Many of the Folder locks today are having no encryption tecnique.....
They just change the extension of the particular folder which is to be hideded by the software....
This technique is applicable only for the folders which are seen locked by a locking picture on the specified folder...
firstly you should be aware of some general dos commands..
Dir :: Displays a list of a directory's files and subdirectories. Used without parameters, dir displays the disk's volume label and serial number, followed by a list of directories and files on the disk, including their names and the date and time each was last modified. For files, dir displays the name extension and the size in bytes. Dir also displays the total number of files and directories listed, their cumulative size, and the free space (in bytes) remaining on the disk.
Syntax
dir [Drive:][Path][FileName] [...] [/p] [/q] [/w] [/d] [/a[[:]attributes]][/o[[:]SortOrder]] [/t[[:]TimeField]] [/s] [/b] [/l] [/n] [/x] [/c] [/4]
Parameters
[Drive:][Path]
Specifies the drive and directory for which you want to see a listing.
[FileName]
Specifies a particular file or group of files for which you want to see a listing.
/p
Displays one screen of the listing at a time. To see the next screen, press any key on the keyboard.
/q
Displays file ownership information.
/w
Displays the listing in wide format, with as many as five file names or directory names on each line.
/d
Same as /w but files are sorted by column.
/a [[:] attributes]
Displays only the names of those directories and files with the attributes you specify. If you omit /a, dir displays the names of all files except hidden and system files. If you use /a without specifying attributes, dir displays the names of all files, including hidden and system files. The following list describes each of the values you can use for attributes. The colon (:) is optional. Use any combination of these values, and do not separate the values with spaces. Value Description
h Hidden files
s System files
d Directories
a Files ready for archiving
r Read-only files
-h Files that are not hidden
-s Files other than system files
-d Files only (not directories)
-a Files that have not changed since the last backup
-r Files that are not read-only
This much is sufficient....
next command used is RENAME
Rename (ren)Changes the name of a file or a set of files.
Syntax
rename [Drive:][Path] filename1 filename2
ren [Drive:][Path] filename1 filename2
Parameters
[Drive:][Path] filename1
Specifies the location and name of the file or set of files you want to rename.
filename2
Specifies the new name for the file. If you use wildcards (* and ?), filename2 specifies the new names for the files. You cannot specify a new drive or path when renaming files.
/?
Displays help at the command prompt.
Now we would be using these two commands to crack the lock...
Step 1) open cmd and go to the source path..
eg: your folder which is locked is in d:/VIdeos>
then reach there and follow next step
Step 2) Write Dir /a in cmd and press enter
you will see the list of directories including your hidden as well as your locked directory with some particular extension...
step 3) Rename the locked folder by using its full name with extension..
eg: rename secret.{1240ac34d15-0001-922d-3ec0} secret
and you have done it...your lock has been removed....
you can fool your friends also by this trick ..
just unlock the locked folder and Rename the particular folder you want to lock with same extension..
eg: rename secret secret.{1240ac34d15-0001-922d-3ec0}
if you like the trick just say thanks.........
I Also have a technique to recover hidden files from expired Instant lock..
for details mail me.......
Sunday, April 5, 2009
Cracking Folder Lock.........
Friday, March 27, 2009
A latest Technique for cracking Bios Password......
It is Easy and working trick but be careful while using this trick.
There are 20% chance of bios getting killed.
Here is a software named Cmos which does it..
CmosPwd decrypts password stored in cmos used to access BIOS SETUP.
Works with the following BIOSes
ACER/IBM BIOS
AMI BIOS
AMI WinBIOS 2.5
Award 4.5x/4.6x/6.0
Compaq (1992)
Compaq (New version)
IBM (PS/2, Activa, Thinkpad)
Packard Bell
Phoenix 1.00.09.AC0 (1994), a486 1.03, 1.04, 1.10 A03, 4.05 rev 1.02.943, 4.06 rev 1.13.1107
Phoenix 4 release 6 (User)
Gateway Solo - Phoenix 4.0 release 6
Toshiba
Zenith AMI
With CmosPwd, you can also backup, restore and erase/kill cmos.
AWARD 4.50 have a backdoor, a generic password : AWARD_SW SOYO motherboard have "SY_MB" as master password for Award 4.51. CmosPwd give equivalent passwords for Award BIOS, not original one.
You can download zip file from here zip
download it and extract it follow the instructions in readme file.......
Thursday, March 26, 2009
Local Dns Posioning Trick (Very Easy)
The last posts on dns poisoning required a little bit of brain and quite a lot effort.
Here is a very easy but limited trick which can be used to trick ur friends and u can play naughty with them.
First of all go through my previous post.
Now we will make slight change , using this we will actually do for example replace ip of www.google.com with ip of www.yahoomail.com and keep domain name of www.google.com.
now when u will open www.google.com in ur browser actually www.yahoomail.com will open.So u can play trick on ur freinds computer.
Use any site which u like for ur trick and i m sure ur freind will get annoyed.
to know ip of any site just go in command prompt type tracert www.site.com press enter and u will get ip of that site...
So enjoy And do reply to motivate me.............
DNS Spoofing with Ettercap
Watch video by going to given link below
http://www.irongeek.com/i.php?page=videos/dns-spoofing-with-ettercap-pharming
DNS Spoofing techniques
| - Overview : What is DNS Spoofing ? |
DNS Spoofing is the art of making a DNS entry to point to an another IP than it would
be supposed to point to. To understand better, let's see an example.
You're on your web browser and wish to see the news on www.cnn.com, without to think of
it, you just enter this URL in your address bar and press enter.
Now, what's happening behind the scenes ? Well... basically, your browser is going to
send a request to a DNS Server to get the matching IP address for www.cnn.com, then
the DNS server tells your browser the IP address of CNN, so your browser to connect
to CNN's IP address and display the content of the main page.
Hold on a minute... You get a message saying that CNN's web site has closed because
they don't have anymore money to pay for their web site. You're so amazed, you call
and tell that to your best friend on the phone, of course he's laughing at you, but
to be sure, he goes to CNN web site to check by himself.
You are surprised when he tells you he can see the news of the day as usual and you
start to wonder what's going on. Are you sure you are talking to the good IP address ?
Let's check. You ask your friend to fire up his favorite DNS resolving tool (or
simply ping) and to give you the IP address he's getting for www.cnn.com.
Once you got it, you put it in your browser URL bar : http://212.153.32.65
You feel ridiculous and frustrated when you see CNN's web page with its daily news.
Well you've just been the witness of a DNS hijacking scenario. You're wondering what
happened, did the DNS Server told you the wrong IP address ? Maybe... At least this
is the most obvious answer coming to our mind.
In fact there are two techniques for accomplishing this DNS hijacking. Let's see the
first one, the "DNS ID Spoofing" technique.
| - A) DNS Cache Poisoning |
As you can imagine, a DNS server can't store information about all existing names/IP on
the net in its own memory space.
That's why DNS server have a cache, it enables them to keep a DNS record for a while.
In fact, A DNS Server has the records only for the machines of the domain it has the
authority, if it needs to know about machines out of his domain, it has to send a request
to the DNS Server which handles these machines and since it doesn't want to ask all the
time about records, it can store in its cache the replies returned by other DNS servers.
Now let's see how someone could poison the cache of our DNS Server.
An attacker his running is own domain (attacker.net) with his own hacked DNS Server
(ns.attacker.net)
Note that I said hacked DNS Server because the attacker customized the records in
his own DNS server, for instance one record could be www.cnn.com=81.81.81.81
1) The attacker sends a request to your DNS Server asking it to resolve www.attacker.net
2) Your DNS Server is not aware of this machine IP address, it doesn't belongs to his
domain, so it needs to asks to the responsible name server.
3) The hacked DNS Server is replying to your DNS server, and at the same time, giving
all his records (including his record concerning www.cnn.com)
Note : this process is called a zone transfer.
4) The DNS server is not "poisoned".
The attacker got his IP, but who cares, his goal was not to get the IP address of his
web server but to force a zone transfer and make your DNS server poisoned as long as
the cache will not be cleared or updated.
5) Now if you ask your DNS server, about www.cnn.com IP address it will give you
172.50.50.50, where the attacker run his own web server. Or even simple, the attacker
could just run a bouncer forwarding all packets to the real web site and vice versa,
so you would see the real web site, but all your traffic would be passing through the
attacker's web site.
| - B) DNS ID Spoofing |
We saw that when a machine X wants to communicate with a machine Y, the former always
needs the latter IP address. However in most of cases, X only has the name of Y, in
that case, the DNS protocol is used to resolve the name of Y into its IP address.
Therefore, a DNS request is sent to a DNS Server declared at X, asking for the IP
address of the machine Y. Meanwhile, the machine X assigned a pseudo random
identification number to its request which should be present in the answer from the
DNS server.
Then when the answer from the DNS server will be received by X, it will just have
to compare both numbers if they're the same, in this case, the answer is taken as valid,
otherwise it will be simply ignored by X.
Does this concept is safe ? Not completely. Anyone could lead an attack getting this
ID number. If you're for example on LAN, someone who runs a sniffer could intercept
DNS requests on the fly, see the request ID number and send you a fake reply with the
correct ID number... but with the IP address of his choice.
Then, without to realize it, the machine X will be talking to the IP of attacker's
choice thinking it's Y.
By the way, the DNS protocol relies on UDP for requests (TCP is used only for zone
transferts), which means that it is easy to send a packet coming from a fake IP since
there are no SYN/ACK numbers (Unlike TCP, UDP doesn't provide a minimum of protection
against IP spoofing).
Nevertheless, there are some limitations to accomplish this attack.
In my example above, the attacker runs a sniffer, intercept the ID number and replies
to his victim with the same ID number and with a reply of his choice.
In the other hand, even if the attacker intercepted your request, it will be
transmitted to the DNS Server anyway which will also reply to the request
(unless the attacker is blocking the request at the gateway or carry out
ARP cache poisoning which would make the attack possible on a switched
network by the way).
That means that the attacker has to reply BEFORE the real DNS server, which means
that to succeed this attack, the attacker MUST be on the same LAN so to have a very
quick ping to your machine, and also to be able to capture your packets.
Practical example (to be done a network for testing purposes ONLY)
To see yourself how to hijack a connection from a machine on your local area network,
we can do the followings :
First step : Poison the ARP cache of the victim's machine (tools and explanations
for realizing this task can be found at http://www.arp-sk.org)
Second step : Now, outgoing packets of the target will be redirected to your host,
but you have to forward the traffic to the real gateway, this can be achieved with
a tool like Winroute Pro.
Third step : We then use WinDNSSpoof, developed by valgasu (www.securiteinfo.org) which is
a tool that greatly help to carry out DNS ID Spoofing. (Before to use this tool be sure you
have the Winpcap library installed on your machine, see http://winpcap.polito.it).
We run it in the cmd like :
wds -n www.cnn.com -i 123.123.123.123 -g 00-C0-26-DD-59-CF -v
This will make www.cnn.com to point to 123.123.123.123 on the victim's machine.
00-C0-26-DD-59-C being the MAC Address of the gateway or DNS server.
WARNING : Please keep in mind that the use of these tools on a network without explicit
authorization of the administrator is strictly forbidden.
NOTE:The above Article is a result of cumulative research by me through various sources on net , the article is not created by me i have only put in a logical sequence for better understanding.
Wednesday, March 25, 2009
Multiple Logins of Gmail and Orkut through firefox
u all might have faced problems specially with google accounts that if u have a different gmail and orkut account then u cannot login both at same time in a same browser without logging out other account. Also u and ur freind cannot access their orkut at same time in same browser.
To overcome this problem try this trick
Follow the following steps and you will be able to login in gmail and orkut with multiple accounts. Through this you will be able to make profiles in your firefox.
Step 1:Open system properties(by right clicking my computer), choose tab advanced, click to environment variables button. in system variables section, click new. type this information to each textbox.
Step 2:variable name: moz_no_remote (should be all small letter).variable value: 1
Step 3:open firefox icon's properties(from desktop and quick launch). add extension -p to command line(like "c:\program files\mozilla firefox\firefox.exe" -p). press ok.
When you will open firefox it will prompt for profile selection create a profile,open firefox login to orkut open once more use another profile login.
How To Block Websites Without Using Any Software
Here i m sharing with you a method to do it without using any software...
1]Browse C:\WINDOWS\system32\drivers\etc
2] Find the file named "HOSTS"
3] Open it in notepad
4] Under "127.0.0.1 localhost" Add 127.0.0.2 www.sitenameyouwantblocked.com , and that site will no longer be accessable.
5] Done!
