Friday, September 4, 2015

ඩයලොග් 50 පැකේජ් එකෙන් 10GB ට වඩා බාගන්න ක්‍රමයක්

යාලුවනේ....... මම දැක්ක ඩයලොග් 50 පැකේජ් එක ගැන ගොඩක් අය ප්‍රශ්න අහල තියනවා.



මම ඩයලොග් 50 පැකේජ් එකෙන් 10GB ට වඩා බාගන්න ක්‍රමයක් තමයි මේ කියන්න යන්නේ.






1. මුලුන්ම android ෆොනේ එකේ ඩයලොග් සිම් 1 දාල 50 පැකේජ් එක active කරගන්න.

2. ඊට පස්සේ wifi hotspot එකක් හදාගන්න.

3. ඒ හොට්ස්පොට් 1ට ලැප්ටොප් එක මගින් ලොග් වෙන්න.

4. ඔයා ගාව ලැප්ටොප් 2ක් 3ක් නෙමෙයි, තව wifi වලින් සම්බන්ද වෙන්න පුළුවන් device කීපයකින් උනත් connect වෙලා download කෙරුවත් ස්පීඩ් එක බෙදෙන්නේ නෑ. බෙදුනත් 1ම ලැප් එකක බාගත කර හැකි ප්‍රමාණයට වඩා බෑ ගන්න පුළුවන්.

Sunday, December 14, 2014

How to hack Facebook via Sniffing ?

How to hack Facebook via Sniffing ?
How to hack Facebook via Sniffing?

Hi all users, after receiving your mails that most of facebook hacks doesn't work anymore we have searched and tested and posted some of most popular facebook hacking techniques but still  I think doesn't work for you so finally we've found this technique working 100% for hacking facebook and today we're here to let you know how to do it. So you want to hack Facebook, eh? Before we begin learning how to sniff and start ARP poisoning, let's first begin with this: this tutorial was designed for educational purposes--only! I take no responsibility in whatever damage this may cause to those who wish to participate in this act of hacking! That being said, if you still wish to continue in learning how to get into someone's Facebook without them knowing, proceed along.

There are a couple of terms you will have to know before we begin. This is so that you don't find yourself scratching your head midway through this post wondering what the @$%# I'm talking about. Please understand the following terms and they're respective definitions before proceeding.

  • Cookie:  A cookie is just one or more pieces of information stored as text strings on your machine. A Web server sends you a cookie and the browser stores it. The browser then returns the cookie to the server the next time the page is referenced. Cookies are essentially utilized so that the website can remember certain aspects of that particular website so that when you return it loads the page faster.
  • ARP Spoofing/Poisoning:  ARP stands for Address Resolution Protocol and is a telecommunications protocol used for resolution of network layer addresses into link layer addresses, a critical function in multiple-access networks. It's the "guy" behind the scenes that stands in the middle of all the network traffic, takes in the requests of other computers on the LAN, and returns valuable information/answers. How do you think you get your IP address when you look up ipconfig in CMD? Your computer sends out a request to extract its IP address and the ARP essentially gives you the IP address for your computer. The act of "spoofing" or "poisoning" the ARP, as you probably can already tell, is a very dangerous protocol. By doing so, you are enacting what's called a "man-in-the-middle-attack", MITM for short. When you poison the ARP of a computer within a LAN, you are making yourself the ARP. In other words, all the requests the computers in the network make come directly to you and the answers go directly from you. More on this later.
  • Packet(s): Packet, or packets, are a formatted unit of data carried by a packet mode computer network. They contain literally a million variety of information and provide useful methods in transmitting/receiving requested information. For example, let's take a look at sending an email. On the Internet, the network breaks an e-mail message into parts of a certain size in bytes. These are the packets. Each packet carries the information that will help it get to its destination -- the sender's IP address, the intended receiver's IP address, something that tells the network how many packets this e-mail message has been broken into and the number of this particular packet. The packets carry the data in the protocols that the Internet uses: Transmission Control Protocol/Internet Protocol (TCP/IP). Each packet contains part of the body of your message. Hopefully this gives you a general idea of how packets work and what they provide for both your computer and the internet.
  • Sniffing: Sniffing is usually implied to sniffing network packets. Packet sniffing is the act of eavesdropping on another computer's packet transfer and capturing (saving) those packet transfers for analysis. Though this sounds malicious and wrong, packet sniffing is used widely around the world today for a number of beneficial reasons. But yes, you are correct, just like everything else there are both good and bad intentions for sniffing. An analysis of "sniffed" packets can often times to be used to pick out abusive/malicious acts within a network. An analysis can also provide the "sniffer" to pick out what the slave has been doing and what kind of information the slave's computer has been sending/receiving. Again, just a general definition but you get the picture.
Please read through the definitions and familiarize yourself with the terms before asking what certain things mean here. You can't expect to know every and anything without doing some homework. Trust me, knowing these terms will not only save you time but also give you the benefit of becoming more knowledgeable about basic network definitions Victoire

Software

The following is a comprehensive list of the software you will be needing for this practice. I've given the links to their home pages where you can download the software for free.


Sniffing Your Way In

Now that you're generally familiar with some basic network definitions and have downloaded the required tools to effectively sniff packets, let us begin. Go ahead and open up Firefox and log into your Facebook account. You should be able to see the "cookies" option in the upper-left corner of the toolbar. Click on that and select "View Cookie Information".

You should now see a collective group of information all in regards to the cookies saved on your computer for Facebook. The main cookies are the c_user cookie (which identifies a person uniquely) and datr cookie (which contains important information for the specified c_user). Our goal in sniffing into someone else's Facebook is to trick the browser and the computer into thinking that we are someone else. How do we do this? By manipulating cookies to disguise ourselves. Essentially we are swapping our actual Facebook cookies to that of the slave's so that when we log back into Facebook, it will think we are the slave rather than ourselves. Not too hard to understand, right? Blink

Go ahead and close out of Firefox for now. Next, go and install Cain and Abel. Throughout the installation process, the setup wizard will ask if you want to install the packet driver WinPCap--go ahead and install this. Once you have successfully installed Cain and Abel, open the program. Now follow these steps exactly:
  • Click on configure on top and select your Network card. Mostly its the one with an IP address Tongue.
  • Next click on the start/stop sniffer on top as shown below in green square.
  • Once you start the sniffer, goto the sniffer tab in Cain, right-click and click scan MAC address as shown below!




Depending on your computer and your network population this process can take a couple of minutes. Once it's complete, however, you should be able to pull up a list of computers on your LAN. One cool thing you can do here is right-click one of the computers and find out the computer name. Now it's time for the attack! What was the name of the attack again? Anyone? Did you forget already? Ah, yes, the MITM attack!


Again, follow these steps accurately to effectively spoof the ARP :


  • First Click the APR tab below in cain.
  • Click the white screen in the top frame
  • Click the blue plus on top.




You should get a list of all the devices on the left and a blank screen on the right. In the left screen you should select the router IP. And in the right box, select the computers you want to target. To be safe its better to target one computer. But if you want some real fun then select all the computers on the right frame Hehe. Press "Ok". A caveat in selecting a large amount of computers, however, is that your computer may not be able to handle all the network transmissions and therefore lose some packet captures. Also keep in mind, however, that if someone is working in the router or is monitoring/analyzing the router and actually knows what he/she is doing, they could immediately detect that you are ARP poisoning the router. So be careful! You can get caught.


All the computers should have populated the top-frame. Now select the whole list and click on the nuclear button (top left of Cain, bolded box in the picture below).
And you're done! You've successfully poisoned the ARP of the computers you've selected and you are now the "middle-man" between your slave's computer and the router to the internet. But wait just a second--we can't get into the slave's Facebook just yet! All we've done so far is established ourselves to be the "middle-man". We have to now capture some packets, swap cookies, and voila! We're in.

Now we will open up Wireshark. Follow the steps below :

  • Open up wireshark
  • Go to "Capture –> Interfaces" in the top menu and select your interface. It’s usually the one which has an IP address and a certain number of packets flowing through it.
  • Next go to "Capture" and click on "Start".  
It should look something like this.
This window has all the packets sent from the slave’s/victims’ computer to the router and all the packets sent from the router to the slave.


Next in the filter type “http.cookie contains datr”. You ask why? Because, when a user logs in to facebook, he is given some cookies which is unique to him. If we replace our cookies with the slave’s cookies, we can login to his account as then facebook wont know the difference.


 
After filtering the cookies out, right-click on any one of them and click on "Follow TCP Stream". 




In the TCP stream look for the line "Cookie: ( and all cookie names)". If it doesn't show up, select some other packet in Wireshark and click on "Follow TCP Stream" for that particular cookie. You can see the source IP and destination IP in Wireshark. So if you have more than one source IP, then you know you have the cookies of more than one account on your LAN. This is what I got when I did it.


 
You now have the slave's cookies for his/her Facebook. The main ones we need to focus on are the datr cookie, c_user cookie, lu cookie, sct cookie, w cookie and xs cookie. Now open up Firefox and go to Facebook. If you're logged in, log out so that you're at Facebook's home page. Click on the "Cookie" option in the toolbar (as like before) and do the following in this exact order. 
  • Clear session cookies.
  • Delete domain cookies.
  • Delete patch cookies.
Note :-
If you don't do the steps in that same order, this will not work!


Note :- Once you do this, reload the Facebook page (http://www.facebook.com). This is to ensure that you are loading the Facebook page clean without any pre-existing cookies.


Now login to your account with your username and password. After logging in, click on cookies in web developer add-on just like before and click on “View Cookie Information”. You should see all of your Facebook cookies now. Any ideas what we do next? I suspect you know by nowOui.


Click on “Edit Cookie” for each cookies there and replace the cookie value with the value you got through Wireshark. If you didn't get all the cookies in Wireshark, it's OK! But mainly, you should look to replace the datr cookie, c_user cookie, lu cookie, sct cookie, w cookie and xs cookie.
After you have swapped cookies, go ahead and refresh the page. Voila! You should now be logged in as your slave rather than yourself. Congratulations, you have successfully "hacked" your way into someone else's Facebook! Again, please keep in mind that this only works for computers within your LAN. So if you're at home, you can only get into the Facebook of people who are connected at home. No, you cannot hack into the Facebook of someone across the worldNon.

I hope you guys have enjoyed this tutorial! Please feel free to leave me any questions below or PM me with any issues you have. I'll try to respond and reply at my soonest convenience.

Saturday, January 4, 2014

Free Wi-Fi Hotspots (That Are Actually Free) on Your Samsung Galaxy Note 2


A free Wi-Fi hotspot can be a lifesaver. Whether it's because you have shitty reception, need faster connectivity, or just don't want to go over your monthly data plan, free Wi-Fi in public areas is greatly appreciated.
While connecting to these free hotspots is fairly easy, finding them can become a whole nother issue. I've been in plenty of situations where I wasted my data plan instead of taking a few steps to the right, where free Wi-Fi would have been waiting for me and my Samsung Galaxy Note 2.
I mean, sure, you could walk around and look for a signal, holding your phone up like you're Rafiki and it's Simba, but who really has time for that?
Sorry buddy, I think you're out of luck.
So, how can you make the task of searching for and connecting to free Wi-Fi much easier?

Use Free Zone Wi-Fi to Help You Find the Best Ones

With more than 7 million hotspots already on the map, Free Zone - Wi-Fi Manager by longthanhmobs scans and connects you to all the free networks in your area. Using location services, the app automatically connects your Galaxy Note 2 or other Android device to a free Wi-Fi network as soon as you're in range.

How Free Zone Works

From the application, you can check out the total time you've been connected to an open hotspot, how many open hotspots you've found, and a real-time calculation of all the open hotspots found worldwide. If you switch over to the middle tab, you can also check out all the Wi-Fi hotspots in a list.

What Makes It Better Than the Rest

Free Zone is also pretty smart. It won't connect you to a "free" hotspot that's actually a paywall, and it helps you differentiate between a bunch of public networks that all have the same name (linksys, attwifi, etc.) so you know where each one is coming from.
The easiest way to check out the free Wi-Fi spots in your location, though, is using the app's built-in map. It shows you exactly where each network is located and makes it much easier to navigate your way there.
So, give Free Zone a try. You may end up discovering a few places you didn't even know were there. Let us know in the comments how it works for you.

How to find the primary email address of any Facebook user. Privacy bug squashed


When you sign-up for a social network you expect it to keep its privacy promises. For instance, if you tell the social network not to reveal your email address to any other members, you expect it to remain private.
But a security researcher has detailed how he found a way to find out *any* Facebook user’s primary email address, regardless of their privacy settings, by exploiting a weakness on the social network.
Security researcher Stephen Sclafani described how he stumbled across the privacy hole while ambling through some old mailing lists.
One of the messages he came across contained a Facebook invitation reminder email, seemingly sent by accident when the user made the mistake of following Facebook’s advice to invite their entire contacts list to the social network:
Facebook invitation reminder email
What is interesting is the clickable URL at the bottom of the invite message.
When Sclafani clicked on the link, he was taken to a Facebook sign up page already filled in with the mailing list’s address and the name of the person who used the link to sign up for an account:
Facebook signup page
Sclafani took a closer look at the link, and discovered something interesting:
The link contained two parameters: “re” and “mid”:
http://www.facebook.com/r.php?​re=245bf2da75118af20d917bdd34babddb​&mid=59b63aG5af3107aba69G0G46
Changing the re parameter did nothing; however, changing parts of the mid parameter resulted in other addresses being displayed. Taking a closer at the parameter, its value was actually a string of values with “G” acting as a delimiter:
59b63a G 5af3107aba69 G 0 G 46
Only the second value was important. The value was an ID associated with the address that the invitation was sent to in hex. A Facebook user’s numerical ID could be put as this value and their primary email address would be displayed. A user’s numerical ID is considered public information and can be obtained from the source of their profile or through the Graph API.
In other words, if you replaced that part of the “mid” parameter with the hex value of a different Facebook users’ numerical profile ID, you would be shown their primary email address.
Facebook profile IDs aren’t secret. You can get them easily via sites like Find My Facebook ID or from Facebook’s own profile directory.
Facebook profile directory
Indeed, it’s possible to imagine how someone interested in grabbing the email address of *every* *single* Facebook user could write a script to trawl the profile directory, turn each ID into hex, and then use the modified URL to ultimately scoop up each address.
It’s easy to imagine how a database of such email addresses could be abused.
Fortunately, Stephen Sclafani has some ethics. And rather than try to make a big splash by publishing details of Facebook’s embarrassing flaw, he chose to disclose it responsibly to the social network. Sclafani says that Facebook fixed the flaw within 24 hours, and rewarded him $3,500 for his efforts under their Bug Bounty program.
Facebook certainly appear to be grateful that he acted in the way he did, telling me:
"We appreciate the security researcher's effort to report this issue to our White Hat Program. We worked with the researcher to evaluate the scope of the issue and fix this bug quickly. We have no evidence that it was exploited maliciously."
"We have provided a bounty to the researcher to thank him for his contribution to Facebook security."
Well done to Sclafani for finding the flaw and acting responsibly. And – although it would have been better if the privacy loophole hadn’t been there in the first place – well done to Facebook for fixing it so quickly after being informed.
If you are on Facebook, and want to be kept updated with news about security and privacy risks, and tips on how to protect yourself online, join the Graham Cluley Security News Facebook page.

How to hack any Facebook account in under a minute, by sending just one SMS

A UK-based security researcher going by the name of “fin1te” has earned himself $20,000 after uncovering a way to hack into any account on Facebook, just by sending a mobile phone text message.
This should – obviously – have been impossible, but due to a weakness in Facebook’s tangled nest of millions and millions of lines in code, potentially hundreds of millions of accounts were vulnerable to hijacking through the simple technique.
Fin1te (real name Jack Whitten) has documented how the hack works on his blog.
The first thing to do is send the letter “F” in an SMS message to Facebook, as though you were legitimately registering your mobile phone with the social network. In the UK, the SMS shortcode for Facebook is 32665.
Send an SMS to Facebook
Facebook responds, via SMS, with an eight character confirmation code.
The normal sequence of events would be to enter that confirmation code into a Facebook form, and go on your merry way…
Facebook mobile activation form
But fin1te discovered that a vulnerability existed on that form, that could be exploited to use the confirmation code he had been sent by Facebook via SMS with *anyone* else’s account.
What fin1te had uncovered was that one of the elements of the mobile activation form contained, as a parameter, the user’s profile ID. That’s the unique number associated with your intended target’s account.
Profile ID parameter inside form
Change the profile ID that is sent by that form to Facebook, and the social network might be duped into thinking you are someone else linking a mobile phone to their account.
Therefore, the first step needed to hijack someone’s account in this way requires your victim’s unique Facebook profile ID.
If you don’t know what someone’s numeric profile ID is, you can always look it up using freely-available tools – they aren’t supposed to be a secret.
Find a Facebook profile ID
Sure enough, fin1te was able to replace the profile ID parameter sent by his browser to Facebook with the unique number of the account he wanted to access…
Facebook hack data
.. and within seconds his his mobile phone was sent an SMS confirming that he had successfully connected the device to the account.
Facebook confirmation SMS
Success. A Facebook account now has a third-party’s mobile phone number associated with it. Without any need for malware or phishing. All that was done was to send an SMS text message.
The final stage of the account hijacking is straightforward. Facebook allows you to log into its system using your mobile number rather than an email address if you want, so at login you enter the mobile phone number you have associated with your victim’s account, and request a password reset via SMS.
Reset code
Sure enough, fin1te discovered that Facebook duly sent him the password reset code for the account – meaning he could change the account’s password, and lock out its legitimate user.
This is an incredibly simple but powerful way to take over anybody’s Facebook account.
The good news is that fin1te disclosed the vulnerability responsibly to Facebook, rather than exploited it for malicious intentions or sold it to other parties. Facebook has fixed the problem so others can no longer take advantage of this serious security hole. For his troubles, Facebook awarded fin1te a hefty $20,000 worth of bug bounty and fixed the vulnerability.
But there’s no doubt that on the underground market, perhaps sold to cybercriminals or intelligence agencies, fin1te’s discovery could have earned him even more money.
Who knows what other serious security vulnerabilities may lay inside Facebook that haven’t been responsibly reported to the company’s security team?
If you are on Facebook, and want to be kept up to date on the latest privacy and security risks threatening users, be sure to Like the “Graham Cluley Security News” Facebook page .

How to Crack Wi-Fi Passwords—For Beginners!


An internet connection has become a basic necessity in our modern lives. Wireless hot-spots (commonly known as Wi-Fi) can be found everywhere!
If you have a PC with a wireless network card, then you must have seen many networks around you. Sadly most of these networks are secured with a network security key.
Have you ever wanted to use one of these networks? You must have desperately wanted to check your mail when you shifted to your new house. The hardest time in your life is when your internet connection is down.
Cracking those Wi-Fi passwords is your answer to temporary internet access. This is a comprehensive guide which will teach even complete beginners how to crack WEP encrypted networks, easily.

Table of Contents

  1. How are Wireless networks secured?
  2. What you'll need
  3. Setting up CommView for Wi-Fi
  4. Selecting the target network and capturing packets
  5. Waiting...
  6. Now the interesting part... CRACKING!
  7. Are you a visual learner?

How Are Wireless Networks Secured?

In a secured wireless connection, internet data is sent in the form of encrypted packets. These packets are encrypted with network security keys. If you somehow manage to get hold of the key for a particular wireless network you virtually have access to the wireless internet connection
Broadly speaking there are two main types of encryptions used:
WEP (Wired Equivalent Privacy):
This is the most basic form of encryption. This has become an unsafe option as it is vulnerable and can be cracked with relative ease. Although this is the case many people still use this encryption.
WPA (Wi-Fi Protected Access):
This is the more secure alternative. Efficient cracking of the passphrase of such a network requires the use of a wordlist with the common passwords. In other words you use the old fashioned method of trial and error to gain access. Variations include WPA-2 which is the most secure encryption alternative till date. Although this can also be cracked using a wordlist if the password is common, this is virtually uncrackable with a strong password. That is, unless the WPA PIN is still enabled (as is the default on many routers).
Hacking WEP passwords is relatively fast, so we'll focus on how to crack them for this guide. If the only networks around you use WPA passwords, you'll want to follow this guide on how to crack WPA WiFi passwords instead.

What You'll Need...

  • A compatible wireless adapter:
This is by far the biggest requirement.The wireless card of your computer has to be compatible with the software CommVIew. This ensures that the wireless card can go into monitor mode which is essential for capturing packets.Click here to check if your wireless card is compatible
  • CommView for Wi-Fi :
This software will be used to capture the packets from the desired network adapter.Click here and download the software from the website.
  • Aircrack-ng GUI:
After capturing the packets this software does the actual cracking.Click here-Click here and download the software from the website.
  • A little patience is vital!!

Step 1: Setting Up CommView for Wi-Fi

  • Download the zip file of CommView for Wi-Fi from the website. Extract the file and run setup.exe to install CommView for Wi-Fi. When CommView opens for the first time it has a driver installation guide. Follow the prompts to install the driver for your wireless card.
  • Run CommView for Wi-Fi.
  • Click the play icon on the top left of the application window.
Start scanning for wireless networks.
CommView now starts scanning for wireless networks channel by channel. After a few minutes you will have a long list of wireless networks with their security type and signal. Now it is time to choose your target network

Step 2: Selecting the Target Network and Capturing Packets

A few things to keep in mind before choosing the target wireless network
  • This tutorial is only for WEP encrypted networks.
So make sure you select a network with WEP next to its name
  • Choose a network with the highest signal.
  • Each network will have its details in the right column.
  • Make sure the WEP network you are choosing has the least the least dB (decibel) value.
Once you have chosen your target network,select it and click Capture to start capturing packets from the desired channel.
Now you might notice that packets are being captured from all the networks in the particular channel. To capture packets only from the desired network follow the given steps.
  • Right click the desired network and click on copy MAC Address.
  • Switch to the Rules tab on the top.
  • On the left hand side choose MAC Addresses
  • Enable MAC Address rules
  • For 'Action' select 'capture' and for 'Add record' select 'both'.
  • Now paste the mac address copied earlier in the box below.
We need to capture only data packets for cracking. Hence select D on the bar at the top of the window and deselect M (Management packets) and C (Control packets).
Now you have to save the packets so that they can be cracked later. To do this-
  • Go to the logging tab on top and enable auto saving.
  • Set Maximum Directory Size to 2000
  • Set Average Log File Size to 20.

Step 3: Waiting...

Now the boring part- WAITING!
NOTE: The amount of time taken to capture enough data packets depends on the signal and the networks usage. The minimum number of packets you should capture should be 100,000 for a decent signal.
After you think you have enough packets (at least 100,000 packets)
  • Go to the log tab and click on concatenate logs.
  • Select all the logs that have been saved.
  • Do not close CommView for Wi-Fi
  • Now navigate to the folder where the concatenated logs have been saved
  • Open the log file
  • Select File- Export -Wire shark tcpdump format and choose any suitable destination.
  • This will save the logs with a .cap extension to that location

Now the Interesting Part... CRACKING!

  • Download Aircrack-ng and extract the zip file.
  • Open the folder and navigate to 'bin'.
  • Run Aircrack-ng GUI
  • Choose WEP
  • Open your .cap file that you had saved earlier.
  • Click Launch.
  • In the command prompt type in the index number of your target wireless network.
  • Wait for a while .If everything goes fine the wireless key will be shown.
You may also receive a request to try with more packets. In this case wait until more packets have been captured and repeat the steps to be performed after capturing packets
BEST OF LUCK

Step 4: Are You a Visual Learner?

Just in case you didn't understand, you can watch this video walk-through.

Sunday, June 16, 2013

Copyright © 2014 ComputerTrickz