Latest: Hack Facebook Password! | Wants To Hack CellPhone | Trace Mobile Number(only US) ! | New : Best FUD Keylogger!

Featured Posts

hack mobile

Tuesday, January 31, 2012

Hack Websites Database Using XPath Injection

Comments Posted by wildrank on Tuesday, January 31, 2012
Everyday many website gets hacked by hackers but most of the hackers are hacking those website just for popularity nothing else. Today i am writing this tutorial on XPath Injection, in which i will explain you, How Hackers Hack Website Using XPath Injection.

In a typical Web Application architecture, all data is stored on a Database server. This Database server store data in various formats like an LDAP, XML or RDBMS database. The application queries the server and accesses the information based on the user input.

Normally attackers try to extract more information than allowed by manipulating or using the query with specially crafted inputs.Here, in this tutorial we’ll be discussing XPATH Injection techniques to extract data from XML databases.

hack website

You might be interested in some of our other articles:
Don’t forget to Subscribe to our RSS feed

XPath Injection Tutorial To Hack Websites Database



Friday, January 27, 2012

File Extension Changing Tutorial! Make .exe Look Like a jpeg, mp3 or Whatever You Like!

Comments Posted by wildrank on Friday, January 27, 2012
Hello Guys..On wildhacker I have written about Keylogger and Crypter in my previous articles. Today in this tutorial I will show you how to make your .exe (or .com/.scr) files look like .jpeg/.mp3 or any other filetype! By normally changing the extension to e.g .mp3, will corrupt your file, but with this exploit your file will still be executable!

So for example lets say, you have created a file server.exe using keylogger, but I want it to look like a mp3 file, so people would run it. In this case, you should change the .exe to .scr to make it look more legit in the end.

change file extension

You might be interested in some of our other articles:
Don’t forget to Subscribe to our RSS feed

How To Change File Extension

Follow the steps bellow to change the file extension..

Step 1: lets say we have server.exe, now, rename your server.scr (which is still executable) to "songname uploaded by .SCR" (notice the space).

change file extension

Step 2: Now it's time to use the exploit! Open up the Character Map,

change file extension

Step 3: Scroll down and find the "U+202E: Right-To-Left Override" character in Character Map,

change file extension

Click "Select" and then "Copy".

Step 4: Now choose to rename your file, and paste the copied character right before the ".SCR" (press ctrl+v to paste)

change file extension

Step 5: Then type "3pm" (without the " ") and press Enter. Now it should look like this:
Spoiler,

change file extension

Done! Obviously you might want to change the icon to look like an mp3 before doing this..

Most browsers have patched this, but it can be used on IM's like MSN or Yahoo Messenger. To upload the file to a filehost, you need to make a .rar file with your server inside.

change file extension

Now go ahead and mix around with .exe/.scr/.com and the fake-extensions to find some other legit-looking combinations!

So friends, I hope this file extension changing tutorial will be useful for you. If you have any problem in this file extension changing tutorial, please mention it in comments bellow.

Enjoy HaCkInG.........


How to Protect WordPress Website From Hackers

Comments Posted by wildrank on Friday, January 27, 2012
After some Website Hacking articles, i am adding one more article in this category which is based WordPress website security. Now days WordPress is one of the most popular platform for many bloggers and every day, thousands of new people are using WordPress. WordPress also provides powerful Content Management Systems (CMS). Because of this popularity, more hackers are targeting WordPress and looking for vulnerabilities within the software.

Today in this article i am going to share some important tips to secure WordPress website from hackers, So you can keep your focus on blogging instead of website security hacked.

Since there are no such software, like an Anti-Virus, available to secure a website. Most of the people just consider the job is done once they setup the website. It definitely is not. You can protect a website or webserver only by continued efforts.

wordpress hacking security

You might be interested in some of our other articles:

Don’t forget to Subscribe to our RSS feed

How to Protect WordPress Blog/Website From Hackers


Follow the following steps in order to protect WordPress Website / Blog.

1) Use Open Source Scripts :


wordpress hacking security

Unless you know what you are doing or have a well versed development team in your payroll, it is a great idea to use open source scripts. Open source scripts like WordPress, Drupal, Joomla, Magento etc. are feature rich, powerful and are backed by thousands of coders for update & support.

This avoids websites falling prey to hackers & spammers due to poorly written code. Instead of building from scratch, you can use the existing scripts and modify them to your liking. Commercial scripts from reputed companies can also be deployed if they issue updates & patches regularly.

2) Use Strong Passwords :


Passwords like “wildlove0123”, “unwildlover” are definitely not good. Your password does not have to reflect your “inner persona” as they are supposed to keep things safe.

Use a combination of numbers, special characters and alphabets and make sure they are atleast 10 characters long. Apps like KeePass, Lastpass etc. can help you generate strong passwords and to store them as well.

3) Update Constantly :


Upgrade to newer versions of scripts or add new features as soon as they are released. Main intension of Upgradation is to fix bugs in the script and are as important as a full version upgrade.

5) Secure Admin Email Address :


Keep the admin email address used to login to your webserver, CMS, database etc. away from the public eye, dont share such email address on website or in forum / social networking site. Use a totally different address in your contact page. This will help from not being scammed by a phising email disguised to have been sent by your hosting company or domain registrar.

6) Add a Database Table Prefix :


wordpress hacking security

If you are using a CMS, blog or forum script, change the default database table prefix. For example in case of WordPress, the default database table prefix is “wp”. So if a brilliant hacker finds a way to extract data from a database, default table prefixes will leave you a sitting duck.

7) Password protect the Database :


wordpress hacking security

It is not a mandatory requirement in a lot of scripts to enter a database password and leaving them empty will still get the script installed. An empty password is a criminal waste of an additional layer of security. Database password do not slow down the website when querying the database, so there is absolutely no reason not to have one.

8) Delete the Installation Folder :


wordpress hacking security

Once the installation is done there is no use for the installer folder in the day to day operations of a website. It is very much possible for a hacker to run the installer once again, empty the database and take control of the website & its content. Ideally it is strongly advised to delete the folder once the installation is complete, but if you know your way around the web server, you can also opt to rename the folder.

9) Change File & Folder Permissions :


wordpress hacking security

Some scripts require full read & write access while installation. This can achieved by using the 777 code on vital folders like config, admin etc. Revert the file permissions back to their original code, say 755 or 644. A file or folder with full read write code gives easy access to inject malicious code in your website.

10) Use Secured FTP Access :


If your webserver or ISP support SFTP access, jump at the opportunity and upload files to your server in fully encrypted glory. Nobody can sniff what you are uploading or downloading to & from the webserver.

11) Restrict Root Access :


Be it may FTP or Database, never give root access to everyone willy nilly. Restrict access to certain non system folders in the case of FTP uploads by people other than the system administrator.

12) Ensure the presence of .htaccess file :


.htaccess files are often used to specify the security restrictions for the particular directory, and make sure you have not deleted it by accident or if it is there in the first place.

13) Add robots.txt file :


robots.txt gives special instructions to search engine spiders as to which folders are to be indexed and which ones are not. Folders with documents, images etc can be kept under wraps from being indexed and displayed in public web searches.

14) Use security plugins :


Mature platforms always have plugins to extend the core functionality of the script. Look for plugins that add an extra layer of security and install them. For example, WP Security Scan plugin checks if most of the steps I have mentioned above have been implemented properly in a WordPress installation.

15) Read leading Tech Blogs :


Keep yourself updated on the latest vulnerabilities, bugs and attacks on the Internet. There will be a time delay before the patches are issued and this information will help you protect your website or to temporarily take it offline if there is a very serious threat. Wired’s Threat Level and Kreb’s on Security are good places to begin.

16) Stay away from Nulled Scripts & Themes :


Piracy of commercial scripts and paid themes is the easiest among all other forms of piracy. Smaller file sizes, absence of version specific keygen, cumbersome Daemons, DLL patches & cracks make it a cake walk to pirate a script rather than a software or PC Game.

However, unlike pirated desktop software where a hidden malware is removed by the Anti Virus software, there is no way you can escape the backdoor added to the codebase. Even for a seasoned programmer, it is impossible to go through thousands of lines of code to check if the script is free of backboors.

A nulled script or theme with a backdoor ensures that the hacker peddling it in the first place has gotten himself a free server to spam people with mails promising to enhance things that cannot be enhanced. If you are lucky, your website might not used for anti government propaganda or for distributing child pornography. Unless you so love orange jumpsuits or better yet, would love to go on an all expenses paid trip to a certain facility in Cuba, stay away from nulled scripts. Nulled scripts hurt the pirate worse than the developer. Enough said.

When it comes to security online, there are always infinite number of ways to protect a website. Share with us the tips & tricks you use to protect your website by leaving a comment.

Credits go to Justin Stravarius.

Happy hacking.........


Tuesday, January 17, 2012

How To Hide Keylogger, Virus, Rats Files in Image - Steganography

Comments Posted by wildrank on Tuesday, January 17, 2012
There are many ways we hide our data in computer some people use encryption tools like Truecrypt, some hide there files in folders , some use folder lock etc.

Steganography is the art and science of hiding messages, Images, Data .etc in such a way that no one, apart from the sender and intended recipient, suspects the existence of the Data, a form of security through obscurity. By using this trick your data will get hidden into any image of your choice without reducing its quality, In following tutorial i will show you how you can Hide Data Behind Images.

In this article I am sharing software which will helps you to hide RAR files in a working jpg file!

hide virus file in image

You might be interested in some of our other articles:
Don’t forget to Subscribe to our RSS feed

How To Hide Keylogger, Virus, Rats Files in Image - Steganography

Follow the following steps to hide data behind the image using software.....

Step 1: Download Hide RAR Software to hide RAR file behind the image.
             Password : www.wildhacker.com

Step 2: Run the software file rarhide to see,

hide keylogger file in image

Step 3: Now select the images in which you want to hide RAR file,

hide keylogger file in image

Step 4: After that select RAR file which you wants to hide in the image,

hide keylogger file in image

Step 5: Finally click on "Combine" button and select location where you wants to save the file which contain hidden RAR file in image.

hide keylogger file in image

Note: To check whether it work or not, just open the file which you made in final step with winrar or change the extension to .rar.

That's it friends. We are successful to hide Keylogger, virus files in a jpeg image. I have tried my best to be as simple as possible to help you hide virus. If you find any problem in this tutorial on how to hide virus in jpeg image, please mention it in comments.

Enjoy n hide virus, keylogger files in image...


Wednesday, January 11, 2012

How to Hack Gmail Account Password Using Tabnabbing Jan 2012

Comments Posted by wildrank on Wednesday, January 11, 2012
Hello Friends, in my previous article we discussed on TABNABBING today i am going to explain you How To Hack Gmail Account Password using Tabnabbing method.

Tabnabbing is a modern type of phishing method used to hack websites passwords. As we all know normal Phishing attack is easily detectable on many site such as Facebook,Gmail, yahoo etc.

Like Facebook has implemented an extra code that validates the previous arriving URL and some basic functions. If it founds that page from which you arrived is a Facebook Phish or fake page, it displays a warning message to user that You have been arrived from fraudulent or fake page. So please change you Facebook account password immediately. So Victim easily came to know that was made fool by someone and he changes his account password again.

For more information about Tabnabbing and how to How to protect yourself from Tabnabbing click here
tabnabbing
You might be interested in some of our other articles:
Don’t forget to Subscribe to our RSS feed

Hack Gmail Account Password Using Tabnabbing Jan 2012


1. Free Download Gmail Tabnabbing to hack Gmail Account Password.
    Password: www.wildhacker.com

2. Extract the folder "gmail tabnabbing-fake page"

3. Now, to any anonymous webhost (any u like), upload this all the files which are in Auto Tab Nabbing folder. You can use my3gb.com110mb.com or freewebhost.com or t35.com for this as they are free.

4. After successfull upload, Check whether the hack is working, click on the index.html link and open it , Now open few new tabs , After some time you will see google page switched to your fake gmail login (login.html) page.

5. To make url (name.webhost.com/index.html) short read this article "How To Hide a Url | Change Url | Mask Url".

6. Now read this Article about Fake Mailer : How To Send Anonymous Email

7. Now, send index.html page to victim inbox of which u want to hack Gmail account password.

8. When, he will login with this Gmail phisher to his Gmail account, a new file "password.html" will be created which will contain gmail hacked password in plain text form and he will be redirected to Facebook.com/careers page to avoid suspecion.

Update: If you want to hack facebook and other email account passwords, please use the best Hacking Software- Winspy Keylogger which is FUD (Fully UnDetectable). This is personally recommeded keylogger from wildhacker.

Thus, now you can
hack Gmail account passwords
using this Gmail hacking new technique Tabnabbing. If you have any problem in using this Gmail Tabnabbing/Phisher to hack Gmail account password, mention it in comments section.

Enjoy Gmail Hacking using Tabnabbing .....


Tuesday, January 3, 2012

Hack Website : Remote File Inclusion Tutorial For Website Hacking Part 5

Comments Posted by wildrank on Tuesday, January 03, 2012
As we all know,On WildHacker we have discussed various website hacking tutorials - How to find a vulnerable Website? , Basic information of website hacking, XSS Tutorial and (CSRF/XSRF). Today i am writing this one more 5th article on website hacking using Remote File Inclusion (RFI). In this article I will be showing you how to perform an RFI or Remote File Inclusion attack. This exploits are very simple and are only found in about 1 in every 10 sites - they are still allot of fun to exploit. In this tutorial i will show you how to take advantage of this coding error and possibly take control of the site.

A Remote File Inclusion vulnerability is where we trick the web server in to putting our file (file uploader / php shell) in to the web page. It then parses our PHP script and we then have full control over the server. The exploit works because when a website calls another page to be displayed except, we edit the url so that the website thinks our shell is the page to display.

To perform Remote File Inclusion will require :
  • A Vulnerable site
  • A site with PHP enabled
       ....................................................................................just read on.

website hacking using RFI

You might be interested in some of our other articles:
Don’t forget to Subscribe to our RSS feed



 
  • Gmail Hacking

    Wants to hack Gmail a/c password ? Learn best way to hack Gmail password..

  • Jailbreak Iphone/iPad

    Jailbreak your Iphone or iPad to give it more functionality free of cost...

  • Facebook Hacking

    Wants to hack Facebook password? But Don't Know Where to Start? Learn here......

  • MAC Keylogger

    Learn how to hack emails account password on MAC OS using keylogger....

  • Mobile Hacking

    Monitor mobiles,Records the activities of anyone who uses iPhone, BlackBerry....

Disclaimer

ALL INFORMATION / TUTORIALS WRITTEN ON WILDHACKER.COM ARE FOR EDUCATIONAL PURPOSES ONLY, THE SITE WILDHACKER.COM IS NOT RESPONSIBLE IN ANY WAY FOR HOW THIS INFORMATION IS USED, YOU USE IT AT YOUR OWN RISK. YOU MAY LEARN ALSO HOW TO GET YOUR OWN ACCOUNT BACK FROM ALL THIS INFRORMATION.

Recipes

Unlock Iphone Website Hacking

Facebook Hacking Keylogger

Unlock Blackberry Unlock Modem

Gmail Hacking Hack Yahoo

Hotmail Hacking Remote Hacking

Traffic / Ranking

Powered by:

Wild Hacker © 2012. All Rights Reserved | Contact | Bloggers.com