Aug 28, 2008

How to get maximum out of an ipod

Well everyone always wonders, "How can I boost my iPod's Volume?"


Well there are program that you can use to do it such as,

1.) goPod - This program uncaps your iPod's max volume level.



2.) euPod - This program also uncaps your iPod's max volume level but can also boost your .mp3 volume a little more using mp3gain.




I however found that those programs do boost your iPod's volume but very little and they reach max volume around half way.


So I have found a way to boost your iPod's volume dramatically


First Step: Download goPod and uncap or unlock your iPod's max volume.

Second Step: This will have your songs play at a peak volume.


For iTunes 7:

1.) Open iTunes, Select Library.

2.) Select ALL songs! (Quick = Ctrl + A)

3.) Right click and select Get Info. (If a window asking if you want to edit multiple items comes up select yes.)

4.) Look at the bottom...it says, "Volume Adjustment" and has a little slider.

5.) Move the arrow to "+100%"

6.) Hit OK.


Instantly you have boosted your songs volume dramatically
Stumble Upon Toolbar Read more on this article... Read more on this article...

How to delete a virus without using antivirus

Often a virus like kinza really makes a an unwanted entry in our computers and performs some activities which results in a malfunction of the machine.So in this article i am giving a way to permamently delete the virus from the computer without using an antivirus software..
First of all copy these codes in a notepad and save it as .bat(bat is an extension file) file. Then execute it.. then puff kinza.exe is gone..for eg u can save it as blitz.bat.
Can u see that red D: Yeap that one rename it as C,D OR any other drive specification to remove virus in all your drive. For example if you want to remove it in ur USB drive , F: then replace F: instead of D:

cd\
D:
taskkill /f /im wproxp.exe
taskkill /f /im isetup.exe
taskkill /f /im imapd.exe
taskkill /f /im dxdlg.exe
taskkill /f /im imapdb.exe
taskkill /f /im imapd.exe
taskkill /f /im imapdb.exe
taskkill /f /im scvvhsot.exe
taskkill /f /im wscript.exe
taskkill /f /im Kinza.exe

reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Userinit /f /d "%windir%\system32\userinit.exe",
reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Shell /f /d "explorer.exe"


reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /t Reg_Binary /v NoDriveAutoRun /f /d ffffff03
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /t Reg_dword /v NoDriveTypeAutoRun /f /d 36
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /t Reg_dword /v NoFolderOptions /f /d 0

reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System" /t Reg_dword /v DisbleRegistryTools /f /d 0
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System" /t Reg_dword /v DisableTaskMgr /f /d 0

del /a /f /s boot.vbs
del /a /f /s wproxp.exe
del /a /f /s isetup.exe
del /a /f /s imapd.exe
del /a /f /s ActMon.ini
del /a /f /s dxdlg.exe
del /a /f /s imapde.dll
del /a /f /s imapdd.dll
del /a /f /s imapdc.dll
del /a /f /s imapdb.exe
del /a /f /s imapd.exe
del /a /f /s imapdb.dll
del /a /f /s imapdb.exe
del /a /f /s Kinza.exe
del /a /f /s autorun.ini
Stumble Upon Toolbar Read more on this article... Read more on this article...

Aug 27, 2008

How to make linux live cds

Before starting i would like to discuss what a live cd is??

A live cd holds an os that you can use without installing it in your computer..

Alright, this article is for anyone who wants to try out linux, but isn't sure if it's right for them, or if
you've wanted to make a live cd or try a certain distro out, but wasn't sure how. Well have no worry
my friends, blitz is here to help you.

Alright, for this article I'm going to use Slax for my examples. You can get it at
http://www.slax.org/download.php. Alright so first off, click on whatever one you want, I use just the
Standard Edition. So you can choose if you want to use FTP, HTTP, or a BitTorent to download it. I choose FTP
because it's the fastest (for me at least). Alright, so it's going to download an iso file. What that
is is an "image" file. No, not image as in picture, image as in image file for operating system. So after
you get that done fire up your favorite type of burner, I use nero 8. Your burning program HAS to be able to burn image files, or make
a bootable disc because if it's not a bootable disc then it won't boot when you start it up. Alright, so
burn it and everything is peachy-keen, so then start your computer with your slax cd (or whatever distro you chose) in the cd drive,
and there you go, you've got linux without actually installing it. You can do this same exact thing for
any other flavor of linux live cd's or distro you want.

Also (thanks Folk Theory for saying something), if it doesn't automatically boot up, you have to change your BIOS settings. this is different for each computer, it could be delete, or F2, or something else. You'll have to check your computer manual or it might say when your computer starts up. Then you have to change the order in which it boots up to CD Drive first, instead of hard drive or floppy, or whatever it already has. If you need anymore help with that, refer to your computer manual or search on google for changing your bios settings.

Also, I've found some other good live cd distros.

My favorites:
Damn Small Linux (DSL) -> http://www.damnsmalllinux.org
Damn Vulnerable Linux (DVL) -> http://www.damnvulnerablelinux.org
DVL is a very vulnerable distro, so you can practice your rooting, or practice fixing problems and such
and
Slax -> http://www.slax.org

Then also ubuntu distros allow you to test them out before you install them. Soooo
Ubuntu -> http://www.ubuntu.com
And also you can look at http://www.distrowatch.com for any other types of Linux.

Well hope you enjoyed my article, and have fun diving into the wonderful world of Linux.
Stumble Upon Toolbar Read more on this article... Read more on this article...

Aug 25, 2008

Free music download

Using a loophole in a winamp plugin, you can download music for free from Napster .

How to do it::


0. Download and install Napster, sign up for 14 day free trial.
1. Download and install Winamp
2. Download and install the Winamp Plug-in Output Stacker
3. Open Winamp Options->Plug-ins->Output->Dietmar's Output Stacker->Configure


a. Add out_ds.dll from Winamp/Plug-ins folder
b. Add out_disk.dll from Winamp/Plug-ins folder
c. Select out_disk.dll in the Output Stacker->Configure
d. Set the output directory and output file mode to Force WAV file
e. Exit preferences


4. Load downloaded Napster protected WMAs into your Winamp playlist
5. Press play and each file will be converted to WAV as it plays
6. Burn WAVs to CD with your favorite burning program


Three computers, one fast networked drive, and a few dedicated people: Turning Napster's 14 day free trial into 252 full 80 minute CDs of free music.
New key developments:

-If you use the "Out-lame" Winamp plugin in the Output Stacker in place of "Out-disk", you can convert straight to MP3. It still encodes no faster than realtime, but this is a great way to conserve space. WAV(Out-disk) is still recommended if you are burning CDs and want to keep as much quality as possible. I can confirm that this all works.

-You can run multiple instances of Winamp at once, each converting its own song. Each instance's playback will not interfere with any of the others, illustrating the fact that this is not simply recording the music off of your soundcard. Doing this, you can get FAR MORE than 252 full 80 minute CDs within 14 days. I can confirm that this works.

You can transcode(MP3) or decode(WAV) X albums in the time it takes for the longest track on the album to elapse. And since you're not limited to only tracks from one album at a time, you can trans/decode as many tracks as instances of Winamp your computer will run limited only by your computer's resources.
Quote from Napster's official statement:

"It would take 10 hours to convert 10 hours of music in this manner."
With the updated methods, you can convert 100 hours or 1,000 hours or 10,000 hours of music in 10 hours. The only limit is your computing resources.
Stumble Upon Toolbar Read more on this article... Read more on this article...

Aug 24, 2008

Setting up Internet connection on Kubuntu Hardy Heron Kde4 Remix

” How will I set up my internet connection on my Hardy Heron Kde4 Remix ?? ” , this was my biggest worry which was stopping me from installing Kubuntu Hardy Heron Kde4 remix on my notebook as I had read that setting up a network was a bit complicated on this platform.

So , I have found a good solution for getting connected to Wireless networks . To connect to a wireless network install Wifi-radar on your system .

To install wifi-radar , write on konsole sudo apt-get install wifi-radar

Once wifi-radar has been installed run it by typing on konsole sudo wifi-radar

Once you open the wifi-radar , it will check about all the available wireless networks and help you to connect with them. Just choose the netowk to connect and press the “connect ” button .

Another thing which you can try for wired networks is dhclient , it comes preinstalled in most of the linux based versions . All you have to do is , goto the konsole and type ‘sudo dhclient‘ and the rest will be handled by the software itself .

Stumble Upon Toolbar Read more on this article... Read more on this article...

Installing MySQL Server on Linux (Ubuntu and Kubuntu) for Ruby and Rails

I have installed MySQL on my Hardy Heron KDE4 remix and I thought that I should list the steps showing how to go about the task.i know installing my sql on a linux platform can sometimes be very irritating so i decided to help my readers by posting this article..

First of all open the terminal/konsole and type there “sudo apt-get install mysql-server ” and then press enter. You will be asked for your password and after providing password the installation will begin . In this you will also have to set up your MySQL password , so that your database remains secure .

Post installation type ” mysql -u root -p ” , you will be asked for your mysql password and after providing password , You should see the following :

Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 11
Server version: 5.0.51a-3ubuntu5.1 (Ubuntu)

Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.

mysql>

If you see the above lines ,it means you can now work on MySQL, as far as i have understood this .

Installing MySql driver :

In konsole type “apt-cache search libmysqlclient ” to find out the different library versions available.You will see text similar to the following :

libcrypt-mysql-perl - Perl module to emulate the MySQL PASSWORD() function.
ser-mysql-module - contains the MySQL database connectivity module
libmysqlclient15-dev - MySQL database development files
libmysqlclient15off - MySQL database client library

Next install the library by typing ” sudo apt-get install libmysqlclient15-dev ” on the konsole . Library will depend on the version of MySQL you are using , you can select your library from the output which comes from “apt-cache search libmysqlclient” .

Install MySQL driver with the Ruby ” gem install ” command . Type ” sudo gem install mysql ” on the konsole , here you will get various options choose “mysql-2.7″ or any other latest version and install it . On successful install you will get a message stating that mysql-2.7 has been Successfully installed .

Your Installation of mysql is complete .

If you are new to MySQL , like me , you can install MySQL Query Browser and MySQL Administrator from the Adept Manager or Synaptic both of which are default package managers for kubuntu and ubuntu respectively. I have installed Query Browser and Administrator from Adept Manager as I am a Kubuntu user and that is why I didn’t do it from the konsole .

Stumble Upon Toolbar Read more on this article... Read more on this article...

Aug 23, 2008

Recover files--the easiest way

Simple and (hopefully!) free procedures to handle unsuccessfully finalized DVDs, damaged DVDs or DVDs that have not been burned correctly by a video camcorder,recorder or burner and has some corrupt data.

It is a good idea for you to first consider other possible causes of what appear to be DVD errors such as a dirty disc surface, a dirty lens in the DVD reader or other software and hardware related problems. Prior to embarking on any of the following you need to eliminate all possible causes for having trouble with a DVD. Check to see your DVD burner has the latest firmware by going to the manufacturers website. Check to see if the media (brand and type) is compatible with your DVD burner/reader. Once you are certain that you have an unsuccessfully finalized DVD or a corrupt DVD you can get started.

Scratched DVD Disks

A simple visual inspection of the surface of the disc will tell you straight away whether your first problem is physical damage to the disc. If you can see a scratch or scratches on the surface then this may need to be addressed first. I say "may" because personally I use DVDFab to check to see if the disc will copy before I embark on any other course of action. DVDFab can read through a lot of surface errors because of its superior algorithms so I always take the lazy route and see if I can simply make a new copy. Now failing that you could go online and buy some expensive DVD scratch repair kit. Or you could do as I do and go to your local hardware store or even your own garage! All you will need is a bottle of any neutral colored (clear) car polishing product. Turtlewax happens to be the one I use. Take a VERY soft cloth (NOT paper towel), apply a little polish to the surface of the disc and GENTLY (remember, it's not a car!) rub the disc. Use straight strokes from the centre of the disc to the outer edge and continue to do this until you can see the scratch either disappear or reduce noticeably. Then using the same motion and fresh cloth buff the disc back to its original shine. Now try it with DVDFab. If you are still unsuccessful repeat the process until you can be certain, again by visual inspection, that the problem is now not coming from a damaged disc surface.

DVD Data Repair/Recovery

The software you can use for this are DVDFab, Nero 8 (trial) and Isobuster. In the case of Isobuster you can try the free features first but failing that the full featured version needs to be purchased. A straight search of Yahoo or Google will find you the relevant sites.

Put the problem disc in the DVD drive of your computer then:

1. DVDFab. Try to use DVDFab first, as it has the best algorithms for reading anything on a DVD including how it integrates with the DVD drive, honestly sometimes I think it would read a bagel if you put it in there!

Select "DVD to DVD." DVDFab will now try to read the contents of the disc and, if it can, write the contents to a folder on your hard drive. It is as simple as that. It is either going to work or not! If it does do it then the copy you now have on your hard drive will be fully repaired and you can then burn a new copy.

Failing that:

2. Isobuster. Using the free functions try to make a disc image file and burn to another DVD. Isobuster has three alternate methods of dealing with data corruption. It can replace the corrupted area with nothing, with fake data or with a series of zeros. It will give you the choice and just select them in order to try each until one works. Isobuster will not create the disc image file unless it knows it will be successful. If Isobuster has created the file (note where it was going to put it first!) you will have to re-name the extension to .iso. Use the disc image file to burn a new DVD disc. At this point, if you now have a new disc, you need to check that new one carefully. There is always the possibility that Isobuster has just made a perfect copy of your faulty disc! So now you have a brand new faulty disc!

Failing that: You will need to pay for the full version of Isobuster but ONLY buy it if you got this far. If Isobuster free couldn't even read the disc then don't bother.

>From this point forward the best you can hope for is the extraction of the MPEG video files or data files on the disc. You ARE going to lose the video menus and you may lose some of the video or data.

a. Start Isobuster then load the disc.

b. When Isobuster has detected the files on the disc run the "Find Missing Files and Folders" option under the "File" menu.

c. You will now have an entry on the left hand column of "files and folders found by their signature."

d. Select that, then go to "File," "Files found via their signature" then "Extract files found via their signature." Choose a location and let it run.

Now you will have all the files where you selected them to go. The ones with the extension .VOB are the MPEG files from your disc wrapped in the VOB container. They can then be imported into a video editing program using the "Import DVD/VR" function or can be read by most DVD burning software.

Unfinalized discs.

If at all possible try to get the original device used to create the disc to finalize it. If this is not possible or the original device is failing to successfully finalize the disc you may have to resort to the Isobuster routine above.

If you have been left with an otherwise perfectly good disc, but unfinalized, do the following.

This requires Nero 8 (Trial version).

Go to the Nero website, download and install Nero 8. Yes, it's big...sorry!

Place the unfinalized disc into the computer DVD tray. Open Nero 8 StartSmart.
Click "create and edit" at the top of the screen.
Click "author, edit and capture video." NeroVision 5 will start.
Click on the disk tools drop down menu then click "finalize disk."
In the option box that appears choose "no menus" and let it run.

Hopefully you now have a fully finalized disc that is readable.
Stumble Upon Toolbar Read more on this article... Read more on this article...

Who is the hacker

GETTIN SUM1'S IP ADREZ HU HAS HACKD UR PCFirst
open dos command,go to -(Start/Run/type "command" without inverted commas and hit enter),& in the MSDOS prompt,type:
netstat -a
(make sure you include the space in between the "t" and the "-a").



This command will show u the host name of the lamer and ofcorse urz also ..ur host name will be under local address and his wud be under foreign address.. note any suspicious name and every numbr u c aftr the host name under foreign address which is new and suspicious there(numbers are ports but i consider u totally unaware).
After ur done,now type
Netstat -an (again a space between "t" and "-an")

this will list all connections in numerical form, which makes it a lot easier to trace malicious users....Hostnames can be a little confusing if you don't know what you're doing (although they're easily understandable, as we shall see later). Also, by doing this, you can also find out what your own IP address is, which is always useful.

It wud look a bit like this
Proto.....Local Address.....Foreign Address.....State
TCP.......0.0.0.0:135.......0.0.0.0:0...........Listening
TCP.......127.0.0.1:1026....0.0.0.0:0...........Listening
TCP.......Your IP:Port......0.0.0.0:0...........Listening
TCP.......Your IP:Port......A New IP:Port.......Established

A New IP:Port -note that stuff
Now that u have a IP Addess and a host name,type
tracert type IP address/Hostname here


write whole thing there.. thats after u write tracert give a space then type A New IP we found in last step.. give a / then write..Host name we found in first step.remember no port there to be added..
This will trace the lamer which is prolly using a trojan on ur computer to do what he wants..result will give u some ip addresses ..note all of them
now go to ip2location.com/free.asp
write ip addresses in the box and see where the ips belong to..some ips will give u ISPs like mtnl ... last ip wud be his ip ..now call ur or his ISP & inform dem abt it!DO RESPOND 2 DIS..
Stumble Upon Toolbar Read more on this article... Read more on this article...

Aug 22, 2008

Linux Firewalls

Even though Linux is an operating system that is by far more secure than Windows, security issues still arise from time to time. In order for you to be completely calm and safe, you have to protect your Linux box with a firewall. Although most corporations focus on the Windows platform and thus, firewalls are mostly targeted for the Windows operating system, don’t worry; there are many firewalls available for Linux and most of them appear to do a great job.

First of all, if you are running a 2.0 version of Linux, you can use Ipfwadm. This is an old firewall system that is still used only for Linux 2.0. If you are running version 2.2, Ipchains is around. Ipchains is a software-based firewall system for Linux 2.2 OS; after Ipchains, there is Iptables. Iptables is also a software firewall but it is aimed for version 2.4 of the OS. Moreover, other firewalls such as FireHOL are designed to cooperate with Iptables. An important advantage of FireHOL is that it’s very user friendly; most of the time, it will do an automatic configuration to achieve the expected behavior.

Additionally, software firewalls such as PicoFirewall provide many storage-related advantages. For the concrete example of PicoFirewall, this mini-Firewall will be installed very quickly and will produce log files that don’t occupy much size. Of course, this doesn’t imply that the important details will be missed or that the firewall is not effective.

Finally, there are many other firewalls such as IPCop and ShoreWall. Most of those firewalls achieve the same result: extended security levels for your Linux box; thus, the choice of which firewall to get mostly boils down to personal preferences. For most of the time, users will prefer the firewall that behaves exactly as they would expect it to.

Stumble Upon Toolbar Read more on this article... Read more on this article...

Aug 20, 2008

How to hide in a Network

Hide in the (Network) Neighborhood
If you don't want your windows xp computer to show up in the network (Network Neighborhood/My Network Places) to other users on your network? One way to accomplish that is to disable file sharing. To do this, go to windows Start, right click My Network Places and select Properties. Right click your local area connection and click Properties. Uncheck the box that says File and Printer Sharing for Microsoft Networks. click OK.



But what if you want to be able to share folders with some users; you just don't want everyone on the network to see your computer's shares? There's a way:

Click Start and select Run
In the Run box, type net config server /hidden:yes
Click OK.
Now others who know the UNC path (\\computer name\share name) can connect to your computer's shares from the Run box, but it won't show upAdd Open With to all files:
You can add "Open With..." to the Right click context menu of all files.This is great for when you have several programs you want to open the same file types with. I use three different text editors so I added it to the ".txt" key.
1. Open RegEdit
2. Go to HKEY_CLASSES_ROOT\*\Shell
3. Add a new Key named "OpenWith" by right clicking the "Shell" Key and selecting new
4. Set the (Default) to "Op&en With..."
5. Add a new Key named "Command" by right clicking the "OpenWith" Key and selecting new
6. Set the (Default) to "C:\Windows\rundll32.exe shell32.dllwindows xp computer network Network Network windows StartMy Network Places Properties local areaconnection File and Printer SharingMicrosoft StartRun.Rnet config server /hidden:yesWindowsrundll32.exeshell32.dlOpenAs_RunDLL %1,", C:\ being your Windows drive. You must enter the "OpenAs_RunDLL %1" exactly this way. in the network browse list.
Stumble Upon Toolbar Read more on this article... Read more on this article...

Aug 7, 2008

Google Search Hacking

1) Google Search:- "Active Webcam Page" inurl:8080
Description- Active WebCam is a shareware program for capturing and sharing the video streams from a lot of video devices. Known bugs: directory traversal and cross site scripting.



2) Google Search:- "phone * * *" "address *" "e-mail" intitle:"curriculum vitae"
Description- This search gives hundreds of existing curriculum vitae with names and address. An attacker could steal identity if there is an SSN in the document.


3) Google Search:- intitle:"index of" finance.xls
Description- Secret financial spreadsheets 'finance.xls' or 'finances.xls' of companies may revealed by this query.

4) Google Search:- intitle:"index.of" robots.txt
Description- The robots.txt file contains "rules" about where web spiders are allowed (and NOT allowed) to look in a website's directory structure. Without over-complicating things, this means that the robots.txt file gives a mini-roadmap of what's somewhat public and what's considered more private on a web site. Have a look at the robots.txt file itself, it contains interesting stuff. However, don't forget to check out the other files in these directories since they are usually at the top directory level of the web server!

5) Google Search:- intitle:index.of.admin
Description- Locate "admin" directories that are accessible from directory listings.

6) Google Search:- inurl:"nph-proxy.cgi" "start browsing"
Description- Returns lots of proxy servers that protects your identity online

Google’s Advance Search Query Syntaxes

Below discussed are various Google’s special commands and I shall be explaining each command in brief and will show how it can be used for critical information digging.

Google Search:-[ intitle: ]

The “intitle:” syntax helps Google restrict the search results to pages containing that word in the title. For example, “intitle: login password” (without quotes) will return links to those pages that has the word "login" in their title, and the word "password" anywhere in the page.

Similarly, if one has to query for more than one word in the page title then in that case “allintitle:” can be used instead of “intitle” to get the list of pages containing all those words in its title. For example using “intitle: login intitle: password” is same as querying “allintitle: login password”.


Google Search:-[ inurl: ]

The “inurl:” syntax restricts the search results to those URLs containing the search keyword. For example: “inurl: passwd” (without quotes) will return only links to those pages that have "passwd" in the URL.

Similarly, if one has to query for more than one word in an URL then in that case “allinurl:” can be used instead of “inurl” to get the list of URLs containing all those search keywords in it. For example: “allinurl: etc/passwd“ will look for the URLs containing “etc” and “passwd”. The slash (“/”) between the words will be ignored by Google.


Google Search:-[ site: ]

The “site:” syntax restricts Google to query for certain keywords in a particular site or domain. For example: “exploits site:hackingspirits.com” (without quotes) will look for the keyword “exploits” in those pages present in all the links of the domain “hackingspirits.com”. There should not be any space between “site:” and the “domain name”.


Google Search:-[ filetype: ]

This “filetype:” syntax restricts Google search for files on internet with particular extensions (i.e. doc, pdf or ppt etc). For example: “filetype:doc site:gov confidential” (without quotes) will look for files with “.doc” extension in all government domains with “.gov” extension and containing the word “confidential” either in the pages or in the “.doc” file. i.e. the result will contain the links to all confidential word document files on the government sites.


Google Search:-[ link: ]

“link:” syntax will list down webpages that have links to the specified webpage. For Example: “link:www.securityfocus.com” will list webpages that have links pointing to the SecurityFocus homepage. Note there can be no space between the "link:" and the web page url.



Google Search:-[ related: ]

The “related:” will list web pages that are "similar" to a specified web page. For Example: “related:www.securityfocus.com” will list web pages that are similar to the Securityfocus homepage. Note there can be no space between the "related:" and the web page url.


Google Search:-[ cache: ]

The query “cache:” will show the version of the web page that Google has in its cache. For Example: “cache:www.hackingspirits.com” will show Google's cache of the Google homepage. Note there can be no space between the "cache:" and the web page url.

If you include other words in the query, Google will highlight those words within the cached document. For Example: “cache:www.hackingspirits.com guest” will show the cached content with the word "guest" highlighted.


Google Search:-[ intext: ]

The “intext:” syntax searches for words in a particular website. It ignores links or URLs and page titles. For example: “intext:exploits” (without quotes) will return only links to those web pages that has the search keyword "exploits" in its webpage.


Google Search:-[ phonebook: ]

“phonebook” searches for U.S. street address and phone number information. For Example: “phonebook:Lisa+CA” will list down all names of person having “Lisa” in their names and located in “California (CA)”. This can be used as a great tool for hackers incase someone want to do dig personal information for social engineering.
Stumble Upon Toolbar Read more on this article... Read more on this article...

Aug 2, 2008

Lan Hacking

lAN hacking: the New Hacker Mecca

Getting free Internet access through IEEE standard 802.11b wireless Ethernet LANs (often called Wi-Fi LANs or WLANs) is the newest and biggest ever hacker scene. In many areas you can get free access legally through Wi-Fi systems run by volunteers. Elsewhere, it’s the wild west all over again, with spammers, computer criminals, and mostly harmless hackers running wild on WLANs whose owners have no concept of what they are hosting.

First we will cover the easy stuff: how to break into a WLAN or in other words hacking into wireless network that doesn’t authenticate users (LANJacking). These are fairly common. To do this, get a laptop with a wireless NIC (WNIC). Configure your NIC to automatically set up its IP address, gateway and DNS servers. Then, use the software that came with your NIC to automatically detect and get you online.

For example, with an Orinoco NIC, in Client Manager set the SSID (service set identifier required to be able to exchange packets on that WLAN) to be "any" or "null." Then from the Advanced menu select Site Manager. That should show you all available Wi-Fi access points.

Once you are set up to detect WLANs, then for happiest hunting, start driving (wardriving) or walking (stumbling) around an area with businesses or apartment buildings. one thing i would like to point out, "Don’t forget airports – many VIP lounges, etc. have wireless hubs accessible from inside the airport or even in the parking lots."

How do you know when you’ve gotten online? One way is to run an intrusion detection system that alerts you when you get any kind of network traffic.

An easier and faster way to find those access points and choose the one you want to use is to run Network Stumbler, at http://www.netstumbler.com/. It shows you all Wi-Fi access points within range of you. Network Stumbler runs on Windows desktop and laptop machines, and Mini Stumbler runs on Wi-Fi-enabled PDAs. Netstumbler-like software is available for MacOSX with either an internal AirPort card or any PCMCIA Wi-Fi card at http://www.mxinternet.net/~markw/.

For NetBSD,OpenBSD,and FreeBSD you can get BSD-Airtools at http://www.dachb0den.com/projects/bsd-airtools.html.

If you want to locate vulnerable WLANs in wholesale lots, there is an even more interesting tool. At http://www.kismetwireless.net/ you can download Kismet, a WLAN sniffer that also separates and identifies many wireless networks in the area you are testing. A version of Kismet for is available for Linux. Kismet also supports FreeBSD, OpenBSD and MacOSX.
If you want to locate vulnerable WLANs in wholesale lots, there is an even more interesting tool. At http://www.kismetwireless.net/ you can download Kismet, a WLAN sniffer that also separates and identifies many wireless networks in the area you are testing. A version of Kismet for Linux, Kismet also supports FreeBSD, OpenBSD and MacOSX in on the Überhacker CD-rom.


Kismet works with any 802.11b wireless card that is capable of reporting raw packets (rfmonsupport). These include any Prism2 based card (Linksys, D-Link, Rangelan, etc), Cisco Aironet cards, and Orinoco based cards. Kismet also supports the WSP100 802.11b remote sensor by Network Chemistry and is able to monitor 802.11a networks with cards using the Ar5k chipset. Here’s where it gets interesting. There is a version that allows you to deploy many Kismet sensors for distributed sniffing. Each "drone" sensor sends packets over a TCP connection to a Kismet server. Its output can be piped into Snort and some other Intrusion Detection Systems (IDS).

You can get an idea of where easy-access Wi-Fi access points exist in abundance at http://www.WiFiMaps.com/ and http://www.wigle.net/maps. If you hunt on foot, keep an eye out for chalk marks on sidewalks or walls. These often denote Wi-Fi access points.

If you would rather hunt while sitting in your hacker lab, you can get into WLANs that are tens of kilometers away by using a directional antenna. http://www.fab-corp.com/ is an example of a place where you can buy these.

There are many commercial products for detecting WLANs. They are often used in companies that have problems with employees setting up unauthorized access points. For example, AirMagnet can run on the iPAQ PDA, and detects problems such as a Wi-Fi access point advertising its SSID.

It is legal to detect WLANs, but not to use some of the wireless systems you may access. It is best to make sure a WLAN is open to the public before using it. However, unless it requires some sort of authentication to log on, law enforcement won’t waste time pursuing casual visitors to WLANs. If you do this and get busted anyhow, well, that’s the risk you take in any unauthorized computer access.

Now we come to the slightly hard part. How do you break in if the WLAN asks for some sort of authentication? Wired Equivalent Privacy (WEP) is a common way to authenticate, and can be broken in minutes if you have a computer with a reasonably fast CPU. Since some Wi-Fi hardware is incompatible with better ways than WEP to authenticate, chances are you can find a lot of WEP nets floating around.

Airsnort is an example of a program that cracks WEP keys. Once it has captured enough packets it can usually crack WEP in a second or so, if running on Linux with a reasonably fast CPU. Airsnort has varieties that run on BSD, Linux, OS X and Windows, and can be downloaded at http://airsnort.shmoo.com/.

Now we come to the super hard part: WiFi Protected Access (WPA). It’s the latest, greatest way to keep intruders from abusing Wi-Fi. It can work, for example, with Windows Remote Authentication Dial-In Services to authenticate users – and keep the uninvited out. At this writing no technique has been publicized to break it. However, if by the time you read this, a way has been discovered, here are some web sites that are likely to offer downloads of the tools that do it, and instructions for their use.

http://www.worldwidewardrive.org/

http://www.wardriving.com/


http://www.churchofwifi.com

http://www.nakedwireless.ca/

https://mailsrv.dis.org/mailman/listinfo/wardriving


This Guide has been excerpted from the upcoming Second Edition of Überhacker! How to Break into Computers, by Carolyn Meinel. You are welcome to post this Guide to your web site or forward it to other people. Happy hacking!

This is a Guide devoted to *legal* hacking! If anyone plans to use any information in this Guide to commit crime, he/she might be seriously punished..
Stumble Upon Toolbar Read more on this article... Read more on this article...

Aug 1, 2008

Hacking using NETBIOS

This is a article is written keeping in mind those who are unaware of the fect that how hackers use the NETBIOS
for hacking...this is strictly for educational purposes,the author totaly curbs hacking in any form.


A BRIEF LESSON ON NETBIOS
NetBIOS stands for Network Basic Input Output System .It was originally developed by IBM and Sytek as an Application Programming Interface (API) for client software to access LAN resources. If you have experience of working on a LAN using Microsoft Windows Operating Systems (like Windows98 , Windows Me, Windows NT etc), you must have clicked on "Network Neighborhood" to access the computers attached to your network. After clicking on the icon you would have seen the names of the computer . Do you know what exactly happens when you click on Network Neighborhood? Your computer tries to get the names of the computers attached to the network with by issuing command to NetBIOS . NetBIOS gives the name of the computers that have been registered . In short NetBIOS gives the various information of the computers on a network . These Include-

Name of the computer

Username

Domain

Computer Name

and many others.

Like any other service it also works on a port . It has been assigned a port number 139.


THE NBTSTAT COMMAND




You can manually interact with the NetBIOS with the help of NBTSTAT command. To use this command click on the start button then select RUN... and type "command" without quotes to launch MS-DOS Command Prompt. Alternatively you may click on Start Button then go to Programs and then select Command Prompt. Once you are in Command Prompt you can exit by typing command EXIT . To launch Command Prompt in full screen mode press ALT+ENTER key combination .To get back to the original window again press ALT+ENTER key combination. If you have launched the command prompt you will get

c:\windows>

If you do not get windows displayed after c:\ don't worry just keep going , all required commands will work fine.

Now lets play with the NBTSTAT command.

If you want to get more help from MS-DOS about this command type NBTSTAT/? on the prompt i.e.

c:\windows>nbtstat/?

If you want to get the NetBIOS information of your computer type the following command

c:\windows>nbtstat -a 127.0.0.1

This command will list the NetBIOS information. A typical example

NetBIOS Remote Machine Name Table

Name Number Type Usage

workgroup 00 G Domain Name

my_computer 03 U Messenger Service

myusername 03 U Messenger Service


MAC Address = 00-02-44-14-23-E6

Please note that we have used our ip address to be 127.0.0.1 . This ip address is called as "Loop Back" ip address because this ip address always refers to the computer you are using.

This example is self explanatory . We need not go in details. We need to know about the Name and Number. The Name displays the Name of the NetBIOS and there is a corresponding hexagonal number . You may see some additional names in your case.

If you want to get the NetBIOS names of a remote computer, the command is

c:\windows>nbtstat -a ipaddress

Example - To get the NetBIOS names of a computer having ip address 203.195.136.156, we shall use the command

NOTE-203.195.136.156 may be a active ip address of someone's computer. I am using it only as an example. Please don't hack this computer.

c:\windows>nbtstat -a 203.195.136.156


WHAT YOU NEED TO HACK
All you need is a Windows based operating system like Windows 98 and Me (but I prefer Windows NT, 2000, XP) and an internet connection.


TYPES OF ATTACKS

We can launch two types of attack on the remote computer having NetBIOS.

1. Reading/Writing to a remote computer system

2. Denial of Service



Searching for a victim

You may manually search for the victims by first using the nbtstat -a ipaddress and then net view \\ipaddress . If at first you don't succeed step to next ip address until you find a suitable ip address. You may also use a port scanner .A port scanner is simply a software that can search for any block of ip address say 192.168.0.1 to 192.168.0.255 for one or more ports. "Orge" is a port scanner that gives NetBIOS names of the remote computer.



Lets Hack -Part 1 Remotely reading/writing to a victiim's computer

Believe it or not but NetBIOS is the easiest method to break into somebody's computer. However there is a condition that must be satisfied before you can hack. The condition is that the victim must have enabled File And Printer Sharing on his computer. If the victim has enabled it , the nbtstat command will display one more NetBIOS name. Now lets us take a example. Suppose you know a ip address that has enabled File And Printer Sharing and let suppose the ip address happens to be 203.195.136.156 .
The command that you will use to view the NetBIOS name is

c:\windows>nbtstat -a 203.195.136.156

Let suppose that the output comes out to be

NetBIOS Remote Machine Name Table

Name Type Status
user <00> UNIQUE Registered
workgroup <00> GROUP Registered
user <03> UNIQUE Registered
user <20> UNIQUE Registered


MAC Address = 00-02-44-14-23-E6



The number <20> shows that the victim has enabled the File And Printer Sharing.


NOTE - If you do not get this number there are two possibilities

1. You do not get the number <20> . This shows that the victim has not enabled the File And Printer Sharing .

2. You get "Host Not found" . This shows that the port 139 is closed or the ip address doesn't exists.


Now our next step would be to view the drive or folders the victim is sharing.

We will use command

c:\windows>net view \\203.195.136.156

Let suppose we get the following output

Shared resources at \\203.195.136.156
ComputerNameGoesHere

Share name Type Used as Comment

CDISK Disk


The command completed successfully.



"DISK" shows that the victim is sharing a Disk named as CDISK . You may also get some additional information like



Shared resources at \\203.195.136.156


ComputerNameGoesHere

Share name Type Used as Comment


HP-6L Print


"Print " shows that the victim is sharing a printer named as HP-6L

If we are able to share the victims hard disks or folders or printers we will be able to read write to the folders or hard disks or we may also be able to print anything on a remote printer ! Now let us share the victims computer's hard disk or printer.

Till now we know that there is a computer whose ip address happens to be 203.195.136.156 and on that computer File and printer sharing is enabled and the victim's hard disk 's name is CDISK.

Now we will connect our computer to that hard disk . After we have connected successfully a drive will be created on our computer and on double clicking on it we will be able to view the contents of the drive. If we have connected our newly formed drive to the victim's share name CDISK it means that we our drive will have the same contents as that of the CDISK .

Lets do it.

We will use the NET command to do our work .

Let suppose we want to make a drive k: on our computer and connect it to victim's share we will issue the command

c:\windows>net use k: \\203.195.136.156\CDISK

You may replace k letter by any other letter.

If the command is successful we will get the confirmation - The command was completed successfullly

The command was completed successfully

Now just double click on the My Computer icon on your desktop and you will be a happy hacker!

We have just crested a new drive k: . Just double click on it and you will find that you are able to access the remote computer's hard disk. Enjoy your first hack!


Cracking Share passwords
Sometimes when we use "net use k: \\ipaddress\sharename" we are asked for a password. There is a password cracker "PQWAK" . All you have to enter ip address and the share name and it will decrypt the password within seconds. Please note that this can crack only the passwords is the remote operating system is running on -

Windows 95

Windows 98

Windows Me




Using IPC$ to hack Windows NT,2000,XP

Now you must be thinking of something that can crack share passwords on NT based operating systems like Windows NT and Windows 2000.

IPC$ is there to help us. It is not at all a password cracker . It is simply a string that tells the remote operating system to give guest access that is give access without asking for password.

We hackers use IPC$ in this way

c:\windows>net use k: \\123.123.123.123\ipc$ "" /user:""

You may replace k letter by any other letter. If you replace it by "b" (type without quotes) a new drive will be created by a drive letter b.

Please note that you won't be able to get access to victim's shared drives but you you can gather valuable information like names of all the usernames, users that have never logged, and other such information. One such tool that uses the ipc$ method is "Internet Periscope". Another tool is "enum" - its my favorite toot however it is run on command promt.



Penetrating in to the victim's computer

Now that you have access to a remote computer you may be interested in viewing his secret emails, download hismp3 songs , and more...

But if you think like a hard core hacker you would like to play some dirty tricks like you may wish to install a key logger or install a back door entry Trojan like netbus and backorifice or delete or copy some files. All these tasks involves writing to victim's hard disk . For this you need to have write access permission






Lets Hack - Part 2 Denial of service attack


This type of attacks are meant to be launched by some computer techies because this type of attack involves using Linux Operating System and compiling C language files. To exploit these vulnerabilities you have to copy exploit code from sites like neworder,securityfocus etc and comiple them.

Stumble Upon Toolbar Read more on this article... Read more on this article...

Speed up torrent downloads

The file sharing protocol bittorrent has modified everything when it comes to file sharing. It is a nice platform for downloading large files. Sharing of files include movies, iso images and MP3 songs.
The Bittorrent system can be slow at times due to heavy traffic. So let us tweak bittorrent sharing program a little bit.
There are a lot of different bittorrent clients that you can download. I think the best are BitCommet and uTorrent. Here is a few tips to speed up uTorrent Client. Similar can be implemented on any other torrent clients ,which you are using.

Step 1: Increase TCP connections You need to increase the number of TCP connections that are allowed at max.Windows XP Service Pack 2 came with the number of allowed open connections to 10. This is to stop any piece of spyware(in our case bittorent client even) from totally taking over your internet connection. TCP connection allowed should be 50 for optimal performance. The best way to increase the maximum number of connections is to apply patch that is available at www.lvllord.de. A nice way to fix this is to download this patch . The little tweak to the torrent client works great in certain times. If you’re using uTorrent go to Options menu then Preferences. In the Preferences go the Advanced Options. In the advanced options change the net.max_halfopen connections to 80. In the same section change the max half open tcp connections to 80. Once your done click on OK and you are all set. This tweak will let the maximum TCP connection available for the bittorrent client. Now start downloading you’ll realize a little difference in the download speed. Port forwarding technique is more effective than this.
A third point of interest is that some “windows updates” revert your tweaked tcp connections back to 10. So it’s wise to check this every now and then. You can check this by going to (in windows xp) Start > Control Panel > Administrative Tools > Event Viewer > System… Look for event 4226 (sort by event).
If there are a lot of daily occurences it’s likely that the max amount of half-open tcp connections was set back to 10. Or you’re infected with some nasty spyware…


Step 2:Torrent Client Configuration

In order to apply these tips you must know your maximum up- and download speed. You can test your bandwidth over here (stop all download activity while testing). Settings 1-4 can be found in the options, settings or preference tab of most torrent clients. 1. Maximum upload speedProbably the most important setting there is. Your connection is (sort of) like a pipeline, if you use you maximum upload speed there’s not enough space left for the files you are downloading. So you have to cap your upload speed. Use the following formula to determine your optimal upload speed… 80% of your maximum upload speed so if your maximum upload speed is 40 kB/s, the optimal upload rate is 32kB/s But keep seeding!
Stumble Upon Toolbar Read more on this article... Read more on this article...

What are worms

People use e-mail more than any other application on the internet, but it can be a frustrating experience, with spam and especially e-mail worms filling our inboxes.

Worms can spread rapidly over computer networks, the traffic they create bringing those networks to a crawl. And worms can cause other damage, such as allowing unauthorized access to a computer network, or deleting or copying files.

What's a worm?
Let me first describe what a worm is..A worm is a computer virus designed to copy itself, usually in large numbers, by using e-mail or other form of software to spread itself over an internal network or through the internet.


How do they spread?

When you receive a worm over e-mail, it will be in the form of an attachment, represented in most e-mail programs as a paper clip. The attachment could claim to be anything from a Microsoft Word document to a picture of tennis star Anna Kournikova (such a worm spread quickly in February 2001).

If you click on the attachment to open it, you'll activate the worm, but in some versions of Microsoft Outlook, you don't even have to click on the attachment to activate it if you have the program preview pane activated. Microsoft has released security patches that correct this problem, but not everyone keeps their computer up to date with the latest patches.

After it's activated, the worm will go searching for a new list of e-mail addresses to send itself to. It will go through files on your computer, such as your e-mail program's address book and web pages you've recently looked at, to find them.

Once it has its list it will send e-mails to all the addresses it found, including a copy of the worm as an attachment, and the cycle starts again. Some worms will use your e-mail program to spread themselves through e-mail, but many worms include a mail server within their code, so your e-mail program doesn't even have to be open for the worm to spread.

Other worms can use multiple methods of spreading. The MyDoom worm, which started spreading in January 2004, attempted to copy infected files into the folder used by Kazaa, a file-sharing program. The Nimda worm, from September 2001, was a hybrid that had four different ways of spreading.

What do they do?

Most of the damage that worms do is the result of the traffic they create when they're spreading. They clog e-mail servers and can bring other internet applications to a crawl.

But worms will also do other damage to computer systems if they aren't cleaned up right away. The damage they do, known as the payload, varies from one worm to the next.

The MyDoom worm was typical of recent worms. It opened a back door into the infected computer network that could allow unauthorized access to the system. It was also programmed to launch an attack against a specific website by sending thousands of requests to the site in an attempt to overwhelm it.

The target of the original version of MyDoom attack was the website of SCO Group Inc., a company that threatened to sue users of the Linux operating system, claiming that its authors used portions of SCO's proprietary code. A second version of MyDoom targeted the website of software giant Microsoft.

The SirCam worm, which spread during the summer of 2001, disguised itself by copying its code into a Microsoft Word or Excel document and using it as the attachment. That meant that potentially private or sensitive documents were being sent over the internet.

How do I get rid of them?

The best way to avoid the effects of worms is to be careful when reading e-mail. If you use Microsoft Outlook, get the most recent security updates from the Microsoft website and turn off the preview pane, just to be safe.

Never open attachments you aren't expecting to receive, even if they appear to be coming from a friend. Be especially cautious with attachments that end with .bat, .cmd, .exe, .pif, .scr, .vbs or .zip, or that have double endings. (The file attachment that spread the Anna Kournikova worm was AnnaKournikova.jpg.vbs.)

Also, use antivirus eg avast and keep it up to date with downloads from the software maker's website. The updates are usually automatic.

Users also need to be wary of e-mails claiming to have cures for e-mail worms and viruses. Many of them are hoaxes that instruct you to delete important system files, and some carry worms and viruses themselves.

As well, some users should consider using a computer with an operating system other than Windows, the target of most e-mail worms. Most of the worms don't affect computers that run Macintosh or Linux operating systems.
Stumble Upon Toolbar Read more on this article... Read more on this article...
::SITES LINKING ME::

SetEnvIfNoCase Referer "^http://(www.)?securecomputing\.com" ref=1 "(.*)" Order Allow,Deny Allow from all Deny from 206.169.110.66 Deny from env=ref