The Indian Space Research Organisation (ISRO) official website of Indian Earth Observation and Visualization is www.bhuvan.nrsc.gov.in, Today (12 August, 2009) the Beta web 3D tool announced. It is very useful to anybody see the full coverage of Indian Region. The web tool is discover and explore earth in 3D space with specific emphasis on Indian region.
Minister of State in the PMO Prithviraj Chavan launched the beta version of the geoportal www.bhuvan.nrsc.gov.in on Today. It is day-long workshop of the Astronautical Society of India on "21st Century Challenges in Space -- Indian Context."
If you like to use this tool, Firstregister free account via Bhuvan official website. After user login to get to use Indian 3D Mapping Tool. It is similar to Google Earth. The Bhuvan web portal that allowed all to zoom into specific area of interest at high resolution.
For those not familiar with the tool, sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications.
Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user’s specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
Recent Changes
Along all the takeover features introduced in sqlmap 0.7 release candidate 1, some of the new features include:
Adapted Metasploit wrapping functions to work with latest 3.3 development version too.
Adjusted code to make sqlmap 0.7 to work again on Mac OSX too.
Reset takeover OOB features (if any of –os-pwn, –os-smbrelay or –os-bof is selected) when running under Windows because msfconsole and msfcli are not supported on the native Windows Ruby interpreter.
This make sqlmap 0.7 to work again on Windows too.
Minor improvement so that sqlmap tests also all parameters with no value (eg. par=).
HTTPS requests over HTTP proxy now work on either Python 2.4, 2.5 and 2.6+.
For a complete list of changes view the ChangeLog.
In this post we will show how to create a simple virus that disables/blocks the USB ports on the computer (PC). C programming language used create this virus. Anyone with a basic knowledge of C language should be able to understand the working of this virus program.
Once this virus is executed it will immediately disable all the USB ports on the computer. As a result the you’ll will not be able to use your pen drive or any other USB peripheral on the computer. The source code for this virus is available for download. You can test this virus on your own computer without any worries since wehave also given a program to re-enable all the USB ports.
3. You need to compile them before you can run it. A step-by-step procedure to compile C programs is given in my post - How to Compile C Programs.
3. Upon compilation of block_usb.c you get block_usb.exe which is a simple virus that will block (disable) all the USB ports on the computer upon execution (double click).
4. To test this virus, just run the block_usb.exe file and insert a USB pen drive (thumb drive). Now you can see that your pen drive will never get detected. To re-enable the USB ports just run the unblock_usb.exe (you need to compile unblock_usb.c) file. Now insert the pen drive and it should get detected.
I have got a lot of comments that the settings for free Airtel GPRS that I had posted earlier doesn’t work. So I have found out another hack to get free GPRS on Airtel. The following settings have been tested in different States and are found to be successfully working on most of them.
I have got 2 settings which you can tryout to see if any of them works for you.
First IP Address :: 10.49.16.10 Port :: 8877 APN :: airtelfun.com
Second IP Address :: 200.199.82.61 Port :: 8080 APN :: airtelmms.com
second one works in some states only
I have also got some IP Addresses and Open Ports which are working for different Users so I have listed them. You can tryout if the above settings doesn’t work.
Working IP Addresses (a) 10.2.45.155 (b) 10.49.16.10 (c) 10.4.1.55 (d) 10.6.6.6 (e) 10.89.15.15 (f) 100.1.200.467 (g) 100.1.200.211 (this one is for west bengal)
In this post We will tell you about how the domain names are hacked and how they can be protected. The act of hacking domain names is commonly known as Domain Hijacking. For most of you, the term “domain hijacking” may seem to be like an alien. So let me first tell you what domain hijacking is all about.
Domain hijacking is a process by which Internet Domain Names are stolen from it’s legitimate owners. Domain hijacking is also known as domain theft. Before we can proceed to know how to hijack domain names, it is necessary to understand how the domain names operate and how they get associated with a particular web server (website).
The operation of domain name is as follows
Any website say for example gohacking.com consists of two parts. The domain name (gohacking.com) and the web hosting server where the files of the website are actually hosted. In reality, the domain name and the web hosting server (web server) are two different parts and hence they must be integrated before a website can operate successfully. The integration of domain name with the web hosting server is done as follows.
1. After registering a new domain name, we get a control panel where in we can have a full control of the domain.
2. From this domain control panel, we point our domain name to the web server where the website’s files are actually hosted.
For a clear understanding let me take up a small example.
John registers a new domain “abc.com” from an X domain registration company. He also purchases a hosting plan from Y hosting company. He uploads all of his files (.html, .php, javascripts etc.) to his web server (at Y). From the domain control panel (of X) he configures his domain name “abc.com” to point to his web server (of Y). Now whenever an Internet user types “abc.com”, the domain name “abc.com” is resolved to the target web server and the web page is displayed. This is how a website actually works.
What happens when a domain is hijacked
Now let’s see what happens when a domain name is hijacked. To hijack a domain name you just need to get access to the domain control panel and point the domain name to some other web server other than the original one. So to hijack a domain you need not gain access to the target web server.
For example, a hacker gets access to the domain control panel of “abc.com”. From here the hacker re-configures the domain name to point it to some other web server (Z). Now whenever an Internet user tries to access “abc.com” he is taken to the hacker’s website (Z) and not to John’s original site (Y).
In this case the John’s domain name (abc.com) is said to be hijacked.
How to hijack a domain name
To hijack a domain name, you need to gain access to the domain control panel of the target domain. For this you need the following ingredients
1. The domain registrar name for the target domain.
2. The administrative email address associated with the target domain.
You can get these information by accessing the WHOIS data of the target domain. To get access the WHOIS data, goto whois.domaintools.com, enter the target domain name and click on Lookup. Once the whois data is loaded, scroll down and you’ll see Whois Record. Under this you’ll get the “Administrative contact email address”.
To get the domain registrar name, look for something like this under the Whois Record. “Registration Service Provided By: XYZ Company”. Here XYZ Company is the domain registrar. In case if you don’t find this, then scroll up and you’ll see ICANN Registrar under the “Registry Data”. In this case, the ICANN registrar is the actual domain registrar.
The administrative email address associated with the domain is the backdoor to hack the domain name. It is the key to unlock the domain control panel. So you need to hack this email account and take full control of it. Email hacking has been discussed in my previous post how to hack an email account.
Once you take full control of this email account, you need to visit the domain registrar’s website and click on forgot password in the login page. You will be asked to enter either the domain name or the administrative email address to initiate the password reset process. once you do this all the details to reset the password will be sent to the administrative email address. Since you already have access to this email account you can easily reset the password of domain control panel. After resetting the password, login to the control panel with your new password and from there you can hijack the domain within minutes.
How to protect the domain name from being hijacked
The best way to protect the domain name is to protect the administrative email account associated with the domain. If you loose this email account, you loose your domain. So refer my previous post on how to protect your email account from being hacked. Another best way to protect your domain is to go for private domain registration. When you register a domain name using the private registration option, all your personal details such as your name, address, phone and administrative email address are hidden from the public. So when a hacker performs a WHOIS lookup for you domain name, he will not be able to find your name, phone and administrative email address. So the private registration provides an extra security and protects your privacy. Private domain registration costs a bit extra amount but is really worth for it’s advantages. Every domain registrar provides an option to go for private registration, so when you purchase a new domain make sure that you select the private registration option.
This is really very easy one but very effective one. Enjoy it!
First, create a shortcut on your desktop by right-clicking on the desktop, choosing New, and then choosing Shortcut. The Create Shortcut Wizard appears. In the box asking for the location of the shortcut, type shutdown. After you create the shortcut, double-clicking on it will shut down your PC.
But you can do much more with a shutdown shortcut than merely shut down your PC. You can add any combination of several switches to do extra duty, like this:
shutdown -r -t 01 -c “Rebooting your PC” Double-clicking on that shortcut will reboot your PC after a one-second delay and display the message “Rebooting your PC.” The shutdown command includes a variety of switches you can use to customize it.
I use this technique to create two shutdown shortcuts on my desktop—one for turning off my PC, and one for rebooting. Here are the ones I use:
shutdown -s -t 03 -c “Bye Bye m8!” shutdown -r -t 03 -c “I ll be back m8 !”
-t nn Indicates the duration of delay, in seconds, before performing the action.
-c “messagetext” Displays a message in the System Shutdown window. A maximum of 127 characters can be used. The message must be enclosed in quotation marks.
This is a New Version of Super Bluetooth Hack for Conventional and Mobile-based Symbian. This program through MDM can be used to control other people’s mobile phone at a distance (10-15 metres, it’s Then)
What else can you do once connected to a another phone via blue tooth?
1) Read SMS matches. 2) Turn off telephone. 3) Switch on music. 4) Choose modes (normal, without sound …) 5) Block Phone. 6) Read his Contacts 7) Change Profile Play his Ringtone even if phone is on silent 9) Restore Factory Settings. 10) Restart the phone 11) Change Ringing Volume And here comes the best “Call from his phone” it includes all call functions like hold etc. And much, much more
Install: 1) Download 2) Pour on the mobile 3) Run the Installer (what you download, incidentally need JAVA) 4) He finds it, and you will be able to run software 5) Choose the language and going configured 6) Click Connection 7) Click search devices Choose the “victim” 9) AND MANAGE
Many people search for free Airtel message center number to start sending unlimited messages without paying for them. Well, previously many websites made posts on these free message center numbers, but after the frequent use of the number, Airtel capped or filtered those numbers from further use. But still there are few working message center numbers and here I am going to reveal that with you. Note that Airtel might ban this number anytime, so be fast in using this and send free sms to anyone from your Airtel mobile number.
How to send unlimited free SMS using free SMS center no hack
Navigate to Messages option on your mobile and click on Settings
Click on Message Center Number and proceed to add a new message center number.
In Message Center Name field, write anything. For an example, “Hungry Hacker”.
In the Message Center Number field, write +919810051905
Choose Preferred Connection Type as Packet Data
Save the message center and activate it from the options.
Now we have configured the message settings to send and receive all message through an another message center number. But since we have selected Packet data as connection type, we have to do some additional settings on our phone.
Go to your phone menu and navigate to Settings >> Phone Settings >> Connection >> Packet Data
In the settings of packet Data, edit the following options
Packet Data Connection >> When available and Access Point >> Airtel Live
Save all settings and you are done.
Note: Here we are using a CDMA message center number to send free messages from Airtel mobile. Since CDMA networks don’t support 91 as the country code, you have to add 0 before every number. This is very important and if you make mistake here, this trick will not work.
Example : Suppose you want to send free messages to 9861098610, now while composing the SMS, type this number as 09861098610 in stead of 919861098610 or +919861098610.
And also, message center number settings option may vary from phone to phone. The above steps are mentioned for Nokia mobile phones. If you want to try sending free SMS from any other handset, use your mobile manual and set the new message center number accordingly.
A tool that automatically steals IDs of non-encrypted sessions and breaks into Google Mail accounts has been presented at the Defcon hackers’ conference in Las Vegas.
Last week Google introduced a new feature in Gmail that allows users to permanently switch on SSL and use it for every action involving Gmail, and not only, authentication. Users who did not turn it on now have a serious reason to do so as Mike Perry, the reverse engineer from San Francisco who developed the tool is planning to release it in two weeks.
When you log in to Gmail the website sends a cookie (a text file) containing your session ID to the browser. This file makes it possible for the website to know that you are authenticated and keep you logged in for two weeks, unless you manually hit the sign out button. When you hit sign out this cookie is cleared.
Even though when you log in, Gmail forces the authentication over SSL (Secure Socket Layer), you are not secure because it reverts back to a regular unencrypted connection after the authentication is done. According to Google this behavior was chosen because of low-bandwidth users, as SLL connections are slower.
The problem lies with the fact that every time you access anything on Gmail, even an image, your browser also sends your cookie to the website. This makes it possible for an attacker sniffing traffic on the network to insert an image served from http://mail.google.com and force your browser to send the cookie file, thus getting your session ID. Once this happens the attacker can log in to the account without the need of a password. People checking their e-mail from public wireless hotspots are obviously more likely to get attacked than the ones using secure wired networks. Todd Mumford, from the SEO company called SEO Visions Inc, states “This can be a serious problem for Internet Marketers who travel often and use their wireless laptops and Gmal services often and do not always have access to a secure connection”
Perry mentioned that he notified Google about this situation over a year ago and even though eventually it made this option available, he is not happy with the lack of information. “Google did not explain why using this new feature was so important” he said. He continued and explained the implications of not informing the users, “This gives people who routinely log in to Gmail beginning with an https:// session a false sense of security, because they think they’re secure but they’re really not.”
If you are logging in to your Gmail account from different locations and you would like to benefit from this option only when you are using unsecured networks, you can force it by manually typing https://mail.google.com before you log in. This will access the SSL version of Gmail and it will be persistent over your entire session and not only during authentication.
Internet definitely has several unheard places also known as underground websites, few of these website offer users 100s and 1000s of softwares, games, movies and lot of Hacking Stuff for downloads. Though these sites are pretty tough to find, I was able to unearth more than 50+ FTP sites that allow users to download softwares, games, movies and lot of Hacking tools for free.
Here is a list of 50+ FTP sites that will allow you download content for free. Don’t forget to share and bookmark this page so that everyone can take advantage of it.
In this post we will show how to create a simple virus that disables/blocks the USB ports on the computer (PC). C programming language used create this virus. Anyone with a basic knowledge of C language should be able to understand the working of this virus program.
!”
Play his Ringtone even if phone is on silent
