Saturday, December 22, 2007

IP Address Hack, n all bt it !!

IP Address Hack, n all bt it !!


also visit contd Page
IP Hack contd..



In here I have figure out some very easy but cool ways to trace out the geographical location and various other infos like ISP details etc of a remote computer using its IP.

Well I guess its one of the most important must learn manul for boys out there if you want to impress your friends particularly gals whom you’ll meet online in a chat room and tell them their geographical locations and ISP details and make them surprised and impressed .

In the practical execution of this manual you don’t have to work much as it is very simple only you have to use your brain to understand some symbols and some format of expressions and use your IQ to execute things the right way.



What is IP and how to get the IP of a remote system::



Getting the IP or Internet Protocol of a remote system is the most important and the first step of hacking into it. Probably it is the first thing a hacker do to get info for researching on a system. Well IP is a unique number assigned to each computer on a network. It is this unique address which represents the system on the network. Generally the IP of a particular system changes each time you log on to the network by dialing to your ISP and it is assigned to you by your ISP. IP of a system which is always on the network remains generally the same. Generally those kind of systems are most likely to suffer a hacking attack because of its stable IP. Using IP you can even execute system commands on the victim’s computer.

Lets take the example of the following IP address: 202.144.49.110 Now the first part, the numbers before the first decimal i.e. 209 is the Network number or the Network Prefix.. This means that it identifies the number of the network in which the host is. The second part i.e. 144 is the Host Number that is it identifies the number of the host within the Network. This means that in the same Network, the network number is same. In order to provide flexibility in the size of the Network, here are different classes of IP addresses:



Address Class Dotted Decimal Notation Ranges

Class A ( /8 Prefixes) 1.xxx.xxx.xxx through 126.xxx.xxx.xxx

Class B ( /16 Prefixes) 128.0.xxx.xxx through 191.255.xxx.xxx

Class C ( /24 Prefixes) 192.0.0.xxx through 223.255.255.xxx



The various classes will be clearer after reading the next few lines.



Each Class A Network Address contains a 8 bit Network Prefix followed by a 24-bit host number. They are considered to be primitive. They are referred to as "/8''s" or just "8's" as they have an 8-bit Network prefix.

In a Class B Network Address there is a 16 bit Network Prefix followed by a 16-bit Host number. It is referred to as "16's".



A class C Network address contains a 24-bit Network Prefix and a 8 bit Host number. It is referred to as

"24's" and is commonly used by most ISP's.



Due to the growing size of the Internet the Network Administrators faced many problems. The Internet routing tables were beginning to grow and now the administrators had to request another network number from the Internet before a new network could be installed at their site. This is where sub-netting came in.



Now if your ISP is a big one and if it provides you with dynamic IP addresses then you will most probably see that whenever you log on to the net, your IP address will have the same first 24 bits and only the last 8 bits will keep changing. This is due to the fact that when sub-netting comes in then the IP Addresses structure becomes:



xxx.xxx.zzz.yyy



where the first 2 parts are Network Prefix numbers and the zzz is the Subnet number and the yyy is the host number. So you are always connected to the same Subnet within the same Network. As a result the first 3 parts will remain the same and only the last part i.e. yyy is variable.

***********************



For Example, if say an ISP xyz is given the IP: 203.98.12.xx Network address then you can be awarded any IP, whose first three fields are 203.98.12. Get it?



So, basically this means that each ISP has a particular range in which to allocate all its subscribers. Or in other words, all subscribers or all people connected to the internet using the same ISP, will have to be in this range. This in effect would mean that all people using the same ISP are likely to have the same first three fields of their IP Addresses.



This means that if you have done a lot of (By this I really mean a lot) of research, then you could figure out which ISP a person is using by simply looking at his IP. The ISP name could then be used to figure out the city and the country of the person. Right? Let me take an example to stress as to how cumbersome but easy (once the research is done) the above method can be.



In my country, say there are three main ISP’s:



ISP Name Network Address Allotted



ISP I 203.94.47.xx

ISP II 202.92.12.xx

ISP III 203.91.35.xx



Now, if I get to know the IP of an e-pal of mine, and it reads: 203.91.35.12, then I can pretty easily figure out that he uses ISP III to connect to the internet. Right? You might say that any idiot would be able to do this. Well, yes and no. You see, the above method of finding out the ISP of a person was successful only because we already had the ISP and Network Address Allotted list with us. So, what my point is, that the above method can be successful only after a lot of research and experimentation. And, I do think such research can be helpful sometimes.



Also, this would not work, if you take it all on in larger scale. What if the IP that you have belongs to someone living in a remote igloo in the North Pole? You could not possibly get the Network Addresses of all the ISP’s in the world, could you? If yes please send it to me J.



Well now I guess you have pretty good knowledge about what an IP is and what you can do by knowing the IP of a remote system. Now lets come to the point of finding out the IP of remote system.

Well you can easily figure out the IP of a remote system using the netstat utility available in the microsoft’s version of DOS. The netstat command shows the connections in which your system is engaged to and the ports they are using. Suppose you are checking your mail in hotmail and you want to find out the IP of msn. All you need to do is to open a dos window (command.com) and type netstat. You will see all the open connections of your system. There you will see something :



Proto Local Address Foreign Address State

TCP abhisek:1031 64.4.xx.xx:80 ESTABLISHED



Now you got the IP address of hotmail ass 64.4.xx.xx .

Similarly you can figure out the IP address of most http or ftp connections.



To know your own IP type the following command in a dos windows

C:\netstat –n

[this commands converts the IP name into IP addresses]

this is what you will probably see on typing the above command :



Proto Local Address Foreign Address State

TCP 203.xx.251.161:1031 194.1.129.227:21 ESTABLISHED

TCP 203.xx.251.161:1043 207.138.41.181:80 FIN_WAIT_2

TCP 203.xx.251.161:1053 203.94.243.71:110 TIME_WAIT

TCP 203.xx.251.161:1058 194.1.129.227:20 TIME_WAIT

TCP 203.xx.251.161:1069 203.94.243.71:110 TIME_WAIT

TCP 203.xx.251.161:1071 194.98.93.244:80 ESTABLISHED

TCP 203.xx.251.161:1078 203.94.243.71:110 TIME_WAIT



Here 203.xx.251.161 is your IP address.



Now lets clarify the format used by netstat :



Proto : It shows the type of protocol the connection with the remote system is using.

Here TCP (transmission control protocol) is the protocol used by my system to connect to other systems.



Local Address : It shows the local address ie the local IP. When the netstat command is executed without –n switch then the name of the local system is displayed and when the netstat is executed with –n switch then the IP of the local system is displayed. Here you can also find out the port used by the connection.

xxx.yyy.zzz.aaa:1024

in this format you will see the local address. Here 1024 is the port to which the remote system is connected in your system



Foreign Address :: It shows the IP address of the remote system to which your system is connected. In this case also if the netstat command is excuted with –n switch then you directly get the IP of the victim but if the netstat is executed without –n switch then you will get the address of the remote system. Something like



C:\netstat

Proto Local Address Foreign Address State

TCP abhisek:1031 msgr.lw4.gs681.hotmail.com:80 ESTABLISHED



Here msgr.lw4.gs681.hotmail.com is the address of the foreign system . putting this address in any IP lookup program and doing a whois lookup will reveal the IP of the remote system.



Note: The port to which your system is connected can be found from this in the same way as I have shown in the case of local address. The difference is that, this is the port of the remote system to which your computer is connected to.

Below I have produced a list of ports and popular services generally found to be running.

21 :: FTP port

80 :: http port

23 :: Telnet port



Note: If your execute the netstat command and find ports like 12345,27374 are open and are in use then make it sure that your sweat heart computer is infected with her boyfriend.. J J J J I mean your computer is infected with some sort of Trojan.

Below I have produced a list of commonly known Trojans and the ports they use by default. So if you find these ports open then get a good virus buster and get these stupid servers of the Trojans kicked out. Well if you want to play with these Trojan by keeping them in your computer but not letting them ruin your system performance then just disble it from the system registry run and they wont be loaded to memory each time when windows starts up[This trick doesn’t work for all Trojans].



Netbus :: 12345(TCP)

Subseven :: 27374(TCP)

Girl Friend :: 21554(TCP)

Back Oriface :: 31337 (UDP)



Well guys and gals I hope you are now well familiar with the term IP and what is the utility of IP in cyber world and how to get the IP of a remote system to which you are connected. I hope you find my writings very easy to undertstand. I know I lack the capacity of explaining myself but I try my level best to make things very easy and clear for you’ll.



How to get the IP of a remote system while chatting through msn messenger ::



This is a tutorial on how to get IP address from MSN messenger. This is actually
a really easy thing to do. It is not like going through the hard time and reversing
MSN messenger like many people think.

The IP address is only given when you accept or are sending a file through MSN
messenger. When you send IM's, the message is sent through the server thus hiding
your victims IP and your. But when you send a file or recieve a file, it is direct
connection between the two computers.

To obtain the IP accept a file transfer or send a file to the victim, when the file
sending is under way from the dos prompt type "netstat" without the quotation marks.
You should get a table like this:

Proto Local Address Foreign Address State
TCP kick:1033 msgr-ns29.msgr.hotmail.com:1863 ESTABLISHED
TCP kick:1040 msgr-sb36.msgr.hotmail.com:1863 ESTABLISHED
TCP kick: ESTABLISHED

The top name in the list is the server's address for IMing. There could be many of
the second name in the list, as a new connection is made to the server for every
room you are IMing to. You are looking for the address of the remote host in
this table it may be something similar to "host63-7-102-226.ppp.cal.vsnl.com" or “203..64.90.6”.
without the quotation marks.
All you need to do now is to put this address in you IP lookup programe and get the IP of the remote system.


Well 50%of the work is done now. Now you know how to get the IP of a remote system, so its time to trace it down and find some details about the IP.



Tracing an IP is quite simple. You can do it the easy way by using some sweet softwares like Visual Trace 6.0b

[ftp://ftp.visualware.com/pub/vr/vr.exe]

Neotrace

[http://www.neoworx.com/download/NTX325.exe]

or by our way ie. Using MS DOS or any other version of DOS.

Well I suggest you to use DOS and its tracert tool for tracing the IP cause using it will give you a clear conception about the art of tracing an IP and I guarantee that you will feel much satisfied on success than using a silly software. Furthur you will know how things work and how the IP is traced down and the different networks associated in this tracing process.



Let us take a look at tracert tool provided for DOS by Microsoft.

It is a very handy tool for peoples need to trace down an IP.

Just open any DOS windows and type tracert.



C:\windows>tracert



Usage: tracert [-d] [-h maximum_hops] [-j host-list] [-w timeout] target_name


Options:

-d Do not resolve addresses to hostnames.

-h maximum_hops Maximum number of hops to search for target.

-j host-list Loose source route along host-list.

-w timeout Wait timeout milliseconds for each reply.


You will now see a description of the tracert command and the switches associated with it.

Well these switches doesn’t makes much difference. All you can do is to increase the timeout in milliseconds by using –w switch if you are using a slow connection and the –d switch if you wish not resolve address to hostnames by default.

By default tracert performs a maximum of 30 hops trace. Using the –h switch you can specify the number of hops to perform.

Now its time for execution.

Let us trace down the IP yahoo.com [216.115.108.243]



TIP: If you have done a long research (I mean a lot) then simply looking at the IP you can figure out some info from it. For example the IP 203.90.68.8 indicates that the system is in India. In India IPs generally begin with 203 and 202



C:\WINDOWS>tracert yahoo.com



Tracing route to yahoo.com [216.115.108.243] over a maximum of 30 hops:



1 308 ms 142 ms 127 ms 203.94.246.35

2 140 ms 135 ms * 203.94.246.1

3 213 ms 134 ms 132 ms 203.94.255.33

4 134 ms 130 ms 129 ms 203.200.64.29

5 122 ms 135 ms 131 ms 203.200.87.75

6 141 ms 137 ms 121 ms 203.200.87.15

7 143 ms 170 ms 154 ms vsb-delhi-stm1.Bbone.vsnl.net.in [202.54.2.241]

8 565 ms 589 ms 568 ms if-7-0.bb8.NewYork.Teleglobe.net [207.45.198.65]

9 596 ms 584 ms 600 ms if-3-0.core2.NewYork.teleglobe.net [207.45.221.66]

10 * * * Request timed out.

11 703 ms 701 ms 719 ms if-3-0.core2.PaloAlto.Teleglobe.net [64.86.83.205]

12 694 ms 683 ms 681 ms if-6-1.core1.PaloAlto.Teleglobe.net [207.45.202.33]

13 656 ms 677 ms 700 ms ix-5-0.core1.PaloAlto.Teleglobe.net [207.45.196.90]

14 667 ms 673 ms 673 ms ge-1-3-0.msr1.pao.yahoo.com [216.115.100.150]

15 653 ms 673 ms 673 ms vl20.bas1.snv.yahoo.com [216.115.100.225]

16 666 ms 676 ms 674 ms yahoo.com [216.115.108.243]

Trace complete.



Note: Here I have traced yahoo.com. In place of yahoo.com you can give the IP of yahoo or any other IP you want to trace, the result will be the same.



Now carefully looking at the results you can figure out many information about yahoo’s server [216.115.108.243]

First packets of data leave my ISP which is at 203.94.246.35 .Similarly you can find out the different routers through which the packets of data are send and received to and from the target system. Now take a look at the 13th line you’ll see that the router is in PaloAlto.Teleglobe.net from this you can easily figure out that the router is in Palo Alto. Now finally look at the target system ie. Yahoo’s server vl20.bas1.snv.yahoo.com . Now you got the address of yahoo’s server. Now put this address in any IP lookup programe and perform and reverse DNS lookup and you will get most of the info about this address,like the place where it is in.

Well another thing you can find out using the tracert tool is that the number of hops (routers) the target system is away from you. In case of tracerouting yahoo.com we find that the target system ie yahoo’s server is 16 hops away from my system. This indicates that there are 16 routers between my system and yahoo’s server.



Apart from tracing an IP you can find out many usefull details about the target system using the tracert tool.



Firewall Detection



While tracerouting a target system, if you get * as an output then it indicates timeout error. Now if you peform another tracerout to the same taeget system at some other time with a good connection and in this way few times more and if you always get * as the output then take it for sure that the target system is running a firewall which prevents sending of data packets from the target system.



Example



Some days ago I tried to tracert hotmail’s server in plain and simple way using tracert without any trick.This is what I found out :




c:\windows>tracert 64.4.53.7



Tracing route to lc2.law5.hotmail.com [64.4.53.7]


over a maximum of 30 hops:






1 * * * Request timed out.

2 161 ms 147 ms 85 ms 203.90.69.81

3 126 ms 261 ms 219 ms 203.90.66.9

4 121 ms 115 ms 228 ms delswp2.hclinfinet.com [203.90.66.133]

5 727 ms 725 ms 711 ms 203-195-147-250.now-india.net.in [203.195.147.250]

6 1006 ms 794 ms 952 ms core-fae-0-0.now-india.net.in [203.195.147.3]

7 826 ms 731 ms 819 ms 213.232.106.9

8 885 ms 744 ms 930 ms 213.166.3.209

9 851 ms 1020 ms 1080 ms 213.232.64.54

10 1448 ms 765 ms 1114 ms pos8-0.core2.London1.Level3.net [212.113.0.118]

11 748 ms 789 ms 750 ms ge-4-2-1.mp2.London1.Level3.net [212.187.131.146]

12 719 ms 733 ms 846 ms so-3-0-0.mp1.London2.Level3.net [212.187.128.46]

13 775 ms 890 ms 829 ms so-1-0-0.mp2.Weehawken1.Level3.net [212.187.128.138]

14 853 ms 852 ms 823 ms so-3-0-0.mp1.SanJose1.Level3.net [64.159.1.129]

15 889 ms 816 ms 803 ms so-7-0-0.gar1.SanJose1.Level3.net [64.159.1.74]

16 * * * Request timed out.

17 * * * Request timed out.

18 * * * Request timed out.

19 * * * Request timed out.

20 * * * Request timed out.

21 * * * Request timed out.

22 * * * Request timed out.

23 * * * Request timed out.

24 * * * Request timed out.

25 * * * Request timed out.

26 * * * Request timed out.

27 * * * Request timed out.

28 * * * Request timed out.

29 * * * Request timed out.

30 * * * Request timed out.

Trace complete.


I performed the same tracert many times a day but concluded with the same result. This indicates that the systems after the router SanJose1.Level3.net has firewalls installed which prevents the outgoing of data packets.



Detecting Traceroute Attempts on your System



You can detect that an attacker is performing a traceroute on your system, if you see the following symptoms:



1. If you observe port scans on very high UDP ports. This symptom means that the attacker has performed a traceroute on your system. However, it could also mean a simply port scan. Either way, it signifies the fact that your system is being scanned.



2. If the packet-monitoring tool installed in your network, picks up several outgoing TTL-exceeding messages, then it is yet another sign that someone is doing a traceroute on your system.



3. If in these log files, you also observer an outgoing ICMP port unreachable error message, then it means that since a traceroute was done on your system and as the target system i.e. your system, was reached, it responded with this error message.



You can also find our more information on the attacker (if he performs a traceroute on your system) by simply studying the sniffer log files. If you observer the TTL values, then we can easily figure out the following information on the attacker by making use of OS detection techniques discussed earlier in this white paper:


The Operating System running on the attacker’s target system.
Number of hops away, the attacker is from you.



OKI DOKI that’s all for this article. Hope you will find this article very easy to understand and implement.


contribution : abhishek
http://hackersclub.focusindia.com
Ip Address Hack Contd


Changing your MAC on Windows XP

There are two ways two change your IP on Windows. The easy way, and the hard way. Ill discuss how to do both of them in this tutorial.

Easy Way:

The first way to change it is, if your NIC (Network Interface Card) supports cloning your MAC Address. If this is the case then you go to.

Start > Control Panel > Network Connections

Right Click on your NIC card and goto properties. Then click the button labeled Configure. It should bring up another form. Click on the advanced tab. You should see under Property "Locally Administered Address" or "Network Address". Click the radio button next to the text box, and type in your new MAC address. (note you do not use the "-" when you enter your no MAC Address.

To check and see if it worked or not go to

Start > Run > and type in "cmd"

When the terminal comes up issue the command.

ipconfig /all
-----------------------------------------------------------------------------------------------------------------------------------------------

Hard Way:

To change your MAC Address the hard way, you first go to

Start > Run > and type in "cmd"

Once the terminal comes up type in

"net config rdr"

It should bring up alot of things, but what you are worried about is

NetBT_Tcpip_{ The Numbers Between here}

Copy the numbers in between there and write it down somewhere, seeing that you will need them later.

After you are done with that go to

Start > Run > and type in "regedt32"

That should bring up the windows registry. Once the registry is up go to

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}

Click on the drop down menu and you should see the sub-categories

0000
0001
0002
and so on.

Click on each one and compare the "NetCfgInstanceId" Key with the number you wrote down earlier. Once you find a match double click on the key "NetworkAddress" and change the value to your new MAC address. Hit ok and reboot your system.




There r several ways u can determine ur IP address information:

IPCONFIG

Start / Run / cmd
IPCONFIG /ALL
This opens a command window. One advantage is that u can send the information to a text file (IPCONFIG /ALL > c:\ip.txt)
But sometimes the window shows show much information u need to scroll around to fine it.

VIEW STATUS

Control Panel / Network Connections / Double click the icons 4 ur network (If the network has an icon in the system tray u can also just double click on that icon)
Click on the Support tab
Click on the Details button
:::::::::::::
Make Pictures Smaller Unavailable

When u try nd send pictures through e-mail, u should normally be given the option to make them smaller.
If this option is not available, a DLL file may need to be registered.

Start
Run
regsvr32 shimgvw.dll
:::::::::::::
Creating a Suspend Shortcut

If u would like to create an icon to suspend ur computer,

Right click on the Desktop
New / Shortcut
Enter in rundll32.exe PowrProf.dll, SetSuspendState
Give it whatever name u want
Now when u click on that shortcut, ur computer will shutdown nd suspend
Submitted by Gabe
:::::::::::::
Changing the User Type

Normally in XP Pro, through the Control Panel / User Accounts icon, u r only allowed to create administrators or limited users.
If u want to create

Right click on My Computer
Manage
Local Users nd Groups
Users
Right click on the user u want to change
Properties
Member of tab
Add button
Advanced button
Find Now button
From here u see the full list of possibilities (e.g. Power User, Backup Operator etc.)
:::::::::::::


some more
Determining Which Services r Associated with SVCHOST

Since so many critical services r run with each svchost,
You can see which ones r being used by opening a cmd prompt nd running:

tasklist /svc /fi "imagename eq svchost.exe"

Note: This is available only with XP Pro
:::::::::::::
Identify Faulty Device Drivers

If u r having problems with lockups, blue screens, or can only get to safe mode,
often the problem is due to a faulty device driver.

One way to help identify them is through the use of the Verfier program

Start / Run / Verifier
Keep the default of Create Standard Settings
Select the type of drivers u want to confirm
A list of drivers to be verified on the next boot will be shown.
Reboot
If ur computer stops with a blue screen, u should get an error message with the problem driver
To turn off the Verifier, run verifier /reset
:::::::::::::
Viewing Installed Drivers

If u want to see a list of installed drivers, u can run the driverquery program
There r a lot of available switches to view different types of information.
On use can be to export to a CSV file 4 viewing in Excel
An example would then be:

Driverquery /v /fo csv > drivers.csv

Anonymizers and Remailers !! What n How

Anonymizers and Remailers !! What n How


Anonymizers are online services that eliminate the trail of information that you leave behind, whilst surfing, so that your online activities cannot be traced back to you. The anonymizers vary in sophistication depending on the level of security and number of features that you require. Some anonymizers require the use of client software and others only require that you log onto their website before browsing other sites*.


How do Anonymizers work?


You essentially surf the Web through the anonymizer site, going to that site first and then routing all your pages from there. When you send a page request through the anonymizer, it acts like a super-proxy server, stripping off the header of each data packet, thus making your request anonymous. The requested page is then fed through the anonymizer back to your Web browser**.



In order to avoid being tracked, one can use an anonymous proxy to surf the web. An anonymous proxy makes sure your IP address does not get stored on the web server logs. Web servers log every ?GET? request made, together with date, hour, and IP. But if you are accessing the Internet through a proxy server, then the IP of the proxy is logged and not yours.
In case you do not go through an anonymous proxy, then you are actually risking vital information that belongs to you. For example, a hacker can easily find out your IP Address, your web browser, your Operating System and even the previous URL that you have visited. You can also be easily located geographically (provided one has the necessary software tools) because people can find out a whole lot of things that give your location. Like your hostname, your continent, your country, your city and even your Internet Service Provider.
Consider the scenario where a hacker gets access to your computer, he can find out your name, email address, telephone number, various user ID's and passwords, details about software you use and your preferences, locations of files and folders, the search strings that you used and literally hundreds of other personal things. All this information is stored in files like SYSTEM.ini, USER.dat, SYSTEM.dat etc. One very important file is the nsform??.TMP which stores all the data inside every Netscape form you've ever submitted, with and without SSL, when the submission failed or was cancelled.


What are Re-mailers?


Anonymous Re-mailers are services used to send e-mail messages, so that the recipient of the e-mail cannot determine the identity of the sender. Re-mailers strip off header information leading to the identity of the sender and often route a message through a chain of re-mailers before reaching the recipient. Many re-mailers also include some sort of message based encryption. Re-mailers are commonly used to protect the anonymity if the sender from the recipient, to prevent eavesdropping by a third party, or to post anonymously to newsgroups*.
How do Re-mailers Work?


An anonymous re-mailer is simply a computer connected to the Internet that forwards electronic mail or files to other addresses on the network. It also strips off the "header" part of the messages, which shows where they came from and who sent them. All the receiver can tell about a message's origin is that it passed through the re-mailer. Some re-mailers also allocate each sender an "anonymous ID", rather like a PO Box number, which it stores with the sender's address so that any replies reach them.***


All re-mailers are fairly effective at what they do and some even take an extra step and add encryption to all outgoing messages. In order to view header information sent via email messages in Outlook Express, select a message in your inbox, then select File | Properties | Details.
To view header information in m*c*s*t Outlook, right-click a message in your inbox and select Options; the header information is displayed in the Internet Headers area of the Message Options dialog box.

Anonymous re-mailers were invented by security experts interested to know whether it was possible to send a message on the Internet which could not be traced back to its source. As soon as the first ones were built, though, people found a more pragmatic use for them: to send messages to bulletin boards about subjects so sensitive that they did not want their names known.

Wednesday, December 19, 2007

Watch Live Public Webcams

http://www.opentopia.com/hiddencam.php?showmode=animated

Rapidshare Premium Link Maker Websites

Rapidshare Premium Link Maker WebsitesHere's the list:

http://dn.vc/rs4free/

http://www.rapidgulli.dr.ag
http://rapidhood.dr.ag/
http://www.rapidcrack.fosi.eu.org
http://rapidgrab.org/
http://rapidpotter.fosi.eu.org/?
http://rs43.com/Share.Mirror.Service/?
http://000wbb.fosi.eu.org/?
http://www.s3nditnow.dr.ag/
http://84a.org/

Use yahoo messenger without downloading it to ur pc

Use yahoo messenger without downloading it to ur pc
just go to http://webmessenger.yahoo.com/

Enjoy!

premium accounts

Gamewallpapers.com premium account!!!
username = freemaxpax@yahoo.com
password = turnmeon


............
rapidshare
.............Account ID: 57033 Password: 2800510


Account ID: 42551 Password: 1530279


Account ID: 8531 Password: 4848041


Account ID: 49011 Password: 3214065


Account ID: 43934 Password: 2759566


Account-ID: 47191 Password: 4690422


Account-ID: 47189 Password: 2878020


Account-ID: 48004 Password: 6866946


Account-ID: 48006 Password: 4844644


Account-ID: 48008 Password: 2515888


Account-ID: 10611 Password: 181980


Account-ID: 36716 Password: 7634111


Account-ID: 45100 Password: 4430955


Account-ID: 47191 Password: 4690422


Account-ID: 47189 Password: 2878020


Account-ID: 48004 Password: 6866946


Account-ID: 48006 Password: 4844644


Account-ID: 48008 Password: 2515888


Account-ID: 10611 Password: 181980


Account-ID: 36716 Password: 7634111


Account-ID: 45100 Password: 4430955


Account-ID: 43869 Password: 8058995


Account-ID: 24065 Password: 2259199


Account-ID: 42283 Password: 9315398


Account-ID: 47191 Password: 4690422


Account-ID: 24067 Password: 8125910


Account-ID: 35305 Password: 4068954


Account-ID: 17877 Password: 4868118


Account-ID: 37314 Password: 1886070


Account-ID: 35305 Password: 4068954


Account-ID: 17877 Password: 4868118


Account-ID: 47191 Password: 4690422


Account-ID: 47189 Password: 2878020


Account-ID: 10611 Password: 181980


Account-ID: 45100 Password: 4430955


Account-ID: 10611 Password: 181980


Account-ID: 36712 Password: 6650188


Account-ID: 52354 Password: 230524


Account-ID: 49960 Password: 274609


Account-ID: 49962 Password: 3217899


Account-ID: 49964 Password: 714426


Account-ID: 49966 Password: 7531422


Account-ID: 49967 Password: 5236988


Account-ID: 17877 Password: 4868118


Account-ID: 36712 Password: 1877564


Account-ID: 16501 Password: 7213638


Account-ID: 35305 Password: 4068954


Account-ID: 37314 Password: 1886070


Account-ID: 36713 Password: 8785993


Account-ID: 35305 Password: 4068954


Account-ID: 17877 Password: 4868118


Account-ID: 36712 Password: 1877564


Account-ID: 36713 Password: 8785993


Account-ID: 52354 Password: 230524


Account-ID: 49960 Password: 274609


Account-ID: 49962 Password: 3217899


Account-ID: 49964 Password: 714426


Account-ID: 49966 Password: 7531422


Account-ID: 49967 Password: 5236988




Account-ID: 47189 Password: 2878020


Account-ID: 48004 Password: 6866946


Account-ID: 48006 Password: 4844644


Account-ID: 48008 Password: 2515888


Account-ID: 47191 Password: 4690422


Account-ID: 47189 Password: 2878020


Account-ID: 52354 Password: 230524


Account-ID: 36713 Password: 8785993


Account-ID: 49960 Password: 274609


Account-ID: 49962 Password: 3217899


Account-ID: 49964 Password: 714426


Account-ID: 49966 Password: 7531422


Account-ID: 49967 Password: 5236988


Account-ID: 10611 Password: 181980


Account-ID: 16501 Password: 7213638


Account-ID: 17877 Password: 4868118


Account-ID: 26779 Password: 9882830


Account-ID: 37314 Password: 1886070


Account-ID: 39340 Password: 856055


Account-ID: 39609 Password: 1266097


Account-ID: 39611 Password: 2803042


Account-ID: 40414 Password: 3201200


Account-ID: 43869 Password: 8058995


Account-ID: 43934 Password: 2759566


Account-ID: 47189 Password: 2878020


Account-ID: 47191 Password: 4690422


Account-ID: 48004 Password: 6866946


Account-ID: 48006 Password: 4844644


Account-ID: 48008 Password: 2515888


Account-ID: 36713 Password: 8785993


Account-ID: 36712 Password: 1877564


Account-ID: 52354 Password: 230524


Account-ID: 49960 Password: 274609


Account-ID: 49962 Password: 3217899


Account-ID: 49964 Password: 714426


Account-ID: 49966 Password: 7531422


Account-ID: 49967 Password: 5236988











LOGIN: 40586 PASSWORD: 4181392


LOGIN: 34746 PASSWORD: 7861243


LOGIN: 34978 PASSWORD: 6943382


LOGIN: 34979 PASSWORD: 3194204


LOGIN: 34980 PASSWORD: 7812184


LOGIN: 20145 PASSWORD: 7072148


LOGIN: 19159 PASSWORD: 7932964


LOGIN: 20949 PASSWORD: 2716739


LOGIN: 15156 PASSWORD: 2679943


LOGIN: 18549 PASSWORD: 4646182


LOGIN: 19365 PASSWORD: 9667651


LOGIN: 18800 PASSWORD: 9496722


LOGIN: 20949 PASSWORD: 2716739


LOGIN: 36272 PASSWORD: 8961973


LOGIN: 36273 PASSWORD: 8061013


LOGIN: 36274 PASSWORD: 2961920


LOGIN: 36275 PASSWORD: 8018801


LOGIN: 36276 PASSWORD: 527330


LOGIN: 34976 PASSWORD: 6650188


LOGIN: 40914 PASSWORD: 2205558


LOGIN: 34978 PASSWORD: 6943382


LOGIN: 34979 PASSWORD: 3194204
LOGIN: 34980 PASSWORD: 7812184


LOGIN: 45203 PASSWORD: 5266271


LOGIN: 45202 PASSWORD: 4377824


LOGIN: 51704 PASSWORD: 1140322


LOGIN: 19159 PASSWORD: 7932964


LOGIN: 34980 PASSWORD: 7812184


LOGIN: 20145 PASSWORD: 7072148


LOGIN: 20949 PASSWORD: 2716739


LOGIN: 15156 PASSWORD: 2679943


LOGIN: 18549 PASSWORD: 4646182


LOGIN: 19365 PASSWORD: 9667651


LOGIN: 18800 PASSWORD: 9496722


LOGIN: 20949 PASSWORD: 2716739


LOGIN: 36272 PASSWORD: 8961973


LOGIN: 36273 PASSWORD: 8061013


LOGIN: 36274 PASSWORD: 2961920


LOGIN: 36275 PASSWORD: 8018801


LOGIN: 36276 PASSWORD: 527330


LOGIN: 34976 PASSWORD: 6650188


LOGIN: 40914 PASSWORD: 2205558


LOGIN: 34978 PASSWORD: 6943382


LOGIN: 34979 PASSWORD: 3194204


LOGIN: 34980 PASSWORD: 7812184


LOGIN: 45203 PASSWORD: 5266271


LOGIN: 45202 PASSWORD: 4377824


LOGIN: 51704 PASSWORD: 1140322


LOGIN: 40586 PASSWORD: 4181392


LOGIN: 34746 PASSWORD: 7861243


LOGIN: 34978 PASSWORD: 6943382


LOGIN: 34979 PASSWORD: 3194204


LOGIN: 34980 PASSWORD: 7812184


LOGIN: 20145 PASSWORD: 7072148


LOGIN: 19159 PASSWORD: 7932964


LOGIN: 20949 PASSWORD: 2716739


LOGIN: 15156 PASSWORD: 2679943


LOGIN: 18549 PASSWORD: 4646182


LOGIN: 19365 PASSWORD: 9667651


LOGIN: 18800 PASSWORD: 9496722


LOGIN: 20949 PASSWORD: 2716739


LOGIN: 36272 PASSWORD: 8961973


LOGIN: 36273 PASSWORD: 8061013


LOGIN: 36274 PASSWORD: 2961920


LOGIN: 36275 PASSWORD: 8018801


LOGIN: 36276 PASSWORD: 527330


LOGIN: 34976 PASSWORD: 6650188


LOGIN: 40914 PASSWORD: 2205558


LOGIN: 34978 PASSWORD: 6943382


LOGIN: 34979 PASSWORD: 3194204


LOGIN: 34980 PASSWORD: 7812184


LOGIN: 45203 PASSWORD: 5266271


LOGIN: 45202 PASSWORD: 4377824


LOGIN: 51704 PASSWORD: 1140322


LOGIN: 47191 PASSWORD: 4690422


LOGIN: 47189 PASSWORD: 2878020


LOGIN: 47191 PASSWORD: 4690422


LOGIN: 47189 PASSWORD: 2878020


LOGIN: 48004 PASSWORD: 6866946


LOGIN: 48006 PASSWORD: 4844644


LOGIN: 48008 PASSWORD: 2515888


LOGIN: 40586 PASSWORD: 4181392


LOGIN: 34746 PASSWORD: 7861243


LOGIN: 34978 PASSWORD: 6943382


LOGIN: 34979 PASSWORD: 3194204


LOGIN: 34980 PASSWORD: 7812184


LOGIN: 20145 PASSWORD: 7072148


LOGIN: 19159 PASSWORD: 7932964


LOGIN: 20949 PASSWORD: 2716739


LOGIN: 15156 PASSWORD: 2679943


LOGIN: 18549 PASSWORD: 4646182


LOGIN: 19365 PASSWORD: 9667651


LOGIN: 18800 PASSWORD: 9496722


LOGIN: 20949 PASSWORD: 2716739


LOGIN: 36272 PASSWORD: 8961973


LOGIN: 36273 PASSWORD: 8061013


LOGIN: 36274 PASSWORD: 2961920


LOGIN: 36275 PASSWORD: 8018801


LOGIN: 34976 PASSWORD: 6650188


LOGIN: 40914 PASSWORD: 2205558


LOGIN: 34978 PASSWORD: 6943382


LOGIN: 34979 PASSWORD: 3194204


LOGIN: 34980 PASSWORD: 7812184


LOGIN: 45203 PASSWORD: 5266271


LOGIN: 45202 PASSWORD: 4377824


LOGIN: 51704 PASSWORD: 1140322


LOGIN: 30439 PASSWORD: 1117289


LOGIN: 45575 PASSWORD: 2573305


LOGIN: 46042 PASSWORD: 8271283


LOGIN: 46044 PASSWORD: 3494441


LOGIN: 19944 PASSWORD: 8254632


LOGIN: 15356 PASSWORD: 7265802
Account ID: 57033 Password: 2800510
Account ID: 42551 Password: 1530279
Account ID: 8531 Password: 4848041
Account ID: 49011 Password: 3214065
Account ID: 43934 Password: 2759566
Account-ID: 47191 Password: 4690422
Account-ID: 47189 Password: 2878020
Account-ID: 48004 Password: 6866946
Account-ID: 48006 Password: 4844644
Account-ID: 48008 Password: 2515888
Account-ID: 10611 Password: 181980
Account-ID: 36716 Password: 7634111
Account-ID: 45100 Password: 4430955
Account-ID: 47191 Password: 4690422
Account-ID: 47189 Password: 2878020
Account-ID: 48004 Password: 6866946
Account-ID: 48006 Password: 4844644
Account-ID: 48008 Password: 2515888
Account-ID: 10611 Password: 181980
Account-ID: 36716 Password: 7634111
Account-ID: 45100 Password: 4430955
Account-ID: 43869 Password: 8058995
Account-ID: 24065 Password: 2259199
Account-ID: 42283 Password: 9315398
Account-ID: 47191 Password: 4690422
Account-ID: 24067 Password: 8125910
Account-ID: 35305 Password: 4068954
Account-ID: 17877 Password: 4868118
Account-ID: 37314 Password: 1886070
Account-ID: 35305 Password: 4068954
Account-ID: 17877 Password: 4868118
Account-ID: 47191 Password: 4690422
Account-ID: 47189 Password: 2878020
Account-ID: 10611 Password: 181980
Account-ID: 45100 Password: 4430955
Account-ID: 10611 Password: 181980
Account-ID: 36712 Password: 6650188
Account-ID: 52354 Password: 230524
Account-ID: 49960 Password: 274609
Account-ID: 49962 Password: 3217899
Account-ID: 49964 Password: 714426
Account-ID: 49966 Password: 7531422
Account-ID: 49967 Password: 5236988
Account-ID: 17877 Password: 4868118
Account-ID: 36712 Password: 1877564
Account-ID: 16501 Password: 7213638
Account-ID: 35305 Password: 4068954
Account-ID: 37314 Password: 1886070
Account-ID: 36713 Password: 8785993
Account-ID: 35305 Password: 4068954
Account-ID: 17877 Password: 4868118
Account-ID: 36712 Password: 1877564
Account-ID: 36713 Password: 8785993
Account-ID: 52354 Password: 230524
Account-ID: 49960 Password: 274609
Account-ID: 49962 Password: 3217899
Account-ID: 49964 Password: 714426
Account-ID: 49966 Password: 7531422
Account-ID: 49967 Password: 5236988
Account-ID: 47189 Password: 2878020
Account-ID: 48004 Password: 6866946
Account-ID: 48006 Password: 4844644
Account-ID: 48008 Password: 2515888
Account-ID: 47191 Password: 4690422
Account-ID: 47189 Password: 2878020
Account-ID: 52354 Password: 230524
Account-ID: 36713 Password: 8785993
Account-ID: 49960 Password: 274609
Account-ID: 49962 Password: 3217899
Account-ID: 49964 Password: 714426
Account-ID: 49966 Password: 7531422
Account-ID: 49967 Password: 5236988
Account-ID: 10611 Password: 181980
Account-ID: 16501 Password: 7213638
Account-ID: 17877 Password: 4868118
Account-ID: 26779 Password: 9882830
Account-ID: 37314 Password: 1886070
Account-ID: 39340 Password: 856055
Account-ID: 39609 Password: 1266097
Account-ID: 39611 Password: 2803042
Account-ID: 40414 Password: 3201200
Account-ID: 43869 Password: 8058995
Account-ID: 43934 Password: 2759566
Account-ID: 47189 Password: 2878020
Account-ID: 47191 Password: 4690422
Account-ID: 48004 Password: 6866946
Account-ID: 48006 Password: 4844644
Account-ID: 48008 Password: 2515888
Account-ID: 36713 Password: 8785993
Account-ID: 36712 Password: 1877564
Account-ID: 52354 Password: 230524
Account-ID: 49960 Password: 274609
Account-ID: 49962 Password: 3217899
Account-ID: 49964 Password: 714426
Account-ID: 49966 Password: 7531422
Account-ID: 49967 Password: 5236988



LOGIN: 40586 PASSWORD: 4181392
LOGIN: 34746 PASSWORD: 7861243
LOGIN: 34978 PASSWORD: 6943382
LOGIN: 34979 PASSWORD: 3194204
LOGIN: 34980 PASSWORD: 7812184
LOGIN: 20145 PASSWORD: 7072148
LOGIN: 19159 PASSWORD: 7932964
LOGIN: 20949 PASSWORD: 2716739
LOGIN: 15156 PASSWORD: 2679943
LOGIN: 18549 PASSWORD: 4646182
LOGIN: 19365 PASSWORD: 9667651
LOGIN: 18800 PASSWORD: 9496722
LOGIN: 20949 PASSWORD: 2716739
LOGIN: 36272 PASSWORD: 8961973
LOGIN: 36273 PASSWORD: 8061013
LOGIN: 36274 PASSWORD: 2961920
LOGIN: 36275 PASSWORD: 8018801
LOGIN: 36276 PASSWORD: 527330
LOGIN: 34976 PASSWORD: 6650188
LOGIN: 40914 PASSWORD: 2205558
LOGIN: 34978 PASSWORD: 6943382
LOGIN: 34979 PASSWORD: 3194204
LOGIN: 34980 PASSWORD: 7812184
LOGIN: 45203 PASSWORD: 5266271
LOGIN: 45202 PASSWORD: 4377824
LOGIN: 51704 PASSWORD: 1140322
LOGIN: 19159 PASSWORD: 7932964
LOGIN: 34980 PASSWORD: 7812184
LOGIN: 20145 PASSWORD: 7072148
LOGIN: 20949 PASSWORD: 2716739
LOGIN: 15156 PASSWORD: 2679943
LOGIN: 18549 PASSWORD: 4646182
LOGIN: 19365 PASSWORD: 9667651
LOGIN: 18800 PASSWORD: 9496722
LOGIN: 20949 PASSWORD: 2716739
LOGIN: 36272 PASSWORD: 8961973
LOGIN: 36273 PASSWORD: 8061013
LOGIN: 36274 PASSWORD: 2961920
LOGIN: 36275 PASSWORD: 8018801
LOGIN: 36276 PASSWORD: 527330
LOGIN: 34976 PASSWORD: 6650188
LOGIN: 40914 PASSWORD: 2205558
LOGIN: 34978 PASSWORD: 6943382
LOGIN: 34979 PASSWORD: 3194204
LOGIN: 20949
PASSWORD: 2716739
Cookie set. You have 18275612 KB of free traffic left

Account-ID: 45100
Password: 4430955

User: 30511
Pass: 893508

LOGIN: 25370
PASSWORD: 9005151

LOGIN: 20949
PASSWORD: 2716739
Cookie set. You have 18275612 KB of free traffic left

LOGIN: 15156
Password: 2679943
Cookie set. You have 19492141 KB of free traffic left

LOGIN: 18549
Password: 4646182
Cookie set. You have 30662548 KB of free traffic left.

LOGIN: 19365
PASSWORD: 9667651
Cookie set. You have 29817158 KB of free traffic left.

LOGIN: 18800
PASSWORD: 9496722
Cookie set. You have 35370101 KB of free traffic left

LOGIN: 20949
PASSWORD: 2716739
Cookie set. You have 18275612 KB of free traffic left.


Login: 20145
Password: 7072148


Login: 20366
Password: 7177185

Login: 20374
Password: 5630758

Login: 20452
Password: 3249043

LOGIN: 22484
PASSWORD: 358030
LOGIN: 20949
PASSWORD: 2716739

LOGIN: 25370
PASSWORD: 9005151
Cookie set. You have 42896448 KB of free traffic left

LOGIN: 20949
PASSWORD: 2716739
Cookie set. You have 18275612 KB of free traffic left

LOGIN: 15156
Password: 2679943
Cookie set. You have 19492141 KB of free traffic left

LOGIN: 18549
Password: 4646182
Cookie set. You have 30662548 KB of free traffic left.

LOGIN: 19365
PASSWORD: 9667651
Cookie set. You have 29817158 KB of free traffic left.

LOGIN: 18800
PASSWORD: 9496722
Cookie set. You have 35370101 KB of free traffic left

LOGIN: 20949
PASSWORD: 2716739
Cookie set. You have 18275612 KB of free traffic left

LOGIN: 25370
PASSWORD: 9005151
Cookie set. You have 42896448 KB of free traffic left

LOGIN: 20949
PASSWORD: 2716739
Cookie set. You have 18275612 KB of free traffic left

LOGIN: 15156
Password: 2679943
Cookie set. You have 19492141 KB of free traffic left

LOGIN: 18549
Password: 4646182
Cookie set. You have 30662548 KB of free traffic left.

LOGIN: 19365
PASSWORD: 9667651
Cookie set. You have 29817158 KB of free traffic left.

LOGIN: 18800
PASSWORD: 9496722
Cookie set. You have 35370101 KB of free traffic left

LOGIN: 25370
PASSWORD:9005151

LOGIN: 20949
PASSWORD: 2716739

LOGIN: 15156
Password: 2679943

LOGIN: 18549
Password: 4646182

LOGIN: 19365
PASSWORD: 9667651

LOGIN: 18800
PASSWORD: 9496722


LOGIN: 19180
PASSWORD: 2548732


LOGIN: 20949
PASSWORD: 2716739

LOGIN: 25370
PASSWORD: 9005151
Cookie set. You have 42896448 KB of free traffic left

LOGIN: 20949
PASSWORD: 2716739
Cookie set. You have 18275612 KB of free traffic left

LOGIN: 15156
Password: 2679943
Cookie set. You have 19492141 KB of free traffic left

LOGIN: 18549
Password: 4646182
Cookie set. You have 30662548 KB of free traffic left.

LOGIN: 19365
PASSWORD: 9667651
Cookie set. You have 29817158 KB of free traffic left.


LOGIN: 43934
PASSWORD: 2759566

LOGIN: 28501 en
PASSWORD: 2688810 in.

LOGIN: 45575
PASSWORD: 2573305

Quote:
LOGIN: 46042
PASSWORD: 8271283

Quote:
LOGIN: 46044
PASSWORD: 3494441

Account-ID: 47191
Password: 4690422

Account-ID: 47189
Password: 2878020

LOGIN: 15356
PASSWORD: 7265802

Account-ID: 22834
Password : 9814819

LOGIN: 18800
PASSWORD: 9496722
Cookie set. You have 35370101 KB of free traffic left

LOGIN: 20949
PASSWORD: 2716739
Cookie set. You have 18275612 KB of free traffic left
..........
File Planet premium account.....
............

http://www.fileplanet.com

Download free games.... Great site for gamers...

Premium account

Email = freemaxpax@yahoo.com
Password = turnmeon


Enjoy!!!

........
Site Url ::
http://www.fantasyfanbase.com


Admin Username :: Homeless
Admin Password :: theblues
.......
Login link:
http://www.blackfridays.com/marylandreview/admin/index.php

Username:Black
Password:fridays

Dont change the Password
........
Login Link:
http://www.idclothing.com/store/admin/index.php

Username:"="
Password:"="
............
"Login Link:
https://www.anotherdaybooks.com/admin/index.php

Username:"="
Password:"="
..................
http://www.divxcrawler.com/

username:
divx273

pass
8342729

plz dont change it
.........
http://www.divxcrawler.com/

username:
divx273

pass
8342729

plz dont change it
.........
http://www.unlimitedgamesdownload.com/

Your username: ga20me

Your password: ke01feb
.................
I have got the megaupload premuim account. Its for i think 4 months.
but i will post another one when its finished. Use it just for
downloading.. no uploading in this account.

NOTE = PLZ DO NOT
DISTRIBUTE THIS ACCOUNT..... and do not change the password.. its for
ur own good. use it for downloading. If the password is changed i will
not post any other premium account of megaupload. Just every one use it
and Enjoy.


Username = qam47
password = turnmeon


And if u want links of megaupload then try this..

www.megauploadforum.lolco.net

Can find anything here... These are only megaupload links..

Enjoy!
..............
http://www.warezquality.com/
Member's ID And Password:-

Username: ageg2020
Password : z8fsDfg3
......................
http://www.fulldownloads.us/

Username: Af872HskL
Password: XjsdH28N

Tuesday, December 18, 2007

.

http://softwarespt.blogspot.com/

.

http://softwarespt.blogspot.com/2007/11/do-u-want-invisible-music-player-for.html

Monday, December 17, 2007

Exposing Scams

Exposing Scams


Methods of Cracking Email Passwords


One of the most successful method is achieved with the used of k*ylo**ers and s** software. There are lots of s*y*are, lo**ing tools available today such as 007, RemoteSpy, Netvizor, Email Spy, Chat Spy, Spector Pro, eBlaster, Invisible Keylogger, to name a few. This software will create a self extracting or installation file, you can then run it in the computer for surveillance, or email it to your target. The only question is, how can you convinced the recipient to open it?

Most hackers does not really HACK passwords by penetrating Yahoo, Hotmail, Gmail, and AOL servers, instead they will go for the easy way - the end user, that's you. It's not what you see on the movies such like "Hackers," "SwordFish," and so on. Too good to be true! They don't actually hack, but logs every stroke on your keyboard including the passwords you have input.
Keep in mind that computer surveillance Programs should be used only if necessary, it was not created to invade someone's privacy. If you are going to use it, be a responsible user.



Warning

I am not at all endorsing hacking or spying, this article was written to exposed the scam behind the Email Hacking Business.

Novell security hacking

Novell security hacking

Shared from www

1. Introduction (PLEASE READ)
2. Novell - What You Need to Know
3. The Basics of Novell Hacking
i. Navigating the Network
ii. Command Prompt
iii. Floppy / CD
iv. Gaining Admin
v. Other stuff...
4. Advanced Novell Hacking
i. Tools

ii. File / Print Sharing
iii. SAM
iv. Access the Server
v. Viewing "restricted" drives

========================================================================
INTRODUCTION
========================================================================

Before we get started, let me get a couple of things straight. First of all, I hate it when I
surf the web and can't ever access any site without having shit like "This site is for
educational purposes only" pop up. For you people who are like me, I'll do you all a favour.

Which brings me to my next point. Admins. Most schools across the world have admins that think
they're the smartest things on two legs because they got some diploma that says they know how to
turn on a computer. Well, for any admins that think this way and are reading this tutorial, let
me say this: your diploma or certificate or whatever doesn't mean shit. Sure, it makes you look
smart on paper, but in the real world, if you're lazy or just plain stupid, you will get 0wned
by a person that you think is too young or too stupid to do any real damage to your network.
Make no mistake: if you stop learning, if you stop surfing the web to sharpen your skills, if
you stop caring about your network, sooner or later, some punk who's gonna try and have some
fun's gonna make your life really shit really fast when you find out that you are way out of
your depth real quick. Enough said. Always keep up with what's happening on the web, no matter
how much time you have to put into it.

Moving on. Now I would like to get some things straight about myself. Although I have made this
tutorial for people wishing to gain privileges in Novell, this tutorial isn't for everybody.
Although I like to think I'm a nice guy, there are certain people I dislike. These are the
people who always want you to do things for them. They never want to learn because they "can't
be bothered" so they always come to you for help. This tutorial is not for people who want the
easy way out. If the only reason you want to know how to do this is so you can impress your
friends, close this tutorial and click on it's icon. Now press Shift+DEL. There we go. That
probably got rid of some of them. Anyway, this tutorial is being written for serious people who
have little or no knowledge of Novell simply because they haven't come across it. No problem.
Enjoy.

========================================================================
Novell - What You Need To Know
========================================================================

Let's start off with the question "What is Novell?" Novell is basically a program that you
install over windows that works over a network to give users appropriate access. For example,
many schools use Novell because it allows them to give students limited rights so they can only
do what the admin allows them to (erhem). There is always at least one administrator to
supervise the network and manage student accounts.

Novell is a respected company that has been making security related programs for a long time.
Unfortunately, in recent years, Novell has been slipping up when it comes to the integrity of
their programs. Not surprisingly, many security holes have been found and many more are on their
way.

========================================================================
The Basics of Novell Hacking
========================================================================

As with any hack, we must first decide on the objective ie what do we want to achieve? Well,
let's go through it. Since you have physical access to the network, chances are you use it quite
often. Therefore you probably wouldn't want to install a virus as you would only be doing
yourself a bad favour. In places like schools, it is very common for admins to restrict access
to the floppy or cd drives as they don't want people bringing in stuff like viruses, corrupt
files or even games. We will soon see how to access these files anyway. Maybe you want admin
rights? If the admin is stupid, even this is possible. Do you want to install a game? Do you
want to look at other users files? All these things and more are possible on some Novell
networks. What you have to understand as either a user or an admin is that networks will always
have flaws. I have classified Novell networks into three basic categories:

* shit security
* ok security
* perfect flawless security

In my experience, I have come across two of the above mentioned types of networks. Guess which
two. Note that many systems start off in the "shit security" category but move up into the "ok
security" category. When this happens, a hacker that had gotten used to a certain system may be
depressed for a while. Until he or she finds new holes. There is only so much an admin can
disable on your computer before it becomes a vegetable and of absolutely no use to anyone.
That's why we use whatever programs we have left to our advantage. If you are a student then you
will undoubtedly have programs that aid in study, such as Notepad, MS Word, you may have
Powerpoint etc. All these programs can be used to our advantage.

First of all, let me cover the "shit" network class. In this network class, you should be able
to do anything. If something you do comes up with the message "This operation has been cancelled
by the Administrator" or "You have insufficient rights to execute this command" or something to
that effect, then the network falls into the "ok" class. Anyway, if your network falls into the
"shit" class, you should be able to open Internet Explorer then go File > Open then Browse...
When you do this, you will be able to see the entire C: drive of the computer, though you may
not necessarily be able to open any of the files.

***Note: This tutorial assumes that the Desktop has been stripped of all icons and the start
menu is almost bare if not completely removed.

OK. Now that we can see the path of all the files, we click Browse... again and attempt to open
a file using IE. Pick a useful file like "command.com" if you are using winnt. When you find the
file, click ok and you will have a little box with the full pathname of the file. You can either
OK, Cancel or Browse... Do neither. Copy the pathname. Now open MS Word. Go to View > Toolbars
then go to Visual Basic. A toolbox will pop up. Click "Design Mode". A new toolbox should pop up
again. This time click the "Command Button" which just looks like a small rectangle. When the
button pops up, double click it. You should be taken to a VB screen with the following in the
middle:

Private Sub CommandButton1_Click()

End Sub

Now type in...
SHELL("C:\winnt\system32\command.com")
...and hit F5 (Debug), so your screen looks like

Private Sub CommandButton1_Click()
SHELL("C:\winnt\system32\command.com")
End Sub

Hopefully, a minimized command screen will come up. If it doesn't, try this:

Private Sub CommandButton1_Click()
a = SHELL("C:\winnt\system32\command.com",vbNormalFocus)
End Sub

Hit F5 again. If this doesn't work there could be a number of things wrong. If a screen comes up
saying macros have been disabled, go back to your first Visual Basic toolbar. One of the buttons
says "Security...". Click it, then select the option that says "Low". Try again. If this was the
problem, you are lucky. If it still doesn't work, read on. If it says "Run-time error:'53'---
File not found" you are in trouble. It means you either fucked up the pathname or it isn't
there. Of course, if your computer is running win2k or xp you will have to slightly adjust your
pathname to the one above.

***Note: I recommend you use command.com as apposed to cmd.exe. The main reason is that cmd.exe
can be blocked off by your administrator, so as soon as you open it you will get something that
says "CMD has been restricted by your administrotor. Press any key to continue...". If this
happens, cmd is useless.

Now we move on to Powerpoint. This is a very simple way of opening files. You create any slide,
then right clock and go "Hyperlink" or whatever it says. From there you are able to link it to
any file on the computer. When you view the slide show, click on the hyperlink and you will open
the file.

Now we move on to Notepad. Notepad is one of those things that I would kill for. It is just so
versatile that it can be used for anything and everybody has it, so there are never any problems
with compatibility. That's part of the reason most tutorials, including this one, are written in
Notepad. The way we will use Notepad in this example is by creating a hyperlink to a document,
much like what we did with Powerpoint. So we open Notepad then type:

click

We then go to File > Save as... then we type in "link.html" in our private drive (the drive the
admin has allocated to each user for storage of personal files, sometimes also called My
Documents). When we refresh the drive, we should be able to see an IE icon called "link.html".
Double click it, then click the hyperlink. Hope it works!

Now we will try creating shortcuts. This is probably the easiest method to use to get into DOS
(strictly speaking this is not true DOS, but for the purpose of this tutorial I will refer to it as such).
That's the reason I saved it for last. The earlier methods allow you to fish around inside the
network and get to know how it works, what makes it tick. Not to mention that the previous
methods were not limited to accessing command, but allowed us to open ANYTHING. Now let's take a
look at how shortcuts work. Open your local drive, then right click and go to New > Shortcut
(if you have right click disabled go to File > New > Shortcut). In the space provided type
"command" and hit next. Now click finish. You should have a shortcut placed on your drive that
takes you to DOS.

Now let's take a look at QBasic. QBasic is a primitive sequential programming language used to
create really crappy programs. Luckily, most schools have QBasic in their syllabus, so you
should have the icon. If you do, you are lucky. Open QBasic, then when you get to the main
screen, type...

SHELL

...and Hit F5

This will immediately open up DOS for you. Cool huh? So, what can we do with DOS? If you need to
be asking that question then you shouldn't be reading this tutorial, but briefly I will tell you
that DOS is very helpful when accessing anything, whether it be on a hardrive, floppy, cd or
anywhere else.

Speaking of floppy, you may be wondering how to access it or cds on a network that appears to be
completely locked down. There are a couple of ways. First of all, if you can see any drives as
icons, try right clicking on them. You might have an option that says "Map Network Drive" and
"Disconnect Network Drive". If this is the case, find out which one is the floppy drive (try a:
or b: first) and disconnect it. Now, in the address bar in any window, type "a:" and you should
be taken to the floppy.

If this doesn't work, then don't worry. Heaps of things definitely will. Of course it depends
greatly on the network, but generally the principle is the same. In a network where you don't
have the luxury of being able to freely browse everything, you have to be shifty. In your
private drive, try creating a shortcut to a:. This will almost definitely not work but is worth
a try. Also, try going to File > Winzip > Zip to file. This will allow you to transfer files
to your floppy.

Lastly, we can use DOS. This is my favourite method because it's hell hard to disable shit in
DOS, at least, effectively, so there aren't heaps of ways around it. In DOS type:

C:\>a:
A:\>dir

Volume in A has no label
Volume Serial Number is 0001-0AA0
Directory of A:

BO2k.zip 111,111 1/1/04
Netbus.zip 111,111 1/1/04

C:\>

So now we can see what's on the disk. If you wanna run it you can type:

A:\>Netbus.zip

However, a more efficient way of opening it would be to first copy it to your private drive. We
do this by typing:

A:\>copy a:\*.zip h:

Assuming h: is your private drive. The wildcard will copy all files with the extension ".zip".
The same way, we can open cds. Exactly the same. Sometimes when we copy it to our drives we get
the message that "This operation has been cancelled by your administrator". In this case, we go
back to MS Word and open a VB macro. Type in the path and you open it. No questions asked and no
crappy prompts. By the way, you can also use a macro to open files directly from the floppy or
cd. I just prefer not to. I think it's easier to just copy them directly. Also you don't have to
check the pathname every time you want to open a new file. But whatever. Do what you feel
comfortable with. There is another way of getting access to the a: drive using the "net use"
command, but more about that later.

Another extremely useful thing you can do with DOS access is type something like:

C:\>copy c:\winnt\*.pwl a:

This command copies all the .pwl (password) files that are stored in the winnt directory. We can
now take the disk home and crack the password files in our own time at our own leisure. This
only works on crappy networks though. Most reasonably secure or just new networks no longer
store their passwords in .pwl files. In win2k, there's a new thing called SAM (Security Accounts
Manager). This is much harder to break, so more on that later.

Now for a quick lesson on network file sharing. In some networks, the admin allows you access to
all drives. If this is the case, there should be a drive which contains the files of all people
who have access to the network. Once you find the drive, simply scroll down to the folder with
the same name as the targets login name and you can browse their personal files. It should be
noted, however, that this kind of file sharing is only allowed on the shittiest of crappy
networks. I have come across it only once in my life =)

Now let's move on to something that may seem obvious, yet many people don't even consider.
Downloading off the web. As an admin, it is really very simple to turn off downloads. However,
you would be surprised how many admins forget about it and leave the web open to all their users
for all intents and purposes. I think the usefulness of being able to download files off the
internet is quite obvious, so I won't go on for long. In case you have absolutely no
imagination, the internet could be used for downloading backdoor programs, viruses (again,
what's the point?), password crackers or even just simple things like DOS =)

On a slightly different topic, DOS has many features that the common happy internet user doesn't
know, or doesn't need to know about. The most interesting one of these is Netstat. Netstat is a
time honoured command that allows the user to see all the inbound and outbound connections his
computer is engaged in. Netstat has many uses, but we will only quickly look at the most useful.
For the common internet user, Netstat can be used to find out, for example, whether or not they
have a trojan installed on their computer. For example, if they type in Netstat and see that
some computer has established a connection with them on a high numbered port such as 12345, they
know they're in trouble. Although by this time it may be too late, the person could then
terminate his internet connection and run down to the store to buy the latest anti-virus. Just
an example. For people who have malicious intentions, Netstat is an invaluable tool for quickly
and easily finding out someone's IP address or hostname. The trick is to send them a file and
execute the command. This file can be sent using anything; IRC, MSN etc.

***Note: Netstat usually shows only the hostname of the target. For an actual IP, type
Netstat -n.

At this point, you may be wondering why I'm wasting time in showing off my DOS skills. The
reason is that if you're connected to a network, Netstat can show you the IP of the server ie
the "big daddy" computer which runs and maintains the network. In theory, if you wanted to and
you knew the IP of the server, you could create a DoS (Denial of Service) attack on the server.
In the old days this could be achieved by pinging the server with large packets in an infinite loop.
You might me less lucky these days... but hey, it's worth a shot.

Something really cool with DOS is that you can create batch files that execute commands in DOS.
Batch files are basically little programs that you can get to fire off commands. For example, I
can create a batch file that pings the server until I turn off the file. I can, of course, use
all the same commands that I could in an actual DOS window. Thus I can specify how many packets
I send, the timeout, packet size etc.

Creating batch files is incredibly simple. Open up Notepad, then type:

@echo.on
ping 10.15.196.26 -t -l 1000 [This is the command you want to run]
@echo.off
ping.bat [Creates a loop to repeat command forever]

Now save this file as ping.bat, or anything you want it to be called but make sure you change
the filename at the bottom of the bat file to ensure a loop. The cool thing about this is that
it doesn't wait for the command to be completed. It immediately starts the next command
regardless of the result of the previous one. This method can, of course, be used to execute any
command, and the loop can be stopped by removing the "ping.bat" at the end of the file. If you
wanna have some fun, try typing in "net send [username] [message]" in the command prompt. If the
user is currently logged on, a message will appear on his screen. It's really funny if you can
see their monitor from where you are sitting if you type a crazy message like "You have just
been owned!!!". Be aware however that the person receiving the message will know what computer
the message has come from. Your computer name will be something crazy like LIB00123. Although
the user may not be able to tell exactly who sent the message (then again, if he's smart he
will), he can type in the computer name instead of the username and create a .bat file to spam
you to hell.

Let's get back on track. It's time to show you how to create admin accounts in Novell if the OS
is winnt, assuming the Control Panel is disabled. Note however that this is easy to disable, but
most admins forget about it. Go into any folder and go to the help menu, the Help Topics.
Search anything related to users, passwords etc. You will then find a topic that contains a hyperlink
to "Users and Passwords". Click it. The crappy thing about winnt security is that when changing
a password, you don't have to know the old one! Anyway, once you either create a new account
or change the password on an existing account, restart the computer. When the logon screen
appears, type your login name and password. Now look around for a checkbox that says
"Workstation". Check it and press OK.

***Note: you will only have admin access on that particular computer. "Workstation" means that
you log onto an account on that workstation. If the checkbox isn't on the login screen, then you
cannot create admin accounts in this way. You will have to try certain programs described later
in the "Advanced Novell Hacking" section.

Lastly, I will show you how to access telnet. As you may have seen, most of my methods involve
DOS. Telnet is no different. In a DOS screen, type "telnet" and you will be taken to the Telnet
screen. From here try telnetting to the server and punch in a few commands to see what you can
do. Find out as much info as you can about what programs he's using and go online to look for
some tutorials.

========================================================================
Advanced Novell Hacking
========================================================================

This short section will discuss various advanced Novell hacking techniques. These involve using
programs such as port scanners, keyloggers, trojans and password crackers. I will also be looking
at File and Print Sharing (Legion V2.1, Sid2User - User2Sid, DumpSec), as well as some tips and
tricks with navigating around the network, including the "net use" command.

Firstly, let's look at various methods of hacking the network using specific programs. Although
this section may offend some people, it is nevertheless an essential part of Novell security. It
is an unfortunate fact that many people these days want to hack someone to be "cool" in the eyes
of their friends. These people have little or no morals, and almost always possess absolutely no
skill what so ever. All they care about is getting what they want, and they don't care how they
get it. Because of their lack of skill, these people usually rely solely on programs to do their
dirty work (if they don't have a friend who does it for them). If anybody like this is reading
this, I spit on you.

On the other hand, there are many skilled hackers out there who also turn to programs which
automate the process for a variety of reasons, usually because it is easier and usually more
effective to use programs.

As with any hack, there is one tool that you simply cannot live without. A port scanner. There
has been much debate over which port scanner is the best, what the pro's and con's of each
scanner are etc. Many say Nmap, but I often there's no need to waste time with such an advanced
scanner. The problem with Nmap is that it is too complicated for quick and easy use. Nmap is
good for home use, when you have a lot of time on your hands to try out various scans. In my
humble opinion, the best scanner for a Novell network is Angry IP Scanner by Angryziber
(angryziber@angryziber.com). Angry IP allows for lightning fast port scans on huge networks,
with great accuracy. It has some built in features like being able to establish connections over
HTTP, FTP and Telnet, as well as being able to Traceroute. It also has cool things like
"favourites" and being able to tell you many things about the target, such as Hostname, Comp.
Name, Group Name, User Name, MAC address and TTL. On top of all this, it can be used from the
command line! Anyway, it has many more features that you need to explore yourself. For now, all
we really need to be focussing on is its efficient simple port scanning features.

First of all, you will need to get the IP of some computers on your network. If you have been
reading this tutorial carefully instead of just skip to this section, you will remember that this
can be done using the netstat command in DOS (btw, if you still can't get DOS then you are really
dumb - no offence). You really only need one IP, because most, if not all of the IP's on the
network will have the same Network Number and Host Number. So, if you can see that your IP is
123.123.12.123, you should only scan IP's that have the same Network Number and Host Number. In
the case of the example, you would enter the start IP as 123.123.12.1 and the end IP as
123.123.12.255. First you should scan using only one port because you want to know exactly how
many computers you are potentially dealing with. If you put too many ports, you will be waiting
ages for your results if there are heaps of computers on the network. An alternative to this
would be to use the "net view" command.

C:\>net view

This displays all the computers connected to the network that you are currently on. This command
can be used to get further information about an individual machine by typing:

C:\>net view \\SOMECOMPUTER
==============================
Disk | share name

C:\>net view \\workgroup:TARGETWG (gives all computers in workgroup)
C:\>net view \\domain:TARGETD (gives all computers in domain)

Anyway, it would be best to specify the port as TCP 139, which you should all know as NetBIOS.
If this is open on any computers (and it damn well should be, you are on a network), you may be
able to get access to that computers hard drive. Go into DOS, and type in:

C:\>net use \\ADMINCOMPUTER\IPC$ "" /u:""

If you have even the slightest experience in hacking, you would have seen this command a
thousand times before. For those haven't, all you are doing is attempting to connect to computer
"ADMINCOMPUTER" using the inbuilt IPC$ share with a null password "" and an anonymous user
/u:"". If this doesn't work, you can try substituting the password for a wilcard * or even the
account, so you can have:

C:\>NET USE \\ADMINCOMPUTER\IPC$ "" /u:""
C:\>NET USE \\ADMINCOMPUTER\IPC$ * /USER:""
C:\>NET USE \\ADMINCOMPUTER\IPC$ * /USER:

They all do the same thing, but sometimes only certain ones will work on certain machines. If
you are unlucky, you could try to substitute the IPC$ for ADMIN$ or C$. These are just
additional default shares. The difference between ADMIN$, C$ and IPC$ is that IPC$ cannot be
removed. This means that you should always be able to establish a connection. Of course, the
admin may want to create additional shares such as such as A$ (remote floppy drive), E$ (remote
CD drive) and really anything he wants. An admin can quite easily create and delete shares using
the "net share" command:

C:\>net share ADMIN$ /delete
Command completed successfully

This command deletes the remote administrator ADMIN$ share. Shares can be added by typing:

C:\>net share A$ a:
Command completed successfully.

This tells the computer to create a share A$ with the target to the a: drive.

I said earlier that it is possible to disconnect the a: drive from the network, thus enabling it
for our own usage. This can be done using the command:

C:\>net use a: /delete

Unfortunately, this command can be restricted by the administrator. Once it is, no command with
the prefix "net" will work. On the bright side, it is rare for an admin to realise that anybody
has been fucking with net use commands and establishing connections, yet alone disable the
command. If the command does get disabled, we are forced to turn to programs to do our dirty
work.

Although there are a number of Netbios scanners, most of them are rather dated as these days few
hackers seriously rely on Netbios as their main weapon. Sure, it can be fun and rewarding, but
most computers these days have patches to guard against unauthorised access, or simply block
access to TCP 139 through their firewall or router. As a result, most people have stopped making
new Netbios programs. Because of this, most of the programs for Netbios are old. REALLY old.
We're talking old as in 1999 old. Sure, doesn't seem like that long ago, but in the computer
world, that is an eternity. Luckily for us, this is slightly different for networks. Because a
network has to be tied together very closely, it usually depends on port 139 to handle all the
traffic. As a result, most old programs will work like a charm. Although there are many, many
different programs you can use to try and get the shares, I recommend you use Legion V2.1 from
the now dead Rhino9 Security Group. It generally floats among internet sites.

Now let's take a quick look at the Security Accounts Manager (SAM). SAM is a way of storing
users details on the computer. It has usernames and password hashes inside, so it is very
important to keep safe from prying eyes. If you're the one with those eyes, SAM may just be your
goal. To cut the long story short, SAM cannot be accessed while anyone is logged onto that
computer. So what you have to do is restart it in DOS and try and copy it from there onto
floppy. The only problem with this is that sometimes SAM can be very big - a couple of Mb even
so floppy disk is an unlikely alternative. If the computer doesn't have a burner then it is
unlikely that you will be able to extract the hashes, so try and make the best of it any way you
can. Sometimes it's even possible to rename the SAM file by restarting in DOS and typing:

ren C:\winnt\repair\sam wateva

This will make the SAM file unreadable, so if the passwords are stored on the computer rather
than the server, they will all be useless. If this works, you will be able to log on without a
username or password. If you are able to extract the SAM file, there are many different password
crackers that you can use to take a peek at what's insisde. L0pht, Cain and Abel and many more
do a splendid job. Try them out and see what works for you.

Finally, I'll just show you one last thing that will freak the hell out of your admin if he ever
sees it. It is ridiculously easy to access the server on most networks and nobody even considers
this method. Simply create a shortcut to it!!! If you can find a way to find the hostname of
your server, all you have to do it right click, select new then click on shortcut. In the space
provided, type the hostname of the server. For example, if the server is called "server-1" then
in the shotcut type:

\\server-1

Then click next and that's it! You can double click on the shortcut and you will have access to
all the files on the server!!! As I said before, this will scare the hell out of any admin
because he wouldn't have thought of it himself and has definately not seen this before.
As for how much you can actually do - that depends entirely on the server. Most times
you will just browse but sometimes, who knows?

Lastly, we will take a quick look at the the SUBST command. The SUBST command associates
a path with a drive letter. This means it creates a virtual drive on top of an actual one. This can
be extremely handy when the administrator has blocked of say the C: drive from being viewed.
Often the admin simply restricts access to the C: drive by not showing the icon for the drive. If this
is the case simple open up a command prompt and type:

explorer c:

This will open explorer to the C: drive. Generally one will not be so lucky. The C: drive itself is
often restricted and trying to open explorer through command will tell us we don't have permission.
SUBST allows us to get passed this. Open up a command prompt and type in:

subst z: C:\

where z: is the virtual drive you wish to create and C:\ is the path of the drive you wish to view.
Now all you have to do is type...

explorer z:

...and an explorer window will pop up showing you the contents of C: but in the z: drive. You may
navigate this at will just as you would normally on an unrestricted computer. Although
useful, SUBST really only gives you a graphic interface since we may the entire contents of a
drive through command.

***Note: SUBST will also add the virtual drive to My Computer. If you have access to My Computer
you will see z: as well.

If you are having trouble with command because you cannot scroll up
whilst trying to use dir, try using dir /w or /p instead. Otherwise...

dir >> H:\dir.txt

...will send the results of the dir to a file called dir.txt (or will create the file if it does not already
exist) on the H: drive. Also note that on large networks net view can also be a pain, but using

net view >> H:\net.txt

we can see all the computers in a text file!

Novell security hacking

Novell security hacking

Shared from www

1. Introduction (PLEASE READ)
2. Novell - What You Need to Know
3. The Basics of Novell Hacking
i. Navigating the Network
ii. Command Prompt
iii. Floppy / CD
iv. Gaining Admin
v. Other stuff...
4. Advanced Novell Hacking
i. Tools

ii. File / Print Sharing
iii. SAM
iv. Access the Server
v. Viewing "restricted" drives

========================================================================
INTRODUCTION
========================================================================

Before we get started, let me get a couple of things straight. First of all, I hate it when I
surf the web and can't ever access any site without having shit like "This site is for
educational purposes only" pop up. For you people who are like me, I'll do you all a favour.

Which brings me to my next point. Admins. Most schools across the world have admins that think
they're the smartest things on two legs because they got some diploma that says they know how to
turn on a computer. Well, for any admins that think this way and are reading this tutorial, let
me say this: your diploma or certificate or whatever doesn't mean shit. Sure, it makes you look
smart on paper, but in the real world, if you're lazy or just plain stupid, you will get 0wned
by a person that you think is too young or too stupid to do any real damage to your network.
Make no mistake: if you stop learning, if you stop surfing the web to sharpen your skills, if
you stop caring about your network, sooner or later, some punk who's gonna try and have some
fun's gonna make your life really shit really fast when you find out that you are way out of
your depth real quick. Enough said. Always keep up with what's happening on the web, no matter
how much time you have to put into it.

Moving on. Now I would like to get some things straight about myself. Although I have made this
tutorial for people wishing to gain privileges in Novell, this tutorial isn't for everybody.
Although I like to think I'm a nice guy, there are certain people I dislike. These are the
people who always want you to do things for them. They never want to learn because they "can't
be bothered" so they always come to you for help. This tutorial is not for people who want the
easy way out. If the only reason you want to know how to do this is so you can impress your
friends, close this tutorial and click on it's icon. Now press Shift+DEL. There we go. That
probably got rid of some of them. Anyway, this tutorial is being written for serious people who
have little or no knowledge of Novell simply because they haven't come across it. No problem.
Enjoy.

========================================================================
Novell - What You Need To Know
========================================================================

Let's start off with the question "What is Novell?" Novell is basically a program that you
install over windows that works over a network to give users appropriate access. For example,
many schools use Novell because it allows them to give students limited rights so they can only
do what the admin allows them to (erhem). There is always at least one administrator to
supervise the network and manage student accounts.

Novell is a respected company that has been making security related programs for a long time.
Unfortunately, in recent years, Novell has been slipping up when it comes to the integrity of
their programs. Not surprisingly, many security holes have been found and many more are on their
way.

========================================================================
The Basics of Novell Hacking
========================================================================

As with any hack, we must first decide on the objective ie what do we want to achieve? Well,
let's go through it. Since you have physical access to the network, chances are you use it quite
often. Therefore you probably wouldn't want to install a virus as you would only be doing
yourself a bad favour. In places like schools, it is very common for admins to restrict access
to the floppy or cd drives as they don't want people bringing in stuff like viruses, corrupt
files or even games. We will soon see how to access these files anyway. Maybe you want admin
rights? If the admin is stupid, even this is possible. Do you want to install a game? Do you
want to look at other users files? All these things and more are possible on some Novell
networks. What you have to understand as either a user or an admin is that networks will always
have flaws. I have classified Novell networks into three basic categories:

* shit security
* ok security
* perfect flawless security

In my experience, I have come across two of the above mentioned types of networks. Guess which
two. Note that many systems start off in the "shit security" category but move up into the "ok
security" category. When this happens, a hacker that had gotten used to a certain system may be
depressed for a while. Until he or she finds new holes. There is only so much an admin can
disable on your computer before it becomes a vegetable and of absolutely no use to anyone.
That's why we use whatever programs we have left to our advantage. If you are a student then you
will undoubtedly have programs that aid in study, such as Notepad, MS Word, you may have
Powerpoint etc. All these programs can be used to our advantage.

First of all, let me cover the "shit" network class. In this network class, you should be able
to do anything. If something you do comes up with the message "This operation has been cancelled
by the Administrator" or "You have insufficient rights to execute this command" or something to
that effect, then the network falls into the "ok" class. Anyway, if your network falls into the
"shit" class, you should be able to open Internet Explorer then go File > Open then Browse...
When you do this, you will be able to see the entire C: drive of the computer, though you may
not necessarily be able to open any of the files.

***Note: This tutorial assumes that the Desktop has been stripped of all icons and the start
menu is almost bare if not completely removed.

OK. Now that we can see the path of all the files, we click Browse... again and attempt to open
a file using IE. Pick a useful file like "command.com" if you are using winnt. When you find the
file, click ok and you will have a little box with the full pathname of the file. You can either
OK, Cancel or Browse... Do neither. Copy the pathname. Now open MS Word. Go to View > Toolbars
then go to Visual Basic. A toolbox will pop up. Click "Design Mode". A new toolbox should pop up
again. This time click the "Command Button" which just looks like a small rectangle. When the
button pops up, double click it. You should be taken to a VB screen with the following in the
middle:

Private Sub CommandButton1_Click()

End Sub

Now type in...
SHELL("C:\winnt\system32\command.com")
...and hit F5 (Debug), so your screen looks like

Private Sub CommandButton1_Click()
SHELL("C:\winnt\system32\command.com")
End Sub

Hopefully, a minimized command screen will come up. If it doesn't, try this:

Private Sub CommandButton1_Click()
a = SHELL("C:\winnt\system32\command.com",vbNormalFocus)
End Sub

Hit F5 again. If this doesn't work there could be a number of things wrong. If a screen comes up
saying macros have been disabled, go back to your first Visual Basic toolbar. One of the buttons
says "Security...". Click it, then select the option that says "Low". Try again. If this was the
problem, you are lucky. If it still doesn't work, read on. If it says "Run-time error:'53'---
File not found" you are in trouble. It means you either fucked up the pathname or it isn't
there. Of course, if your computer is running win2k or xp you will have to slightly adjust your
pathname to the one above.

***Note: I recommend you use command.com as apposed to cmd.exe. The main reason is that cmd.exe
can be blocked off by your administrator, so as soon as you open it you will get something that
says "CMD has been restricted by your administrotor. Press any key to continue...". If this
happens, cmd is useless.

Now we move on to Powerpoint. This is a very simple way of opening files. You create any slide,
then right clock and go "Hyperlink" or whatever it says. From there you are able to link it to
any file on the computer. When you view the slide show, click on the hyperlink and you will open
the file.

Now we move on to Notepad. Notepad is one of those things that I would kill for. It is just so
versatile that it can be used for anything and everybody has it, so there are never any problems
with compatibility. That's part of the reason most tutorials, including this one, are written in
Notepad. The way we will use Notepad in this example is by creating a hyperlink to a document,
much like what we did with Powerpoint. So we open Notepad then type:

click

We then go to File > Save as... then we type in "link.html" in our private drive (the drive the
admin has allocated to each user for storage of personal files, sometimes also called My
Documents). When we refresh the drive, we should be able to see an IE icon called "link.html".
Double click it, then click the hyperlink. Hope it works!

Now we will try creating shortcuts. This is probably the easiest method to use to get into DOS
(strictly speaking this is not true DOS, but for the purpose of this tutorial I will refer to it as such).
That's the reason I saved it for last. The earlier methods allow you to fish around inside the
network and get to know how it works, what makes it tick. Not to mention that the previous
methods were not limited to accessing command, but allowed us to open ANYTHING. Now let's take a
look at how shortcuts work. Open your local drive, then right click and go to New > Shortcut
(if you have right click disabled go to File > New > Shortcut). In the space provided type
"command" and hit next. Now click finish. You should have a shortcut placed on your drive that
takes you to DOS.

Now let's take a look at QBasic. QBasic is a primitive sequential programming language used to
create really crappy programs. Luckily, most schools have QBasic in their syllabus, so you
should have the icon. If you do, you are lucky. Open QBasic, then when you get to the main
screen, type...

SHELL

...and Hit F5

This will immediately open up DOS for you. Cool huh? So, what can we do with DOS? If you need to
be asking that question then you shouldn't be reading this tutorial, but briefly I will tell you
that DOS is very helpful when accessing anything, whether it be on a hardrive, floppy, cd or
anywhere else.

Speaking of floppy, you may be wondering how to access it or cds on a network that appears to be
completely locked down. There are a couple of ways. First of all, if you can see any drives as
icons, try right clicking on them. You might have an option that says "Map Network Drive" and
"Disconnect Network Drive". If this is the case, find out which one is the floppy drive (try a:
or b: first) and disconnect it. Now, in the address bar in any window, type "a:" and you should
be taken to the floppy.

If this doesn't work, then don't worry. Heaps of things definitely will. Of course it depends
greatly on the network, but generally the principle is the same. In a network where you don't
have the luxury of being able to freely browse everything, you have to be shifty. In your
private drive, try creating a shortcut to a:. This will almost definitely not work but is worth
a try. Also, try going to File > Winzip > Zip to file. This will allow you to transfer files
to your floppy.

Lastly, we can use DOS. This is my favourite method because it's hell hard to disable shit in
DOS, at least, effectively, so there aren't heaps of ways around it. In DOS type:

C:\>a:
A:\>dir

Volume in A has no label
Volume Serial Number is 0001-0AA0
Directory of A:

BO2k.zip 111,111 1/1/04
Netbus.zip 111,111 1/1/04

C:\>

So now we can see what's on the disk. If you wanna run it you can type:

A:\>Netbus.zip

However, a more efficient way of opening it would be to first copy it to your private drive. We
do this by typing:

A:\>copy a:\*.zip h:

Assuming h: is your private drive. The wildcard will copy all files with the extension ".zip".
The same way, we can open cds. Exactly the same. Sometimes when we copy it to our drives we get
the message that "This operation has been cancelled by your administrator". In this case, we go
back to MS Word and open a VB macro. Type in the path and you open it. No questions asked and no
crappy prompts. By the way, you can also use a macro to open files directly from the floppy or
cd. I just prefer not to. I think it's easier to just copy them directly. Also you don't have to
check the pathname every time you want to open a new file. But whatever. Do what you feel
comfortable with. There is another way of getting access to the a: drive using the "net use"
command, but more about that later.

Another extremely useful thing you can do with DOS access is type something like:

C:\>copy c:\winnt\*.pwl a:

This command copies all the .pwl (password) files that are stored in the winnt directory. We can
now take the disk home and crack the password files in our own time at our own leisure. This
only works on crappy networks though. Most reasonably secure or just new networks no longer
store their passwords in .pwl files. In win2k, there's a new thing called SAM (Security Accounts
Manager). This is much harder to break, so more on that later.

Now for a quick lesson on network file sharing. In some networks, the admin allows you access to
all drives. If this is the case, there should be a drive which contains the files of all people
who have access to the network. Once you find the drive, simply scroll down to the folder with
the same name as the targets login name and you can browse their personal files. It should be
noted, however, that this kind of file sharing is only allowed on the shittiest of crappy
networks. I have come across it only once in my life =)

Now let's move on to something that may seem obvious, yet many people don't even consider.
Downloading off the web. As an admin, it is really very simple to turn off downloads. However,
you would be surprised how many admins forget about it and leave the web open to all their users
for all intents and purposes. I think the usefulness of being able to download files off the
internet is quite obvious, so I won't go on for long. In case you have absolutely no
imagination, the internet could be used for downloading backdoor programs, viruses (again,
what's the point?), password crackers or even just simple things like DOS =)

On a slightly different topic, DOS has many features that the common happy internet user doesn't
know, or doesn't need to know about. The most interesting one of these is Netstat. Netstat is a
time honoured command that allows the user to see all the inbound and outbound connections his
computer is engaged in. Netstat has many uses, but we will only quickly look at the most useful.
For the common internet user, Netstat can be used to find out, for example, whether or not they
have a trojan installed on their computer. For example, if they type in Netstat and see that
some computer has established a connection with them on a high numbered port such as 12345, they
know they're in trouble. Although by this time it may be too late, the person could then
terminate his internet connection and run down to the store to buy the latest anti-virus. Just
an example. For people who have malicious intentions, Netstat is an invaluable tool for quickly
and easily finding out someone's IP address or hostname. The trick is to send them a file and
execute the command. This file can be sent using anything; IRC, MSN etc.

***Note: Netstat usually shows only the hostname of the target. For an actual IP, type
Netstat -n.

At this point, you may be wondering why I'm wasting time in showing off my DOS skills. The
reason is that if you're connected to a network, Netstat can show you the IP of the server ie
the "big daddy" computer which runs and maintains the network. In theory, if you wanted to and
you knew the IP of the server, you could create a DoS (Denial of Service) attack on the server.
In the old days this could be achieved by pinging the server with large packets in an infinite loop.
You might me less lucky these days... but hey, it's worth a shot.

Something really cool with DOS is that you can create batch files that execute commands in DOS.
Batch files are basically little programs that you can get to fire off commands. For example, I
can create a batch file that pings the server until I turn off the file. I can, of course, use
all the same commands that I could in an actual DOS window. Thus I can specify how many packets
I send, the timeout, packet size etc.

Creating batch files is incredibly simple. Open up Notepad, then type:

@echo.on
ping 10.15.196.26 -t -l 1000 [This is the command you want to run]
@echo.off
ping.bat [Creates a loop to repeat command forever]

Now save this file as ping.bat, or anything you want it to be called but make sure you change
the filename at the bottom of the bat file to ensure a loop. The cool thing about this is that
it doesn't wait for the command to be completed. It immediately starts the next command
regardless of the result of the previous one. This method can, of course, be used to execute any
command, and the loop can be stopped by removing the "ping.bat" at the end of the file. If you
wanna have some fun, try typing in "net send [username] [message]" in the command prompt. If the
user is currently logged on, a message will appear on his screen. It's really funny if you can
see their monitor from where you are sitting if you type a crazy message like "You have just
been owned!!!". Be aware however that the person receiving the message will know what computer
the message has come from. Your computer name will be something crazy like LIB00123. Although
the user may not be able to tell exactly who sent the message (then again, if he's smart he
will), he can type in the computer name instead of the username and create a .bat file to spam
you to hell.

Let's get back on track. It's time to show you how to create admin accounts in Novell if the OS
is winnt, assuming the Control Panel is disabled. Note however that this is easy to disable, but
most admins forget about it. Go into any folder and go to the help menu, the Help Topics.
Search anything related to users, passwords etc. You will then find a topic that contains a hyperlink
to "Users and Passwords". Click it. The crappy thing about winnt security is that when changing
a password, you don't have to know the old one! Anyway, once you either create a new account
or change the password on an existing account, restart the computer. When the logon screen
appears, type your login name and password. Now look around for a checkbox that says
"Workstation". Check it and press OK.

***Note: you will only have admin access on that particular computer. "Workstation" means that
you log onto an account on that workstation. If the checkbox isn't on the login screen, then you
cannot create admin accounts in this way. You will have to try certain programs described later
in the "Advanced Novell Hacking" section.

Lastly, I will show you how to access telnet. As you may have seen, most of my methods involve
DOS. Telnet is no different. In a DOS screen, type "telnet" and you will be taken to the Telnet
screen. From here try telnetting to the server and punch in a few commands to see what you can
do. Find out as much info as you can about what programs he's using and go online to look for
some tutorials.

========================================================================
Advanced Novell Hacking
========================================================================

This short section will discuss various advanced Novell hacking techniques. These involve using
programs such as port scanners, keyloggers, trojans and password crackers. I will also be looking
at File and Print Sharing (Legion V2.1, Sid2User - User2Sid, DumpSec), as well as some tips and
tricks with navigating around the network, including the "net use" command.

Firstly, let's look at various methods of hacking the network using specific programs. Although
this section may offend some people, it is nevertheless an essential part of Novell security. It
is an unfortunate fact that many people these days want to hack someone to be "cool" in the eyes
of their friends. These people have little or no morals, and almost always possess absolutely no
skill what so ever. All they care about is getting what they want, and they don't care how they
get it. Because of their lack of skill, these people usually rely solely on programs to do their
dirty work (if they don't have a friend who does it for them). If anybody like this is reading
this, I spit on you.

On the other hand, there are many skilled hackers out there who also turn to programs which
automate the process for a variety of reasons, usually because it is easier and usually more
effective to use programs.

As with any hack, there is one tool that you simply cannot live without. A port scanner. There
has been much debate over which port scanner is the best, what the pro's and con's of each
scanner are etc. Many say Nmap, but I often there's no need to waste time with such an advanced
scanner. The problem with Nmap is that it is too complicated for quick and easy use. Nmap is
good for home use, when you have a lot of time on your hands to try out various scans. In my
humble opinion, the best scanner for a Novell network is Angry IP Scanner by Angryziber
(angryziber@angryziber.com). Angry IP allows for lightning fast port scans on huge networks,
with great accuracy. It has some built in features like being able to establish connections over
HTTP, FTP and Telnet, as well as being able to Traceroute. It also has cool things like
"favourites" and being able to tell you many things about the target, such as Hostname, Comp.
Name, Group Name, User Name, MAC address and TTL. On top of all this, it can be used from the
command line! Anyway, it has many more features that you need to explore yourself. For now, all
we really need to be focussing on is its efficient simple port scanning features.

First of all, you will need to get the IP of some computers on your network. If you have been
reading this tutorial carefully instead of just skip to this section, you will remember that this
can be done using the netstat command in DOS (btw, if you still can't get DOS then you are really
dumb - no offence). You really only need one IP, because most, if not all of the IP's on the
network will have the same Network Number and Host Number. So, if you can see that your IP is
123.123.12.123, you should only scan IP's that have the same Network Number and Host Number. In
the case of the example, you would enter the start IP as 123.123.12.1 and the end IP as
123.123.12.255. First you should scan using only one port because you want to know exactly how
many computers you are potentially dealing with. If you put too many ports, you will be waiting
ages for your results if there are heaps of computers on the network. An alternative to this
would be to use the "net view" command.

C:\>net view

This displays all the computers connected to the network that you are currently on. This command
can be used to get further information about an individual machine by typing:

C:\>net view \\SOMECOMPUTER
==============================
Disk | share name

C:\>net view \\workgroup:TARGETWG (gives all computers in workgroup)
C:\>net view \\domain:TARGETD (gives all computers in domain)

Anyway, it would be best to specify the port as TCP 139, which you should all know as NetBIOS.
If this is open on any computers (and it damn well should be, you are on a network), you may be
able to get access to that computers hard drive. Go into DOS, and type in:

C:\>net use \\ADMINCOMPUTER\IPC$ "" /u:""

If you have even the slightest experience in hacking, you would have seen this command a
thousand times before. For those haven't, all you are doing is attempting to connect to computer
"ADMINCOMPUTER" using the inbuilt IPC$ share with a null password "" and an anonymous user
/u:"". If this doesn't work, you can try substituting the password for a wilcard * or even the
account, so you can have:

C:\>NET USE \\ADMINCOMPUTER\IPC$ "" /u:""
C:\>NET USE \\ADMINCOMPUTER\IPC$ * /USER:""
C:\>NET USE \\ADMINCOMPUTER\IPC$ * /USER:

They all do the same thing, but sometimes only certain ones will work on certain machines. If
you are unlucky, you could try to substitute the IPC$ for ADMIN$ or C$. These are just
additional default shares. The difference between ADMIN$, C$ and IPC$ is that IPC$ cannot be
removed. This means that you should always be able to establish a connection. Of course, the
admin may want to create additional shares such as such as A$ (remote floppy drive), E$ (remote
CD drive) and really anything he wants. An admin can quite easily create and delete shares using
the "net share" command:

C:\>net share ADMIN$ /delete
Command completed successfully

This command deletes the remote administrator ADMIN$ share. Shares can be added by typing:

C:\>net share A$ a:
Command completed successfully.

This tells the computer to create a share A$ with the target to the a: drive.

I said earlier that it is possible to disconnect the a: drive from the network, thus enabling it
for our own usage. This can be done using the command:

C:\>net use a: /delete

Unfortunately, this command can be restricted by the administrator. Once it is, no command with
the prefix "net" will work. On the bright side, it is rare for an admin to realise that anybody
has been fucking with net use commands and establishing connections, yet alone disable the
command. If the command does get disabled, we are forced to turn to programs to do our dirty
work.

Although there are a number of Netbios scanners, most of them are rather dated as these days few
hackers seriously rely on Netbios as their main weapon. Sure, it can be fun and rewarding, but
most computers these days have patches to guard against unauthorised access, or simply block
access to TCP 139 through their firewall or router. As a result, most people have stopped making
new Netbios programs. Because of this, most of the programs for Netbios are old. REALLY old.
We're talking old as in 1999 old. Sure, doesn't seem like that long ago, but in the computer
world, that is an eternity. Luckily for us, this is slightly different for networks. Because a
network has to be tied together very closely, it usually depends on port 139 to handle all the
traffic. As a result, most old programs will work like a charm. Although there are many, many
different programs you can use to try and get the shares, I recommend you use Legion V2.1 from
the now dead Rhino9 Security Group. It generally floats among internet sites.

Now let's take a quick look at the Security Accounts Manager (SAM). SAM is a way of storing
users details on the computer. It has usernames and password hashes inside, so it is very
important to keep safe from prying eyes. If you're the one with those eyes, SAM may just be your
goal. To cut the long story short, SAM cannot be accessed while anyone is logged onto that
computer. So what you have to do is restart it in DOS and try and copy it from there onto
floppy. The only problem with this is that sometimes SAM can be very big - a couple of Mb even
so floppy disk is an unlikely alternative. If the computer doesn't have a burner then it is
unlikely that you will be able to extract the hashes, so try and make the best of it any way you
can. Sometimes it's even possible to rename the SAM file by restarting in DOS and typing:

ren C:\winnt\repair\sam wateva

This will make the SAM file unreadable, so if the passwords are stored on the computer rather
than the server, they will all be useless. If this works, you will be able to log on without a
username or password. If you are able to extract the SAM file, there are many different password
crackers that you can use to take a peek at what's insisde. L0pht, Cain and Abel and many more
do a splendid job. Try them out and see what works for you.

Finally, I'll just show you one last thing that will freak the hell out of your admin if he ever
sees it. It is ridiculously easy to access the server on most networks and nobody even considers
this method. Simply create a shortcut to it!!! If you can find a way to find the hostname of
your server, all you have to do it right click, select new then click on shortcut. In the space
provided, type the hostname of the server. For example, if the server is called "server-1" then
in the shotcut type:

\\server-1

Then click next and that's it! You can double click on the shortcut and you will have access to
all the files on the server!!! As I said before, this will scare the hell out of any admin
because he wouldn't have thought of it himself and has definately not seen this before.
As for how much you can actually do - that depends entirely on the server. Most times
you will just browse but sometimes, who knows?

Lastly, we will take a quick look at the the SUBST command. The SUBST command associates
a path with a drive letter. This means it creates a virtual drive on top of an actual one. This can
be extremely handy when the administrator has blocked of say the C: drive from being viewed.
Often the admin simply restricts access to the C: drive by not showing the icon for the drive. If this
is the case simple open up a command prompt and type:

explorer c:

This will open explorer to the C: drive. Generally one will not be so lucky. The C: drive itself is
often restricted and trying to open explorer through command will tell us we don't have permission.
SUBST allows us to get passed this. Open up a command prompt and type in:

subst z: C:\

where z: is the virtual drive you wish to create and C:\ is the path of the drive you wish to view.
Now all you have to do is type...

explorer z:

...and an explorer window will pop up showing you the contents of C: but in the z: drive. You may
navigate this at will just as you would normally on an unrestricted computer. Although
useful, SUBST really only gives you a graphic interface since we may the entire contents of a
drive through command.

***Note: SUBST will also add the virtual drive to My Computer. If you have access to My Computer
you will see z: as well.

If you are having trouble with command because you cannot scroll up
whilst trying to use dir, try using dir /w or /p instead. Otherwise...

dir >> H:\dir.txt

...will send the results of the dir to a file called dir.txt (or will create the file if it does not already
exist) on the H: drive. Also note that on large networks net view can also be a pain, but using

net view >> H:\net.txt

we can see all the computers in a text file!