In this Underground video, Crash Overron demonstrates how to hide a RAR file inside an Image file. He does this by utilizing a binary combine which basically concatenates the two files together. To accomplish this in windows use the command:
copy /B [File1 (Image)] + [File2 (RAR)] [Destination File (Image)]
The resulting file can still be view as an image, and the RAR file can still be unpacked. Not only, can this trick be used as a simple type of steganography, but also, it can be used in certain situations to exploit a flaw in a website. If a website has a Local File Inclusion (LFI) flaw and allows users to upload images, an attacker can inject PHP code into the website by using this technique to combine an Image file with a PHP file. Full Scale Video Here
Download Here

If you would like to submit a video to Infinity Exists Underground send a email describing your video to underground@infinityexists.com

Phishing is a method of obtaining sensitive information such as usernames and passwords by pretending to be a trusted website.  Tehdead shows us a variety of password phishing techniques that enable an attacker to trick a user into giving up their login information.  The first step is to create a fake login identical to the login on the trusted website.  In order to not raise suspicion, Tehdead explains two methods to capture the victim’s password and then transfer them to the real website.  One method is to sumbit the information to a php page that is disguised as a pop-up advertisment, and the other is to send the username and password to a simular php page that is contained in an iframe.  Lastly, Tehdead describes how to use link manipulation with BBcode to social engineer a victim into going to the fraudulent website. Full Scale Video Here
Download Here

If you would like to submit a video to Infinity Exists Underground send a email describing your video to underground@infinityexists.com

In this Underground video, Overide demonstrates how to obtain root access on a fully patched Windows XP SP3 Machine. He exploits a flaw in Windows Server Message Block (SMB) which is used to provide shared access to files between hosts on a network. Overide utilizes the Metasploits Framework to run the exploit. It works by relaying a SMB authentication request to another host which provides Metasploit with a authenticated SMB session, and if the user is an administrator, Metasploits will be able to execute code on the target computer such as a reverse shell. For this exploit to run, the target computer must try to authenticate to Metasploit. Overide forces the target computer to perform a SMB authentication attempt by using a Ettercap Filter. Full Scale Video Here
Download Here
Download Ettercap Filter Here

For more information on the Metasploit Framework and Ettercap Filters check out Video Archive - Exploit Hacking, Underground - Metasploit Autopwn, and Episode 20 - Ettercap.

If you would like to submit a video to Infinity Exists Underground send a email describing your video to underground@infinityexists.com

Crash Overron’s second Underground video explains how to use Ollydbg to manipulate a simple program. OllyDbg is a debugger that analyzes binary code. Not only does Olly allow you to step through an executable’s assembly code, but also, it can trace registers, recognize procedures, API calls, switches, tables, constants and strings. Crash Overron utilizes a feature in Olly to locate a referenced text string that is displayed when an invalid serial key is entered. Once the string is located, he can find the compare statement that checks the user’s serial key, and change the flow of the program so that his serial key is accepted. Full Scale Video Here
Download Here

Download Ollydgb
Download Application

If you would like to submit a video to Infinity Exists Underground send a email describing your video to underground@infinityexists.com

In this Underground Video, Copy explains how to use Metasploit’s Autopwn. The Metasploit Framework is a tool for developing and executing exploit code against a remote target machine. Autopwn is a tool in Metasploit Framework version 3 that automates the exploitation process. Copy demonstrates how to use Autopwn in both Backtrack 2 and Backtrack 3. Full Scale Video Here
Download Here

The Metasploit Project
For more information on the Metasploit Framework check out my Exploit Hacking video.

If you would like to submit a video to Infinity Exists Underground send a email describing your video to underground@infinityexists.com

The first Underground video explains how to send fake emails a.k.a. Email Spoofing. This video, submitted by Crash Overron, covers two methods of email spoofing. The first and older method is connecting directly to the SMTP server with Telnet; however, this method is usually blocked by the email provider. The second method, utilizes the Mail() function in php. Full Scale Video Here
Download Here

Download Email_Spoof.php
(Right Click -> Save As Email_Spoof.php)

If you would like to submit a video to Infinity Exists Underground send a email describing your video to underground@infinityexists.com

Infinity Exists Underground is a new video series based completely on viewer submissions. If you have an educational video on hacking, lock picking, modding, etc. send an email explaining what your video is about to underground@infinityexists.com. Nox and I will review the emails and if it sounds like a good informative video we will give you access to the video upload page so you can submit your video. We may edit your video slightly to make it clearer, but you will get credit for creating the video. Also, you can remain anonymous if you are making a questionable video. We hope to get many viewer submissions so that we can get more content on the site and also get you guys more involved.

Full Scale Video Here
Download Here