Save info   Get password
Home Submit your blog Edit Account Rules RSS-Archive Contact
Show All




F305 C905 webbutveckling




Vista Tips and Tweaks Part 1
2007-10-09 08:32:00
You have a tweak or tips for Microsoft Windows Vista users? Post them inhere and it will be added to this post.Enable Sidebar in VistaGo to Program Files/Windows Sidebar/sidebar.exeturn on file extensions contributed by FthrJACKCODEWhy windows always comes with file extensions hidden by default i dont know.. its stupid, leaves you open to installing a virus.exe thats been given a zip icon or something then named virus.zip.exeyou just see a zip icon and virus.zip.. double click it and bam. also its a pain if you need to rename files.. change .txt to .bat or rename a file so it sends through messenger for example.to turn it on, go to any folder, documents for example.Layout > show classic menus - Tools > Folder Options -View Tab.Untick "Hide Extensions of Known File Types"close, go back to Layout, and put it back as it wasEnable Glass without a supported card contributed by harunaksoyDownload the file here. It just adds a key in your registryEnabling addition Avalon effects contributed b
Read more: Tweaks

How to make XP / Vista dual-boot Independently
2007-10-08 06:51:00
Many questions regarding making XP and Vista boot independently of each other arise because users face problems when one partition becomes corrupt or they format their active partition, not knowing they will lose the ability to boot their OS. Having independent boot would avoid this scenario.The reason they are dependent is because the boot files for both are stored on ONE and the SAME partition, which is your ACTIVE partition. Vista setup determines to put the boot files on the active partition, which is usually the XP partition since it's active at the time of install.I have come up with a way to boot the two independently with the use of a third "recovery partition." This recovery partition can be multi-purpose if you use BartPE. You can use it to boot XP and Vista, replace system files with patched ones, use disk management services to repartition, etc. (You also use Windows PE or VistaPE as your recovery partition. You will have to add them to your BCD with bcdedit using the link


How to integrate your Activation of Microsoft Office XP / 2003:
2007-10-08 06:50:00
First you need the activation file:Office XP: C:Documents and SettingsAll UsersApplication DataMicrosoft OFFICEDATAdata.datOffice 2003: C:Documents and SettingsAll UsersApplication DataMicrosoftOFFICEDATAopa11.datNow copy the file somewhere into your $OEM$ folder.Add that to your batch file:echo .echo Installing Office XP/2003 Activation copy /Y "*PATH-TO-YOUR-DATA.DAT/OPA11.DAT*" "%ALLUSERSPROFILE%Application DataMicrosoftOfficeData" /Vecho FinishedPlease replace *PATH-TO-YOUR-DATA.DAT/OPA11.DAT* with the path to your data.dat or opa11.dat.Please notify that the activation only works on the same machine as the originial data.dat/opa11.dat comes from! I recommend to have different data.dat/opa11.dat files for different computers to install.
Read more: Microsoft Office

Hacking classified tools
2007-10-06 11:14:00
Tiger Tools 2000File: TT2K.HTM (Open with frames-compatible Web browser)Requirements: Windows/LINUX/Solaris/OS2/Mac; frames-compatible web browserWith more than 15,000 security resources, Tiger Tools 2000 (see Figure E.2) is the largest repositoryand link structure on the Internet. Local Internet access is required to follow these hyperlinks. Alsoincluded in the repository is the complete, original Rainbow Books series, which encompasses theDepartment of Defense (DOD) Computer Security Standards. The series (so named because eachbook is a different color) evaluates ‘‘trusted computer systems,” according to the National SecurityAgency (NSA).To quickly search for a specific topic within this section, use your browser Edit/Find menu function.TigerSuite (see Chapter 12)File: TSmobile.EXE (Execute to run TS from the CD)File: TSsetup.EXE (Execute to install on local hard drive)Requirements: Windows 9x, NT, 2000TigerSuite is the first complete TigerBox tool set; it was designed and prog
Read more: Hacking

Geo-locate incoming emails
2007-10-03 08:12:00
What I am going to explain here is nothing new, but I would just like to share with you people a trick that has been very useful to me in past few years, especially for superficially scrutinizing cyber-strangers. There is much software out there that will allow you to geo-locate the incoming mails and thereby making this task much easier to perform. For those who want to use this information only casually, the following is the simple procedure. How it works? Geo-location is not a very complex process superficially and it consists of two basic steps. Find out the IP address (Internet protocol address) from where the mail originated. Geo-locate the IP. -This is a technical process and if not difficult, it is a bit cumbersome to do manually, but developers have made free easy-to-use utilities for these. So how do I start? First you need to get the headers of the mail. These headers are usually hidden by almost all the mail reading applications whether it is web-based or a desktop applicat


Hacking nokia phones Part 2
2007-10-01 08:59:00
ok people as you all know i have a nokia 6133 (i dont know why i keep saying this but oh well lol) anyway, i was doing some quick looking over at howard forums and i found this http://www.howardforums.com/showthread.php?t=1160526 its pretty interesting becasue it uses a some iteams called NokiaJavaProxy.prov (which is a configuration for midlets to access the internet) and/or NokiaJavaProxy.wml (although it doesnt really require this file on alot of nokia phones and its mainly used for other phones that block application data through internet) i sent it to my phone from a school mac and it installed itself on my phone. from there i managed to send it to my friends nokia 6133 (locked to t-mobile) and he was able to use MOrange, Flurry, Opera, super bluetooth hack, and so on. i also wen the wml file to my phone and managed to send that to my razr v3r (seeing as though the prov file didnt work) and i managed to use alot of internet needing application and internel memory accessing applica
Read more: Hacking

NOKIA CODES & TRICKS
2007-09-29 10:22:00
To check the IMEI (International Mobile Equipment Identity) Type- *#06# Information you get from the IMEI- XXXXXX XX XXXXXX X TAC FAC SNR SP • TAC = Type approval code • FAC = Final assembly code • SNR = Serial number • SP = Spare To check the phones Software revision type- *#0000# Information you get from the Software revision- V 05.31 18-02-99 NSE-3 To enter the service menu type- *#92702689# (*#WAR0ANTY#) • Serial number (IMEI) • Production date (MM/YY) • Purchase date (MM/YY) You can only enter the date once. • Date of last repair (0000=No repair) • Transfer user data to another Nokia phone via Infra-Red Clock Stopping To check weather your SIM Card supports clock stopping type- *#746025625# (*#SIM0CLOCK#) Revealing the Headphone and Car-Kit menus Please note that if you do these next tricks, the new menus can't be erased without retoring the factory default settingsTo do these tricks you need to short-circuit the pins on the bottom of the phone next to where you


John the Ripper Tutorial
2007-09-27 09:39:00
John the Ripper may be simple for many geeks to use, but newbies and geeks in training may find it difficult to do exactly what they want. This tutorial is aimed at them.Do these steps Step 1: Download JTR. Step 2: Extract JTR. In windows use winzip. In unix type tar -xzf john-1.6.tar.gz Step 3: In windows open the command prompt. Go to the Start menu, click Run, type 'command' (no quotes) and press enter. You with me? Good. Go to whatever directory to have JTR in. Type 'john' and press enter. A whole list of options will come up: John the Ripper Version 1.6 Copyright (c) 1996-98 by Solar Designer Usage: /WINDOWS/DESKTOP/JTR/JOHN-16/RUN/john [OPTIONS] [PASSWORD-FILES] -single "single crack" mode -wordfile:FILE -stdin wordlist mode, read words from FILE or stdin -rules enable rules for wordlist mode -incremental[:MODE] incremental mode [using section MODE] -external:MODE external mode or word filter -stdout[:LENGTH] no cracking, just write words to stdout -restore[:FILE] restore an
Read more: Tutorial

Hacking Using NetSH
2007-09-24 12:10:00
Useful trick of the dayNetsh seems to be one of those built in Windows tools that have slipped under the radar. Works from Windows 2000 and up.I got in to a conversation one of our Linux’s team. She was complaining that it sucked having to use the Windows GUI to set her IP details on her laptop.When I told her that wasn’t true, she looked a bit freaked. Open up a command prompt windows and type in Netsh interface ip dumpYou’ll get this type of output if you have a static ip address:# ----------------------------------# Interface IP Configuration# ----------------------------------pushd interface ip# Interface IP Configuration for "Earth"set address name="Earth" source=static addr = 192.168.1.50 mask=255.255.255.0set address name="Earth" gateway=192.168.1.1 gwmetric=1set dns name="Earth" source= static addr = 192.168.1.50 register=PRIMARYpopd# End of interface IP configurationNow use this command to dump it to a text file Netsh interface ip dump > c:office.txtYou can edit this fi
Read more: Hacking

Orkut Tricks Part 2
2007-09-22 03:19:00
Coloured Messages Open any page in Orkut which contain text box. (Scrapbook, Community post, etc) Type the message in the TEXT BOX. Copy the following java script into the URL Bar. javascript:cor=new Array('aqua','blue','fuchsia','gold','gray','green','lime','maroon','navy','olive','orange','pink','purple','red','silver','teal','violet', 'yellow' );var z=0;txt=document.getElementsByTagName('textarea')[0];txt.value=txt.value.replace(/(.)/gi,"§$1");txt.value=txt.value.replace(/§ /gi," ");for(y=0;y


Working Orkut Tricks Part 1
2007-09-21 12:04:00
Blank Scrap Place the cursor in the text field. Delete everything in the field. Now, HOLD (Keep pressed) ALT key and press 0 1 7 3 (Press the numbers one after the another. Do not keep them pressed) on the NUMBER PAD (on the right side of the keyboard). If you are using a laptop, just press [i] in the text box. Click SUBMIT. Writing text in reverse order Type the text in the scrapbook or any text box. Type & # 8 2 3 8 without spaces before the message in the text box. Example: "‮ This is message reverted." Press SUBMIT. The above message appears as - ‮ This is message reverted. Knowing Email ID of any profile on Orkut Ignore the person of whom you want to know the Email id. Open your Gtalk of the same account as Orkut. Go to Settings -> Blocked You can see the ignored person's email id. Different cool fontsBy Vijay You can create cool scraps with colors and different fonts here. Go to Vijay Bhaskar Online Write Anonymous scraps Create a fake account. Write the scraps to the


Hacking Google Directory
2007-09-17 07:00:00
Google has a searchable subject index in addition to its 2 billion page web search. Google's web search indexes over 2 billion pages, which means that it isn't suitable for all searches. When you've got a search that you can't narrow down, like if you're looking for information on a person about whom you know nothing, 2 billion pages will get very frustrating very quickly. But you don't have to limit your searches to the web search. Google also has a searchable subject index, the Google Directory , at http://directory.google.com. Instead of indexing the entirety of billions of pages, the directory describes sites instead, indexing about 1.5 million URLs. This makes it a much better search for general topics. Does Google spend time building a searchable subject index in addition to a full-text index? No. Google bases its directory on the Open Directory Project data at http://dmoz.org/. The collection of URLs at the Open Directory Project is gathered and maintained by a group of vol
Read more: Hacking , Google

Google's Current Offerings (best google hacking)
2007-09-17 06:57:00
Google's web search (http://www.google.com/) covers over 3 billion pages. In addition to HTML pages, Google's web search also indexes PDF, Postscript, Microsoft Word, Microsoft Excel, Microsoft Powerpoint, and Rich Text Format (RTF). Google's web search also offers some syntaxes that find specific information, like stock quotes and phone numbers, but we'll save that for later in the book. The Google Directory (http://directory.google.com/) is a searchable subject index based on The Open Directory Project (http://www.dmoz.org). As it indexes sites (not pages), it's much smaller than the web search but better for general searches. Google has applied its popularity algorithm to the listings so that more popular sites rise to the top. Usenet is a worldwide network of discussion groups. Google Groups (http://groups.google.com/) has archived Usenet's discussions back 20 years in some places, providing an archive that offers over 700 million messages. Google Images (http://images.googl
Read more: Current , Offerings

Hacking Google Search Forms
2007-09-15 11:35:00
Build your own personal, task-specific Google search form.If you want to do a simple search with Google, you don't need anything but the standard Simple Search form (the Google home page). But if you want to craft specific Google searches you'll be using on a regular basis or providing for others, you can simply put together your own personalized search form.Start with your garden variety Google search form; something like this will do nicely:< action="http://www.google.com/search" method="get">< maxlength="255" size="31" name="q">< type="submit" value="Search Google" name="sa">< /form>This is a very simple search form. It takes your query and sends it directly to Google, adding nothing to it. But you can embed some variables to alter your search as needed. You can do this two ways: via hidden variables or by adding more input to your form.10.1 Hidden VariablesAs long as you know how to identify a search option in Google, you can add it to your search form via a hidden variable. The
Read more: Hacking , Forms

Hacking Google URLs
2007-09-15 11:35:00
Hacking the URL Google hands you in response to a search. When you think of hacks you might think of making a cool search form or performing a particularly intricate search. But you can also hack search results by hacking the URL that Google returns after a search. There's at least one thing you can do by hacking the URL that you can do no other way, and there are quick tricks you can do that might save you a trip back to the advanced preferences page otherwise. 9.1 Anatomy of a URLSay you want to search for three blind mice. Your result URL will vary depending on the preferences you've set, but the results URL will look something like this: http://www.google.com/search?num=100&hl=en&q=%22three+blind+mice%22The query itself—&q=%22three+blind+mice%22, %22 being a URL-encoded " (double quote)—is pretty obvious, but let's break down what those extra bits mean. num=100 refers to the number of search results to a page, 100 in this case. Google accepts any number from 1 to 100. Alteri
Read more: Hacking

Hacking ajax
2007-09-13 08:17:00
I found a helpful tidbit about auto-increment counters today: to reset them, issue a command like:ALTER TABLE tablename AUTO_INCREMENT = 1I thought that back in the 3.23 days MySQL used to reclaim auto_increment ids if they were at the end of a sequence, but perhaps I am mistaken.If this line from a shell script I've taken ownership of doesn't strike fear into your heart, I don't know what will...php ../public_html/classes/class.sharecontent.phpI can think of at least a couple of ways this is just wrong:The class is essentially a method. It is a verb and object instead of a noun. When I see these and other verb classes, I always wonder what the methods are? Adverbs? $sharecontent->quickly()? $sharecontent->rightnowdamnit()? Including the class executes it. Simply looking at it executes it. It is one touchy class Basically a case study of what they did right (and not right) as a company he worked at for 3 or 4 years.DeploymentAlways release full builds, not just individual files. Too
Read more: Hacking

Yahoo booter, How It Works
2007-09-10 09:26:00
Samhacker Own copyrighted materialsAfter getting fed up with booters knocking me offline, i finally got the packet sniffers out, flexed my programming skills and decided to go in search of the truth..MisconceptionsA chat client is more bootable than another one... (yes only if the client is very very badly written)You need some kind of secret packet to send to boot a person in yahoo.. false.Truths.A Chat client with a good connection will help prevent most booters, yes, this is correct (with the exception of a couple of yahoo server explots..)If you know nothing about booters and a little about yahoo, have a look at the article i wrote hereYmliteif not i'll try and explain that (which is 300 odd lines) into something a bit more technical now...Yahoo Messenger Yahoo Chat...Yahoo messenger can get into yahoo chat, but in reality, it's a seperate service...Yahoo Messenger's server has a Buffer, this buffer is actually 128k not the 512 the first tests indicated in the article above.Why
Read more: Works

Perl module to process and decode WWW forms and cookies
2007-09-06 09:21:00
use CGI_Lite; $cgi = new CGI_Lite; $cgi->set_platform ($platform); where $platform can be one of (case insensitive): Unix, Windows, Windows95, DOS, NT, PC, Mac or Macintosh $cgi->set_file_type ('handle' or 'file'); $cgi->add_timestamp (0, 1 or 2); where 0 = no timestamp 1 = timestamp all files (default) 2 = timestamp only if file exists $cgi->filter_filename (&subroutine); $size = $cgi->set_buffer_size ($some_buffer_size); $status = $cgi->set_directory ('/some/dir'); $cgi->set_directory ('/some/dir') || die "Directory doesn't exist. "; $cgi->close_all_files; $cgi->add_mime_type ('application/mac-binhex40'); $status = $cgi->remove_mime_type ('application/mac-binhex40'); @list = $cgi->get_mime_types; $form = $cgi->parse_form_data; %form = $cgi->parse_form_data; or $form = $cgi->parse_form_data ('GET', 'HEAD' or 'POST'); $cookies = $cgi->parse_cookies; %cookies


How to Bypass Most Firewalls Part 3
2007-09-03 23:02:00
Open Windows Explorer, navigate to C:Program FilesOpenSSHetc. Open the file sshd_config using Wordpad. (That's sshd_config not ssh_config!) Change the line #Port 22 to Port 443 Save the file. Now open a command prompt. Change to C:Program FilesOpenSSHin. We are going to create a user and group database from your Windows user database. Type the following; mkgroup -l > ..etcgroup Then mkpasswd -l > ..etcpasswd These 2 commands will create group and password files at C:Program FileOpenSSHetc Start/Stoping the SSH Server On your home computer, open a command prompt. To start your SSH server, type the following: net start opensshd To stop your SSH server, type the following: net stop opensshd To make it easy, you can create a .bat file that will this command. If you make a shortcut to the .bat file in your Windows Startup program group, then when you turn on your home computer in the morning, the servers will startup automatically, and be ready for you when you get to work.
Read more: Bypass

How to Bypass Most Firewalls Part 2
2007-09-01 06:33:00
Alternatively, if you don't meet the prereqs or don't want to leave your computer on all day, you can try HTTP-Tunnel, a commerical alternative that lets you do everything here and more. When won't this work? Please notice the title of this page starts "How To Bypass Most Firewall Restrictions... I say most because the method I describe here will not work for everyone, even if you meet the pre-requisites above. If any of the following are true for you, you probably can't use this method successfully; You can not access any external Internet websites; only internal websites or none at all. You can access a few specific Internet websites, but no others at all. If either of the 2 lines above apply to you, your network administrator is working hard because they are using a "pessimistic" blocking strategy. In other words, they have decided to block everything, and probably only allow specific access. The problem with that strategy however, is that it requires much more work and mainten


How to Bypass Most Firewalls Part 1
2007-08-30 11:59:00
More and more employers and universities are becoming aware of the amount of time their employees or students are spending using the Internet for personal reasons. Obviously employers want to discourage this behavior and may implement a number of different ways to do so. These can include; Restricting people from installing programs on their workstation. This usually won't stop someone from accessing websites, but it may keep people from playing games or using instant messaging software. Using a firewall or proxy server to restrict access to websites or other Internet protocols. All your Internet communication passes through your network's firewall, so it's a great place to monitor and restrict access. How complex or restrictive it is largely depends how tech savvy your IT department is. Using a network monitoring system to "spy" on Internet access. This is a form of firewall monitoring, where your employer can intercept and read/save anything flowing through their firewall. Your IT
Read more: Bypass

Brute Force How It works
2007-08-27 23:14:00
There are a number of methods that a hacker can use to guess a password such as checking defaults, checking common passwords, or using a dictionary attack. When these methods fail, there is one final guessing technique available: the brute force attack. A brute force attack, as the name implies, involves a methodical process that in theory works in any situation because every possibility is tried. The practical implementation is not guaranteed to be successful but the odds can be improved with some extra work. The Brute Force Algorithm The word "algorithm" tends to sound rather imposing. Creating a program that will guess every possible password might sound like quite a chore. In reality, the brute force algorithm is deceptively simple! There are several variations that can be used, but all rely on the same basic premise. Here is one possible pattern: a,b,c,d,...,aa,ba,ca,da,...,aaa,baa,caa,... This patter will continue through all the possible iterations until a maximum length is reac


Some old hacking tricks but usable
2007-08-25 04:15:00
Getting Ip's:--To see the ip all computers you are connected to (web servers, people attempting to hack into your computer). Go to dos (start>run>type command) and run the netstat command. Type netstat /? for details. Type netstat -r at the command prompt to see the ip of all computers you are connected toIn MSN (and other programs) when you are chatting to someone everything you type goes through the MSN servers first (they act as a proxy) so you see their ip rather than who you are chatting to. You can get round this by sending them a file as MSN doesn't send file through its proxy.When you type the netstat -r (or -a for a different view) the ip's are under the foreign address table. The ports are seperated by a : . Different programs use different ports, so you can work out which ip's are from which program. Connecting to other computers and what ports are:--Servers send information. Clients retrieve. Simple. Windows comes with a built in program to connect to other computers ca
Read more: tricks

Hacking MySpace: How Flash & AJAX Based Worm Works
2007-08-21 10:12:00
MySpace has been infected by Flash based (swf) worm which spreading rapidly through MySpace. It is embedding JavaScript code into users’ profiles that redirects visitors to a site claiming the U.S. government was behind the 9/11 terrorist attacks, Symantec warned Monday. However it may be just the tip of the iceberg. Let’s take a look at how it works to understand how it can be easily modified to deliver much devastating payloads.The unnamed worm isn’t malicious but the Shockwave Flash (.swf) file containing the payload embeds JavaScript into the profile of any MySpace user who views the .swf file. This can easily replicate Samy is my friend worm without breaking a sweat.This javascript code would then be interpreted by any user who visited the site, allowing sensitive data to be stolen, such as a hash value required to carry out operations as a user, and performing operations on behalf of that users (without consent obviously). Currently, that access is being used only to spread
Read more: Hacking , Works , MySpace , AJAX

How to Bypass BIOS Passwords
2007-08-15 04:07:00
Before attempting to bypass the BIOS password on a computer, please take a minute to contact the hardware manufacturer support staff directly and ask for their recommended methods of bypassing the BIOS security. In the event the manufacturer cannot (or will not) help you, there are a number of methods that can be used to bypass or reset the BIOS password yourself. They include:Using a manufacturers backdoor password to access the BIOSUse password cracking softwareReset the CMOS using the jumpers or solder beads.Removing the CMOS battery for at least 10 minutes Overloading the keyboard buffer Using a professional service Please remember that most BIOS passwords do not protect the hard drive, so if you need to recover the data, simply remove the hard drive and install it in an identical system, or configure it as a slave drive in an existing system. The exception to this are laptops, especially IBM Thinkpads, which silently lock the hard drive if the supervisor password is enabled. If th
Read more: Bypass

Best hacking chapter -->Part 1 HTTP Response Splitting
2007-10-16 02:20:00
HTTP Response Splitting is a fairly new type of Web App security vulnerability. The idea behind it is, you find a website that takes user submitted data, and writes it to the HTTP header. An example of this is a Location: redirect. Heres the PHP code that takes a website, and redirects you to it.http://site.com/redirect.php?page=http://www.google.comCODE : As you can see, the 'page' variable is passed to the Location header to redirect the user. Heres what the request and reply headers look like:Request:CODE : GET /index.php?page=http://www.google.com HTTP/1.1 Host: site.com Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Reply: (302 Redirect)CODE : HTTP/1.1 302 Found Date: Tue, 02 Oct 2007 1:40:00 GMT Server: Apache/0.0.0 (Windows) PHP/0.0.0L


5 useful Windows XP tricks
2007-10-15 02:07:00
Don't just maximize your windows—go full screenWhen you need a really big window, don't just maximize it: go full screen! To view a window full screen, hold down the Ctrl key and double-click the window's title bar—or when the window is active, press the F11 key at the top of your keyboard—to get the biggest window possible.Add the Links toolbar to My ComputerYou know what would make a great toolbar? One where you could put your favorite applications and documents so that you could open them from any window at any time. Guess what? You can and here's how: click Start, then My Computer. Now right-click the toolbar and then click Links. You now have the Links toolbar on your windows, just like in Internet Explorer. Note: Make sure that Lock the Toolbars is not checked. Click on it to deselect it if it is.The really cool thing about the Links toolbar is that it's completely customizable. Try this: Navigate to your favorite application and drag and drop its icon to the Links too
Read more: Windows , tricks

Fuzzers - The ultimate list
2007-10-12 03:22:00
I spent the last week performing a penetration test for a customer, and at the close of the test I usually have a one-day in person "remediation meeting". One of the "action items" for me from the meeting was to respond with a list of fuzzers (sometimes called fault injectors) that can be used for in house pen testing. If you aren't familar with fuzzers and what they are, here is my best stab at a definition:Fuzzer: A fuzzer is a program that attempts to discover security vulnerabilities by sending random input to an application. If the program contains a vulnerability that can leads to an exception, crash or server error (in the case of web apps), it can be determined that a vulnerability has been discovered. Fuzzers are often termed Fault Injectors for this reason, they generate faults and send them to an application. Generally fuzzers are good at finding buffer overflow, DoS, SQL Injection, XSS, and Format String bugs. They do a poor job at finding vulnerabilites related to informa


Do you Xfocus?
2007-10-12 03:21:00
I try to make it a habit to run by a number of security-related sites everyday. One thing you have to realize as an English-speaking person, is that although there is a huge amount of material out there on the internet in English (or broken English), there is an equal number of good security articles, tutorials and research in non-western languages.One website I regularly check out is Xfocus.net. They are a pretty famous group of Chinese hackers. If you have been in security for a while, you may have seen some of their exploits posted to bugtraq over the last few years.Take example some good posts from 2006:Reversing Kaspersky Antivirus (english)(chinese)A really creative way to play with saved frame pointers in stack overflows exploits (english)(chinese):A hacklog for a when some guy rooted hackerschool.org (english)Here is a good one for all you web app pen-testers:Netcat implemented in perl (perl):Lots of other good stuff in there. Highly recommended!


Hack the Windows Logon Screen
2007-10-11 04:50:00
Windows Logon Screen is something many people doesn't like but just go with it as many don't know how to change it, for this there are two methods, I prefer the second one as it is more easy and but first one is a bit lengthy process, there is no harm in using any of the method but firstly you need to create a logonui.exe.here we go....first, get a program like regedit (Google it)look for logonui.exe in your windows/system32 folder.MAKE A COPY OF THIS FILE AND PUT IT IN YOUR ROOT FOLDER FOR EASY ACCESS!!!!open it with regedit or another registry key editor, and look around in it. if you want to spend hours painstakingly figuring out how to edit it on your own, be my guest. I haven't bothered even doing that yet... just go to http://www.themexp.org/ and you can find tons of custom themes.After you have downloaded your new logon screen, put that somewhere safe, and name it logonui.exe. DON'T try and copy it onto your real logonui while still in the windows envornment!Method I:- You c
Read more: Windows

Page 1 of 4 « < 1 2 3 > »
Copyright 2006 - 2007. TopBlogArea.com All Rights reserved. Created by SEOMinds.com
eXTReMe Tracker