Bypass RapidShare Download Limit with Free Crack Tool - CMS The Grabber

CMS The Grabber from CMS Portal (www.cmszone.org) is an ultimate tool for fast downloads from RapidShare free service users. The Grabber works in such as a way that it automates the process of changing IP by using different proxy servers hack in order to fool RapidShare to assume that the download requests of RapidShare files are from different computer or different users.

CMS the Grabber, now at version 1.4.5.P, features ability to bypass and overrides RapidShare limitations faced by non-premium (free) account users by using proxy servers, able to start downloading from RapidShare immediately, and ability to download multiple files simultaneously.

As CMS the Grabber is using proxy sites and servers to bypass and skip the RapidShare download limit, you will need a list of proxy servers and sites available publicly. As mentioned in Universal Share Downloader, a similar tool, for proxy servers list, you can download a software called GeoWhere and use GeoWhere to search for available proxy servers on the Internet, and put all the found proxies into a text file. You should use only anonymous proxy, as transparent proxy will reveal your IP address too. Alternatively, several websites has a long list of open public proxy servers that can be used such as Proxy.6te.net, Proxy.org. Proxy List even allows you to download list of proxy servers in a text file format (remember to download only anonymous or elite proxy by searching for the type before downloading). Alternatively, Forum Proxy Leecher also maintains a Default List of proxies available and Custom List of proxies servers.

To ease the usage of The Grabber, The Grabber comes with a Proxy Checker where the utility will check and test each and every proxy for its usablity. The valid proxies that have been checked then can be imported into CMS the Grabber via clipboard. Then you’re set to go to download any files from RapidShare without any limit by keying in the RapidShare download link. If you wish to simultaneously download many files, just click on New Window to setup a new download session.

You can download CMS the Grabber 1.4.5.P from official download link at RapidShare for non-forum member. If you download from above link, you will need this password to unpack and extract the file: www.cmszone.org. But if you can’t and unable to download from RapidShare, try to download the Grabber from here.

Read More

Free Working License Key Serial To Activate AVG Anti-Virus 8 Till 2018 (10 Years Subscription Expiry)

Fed up with free anti-virus solution giveaways with subscription period validity of just 3 months, 6 months or 1 year? Most security product developers nowadays attracts user with several months of free usage promotional offer, and then require user to pay an annual subscription fee to continue using the product or to receive the virus signature update.

Instead of succumbing to search for new free license key, serial number or activation code every other few months when the subscription period expires or ends, here’s one license key number like no other, for AVG Anti-Virus users. We receive tip off that the following license number for AVG Anti-Virus will only expire on February 26, 2018, a full 10 YEARS validity and free usage. For AVG lovers who installed AVG Anti-Virus by using the one year free subscription license which going to expire by December 1, 2008, the ultimate serial key for AVG is just in time.

It’s unclear if the super long activation license key for AVG AntiVirus is part of what promotion, or it’s a leaked serial key. Anyway, the license number will activate a full version of AVG Anti-Virus 8.0, and most likely all its future upgraded version or new releases. There are a total of 145,000 licenses available.

To use AVG Anti-Virus for free for 10 years, just download and install the latest version of AVG Anti-Virus setup installer (current version 8.0.196: avg_ipw_stf_all_8_196a1383.exe) from AVG paid version installation file download page.

When prompt for license number during installation, enter the following serial key:

8MEH-REDSL-7ETEC-ULA8R-EAOKL-4EMBR-ACED

Once installation is completed, AVG Anti-Virus full retail edition will have the license expiry date of 2/26/2018.

Read More

PERMANENTALY ACTIVATE WINDOWS VISTA!!tried and tested!!

Hackers are going all out to crack Windows Vista activation procedure which is enhanced by Software Protection Platform (SPP). Until now, Microsoft has an upper hand, with no permanent or foolproof ways to crack or bypass Windows Vista activation request emerged. Instead, various workarounds and tricks to bypass, skip, delay, disable or spoof Vista activation has been suggestion, to various degree of success, such as extend evaluation period, rearm method, install Vista in future year, ‘frankenbuild’ Vista by replacing RTM build WPA files with RC build files, activate against spoofed KMS server, or run and activate Vista with own local KMS server and etc. Now, there is new crack method that able to permanently stop the countdown timer of time left to activate Windows Vista, effectively running Vista OS in full functionality evaluation mode forever.

Install Windows Vista Ultimate edition (or other edition) without product key, if possible in year 2099.

You may need to disconnect from Internet while applying the patch. If you disconnect Internet, connect to Internet until right before you verify the Vista crack with “slmgr -dlv” command.

Windows Vista needs to be applied with 2099-ReArm trick, so that the counter of minutes to no activation required period will not return to normal after reboot. Try the following normal procedures to rearm Vista at 2099. If it’s not working, you may need to apply Vista ReArm Unlimited Patch to ensure Windows Vista back to initial activation grace period.

1. Click on Start Orb button.
2. Select “All Programs”, then “Accessories”.
3. Right click on “Command Prompt, then select “Run as Administrator (A)”.
4. If User Account Control (UAC) prompt a warning message, click on “Continue”.
5. In the command prompt, type date and press Enter. You will see the following:Microsoft Windows [Version 6.0.6000]
   Copyright (c) 2006 Microsoft Corporation. All rights reserved.

   C:\Windows\system32>date
   Current date: 12/19/2006 Thursday
   Enter new date:

6. Enter 12/31/2099 (December 31, 2099).
7. Next, type cscript slmgr.vbs -rearm. You will see something like the following:C:\Windows\system32>cscript slmgr.vbs -rearm
   Microsoft (R) Windows Script Host Version 5.7
   Copyright (C) Microsoft Corporation. All rights reserved.

   The command completed successfully.
   To make the change effectively, please restart the system.

8. Then reset the date of the system to current date again by typing date again. You will see the following:Microsoft Windows [Version 6.0.6000]
   Copyright (c) 2006 Microsoft Corporation. All rights reserved.

   C:\Windows\system32>date
   Current date: 12/31/2099 Thursday
   Enter new date:

9. Type in current date, i.e. 12/19/2006.
10. Above time changing process to ‘fix’ Vista is done from within Windows itself for easy access. However, if you have any problem, reboot to BIOS and change the date and year from there.
11. Exit from command prompt, but do not restart the computer.
12. Download StopTimer.zip or vista_test_crack.zip (both is same).
13. Extract the downloaded archive file into a folder. It should contains “Vista test crack.exe” and “timerstop.sys”.
14. Execute or run the “Vista test crack.exe” by right click on “Vista test crack.exe”, and select “Run as Administrator (A)”.
15. Optional: Press in Test button, and it will pop up a message says 4 timers are stopped. At this time, the counter should be freezed, Check with slmgr.vbs -dlv command, with the minutes left should be the same after a few minutes interval. If it’s the case, continue with the following steps to run the crack every startup.
16. In the Vista test crack window, click on “Install” button. You will be prompted with “Service installed” message if everything is done properly and correctly. The crack will copy the patched stoptimer.sys to system folder and install a new service named “timerstop” to stop kernel-mode timers in spsys.sys system file.
17. Exit from the crack, and restart the computer.
18. The hacking is basically done. Next few steps to to verify that the activation grace period built-in countdown timer is actually stopped and disable the timers from working properly, and make sure that the crack is installed properly. After restart, log on to Windows Vista. Run for a few minutes.
19. Press on Windows + R keys.
20. Type slmgr.vbs -dlv to check the time left to activate Windows Vista. If the time left is 43200 minutes that’s mean the crack is successful.

With the crack, you will have the following in the registry:

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TimerStop]
“Type”=dword:00000001
“Start”=dword:00000002
“ErrorControl”=dword:00000000
“ImagePath”=hex(2):5c,00,3f,00,3f,00,5c,00,45,00,3a,00,5c,00,57,00,69,00,6e,00,\
64,00,6f,00,77,00,73,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,\
00,5c,00,54,00,69,00,6d,00,65,00,72,00,53,00,74,00,6f,00,70,00,2e,00,73,00,\

79,00,73,00,00,00 

Update: There are now automated Vista activation crack tools that apply the above patching steps automatically, namely TimerLock (more realiable), TimeStop which apply TimerStop.sys and TimerStop64.sys v2a.

Further information:

• The TimerStop vista test crack works on all 32-bit x86 Windows Vista edition such as Vista Ultimate and Vista Home Premium. Success rate in 64-bit (x64) environment is likely to be low.
• The crack will make the time left to activate Vista to become always 43200 minutes (30 days), and will not countdown or reduce.
• It’s possible to access Windows Update if you install Windows Vista with default product key (no product key entered when installation).
• During the first 3 days of activation grace period after installing Windows Vista, Microsoft has designed it in such a way that Vista will allow greatest flexibility for users to install required drivers and application during this period, so Vista won’t prompt any reminder message for activation. After crack, Vista OS will always run with 30 days left for activation, thus there will not be any watermark or reminder to activate.
• It’s possible to pass Windows Vista Genuine Advantage (WVGA) validation, so users able to download Microsoft value-added software for genuine customers.
• As mentioned above, as Vista will also remain in first 3 days of activation grace period, in theory, Microsoft will not be able to differentiate who is the newly installed system, or who is the ‘patched’ system, unless of course, they check for the specific file or system (privacy anyone?).
• Users can only view that there is 30 more days for system to be activated in the system properties, but it won’t affect system usage or installation method.  

Read More

all about sql injection ataack>>>>

SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. It is an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another.

Forms of SQL injection vulnerabilities

Incorrectly filtered escape characters

This form of SQL injection occurs when user input is not filtered for escape characters and is then passed into a SQL statement. This results in the potential manipulation of the statements performed on the database by the end user of the application.

The following line of code illustrates this vulnerability:

statement = "SELECT * FROM users WHERE name = '" + userName + "';" 

This SQL code is designed to pull up the records of a specified username from its table of users. However, if the "userName" variable is crafted in a specific way by a malicious user, the SQL statement may do more than the code author intended. For example, setting the "userName" variable as

a' or 't'='t 

renders this SQL statement by the parent language:

SELECT * FROM users WHERE name = 'a' OR 't'='t'; 

If this code were to be used in an authentication procedure then this example could be used to force the selection of a valid username because the evaluation of 't'='t' is always true.

While most SQL Server implementations allow multiple statements to be executed with one call, some SQL APIs such as php's mysql_query do not allow this for security reasons. This prevents hackers from injecting entirely separate queries, but doesn't stop them from modifying queries. The following value of "userName" in the statement below would cause the deletion of the "users" table as well as the selection of all data from the "data" table (in essence revealing the information of every user):

a';DROP TABLE users; SELECT * FROM data WHERE name LIKE '% 

This input renders the final SQL statement as follows:

SELECT * FROM Users WHERE name = 'a';DROP TABLE users; SELECT * FROM DATA WHERE name LIKE '%';Incorrect type handling

This form of SQL injection occurs when a user supplied field is not strongly typed or is not checked for type constraints. This could take place when a numeric field is to be used in a SQL statement, but the programmer makes no checks to validate that the user supplied input is numeric. For example:

statement := "SELECT * FROM data WHERE id = " + a_variable + ";" 

It is clear from this statement that the author intended a_variable to be a number correlating to the "id" field. However, if it is in fact a string then the end user may manipulate the statement as they choose, thereby bypassing the need for escape characters. For example, setting a_variable to

1;DROP TABLE users 

will drop (delete) the "users" table from the database, since the SQL would be rendered as follows:

SELECT * FROM DATA WHERE id=1;DROP TABLE users; 

Magic String

The magic string is a simple string of SQL used primarily at login pages. The magic string is

'OR''=' 

When used at a login page, you will be logged in as the user on top of the SQL table.

Vulnerabilities inside the database server

Sometimes vulnerabilities can exist within the database server software itself, as was the case with the MySQL server's mysql_real_escape_string() function. This would allow an attacker to perform a successful SQL injection attack based on bad Unicode characters even if the user's input is being escaped.

Blind SQL Injection

Blind SQL Injection is used when a web application is vulnerable to SQL injection but the results of the injection are not visible to the attacker. The page with the vulnerability may not be one that displays data but will display differently depending on the results of a logical statement injected into the legitimate SQL statement called for that page. This type of attack can become time-intensive because a new statement must be crafted for each bit recovered. There are several tools that can automate these attacks once the location of the vulnerability and the target information has been established.

Conditional Responses

One type of blind SQL injection forces the database to evaluate a logical statement on an ordinary application screen.

SELECT booktitle FROM booklist WHERE bookId = 'OOk14cd' AND 1=1 

will result in a normal page while

SELECT booktitle FROM booklist WHERE bookId = 'OOk14cd' AND 1=2 

will likely give a different result if the page is vulnerable to a SQL injection. An injection like this will prove that a blind SQL injection is possible, leaving the attacker to devise statements that evaluate to true or false depending on the contents of a field in another table.^[3]

Conditional Errors

This type of blind SQL injection causes a SQL error by forcing the database to evaluate a statement that causes an error if the WHERE statement is true. For example,

SELECT 1/0 FROM users WHERE username='Ralph' 

the division by zero will only be evaluated and result in an error if user Ralph exists.

Time Delays

Time Delays are a type of blind SQL injection that cause the SQL engine to execute a long running query or a time delay statement depending on the logic injected. The attacker can then measure the time the page takes to load to determine if the injected statement is true.

[edit]Preventing SQL Injection

To protect against SQL injection, user input must not directly be embedded in SQL statements. Instead, parameterized statements must be used (preferred), or user input must be carefully escaped or filtered.

Using Parameterized Statements

In some programming languages such as Java and .NET parameterized statements can be used that work with parameters (sometimes called placeholders or bind variables) instead of embedding user input in the statement. In many cases, the SQL statement is fixed. The user input is then assigned (bound) to a parameter. This is an example using Java and the JDBCAPI:

PreparedStatement prep = conn.prepareStatement("SELECT * FROM USERS WHERE USERNAME=? AND PASSWORD=?"); prep.setString(1, username); prep.setString(2, password);

Read More

'GOOGLE HACKIN'

Google hacking involves using the popular Google search engine to locate sensitive online information, which should be protected but is not.

Dr Ellen Rose, a senior lecturer at the Institute of Information and Mathematical Sciences, and graduate student Natalia Nehring, ran Google search queries known to return sensitive information from the Google database.

They wrote a computer program that for three months ran 170 daily queries against the Google database, looking at sites in New Zealand, Australia, the United States and the Czech Republic.

They found that sensitive data was now easier to obtain and that New Zealand sites are more vulnerable to hackers than Australian or United States sites.

The study aimed to ascertain how vulnerable we are to hackers. The researchers say any internet user can now easily find sensitive information using only a browser and a few carefully chosen keywords. They point out website administrators can use the same techniques to discover their own vulnerabilities.

Google hacking, how it works and how to protect against it is extensively reported on a range of articles that can be found through the Google search engine itself.

Dr Rose and Ms Nehring say about half of their hits pointed to sensitive information although some types of sensitive information were only available for a small window of time.

Vulnerabilities related to backup files were open the longest, followed by remote administration vulnerabilities.

They got the most hits in New Zealand in the organisational domains (.co and .org) and within the categories of error messages and backup files.

The average number of days a potential vulnerability remained open across all domains and all categories was similar in the US (48.85 days, 46 per cent from the duration of test period) and Australia (49.54 days, 50 per cent from the duration of test period) with New Zealand vulnerabilities remaining open somewhat longer (60.96 days, 57 per cent from the duration of test period). Very little vulnerability could be detected in the Czech Republic.

Dr Rose said she felt it would be unethical to name the sites where personal information could be found but Massey’s own website was found to have about 50 vulnerabilities, which they had alerted the University’s technology services department to.

Read More

Spam And Viruses Converge In Latest Hacking Attack

A new hackers' attack uses a combination of spam and viruses to launch a world campaign, according to a recent report by MessageLabs.

The security company released the research at Infosecurity Europe 2007 in London to tell that it detected e-mails that were spam and also contained virus.

For a fairly long time in the past, cyber criminals have been using e-mail viruses to build botnets and distribute spam from them. But now MessageLabs for the first time has found viruses concealed in stock scam spam. MessageLabs has blocked numerous e-mails since April 14, 2007 that carried the Storm Worm.

Hackers think it beneficial to use one e-mail instead of two, said Mark Sunner, chief security analyst at MessageLabs in a company press release. MarketWIRE published it on April 25, 2007. The bad guys are adding layers to existing threats, continued Sunner. They don't seem to be satisfied by just scamming and saturating someone's inbox with unsolicited bulk e-mails; they also want to acquire control of the person's PC in the same attack.

These latest attack tactics represent the boldness with which some criminal gangs are playing. These developments also show that spam cannot be considered as a mere nuisance but it is vital to keep it clear from the desktop. MessageLabs is tracking criminal gangs engaged in the new activity.

The convergence technique has witnessed a fall in old viruses and phishing attacks, the report says. In April 2007, phishing attacks declined from the previous month. There was one phishing e-mail in 116 e-mails in that month. That meant a 12% fall in the number of phishing attacks - the lowest since August 2006.

Towards the end of April 2007, the most recent threats of Zhelatin also called the Storm Worm were going out as spam in pump-and-dump stock e-mails. The new e-mails were obviously linking to websites where attackers hosted malicious code.

MessageLabs has also determined that spam from unknown sources has increased from 0.9% to 76.1% of total e-mails its clients received in April 2007. But by also including the spam mails from known senders the proportion would increase to 83.6%.

Read More

who is a hacker???

In common usage, a hacker is a person who breaks into computers. The subculture that has evolved around hackers is often referred to as the computer underground. Proponents claim to be motivated by artistic and political ends, but are often unconcerned about the use of criminal means to achieve them.

While other uses of the word hacker exist that are not related to computer security (computer programmer and home computer hobbyists), they are rarely used in mainstream context.

Read More

what is hacking????

Read More