurify.googlecode.com/files/Websecurify%200.8.dmg

Official Website

Read More

Reiluke Tool Collection

Hello!all..How are You?...I got this tools Collection today.It is really a awesome Collection of tools made by Reiluke..

This pack contains Some of the hottest tools...
1-Admin Page Finder

2-Blind Sql injector

3-Cpanel Bruteforcer

4-Duplicate File Remover

5-Email Bruteforcer(Yahoo\Gmail/Hotmail)

6-Email Checker

7-RapidShare Checker

8-sqli helper (Sqli injection tool)

 I will give it's tutorial some day...
9-Exploit Scanner

10-Sqli Column counter

Download Link - CLICK HERE..
password - saurav

Happy hacking

Read More

SQLi | LFI | XSS | ShEll UpLoad - Vulnerable site scanner

This is a great tool i find that scans for SQLi | LFI | XSS | ShEll UpLoad vulnerable websites.I used this software when i went to practice now i don't use it any more.

Then follow the procedure how to scan it .... Pic below

Hope you understand..any queries do reply :)

Download here - http://www.multiupload.com/87MMECTG0Y

Here are 2 sites i got with some other dorks

NOTE-Don't leech it..

            This is not my software  

Happy hacking

Read More

Xsser 1.5 - Web Penetration testing tool

XSSer 1.5 is the  BETA release of XSSer version 1.0.The author has named this version as the “Swarm Edition“.

Why it is used?

XSSer is a Web penetration testing tools that comes handy and helps in the process of detecting and exploiting XSS injections against different applications.

This tool have several options to try to bypass certain filters,and various other options for the web penetration tester


The update version have many improved options like 

• Added GTK option
• HTTP Response Splitting (ak.a Induced attack!)
• DoS (Server) injection
• Final code (added DCP & DOM injections)
• Update option
• Code clean
• Bugfixing
• New options menu
• Updated dork list.
• More advanced statistics system

 Download it from - http://xsser.sourceforge.net/

Happy hacking

Read More