Friday, June 21, 2013

Adobe Flash Professional CC 13.0.0 MacOsX

Adobe Flash Professional CC 13.0.0 MacOsX | 0.98 GB
Languages: Deutsch, English, Espanol, Francais, Italiano, Nederlands, Polish, Portugues (Brasil), Svenska, Turkish, Czech, Russian, Japanese.
Work faster than ever before with a 64-bit architecture, a new streamlined user interface, and more connected tools. Create HTML content and export high-definition video and audio. Flash® Professional CC lets you share work directly from within the application and get access to new features the moment they're released. Your entire creative world, together in one place. Only in Creative Cloud***1074;***8222;***1118;.

Mac OS
Multicore Intel processor
Mac OS X v10.7 (64 bit) or v10.8 (64 bit)
4GB of RAM
2.5GB of available hard-disk space for installation; additional free space required during installation (cannot install on a volume that uses a case-sensitive file system or on removable flash storage devices)
1024x768 display (1280x800 recommended)
QuickTime 10.x software recommended
Internet connection and registration are necessary for required software activation, membership validation, and access to online services.Download Adobe Flash Professional

AFP_13.part1.rar download - file hosting
AFP_13.part2.rar download - file hosting
AFP_13.part3.rar download - file hosting


Download AFP part1 rar
Download AFP part2 rar
Download AFP part3 rar


AFP_13.part1.rar (402,00 MB) -
AFP_13.part2.rar (402,00 MB) -
AFP_13.part3.rar (205,49 MB) -


AFP_13.part1…rar (402,00 MB) -
AFP_13.part2…rar (402,00 MB) -
AFP_13.part3…rar (205,49 MB) -

IZip Zip Unzip Tools for Archive Files v2.6 MacOSX Retail-CORE

IZip Zip Unzip Tools for Archive Files v2.6 MacOSX Retail-CORE
Get iZip for your mac. Uncompress zip, rar, stuffIt, 7-zip, cab and tar archives files.
Just install.Download Izip Tools

Timecop v2.0.3 (Mac OSX)

Timecop v2.0.3 (Mac OSX) - Size : 5 MB
Timecop is a simple, yet robust, time tracking utility in your status bar

* Customizable hotkeys to quickly switch between projects
* View what you worked on by day, week, month or a custom time period
* Go back and edit time recorded
* Organize your projects as tasks and group them later
* Recognizes idle time and allows applying that time to any defined project/task
* Export your time as a .CSV
Getting Started:
* In the Projects view, clicking the new project (+) icon will create a new project and put you in edit mode. Here you can change the name and assign a hotkey for quick toggling.
* Start tracking time by either clicking the play buttons in the Project view or invoking the project assigned hotkey. The play/pause button in the status bar will also toggle the active project.
* The Stats view will allow you to see where time is spent based on a daily, weekly, monthly or custom time period.
* Projects can be grouped in the Stats view by dragging them onto each other.
* If you need to edit the time for a given day, double click on the project in the Stats view. This will give you a listing for each day based on the time period selected. Double clicking again on the timer field will bring up the timer editor.
* To ensure you don't overrun project timers, be sure to set an Idle Timeout in the Settings view. This will cause an alert to popup when a timer is running and the computer is idle for the amount of time specified.
Requirements: Mac OS X 10.6 or later
What's New in Version 2.0.3
* Stability fixes.Download Timecop V2.0.3


[Intercepter-NG] offers the following features:

+Sniffing passwords\hashes of the types:
+ Sniffing chat messages of: ICQ\AIM\JABBER\YAHOO\MSN\IRC\MRA
+ Reconstructing files from:  HTTP\FTP\IMAP\POP3\SMTP\SMB
+ Promiscuous-mode\ARP\DHCP\Gateway\Port\Smart Scanning\
+ Capturing packets and post-capture (offline) analyzing\RAW Mode
+ Remote traffic capturing via RPCAP daemon\PCAP Over IP
Works on Windows NT(2K\XP\2k3\Vista\7\8).


Quick overview of new Intercepter-NG
Exploiting WPAD + Part 2
SMBRelay in modern Windows Networks
Quick overview of new Intercepter-NG Part2
Injecting files to HTTP traffic
Quick overview of new Intercepter-NG Part3
Quick overview of new Intercepter-NG Part4
SSH MiTM with Intercepter-NG
SMB Hijacking with Intercepter-NG

Saturday, June 15, 2013

Hijacking An Aircraft With An Android App

Well vulnerabilities that never going to end, or should we say vulnerabilities and new inventions walk side by side.Recently a terrifying prospect, a hack that allows an attacker to take control of plane navigation and cockpit systems has been revealed at a security conference in Europe. An Android application called PlaneSploit that would allow remotely attack and hijack commercial aircraft. This app is developed by Hugo Teso, a researcher at security consultancy N.Runs in Germany who's also a commercial airline pilot.

He further added,"He explained that by building an exploit framework called Simon and a complimentary Android app that delivers attack messages, he could manipulate a plane's path as he saw fit."
With these vulnerabilities in mind, he used virtual planes in a lab to demonstrate his ability to hijack a plane rather than attempting to take over a real flight as that was “too dangerous and unethical.” He used ACARS to gain access to the plane’s onboard computer system and uploaded Flight Management System data.

"I expected them to have security issues but I did not expect them to be so easy to spot. I thought I would have to fight hard to get into them but it was not that difficult," Teso said.

Thursday, June 13, 2013

How To Upload A Shell In Web Applications

Most of the people will exploit servers with file upload vulnerability , as it is very simple to find out this exploit by an simple dork

    inurl:upload.php or  inurl:upload.html

Now you have upload a shell file in the upload option. Normally upload option of an web Apps never accepts php files, as most of the shells are php.
In order to upload php shell in web apps follow these steps

Rename the shell abc.php to abc.php.txt and upload that shell and run the /path/xyz.php.txt
Rename the shell as which will bypass a simple filter on .php and Apache will still use .php as extension; since this configuration it doesn't have handler for .xyz
Rename the shell as .php3 and upload it to server(web apps).

Softeware ARP Spoofing

ARP(Address Resolution Protocol) Spoofing is a method where attacker sends fake(ARP) messages in wired or wireless LAN(Local Area Network).

ARP spoofing allows an attacker to do different kinds of attacks like session hijacking,DNS Spoofing, DOS(denial of service attacks),MITM(Man In The Middle) attacks.

List of tools used for ARP Spoofing.

1. Cain For Windows. Here is the tutorial to for ARP poisioning In Cain
2. Ettercap (Linux and Windows).Download ARP Spoofing Windows

How to change mac address in BackTrack 5 (R3, fake mac)

How To Change Mac Address In BackTrack 5 R3

1.Open Terminal.
2.In terminal, type ifconfig eth0 down.

3.The above command is used for disabling the eth0 interface.
4.Now change the mac address by using a simple command in backtrack.

macchanger --mac 00:55:44:33:22:11 eth0.

5.You change your mac address to any number by using the following command.
6.Now configure the eth0 by a command
ifcofig eth0 up

Tutorial Wifi Cracker

This tutorial is for people that like to crack WEP the easy way although its not all that easy in my previous post we looked at How to Crack WiFi Network easily using Aircrack-NG for Linux OS today in this tutorial we will be cracking a WiFi network using FERN WiFi CRACKER which is a GUI (Graphical User Interface) for Aircrack-NG.Before we go into this tutorial you need to first of all  Click here to Download Fern WiFi Cracker After the Download is complete  Open FERN WiFi CRACKER using the following commmand - See more at:

Wednesday, June 12, 2013

How to Hack Facebook Accounts with Backtrack 5

Step 1 : Open set Tool in Backtrack 5 : To open it follow the step shown above .
 Step 2 : Time to set the Website Attack Vectors : Below Menu   enter your choice : 2.Website Attack Vectors and press Enter.
Step 3 : Select your Attacking Method ,Here i choose 3.Credential Harvester Attack Method.
 Step 4 : Select Attack Vectors :write  2.Site Cloner and press enter as shown in the image .
Step 5: Enter the Url: To make a clone to facebook login page I entered and press enter .As I press enter it will automatically generate a clone page .
Step 6 : To continue the process you have to put * sign and press enter.
Step 7 : Process will continue as shown in the image above .
Step 8: Open terminal and enter ifconfig command .It will shown your ip address .Now copy the ip address
Step9 : Open Web Browser and  Paste the system ipaddress into Address bar and it will redirect to the facebook login page.Now Enter your anything to check it will work or not .


Email : h4x00r
And Press Enter . Let see what happen on the Next step .
Step 10 : In step 7 the process start you remember now when you follow step 8 and step 9,then it will come up with  all the details of Username and Password.This is how we set a trap and hack victim facebook and password only on Backtrack 5

Monday, June 10, 2013

Bypass Phone and SMS verification of Any Website

Now a days,almost most websites need sms verification which includes google, facebook,youtube and other survey websites.
First of all we should understand why SMS and Phone Verification System is Important?

* Keep More Visitors for Market
* Providing Extra Security for their Website
* Keep Spammers out
* Daily Advertisement and promotional ads daily

Rather we can able to create and Bypass gmail (facebook, youtube, other shopping sites) without SMS verification.Because gmail allow to create only few account. When you try to create more account with same mobile number, google restricted and you can't create more account.So we can create counterless gmail accounts using following steps.This method is very useful to Bypass SMS verification and useful when you need to Sign up any account and do not feel comfortable to giving your real number or if you want to create multiple account.

Lets Start Step by Step:

1) First go to this Website : Receive-Sms Online
2) Copy any one number and paste it where they are asking SMS Verification.

3) Simply come back and click the number which you have selected, check it out there is your code sent by google, youtube or whatever else.

Dockshelf 1.1.2 MacOSX

Did you ever wish your Dock could do more or handle more of your apps and files? DockShelf lets you place unlimited docks around your desktop so you never run out of space again for your commonly used files, folders and applications!We've all seen it and you've probably experienced it yourself - a Dock exploding with files and apps which has been shrunk so small you can barely see what anything is anymore.DockShelf helps you manage the clutter of the Dock by offering another form of "dock shelf" which you can place around any edge of your screen without any restrictions and has more options for customization.With DockShelf launching your favorite documents and apps is faster and more powerful because you control where your docks are positioned, how many are on screen, how they're labeled and when they're visible.

DockShelf extends the concept of the Dock with new features and abilities you've been waiting for since OS X was released.Tabs.When docks are collapsed they can be displayed as labeled tabs so you can recognize them easily as they are positioned around your screen.Workspaces.Group your docks into workspaces which can be toggled via a hot key or auto-toggled depending on which application is currently active.Auto Hiding.Docks can be set to expand only when the mouse is hovered over them and optionally show only a thin margin when collapsed to save screen real estate.Launching.Apps can be launched,quit,hidden and opened at login from DockShelf.Previews. You can get QuickLook previews on documents by hovering the mouse over an item for a moment.Never In The Way.When apps go into full screen mode DockShelf will automatically hide and to offer more control you can choose which apps DockShelf will not be displayed in from the preferences.Download file DSHF112.dmg

WireShark – Ultimate network Sniffer

Wireshark is the world's foremost network protocol analyzer, and is the de facto (and often de jure) standard across many wireshark logoindustries and educational institutions.It is used for network troubleshooting,analysis,software and communications,protocol development, and education.You can interactively browse the capture data and view summary and detail information for each packet.Wireshark has several powerful features,including a rich display filter language and the ability to view the reconstructed stream of a TCP session.Wireshark was written by networking experts around the world,and is an example of the power of open source.It runs on Windows,Linux,UNIX,and other platforms.

Wireshark can read live data from Ethernet, Token-Ring, FDDI, serial (PPP and SLIP) (if the OS on which it's running allows Wireshark to do so),802.11 wireless LAN (if the OS on which it's running allows Wireshark to do so) and ATM connections (if the OS on which it's running allows Wireshark to do so).
Wireshark was previously known as Ethereal. The name might be new, but the software is the same. Wireshark's powerful features make it the tool of choice for network troubleshooting, protocol development,and education worldwide.Download Wireshark

7 Must Have Tools For Every Hacker

Its been a while since I have posted about some hacking tools and with increasing number of emails asking me to do an  7 Must Have Tools For Every Hackerarticle on it, I finally decided to cover it up.Hacking tools are developed by some really good coders out there to ease out many complex tasks which have to be done manually and took painstakingly great deal of time and effort.All these tools provided here are free of cost,are tried hands on and are being actively developed by community,and if not,their alternatives are provided.To summarize it up, these are the 7 must have tools for every hacker out there.

1. Nmap
I think everyone has heard of this one, Nmap (Network Mapper) is a free open source utility for network exploration or security auditing. It was designed to Nmap rapidly scan large networks, although it works fine against single hosts.Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use,and dozens of other characteristics. It may be used to discover computers and services on a computer network, thus creating a "map" of the network.Nmap runs on most types of computers and both console and graphical versions are available. Nmap is free and open source.Can be used by beginners (-sT) or by pros alike (packet_trace). A very versatile tool, once you fully understand the results.Download Nmap

2.Nessus Remote Security Scanner
Recently went closed source, but is still essentially free. Works with a client-server framework.Nessus is the worlds Nessus Remote Security Scanner most popular vulnerability scanner used in over 75,000 organizations world-wide. Many of the worlds largest organizations are realizing significant cost savings by using Nessus to audit business-critical enterprise devices and applications.Download Nessus

Wireshark is a GTK+-based  Wiresharknetwork protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Wireshark features that are missing from closed-source sniffers. Works great on both Linux and Windows (with a GUI), easy to use and can reconstruct TCP/IP Streams!.Download Wireshark 

4.Cain and Abel
The swiss knife of hacking tools..Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols.The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort.
Download Cain and Abel

Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with  Kismetany wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic. A good wireless tool as long as your card supports rfmon.Download Kismet 

Yes a decent wireless tool for Windows! Sadly not as powerful as it’s Linux counterparts, but it’s easy to use and has a NetStumbler nice interface, good for the basics of war-driving. NetStumbler is a tool for Windows that allows you to detect Wireless Local Area Networks (WLANs) using 802.11b, 802.11a and 802.11g. It has many uses:

Verify that your network is set up the way you intended.
Find locations with poor coverage in your WLAN.
Detect other networks that may be causing interference on your network.Detect unauthorized rogue access points in your workplace.
Help aim directional antennas for long-haul WLAN links.Use it recreationally for WarDriving.Download NetStumbler

Powerful TCP port scanner, pinger, resolver. SuperScan 4 is an update of the highly popular Windows port scanning tool, SuperScan. If you need an alternative for nmap on Windows with a decent interface, I suggest you check this out, it’s pretty nice.Download Superscan

Alternatively, you can try Angry IP Scanner which is a pretty good replacement for it.

Richardson Software RazorSQL 6.1.0 (x86/x64) MacOSX

Sunday, June 9, 2013

How to Crack WEP Key With Backtrack 5 [wifi hacking]

As announced before we would be writing related to wifi attacks and security,This post is the second part of our series on wifi attacks and Security,In the first part we discussed about various terminologies related to wifi attacks and security and discussed couple of attacks.This post will also show you how one can easily crack WEP keys in no time.

Security Issues With WEP

WEP (Wired Equivalent Privacy) was proved full of flaws back in 2001,WEP protocol itself has some weakness which allows the attackers to crack them in no time.The biggest flaw probably in a WEP key is that it supports only 40bit encryption which means that there are 16million possibilities only.

For more information on WEP flaws, kindly read the WEP flaws section here.

Requirements :-
Here is what you would require to crack a WEP key:

1. Backtrack or any other Linux distro with aircrack-ng installed

2. A Wifi adapter capable of injecting packets , For this tutorial I will use Alfa AWUS036H which is a very popular card and it performs well with Backtrack

You can find compatible wifi card lists here.

Procedure :-
First Login to your Backtrack / Linux distro and plug in your Wifi adpter , Open a new konsole and type in the following commands

ifconfig wlan0 up
where wlan0 is the name of the wireless card ,it can be different .To see all wireless cards connected to your system simply type in " iwconfig ".

Putting your WiFi Adapter on Monitor Mode

To begin, you’ll need to first put your wireless adapter into monitor mode , Monitor mode is the mode whereby your card can listen to every packet in the air , You can put your card into monitor mode by typing in the following commands

airmon-ng start (your interface)

Example :- airmon-ng start wlan0

 Now a new interface mon0 will be created , You can see the new interface is in monitor mode by entering "iwconfig mon0" as shown

Finding a suitable Target

After putting your card into monitor mode ,we need to find a network that is protected by WEP. You can discover the surrounding networks by entering the following command

airodump-ng mon0

Bssid shows the mac address of the AP, CH shows the channel in which AP is broadcasted and Essid shows the name broadcasted by the AP, Cipher shows the encryption type.

Now look out for a wep protected network In my case i’ll take “linksys “ as my target for rest of the tutorial

Now look out for a wep protected network In my case i’ll take “linksys “ as my target for rest of the tutorial
Attacking The Target
Now to crack the WEP key you'll have to capture the targets data into a file, To do this we use airodump tool again, but with some additional switches to target a specific AP and channel. Most importantly, you should restrict monitoring to a single channel to speed up data collection, otherwise the wireless card has to alternate between all channels .You can restrict the capture by giving in the following commands

airodump-ng mon0 --bssid -c (channel ) -w (file name to save )

As my target is broadcasted in channel 6 and has a bssid "98:fc:11:c9:14:22" ,I give in the following commands and save the captured data as "RHAWEP"

airodump-ng mon0 --bssid 98:fc:11:c9:14:22 -c 6 -w RHAWEP

Using Aireplay to Speed up the cracking
 Now you’ll have to capture at least 20,000 data packets to crack WEP .This can be done in two ways, The first one would be a (passive attack ) wait for a client to connect to the AP and then start capturing the data packets but this method is very slow, it can take days or even weeks to capture that many data packets

The second method would be an (active attack )this method is fast and only takes minutes to generate and inject that many packets .

In an active attack you'll have do a Fake authentication (connect) with the AP ,then you'll have to generate and inject packets. This can be done very easily by entering the following commands

aireplay-ng - 1 3 -a (bssid of the target ) (interface)

In my case i enter the following commands

aireplay-ng -1 3 -a 98:fc:11:c9:14:22 mon0

After doing a fake authentication ,now its time to generate and inject Arp packets . To this you'll have to open a new Konsole simultaneously and type in the following commands

aireplay-ng 3 -b (bssid of target) -h ( Mac address of mon0) (interface)

In my case i enter
aireplay-ng 3 -b 98:fc:11:c9:14:22 -h 00:c0:ca:50:f8:32 mon0

If this step was successful you'll see Lot of data packets in the airodump capture as shown

Wait till it reaches 20000 packets , best would be to wait till it reaches around 80,000 to 90,000 packets .Its simple more the packets less the time to crack .Once you’ve captured enough number of packets, close all the process's by clicking the into mark which is there on the terminal

Cracking WEP key using Aircrack

Now its time crack the WEP key from the captured data, Enter the following commands in a new konsole to crack the WEP key

aircrack-ng (name of the file )

In my case i enter
aircrack-ng RHAWEP-0.1-cap

With in a few minutes Aircrak will crack the WEP key as shown

Once the crack is successful you will be left with the KEY! Remove the colons from the output and you’ll have your WEP Key.Hope You Enjoyed this tutorial ,For further Doubts and clarifications please pass your comments.

Hack Websites Using Havij [SQL Injection Tutorial]

According to a survey the most common technique of hacking a website is SQL Injection.SQL Injection is a technique in which hacker insert SQL codes into web Forum to get Sensitive Information like (User Name,Passwords) to access the site and Deface it.The traditional SQL injection method is quite difficult,but now a days there are many tools available online through which any script kiddie can use SQL Injection to deface a webite, because of these tools websites have became more vulnerable to these types of attacks.

One of the popular tools is Havij, Havij is an advanced SQL injection tool which makes SQL Injection very easy for you, Along with SQL injection it has a built in admin page finder which makes it very effective.

Warning - This article is only for education purposes, By reading this article you agree that Hacky Shacky is not responsible in any way for any kind of damage caused by the information provided in this article.Step1: Find SQL injection Vulnerability in tour site and insert the string (like of it in Havij as show below.

Step3: Now click on the Analyse button as shown below.

Now if the your Server is Vulnerable the information about the target will appear and the columns will appear like shown in picture below:

Step4: Now click on the Tables button and then click Get Tables button from below column as shown below:

Step5: Now select the Tables with sensitive information and click Get Columns button.After that select the Username and Password Column to get the Username and Password and click on the Get Table button.


Here are some of the countermeasures you can take to reduce the risk of SQL Injection

Renaming the admin page will make it difficult for a hacker to locate it.Use a Intrusion detection system and compose the signatures for popular SQL injection strings
One of the best method to protect your website against SQL Injection attacks is to disallow special characters in the admin form, though this will make your passwords more vulnerable to bruteforce attacks but you can implement a capcha to prevent these types of attack.

Monday, June 3, 2013

ProPresenter 5.1.8 MacOsX

ProPresenter is a presentation system that utilizes two screens, empowering users to quickly and easily present slides on one screen, while controlling the presentation with another screen. For example, churches that display song lyrics on a big screen while a song is being performed live on stage can dynamically change the slide order for a worship song. Depending on the reaction of the audience, the band leader may choose to sing another verse, end the song early, or repeat the chorus several times. Typically these lyrics are presented through linear slide shows, but the limited flexibility of these programs make them very unpopular because of their inability to function dynamically. Our program allows an operator to click on a slide in our "Control Panel", at which point the projector screen immediately transitions to the new slide. What's more, the program supports QuickTime, and can synch slides with an audio track for canned music presentations. ProPresenter also allows you to change your backgrounds dynamically and, of course, you can integrate ProPresenter with your video production system to key the words over live or recorded video.

System Requirements?
ProPresenter 5 continues to build on improvements made in each OS and requires more horsepower to accomplish all that it is capable of doing. Therefore, the system requirements may be a little higher than your existing equipment and are outlined below for both platforms. While the software may work on systems that do not meet these requirements, those systems will not be supported. As always, you will be able to download the software at no charge to test performance on any computer before making a purchase.

ProPresenter version 5.1 (minimum Mac specifications)
Processor: 2.4 GHz Intel Core 2 Duo processor or better
OS: MacOS X 10.6.8 (Snow Leopard) or later
RAM: 2 GB RAM (4 GB recommended)
Graphics Card: Dual display with screen spanning capability (a dedicated graphics card with 512MB VRAM is recommended)
Stage Display: Additional output required for stage display function (third video out - PCI or USB). Only current iMacs and Retina MacBooks have 3rd video output built-in to support this out of the box.

Saturday, June 1, 2013

How To Change Mac Address In BackTrack 5

Many of them asked me thar how to change mac address in backtrack.

It is very easy to change mac address in backtrack as we can change mac address to any in a minute by using simple commands.

Let's start.
1. Open Terminal.
2. In terminal, type ifconfig eth0 down.

3. The above command is used for disabling the eth0 interface.
4. Now change the mac address by using a simple command in backtrack.

macchanger --mac 00:11:22:33:44:55 eth0.

5. You change your mac address to any number by using the following command.
6. Now configure the eth0 by a command
ifcofig eth0 up

7.Thats is you have changed mac address.


Subscribe in Bloglines Msn bot last visit powered by MyPagerank.Net Yahoo bot last visit powered by MyPagerank.Net
I heart FeedBurner downtime checker The Ubuntu Counter Project - user number # 31290

Twitter Delicious Facebook Digg Stumbleupon Favorites More

Powered by TadPole