Hackers? How to get rid of them?

26 11 2007


Hi everybody!

After a long delay, I decided what to post here, a topic on how to defend yourself from Hackers.
I have heard people yelling, “OMG! I M HACKED!”, so I thought it’s good to tell people not to yell and start taking steps to get secured. Firstly, this post is for beginners (Windows XP users), not for professionals.
Ok, enough chit chat, here’s what you gonna do.

  • Install a fresh Windows (Windows XP Service Pack 2, no! Not Service Pack 1) installation, and install an AntiVirus, yeah no drivers first, AntiVirus first!! Got it?
  • Then update your AntiVirus virus definitions and scan your computer for viruses
  • Download free tool, called SafeXP, and select Recommended settings and click Apply (This is a great tool for XP, for optimizing and securing XP)
  • Go to Control Panel>Administrator Tools>Local Users and Groups>Users> Right click on Administrator and click Set Password, then put a password onto Administrator account, and do the same on every account, you should have a password on every account.
  • Install a Firewall, I prefer to use Sygate Firewall, but it’s not free, here’s a free one, named Comodo Firewall Pro

  • I recommend that, you must stop Network Sharing, but if you are at home network or in which you could trust people, that’s ok, but if you don’t, you need to turn it off. It’s a big threat. How to do it? Open Control Panel>Administrative Tools>Services> Right click “Server” and click properties, choose Startup type to “Disabled”, and click Stop, and then OK. That’s it.

Now that your computer is secured, now you need to take few more steps, and precautions.
NEVER EVER ACCEPT A FILE FROM A PERSON YOU DON’T KNOW, got it? Makes sense?
Alright, good.

Maybe some people tell you to put “javascript:blah blah blah blah” in your address bar and press enter. Never do it! This is how your cookies are stolen, no! It’s not the real cookies, cookies are encrypted text that store login information, in simple words, this is how a website knows you are logged in. BTW, if you are real cookies get stolen, it might be your cat 😉

Happy surfing 😉

*ADDITION (29th Nov 2007)
Sharuk has posted few more tips, that I would like to add it here.

  • Never install pirated version of Operating System
  • Never install free or paid software unless you are sure its safe or heard from someone about it
  • Never give away your sensitive information on shared or free internet access points
  • Keep away from myspace or any other site which let users customize its interface or layout
  • Use Strong passwords and never buy something from sites which use low or no encryption

A million thanks to him 🙂





BearShare Hack Fixed

16 10 2007

I am glad to inform you that BearShare fixed this hack, that I posted.

Now I feel a bit safe on BearShare 😉

Thanks BearShare





The Ultimate BearShare Hack

5 10 2007

THIS HACK HAS BEEN FIXED BY BEARSHARE !!!
THAT’S WHAT I WANTED 🙂
THIS HACK NO LONGER WORKS.

Hi again !

So this is what you all are waiting for, cool !

DISCLAIMER : I AM NOT A HACKER, AND I AM POSTING THIS HACK BECAUSE I WANT BEARSHARE AUTHORITIES TO KNOW THIS IS POSSIBLE, AND THEY SHOULD FIX THIS BUG. AND I DID NOT HACK INTENTIONALLY. I WAS VIEWING MY BLOG’S STATISTICS, AND I CAME TO KNOW ABOUT THIS HACK.


If you don’t know anything about BearShare, view my previous post by clicking here

How to Hack BearShare ?

URL STEALING. Yes, no Cookie Stealing (I am not hungry right now :D) .

Ever wonder why BearShare doesn’t have a address bar or URL indicator ?

Because if you have a URL you could hack that account.

How BearShare Community Webpages work ?

Unlike other websites, which use cookies, to store login information, BearShare stores this login information inside URL, the username and the password is inside this URL

Where does this URL link to ?

To every page of BearShare Community. Like viewing a profile, viewing messages, doing anything inside BearShare.

How does this URL look like ?

http://community.bearshare.com/people/profile_content.html?MyUserId=xxxx&PasswordHash=xxxxx&wt=xxxxxx

How do I get the link ?

Nice question, by REFERRAL METHOD ! You need to steal the URL, by REFERRAL METHOD.

If you are not familiar with Referral, it a URL, from where the user comes from. Like If I am at http://www.yahoo.com, and at that page I saw a link to my page (for suppose), now if I view my page’s statistics, I will see http://www.yahoo.com as a Referral URL to my page. But you don’t need yahoo URL, you need BearShare’s URL.

So place your page link in your BearShare account, and if someone clicks on to your page from BearShare you can get BearShare link 😉

STEP BY STEP ( YOU MUST HAVE LITTLE KNOWLEDGE ABOUT HTML)

1, First create a blog or site of your own on any free blog provider or any website provider like geocities or something.

2, Create a account on StatCounter.com and get code (StatCounter is a free invisible counter for your website/blog that monitors the visitor, this is where you can get the referral link)

3, And insert that code in your webpage or blog.

4, Now it’s tme to edit your BearShare account, open BearShare and login to your account. Click on My Layout Edit

And put your webpage or blog’s link in Profile HTML section in My Layout Edit page. Write

<a href=”http://www.my-webpage.com/”&gt; </a><a target=”_blank” href=”http://www.my-webpage.com”>My Blog</a>

Replace “http://www.my-webpage.com” with your webpage or blog link. And click Save Changes.

5, Ask someone to visit your website or blog.

6, Login to StatCounter.com and view your site’s statistics. On the left side, you will see a link “Recent Came From”, look for a link starting like

http://community.bearshare.com&#8230;..

If you find one, yupee ! You got it !

7, Copy this link and paste it into your Internet Explorer (No it doesn’t work in Firefox, I tried :D) and press Enter. You are in his/her acocunt.

8, And now give me a comment 😀 lol

Note : The advertisements on BearShare can also hack your account, if you click on them