You can divide windows hacking in two parts
1.Admin hacking
2.Operating system hacking(i.e. making changes in the look of windows)
For hacking into admin accounts you can use various techniques
some tools which can help you to hack into Systems are as follows
1. ERD commander
2. Admin hack
3. OPH Crack
4. Police Boot CD etc
for these all tools you have to visit www.thepiratebay.org their are various other torant sites.
Description of tools
1. With the help of ERD commander you can directly change the password of admin without knowing the older one.But the problem is that the genuine user also not able to login and hence he knows that some buddy has hack into his system and change his password. Also if syskey is enable then this tool is going to work.
2. With the help of Admin hack you can also break the syskey and change the passwords of admin.
3. With the help of OPH crack you can see the password of administrator but it takes a lot of time.
Their are various other techniques are also available which help you to hack into the system.
Friday, November 20, 2009
Windows Security Architecture
Their are Three Main Components in Security Architecture Of windows i.e.
1-> LSA (Local Security Authority):-> It is also known as the security subsystem.It handles local security policies and user authentication.The LSA also handles generalizing and logging audit messages.
2-> SAM (Security Account manager):-> The SAM handles user and group account's and provides user authentication for LSA.
3-> SRM (Security Reference Monitor):-> The SRM is in charge for enforcing and assuring access validation and auditing for the LSA.It references user account information as the user attempt's to access resources.
Passwords are not stored in SAM file rather their hashes are.Direct manipulation to this file is not possible.
1-> LSA (Local Security Authority):-> It is also known as the security subsystem.It handles local security policies and user authentication.The LSA also handles generalizing and logging audit messages.
2-> SAM (Security Account manager):-> The SAM handles user and group account's and provides user authentication for LSA.
3-> SRM (Security Reference Monitor):-> The SRM is in charge for enforcing and assuring access validation and auditing for the LSA.It references user account information as the user attempt's to access resources.
Passwords are not stored in SAM file rather their hashes are.Direct manipulation to this file is not possible.
Wednesday, November 18, 2009
Types Of Viruses
Their has been a continuous arm race between virus writers and the writers of anti virus software since Virus first appeared. As effective countermeasure has been developed for existing types of Viruses, New types has been developed.
Some popular types-
Parasitic Virus-> The traditional and still the most common form of Virus.A parasitic Virus attaches it self executable files and replicates when the infected program is executed, by finding other executable file to infect.
Memory-Resident Virus-> Lodges in main memory as part of a resident system program from that point on the Virus infects every program that executes.
Boot Sector Virus-> Infects a master boot record or boot record and spreads when a system is booted from the disk containing the Virus.
Stealth Virus-> A form of Virus explicitly designed to hide itself from detection by anti virus software.
Polymorphic Virus-> A Virus that mutates with every infection, making detection by the "signature" of the Virus in impossible.
Metamorphic Virus-> As with a Polymorphic Virus, a Metamorphic virus mutates with every infection.The difference is that a metamorphic Virus rewrites it self completely at each iteration.Metamorphic may change their behavior as well as their appearance.
Some popular types-
Parasitic Virus-> The traditional and still the most common form of Virus.A parasitic Virus attaches it self executable files and replicates when the infected program is executed, by finding other executable file to infect.
Memory-Resident Virus-> Lodges in main memory as part of a resident system program from that point on the Virus infects every program that executes.
Boot Sector Virus-> Infects a master boot record or boot record and spreads when a system is booted from the disk containing the Virus.
Stealth Virus-> A form of Virus explicitly designed to hide itself from detection by anti virus software.
Polymorphic Virus-> A Virus that mutates with every infection, making detection by the "signature" of the Virus in impossible.
Metamorphic Virus-> As with a Polymorphic Virus, a Metamorphic virus mutates with every infection.The difference is that a metamorphic Virus rewrites it self completely at each iteration.Metamorphic may change their behavior as well as their appearance.
Tuesday, November 17, 2009
Life Cycle of a Virus
During its life time a typical virus goes through the following four phases.
1. Darment Phase-> The virus is idle.The virus will eventually be activated by some event , such as a date , the presence of another program or file , or the capacity of the disk exceeding some limit.Not all viruses have this stage.
2. Propagation Phase-> The Virus placed an identical copy of itself into other program or into certain system areas on the disk.Each infected program will now contain a clone of the virus , which itself inter a propagation phase.
3.Triggering Phase-> The virus is activated to perform the function for which it was intended as with the dormant phase the triggering phase can be caused by a variety of system events , including a count of the number of times that this copy of the virus has made copies of itself.
4.Execution Phase-> The function is performed .The function may be harmless , such as a message on the screen or damaging , such as the destruction of programs and data files.
Most viruses carry out their work in a manner that is specific to a particular h/w & s/e platform.Thus they are designed to take advantage of the details and weaknesses of the particular system.
1. Darment Phase-> The virus is idle.The virus will eventually be activated by some event , such as a date , the presence of another program or file , or the capacity of the disk exceeding some limit.Not all viruses have this stage.
2. Propagation Phase-> The Virus placed an identical copy of itself into other program or into certain system areas on the disk.Each infected program will now contain a clone of the virus , which itself inter a propagation phase.
3.Triggering Phase-> The virus is activated to perform the function for which it was intended as with the dormant phase the triggering phase can be caused by a variety of system events , including a count of the number of times that this copy of the virus has made copies of itself.
4.Execution Phase-> The function is performed .The function may be harmless , such as a message on the screen or damaging , such as the destruction of programs and data files.
Most viruses carry out their work in a manner that is specific to a particular h/w & s/e platform.Thus they are designed to take advantage of the details and weaknesses of the particular system.
Definition of malicious programs
Malicious s/w can be divided into two categories: Those that need a host program and those that are independent. The former are essentially fragment's of programs that cannot exist independently of some actual application program, utility or system program. Virus, Logic bombs and backdoor are example.
The letter are self-contained programs that can be scheduled and run by the O.S. Worms and Zombie programs are examples.
We can also differentiate b/w those s/w threats that do not replicate and those that do. The former are programs or fragments of program's that are activated by a trigger.Ex-Logic bomb, Backdoor, Zombie Programs.
BACKDOOR-> A backdoor also known as trapdoor is a secret entry point into a program that allows some one that is aware of the backdoor to gain access without going through the usual security access procedures.The backdoor is code that recognize some special sequence of input or is triggered by being run from a certain user id or by an unlikely sequence of events.
Backdoor become threats when unscrupulous programmers use them to gain unauthorized access.
It is difficult to implement O.S. controls for backdoor. Security measure must focus on the program development and software update activities.
LOGIC BOMB-> One of the oldest type of program threat predating viruses and worms is the logic bomb. The logic bomb is code embedded in some legitimate program that is set to"exploit" when conditions are met.Examples of conditions that can be used as trigger for the logic bomb are the presence or absence of certain file , a particular day of a week or date , or a particular user running the application.Once triggered a logic bomb alter or delete data aremtire file causes a machine halt or do some other damage. A A striking example of how logic bomb can be employed was the case of Tim Lloyd who was convicted of setting a logic bomb that cost his employer, Omega engineering more then 10 million $, derailed its corporate growth stratehy and eventually led to the lay off of 80 workers .Ultimately Lloyd was sentenced to 41 month in prison and ordered to pay $2 million in restitution.
TROJAN HORSE-> aA Trojan horse is a use full or apparently use full program or command procedure containing hidden code that when invoked, performs some unwanted or harmful function.
Trojan horse programs can be use to accomplish functions indirectly that an unauthorized user could not accomplish directly.
I want to clear one thing that Trojans are just remote administrative tools with the help of attackers can gain access to a victim computer.its not a type of virus it is very popular with a name RAT.
A Trojan come in mainly two parts one is Client and the other is Server.Attacker implant the server part to the victim computer and with the help of Client he send request for the server.When server executed it opens a port on the victim computer and through that post client communicate with the server.Every Trojn program work on a particular port number like "bief" work on 9999 port number of TCP.
ZOMBIE-> A zombie is a program that secretly takes over another Internet-Attached computer and then uses that computer to launched an attack that are difficult to trace to the Zombie creator.Zombies are used in Denial -of- service attacks typically against targeted websites.The Zombie is planned on hundred of computer belonging to unsuspecting third parties, and then used to overwhelm the target web site by launching an overwhelm on slough t of internet traffic.
VIRUSES-> A Virus is a piece of s/w that can "infect" other program by modifying them; the modification includes a copy of the virus program, which can then go on to infact other programs.
Biologist viruses are tiny scraps of genetic code DNA or RNA that can take over the machinery of a living cell and trick it into making thousands of flow less replicas of the original virus.Like its biological counter part, a computer virus carries in its instructional code the recipe for making perfect copies of itself.The typical virus become embedded in a program on a computer.Then when ever the infected computer comes into the new programs .Thus the infection can be spread from computer to computer by unsuspecting users who either swap disks or sends programs to one other over a network.Tn a network environment the ability to access application and system service on other computers provides a perfect culture for the spread of a virus. A Virus can do one thing that other programs do the only difference is that it attached it self to other program and executes secretly when the host program is run.Once a Virus is executing it can perform any function , such as erasing files and programs.
The letter are self-contained programs that can be scheduled and run by the O.S. Worms and Zombie programs are examples.
We can also differentiate b/w those s/w threats that do not replicate and those that do. The former are programs or fragments of program's that are activated by a trigger.Ex-Logic bomb, Backdoor, Zombie Programs.
BACKDOOR-> A backdoor also known as trapdoor is a secret entry point into a program that allows some one that is aware of the backdoor to gain access without going through the usual security access procedures.The backdoor is code that recognize some special sequence of input or is triggered by being run from a certain user id or by an unlikely sequence of events.
Backdoor become threats when unscrupulous programmers use them to gain unauthorized access.
It is difficult to implement O.S. controls for backdoor. Security measure must focus on the program development and software update activities.
LOGIC BOMB-> One of the oldest type of program threat predating viruses and worms is the logic bomb. The logic bomb is code embedded in some legitimate program that is set to"exploit" when conditions are met.Examples of conditions that can be used as trigger for the logic bomb are the presence or absence of certain file , a particular day of a week or date , or a particular user running the application.Once triggered a logic bomb alter or delete data aremtire file causes a machine halt or do some other damage. A A striking example of how logic bomb can be employed was the case of Tim Lloyd who was convicted of setting a logic bomb that cost his employer, Omega engineering more then 10 million $, derailed its corporate growth stratehy and eventually led to the lay off of 80 workers .Ultimately Lloyd was sentenced to 41 month in prison and ordered to pay $2 million in restitution.
TROJAN HORSE-> aA Trojan horse is a use full or apparently use full program or command procedure containing hidden code that when invoked, performs some unwanted or harmful function.
Trojan horse programs can be use to accomplish functions indirectly that an unauthorized user could not accomplish directly.
I want to clear one thing that Trojans are just remote administrative tools with the help of attackers can gain access to a victim computer.its not a type of virus it is very popular with a name RAT.
A Trojan come in mainly two parts one is Client and the other is Server.Attacker implant the server part to the victim computer and with the help of Client he send request for the server.When server executed it opens a port on the victim computer and through that post client communicate with the server.Every Trojn program work on a particular port number like "bief" work on 9999 port number of TCP.
ZOMBIE-> A zombie is a program that secretly takes over another Internet-Attached computer and then uses that computer to launched an attack that are difficult to trace to the Zombie creator.Zombies are used in Denial -of- service attacks typically against targeted websites.The Zombie is planned on hundred of computer belonging to unsuspecting third parties, and then used to overwhelm the target web site by launching an overwhelm on slough t of internet traffic.
VIRUSES-> A Virus is a piece of s/w that can "infect" other program by modifying them; the modification includes a copy of the virus program, which can then go on to infact other programs.
Biologist viruses are tiny scraps of genetic code DNA or RNA that can take over the machinery of a living cell and trick it into making thousands of flow less replicas of the original virus.Like its biological counter part, a computer virus carries in its instructional code the recipe for making perfect copies of itself.The typical virus become embedded in a program on a computer.Then when ever the infected computer comes into the new programs .Thus the infection can be spread from computer to computer by unsuspecting users who either swap disks or sends programs to one other over a network.Tn a network environment the ability to access application and system service on other computers provides a perfect culture for the spread of a virus. A Virus can do one thing that other programs do the only difference is that it attached it self to other program and executes secretly when the host program is run.Once a Virus is executing it can perform any function , such as erasing files and programs.
Monday, November 16, 2009
More about malicious programs
To learn more about malicious programs in depth you have to follow the link.It contains a lot about Virus, Worm, Trojan & Spywares.
http://74.125.153.132/search?q=cache:Q-FnQKSmpp4J:www.barnard.edu/resnet/docs/lycw05/Viruses%2520Spyware%2520and%2520Scams.doc+virus+worm+trojan+spyware+filetype:doc&cd=3&hl=en&ct=clnk&gl=in
http://74.125.153.132/search?q=cache:Q-FnQKSmpp4J:www.barnard.edu/resnet/docs/lycw05/Viruses%2520Spyware%2520and%2520Scams.doc+virus+worm+trojan+spyware+filetype:doc&cd=3&hl=en&ct=clnk&gl=in
How To Differentiate In Virus, Worm, Trojan & What They Are
A malicious program can be categorize in many types some of then are as follows
- Trojan
- Worm
- Virus
- Spy ware etc..
To understand this we have to follow this flow chart which takes a program as input and then as per their working we can categorize that what type of program is that.
We can easily understand the categorization of Virus, Worm & Trojan with the help of this flow chart.
classification of hackers as per their work
We can divide hackers in mainly e parts that is .....
1. White Hat Hackers
2. Grey Hat Hackers
3. Black Hat hackers
Apart from these three an special name is also their i.e.
* Blue Hat hackers
white hate hackers are those hackers who has total authorization to hack in a system/network/server they helps in finding the loop holes in the security of a system/network/server.They are generally called ethical hackers or penetration testers.They are good guys.They have good ethics.
Black hat hackers are those hackers who doesn't have any authorization to hack but they do it.They are also called crackers.they make changes in the look and also in the databases of web sites as well as some time they delete it for fun only.They are called bad guys.They don't have any ethics.
Gery hat hackers comes in between white and black they also not have authorization to by pass the security mechanism of a system/server/network but they do it.Good thing is that they also doesn't make any kind of changes in the database even though they help to secure the system.They are independent testers.
Blue hack is nothing different.Microsoft given a name to their own hackers who helps to secure the network of Microsoft.They are also smiler to Grey hat hackers.
1. White Hat Hackers
2. Grey Hat Hackers
3. Black Hat hackers
Apart from these three an special name is also their i.e.
* Blue Hat hackers
white hate hackers are those hackers who has total authorization to hack in a system/network/server they helps in finding the loop holes in the security of a system/network/server.They are generally called ethical hackers or penetration testers.They are good guys.They have good ethics.
Black hat hackers are those hackers who doesn't have any authorization to hack but they do it.They are also called crackers.they make changes in the look and also in the databases of web sites as well as some time they delete it for fun only.They are called bad guys.They don't have any ethics.
Gery hat hackers comes in between white and black they also not have authorization to by pass the security mechanism of a system/server/network but they do it.Good thing is that they also doesn't make any kind of changes in the database even though they help to secure the system.They are independent testers.
Blue hack is nothing different.Microsoft given a name to their own hackers who helps to secure the network of Microsoft.They are also smiler to Grey hat hackers.
Sunday, November 15, 2009
HACKING
Their are various techniques which we can use to hack it depends what u want to hack, but the result is totally depends on the implementation flows given by either system administrator's or web developers.
we just have to follow one law before learning hacking i.e. Richards law of hacking
"either you dont buy a computer or if u do buy a computer don't turn it on other wise it will be hack" .
For learning hacking you have to just concentrate on some points.It is very basic but necessary for being a good hacker.......
1. You must show patience
2. Continuous working on the same topic
3. Reading all about it(your topic)
4. smart working etc..
I am going to teach you hole course of hacking online show you must check the updates given by me.
The hole hacking is devided in four parts
1. System hacking
2. LAN hacking
3. Web Hacking
4. DATA hacking
I will discuss all the topics with you .
You are most welcome to post your comments on each topic.
we just have to follow one law before learning hacking i.e. Richards law of hacking
"either you dont buy a computer or if u do buy a computer don't turn it on other wise it will be hack" .
For learning hacking you have to just concentrate on some points.It is very basic but necessary for being a good hacker.......
1. You must show patience
2. Continuous working on the same topic
3. Reading all about it(your topic)
4. smart working etc..
I am going to teach you hole course of hacking online show you must check the updates given by me.
The hole hacking is devided in four parts
1. System hacking
2. LAN hacking
3. Web Hacking
4. DATA hacking
I will discuss all the topics with you .
You are most welcome to post your comments on each topic.
Hacker Words
Hi friends this blog is dedicated to all my friends and students who really want to learn hacking by practical means.i have created this blog just to stay in touch with u all if u have some thing new then you can post over hear also u can learn many things from me with the help of this blog.
Subscribe to:
Comments (Atom)