Hacking Websites

Disclaimer: Any damage/damages which may occur or arise using the information or by gaining knowledge through this particular post provided here lies solely on the person performing the act. I'm not responsible for any damage/damages of the same. What is written here, is provided solely on informational purpose.

Even dreamed of Hacking a website? Ever wonder how to get into ones website and deface it?

Well dream it.. there's no harm in doing that; but don't practice it (Are you confident enough about hiding your traces behind?).

Words be, lemme tell you a few live hacks done through SQL injections. You can try right now as it works (by the time this post is written) but CONSIDER doing it at your OWN RISK. What i'm telling here is more of a Ethical Hacking; that means, know that it can be done the way I'm explaining here, and find out how to protect from being a victim yourself.

It's simple. Most people think Hacking is for the master coders only, which rather is wrong. Of course some knowledge are required and depending on the level of security, one can break through any system. HACKING into a system can be minimize but you CAN'T guarantee a 100% secure system.. as there is always a way!!

So now, here are some sites which lack some serious security measures:

Uttar Pradesh technical University website -

http://uptu.ac.in/ (To login, goto login on the top right, go to college login, and then choose VC)

Red Fm 93.5 website -

http://myredfm.com/ (To login Goto http://myredfm.com/admin)

What the web developer of these sites have done is, they forgot, or don't know how to use a escape string function (in PHP language). I won't go into details just for the sake of the laymen. They don't know or haven't implemented certain measure to exclude certain characters from being input by the user. When a site asked for a username & password, what happens is that, the code checks the username to the username existing in the database and compare with the password in the same row with the user input password. If both the conditions returns TRUE, then the user is shown the next password protected page.

Look at this: "1' or '1' = '1". Put the above in the username as well as the password field (without the double quotes). Here we formed an always TRUE condition as 1 always equals to 1. Or you can change it '2' = '2' or anything else. Now press enter and voila, you are at the backend of those sites. You can change anything from the backend.

Windows: Generic Win32 Service Error

I've come across this problem myself and I tried googling a lot and found out a few methods to fix this problem but, the interesting part is that NONE works. 

With this error, your audio, your networks, the graphics; all are affected. Your audio devices will not be shown in the devices section, your internet will not work and one thing for sure is that, you'll be really pissed! The error seems to be caused by some old version of HP printer drivers. Microsoft has release updates for Windows XP sp2 but the problem still continues with SP3. (Haven't tried with Vista)

I read about a few other methods other than the WORKING one I've given here, and that includes software updates or patches from Windows and HP; but as I'm using a new enough software, the patch didn't work. 

Anyway, here's the steps for Manual fixing, which is by far the best:

1. Open Registry Editor: Start>Run and in the box type: regedit and press OK.

2. Find "TransportBindName”. (Edit>Find or Ctrl+F) It may take a few mins to search. (You can look for it yourself at the location HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NetBT\Parameters)

3. Double-click on that value and delete the default value in the box and press OK.

4. Find the value “EnableDCOM”, located at HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole

5. Double-click on that value and set the value in the box as ‘N’ which currently maybe set as ‘Y’.

6. Close the Registry Editor and restart your computer.

I think this will solve your problem.

How to remove protectfile.vbs virus

Yesterday one of my junior was trying to print a few stuffs he bought in his pen drive using my PC. He said he did scanned for viruses (am using AVG) but the scan showed no detection; however i got this protectfile.vbs virus on every drive of my PC. The most annoying thing it did was that, your CD or DVD drive will be ejected by itself. Whenever you try to open any of your drive by double clicking on it, a new window will be opened instead of the same window. This is quite an annoying thing (if you are using linux with default settings, you perhaps know about this!!).

The protectfile.vbs virus makes hidden, read-only multiple copies of itself in all the drives which are difficult to be detected. It can’t be deleted or renamed without disabling its “read-only” property. And lastly when we try to delete any one of the multiple copies, it uses an autorun.inf (executed automatically by windows) file to recreate itself from its copies in other drives.

So i tried googling for its remedy. I did found out a lot of ways to remove the virus but none was quite effective. I looked for the methods at thinkingpal, yahoo answers and the potpourri4u blog. By "effective", i meant,  u don't want to download stuffs to remove that file but you do want to remove it... better it be that u be able to remove it with minimum efforts!! So, here's the best method i can provide you to remove the virus. All the steps are similar to wat's available, but the important thing is that, many bloggers failed to mention step 5 (coz they perhaps never tried, but just COPY-PASTED these steps) which is a MUST:

1) Press Ctrl+Alt+Del (Task Manager)

2) In the Processes tab , Kill the processes : explorer and wscript.exe (if available)

3) Go to File> new task

4) Go to command Prompt (Enter cmd in Run) 

Go to the drive c:\

Type del /f/q/a protectfile.vbs

and del /f/q/a autorun.inf

Go to c:\windows\system32

and enter del /f/q/a secureguard.vbs

5) Now delete protectfile.vbs and autorun.inf by going manually to the root of each drive (use windows explorer tree form, do not double click on the drive icons)

If you don't see the file, go to folder options, select the view tab, uncheck the hide protected operating system files button then check the show hidden file button. Click apply and then OK.

6) Goto regedit (enter regedit in Run) and search for protectfile.vbs and delete all entries with this name.

7) Now search for the secureguard.vbs and modify it as in the path del only "c:\windows\system32\secureguard.vbs" and let the other part of the path be as it is.

8) Restart your system

A more simpler option maybe found at dirtycraft blog.

I hope that does it... and i'm sure, no pop ups will be shown at each restart of your PC!!

Dark Angel's Phunky Virus Writing Guide

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=

DISCLAIMER: The author hereby disclaims himself. Virus coding guide, Courtesy: Phalcon

       This guide is purely for educational purpose ony.

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-

Virii are  wondrous creations written for the sole purpose of spreading and destroying the  systems of unsuspecting fools. This eliminates the systems of simpletons  who can't  tell that there is a problem when a 100 byte file suddenly blossoms  into a  1,000 byte  file. Duh... These low-lifes do not deserve to  exist, so  it is  the coders' sacred duty to wipe their hard drives off the face of the Earth. It is a simple matter of speeding along survival of the fittest!!

Virus writing  is not  as hard  as you  might first imagine. To write an effective virus, however, you *must* know assembly language. Short, compact code are hallmarks of assembly language and these are desirable characteristics of  virii. However, it is *not* necessary to write in pure assembly. C may also be used, as  it allows almost total control of the system while generating relatively compact code (if you stay away from the library functions). However, you still must access  the interrupts, so assembly knowledge  is still  required. However, it is still best to stick with pure assembly,  since most operations  are more  easily coded in assembly. If you do not know assembly, I would recommend picking up a copy of The Microsoft Macro Assembler Bible (Nabajyoti Barkakati, ISBN #: 0-672-22659-6).   It is an easy-to-follow book covering assembly in great detail. Also get yourself a copy of Undocumented DOS (Schulman, et al, ISBN #0-201-57064-5), as it is very helpful.

The question of which compiler to use arises often. I suggest using Borland Turbo  Assembler and/or Borland C++. I do not have a copy of Zortech C (it was too large to download), but I would suspect that it is also a good choice. Stay away from Microsoft compilers, as they are not as flexible nor as efficient as those of other vendors.

A few more items round out the list of tools helpful in constructing virii. The latest version of Norton Utilities is one of the most powerful programs available, and is immeasurably helpful.   MAKE SURE YOU HAVE A COPY! You can find  it on  any decent board. It can be used during every step of the process, from the writing  to the testing. A good debugger helps. Memory management utilities such as MAPMEM, PMAP, and MARK/RELEASE, are invaluable, especially when coding TSR virii. Sourcer,  the  commenting disassembler, is  useful when  you wish to examine the code of other virii (this is a good place to get ideas/techniques for your virus).

Now that  you have  your tools,  you are  ready to  create a  work  of  art designed to smash the systems of cretins.  There are three types of virii:

1) Tiny virii (under 500 bytes) which are designed to be  undetectable due to their small size.   TINY  is  one  such  virus.    They  are generally very simple because their code length is so limited.

2) Large  virii  (over 1,500 bytes)   which   are   designed   to   be undetectable because they cover their tracks very  well  (all  that code DOES have a use!).  The best example  of  this  is  the  Whale virus, which is perhaps the best 'Stealth' virus in existence.

3) Other virii which are not designed to be hidden at all (the writers don't give  a  shit). The  common  virus  is  like  this.    All overwriting virii are in this category.

You must  decide which  kind of  virus you wish to write. I will mostly be discussing  the  second type  (Stealth  virii). However,  many  of  the techniques discribed  may be easily applied to the first type (tiny virii). However, tiny virii generally do not have many of the "features" of larger virii, such  as  directory  traversal. The  third  type  is  more  of  a replicating trojan-type, and will warrant a brief (very, very  brief!) discussion later.

A virus may be divided into three parts: the replicator, the concealer, and the bomb. The replicator part controls the spread of the virus to other files, the concealer keeps the virus from being detected, and the bomb only executes when  the activation  conditions of the virus (more on that later) are satisfied.

well well well.... enough talks today... check out for details on the replicator, the concealer and the bomb on the following posts.

Disclaimer - VIRII ALERT 1

Disclaimer:

What's here is for informational purposes only, and should never be used to cause damage or any harm to any system. The owner of this page is not responsible for any actions performed with the information received from these pages. This series of posts is made solely on intellectual purpose and this site is not responsible for any filthy acts anyone does using information provided here.

Within the next few posts, I'm launching a series of "VIRII ALERT" posts which deals with creating computer virii. I hope users find it interesting and informative. Going through the internet, I couldn't find much sites which teaches virii coding in simple manner. With "VIRII ALERT" i'll try to keep it simple.

One more condition is that.. i love comments, but i won't entertain Q's here. If you really want to learn virii coding, then use the information here, and work the rest out for yourselves.... good luck.