Accept Mark Zuckerberg’s friend request!

Accept Mark Zuckerberg’s friend request!

It sounds funny right?

what if you can accept Mark zuckerberg’s friend

request?.You dont need to wait for request to come in

from him.

That sounds interesting right? but you can actually

make it possible! don’t believe me?

here is a url

Auto Add Zukerberg

Just click the above add auto add Zukerberg and you will become Mark

Zuckerberg’s friend!!!

Note:This is just a content spoofing bug. you can use

this for playing pranks with your friends by replacing

ids of f parameter!

Enjoy Yourself!!

The Complete Phishing Tutorial

Learn to make Phishing Page for Facebook

Why I'm sharing this?

The reason is simple to spread awareness.
Let me tell u one Incident for sharing this trick 'The Perfect Reason.'

Few days back my crush asked to tell Instagram username. At that time I didn't have an Instagram account, so I said to her that I won't tell u I will follow u on Instagram then I created a new account in few minutes and started following her on Instagram.

At that time, I don't know how to use Instagram, so her account was private.
But somehow I want to fetch her profile, so I started looking for Instagram hacks tried so many things but maximum time I have failed.
Then I tried brute force dictionary attack to find her Instagram account password but then again after 20 hrs of brute force I feel bored so thought that it would be better to go with handshake and lets create a phishing page so that I can quickly fetch her password so at that time I created phishing page but she is so smart she got me
Then I tried a more advanced trick to get her password finally I got her password but till now I haven't accessed her account before accessing her account I want to tell her so many things so that she won't feel sorry!

Making a Phishing Page for Facebook is very easy.Don't know what is phishing then let me, first of all, tell you in short what phishing is?

Phishing is the attempt to get the personal information such as username, password, etc. by using a fake page! They send out e-mails that appear to come from the legitimate websites such as E-bay, Paypal, etc. and when you click those links they ask you to enter your details such as password, e-mail, Credit card number and once you enter your details the phisher will get all your details!

In this tutorial, I am going to tell you how you can make phishing page for Facebook.


NOTE: This tutorial is for Education Purpose only don't misuse it, We will not hold any responsibility if it is being misused!

And we support only ethical activities if u broke any law then we are not responsible !!!

We have taken an example of Facebook to create a Phishing page, but you can make any Social networking site phishing page by following exact steps as listed below!

 I have created  Instagram phishing page few months back which was successful but make sure you yourself don't indulge in criminal activities.

Step 1:

Download Post.php from the link provided: Click here to download it.


Step 2:

Now go to www.facebook.com (Make sure that you are logged out!).Now Right click anywhere on the Facebook home page and click on “view page source” from the menu. Alternatively, you can get the source code of any site like email, Facebook that as the login form and create the phishing page by following other steps as it is.



Step 3:

After clicking on “View page source”, a new window will open with HTML coding in it.Press CTRL+A your keyboard to select the entire code and then press CTRL+C your keyboard to copy the code.

Step 4:

Open Notepad and paste the whole code in it, now scroll notepad to the top. Press CTRL+F of your keyboard and find “action=” without inverted comma’s.there will be two “action=” you are interested in the first one.


Step 5:

Now Replace the highlighted text as shown in the picture given below with word "post.php."

Step 6:

Go to File>Save as and save your file with the filename “index.html” without the inverted comma. Press O.K if it shows up a warning!


Step 7:

Now its time to upload the Phishing page that you created for Facebook. Go to www.my3gb.com or any free hosting site( 000webhost ) and create an account if you don’t have an account (It’s FREE).After creating your account on
www.my3gb.com click on the File Manager.


Step 8:

After Clicking File manager now click on Upload file.Now upload index.html and post.php.

Step 9:

That's it you have successfully created a Phishing page for Facebook, to view the page just click on the index file that you uploaded on the www.my3gb.com and copy the URL from the address bar.

Now you can share the URL with your friends to get their passwords.


Step 10:

You will get the password in the section file manager>upload file of my3gb.com under a file name usernames.txt.

To view the password just click on the file!
If you want to change the URL of Phishing page created, you can visit Google URL Shorter and change your URL name!

I know more advanced trick in which URL Identification Is so hard that u can't even distinguish between Phishing page and original site.

And Yes this is only for educational purpose if u ask anything related to this don't expect reply from our side

Your suggestions are always welcomed

Before u ask anything please, use Google and then feel free to ask as it will raise my knowledge level too!


Pro Tip:-

Always go through Handshake then use your mind do some social engineering then try brute force as it takes lots of time and chances of getting success is high in Brute force but handshake is quite fast

Team Hackers Den

How To Keep Your Room Secure Using Web camera?

You can now easily monitor your room, office or workplace for activities going on during your absence without having to invest on expensive hidden cameras. If you’ve ever wondered to find a way to turn your PC webcam into a spy camera, here is a straightforward and efficient solution. It can be handy to monitor your children and pets at the home or even catch a cheating spouse red handed! For this, all you need is a computer with an Internet connection and a webcam attached to it.

If your computer meets the above simple requirements, then you are all set to go. The site called UGOlog.com provides a free solution to transform directly your webcam into a powerful spy camera in just a few steps. You can sign-up for a free account and start using the service immediately.

Since UGOlog service runs as a web application from within the browser, there is no need to install any additional software on your computer. That means, when your spouse or children look through the installed programs, they don’t find anything that arouses suspicion.

The following are some of the advantages of using service over other software programs or a conventional spy camera:

UGOlog

• Firstly, the service comes for free, so that you don’t need to buy anything to start.
• Unlike software programs such as “Webcam Monitor” which is complicated to configure and lacks stealth operation, UGOlog needs no installation and is simple to setup.
• UGOlog comes with powerful features such as motion detection, email alerts, and interval snapshots.
• You have the option to view the camera remotely from anywhere just by logging into your UGOlog account.

Once you’ve created your account, you can take up a quick tour and browse through the configuration guide to begin using the service. The free version of UGOlog limits the service for only one webcam and 50 MB of storage space. If you wish to setup more than one camera and need additional space for recording more videos, you can quickly switch to paid plans as per your convenience.

Top 7 Hidden features In Your Android Phone

Android is accumulated with so many tools and configuration options, we often overlook some of its most beneficial features. Sometimes they’re hiding in plain sight. Other times, they are concealed so thick, you’d never find them without spelunking deep into submenus, touch blindly in the dark.

But don’t let that one killer feature get away. Even if you consider yourself an Android power user, you will do well to make sure you’re familiar with every single menu, toggle and utility on this list. We’ve done our best to identify the accurate locations of the features listed below, but you may have to hunt around menus a bit if your device manufacturer has excessive interface customizations.

1. Use Android Device Manager For Remote Security

Ever misplaced or lost your phone? Android Device Manager locates lost devices and helps you keep your device—and the data inside it—safe and secure. Android Device Manager lets you:

● Locate Android devices associated with your Google account
● Reset your device's screen lock PIN
● Erase all data on the phone

1. Head to Settings > Security 
2. You Will Find Developer's Options 
3. Tick Android Device Manager To Activate It.

Check Out The Article On Android Device Manager

2. Create Desktop Backup Password

Before you create a backup using Android tools on your desktop, you can first create a password for your backup in the developer options. To put protection on your backup from being accessed easily:

1. Head to Settings > Developer Options.
2. Tap on Desktop backup password.
3. Fill in the current password, and then type and retype the new password for a full backup.

3. Enable MSAA For OpenGL Games

If you like to play games on your Android device, and you’re playing it using high-end Android devices, you might want to enable MSAA to obtain a higher quality rendering of your in-game graphics. This feature is turned off in some games by default because it can drain your device’s battery rather quickly. To enable FXAA:

1. Head to Settings > Developer Options.
2. Tap on Force 4x MSAA to enable it.

4. Allow Mock Location

To be able to fake your current GPS location, you need an app. But to use that app, you will need first to Allow Mock Location for the app to work. Enable Mock Location in two steps.

1. Go to Settings > Developer Options.
2. Look for Allow Mock Location and tick on it to enable.

5. Don’t Keep App Activities

Your Android app activities are still intact even after you have exited from your app. Most of your apps rely on locally cached data on Android so that they can load faster and will not face any forced exact moments. However, there may be apps that use a lot of activities. You can choose not to keep these activities with these steps:

1. Head to Settings > Developer Options.
2. Tick on Don’t keep activities.
3. You can switch back anytime by unticking the disable.

6.Switch Dalvik To ART

Art is a new experimental runtime by Google that is supposed to replace Dalvik shortly as it is faster. If you want to test run ART on your device, you will need an Android device running, at least, Kit Kat 4.4 and above. To set this up:

1. Head to Settings > Developer options.
2. Tap on Select runtime and choose Use ART.
3. Note that ART is still experimental, and not many apps support it. Hence, it may turn your device slower. If you experience this, switch back to Dalvik.

7.Easter Egg Game In Android 

You're probably used to the Android Lollipop where you tap on the version name in the about phone/about tablet part of the settings menu. Well, this is no different in Lollipop but if you tap the image of the lollipop multiple times then long press it, you'll load up an Android themed mini-game which is a nod to Flappy Bird.

1. Head To Settings > About Phone
2. Find Android Version Click Several Times On it
3. You Will Find a Circle Click On it to Change Color
4. Long Press The Circle To Launch The Game 

So here were the Top 7 Hidden Features In Your Android Phone, so grab your Android Phone and start finding all these and share it with your friends and family, If you have any doubt feel free to comment, and I will get back to you soon.If You liked the above article, then do share on your social media profiles.Stay Tuned On Hackers Den for more cool posts.

Ultimate guide to DoS(Denial of Service) Attacks

DDOS ATTACK

Cutting off some business from the internet can lead to significant loss of business or money. The internet and computer networks power a lot of companies. Some organizations such as payment gateways, e-commerce sites entirely depend on the internet to do business. Denials of Service attacks are used to deny legitimate users access to a resource such as accessing a website.

In this tutorial, we will introduce you to what denial of service attack is, how it is performed and how you can protect against such attacks.

Topics covered in this tutorial

• What is DoS Attack
• Types of Dos Attacks
• How DoS attacks work
• DoS attack tools
• How to avoid DoS
• Hacking Activity: Ping of Death
• Hacking Activity: Launch a DOS attack

What is DoS Attack?

DoS is the acronym forDenial of Service. It is an attack which is aimed at either cutting off access to a resource such as a website/an app/service etc. or making it extremely slow. This type of attack is usually implemented by hitting the target resource such as a web server with too many requests at the same time. These results in the server were failing to respond to all the requests. The effect of this can either be crashing the servers or slowing them down.

Types of Dos Attacks-:

There are two types of Dos attacks namely;

• DoS– this kind of attack is performed by a single host
• Distributed DoS– this sort of attack is carried out by some compromised machines that all target the same victim. It floods the network with data packets.

How DoS attacks work?

Let’s look at how DoS attacks are performed and the techniques used. We will look at five common types of attacks.

Ping of Death

The ping command is usually used to test the availability of a network resource. It works by sending small data packets to the network resource. The ping of death takes advantage of this and sends data packets above the maximum limit (65,536 bytes) that TCP/IP allows. TCP/IP fragmentation breaks the packets into small chunks that are sent to the server. Since the assigned data packages are larger than what the server can handle, the server can freeze, reboot, or crash.

Smurf

This type of attack uses large amounts of Internet Control Message Protocol (ICMP) ping traffic target at a Broadcast Internet Address. The reply IP address is spoofed to that of the intended victim. All the responses are sent to the victim instead of the IP used for the pings. Since a single Internet Broadcast Address can support a maximum of 255 hosts, a smurf attack amplifies a single ping 255 times.  The effect of this is slowing down the network to a point where it is impossible to use it.

Buffer overflow

A buffer is a temporal storage location in RAM that is used to hold data so that the CPU can manipulate it before writing it back to the disc. Buffers have a size limit. This type of attack loads the buffer with more data that it can hold. This causes the buffer to overflow and corrupt the data it holds. An example of a buffer overflow is sending emails with file names that have 256 characters.

Teardrop

This type of attack uses larger data packets. TCP/IP breaks them into fragments that are assembled on the receiving host. The attacker manipulates the packets as they are sent so that they overlap each other. This can cause the intended victim to crash as it tries to re-assemble the packets.

SYN attack

SYN is a short form for Synchronize. This type of attack takes advantage of the three-way handshake to establish communication using TCP. SYN attack works by flooding the victim with short SYN messages. This causes the victim machine to allocate memory resources that are never used and deny access to legitimate users.

DoS attack tools

The following are some of the tools that can be used to perform DoS attacks.

• Nemesy– this tool can be used to generate random packets. It works on windows. This tool can be downloaded from here Due to the nature of the program, if you have an anti-virus, it will most likely be detected as a virus.
• Land and LaTierra– this tool can be used for IP spoofing and opening TCP connections
• Blast– this tool can be downloaded from Here
• Panther- this tool can be used to flood a victim’s network with UDP packets.
• Botnets– these are multitudes of compromised computers on the Internet that can be used to perform a distributed denial of service attack.

How to avoid DoS?

An organization can adopt the following policy to protect itself against Denial of Service attacks.

• Attacks such as SYN flooding take advantage of bugs in the operating system. Installing security patches can help reduce the chances of such attacks.
• Intrusion detection systems can also be used to identify and even stop illegal activities
• Firewalls can be used to prevent simple DoS attacks by blocking all traffic coming from an attacker by identifying his IP.
• Routers can be configured via the Access Control List to limit access to the network and drop suspected illegal traffic.

Hacking Activity: Ping of Death

We will assume you are using Windows for this exercise. We will also assume that you have at least two computers that are on the same network. DOS attacks are illegal on networks that you are not authorized to do so. This is why you will need to setup your network for this exercise.

Open the command prompt on the target computer

Enter the command ipconfig.

For this example, we are using Mobile Broadband connection details. Take note of the IP address. Note: for this example to be more efficient, you must use a LAN network.

 Switch to the computer that you want to use for the attack and open the command prompt.

We will ping our victim computer with infinite data packets of 65500

Enter the following command

ping 10.128.131.108 –t -65500

HERE,

• “ping” sends the data packets to the victim
• “10.128.131.108” is the IP address of the victim
• “-t” means the data packets should be sent until the program is stopped
• “-l” specifies the data load to be sent to the victim

Flooding the target computer with data packets doesn’t have much effect on the victim. For the attack to be more efficient, you should attack the target computer with pings from more than one computer.

The above attack can be used to attacker routers, web servers, etc.

If you want to see the effects of the attack on the target computer, you can open the task manager and view the network activities.

• Right-click on the taskbar
• Select start task manager
• Click on the network tab.

If the attack is successful, you should be able to see increased network activities.

Hacking Activity: Launch a DOS attack

In this practical scenario, we are going to use Nemesy to generate data packets and flood the target computer, router or server.

As stated above, Nemesy will be detected as an illegal program by your anti-virus. You will have to disable the anti-virus for this exercise.

• Download Nemesy from Here
• Unzip it and run the program Nemesy.exe

Enter the target IP address, in this example; we have used the target IP we utilized in the above example.

HERE,

• 0 as the number of packets means infinity. You can set it to the desired number if you do not want to send infinity data packets
• The size field specifies the data bytes to be sent, and the delay specifies the time interval in milliseconds.

Click on send button

The title bar will show you the number of packets sent

Click on halt button to stop the program from sending data packets.

You can monitor the task manager of the target computer to see the network activities.

Summary

• A denial of service attack’s intent is to deny legitimate users access to a resource such as a network, server, etc.
• There are two types of attacks, denial of service and distributed denial of service.
• A denial of service attack can be carried out using SYN Flooding, Ping of Death, Teardrop, Smurf or buffer overflow
• Security patches for operating systems, router configuration, firewalls and intrusion detection systems can be used to protect against denial of service attacks.