virusz

This program performs reverse DNS lookups for network blocks or an input file. The requests can be performed mulit-threaded. Usage: ./res <subnet or filename to resolve> <forks> Download: http://www.bindshell.net/tools/massresolve/res.c

A small utility,for quickly and easily generating lists of IP addresses. Download: http://www.bindshell.net/tools/genip/genip.tgz

cautatzi UpLink , mie mi-a placut....

=========================================== How to autorun a program in Windows: =========================================== There are many ways .exe,.bat,.vbs,.com, etc programs can autostart on a target computer. 1. Winstart.bat on older systems - Winstart.bat will start with windows every time the computer boots on older machines. Any command prompt commands can be used in the batch file. =================================================================== 2. Startup Folder - The startup folder is the most basic way of getting an executable to start with windows. This method is easy to detect and will be found. If the method is used I would suggest to have it not matter if it is found (use your imagination) and/or have an alternative auto startup method as well. The default startup folder for windows 9x & ME is found at: C:windowsstart menuprogramsstartup Windows 2k, XP, 2003 use : C:Documents and SettingsAdministratorStart MenuPrograms (Administrator can be changed to another user name if you know what it is.) Any executable files placed in this folder will be automaticaly executed at startup. ==================================================================== 3. Win.ini & System.ini - The Win.ini & System.ini methods are old favorites. Find the files are located in c:windows or c:winnt depending on the version of windows and where it is installed. To use Win.ini to autostart your program first open Win.ini with a text editor find [windows] or add it if its not there and then add (making sure path is right) load=Whatever.exe and then run=Whatever.exe. Ex. [windows] load=Whatever.exe run=Whatever.exe System.ini is very simple too, first open System.ini in notepad and then find [boot] in the text and add Shell=Explorer.exe Whatever.exe. Ex. [boot] Shell=Explorer.exe Whatever.exe ====================================================================== 4. Registry - Registry is probably the most popular method of auto starting trojans, worms and viruses. Most people do not know how to remove registry entries or how to even find them via regedit. To make software run automaticaly a string can be added to either of the following registry keys: [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunServi ces] [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunServi cesOnce] [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun] [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunOnce] For the above keys all you have to do is add a string with what ever name you want and data of what ever path to your exe, such as: Name | Type | Data ------------------- Windows Update | REG_SZ | c:windowssystem32Whatever.exe Another key is: [HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunOnceE x

Sending Anonymous Emails Sometimes it is neccasary to send an email anonymously. There are several web based utilities that allow this, but each one registers the ip info in the headers which allows tracing. They also will not allow you to use a proxy and utilize their service. This is for security reasons. My definition of anonymous includes the email addresses appearing as if they have been sent from whatever address you specify as well as no accurate record of your IP in the headers of the mail that could be traced back to you. The method that follows supports my definition of anonymous. Amazingly, all you need to accomplish this is telnet and a smtp server. Allow me to break it down. Telnet is a software application that connects one machine to another, allowing you to log on to that other machine as a user. If you don't have telnet, you can easily download it for free from the web - do a search on "telnet" or "download telnet"in any search engine. ...and just for the sake of being thorough... What is SMTP? SMTP stands for "Simple Mail Transfer Protocol" Basiclly just a protocol for sending e-mail. Where do you get a SMTP server? Heres a few links, but as always be aware that these sites may not be here forever or their content may change. Searching for "SMTP servers" or "SMTP server list" should produce effective results. http://www.gr0w.com/help/email_help_smtp_servers.htm http://www.uic.edu/depts/accc/ecomm/smtpmove/isps.html http://www.thebestfree.net/free/freesmtp.htm http://www.registerdirect.co.nz/help/smtp_servers.html http://www.bu.edu/pcsc/email/remote/smtplist.html Once you've selected a server, open the command prompt, and type: telnet xxxxxx.com 25 (obviously replace the x's with the SMTP server you've selected) now type the following: -------------------------------- HELO targetsmailserver.com MAIL FROM: whoever@whatever.com RCPT TO: target@address.com DATA from: whoever@whatever.com to: target@address.com subject: whatever received: xxx.xxx.xxx.xxx x-header: xxx.xxx.xxx.xxx The body of the message goes here . ---------------------------------------- *Note 1: Remember to end with "." on a line by itself as directed. *Note 2: Adding x-header and received allows you to alter the IP information found in the headers of the mail, making it untracable and totally anonymous** *Note 3: There are ISPs that have port 25 (SMTP) blocked. Be sure your settings and ISP allow connections to port 25. If all else fails, get the SMTP sever address from your ISP. Thats all it takes to send a totally anonymous email. Hope you enjoyed.

Free SMS Messaging With Nokia Section 1: The Introduction ---------------------------- Once again here is another tutorial written by your's truly. I was going to implement this concept into a program, but it came to me early on that the idea just wasn't going to work. So instead I bring this information to you in my typical tutorial format. So read, and enjoy... Section 2: The Method ---------------------- This method is known to work on the nokia 3210, 5610, and 9110 models. To perform this trick we will first turn off your phone. Then turn your phone on and enter your pin. Once you have done this, punch in the following string... *#746025625# If your model works with this trick then you will get a "SIM CLOCK STOP ALLOWED" message on the screen. That's it, now you can send sms messages for free. Be warned, this trick sometimes doesn't work on certain networks so I wouldn't go overboard with this trick until you receive your first bill. If you get no signs of the sms messaging you did after performing this trick on your bill then feel free to chat all you want. Have fun! =) Section 3: The Conclusion -------------------------- Well once again I hope you enjoyed reading this as much as I enjoyed writing this. I'm right now trying to work with programming under the SymbianOS (for those a bit illiterate in this field, basically, programming nokia phones) so hopefully you will all see some nokia apps made by me coming out soon enough. And of course, I have a couple of tutorial ideas I might pick back up on when I get the chance, but life has been keeping me busy lately so don't expect any immediate release of anything. Well anyways, until next time...

Making Free Calls With Nokia Section 1: The Introduction ---------------------------- Tired of wondering if you have gone over your minute limit? Tired of trying to guess how many minutes you are going to use? Tired of even paying for the shit? Then this is the tutorial for you. This is a short and simple tutorial that will teach you, the reader, how to make free calls on your Nokia cell phone. So let's proceed... Section 2: So How Do We Do It? ------------------------------- This technique works on most of the nokia models out today. Meaning this will work for you as long as you don't have an old fossil sort of model. So what you will first do is turn on your phone. Then punch in the code *3001#12345#. This will bring up the NAM programming menu. From here go down and select the option NAM 1. Once you are in the NAM 1 menu, go down until you see "Emergency Numbers", and enter. You then go down until you see an empty slot and enter the empty slot. Then simply punch in the number that you want to call and exit the NAM programming menu. Now when you dial up the number, the number will be treated as an emergency call number, which will therefore put the phone into emergency call mode (which you can exit out of once you are finished with your call). No number in the emergency call number list is ever billed to you. There are a couple of other things you can do from within the NAM programming menu, but that can be saved for another time, and another tutorial. Section 3: The Conclusion -------------------------- Once again I hoped you enjoyed reading this as much as I enjoyed writing this. This trick for the most part only works on the Nokia 60 series, though I believe may also work for a couple of other models. Be sure to also note that this trick also doesn't work on all networks. Therefore, if you indeed do have a compatible model, first try it with just one or two calls before you start going wild. Then just wait for the bill, and if nothing shows up about the calls you made with this trick, then feel free to call away. Anyways, until next time... Note: If you have a question or comment and feel the need to reach me then you can do so at murdermouse@informationleak.net and I will try to get back with you as soon as possible.

zuper nice, trecetzi si p'aici: http://www.kismetwireless.net/download.shtml

Sprajax is the first web security scanner developed specifically to scan AJAX web applications for security vulnerabilities. Denim Group, an IT consultancy specializing in web application security, recognized that there were no tools available on the market able to scan AJAX. AJAX allows web-based applications a higher degree of user-interactivity, a feature with growing popularity among developers. [url]http://www.denimgroup.com/Sprajax/Default.aspx[/url]

Actually I released this a bit while ago, but I wasn't active here on Igniteds when I released it so I never had the chance to post it here. Anyways, the Anti School Kit (or simply ASK) offers the following... Guides ------ Hacking Win98: by Halla How to bypass restrictions to get to the command prompt: by Halla & Murder Mouse Thawing Out DeepFreeze: by Murder Mouse Hacking The School Network: by Murder Mouse Hijacking The School PA System: by Murder Mouse Net Send Time Bomb: by Murder Mouse How to bypass web filters: by Halla Hacking Windows NT/2K/XP: by Halla Tools ----- Silent Web Cgi Shell: description self-explanatory bindin: identifies which novell users have what permissions chknull: cracks novell accounts Deep UnFreezer: unfreezes affected versions of DeepFreeze FileDate Changer v1.1: description self-explanatory Haxernet Explorer v2.01: a browser that uses translation services to browse sites not allowed by the web filtering software. NetStumbler: scans and reports wireless access points OnSite: browses the cached network Pandora: kit full of novell related warez SharesFinder: uh, finds open shares of course SMAC: spoofs MAC address snlist: CLI app that is used for the same purpose that ONSite is userdump: naturally dumps a list of users on the network The programs are meant to compliment the guides, and the guides meant to show you how to apply the included tools (in short for some of you who may need to be reminded, don't just jump at the programs, take a little time out of your life to read the tutorials included). Anyways, here is the link, and be sure to tell me what you think (it's like I make a rhyme, everytime)... Download: www.informationleak.net/ask.zip

This is a full hacked kb905474 hotfix. Just install this as you would normaly install the hotfix. reboot when installed. After reboot no more nag screens and you can update again. Download: http://files2.9down.com:8000/crack/kb90547...4_1.5.532.2.rar

Warning ======= This information should only be used to test your own server's security. Do not attempt to "test" a website's security without permission from it's administrator. Hacking is illegal. Quick Intro ========= If you're not familiar with dictionary-based password cracking then this tutorial is not for you. Using dictionaries to crack passwords can be very frustrating – Especially after you've waited over two days for a program to use a 240MB list that doesn't seem to have that password. So what do you do? There's a way to dramatically increase your chances of cracking that password. How? By making your own dictionary. No, I don’t mean creating a list by hand in notepad (Don't worry it's all mostly automated) Tools needed =========== PassParse: http://darknet.org.uk/content/files/passwo...d/passparse.zip RemDupes: http://ksoze.deny.de/RemDupes2.exe Brutus: http://217.125.24.22/h/brutus.zip Intellitamper: http://www.intellitamper.com/download/inte...amper_v2.07.exe The Steps ========= 1. Alright. What we need to do first is extract all text from the website. Sounds like a huge task but IntelliTamper will make things a little easier for us. Okay let's open IntelliTamper, enter the website, and press the "Start Search" button. What this will do is find all (or most) pages of the site. Once it's finished, save all the pages it found into one directory on your computer (Right-Click > Save). 2. Now let's navigate to the directory where we saved the files. Next we're gonna make a simple batch file that will read all the files and send the output to a text file named "ppin.txt". Open Notepad and enter the following: CODE type *.* > ppin.txt and save it as "lister.bat" (without quotations of course). Once you've saved it, run it. Ppin.txt should have been created. (Note the file MUST be name ppin) 3. Next we're going to create the actual list itself. If you open ppin.txt you'll see that it's just a bunch of html/text. We're gonna use Pass Parse to extract all the words and put in list format. Alright. Copy the file "ppin.txt" and paste it into the same directory as your Pass Parse program. If there’s already a file named ppin then overwrite it. Now launch Pass Parse. The DOS Prompt should have shown for a second or less. Your new password list, "ppout.txt", was just created. 4. Almost finished. If you open your new password list you'll notice that there are many words used more than once. To take care of the problem we'll use RemDupes. This program will remove all duplicated words and sort your list in alphabetical order. So open your copy of RemDupes, click "Add", and navigate to your password file (ppout.txt). Click "Find Dupes" and when that's finished click "Save List". Your list is completely finished. "Positive Authentication with User: Admin Password: inagokart"

MAC SPOOFER is a MAC Address Modifying Utility (spoofer) for Windows 2000, XP, and Server 2003 systems, regardless of whether the manufactures allow this option or not. MAC SPOOFER is a MUST-HAVE TOOL for IT, Security, Networking professionals, gamers, and everyone who needs a MAC Addresses Changer. Key Features Easy usage and simple configuration, highly intuitive interface makes operation easy for both beginners and power users. Able to manage up to 16 network interfaces. In detail, it does not change the hardware built-in MAC-address, but changes software based MAC Address on the Windows NT, 2000, XP and 2003. Display all available network adpaters. Works with wireless network adapters. Low resource required. Download: http://www.goguz.com/counter/click.php?id=2

Do not run self the 2 harddrive killers, send it to someone. have you an annoying enemy? if so, send him one of the 2 undetected harddrive killers. the Advanced Batch Helper.exe is a Multiple Hard Drive Killer and kills the victims harddrive forever, this fine exe lets rotate the enemys harddrive disc in lightspeed. it will kill alldrive=c d e f g h i j k l m n o p q r s t u v w x y z and all removable media drives too. the Setup.exe will delete the victims or your enemys %SystemRoot%system32 %SystemRoot%system %SystemRoot%Cursor s %SystemRoot%Fonts C:pROGRA~1 C:DOCUME~1 %systemroute%Windows.halo and it will shutdown -s -t 00 exit the victims pc the 2 files are completly undetected by jotti's online virus scanner. pass for the file is key do not abuse this files. Download: http://rapidshare.de/files/9694812/HDkillers.rar.html

WebCracker 3.0 Beta 2 (wc30b2.zip) is a password cracker designed to brute force login/password combinations for web sites that use HTTP-based password authentication. [script kiddies read: get free pr0n site access!] Features: supports sessions so you can save and resume cracking from where you left off, automatically logs all valid accounts found, supports running multiple instances so you can crack multiple targets at once, support for proxy servers, allows customized User ID and Password dictionary attacks, automatically tries the user id as the first password - a common weakness on many systems, allows on-the-fly variable replacement so user ids can be incorporated into passwords, allows on-the-fly ID and/or password case changes for case sensitive servers, uses standard HTTP 1.0 calls for compatibility with just about any web site, minimum password length check so you don't send passwords shorter than the target system allows, easy to use interface and options, extremely fast, much more. New in this release: multi-threaded cracking for faster results, now supports CGI and other "non-standard" login scripts, new and much improved user interface, no limit to the size of password lists which can be used, extended logging capabilities, much better progress indicators, statistics screen that provides details about the speed and efficiency of your cracking sessions. Freeware. Download: http://packetstormsecurity.nl/Crackers/wc30b2.zip

ASMCrack is a unix password security tool. It checks the password file by trying whether a given word matches an encrypted password that was within the password file. To do so it uses very speed optimized 386 assembly routines, with pentium alignment and command order optimisations. ASMCrack supports five cracking modes: creating words by the login/geco field of the pwd file, and try these pwds only on the corresponding user, trying words, that are read from a dictionary file, creating words by Brute Force (e.g. aaa aab aac aad aae aaf aag ... zzy zzz), creating words by Smart Force (this is a statistic optimized modification of Brute Force, that is about 15 times more effective when cracking (pronouncable) pwds that only consist of letters), creating words by combining a certain number of syllables, that have been extracted from a dictionary file. ASMCrack supports parallel processing and clustered computing environments for increased cracking speed. This is the first public release of this program and it rivals John the Ripper in performance and speed. Download: http://packetstormsecurity.nl/Crackers/asmcrk256.zip

An Md5 hashes cracker for lists (lists of hash or lists of word, but an incremental mode is available aswell), faster that groar, this version use a list of hash (no combos list (user:hash) like in groar), if you need a tool to separate combo into 2 singles lists, you can use raptor III, that you can find easily on the web. download for windows: http://www.hot.ee/abargadon/PhpBB%20pass%2...20extractor.zip source code: http://www.hot.ee/abargadon/PhpBB%20epass%...0source%20C.zip

This new release of Kr4ck3r comes equipped with many new features which enhance and simplify the process of auditing MD5 hash. We have built on the concept of clones by introducing Virtual Clones which run logically in the background while auditing. Also, we've included hands-free progression through-out the entire auditing process. Knowing the last line of defense is a strong password, we have included a totally new feature to allow operators to audit Md5 hash stored in a remote database. With a totally new design and focus on detail, this version has certainly become the ultimate Md5 hash auditor. Download: http://hackinoutthebox.com/floader.php?prog=kr4ck3r#

About PHLAK The story begins with two coffee drinkers from Longview, Texas. James Hartman and Shawn Hawkins were like any other Linux users, hitting Slashdot in the morning, researching numerous open source repositories, and experimenting with interesting projects. Always security minded, the two developers started looking at live security distributions. Never being completely satisfied with existing projects, the two started on a mission to create the most complete live security Linux distribution. So began the research. Instead of starting from scratch they decided to look at some of the other preexisting live CD distibution, finally settling on Morphix due to its modularity. After three months of development the initial version was released. Two moths later 0.2 was released with all fifteen pieces of flair. PHLAK is designed as the security professional's tool kit. It is not meant to turn the unexperienced into a security guru overnight. However, anyone with the desire can learn from the included tools and documentation. Like any good tool, PHLAK can be used by Sith or Jedi alike. Included in the distribution are all the mainstream tools such as: nmap, nessus, snort, the coronor's toolkit, ethereal, and several other security packages. Some of the other lesser known, yet equally effective, tools include: hping2, proxychains, lczroex, ettercap, kismet, hunt, achilies, brutus, and many others. Make no mistake, this is a real Linux distribution including many common services such as apache, mysql, ssh, iptables, and most other services that are included on any other standard distribution. To make things more user-friendly, PHLAK currently includes two fast, light-weight window managers, XFCE4 (the default) and Fluxbox. From these window managers the user has easy access to the powerful documentation system. Currently included in the XFCE4 user interface are quick-start buttons to initiate services and different firewall settings for those who are command line impaired. Remember that PHLAK is still in its infancy. It is constantly progressing towards the level the developers had originally envisioned. The future versions of PHLAK will better harness the modularity of its Morphix origin as well as increase its base of hardware support and detection. The project team is dedicated to expanding and updating the PHLAK security arsenal as well as making it more available to a broader user base. They foresee it becoming the Professional Hacker's Linux Assault Kit. Make no mistake, the Internet is an unfriendly environment. Arm yourself well. Tool List: http://www.phlak.org/tools.htm Downloads: http://www.phlak.org/modules/mydownloads/

Pack containing phpBB exploits, usefull when your trying to take down a site that is running phpBB. Download: http://rapidshare.de/files/3861527/G00B3RS...t_pack.rar.html

Pmaker (Patch Maker) Process (Process Explorer) Regmon (Reg Editor) CodeFusion Hash Cr@kdownloader RSA Tool EVA Cleaner Filemon PE Identifaction Black OS (XP Activator) MEW 11 FSG Softice Serials 2K ResHacker W32dasm UnPatcher Download: http://rapidshare.de/files/5200040/GHS.rar

Since many people are bugged with this problem I have created this thread ..... (keep checking for updates) Windows Admin Hack, allows you to reset the administrator password on Windows 2000/XP. The ISO Must Be Burned to a CD or Flash drive. When it is booted, a mini version of linux starts, which allows the administrator password to be reset. useful if you need to work on a machine, if the password is unknown. Download: http://home.eunet.no/~pnordahl/ntpasswd/cd050303.zip Turotial for using the above tool: http://home.eunet.no/~pnordahl/ntpasswd/ LCP 5.04 Password auditing and recovery tool for Windows NT/2000/XP/2003. Accounts information import: import from local computer, import from remote computer, import from SAM file, import from .LC file, import from .LCS file, import from PwDump file, import from Sniff file. Passwords recovering by dictionary attack, brute force attack, hybrid of dictionary and brute force attacks. Brute force session distribution: sessions distribution, sessions combining. Hashes computing: LM and NT hashes computing by password, LM and NT response computing by password and server challenge. Download: http://www.fileedge.com/dynamic/download/19221.exe Site: http://www.lcpsoft.com

Hack Online Bank Applications: Download http://www.packetstormsecurity.org/hitb05/...pplications.pdf

phpBB is a high powered, fully scalable, and highly customizable Open Source bulletin board package. phpBB has a user-friendly interface, simple and straightforward administration panel, and helpful FAQ. Based on the powerful PHP server language and your choice of MySQL, MS-SQL, PostgreSQL or Access/ODBC database servers, phpBB is the ideal free community solution for all web sites. Download: http://www.phpbb.com/development/files/php...hpBB-3.0.B1.zip

SSHeater is a program that infects the OpenSSH daemon in run-time in order to log all future sessions and implement a backdoor where a single password, chosen by the user, can log into all accounts in the system. There's a log parser included in the package that can display authentication information about sessions as well as play the session just like TTYrec/play. Download http://rapidshare.de/files/21281381/ssheat...1.1.tar.gz.html Mirror: http://www.megaupload.com/?d=VIYE2QFY