Reinstalling Internet Wxplorer

rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 c:\windows\inf\ie.inf

For fast browsing via firefox

http://www.techradar.com/news/software/applications/8-hacks-to-make-firefox-ridiculously-fast-468317
***************************************************************************************
SPEED UP UR ACROBAT READER (ALMOST LIKE NOTEPAD)

1. Go to the installation folder of acrobat reader

(C:\program files\adobe\acrobat\reader\.. whatever)

2. Move all the files and folders from the "plugins" directory to the "Optional" directory. (I repeat.. cut and
paste the files NOT copy & paste).

Also make sure that acrobat reader is not open else it will lock the files and not allow you to move the files).

Folder Options Missing

Open Run and then type "gpedit.msc".

Now goto User Configuration > Administrative templates > Windows Component > Windows Explorer.

Click on Windows Explorer you will find the 3rd option on the right side of screen "Removes the Folder
Option menu item from the Tools menu"

Just check it, if it is not configured then change it to enable by double clicking on it and after applying again
set it to not configured

Converting FAT to NTFS

To convert a FAT partition to NTFS, perform the following steps.

Click Start, click Programs, and then click Command Prompt. In Windows XP, click Start, click Run, type
cmd and then click OK.

At the command prompt, type CONVERT [driveletter]: /FS:NTFS. Convert.exe will attempt to convert the
partition to NTFS.

NOTE:=
Although the chance of corruption or data loss during the conversion from FAT to NTFS is minimal, it is
best to perform a full backup of the data on the drive that it is to be converted prior to executing the convert
command

Script for removing the servey

http://paste-it.net/public/x383072/
To change the name of the registered user or company,browse to

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\ CurrentVersion

and look for RegisteredOwner and RegisteredOrganization. Double click on them and change the values

TOP PROXY PROVIDER

www.kproxy.com, http://www.shadow.com, http://miss.info, http://4proxy.com, http://conqueror.info,
https://proxify.com/, http://www.morepress.info, http://nyclife.org, http://www.pagewash.com

Although you can log in locally without a password, by default, WindowsXP Pro does not allow network
users to access the computer without a password. Typically you will receive an Unknown error 31 if this is
the case.
To change this setting:

Run gpedit.msc

Go to Computer Configuration / Windows Settings / Security Settings / Local Policies / Security Options

Double click on Accounts: Limit local account use of blank passwords to console login only
Disable this option

In many cases, it's desired to know the IP address of someone in the reconnaissance phase. The first
question to ask is what information do I have about this person. In most cases it's possible that you

have the email or IM of the target. First let's discuss the methods:

Method 1
if you have a web server hosted someplace where you can see its logs then it's very easy to send someone a
URL of an image or any webpage hosted on your web server (http://123.123.123.123/veryfunnyimage.jpg)
whenever this page is visited the web server keeps a log of who visited that page (IP address, time, browser,
OS ... and lots of more info) where you can check later to collect IP addresses.

Method 2
sometimes people get freaked out from addresses that have ip addresses in the URL so having your
webserver with a domain name would really help the person you sent the URL to press on the link
(www.mywebsite.com/veryfunnyimage.jpg)

Method 3
Some paranoid people don't open links to unknown sites. so here comes the cool trick. you can embed the
image in a post of yours in a known site that allows HTML tags with image sources like < img src = (your
image URL). in this case the URL you are going to send to the person is a link to a known website but the
website contains another link to your web server. And whenever someone views this page on the known
website, the "img src" link is invoked and voila!, you have a log entry on your webserver.

Method 4
Some Ultra paranoid people don't open links at all!! for these people I use my old trick. I send an email to
the target that looks important to him (depending on the target actually and what's important to him). This
email is in HTML format and contains a tag that links to an image on my webserver (probably a white
image not to attract attention). Now upon merely opening the email, my webserver is invoked and a log
entry is saved about the persons current IP address.
Note that this method only works if the email client allows images to be displayed (gmail disable that by
default)

Method 5
A more faster approach is IM. If you have the IM of the target, then it's possible that you try to send him a
file (not malicious, a picture or smthng). upon sending the file, a direct connection is established between
you and the target. with a simple connection monitoring application (e.g.netstat on windows), you can know
the Ip address.

Method 6
Some paranoid people don't accept files! so another trick in case of MSN is background sharing. the default
for MSN is to accept backgrounds shared by others. Actually background sharing performs file sending if
the background is not one of the default backgrounds. So the trick is to set your background for the IM to a
cool pic from your computer and share it. if the default setting was not altered on your target's IM, then he
will automatically accept it right away and a connection is opened. here comes again the connection
monitoring app where you can identify the new connection and extract the IP add of the target.

Well those are one's that I used .. do you have any other methods ?? sometimes I only have the username on
a forum or website. Any clues?

Method 7
In MSN messenger, if u don't have the display picture of the person you're talking to, the messenger will try
to download it by default. this cause the the MSN to open a direct connection. Using a sniffing tool like
wireshark will allow you to know the IP of the remote person.So basically if you don't have his display
picture and you opened the chat window you'll get your log entry. You can either convince the target to
change his/her display picture or you can remove the your local directory that caches the display pictures for
all contacts (located in application data folder for the msn) to force the messenger to redownload the picture.

Wireless Hacking

Wireless networks broadcast their packets using radio frequency or optical wavelengths. A modern laptop
computer can listen in. Worse, an attacker can manufacture new packets on the fly and persuade wireless
stations to accept his packets as legitimate.
The step by step procerdure in wireless hacking can be explained with help of different topics as follows:-
1) Stations and Access Points :- A wireless network interface card (adapter) is a device, called a station,
providing the network physical layer over a radio link to another station.
An access point (AP) is a station that provides frame distribution service to stations associated with it.
The AP itself is typically connected by wire to a LAN. Each AP has a 0 to 32 byte long Service Set
Identifier (SSID) that is also commonly called a network name. The SSID is used to segment the airwaves
for usage.
2) Channels :- The stations communicate with each other using radio frequencies between 2.4 GHz and 2.5
GHz. Neighboring channels are only 5 MHz apart. Two wireless networks using neighboring channels may
interfere with each other.

3) Wired Equivalent Privacy (WEP) :- It is a shared-secret key encryption system used to encrypt packets
transmitted between a station and an AP. The WEP algorithm is intended to protect wireless communication
from eavesdropping. A secondary function of WEP is to prevent unauthorized access to a wireless network.
WEP encrypts the payload of data packets. Management and control frames are always transmitted in the
clear. WEP uses the RC4 encryption algorithm.

4) Wireless Network Sniffing :- Sniffing is eavesdropping on the network. A (packet) sniffer is a program
that intercepts and decodes network traffic broadcast through a medium. It is easier to sniff wireless
networks than wired ones. Sniffing can also help find the easy kill as in scanning for open access points that
allow anyone to connect, or capturing the passwords used in a connection session that does not even use
WEP, or in telnet, rlogin and ftp connections.

5 ) Passive Scanning :- Scanning is the act of sniffing by tuning to various radio channels of the devices. A
passive network scanner instructs the wireless card to listen to each channel for a few messages. This does
not reveal the presence of the scanner. An attacker can passively scan without transmitting at all.

6) Detection of SSID :- The attacker can discover the SSID of a network usually by passive scanning
because the SSID occurs in the following frame types: Beacon, Probe Requests, Probe Responses,
Association Requests, and Reassociation Requests. Recall that management frames are always in the clear,
even when WEP is enabled.
When the above methods fail, SSID discovery is done by active scanning

7) Collecting the MAC Addresses :- The attacker gathers legitimate MAC addresses for use later in
constructing spoofed frames. The source and destination MAC addresses are always in the clear in all the
frames.

8) Collecting the Frames for Cracking WEP :- The goal of an attacker is to discover the WEP shared-secret
key. The attacker sniffs a large number of frames An example of a WEP cracking tool is AirSnort
( http://airsnort.shmoo.com ).

9) Detection of the Sniffers :- Detecting the presence of a wireless sniffer, who remains radio-silent, through
network security measures is virtually impossible. Once the attacker begins probing (i.e., by injecting
packets), the presence and the coordinates of the wireless device can be detected.

10) Wireless Spoofing :- There are well-known attack techniques known as spoofing in both wired and
wireless networks. The attacker constructs frames by filling selected fields that contain addresses or
identifiers with legitimate looking but non-existent values, or with values that belong to others. The attacker
would have collected these legitimate values through sniffing.

11) MAC Address Spoofing :- The attacker generally desires to be hidden. But the probing activity injects
frames that are observable by system administrators. The attacker fills the Sender MAC Address field of the
injected frames with a spoofed value so that his equipment is not identified.

12) IP spoofing :- Replacing the true IP address of the sender (or, in rare cases, the destination) with a
different address is known as IP spoofing. This is a necessary operation in many attacks.

13) Frame Spoofing :- The attacker will inject frames that are valid but whose content is carefully spoofed.

14) Wireless Network Probing :- The attacker then sends artificially constructed packets to a target that
trigger useful responses. This activity is known as probing or active scanning.

15) AP Weaknesses :- APs have weaknesses that are both due to design mistakes and user interfaces

16) Trojan AP :- An attacker sets up an AP so that the targeted station receives a stronger signal from it than
what it receives from a legitimate AP.
17) Denial of Service :- A denial of service (DoS) occurs when a system is not providing services to
authorized clients because of resource exhaustion by unauthorized clients. In wireless networks, DoS attacks
are difficult to prevent, difficult to stop. An on-going attack and the victim and its clients may not even
detect the attacks. The duration of such DoS may range from milliseconds to hours. A DoS attack against an
individual station enables session hijacking.

18) Jamming the Air Waves :- A number of consumer appliances such as microwave ovens, baby monitors,
and cordless phones operate on the unregulated 2.4GHz radio frequency. An attacker can unleash large
amounts of noise using these devices and jam the airwaves so that the signal to noise drops so low, that the
wireless LAN ceases to function.

19) War Driving :- Equipped with wireless devices and related tools, and driving around in a vehicle or
parking at interesting places with a goal of discovering easy-to-get-into wireless networks is known as war
driving. War-drivers (http://www.wardrive.net) define war driving as “The benign act of locating and
logging wireless access points while in motion.” This benign act is of course useful to the attackers.
Regardless of the protocols, wireless networks will remain potentially insecure because an attacker can
listen in without gaining physical access.

Where The Saved Passwords Stores In Windows Xp & Vista - Must for hackers and Beginers

HOW TO ACCESS REGISTRY ??

1. Goto Start Menu.

2. Click on Run.

3. Type "regedit" (without quotes) in the Run Box .After that this Windows Opens . Now you are ready to
see that.

LOCATIONS OF SAVED PASSWORDS !

# Internet Explorer 4.00 - 6.00:

The passwords are stored in a secret location in the Registry known as the "Protected Storage".
The base key of the Protected Storage is located under the following key:
"HKEY_CURRENT_USER\Software\Microsoft\Protected Storage System Provider".
You can browse the above key in the Registry Editor (RegEdit), but you won't be able to watch the
passwords, because they are encrypted.
Also, this key cannot easily moved from one computer to another, like you do with regular Registry keys.

# Internet Explorer 7.00 - 8.00:

The new versions of Internet Explorer stores the passwords in 2 different locations.
1. AutoComplete passwords are stored in the Registry under
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IntelliForms\Storage2.

2. HTTP Authentication passwords are stored in the Credentials file under

Documents and Settings\Application Data\Microsoft\Credentials
, together with login passwords of LAN computers and other passwords.

# Firefox:

The passwords are stored in one of the following filenames: signons.txt, signons2.txt, and signons3.txt
(depends on Firefox version)
These password files are located inside the profile folder of Firefox, in
[Windows Profile]\Application Data\Mozilla\Firefox\Profiles\[Profile Name]

Also, key3.db, located in the same folder, is used for encryption/decription of the passwords.

# Google Chrome Web browser:

The passwords are stored in

[Windows Profile]\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data

(This filename is SQLite database which contains encrypted passwords and other stuff)

# Opera:

The passwords are stored in wand.dat filename, located under

[Windows Profile]\Application Data\Opera\Opera\profile

# Outlook Express (All Versions):

The POP3/SMTP/IMAP passwords Outlook Express are also stored in the Protected Storage, like the
passwords of old versions of Internet Explorer.

# Outlook 98/2000:

Old versions of Outlook stored the POP3/SMTP/IMAP passwords in the Protected Storage, like the
passwords of old versions of Internet Explorer.

# Outlook 2002-2008:

All new versions of Outlook store the passwords in the same Registry key of the account settings.
The accounts are stored in the Registry under
HKEY_CURRENT_USER\Microsoft\Windows NT\CurrentVersion\Windows Messaging
Subsystem\Profiles\[Profile Name]\9375CFF0413111d3B88A00104B2A6676\[Account Index]

If you use Outlook to connect an account on Exchange server, the password is stored in the Credentials file,
together with login passwords of LAN computers.

# Windows Live Mail:

All account settings, including the encrypted passwords, are stored in
[Windows Profile]\Local Settings\Application Data\Microsoft\Windows Live Mail\[Account Name]

The account filename is an xml file with .oeaccount extension.

# ThunderBird:

The password file is located under

[Windows Profile]\Application Data\Thunderbird\Profiles\[Profile Name]

You should search a filename with .s extension.

# Google Talk:

All account settings, including the encrypted passwords, are stored in the Registry under
HKEY_CURRENT_USER\Software\Google\Google Talk\Accounts\[Account Name]

# Google Desktop:

Email passwords are stored in the Registry under

HKEY_CURRENT_USER\Software\Google\Google Desktop\Mailboxes\[Account Name]

# MSN/Windows Messenger version 6.x and below:

The passwords are stored in one of the following locations:

1. Registry Key: HKEY_CURRENT_USER\Software\Microsoft\MSNMessenger

2. Registry Key: HKEY_CURRENT_USER\Software\Microsoft\MessengerService

3. In the Credentials file, with entry named as "Passport.Net\\*". (Only when the OS is XP or more)

# MSN Messenger version 7.x:

The passwords are stored under
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Creds\[Account Name]

# Windows Live Messenger version 8.x/9.x:

The passwords are stored in the Credentials file, with entry name begins with "WindowsLive:name=".

# Yahoo Messenger 6.x:

The password is stored in the Registry, under
HKEY_CURRENT_USER\Software\Yahoo\Pager
("EOptions string" value)
# Yahoo Messenger 7.5 or later:
The password is stored in the Registry, under
HKEY_CURRENT_USER\Software\Yahoo\Pager - "ETS" value.
The value stored in "ETS" value cannot be recovered back to the original password.

# AIM Pro:
The passwords are stored in the Registry, under
HKEY_CURRENT_USER\Software\AIM\AIMPRO\[Account Name]

# AIM 6.x:
The passwords are stored in the Registry, under
HKEY_CURRENT_USER\Software\America Online\AIM6\Passwords

# ICQ Lite 4.x/5.x/2003:

The passwords are stored in the Registry, under
HKEY_CURRENT_USER\Software\Mirabilis\ICQ\NewOwners\[ICQ Number]
(MainLocation value)

# ICQ 6.x:
The password hash is stored in
[Windows Profile]\Application Data\ICQ\[User Name]\Owner.mdb (Access Database)
(The password hash cannot be recovered back to the original password)

# Digsby:
The main password of Digsby is stored in
[Windows Profile]\Application Data\Digsby\digsby.dat
All other passwords are stored in Digsby servers.

# PaltalkScene:
The passwords are stored in the Registry, under
HKEY_CURRENT_USER\Software\Paltalk\[Account Name].

VODAFONE HACKING

This method has been tested on different mobiles and has been confirmed to be working.
Followng are the Settings you require to configure on your Mobile:

Account Name: Vodafone_gprs

Homepage: http://live.vodafone.in
User Name: (no need)
Pass: (no need)

Access Point Settings :-

Proxy: Enabled
Proxy Address: 10.10.1.100
Proxy Port: 9401
Data Bearer: Packet Data

Bearer Settings :-
Packet Data Access Point: portalnmms
Network type: IPV4
Authentication: normal
User Name: (no need)
Password: (no need)

*IF that happen this settings is not working then change the proxy port number to:-

Proxy Port: 9401

Sitemeter Hack - Hide Visual Tracker (Counter)

Sitemeter, one of the best traffic counter for websites/blogs, it shows online users, Referrals (From where
people coming to your site), country locations, browser etc etc.. all in detail.

This counter is visible to all visitors.

Invisible Counters (Tracker) is available for Premium Accounts Only…!

But you can easily hack to hide it.

Its just few setting changes which will work fine.

1) Login into your sitemeter account.

2) Go to ‘Manager’ from top menu.
3) Go to ‘Meter Style’ option from left hand menu.
4) Select 2nd last meter style (Counter, which shows simple numbers).previewmeter
5) Now in “DIGIT COLOR” select ‘Transparent’, Similarly in “BACKGROUND COLOR” select
‘Transparent’.
6) DONE.

Now your sitemeter counter is invisible from normal eyes in your site
Place it anywhere in your website/blog, and track your traffic, users.

Shutdown Command Via Command Prompt

The 'Shutdown' Command Becomes More Flexible and Automated when used from the Command Prompt.

To Run the 'Shutdown' command from the command prompt, go to 'Start > Run', type 'cmd', and press
'Enter'.
In the black box (the command prompt) type 'Shutdown' and the Switches you want to use with the
'Shutdown' command.
You have to use at least one switch for the shutdown command to work.

The Switches :-
The 'Shutdown' command has a few options called Switches. You can always see them by typing 'shutdown
-?' in the command prompt if you forget any of them.

-i: Display GUI interface, must be the first option

-l: Log off (cannot be used with -m option)
-s: Shutdown the computer
-r: Shutdown and restart the computer
-a: Abort a system shutdown
-m \\computername: Remote computer to shutdown/restart/abort
-t xx: Set timeout for shutdown to xx seconds
-c “comment”: Shutdown comment (maximum of 127 characters)
-f: Forces running applications to close without warning
-d [u][p]:xx:yy: The reason code for the shutdown u is the user code p is a planned shutdown code xx is the
major reason code (positive integer less than 256) yy is the minor reason code (positive integer less than
65536)

Note :- I’ve noticed using a switch with a '-' sign doesn’t work sometimes.
If you are having trouble try using a '/' in place of '-' in your switches.

Examples :-
shutdown –m \\computername –r –f
This command will restart the computer named computername and force any programs that might still be
running to stop.

shutdown –m \\computername –r –f –c “I’m restarting your computer. Please save your work now.” –t 120
This command will restart the computer named computername, force any programs that might still be
running to stop, give to user on that computer a message, and countdown 120 seconds before it restarts.

shutdown –m \\computername –a
This command will abort a previous shutdown command that is in progress.

Using A Batch File :-

You can create a file that performs the shutdown command on many computers at one time.

In this example I’m going to create a batch file that will use the shutdown command to shut down 3
computers on my home network before I go to bed.

Open 'Notepad' and type the shutdown command to shut down a computer for each computer on the
network.
Make sure each shutdown command is on its own line.
An example of what should be typed in notepad is given below-

shutdown –m \\computer1 –s
shutdown –m \\computer2 –s
shutdown –m \\computer3 -s

Now I’ll save it as a batch file by going to file, save as, change save as type to all files, give the file a name
ending with '.bat'. I named mine 'shutdown.bat'.
Pick the location to save the batch file in and save it.

When you run the batch file it’ll shutdown computer 1, 2, and 3 for you.
You can use any combination of shutdown commands in a batch file.

Run Fire fox inside Firefox

chrome://browser/content/browser.xul

Reveal Passwords Using Javascript

Want to Reveal the Passwords Hidden Behind Asterisk (****) ?

Follow the steps given below-

1) Open the Login Page of any website. (eg. http://mail.yahoo.com)

2) Type your 'Username' and 'Password'.
3) Copy and paste the javascript code given below into your browser's address bar and press 'Enter'.
javascript: alert(document.getElementById('Passwd').value);

4) As soon as you press 'Enter', A window pops up showing Password typed by you..!

Note :- This trick may not be working with firefox

Rapidshare Hack, No waiting for 15 mins

-: Rapidshare Hack :-

There are two hacks to beat Rapidshare download limits and waiting time.

1) Rapidshare Hack (For Firefox Users) :-

The hot new Firefox plug-in takes browser customization to a whole new level by letting users filter site
content or change page behaviors.
The glory of open-source software is that it allows anyone with the inclination and the scripting knowledge
to get under the hood and hot-rod their computing environment.
But most of the time, that advantage is available only to people with the programming skills to make the
changes they want.

That's where Greasemonkey, a free plug-in for Firefox, comes in -- it simplifies hacking the browser.

Released at the end 2004, Greasemonkey is the latest in a growing arsenal of Firefox customization tools.
It changes how Web pages look and act by altering the rendering process.

http://greasemonkey.mozdev.org/

1) Install the Greasemonkey extension>>

http://downloads.mozdev.org/greasemonkey/greasemonkey_0.2.6.xpi
2) Restart Firefox
3) Go to http://rapidshare.de/files/1034529/rapidshare.user.js.html
4) Right click on rapidshare.user.js and choose "Install User Script".
5) Run FireFox.
6) From 'File' Menu click on Open File then browse to whereever you saved the 'greasemonkey.xpi' plug-in.
Open it, wait a couple seconds for the install button becomes active.
7) Click on it to install this plug-in then CLOSE FIREFOX.
8) Run FireFox again.
From the File Menu click on Open File then browse to whereever you saved the 'rapidshare.user.js'.
9) Open it.
10) Click the Tools Menu then click on Install User Script then click OK.
11) Close FireFox.
The script will let you enjoy "no wait" and multiple file downloads......!

2) Rapidshare Hack (NIC Tricks and MAC Cloning) :-

Rapidshare traces the users IP address to limit each user to a certain amount of downloading per day.
To get around this, you need to show the rapidshare server a different IP address.
Here are some methods for doing this-

A] Short-Out the javascript:

1) Goto the page you want to download
2) Select FREE button
3) In the address bar put this- javascript:alert(c=0)
4) Click OK
5) Click OK to the pop-up box
6) Enter the captcha
7) Download Your File

B] Request a new IP address from your ISP server:

Here’s how to do it in windows:
1) Click Start
2) Click run
3) In the run box type cmd.exe and click OK
4) When the command prompt opens type the following. ENTER after each new line.
ipconfig /flushdns
ipconfig /release
ipconfig /renew
exit
5) Erase your cookies in whatever browser you are using.
6) Try the rapidshare download again.
Frequently you will be assigned a new IP address when this happens.
Sometime you will, sometimes you will not. If you are on a fixed IP address, this method will not work.
If this works for you, you may want to save the above commands into a batch file, and just run it when you
need it.

C] Use a proxy with SwitchProxy and Firefox:

1) Download and install Firefox
2) Download and install SwitchProxy
3) Google for free proxies
4) When you hit your download limit, clean your cookies and change your proxy

D] You can use a bookmarklet to stop your wait times:

1) Open IE
2) Right Click On This Link
3) Select Add to Favorites
4) Select Yes to the warning that the bookmark may be unsafe.
5) Name it “RapidShare No Wait”
6) Click on the Links folder (if you want to display it in your IE toolbar)
7) Click OK
8) You may need to close and reopen IE to see it
9) Goto rapidshare and click the bookmarklet when you are forced to wait
PassWord Hacking
Password cracking is the process of recovering secret passwords from data that has been stored in or
transmitted by a computer system. A common approach is to repeatedly try guesses for the password.
Most passwords can be cracked by using following techniques :

1) Hashing :- Here we will refer to the one way function (which may be either an encryption function or
cryptographic hash) employed as a hash and its output as a hashed password.
If a system uses a reversible function to obscure stored passwords, exploiting that weakness can recover
even 'well-chosen' passwords. One example is the LM hash that Microsoft Windows uses by default to store
user passwords that are less than 15 characters in length.
LM hash breaks the password into two 7-character fields which are then hashed separately, allowing each
half to be attacked separately.
Hash functions like SHA-512, SHA-1, and MD5 are considered impossible to invert when used correctly.

2) Guessing :- Many passwords can be guessed either by humans or by sophisticated cracking programs
armed with dictionaries (dictionary based) and the user's personal information.

Not surprisingly, many users choose weak passwords, usually one related to themselves in some way.
Repeated research over some 40 years has demonstrated that around 40% of user-chosen passwords are
readily guessable by programs. Examples of insecure choices include:

* blank (none)
* the word "password", "passcode", "admin" and their derivatives
* the user's name or login name
* the name of their significant other or another person (loved one)
* their birthplace or date of birth
* a pet's name
* a dictionary word in any language
* automobile licence plate number
* a row of letters from a standard keyboard layout (eg, the qwerty keyboard -- qwerty itself, asdf, or
qwertyuiop)
* a simple modification of one of the preceding, such as suffixing a digit or reversing the order of the letters.
and so on....

In one survery of MySpace passwords which had been phished, 3.8 percent of passwords were a single word
found in a dictionary, and another 12 percent were a word plus a final digit; two-thirds of the time that digit
was.
A password containing both uppercase & lowercase characters, numbers and special characters too; is a
strong password and can never be guessed.

Check Your Password Strength

3) Default Passwords :- A moderately high number of local and online applications have inbuilt default
passwords that have been configured by programmers during development stages of software. There are lots
of applications running on the internet on which default passwords are enabled. So, it is quite easy for an
attacker to enter default password and gain access to sensitive information. A list containing default
passwords of some of the most popular applications is available on the internet.
Always disable or change the applications' (both online and offline) default username-password pairs.

4) Brute Force :- If all other techniques failed, then attackers uses brute force password cracking technique.
Here an automatic tool is used which tries all possible combinations of available keys on the keyboard. As
soon as correct password is reached it displays on the screen.This techniques takes extremely long time to
complete, but password will surely cracked.
Long is the password, large is the time taken to brute force it.

5) Phishing :- This is the most effective and easily executable password cracking technique which is
generally used to crack the passwords of e-mail accounts, and all those accounts where secret information or
sensitive personal information is stored by user such as social networking websites, matrimonial websites,
etc.
Phishing is a technique in which the attacker creates the fake login screen and send it to the victim, hoping
that the victim gets fooled into entering the account username and password. As soon as victim click on
"enter" or "login" login button this information reaches to the attacker using scripts or online form
processors while the user(victim) is redirected to home page of e-mail service provider.
Never give reply to the messages which are demanding for your username-password, urging to be e-mail
service provider.

It is possible to try to obtain the passwords through other different methods, such as social engineering,
wiretapping, keystroke logging, login spoofing, dumpster diving, phishing, shoulder surfing, timing attack,
acoustic cryptanalysis, using a Trojan Horse or virus, identity management system attacks (such as abuse of
Self-service password reset) and compromising host security.
However, cracking usually designates a guessing attack.

Network Hacking (Port Scanning)

Port Scanning :- Port scanning is carried out to determine a list of open ports on the remote host that have
certain services or daemons running. In port scanning, the attacker connects to various TCP and UDP ports
and tries to determine which ports are in listening mode.

1) TCP Ports Scanning :- Almost all port scans are based on the client sending a packet containing a
particular flag to the target port of the remote system to determine whether the port is open. Following table
lists the type of flags a TCP packet header can contain.
Flag Meaning
URG (urgent) This flag tells the receiver that the data pointed at by the urgent pointer required urgently.
ACK (acknowledgment) This flag is turned on whenever sender wants to acknowledge the receipt of all data
send by the receiving end.
PSH (push) The data must be passed on to the application as soon as possible.
RST (reset) There has been a problem with the connection and one wants to reset the connection with
another.
SYN (synchronize) If system X wants to establish TCP connection with system Y, then it sends it's own
sequence number to Y, requesting that a connection be established. Such apacket is known as synchronize
sequence numbers or SYN packet.
FIN (finish) If system X has finished sending all data packets and wants to end the TCP/IP connection that it
has established with Y, then it sends a packet with a FIN flag to system Y.

A typical TCP/IP three way handshake can be described as follows :

1) The client sends a SYN packet to the server.
2) The server replies with a SYN packet and acknowledges the client's SYN packet by sending an ACK
packet.
3) The client acknowledges the SYN sent by the server.
Different techniques of TCP port scanning are :-
1) TCP connect port scanning
2) TCP SYN scanning (half open scanning)
3) SYN/ACK scanning
4) TCP FIN scanning
5) TCP NULL scanning
6) TCP Xmas tree scanning

2) UDP Ports Scanning :- In UDP port scanning, aUDP packet is sent to each port on the target host one by
one.
If the remote port is closed, then the server replies with a Port Unreachable ICMP error message. If the port
is open then no such error message is generated.

3) FTP Bounce Port Scanning :- The FTP bounce port scanning technique was discovered by Hobbit. He
revealed a very interesting loophole in the FTP protocol that allowed users connected to the FTP service of a
particular system to connect to any port of another system. This loophole allows anonymous port scanning.

Network Hacking

Network Hacking is generally means gathering information about domain by using

tools like Telnet, NslookUp, Ping, Tracert, Netstat, etc.
It also includes OS Fingerprinting, Port Scaning and Port Surfing using various tools.

Ping :- Ping is part of ICMP (Internet Control Message Protocol) which is used to
troubleshoot TCP/IP networks. So, Ping is basically a command that allows you to
check whether the host is alive or not.
To ping a particular host the syntax is (at command prompt)--
c:/>ping hostname.com

example:- c:/>ping www.google.com

Various attributes used with 'Ping' command and their usage can be viewed by just
typing c:/>ping at the command prompt.

Netstat :- It displays protocol statistics and current TCP/IP network connections. i.e.
local address, remote address, port number, etc.
It's syntax is (at command prompt)--
c:/>netstat -n
Telnet :- Telnet is a program which runs on TCP/IP. Using it we can connect to the
remote computer on particular port. When connected it grabs the daemon running on
that port.
The basic syntax of Telnet is (at command prompt)--
c:/>telnet hostname.com

By default telnet connects to port 23 of remote computer.

So, the complete syntax is-
c:/>telnet www.hostname.com port

example:- c:/>telnet www.yahoo.com 21 or c:/>telnet 192.168.0.5 21

Tracert :- It is used to trace out the route taken by the certain information i.e. data
packets from source to destination. It's syntax is (at command prompt)--
c:/>tracert www.hostname.com
example:- c:/>tracert www.dl4all.com/

Here "* * * Request timed out." indicates that firewall installed on that system block
the request and hence we can't obtain it's IP address. various attributes used with
tracert command and their usage can be viewed by just typing c:/>tracert at the
command prompt. The information obtained by using tracert command can be further
used to find out exact operating system running on target system.

NetBIOS Hacking :-

NetBIOS stands for "Network Basic Input Output System".

It was originally developed by IBM and Sytek as an Application Programming Interface (API) for client
software to access LAN resources.
By default it runs on port 139.
NetBIOS gives the various information of the computers on a network, which includes computer name,
username, domain, group, and many others.....!

The NBTSTAT Command :-

NBTSTAT is the command for manually interact with NetBIOS Over TCP/IP.
All the attributes (switches) used with nbtstat command and their usage can be viewed.
At the command prompt type-
C:\Windows>nbtstat

Sample NBTSTAT Response :-

C:\>nbtstat -A 117.200.160.174

NetBIOS Remote Machine Name Table

Name Type Status
----------------------------------------------
PRASANNA UNIQUE Registered
INSECURE LABS GROUP Registered
PRASANNA UNIQUE Registered
PRASANNA UNIQUE Registered
INSECURE LABS GROUP Registered

MAC Address = 86-95-55-50-00-00

An intruder could use the output from an nbtstat against your machines to begin gathering information about
them.
" in above table is nothing but the username of that system."
The next step for an intruder would be to try and list the open shares on the given computer, using the net
view command.
Here is an example of the Net View command-
C:\>net view \\117.200.160.174
Shared resources at \\117.200.160.174
Sharename Type Comment
----------------------------------------
C Disk Drive C:\
MySofts Disk My Softwares Collection
E Disk Drive E:\

The command was completed successfully.

This information would give the intruder a list of shares which he would then use in conjunction with the
Net Use command, a command used to enable a computer to map a share to it’s local drive, below is an
example of how an intruder would map the C Share to a local G: drive, which he could then browse...!
C:\>net use G: \\117.200.160.174\C
The command was completed successfully.

C:\>G:
G:\>

Latest Airtel Hack

Now a days Airtel gives New option to the Subscriber to access Mobile Office daily @ Rs.25.00/- per day.
But this is too Costly.
Only 24 hours and the cost is Rs.25.00 Oh GOD!!
But I got a Trick that’s help me to Activate my Mobile Office whole 30 days only for 25.00/. Its really good.
Just follow the Trick-
1) Your account balance should be above 25.00 for the first time.

2) Activate your mobile

office by dialing *444*1#. You will Activate your Mobile Office in the Morning.
3) You got an Activation msg. Your account should deducted by Rs. 25.00/-
4) After that your can enjoy mobile office for 24 hours.
5) But for unlimited access you will do this :: Just switch off your mobile from 7.00 am to 10.00am. and
your account balance should be below 25.00 /
6) Just try it enjoy the whole world only by 25.00.

How to Hack a MySpace Account

MySpace is one of the most widely used Social Networking website by many teenagers and adults acropss
the globe. I have seen many cheaters create secret Myspace accounts in order to exchange messages with
another person and have secret relationships. So, it’s no wonder many people want to know how to hack a
Myspace account. In this post I’ll give you the real and working ways to hack a Myspace.

THINGS YOU SHOULD KNOW BEFORE PROCEEDING

With my experience of about 6 years in the field of Hacking and IT security, I can tell you that there are
only TWO ways to hack a Myspace: They are Keylogging and Phishing. All the other ways are scams! Here
is a list of facts about Myspace hacking.

1. There is no ready made software or program that can hack Myspace just by entering the target username
or URL. If you come accross a site that claims to sell a program to hack Myspace then it’s 100% scam.

2. Never trust any Hacking Service that claims to hack a Myspace account just for $100 or $200. All the
them are scams.

The following are the only 2 foolproof methods to hack Myspace.

1. HOW TO HACK MYSPACE – The Easiest Way

The easiest way to hack Myspace is by using a keylogger (Spy Software). It doesn’t matter whether or not
you have physical access to the target computer. Hacking Myspace becomes just a cakewalk if you use a
keylogger since it doesn’t need any technical knowledge. Anyone with a basic knowledge of computers can
use keyloggers.

1. What is a keylogger?

A keylogger is a small program that monitors each and every keystroke that a user types on a specific
computer’s keyboard. A keylogger is also called as a Spy software or Spy program.

2. Where is keylogger program available?

There exists tons of keyloggers on the internet, but most of them are useless and doesn’t turn out to be
effective. But with my experience I recommend the following keylogger as the best to hack Myspce since it
supports remote installation.

http://www.sniperspy.com/

3. How to install a keylogger?

Keyloggers can be installed just like any other program. At the installation time, you need to set your secret
password and hotkey combination, to unhide the keylogger program whenever it is needed. This is because,
after installation the keylogger becomes completely invisible and start running in the background. Because
of it’s stealth behaviour the victim can never come to know about that the presence of the keylogger
software on his/her computer.

4. I don’t have physical access to the target computer, can I still use Sniperspy?
It doesn’t matter whether or not you have physical access to the victim’s computer.
Because SniperSpy offers Remote Installation Feature. So, you can hack Myspace remotely installing the
keylogger on the target PC.

You can attach the keylogger with any file such as image, MS excel file or other programs and send it to the
victim via email. When the victim runs the file, it will automatically get installed without his knowledge and
start recording every activity on his computer. The logs containing these activities are sent to you by the
keylogger software via email or FTP.

5. What if the target user (victim) refuses to run the attached file?

Sometimes the victim may refuse to run the attachment that you send via email because of suspicion.

6. How can a keylogger hack Myspace account?

You can hack Myspace using keylogger as follows: You install the keylogger on a Remote PC (or on your
local PC). The victim is unaware of the presence of the keylogger on his computer. As usual, he logs into
his Myspace account by typing the Myspace username and password. These details are recorded and sent to
your Sniperspy account. You can login to your Sniperspy account to see the password. Now you have
successfully hacked the Myspace account.

In case if you install the keylogger on your local PC, you can obtain the recorded Myspace password just by
unhiding the keylogger program.

7. Why SniperSpy is the best?

I have given a complete review of SniperSpy in my new post Which Spy Software to Choose. This should
answer your question.
So what are you waiting for? Go grab it.
For a complete installation guide and more information on SniperSpy visit the following link:
http://www.sniperspy.com/
2. HOW TO HACK MYSPACE – Other Ways

Phishing
Phising is the most commonly used method to hack MySpace. The most widely used technique in phishing
is the use of Fake Login Pages, also known as spoofed pages. These fake login pages resemble the original
login pages of sites like Yahoo, Gmail, MySpace etc. The victim is fooled to believe the fake Myspace page
to be the real one and enter his/her password. But once the user attempts to login through these pages,
his/her Myspace login details are stolen away.

Phishing is proved to be the most effective way to hack Myspace and also has high success rate. The reason
for this is quite simple. The users are not aware of the phishing attack. Also the users are fooled, since the
fake login pages imitate the appearance of the original pages. So, you may use the phishing technique to
hack your friend’s MySpace account (just for fun). But you must have a detailed technical knowledge of
HTML and server side scripting languages (php, perl etc.) to create a fake login page.
How to call your friends with their own number Extreme Hack

Mobile hack to call your friends:

Hello Friends after "Make Free Phone Calls From PC to mobile for free" hack today I am
sharing With you a extremely Nice Prank or you can simply say Hack
i.e "How To Call Your Friends From THeir Own Cell Number".
I was asked by many Friends to Write Tutorials about mobile hacks and Pranks .
So I am Sharing My Second Mobile Extreme Prank With You all.
Enjoy and Have Fun And GO on Reading..

1. Go to http://www.mobivox.com and register there for free account.

2. During registration, remember to insert Victim mobile number in "Phone number" field as shown below.

3. Complete registration and confirm your email id and then login to your account. Click on "Direct
WebCall".

4. You will arrive at page shown below. In "Enter a number" box, select your country and also any mobile
number(you can enter yours). Now, simply hit on "Call Now" button to call your friend with his own
number.

5. That's it. Your friend will be shocked to see his own number calling him. I have spent last two days
simply playing this cool mobile hack prank.
That All The Full Tutorial .

Hide Entire Drives Partition Without Registry

Here is a cool technique which hides entire hard disk drives by a simple procedure.
This is the best security tip to be employ against unauthorised users.
1) Go to Start > Run > type "diskpart".
A DOS window will appear with following description.
DISKPART>
2) Then type "list volume"
The result will look something like one as shown below-
http://www.insecure.in/images/hide_drive.gif
3) Suppose you want to hide drive E then type "select volume 3"
Then a message will appear in same window { Volume 3 is the selected volume}
4) Now type "remove letter E"
Now a message will come { Diskpart Removed the Drive letter }

sometime it requires to reboot the computer.

Diskpart will remove the letter.

Windows XP is not having capabilty to identify the unknown volume.

Your Data is now safe from unauthorised users.

To access the content of hidden Drive repeat the process mentioned above. But in 4th step replace " remove"
by "assign".
It means type "assign letter E".

20 Great Google Secrets Must Know!

Syntax Search Tricks:

Using a special syntax is a way to tell Google that you want to restrict your searches to certain elements or
characteristics of Web pages. Google has a fairly complete list of its syntax elements at
Code:
www.google.com/help/operators.html

. Here are some advanced operators that can help narrow down your search results.

Intitle: at the beginning of a query word or phrase (intitle:"Three Blind Mice") restricts your search results
to just the titles of Web pages.

Intext: does the opposite of intitle:, searching only the body text, ignoring titles, links, and so forth. Intext: is
perfect when what you're searching for might commonly appear in URLs. If you're looking for the term
HTML, for example, and you don't want to get results such as

Code:
www.mysite.com/index.html
, you can enter intext:html.

Link: lets you see which pages are linking to your Web page or to another page you're interested in. For
example, try typing in

Try using site: (which restricts results to top-level domains) with intitle: to find certain types of pages. For
example, get scholarly pages about Mark Twain by searching for intitle:"Mark Twain"site:edu. Experiment
with mixing various elements; you'll develop several strategies for finding the stuff you want more
effectively. The site: command is very helpful as an alternative to the mediocre search engines built into
many sites.

Swiss Army Google

Google has a number of services that can help you accomplish tasks you may never have thought to use
Google for. For example, the new calculator feature
(Code:
www.google.com/help/features.html#calculator)

lets you do both math and a variety of conversions from the search box. For extra fun, try the query
"Answer to life the universe and everything."

Let Google help you figure out whether you've got the right spelling—and the right word—for your search.
Enter a misspelled word or phrase into the query box (try "thre blund mise") and Google may suggest a
proper spelling. This doesn't always succeed; it works best when the word you're searching for can be found
in a dictionary. Once you search for a properly spelled word, look at the results page, which repeats your
query. (If you're searching for "three blind mice," underneath the search window will appear a statement
such as Searched the web for "three blind mice.") You'll discover that you can click on each word in your
search phrase and get a definition from a dictionary.

Suppose you want to contact someone and don't have his phone number handy. Google can help you with
that, too. Just enter a name, city, and state. (The city is optional, but you must enter a state.) If a phone
number matches the listing, you'll see it at the top of the search results along with a map link to the address.
If you'd rather restrict your results, use rphonebook: for residential listings or bphonebook: for business
listings. If you'd rather use a search form for business phone listings, try Yellow Search

(Code:
www.buzztoolbox.com/google/yellowsearch.shtml).

Extended Googling

Google offers several services that give you a head start in focusing your search. Google Groups

(Code:
http://groups.google.com)

indexes literally millions of messages from decades of discussion on Usenet. Google even helps you with
your shopping via two tools: Froogle
CODE

(Code:
http://froogle.google.com),

which indexes products from online stores, and Google Catalogs

CODE

(Code:
http://catalogs.google.com),

which features products from more 6,000 paper catalogs in a searchable index. And this only scratches the
surface. You can get a complete list of Google's tools and services at

Code:
www.google.com/options/index.html
You're probably used to using Google in your browser. But have you ever thought of using Google outside
your browser?

Google Alert

(Code:
www.googlealert.com)

monitors your search terms and e-mails you information about new additions to Google's Web index.
(Google Alert is not affiliated with Google; it uses Google's Web services API to perform its searches.) If
you're more interested in news stories than general Web content, check out the beta version of Google News
Alerts

(Code:
www.google.com/newsalerts).

This service (which is affiliated with Google) will monitor up to 50 news queries per e-mail address and
send you information about news stories that match your query. (Hint: Use the intitle: and source: syntax
elements with Google News to limit the number of alerts you get.)

Google on the telephone? Yup. This service is brought to you by the folks at Google Labs

(Code:
http://labs.google.com),

a place for experimental Google ideas and features (which may come and go, so what's there at this writing
might not be there when you decide to check it out). With Google Voice Search

(Code:
http://labs1.google.com/gvs.html),

you dial the Voice Search phone number, speak your keywords, and then click on the indicated link. Every
time you say a new search term, the results page will refresh with your new query (you must have javascript
enabled for this to work). Remember, this service is still in an experimental phase, so don't expect 100
percent success.

In 2002, Google released the Google API (application programming interface), a way for programmers to
access Google's search engine results without violating the Google Terms of Service. A lot of people have
created useful (and occasionally not-so-useful but interesting) applications not available from Google itself,
such as Google Alert. For many applications, you'll need an API key, which is available free from
CODE
Code:
www.google.com/apis

Thanks to its many different search properties, Google goes far beyond a regular search engine. Give the
tricks in this article a try. You'll be amazed at how many different ways Google can improve your Internet
searching.
Online Extra: More Google Tips

Here are a few more clever ways to tweak your Google searches.

Search Within a Timeframe

Daterange: (start date–end date). You can restrict your searches to pages that were indexed within a certain
time period. Daterange: searches by when Google indexed a page, not when the page itself was created. This
operator can help you ensure that results will have fresh content (by using recent dates), or you can use it to
avoid a topic's current-news blizzard and concentrate only on older results. Daterange: is actually more
useful if you go elsewhere to take advantage of it, because daterange: requires Julian dates, not standard
Gregorian dates. You can find converters on the Web (such as

CODE
Code:
http://aa.usno.navy.mil/data/docs/JulianDate.html
excl.gif No Active Links, Read the Rules - Edit by Ninja excl.gif
), but an easier way is to do a Google daterange: search by filling in a form at

Code:
www.researchbuzz.com/toolbox/goofresh.shtml
or
Code:
www.faganfinder.com/engines/google.shtml
. If one special syntax element is good, two must be better, right? Sometimes. Though some operators can't
be mixed (you can't use the link: operator with anything else) many can be, quickly narrowing your results
to a less overwhelming number.
More Google API Applications
Staggernation.com offers three tools based on the Google API. The Google API Web Search by Host
(GAWSH) lists the Web hosts of the results for a given query

(Code:
www.staggernation.com/gawsh/).
When you click on the triangle next to each host, you get a list of results for that host. The Google API
Relation Browsing Outliner (GARBO) is a little more complicated: You enter a URL and choose whether
you want pages that related to the URL or linked to the URL

(Code:
www.staggernation.com/garbo/).
Click on the triangle next to an URL to get a list of pages linked or related to that particular URL. CapeMail
is an e-mail search application that allows you to send an e-mail to google@capeclear.com with the text of
your query in the subject line and get the first ten results for that query back. Maybe it's not something you'd
do every day, but if your cell phone does e-mail and doesn't do Web browsing, this is a very handy address
to know.

For fast downloading movies

Have you ever wanted to download a movie and didn't want to use Rapidshare, Hotfile Torrents or any
Filehosting site and you didn't know how?
Well here's your answer.

This is how it goes:

1. You need Firefox ( http://www.mozilla-europe.org/de/firefox/)

2.then you need the addon "Downthemall" (https://addons.mozilla.org/de/firefox/addon/201/)

3.After installing both of them you have to find a Movie-Stream-Website. (www.movies-links.tv would be a
good choise)

Now you can search for any Movie on that site and look for a Divx-Movie-Link the best is Stagevu.

To download the Movie you have to go to extras in the firefox Window, and locate Down-them-all -Tools
and then DownThemAll!...

Now a Window should open up and you can select where the files should be downloaded. You unselect
everything exept movies and then there should be only 1 more link highlighted.

To start the download click start...

Now wait a short while depending on your Internet-connection and you will have the movie on your
harddisk.

Hope you like this Post and don't hold me responsible for any activities. I only show how and can not be
held responsible.