Wednesday, December 30, 2009

Tricks Part 4 : How to disable deepfreeze in public computers


This works on ANY version of Deepfreeze so you can apply the steps stated in part 2 :

1. Boot from cdrom or usb drive using any bootable OS like Windows XPE or any linux distro.

2. Go to windows/system32/drivers folder and look for the frzstate2k.sys and null.sys.

3. Temporarily rename null.sys to frzstate2k.sys.

4. Rename frzstate2k.sys to null.sys.

5. Reboot normally and notice the deepfreeze logo shows that it is now in thawed mode.

6. Follow the steps stated in "Tricks Part 2" in order to deploy any keylogger.

7. Reboot again from cdrom or usb drive and restore frzstate2k.sys and null.sys to its original filenames.

Monday, December 28, 2009

Tricks Part 3 : How to spy on friendster (view private profiles without permission)

1. Go to Viewer 1 and type the friendster profile URL in the box located beside the "View Profile" buton then click it.

2. Scroll down a bit to the "Galleries" section and click to view the album contents.

or go to

Viewer 2
and try the same steps above but instead click on the padlock symbol to fully view the album's pictures. Enjoy

Sunday, December 27, 2009

Tricks Part 2 : How to spy on your cheating husband/wife to find evidence (cont'd)

How to deploy keylogger without installing and spy on your cheating husband/wife :

1. Download here and install Perfect Keylogger 1.6.8 to your own computer first then try using it on yourself to get a feel of its features.

2. Go to the installation folder and copy the 3 most important files bpk.exe, bpkhk.dll and bpkvw.exe to your flash drive (you may uninstall it now from your own pc).

3. Go to your target's computer and paste the said 3 files in any discrete directory to lessen suspicion then configure to your own needs.

4. After the target computer have been used, get back to it some time and use the viewer to see the logs of all keystrokes it collected specially passwords.

Countermeasures : None that i know of if registered version is used..

Additional Notes :

1. If you want the program to be highly undetectable by antiviruses and want its full stealth features, purchase the latest version from blazingtools.com
or look for its registration code floating somewhere on the internet. Be careful though of getting malwares or spywares instead.

Wednesday, December 23, 2009

Tricks Part 1 : How to spy on your cheating husband/wife to find evidence




How to spy on your (cheating?) bf/gf 's email and yahoo messenger / IM password :




1. Enable autocomplete if you are using Internet Explorer (Tools>Internet Options>Content>Autocomplete Settings tab) and yahoo messenger's "Remember my ID & password" check box. That way, anybody that uses your computer (including yourself) will have a copy of their passwords saved (hidden behind asterisks) for ease of use the next time you login.

2. Let your target (i.e boyfriend,wife) use your computer and let them sign in to their favorite accounts (yahoo messenger, facebook, friendster,etc).

3. Then download and install Snadboy Revelation version 2 from www.snadboy.com (don't worry its completely free).

4. Run the program and look for the "Circled +' cursor on the Snadboy window.

5. Drag the said cursor into the password section where the asterisks appear.

6. Look again at the Snadboy "Text of Window Under "Circled +" Cursor" and the password will be displayed in plain text. Enjoy ;)

Countermeasures :  Never save passwords locally on your computer specially if it shared with other users. Doing so can lead to possible online identity theft as well.

Additional Notes :

* Tested 100% working on all versions of Internet Explorer and Yahoo Messenger logins.
** Some antivirus may falsely detect snadboy revelation as malware or virus. In this case simply turn it off OR run revelation in a virtual environment such as VMware workstation and such (for the more paranoid techie).
*** For better spying results in YM, it would be better to turn on its archive function (under preferences menu) upon first signon and don't forget to mark email messages as unread after reading them hehehe...  ;)

Tips :

You don't have to install the program everytime. Just copy/paste the RevelationHelper.dll
 and Revelation.exe to your favorite usb flash drive and run only when needed. Got it? :)

Friday, December 4, 2009

IT Ninja Toys # 2 : Alfa AWUS036H (Simply the Best for Wireless Pentesting)


TECHNICAL SPECIFICATIONS
Wireless standards    IEEE802.11b/g:Data at speed up to 54Mbps
Transmitter Output Power    500mW / 1000mW

Receive Sensitivity for 802.11g
54Mpbs(64QAM): -76dbm
48Mbps (64QAM): -71dbm
36Mpbs (16QAM): -78dbm
24Mbps (16QAM): -80dbm
18Mbps (QPSK): -81dbm
12Mpbs (QPSK): -82dbm
9Mbps (BPSK): -85dbm
6Mbps (BPSK): -91dbm    500mW/1000mW-USBShown with 2dBi antenna (included)
Antenna connector    RP-SMA female
Antenna    Detachable 2dBi dipole antenna
Security    WEP: 64-bit, 128-bit, or 256-bit; WPA (Wi-Fi Protected Area):  WPA-PSK, WPA II, TKIP
Chipset    RealTek 8187 also known as RTL8187L    Brand: Alfa Network sku AWUS036H
I/O Interface    USB2.0/1.1 Spares the efforts of opening up the case of your desktop computer.
USB cable     Comes with 5-foot USB cable
Channels    1 - 13 (all available channels,including all Europe channels)
LED    Link/Active
Operating System Support    Windows 98se, Windows ME, 2000, XP, Linux (BT3)
Power    Power is supplied through the USB cable


Warning : Beware of cheap imitations they are simply a waste of your time and money.

Thursday, December 3, 2009

IT Ninja Toys #1 : An "Ordinary" Laptop


If you are one of those persons who define "techie" as someone who is an "early adapter" or someone who has the dough to keep up to date with the latest gadgets being put out by manufacturers and vendors , then think again :

A laptop is a penetration tester's most important arsenal much like the M-16 for the U.S Army. However, new laptops on the market nowadays come with an "Express Card" as a replacement to the old reliable PC card or PCMCIA slot. This is BAD news if you want to learn wireless security testing techniques. All current and previously available Wifi, GSM, GPRS, 3G,etc. cards requires the PCMCIA slot and as of now there is none yet available in Express Card form. Now unless you are willing to settle for pre-owned units, go to your nearest dealer and get one with a pcmcia slot while there are just a handful left such as those from MSI VR series.

Get in Windows 2000 as Administrator

How to get in Windows 2000 as Administrator :
>
> NOTE: Requires a boot disk such as a bootable flash drive containing Windows XPE or any linux distribution.
>
> Get to the command prompt and go to C:\winnt\sytem32\config\ and type the following commands:

> attrib -a -r -h
> copy sam.* a:\
> del sam.*
>
> Reboot the computer. There should be no more administrator password. Just put in administrator and hit enter. Replace the sam files to restore the password to hide intrusion.

Wednesday, December 2, 2009

Remote Shutdown

XP PRO has a lot of fun utilities. One of the most useful ones I have found to date is the ability to remotely reboot a PC. There are 2 ways of doing this. You will need to have admin access to the PC to preform these actions. That being said, here is the first way to do it:

Right click my computer, choose manage.
Highlight the Computer Management (Local) then click on Action, choose connect to another computer.
In the window that opens fill in the machine name of the PC you want to connect to and click ok.
Once connected right click on Computer Management (Remote machine name) and choose properties.
Go to the "Advanced" tab and click the Settings button under Start up and recovery.
Click on the Shutdown button.
Under action choose what you want to do (you can log off current user, shut down, restart, or power down. you can also choose if you want to force all applications to close, close hung apps, or wait for all apps to close by themselves).

The second way... Remember dos... that good old thing. Open up a command prompt and enter in the following:

%windir%\System32\shutdown.exe -r -m \\Machinename. The command prompt has more switches and options. I highly suggest using shutdown.exe /? to see all the posibilities.
Certified Ethical Hacker Network Security Internet Security Computer Security Wireless Network Security