Boot Block Recovery For Free

You don’t need to pay a measly sum of dollars just to recover from a boot block mode. Here it is folks:

AWARD Bootblock recovery:

That shorting trick should work if the boot block code is not corrupted, and it should not be if /sb switch is used when flashing the bios (instead of /wb switch).

The 2 pins to short to force a checksum error varies from chip to chip. But these are usually the highest-numbered address pins (A10 and above).

These are the pins used by the system to read the System BIOS (original.bin for award v6), calculate the ROM checksum and see if it’s valid before decompressing it into memory, and subsequently allow Bootblock POST to pass control over to the System BIOS.

You just have to fool the system into believing that the System BIOS is corrupt. This you do by giving your system a hard time reading the System BIOS by shorting the 2 high address pins. And when it could not read the System BIOS properly, ROM Checksum Error is detected “so to speak” and Bootblock recovery is activated.

Sometimes, any combination of the high address pins won’t work to force a checksum error in some chips, like my Winbond W49F002U. But shorting the #WE pin with the highest-numbered address pin (A17) worked for this chip. You just have to be experimentative if you’re not comfortable with “hot flashing” or “replacement BIOS”.

But to avoid further damage to your chip if you’re not sure which are the correct pins to short, measure the potential between the 2 pins by a voltmeter while the system is on. If the voltage reading is zero (or no potential at all), it is safe to short these pins.

But do not short the pins while the system is on. Instead, power down then do the short, then power up while still shorting. And as soon as you hear 3 beeps (1 long, 2 short), remove the short at once so that automatic reflashing from Drive A can proceed without errors (assuming you had autoexec.bat in it).

About how to do the shorting, the tip of a screwdriver would do. But with such minute pins on the PLCC chip, I’m pretty comfortable doing it with the tip of my multi-tester or voltmeter probe. Short the pins at the point where they come out of the chip.

AMIBIOS Recovery bootblock:

1. Copy a known working BIOS image for your board to a floppy and rename it to AMIBOOT.ROM.

2. Insert the floppy in your system’s floppydrive.

3. Power on the system while holding CTRL+Home keys. Release the keys when you hear a beep and/or see the floppy light coming on.

4 . Just wait until you hear 4 beeps. When 4 beeps are heard the reprogramming of the System Block BIOS went succesfull, so then you may restart your system.

Some alternative keys that can be used to force BIOS update (only the System Block will be updated so it’s quite safe):

CTRL+Home= restore missing code into system block and clear CMOS when programming went ok.

CTRL+Page Up= restore missing code into system block and clear CMOS or DMI when programming went ok.

CTRL+Page Down= restore missing code into system block and do not clear CMOS and DMI area when programming went ok

Btw: the alternative keys work only with AMIBIOS 7 or higher (so for example an AMI 6.26 BIOS can be only recovered by using CTRL+Home keys).

BLACKOUT Flashing

Recovering a Corrupt AMI BIOS chip

With motherboards that use BOOT BLOCK BIOS it is possible to recover a corrupted BIOS because the BOOT BLOCK section of the BIOS, which is responsible for booting the computer remains unmodified. When an AMI BIOS becomes corrupt the system will appear to start, but nothing will appear on the screen, the floppy drive light will come on and the system will access the floppy drive repeatedly. If your motherboard has an ISA slot and you have an old ISA video card lying around, put the ISA video card in your system and connect the monitor. The BOOT BLOCK section of the BIOS only supports ISA video cards, so if you do not have an ISA video card or your motherboard does not have ISA slots, you will have to restore your BIOS blind, with no monitor to show you what’s going on.

AMI has integrated a recovery routine into the BOOT BLOCK of the BIOS, which in the event the BIOS becomes corrupt can be used to restore the BIOS to a working state. The routine is called when the SYSTEM BLOCK of the BIOS is empty. The restore routine will access the floppy drive looking for a BIOS file names AMIBOOT.ROM, this is why the floppy drive light comes on and the drive spins. If the file is found it is loaded into the SYSTEM BLOCK of the BIOS to replace the missing information. To restore your BIOS simply copy a working BIOS file to a floppy diskette and rename it AMIBOOT.ROM, then insert it into the computer while the power is on. The diskette does not need to be bootable or contain a flash utility. After about four minutes the system will beep four times. Remove the floppy diskette from the drive and reboot the computer. The BIOS should now be restored.



Recovering a Corrupt AWARD BIOS

With AWARD BIOS the process is similar but still a bit different. To recover an AWARD BIOS you will need to create a floppy diskette with a working BIOS file in .BIN format, an AWARD flash utility and an AUTOEXEC.BAT file. AWARD BIOS will not automatically restore the BIOS information to the SYSTEM BLOCK for this reason you will need to add the commands necessary to flash the BIOS in the AUTOEXEC.BAT file. The system will run the AUTOEXE.BAT file, which will in turn flash the BIOS. This is fairly easy. Here are the steps you need to take.

· Create a bootable floppy diskette

· Copy the BIOS file and flash utility to the diskette

· Create an text file with any standard text editor and add the following lines

@ECHO OFF

FLASH763 BIOSFILE.BIN /py



Note: In the above example I am assuming that you are using the FLASH763.EXE flash utility. You will need to replace the FLASH763 with the name of whatever flash utility you are using, and replace the BIOSFILE.BIN with the name of the BIOS file you are using. You will also need to change the ‘/py’ to whatever the command is for your flash utility to automatically program the BIOS without user intervention. If you do not know the command to automatically flash your BIOS type the name of the flash utility with a space and then /? to display the utility’s help screen. The help screen should pecify the command switch to automatically flash your BIOS. If you are using the FLASH763.EXE utility then the switch to automatically flash your BIOS is ‘/py’.

Read More

BIOS Update Procedure

All latest Motherboards today, 486/ Pentium / Pentium Pro etc.,ensure that upgrades are easily obtained by incorporating the system BIOS in a FLASH Memory component. With FLASH BIOS, there is no need to replace an EPROM component. Once downloaded, the upgrade utility fits on a floppy disc allowing the user to save, verify and update the system BIOS. A hard drive or a network drive can also be used to run the newer upgrade utilities. However, memory managers can not be installed while upgrading.

Most pre-Pentium motherboards do not have a Flash BIOS. The following instructions therefore do not apply to these boards. If your motherboard does not have a Flash BIOS (EEPROM) you will need to use an EPROM programmer to re-program the BIOS chip. See your dealer for more information about this.

Please read the following instructions in full before starting a Flash BIOS upgrade:

A. Create a Bootable Floppy (in DOS)

•With a non-formatted disk, type the following:

format a:/s

•If using a formatted disk, type:

sys a:

This procedure will ensure a clean boot when you are flashing the new BIOS.

B. Download the BIOS file

•Download the correct BIOS file by clicking on the file name of the BIOS file you wish to download.

•Save the BIOS file and the Flash Utility file in the boot disk you have created. Unzip the BIOS file and the flash utility file. If you don’t have an “unzip” utility, download the WinZip for Windows 95 shareware/ evaluation copy for that one time use from _www.winzip.com or _www.pkware.com. Most CD ROMs found in computer magazines, have a shareware version of WinZip on them.

•You should have extracted two files:

Flash BIOS utility eg: flash7265.exe (for example)

BIOS eg: 6152J900.bin (example)

Use the latest flash utility available unless otherwise specified (either on the BIOS update page or in the archive file). This information is usually provided.

C. Upgrade the System BIOS

During boot up, write down the old BIOS version because you will need to use it for the BIOS backup file name.

Place the bootable floppy disk containing the BIOS file and the Flash Utility in drive a, and reboot the system in MS-DOS, preferably Version 6.22

•At the A:> prompt, type the corresponding Flash BIOS utility and the BIOS file with its extension.

For example:

flash625 615j900.bin

•From the Flash Memory Writer menu, select “Y” to “Do you want to save BIOS?” if you want to save (back up) your current BIOS (strongly recommended), then type the name of your current BIOS and its extension after FILE NAME TO SAVE: eg: a:\613J900.bin

Alternatively select “N” if you don’t want to save your current BIOS. Beware, though, that you won’t be able to recover from a possible failure.

•Select “Y” to “Are you sure to program?”

•Wait until it displays “Message: Power Off or Reset the system”

Once the BIOS has been successfully loaded, remove the floppy disk and reboot the system. If you write to BIOS but cannot complete the procedure, do not switch off, because the computer will not be able to boo, and you will not be given another chance to flash. In this case leave your system on until you resolve the problem (flashing BIOS with old file is a possible solution, provided you’ve made a backup before)

Make sure the new BIOS version has been loaded properly by taking note of the BIOS identifier as the system is rebooting.

For AMI BIOS

Once the BIOS has been successfully loaded, remove the floppy disk and reboot the system holding the “END” key prior to power on until you enter CMOS setup. If you do not do this the first time booting up after upgrading the BIOS, the system will hang.

BIOS Update Tips

note:

1.Make sure never to turn off or reset your computer during the flash process. This will corrupt the BIOS data. We also recommend that you make a copy of your current BIOS on the bootable floppy so you can reflash it if you need to. (This option is not available when flashing an AMI BIOS).

2. If you have problems installing your new BIOS please check the following:

Have you done a clean boot?

In other words, did you follow the above procedure for making a bootable floppy? This ensures that when booting from “A” there are no device drivers on the diskette. Failing to do a clean boot is the most common cause for getting a “Memory Insufficient” error message when attempting to flash a BIOS.

If you have not used a bootable floppy, insure a clean boot either by

a) pressing F5 during bootup

b) by removing all device drivers on the CONFIG.SYS including the HIMEM.SYS. Do this by using the EDIT command.

Have you booted up under DOS?

Booting in Windows is another common cause for getting a “Memory Insufficient” error message when attempting to flash a BIOS. Make sure to boot up to DOS with a minimum set of drivers. Important: Booting in DOS does not mean selecting “Restart computer in MS-DOS Mode” from Windows98/95 shutdown menu or going to Prompt mode in WindowsNT, but rather following the above procedure (format a: /s and rebooting from a:\).

Have you entered the full file name of the flash utility and the BIOS plus its extension?

Do not forget that often you will need to add a drive letter (a:\) before flashing the BIOS. Example: when asked for file name of new BIOS file which is on your floppy disk, in case you’re working from c:\ your will need to type a:\615j900.bin, rather than 615j900.bin only.

Read More

Cracking Password Protected Zip Files |

What is FZC?

FZC is a program that cracks zip files (zip is a method of compressing multiple files into one smaller file) that are password-protected (which means you’re gonna need a password to open the zip file and extract files out of it). You can get it anywhere - just use a search engine such as google.com.

FZC uses multiple methods of cracking - bruteforce (guessing passwords systematically until the program gets it) or wordlist attacks (otherwise known as dictionary attacks. Instead of just guessing passwords systematically, the program takes passwords out of a “wordlist”, which is a text file that contains possible passwords. You can get lots of wordlists at www.theargon.com.).

FZC can be used in order to achieve two different goals: you can either use it to recover a lost zip password which you used to remember but somehow forgot, or to crack zip passwords which you’re not supposed to have. So like every tool, this one can be used for good and for evil.

The first thing I want to say is that reading this tutorial… is the easy way to learn how to use this program, but after reading this part of how to use the FZC you should go and check the texts that come with that program and read them all. You are also going to see the phrase “check name.txt” often in this text. These files should be in FZC’s directory. They contain more information about FZC.

FZC is a good password recovery tool, because it’s very fast and also support resuming so you don’t have to keep the computer turned on until you get the password, like it used to be some years ago with older cracking programs. You would probably always get the password unless the password is longer than 32 chars (a char is a character, which can be anything - a number, a lowercase or undercase letter or a symbol such as ! or &) because 32 chars is the maximum value that FZC will accept, but it doesn’t really matter, because in order to bruteforce a password with 32 chars you’ll need to be at least immortal..heehhe.. to see the time that FZC takes with bruteforce just open the Bforce.txt file, which contains such information.

FZC supports brute-force attacks, as well as wordlist attacks. While brute-force attacks don’t require you to have anything, wordlist attacks require you to have wordlists, which you can get from www.theargon.com. There are wordlists in various languages, various topics or just miscellaneous wordlists. The bigger the wordlist is, the more chances you have to crack the password.

Now that you have a good wordlist, just get FZC working on the locked zip file, grab a drink, lie down and wait… and wait… and wait…and have good thoughts like “In wordlist mode I’m gonna get the password in minutes” or something like this… you start doing all this and remember “Hey this guy started with all this bullshit and didn’t say how I can start a wordlist attack!…” So please wait just a little more, read this tutorial ’till the end and you can do all this “bullshit”.

We need to keep in mind that are some people might choose some really weird passwords (for example: ‘e8t7@$^%*gfh), which are harder to crack and are certainly impossible to crack (unless you have some weird wordlist). If you have a bad luck and you got such a file, having a 200MB list won’t help you anymore. Instead, you’ll have to use a different type of attack. If you are a person that gives up at the first sign of failure, stop being like that or you won’t get anywhere. What you need to do in such a situation is to put aside your sweet xxx MB’s list and start using the Brute Force attack.

If you have some sort of a really fast and new computer and you’re afraid that you won’t be able to use your computer’s power to the fullest because the zip cracker doesn’t support this kind of technology, it’s your lucky day! FZC has multiple settings for all sorts of hardware, and will automatically select the best method.

Now that we’ve gone through all the theoretical stuff, let’s get to the actual commands.

Bruteforce

The command line you’ll need to use for using brute force is:

fzc -mb -nzFile.zip -lChr Lenght -cType of chars

Now if you read the bforce.txt that comes with fzc you’ll find the description of how works Chr Lenght and the Type of chars, but hey, I’m gonna explain this too. Why not, right?… (but remember look at the bforce.txt too)

For Chr Lenght you can use 4 kind of switches…

-> You can use range -> 4-6 :it would brute force from 4 Chr passwors to 6 chr passwords

-> You can use just one lenght -> 5 :it would just brute force using passwords with 5 chars

-> You can use also the all number -> 0 :it would start brute forcing from passwords with lenght 0 to lenght 32, even if you are crazy i don’t think that you would do this…. if you are thinking in doing this get a live…

-> You can use the + sign with a number -> 3+ :in this case it would brute force from passwords with lenght 3 to passwords with 32 chars of lenght, almost like the last option…

For the Type of chars we have 5 switches they are:

-> a for using lowercase letters

-> A for using uppercase letters

-> ! for using simbols (check the Bforce.txt if you want to see what simbols)

-> s for using space

-> 1 for using numbers

Example:

If you want to find a password with lowercase and numbers by brute force you would just do something like:

fzc -mb -nzTest.zip -l4-7 -ca1

This would try all combinations from passwords with 4 chars of lenght till 7 chars, but just using numbers and lowercase.

*****

hint

*****

You should never start the first brute force attack to a file using all the chars switches, first just try lowercase, then uppercase, then uppercase with number then lowercase with numbers, just do like this because you can get lucky and find the password much faster, if this doesn’t work just prepare your brain and start with a brute force that would take a lot of time. With a combination like lowercase, uppercase, special chars and numbers.

Wordlist

Like I said in the bottom and like you should be thinking now, the wordlist is the most powerfull mode in this program. Using this mode, you can choose between 3 modes, where each one do some changes to the text that is in the wordlist, I’m not going to say what each mode does to the words, for knowing that just check the file wlist.txt, the only thing I’m going to tell you is that the best mode to get passwords is mode 3, but it takes longer time too.

To start a wordlist attak you’ll do something like.

fzc -mwMode number -nzFile.zip -nwWordlist

Where:

Mode number is 1, 2 or 3 just check wlist.txt to see the changes in each mode.

File.zip is the filename and Wordlist is the name of the wordlist that you want to use. Remember that if the file or the wordlist isn’t in the same directory of FZC you’ll need to give the all path.

You can add other switches to that line like -fLine where you define in which line will FZC start reading, and the -lChar Length where it will just be read the words in that char length, the switche works like in bruteforce mode.

So if you something like

fzc -mw1 -nztest.zip -nwMywordlist.txt -f50 -l9+

FZC would just start reading at line 50 and would just read with length >= to 9.

Example:

If you want to crack a file called myfile.zip using the “theargonlistserver1.txt” wordlist, selecting mode 3, and you wanted FZC to start reading at line 50 you would do:

fzc -mw3 -nzmyfile.zip -nwtheargonlistserver1.txt -f50

Resuming

Other good feature in FZC is that FZC supports resuming. If you need to shutdown your computer and FZC is running you just need to press the ESC key, and fzc will stop. Now if you are using a brute force attack the current status will be saved in a file called resume.fzc but if you are using a wordlist it will say to you in what line it ended (you can find the line in the file fzc.log too).

To resume the bruteforce attack you just need to do:

fzc -mr

And the bruteforce attack will start from the place where it stopped when you pressed the ESC key.

But if you want to resume a wordlist attack you’ll need to start a new wordlist attack, saying where it’s gonna start. So if you ended the attack to the file.zip in line 100 using wordlist.txt in mode 3 to resume you’ll type

fzc -mw3 -nzfile.zip -nwwordlist.txt -f100

Doing this FZC would start in line 100, since the others 99 lines where already checked in an earlier FZC session.

Well, it looks like I covered most of what you need to know. I certainly hope it helped you… don’t forget to read the files that come with the program

Read More

Premium Accounts…!! { 16 Download Sites }

Following are the list of usernames and passwords of the premium accounts for Best downloads sites.

…!! ENJOY !!…

!!…100% Working Accounts…!!

1.) www.divxcrawler.com {download movies fastly}

Username : divx273

Password : 8342729

2.) www.butterflydownloadnetwork.com {movies, music, Pc Games, Tv shows}

Username : cinemanetwork20

Password : butterfly20

3.) www.downloadprofessional.com {movies,Pc softwares, Pc Games, Tv shows}

Username : lo886Ees

Password : zAgt88er

4.) www.sharingzone.net {movies, Pc softwares, Pc Games}

Username : LODMQYHX

Password : 375021402

Receipt : 4T5W89RD

5.) www.unlimitedgamedownloads.com {movies, Pc Games, psp softwares}

Username : ga20me

Password : ke01feb

6.) www.watchdirect.tv {movies, music, Pc Games, online Tv}

Username : cinemanetwork20

Password : butterfly20

7.) www.fullreleasez.com {Greatly Every thing}

Username : Af872HskL

Password : XjsdH28N

8.) www.fulldownloads.us {Greatly Every thing}

Username : Af872HskL

Password : XjsdH28N

9.) www.pirateaccess.com {Every thing}

Username : yourfrienddalat@gmail.com

Password : CHh5LKPI

Username : xxx_heel_xxx@yahoo.com

Password : MJY0BUY

Username : i_l0ve_u_786@yahoo.com

Password : rYvLgPrt

Username : mubashar_siddique@yahoo.com

Password : F9Gzgwb5

10.) www.warezquality.com {Every thing}

Username : ageg2020

Password : z8fsDfg3

11.) wwww.warezreleases.com {All Stuff}

Username : HnRPxKQz

Password : a59KBV7

Username : a25bipZP

Password : 1TeVnoJb

Username : SHYyJfWU

Password : P4K20uO

12.) www.fulldownloadaccess.com {All Stuff}

Username : mpuv3y

Password : umvpy3x

13.) www.alphaload.com {All Stuff}

Username : AL3429352

Password : ykbcKTNS

Username : AL3429355

Password : RCHAbhKM

Username : AL3429350

Password : gMZNFcyS

Username : AL3429351

Password : cTAkWAxc

Username : AL3429352

Password : ykbcKTNS

14) www.gamedownloadnow.com {All Stuff}

Username : ga20me

Password : ke01feb

15.) www.unlimiteddownloadcenter.com {All Stuff}

Username : cu20me

Password : ke01feb

16.) www.tvadvanced.com {online Tv}

Username : mv03dl

Password : frmvdl

Read More

Latest Airtel Hack 2008

Now a days Airtel gives New option to the Subscriber to access Mobile Office daily @25.00/perday. But this is too Costly. Only 24 hours and the cost is 25.00. Oh GOD!!

But I got a Trick thats help me to Activate my Mobile Office whole 30 days only for 25.00/. Its really goood.

Just follow the Trick.

1. Your account balance should be above 25.00 for the first time.

2. Acitave your mobile office by dailing *444*1#. You will Activate your Mobile Office in the Morning.

3. You got an Activation msg. Your account should deducted by 25.00/

4. After that your can enjoy mobile office for 24 hours.

5. But for unlimited access you will do this :: Just switch off your mobile from 7.00 am to 10.00am. and your account balance should be below 25.00 /

6. Just try it enjoy the whole world only by 25.00.

I am Sure you should be Benifited. JUST TRY IT!!!!!!!!!

Read More

How to Set up your own Proxy Server

Lot´s of people complain that Web Proxys are not working at their Works / Schools computer because they have been banned by administrators. A way around this would be to setup your very own proxy server that is being hosted a) by a free web hosting service that supports either php or cgi or b) your own website that is being hosted by a web hosting company.

Both methods should work and I will walk you right through the installation process for both scripts and give you tips how to find out what is actually being blocked. Before we start you need to download a copy of phpproxy or cgiproxy depending on what you want and can use. You also could perform a search for free web hosting on google for instance and try to find a web host that supports one of the two languages, a good site that I found while searching for those terms might be freewebspace.net

1. phpproxy

Download phpproxy and unpack it to a local directory on your hard drive. All you need to do know is to upload the script to your webspace and open up the new url to check if its working allright. You might want to rename the file to something different, something that does not contain the word proxy in it to avoid filters that ban everything that has the word “proxy” in it.

You could open up the script and enter your clients ip in there to make sure that only your client will be able to connect or you could add a .htaccess file to the directory forcing everyone who wants to start the script to enter a username and password. Again, use google if you like to find out more information about .htaccess

The php script has some requirements, make sure you read the readme file which is included and check to see if your hoster has those requirements enabled.

2. cgiproxy

Your hoster has to have cgi enabled in order to run this script. Many free hosters do not offer cgi or only some preinstalled scripts. Make sure it is enabled before you start the installation process.

First, download the source and unpack it to a local directory.

Now, open the .cgi file and take a look at the configuration. You can edit lots of settings from within, for example you could configure the script that way that it only allows text to go through the proxy but no images. Everything is explained in detail and all options are explained with comments, browse through the file, edit the options to your liking and save the new file.

After that upload the script to your cgi directory if that is required by your hoster and open the url from your browser. You are now ready to browse the web anonymously, to check if that is really the case load a website like whatismyip.com as the first site and check if the ip matches with the server the script is installed and not your computers ip. If that is the case you´ve done everything right and can surf anonymously. (there are still ways to find out your ip, just in case you are wondering)

3. What is being blocked ?

a) If you can access the proxy from the client they only block domains / ips.

b) If you can´t access the proxy they might be banning filenames that contain proxy as well, try changing the filename.

Read More

Enabling/Disabling User Access Control in Windows Vista

Microsoft’s advertising has stressed the new security features found in Windows Vista. From the user perspective, one such feature, User Access Control, is arguably the most noticeable enhancement. User access control is a mechanism by which users — even administrators — perform common Windows tasks with non-administrative rights, or as a standard user. Before administrative tasks can be performed, users must actively approve actions that could be potentially dangerous to the computer.

In this article, I’ll give you a complete look at User Access Control’s inner workings and show you some ways you can change the behavior of this new feature.

How does User Access Control work?

The Inner workings of User Access Control reveal a lot about how this feature protects your computer. First, let’s talk about why User Access Control was developed.

The problem: Windows XP and silent installations

In pre-Vista versions of Windows, upon login, a user was assigned an access token. A non-administrative user was assigned a token that granted him access to resources that did not require administrative rights. Users that were members of an administrative group were assigned a single token that granted them full rights to all of the resources on the local computer.

From an ease-of-use perspective, this level of authority was great. However, from a security perspective, it’s not so great; even for IT pros. Consider the potential for “drive-by” spyware installation. A drive-by installation happens when you visit, either accidentally or intentionally, a site containing malicious code that you don’t know about. While spyware scanners have significantly improved over the past couple of years, there’s not a single solution on the market that will protect against every known threat. Even if there was such a product, there would still be the issue of unknown threats. New spyware pops up every day and it takes vendors time to discover these new nuisances and update their products.

If you’re logged in to Windows XP as a user with administrative privileges at the time the drive-by takes place, spyware may get installed to your computer with absolutely no notice to you. This spyware could be anything from a fairly innocuous tool to a key logger that keeps track of everything you type and sends the results to a predetermined location. You might end up with the installation of a back door that allows a hacker to make his way into your system at some point in the future to achieve his nefarious goals. Worse, the deeper spyware is embedded into your system, the more difficult it is to remove, short of a complete system rebuild, which can take hours.

Note: When you install Windows XP, the Setup Wizard assigns administrative rights to all local accounts.

Now, you might tell yourself you already knowall of this; but, in your organization, you’re forced to allow users to run as a local administrator for any number of reasons. For example, many users (with the backing of management) feel it is vital that they have the ability to install new applications on their desktop. Unfortunately, they’re often right. Doing business on the Web often means having to install a new ActiveX control or other type of application. While not the safest behavior, allowing people to do their jobs is preferable to paying people to sit in a chair doing nothing under the unyielding thumb of IT.



The solution: Windows Vista and User Access Control

Windows Vista’s introduction of User Access Control aims to tame this beast and bring some order back to chaos. Under Vista, when an administrative user logs in to the system, he is granted not one, but two access tokens: an administrative access token and a standard user access token. The standard access token is used to start the user’s desktop. The end result is that the administrator is running a system with more limited rights than he would have received upon login under Windows XP. Until there is a need, the second token — the one with administrative rights — is not used.

This situation takes place, for example, when the administrative user starts a control panel applet and tries to change a setting, Windows Vista’s User Access Control feature pops up a window indicating that permission is necessary to continue. When you choose to allow an administrative action to take place using the administrative token, you are allowing that application to run with elevated privileges. Figure A gives you a look at a typical User Access Control dialog box. If you want to allow the action, press the Continue button.

Figure A

User Access Control asks if you want to proceed with the action.

If you’ve seen the Mac v. PC commercials on Apple’s Web site, you’ll recognize this dialog box as being the point of discussion between the PC and the Mac with a security guard standing behind the PC to verify every communication with the Mac. In reality, the situation is not quite that bad. In fact, although annoying from time to time, the situation is much better as the new system provides a visual cue that something is going on and gives a user an opportunity to decline an action.

Annoyance is one of the results I will try to help you with in this article. I’ll show how you can disable User Access Control altogether, and how to indicate that specific applications should always run in an elevated state.



Completely disabling User Access Control

I’ll preface this section by saying I don’t recommend you take this action, even on your own computer. Much as I am loathe to admit it, even though I preach the dangers of the “blind click” on a pop-up and the resulting spyware that ensues to students and users, I sometimes forget my own advice. Last summer, when I was in a hurry to complete a task, I got what appeared to be a system dialog box and pressed the OK button. Just as I released the mouse button, I realized that the “OK button” I had just pressed was actually a pop-up from a Web site. Just hours later, my system was infested with spyware.

The lesson here is this: Even those of us that do this for a living fall victim to spyware. With User Access Control, at least there is one more barrier between us and them.

But, if you find that User Access Control is seriously debilitating, you candisable it and move on. There are a number of ways to disable User Access Control. I’ll show you how to do so using the Control Panel, the Registry Editor, and Group Policy.

All of the solutions in this article require that you log on as a user with administrative rights. For most solutions, however, you cannot use the local administrator account. This account is not subject to administrative approval. Use another account that is a member of the local administrators group.

Disable User Access Control using MSConfig

For a few machines, you can use MSConfig to change the behavior of User Access Control:

1. Go to Start | All Programs | Accessories | Run.


2. In the Run box, type “msconfig”, and press [Enter].


3. From the System Configuration window, choose the Tools tab, as shown in Figure B.


4. In the Tool Name column, look for the Disable UAC option.


5. Press the Launch button.


6. Reboot the system.

Figure B

The System Configuration window Tools tab.



Disable User Access Control via the Control Panel

If you have just a couple of machines, the easiest way to disable User Access Control is to disable the feature via the Control Panel. Follow these steps to achieve this goal:

1. Go to Start | Control Panel.


2. Viewing the Control Panel in “Classic” mode, choose the User Accounts applet. This opens the screen shown below in Figure.

The User Accounts control panel applet.

1. Choose the “Turn User Account Control on or off” option. Note that this applet has a little shield next to it. This shield indicates that this function is itself protected by User Account Control.


2. Deselect the checkbox next to Use User Account Control (UAC) To Help Protect Your Computer. See Figure D.

Figure D

The User Accounts control panel applet.

1. Press OK.


2. Reboot your computer for the changes to take effect.

Disable User Access Control via the Registry Editor

A second way to disable User Access Control involves the use of the registry editor. By changing a specific key on each Vista machine, you can disable User Access Control. Here are the steps:

1. Start the Registry Editor.


2. Browse to the following key: HKEY_LOCAL_MACHINE Software Microsoft Windows CurrentVersion Policies System.


3. Change the value of the EnableLUA entry to “0″ If you ever want to re-enable User Access Control, follow these instructions, but change the value of the EnableLUA entry to “1″. See Figure E for a look at the screen.


4. When you are done, reboot the computer for the change to take effect.

Figure E

The EnableLUA key in the Registry Editor.

Manage/Disable User Access Control via Group Policy

If you have a lot of computers and you want to change User Access Control behavior across all of them, your best bet is to use Group Policy. The Group Policy method is also the most granular of the bunch and allows you to set a variety of parameter related to User Access Control. I’ll show you how to accomplish this using the local group policy administrative tool.

1. Go to Start | All Programs | Accessories | Run.


2. In the Run box, type “secpol.msc” and press [Enter].


3. When User Account Control asks for permission to continue, press the Continue button.


4. Browse to Computer Configuration | Windows Settings | Security Settings | Local Policies | Security Options. You’ll see the screen shown in Figure F.


5. Select the group policy object you wish to modify and change the setting to the desired value. The list below provides you with a look at all of the group policy settings associated with User Access Control.

Figure F

The Group Policy Object Editor.

There are a number of options related to User Access Control:

• User Account Control: Behavior of the elevation prompt for the built-in Administrator account — This setting determines the behavior of User Access Control when used with the built-in Administrator account.
  
  
  
  • Enabled: When running an application that needs administrative rights, the built-in Administrator account will be subject to User Access Control.
  
  
  • Disabled (default): The built-in Administrator account will run all applications without further prompting.
  
  
  
  


• User Account Control: of the elevation prompt for administrators in Admin Approval Mode — This setting determines what takes place when administrators (besides the built-in Administrator account) run a privileged application.
  
  
  
  • Elevate without prompting: This is the most dangerous setting and should be used only in very secure environments. Restricted applications are run with administrative rights without intervention.
  
  
  • Prompt for credentials: The user is prompted to provide the user name and password for a user with local administrative rights.
  
  
  • Prompt for consent (default): This is the normal behavior for User Access Control and asks the user (assuming the user has administrative rights) to permit or deny running an application with administrative rights.
  
  
  
  


• User Account Control: Behavior of the elevation prompt for standard users — This setting determines what takes place when standard users try to run a privileged application.
  
  
  
  • Prompt for credentials (Default for Home editions): The user is prompted to provide the user name and password for a user with local administrative rights.
  
  
  • Automatically deny elevation requests (Default for Enterprise editions): The user will receive a message indicating that access to the application has been denied.
  
  
  
  


• User Account Control: Detect application installations and prompt for elevation — How will the User Access Control system respond to requests for the installation of new programs?
  
  
  
  • Enabled (Default for home): Application installations that require administrative privileges will trigger the User Access Control prompt.
  
  
  • Disabled (Default for enterprise): Since many application installations are handled via Group Policy, user intervention and approval is not necessary.
  
  
  
  


• User Account Control: Only elevate executables that are signed and validated — Do elevated applications require a valid PKI certificate chain?
  
  
  
  • Enabled: Requires that an application has a valid PKI certificate chain before it is allowed to run.
  
  
  • Disabled (default): Does not require that an application be signed in order to run.
  
  
  
  


• User Account Control: Only elevate UIAccess applications that are installed in secure location — Applications that request execution with a UIAccess integrity level must reside in a secure area of the system.
  
  
  
  • Enabled (default): An application with UIAccess integrity with launch only if it resides in a protected area of the system.
  
  
  • Disabled: An application with UIAccess integrity will launch regardless of the location of the executable.
  
  
  
  


• User Account Control: Run all administrators in Admin Approval Mode — Run all users, including administrators, as standard users. This effectively enables or disables User Access Control. If you change this setting, you must reboot the system.
  
  
  
  • Enabled (default): Administrative Approval Mode and User Access Control is enabled.
  
  
  • Disabled: Disable User Access Control and Admin Approval Mode.
  
  
  
  


• User Account Control: Switch to the secure desktop when prompting for elevation — When User Access Control is enabled and displays an elevation prompt, change Windows Vista to the secure desktop as opposed to the standard user’s desktop.
  
  
  
  • Enabled (default): Elevation requests are directed to a secure desktop.
  
  
  • Disabled: Elevation requests are directed to the standard desktop.
  
  
  
  


• User Account Control: Virtualize file and registry write failures to per-user locations — This setting enables the redirection of legacy application write failures to defined locations in both the registry and file system, mitigating those applications that historically ran as administrator and wrote runtime application data back to %ProgramFiles%, %Windir%; %Windir%\system32 or HKLM\Software\. In short, this key helps to maintain backward compatibility with legacy applications that do not like to run as a standard user.
  
  
  
  • Enabled (default): Applications writing data to protected areas will be redirected to other locations.
  
  
  • Disabled: Applications writing data to protected areas will fail.
  
  
  
  

  </LI>

Selectively disabling User Access Control

Not all applications are marked in such a way as to trigger a User Access Control warning when executed. However, many applications need to be run with administrative rights enabled in order to function as intended. In order to accommodate this situation, you can mark an application so it runs with administrative rights each time the application is executed. To do so:

1. Right-click the executable associated with the application.


2. From the shortcut menu, choose the Properties option.


3. From the Properties page, select the Compatibility tab.


4. Under the Privilege Level heading, select the checkbox next to “Run this program as an administrator” , as seen in Figure G.


5. Press OK.

Figure G

The application’ s Compatibility tab.

For some applications, the “Run this program as an administrator” option may not be available. There can be a number of reasons for this:

• You are not logged in as a user with administrative rights.


• The application is not capable of being run with elevated rights.


• The application is a part of the operating system. OS applications cannot be modified in this manner.

Annoying, but worth it

User Access Control might be an annoying way to achieve system security, but it’s actually pretty welcome when it comes to maintaining system security, especially for home users. Mac and Linux users have long had to deal with the same basic security scheme, but it’s new to Windows users. Once Windows users get used to it, they’ll appreciate the added security it provides.

Read More

Making Windows Genuine

1 . start > run > ” regedit” (without the quotes of course)

2 . Go to the key:

HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WindowsNT\ CurrentVersion\WPAEvents\OOBETimer

…and doubleclick on it.

Then change some of the value data to ANYTHING ELSE…delete some, add some letters, ..just change it! now close out regedit.

3 . Go to start > run > “%systemroot%\system32\oobe\msoobe.exe /a” (again, don’t type the quotes)

4 . The activation screen will come up, click on register over telephone,>next> then click on CHANGE PRODUCT KEY, enter in this key:

JG28K-H9Q7X-BH6W4-3PDCQ-6XBFJ and give update.

(Now automatically window will return back to activate by telephone mode and ask for activation code,just ignore and exit that window it’s done)

Read More

Access Orkut On Your Mobile Phone or PDA

Here is a Great Hack for all Orkut Users…

Have you ever tried to access orkut on your Mobile Browser. If you have tried, you must surely know what happens……….

Let me tell u for those who have not tried it..The login box does not appear…. As a result you cannot sign in and therefore, to say as a whole, ORKUT CANNOT BE ACCESSED ON MOBILE!!!!!

But here is a trick for all to ACCESS ORKUT ON YOUR MOBILE.. You need to do nothing, just follow the link:

https://www.google.com/accounts/Serv….aspx&hl=en-US

And you will see that only the login-box appears, just sign in and there you are…

The whole ORKUT at your hands!!!!

If you lose this link,, here is how to get it.. when you open www.orkut.com on your pc. The login box loads in a different frame.., In Firefox, right click on this frame and Select load this frame only, and the link you get for that frame is this link.Actualy what happens is that we load only this frame and not the others..

Read More

wÅnnÅ w®îtË lîkË thî§?

This is really cool trick. I am sure everybody will like it.

Just follow the steps:

1. Write your Message/Scrap in community or scrapbook.


2. Copy paste the code below in your browser and then press enter. Please be ensured that you write the code in one line in the address bar.



javascript:vartxt=document.getElementsByTagName(’textarea’)[0];txt.v



3. You will see change in the message you wrote.


4. Press Submit and enjoy.

If you have any such cool tricks then Post it as a Comment to this Post. Your views about this post are welcome.

Read More

Ripping Flash Movies for Passwords

Ripping Flash Movies for Passwords Is easy Follow My Tutorial.

How to rip a flash movie from a website ?

Go to the website where the flashfile is located.

Open de sourcecode (rightmouse click…select view sourcecode) of the html,asp,php..etc file where the flash movie is played from.

“http://www.website.com” is the site where the flashfile is located.

“/flash/ ” is the subdir on that website.

“movie.swf” is the flash file itself.

but ofcourse this is only a example: the website, subdir and moviename wil be diffrent to this one.

Look for something like this: (can be diffrent)

<object classid=”clsid:D27CDB6E-AE6D-11cf-96B8-444553540000″ codebase=”http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=5,0,0,0″ width=”550″ height=”400″>

<param name=movie value=”http://www.website.com/flash/movie.swf”>

<param name=quality value=high>

<embed src=”http://www.website.com/flash/movie.swf” quality=high pluginspage=”http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash” type=”application/x-shockwave-flash” width=”550″ height=”400″>

</embed>

</object>

Now the movie it self, it’s highlighted in green.

<object classid=”clsid:D27CDB6E-AE6D-11cf-96B8-444553540000″ codebase=”http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=5,0,0,0″ width=”550″ height=”400″>

<param name=movie value=”http://www.website.com/flash/movie.swf”>

<param name=quality value=high>

<embed src=”http://www.website.com/flash/movie.swf” quality=high pluginspage=”http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash” type=”application/x-shockwave-flash” width=”550″ height=”400″>

</embed>

</object>

Now the ripping it self.

Open notepad or a webeditor and create a sourcecode like this:

<html>

<a href=”http://www.website.com/flash/movie.swf”>Flash movie</a>

</html>

Save the file with: “Save as” and name it “flash.html”.

Open it in your webbrowser and rightclick on the link “Flash movie” select “save target as” and save it to your HDD.

Finally: open it in Macromedia Flash v*.* and lookup the password.

Read More

WEP Cracking, FBI Style( In Just 3 Minutes ) !

Okay, before we begin, I give you Hungry Hacker´s fun facts on WEP.

FUN FACTS:

-WEP stands for Wired Equivalent Privacy

-WEP is used to secure wireless networks from eavesdroppers

-WEP usually takes hours to crack

WEP has always been a long and tedious job, untill recently, when two FBI agents demonstrated how it´s possible to crack WEP in under 4 minutes (3 to be exact).

Here is how they did it:

1. Run Kismet to find your target network. Get the SSID and the channel.

2. Run Airodump and start capturing data.

3. With Aireplay, start replaying a packet on the target network. (You can find a ‘good packet’ by looking at the BSSID MAC on Kismet and comparing it to the captured packet’s BSSID MAC).

4. Watch as Airodump goes crazy with new IVs. Thanks to Aireplay.

5. Stop Airodump when you have about 1,000 IVs.

6. Run Aircrack on the captured file.

7. You should see the WEP key infront of you now.

PROGRAMS USED:

-Kismet

Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system.

It is designed for Linux.

You can download it at www.kismetwireless.net

A windows version can be downloaded at http://www.renderlab.net/projects/wrt54g/kiswin.html

-Aircrack (Includes Airodump, Aireplay, Aircrack and optional Airdecap for decrypting WEP/WPA capture files)

Aircrack is the 802.11 WEP and WPA-PSK keys cracking program that can recover this keys once enough encrypted packets have been captured with airodump.

Airdecap is used to decrypt WEP/WPA capture files.

Airmon can be used to configure the wireless card.

Aireplay is used to inject frames.

Airodump is used for packet capturing of raw 802.11 frames and is particularly suitable for collecting WEP IVs (initialization vectors) for the intent of using them with aircrack-ng.

Download the whole suit at www.aircrack-ng.org

Av fun and enjoy,

-Hungry Hacker

Read More

Mobile can be a Life Saver

There are a few things that can be done in times of grave emergencies. Your mobile phone can actually be a life saver or an emergency tool for survival. Check out the things that you can do with it: -

(1) EMERGENCY : The Emergency Number worldwide for **Mobile** is 112. If you find yourself out of coverage area of your mobile network and there is an emergency, Dial 112 And the mobile will search any existing network to establish the emergency number for you, And interestingly this number 112 can be dialed even if the keypad is locked. ** Try it out .**

(2) Have you locked your keys in the car? Does you car have remote keys? : This may come in handy someday. Good reason to own a cell phone: If you lock your keys in the car and the spare keys are at home, call Someone at home on their cell phone from your cell phone. Hold your cell phone about afoot from your car door and have the person at your home press the unlock button, holding it near the mobile phone on their end. Your car will unlock. Saves someone fro having to drive your keys to you. Distance is no object. You could be hundreds of miles away, And if you can reach someone who has the other “remote” for your car, you can unlock the doors (or the trunk).

(3) Hidden battery Power : Imagine your cell battery is very low, you are expecting an important call and you don’t have a charger. Nokia instrument comes with are serve battery. To activate, press the keys *3370# Your cell will restart with this reserve and the instrument will show a 50% ncrease in battery. This reserve will get charged when you charge your cell next time

(4) How to disable a STOLEN mobile phone? : To check your Mobile phone’s serial number, key in the following digits on your phone: * # 0 6 # A 15 digit code will appear on the screen. This number is unique to your handset. Write it down and keep it somewhere safe. When your phone get stolen, you can phone your service provider and give them this code. They will then be able to block your handset so even if the thief changes the SIM card, your phone will be totally useless. You probably won’t get your phone back, but at least you know that

whoever stole it can’t use/sell it either.

(5) Be careful while using your mobile phone : When you try to call someone through mobile phone, don’t put your mobile closer to your ears until the recipient answers. Because directly after dialing, the mobile phone would use it’s maximum signaling power, which is: 2 watts = 33 dbi, Please Be Careful, Message as received (Save your brain) Please use left ear while using cell (mobile), because if you use the right one it will affect brain directly. This is a true fact from Apollo medical team.

Read More

Remote Operating System Detection

Now a days we invite the so called victim to a webpage/blog and with the help of a free web traker servive get all his details as in browser/operating system and other details but still i would like to share the traditional method as well.

Detecting OS (operating system) is another most important step towards hacking into a system. We can even say that after tracing the IP of the system it is the most prior thing that should be done to get the root on a system cause without having knowledge about the OS running by the target system you cannot execute any system commands on the target system and thus your mission wont be accomplished. In here I have figure out the basics of detecting OS remotely without having physical access to the system. There are various method of detecting OS like by trace routing the victim’s IP , by pinging the IP , by using telnet and also by using a terminal. But from my research I have concluded that detecting OS through ping or tracerout is the most simplest but effective way of determining the operating system running in the remote computer without having physical access to the system. Since my aim of writing articles is to make things clear for beginners and intermediate so I will explain remote os detecting through ping method which is very easy to understand even for peoples totally new to computers.. yeah yeah.. I know you call them newbies..right ?

REMOTE OS DETECTION USING PING METHOD

What is PING and what is its utility ?

Ping is an MSDOS utility provided for windows version of DOS and for Unix and operating systems having UNIX as the core kernel. It runs in dos box in windows and directly in UNIX platform. In this manual I will give more stress on the MSDOS version of ping.

Ping is an utility used for sending and receiving packets of data to a target system using its IP and thus from the outputs you can figure out many information about the target system.

In remote os detection we are mainly concerned with the TTL values of the received data packets.

Note: When you send or receive a file over the internet it is not send at once. Instead it is broken down at the source system and these broken fragments of data know as data packets are send through the internet and these data packets are gathered together by the target system according to an algorithm constructed by the source system.

For example if I send a picture of size 400 KB to my girl friend (hey girls out there remember I don’t yet have a gf in reality) then what actually happens is that my system breaks the data into data packets, say the file of 400 KB has been broken down into 4 data packets each having a size of 100 KB and having a name. These data packets are assigned a code known as the TTL value of the data packets by my operating system. Then these data packets are gathered and the original file is formed from these data packets at the target system.

Example:

C:\windows>ping/?

Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS]

[-r count] [-s count] [[-j host-list] | [-k host-list]]

[-w timeout] target_name

Options:

-t Ping the specified host until stopped.

To see statistics and continue - type Control-Break;

-a Resolve addresses to hostnames.

-n count Number of echo requests to send.

-l size Send buffer size.

-f Set Don’t Fragment flag in packet.

-i TTL Time To Live.

-v TOS Type Of Service.

-r count Record route for count hops.

-s count Timestamp for count hops.

-j host-list Loose source route along host-list.

-k host-list Strict source route along host-list.

-w timeout Timeout in milliseconds to wait for each reply.

Read More

Breaking the Restrictions of the Administrator

Hello Friends many of you have come with this problem of hacking the Administrator in Windows XP. So her is the Solution to your problem. This works on Win 2000 & Win XP.

This can be used to gain access to the website you want to for free, and how you can gain access to ‘control panel’, and the various other tools of Windows that may have been blocked from your grasp like ‘regedit’ by the administrator. IT can be used in schools & colleges..

When u are at the log on screen, type in your username and password. Now When you hit enter, and it comes up with the next screen, the rectangle one, immediatly pull out the network cable i.e. the cable wire.

Now you can log on without any restrictions because when the cable is pulled off then it does not download any settings from the server. Now you have access to control panel, & all the other features which had been blocked BUT there will be no network access. But that’s cool because now we can access ‘Internet options’,

click in the ‘connections’ tab click the LAN settings, click the proxy settings, and in the little white box at the bottom we can specify websites that bypass the proxy server (eg www.yahoo.com) Now once you have changed the settings to what you wish, apply them and restart the computer. Now get someone else to log onto it because if you log in it will load the cached settings from your previous log in, then after the other person logs in, everyone that logs in after them included themselves will have the internet settings you specified.

Its only an ‘Unplugging technique’ to gain access to a comp. locked by the administrator.

Now you can gain access to msconfig, regedit, command etc disable the virus scanner, or to install a trojan or a virus according to u’re will..

XP HOME ADVANCED FILE PERMISSIONS.!!

Access *Advance file Permissions* on NTFS file systems for XP Home simply by booting into *Safe Mode*, rt-clicking any file or folder, and navigating to the *Security tab*. This gives the user the ability to allow or deny read, write, execute, read & write, display contents, full-control, iheritance, and take ownership permissions, with many more options available to apply to different users and groups stored on the computer. Well, you don’t have to do this in *Safe Mode* (XP Home). Although it is a little less intuitive, you can simply go to your command prompt - Start>All Programs>Accessories>Command Prompt. Now type “cacls” in the window (without the quotes). This gives you the ability to add, remove or modify file permissions on files and folders through the command prompt. Type “cacls /?” for help on different options and variables. You do not need to be in safe mode to use this so it makes it a little quicker than using the safe mode security tab GUI. Remember - this only applies to NTFS. Here also is a very useful link to find a lot of extras and tweaks straight from the horse’s mouth - the Microsoft Resource Center. You will find a lot of very useful web-based extra’s here, most of them left unknowing to the general public - such as, “Online Crash Analysis” - a site that looks like Windows Update but you can upload your crash “dump logs” (when you get those system or application crash error reports). Microsoft will then analyze the log file and tell you some more info about WHY the system crashed (ie. faulty hardware/software/conflicts, etc).

Now lets c how to open restricted site on college servers

Hungry Hacker recommends : http://unblockall.net/

• Bypass any filters from work or school and access your favorite community and entertainment sites


• Enjoy a fast and reliable connection. Our dedicated machines have 1Gbps connection and 2 quad processors


• Chat with your friends from work


• Watch videos on Youtube


• Login into Myspace, Facebook and all the popular community sites without losing the proxy


• No traffic redirection


• No PopUp and Annoying Ads!

To use our service, simply type the address of the web site which you want to open in the field above and hit GO. This will automatically lead you to the destination page. With our service you are guaranteed to be able to login and operatate normally.

PLEASE DROP IN YOUR COMMENTS BELOW

Read More

Top 10 Windows Hacking Tools

This is the Collection of Best Windows Hacking Tools:

1. Cain & Abel - Cain & Abel is a password recovery tool for the Microsoft Windows Operating System. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols.

2. SuperScan - SuperScan is a powerful TCP port scanner, pinger, resolver. SuperScan 4 (Current Version) is a completely-rewritten update of the highly popular Windows port scanning tool, SuperScan.

3. GFI LANguard Network Security Scanner - GFI LANguard N.S.S. is a network vulnerability management solution that scans your network and performs over 15,000 vulnerability assessments. It identifies all possible security threats and provides you with tools to patch and secure your network. GFI LANguard N.S.S. was voted Favorite Commercial Security Tool by NMAP users for 2 years running and has been sold over 200,000 times!

4. Retina - Retina Network Security Scanner, recognised as the industry standard for vulnerability assessment, identifies known security vulnerabilities and assists in prioritising threats for remediation. Featuring fast, accurate, and non-intrusive scanning, users are able to secure their networks against even the most recent of discovered vulnerabilities.

5. SamSpade - SamSpade provides a consistent GUI and implementation for many handy network query tasks. It was designed with tracking down spammers in mind, but can be useful for many other network exploration, administration, and security tasks. It includes tools such as ping, nslookup, whois, dig, traceroute, finger, raw HTTP web browser, DNS zone transfer, SMTP relay check, website search, and more.

6. N-Stealth - N-Stealth is a commercial web server security scanner. It is generally updated more frequently than free web scanners such as whisker and nikto, but you have to pay for the privilege.

7. Solarwinds - Solarwinds contains many network monitoring, discovery and attack tools. The advanced security tools not only test internet security with the SNMP Brute Force Attack and Dictionary Attack utilities but also validate the security on Cisco Routers with the Router Security Check. The Remote TCP Reset remotely display all active sessions on a device and the Password Decryption can decrypt Type 7 Cisco Passwords. The Port Scanner allows testing for open TCP ports across IP Address and port ranges or selection of specific machines and ports.

8. Achilles - The first publicly released general-purpose web application security assessment tool. Achilles acts as a HTTP/HTTPS proxy that allows a user to intercept, log, and modify web traffic on the fly. Due to a cyber squatter, Achilles is no longer online at its original home of www.Digizen-Security.com…OOPS!

9. CookieDigger - CookieDigger helps identify weak cookie generation and insecure implementations of session management by web applications. The tool works by collecting and analyzing cookies issued by a web application for multiple users. The tool reports on the predictability and entropy of the cookie and whether critical information, such as user name and password, are included in the cookie values.

10. Netcat (The Network SwissArmy Knife) - Netcat was originally a Unix utility which reads and writes data across network connections, using TCP or UDP protocol. It is designed to be a reliable “back-end” tool that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities.

Read More

How to make Keygens?

Attention : This Article is Only for Real Geeks

Disclaimer : I take no responsibility of the usage of this information.

This tutorial, is for educational knowledge ONLY.

How to make key generators?

Introduction

Hi there, in this tutorial, I intend to teach you how to make a pretty

simple keygen, of a program called W3Filer 32 V1.1.3.

W3Filer is a pretty good web downloader…

I guess some of you might know the program.

I`ll assume you know:

A. How to use debugger (in this case, SoftIce).

B. How to crack, generally (finding protection routines,patching them,etc…).

C. How to use Disassembler (This knowledge can help).

D. Assembly.

E. How to code in Turbo Pascal ™.

Tools you`ll need:

A. SoftIce 3.00/01 or newer.

B. WD32Asm. (Not a must).

C. The program W3Filer V1.13 (if not provided in this package), can be found in

www.windows95.com I believe.

D. Turbo Pascal (ANY version).

Well, enough blah blah, let’s go cracking…

Run W3Filer 32.

A nag screen pops, and , demands registration (Hmm, this sux ;-)) Now,

We notice this program has some kind of serial number (Mine is 873977046),

Let’s keep the serial in mind, I bet we`ll meet it again while we’re on

the debugger.

Well, now, let’s put your name and a dummy reg code…

set a BP on GetDlgItemTextA, and, press OK.

Read More

Top 10 Linux Hacking Tools

This is a Cool Collection of Top Ten Linux Hacking Tools.

1. nmap - Nmap (”Network Mapper”) is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers and both console and graphical versions are available.

2. Nikto - Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3200 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired).

3. THC-Amap - Amap is a next-generation tool for assistingnetwork penetration testing. It performs fast and reliable application protocol detection, independant on the TCP/UDP port they are being bound to.

4. Ethereal - Ethereal is used by network professionals around the world for troubleshooting, analysis, software and protocol development, and education. It has all of the standard features you would expect in a protocol analyzer, and several features not seen in any other product.

5. THC-Hydra - Number one of the biggest security holes are passwords, as every password security study shows. Hydra is a parallized login cracker which supports numerous protocols to attack. New modules are easy to add, beside that, it is flexible and very fast.

6. Metasploit Framework - The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. This project initially started off as a portable network game and has evolved into a powerful tool for penetration testing, exploit development, and vulnerability research.

7. John the Ripper - John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches.

8. Nessus - Nessus is the world’s most popular vulnerability scanner used in over 75,000 organisations world-wide. Many of the world’s largest organisations are realising significant cost savings by using Nessus to audit business-critical enterprise devices and applications.

9. IRPAS - Internetwork Routing Protocol Attack Suite - Routing protocols are by definition protocols, which are used by routers to communicate with each other about ways to deliver routed protocols, such as IP. While many improvements have been done to the host security since the early days of the Internet, the core of this network still uses unauthenticated services for critical communication.

10. Rainbowcrack - RainbowCrack is a general propose implementation of Philippe Oechslin’s faster time-memory trade-off technique. In short, the RainbowCrack tool is a hash cracker. A traditional brute force cracker try all possible plaintexts one by one in cracking time. It is time consuming to break complex password in this way. The idea of time-memory trade-off is to do all cracking time computation in advance and store the result in files so called “rainbow table”.

Read More

How To Write A Basic Keylogger In VB

Intro: What a Keylogger is made of

Before we start programming, we need to answer a basic question: what is a keylogger? As the name implies (key+logger) - a keylogger is a computer program that logs (records) the keys (keyboard buttons) pressed by a user. This should be simple to understand. Lets say that I am doing something at my computer. A keylogger is also running (working) on this computer. This would mean that the keylogger is “listening” to all the keys I am pressing and it is writing all the keys to a log file of some sort. Also, as one might have guessed already, we don’t want the user to know that their keys are being logged. So this would mean that our keylogger should work relatively stealth and must not, in any case, show its presence to the user. Good, now we know what a keylogger as and we have an idea of its functions, lets move on to the next step.

=========================================

Basic Concepts: What needs to be achieved

=========================================

Ok, now lets plan our program, what should such keyloger do and what it should not. Significant difference to previous section is in the sense that here we shall discuss the LOGIC, the instructions that our program will follow.

Keylogger will:

1 - listen to all the key strokes of the user.

2 - save these keys in a log file.

3 - during logging, does not reveal its presence to the user.

4 - keeps doing its work as long as the used is logged on regardless of users actions.

==========================================

Implementation: Converting logic into code

==========================================

We shall use Visual Basic because it is much easier and simple to understand comparing to C++ or Java as far as novice audience is concerned. Although programmers consider it somewhat lame to code in VB but truthfully speaking, its the natural language for writing hacking/cracking programs. Lets cut to the chase - start your VB6 environment and we are ready to jump the ride!

Read More

Mixed Bag - Mobile Hacking

Nokia 31xx

____________

Firmware version

*#0000# or *#3110#

IMEI Code

*# 06 #

Restores Factory Settings

*#7780#

Warranty Codes

*#92702689# (= *#war0anty#)

Just scroll down through the information. If entering the above code requires a

further warranty code try entering the following:

6232 (OK) : Month and year of manufacture

7332 (OK) : Last repair date

7832 (OK) : Purchase date (if previously set)

9268 (OK) : Serial number

37832 (OK) : Set purchase date (this can only be done once)

87267 (OK) : Confirm transfer

Nokia 5110

_____________

IMEI Number *#06#

For checking the IMEI (International Mobile Equipment Identity).

———————————————————

Security Code 12345

Default security code is 12345. If you forgot your security code, there s so many program on the net which allowed you to know the security code likes Security ID Generator, Nokia IMEI Changer, etc.

update:

Security ID Generator (SID.EXE) and IMEI Generator (NOKIAIMEI.EXE) doesn t works with Nokia 5110

Resetting Security Code

If you accidentally lock the phone or forgot the security code, the best thing to do is check it with your local Nokia dealer. For advanced user, you can use WinTesla, PCLocals or LogoManager program to read the security code or resetting the code (You will need an FBUS/MBUS (or compatible) cable to do this.

Read More

Tracking Email

MailTracking.com - What is it and how does it work?

What is MailTracking?

MailTracking is the most powerful and reliable email tracking service that exists today. In short - MailTracking tells you when email you sent gets read / re-opened / forwarded and so much more

How do I send a tracked email? There are two ways you can send tracked emails:

1. Simply add: .mailtracking.com to the end of your recipients email address (they won’t see this)
   
   or


2. Install the ActiveTracker plugin to add the tracking for you.

Testing? If you send tracked emails to yourself, your anti-spam filters may block them (people don’t usually write to themselves) - so we recommend you test by sending to other people.

What will you tell me about the tracked emails I send? MailTracking will endeavour to provide the following in your tracking reports:

• Date and time opened


• Location of recipient (per their ISP city /town)


• Map of location (available on paid subscriptions)


• Recipients IP address


• Apparent email address of opening (if available)


• Referrer details (ie; if accessed via web mail etc)


• URL clicks


• How long the email was read for


• How many times your email was opened


• If your email was forwarded, or opened on a different computer

All messages sent via MailTracking benefit from the SPF compliant and Sender-ID compliant mail servers. This confirms safe transmission of your messages, and also enables us to report delivery status to you (including: bounce-backs, delays and success notifications). Delivery information is listed in your Personal Tracking Page. Note: MailTracking.com does not use or contain any sp‌y-ware, ma‌l-ware, nor vi‌rues, it is not ill‌egal to use, and does not breach any pri‌vacy reg‌ulations in any countries.

What else does MailTracking do?

There are lots of great features available to you - these include the following sending options:

• Certified email


• Ensured-Receipts and retractable emails


• Invisible tracking


• Self-Destructing emails


• Block printing


• Block forwarding


• Adobe Acrobat PDF Document Tracking


• Secure Encypted emails


• Track MS Word or Excel documents

You can also choose how to receive your receipts:

• In your Personal Tracking Page (when you log in)


• Email ReadNotifications


• Legal Proof-of-Opening receipts


• Delivery Service Notifications (DSN’s)


• SMS alert on your cell-phone or pager


• Instant Messenger

Click Here to Register.

Read More

Your Email can be intercepted ! Check How

Top 10 Places Your Email Can Be Intercepted

i. The Internet

The Internet has radically changed the way we communicate with each other. Email is obviously an extremely valuable and ubiquitous form of communication, but with this technology comes certain pitfalls that should be understood. The path that an email message takes to reach its recipient is a complex and varying one, and while in transit that message may come under the potential scrutiny of numerous different people and organizations.

We will attempt to outline the varying paths that an email message may travel, and who some of those different people and organizations might be under whose scrutiny the message may pass. The intention of the document is not to provide a how-to guide; the only specific technique that will be discussed, packet sniffing, is one that anybody with any technical networking knowledge whatsoever is already familiar with – which brings us to an important point. At a round number, there are probably at least a million people in the world with the requisite technical knowledge necessary to intercept Internet-based email. Yes, I said a million. (There are actually probably a lot more than that - maybe several million by now, and more everyday as the populace becomes more networking-literate.) Fortunately, the number of those people who actually have the physical access necessary to intercept email is much smaller, but it is still a very large number.

ii. Internet Service Provider (ISP)

The Internet is composed of numerous different interconnected networks and systems that collectively provide a backbone for the transmission of network traffic. It is a highly dynamic physical environment: a system or network device that is here today may be gone or reconfigured tomorrow, and the underlying protocols of the Internet will automatically detect and accommodate for this change. This dynamic nature is one of the things that make the Internet so powerful. However, given the dynamic nature of the Internet, it is impossible to absolutely predict exactly what path network traffic will follow. One email message that you send could take an entirely different path to reach the recipient than another that you send to the same person. In fact, it is even worse than that: for the sake of efficiency, email messages and other network traffic are typically broken down into smaller little chunks, or packets, before they are sent across the

network, and automatically re-assembled on the other side. Each of these individual packets may in fact follow a different path to get to the recipient! (In actual practice, a given path tends to get reused until the operational parameters of that or other related paths have significantly changed.)

The net result of all this is that your message, or at least little chunks of your message, travels through an indeterminate set of systems and network devices, each of which offers a point of interception. These systems may be owned or operated by corporations and non-profit organizations, by colleges, by governments and government agencies, or by telecom and other connectivity providers. Given such a widely divergent group, it is easy to see how either an unethical organization or a renegade employee may easily gain access to the messages and traffic crossing their systems. All of these factors combine to make the Internet itself the primary source of message interception points.

Read More