Hack Windows using winAUTOPWN 3.4 –Completing 4 years of windows hacking

winAUTOPWN has been an old favourite to automate windows hacking and vulnerability testing.  The project is the brainchild of Azim Poonawala of [C4]Closed Circuit Corporate Clandestine and saw its first release in 2009. Fast forward to 4 years; it has matured into a good exploitation framework with a plethora of options. As the Author states about it  -

Autohack your targets - even if you have consumed and holding a bottle of 'ABSOLUT' in one hand and absolute ease (winAUTOPWN) in the other.

In layman terms, winAUTOPWN is a unique exploit framework which helps in gaining shell access and pwning (aka exploiting vulnerabilities) to conduct Remote Command Execution, Remote File/Shell Upload, Remote File Inclusion and other Web-Application attacks. To add cherry on the top, it can also help in conducting multiple types of Denial of Service attacks on targets, furthermore, It can also be used to test effectiveness of IDS/IPS and other monitoring sensors/softwares.

You can -

• Download winAUTOPWN from here / mirror
• Read its documentation from here

Ngrep–Grep patterns in Network traffic

We have got a lot of packet sniffer/analyzer software out there, I am a self confessed Wireshark & Ettercap lover, but still, when it comes to analyzing network traffic from command line in a fast manner, ngrep is my one of my favourites. Written by Jordan Ritter its used to “grep” traffic patterns from the network interfaces. As per official documentation -

ngrep is a pcap-aware tool that will allow you to specify extended regular or hexadecimal expressions to match against data payloads of packets. It currently recognizes IPv4/6, TCP, UDP, ICMPv4/6, IGMP and Raw across Ethernet, PPP, SLIP, FDDI, Token Ring and null interfaces, and understands BPF filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop.

ngrep runs on Windows & *nix platforms alike and you need WinPCAP to run it since it relies on it. 

Once you install it, it by default uses the first interface on your machine, so , make sure to check the detected interfaces by running -

C:\Users\RISHABH\Desktop>ngrep -L
idx     dev
---     ---
1:     \Device\NPF_{4D491111-D331-42BC-9A33-98EF8C40D422} (Microsoft)
2:     \Device\NPF_{ADBF6AC1-D111-463D-8D99-C58FA1BEF979} (Sun)
3:     \Device\NPF_{6F801AE0-CA61-4A6D-B5FF-DCB7CE8FC529} (VMware Virtual Ethernet Adapter)
4:     \Device\NPF_{930B6EC8-A5E3-4FFA-B68F-F159FDFC2064} (VMware Virtual Ethernet Adapter)
5:     \Device\NPF_{D1999293-A041-4C2A-B63F-5D8B4906000F} (Realtek PCIe GBE Family Controller)
exit

Now for example you want to check out whats going on at port 23 using interface 5

C:\Users\RISHABH\Desktop>ngrep -d 5  port 23
interface: \Device\NPF_{D1999293-A041-4C2A-B63F-5D8B4906000F} (192.168.1.0/255.255.255.0)
filter: (ip or ip6) and ( port 23 )
exit
0 received, 0 dropped

Piece of cake.. and if you want to filter any website in you are searching for keyword "password" then :

ngrep -d 5 “password” port 80

Easy aint it ? Ngrep does it all : ] With some complex grep commands , you can become a pcap ninja.

Well, you can

1. Download Ngrep from here
2. Check out documentation and examples here
3. Learn about Wireshark from here

Resolve “Setup did not any hard disks drive” error while installing XP over a laptop

One of the most popular topics among our readers is installing Windows XP on your new laptop that comes with Windows 7 / vista computer - sometimes for compatibility reasons, but also because a lot of people just don't like 7 very much.
The problem that people keep running into left and right is getting to the point where XP starts to install and getting the message "Setup did not find any hard disk drives installed in your computer". This error happens because your new computer has a storage controller that isn't supported natively in XP, usually an SATA (Serial ATA) controller.

If you don't have a floppy drive in your computer (who does anymore), then you'll need to use a process called slip-streaming to integrate the storage drivers into your XP installation CD.
It should go without saying that this is an advanced topic, so proceed with caution.
Creating a Custom XP Install
We'll use a software called nLite to create a new XP install cd, so you'll first need to download and install it. Once it starts up, you'll be prompted for your Windows installation, so you'll want to click the Browse button.

First you'll be prompted for the "Windows installation", which really means your XP install CD. Find it and select the root of the installation, and then click OK to go to the next dialog.

Next you'll be prompted on where you want to save the temporary files used during the slip-streaming process. I chose to create a new directory and called it XPISO, but you can put it wherever you'd like. I just recommend to use a new directory.


Lite will copy all the necessary files off the XP installation and into the temporary folder. When it's done, you'll see all the information on which version it is.

Hit the next button until you come to this screen, where you can select what options you want. Select "Drivers" and then "Bootable ISO".

Hit the next button until you get to the screen for selecting drivers. If you click the Insert button, you can choose between adding a single driver or adding a folder of drivers. Since we'll just be loading a single driver, you can choose that option, but you might want to first read the section below about finding drivers for XP.

Browse to the directory where you extracted the driver files, and then select Open. Note that it doesn't really matter which of the *.inf files you choose, because it will select all files in the folder anyway.

nLite will prompt you to select your driver. If you don't know which exact one it is, you can either use Device Manager in Vista to find the exact model, or you can just select all of them. Just be careful not to select a 64-bit driver if you are using 32-bit, or the wrong OS version.


I would recommend including both Storage and Network drivers, as those are the most common drivers that are missing in XP.

Once you proceed to the next screen, now we can finally finish the process. You can choose to directly burn the cd here, or you can select Create Image to create an ISO file that you can burn to a CD using whatever burning tool you have.
Note: If you chose to create an ISO, make sure to use the "Make ISO" button before you click Next.




At this point you can burn the ISO image to a CD, and then start your XP installation process.
Finding Drivers for XP
The best place to search for drivers for your hardware is at the manufacturer's support website. The only problem is that almost every manufacturer seems to distribute their drivers in floppy disk image form, even though the computer they are for doesn't have a floppy drive. Guess nobody has alerted them to get with the program.
We can still extract the drivers using an application called WinImage. Let's run through a quick example… Here you can see the Intel SATA controller driver for my HP computer.

I downloaded and ran the executable, which extracted a file called f6flpy32.exe into a temporary directory. Don't bother trying to run this one, because it'll just prompt you for a floppy drive.

So how to get the drivers out of this file? There are a few options that you can try, depending on how the manufacturer packed the files.

• You can use Winimage to extract them, which is a shareware software, but you can use it during the trial period for free.
• You can try and use WinRar to extract the file. In many instances this will extract a *.flp file, which you can mount in a VMware virtual machine or potentially with some ISO mounting software.
• Some drivers will allow you to automatically extract into a directory. You'll have to try it and see what happens.
• Other methods? If you've got other ideas, leave them in the comments and I'll add them to this list.

Here's the list of files that Winimage can handle, which is quite a lot.

Start WinImage and then open the file, and you should see the contents. Just extract them to a folder, preferably with a useful name so you can remember it later.

Happy Installation…

Required Downloads

• Download Winimage
• Download nlite

Copyright 2008 How to geek – source .All rights reserved .

Remove REGSVR.EXE and New Folder.exe viruses completely

Plug a pendrive into a public computer and you will be pesked by the continuously replicating “New Folder.exe” virus or the “regsvr.exe” virus. Hear my story, while I transferred my notes last night (around 600 folders) and I was surprised to  see that around 450 MB of space was eaten by these self replicating space eaters ! I was running Linux so these were not a concern for me, but when I plugged my pendrive into my virtual machine (windows xp sp3), it caused multiple problems of explorer corruption and disabling registry tools.

Time for some virus busting I guess..here is how you can remove “regsvr.exe” and “new folder.exe” from your computer.

 

Step 1 - Some Startup Repairs

First of all, boot into safe mode.After you get to your desktop,press F3 or Ctrl + F and search for “autorun.inf” file in your computer and delete all the subsequent files. I case you are no able to delete them, select all the files and uncheck the”Read Only” option. If you are still not able to delete them , you might want to try out Unlocker tool to delete the files.

Now go to

start – > run –> type ”msconfig”

and press enter

Go to startup tab and uncheck “regsvr”, click ok and then click on “Exit without restart”.

Now go to

control panel –> scheduled tasks and delete “At1” task listed there.

Once done, close all windows.

 

Step 2 - Changing Configurations

Your registry might be disabled,and you need to activate it back to undo all the malicious changes done by worm.In order to do that, you need to go to

start – > run –> type ”gpedit.msc”

and press enter

then navigate to

users configuration –> Administrative templates –> systems

Find “prevent access to registry editing tools” , double click it and change the option to disable.

Once done, your Regedit will be enabled. In case your task manager is disabled, you need to enable it.

 

Step 3 - Registry Edits

Now we have to perform some registry edits to enable our explorer and to remove all instances of worm from the registry. Go to

start – > run –> type ”regedit”

and press enter

Click on Edit –> Find and search for regsvr.exe . Find and delete all the occurrences of regsvr.exe virus (don't delete  regsvr32.exe as its not a virus).

then navigate to entry

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

and modify the entry

Shell = “Explorer.exe regsvr.exe”

to delete the regsvr.exe from it,so that it becomes

Shell = “Explorer.exe”

Once done, close all windows and get ready to delete all virus files.

 

Step 4 - Deleting Virus Files

The final step is to delete all the virus files in your computer. To do this, Press F3 or Ctrl + F and search for regsvr.exe (make sure to search in hidden folders ) and delete all “regsvr.exe” “svchost .exe” files (notice the gap between ‘svchost’ and ‘.exe’, keep in mind you don't delete the legitimate file.).

Clean your recycle bin and restart your PC (perform a cold boot).

Volia..you have cleaned your computer from regsvr..just make sure to scan your pendrive the next time you plug in :)

 

Like This post ?  You can buy me a Beer :)

Posted by XERO. ALL RIGHTS RESERVED.

Technorati Tags: how to,microsoft,tips n tricks,tutorials,windows tricks,windows vista,rdhacker,prohack,theprohack.com,prohack.in,windows 7,virus writing,security

Windows 7 SP1 leaked in the wild

It has been confirmed that a beta copy of Microsoft's upcoming Windows 7 Service Pack 1 has been leaked on some  Torrent sites. Folks at Redmond have yet to confirm a release date for Windows 7 SP1,despite that , a pre-release copy of the minor updates package appears to be unofficially available for download online.

As The Register asked Microsoft that if it could comment on the apparent leak of the Windows 7 SP1 beta (build 6.1.7601.16537.amd64fre.win7.100327-0053), but Microsoft has still been unavailable to comment.This march,Microsoft’s Brandon LeBlanc commented in a blog post that Windows 7 will be receiving a service pack containing minor security updates and feature tweaks. However, no release date was stated with the post.

last month as Microsoft revealed a more details about Windows 7 Service Pack 1, confirming it would involve a small-fry update to the operating system. As expected there aren't any significant changes in SP1, the biggest is the added RemoteFX functionality when paired with Windows Server. The but the install process is much faster than it was for service packs on Windows Vista. Microsoft as a company sticks to a pretty tight frame when it comes to operating updates and patches,based on this,we can fairly assume that Windows 7 SP1 will not be released until late 2010 at the very earliest.

PS: Dont download the beta from torrent sites, it might be rigged with trojans or custom code by potential virus writes. Wait for the original release.

The Register

 

Like This post ?  You can buy me a coffee :)

 

Posted by XERO. ALL RIGHTS RESERVED.

Technorati Tags: rdhacker,prohack,microsoft,windows 7,sp1,beta leaked,technology news,windows

Disable UAC in Windows 7 easily

Post XP, User Account Control is the single most annoying thing devised by Microsoft, and ironically it steals the amount of control  from user inspite of giving back to it. You might want to disable it cuz it may get peskier to allow each application access to the system resources or to perform even simple actions. Here is how you can disable it easily with practically no sweat
But be warned -Disabling UAC will lead to a less secure system, but its less of a trouble to consider if you are keeping up with us :)
Disable UAC on Windows Vista
Go to Control Panel, and type in “UAC” into the search box,you’ll see a link for “Turn User Account Control (UAC) on or off”. Click on it.

On the next screen,just uncheck the box for “Use User Account Control (UAC)”, and then click OK button.

Restart your PC to see the effects,no more UAC prompts..YAY !!
Disable UAC on Windows 7
Looks like Microsoft learn with the failure of Windows Vista and made it quite easier to  to deal with UAC settings in Windows 7, and in fact you don’t have to completely disable UAC if you don’t want to. Just type UAC into the start menu or Control Panel search box.

Now you can simply drag the slider up or down, depending on how often you want to be alerted.

To disable it entirely, just drag it all the way down.
Voila.. you have done it :)

Cheers

PS : Like this article ? You can always support me by buying me a coffee or You can always try some of the cool merchandize from PROHACK.

POSTED BY XERO ALL RIGHTS RESERVED.

Technorati Tags: windows 7,windows vista,windows xp,microsoft,tips n tricks,tutorials,how to,prohack,rdhacker

Get Vista Address bar in XP

Some of us just cant get enough of XP,yep I am a Vista hater,but recently a question from Mark Levy who emailed me about manually getting all the programs to mod XP into Vista for the sake of fun and geekdom (Quite provoking and  comprehensive email..thanks Mark).I thought for a while decided to give it a go. I really liked the breadcrumbs system in Vista address bar and wanted to add it in XP among some other tweaks.I found a great program using which you can get Vista Breadcrumb’s address bar in Windows XP.

This application should be really helpful for those of you that aren't ready to switch to Windows Vista yet, but want to get some of the new features.
What you need -

1. Windows XP with .Net Framework 2.0 or higher
2. QT AddressBar
3. Free time :P

After downloading QTAddressBar,install it by unzipping the files into the location you'd like to keep them, and then double-click on the QTAddressBar.exe file.

As application launches,Select the Install option, and then click the Next button to register the component with Windows.

The program may ask you to restart your system or to Log off and then login again. Here is a neat trick. Go to task manager,and restart explorer.exe by ending it first and then running it again by selecting File \ New Task option once you kill the process.This will save you from Lo on-Log Off and restart headaches.Actually it just refreshes the explorer shell to check and apply new components.
Once you have restarted the explorer,you can now right-click on the toolbars area and do these two actions:

1. Deselect Address Bar
2. Select QT Breadcrumbs Address Bar

And voila..You'll have an incredibly similar breadcrumbs implementation for Windows XP. Congrats you have applied the breadcrumbs clone in your Windows XP.


Cheers and Keep learning

POSTED BY XERO.ALL RIGHTS RESERVED.Source.

Technorati Tags: get Vista breadcrumbs in XP,windows vista,windows xp,tutorials,tips n tricks,rdhacker,prohack,vista mods,how to,win xp,XP tips,Vista hacks

Enable Windows Vista Hidden Boot Screen

The Windows Vista BootScreen is pointless,dull and in short – BORING. The guys at Redmond,Microsoft (?) decided to hide a more visually appealing boot screen of Windows Vista for that blank piece of art (?). However,the hidden boot  screen can be easily enabled in Windows Vista in full glory and with very little trouble. I'm not sure why they didn't make the boot screen better but I think they wanted to give Windows users a surprise what Vista be hiding underneath (which failed miserably). Seriously,If you really want a better boot screen, you can check out my article on creating a custom boot logo which is easy to pick and good to go :) here 

For the time being,here is how you can enable the hidden boot screen in Windows Vista -

Now..Here's the default boot screen:

And here's the hidden one, called "Aurora" (Nice name..)

For enabling it,all you have to do is type msconfig into the start menu search box, and hit enter.

Now navigate to boot tab,and then check the "No GUI boot" checkbox.

Hit OK and reboot the computer. You should see the new boot screen immediately on restart.

Note: You may get a Windows Defender error on the next startup. You can enable the system config utility using the tray icon and this error will go away.

 

Keep Learning :)

 

POSTED BY XERO.HOW TO GEEK.SOURCE.ALL RIGHTS RESERVED.

Technorati Tags: windows vista,vista,how to,rdhacker,prohack,tips n tricks,hidden boot screen,windows

Get Vista like Taskbar Thumbnail Previews in XP

It was only a matter of time when people started cloning Windows Vista features and modding Windows XP with them. Windows Vista do sports some good features my favorite being is the live thumbnail previews that popup when you mouse over the taskbar. And now I can use them in XP as well..period.

I achieved this by using Visual Tooltip, which is a hybrid dock / thumbnail application. With a few tweaks to the settings, we can make it work just like Vista thumbnails.

Here's how it looks like on my desktop… pretty cool huh?!

To make your thumbnails look the same as mine, just follow these couple of steps. Download and start the application, and open the options from the tray icon.

To make thumbnails bigger,Increase the size of the sliders, and then uncheck the option for "Size proportional to the target window".

Then Click on the Display tab, and then uncheck the "Show window title"

Congrats..You now have Vista like thumbnail previews :)

Download Visual Tooltips

 

Posted by XERO . HOWTOGEEK – source . ALL RIGHTS RESERVED.

Technorati Tags: tips n tricks,windows vista. windows XP,downloads,how to,rdhacker,prohack,vista thumbnail previews in xp,xp tips

Hack Windows Vista Experience ratings

Windows Vista ships with a tool called the Windows System Assessment Tool (WinSAT) which measures the performance characteristics and capabilities of your computer hardware and aggregates it as the Windows Vista Experience Index (WEI). The Windows Experience Index consists of 5 separate sub scores - Processor, Memory (RAM), Graphics, Gaming  Graphics and Hard Disk. The base score is the lowest of all the sub scores and it roughly defines the hardware potential of a computer system.However with many of dissatisfied with the scores we get,geeks around decided to hack it.The concept behind this hack is that WinSAT calculated system score is stored in a XML file which lies deep in Windows directory and by changing the scores there,you can beef up your Windows Experience Base Score and make your friends gawk at it :)
Here is how to do that -

• Open an Explorer Window and navigate to

C:\Windows\Performance\WinSAT\DataStore

and look for the latest XML file [look in the name for dates]

• Right-click the file and select Properties.
• Click the Security tab.
• Click the Edit button.
• When the UAC prompt appears, click Continue.
• Click the Add button.
• Input your username and click OK.
• Select the username and then click the Full Control checkbox in the Allow column and Click OK.
• When the Security prompt appears, click Yes.
• After taking full ownership, open the XML with WordPad. ONLY OPEN WITH WORDPAD. It will look messy if you open it with NotePad.

<WinSPR>
<SystemScore>x.x</SystemScore>
<MemoryScore>x.x</MemoryScore>
<CpuScore>x.x</CpuScore>
<CPUSubAggScore>x.x</CPUSubAggScore>
<VideoEncodeScore>x.x</VideoEncodeScore>
<GraphicsScore>x.x</GraphicsScore>
<GamingScore>x.x</GamingScore>
<DiskScore>x.x</DiskScore>
<LimitsApplied>

• Then change the numbers between the < > </ > with anything you like then save it. Open up

Control Panel  –>  Performance Information and Tools
and voila! Your WEI scores have changed!

Before
After

Posted by XERO . ALL RIGHTS RESERVED.

Technorati Tags: tips n tricks,windows vista,hacking,how to,rdhacker,prohack,hack windows vista,windows experience index

Defragment Multiple drives on Windows

Defragmentation can play havoc with the speed of your computer.For smooth running of windows,disk defragmentation is a must.However the Disk Defragmenter in Windows XP does not include a way to defragment all hard drives at the same time, which is inconvenient when you have more than one hard drive in your computer. 

The method we are going to use is by creating a batch file to defragment all of the drives, one after the other.

The disk defrag utility in Windows XP can be triggered from the command line with the following syntax:

Windows Disk Defragmenter

Copyright (c) 2001 Microsoft Corp. and Executive Software International, Inc.

Usage:

defrag <volume> [-a] [-f] [-v] [-?]

volume drive letter or mount point (d: or d:volmountpoint)

-a Analyze only

-f Force defragmentation even if free space is low

-v Verbose output

-? Display this help text

First, we'll create a file named defragall.bat, and place it anywhere you like, as long as you'll remember where it is. If you want to run it from the command line, you could place it in the windows directory so that it will be available in the system path.

For each hard drive, add a line to the batch file. For instance, if we want to defragment drives C: , D: , and F: we will add these three lines:

defrag c: –f

defrag d: –f

defrag f: –f

To run the defrag, just either double-click on the batch file or start it from the command line.

 

Posted by XERO . HOWTOGEEK . ALL RIGHTS RESERVED .

Technorati Tags: windows,windows tricks,windows xp,windows vista,how to,rdhacker,prohack,defragment harddrives

Create Windows XP CD using NLITE

Hi folks.Sorry my harddisk crashed again..so was not able to post..I formatted my system and that makes me write this post. Many of us format our systems from the supposed legal Windows XP CD’s,the same old vanilla windows installation.   But if you are a power user,you may wish to create your own Windows XP CD with all hacks applied and nitrated with the latest Service pack. Well here is the easiest way to create your own customized Windows XP CD.

You will need

• Nlite
• Latest Service pack (Service Pack 3 as of now).
• Windows Hot-fixes and updates
• Add-ons
• Your (original) Windows XP CD
• Blank CD
• Free Time :P

Here is How to do that

First of all download the above mentioned softwares,collect your drivers and get as much as hot-fixes and add-ons which you want to integrate in your Windows XP CD.

Run Nlite and insert your XP CD. Choose your language and click Next.

Choose your drive and make a new folder on your hard disk. Choose that folder and Nlite will copy all your XP cd there.

Choose your options about integrations and add-ons and user configuration and click next.

Select your service pack and click next. Nlite will integrate service pack into your XP.

Choose the hotfixes to be applied on your windows.

Choose the components you want to remove – like MSN messenger and outlook express 6 (I don't think any body uses them).

Now  finally configure the windows and the miscellaneous options like the background and boot screen and various configurable options.

Now finally apply the speed hacks using the preconfigured options and then hit next.

The process of integration will start and after it ends,You will be provided with the configuration screen where you can enter your CD key,User account settings and network settings and then it will create an ISO file for you which you can burn on any CD with Nero or Alcohol 120% or any CD/DVD burner.

Congrats.. you have created your ultimate Windows XP CD without any hassles.

 

posted by XERO. ALL RIGHTS RESERVED

 

Technorati Tags: how to,tutorials,rdhacker,prohack,windows xp,windows vista,nlite,nlite os,create ultimate xp