Windows

Windows being very popular has a lot of programs available which can be used to hack the login password. One of the most successful  program is Ophcrack, and it is free. Ophcrack is based on Slackware, and uses rainbow tables to solve passwords up to 14 characters in length. The time required to solve a password? Generally 10 seconds. The expertise needed? None.

Simply download the Ophcrack ISO and burn it to a CD (or load it onto a USB drive via UNetbootin). Insert the CD into a machine you would like to gain access to, then press and hold the power button until the computer shuts down. Turn the computer back on and enter BIOS at startup. Change the boot sequence to CD before HDD, then save and exit.

The computer will restart and Ophcrack will be loaded. Sit back and watch as it does all the work for your. Write down the password it gives you, remove the disc, restart the computer, and log in as if it were you own machine.

You can download OphCrack from the following link:

http://ophcrack.sourceforge.net/

Linux

Linux is an operating system which is quickly gaining popularity in mainstream, but not so common that you’re likely to come across it. Though Mac and Linux are both based on Unix, it is easier to change the password in Linux than it is OS X.

To change the password, turn on the computer and press the ESC key when GRUB appears. Scroll down and highlight ‘Recovery Mode’ and press the ‘B’ key; this will cause you to enter ‘Single User Mode’.

You’re now at the prompt, and logged in as ‘root’ by default. Type ‘passwd’ and then choose a new password. This will change the root password to whatever you enter. If you’re interested in only gaining access to a single account on the system, however, then type ‘passwd username’ replacing ‘username’ with the login name for the account you would like to alter the password for.

Mac

Finally we take on Mac’s OS X which as we said earlier is based on Unix and is difficult to change password compared to Linux but nothing is  impossible to be hacked.

The easiest method would be to use Ophcrack on this also as it works with Mac and Linux in addition to Windows. However, there are other methods that can be used, as demonstrated below.

If the Mac runs OS X 10.4, then you only need the installation CD. Insert it into the computer, reboot. When it starts up, select UTILITIES > RESET PASSWORD. Choose a new password and then use that to log in.

If the Mac runs OS X 10.5, restart the computer and press COMMAND + S. When at the prompt, type:

fsck -fy

mount -uw /

launchctl load /System/Library/LaunchDaemons/com.apple.DirectoryServices.plist

dscl . -passwd /Users/UserName newpassword

That’s it. Now that the password is reset, you can login.

The reason behind this is that Google uses a Bot called GoogleBot and most of websites which force users to register or even pay in order to search and use their content, leave a backdoor open for the GoogleBot because a prominent presence in Google searches is known to generate sales leads, site hits and exposure. Examples of such sites are Expert-Exchange, Windows Magazine, .Net Magazine, Nature, and many other sites around the globe.

What if you could disguise as GoogleBot then you can also see what GoogleBot can.

How to Disguise as GoogleBot?

It is Quite simple. You just need to change your browser’s User Agent. To change your Browser’s User Agent follow the steps given below:

• Copy the following code segment into a notepad file and save it as Useragent.reg or you may also download it.
  

  Windows Registry Editor Version 5.00
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent]
  @=”Googlebot/2.1″
  “Compatible”=”+http://www.googlebot.com/bot.html”

• Now Double-Click on the file Useragent.reg to merge the registry file into your Windows Registry.
• Now Restart your computer. This is required to apply the changes made into the Registry.
• Voila! You’re done! Now you have become GoogleBot.

How Revert back to Normal Agent?

• For IE users : To restore the IE User Agent, Follow the Given Steps Below:
  • Copy the following code segment into a notepad file and save it as Normalagent.reg or you may also download it:
    

    Windows Registry Editor Version 5.00
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent]
    @=”Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)”

  • Now Double-Click on the file Normalagent.reg to merge the registry file into your Windows Registry.
  • Now Restart your computer. This is required to apply the changes made into the Registry.
• For Opera Users : Opera allows on-the-fly for switching of User Agents through its “Browser Identification” function.
• For Firefox users : Just download User Agent Switcher extension for Firefox.
  • Now Goto Tools -> User Agent Switcher -> Options -> Options.
  • Click “User Agents”
  • Click ” Add” and fill the following information  in the form
    • Description: Googlebot
    • User Agent: Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
    • App Name: Googlebot
    • App Version: 5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
    • Platform: +http://www.google.com/bot.html
    • Vendor:
    • Vendor Sub:
  • Click “OK”.
  • Now you may change the user agent on the fly.

[What]
A botnet is a group of computers or servers all compromised with the same backdoor. The interesting thing about botnets is that these backdoors often have the ability to interact with other members of the botnet, and can also be controlled by the botnets owner. This can result in a single command, e.g. DDoS Microsoft.com, to flow down a chain of command in an instant, telling each member of the botnet to follow it. They also often leave backdoors accessible to the botnet user, and some even have built-in protocols for updating themselves. There are multiple chains of command that have been used in botnets, and these are:

P2P botnets, using these a command can be sent by the hacker to a single member of the botnet, and this single botnet will pass the command on to a handful of other members, which will carry on the chain and so on and so forth. the advantages of this are you cannot stop the botnet by taking out one member, but you would have to block the botnet completely. The problem is it is easy for individual bots to become separated from the rest of the net, usually resulting in being fixed.

Heirarchial botnets, which have different members assigned “ranks” in the command chain and are given specific bots to manage. Using this, the hacker might send a command to 4 different bots, which each pass the message on to 100, which each pass it on to 100. The problem with these is that the botnet can be shut down by removing the hack from one of the higher-up bots. The good thing about these is they can be very easily automated, and can pass reports of the computers up the chain as well as pass exploit upgrades down.

and single server bots, which all take their commands from one computer, these are very easy to make but are near enough useless.

[Propagation]
Botnets can be propagated by the hacker themselves, eg whenever they root a server or trojan a computer they add their program in too, run it and that computer becomes a bot. Another way is by mimicing worms and spreading through emails, p2p or instant messaging. Be imaginative, there are many ways of propagating that havent been tried yet.

[usage]
I will give an example of how a p2p botnet would be structured.
The bots propagation method is by exploiting a flaw in the security system of linux, and uses it to get root access.
The bot has a p2p structure, and can pass patches down the chain as well as commands.
The bot is automated by adding any computers it hacks to its own list of child bots(ones under its own command), and runs a check similar to ping to test if the net is up on the child before sending commands/patches.

[Famous Examples]
the storm worm:
This is an email-spread worm that takes over windows machines and injects a driver into the windows kernel to keep root. It currently has control of between 1- and 10- million windows machines around the world. It is extremely flexible, and has avoided gaining a signature for a massive amount of time.
There are many of examples on wikipedia of these, and google yields some interesting results.

I hope you enjoyed reading this article