What is Computer Hacking

-->

Computer hacking is the practice of modifying computer hardware and software to accomplish a goal outside of the creator’s original purpose. People who engage in computer hacking activities are often called hackers. Since the word “hack” has long been used to describe someone who is incompetent at his/her profession, some hackers claim this term is offensive and fails to give appropriate recognition to their skills.

Computer hacking is most common among teenagers and young adults, although there are many older hackers as well. Many hackers are true technology buffs who enjoy learning more about how computers work and consider computer hacking an “art” form.

Hacking Password For Website's

Hacking Password Protected Website's

There are many ways to defeat java-script protected websites. Some are very simplistic, such as hitting

[ctl-alt-del ]when the password box is displayed, to simply turning offjava capability, which will dump you into the default page.You can try manually searching for other directories, by typing the directory name into the url address box of your browser, ie: you want access to www.target.com .

         Try typing www.target.com/images .(almost ever y web site has an images directory) This will put you into the images directory,and give you a text list of all the images located there. Often, the title of an image will give you a clue to the name of another directory. ie: in     www.target.com/images,    there is a .gif named gamestitle.gif . There is a good chance then, that there is a 'games' directory on the site,so you would then type in    www.target.com/games,   and if it isa valid directory, you again get a text listing of all the files available there.

          For a more automated approach, use a program like WEB SNAKE from anawave, or Web Wacker. These programs will create a mirror image of an entire web site, showing all director ies,or even mirror a complete server. They are indispensable for locating hidden files and directories.What do you do if you can't get past an opening "PasswordRequired" box? . First do an WHOIS Lookup for the site. In our example, www.target.com . We find it's hosted by www.host.com at 100.100.100. 1.

     We then go to 100.100.100.1, and then launch \Web Snake, and mirror the entire server. Set Web Snake to NOT download anything over about 20K. (not many HTML pages are bigger than this) This speeds things up some, and keeps you from getting a lot of files and images you don't care about. This can take a long time, so consider running it right before bed time. Once you have an image of the entire server, you look through the directories listed, and find  /target.  When we open that directory, we find its contents, and all of its sub-directories listed. Let's say we find    /target/games/zip/zipindex.html .  This would be the index page that would be displayed had you gone through the password procedure, and allowed it to redirect you here.By simply typing in the url    www.target.com/games/zip/zipindex.html   you will be onthe index page and ready to follow the links for downloading.

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

(DISCLAIMER)XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

The Info Above Is Lame!!!. I Dont Condone The Use Of This Document In A Malisous Manner. I Suggest That U Dont Do it But U Do What Ever U Want. I Will Not Be Responsible For Any Thing That Might Happen To U If U Use This.  :)

What Is NetBIOS

-->

The Magic of NetBIOS

In this guide you will learn how to explore the Internet using Windows XP and NetBIOS:

·         How to Install NetBIOS

·         How to Use Nbtstat

·         The Net View Command

·         What to Do Once You Are Connected

·         How to Break in Using the XP GUI

·         More on the Net Commands

·         How Crackers Break in as Administrator

How to hack Windows XP Admin Passwords

How to hack Windows XP Admin Passwords

How to hack Windows XP Admin Passwords ------------------------------------------------------------------------------ This hack will only work if the person that owns the machine has no intelligence. This is how it works: When you or anyone installs Windows XP for the first time your asked to put in your username and up to five others. Now, unknownst to a lot of other people this is the only place in Windows XP that you can password the default Administrator Diagnostic Account. This means that to by pass most administrators accounts on Windows XP all you have to do is boot to safe mode by pressing F8 during boot up and choosing it. Log into the Administrator Account and create your own or change the password on the current Account. This only works if the user on setup specified a password for the Administrator Account. This has worked for me on both Windows XP Home and Pro. ----------------------------------------------------------------------------- Now this one seems to be machine dependant, it works randomly(don't know why) If you log into a limited account on your target machine and open up a dos prompt then enter this set of commands Exactly: (this appeared on www.astalavista.com a few days ago but i found that it wouldn't work on the welcome screen of a normal booted machine) ----------------------------------------------------------------------------- cd\ *drops to root cd\windows\system32 *directs to the system32 dir mkdir temphack *creates the folder temphack copy logon.scr temphack\logon.scr *backsup logon.scr copy cmd.exe temphack\cmd.exe *backsup cmd.exe del logon.scr *deletes original logon.scr rename cmd.exe logon.scr *renames cmd.exe to logon.scr exit *quits dos ----------------------------------------------------------------------------- Now what you have just done is told the computer to backup the command program and the screen saver file, then edits the settings so when the machine boots the screen saver you will get an unprotected dos prompt with out logging into XP. Once this happens if you enter this command minus the quotes "net user password" If the Administrator Account is called Frank and you want the password blah enter this "net user Frank blah" and this changes the password on franks machine to blah and your in. Have fun p.s: dont forget to copy the contents of temphack back into the system32 dir to cover tracks Any updates, Errors, Suggestions or just general comments mail them to either Estyle89@hotmail.com jaoibh@hotmail.com

Hacking Unix passwords

Here's how to use it in a nutshell...

Download the passwd file from your local unix site, or have someone download
it for you.  It should be in the unix format (that is, line feeds but no
carriage returns) so don't run it through any conversion programs--Brute uses
it "as-is".

To check a single password against your list do this:

BRUTE passwd Password

(that would check the passwd file for the password "Password").  Brute is
case sensitive (just as unix is), so "Password" is different than "password".

To convince yourself that brute actually works you'll probably want to run it
with your password and see that it pulls up your account.  It will.

---

Brute can be used with a list of passwords.  In this case, edit up a list or
use a pre-made one (one password per line) and call brute like this:

BRUTE passwd @passlist.txt

(where passlist.txt is the name of your list-of-passwords.  The @ sign tells
brute that you're using list file).  Note that you don't have to use the name
"passlist.txt" for your word list, and you don't have to use the name
"passwd" for the password file.  This allows you to keep separate word lists
for different types of unix sites, and separate password files.

Right now that's about it.  There are a few enhancements I'm planning in the
future, but this ought to do the trick for you.  Any passwords found are
written to the file "PWD_HITS.DAT".

Brute ignores unpassworded and invalidly-passworded accounts automatically,
so you should probably check the passwd file for these babys yourself.

---

Brute is about 25% faster than it's nearest competitor.

Have fun.

Prometheus

---

Version 1.1:  Fixed the icky short int bug which causes the "Password"
              counter to go negative after 32k attempts (changed to long
              int--now it will go negative should you reach 2 billion
              attempts in a single setting, which isn't extrememly likely.

              Added the "*" password to check for the username as a password
              (forward and reversed).  Either put * on a line by itself in
              your word list file, or call brute like this: brute passwd *
              ---

Version 2.0:  I'm using the fastcrypt routine as ported to DOS by Gandalf and
              distributed in OBJ form by sir hackalot.  I haven't measured
              the speed increase, but it's not as much as I had hoped.  Maybe
              twice as fast.  Anyhow, such is life.

    ÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜ
    ÜÝÄ’œ›Š úúúúúúúúúúúúúúú THE HOLLOW'S ALLIANCE úúúúúúúúúúúúúúú AliceÄÞÜ ú
    ÜÝÄ     (415)849-2688      Ÿ‰‰ë 攁r hîŽë       (415)849-2688       ÄÞÜ ú
    ÜÝ ÄÄ Ä Ä Ä Ä Ä Ä   T-file Distribution Cent-a-RoR    Ä Ä Ä Ä Ä Ä ÄÄ ÞÜ ú
    ÜÝDr. Murdock ú Powerful Paul ú RatSnatcher ú Sir Death ú Pressed RatÞÜ ú
    ÜÝ ÄÄ Ä Ä Ä        R  o  R   -   A  l  u  c  a  r  d        Ä Ä Ä ÄÄ ÞÜ ú
    ÜÝÄ The Corporate Headquarters of Shawn-Da-Lay Boy Productions, Inc.ÄÞÜ ú
    ÜÝÄúúúú Ø úúúúSmooth is the Descent and Easy is the Wayúúúúú Ø úúúúúÄÞÜ ú
    ÜÛßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßßÛÜ ú
      úúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúúú

Mp3 search

Another good way of finding MP3s (or other formats) is using Google and typing the following:

parent + directory + mp3 + OR + wma+ #dido#

Replace #dido# by whatever artist you wish to find, for example:

parent + directory + mp3 + OR + wma+ #Lamb#

You should get plenty of dirs with MP3s or WMA files (you could add OGG, etc, to the query). Cheers.

Hacking Techniques

 
****************************
***  HACKING TECHNIQUES  ***
***  Typed By:  LOGAN-5  ***
***   (Hacker Supreme)   ***
***       From the       ***
***   Inner Circle Book  ***
****************************
 
1) CALLBACK UNITS:
 
Callback units are a good security device, But with most phone systems,
it is quite possible for the hacker to use the following steps to get
around a callback unit that uses the same phone line for both incomming
and out going calls:First, he calls he callback unit and enters any
authorized ID code (this is not hard to get,as you'll see in a moment).
After he enters this ID, the hacker holds the phone line open - he does
not hang up. When the callback unit picks up the phone to call the user back,
the hacker is there, waiting to meet it.
 
 The ID code as I said, is simple for a hacker to obtain, because these
codes are not meant to be security precautions.The callback unit itself
provides security by keeping incomming calls from reaching the computer.
The ID codes are no more private than most telephone numbers. Some callback
units refer to the codes as "location identification numbers," and some
locations are used by several different people,so their IDs are fairly
well known.I've been told that, in some cases,callback ubits also have
certain simple codes that are always defined by default. Once the hacker
has entered an ID code and the callback unit has picked up the phone to
re-call him,the hacker may or may not decide to provide a dial tone to
allow the unit to "think" it is calling the correct number. In any event,
the hacker will then turn on his computer, connect with the system - and
away he goes.If the however, the hacker has trouble holding the line with
method,he has an option: the intercept.
 
The Intercept:
 Holding the line will only work with callback units that use the same
phone lines to call in and to call out.Some callback units use different
incoming and outgoing lines, numbers 555-3820 through 555-3830 are dedicated
to users' incoming calls, and lines 555-2020 through 555-2030 are dedicated
to the computers outgoing calls.The only thing a hacker needs in order to
get through to these systems is a computer and a little time - he doesn't
even need an ID code. First,the hacker calls any one of the outgoing phone
lines, which, of course, will not answer.Sooner or later, though, while the
hacker has his computer waiting there, listening to the ring, an authorized
user will call one of the incomming lines and request to be called back.
It will usually be less than an hours wait, but the hacker's computer
is perfectly capable of waiting for days, if need be.
 
 The callback unit will take the code of the authorized user, hang up,
verify the code, and pick up the phone line to call back.If the unit
tries to call out on the line the hacker has dialed, the hacker has his
computer play a tone that sounds just like a dial tone.The computer will
then dial the number given that matches up with the user's authorized ID.
After that,the hacker can just connect his computer as he would in any
other case.If he is really serious,he will even decode the touch tones
that the mainframe dialed,figure out the phone number of the user the
system was calling, call the person, and make a few strange noises that
sound as though the computer called back but didnt work for some reason.
 
2) TRAPDOORS AS A POSSIBLILITY
 
 I haven't heard of this happening, but i think it is possible that a
callback modem could have a trapdoor built into it.Callback modems are
run by software, which is written by programmers.An unscrupulous programmer
could find it very easy to slip in an unpublicized routine, such as,
"if code =*43*, then show all valid codes and phone numbers." And such a
routine, of course, would leave security wide open to anyone who found the
trapdoor.The obvious protection here, assuming the situation ever arises,
is simply an ethical manufactorer that checks its software thoroughly before
releasing it.
 
 A trapdoor is a set of special instructions embedded in the large
program that is the operating system of a computer.A permanent,
hopefully secret "doorway", these special instructions enabe anyone who
knows about them to bypass normal security procedures and to gain access to
the computer's files.Although they may sound sinister, trapdoors were not
invented by hackers, although existing ones are certainly used by hackers
who find out about them.
 
3) THE DECOY
 
 One of the more sophisticated hacking tools is known as the decoy, and it
comes in three versions.The first version requires that the hacker have an
account on the system in question. As in my case,the hacker has a
low-security account,and he tries this method to get higher-security
account.He will first use his low-security account to write a program that
will emulate the log-on procedures of the systems in questions.
This program will do the following:
 
*- Clear the terminal screen and place text on it that makes everything
look as if the system is in charge.
 
*- Prompt for, and allow the user to enter, both an account name and a password.
*- Save that information in a place the hacker can access.
 
*- Tell the use the account/password entries are not acceptable.
 
*- turn control of the terminal back over to the system.
 
The user will now assume that the account name or password was mistyped
and will try again...this time (scince the real operating system is in
control) with more success.You can see a diagram of the way these steps are
accomplished
 
 ___________________  
 |   Clear Terminal   |
 |       screen       |
 |____________________|
           ||
  _________||_________
 |  Print Compuserve  |
 |      Computer      |
 |_____ Network ______|
           ||
  _________||_________
 |   Print "ENTER     |
 |     PASSWORD"      |______
 |____________________|      |
          ||                 |
 _________||_________        |
 |  PASSWORD ENTERED? |__NO__|
 |____________________|  
          ||_YES
 _________||_________
 |   SAVE PASSWORD    |
 |    INFORMATION     |
 |____________________|
          ||
 _________||_________
 |   PRINT "LOGIN     |
 |     INCORRECT      |
 |____________________|
          ||
 _________||_________
|   LOG OFF/RETURN   |
|    CONTROL TO      |
|  OPERATING SYSTEM  |
|____________________|
 
 4) CALL FORWARDING
 
 Many people use call forwarding by special arrangement with the phone
company.When a customer requests call forwarding, the phone company uses
its computer to forward all the customers incomeing calls to another
number. Lets say, for example, that you want calls that come to your office
phone to be forwarded to your home phone: A call from you to the phone
company,some special settings in the phone companys computer, and all
calls to your office will ring at your home instead.This little bit of help
from the phone company is another tool used by hackers. Lets say you thought
that the computer you were hacking into was being watched-because the
sysop might have seen you and called the fed's and your sort of bugged by
this nagging feeling that they will trace the next hacker that calls,
just call the phone company and ask for call forwarding, pick a number,
(ANY NUMBER) out of the phone book and have your calls forwarded to that
number,Hea,Hea, the number you picked is the one that will be traced to,
not yours, so you could be hacking away,they think that they have traced you,
but actually the number you had your calls forwarded too. they enter chat mode
and say (YOUR BUSTED!!!!, WE'VE TRACED YOUR PHONE NUMER THE FEDS ARE ON THE
WAY!!), You could reply (Hea, SURE YA DID! I'D LIKE TO SEE YA TRY AND GET ME!
GO AHEAD!) ,that wont seem very important to them at the time, but it will
sure piss them off when they bust the wrong guy! 
 
5) RAPID FIRE
 
 Memory-location manipulation can be helpful, but there is another, more
powerful,possibility, in some cases: the Rapid-fire method.To understand how
this methos works, you have to know something about the way operationg
systems work.When a user enters a command, the operating system first places
the command in a holding area, a buffer, where it will sit for a few
millionths of a second.The system looks at the command and say's "Does this
person really have authorization to do this, or not?" Then, the command
sits there a few thousandths of a second while the system runs off to
check the user's authorization.When the system comes back to the command,
it will have one of two possible answers: "OK, GO AHEAD," or "SORRY,
GET PERMISSION FIRST."
 
 Once you are on a system that handles things this way, you can

How To Change IP Address

How To: Change Your Ip In Less Then 1 Minute

1. Click on "Start" in the bottom left hand corner of screen
2. Click on "Run"
3. Type in "command" and hit ok

You should now be at an MSDOS prompt screen.

4. Type "ipconfig /release" just like that, and hit "enter"
5. Type "exit" and leave the prompt
6. Right-click on "Network Places" or "My Network Places" on your desktop.
7. Click on "properties"

You should now be on a screen with something titled "Local Area Connection", or something close to that, and, if you have a network hooked up, all of your other networks.

8. Right click on "Local Area Connection" and click "properties"
9. Double-click on the "Internet Protocol (TCP/IP)" from the list under the "General" tab
10. Click on "Use the following IP address" under the "General" tab
11. Create an IP address (It doesn't matter what it is. I just type 1 and 2 until i fill the area up).
12. Press "Tab" and it should automatically fill in the "Subnet Mask" section with default numbers.
13. Hit the "Ok" button here
14. Hit the "Ok" button again

You should now be back to the "Local Area Connection" screen.

15. Right-click back on "Local Area Connection" and go to properties again.
16. Go back to the "TCP/IP" settings
17. This time, select "Obtain an IP address automatically"
tongue.gif 18. Hit "Ok"
19. Hit "Ok" again
20. You now have a new IP address

With a little practice, you can easily get this process down to 15 seconds.

P.S:
This only changes your dynamic IP address, not your ISP/IP address. If you plan on hacking a website with this trick be extremely careful, because if they try a little, they can trace it back

How to hack password protected sites

There are many ways to defeat java-script protected web

sites. S ome are very simplistic, such as hitting ctl-alt-del

when the password box is displayed, to simply turning off

java capability, which will dump you into t he default page.

You can try manually searching for other directories, by

typing the directory name into the url address box of your

browser, ie: you w ant access to www.target.com . Try typing

www.target.com/images .(almost ever y web site has an images

directory) This will put you into the images directo ry,

and give you a text list of all the images located there.

Often, the t itle of an image will give you a clue to the

name of another directory. ie: in www.target.com/images,

there is a .gif named gamestitle.gif . There is a g ood

chance then, that there is a 'games' directory on the site,

so you wou ld then type in www.target.com/games, and if it is

a valid directory, you aga in get a text listing of all thefiles available there.

For a more automated a pproach, use a program like WEB SNAKE

from anawave, or Web Wacker. These pro grams will create a

mirror image of an entire web site, showing all director ies,

or even mirror a complete server. They are indispensable for

locating hidden files and directories.

What do you do if you can't get past an openin g "Password

Required" box? First do an WHOIS Lookup for the site. In our

example, www.target.com . We find it's hosted by www.host.com

at 100.100.100. 1. We then go to 100.100.100.1, and then launch \

Web Snake, and mirror the e ntire server. Set Web Snake to NOT

download anything over about 20K. (not ma ny HTML pages are

bigger than this) This speeds things up some, and keeps yo u

from getting a lot of files and images you don't care about.

This can take a long time, so consider running it right before bed time.

Once you have an image of the entire server, you look through

the directories listed, and find /target. When we open that

directory, we find its contents, and all of i ts sub-directories listed.

Let's say we find /target/games/zip/zipindex.html . This would be the index

page that would be displayed had you gone through the

password procedure, and allowed it to redirect you here.

By simply typ ing in the url

www.target.com/games/zip/zipindex.html you will be on

the index page and ready to follow the links for downloading.