Wednesday, January 03, 2007

Flash Hacking

Ever wanted to score higher in Kitten Cannon? How about owning at Defend the Castle from the very first level? Some jumps in N-Game too hard for you? Maybe you're ticked off by that guy who got several billion in Push the Button. Whatever the motive, you're here for one reason, you want to hack flash games.

All flash games are written in a code called Actionscript. It'll help you if you know it, but the code is straightforward enough to where even a n00b could do this with almost any game they wanted.

http://zenwarfare.com/flash_hack.php

Tuesday, January 02, 2007

How to sniff plain-text passwords in 13 steps

The following is an instructional tutorial. I hope to show how easy it is to sniff people's passwords in plain-text form on virtually any wired network. Common applications for this would be on a university, school or otherwise large network. This has only been tested on a Windows machine, but can be used to sniff passwords from any operating system.

Step 1: Download, install and run Cain & Abel at http://www.oxid.it/cain.html.
Step 2: Click "Configure" in the top bar.
Step 3: In the "Sniffer" tab, click the adapter which is connected to the network to be sniffed, then click "Apply", then "OK".
Step 4: Click the "Sniffer" tab in the main window.
Step 5: Click the network card in the top bar (2nd icon from the left).
Step 6: Click the "+" button in the top bar.
Step 7: Select "All hosts in my subnet", click "OK". Entries should appear in the main window under the "IP address", "MAC address" and "OUI fingerprint" headings.
Step 8: From the "Sniffer" tab, click "APR" in the bottom tab.
Step 9: Click the top right pane in the main window. Click the "+" button in the top bar.
Step 10: Click on the router in the left pane. The router is generally the entry which has the lowest final IP value (xxx.xxx.xxx.*). Highlight the IP addresses to sniff in the right pane. Click "OK".
Step 11: Click the ARP icon in the top bar (3rd icon from the left). Wait until other users have logged into websites on other computers. Depending on the size of the network and the traffic which this network receives, this can range from minutes to hours.
Step 12: After some time has passed, click "Passwords" in the bottom tab.
Step 13: In the left pane, select the bolded entries. The right pane should show the time, server, username, password (in plaintext) and site accessed.

Please use this tutorial with caution as most private institutions, as well as countries, have strict rules and laws against network sniffing and could lead to expulsion from an institution, as well as critical litigation! This tutorial is for educational purposes only and should only be used to demonstrate the security weaknesses of common networking infrastructures.