Hack or crack IDM manually

01:14 in Hack

Hello Friends, today i am going to explain how to hack or crack Internet Download Manager (IDM) manually. IDM is the best Internet download manager available on internet but its not free and its cracked or patched versions contains viruses.

NO MORE WARNING OF FAKE SERIAL KEY AT ALL….

Using this hack you can register the Internet Download Manager (IDM) for free using you own credentials i.e register on your Name and email ID.
I am explaining the manual hacking method because most of my users said that patch and keygen contain viruses.
This hack also works for trail IDM that means download a trail IDM from there site and register the professional i.e. full version of IDM with your credentials for free using my hack.

Hack or crack IDM manually :

Step 1: Download the IDM trial or If you already have IDM installed Update it by going to Help—}} then to check for Updates.If you don’t wanna update your version, Just click on Registration.

Step2: When you click on registration, Now a new dialog(window) appears that is asking for Name, Last Name, Email Address and Serial Key.

Step3: Now Enter you name, last name, email address and in field of Serial Key enter any of the following Keys:

RLDGN-OV9WU-5W589-6VZH1
HUDWE-UO689-6D27B-YM28M
UK3DV-E0MNW-MLQYX-GENA1
398ND-QNAGY-CMMZU-ZPI39
GZLJY-X50S3-0S20D-NFRF9
W3J5U-8U66N-D0B9M-54SLM
EC0Q6-QN7UH-5S3JB-YZMEK
UVQW0-X54FE-QW35Q-SNZF5
FJJTJ-J0FLF-QCVBK-A287M

And click on ok to register.
Step4: After you click ok, it will show an error message that you have registered IDM using fake serial key and IDM will exit. Now here the hack starts.
Step5: Now Go to START => Then go to RUN and type the following text and click enter:

notepad %windir%\system32\drivers\etc\hosts

Step6: Now right click on hosts file and go to its properties, then go to security tab and then select your admin account, just below u will see an edit button (in front of change permissions), Now give the user full control and write and read rights and then click on apply and then click on Ok, now u will be able to edit the hosts file and save changes in it.

Detail Note about Granting Permission In Windows7:

For Windows 7 users, due to security reasons you will not be able to save hosts file.so follow this steps :
First of all go to C:/ drive then go to Windows Folder and then go to System32 folder and then go to Drivers folder and then go to Etc Folder, in the Etc folder you will see the hosts file.
Now right click on hosts file and go to its properties then go to Security tab select Users under Group or user names and click on edit button,Permission For Host Window will get open, in that window select Users account and grant permission in bellow section which is “Permission for SYSTEM” by clicking all checkbox under “Allow” Name and press Ok.Dnt click on any Deny check box.


Note : if  you have login through admin then skip this step6 .Its just for granting permission for editing file.


Step7: Now a notepad file appears something like this as shown below:

add cod in the hosts file idm

Now copy the below lines of code and add to hosts file as shown above image box :

127.0.0.1 tonec.com
127.0.0.1 www.tonec.com
127.0.0.1 registeridm.com
127.0.0.1 www.registeridm.com
127.0.0.1 secure.registeridm.com
127.0.0.1 internetdownloadmanager.com
127.0.0.1 www.internetdownloadmanager.com
127.0.0.1 secure.internetdownloadmanager.com
127.0.0.1 mirror.internetdownloadmanager.com
127.0.0.1 mirror2.internetdownloadmanager.com

After adding these piece of code, save the notepad file. And exit from there.
Now start your Internet download manager, and now you IDM has been converted to full version and specially when you update next time, your registration will not expire.
That means it will remain full version for life time and you can update it without any problem in future.

proof of Successfully Hacking IDM:

Read more

How to hack everything ( noob friendly)

07:50 in Hack

Now,first free ur time before reading this tutorial.This is a big tutorial ..so that u can learn and hack everything.

1. Introduction.
Most of the hackers who deface websites are script-kiddies, we're now going to take a look how hackers quickly detect vulnerable websites and deface other domains on the system.


2. SQL Injection.
Many people would take as a main the SQL Injection (SQLi) attack. SQLi is very popular and there are many dorks out there.


2.1 Searching for vulnerable websites.
The search is very easy. We just put the dork and try diffrent search results. For quicker results you may use the exploit scanner.

2.2 I want to attack a specific website which is on a shared hosting.
Again the search is very easy. Let's say we have the IP 69.162.119.226 with no malicious thoughts on it, of course. We navigate to:

http://www.bing.com

In the search field write:

Code:

ip:69.162.119.226 id=

You should get very interesting results which you might attack.


3. Attacking the web application itself.

A very good method to gain access is to attack the web application itself. Even if the websites' web application is up-to-update and you aren't able to exploit it, you can search for vulnerable web applications on the server itself. We'll be using the same method as in the 2.2 .

Let's say we have again the IP 69.162.119.226 with no malicious thoughts on it, of course. We navigate to:

http://www.bing.com

In the search field write:

Code:

ip:69.162.119.226 "wordpress"

You should get websites powered by wordpress or any other system you have a working exploit on.

4. I've got admin access, now what ?

After you've got admin access, upload a shell.

5. I've got a shell, now what ?

Now it's time to take down your target. You can either:
- Root the server.
- Get the victims' website configuration database.


5.1 Rooting the server.
First we need to disable the security. 


Second we need a back-connection OR we can bind a port. A back connection means that the server connects to you after you have opened the specific port and have launched netcat to listen ( nc -l -v -p PORT ) . Locus shell provides a great interface for begginers. Just upload locus, after which go to back-connection OR bind shell and follow the instructions.


5.1.1 Pwning the kernel.
One of the most popular ways to root a web server is by pwning the kernel if it's a Linux box. To find out the kernel version simply type "uname -a" on your back/bind connection to/from the server. After you've got the version try finding a local root exploit for it. If you can't find, don't give up ... try harder ...

Code:

http://www.exploit-db.com/local/

5.1.2 Getting the victims' database configuration file.

Many of you have heard of "symlinking" . This is actually something like a shortcut on the Windows OS except this term is used in the Linux/Unix Distributions. Symlinking is a necessity in order to the Linux/Unix box to run about 10 times faster. Without it the server will be really slow even with high hardware configuration , which is just pointless.

To get the configuration file, first find out what system is the victim using ( e.g. Wordpress, Joomla, vBulletin etc ). Now go to your shell ( you will have to had disabled the security ) and type in "cat etc/passwd" .

Etc/passwd file contains all usernames on the Linux/Unix box which are created when you get hosting ( usually that's the cpanel username ). Now to get this file you will have to have disabled the security. In this file the usernames aren't long as the domain ones, for e.g.

You have victim website hackers1.com
In etc/passwd this can refer to the username:
hack1, hak1, hac1, hckrs1, hrs1 etc

So spend some time figuring out the username. After you've got it it's time to get the database config file. You can see the default configuration files list here:

Code:

vBulletin -- /includes/config.php
IPB -- /conf_global.php
MyBB -- /inc/config.php
Phpbb -- /config.php
Php Nuke -- /config.php
Php-Fusion -- config.php
SMF -- /Settings.php
Joomla  --  configuration.php , configuration.php-dist
WordPress -- /wp-config.php
Drupal -- /sites/default/settings.php
Oscommerce -- /includes/configure.php
e107 -- /e107_config.php
Seditio -- /datas/config.php

After you've got your path, it's time to extract the db information.

Let's assume you're in directory /home/attacker1/public_html/shell.php , where shell.php is your shell and attacker1 is the username of some domain we've just compromised. Doesn't this ring the bell ? The path to the victims' hosting should be /home/victim1/public_html/ where victim1 is your victims' username. Let's execute this command on our shell, assuming the victims' system is vBulletin :

Code:

ln -s /home/victim1/public_html/includes/config.php victim1.txt

This command uses symlink and it tells the server "hey, give me the file /config.php and save it as victim1.txt" (symlinking) . Now when you navigate to attacker1.com/victim1.txt you should have their configuration file. Many administrators put some security on their forums/cmses so we're going to break them now ...


5.1.2.1 Htaccess.

The admin of the victim1.com website might have put this htaccess file in the /includes folder:

<Files config.php>
order allow, deny
deny from all
</Files>

When we try to symlink this it will return in a 403 Forbidden Error. So how do we bypass this ? Easy. We create a folder e.g. "hack" . We navigate to "hack" by typing "cd /hack". Next we symlink like this:

Code:

ln -s /home/victim1/public_html/includes/config.php victim1.txt

and we get a 403 Forbidden error ... Now we put this htaccess file in a directory before "hack" for example we are in "/home/attacker1/public_html/hack" and we have to put this htaccess file (below) in "/home/victim1/public_html/" . The htaccess file you have to
put:

Code:

HeaderName victim1.txt

Now we navigate to "/home/attacker1/public_html/hack" and click "victim1.txt" and it should load us the configuration file. If you have done a symlink but with a different .txt file, replace your custom name in the htaccess as well e.g. I have done symlink:

Code:

ln -s /home/victim1/public_html/includes/config.php 1.txt

so I have to put htaccess:

HeaderName 1.txt


5.1.2.2 Browse Through Attack - Bypassing ALL Security.

Tired of bypassing everything step by step by step ? Now I'm going to show you a very cool method to bypass ALL security.

Take this scenario as example:

We have disabled all security. But still we can't symlink right. What do we do ?

First we create a folder with a custom named folder like "hack". We enter it via our shell and type in "ln -s / root" . Next we choose a victim domain like victim1.com . We type in " ls -la /etc/valiases/victim1.com ". Now we navigate one folder back and put this htaccess file in the "hack" folder:

Options Indexes FollowSymLinks
DirectoryIndex test.htm
AddType txt .php
AddHandler txt .php

Now if we are in "/home/attacker1/public_html/" this equals to "attacker1.com" . So we want to navigate to the "hack" folder and we type in the URL "attacker1.com/hack" and we see a "folder" which actually is a symlink called "root". Don't get too happy, we still have got restricted permissions to some folders. Now to "browse through" their hole hosting space we just navigate to "attacker1.com/hack/root/home/victim1/public_html/".

Fr34k1ng pwn3d . Now you can browse through his website without worrying about IP restrictions with htaccess file. Although if there is htaccess because of which you have to enter username and password, you have to find a way to bypass that yourself. OK so you're browsing through and you are in "/includes/" and you find "config.php". You click on it but it gives you a BLANK page. WTF ?! Not exactly. Right-click and select "view source" and the configuration file is there .


6. Is this is it ? Is it really this simple ?

Yes, this is it, nothing complicated. This is the way most hackers "deface", "root" or whatever they do to websites/forums.

Read more