Nero.Multimedia.Suite.Platinum.HD.10.6.11800 With Activation Key

Nero.Multimedia.Suite.Platinum.HD.10.6.11800 With Activation Key

http://blog-windows.blogspot.com
Nero.Multimedia.Suite.Platinum.HD.10.6.11800 With Activation Key


Multimedia Suite Platinum HD gives creative enthusiasts the professional
edge in HD video editing, burning, backup and more, all bundled into one complete
solution. It has everything that’s included in Nero Multimedia Suite 10 plus the
three Platinum extras below:

Blu-ray Disc Playback Plug-in

View Blu-ray movies in stunning picture and sound quality
* Play back Audio CDs, DVD-Videos and Blu-ray Disc movies
Read more »
Kaspersky Anti-Virus 07-11-2011

Kaspersky Anti-Virus 07-11-2011

http://blog-windows.blogspot.com
Kaspersky Anti-Virus 07-11-2011


how to activate your kaspersky 2012 With Keyfiles-

1. Download and Install Kaspersky 2012

2. Turn off/Unplug/Disconnect your internet connection

3. Click "Manage License" From Right Bottom of Kaspersky, Then click "Activate the application"
Read more »
System Speed Booster v2.8.8.8

System Speed Booster v2.8.8.8

http://blog-windows.blogspot.com
System Speed Booster v2.8.8.8


* Streamline Registry
By scanning and removing all the obsolete registry entries, System Speed Booster will make your Windows registry compact and clean to speed up the running of your PC.

* Optimize System
Problems will be found in your system, with the help of System Speed Booster you can fix all the errors for an optimization of system.
Read more »

blog-windows.com-How to Break in and Stay in (Part One) (credits


blog-windows  | How to Break in and Stay in (Part One) (credits Ronnieflip)



Share Your Knowledge................................by comment
-Regards,
blog-windows blog(sms GeniusHacker on 9870807070)or http://labs.google.co.in/smschannels/channel/GeniusHacker

blog-windows.com-How to Break in and Stay in (Part Two) (credits


blog-windows | How to Break in and Stay in (Part Two) (credits Ronnieflip)




Share Your Knowledge................................by comment-Regards, blog-windows blog(sms GeniusHacker on 9870807070)or http://labs.google.co.in/smschannels/channel/GeniusHacker

blog-windows.com-metasploit hashdump server 2008 / windows 7


blog-windows | metasploit hashdump server 2008 / windows 7




Share Your Knowledge................................by comment
-Regards,
blog-windows blog(sms GeniusHacker on 9870807070)or http://labs.google.co.in/smschannels/channel/GeniusHacker

blog-windows.com-Website Defacement and ReXploiT in action

blog-windows.com-Website Defacement and ReXploiT in action


The real reason for the defacement does NOT matter (we have no personal issues with the victim)!
Note that the bruteforce took 4 hours (had to pause the HyCam a couple of times)!

I had some problems with my video card and the new BackTrack distribution, so i had to recompile ReXploiT and do my black magic on the Microsoft's RecycleBin OS ...

The tool is not for sale (for obvious reasons)...
This video is just for educational purposes ^^
ReaL/PuppetMaster/Epilepticc/iletowest



Share Your Knowledge................................by comment
-Regards,
blog-windows blog(sms GeniusHacker on 9870807070)or http://labs.google.co.in/smschannels/channel/GeniusHacker

blog-windows.com-ReXploiT Penetration Testing Tool

blog-windows.com-ReXploiT Penetration Testing Tool


ReXploiT is a penetration testing tool written in Perl Programming Language by ReaL (PuppetMaster/Epilepticc) - owner of http://ReXploiT.Net

It can bruteforce the sys-admin account or password of the victim's MySQL or MsSQL database (using its built-in bruteforce dictionary). When it obtains the account and password, the exploit tries to inject itself into the XP_cmdshell (if it's disabled by the system, ReXploiT "revives" it - uploads the module remotely if it's possible :)

The tool is not for sale (for obvious reasons)...
This video is just for educational purposes ^^
ReaL/PuppetMaster/Epilepticc/iletowest



Share Your Knowledge................................by comment
-Regards,
blog-windows blog(sms GeniusHacker on 9870807070)or http://labs.google.co.in/smschannels/channel/GeniusHacker

blog-windows.com-Obtain router login password credentials. xHYDRA

blog-windows.com-Obtain router login password credentials. xHYDRA




Share Your Knowledge................................by comment
-Regards,
blog-windows blog(sms GeniusHacker on 9870807070)or http://labs.google.co.in/smschannels/channel/GeniusHacker

blog-windows.com-Hacking Windows Vista & Windows 7 Computers

blog-windows.com-Hacking Windows Vista & Windows 7 Computers




Share Your Knowledge................................by comment
-Regards,
blog-windows blog(sms GeniusHacker on 9870807070)or http://labs.google.co.in/smschannels/channel/GeniusHacker

blog-windows.com-Hacking - How to hack a WPA/WPA2 Router - For

blog-windows.com-Hacking - How to hack a WPA/WPA2 Router - For Beginners




Share Your Knowledge................................by comment
-Regards,
blog-windows blog(sms GeniusHacker on 9870807070)or http://labs.google.co.in/smschannels/channel/GeniusHacker

blog-windows.com-How to "hack" your Windows Vista/7/XP password.

blog-windows.com-How to "hack" your Windows Vista/7/XP password. Actually works on Vista/7 too, not just XP.




Share Your Knowledge................................by comment
-Regards,
blog-windows blog(sms GeniusHacker on 9870807070)or http://labs.google.co.in/smschannels/channel/GeniusHacker

blog-windows.com-LIVE hack of Windows 7 using Backtrack 4

blog-windows.com-LIVE hack of Windows 7 using Backtrack 4




Share Your Knowledge................................by comment
-Regards,
blog-windows blog(sms GeniusHacker on 9870807070)or http://labs.google.co.in/smschannels/channel/GeniusHacker

blog-windows.com-Metasploit SET on mac os x exploit on windows7

blog-windows.com-Metasploit SET on mac os x exploit on windows7




Share Your Knowledge................................by comment
-Regards,
blog-windows blog(sms GeniusHacker on 9870807070)or http://labs.google.co.in/smschannels/channel/GeniusHacker
blog-windows.com-Session Hijacking Basic

blog-windows.com-Session Hijacking Basic

blog-windows.com-Session Hijacking Basic

# Title: Session Hijacking Basic

| +01 - Session Fixation

| +02 - Session Hijacking

| +03 - Firesheep

Have fun :)

====== +01 - Session Fixation ======

The attacker attempts to gain access to another user's session by posing as that user.

The information for an attacker is the session identifier, because this is required for any impersonation attack. There are three common methods used to obtain a valid session identifier:

* Fixation

* Capture

* Prediction

Prediction refers to guessing a valid session identifier. With PHP's native session mechanism, the session identifier is extremely random, and this is unlikely to be the weakest point in your implementation.

Because session identifiers are typically propagated in cookies or as GET variables, the different approaches focus on attacking these methods of transfer. While there have been a few browser vulnerabilities regarding cookies, these have mostly been Internet Explorer, and cookies are slightly less exposed than GET variables. for those users who enable cookies, you can provide them with a more secure mechanism by using a cookie to propagate the session.

Fixation is the simplest method of obtaining a valid session identifier. While it's not very difficult to defend against, if your session mechanism consists of nothing more than session_start(), you are vulnerable.

To demonstrate session fixation, I'll use the following script, session-hijacking.php:

[ Begin PHP CODE ]

session_start();

if (!isset($_SESSION['visits']))

{

$_SESSION['visits'] = 1;

}

else

{

$_SESSION['visits']++;

}

echo $_SESSION['visits'];

?>

[ End PHP CODE ]

First make sure that you do not have an existing session identifier (perhaps delete your cookies), then visit this page with ?PHPSESSID=123456789 appended to the URL. Next, with a completely different browser (or even a completely different computer), visit the same URL again with ?PHPSESSID=123456789 appended. You will notice that you do not see 1 output on your first visit, but rather it continues the session you previously initiated.

If there isn't an active session associated with a session identifier that the user is presenting, then regenerate it just to be sure:

[ Begin PHP CODE ]

session_start();

if (!isset($_SESSION['initiated']))

{

session_regenerate_id();

$_SESSION['initiated'] = true;

}

?>

[ End PHP CODE ]

The problem with such a simplistic defense is that an attacker can simply initialize a session for a particular session identifier and then use that identifier to launch the attack.

====== +02 - Session Hijacking ======

If your session mechanism have only session_start(), you are vulnerable.

With the most simplistic session mechanism, a valid session identifier is all that is needed to successfully hijack a session. In order to improve this, we need to see if there is anything extra in an HTTP request that we can use for extra identification.

Recall a typical HTTP request:

GET / HTTP/1.1

Host: example.com

User-Agent: Mozilla/5.0 Gecko

Accept: text/xml, image/png, image/jpeg, image/gif, */*

Cookie: PHPSESSID=123456789

Only the Host header is required by HTTP/1.1, so it seems unwise to rely on anything else. However, consistency is really all we need, because we're only interested in complicating impersonation without adversely affecting legitimate users.

Imagine that the previous request is followed by a request with a different User-Agent:

GET / HTTP/1.1

Host: example.com

User-Agent: Mozilla Compatible (MSIE)

Accept: text/xml, image/png, image/jpeg, image/gif, */*

Cookie: PHPSESSID=123456789

Although the same cookie is presented, should it be assumed that this is the same user? It seems highly unlikely that a browser would change the User-Agent header between requests, right? Let's modify the session mechanism to perform an extra check:

[ Begin PHP CODE ]

session_start();

if (isset($_SESSION['HTTP_USER_AGENT']))

{

if ($_SESSION['HTTP_USER_AGENT'] != md5($_SERVER['HTTP_USER_AGENT']))

{

/* Prompt for password */

exit;

}

}

else

{

$_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']);

}

?>

[ End PHP CODE ]

Now an attacker must not only present a valid session identifier, but also the correct User-Agent header that is associated with the session. This complicates things slightly, and it is therefore a bit more secure.

Imagine if we required the user to pass the MD5 of the User-Agent in each request. An attacker could no longer just recreate the headers that the victim's requests contain, but it would also be necessary to pass this extra bit of information. While guessing the construction of this particular token isn't too difficult, we can complicate such guesswork by simply adding an extra bit of randomness to the way we construct the token:

$string = $_SERVER['HTTP_USER_AGENT'];

$string .= 'SHIFLETT';

/* Add any other data that is consistent */

$fingerprint = md5($string);

?>

Keeping in mind that we're passing the session identifier in a cookie, and this already requires that an attack be used to compromise this cookie (and likely all HTTP headers as well), we should pass this fingerprint as a URL variable. This must be in all URLs as if it were the session identifier, because both should be required in order for a session to be automatically continued (in addition to all checks passing).

In order to make sure that legitimate users aren't treated like criminals, simply prompt for a password if a check fails. If there is an error in your mechanism that incorrectly suspects a user of an impersonation attack, prompting for a password before continuing is the least offensive way to handle the situation. In fact, your users may appreciate the extra bit of protection perceived from such a query.

There are many different methods you can use to complicate impersonation and protect your applications from session hijacking. Hopefully you will at least do something in addition to session_start() as well as be able to come up with a few ideas of your own.

====== +03 - Firesheep ======

Recently a firefox extension called Firesheep has exploited and made it easy for public wifi users to be attacked by session hijackers. Websites like Facebook, Twitter, and any that the user adds to their preferences allow the firesheep user to easily access private information from cookies and threaten the public wifi users personal property.

Firesheep is free, open source, and is available now for Mac OS X and Windows. Linux support is on the way.

Websites have a responsibility to protect the people who depend on their services. They've been ignoring this responsibility for too long, and it's time for everyone to demand a more secure web. My hope is that Firesheep will help the users win.

Thanks!

:)



Share Your Knowledge................................by comment
-Regards,
blog-windows blog(sms GeniusHacker on 9870807070)or http://labs.google.co.in/smschannels/channel/GeniusHacker

blog-windows.com-pfSense - Brute Force com Metasploit

blog-windows.com-pfSense - Brute Force com Metasploit




Share Your Knowledge................................by comment
-Regards,
blog-windows blog(sms GeniusHacker on 9870807070)or http://labs.google.co.in/smschannels/channel/GeniusHacker

blog-windows.com- Ghetto Proxy Chaining - Using Tor and CGI

blog-windows.com- Ghetto Proxy Chaining - Using Tor and CGI




Share Your Knowledge................................by comment
-Regards,
blog-windows blog(sms GeniusHacker on 9870807070)or http://labs.google.co.in/smschannels/channel/GeniusHacker

blog-windows.com-Identifying Users with Browser Fingerprinting

blog-windows.com-Identifying Users with Browser Fingerprinting




Share Your Knowledge................................by comment
-Regards,
blog-windows blog(sms GeniusHacker on 9870807070)or http://labs.google.co.in/smschannels/channel/GeniusHacker

SCS3: Walter Sprenger - Mobile (In)Security

SCS3: Walter Sprenger - Mobile (In)Security with blog-windows.com






Share Your Knowledge................................by comment
-Regards,
blog-windows blog(sms GeniusHacker on 9870807070)or http://labs.google.co.in/smschannels/channel/GeniusHacker
Eset-Nod32 Smart Security 4.0;Below Is The Updated Keys

Eset-Nod32 Smart Security 4.0;Below Is The Updated Keys

http://blog-windows.blogspot.com
Eset-Nod32 Smart Security 4.0;Below Is The Updated Keys


• Securing Your Onlife Life

Daily, cybercriminals driven by the profit motive, threaten your personal data and identity when you go online.
ESET Smart Security 4 combines multiple layers of protection to proactively detect and eliminate all dangers lurking in cyberspace.


• Securing Your Onlife Life

Daily, cybercriminals driven by the profit motive, threaten your personal data and identity when you go online.
ESET Smart Security 4 combines multiple layers of protection to proactively detect and eliminate all dangers lurking in cyberspace.
Read more »
Uniblue Driver Scanner v4.0.1.6 With Serial Key

Uniblue Driver Scanner v4.0.1.6 With Serial Key

http://blog-windows.blogspot.com
Uniblue Driver Scanner v4.0.1.6 With Serial Key


PS-FAQ2S-KCVE7-3JWEA-YNUK5-X57S9-D25YZ

Computers run hardware devices, such as printers or graphics cards, using software called drivers.
Without drivers you wouldn?t be able to print a document, read this webpage or connect to the Internet.
All hardware elements in your PC, including your graphics and sound card, your motherboard, your hard disk, your modem or even your keyboard, come with drivers.
Initially these may have come preinstalled with the operating system, or you may have installed them from the manufacturer?s CD.
Read more »
PLAY UTUBE VIDEOS FOR FREE IN AIRTEL

PLAY UTUBE VIDEOS FOR FREE IN AIRTEL

http://blog-windows.blogspot.com
~PLAY UTUBE VIDEOS FOR FREE IN AIRTEL


Just create setting--

streaming proxy--
airtelstream.co.uk
lowest u.d.p port-2048
highest u.d.p port--2999
port-9480
apn-airtelstream.com

and open your default browser for play.
Reliance Free callertune 2011 100% subscription free latest unlimited songs......

Reliance Free callertune 2011 100% subscription free latest unlimited songs......

http://blog-windows.blogspot.com

Reliance Free callertune 2011 100% subscription free latest unlimited songs......

sms NET to 51234 . I KNow its old but working fine.

AFTER SENDING MSG U will get reply that Thanx for subscribe ct at 0/2day, or
Thanx for request ur song set succefully. (its depend on ur area)
after getting any of above reply,visit 1year ct link in ur default browser and subscribe 1year. Than send msg
CTUNSUB to 51234 and subscribe again for 1year. U will get confirmation that thanx 4 subscribe. U will charge RS. 250/365 days. .
Read more »
Reliance 3g double speed 2011 Reliance really Rockss 3.5g network hsdpa

Reliance 3g double speed 2011 Reliance really Rockss 3.5g network hsdpa

http://blog-windows.blogspot.com
Reliance 3g double speed 2011 Reliance really Rockss 3.5g network hsdpa


Download using 2 access point in reliance.one using rcomwap and other using rcommms.other setting same.just make above 2 access point.which is available in nokia 5800.
1 from internet and other access point from wap.
Enjoy


Do this way
1st make two access point with same proxy server address and port i.e
Read more »

Website Defacement and ReXploiT in action with blog-windows.com

Website Defacement and ReXploiT in action with blog-windows.com




Share Your Knowledge................................by comment
-Regards,
blog-windows blog(sms GeniusHacker on 9870807070)or http://labs.google.co.in/smschannels/channel/GeniusHacker