11/10/2012 11:49:00 pm Unknown , 0 Comments


How to Hack/Bypass windows password.

In this article we are exactly going to tell you the same.

To hack or Bypass windows passwords is not a difficult task actually. If you have the required tools you can easily bypass windows password.


However Learn Hacking highly discourages the use of blackhat hacking techniques and use this knowledge only for a good reason. Say you forgot your computer’s password and want to recover it, you may use this method.

Now coming back to the main topic again:-

We are going to use a tool called Hirens Boot CD to crack windows passwords.

Download Hirens boot cd from

http://www.hirensbootcd.org/files/Hirens.BootCD.15.1.zip

Q) Where are windows password saved?
 A) Windows first encrypts the password using some algorithm and then saves it to a Sam file.This sam file is locked and no user account including the administrator can use this file.This file is located in windows/system32/config.

Q) What is the above link ?
 A) The link given above is the download link for “hirens boot cd “.
 It is a special type of live cd bunched with popular and useful freeware tools .The link is to hirens boot cd 15.1 ,but you can download any earlier version.
 The main reason for choosing this cd is that it contains number of useful softwares.There are many other Live cds too ,you can even try them.

Q) what is a live cd?
 A) Live cd is a cd/dvd or any other portable media containing bootable Operating system.These media have the unique ability to run operating system without altering the files and operating system installed on the hard disk of the pc.
 It generally places it files in the Ram[random access memory ,volatile memory],so when a pc is rebooted all it files are deleted automatically.

Q) How does this cd helps us?
 A) Since this live cd doesnt use the pre installed operating system ,we can edit/delete files [even the locked ones ie sam file].You can also use utilities present in this cd to change the windows password.

Steps to use Hirens Boot CD to Hack Windows Password:-
 1 ) Download the zip file from the above link.
 2 ) Extract it.
 3 ) There will be a .iso file . Burn that file to cd using nero/poweriso or anyother software you have.
 4 ) Boot using this cd ie insert this cd in CD-Rom and restart [Make sure that cd-rom has the highest boot priority]
 5 ) After booting ,It will show a menu , Choose “Mini windows xp”.It will take some time to launch.
 6 ) After it is finished ,You will be having a windows classic style desktop.
 7 ) Click on start>>Hiren boot cd menu [HBCD menu]
 8 ) It will open a dialogue box,click on “Menu” >>click on “password and keys”, there you will be having a list of softwares,click on “”Password renew”".
 9 ) Now click on select target ,Browse to your windows ie “c:windows” and press ok.
 10 ) Click on “Renew exisiting user password” and then choose the Your user account .
 11 ) Enter the desired password and hit install.
 12 ) You are now done just restart Your pc and login using your new password.

Prevention :
 In the Bios settings set the minimum boot priority for removable devices . In this way the CD?DVD/USB wont boot and the method specified above wont work . Also set the password at the BIOS  so no one will be able to change the Boot settings .

11/10/2012 11:40:00 pm Unknown , 0 Comments


What is Metasploit
How to use the Metasploit Framework


What is Metasploit | How to use Metasploit Framwork
History of Metasploit

What is Metasploit Project: The Metasploit Project is a computer security project which aims at providing information about security vulnerabilities and helps in penetration testing and Patching the exploits.
Metasploit framework is its famous sub project, a tool for developing and executing exploits against a remote machine. Apart from Metasploit Framework, Metasploit Project is well known for is anti-forensics and loopholes evading tools.
 Other important sub-projects include the Opcode Database, shellcode archive, and security research.
 About the Metasploit framework :
Metasploit Framework was programmed by HD Moore in 2003 as a network tool using PERL scripting language. It was reprogrammed using RUBY. You can develop and execute exploits against any target machine using this framework.
 this framework comes with many inbuilt exploits and payloads.

Basic steps on How to use Metasploit Framework :

1. Searching and configuring an exploit : Searching exploit on the basis of data acquired by scanning and footprinting the target machine.(current version of Metasploit comes with around 800 exploits against different services.
 2. Choosing and configuring a Payload : Payload is the code that will be executed upon the successfully entry into the target machine, for example, a remote shell.
 3. Choosing the encoding technique to encode the payload so that the intrusion-prevention system (IPS) will not catch the encoded payload;
 4. Executing the exploit.
 The capability of combining any exploit with any framework is the best feature of Metasploit Framework.
 Metasploit runs on all versions of unix and windows also. It includes two command line interface, a web browser based interface and a GUI.

Choosing exploit and payload is tricky work, you need to gather information about the target machine in order to make the eploit work. this information can be gathered using Port scanning and network scanning techniques Which will be covered in upcoming posts.

Where to get Metasploit Framework?
 You can download the free version from the official Metasploit site- http://www.metasploit.com/download/
 The free version also comes as a preinstalled application in all versions of Backtrack.

Have a look at the other Penetration tools by Metasploit Project :
http://www.metasploit.com/about/choose-right-edition/

Well Metasploit framwork might be a new tool to play with for some of you. Metasploit framework is pretty cool to play with and once you learn to use it the right way for Ethical Hacking, you are going to use this penetration testing tool often.

Want to learn more from us, if yes then make sure that you subscribeto Learn Hacking and get regular updates on your email id..:)

Or you may also follow Learn Hacking on Twitter by clicking over hereand our Facebook Fanpage by click over here to learn how to hack.

– Ethical Hacking was never so easy and interesting;-)

How to Use Any SIM in Any Modem Without Unlocking it

11/07/2012 06:49:00 pm Unknown , 0 Comments

AIRTEL,BSNL,AIRCEL,VODAFONE MODEM UNLOCKER FOR FREE

Every One its not possible to use any sim in a modem without unlocking. For that you have to Pay. 
But dont worry with the following trick you can do it for free :-) 

Step by step instruction: 

1. Insert SIM in Modem 

mmmmmmmmmmmmmm 
mmmmmmmmmmmmmm 

2. Modem show invalid SIM, just ignore it and close modem software. 

3. Start NOKIA PC suite. 

4. Go to Nokia pc suite connect to internet option. 

mmmmmmmmmmmmmm 

5. Go to Configure. Select your data card modem,and make all operator apn setting as like when we use Nokia mobile connection. 
Eg:- Apn for Airtel – airtelgprs.com


mmmmmmmmmmmmmm 

6. Finish set up. 

7. Now connect to internet through PC suite. 

mmmmmmmmmmmmmm
8. Wow your net is connected without unlocking the modem.

11/06/2012 08:54:00 pm Unknown , 0 Comments

In this tutorial we will discus how you can setup a lab for yourself to practice hacking on your system. At very basic level a hacker is in need of 2-3 systems with a Wired LAN or Wireless LAN. But if you are the one who has started just like me with just one laptop or computer then possibly there's no way you can match this setup. So following was my solution to start practicing with only one laptop or PC meeting above criteria of multiple computers connected in LAN. At most basic level following are your requirements.

Requirements:
A Computer:
First of all a computer which must have minimum following configuration.
A processor with 1.7GHz clock speed,
120GB + Hard disk
2GB RAM, Please note than your RAM must be above 1GB for practicing. If your RAM is less than 1GB or 1GB I 'll highly recommend you buy 512MB module extra or 1GB gigs for you.

A Virtual PC Emulator:
A virtual PC emulator is needed since I assumed you don't have multiple PC's to setup your lab, even if you have it I would prefer to advice you to use a Virtual PC Emulator. There are several options to pick from but our pick is “Oracle's Virtual Box”. Reason its open source means free, low on resources, supports all kind of network types, no problem to setup screen options, it automatically setups resolution once you install guest installation and have nearly all that features that a professional virtual PC emulator may have. Following is download link to virtual box latest version.

A professional choice is VM-Ware. You can purchase it from following link if you want to run it on Mac.


Though VM-Ware have several advantages over Virtual Box, virtual box is just good to go. Prefer it if you want to shed money.

An Online Synchronization Service:
If you think even that needs shedding money, then I want to assure there's again a free alternative available, its name is Drop Box. Go to www.dropbox.com and create your personal free account then download its setup file and install for synchronization.

A Static IP Address:
Now that will be problem to get a static IP address since a static IP Address may cost you nearly $100 I.e approximately Rs.5000. But don't worry about it we have a free alternative solution to counter problem of static IP. So when there'll be need I 'll clear how to tackle it else even if you have money to shed I will not recommend it.

A PC restore utility:
There are no free alternative to PC Restore Utilities so we will work out on evaluation version. Download Farconics Deep Freeze from following link

IP Address Hiding Utility:
Proxy Servers, Anonymizors and VPS are some IP address hiding options. We will discuss them when their need will come in to play.

High Speed Internet Connection:
Of course when you want to learn hacking you need a high speed Internet connection. Opt for a USB dongle by BSNL, TATA, Reliance as mobile broadband and BSNL land-line broadband is just much better option. If you don't have high speed connection and you work on slower connection like GPRS and dial-ups its hard to learn hacks done over Internet.

Procedure:
Before you proceed create a separate partition for installation of Virtual system, the partition must be at least 15GB in size. First of all download latest version of Oracle's Virtual Box and install it on your system. While installation it'll ask several times about installing various components just press OK for all of them because you'll need them all.
Watch following video tutorial on how to setup and install OS in Virtual System.
Once installation is done virtual box will come up with several pop ups when you'll be using it, please read each pop up because they are your tutorials to master “Virtual System Environment”. Please please please, don't skip any of those pop ups. When your installation will be over you'll see virtual system isn't really working in full screen. To tackle it run virtually installed system click on devices and “Install Guest Additions”. From next time it will run in full screen.
Setting up virtual system is done, now jump up to the next part start your virtual system open web browser of virtual system and download Drop-Box application and sign in to it. Now onwards whenever you'll download any software for hacking paste it into Drop Box default folder, it'll synchronize it with your online storage. After installing and signing up Drop Box download Deep Freeze don't install it now. Shut down your Virtual System and copy virtual hard disk as backup in another folder, start system and install Deep Freeze, before installing it read its online manual so that you should not get problem using it. Now when your Deep Freeze evaluation time expires just delete older hard disk and copy the backup and start over again. This will keep your evaluation copy last forever. If you haven't yet understood what we actually did with virtual box then I should clear we just setup a Virtual LAN for our practice using just a single computer. So you can't now boast you don't have a LAN to practice or a remote host to practice. You can run two virtual systems simultaneously if you have at least 2GB RAM. This not only solves our problem of private LAN to practice but it indirectly also offers you remote host to attack on. Our personal say is don't install virtual system on Windows XP or Vista, get Windows 7 or Server 2008.
Lab setup tutorial is over now go and setup your systm to get started. Please ask if you have got any problems related to setup, if everything is fine please don't forget to convey me. Thanks for reading keep visiting.

11/06/2012 08:51:00 pm Unknown , 0 Comments

Password hacking is complicated stage in hacking cycle since it is not only the step which allows you access in victim’s PC but it marks origin of real hacking. But before trying anything else an attacker will always try to exploit victim using default password of device used by victim. A unchanged default password is always held as misconfiguration as per hacking is concerned. An attacker at very first stage may try to crack BIOS passwords,
router passwords, switch passwords, dial-up passwords, modem passwords and passwords of other networking and communication devices by using their default password. There are several sites available which store huge database of default passwords. Following list shows some of them the list of password they store are more than sufficient, if you have this list you can breach any device with default password.

So far as I know http://www.defaultpassword.com/ is biggest database of default passwords available online. You can browse through list of thousands of manufactures and their product. You can also search for specific manufacturer and its device and can also contribute list for newer default passwords.

It is second biggest and much accurately sorted default password database as per my view is concerned. It has listed all vendors in their alphabetical order. When you click on vendors name it shows you device name, its default password and few word description about how to use it for attack.

Whenever you want to find out default password I will recommended try this site first. You can easily search for passwords using their navigation. Searching for password in their database is so easy you will hardly need any effort to search, since you can search by vendor name, product name and even by model number. Their database includes default password for equipments and software from many vendors including 3Com, Cisco, Nortel, IBM, HP, Compaq, Digital, D-link, Linksys, Oracle, Microsoft and many more.

It is special database to search passwords for routers, select router manufacturer and press find password it will list all models along with their numbers, user-names and password.
Some other sites that store default password.



11/06/2012 08:46:00 pm Unknown , 0 Comments

Google Hacking

Google hacking, most commonly misunderstood words by newbies as making queries on Google search to find out songs and movies. But it is just part of scope that Google hacking covers, experienced hackers will find this article as incomplete though it is stuffed with lot of things.

What is Google hacking:
Google hacking is term given to create and use complex queries on search box to get expected results from Google. But in reality it includes using each and every tool that is provided by Google as hacking weapon. Did I forget to mention Google Hacking is part of Reconnaissance, that means if you have skipped previous posts then it will be harder for you to understand power of Google Hacking. In this section I 'll show you using some of its applications as hacking related tool rest is left to your creativity.
Cached Pages:
I know each and everyone of you have some day used Google in spite of what your favorite search engine is. You must have seen a link to “Cached Similar” pages whenever you run any search query. Cached pages store history pages for its users like you and me. Cached pages is good source of tracking down website activities. Suppose site contains a file whose link is removed from main website, now you want access to that file, cached pages can help you out.
OK now please type “DAYS OF LIFE OF DEVIL” in Google and browse for cached pages, note differences between main site and cached site.
Google Translator:
You might not be knowing but you don't need proxy servers to bypass security because we already have a online proxy tool known as “Google Website Language Convertor”. This is Google’s online tool for converting language of website to your native language(The Language Convertor you can see on this website is nothing but derivative of this tool), the powerful feature of this Google applications is that it can be used as proxy server. When you'll type “Google Website Language Convertor” it'll open for you following link,
Now type URL of website you want select language conversion and press enter, if your page is already in language you want to browse it then select any language from “from” section and select your language in “to” section.
Basic Search Queries:
link:
This query searches for all links that ends to site mentioned after query.
inurl:
This query will search occurrences of word specified in URL 's.
Syntax: inurl:“NRUPEN
site:
This query is used by combining it with other queries. So we will discus it later.
Intitle:
This query will search occurrences of word specified in title or website.
Syntax: intitle:“NRUPEN
filetype:
This query will search occurrences of filetype specified.
Syntax: filetype:doc “Google hacking”
Directories And Files Listing:
Apache server by default uses “Index of ” type title to transverse navigation which can be exploited using Google queries to get specific file or folder.
Syntax: intitle:index.of “songs”
Now try to figure out what what above query will do.
Grabbing Banner:
Banner Grabbing is method in Scanning phase which is used for getting type and version of application. Here for now, we will skip it and will open our look for it while discussing scanning phase.
Combining Queries:
Now all above queries mentioned above can be combined to get powerful information from search engine via victim. It can open nearly everything about victim about software, hardware, documents if victim is unprotected against Google Crawlers. Depending upon your skills we leave how to use them combined for purpose but will show you how to combine them.
Try following one by one, one you use them you'll know which combination can be used when,
site:nrupentheking.blogspot.com + inurl:hacking
site:nrupentheking.blogspot.com inurl:hacking
inurl:admin inurl:php
Johnny Long:
Johnny Long maintains a website which keeps a brief database of using Google search queries. Browse for his name and you'll be lead to his website were you can click on Google Hacking Database to learn more than what we discussed here.
Google Hacking Tools:
There are several search quires that you can make using Google but remembering them is not that easy task so we have some ready made tools that do our job for us. Following are some of them,
Site Digger Tool: Uses Google hacking database to give out results from caches and also traces errors.
Gooscan: This tool also uses Google Hacking database and is also able to mark out vulnerabilities.
Google Hacks: It is one the most used Google hacking tools. Have very easy and understandable user interface, can solve all your download needs, must use tool for everyone.
Note: Please be sure we have not covered everything related to Google Hacking. I just gave some brush up so that you can practice them then I 'll cover Advanced Google Hacking, please note that maximum of our Google hacking queries are formed using above search queries so please practice, advanced Google hacking will be covered at last stage of reconnaissance phase. Please don't forget to ask whatever you were unable to understand in this post. Thanks for reading and keep visiting.

Trojan

11/06/2012 08:38:00 pm Unknown , 0 Comments

In this post we will learn how to create Remote Administration Tool(RAT). But before we proceed let's discus some basic terminologies.

Trojan: Trojan horse or Trojan is a malware that appears to perform a desirable function for the user prior to run or install but instead facilitates unauthorized access of the user's computer system. It is harmful software/code that appears legitimate. They come packed with some other piece of code or software and hence users get tricked to run them. The term Trojan has been derived from the Trojan Horse from Greek Mythology.

Types Of Trojan:
1.Remote Access Tool (RAT)
2.Proxy
3.File Sending Trojan
4.Security Disable rs
5.Denial Of Service (DOS)
6.File Sending Trojans(FTP Trojan)
7.Destructive Trojans

Remote Access Tool(RAT): Remote Administration Tool also known as RAT is used to remotely connect and manage single or multiple computers. RAT is one of the most dangerous Trojan because it compromises features of all types of Trojans. It provides an attacker with nearly unlimited access to host computer along with Screen Capture, File management, shell control and device drivers control. RATs uses reverse connections to connect remote system and hence are more likely to remain undetected. They can hide themselves in process space of legitimate program and hence never appear in task manager or system monitors.

A Trojan generally has two parts Client and Server or Master and Slave. We can say Server is Slave and Client is Master. So a server side is installed on a remote host and the attacker manipulates it with client software. In olden days making a Trojan was a job of master programmer but now a days several Trojan building tools are available. Most of them usually have same kinda interface so its quite easy to use any Trojan client once you have used any one of them . Following is list of some well known Trojans and Trojan Building Tools,

1.Casa RAT
2.Back Orifice
3.Bandook RAT
4.Dark Comet Rat
5.Cerberus
6.Cybergate
7.Blackshades
8.Poison Ivy
9.Schwarze Sonne RAT
10.Syndrome RAT
11.Team Viewer
12.Y3k RAT
13Snoopy
15.5p00f3r.N$ RAT
16.NetBus
17.SpyNet
18.P. Storrie RAT
19.Turkojan Gold
20.Bifrost
21.Lost Door
22.Beast
23.Shark
24.Sub7
25.Pain RAT
26.xHacker Pro RAT
27.Seed RAT
28.Optix Pro RAT
29.Dark Moon
30.NetDevil
31.Deeper RAT
32.MiniMo RAT

If you think the list is very big then I must tell you it's not complete nor it covered 25% of RAT building tools.

Demonstration: How to create a RAT:Since there are several tools available and most of them have same kinda interface we can select any RAT building tool for demonstration. So here we select Cerberus Client to demonstrate working of RAT. Please note that using RAT for hacking is crime please take this demonstration for educational purpose only.

Type “Download Cerberus RAT” in Google search and download Cerberus RAT. Execute Cerberus file and launch program. Accept EULA and following interface will be launched in front of you.
To create server press new button.

As you can see there are several options are available in settings but for our demonstration we will use most common settings. In “Basic Option” type your IP address and then press “+”. In identification name of the server from which your client will identify to which server it's listening, this name is given for your client to identify connection. No need to specify what to put in connection password. Specify the port on which you'll like to listen. Please keep note of this port since you'll have to configure client settings to receive information on this port.
The next option is “Server Installation”. From “Directory Installation” you can select where and in which name folder your RAT server will be installed. In “File Name” option you have to specify name and extension of your server. Boot Methods gives you option to start your server as “System Service” or “User Application” take your pick or leave them untouched. “Anti-Debugging” function allows your RAT to bypass Virtualisation and Sandboxing.

From “Misc Options” you can activate key logging feature as well as you can select how your RAT can hide itself in another process.
Display Message” option gives you power to show custom message on victim's computer.
Black List Item” option allows to set logic for execution of your RAT server with respect to specific process and service. Mostly only advanced users use this feature.
Overview” allows you look of features of your RAT. Now select an icon and press create server to create server.

Now the add file function allows you to bind your RAT with any legitimate file most probable is an executable installation file. To avoid detection don't use custom message box and UN-check “Run in Visible Mode” option while creating server. 
Configuring To Listen On Client: To configure Cerberus to listen on specific port select options and put “Connection Password” and “Connection Ports” that were specified in Server. Wait for victim to execute server and then just right click on listening server and play with options.

Following is video demonstration to above procedures and methods described to create RAT using Cerberus Client.




Now when next time we will discus RAT we will take a look on how you can counter and prevent yourself from RAT attack. Please give us your comments it'll help us improve. Have a nice time and keep visiting.
Posted by Nrupen Masram
Labels: , ,

Save Your Facebook Account-4

So now its our final touch to “SAVE YOUR FACEBOOK ACCOUNT”. Before we proceed again I want to notify you that every online facebook cracking tool that I found in Google search were just scams. I'll not advice any of you to try them just because they will just waste your time.

The final way how an attacker can hack your facebook account by creating a facebook application and sending you request to use it. Please note that hacking facebook does not always include hacking passwords, it may also include getting your e-mail ID, telephone numbers and list of your friends along with their e-mail ids. If you have used any facebook application then you might remember that every application asks for access to your personal information, if you grant access application can take over every possible information that is available on your account.

You may have came across some applications like “Who visited your facebook account”, “Get Free Mobile Recharge”, “Unknown Secrets Of Girls/Boys” and “Get 1000$ wire transferred to your account”. Now even facebook don't have any mechanism to know who visited your profile then how an application will know, free mobile recharge is no doubt is bluff and that secret thing about girls/boys shows you nothing. All these applications just spam on everyone's wall of your friend list and and then they get tempted to use it and it again spams their friend list. Never believe these kinda applications they are just scamming stuff. The last but not the least is that 1000$ wire transfer, no doubt you are biggest fool if you believe that application really works. I think there is no need to explain what it really does.

At last I will just ask you to keep yourself safe from all these kinda facebook applications. If you don't use any application anymore just delete that application from your profile. If any new method will arrive which will claim its possibility to hack facebook then I ll come back with a solution. Thank you, have a nice time and keep visiting.

11/06/2012 08:21:00 pm Unknown , 0 Comments

Computer VIRUS i.e Vital Information Resource Under Seize are considered as very first form of computer threats. Computer VIRUS usually replicate themselves, damage your files and are also able to distribute themselves on network. Virus is usually a executable file. It may be different or same for different Operating system.
Most of the times virus disguise themselves as system files so that they can avoid detection. Their detection prevention mechanism is so strong that a common user can never figure out, whether a file is virus or just another system file or data file.

Viruses can be classified as follows:

Boot Sector Virus:- Boot sector viruses or MBR Viruses are responsible for damaging boot records of a system. When executed they copy themselves in boot sector and load themselves every time the system starts.(MBR i.e Master Boot Record is the record stored on hard disk or bootable CD which stores information about startup of system. In other words files stored in MBR are the very first thing that is loaded in memory for execution.). Examples of boot sector virus are Form, Michelangelo, Stone, Disk Killer etc.

File Virus:- File virus, as its name suggests are made to damage your files. They can also damage your program files and hence also known as Program Virus. They usually infect executable files, system files and driver files. Example of file virus are Sunday, Cascade etc.

Multipartite Virus:- Multipartite virus are hybrid viruses. They have properties of both boot sector and file virus. So they are more dangerous than first two mentioned above because they not only infect boot sector but also system files. Common examples are Invader, Flip and Tequila.

Stealth Viruses:-Stealth viruses are able to hide themselves to avoid detection They can store themselves in memory during scanning by Anti-Virus Programs and get restored when scanning is over. Due to their this type of stealthy nature they are named as Stealth Virus. They are so well programmed that they can even hide themselves inside other files without increasing size of file. This is also one of the mechanism they use to survive from Anti-Virus Programs. These viruses are one of the most difficult viruses to detect. Common examples are Frodo, Joshi, Whale etc.

Polymorphic Viruses:- A virus that can encrypt its code in different ways so that it appears differently in each infection. These viruses are more difficult to detect. Common examples are Involuntary, Simulate, Cascade, Pheonix etc.

Macro Viruses: Virus that infects the macros within a document or template. When you open a word processing or spreadsheet document, the macro virus is activated and it infects the Normal template (Normal.dot)-a general purpose file that stores default document formatting settings. Every document you open refers to the Normal template, and hence gets infected with the macro virus. Since this virus attaches itself to documents, the infection can spread if such documents are opened on other computers. The very dangerous thing about these viruses is they are not platform specific that means a code once written can infect any OS. Common examples are DMV, Word Concept etc.

Active-X Virus: Active-X viruses are under emerging stage. They are usually executed on victims PC via web browser. The JAVA scripts, Perl scripts, Flash scripts enabled on victim's PC without any Firewall, Anti-Virus, Internet Security Suite can easily obtain access to PC. Keeping Video and Audio plug ins ready without protection can bring Active-X Virus to your party.
How you can keep your computer virus free:
Following are some simple tips that will help you keep your computer safe from viruses,
1.Never open any pen-drive by double clicking on it open it by address pane from my computer.
2.Always keep your auto play option off.
This is how you can do it, for windows xp from start menu, click on run command write "gpeit.msc" and press enter “group policy editor” will open in front of you, now navigate
user configuration-->administrative templates-->system, find out "turn off autoplay" and make it enabled. For vista and 7 you can directly turn it off by control panel.
3.If you are buying a computer make sure you buy only original OS for it, a legal system gets updated and also gets support from vendors. A pirated copy of OS may itself contain any malicious code that may even help viruses to stay hidden from anti-virus.
4.Always keep your system and anti-virus updated and use firewall while on Internet.
5.Always keep hidden folders option and hide file types disabled, to do this open any instance of "explorer.exe" goto
tools-->folder options-->view
now disable options "do not show hidden files and folders" and "hide extensions of known files". This will help you keep eye on suspicious files and folders.

How to create Privacy Monitor using Old LCD Monitor?

11/04/2012 11:57:00 am Unknown , 0 Comments

An Electrical Engineer "dimovi" from CutYourWay.com hacked old monitor and create a new Privacy Montior that will show Blank white screen for others except you, because you are wearing "magic" glasses!. 

Requirements:
  • Old LCD Monitor 
  • single use 3D glasses from the movie theater (old sunglasses are just fine)
  • paint thinner (or some other solvent such as toluene, turpentine, acetone, methyl acetate, ethyl acetate etc)
  • box cutter (and CNC laser cutter :) but that you don't really need,  x-acto knife and a steady hand would do just fine)
  • screwdriver or a drill
  • paper towels
  • superglue

Video Tutorial:



The Text Tutorial:
Step 1Take the monitor apart
Find an old monitor that you are willing to sacrifice.
Take off the plastic frame by unscrewing all screws from the back.





Continue the Tutorial here

How to run the NTO SQL Invader in Ubuntu/Backtrack or any other Linux?

11/04/2012 11:56:00 am Unknown , 0 Comments


We recently published a news about NTO SQL Invader tool in our Hacking News network ,a new SQL Injection vulnerability scanner and exploiting tool. 

You can download the tool from here:
http://go.ntobjectives.com/l/8672/2011-12-01/DRMN

In order to get the application , you have to enter your email address. They will send the link to theapplication.

I got only NTOSQLInvader_Setup.exe file. I think you know that ".exe" files works only in Windows.(You can also run the .exe files in Linux using Wine Application).

So i installed the application the in Windows xp. When i launched the application , GUI is familiar one for me. Yes, it is written in Java. If it is written in java, then there will be .jar file inside the .exe file. So i extract it and get the jar file (jar files can be run in any OS , if you installed JRE ).

How to run the SQL Invader in Linux?
Requirements:
JRE 1.4 or 1.5 or 1.6 version

Step 1:
Download the .exe file from the given link. 
Place it in desktop.

Step 2: 
Right click on the NTOSQLInvader_Setup.exe file and click the extract here .

Now you can find a NTOSQLInvader_Setup folder in your desktop. 

Step 3:
Open the folder ,there you can see three files . We are going to need "NTOSQLInvader.jar " file only. So delete other two files.

Step 4:
That's all , copy the .jar file anywhere else or leave it in Dekstop itself.
Double click the file it will start to run.
Enjoy the application in Linux also...!!

You can run the NTOSQLInvader.jar file alone in any operating system(windows,mac,...), if you installed JRE.

Subscribe to: Posts (Atom)
Twitter Delicious Facebook Digg Stumbleupon Favorites More
RSS FeedSUBSCRIBE
Follow me!FOLLOW US
powered by Blogger | WordPress by Newwpthemes | Converted by BloggerTheme