Crack Latest Version Of Internet Download Manager IDM easily

Internet Download Manager ( IDM ) is the best download manager all we know but its not freeware means they are just providing the trial version for 1 month and after that IDM will ask for the serial key. without Original serial key IDM will not work. Because whenever you enter the serial key it will verify with its database and after that it will accept the serial key. so we need to crack it manually so just follow the simple steps.

1. Go to C:\Windows\System32\drivers\etc now you can see some files are there and double click on hosts file and open it with notepad.

2. You can see how its look like.


Now just paste this code after localhost

127.0.0.1 tonec.com
127.0.0.1 www.tonec.com
127.0.0.1 registeridm.com
127.0.0.1 www.registeridm.com
127.0.0.1 secure.registeridm.com
127.0.0.1 internetdownloadmanager.com
127.0.0.1 www.internetdownloadmanager.com
127.0.0.1 secure.internetdownloadmanager.com
127.0.0.1 mirror.internetdownloadmanager.com
127.0.0.1 mirror2.internetdownloadmanager.com

And save it . But if you are windows7 user then it will not allow you to make a change in that file , and I have also solution for that .

3. Right click on hosts file and select security tab (I have hide my user name)



4. Now select USERS after that click on EDIT


5. You can see one dialog box will open and in that select  users


6. Now you can see we don’t have write permission now just select full control.


7.After that just simply click OK


8.And one dialog box will open in that just press yes.


Now you can save hosts file in windows 7. and after that add this serial key.

HUDWE-UO689-6D27B-YM28M

and click ok and you have done !

Read More

Acunetix Web Vulnerability Scanner 7.0 [Crack] [Full]

Audit your website security with Acunetix Web Vulnerability Scanner 

As many as 70% of web sites have vulnerabilities that could lead to the theft of sensitive corporate data such as credit card information and customer lists. 

Hackers are concentrating their efforts on web-based applications - shopping carts, forms, login pages, dynamic content, etc. Accessible 24/7 from anywhere in the world, insecure web applications provide easy access to backend corporate databases. 

Firewalls, SSL and locked-down servers are futile against web application hacking! 

Web application attacks, launched on port 80/443, go straight through the firewall, past operating system and network level security, and right in to the heart of your application and corporate data. Tailor-made web applications are often insufficiently tested, have undiscovered vulnerabilities and are therefore easy prey for hackers. 

Acunetix - a world-wide leader in web application security 

Acunetix has pioneered the web application security scanning technology: Its engineers have focused on web security as early as 1997 and developed an engineering lead in web site analysis and vulnerability detection. 

Acunetix Web Vulnerability Scanner includes many innovative features: 

AcuSensor Technology An automatic client script analyzer allowing for security testing of Ajax and Web 2.0 applications Industries' most advanced and in-depth SQL injection and Cross site scripting testing Advanced penetration testing tools, such as the HTTP Editor and the HTTP Fuzzer Visual macro recorder makes testing web forms and password protected areas easy Support for pages with CAPTHCA, single sign-on and Two Factor authentication mechanisms Extensive reporting facilities including VISA PCI compliance reports Multi-threaded and lightning fast scanner crawls hundreds of thousands of pages with ease Intelligent crawler detects web server type and application language Acunetix crawls and analyzes websites including flash content, SOAP and AJAX Port scans a web server and runs security checks against network services running on the server

 

Download

Read More

Zemana AntiLogger 1.9.2.513 with Keygen

Anti-Logger, developed to deal with different kinds of malware threats, protects your banking passwords, private emails & chat conversations from spying proactively without needing a signature-based algorithm and includes powerful, anti-action methods. 

AntiLogger prevents all known forms of malwares which intend to carry out information theft. As AntiLogger uses a proactive and a unique way to detect potentially harmful applications which have not already been recognized or identified by any anti-virus programs consequently, it protects your 'Information Security' from a range of threats. 

Modules: Anti-SSL Logger, Anti-WebCam Logger and Anti-ClipBoard Logger are the first security solutions developed in the world. Also, you will realize that these modules have the best features if compared to similar applications. 

Anti-KeyLogger Module provides a new powerful protection against keyloggers which have not been even caught by known, the most popular security softwares in the world. 

Here are some key features of "Zemana AntiLogger": 

· Anti-SSL Logger Module that provides protection against SSL Logger 
· Anti-WebCam Logger that provides protection against WebCam Logger 
· Anti-Key Logger Module that provides protection against Key Logger 
· Anti-Screen Logger that provides protection against Screen Logger 
· Anti-Clipboard Logger that provides protection against ClipBoard Logger 
· System Defence Module that protects your system 

Requirements: 

· Minimum 50 MB Hard Disk Space 
· Minimum 128 MB Ram 
· Minimum Intel Pentium 300 MHz Processor (or equivalent) 

Download: 

ZEMANA ANTILOGGER LATEST VERSION:

Download from cnet

 

Keygen Download: 

 

download keygen  

Read More

Ardamax Keylogger v3.8.9 Latest [Full] with serial key

 

Ardamax Keylogger is a keystroke recorder that captures user's activity and saves it to an encrypted log file. The log file can be viewed with the powerful Log Viewer. Use this tool to find out what is happening on your computer while you are away, maintain a backup of your typed data automatically or use it to monitor your kids. Also you can use it as a monitoring device for detecting unauthorised access. Logs can be automatically sent to your e-mail address, access to the keylogger is password protected. Besides, Ardamax Keylogger logs information about the Internet addresses the user has visited.

This invisible spy application is designed for 2000, XP, 2003, Vista and Windows 7.

Keylogger Features:

* Email log delivery - keylogger can send you recorded logs through e-mail delivery at set times - perfect for remote monitoring!

* FTP delivery - Ardamax Keylogger can upload recorded logs through FTP delivery.

* Network delivery - sends recorded logs through via LAN.

* Clipboard logging - capture all text copied to the Windows Clipboard.

* Invisible mode makes it absolutely invisible to anyone. Ardamax Keylogger is not visible in the task bar, system tray, Windows 2000/XP/2003/Vista/Windows 7 Task Manager, process viewers (Process Explorer, WinTasks etc.), Start Menu and Windows Startup list.

* Visual surveillance - periodically makes screenshots and stores the compressed images to log.

* Chat monitoring - Ardamax Keylogger is designed to record and monitor both sides of a conversation in following chats:

o AIM

o Windows Live Messenger 2011

o ICQ 7

o Skype 4

o Yahoo Messenger 10

o Google Talk

o Miranda

o QiP 2010

* Security - allows you to protect program settings, Hidden Mode and Log file.

* Application monitoring - keylogger will record the application that was in use that received the keystroke!

* Time/Date tracking - it allows you to pinpoint the exact time a window received a keystroke!

* Powerful Log Viewer - you can view and save the log as a HTML page or plain text with keylogger Log Viewer.

* Small size – Ardamax Keylogger is several times smaller than other programs with the same features. It has no additional modules and libraries, so its size is smaller and the performance is higher.

* Ardamax Keylogger fully supports Unicode characters which makes it possible to record keystrokes that include characters from Japanese, Chinese, Arabic and many other character sets.

* It records every keystroke. Captures passwords and all other invisible text.

Other Features:

* Windows 2000/2003/XP/Vista/Windows 7 support

* Monitors multi-user machines

* Automatic startup

* Friendly interface

* Easy to install

Enjoy;)

Download: This file is full Ardamax (Latest) Keylogger with no activation needed, downloaded from their official site. Just Downlaod and ENJOY ;)

ARDAMAX 3.8.9 ::: HERE (without remote package)


ARDAMAX 3.7.8 :::Download (FULL)


Ardamax 3.7.6:::Download (FULL

SERIAL KEY :
==========

Name: Luiz Ricardo P Oliveira
serial: 3F1A-54F8-032C

Read More

Internet Download Manager 6.09 Build 3 Final.

Internet Download Manager (IDM) is a tool to increase download speeds by up to 500 percent, resume and schedule downloads. Comprehensive error recovery and resume capability will restart broken or interrupted downloads due to lost connections, network problems, computer shutdowns, or unexpected power outages. Simple graphic user interface makes IDM user friendly and easy to use. 

Internet Download Manager has a smart download logic accelerator that features intelligent dynamic file segmentation and safe multipart downloading technology to accelerate your downloads. Unlike other download accelerators and managers that segment files before downloading starts, Internet Download Manager segments downloaded files dynamically during download process. Internet Download Manager reuses available connections without additional connect and login stages to achieve better acceleration performance. 

Internet Download Manager supports proxy servers, ftp and http protocols, firewalls, redirects, cookies, directories with authorization, MP3 audio and MPEG video content processing, and a large number of directory listing formats. IDM integrates seamlessly into Microsoft Internet Explorer, Netscape, MSN Explorer, AOL, Opera, Mozilla, Mozilla Firefox, Mozilla Firebird, Avant Browser, MyIE2, and all other popular browsers to automatically handle your downloads. You can also drag and drop files, or use Internet Download Manager from command line. Internet Download Manager can dial your modem at the set time, download the files you want, then hang up or even shut down your computer when it's done. 

Key features of Internet Download Manager: 

* All popular browsers and applications are supported! Internet Download Manager supports all versions of popular browsers, and can be integrated into any 3rd party Internet applications. 
* Download with one click. When you click on a download link in a browser, IDM will take over the download and accelerate it. IDM supports HTTP, FTP and HTTPS protocols. 
* Download Speed. Internet Download Manager can accelerate downloads by up to 5 times due to its intelligent dynamic file segmentation technology. 
* Download Resume. Internet Download Manager will resume unfinished download from the place where they left off. 
* Simple installation wizard. Quick and easy installation program will make necessary settings for you, and check your connection at the end to ensure trouble free installation of Internet Download Manager 
* Automatic Antivirus checking. Antivirus checking makes your downloads free from viruses and trojans. 
* Advanced Browser Integration. When enabled, the feature can be used to catch any download from any application. None of download managers have this feature. 
* Built-in Scheduler. Internet Download Manager can connect to the Internet at a set time, download the files you want, disconnect, or shut down your computer when it's done. 
* IDM supports many types of proxy servers. For example, IDM works with Microsoft ISA, and FTP proxy servers. 
* IDM supports main authentication protocols: Basic, Negotiate, NTLM, and Keberos. Thus IDM can access many Internet and proxy servers using login name and password. 
* Download All feature. IDM can add all downloads linked to the current page. It's easy to download multiple files with this feature. 
* Customizable Interface. You may choose the order, and what buttons and columns appear on the main IDM window. 
* Download Categories. Internet Download Manager can be used to organize downloads automatically using defined download categories. 
* Quick Update Feature. Quick update may check for new versions of IDM and update IDM once per week. 
* Download limits. Progressive downloading with quotas feature. The feature is useful for connections that use some kind of fair access policy (or FAP) like Direcway, Direct PC, Hughes, etc. 
* Drag and Drop. You may simply drag and drop links to IDM, and drag and drop complete files out of Internet Download Manager.
* IDM is multilingual. IDM is translated to Arabic, Bosnian, Bulgarian, Chinese, Croatian, Czech, Danish, Dutch, French, German, Hungarian, Italian, Japanese, Lithuanian, Macedonian, Polish, Portuguese, Romanian, Russian, Slovenian, Spanish, Thai languages. 

DOWNLOAD

Read More

Split Large files easily-GSplit!

Welcome to GSplit! This application is a free original file splitter that lets you split your large files (like Self-Extracting archives, Zip archives, multimedia, song, music, movie, backup, picture, archive, log, large text, document files...) into a set of smaller files called pieces.

These pieces are easier to:

* copy to floppy or any removable media disks.
* distribute over the Internet, networks.
* send by email (forget attached file size restrictions imposed by some ISP, pop3, SMTP and other e-mail servers).
* archive to Zip disk, CD, DVD, USB Flash drive and key, and any other storage support.
* upload to host accounts, file delivery services, online file hosting sites... that have restrictions on file sizes.
* share with friends, colleagues or other users through networks and the Internet.
* exchange using Instant Messaging clients or Instant Messenger programs...

What can GSplit do?
In addition to the features of other standard file splitters, GSplit can:

* Create two types of pieces: disk spanned and blocked (specific size). You can enter the size for each piece file, the number of pieces you want to obtain, or the number of lines / occurrences of a pattern by piece.
* Generate small full-featured Self-Uniting programs to restore your split files professionally. They provide your users with an intuitive Windows interface whose appearance can be customized according to your needs. GSplit is then not required in order to restore the split file.
* Store file properties and restore them: file's date, attributes are not lost contrary to batch files.
* Perform fast checks to detect file corruption (size, offset, CRC32) and to give you the assurance that your files are successfully restored by your users. When a piece is corrupted, you are notified about it, so you just need to get a new copy of that piece, not the whole set.
* Split very large files (bigger than 4 GB).
* Customize piece files according to your needs (size, filenames, title, author...), leave additional space on disks, create pieces without headers (useful for text-based files like large server log files).
* Support splitting multiple files back-to-back in one time, include batch (automating) and command line options.
* Work in your own language: multilanguage support is available (English, French - Français...) for GSplit, GUnite and Self-Uniting programs.
* Split large text and similar files like large server log files by number of lines or occurrences of a specified pattern.
* Show you elapsed and estimated times during the splitting & uniting operations. You can also pause/resume the splitting operation.
* Store settings into profiles and let you use these settings for different files, remember MRU files and folders, automatically try to find out the best splitting settings...
* Integrate Windows Explorer to let you split your files directly from the context menu.

GSplit finally features an intuitive graphical user interface that makes operations easy and fast. It also provides you with advanced options for pieces and Self-Uniting executable files... GSplit lets you split any file in a snap!

Select one of these links to download GSplit 2.1 to your computer.

* Please download GSplit from Download.com (Highly recommended.)

* Site 1

* Site 2

About this download:

* Filename: GSPLITS.EXE (or similar)
* Size: 1386kb
* Version reference: 2.1.0

Read More

Free Sound Recorder - Easy, Free Recording

Free Sound Recorder does exactly as it sounds -- it is an easy-to-use FREE software program that lets you record any sounds from your sound card and save the recording directly into MP3, WMA or WAV files.
Free Sound Recorder is a perfect audio recorder to record your own voice, music or any other sound by working directly with your sound card. It supports the record input/source from a microphone, streaming audio from the Internet, external input devices (e.g. CDs, LP, music cassettes, phone line etc.) as well as other applications like Winamp, Media Player, etc. With built-in advanced audio record engine, the recorder produces high quality recordings.

If you're looking for an application to help you for audio recording, you won't be disappointed in Free Sound Recorder!

Main Features of Free Sound Recorder

* Allows you to record audio into MP3, WMA or WAV format directly.
* Allows you to pre-define audio recording qualities to help quickly set and manage recording parameters.
* Built-in advanced audio record engine to produce high quality recording.
* Allows you to preset/preview your audio recording device before starting record.
* Build-in WMA WAV MP3 decoder.

System Requirements

* OS: Windows 98/Me/2000/2003/XP, Windows Vista or better
* CPU: >750MHz Intel or AMD CPU
* RAM: 64 MB RAM or above

{Download]

Read More

Keylogger - collection

Keystroke logging (often called keylogging) is a diagnostic tool used in software development that captures the user's keystrokes. It can be useful to determine sources of error in computer systems and is sometimes used to measure employee productivity on certain clerical tasks. Such systems are also highly useful for law enforcement and espionage—for instance, providing a means to obtain passwords or encryption keys and thus bypassing other security measures. However, keyloggers are widely available on the Internet and can be used by private parties to spy on the computer usage of others.

Writing software applications for keylogging is trivial, and like any computer program can be distributed as a trojan horse or as part of a virus. What is not trivial however, is installing a keystroke logger without getting caught and downloading data that has been logged without being traced. An attacker that manually connects to a host machine to download logged keystrokes risks being traced. A trojan that sends keylogged data to a fixed e-mail address or IP address risks exposing the attacker.

lets see some of the key logger's

Local Keylogger Pro 3.1 - Local Keylogger Pro allows you to monitor all users' activity on any computers in real time and record each computer's usage history. Local Keylogger Pro makes it easy to view, in real time, the screenshots of the any computers, all typed keystrokes, visited Web sites, used programs. You can view a list of running processes and terminate undesirable ones. Local Keylogger Pro can record all user activity to the log file. This information can be exported to HTML for convenient viewing in your web browser, or exported to MHT file for analysis. This allows you to see how long users worked with particular programs, how much time they spent on Internet, what sites they visited, what they typed in e-mails or chats.[Download][Crack]

XP Advanced Keylogger 2.5 - XP Advanced Keylogger is a top-rated invisible easy-to-use surveillance tool that records every keystroke to a log file. The log file can be sent secretly with email or FTP to a specified receiver. It can also detection specified keywords and take a screenshot whenever one is typed, displaying findings in a tidy log viewer. It causes no suspicious slowdowns and takes very few system resources. all this is happening in full stealth mode so the person you are monitoring will never be aware of it.{Windows 95, NT4, 98, Me, 2000, XP} [Download][Crack]

Blazing Tools Perfect Keylogger 1.67 - Perfect Keylogger is a new generation keylogger which is absolutely undetectable. It was created as an alternative to very expensive commercial products like iSpyNow, Spector Keylogger or E-Blaster. It has the same functionality, but is significantly easier to use. Complex internal mechanisms are hidden from the user behind the friendly interface. You can install Keylogger and immediately use it without changing of its settings.

Perfect Keylogger is an extremely compact, award-winning tool. It is translated into 20 languages and is increasingly popular around the world! It lets you record all keystrokes, the time they were made and the application where they were entered. It works in the absolutely stealth mode. Stealth mode means that no button or icon is present in the Task Bar, and no process title is visible in the Task Manager list.

Also, Perfect Keylogger can carry out visual surveillance. It periodically makes screenshots in invisible mode and stores the compressed images on the disk so you can review them later.
Perfect Keylogger was the first keylogging software solution which can be absolutely invisible in the Windows NT/2000/XP/Vista Task Manager![Download][Crack]

SC Keylogger Pro V3.2 - A Commercial Key Logger is a program that captures and logs keystrokes as they are entered on the computer for the purpose of monitoring the user. The logged data, which may be encrypted, is saved or sent to the person who installed the key logger. These applications often run in stealth mode and are invisible to the user that is being monitored. Such key loggers are sold commercially and may be used legitimately if deployed by authorized administrators and disclosed to the persons being monitored, as in a business environment. The use of a key logger to monitor persons without their knowledge has been ruled illegal in at least one jurisdiction.[Download]

Hook Keylogger v2.1 - Small and stealth keylogger without an installer; simplest keylogger possible Specify log file location Uses a WH_JOURNALRECORD hooking procedure to capture everything typed Hide and unhide the interface by pressing Ctrl+Shift+F7 [Download][Crack]

Advanced Invisible Keylogger 1.8 - Advanced Invisible Keylogger is an stealth spy tool, the best spy software offered by ToolAnywhere! Advanced Invisible Keylogger runs silently at the lowest level of Windows capturing every keystroke including usernames and windows log-on passwords.

Advanced Invisible Keylogger can also capture active window text, text typed in all popular instant messengers including AOL, YAHOO, ICQ, MSN and AIM.

All Desktop activity will be recorded through Advanced Invisible Keylogger’s secret! Have reports sent to your email address at anytime secretly! Advanced Invisible Keylogger is so stealthy and hides so well that not even a computer technician with years of experience can detect it running!

The most powerful stealth program at a most affordable price! An easy-to-use stealth solution for PC and Internet surveillance. Purchase your copy today and feel safe and secure.[Download]

KLG: Download

Type: Keylogger A Plus: Download Type: Keylogger Curiosity: Download Type: Keylogger This keylogger will store all keystrokes in C:\windows\KeyLogs.txt Elitek3yl0gg3r10: Download Type: Keylogger 1)No Process Visible in any Task manager,Process explorer(2k,xp,9x) 2)Injects into Explorer.exe on startup and exiting the parent. 3)Firewall bypassing by injecting code into IE and sending mail 4)Invisible Startup, will not show in msconfig,autorun.exe (sysinternals) 5)Automatic Uninstall 6)Protucted Storage ,Cashed Passwords sender 7)No need ur own SMTP server(sending directly) to MX. 8)Remote Installer,Uninstaller 9)Built in Binder makes the keylogger same as the binded EXE(Icon,Version) 0)HTML formatted logs 11)Detect ICQ/MSN/AOL/Yahoo Chats. 12)Logging Window names,All keys typed in that window. 13)EXE Size is 12.7 KB FKS: Download Type: Keylogger Fearless Keyspy v2.0 has a very small (2.5 KB) assembly server, with a low memory usage. New features include a "webget" feature, a better GUI and lots of deeper server and editor improvements FKWP20: Download Type: Keylogger 1)logging all keystrokes 2) Download 2 urls cab files and extracting and executing the inside exes (Firewall bypass) 3) Protected storage (Outlook, IE stored passes),Cashed Dialup passes Sender 4) keystrokes ,passes will mail to the email id,daily or the log size is over 5) firewall bypassing by injecting code into IE and sending mail 6) No Process visible ,injects into Explorer.exe on startup and exiting 7) Active Setup Startup 8) EXE size is 11.9 KB 9) encrypted log file 10) File manager for controlling remote system K3Yl0G3R: Download Type: Keylogger For more hacking tools , warez , full appz , ip scanners and tons of direct illegal downloads at http://www.openpc.co.nr Key Copy: Download Type: Keylogger You use KEYCOPY to keep a record of any keyboard activity on your computer. This includes usage in Wordperfect 5.0,Multimate,Norton Editor. Keycopy copy's each keystroke to a buffer within the KEYCOPY program area. When the keycopy buffer has 200 keystrokes in memory, keycopy will copy the buffer to a file with a date and time stamp. The file default is c:\keycopy. You can specify drive,subdirectory and file name by having the parameter file called KC.PRM in the subdirectory where KEYCOPY is executed from. If you change the KC.PRM file and want the change to take effect with keycopy. The computer will have to be rebooted, and Keycopy executed again. Keycopy has been tested and used with DOS 3.3 and 4.0 and uses less than 3k of memory. skl01: Download Type: Keylogger 1)Targetted keylogging(logs only the keys from the specifyed windows) 2)keystrokes will mail to the email id,daily or the log size is over 3)firewall bypassing by injecting code into IE and sending mail 4) Deleting all Cookies at installation. 5) EXE size is 8.5kb 6) we can create  our own keylogger using the editor,we can specify the window titiles (the keys need to log),our email id,smtp server,log size)

Read More

Google search tips for hacking

Google search engine can be used to hack into remote servers or gather confidential or sensitive information which are not visible through common searches.

Google is the world’s most popular and powerful search engine. It has the ability to accept pre-defined commands as inputs which then produces unbelievable results.

Google’s Advanced Search Query Syntax


[ intitle: ]

The “intitle:” syntax helps Google restrict the search results to pages containing that word in the title.

intitle: login password


will return links to those pages that has the word "login" in their title, and the word "password" anywhere in the page.

Similarly, if one has to query for more than one word in the page title then in that case “allintitle:” can be used instead of “intitle” to get the list of pages containing all those words in its title.

intitle: login intitle: password


is same as

allintitle: login password


[ inurl: ]

The “inurl:” syntax restricts the search results to those URLs containing the search keyword. For example: “inurl: passwd” (without quotes) will return only links to those pages that have "passwd" in the URL.

Similarly, if one has to query for more than one word in an URL then in that case “allinurl:” can be used instead of “inurl” to get the list of URLs containing all those search keywords in it.

allinurl: etc/passwd


will look for the URLs containing “etc” and “passwd”. The slash (“/”) between the words will be ignored by Google.

[ site: ]

The “site:” syntax restricts Google to query for certain keywords in a particular site or domain.

exploits site:hackingspirits.com


will look for the keyword “exploits” in those pages present in all the links of the domain “hackingspirits.com”. There should not be any space between “site:” and the “domain name”.

[ filetype: ]

This “filetype:” syntax restricts Google search for files on internet with particular extensions (i.e. doc, pdf or ppt etc).

filetype:doc site:gov confidential


will look for files with “.doc” extension in all government domains with “.gov” extension and containing the word “confidential” either in the pages or in the “.doc” file. i.e. the result will contain the links to all confidential word document files on the government sites.


[ link: ]

“link:” syntax will list down webpages that have links to the specified webpage.

link:www.expertsforge.com


will list webpages that have links pointing to the SecurityFocus homepage. Note there can be no space between the "link:" and the web page url.


[ related: ]

The “related:” will list web pages that are "similar" to a specified
web page.

related:www.expertsforge.com


will list web pages that are similar to the Securityfocus homepage. Note there can be no space between the "related:" and the web page url.


[ cache: ]

The query “cache:” will show the version of the web page that Google
has in its cache.

cache:www.hackingspirits.com


will show Google's cache of the Google homepage. Note there can be no space between the "cache:" and the web page url.

If you include other words in the query, Google will highlight those words within the cached document.

cache:www.hackingspirits.com guest


will show the cached content with the word "guest" highlighted.

[ intext: ]

The “intext:” syntax searches for words in a particular website. It ignores links or URLs and page titles.

intext:exploits


will return only links to those web pages that has the search keyword "exploits" in its webpage.


[ phonebook: ]

“phonebook” searches for U.S. street address and phone number information.

phonebook:Lisa+CA


will list down all names of person having “Lisa” in their names and located in “California (CA)”. This can be used as a great tool for hackers incase someone want to do dig personal information for social engineering.

Google Hacks

Well, the Google’s query syntaxes discussed above can really help people to precise their search and get what they are exactly looking for.

Now Google being so intelligent search engine, hackers don’t mind exploiting its ability to dig much confidential and secret information from the net which they are not supposed to know. Now I shall discuss those techniques in details how hackers dig information from the net using Google and how that information can be used to break into remote servers.

Index Of

Using “Index of ” syntax to find sites enabled with Index browsing

A webserver with Index browsing enabled means anyone can browse the webserver directories like ordinary local directories. The use of “index of” syntax to get a list links to webserver which has got directory browsing enabled will be discussd below. This becomes an easy source for information gathering for a hacker. Imagine if the get hold of password files or others sensitive files which are not normally visible to the internet. Below given are few examples using which one can get access to many sensitive information much easily.

Index of /admin
Index of /passwd
Index of /password
Index of /mail

"Index of /" +passwd
"Index of /" +password.txt
"Index of /" +.htaccess

"Index of /secret"
"Index of /confidential"
"Index of /root"
"Index of /cgi-bin"
"Index of /credit-card"
"Index of /logs"
"Index of /config"


Looking for vulnerable sites or servers using “inurl:” or “allinurl:”

a. Using “allinurl:winnt/system32/” (without quotes) will list down all the links to the server which gives access to restricted directories like “system32” through web. If you are lucky enough then you might get access to the cmd.exe in the “system32” directory. Once you have the access to “cmd.exe” and is able to execute it.


b. Using “allinurl:wwwboard/passwd.txt”(without quotes) in the Google search will list down all the links to the server which are vulnerable to “WWWBoard Password vulnerability”. To know more about this vulnerability you can have a look at the following link:

http://www.securiteam.com/exploits/2BUQ4S0SAW.html

c. Using “inurl:.bash_history” (without quotes) will list down all the links to the server which gives access to “.bash_history” file through web. This is a command history file. This file includes the list of command executed by the administrator, and sometimes includes sensitive information such as password typed in by the administrator. If this file is compromised and if contains the encrypted unix (or *nix) password then it can be easily cracked using “John The Ripper”.

d. Using “inurl:config.txt” (without quotes) will list down all the links to the servers which gives access to “config.txt” file through web. This file contains sensitive information, including the hash value of the administrative password and database authentication credentials.

For Example: Ingenium Learning Management System is a Web-based application for Windows based systems developed by Click2learn, Inc. Ingenium Learning Management System versions 5.1 and 6.1 stores sensitive information insecurely in the config.txt file. For more information refer the following
links: http://www.securiteam.com/securitynews/6M00H2K5PG.html

Other similar search using “inurl:” or “allinurl:” combined with other syntax


inurl:admin filetype:txt
inurl:admin filetype:db
inurl:admin filetype:cfg
inurl:mysql filetype:cfg
inurl:passwd filetype:txt
inurl:iisadmin
inurl:auth_user_file.txt
inurl:orders.txt
inurl:"wwwroot/*."
inurl:adpassword.txt
inurl:webeditor.php
inurl:file_upload.php

inurl:gov filetype:xls "restricted"
index of ftp +.mdb allinurl:/cgi-bin/ +mailto


Looking for vulnerable sites or servers using “intitle:” or “allintitle:”

a. Using [allintitle: "index of /root”] (without brackets) will list down the links to the web server which gives access to restricted directories like “root” through web. This directory sometimes contains sensitive information which can be easily retrieved through simple web requests.

b. Using [allintitle: "index of /admin”] (without brackets) will list down the links to the websites which has got index browsing enabled for restricted directories like “admin” through web. Most of the web application sometimes uses names like “admin” to store admin credentials in it. This directory sometimes contains sensitive information which can be easily retrieved through simple web requests.

Other similar search using “intitle:” or “allintitle:” combined with other syntax

intitle:"Index of" .sh_history
intitle:"Index of" .bash_history
intitle:"index of" passwd
intitle:"index of" people.lst
intitle:"index of" pwd.db
intitle:"index of" etc/shadow
intitle:"index of" spwd
intitle:"index of" master.passwd
intitle:"index of" htpasswd
intitle:"index of" members OR accounts
intitle:"index of" user_carts OR user_cart

allintitle: sensitive filetype:doc
allintitle: restricted filetype :mail
allintitle: restricted filetype:doc site:gov



Other interesting Search Queries

· To search for sites vulnerable to Cross-Sites Scripting (XSS) attacks:

allinurl:/scripts/cart32.exe
allinurl:/CuteNews/show_archives.php
allinurl:/phpinfo.php



· To search for sites vulnerable to SQL Injection attacks:

allinurl:/privmsg.php
allinurl:/privmsg.php

Read More