Tuesday, December 13, 2011

MXZ.exe Virus - Download

So here comes the first VIRUS i am posting exclusively for study purpose... Geeks, use it efficiently!

MXZ.exe

  • This simple virus when opened will bring up a Exclamation message box with the title "-W|tch-Doct0r-" and a message saying "I LOVE DLL'S".
  • Simultaneously it will flood your desktop with dll files of 176KB and also the directory(s) "C:/Windows/" and "C:/Windows/System32/"
  • It also disables Ctrl+Alt+Delete in windows XP but has no effect in windows 7.
  • It does not effect any .exe files but heavily slows down the system, and occupies GB's of data in minutes!
  • The virus builds no connection to the internet.

Stoping the virus :
The virus can be stopped by killing the process MXZ.exe from Task Manager.

A screenshot of my computer showing the effect of MXZ virus in 3 minutes

Note : The virus is compressed and password protected, so safe to download
The password for the MXZ Virus is "Ahspbk797ZvxUoh"

{K@R@N}
Posted by at 10:15 PM 1 comments

Wednesday, November 16, 2011

Proxy - Achieving Anonymity in Cyber World

        Anonymity is the state of being Anonymous. Being anonymous means to hide your actual identity and in cyber world your identity is your IP address. But what is the need of anonymity on internet? In simple words, "Security". 


The head??? Again "Don't ask me"

        We regularly use internet, surf the web, use Facebook, and check emails... but possibility there may be someone with an evil eye on you. It can be a hacker residing on your computer, having a look on whatever you are doing or your own Internet Service Provider (ISP) checking for suspicious activities from your side! So in good sense or bad being anonymous on internet is far secure and thus preferred these days!

        This "Anonymity on Internet" is achieved with the help of Proxy Servers. A proxy server acts as an intermediary between your computer and the web pages that you are trying to access. When you request data via a proxy server, the proxy visits the corresponding site or file and downloads it on your behalf and then transfers it to you. In other words your IP address is not given to the web pages, but is provided to the proxy server and the IP address given to the websites you are visiting, is the one allotted to you by the proxy server!

       Proxy servers are accessed using the softwares called Proxy a.k.a IP Hiding softwares. These are responsible for the communication between your machine and proxy servers. One of the best and the freely available proxy software is UltraSurf with tested best performing results.


The password for UltraSurf v11.02 is "kM7GV%%jmzV9i0V" 
The best performing version :
UltraSurf v10.06 ".,w_0Ubw6!Mt?yz

Important thing I would like to share : 

  1. Using a proxy consumes your network services. So comparatively slower internet. Though doesn't sound's much if you have a fast internet connection.
  2. If you are going to hack someone's account or flood some Technology Forum, do use this proxy.
  3. Us the proxy, while making fake accounts on Facebook and absolutely don't login from your computer without using a proxy, don't even to check whether the account has been disabled or not.
  4. I am absolutely not responsible for whatever you do!

"The need to tell you the bad is to help you judge the bad, not to make you bad
We are always on the good side."

{K@R@N}
Posted by at 12:34 AM 0 comments

Sunday, November 13, 2011

Freeze Away Your Computer - Go Deep Freeze

        Every Hacker encounters a situation where he has to work with viruses, spywares and other malicious programs. One of the biggest tools used by hackers during such situation is this Super Software called “DEEP FREEZE” by Faronics. Ever thought why the computers of Virus Makers are not infected by those viruses? This is what they do.... and what I do!
And don’t ask me. This is not my photo ;)


Faronics Deep Freeze helps eliminate computer damage and downtime by making “Computer Configurations Indestructible”. Yes you read it right!!! Once Deep Freeze is installed on a computer, any changes made to the computer—regardless of whether they are accidental or malicious—are never permanent. Deep Freeze provides immediate immunity from many of the problems that plague computers today—inevitable configuration drift, accidental system misconfiguration, malicious software activity, and incidental system degradation.

“While Deep Freeze provides bulletproof protection, its non-restrictive approach also improves user productivity and satisfaction.” Well.... these are the lines the developers use. But I am not a developer so I will use this line “Go on, make viruses in your computer, infect other’s computers, corrupt you enemy’s hard disk... Do whatever you want but Karan (means me) is not responsible”. Coming back on track after controlling my emotions...

If you have installed Deep Freeze then there is absolutely no use of Antivirus on Your Computer as the computer has to reach back to the same state. If you own a cybercafé than people surfing via your computers can do nothing even if they format you complete hard drive. But if he reads my blogs you never know what they can do!

In other words, when the deep freeze is installed and working you can format all your drives and after a restart everything is back and you are like :0 

Providing you with a full retail version of Deep Freeze Standard v6.30.020.1818, use it efficiently and do share it to everyone. The password for the .zip file is "LQVDK7DSXQERCIq(without quotes). You may download the Deep Freeze Manual ("ZR9PH5f$BKNPzIU") and Getting Started ("x67n2dfHVkJ?M1w") ebooks for any other help.

{K@R@N}

Posted by at 11:42 PM 0 comments

Saturday, July 23, 2011

Why Only Dealing With Files

      I usually write in detail, definitely a problem. Some will run away with their foot on their heads. But if you have the passion to learn Hacking then move on.
Always remember "Hacking Is Not About Using Tools - By Karanbir Singh". Lol. Not a quote but "REMEMBER"
                                     
  Talking about saved passwords, there are applications that on execution automatically reveals all saved passwords whether in Internet Explorer, Mozilla Firefox or some messenger. We just have to execute that .exe file and rest is left on the program. Then why I was talking about files in the past three posts? Why to take the headache of knowing this files individually......

         When you are on internet, technically "WAN", you are dealing with files. While browsing web pages, files are first created on the computer as a request file. For example when you log into your Facebook account, a login request is uploaded to the Facebook website (Facebook examples works best...... hehehe). The reply as a result is your homepage which contains lots of photos, texts and many other types of files.

NOW LETS COME IN HACKING FOR THE FIRST TIME
(Remember my motive is to let you know how to think like a Hacker)

Consider a scenario where you are able to make connection with the computer via telnet! Now you know that you can perform all dos commands including basic commands like "Tree", "Copy", "Del" etc. Now if you are only working with these silly applications than to get their passwords you first have to upload that application on that host PC, definitely out of his knowledge. Second is to run the application on that PC again out of his knowledge. See, you don't want that person to know your intentions. Thirdly, save that info in a file and copy it in your computer. Lastly removing all traces of your visit to his computer....


In situations like these, there are many problems to execute your intentions :
1. Uploading the application may be a time consuming process. In some situations even seconds matters.
2. Running that applications out of his knowledge.
3. Finding such awesome applications that allows such features. LOLzzz (let me know if there is one)

But if you are aware of the files in which passwords are saved, then you can directly execute the copy command and later on check them, even offline! Big Deal!!! "Uploading the files on the host PC doesn't matters. What it matters is the time you were connected with that PC and the traces you left on it!"

{K@R@N}
Posted by at 9:07 PM 0 comments

Monday, March 14, 2011

Overview - Firefox Profile ( A better approach)

   Did you know that all the settings you make in Firefox, like your home page, what toolbars you use, saved passwords and bookmarks are all stored in a special profile folder? It's true. Your profile folder is kept in a separate place from the Firefox program so that if something ever goes wrong with Firefox your information will still be there. It also means you can uninstall Firefox without losing your settings and you don't have to reinstall Firefox to clear your information or troubleshoot a problem.

  In my previous two posts, we were basically interacting with that folder directly. The two files key3.db and signons.sqlite are located in this folder called the "Profile Folder".  
Believe me, this is the folder the hacker should look for......
Now, there is a better way to look for the profile folder in Windows Xp, Vista & 7. 

Windows Vista and 7

  1. Click the Windows Start button and type %APPDATA%\Mozilla\Firefox\Profiles\ in the Search box at the bottom of the Start menu, without pressing Enter. A list of profiles will appear at the top of the Start menu.

2.Click on the profile with “default” in the name to open it in a window.


Windows 2000 and XP

  1. Click the Windows Start button, and select Run....
  2.  Type in %APPDATA%\Mozilla\Firefox\Profiles\ then click OK.
  3. A window will open containing profile folders.
  4. Double-click the folder with “default” in the name to open it. 

What information is stored in my profile?

  • Bookmarks and Browsing History: The places.sqlite file contains all your Firefox bookmarks and the list of all the websites you’ve visited. For more information see Bookmarks.
  • Passwords: Your passwords are stored in the key3.db and signons.sqlite files. For more information see Remembering passwords.
  • Site-specific preferences: The permissions.sqlite file stores many of your Firefox permissions that are set on a site-by-site basis. For example, it stores which sites are allowed to display pop-ups.
  • Search engines: The search.sqlite file and search plugins folder store the search engines that are available in the Firefox Search bar.
  • Personal dictionary: The persdict.dat file stores any custom words you have added to Firefox's dictionary. For more information see Using the spell checker.
  • Auto-complete history: The formhistory.sqlite file remembers what you have searched for in the Firefox search bar and what information you’ve entered into forms on websites. For more information see Form autocomplete.
  • Cookies: A cookie is a bit of information stored on your computer by a website you’ve visited. Usually this is something like your site preferences or login status. Cookies are all stored in the cookies.sqlite file.
  • Security certificate settings: The cert8.db file stores all your security certificate settings and any SSL certificates you have imported into Firefox.
  • Download actions: The mimeTypes.rdf file stores your preferences that tell Firefox what to do when it comes across a particular type of file. For example, these are the settings that tell Firefox to open a PDF file with Acrobat Reader when you click on it. For more information see Managing file types.
  • User styles: If they exists, the \chrome\userChrome.css and \chrome\userContent.css files store user-defined changes to either how Firefox looks, or how certain websites or HTML elements look or act.
Posted by at 3:35 PM 0 comments

Wednesday, March 9, 2011

Hacking Firefox's Saved Passwords

  First of all i am not responsible for whatever you do to the PC you are experimenting on, whether you fuck it up.... For me its just for educational purpose!!!

Anyways if you have read my earlier tutorial than you might be knowing how to remove Master Password from Mozilla Firefox Browser. Its quiet easy to look for the password of a particular website and remember it for a few minutes but what if there are multiple usernames and passwords saved by that firefox user and you want to hack them all? Than here comes the need to steal the file that contains all passwords!!!

"If there is a file that saves the Master Password, than there must be some file that contains the saved passwords as well." It is quiet obvious but many of you havn't thought this before. For those who encountered this question in their minds, i want to say something. "Guys, thats a hacking thought! No looking back now."




So this tutorial is written on the fact that all the passwords stored in Firefox should be located somewhere in our computer in some file. It is quiet obvious that the passwords are not saved in "as is" form. Obviously, they are either encrypted or in some ununderstandable form. After a lot of Googling and testing i came on the conclusion that the passwords are saved in the file "signons.sqlite".

In Windows 7, this file is located at :-
D:\Users\<your user account>\AppData\Roaming\Mozilla\Firefox\Profiles\<your profile name>.default
In Windows Xp,
C:\Documents and Settings\<your user account>\Application Data\Mozilla\Firefox\Profiles\<your profile name>.default
NOTE : THE TWO TAGS <your user account> and < your profile name> are different for different users. Change Accordingly......

Now if this file is unreadable than how to look for the passwords? The solution to this is with you, the Firefox itself will reveal all secrets... Muhahaahaaa.

See, you just have to copy this file and replace your own file with this one. Now when you will open your Firefox browser and will look for the passwords than..............surprise surprise!!!

One thing i would like to share here is, we need not worry about Master Password as we are directly dealing with the file that contains the saved passwords. 

{K@R@N}
Posted by at 10:31 PM 0 comments

Thursday, February 17, 2011

Removing Master Password in Firefox

Have you ever checked your friends passwords, saved in Mozilla Firefox browser and encountered a master password just before getting them? Then lemme tell you my friends, the master password is just for dumbos!



Mozilla Firefox has a feature that helps to protect saved usernames and passwords, with a password. This password is called the "master password". A lot of studying and testing led to the conclusion that the master password is saved in a file "key3.db". This Master Password is enabled when the file key3.db that contains the password, is read by the back-end of the Firefox Browser.



In Windows 7, this file is located at :-
D:\Users\<your user account>\AppData\Roaming\Mozilla\Firefox\Profiles\<your profile name>.default
In Windows Xp,
C:\Documents and Settings\<your user account>\Application Data\Mozilla\Firefox\Profiles\<your profile name>.default
NOTE : THE TWO TAGS <your user account> and < your profile name> are different for different users. Change Accordingly......

Now, you just need to delete this file when the browser is closed..... and its done!!!

NOTE: The trick will work on all versions of Mozilla Firefox 3. It may not work on Mozilla Firefox 4.

By using this technique you can perform another trick on your friend. You can insert master password on your friends Firefox browser with your own whether he has the password or not. You just need to follow the following steps:-
1. Open your Firefox Browser.
2. Click Tools->Options->Security.
3. Mark "Use a master password".
4. When prompted, insert the password you want to add to your friend's Firefox browser.
5. Now search for the same file key3.db in the same location from your computer.
6. Copy this file and replace it in your friends computer. You know it where......!

Any Queries are welcomed........
Comment if you like :)
(K@R@N)
Posted by at 11:49 PM 0 comments
Subscribe to: Posts (Atom)
Related Posts Plugin for WordPress, Blogger...