Engineer Portal Search

Loading

Monday, May 28, 2012

Take Over the Screen Saver


Take Over the Screen Saver

To activate and deactivate the screen saver whenever you want, goto the following registry key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ScreenSavers
Now add a new string value and name it Mouse Corners. Edit this new value to -Y-N. Press F5 to refresh the registry. Voila! Now you can activate your screensaver by simply placing the mouse cursor at the top right corner of the screen and if you take the mouse to the bottom left corner of the screen, the screensaver will deactivate.



****************
Important Note: Before you read on, you need to keep one thing in mind. Whenever you make changes to the Windows Registry you need to Refresh it before the changes take place. Simply press F5 to refresh the registry and enable the changes. If this does not work Restart your system
****************

Disabling Display of Drives in My Computer


Disabling Display of Drives in My Computer
This is yet another trick you can play on your geek friend. To disable the display of local or networked drives when you click My Computer go to :
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
Now in the right pane create a new DWORD item and name it NoDrives. Now modify it's value and set it to 3FFFFFF (Hexadecimal) Now press F5 to refresh. When you click on My Computer, no drives will be shown. To enable display of drives in My Computer, simply delete this DWORD item. It's .reg file is as follows:
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDrives"=dword:03ffffff


****************
Important Note: Before you read on, you need to keep one thing in mind. Whenever you make changes to the Windows Registry you need to Refresh it before the changes take place. Simply press F5 to refresh the registry and enable the changes. If this does not work Restart your system
****************

Ban Shutdowns : A trick to Play on Lamers


Ban Shutdowns : A trick to Play on Lamers

This is a neat trick you can play on that lamer that has a huge ego, in this section I teach you, how to disable the Shut Down option in the Shut Down Dialog Box. This trick involves editing the registry, so please make backups. Launch regedit.exe and go to :
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
In the right pane look for the NoClose Key. If it is not already there then create it by right clicking in the right pane and selecting New > String Value.(Name it NoCloseKey ) Now once you see the NoCloseKey in the right pane, right click on it and select Modify. Then Type 1 in the Value Data Box.
Doing the above on a Win98 system disables the Shut Down option in the Shut Down Dialog Box. But on a Win95 machine if the value of NoCloseKey is set to 1 then click on the Start > Shut Down button displays the following error message:
This operation has been cancelled due to restrictions in effect on this computer. Please contact your system administrator.
You can enable the shut down option by changing the value of NoCloseKey to 0 or simply deleting the particular entry i.e. deleting NoCloseKey.
Instead of performing the above difficult to remember process, simply save the following with an extension of .reg and add it's contents to the registry by double clicking on it.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoClose"="1"




****************
Important Note: Before you read on, you need to keep one thing in mind. Whenever you make changes to the Windows Registry you need to Refresh it before the changes take place. Simply press F5 to refresh the registry and enable the changes. If this does not work Restart your system
****************

Exiting Windows the Cool and Quick Way



Exiting Windows the Cool and Quick Way
Normally it takes a hell lot of time just Shutting down Windows, you have to move your mouse to the Start Button, click on it, move it again over Shut Down, click, then move it over the necessary option and click, then move the cursor over the OK button and once again (you guessed it) click.This whole process can be shortened by creating shortcuts on the Desktop which will shut down Windows at the click of a button. Start by creating a new shortcut( right click and select New> Shortcut). Then in the command line box, type (without the quotes.)
'C:\windows\rundll.exe user.exe,exitwindowsexec'
This Shortcut on clicking will restart Windows immediately without any Warning. To create a Shortcut to Restarting Windows, type the following in the Command Line box:
'c:\windows\rundll.exe user.exe,exitwindows'
This Shortcut on clicking will shut down Windows immediately without any Warning.


****************
Important Note: Before you read on, you need to keep one thing in mind. Whenever you make changes to the Windows Registry you need to Refresh it before the changes take place. Simply press F5 to refresh the registry and enable the changes. If this does not work Restart your system
****************

Sendmail and Beyond: Tips and Trick


_______________________________________________________________________



Sendmail and Beyond: Tips and Tricks By Hackerx Sasi hackerx@sasi

_______________________________________________________________________



Welcome to yet another Hacking Truths manual. Although this manual comes after a long break, it is really nice to get back to writing for HT. Anyway, in the past, we have had a number of explanations on how to send forged emails, how to play with the Sendmail daemon, email headers and everything else to do with SMTP (Simple Mail Transfer Protocol) and emails. Although this manual too throws light on related matter, it is however more focused on advanced tips and tricks and other uncommon but extremely useful pieces of information.



Now, we have already learnt how one can, telnet to Port 25 of a mail server and send an email (even a forged email) by simply typing out some SMTP commands. However, for the benefit of beginners and to refresh the memory of experienced but forgetful people, we would quickly be going through the process. I promise to make it as short as possible, at the same time easy to understand.



Port 25 is the Sendmail Port where the SMTP daemon runs. This daemon is infact the daemon handling all the outgoing mails. All email clients send mail by connecting to Port 25 of the mail server and issuing SMTP commands. This process is automated and occurs in the background. However, one could also manually connect (telnet) to Port 25 of a mail server and manually type out the SMTP commands in order to send emails. So the basic outline of the entire process as below. For details regarding the usage of individual commands, simply type the word ‘help’ followed by the command at the Sendmail prompt.



Note: The below sends a mail from hackerx@sasi.net.in to ohmyfrnd@sasi.net.in by issuing SMTP commands to the mail server: mail.isp.com Responses from the mail sever have a number preceding them while the commands typed by the user do not have any number preceding.



C:\windows>telnet mail.isp.com



220 mail.isp.com ESMTP Sendmail 8.9.1 (1.1.20.3/07Jul00-0916AM) Thu, 7 Dec 2000 17:18:50 +0530 (IST)

helo hackerx.com

250-mail.isp.com Hello [203.xx.yyy.91], pleased to meet you

mail from: hackerx@sasi.net.in

250 hackerx@sasi.net.in... Sender ok

rcpt to: ohmyfrnd@sasi.net.in

250 ohmyfrnd@sasi.net.in... Recipient ok

data

354 Enter mail, end with "." on a line by itself

This is the part where the body of the message is typed in.

.

250 RAA0000001693 Message accepted for delivery



The headers of the above email as seen by the recipient is as follows:



Return-Path: <hackerx@sasi.net.in>

Received: from hackerx.com by mail.isp.com (8.9.1/1.1.20.3/07Jul00-0916AM)

                id RAA0000001693; Thu, 7 Dec 2000 17:19:49 +0530 (IST)

Date: Thu, 7 Dec 2000 17:19:49 +0530 (IST)

From: Hackerx Fadia <hackerx@sasi.net.in>

Message-Id: <200012071149.RAA0000001693@mail.isp.com>

X-UIDL: 920156a3b926c5193036933e6d04efd5



This is the part where the body of the message is typed in.



Anyway, now that we have recalled the basic outline of the process of manually sending an email, let us move on with the main subject of this manual.



The Subject Field Un-subjected


Now, ever since I released the manual on sending forged emails (Sending emails using SMTP commands) I have received a number of emails asking me questions like: “How to Specify the Subject of an email sent manually by connecting to Port 25 of a system”. Or “How to Specify CC and BCC recipients when doing the same?”  Well, in this section we discuss just that.



Firstly, let us learn how to specify the subject of an email engineered manually by SMTP commands. Well, the process of specifying the Subject remains pretty much similar to the normal process of sending emails manually. Actually all the commands remain the same until we reach the ‘data’ command. After we issue the ‘data’ command, the remote mail server will reply with the below message:



354 Enter mail, end with "." on a line by itself



This server response means that we can start typing the body of our message now. However, it also indirectly specifies that this is the time that we type in the Subject of the email. We can specify the subject of the email as follows:



Subject: Hi



Where ‘subject:’ is the keyword, which tells the mail server that you are ready to type in your subject and ‘Hi’, is the subject of your choice. You can continue with the body of the email by pressing the ‘Enter’ key and typing in the characters. The end with the: ‘ . ‘(Period) and everything else remains the same.



Let us go though the entire process, step by step. Please note that I have inserted comments wherever necessary within brackets. Both the brackets and the characters within the brackets are not a part of the actual commands.



For this example, we need to keep the following pieces of information in mind: 



Mail Server: mail.isp.com

Recipient’s Email Address: ohmyfrnd@sasi.net.in

Sender’s Email Address: hackerx@sasi.net.in

Subject: Hi!!!

Body: This is a test message



C:\windows>telnet mail.isp.com



220 mail.isp.com ESMTP Sendmail 8.9.1 (1.1.20.3/07Jul00-0916AM) Thu, 7 Dec 2000 17:18:50 +0530 (IST)

helo hackerx.com

250-mail.isp.com Hello [203.xx.yyy.91], pleased to meet you

mail from: hackerx@sasi.net.in

250 hackerx@sasi.net.in... Sender ok

rcpt to: ohmyfrnd@sasi.net.in

250 ohmyfrnd@sasi.net.in... Recipient ok

data

354 Enter mail, end with "." on a line by itself

subject: Hi!!!

This is a test message

.

250 RAA0000001693 Message accepted for delivery



Now if you examine the headers of this email, you will find that they unlike the headers that we viewed earlier in the manual will have a separate Subject line.



Return-Path: <hackerx@sasi.net.in>

Received: from hackerx.com by mail.isp.com (8.9.1/1.1.20.3/07Jul00-0916AM)

                id RAA0000001693; Thu, 7 Dec 2000 17:19:49 +0530 (IST)

Date: Thu, 7 Dec 2000 17:19:49 +0530 (IST)

From: Hackerx Fadia <hackerx@sasi.net.in>

Message-Id: <200012071149.RAA0000001693@mail.isp.com>

Subject: Hi!!!!

X-UIDL: 920156a3b926c5193036933e6d04efd5



This is a test message



CC’s and BCC’s


What are the SMTP commands equivalent to the BCC and CC fields of your email client? Well, this question has only one simply answer: none. The following few lines will tell us why.



To understand the answer to the above question, let us first understand how exactly does an email client handle a CC or a BCC. How does it do what we are supposed to do with the CC and BCC features?



Now, when you hit the Send button, then your email client connects to Port 25 of the mail server that you specified during the configuration time. Then it will issue SMTP commands to the remote mail server and send it the required information. And in this process your email is sent. The order in which the various SMTP commands are given is same as described earlier.



Normally, when you have only a single recipient, then your email client issues only a single ‘RCPT TO:’ command, to the mail server. However, when there is more than a single recipient, then the email client issues multiple instances of  ‘RCPT TO:’ Or in other words, when the CC field of your email client is not empty then multiple RCPT commands are issued.



You see the Simple Mail Transfer Protocol does not provide any special command for CC’ing an email to someone. The entire concept of CC relies on the issue of multiple RCPT commands to the mail server. The same is the case when you have multiple recipients in the ‘To:’ field of the email client. So basically this means that it really doesn’t matter whether you add a recipient’s email address to the CC field or to the ‘To:’ field. The SMTP command issued and the headers created will remain the same.



 Let us take a practical example to make it clearer. The recipients’ list for this example is as follows:



To: hackerx@sasi.net.in; hackerxfadia@hotmail.com

CC: hackerx_Fadia@hotmail.com ; ohmyfrnd@sasi.net.in



In this case, the following are the commands, which will send a blank email with the subject ‘test’ from the email address: test@sasi.net.in to the above list of recipients.



C:\windows>telnet mail.isp.com



220 mail.isp.com ESMTP Sendmail 8.9.1 (1.1.20.3/07Jul00-0916AM) Thu, 7 Dec 2000 17:18:50 +0530 (IST)

helo hackerx.com

250-mail.isp.com Hello [203.xx.yyy.91], pleased to meet you

mail from: test@sasi.net.in

250 test@sasi.net.in... Sender ok

rcpt to: hackerx@sasi.net.in

250 hackerx@sasi.net.in... Recipient ok

rcpt to: hackerxfadia@hotmail.com

250 hackerxfadia@hotmail.com... Recipient ok

rcpt to: hackerx_fadia@hotmail.com

250 hackerx_Fadia@hotmail.com... Recipient ok

rcpt to: ohmyfrnd@sasi.net.in

250 ohmyfrnd@sasi.net.in... Recipient ok

data

354 Enter mail, end with "." on a line by itself

subject: Test

.

250 RAA0000001693 Message accepted for delivery



Get it? Now, let us move on to as to how BCC works.



Now, in the above case i.e. in the case of CC, the email client used multiple RCPT’s in the same SMTP session to send the same email to multiple recipients. However, in such a case the email any recipient can view the email addresses of all the recipients. The reason behind this privacy invasion is the fact that a single email sent to either a single or multiple recipients has to have the same exact email headers. This means that all recipients in the ‘CC’ and ‘To’ fields of the same email have to have the same email headers. This is due to the fact that the email addresses of all the recipients were given to the mail server during the same SMTP session. All this may sound quite vague and weird. If that is the case, then read the following paragraphs to understand better.



Now, when you CC a single email to multiple recipients (Say 3) then the following procedure takes place:



Email Client Starts Session at remote mail server.

It introduces itself and the sender.

It uses multiple RCPT commands to send the same email to multiple recipients.

The email client disconnects.



As the email addresses of all the recipients are mentioned in the same session at the remote mail server, they constitute the same email headers. Thus all the recipients are able to view the email addresses to which this email was sent.



Now, in a situation, when we BCC the same email to multiple recipients (Say 2) then the following procedure takes place:



Email Client Starts Session at remote mail server.

It introduces itself and the sender.

It uses a single RCPT commands to send the same email to the first email address in the BCC list.

The email client disconnects.

It again starts a new session at the remote server.

It again introduces itself and the sender.

It uses a single RCPT commands to send the same email to the second email address in the BCC list.

The email client disconnects, once again.



In this case, each recipient was sent an email through a unique session at the remote mail server, thus each recipient received unique email headers and the identity of none of the other recipients in the BCC list was not given away.



The above description of the usage of CC and BCC is based on how Outlook Express works. However, actually Sendmail does provide a manner in which the CC recipients can be specified. After giving the DATA command, one can give the CC list by giving the following command:



CC:Recipient List



However, giving the BCC command instead of CC does not produce the desired result.



Sending Attachments through Sendmail


Today, MIME attachments are used to transfer files attached to an email. MIME attachments use Base64 encoding to encode the binary data. Earlier another encoding standard was used, which was called the Uuencode encoding standard. You can send attachments through Sendmail using any of the above methods.



UU-encoding or Unix-to-Unix encoding is an encoding standard, which converts all kinds of files into ASCII for safe transmission over Networks. Files, which are to be sent over networks, are encoded at the sender’s end and decoded at the receiver’s end. This ensures that files (attachments) can be transferred over different kinds of networks, systems routers etc without any loss. However, this method turned out be corruption prone and is thus not the most preferred one.



According to a University, the basic mechanism of UU-encoding is as follows:



The basic scheme is to break groups of 3 eight-bit characters (24 bits) into 4 six-bit characters and then add 32 (a space) to each six-bit character, which maps it into the readily transmittable character. Another way of phrasing this is to say that the encoded 6 bit characters are mapped into the set: `!"#$%&'()*+,-./012356789:;<=>?@ABC...XYZ[\]^_ for transmission over communications lines.



Such encoding increases the file size by about 42%. So, the mechanism of UU-encoding can be concluded as follows:



File is Uuencoded at sender’s end --------------------à File is Uudecoded at the receiver’s end.



All attachments too can be sent over networks in uuencoded form.



You see if you enter the uuencoded code of any file after you have issued the DATA command at the Sendmail prompt, then the recipient will be able to receive the attachment and view it too. Almost all email clients allow Uudecoding. (Even if the email client used by the recipient does not allow Uudecoding then are several utilities, which do it for you.) All files including images, audio files, video files, text files etc can be encoded by the Uuencoding standard to obtain the uuencoded code.



The method by which attachments in the form of their uuencoded form can be sent as attachments is a 2-step process-:



Converting the file to be sent as an attachment into uuencoded form.

Given the uuencoded form to the mail server after the DATA command.



Let, us first tackle the first step:



If you are using a Windows platform, then all you need to perform Uuencoding is WinZip. If you do not already have WinZip, then you could get it from: http://www.winzip.com



WinZip can easily be used for obtaining the Uuencode of any file. Simply create a new archive containing the file you want to Uuencode and select Action > Uuencode. You could also simply press Shift + U.

WinZip will save the Uuencode form of the .zip file in the form: filename.uue


A typical .uue file (In this case of an image file) would be as follows:





_=_

_=_ Part 001 of 001 of file new.zip

_=_



begin 666 new.zip

M4$L#!!0``@`(`#5S_RCDJL7+;P```'4````'````;F5W+F=I9G/W=+.P3)1G

MX&%8R``"_T$`Q%#\R<+(P,#(H`/B@.0=F-QZ\INZ%.\\$DX(:]"N_76TM7"V

M:6]\T+)755;)-P(C;UB]*)FR+OSYCGV';_HI7<P)::DQ$Y_Y[%*(UX1`H4U;

M3Z55KVB;<EV#@<$:`%!+`0(4`!0``@`(`#5S_RCDJL7+;P```'4````'````

K````````(`"V@0````!N97<N9VEF4$L%!@`````!``$`-0```)0`````````

`

end



The first few lines are only comments added by WinZip and are not actually a part of the Uuencoded code. So, simply eliminate everything above the following line:



begin 666 new.zip



This gives you the Uuencode code of the file you want to transmit as an attachment using Sendmail.



********************

HACKING TRUTH: If you are on a Unix platform then getting the Uuencode of a file becomes extremely easy. Simply go to the Unix shell so you can use uuencode on the file you're trying to send. For purposes of this example, let's presume the file you're trying to send is called "myfile.doc".



At the Unix shell prompt, type the command:



                uuencode myfile.doc myfile.doc > tempfile.uu



This tells the uuencode command to encode the file "myfile.doc" and store the name "myfile.doc" in the resulting encoded file. The results are then redirected (by the > sign) into another file that you'll place into your mail message later.



DOS versions of this utility are also easily available at various download sites.

********************



Now, once you have encoded the file and obtained the Uuencoded form, then all you need to do is Copy it and Paste it after the DATA command has been issued at the Sendmail prompt. This will send the file as an attachment.



This was the method in which one can send attachment using the Uuencoding standard. I will describe how to send attachments using the new MIME standard in the later version of this manual.



More Sendmail Tips and Tricks


Normally when you connect to the Sendmail Port of a system, then you only have standard SMTP commands available to you. Although they are more than what you will ever need, however, for those of you who like to play with various options, there are also some other commands, which are by default not available to you.



What I am talking about here is ESMTP commands or Extended Mail Transfer Protocol commands. A mail server with ESMTP enabled decides whether these ESMTP commands are available to the client on the basis of how the client introduces itself to it. Now, normally you introduce yourself by giving the below command:



HELO domain



Now, when you introduce yourself using the HELO command, then most mail servers by default make only the SMTP commands available to the client. Now, in order to make sure that even the ESMTP commands are available to you, you need to introduce yourself to the server by the EHLO command. For Example:



ehlo hackerx.com



Now, if the mail server you are connected to, has ESMTP enabled, then it will respond by giving a list of ESMTP commands. Something like the below:



220 mail.isp.com ESMTP Sendmail 8.9.1 (1.1.20.3/07Jul00-0916AM) Thu, 7 Dec2000 17:18:50 +0530 (IST)

ehlo hackerx.com

250-mail.isp.com Hello [203.xx.yy.91], pleased to meet you

250-EXPN

250-VERB

250-8BITMIME

250-SIZE

250-DSN

250-ONEX

250-ETRN

250-XUSR
250 HELP



********************
HACKING TRUTH: One way of finding out whether your ISP has ESMTP commands enabled, is to see the daemon banner that comes up, when you telnet to Port 25 of its mail server. The word ‘ESMTP’ tells you that such commands are available. For Example,



220 mail.isp.com ESMTP Sendmail 8.9.1 (1.1.20.3/07Jul00-0916AM) Thu, 7 Dec2000 17:18:50 +0530 (IST)

*******************



Coming Soon (Probably on Monday): How to send more authenticate mails. More Tricks to play with email headers.



Hackerx Fadia

hackerx



http://www.attackerworld.blogspot.com



To receive manuals on EVERYTHING YOU DREAMT OF written by Hackerx SASI, in your Inbox join his mailing list, by sending a blank email to: programmingforhackers-subscribe@egroups.com






Wednesday, May 16, 2012

Windows 7 uses only 3Gb out of 4Gb which i have


Due to an architectural decision made long ago, if you have 4GB of physical RAM installed, Windows is only able to report a portion of the physical 4GB of RAM (ranges from ~2.75GB to 3.5GB depending on the devices installed, motherboard's chipset & BIOS).
This behavior is due to "memory mapped IO reservations". Those reservations overlay the physical address space and mask out those physical addresses so that they cannot be used for working memory. This is independent of the OS running on the machine.
Significant chunks of address space below 4GB (the highest address accessible via 32-bit) get reserved for use by system hardware:
• BIOS – including ACPI and legacy video support
• PCI bus including bridges etc.
• PCI Express support will reserve at least 256MB, up to 768MB depending on graphics card installed memory
What this means is a typical system may see between ~256MB and 1GB of address space below 4GB reserved for hardware use that the OS cannot access. Intel chipset specs are pretty good at explaining what address ranges gets reserved by default and in some cases call out that 1.5GB is always reserved and thus inaccessible to Windows.
When looking at memory in systems (be it desktop or notebook) there are three questions to ask that will tell you the maximum amount of memory your O/S will be able to use:
1. What O/S Edition have you installed?
a. 32-bit Windows is limited to a maximum of 4GB and cannot see any pages above 4GB.
b. 64-bit Windows can use between 8GB and 128GB depending on SKU.
2. What address range can your processor actually access?
a. Typically that’ll be 40-bit addressing today for x64 (Intel EM64T/AMD64), but older processors may be limited to 36-bit or even 32-bit
3. Can your system’s chipset map memory above 4GB?
a. Mobile chipsets on sale today cannot (but that may change with time)
b. Newer workstations (which use chipsets developed for single or multi-proc servers) usually can.
Windows can remap memory from below 4GB to above 4GB and use it there, however, that relies on the three points above:
1. Can Windows access memory above 4GB?
a. 32-bit – NO
b. 64-bit – Maybe (due to chipset limitations)
2. Can your processor access memory above 4GB?
a. If it’s recent then it might, and if it’s either AMD64 or EM64T it’s almost certain
3. Does your chipset allow pages to be remapped above 4GB?
a. Probably not – and that’s what’s catching people who install 64-bit Vista to work around point 1 – they find they still cannot see above 4GB
In some cases, OEMs may be able to tweak their BIOS to reserve less memory for platform use, but we’re not talking a huge difference (ie, 100’s of MBs).
In the end a 32-bit OS and/or application can only, ever, handle 4GB of memory at a time, the AWE stuff just swaps chunks of memory in and out of that 4GB space, thus fooling the application and OS into using more space than it can “see”.
Physical Address Extension (PAE), extends the physical address space to 36-bits if your HW supports this. For most operations, the processor execution units will only see 32-bit addresses, the MMU will take care of the translation to 36bit addresses. No swapping here, only page translations (which are used regardless of PAE being on or not), this is a fundamental feature of any virtual memory operating system.
The OS and apps only see 32-bit addresses because the registers are limited to 32-bits (hence the “32-bit” architecture nomenclature). These are linear addresses which are extended to 36-bits in the translation to physical addresses, but they never show up in registers since there’s no room. It’s all internal until the address lines coming out of the chip are toggled. Thus my comment above about “if your H/W supports this (PAE)". I’m not going into how that works…
So, the OS can happily handle up to 64 GB of memory for 32-bit PAE-able systems.
Hope this helps explain the whole, ‘Why can’t I see 4 Gig of RAM in my system?” thing…
BTW – This does not change for Vista either…

Tuesday, April 10, 2012

your own mobile number

Find out your own mobile number :

Type the code(below) on your mobile screen a you will see your mobile number

Airtel - *141*123#
Aircel - *888# 
Docomo - *1#
Idea - *789#
Reliance - *1#
Videocon - *1#
Virgin - *1#
Vodafone - *555*0#