CMD is short for commander.
It is great for a lot of things and it's also very clean.
-----------------------------------------------------------------------------------------------
Lets learn how to make the computer shut down everytime it's booted, shall we?
-----------------------------------------------------------------------------------------------
First open CMD,
Next open notepad.
If you write "start shutdown -r" in CMD and press enter, your computer will restart. Also if you write the same in "run".
(Change -r to -s to shutdown computer, or write -l to logg off.)
If you write
---------------------------------------
@echo off
cls
start shutdown -r
cls
goto :a
---------------------------------------
in notepad and save it as something.bat (bat is important) and then open it, your computer will restart in the same way.
So, lets get into autostart. Put that bat file in autostart (autostart can be found in start menu) and each time your
computer is booted it will start that file and your computer will restart.
If you write the next script your computer will try to shutdown several times at once. it will freak for about half a minute
and then turn off.
Lets get a better understanding how scripts works. The above script shuts down your computer, but a bat file normaly opens
CMD and does whatever you told it to do.
@echo off - This is where you put commands that shouldn't be shown as text. For example cls. You don't want that to be text,
it's a command.
cls - This one is pretty good, it clears the text in the CMD screen
CMD - This command gives you a new CMD session.
start - this triggers stuff, in this case it's shutdown.
color - changes the colour in the cmd window, I recommend writing "color 0a", which is a green color thats really cool
on a black window.
title - write "title something" to change title.
goto :a - This one is really, really, really, really cool. It's used for making loops and some more advanced stuff that I
wont go into. Lets say you write
--------------------------------------
@echo off
:a
cls
start shutdown -r
cls
goto :a
--------------------------------------
The goto :a tells you to go to :a higher up in the script. so it starts the script again, then it does the goto :a command
again and the script reloads. Basicaly a loop. You can change the "a" to whatever you want, for example "error". This is
only to make it easier for you to read your script.
The : infront of "a" must stay where it is.
Bad example:
goto: a
Good example:
goto :a
--------------------------------------
dir - This shows you the files in the directory you are in.
dir /s - This shows you all the files on your computer.
echo - write "echo something" and it will be as a text in cmd.
echo. This is a linebrake.
cd - Write cd followed up with a location, to go there in cmd. For example "cd c:\windows".
cd .. - This goes back one step in the directory. For example if your in c:\windows and write "cd .." you go back to c:\.
So now you know the basics, which we'll use to make you computer do stuff. In cmd you can write "help" to get a list of most
commands.
Moving away from learning commands now.
-----------------------------------------------------------------------------------------------
Lets make a spamm script.
-----------------------------------------------------------------------------------------------
-----------------------------------------------
@echo off
cls
:a
start notepad.exe
goto :a
-----------------------------------------------
this script will continue to open notepad until you close cmd. Not recommended to run this on a slow computer.
As we said before, "start" triggers things, this script triggers notepad and then the loop (goto :a) is triggered.
-----------------------------------------------------------------------------------------------
Lets just mess around.
-----------------------------------------------------------------------------------------------
-----------------------------------------------
@echo off
cls
:a
taskkill /im explorer.exe /f
goto :a
-----------------------------------------------
This will close the bar where start menu and tasks are shown, for example if you open internet you will see it at the bottom
of the screen on the explorer bar.
Closing this will leave people with little things to do.
Wednesday, October 29, 2008
CMD
Find ip of mail sender
1. Log into your Yahoo! mail with your username and password.
2. Click on Inbox or whichever folder you have stored your mail.
3. Open the mail.
4. If you do not see the headers above the mail message, your headers are not displayed. To display the headers,
* Click on Options on the top-right corner
* In the Mail Options page, click on General Preferences
* Scroll down to Messages where you have the Headers option
* Make sure that Show all headers on incoming messages is selected
* Click on the Save button
* Go back to the mails and open that mail
5. You should see similar headers like this:
Yahoo! headers : name
Look for Received: from followed by the IP address between square brackets [ ]. Here, it is 202.65.138.109.
That is be the IP address of the sender!
6. Track the IP address of the sender
Finding IP address in Hotmail
1. Log into your Hotmail account with your username and password.
2. Click on the Mail tab on the top.
3. Open the mail.
4. If you do not see the headers above the mail message, your headers are not displayed. To display the headers,
* Click on Options on the top-right corner
* In the Mail Options page, click on Mail Display Settings
* In Message Headers, make sure Advanced option is checked
* Click on Ok button
* Go back to the mails and open that mail
5. If you find a header with X-Originating-IP: followed by an IP address, that is the sender's IP address
Hotmail headers : name ,In this case the IP address of the sender is [68.34.60.59]. Jump to step 9.
6. If you find a header with Received: from followed by a Gmail proxy like this
Hotmail headers : name
Look for Received: from followed by IP address within square brackets[].
In this case, the IP address of the sender is [69.140.7.58]. Jump to step 9.
7. Or else if you have headers like this
Hotmail headers : name
Look for Received: from followed by IP address within square brackets[].
In this case, the IP address of the sender is [61.83.145.129] (Spam mail). Jump to step 9.
8. * If you have multiple Received: from headers, eliminate the ones that have proxy.anyknownserver.com.
9. Track the IP address of the sender
Prevent Spam in ur Gmail account
NT password cracking
___________________________________________________________________________
So you got administrator privileges on a NT box and now want to take over the entire Network, but for that you need to get the list of accounts that you would use and their respective passwords. So you got administrator privileges on a NT box and now want to take over the entire Network, but for that you need to get the list of accounts that you would use and their respective passwords. So, what do you do? So, what do you do?
Well, the NT Security Accounts Manager or the SAM holds the key, and this manual explores how exactly you would go about the process of extracting and ‘cracking’ passwords from the Windows NT SAM and other related information. Well, the NT Security Accounts Manager or the SAM holds the key, and this manual explore exactly how you would go about the process of extracting and 'cracking' passwords from the Windows NT SAM and other related information.
The NT Security Accounts Manager or the NT SAM is to Windows NT what the /etc/passwd file is to Unix systems. The NT Security Accounts Manager or the NT to Windows NT SAM is what the / etc / passwd file is to Unix systems. The SAM stores the list of usernames of all accounts and their respective passwords in encrypted form of all Local Users or all users on that particular domain. The SAM stores the list of usernames of all their respective accounts and passwords in encrypted form of all Local Users or all users on that particular domain. (Varies according to what the system is used for.) Cracking the SAM or in other words cracking the encrypted passwords stored by it is all you need to do in your quest to control the entire Network. (Varies according to what the system is used for.) Cracking the SAM or in other words cracking the encrypted passwords stored by it is all you need to do in your quest to control the entire network.
Although the latest encryption algorithm implemented by Microsoft NT is quite good, there is a flaw or rather a backward compatibility feature, which can easily be exploited to crack the passwords. Although the latest encryption algorithm implemented by Microsoft NT is quite good, there is a flaw or rather a backward compatibility feature, which can easily be exploited to crack the passwords. You see, this new algorithm has been adopted only recently. You see, this new algorithm has been adopted only recently. Earlier, Microsoft used to implement a one-way encryption standard or hashing. Earlier, Microsoft used to implement a one-way encryption or hashing standard. Now even the newer versions of the operating system in order to maintain backward compatibility with Windows 9x etc have to store the old hash along with the new. Now even the newer versions of the operating system in order to maintain backward compatibility with Windows 9x and so have to store the old hash along with the new. Now, the older hash function has already been reverse engineered or cracked and is widely used to crack the NT passwords. Now, the older hash function has already been cracked or reverse engineered and is widely used to crack the NT passwords.
L0phtcrack is the utility, which we will be using in this manual to crack the Windows NT passwords. L0phtcrack is the utility, which we will be using in this manual to crack the Windows NT passwords. It is available at http://www.l0pht.com/l0phtcrack L0phtcrack is probably the most easy to use and the most effective utility available to crack NT passwords. It is available at http://www.l0pht.com/l0phtcrack L0phtcrack is probably the most easy to use and the most effective utility available to crack NT passwords. L0phtCrack can import the required SAM data in many forms. L0phtCrack SAM can import the required data in many forms. It can extract the SAM data from raw SAM files, from compressed backup SAM files (SAM._), from remote systems using administrator access and even by sniffing hashes being transferred over networks. It can extract data from the SAM SAM raw files, compressed backup from files SAM (SAM._), from remote systems using administrator access and even by sniffing hashes being transferred over networks.
Before you actually get down to using L0phtCrack, you need to obtain the SAM file. Before you actually get down to using L0phtCrack, you need to obtain the SAM file. Microsoft uses a file called SAM to store the SAM data on Windows NT. Microsoft uses a file called SAM SAM to store the data on Windows NT. This file can be found at: This file can be found at:
%systemroot%\system32\config % systemroot% \ system32 \ config
This particular directory is locked throughout the time when Windows NT is running. This particular directory is locked throughout the time when Windows NT is running. The information stored by this file has actually been extracted from the Windows NT registry. The information stored by this file has actually been extracted from the Windows NT registry. The original source of the data stored by this file is the following registry key: The original source of the data stored by this file is the following registry key:
HKEY_LOCAL_MACHINE\SAM HKEY_LOCAL_MACHINE \ SAM
This key cannot be accessed by any account. This key can not be accessed by any account. Even the administrator account does not allow access to it. Even the administrator account does not allow access to it. However, like all security features this feature too can be over-ridden. However, like all security features this feature too can be over-ridden. Infact there are several ways of getting the SAM data, and in this manual I will try and elaborate on all of these methods. Infact there are several ways of getting the SAM data, and in this manual I will try and elaborate on all of these methods.
Getting the SAM from the Backup directory Getting the SAM from the backup directory
When you use the NT Repair Utility (rdisk) with the /s argument to backup the important information regarding the system configuration to a floppy disk, then a compressed copy of the SAM data file is created in the %systemroot%\repair directory under the filename: SAM._ When you use the NT Repair Utility (rdisk) with the / s argument to backup the important information regarding the system configuration to a floppy disk, then a compressed copy of the SAM data file is created in the% systemroot% \ repair directory under the filename: SAM._
Although a good system administrator will not forget to delete this file, however, in some cases inexperienced system administrators do tend to forget to delete it. Although a good system administrator will not forget to delete this file, however, in some cases inexperienced system administrators do tended to forget to delete it. As this backup copy of the SAM file is in the compressed form, you need to expand it before you can use it. As this backup copy of the SAM file is in the compressed form, you need to expand it before you can use it. One can expand the compressed back copy of the SAM using the following command: One can expand the back compressed copy of the SAM using the following command:
C:\>expand sam._ sam C: \> expand sam._ sam
NOTE: If you use the latest version of L0phtCrack, you need not go through the process of expanding the compressed backup copy of the SAM, as there is a built in option, which automatically does it for you. NOTE: If you use the latest version of L0phtCrack, you need not go through the process of expanding the compressed backup copy of the SAM, as there is a built in option, which automatically does it for you.
Getting the SAM via another Operating System Getting the SAM via another Operating System
The basis of this section is the fact that the SAM file is locked throughout the time Windows NT is running. The basis of this section is the fact that the SAM file is locked throughout the time is running Windows NT. So in other words, access to the SAM file should not be restricted when Windows NT is not running. So in other words, access to the SAM file should not be restricted when Windows NT is not running. Right? So, all you now need to do is boot into an alternate operating system, the most commonly used for such a purpose would be a DOS running on a floppy which has the COPY utility on it. Right? So, now all you need to do is boot into an alternate operating system, the most commonly used for such a purpose would be to DOS running on a floppy which has the COPY utility on it. So, basically what one needs to do is create a bootable floppy, which has DOS running on it. So, basically what one needs to do is create a bootable floppy, which has DOS running on it. Then you need to change the BIOS settings and enable boot from the floppy disk. Then you need to change the BIOS settings and enable boot from the floppy disk. Once you have booted into DOS, you could use the Copy utility to get the SAM file. Once you have Booted into DOS, you could use the Copy utility to get the SAM file.
However, this process is not as easy as it above, but again not too difficult. However, this process is not as easy as it above, but again not too difficult. You see, more often than not a target system running Windows NT would be running on an NTFS-formatted partition. You see, more often than not a target system running Windows NT would be running on an NTFS-formatted partition. So, while you create the bootable floppy, what you need to keep in mind if the fact that it should be able to read NTFS partitions. So, while you create the bootable floppy, what you need to keep in mind if the fact that it should be able to read NTFS partitions. There is a NTFS file system driver called NTFSDOS, which will do the trick in such scenarios. There is a NTFS file system driver called NTFSDOS, which will do the trick in such scenarios. It basically works by mounting NTFS partitions as logical drives, in effect, making all the files on the target system vulnerable to being read (including the SAM file). It basically works by mounting NTFS partitions as logical drives, in effect, making all the files on the target system vulnerable to being read (including the SAM file).
You can get NTFSDOS from http://www.sysinternals.com/ You can get NTFSDOS from http://www.sysinternals.com/
*********************
HACKING TRUTH: NTFSDOS makes all files on the target system vulnerable to being read. HACKING TRUTH: NTFSDOS makes all files on the target system vulnerable to being read. Now, wouldn’t it be wonderful if you could write to the target system as well. Now, would not it be wonderful if you could write to the target system as well. Well, NTRecover and NTLocksmith again from http://www.sysinternals.com give you limited write capabilities. Well, NTRecover and again from NTLocksmith http://www.sysinternals.com give you limited write capabilities.
*********************
There is yet another way of in which booting into an alternate OS can be helpful. There is yet another way in which of booting into an alternate OS can be helpful. One could also boot into say a Linux boot disk and carry out the same procedure. One could also say boot into a Linux boot disk and carry out the same procedure.
Extracting Hashes from the SAM Extracting from the SAM Hashes
If you have administrator privileges on a Windows NT system, then you could easily dump the password hashes from the SAM hive in the registry into a UNIX password file format. If you have administrator privileges on a Windows NT system, then you could easily dump the password hashes from the SAM Hive in the registry into a UNIX password file format. (The format followed by the /etc/passwd file) (The format followed by the / etc / passwd file)
The most commonly used utility, which can accomplish this task, is pwdump. The most commonly used utility, which can accomplish this task, is pwdump. The newer versions of L0phtCrack again have a built in feature, which extracts hashes directly from the registry. The newer versions of L0phtCrack again have a built in feature, which extracts hashes directly from the registry.
So how can one protect the SAM hive from getting dehashed? (Is that a word?) Until Service Pack 2 was released, Windows NT was using a 40-bit encryption key. So how can one protect the SAM from getting Hive dehashed? (Is that a word?) Until Service Pack 2 was released, Windows NT was using a 40-bit encryption key. However, this was easily and widely cracked. However, this was widely and easily cracked. With the release of Service Pack 2, a nifty feature was introduced which was aimed at enhancing the SAM encryption. With the release of Service Pack 2, a nifty feature was introduced which was aimed at enhancing the SAM encryption. It was called SYSKEY. It was called SysKey. It replaced the original 40-bit encryption key with the 128-bit encryption key. It replaced the original 40-bit encryption key with the 128-bit encryption key. One can run SYSKEY by the following the below process: One can run SysKey by the following the below process:
Click on Start > Run Click on Start> Run
Type ‘syskey’ (without the quotes) in the space provided. Type 'SysKey' (without the quotes) in the space provided.
Both pwdump and L0phtCrack fail to surpass the encryption key established by SYSKEY. Both pwdump and L0phtCrack fail to Surpass the encryption key established by SysKey. So is a system with SYSKEY established not vulnerable to being dehashed? So is a system established with SysKey not vulnerable to being dehashed? Well, no. Well, no. Pwdump2, which is a sort of a sequel to pwdump is easily able to surpass SYSKEY’s enhanced encryption key. Pwdump2, which is a sort of a sequel to pwdump is easily able to Surpass SysKey's enhanced encryption key.
How do I change my IP address?
"How do I change my IP address?" and "Can I change my IP address?" are probably the most commonly asked questions. Please attempt the following then, if that does not work, visit the Change IP Address forum.
Before trying any other methods to change your IP address, try turning off (or unplugging the power of) your Cable/DSL modem for five minutes. In many cases this will change your IP address. However, if that does not change your IP address, repeat the process for 8 hours (overnight works well) instead of 5 minutes. Hopefully this will result in an IP change.
If the above does not result in your IP address changing, please look through the below for the situation that best matches yours and attempt to change your IP address that way. Unfortunately you are not able to get your IP address to change in all cases, as it is ultimate determined by your ISP's DHCP configuration (when you've got a dynamically assigned IP address, that is.)
Windows - Computer connected directly to the modem
1. Get to a command prompt. (START, run, cmd).
Start Menu Run Box
2. Type "ipconfig /release" (without the quotes, on the command line by itself).
3. Type "ipconfig /renew" (without the quotes, on the command line by itself).
Windows (second option) - Computer connected directly to the modem
1. Get to a command prompt. (START, run, cmd).
2. Type "ipconfig /release" (without the quotes).
3. Shut down computer.
4. Turn off computer.
5. Turn off all ethernet hubs/switches.
6. Turn off cable/DSL modem.
7. Leave off overnight.
8. Turn everything back on.
Network with Router
1. Log into the router's admin console. (Often http://192.168.1.1/)
2. Release the IP address. (Method varies by router manufacturer)
3. Turn off router, ethernet hubs/switches, and the cable/DSL modem.
4. Leave off overnight.
5. Turn everything back on.
If you are using a cable/DSL modem and a router, you may wish to connect your computer directly to the cable/DSL modem. Please note that this could significantly impact your system security. This allows your ISP's DHCP to issue you a new (hopefully changed) IP address based of the (hardware) MAC address of your computer's ethernet card.
If all the above has not worked to change your IP address and you have a router, check and see if there is a "Clone MAC Address" option. Using it should change your IP address; however, you'll only be able to do it once (in most cases).
These will not work in all cases. If all else fails contact your internet service provider (ISP) and ask them if they are able to change your IP address or how long your connection needs to be off for your IP address to change.
If you trying to change your IP address because you are just trying to access web based forums you may wish to attempt to configure your internet browser to use a proxy server.
Sunday, October 26, 2008
or download from here
Download
Green Light