How to crack windows 7 password and set password reset disk.

Hello guys,

This is Nirmal back with few techniques and tips.Today we'll talk about cracking passwords for windows 7 and it precaution.
Forgetting is my speciality.It would also happen with anyone.You may have forgotten your password.So,guys today I'm going to show you how to Crack Windows 7 Passwords and at end I'll show you way to set Password Reset Disk/Tool.

"Prevention is better than cure."

Prevention:

If you have not experienced this problem of forgetting or losing your Windows password, you are probably one of those people that likes to write their password down in case of emergencies like these.Its not healthy to write down it on paper.
To add another safety measure, you can use a built in feature that is found in Windows 7 that allows you to reset your password any time you like.

To enable this feature you need to follow the steps below:

1. Go to your computer. Click Start and go to the Control Panel.

2. Select the option User Accounts and Family Safety.

3. Select the option User Accounts.

4. Select the option Create a Password Reset Disk. You need to enter your existing password.

5. You will need to save this password reset tool on a USB drive.

Making Password reset Tool to unlock PC.

Not everyone thinks of creating the password reset tool from Windows 7.
When you download the file onto a PC and create the utility on a USB.
The tool will scan your computer and reset your password in just a few minutes.You also get lifetime upgrades.

Other Uber options are also there but we'll talk about it later on...
Till then Sayonara...


Have fun hacking

How To Start Penetration Testing by Web Application Hacking.

Hello Guys,

Being a hacker is exciting but it is more of Responsible task.
To start learning new things, you must be aware of what's going on in background while hacking foreground.
So,To enrich your Tech-hunger and learn hacking,This is a step toward being Hacker.

Anyways Let's go to Core Part,

Today , we 're going to learn about Web Application Hacking.


As per Wikipedia.org ,

Web Application:

A web application is an application that is accessed over a network such as the Internet or an intranet. The term may also mean a computer software application that is coded in a browser-supported language (such as JavaScript, combined with a browser-rendered markup language like HTML) and reliant on a common web browser to render the application executable."

There are several projects which helps to learn and provide sample hacking application for Techno-geek and Penetration Testers,Among them;These are several projects which can be found helpful.

• Gruyere (live) -- http://google-gruyere.appspot.com/
  
• FreeBank Online(live) -- http://zero.webappsecurity.com/
  
• Crack Me Bank (live) -- http://crackme.cenzic.com/
  
• Acunetix Acublog -- http://testaspnet.vulnweb.com (registration required)
  
• Hacme Tools -- http://www.foundstone.com/us/resources/proddesc/
  

• WebGoat -- http://www.owasp.org/index.php/OWASP_WebGoat_Project

These tools provide in-built Web-Server and Framework to test hacking application.

For a newbie,I would recommend "WebGoat" or "Acuentix".

WebGoat is built upon Java framework,So to install it requires JRE (Java Runtime Environment)has built-in Apache Tomcat Web-Server installed.

It provides several attack systems like SQL Injection,XSS (cross site scripting) attack practice,Firewall Bypassing,Man in The Middle Attack etc.
It provides deep information regarding Web Application and Its Security features.These feature makes it unique,

1. It has buit in Web Server
2. It provides Solution along with Problem
3. It is Open source Software.
4. It provides source of framework along with application.
5. It gives hints whenever some difficulty occur with one click

To install WebGoat,I would recommend using Virtual OS by VMware Or Virtual box as it makes our OS tremendously vulnerable to attack.
 
Download:

For Virtual Sessions :

1) Virtual Box : www.virtualbox.org

or

2) VMware : www.vmware.com

  
So,Its end of post.Meet you guys next time.Till then Have safe hacking and Bring endeavor to satisfy your Techno-lust.

For Query,Post a Comment.

Nirmal Kantharia

 (Nirmal.kantharia@gmail.com)

 

Spyware:

     



There are a lot of PC users that know little about "Spyware", "Mal-ware", "hijackers", "Dialers" & many more. This will help you avoid pop-ups, spammers.

What is spy-ware?
Spy-ware is Internet jargon for Advertising Supported software (Ad-ware). It is a way for shareware authors to make money from a product, other than by selling it to the users. There are several large media companies that offer them to place banner ads in their products in exchange for a portion of the revenue from banner sales. This way, you don't have to pay for the software and the developers are still getting paid. If you find the banners annoying, there is usually an option to remove them, by paying the regular licensing fee.

Known spywares:
There are thousands out there, new ones are added to the list everyday.

But here are a few:
Alexa, Aureate/Radiate, BargainBuddy, ClickTillUWin, Conducent Timesink,Flashpoint/Flashtrack, Flyswat, Gator, GoHip, Hotbar, ISTbar, Lions Pride Enterprises/Blazing Logic/Trek Blue, Lop (C2Media), NewDotNet, Realplayer, Songspy, Xupiter,WebHancer, Windows Messenger Service.

How to check if a program has spyware?
The is this Little site that keeps a database of programs that are known to install spyware.

Check Here:
http://www.spywareguide.com/product_search.php

If you would like to block pop-ups (IE Pop-ups).
There tons of different types out there, but these are the 2 best, i think.

Try: Google Toolbar (http://toolbar.google.com/)
(Freeware)

Try: AdMuncher (http://www.admuncher.com) This program is Shareware.
Try:Adblock Plus(Firefox addon...You might get it in Google Chrome also)

If you want to remove the "spyware" try these.

Try: Lavasoft Ad-Aware (http://www.lavasoftusa.com/)
(Freeware)
Info: Ad-aware is a multi spyware removal utility, that scans your memory, registry and hard drives for known spyware components and lets you remove them.

Try: Spybot-S&D (http://www.safer-networking.org/)
(Freeware)
Info: Detects and removes spyware of different kinds (dialers, loggers, trojans, user tracks) from your computer. Blocks ActiveX downloads, tracking cookies and other threats. Over 10,000 detection files and entries.

Try: BPS Spyware and Adware Remover
(http://www.bulletproofsoft.com/spyware-remover.html)
(Shareware)
Info: Adware, spyware, trackware and big brotherware removal utility with multi-language support. It scans your memory, registry and drives for known spyware and lets you remove them. Displays a list and lets you select the items you'd like to remove.

Try: Spy Sweeper v2.2 (http://www.webroot.com/wb/products/spysweeper/index.php)
(Shareware)
Info: Detects and removes spyware of different kinds (dialers, loggers, trojans, user tracks) from your computer.
The best scanner out there, and updated all the time.

Try: HijackThis 1.97.7
(http://www.spywareinfo.com/~merijn/downloads.html)
(Freeware)
Info: HijackThis is a tool, that lists all installed browser add-on, buttons, startup items and allows you to inspect them, and optionally remove selected items.


If you would like to prevent "spyware" being install.

Try: SpywareBlaster 2.6.1 (http://www.wilderssecurity.net/spywareblaster.html)
Info: SpywareBlaster doesn't scan and clean for so-called spyware, but prevents it from being installed in the first place.It achieves this by disabling the CLSIDs of popular spyware ActiveX controls, and also prevents the installation of any of them via a webpage.

Try: SpywareGuard 2.2 (http://www.wilderssecurity.net/spywareguard.html) (Freeware)
Info: SpywareGuard provides a real-time protection solution against so-called spyware. It works similar to an anti-virus program, by scanning EXE and CAB files on access and alerting you if known spyware is detected.

Try: XP-AntiSpy (http://www.xp-antispy.org/)
(Freeware)
Info: XP-AntiSpy is a small utility to quickly disable some built-in update and authentication features in WindowsXP that may rise security or privacy concerns in some people.

Try: SpySites (http://camtech2000.net/Pages/SpySites_Prog...ml#SpySitesFree)
(Freeware)
Info: SpySites allows you to manage the Internet Explorer Restricted Zone settings and easily add entries from a database of 1500+ sites that are known to use advertising tracking methods or attempt to install third party software.

If you would like more Information about "spyware".
Check these sites.
http://www.spychecker.com/
http://www.spywareguide.com/
http://www.cexx.org/adware.htm
http://www.thiefware.com/links/
http://simplythebest.net/info/spyware.html

Usefull tools...
Try: Stop Windows Messenger Spam 1.10 (http://www.jester2k.pwp.blueyonder.co.uk/j...r2ksoftware.htm)
(Freeware)
Info: "Stop Windows Messenger Spam" stops this Service from running and halts the spammers ability to send you these messages.

----------------------------------------------------------------------------

     

Have Fun Hacking,
Nirmal kantharia.

     
============================================================

How To Bypass Internet Censorship:

Friends,administrator at our college or any public; might have closed internet or have blocked some sites...


Proxy is not so cool but one way to bypass.Excluding it,there are many ways to do so...
Check Out this Site...

http://www.zensur.freerk.com

Enjoy,

Nirmal kantharia.

Comment and critic accepted..:)


============================================================

     
     
      Login with Facebook

Boost Your Internet

Friends,First Of All I wanna make sure that,This Work is not mine.
I got it by hacking someone's PC.And thought it would be useful to anyone,That's why I've posted here.
So Let's start...

----------------------------------------------------------------------------------
                       These settings allow you to boost the speed of your broadband Internet connection when using a Cable Modem or DSL Router with Windows 2000 and Windows XP.

1) Open your registry and find the key below.

Create the following DWORD values, as most of these values will not already exist you will need to create them by clicking on 'Edit -> New -> DWORD Value' and then set the value as shown below.

DefaultTTL = "80" hex (or 128 decimal)
Specifies the default time to live (TTL) for TCP/IP packets. The default is 32.

EnablePMTUBHDetect = "0"
Specifies whether the stack will attempt to detect Maximum Transmission Unit (MTU) routers that do not send back ICMP fragmentation-needed messages. The default is 0.

EnablePMTUDiscovery = "1"
Specifies whether the TCP/IP stack will attempt to perform path MTU discovery as specified in RFC 1191. The default is 1.

GlobalMaxTcpWindowSize = "7FFF" hex (or 32767 decimal)
Specifies the system maximum receive window size advertised by the TCP/IP stack.

TcpMaxDupAcks = "2"
Determines the number of duplicate ACKs(Aknowledgement packets) that must be received for the same sequence number of sent data before "fast retransmit" is triggered.

SackOpts = "1"
Enables support for selective acknowledgements as documented by Request for Comment (RFC) 2018. Default is 0.

Tcp1323Opts = "1"
Controls RFC 1323 time stamps and window scaling options. Possible values are: "0" = disable RFC 1323 options, "1" = window scale enabled only, "2" = time stamps enabled only and "3" = both options enabled.

TcpWindowSize = "7FFF" hex (or 32767 decimal)
Specifies the receive window size advertised by the TCP/IP stack. If you have a latent network you can try increasing the value to 93440, 186880, or 372300.

Exit your registry and restart Windows for the changes to take effect.

If you don’t want to edit the registry, here's a little TCP utility that is ideal...

http://www.broadbandreports.com/front/doctorping.zip

----------------------------------------------------------------------------------

Have Fun Hacking.
I'll post as many as I can.But I'll have to halt as some work is  comin' up.
But going by promising to catch ya all later for sure.
So,Meet you guyz later.
Nirmal kantharia

Bandwith

Hacking Basics

Guys,To start with hacking website or a server,you'll require some skill that helps to write your own code.

• First of all, to start hacking.

You'll need a target website.Once you’ve got it, add it for Pinging
[For that,you have to follow these steps(In Windows).
1) Start - Run - cmd
2) type ping "your target website(without quote)"
3) copy that ip address]

• Now, we need to gather information about the website.You have to to Whois lookup.That will gather all information about server.

Go to

http://whois.domaintools.com

& add IP or the website.You’ll see a large amount of information about the website.
Use Google to find even more information about the website.

After all mess up,

• Open Nmap(A tool to hack/get info of online).
  Once you have done that,
   "ip_address nmap –sT –sV"(without quote) in Nmap’s command bar & scan website.]Once done,observe O.S.(Operating System), Ports, Services running on the website server.

• Once done, you’ll need to find banner of the software.
  [Banner: It shows the software & version running on ports.]
  It may chage depending on the OS of server.
  
  • For WIN VISTA & 7:

You need to download & Open Netcat.
[Because Telnet is disabled in WIN VISTA & 7]

Once done type, nc
Ex: nc 127.0.0.1 21
It will show banner with all information.

• For other OS:

Open Telnet[Start > RUN > telnet]

Once done type, O
Ex: O 127.0.0.1 21
Once you’ve done that, you’ll get a banner.
This will be displaying all the details of the software running on port.
If this doesn’t work you can try the first method.

Once you’ve got the banner, you need to search for vulnerability matching with banner.

• Exploit databases:

Injector_____http://www.inj3ct0r.com/
Milw0rm_____http://www.milw0rm.com
Security Focus_____http://www.securityfocus.com
Osvdb_____http://www.osvdb.org
Cve Mitre_____http://cve.mitre.org
Metasploit_____http://www.metasploit.com

More info:http://www.hackforum.net

Once you’ve got the matching exploit of the same version software.
[If you haven’t got, try another port.]
You need to edit values, compile & run it.

Most common exploit Coders:

• Perl

For perl exploits, Copy the exploit in notepad & save it with .pl extension.
Download & Install, Active Perl:

 http://www.activestate.com/activeperl

Once done, edit the exploit with notepad & double click to run it.

• PHP

For PHP exploits, copy & save it in .php extension.
Download & Install WAMP:


http://www.wampserver.com/en/

Once done, edit the exploit with notepad & execute it from CMD.

• Python

For python exploits, copy & save it in .py extension.
Download & Install python:


http://www.python.org/download

Once done, edit the exploit with notepad & double click to run it.

• C/C++

For C/C++ exploits, copy & save it in notepad.
Download & Install Blood Shed. (Google the link)
Once done, edit the exploit, compile & double click to run it.

If your exploit is successful you will get access to server,
You’ll be able to edit every part of the website.
If your exploit wasn’t successful try with different port, services & software.
You can also use Metasploit web to search exploits.

Fundamentals Of Networking

IP Address:It is an address provided to every computer or nod in network by ISP(Internet Service Provider) to connect to using internet.In VPN(Virtual Private Network ),it may have been provided by server.

Domain Name System (DNS): This allows IP address to be translated to words. It is easier for human being to remember character.
E-mail addresses are also converted by DNS in character or string.

For example, it is much easier for anyone to remember address "facebook.com" than to remember 69.63.189.63.

Dynamic IP Address: One that is not static or other word changing.It is given by your ISP or DHCP(Dynamic Host Configuration Protocol) Server.
Computer will get this number as it logs on to the network and saves you the trouble of having to know details regarding the specific network configurations.
This number can be assigned to anyone using a dial-up connection, Wireless and High Speed Internet(i.e DSL,TSL Cable) connections.

Static IP Address: One that is fixed and never changes.
Most ISP's can offer to assign a single static IP for Some more rupees(or your currency).

IPv4: It is being used by most devices.However,IPv4 IPs are running out quickly.
IPv4 is limited to 4,294,967,296 IPs.

IPv5: This is an experimental protocol for UNIX based systems. In keeping with standard UNIX release conventions, all odd-numbered versions are considered experimental. It was never intended to be used by the general public.

IPv6: The replacement for IPv4.
The estimated number of unique IPs for IPv6 is (340,282,366,920,938,463,463,374,607,431,768,211,456)(Count how many no. are there???!! lolzz) or Base(2)mentisa(128).


If you need any kind of help.Just make sure you comment and publish it.
Have Fun Hacking.
Nirmal Kantharia(man1aachaker)...