How Antivirus Software Works

Due to ever increasing threat from virus and other malicious programs, almost every computer today comes with a pre-installed antivirus software on it. In fact, an antivirus has become one of the most essential software package for every computer. Even though every one of us have an antivirus software installed on our computers, only a few really bother to understand how it actually works! Well if you are one among those few who would really bother to understand how an antivirus works, then this article is for you.

 

How Antivirus Works

 

An antivirus software typically uses a variety of strategies in detecting and removing viruses, worms and other malware programs. The following are the two most widely employed identification methods:

 

1. Signature-based dectection (Dictionary approach)

 

This is the most commonly employed method which involves searching for known patterns of virus within a given file. Every antivirus software will have a dictionary of sample malware codes called signatures in it’s database. Whenever a file is examined, the antivirus refers to the dictionary of sample codes present within it’s database and compares the same with the current file. If the piece of code within the file matches with the one in it’s dictionary then it is flagged and proper action is taken immediately so as to stop the virus from further replicating. The antivirus may choose to repair the file, quarantine or delete it permanently based on it’s potential risk. 

As new viruses and malwares are created and released every day, this method of detection cannot defend against new malwares unless their samples are collected and signatures are released by the antivirus software company. Some companies may also encourage the users to upload new viruses or variants, so that the virus can be analyzed and the signature can be added to the dictionary.

Signature based detection can be very effective, but requires frequent updates of the virus signature dictionary. Hence the users must update their antivirus software on a regular basis so as to defend against new threats that are released daily.

 

2. Heuristic-based detection (Suspicious behaviour approach)

 

Heuristic-based detection involves identifying suspicious behaviour from any given program which might indicate a potential risk. This approach is used by some of the sophisticated antivirus softwares to identify new malware and variants of known malware. Unlike the signature based approach, here the antivirus doesn’t attempt to identify known viruses, but instead monitors the behavior of all programs.

For example, malicious behaviours like a program trying to write data to an executable program is flagged and the user is alerted about this action. This method of detection gives an additional level of security from unidentified threats.

File emulation: This is another type of heuristic-based approach where a given program is executed in a virtual environment and the actions performed by it are logged. Based on the actions logged, the antivirus software can determine if the program is malicious or not and carry out necessary actions in order to clean the infection.

Most commercial antivirus softwares use a combination of both signature-based and heuristic-based approaches to combat malware.

 

Issues of concern

 

Zero-day threats: A zero-day (zero-hour ) threat or attack is where a malware tries to exploit computer application vulnerabilities that are yet unidentified by the antivirus software companies. These attacks are used to cause damage to the computer even before they are identified. Since patches are not yet released for these kind of new threats, they can easily manage to bypass the antivirus software and carry out malicious actions. However most of the threats are identified after a day or two of it’s release, but damage caused by them before identification is quite inevitable.

Daily Updates: Since new viruses and threats are released everyday, it is most essential to update the antivirus software so as to keep the virus definitions up-to-date. Most softwares will have an auto-update feature so that the virus definitions are updated whenever the computer is connected to the Internet.

Effectiveness: Even though an antivirus software can catch almost every malware, it is still not 100% foolproof against all kinds of threats. As explained earlier, a zero-day threat can easily bypass the protective shield of the antivirus software. Also virus authors have tried to stay a step ahead by writing “oligomorphic“, “polymorphic” and, more recently, “metamorphic” virus codes, which will encrypt parts of themselves or otherwise modify themselves as a method of disguise, so as to not match virus signatures in the dictionary.

Thus user education is as important as antivirus software; users must be trained to practice safe surfing habits such as downloading files only from trusted websites and not blindly executing a program that is unknown or obtained from an untrusted source. I hope this article will help you understand the working of an antivirus software.

Read More

How to get security from hacking a Website Free in a second

I want to show you just one way that hackers can get in to your website and mess it up, using a technique called SQL Injection. And then I'll show you how to fix it. This article touches on some technical topics, but I'll try to keep things as simple as possible. There are a few very short code examples written in PHP and SQL. These are for the techies, but you don't have to fully understand the examples to be able to follow what is going on. Please also note that the examples used are extremely simple, and Real Hackers™ will use many variations on the examples listed.

If your website doesn't use a database, you can relax a bit; this article doesn't apply to your site — although you might find it interesting anyway. If your site does use a database, and has an administrator login who has rights to update the site, or indeed any forms which can be used to submit content to the site — even a comment form — read on.

Warning

This article will show you how you can hack in to vulnerable websites, and to check your own website for one specific vulnerability. It's OK to play around with this on your own site (but be careful!) but do not be tempted to try it out on a site you do not own. If the site is properly managed, an attempt to log in using this or similar methods will be detected and you might find yourself facing charges under the Computer Misuse Act. Penalties under this act are severe, including heavy fines or even imprisonment.

What is SQL Injection?

SQL stands for Structured Query Language, and it is the language used by most website databases. SQL Injection is a technique used by hackers to add their own SQL to your site's SQL to gain access to confidential information or to change or delete the data that keeps your website running. I'm going to talk about just one form of SQL Injection attack that allows a hacker to log in as an administrator - even if he doesn't know the password.

Is your site vulnerable?

If your website has a login form for an administrator to log in, go to your site now, in the username field type the administrator user name.

In the password field, type or paste this:

x' or 'a' = 'a

If the website didn't let you log in using this string you can relax a bit; this article probably doesn't apply to you. However you might like to try this alternative:

x' or 1=1--

Or you could try pasting either or both of the above strings into both the login and password field. Or if you are familiar with SQL you could try a few other variations. A hacker who really wants to get access to your site will try many variations before he gives up.

If you were able to log in using any of these methods then get your web tech to read this article, and to read up all the other methods of SQL Injection. The hackers and "skript kiddies" know all this stuff; your web techs need to know it too.

The technical stuff

If you were able to log in, then the code which generates the SQL for the login looks something like this:

$sql =
"SELECT * FROM users
"WHERE username = '" . $username .
"' AND password = '" . $password . "'";

When you log in normally, let's say using userid admin and password secret, what happens is the admin is put in place of

$username

and secret is put in place of

$password

. The SQL that is generated then looks like this:

SELECT * FROM users WHERE username = 'admin' and PASSWORD = 'secret'

But when you enter

x' or 'a' = 'a

as the password, the SQL which is generated looks like this:

SELECT * FROM users WHERE username = 'admin' and PASSWORD = 'x' or 'a' = 'a'

Notice that the string:

x' or 'a' = 'a

has injected an extra phrase into the WHERE clause:

or 'a' = 'a'

. This means that the WHERE is always true, and so this query will return a row contain the user's details.

If there is only a single user defined in the database, then that user's details will always be returned and the system will allow you to log in. If you have multiple users, then one of those users will be returned at random. If you are lucky, it will be a user without administration rights (although it might be a user who has paid to access the site). Do you feel lucky?

How to defend against this type of attack

Fixing this security hole isn't difficult. There are several ways to do it. If you are using MySQL, for example, the simplest method is to escape the username and password, using the mysql_escape_string() or mysql_real_escape_string() functions, e.g.:

$userid = mysql_real_escape_string($userid);
$password = mysql_real_escape_string($password);
$sql =
"SELECT * FROM users
"WHERE username = '" . $username .
"' AND password = '" . $password . "'";

Now when the SQL is built, it will come out as:

SELECT * FROM users WHERE username = 'admin' and PASSWORD = 'x\' or \'a\' = \'a'

Those backslashes ( \ ) make the database treat the quote as a normal character rather than as a delimiter, so the database no longer interprets the SQL as having an OR in the WHERE clause.

This is just a simplistic example. In practice you will do a bit more than this as there are many variations on this attack. For example, you might structure the SQL differently, fetch the user using the user name only and then check manually that the password matches or make sure you always use bind variables (the best defence against SQL injection and strongly recommended!). And you should always escape all incoming data using the appropriate functions from whatever language your website is written in - not just data that is being used for login.

There's more

This has just been a brief overview. There are many more hacking techniques than SQL Injection; there are many more things that can be done just using SQL Injection. It is possible to directly change data, get access to confidential information, even delete your whole database — irrespective of whether the hacker can actually log in — if your website isn't set up correctly.

If you are hungry for more, this detailed article from SecuriTeam explains other techiques hackers might use, as well as some of the methods hackers use to work out the structure of your database, the userid of the admin user, gain access to your system's configuration, etc.

Read More

HowToHackAccounts is now social !! :)

HowToHackAccounts is now social !! :)

We would like to thank our visitors and invite them to join are new social outlets !!
Join us on Facebook:
http://www.facebook.com/HackersClub4U
Or Twitter:
http://twitter.com/hackerclub4u

Read More

How to Crack a Wi-Fi Network’s WEP Password with BackTrack

You already know that if you want to lock down your Wi-Fi network, you should opt for WPA encryption because WEP is easy to crack. But did you know how easy? Take a look.

Originally published last year, we wanted to revisit Gina's awesome guide to cracking Wi-Fi WEP passwords for Evil Week. Alternatively, if you're not in a reading mood, check out the video version.

Today we're going to run down, step-by-step, how to crack a Wi-Fi network with WEP security turned on. But first, a word: Knowledge is power, but power doesn't mean you should be a jerk, or do anything illegal. Knowing how to pick a lock doesn't make you a thief. Consider this post educational, or a proof-of-concept intellectual exercise.
Dozens of tutorials on how to crack WEP are already all over the internet using this method. Seriously—Google it. This ain't what you'd call "news." But what is surprising is that someone like me, with minimal networking experience, can get this done with free software and a cheap Wi-Fi adapter. Here's how it goes.

What You'll Need

Unless you're a computer security and networking ninja, chances are you don't have all the tools on hand to get this job done. Here's what you'll need:

• A compatible wireless adapter—This is the biggest requirement. You'll need a wireless adapter that's capable of packet injection, and chances are the one in your computer is not. After consulting with my friendly neighborhood security expert, I purchased an Alfa AWUS050NH USB adapter, pictured here, and it set me back about $50 on Amazon. Update: Don't do what I did. Get the Alfa AWUS036H, not the US050NH, instead. The guy in this video below is using a $12 model he bought on Ebay (and is even selling his router of choice). There are plenty of resources on getting aircrack-compatible adapters out there.
• A BackTrack 3 Live CD. We already took you on a full screenshot tour of how to install and use BackTrack 3, the Linux Live CD that lets you do all sorts of security testing and tasks. Download yourself a copy of the CD and burn it, or load it up in VMware to get started. (I tried the BackTrack 4 pre-release, and it didn't work as well as BT3. Do yourself a favor and stick with BackTrack 3 for now.)
• A nearby WEP-enabled Wi-Fi network. The signal should be strong and ideally people are using it, connecting and disconnecting their devices from it. The more use it gets while you collect the data you need to run your crack, the better your chances of success.
• Patience with the command line. This is an ten-step process that requires typing in long, arcane commands and waiting around for your Wi-Fi card to collect data in order to crack the password. Like the doctor said to the short person, be a little patient.

Crack That WEP

To crack WEP, you'll need to launch Konsole, BackTrack's built-in command line. It's right there on the taskbar in the lower left corner, second button to the right. Now, the commands.
First run the following to get a list of your network interfaces:

airmon-ng

The only one I've got there is labeled ra0. Yours may be different; take note of the label and write it down. From here on in, substitute it in everywhere a command includes (interface).
Now, run the following four commands. See the output that I got for them in the screenshot below.


airmon-ng stop (interface)
ifconfig (interface) down
macchanger --mac 00:11:22:33:44:55 (interface)
airmon-ng start (interface)

If you don't get the same results from these commands as pictured here, most likely your network adapter won't work with this particular crack. If you do, you've successfully "faked" a new MAC address on your network interface, 00:11:22:33:44:55.
Now it's time to pick your network. Run:

airodump-ng (interface)

To see a list of wireless networks around you. When you see the one you want, hit Ctrl+C to stop the list. Highlight the row pertaining to the network of interest, and take note of two things: its BSSID and its channel (in the column labeled CH), as pictured below. Obviously the network you want to crack should have WEP encryption (in the ENC) column, not WPA or anything else.
Like I said, hit Ctrl+C to stop this listing. (I had to do this once or twice to find the network I was looking for.) Once you've got it, highlight the BSSID and copy it to your clipboard for reuse in the upcoming commands.
Now we're going to watch what's going on with that network you chose and capture that information to a file. Run:

airodump-ng -c (channel) -w (file name) --bssid (bssid) (interface)

Where (channel) is your network's channel, and (bssid) is the BSSID you just copied to clipboard. You can use the Shift+Insert key combination to paste it into the command. Enter anything descriptive for (file name). I chose "yoyo," which is the network's name I'm cracking.


You'll get output like what's in the window in the background pictured below. Leave that one be. Open a new Konsole window in the foreground, and enter this command:

aireplay-ng -1 0 -a (bssid) -h 00:11:22:33:44:55 -e (essid) (interface)

Here the ESSID is the access point's SSID name, which in my case is yoyo. What you want to get after this command is the reassuring "Association successful" message with that smiley face.

You're almost there. Now it's time for:

aireplay-ng -3 -b (bssid) -h 00:11:22:33:44:55 (interface)

Here we're creating router traffic to capture more throughput faster to speed up our crack. After a few minutes, that front window will start going crazy with read/write packets. (Also, I was unable to surf the web with the yoyo network on a separate computer while this was going on.) Here's the part where you might have to grab yourself a cup of coffee or take a walk. Basically you want to wait until enough data has been collected to run your crack. Watch the number in the "#Data" column—you want it to go above 10,000. (Pictured below it's only at 854.)
Depending on the power of your network (mine is inexplicably low at -32 in that screenshot, even though the yoyo AP was in the same room as my adapter), this process could take some time. Wait until that #Data goes over 10k, though—because the crack won't work if it doesn't. In fact, you may need more than 10k, though that seems to be a working threshold for many.


Once you've collected enough data, it's the moment of truth. Launch a third Konsole window and run the following to crack that data you've collected:

aircrack-ng -b (bssid) (file name-01.cap)

Here the filename should be whatever you entered above for (file name). You can browse to your Home directory to see it; it's the one with .cap as the extension.
If you didn't get enough data, aircrack will fail and tell you to try again with more. If it succeeds, it will look like this:

Full size

The WEP key appears next to "KEY FOUND." Drop the colons and enter it to log onto the network.

Problems Along the Way

With this article I set out to prove that cracking WEP is a relatively "easy" process for someone determined and willing to get the hardware and software going. I still think that's true, but unlike the guy in the video below, I had several difficulties along the way. In fact, you'll notice that the last screenshot up there doesn't look like the others—it's because it's not mine. Even though the AP which I was cracking was my own and in the same room as my Alfa, the power reading on the signal was always around -30, and so the data collection was very slow, and BackTrack would consistently crash before it was complete. After about half a dozen attempts (and trying BackTrack on both my Mac and PC, as a live CD and a virtual machine), I still haven't captured enough data for aircrack to decrypt the key.
So while this process is easy in theory, your mileage may vary depending on your hardware, proximity to the AP point, and the way the planets are aligned. Oh yeah, and if you're on deadline—Murphy's Law almost guarantees it won't work if you're on deadline.

Read More

Popular What is SharePoint 2010? Vision and Reality view comments Microsoft's BUILD Conference Windows 8 Blowout #bldwin view comments The Art of SharePoint Success: 10 Reasons Why SharePoint Projects Fail view comments Social Business Doesn't Mean What You Think It Does, Neither Does Enterprise 2.0 view comments Must-Have Apps for the Mobile Worker view comments The Evolution of Collaboration and Online Communities: Measuring what Matters view comments Why Content Management is Not Social Business view comments Social Business Software or Enterprise 2.0 Platform? view comments Send us a tip! How They Hack Your Website: Overview of Common Techniques

We hear the same terms bandied about whenever a popular site gets hacked. You know… SQL Injection, cross site scripting, that kind of thing. But what do these things mean? Is hacking really as inaccessible as many of us imagine — a nefarious, impossibly technical twilight world forever beyond our ken?
Not really.
When you consider that you can go to Google right now and enter a search string which will return you thousands of usernames and passwords to websites, you realize that this dark science is really no mystery at all. You'll react similarly when you see just how simple a concept SQL Injection is, and how it can be automated with simple tools. Read on, to learn the basics of how sites and web content management systems are most often hacked, and what you can do to reduce the risk of it happening to you.

SQL Injection

SQL Injection involves entering SQL code into web forms, eg. login fields, or into the browser address field, to access and manipulate the database behind the site, system or application.
When you enter text in the Username and Password fields of a login screen, the data you input is typically inserted into an SQL command. This command checks the data you've entered against the relevant table in the database. If your input matches table/row data, you're granted access (in the case of a login screen). If not, you're knocked back out.

The Simple SQL Injection Hack
In its simplest form, this is how the SQL Injection works. It's impossible to explain this without reverting to code for just a moment. Don't worry, it will all be over soon.
Suppose we enter the following string in a Username field:

' OR 1=1
The authorization SQL query that is run by the server, the command which must be satisfied to allow access, will be something along the lines of:
SELECT * FROM users WHERE username = ?USRTEXT '
AND password = ?PASSTEXT?
…where USRTEXT and PASSTEXT are what the user enters in the login fields of the web form.
So entering `OR 1=1 — as your username, could result in the following actually being run:
SELECT * FROM users WHERE username = ?' OR 1=1 — 'AND password = '?
Two things you need to know about this:
['] closes the [username] text field.
'' is the SQL convention for Commenting code, and everything after Comment is ignored. So the actual routine now becomes:
SELECT * FROM users WHERE username = '' OR 1=1
1 is always equal to 1, last time I checked. So the authorization routine is now validated, and we are ushered in the front door to wreck havoc.
Let's hope you got the gist of that, and move briskly on.
Brilliant! I'm gonna go hack me a Bank!
Slow down, cowboy. This half-cooked method won't beat the systems they have in place up at Citibank, evidently.

But the process does serve to illustrate just what SQL Injection is all about — injecting code to manipulate a routine via a form, or indeed via the URL. In terms of login bypass via Injection, the hoary old ' OR 1=1 is just one option. If a hacker thinks a site is vulnerable, there are cheat-sheets all over the web for login strings which can gain access to weak systems. Here are a couple more common strings which are used to dupe SQL validation routines:
username field examples:

• admin'—
• ') or ('a'='a
• ”) or (“a”=”a
• hi” or “a”=”a

… and so on.
Backdoor Injection- Modules, Forums, Search etc.
Hacking web forms is by no means limited exclusively to login screens. A humble search form, for instance, is necessarily tied to a database, and can potentially be used to amend database details. Using SQL commands in search forms can potentially do some extremely powerful things, like calling up usernames and passwords, searching the database field set and field names, and amending same. Do people really get hacked through their search forms? You better believe it. And through forums, and anywhere else a user can input text into a field which interacts with the database. If security is low enough, the hacker can probe the database to get names of fields, then use commands like INSERT INTO, UNION, and so forth to get user information, change product prices, change account settings/balances, and just about anything else… depending on the security measures in place, database architecture and so on.
So you can have security locked down at the login, but poor security on other forms can still be exploited. Unfortunately this is a real worry regarding 3rd party modules for Web CMS products which incorporate forms, and for CMS products these 3rd party modules are often the weakest links which allows hackers access to your database.
Automated Injection
There are tools to automate the process of SQL Injection into login and other fields. One hacker process, using a specific tool, will be to seek out a number of weak targets using Google (searching for login.asp, for instance), then insert a range of possible injection strings (like those listed above, culled from innumerable Injection cheat-sheets on the Web), add a list of proxies to cover his movements, and go play XBox while the program automates the whole injection process.
Remote Injection
This involves uploading malicious files to inject SQL and exploit other vulnerabilities. It's a topic which was deemed beyond the scope of this report, but you can view this PDF if you'd like to learn more.
SQL Injection in the Browser Address Bar
Injections can also be performed via the browser address bar. I don't mean to have a pop at Microsoft, but when it comes to such vulnerabilities, HTTP GET requests with URLs of the following form are most often held to be vulnerable:
http://somesite.com/index.asp?id=10
Try adding an SQL command to the end of a URL string like this, just for kicks:
http://somesite.com/index.asp?id=10 AND id=11
See if both articles come up. Don't shoot your webmaster just yet if it's your own site and you get two articles popping up: this is real low-level access to the database. But some such sites will be vulnerable. Try adding some other simple SQL commands to the end of URLs from your own site, to see what happens.

Read More

Skype cracked

VoIPWiki reports that Skype has been cracked. A Chinese company has successfully reverse engineered the Skype protocol. According to the blog post, the company's CEO stated their software will not support Skype’s supernode technology. What this essentially means is that this 3rd party Skype clone will be a "free-loader" on the Skype network - they won't have to be a supernode responsible for helping to carry Skype traffic around the Net.

Further, as VoIPWiki points out, if Skype decides to add advertisements to their client, these can be bypassed with this 3rd party Skype client.

Skype has responded with this statement, “Skype is aware of the claim made by a small group of Chinese engineers that they have reverse engineered Skype software. We have no evidence to suggest that this is true. Even if it was possible to do this, the software code would lack the feature set and reliability of Skype which is enjoyed by over 100m users today. Moreover, no amount of reverse engineering would threaten Skype’s cryptographic security or integrity.”

Great spin by Skype, eh? If this hack is confirmed, then the $3 billion eBay spent on acquiring Skype makes the failed Vonage IPO look like a real winner in comparison.

Maybe if Skype does indeed get reverse engineered and their "secret sauce" is out there for anyone to use, Skype will decide to adopt the industry SIP standard so anyone can communicate with the Skype software. Nah. Not likely anytime soon.

Here's a screenshot of the hacked Skype client:

Read More

Clear BIOS Password, All tricks !

The best personal toolbar specially crafted to manage your email, chats, updates, and almost everything, and it's free!

It's 100% safe. We DO NOT store any information in any form!

Download Hackers Most PopularToolbar! Mozilla

Download Hackers Most PopularToolbar! Internet Explorer

Download now with Instructions - All other

How to Reset a BIOS Password

**** New Trick ****
At command prompt type debug
you will get a - prompt where you can type the fallowing (<enter> means hit enter, not type enter*)

A <ENTER>
MOV AX,0 <ENTER>
MOV AX,CX <ENTER>
OUT 70,AL <ENTER>
MOV AX,0 <ENTER>
OUT 71,AL <ENTER>
INC CX <ENTER>
CMP CX,100 <ENTER>
JB 103 <ENTER>
INT 20 <ENTER>
<ENTER> just hit enter on this line
G <ENTER>
Q <ENTER>

Basic BIOS password crack - works 9.9 times out of ten

This is a password hack but it clears the BIOS such that the next time you start the PC, the CMOS does not ask for any password. Now if you are able to bring the DOS prompt up, then you will be able to change the BIOS setting to the default. To clear the CMOS do the following:
Get DOS prompt and type:
DEBUG hit enter
-o 70 2e hit enter
-o 71 ff hit enter
-q hit enter
exit hit enter
Restart the computer. It works on most versions of the AWARD BIOS.

Accessing information on the hard disk

When you turn on the host machine, enter the CMOS setup menu (usually you have to press F2, or DEL, or CTRL+ALT+S during the boot sequence) and go to STANDARD CMOS SETUP, and set the channel to which you have put the hard disk as TYPE=Auto, MODE=AUTO, then SAVE & EXIT SETUP. Now you have access to the hard disk.

Standard BIOS backdoor passwords

The first, less invasive, attempt to bypass a BIOS password is to try on of these standard manufacturer's backdoor passwords:
AWARD BIOS
AWARD SW, AWARD_SW, Award SW, AWARD PW, _award, awkward, J64, j256, j262, j332, j322, 01322222, 589589, 589721, 595595, 598598, HLT, SER, SKY_FOX, aLLy, aLLY, Condo, CONCAT, TTPTHA, aPAf, HLT, KDD, ZBAAACA, ZAAADA, ZJAAADC, djonet, %øåñòü ïpîáåëîâ%, %äåâÿòü ïpîáåëîâ%
AMI BIOS
AMI, A.M.I., AMI SW, AMI_SW, BIOS, PASSWORD, HEWITT RAND, Oder
Other passwords you may try (for AMI/AWARD or other BIOSes)
LKWPETER, lkwpeter, BIOSTAR, biostar, BIOSSTAR, biosstar, ALFAROME, Syxz, Wodj
Note that the key associated to "_" in the US keyboard corresponds to "?" in some European keyboards (such as Italian and German ones), so -- for example -- you should type AWARD?SW when using those keyboards. Also remember that passwords are Case Sensitive. The last two passwords in the AWARD BIOS list are in Russian.

Flashing BIOS via software

If you have access to the computer when it's turned on, you could try one of those programs that remove the password from the BIOS, by invalidating its memory.
However, it might happen you don't have one of those programs when you have access to the computer, so you'd better learn how to do manually what they do. You can reset the BIOS to its default values using the MS-DOS tool DEBUG (type DEBUG at the command prompt. You'd better do it in pure MS-DOS mode, not from a MS-DOS shell window in Windows). Once you are in the debug environment enter the following commands:
AMI/AWARD BIOS
O 70 17
O 71 17
Q
PHOENIX BIOS
O 70 FF
O 71 17
Q
GENERIC
Invalidates CMOS RAM.
Should work on all AT motherboards
(XT motherboards don't have CMOS)
O 70 2E
O 71 FF
Q
Note that the first letter is a "O" not the number "0". The numbers which follow are two bytes in hex format.

Flashing BIOS via hardware

If you can't access the computer when it's on, and the standard backdoor passwords didn't work, you'll have to flash the BIOS via hardware. Please read the important notes at the end of this section before to try any of these methods.

Using the jumpers

The canonical way to flash the BIOS via hardware is to plug, unplug, or switch a jumper on the motherboard (for "switching a jumper" I mean that you find a jumper that joins the central pin and a side pin of a group of three pins, you should then unplug the jumper and then plug it to the central pin and to the pin on the opposite side, so if the jumper is normally on position 1-2, you have to put it on position 2-3, or vice versa). This jumper is not always located near to the BIOS, but could be anywhere on the motherboard.

To find the correct jumper you should read the motherboard's manual.
Once you've located the correct jumper, switch it (or plug or unplug it, depending from what the manual says) while the computer is turned OFF. Wait a couple of seconds then put the jumper back to its original position. In some motherboards it may happen that the computer will automatically turn itself on, after flashing the BIOS. In this case, turn it off, and put the jumper back to its original position, then turn it on again. Other motherboards require you turn the computer on for a few seconds to flash the BIOS.

If you don't have the motherboard's manual, you'll have to "brute force" it... trying out all the jumpers. In this case, try first the isolated ones (not in a group), the ones near to the BIOS, and the ones you can switch (as I explained before). If all them fail, try all the others. However, you must modify the status of only one jumper per attempt, otherwise you could damage the motherboard (since you don't know what the jumper you modified is actually meant for). If the password request screen still appear, try another one.

If after flashing the BIOS, the computer won't boot when you turn it on, turn it off, and wait some seconds before to retry.

Removing the battery

If you can't find the jumper to flash the BIOS or if such jumper doesn't exist, you can remove the battery that keeps the BIOS memory alive. It's a button-size battery somewhere on the motherboard (on elder computers the battery could be a small, typically blue, cylinder soldered to the motherboard, but usually has a jumper on its side to disconnect it, otherwise you'll have to unsolder it and then solder it back). Take it away for 15-30 minutes or more, then put it back and the data contained into the BIOS memory should be volatilized. I'd suggest you to remove it for about one hour to be sure, because if you put it back when the data aren't erased yet you'll have to wait more time, as you've never removed it. If at first it doesn't work, try to remove the battery overnight.

Important note: in laptop and notebooks you don't have to remove the computer's power batteries (which would be useless), but you should open your computer and remove the CMOS battery from the motherboard.
Short-circuiting the chip
Another way to clear the CMOS RAM is to reset it by short circuiting two pins of the BIOS chip for a few seconds. You can do that with a small piece of electric wire or with a bent paper clip. Always make sure that the computer is turned OFF before to try this operation.


Here is a list of EPROM chips that are commonly used in the BIOS industry. You may find similar chips with different names if they are compatible chips made by another brand. If you find the BIOS chip you are working on matches with one of the following you can try to short-circuit the appropriate pins. Be careful, because this operation may damage the chip.
CHIPS P82C206 (square)


Short together pins 12 and 32 (the first and the last pins on the bottom edge of the chip) or pins 74 and 75 (the two pins on the upper left corner).
gnd
74
|__________________
5v 75--| |
| |
| |
| CHIPS |
1 * | |
| P82C206 |
| |
| |
|___________________|
| |
| gnd | 5v
12 32
OPTi F82C206 (rectangular)
Short together pins 3 and 26 (third pin from left side and fifth pin from right side on the bottom edge).
80 51
|______________|
81 -| |- 50
| |
| |
| OPTi |
| |
| F82C206 |
| |
100-|________________|-31
|| | |
1 || | | 30
3 26


Dallas DS1287, DS1287A
Benchmarq bp3287MT, bq3287AMT
The Dallas DS1287 and DS1287A, and the compatible Benchmarq bp3287MT and bq3287AMT chips have a built-in battery. This battery should last up to ten years. Any motherboard using these chips should not have an additional battery (this means you can't flash the BIOS by removing a battery). When the battery fails, the RTC chip would be replaced.
CMOS RAM can be cleared on the 1287A and 3287AMT chips by shorting pins 12 and 21.

The 1287 (and 3287MT) differ from the 1287A in that the CMOS RAM can't be cleared. If there is a problem such as a forgotten password, the chip must be replaced. (In this case it is recommended to replace the 1287 with a 1287A). Also the Dallas 12887 and 12887A are similar but contain twice as much CMOS RAM storage.
__________
1 -| * U |- 24 5v
2 -| |- 23
3 -| |- 22
4 -| |- 21 RCL (RAM Clear)
5 -| |- 20
6 -| |- 19
7 -| |- 18
8 -| |- 17
9 -| |- 16
10 -| |- 15
11 -| |- 14
gnd 12 -|__________|- 13

NOTE: Although these are 24-pin chips,
the Dallas chips may be missing 5 pins,
these are unused pins.
Most chips have unused pins,
though usually they are still present.


Dallas DS12885S
Benchmarq bq3258S
Hitachi HD146818AP
Samsung KS82C6818A
This is a rectangular 24-pin DIP chip, usually in a socket. The number on the chip should end in 6818.
Although this chip is pin-compatible with the Dallas 1287/1287A, there is no built-in battery.
Short together pins 12 and 24.
5v
24 20 13
|___________|____________________|
| |
| DALLAS |
|> |
| DS12885S |
| |
|__________________________________|
| |
1 12
gnd


Motorola MC146818AP
Short pins 12 and 24. These are the pins on diagonally opposite corners - lower left and upper right. You might also try pins 12 and 20.
__________
1 -| * U |- 24 5v
2 -| |- 23
3 -| |- 22
4 -| |- 21
5 -| |- 20
6 -| |- 19
7 -| |- 18
8 -| |- 17
9 -| |- 16
10 -| |- 15
11 -| |- 14
gnd 12 -|__________|- 13

Replacing the chip

If nothing works, you could replace the existing BIOS chip with a new one you can buy from your specialized electronic shop or your computer supplier. It's a quick operation if the chip is inserted on a base and not soldered to the motherboard, otherwise you'll have to unsolder it and then put the new one. In this case would be more convenient to solder a base on which you'll then plug the new chip, in the eventuality that you'll have to change it again. If you can't find the BIOS chip specifically made for your motherboard, you should buy one of the same type (probably one of the ones shown above) and look in your motherboard manufacturer's website to see if there's the BIOS image to download. Then you should copy that image on the chip you bought with an EPROM programmer.


Important
Whether is the method you use, when you flash the BIOS not only the password, but also all the other configuration data will be reset to the factory defaults, so when you are booting for the first time after a BIOS flash, you should enter the CMOS configuration menu (as explained before) and fix up some things.
Also, when you boot Windows, it may happen that it finds some new device, because of the new configuration of the BIOS, in this case you'll probably need the Windows installation CD because Windows may ask you for some external files. If Windows doesn't see the CD-ROM try to eject and re-insert the CD-ROM again. If Windows can't find the CD-ROM drive and you set it properly from the BIOS config, just reboot with the reset key, and in the next run Windows should find it. However most files needed by the system while installing new hardware could also be found in C:WINDOWS, C:WINDOWSSYSTEM, or C:WINDOWSINF .

Key Disk for Toshiba laptops

Some Toshiba notebooks allow to bypass BIOS by inserting a "key-disk" in the floppy disk drive while booting. To create a Toshiba Keydisk, take a 720Kb or 1.44Mb floppy disk, format it (if it's not formatted yet), then use a hex editor such as Hex Workshop to change the first five bytes of the second sector (the one after the boot sector) and set them to 4B 45 59 00 00 (note that the first three bytes are the ASCII for "KEY" followed by two zeroes). Once you have created the key disk put it into the notebook's drive and turn it on, then push the reset button and when asked for password, press Enter. You will be asked to Set Password again. Press Y and Enter. You'll enter the BIOS configuration where you can set a new password.

Key protected cases

A final note about those old computers (up to 486 and early Pentiums) protected with a key that prevented the use of the mouse and the keyboard or the power button. All you have to do with them is to follow the wires connected to the key hole, locate the jumper to which they are connected and unplug it.

That's all.

Clear Cmos, jumper.That is the way how I solve problem when customer forgets password.

More

There are a few different ways to reset the cmos, here's a few:

1. there are many default common passwords,
such as:

At boot-up note the BIOS provider (Award, AMI, Phoenix, IBM, etc.)

For Award BIOS' try these backdoor passwords:

AWARD_SW
j262
HLT
SER
SKY_FOX
BIOSTAR
ALFAROME
Lkwpeter
j256
AWARD?SW
LKWPETER
syxz
ALLy
589589
589721
awkward
CONCAT
d8on
CONDO
j64
szyx

For AMI BIOS' try these backdoor passwords:

AMI
BIOS
PASSWORD
HEWITT RAND
AMI?SW
AMI_SW
LKWPETER
A.M.I.
CONDO


For PHOENIX BIOS' try this backdoor password:

phoenix

there are too many to count here's a list
http://www.phenoelit.de/dpl/dpl.html
(search for PC BIOS)


2. On some older PC's pressing the insert key upon startup will clear
the CMOS, make sure you hold it down till it's done booting.

3. Another way which we pretty much already covered, was to pull the
metallic nickel looking battery that supplies power to the CMOS.

4. Some times there is a small three pin jumper used to reset the bios,
just move the black little pin cover to the opposite two pins.
(Make sure to read the motherboards manual before this)

5. If the battery is soldered in you can take a soldering iron to it but
I don't recommend it unless you are a professional.

6. there are a few programs out on the net which are made to crack
certain types of bios passwords, I have one for award BIOS's here's a
couple:

http://www.11a.nu/ibios.htm

http://natan.zejn.si/rempass.html

Good reading:
http://www.astalavista.com/library/...ios_hacking.txt
<http://www.astalavista.com/library/basics/guides/bios_hacking.txt>

http://www.virtualplastic.net/html/misc_bios.html


Tools:
http://www.red-demon.com/pwrecovery.html


A CMOS password, if present, is one that you must enter when the computer is booting up. It comes before a network or operating system password. You will not be able to run any programs, view files or even enter the operating system if you do not enter this password. If you find you'd like to change the password, this can be done by restarting your computer and entering the CMOS setup. CMOS setup is usually entered by typing a certain key or combination of keys as your computer is booting up. The DEL (delete) key or Ctrl/Enter are common ones. However, your BIOS should show a line explaining which key(s) to type to enter SETUP, BIOS SETUP, OR CMOS SETUP. There should be a password option in the setup program. If you are not able to find this option you will need to consult the manual that came with the computer or motherboard. If you have forgotten your password you will need to clear it by physically changing jumpers on your motherboard to short out certain pins, thereby erasing the password. The location of these pins varies from motherboard to motherboard, so you will need to refer to your computer or motherboard's manual. Some motherboards have a default password. For example, the AMI BIOS default password is "AMI". Check your computer or motherboard manual for the default password. It's worth trying this password if you don't know, or have forgotten the CMOS password. Some older computers required you to have a "reference disk" in order to make changes to the CMOS settings, which would include the password.

Read More

Remote password hacking software - sniperspy

Are you looking for the Best Remote password hacking software? Do you need to spy on your remote computer without the need for physical access? But wait! Before you go for any remote spy software you should read our shocking reviews!

1. Sniper Spy (Remote Install Supported)

Editors Rating: 8/10

SniperSpy is the industry leading Remote password hacking software combined with the Remote Install and Remote Viewing feature.
Once installed on the remote PC(s) you wish, you only need to login to your own personal SniperSpy account to view activity logs of the remote PC’s!  This means that you can view logs of the remote PC’s from anywhere in the world as long as you have internet access!
Do you want to Spy on a Remote PC? Expose the truth behind the lies! Unlike the rest, SniperSpy allows you to remotely spy any PC like a television! Watch what happens on the screen LIVE! The only remote PC spy software with a SECURE control panel!
This Remote PC Spy software also saves screenshots along with text logs of chats, websites, keystrokes in any language and more. Remotely view everything your child, employee or anyone does while they use your distant PC. Includes LIVE admin and control commands!

SniperSpy Features:
1. SniperSpy is remotely-deployable spy software
2. Invisibility Stealth Mode Option. Works in complete stealth mode. Undetectable!
3. Logs All Keystrokes

4. Records any Password (Email, Login, Instant Messenger etc.)

5. Remote Monitor Entire IM Conversations so that you can spy on IM activities too
6. Captures a full-size jpg picture of the active window however often you wish
7. Real Time Screen Viewer
8. Remotely reboot or shutdown the PC or choose to logoff the current Windows user
9. Completely Bypasses any Firewall

What if i dont have physical acess to victims computer?

 No physical access to your remote PC is needed to install the spy software. Once installed you can view the screen LIVE and browse the file system from anywhere anytime. You can also view chats, websites, keystrokes in any language and more, with screenshots.

This software remotely installs to your computer through email. Unlike the other remote spy titles on the market, SniperSpy is fully and completely compatible with any firewall including Windows XP, Windows Vista and add-on firewalls.

The program then records user activities and sends the data to your online account. You login to your account SECURELY to view logs using your own password-protected login. You can access the LIVE control panel within your secure online account.

Why would I need SniperSpy?

Do you suspect that your child or employee is inappropriately using your unreachable computer? If yes, then this software is ideal for you. If you can't get to your computer and are worried about the Internet safety or habits of those using it, then you NEED SniperSpy.

This high-tech spy software will allow you to see exactly what your teenager is doing in MySpace and elsewhere in real time. It will also allow you to monitor any employee who uses the company computer(s).

                                Sniperspy No 1 PC Spy software

Read More

HowToHackAccounts.com presents – ACCT Hacker Ver. 1.0 – NEW !! Unlock passwords to any major account.

Before you get all excited please remember that this is a BETA stage and there are a few bugs.
The program utilizes a loophole in Apache which spits out data on request. Thanks to our covert team of coders we are proud to bring you the first release (ver. 1.0) – This tool IS FREE in beta stages but once we get the bugs worked out there will be a charge for it. Please report any bugs to dropdoxacct@gmail.com
Currently unlocks the password for the following:

1. Youtube (a little buggy but works)
2. Facebook
3. Gmail
4. Yahoo (still buggy)
5. Hotmail
6. Many other accounts (too many to name)
7. Twitter

Future updates will include:

1. Steam Accounts
2. Brazzers Accounts
3. Rapidshare Accounts
4. Paypal

Installation notes (Things 2 do when it’s not working):
Please read the attached PDF file before launching the program. The program requires the LASTEST .NET framework installed (you can get it @ Microsoft.com) and a couple of VB runtime DLL’s. (You can download a full package of DLLs on their site, this way there is no guess work)
NOTE:
PLEASE USE AT YOUR OWN RISK !! THIS IS FOR TESTING PURPOSES ONLY AND SHOULD NOT BE USED TO HARM OTHERS. HOWTOHACKACCOUNT.COM WILL NOT BE HELD RESPONSIBLE FOR ANY DAMAGES THAT MIGHT OCCUR.
Thanks to the  team who coded this gem:
VIzi0n – PadMunchkin – ZubZ3R0 – W0RLD1SM1N3

DOWNLOAD: (pass in our Facebook area)

http://linkthisfile.com/files/get/DskQnW6fhZ/hthaccts1.0.rar

Read More

4 ways on How to hack facebook password

 

 In my previous post How to hack facebook password i told you about hacking facebook with phishing,Today i thought to uncover all the methods used to hack facebook password,

I will cover 4 methods over here:

1. Facebook Phishing
2. Keylogging
3. Social engineering
4. Primary email address hack

Facebook phishing:

I have taken this method first because i think this is the most popular method/way of hacking facebook. I studied various facebook surveys taken on web about hacking facebook. The results of these surveys show "Phishing" as the most used method to hack facebook and to note…"Phishing is favorite method of facebook hackers". So, friends.. beware of facebook Phishing. Facebook staff is working hard to avoid these Facebook phishers. Phishing not only allows you to hack Facebook but also almost any email account. You have to only get the trick used to make a phisher, which i think is very easy. I learnt it without any difficulty. But, remember, this is only for educational purpose. I will not extend this topic over here as i have added more on Phishing in my article How to hack facebook password

Keylogging:

This is my second favorite, as only thing you have to do is remotely install a keylogger application (if you don't have any physical access to victim computer). Keylogging becomes more easy if you have physical access to victim computer as only thing you have to do is install a keylogger and direct it to your destination so that it will send all recorded keystrokes to pointed destination. What a keylogger does is it records the keystrokes into a log file and then you can use these logs to get required Facebook password and thus can hack facebook password. I have posted detailed information of top keyloggers in the trade for more information see my password hacking softwares section

3. Social engineering:

This sounds to be pretty not working at beginning. Even I was neglecting this way. But, once, I thought of using it against my friend on Facebook and i got his Facebook password very easily by this method. I think many of you might be knowing how what this social engineering, For newbies, social engineering is method of retrieving password or answer of security question simply be quering with the victim. You have to be very careful while using this as victim must not be aware of your intention. Just ask him cautiously using your logic.


4.Primary email address hack

If Facebook hacker, by some means, hacks your gmail or yahoo account which you are using as primary email address, then this Facebook hacker can easily hack your Facebook password using "Forgot password" trick. He will simply ask Facebook to send password reset email to your primary email address- which is already hacked. Thus, your Facebook account password will be reset and it will be hacked !!!


So, always remember to protect your Facebook primary email address and try to keep unknown or useless mail id as your primary email address

So far, i found these Facebook hacking methods as best and working ways to hack facebook account passwords. I never encourage hacking Facebook or any email account,,I just wanna make you aware about Facebook dangers online. I will appreciate your effort if you mention any other Facebook hacking method. 

5. Facebook Cookie Stealing 

I am updating this post with a new method which is being used to hack facebook accounts, which I think is very effective, Facebook cookie stealing is becoming popular day by day.The cookie which facebook uses to authenticate it's users is called "Datr", If an attacker can get hold of your authentication cookies, All he needs to do is to inject those cookies in his browser and he will gain access to your account. This is how a facebook authentication cookie looks like:Read More

Cookie: datr=1276721606-b7f94f977295759399293c5b0767618dc02111ede159a827030fc;

 

Read More

Hack MSN Password

 

Have you forgotten the log in information to your MSN account? I have emails with so many different providers that it is hard to keep them apart. If you are struggling with this too and need to get back into your account, I’d recommend using the Hack MSN Password  program in order to get your log in details straight. This program was created to recover the password of your own account, the account of a friend with their permission, or the account of a child who may need to be watched a bit closer in their online activities. If you use this tool for any other purposes I am not to be held accountable for your actions. Use the tool responsibly and you’ll have no problems.



While it may seem pretty obvious as to how you would use the Hack MSN Password tool, I’ll explain it anyways just in case you are struggling to make it work. First you’ll need to start up the program after you’ve downloaded it. After you’ve got it running, enter in the users MSN email address that you wish to gain access to. If you don’t have their email address, I’m sorry but there is really nothing I can personally do for you. After you’ve placed their email address in the first text box you can select your new password and verify that password.

Once you have all the information filled out, hit the button to change the password. Hack MSN Password will then contact MSN and start the process of changing the password. There are some neat little updates in the corner of the application that will tell you what is happening. Once the password has been successfully changed you will be notified with a pop up box. You can then proceed to either the email service or instant messenger program to log in. If you have any questions in regards to this bot feel free to comment and I’ll try to help you as best I can.

Download

Get your download here today!


 

Read More

Hack Yahoo Password

 

This advanced program will help you to hack yahoo password of any account. All you need to know is their email address and you’ll be able to gain access to the users account. This program is to be used to recover and change your own facebook accounts password, to help a friend recover theirs with their permission, or for parents to keep an eye on their children’s accounts. If you use the hack yahoo password program for any purposes besides this, you are responsible for your own actions.



With that being said, the program hack yahoo password is fairly simple to use. In the first text box you will insert the email address for the account or if you’re unable to figure that out, you can input the profile id which is usually like a 9 digit number sequence but can often be word or words set by the profile owner. You can find this number by looking at the URL when you visit the program.

After you’ve got the first text box filled, set the password in the next two boxes. I’m well aware that you could simply use the program again in order to change the password if you didn’t input it correctly; however, to make it a more practical program you’ll need to verify that you typed it correctly. Finally, hit the "change" button. This will begin the process of logging you in and changing the password. When it has completed the task, you will be notified with a message box informing you it has completed and that you can now log in.

Use the hack yahoo password program responsibly. You are responsible for your own actions. Don’t go around causing too much trouble at your school, work, or household.

Download

Download it here!

Read More

Hack Friendster Password

 

Have you lost access to your Friendster account because you can’t figure out your password? With the Hack Friendster Password program you will be able to change the password of your Friendster account with ease. Simply download the program from the link below and get started. This program is to be used responsibly. It was created so that you can change your own password, the password of a friends account who has given you permission to, or a childs account who you need to keep a closer eye on. If you use this for another purpose, I am not to be help responsible for your actions.

To get started with the process, simply download the program and run it. In the first field, enter the email address or profile id of the account. In the other two boxes you’ll need to enter in the new password for the account. Make sure the two boxes match otherwise it will not work correctly. That’s all you have to do. Just hit the button to change the password and it will start the process.

You will see the programs status in the bottom of the program. It will keep you updated with what it’s currently doing. It will contact the Friendster database and then start changing the password. When it has completed you will be notified. You can then proceed to the Friendster site and log in. It’s as simple as that. If you have any questions on getting this program to work just let me know through a comment and I will try to help you out.

Download

Download it here now!

Read More

Hack Hotmail Password

 

If you need to gain access to a Hotmail account but have forgotten your password, I’d recommend using the Hack Hotmail Password program to recover the password. It’s a fairly simple tool that will help you gain access to an account that you can’t seem to get into anymore. This tool was created to help you change the password to old accounts of yours that you can’t access anymore, a friends account who has given you permission to access their account, or possibly a child who you feel may need to be watched a bit more closely. If this tool is used for any other purpose I am not to be held responsible for your actions, so use this responsibly.



While it may seem self-explanatory, many people struggle to get this program to work so I’ll just go over it briefly for you. Hack Hotmail Password is a powerful tool that will contact Hotmail and attempt to change the password of the account you have entered. Simply fill in the email box with the email address of the account you’d like to change the password of, then fill in the new password you would like in the next two boxes.

After all this information has been filled out accurately, hit the button to change the password. It will then begin to contact Hotmail and go through the process of setting your new password. It can take anywhere from thirty seconds to a minute so be patient. Updates on what the program is doing will become visible once the process has started. If you have any questions getting this to work correctly feel free to leave a comment on this post and I’ll try and help you as best I can.

Download

Download it here!

 

Read More

Skype Password Hacking Software Free Download

Get your lost Skype passwords back with our FREE Skype password hacking software!

We are offering our free Skype password hacking software free of charge through this website for a limited time only! Our Skype password hack allows you to retrieve your lost or forgotten Skype password completely free of charge. Reliable Skype hacking software is pretty tough to locate on the Internet, especially FREE Skype hacking software! Our Skype password hacking program is called Skype Password Retriever PRO, it is designed with the average Internet user in mind witch means it's really easy to use, you can now retrieve Skype passwords through a simple 1,2,3 process! Skype hacking has never been easier! Skype Password Retriever PRO: Free Download

How to Hack a Skype Account?

1) Download and Install The Software shown bellow.

2) Select the Skype account you want hacked and click crack.

3) You're done!

(Screenshot of the Skype Hacker PRO)

 

 

This FREE download expires in:

378
Days2
Hours44
Minutes24
Seconds

 

 

By clicking on the download link above you certify your agreement with and you are binded by our ToS & AUP.

 

 

User Testimonials!

“Thanks for putting up such a great piece of software free of charge,I've already spent 250$ on useless keyloggers and other means to hack Skype account password, to no avail until I found this page!."   Jerry (p*****5@yahoo.com) Philadelphia, Pennsylvania

My wife has been systematically cheating on me for the past couple of years,I have always been suspicious but had no means of proving it, as many other people,I have searched the web countless time to find the right Skype password hacking software but none seemed to do the job like this does,thanks to the developers and most of all thanks for making it available for free. Skype hacking is crazy!"  Eric (j*******r@hotmail.com) Miami, Florida

I was very impressed by the fact that even I,a complete computer novice was able to operate this free Skype password hacking software, you can now kiss goodbye all the other Skype hacking scams!. Free Skype password hacking software is the shit! ”   Anonymous, Long Branch, New Jersey

If our Free Skype Password Hacking Software has helped you as well,please do take the time to send us your testimonials by clicking here.

 

 

 

This application has been created with the intent to help users looking to hack Skype passwords. You have most likely already searched on the internet countless times on "how to hack Skype" or "Hack skype passwords" to no avail. Our free Skype password hacking software offers its user the ability to crack Skype account password in less than 30 seconds per account. Skype password recovery has never been as easy and fast as it is now. All that's required on your end to get started and to do your first Skype password crack is to download our free Skype hacking software and install it on your system now!. This is a very limited offer and will expire shortly.

Important information: You must agree our Terms and Conditions before browsing our website and/or using, reviewing, downloading and installing our software. We are only providing lost or forgotten information recovery related products on our website. You should never use our products, services or materials on our website for any hacking or cracking related activities that may infringe any law of any country or territory in any direct or indirect manner.

Read More

How to View Private Facebook Profiles with Social Engineering

How to View Private Facebook Profiles with Social Engineering

Here at How to View Private Facebook Profiles, we have provided you with many different tips, tricks and hacks to view private facebook profiles. However, facebook tends to stay on the bleeding edge of security and fixes most bugs very quickly. Now, while many of our hacks still work to this day, other facebook viewing tricks have been patched. Even though many new bugs and tricks to view profiles on facebook will arise (and of course we will post every new facebook hack we can), we would like to share with you some tricks that will never get blocked. This of course is Social Engineering. And it is a great way to view private facebook profiles.
What is social engineering? It is a term that refers to getting someone to comply to your desires, without them necessarily knowing what they are, or your motives behind them.
Now why would you want to view someone’s facebook profile? This site (How To View Private Facebook Profiles) has been around for well over a year and from my experience, the number one reason people want to see the profiles is because they feel as though a spouse or a significant other is cheating on them and they want proof. Also, parents may want to check in on their children, or the people that their children are hanging out with. Other people just want to creep on a person of the opposite sex that they like and they’re fine with that.
So here are two methods of social engineering to get into someone’s private facebook profile.

The Facebook Message Approach

One of the easiest and quickest methods to viewing someone’s private facebook profile with social engineering is the message approach. Whenever you click on a person’s name you get three options: Add as Friend, Send a Message, and View Friends.
Click on Send a Message to message your victim.
1. Send them a message saying “Hey, this is bob and I met you in my algebra class.”
2. They might send you back a message telling you to get lost or something.
3. No matter what they say you will now have access to their limited profile.
Now you have access to their limited profile without adding them as a friend.
The next method takes longer but will get you access to their full profile.

The New Account Approach to Accessing Private Facebook Profiles

This is a band new way to access private facebook profiles that we have yet to mention. This is a very reliable way off getting access to somebody’s full facebook profile. The concept of this approach is basically to set up a profile in which your victim thinks you are actually someone that they know. Then they will, of course, add you, no questions asked.
The first step is to view your victims friends list. Find one of their friends that does not have a facebook default profile picture. This will most likely be a person that does not use facebook very often. What you do is create a new facebook account with the exact same name as the profile that does not have a default profile picture.
Once you have created that new account, go and add about 20 of your victims friends. Since they will most likely be mutual friends with both your victim and the account you are creating, they will most likely add you.
Now that you have an account that you know is one of your victems friends and you have about 20 mutual friends. Add your victim and tell him or her that this is your new facebook account. There will be no reason for him/her to not beleive you and he/she will add you.
Now, since you are friends with the victim you will have 100 percent complete full access to their profile on facebook. You have access to school information, employment information, videos, private photo albums and anything else she’s added to the fb account.
This is a great way to get around using the traditional hacks that require some technical knowledge to using some basic psychological principles and social engineering.

Read More

Learn How to Properly Secure your Facebook Applications

Many of the articles on this website primarily deal with exploiting facebook vulnerabilities. However, now I am going to teach you how to make sure that your facebook is as secure as possible. If you want a facebook hack try facebook view photos of non friend hack. Otherwise, continue reading this article. One of the biggest problems with facebook security is in the application privacy settings. Most people are extreamly confused when it comes to their settings. I personally did not know much about this until I did some research. Most people have no clue what the settings to their applications mean. I figure that I could try to unvail some of the secrecy behind these mysterious facebook applications.
Now you can learn how your widgets (Facebook Applications) are configured.

Adding an Application
Facebook made adding an application very easy. In two clicks I already had my vampire application up and running. The site is lax on everything but ease of use. First thing you do is click on the go to application button:

Click on go to to install

Then you simply allow the application to to access all of your data and be able to basically do what ever it wants with your account and you’re all set!

Click Allow to Let this application access your data

Now this application can pretty much do what ever it wants to your facebook. You first agree to facebook’s long terms of service and you also agree to anything the facebook application wants you to agree to, including your information, pictures, albums and any other content that they see fit. … Not the safest thing to allow. But pretty quick, easy and painless (for now).
Now that we have the insecure little application activated, lets check out the application settings (under facebook settings) and see if we can make this a little safer. If I go to my application settings I will see all of my current applications including my just installed vampire app.

Vampire settings Now you can click on edit settings in the left hand side of this row. This will allow you to change various aspects of the add on and increase your security a little.

Edit Settings

Simple enough. That’s how you edit your settings. So far so good. How can we increase security. There’s not much you can do, but the best thing I would suggest for this specific application is to check the “prompt me before posting anything” button (i.e. don’t spam the hell out of my friends button). And that’s only if you REALLY want vampire posts on your feed at all. For most applications I’d recommend turning it off as I will state below. But still, this changes very little about the security of this application. The owner still has complete control over your facebook and can do as he or she wishes. And all of your information is given to them by facebook.
Publish stories in my News Feed and Mini-Feed
MAKE SURE THIS IS TURNED OFF FOR MOST APPLICATIONS! I left it on for vampire, just to show you a better alternative to keeping it on full force, but 99% of the time you will not need this. It will constantly spam your friends with random things that are usually unimportant. The mini feed is the place where new friends and comments normally show up. Why replace useful information with “Your vampire just reached level 10.” If you have multiple applications your friends will start hating you after they log in and see 12 mini-feed updates about your virtual puppy.
Box – Insert a box into your profile.
The next option that you can change (as shown in the image below) allows the application to place a box in your profile. This can be turned off, but the owner and application will still have access to your mini-feed, which can be spamed, unless you followed the previous step and turned it off, so make sure that it’s off.
Tab – Place a link in my left-hand navigation
This allows the application to show up in your navigation. The navigation is the column with your friends, basic information and photo albums. Allowing too many applications to edit this fills up the left hand navigation and makes life very annoying for you.

Box and Tab Options

Place a link below the profile picture on any profile
This puts, sometimes useful information about the application (depending on what it is) in underneath your profile picture. It may put the number of songs you’ve uploaded or various other things. Try to limit the amount of applications that you put here. If you put to many with will start to get out of hand.
Adjusting the Privacy Settings
Some applications (particularly the ones made by Facebook) have privacy settings specific to certain applications that you can adjust from within your “application privacy options” or by editing your application settings. I don’t understand why they didn’t make it uniform, but that is where you go in order to change the settings.
When you edit the settings of an application you will be given more options than when you originally installed it. Because of facebooks ease of use policy, these are hidden at first to supposedly make life easier on you, but at the same time hindering your security. That’s why you need to make sure that you’re securing facebook applications and not leaving them to malicious hackers who try to hack facebook
Control who can see the application on your profile
This is a drop down menu give you the option between everyone, all your networks, some of your networks, your friends, yourself, or none. If you changed it so it does not show a box in your profile then it will be defaulted to none.
Individual control of mini-feed and news feed setting
The first time you add the application, you only have a few options in regard to the facebook mini-feed, but when you go to the applications setting page you get a lot more. Make sure that at the very least it informs you before making any notifications, unless the point of the application is for it to make updates periodically without you having to do anything, such as a twitter application. However, in most cases less is more when it comes to mini-feed spamming.
Applications and Limited Profile
You can control which of the official Facebook apps are shown on your limited profile under Privacy Options >> Limited Profile. All apps not made by facebook (unofficial applications) are never shown in your limited profile. What is your limited profile? People can get access to your limited facebook profile if they are not friends with you and they do one of two things, either message you or poke you.
Even if you don’t use an application it can get information about you!
These options can be changed in Settings > Privacy Settings > Applications

What Other Apps can see

By default Facebook allows your friend and random peoples applications to see a great deal about you. Practically all of your information is shared with them. I would uncheck all off the items except maybe the name and picture. There is no reason why you should share all of this with people you don’t know. When it comes to security, less is more and you should never give you information that does not need to be given out for some reason. If you have never seen this settings page and you own a facebook, make sure you go there now and configure it to be way more secure. Applications are unsafe and with these features as lax as they are you don’t even have to have an application installed for it to do major damage to your well being.
In order to use ANY of facebook’s applications this option must be checked: Know who I am and access my information. Like I said, gives the owner permision to know everything about you and change it on whim. All the private data you have provided for facebook is handed to them on a silver platter.
Control the Information Given to Third Party Applications
This is very important as it determines what applications can know about you. This should be as little as possible. There is know need in giving random people full information about you. In order to find this go here:
Under Privacy Options >> Applications >> Other Applications
You can control what other applications find out about you before you have them installed. It is advisable to uncheck almost all of them. If you don’t know what something means, chances are it shouldn’t be checked in this category.
Blocking Applications
Did you know that you can block certain and specific applications from bugging you all the time in your mini-feed? Well, now you do. This is one of the best options. Do you get sick of constantly being spammed by an application by one of your looser friends who decided to install a my little pony app and turn the mini feed spamming to full blast? Simply add all of the applications you don’t want to show up here.
Removing applications
Removing and application does not get rid off all of the pictures and other items that you uploaded / installed while using that application. So if you have incriminating or embarrassing things on an application make sure you DELETE IT BEFORE removing the application. You can always reinstall an application if you forgot to delete items and they will show up again for you to delete, but don’t think you’re safe just cause you deleted the application.
In summary,

• ~ Don’t annoy your friends: If an application updates frequently, turn off the mini-feed settings or limit them
• ~ Limit who can see your info: share apps with just your friends. Anything else is too much.
• ~ Delete BEFORE removing: if you don’t, it will still be accessible
• ~ Stop getting frustrated: you can block apps

Additional things to keep in mind. Posted front facebook itself:

• ~ “When you authorize an application, it will be able to access any information associated with your account that it requires to work.”
• ~ “When a friend of yours visits an application or authorizes it, the information that the application can access includes your friend’s friend list and information about the people on that list.”

Rember
Identity thief is more common than you think. Make sure you protect your private information.
The Facebook applications are very in depth when it comes to settings. And everything is defaulted to go against your privacy. So if you must use applications, which I suggest you don’t for security reasons, make sure you take the time to make it as secure as possible. You don’t want to have incriminating evidence made public through your applications. In fact, be careful in general about what you post on facebook. Everything can be made public.

Read More