June 13, 2008

The Easiest way to make Your Internet Explorer Professional

IE7Pro is an add-on for Internet Explorer which adds a lot of features and extras which make your Browsing faster,More Responsive and Sleek.

Download Free

IE7Pro 2.3 has been released on May 20,2008

IE7Pro is a must have add-on for Internet Explorer, which includes a lot of features and tweaks to make your IE friendlier, more useful, secure and customizable. IE7Pro includes Tabbed Browsing Management, Spell Check, Inline Search, Super Drag Drop, Crash Recovery, Proxy Switcher, Mouse Gesture, Tab History Browser, Web Accelerator, User Agent Switcher, Webpage Capturer, AD Blocker, Flash Block, Greasemonkey like User Scripts platform, User Plug-ins, MiniDM, Google sponsored search,IE Faster and many more power packed features. You can customize not just Internet Explorer, but even your favorite website according to your need and taste using IE7Pro.

IE7Pro Features
Enhance Internet Explorer's Tabbed Browsing Capabilities
1. Double click to close tab.
2. Open new tab from address bar.
3. Enable/disable tab browse history manager.
4. Enable/disable crash recovery
5. Move the IE menu bar above the address bar
6. Hide search bar.
7. Modify the maxium number of parallel connections to the web server.
8. Select the external program to view page source
Super Drag and Drop
With Super Drag and Drop enabled, you can open new links by simply dragging and dropping the link on the page. You can also Drag and Drop to search selected words with the default search engine or save the selected photo when Shift is held down.
Mouse Gesture
Mouse Gesture allow the user to execute commonly performed tasks (open/close a tab, go back, go forward , print , scrolling page etc.) by drawing a simple symbol on the screen.
Crash Recovery
Crash Recovery automatically restores all opened pages after a crash happened.
Save Page to Image
Flexible and easy-to-use tool that converts html page from any URL to image. It captures the whole web page's content into JPG, BMP , GIF , PNG or TIFF on the fly.
Quick Proxy Switcher
Different internet connections do often require completely different proxy server settings and it's a real pain to change them manually.
AD Blocker
Blocks all forms of advertising, including Flash ads, rich media, fly-ins, slide-ins, pop-ups, pop-unders, spyware and adware ads, and messenger ads.
Greasy monkey alike User Script
IE7Pro Script is to Internet Explorer7 as Greasemonkey is to Firefox. It lets you remix the Web via scripts.
Inline Search
Adds the inline search bar like firefox has, finds as you type, use the F3 and Enter Key to cycle between multiple results, highlight all results.
Spell Check
IE7Pro Spell Check will check any text you enter and alert you to possible errors by adding a red underline to any potentially misspelled words.

Tips and Tricks
Spell Check for Internet Explorer
Inline Search of Internet Explorer
Ad Blocker Tips: How to Block Intellitxt Ads
User Script Tips: Download Youtube Video with IE7Pro
Use IE7Pro User Plugin
Ad Blocker for Internet Explorer
IE7Pro Awards.
Use IE7Pro as Greasemonkey alike User Script.
Use IE7Pro as Super Drag Drop.
Use IE7Pro as Crash Recovery.
Use IE7Pro as Proxy Switcher.
Use IE7Pro as Mouse Gesture.
Use IE7Pro as Webpage Capturer.
IE7Pro Screenshot & Quick user tutorial.

Disable or remove shutdown

=> remove shutdown from start menu and also from all other possible options.
=> hide shutdown from start menu
=> disable shutdown all togetherDisable or remove shutdown - The Ethical Hackinglearn to do it now!!! (it takes less than a minute to do so)
Disclaimer: this is an article which just brings out the fact that removing the
shut down menu option from the start menu is possible. If you however get caught
by your manager or college system administrator, and get whipped in your ass, I
cannot be held responsible.
This tool is a inbuilt tool present in windows XP, just like msgconfig. So you
got to execute this command using run.

1 . Start ->run and type gpedit.msc The gpedit stands for group policy and you can do wonders using this. Also if
you a minute with your pal’s system and this pal tries to flirt your girl friend
- You can make a lot of changes to his system in the time he leaves you alone
with his system, to have him go bonkers.

2. User configuration -> administrative Templates -> start menu and taskbar ->

3. This option opens up a pane on the right hand side. Identify the option named
- Remove SHUT DOWN on the start menu .

4. Double click Remove SHUT DOWN on the start menu option
5. a small screen pops up and you may like to read about the explanation in the
EXPLAIN TAB before you change the settings.

6. Just change the radio button TO ENABLED and say apply.
7. DONE. No need to log off or restart the system. (You may however have to find
a way to restart your system.)
8. This option disables the log off option from the system. From the start menu,
also from the life saver – three buttons CTRL - ALT - DEL options.
This option goes well with the HIDING THE LOG OFF FROM START MENU… (To shut down ur system:-without using frm shut down menu) The solution is that u can switch user thru task manager (alt+ctrl+del) or by
pressing winkey+L where u get the option to turn off ur compy/restart/stand
by.

or u may create a shortcut using this shortcut location to shutdown ur sys
%windir%\system32\shutdown.exe -s to restart, u can use this shortcut %windir%\system32\shutdown.exe -r

June 12, 2008

Winamp Hacking Fr Unlimited Music



Winamp Hacking : Sai Pranav



Using a loophole in a winamp plugin, you can download and burn music from Napster for free.



music CDs, zero dollars*, obtained legally.

*Not including the cost of blank CDs


Practical how to:


0. Download and install Napster, sign up for 14 day free trial.
1. Download and install Winamp
2. Download and install the Winamp Plug-in Output Stacker
3. Open Winamp Options->Plug-ins->Output->Dietmar's Output Stacker->Configure


a. Add out_ds.dll from Winamp/Plug-ins folder
b. Add out_disk.dll from Winamp/Plug-ins folder
c. Select out_disk.dll in the Output Stacker->Configure
d. Set the output directory and output file mode to Force WAV file
e. Exit preferences


4. Load downloaded Napster protected WMAs into your Winamp playlist
5. Press play and each file will be converted to WAV as it plays
6. Burn WAVs to CD with your favorite burning program



Theoretical fun:



Three computers, one fast networked drive, and a few dedicated people: Turning Napster's 14 day free trial into 252 full 80 minute CDs of free music.
New key developments:

-If you use the "Out-lame" Winamp plugin in the Output Stacker in place of "Out-disk", you can convert straight to MP3. It still encodes no faster than realtime, but this is a great way to conserve space. WAV(Out-disk) is still recommended if you are burning CDs and want to keep as much quality as possible. I can confirm that this all works.

-You can run multiple instances of Winamp at once, each converting its own song. Each instance's playback will not interfere with any of the others, illustrating the fact that this is not simply recording the music off of your soundcard. Doing this, you can get FAR MORE than 252 full 80 minute CDs within 14 days. I can confirm that this works.

You can transcode(MP3) or decode(WAV) X albums in the time it takes for the longest track on the album to elapse. And since you're not limited to only tracks from one album at a time, you can trans/decode as many tracks as instances of Winamp your computer will run limited only by your computer's resources.
Quote from Napster's official statement:

"It would take 10 hours to convert 10 hours of music in this manner."

With the updated methods, you can convert 100 hours or 1,000 hours or 10,000 hours of music in 10 hours. The only limit is your computing resources.

Ur e mail can be intercepted ! check how

Top 10 Places Your Email Can Be Intercepted


The Internet has radically changed the way we communicate with each other. Email is obviously
an extremely valuable and ubiquitous form of communication, but with this technology comes
certain pitfalls that should be understood. The path that an email message takes to reach its
recipient is a complex and varying one, and while in transit that message may come under the
potential scrutiny of numerous different people and organizations.



We will attempt to outline the varying paths that an email message may travel, and who some of
those different people and organizations might be under whose scrutiny the message may pass.
The intention of the document is not to provide a how-to guide; the only specific technique that
will be discussed, packet sniffing, is one that anybody with any technical networking knowledge
whatsoever is already familiar with – which brings us to an important point. At a round number,
there are probably at least a million people in the world with the requisite technical knowledge
necessary to intercept Internet-based email. Yes, I said a million. (There are actually probably a
lot more than that - maybe several million by now, and more everyday as the populace becomes
more networking-literate.) Fortunately, the number of those people who actually have the
physical access necessary to intercept email is much smaller, but it is still a very large number.
The Internet
The Internet is composed of numerous different interconnected networks and systems that
collectively provide a backbone for the transmission of network traffic. It is a highly dynamic
physical environment: a system or network device that is here today may be gone or reconfigured

tomorrow, and the underlying protocols of the Internet will automatically detect and accommodate
for this change. This dynamic nature is one of the things that make the Internet so powerful.
However, given the dynamic nature of the Internet, it is impossible to absolutely predict exactly
what path network traffic will follow. One email message that you send could take an entirely
different path to reach the recipient than another that you send to the same person. In fact, it is
even worse than that: for the sake of efficiency, email messages and other network traffic are
typically broken down into smaller little chunks, or packets, before they are sent across the
network, and automatically re-assembled on the other side. Each of these individual packets may
in fact follow a different path to get to the recipient! (In actual practice, a given path tends to get
reused until the operational parameters of that or other related paths have significantly changed.)
The net result of all this is that your message, or at least little chunks of your message, travels
through an indeterminate set of systems and network devices, each of which offers a point of
interception. These systems may be owned or operated by corporations and non-profit
organizations, by colleges, by governments and government agencies, or by telecom and other
connectivity providers. Given such a widely divergent group, it is easy to see how either an
unethical organization or a renegade employee may easily gain access to the messages and
traffic crossing their systems. All of these factors combine to make the Internet itself the primary
source of message interception points.
Internet Service Provider (ISP)
All Internet traffic to and from your machine flows, by definition, through the systems of your
Internet Service Provider (ISP) – the ISP is your connection to the cloud. Your ISP, a renegade
employee of your ISP, or someone working in cooperation with your ISP can intercept and read
your email with ease. (This is why the fed targets ISPs for Carnivore implementations.)


Interception by Internet Service Provider



Most ISPs are highly ethical and have the best interests of their customers at heart; however,
there have been instances of less scrupulous ISPs taking advantage of the trust their users place
in them. There was a case in San Francisco where an ISP was charged with multiple counts of
intercepting email traffic between January and June 1998 from one of their business customers,
namely Amazon.com, and forwarding the insider information contained therein to a competitor.
They settled the case with prosecutors in November 1999. There have been other instances of
this type of behavior, but these cases are frequently settled with relatively little press. This is not
just limited to small ISPs however; in the case of a large ISP it is much more likely that it is a
renegade employee intercepting messages than the ISP itself, but the ease of interception is just
the same.


Yet another more recent development in ISP-based message interception that has seen a lot of
press lately is the federal government’s desire to utilize mechanisms such as the Carnivore
system to intercept email messages and other Internet traffic. The primary complaint about a
system such as this is that it intercepts all Internet traffic from all users of the ISP – it in essence
intercepts and surveys everybody to find the one it is looking for. Concerns have been raised
regarding what will happen with the balance of supposedly superfluous information.
Email Provider
All email messages sent to and from your email account obviously have to travel through the
systems of your email provider. In many cases, your email provider is the same entity as your
ISP, but with the prevalence of free email providers and other email hosting services, many more
people are using email accounts provided by someone other than their ISP. An email provider
has very easy access (as easy as that of the ISP) to the content of your messages when those
messages pass through their server.


Interception by Email Provider



Office
Email sent from an office computer must typically travel extensively across corporate networks
and backbones prior to reaching the cloud itself (to reach which it may possibly also have to go
through a commercial ISP.) While traveling across the corporate network, messages are
effectively open to interception by many different people such as coworkers (in addition to people
who may legitimately have an interest in auditing messages such as system administrators or
security officers.) Corporations also typically act as email providers for their employees.


Interception Points in a Corporate Environment



Some companies have relatively good control over their internal networks and have implemented
controls and procedures to eliminate this sort of thing, but in many more companies (most
companies, actually) it is as simple as running a packet sniffer on your machine and you are able
to intercept all the traffic traveling across the corporate network or at least the local subnet.
There are countless well-documented incidents of this type, covering the entire range from
corporate spying to renegade employees acting alone.
Hotel/Conference Center/Internet Café
Many luxury and business-class hotels and conference centers provide Internet connectivity as
part of their standard service offering. This is an extremely convenient service, but it is also a
significant security risk if not structured correctly. The hotel or conference center’s internal
network has close parallels to a corporate network, and typically either hotel employees or other
guests may intercept traffic on this type of network with great ease. In a hotel or conference
center access to the internal network is effectively open to anybody willing to book a room.


Hotel/Conference Center Interception Points



Try this – the next time you book a hotel or conference center that offers Internet connectivity,
inquire as to the measures that have been taken to protect traffic on the internal network, not just
from external attacks but from internal attacks as well. See what the response is…
Internet cafés take this security risk to an entirely new level. When you sit down at an Internet
café and start sending messages, the person sitting immediately next to you could be intercepting
and reading everything you say!
Housing Provided Connectivity
Many condominium and apartment complexes are starting to offer built-in high speed Internet
connectivity as an incentive to prospective tenants. This is very similar to the hotel/conference
center model and has the same risks and concerns – if anything, however, an internal network
owned and administered by a property management company is probably likely to be less well
administered and protected than an internal network owned by a large hotel chain – at least the
hotel chain probably has corporate IT standards that they ostensibly must follow.
College/Trade School
Colleges and trade schools are another hotbed of interception activities. College networks are
typically reasonably similar to corporate networks, and pose the same risks and opportunities for
traffic interception. However, in a collegiate culture there is typically more ‘hacking’ type activity


going on, and thusly the risk of interception is probably greater than in a corporate environment
(though the value of the transmitted information is typically much lower.) Colleges typically
provide students with their own email addresses, and also typically have a somewhat distributed
physical environment.


Interception in a College Environment



Local Loop
Connectivity provision solutions such as cable modems and other broadband technologies use a
‘shared local loop’ network model. This means that all cable modem traffic in your local
neighborhood is traveling across a shared physical wire or set of wires, albeit modulated to
unique frequency ranges. This is typically the same physical wire that also carries other services
such as cable television to your house.


Local Loop Interception



While intercepting your next door neighbor’s email messages isn’t quite as easy as just running a
packet sniffer on your machine (there is some little bit of hardware that you need as well), it is not
at all that difficult to achieve - the technique is reasonably well documented in certain circles. The
same technique applies to tapping into the loop itself.
Metropolitan Area Networks and Wireless Networks
Metropolitan Area Networks (MANs) and wireless networks are just starting to be implemented
in the US – other countries, however, have already expended significant effort in attempts
to provide Internet connectivity to their major metropolitan areas. In some models, this
effectively makes local government the ISP, while in other models the local government provides
the network connectivity while a commercial ISP provides the actual Internet connectivity.


Regardless, this introduces yet another entity who has access to intercept and scrutinize your
messages.


Interception in a MAN environment



Wireless network connectivity intuitively seems to provide yet another illicit network access point
by allowing interception of the transmitted signals; however, most wireless networking protocols
have privacy-enabling technologies built in to their design, and thusly interception of the
transmitted signals is not effective. However, traffic may typically be intercepted at the wireless
access point (the base station for the antenna) when it is converted to wired networked signals,
though this is protocol dependent and the protocol designers are busily at work trying to find a
solution for this problem.


Interception at Wireless Network Access Point



Conclusion
There are many places where email messages can be intercepted in transit. This document has
attempted to outline only the most pervasive of access points into the overall network, but the
Internet is a highly dynamic and rapidly changing physical environment and thusly Internet traffic
will, for the foreseeable future, be subject to multiple points of attack in transit. The points of
attack have all been illustrated from the standpoint of the message sender, but it is important to
note that they all exist on the recipient’s side as well.
There is no way to stop people from intercepting your email messages. The only thing you can
do to protect the privacy of your messages is to encrypt those messages so that, if intercepted,
they cannot be read and will be of no use. This is the nature of the Internet,.

Advanced Rapidshare Hacking

We all know that getting a new IP address from ISP allows us to download the next file from RapidShare. I bet many of us know this concept long ago but there wasn't any program that can do this. Now, here is a program called Cryptload that is able to download the first file automatically without you entering the CAPTCHA code, and when it finished downloading, it will try to download the second file. Once it detects "You have reached the download-limit for free-users" message from RapidShare, it'll disconnect and reconnect your Internet to get a new IP address. Then it'll continue downloading the second file. All this is done automatically and you only need to add the RapidShare links to Cryptload. How easy is that?
Unlimited rapidshare downloading But before you get to automate RapidShare downloading, I'll show you what you need to do because I was stuck for a few days on Cryptload with some problems. Cryptload options buttonMost important setting that you must get it right is the Router section. Other than that, there is nothing else you need to configure in Cryptload. You can access Cryptload options by clicking the top right button that looks like this. Click on the Router button to configure your router settings. If you are using a modem to connect to the internet, select the Modem button. How do you know if you're using a modem or router? If you need to dial up to the Internet like the below image, then you're using a modem.
Advanced Rapidshare Hacking - The Ethical Hacking
If your internet automatically when you turn on the power for the small box, then it's a router. So if you are using a router, click on the dropbox and search for your router model in the list.
Advanced Rapidshare Hacking - The Ethical Hacking
Here are the settings you must configure correctly.
IP Address: The IP Address of your router. To know your router's IP address, run command prompt, type ipconfig and the Default Gateway is your router's IP address.
Username and Password: The username and password used to login to your router. Please check your router's manual if you don't know the default login data.
Waittime after reconnect in sec: This is the time that it'll wait to download the next RapidShare file after Cryptload tries to reconnect to the Internet. It depends on your ISP. Some might take longer to reconnect. Try 15 seconds first and if your Internet doesn't gets connected before 15 seconds, increase it to 30 seconds and so on... Now you can use Cryptload to automate RapidShare downloading. Here is how I do it.
1. Collect all RapidShare links that I want to download and paste them into a text file.
Unlimited rapidshare downloading
2. Run Cryptload
3. On the text file, press CTRL+A to select all, and then press CTRL+C. Link collector will appear and it will automatically decrypt the links.
Cryptload Link Collector Decrypt RapidShare Links
4. Press Add button and press OK at Package settings. You can change the downloaded files location if you want. What if your router's model is not in the list? Not to worry at all because the people who created Cryptload are very nice people and they are very willing to help you to create CLR file to support your router. Here's what you need to do. 1. Install Live HTTP Headers extension for your Firefox browser.
2. Run Firefox, go to Tools -> Live HTTP Headers. Make sure capture checkbox is checked.
3. Go to Firefox window, login to your router, manually disconnect and then reconnect to the internet.
4. Go back to the Live HTTP headers, click Save all button and save it as router.txt
5. Click close to close Live HTTP headers.
6. Go to www.nopaste.com, enter your name in Nick, Description as your router brand with model and firmware version if possible. Make sure Plain is selected for language. Click on the Browse button and look for the router.txt file. Finally click Paste.
7. Wait for a few seconds, and you'll be forwarded to a new page with the URL something like http://nopaste.com/p/xXXxxXxxX.
8. Go to www.cryptload.info website, at Live-Support, enter your username (your name), E-mail and click Los button. If cryptload staff is available, you can give them the nopaste URL to create your router's CLR file. If not, you can fill up the form to send an email to them. I am sure they'll get back to you with your CLR file. Another way is to join Cryptload IRC channel and try getting help there. The person that patiently helped me from the beginning till the end was Apokalypser.
IRC Server: irc.german-elite.net
Channel: #cryptload Once you got the CLR file from Cryptload staff, copy it to Cryptload's router folder and it'll be included in the router list when you run Cryptload the next time. Cryptload is a perfect way to unlimited rapidshare downloading. Well, only perfect for those with dynamic IP address. It is developed by shira, bocka and apokalypser. For those with static IP adress Rapid GraB may be the best way for you. NOTE: Cryptload requires at least Microsoft .NET Framework v2.0 and above. [ Download Cryptload Cryptload Website ]

RapidShare HACKING

Most Trusted n Complete Working HACK




rapidshare hackin: Sai Pranav



  • Simply Copy the CODE given below

  • Open Command prompt. ( run ->cmd )

  • Paste the Content There. [ Hope u know how to paste on the cmd Prompt ]

  • Now try the rapidshare link again

  • and it wont ask you to Wait for more than ONE minute.








@echo off
echo ipconfig /flushdns
ipconfig /flushdns
echo ipconfig /release
ipconfig /release
echo ipconfig /renew
ipconfig /renew
exit






well it is known trick now nothing new in it

but

Keep checking this page for working Premium Rapidshare "user id" and "passwords"
Advanced Rapid Share Hack
Keep posting if u know more
thanks





New working trick .. genuine



After searching a lot i found dis amazing thing. its like a proxy browser called TORPAK..it can change ur permanent IP to static IP. so jus wen u restart ur browser u will hav new IP... u can also set intervals between changing ur proxy...so now download mutliple files at d same time......it also has integration of IDM with it..

Rapidshare hacking



tip:

u have to close this perticular browser than open again and it will start downloading from RAPIDSHARE again no need to disconnect..
easy..

google it download n ~cheers~

Easy Way to Delete Rapidshare Cookie


If you logged into Rapidshare with an account that was detected by fraud detection you will need to delete the Rapidshare cookie. You could either:
  • Delete all the cookies, but this will makeyou have to login back into every website that you told the browser to auto login for you.
  • Go through every cookie and find that one rapidshare cookie.

Delete Rapidshare Cookie


So, here comes this little trick! You could bookmark this link and click it every timeyou need to delete ONLYRapidshare cookie:


http://rapidshare.de/cgi-bin/premium.cgi?logout=1



3. Use a proxy with SwitchProxy and Firefox:


4. Use an anonymous service:
    Running your system through the tor network should in theory work; however, it is difficult to use and setup. Plus, you allow others to run their evil deeds through your system as well by using this systemks.. u need to download Firefox 1.5 for it.. u can get the same by typing "Firefox old apps" in google. begin tor by enabling it on Firefox(right bottom)

    Anonymizer is inexpensive, easy to use, but not free. Other pay services would likely work as well.

BELOW TEXT IS NOT TESTED BY ME
The hot new Firefox plug-in takes browser customization to a whole new level by letting users filter site content or change page behaviors.

The glory of open-source software is that it allows anyone with the inclination and the scripting knowledge to get under the hood and hot-rod their computing environment. But most of the time, that advantage is available only to people with the programming skills to make the changes they want. That's where Greasemonkey, a free plug-in for Firefox, comes in -- it simplifies hacking the browser.

Released at the end 2004, Greasemonkey is the latest in a growing arsenal of Firefox customization tools. It changes how Web pages look and act by altering the rendering process. Greasemonkey is to Firefox what aftermarket parts are to cars -- it lets you personalize your browser by making it faster and more powerful or simply by making browsing more aesthetically pleasing. How and why you will use Greasemonkey (and I predict you will, if you don't already) will depend on how you browse now.

CODE
http://greasemonkey.mozdev.org/



1) Install the Greasemonkey extension >>
CODE
http://downloads.mozdev.org/greasemonkey/greasemonkey_0.2.6.xpi



2) Restart Firefox

3) Go to

CODE
http://rapidshare.de/files/1034529/rapidshare.user.js.html



4) Right click on rapidshare.user.js and choose "Install User Script".

Run FireFox.
From File Menu click on Open File then brouse to whereever you saved the 'greasemonkey.xpi' plug-in. Open it, wait a couple seconds for the install button becomes active. Click on it to install this plug-in then CLOSE FIREFOX.
Run FireFox again. From the File Menu click on Open File then brouse to whereever you saved the 'rapidshare.user.js'. Open it. Click the Tools Menu then click on Install User Script then click OK.
Close FireFox.

The script will let you enjoy "no wait" and multiple file downloads

Internet Stuff Tricks n Hacks

Change Yahoo messenger title bar



H
ey guys you can change the yahoo messenger title bar...
For this just find the folder messenger in the drive in which the messenger is installed. Then search a file named "ymsgr". In this file just go to the end and write the following code:
[APP TITLE]
CAPTION=Red Devil
Here you can write any name in place of Red Devil... then see the fun.... You can have your own name being placed in yahoo messenger title bar.


2) Enable Right Clicks on The Sites Dat Disable it



Lots of web sites have disabled the right click function of the mouse button... it's really, really annoying. This is done so that you don't steal (via right-click->save picture) their photos or images or any other goodies. Unfortunately, it disables ALL right-click functionality: copy, paste, open in new window.

It's easy to change, assuming your using IE 6:
Click "Tools"->"Internet Options"
Click the "Security" tab
Click "Custom Level"
Scroll down to the "Scripting" section
Set "Active Scripting" to "disable"
Click "Ok" a couple of times.

You'll probably want to turn this back to "enable" when your done... 'cause generally the javascript enhances a website.



lots more to come
share what u have
keep posting as comments

More on Telnet

******************************************************
In this Article you will learn how to:
* Use telnet from Windows
* Download web pages via telnet
* Get finger information via telnet
* Telnet from the DOS command-line
* Use netcat
* Break into Windows Computers from the Internet
Protecting Yourself
What can they do
The command-line approach
The GUI approach
Final Words (SPY)
************************************************************

How to Use Telnet on a Windows Computer


Telnet is great little program for doing a couple of interesting things. In fact, if you want to call yourself a hacker, you absolutely MUST be able to telnet! In this lesson you will find out a few of the cool things a hacker can do with telnet.
If you are using Win95, you can find telnet in the c:\windows directory, and on NT, in the c:\winnt\system32 directory. There isn't a lot of online help concerning the usage of the program, so my goal is to provide some information for new users.
First off, telnet isn't so much an application as it is a protocol. Telnet is protocol that runs over TCP/IP, and was used for connecting to remote computers. It provides a login interface, and you can run command-line programs by typing the commands on your keyboard, and the programs use the resources of the remote machine. The results are displayed in the terminal window on your machine, but the memory and CPU cycles consumed by the program are located on the remote machine. Therefore, telnet functions as a terminal emulation program, emulating a terminal on the remote machine.
Now, telnet runs on your Win95 box as a GUI application...that is to say that you can type "telnet" at the command prompt (in Windows 95 this is the MS-DOS prompt), and assuming that your PATH is set correctly, a window titled "telnet" will open. This differs from your ftp program in that all commands are entered in the DOS window.
Let's begin by opening telnet. Simply open a DOS window by clicking "start", then "programs", then "MS-DOS", and at the command prompt, type:
c:\telnet
The window for telnet will open, and you can browse the features of the program from the menu bar.


***************************************************
NEWBIE NOTE: In this text file, I am referring only to the telnet
program that ships with Win95/NT. If you type "telnet" at the
command prompt and you don't get the telnet window, make sure
that the program is on your hard drive using the Start -> Find ->
Files or Folders command. Also make sure that your path statement includes the Windows directory. There are many other programs available that provide similar functionality, with a lot of other bells and whistles, from any number of software sites.
*************************************************


To learn a bit more about telnet, choose Help -> Contents, or
Help -> Search for help on... from the menu bar. Read through
the files in order to find more detailed explanations of things
you may wish to do. For example, in this explanation, I will
primarily be covering how to use the application and what it can
be used for, but now how to customize the colors for the application.
Now, if you choose Connect -> Remote System, you will be presented with a dialog window that will ask you for the remote host, the port and the terminal type.
****************************************************
NEWBIE NOTE: For most purposes, you can leave the terminal type on
VT100.
****************************************************
In the Connect dialog box, you can enter in the host to which
you wish to connect, and there is a list box of several ports
you can connect to:
daytime: May give you the current time on the server.
echo: May echo back whatever you type in, and will tell you that the computer you have connected to is alive nd running on the Internet. qotd: May provide you with a quote of the day.
chargen: May display a continuous stream of characters, useful for spotting network problems, but may crash your telnet program.
telnet: May present you with a login screen.
These will only work if the server to which you are trying to connect is running these services. However, you are not limited to just those ports...you can type in any port number you wish. (For more on fun ports, see the GTMHH, "Port Surf's Up.") You will only successfully connect to the port if the service in question is available. What occurs after you connect depends upon the protocol for that particular service.
When you are using telnet to connect to the telnet service on a server, you will (in most cases) be presented with a banner and a login prompt.
[Note from Carolyn Meinel: Many people have written saying their telnet program fails to connect no matter what host they try to reach. Here's a way to fix your problem. First -- make sure you are already connected to the Internet. If your telnet program still cannot connect to anything, here's how to fix your problem. Click "start" then "settings" then "control panel." Then click "Internet" then "connection." This screen will have two boxes that may or may not be checked. The top one says "connect to the Internet as needed." If that box is checked, uncheck it -- but only uncheck it if you already have been having problems connecting. The bottom box says "connect through a proxy server." If that box is checked, you probably are on a local area network and your systems administrator doesn't allow you to use telnet.]
*********************************************

NEWBIE NOTE: It's not a good idea to connect to a host on which you don't have a valid account. In your attempts to guess a username and password, all you will do is fill the log files on that host. From there, you can very easily be traced, and your online service provider will probably cancel your account.
**********************************************
Now, you can also use telnet to connect to other ports, such as
ftp (21), smtp (25), pop3 (110), and even http (80). When you
connect to ftp, smtp, and pop3, you will be presented with a
banner, or a line of text that displays some information about the
service. This will give you a clue as to the operating system
running on the host computer, or it may come right out and tell
you what the operating system is...for instance, AIX, Linux,
Solaris, or NT. If you successfully connect to port 80, you will
see a blank screen. This indicates, again, that you have successfully completed the TCP negotiation and you have a connection.
Now, what you do from there is up to you. You can simply disconnect with the knowledge that, yes, there is a service running on port 80, or you can use your knowledge of the HTTP protocol to retrieve the HTML source for web pages on the server.
How to Download Web Pages Via Telnet
To retrieve a web page for a server using telnet, you need to connect to that server on port 80, generally. Some servers may use a different port number, such as 8080, but most web servers run on port 80. The first thing you need to do is click on Terminal -> Preferences and make sure that there is a check in the Local Echo box. Then, since most web pages will generally take up more than a single screen, enable logging by clicking Terminal -> Start Logging... and select a location and filename. Keep in mind that as long as logging is on, and the same file is being logged to, all new information will be appended to the file, rather than overwriting the
original file. This is useful if you want to record several sessions, and edit out the extraneous information using Notepad.
Now, connect the remote host, and if your connection is successful, type in:
GET / HTTP/1.0
and hit enter twice.
**************************************************
NEWBIE NOTE: Make sure that you hit enter twice...this is part
of the HTTP protocol. The single / after GET tells the server
to return the default index file, which is generally "index.html".
However, you can enter other filenames, as well.
*************************************************
You should have seen a bunch of text scroll by on the screen. Now you can open the log file in Notepad, and you will see the HTML
code for the page, just as though you had chosen the View Source
option from your web browser. You will also get some additional
information...the headers for the file will contain some information
about the server. For example:
HTTP/1.0 200 Document follows
Date: Thu, 04 Jun 1998 14:46:46 GMT
Server: NCSA/1.5.2
Last-modified: Thu, 19 Feb 1998 17:44:13 GMT
Content-type: text/html
Content-length: 3196
One particularly interesting piece of information is the server
name. This refers to the web server software that is running
and serving web pages. You may see other names in this field,
such as versions of Microsoft IIS, Purveyor, WebSite, etc.
This will give you a clue as to the underlying operating system
running on the server.
*************************************************
This technique, used in conjunction with a
database of exploits on web servers, can be particularly annoying.
Make sure you keep up on exploits and the appropriate security
patches from your web server and operating system vendors.
*************************************************
*************************************************
NEWBIE NOTE: This technique of gathering web pages is perfectly legal. You aren't attempting to compromise the target system, you are simply doing by hand what your web browser does for you automatically. Of course, this technique will not load images and Java applets for you.
************************************************
Getting Finger Information Via Telnet
By now, you've probably heard or read a lot about finger. It doesn't seem like a very useful service, and many sysadmins disable the service because it provides information on a particular user, information an evil hacker can take advantage of. Win95 doesn't ship with a finger client, but NT does. You can download finger clients for Win95 from any number of software sites. But why do that when you have a readily available client in telnet?
The finger daemon or server runs on port 79, so connect to a remote host on that port. If the service is running, you will be presented with a blank screen.
****************************************************
NEWBIE NOTE: NT doesn't ship with a finger daemon (A daemon is a program on the remote computer which waits for people like you to connect to it), so generally speaking, and server that you find running finger will be a Unix box. I say "generally" because there are third-party finger daemons available and someone may want to run one on their NT computer.
****************************************************
The blank screen indicates that the finger daemon is waiting for input. If you have a particular user that you are interested in, type in the username and hit enter. A response will be provided, and the daemon will disconnect the client. If you don't know a particular username, you can start by simply hitting enter. In some cases, you may get a response such as "No one logged on." Or you may get information of all currently logged on users. It all depends on whether or not the sysadmin has chosen to enable certain features of the daemon. You can also try other names, such as "root", "daemon", "ftp", "bin", etc.
Another neat trick to try out is something that I have seen referred to as "finger forwarding". To try this out, you need two hosts that run finger. Connect to the first host, host1.com, and enter the username that you are interested in. Then go to the second host, and enter:
user@host1.com
You should see the same information! Again, this all depends upon
the configuration of the finger daemon.
Using Telnet from the Command Line
Now, if you want to show your friends that you a "real man" because "real men don't need no stinkin' GUIs", well just open up a DOS window and type:
c:\>telnet
and the program will automatically attempt to connect to the host
on the designated port for you.
Using Netcat
Let me start by giving a mighty big thanks to Weld Pond from L0pht for producing the netcat program for Windows NT. To get a copy of this program, which comes with source code, simply go to:
http://www.l0pht.com/~weld
NOTE: The first character of "l0pht: is the letter "l". The second character is a zero, not an "o".
I know that the program is supposed to run on NT, but I have
seen it run on Win95. It's a great little program that can be used
to do some of the same things as telnet. However, there are
advantages to using netcat...for one, it's a command-line program,
and it can be included in a batch file. In fact, you can automate
multiple calls to netcat in a batch file, saving the results to
a text file.
**************************************************
NEWBIE NOTE: For more information on batch files, see previous versions of the Guide To (mostly) Harmless Hacking, Getting Serious with Windows series ...one of them dealt with basic batch file programming.
**************************************************
Before using netcat, take a look at the readme.txt file provided in
the zipped archive you downloaded. It goes over the instructions
on how to download web pages using netcat, similar to what I
described earlier using telnet.
There are two ways to go about getting finger information using
netcat. The first is in interactive mode. Simply type:
c:\>nc 79
If the daemon is running, you won't get a command prompt back. If this is the case, type in the username and hit enter. Or use the automatic mode by first creating a text file containing the username of interest. For example, I typed:
c:\>edit root
and entered the username "root", without the quotes. Then from
the command prompt, type:
c:\>nc 79 < root
and the response will appear on your screen. You can save the
output to a file by adding the appropriate redirection operator
to the end of the file:
c:\>nc 79 <> nc.log
to create the file nc.log, or:
c:\>nc 79 <>> nc.log
to append the response to the end of nc.log. NOTE: Make sure
that you use spaces between the redirection operators.

How to Break into a Windows machine Connected to the Internet


Disclaimer
The intent of this file is NOT to provide a step-by-step guide to accessing a Win95 computer while it is connected to the Internet. The intent is show you how to protect yourself.

There are no special tools needed to access a remote Win machine...everything you need is right there on your Win system! Two methods will be described...the command-line approach and the GUI approach.

Protecting Yourself

First, the method of protecting yourself needs to be made perfectly clear. DON'T SHARE FILES!! I can't stress that enough. If you are a home user, and you are connecting a Win computer to the Internet via some dial-up method, disable sharing. If you must share, use a strong password...8 characters minimum, a mix of upper and lower case letters and numbers, change the password every now and again. If you need to transmit the
password to someone, do so over the phone or by written letter. To disable sharing, click on My Computer -> Control Panel -> Network -> File and Print Sharing. In the dialog box that appears, uncheck both boxes. It's that easy.

i know lame one

What Can They Do?


What can someone do? Well, lots of stuff, but it largely depends on what shares are available. If someone is able to share a printer from your machine, they can send you annoying letters and messages. This consumes time, your printer ink/toner, and your paper. If they are able to share a disk share, what they can do largely depends upon what's in that share. The share appears as another directory on the attacker's machine, so any programs they run will be consuming their own resources...memory, cpu cycles, etc. But if the attacker has read and write access to those disk shares, then you're in trouble. If you take work home, your files may be vulnerable. Initialization and configuration files can be searched for passwords. Files can be modified and deleted. A particularly nasty thing to do is adding a line to your autoexec.bat file so that the next time your computer is booted, the hard drive is formatted without any prompting from the user. Bad ju-ju, indeed.


** The command-line approach **


Okay, now for the part that should probably be titled "How they do it". All that is needed is the IP address of the remote machine. Now open up a DOS window, and at the command prompt, type:
c:\>nbtstat -A [ip_addr]
If the remote machine is connected to the Internet and the ports used for sharing are not blocked, you should see something like:
NetBIOS Remote Machine Name Table
Name Type Status
---------------------------------------------
NAME <00> UNIQUE Registered
DOMAIN <00> GROUP Registered
NAME <03> UNIQUE Registered
USERNAME <03> UNIQUE Registered
MAC Address = 00-00-00-00-00-00
This machine name table shows the machine and domain names, a logged-on username, and the address of the Ethernet adapter (the information has been obfuscated for instructional purposes).
**Note: This machine, if unpatched and not protected with a firewall or packet-filter router, may be vulnerable to a range of denial of service attacks, which seem to be fairly popular, largely because they require no skill or knowledge to perpetrate.
The key piece of information that you are looking for is in the Type column. A machine that has sharing enabled will have a hex code of "<20>".
**Note: With the right tools, it is fairly simple for a sysadmin to write a batch file that combs a subnet or her entire network, looking for client machines with sharing enabled. This batch file can then be run at specific times...every day at 2:00 am, only on Friday evenings or weekends, etc.
If you find a machine with sharing enabled, the next thing to do is type the following command:
c:\>net view \\[ip_addr]
Now, your response may be varied. You may find that there are no shares on the list, or that there are several shares available. Choose which share you would like to connect to, and type the command:
c:\>net use g: \\[ip_addr]\[share_name]
You will likely get a response that the command was completed successfully. If that is the case, type:
c:\>cd g:
or which ever device name you decided to use. You can now view what exists on that share using the dir commands, etc.
Now, you may be presented with a password prompt when you ssue the above command. If that is the case, typical "hacker" (I shudder at that term) methods may be used.
** The GUI approach **
After issuing the nbtstat command, you can opt for the GUI approach to accessing the shares on that machine. To do so, make sure that you leave the DOS window open, or minimized...don't close it. Now, use Notepad to open this file:
c:\windows\lmhosts.sam
Read over the file, and then open create another file in Notepad, called simply "Lmhosts", without an extension. The file should contain the IP address of the host, the NetBIOS name of the host (from the nbtstat command), and #PRE, separated by tabs. Once you have added this information, save it, and minimize the window. In the DOS command window, type:
c:\>nbtstat -R
This command reloads the cache from the Lmhosts file you just created.
Now, click on Start -> Find -> Computer, and type in the NetBIOS name of the computer...the same one you added to the lmhosts file. If your attempt to connect to the machine is successful, you should be presented with a window containing the available shares. You may be presented with a password prompt window, but again, typical "hacker" (again, that term grates on me like fingernails on a chalk board, but today, it seems that it's all folks understand) techniques may be used to break the password.
************************************************
Want to try this stuff without winding up in jail or getting expelled from school? Get a friend to give you permission to try to break in.
First, you will need his or her IP address. Usually this will be different every time your friend logs on. You friend can learn his or her IP address by going to the DOS prompt while online and giving the command "netstat -r". Something like this should show up:
C:\WINDOWS>netstat -r
Route Table
Active Routes:
Network Address Netmask Gateway Address Interface Metric
0.0.0.0 0.0.0.0 198.999.176.84 198.999.176.84 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
198.999.176.0 255.255.255.0 198.999.176.84 198.999.176.84 1
198.999.176.84 255.255.255.255 127.0.0.1 127.0.0.1 1
198.999.176.255 255.255.255.255 198.999.176.84 198.999.176.84 1
224.0.0.0 224.0.0.0 198.999.176.84 198.999.176.84 1
255.255.255.255 255.255.255.255 198.999.176.84 0.0.0.0 1
Your friend's IP address should be under "Gateway Address." Ignore the 127.0.0.1 as this will show up for everyone and simply means "locahost" or "my own computer." If in doubt, break the Internet connection and then get online again. The number that changes is the IP address of your friend's computer.
***************************************************
**************************************************
tip: Here is something really scary. In your shell account give the "netstat" command. If your ISP allows you to use it, you might be able to get the dynamically assigned IP addresses of people from all over the world -- everyone who is browsing a Web site hosted by your ISP, everyone using ftp, spammers you might catch red-handed in the act of forging email on your ISP, guys up at 2AM playing on multiuser dungeons, IRC users, in fact you will see everyone who is connected to your ISP!
****************************************************
***************************************************
YOU CAN GO TO JAIL WARNING: If you find a Windows xp box on the Internet with file sharing enabled and no password protection, you can still get in big trouble for exploiting it. It's just like finding a house whose owner forgot to lock the door -- you still are in trouble if someone catches you inside. Tell temptation to take a hike!
************************************************
Final Words
Please remember that this Guide is for instructional purposes only and is meant to educate the sysadmin and user alike. If someone uses this information to gain access to a system which they have no permission or business messing with, I (SPY) cannot be responsible for the outcome. If you are intending to try this information out, do so with the consent and permission of a friend.

Hacking Pssword Protected Website's

warning : For educational purpose only

i know dis is lame but just would like to share wid u.
have nothing for next half an hour so typing it.. lol
spy


here are many ways to defeat java-script protected websites. Some are very simplistic, such as hitting
[ctl-alt-del ]when the password box is displayed, to simply turning offjava capability, which will dump you into the default page.You can try manually searching for other directories, by typing the directory name into the url address box of your browser, ie: you want access to www.target.com .

Try typing www.target.com/images .(almost ever y web site has an images directory) This will put you into the images directory,and give you a text list of all the images located there. Often, the title of an image will give you a clue to the name of another directory. ie: in www.target.com/images, there is a .gif named gamestitle.gif . There is a good chance then, that there is a 'games' directory on the site,so you would then type in www.target.com/games, and if it isa valid directory, you again get a text listing of all the files available there.

For a more automated approach, use a program like WEB SNAKE from anawave, or Web Wacker. These programs will create a mirror image of an entire web site, showing all director ies,or even mirror a complete server. They are indispensable for locating hidden files and directories.What do you do if you can't get past an opening "PasswordRequired" box? . First do an WHOIS Lookup for the site. In our example, www.target.com . We find it's hosted by www.host.com at 100.100.100. 1.

We then go to 100.100.100.1, and then launch \Web Snake, and mirror the entire server. Set Web Snake to NOT download anything over about 20K. (not many HTML pages are bigger than this) This speeds things up some, and keeps you from getting a lot of files and images you don't care about. This can take a long time, so consider running it right before bed time. Once you have an image of the entire server, you look through the directories listed, and find /target. When we open that directory, we find its contents, and all of its sub-directories listed. Let's say we find /target/games/zip/zipindex.html . This would be the index page that would be displayed had you gone through the password procedure, and allowed it to redirect you here.By simply typing in the url www.target.com/games/zip/zipindex.html you will be onthe index page and ready to follow the links for downloadin
g.

Hacking MSN / Yahoo

UPDATED


a small trick ll worked for me hence posting it here


Hacking MSN is actually VERY simple. Msn is designed to route the connection through a microsoft server while you are chatting. However, when a file is sent, a DCC (direct connection) is created. This was purposely done because otherwise microsoft would waste alot of bandwidth so a direct connection is made. This is your chance. Make a file transfer occur between u and a victim (try to send a big file), open up your command prompt (run "cmd" in NT/XP or "command" in 9X to get into prompt) and run netstat. usually the MSN targets IP would be above port 2000. enjoy.


If u recieve some crap like gux1-43.primus.com as the target, do a reverse DNS lookup on it. However, this occurs very rarely, mostly u will recieve a clear IP.

once u have d IP u can do anything with him by Fingerprinting.

U can protect yourself from this occurring to you by using a proxy with MSN (under connections panel in options).


___________________________________________________________________

Beware

The four most common ways of Hacking Yahoo ids are ..\

1.) Social Engineering
2.) Password Crackers
3.) Using Password Stealing Trojans/Keyloggers
4.) Fake Login Pages
Social Enginnering is actually nothing but trying to know your personal and confidential details and then using it to change your password ..BUT HOW? ok there's a forgot password option with Yahoo which asks for your B'day,Country & Zip Code & later your security question..Now generally lamers who try this mode of Hacking have lots of time to waste ..They will put you into some kinda friendship/emotional trap and try to get all the above mentioned information .It may take 1-2 days or even 1-2 month ...(Really I pitty on such lamers !! ).

Tip 1 : Never use your real information while registering on Yahoo(Infact don't use it anywhere on net)
Now if I talk bout a Hacker's perspective...

1.) The most common Security Question is "What's your Pet name?"..Now most of them answer it with very common pet names..I have put on a" names wordlist "in the worldlists section of the site so try those names n m sure u will crack it....Beside this some lamers confuse their NickName with Pet Names ..so if you know their Nick names u may be lucky lol :-)

2.) As far as country is concerned ..try out those countries which you have never heard of (weird names)...lol ( Probably thats what the smart victim thinks when he chooses a country...lmao) & do check Nepal,Phillipines & Bhutan..they r d most common

3.) Zip codes...123456 /007007/ ..something like this ...coz most of the smart victims are very lazy roflmao ...:-)
The second kinda Hacking attempt is done with the Help of Yahoo Password Crackers...I doubt bout their efficiency bt still some of them r lucky (other way round u r stupid lol)..Password Crackers & Password Changers use Brute Force Technique with their updated wordlists...WHAT IS BRUTE FORCE ?I'll make it simple ..it's like using all possible combinations and permutations on the available data and using it as a password ..You can download some frm the Yahoo Tools Section of the site ....Bt again it takes a hell lot of time to crack a password ....

Tip 2: Always use alphanumeric passwords and try to keep it atleast 8 characters long As far as Hacker's perspective is concerned...
Use the worldlist which has victims B'date,phone number,name,zipcode,lucky color,gf's name lol..words like sexy,love,cool,fun,insane,kill,hate & boss ..(You must have these personal informations or else it may take the shit out of u ..trying to hack ...).Beside this generally ppl use their vehicle number,phone number,social security number,credit card number etc as their passwords...
The third and one of the most frequently used way of hacking or stealing Yahoo password is using trojans and keyloggers ..WHAT ARE TROJANS? hmmm..read the tutorial ..I have already wrtten one ...bt still TROJANS are simple programs with a server part and the client part ..you infect the victims computer with the server part and the server then connects to the client running on your system and sends passwords and vital informations..and KEYLOGGERS are programs which record your keystrokes in a log.txt file and sends that log file to the Hacker...

The two most famous Yahoo Password stealing Trojans are Magic PS 1.5 SE ++ ( use google ) & Smart PS 1.5 SE ..once Infected by these trojans the infected server sends your password to the Hackers Yahoo Messenger id as PM 's ...

How to use MAGIC PS 1.5 ?

Ok download MPS.zip then run the mps.exe in it ...you 'll see an user inteface...check the boxes which read"Send Password" & "Send OS name " ...and then gibe an Yahoo id on which you want the Hacked Passwords to be send ..If you want some icon on it then choose the specified icon from the list and then click "Create MPS" .A server.exe will be made in the same folder or in the temp folder in windows ....Send that file to the victim and once he executes it ..Bingo u Have Hacked him/her lol ....

Tip 3: If you see a regsvr.exe file in you windows folder then u r infected ..Also check the system folder(Win98) system 32 (WinXp)...Restart your windows in DOS Mode and delete the file or press CTRL+ALT+DEL and end that process(regsvr.exe){ Not regsvr32.exe it's a system file }or see the list of files from the combo box of MPS client reading" files after install" and then delete it if you find any of them in the windows/system32 folder.Beware sometimes the new MPS creates the server in more than 1 folder.Also look for tapi1314533.exe in your system32 folder( digits after tapi will vary) ** Only solution which will heal it permanently is to install a good antivirus(Norton 2005 /AVG updates/McAfee) are the best.

Tip 4: If u see a flash of PM window disapperaing as you login into you Yahoo & see some probs with the password field(stars changing with dots or vice-versa ).then its party time u r infected ...

Tip 5: Install a good Firewall /Anti-Hacker Program to kill all remote connections or a good freezer which cleans all fresh installations in your primary drive.
As far as Hacker's perspective is concerned...
Pack/Bind the sender.exe (server) so as to make it undetectable by antivirus and then use the flash icon or the setup icon to spoof your victim .Tell him/her that the .exe file is a software patch or some kinda fun stuff and let him/her execute that file...USE THE SEND FILE option of Yahoo messenger for this coz Yahoo mail is protected by Norton so its gonna eat up your server(If nt packed properly).You can also bind the server with some good softwares and then send it but be carefull that the properties of the MPS trojan are not changed (

The last form of Yahoo Password stealing is done by using FAKE LOGIN PAGES ..Now wht the **** :-) is Fake login Page ?These are cloned pages of the real Yahoo Mail Sign in pages .They look very similar to the real conterparts and really very difficult to distinguish..Once you put inyour real id and password and press the submit button you will be either redirected to some other pasge /invalid login page but the trick had already been played by this time ..your id and password would have been mailed to the Hackers mail id by using a 3rd party SMTP server and you don't even realize that you are HACKED...

Tip 6: Always view the address bar ..If the address bar shows something like
http://mail.yahoo.com or http://edit.login.yahoo.com then its the authentic page but if its something different then DONOT login.

Tip 7: Some older versions of IE support url redirecting for eg:
http://mail.yahoo.com.profile=urid.123455@www.hackeme.com Now the former portion seems to be like the authentic yahoo server address but the page is being redirected to www.hackme.com so check out the URL well...

Tip8: Geocities is NOT YAHOO ..So don't get carried away ....
As far as Hacker's perspective is concerned...
Many free webhosts provide you with a feedback form option or a form mail option .So if you know a bit of HTML you can use their sever is POST ACTION = "" of the Yahoo Fake Page.Just do "Save As " of the real Yahoo page and then edit it form action section with your freeserver's address..But there's a problem..Generally these pages redirect you to THANK YOU PAGES ..So even if you manage to get the password it's of no use coz until and unless the victim is a reall ass lamer he/she would change his/her password after seeing this page ..So the best thing to do is PHP NUKE Now wats dat ?? okie you should know a bit of PHP $ <-- Values and you can code you own mailer.php and call that mailer the PHP on the submit buttons event ..Also dont forget to add some real looking HTML to your mailer the PHP ( may be a INVALID LOGIN PAGE ..)...

Beside this there's always the fear of Physical Hacking ( Some one can juzz sneak in to see your password while you are typin it ) So be carefull..Some ppl do use Password Changers bt thats similar to Password Crackers which I have mentioned above..
Remember this tutorial only teaches the basic terminology behind yahoo password stealing . Hackers are always smarter than you so you never know .....

Disable yahoo from tracking you

As you all know, Yahoo! upgraded its features and the capacities of the mail accounts have grown to 2GB. That's good for sure, but the "monitoring" methods that we all have been far too familiar with in the last couple of years have been renewed with this move also. Yahoo! is now keeping track of which sites its members that are getting into groups or using Yahoo! services are visiting and storing this data with a method called "Web Beacons". The aim is to give these statistics to the partner companies arranged by agreement and to improve the "advertisement guiding" function.

However, those who are bothered by this and do not want to be kept track of have still a choice. Yahoo! has hidden this option way deep inside somewhere but I'm declaring it here in case there are people who want it anyway:

1. Go to the address

http://privacy.yahoo.com/privacy

and click the "Cookies" link under the "Special Topics" column.

2. Click the "Web Beacons" link under the "Reference Links" Column.

3. On this page, click the "click here to opt out" link toward the end of the third paragraph under the "Outside the Yahoo! Network" title.

4. After a while, a page that says you have been out of the monitoring program will load. Without doing anything, close that page or continue your usual surfing by typing another address in the address bar. (Do NOT click the "Cancel Opt-out" button, your action will be cancelled!)

5. You're done! Now Yahoo! will not record what you're doing during surfing.

You can let your friends that might be interested know about this; since no matter how "innocent" it may seem, it's still a violation of privacy

Image Formatting tips

Image file formats

Image files are made up of picture elements, called PIXELS The pixels that comprise an image are in the form of a grid of columns and rows. Each of the pixels in an image stores digital numbers representing brightness and color.
Major graphic file formats

There are many graphic file formats, if we include the proprietary types. The PNG, JPEG, and GIF formats are most often used to display images on the Internet. These graphic formats are listed and brieflydescribed below, separated into the two main families of graphics: raster and vector.

Raster formats

JPEG
The JPEG (Joint Photographic Experts Group) image files are a lossy format. The DOS filename extension is JPG, although other operating systems may use JPEG. Nearly all digital cameras have the option tosave images in JPEG format. The JPEG format supports 16-bit color and produces relatively small file sizes. Fortunately, the compression in most cases does not detract noticeably from the image. But JPEG files do suffer generational degradation when repeatedly edited and saved. Photographic images are best stored in a lossless non-JPEG format if they will be re-edited in future, or if the presence of small "artifacts" (blemishes), due to the nature of the JPEG compression algorithm, is unacceptable. JPEG is also used as the image compression algorithm in many Adobe PDF files.

TIFF
The TIFF (Tagged Image File Format) is a flexible image format that normally uses a filename extension of TIFF or TIF. TIFF's flexibility is both a feature and a curse, with no single reader capable of handling all the different varieties of TIFF files. TIFF can be lossy or lossless. Some types of TIFF offer relatively good
lossless compression for bi-level (black and white, no grey) images. Some high-end digital cameras have the option to save images in the TIFF format, using the LZW compression algorithm for lossless storage. The TIFF image format is not widely supported by web browsers, and should not be used on the World Wide Web. TIFF is still widely accepted as a photograph file standard in the printing industry. TIFF is capable of handling device-specific color spaces, such as the CMYK defined by a particular set of printing press inks.


RAW
The RAW image format is a file option available on some digital cameras. It usually uses a lossless compression and produces file sizes much smaller than the TIFF format. Unfortunately, the RAW format is not standard among all camera manufacturers and some graphic programs and image editors may not accept the RAW format. The better graphic editors can read some manufacturer's RAW formats, and some (mostly higher-end) digital cameras also support saving
images in the TIFF format directly. There are also separate tools available for converting digital camera raw image format files into other formats, one such tool being Dave Coffin's dcraw, which is made available under a combination of GNU General Public License and public domain licenses.

Adobe's Digital Negative Specification is a recent (September 2004) attempt at standardizing the various "raw" file formats used by digital cameras.


PNG
The PNG (Portable Network Graphics) file format is regarded and was made as the free and open successor to the GIF file format. The PNG file format supports true color (16 million colors) whereas the GIF file format only allows 256 colors. PNG excels when the image has large areas of uniform color. The lossless PNG format is best suited for editing pictures, and the lossy formats like JPG are best for final distribution of photographic-type images because of smaller file size. Many older browsers do not yet support the PNG file format. The Adam7-interlacing allows an early preview even when only a small percentage of the data of the image has been transmitted.


GIF
GIF (Graphic Interchange Format) is limited to an 8-bit palette, or 256 colors. This makes the GIF format suitable for storing graphics with relatively few colors such as simple diagrams, shapes and cartoon style images. The GIF format supports animation and is still widely used to provide image animation effects.


BMP
The BMP (bit mapped) format is used internally in the Microsoft Windows operating system to handle graphics images. These files are typically not compressed resulting in large files. The main advantage of BMP files is their wide acceptance and use in Windows programs. Their large size makes them unsuitable for file transfer. Desktop backgrounds and images from scanners are usually stored in BMP files.


XPM
The XPM format is the default X Window System picture format (very popular in the Linux world). Its structure is based on the string format of the C programming language. Because XPM was designed to be human-readable, and is stored as uncompressed plain-text, the file size of these pictures can be more than twice as large as uncompressed binary bitmap files (such as BMP, uncompressed TIFF, MacOS-PICT, or Irix-RGB formats). This format is unsupported by most non-Unix software and operating systems (though many web-browsers retain display support for the XBM subset, which was the minimal image format in the early days of the WWW).

MrSID
The MrSID (Multiresolution Seamless Image Database) format is a wavelet compression format used mostly by Geographic Information Systems to store massive satellite imagery for map software.


Vector formats
As opposed to the raster image formats above (where the data describes the characteristics of each individual pixel), vector image formats contain a geometric description which can be rendered smoothly at any desired display size.

SVG
SVG (Scalable Vector Graphics) is an open standard created and developed by the World Wide Web Consortium to address the need (and attempts of several corporations) for a versatile, scriptable and all-purpose vector format for the web and otherwise. The SVG format does not have a compression scheme of its own, but due to the textual nature of XML, an SVG graphic can be compressed using a program such as gzip. Because of its scripting potential, SVG is a
key component in web applications: interactive web pages that look and act like applications

GIF and JPEG are currently the primary file types for graphics on the Internet. This article provides an overview of each of them, as well as when each format should be used.

The GIF Format
The GIF format is one of the most popular formats on the Internet. Not only is the format excellent at compressing areas of images with large areas of the same color, but it is also the only option for putting animation online (unless you want to use Flash or other vector-based animation formats, which typically cost more). The GIF89a format also supports transparency, and interlacing.

GIF files support a maximum of 256 colors, which makes them practical for almost all graphics except photographs. The most common method of reducing the size of GIF files is to reduce the number of colors on the palette. It is important to note that GIF already uses the LZW compression scheme internally to make images as small as possible without losing any data

When to use them
Generally, GIF files should be used for logos, line drawings and icons. Avoid using it for photographic images, and graphics which have long stretches of continuous-tone in them. When you're designing GIF files, avoid using gradients and turn off anti- aliasing where possible to minimize the file size.



The JPEG Format
The JPEG format, with its support for 16.7 million colors, is primarily intended for photographic images. The internal compression algorithm of the JPEG format, unlike the GIF format, actually throws out information. Depending on what settings you use, the thrown out data may or may not be visible to the eye. Once you lower the quality of an image, and save it, the extra data cannot be regained so be sure to save the orginal



When to use
As a rule, the JPEG format should be used on photographic images, and images which do not look as good with only 256 colors.





optimize an image for the web using adobe photoshop
JPEG v. GIF - Which format should I use?
GIFs work well for images with large blocks of color and sharp edges. Notice the difference
in file size. Using GIF format for this type of image produces a small file.
Image Formatting tips - The Ethical Hacking
rose.gif
GIF Format, 3 KB


Image Formatting tips - The Ethical Hacking
rose.jpg
JPEG Format, 16 KB



Image Formatting tips - The Ethical Hacking
Zoom of rose.gif

Image Formatting tips - The Ethical Hacking
Zoom of rose.jpg

JPEGs work well for images with continuous tones, such as photographs.
Again, notice the file size. In this case, the JPEG is smaller.
Image Formatting tips - The Ethical Hacking
sunset.gif
GIF Format, 38 KB

Image Formatting tips - The Ethical Hacking
sunset.jpg
JPEG Format, 20 KB












Image Formatting tips - The Ethical Hacking Image Formatting tips - The Ethical Hacking
This document explains how to reduce an image's file size and format it for use on the Web. It is important to make image files as small as acceptable quality will permit, since smaller images dramatically decrease download time when users access your Web pages.
before you start
Image Formatting tips - The Ethical Hacking
You will need:
  • an image, ready for processing, and
  • access to Adobe Photoshop

Step OneReduce the physical size of the image.

Image Formatting tips - The Ethical Hacking
Most people are more comfortable with images that fit completely on their screen. Reducing the physical size of images also dramatically reduces the file size. For most machines, an image size of more than 550 pixels wide and 375 pixels high is safe.
  • Open your image in Photoshop by choosing File > Open . . . from the menu bar, locating your file, and clicking the "Open" button.
  • Under the Image menu, select Image Size . . .
  • Make certain that the "Constrain Proportions" and "Resample Image"check boxes are checked in the "Image Size" dialog box.
  • Under the "Pixel Dimensions," you will see numerical fields for "Width" and "Height." If the largest value is the "Width," replace it with the number 550. If the largest value is the "Height," replace it with the number 375.
  • Click "OK."
  • If the image looks satisfactory, save it by choosing File > Save from the menu bar.

caution
Image Formatting tips - The Ethical Hacking
It is a good idea to save this image under a different file name, leaving the original scanned image in its original form. That way, if you decide to start over, you will not need to scan the image all over again.


Step TwoChange the image resolution.

Image Formatting tips - The Ethical Hacking
Most monitors display images at 72 pixels per inch. Higher resolution will be lost on the computer screen, though not in print. If the intended use of the image is for computer display, such as a Web page or PowerPoint presentation, you should reduce its resolution to 72 pixels per inch.
  • Open your image in Photoshop.
  • Under the Image menu, select Image Size . . .
  • Make certain that the "Constrain Proportions" and "Resample Image" check boxes are checked.
  • In the "Print Size" section, there is a "Resolution" numerical field. Make sure that "pixels/inch" is selected in the pull-down menu to its right.
  • If the number in this field is larger than 72, change it to 72.
  • Click "OK."
  • If the image looks satisfactory, save it by choosing File > Save from the menu bar.

Step ThreeChange the compression for JPEG files.

Image Formatting tips - The Ethical Hacking
One of the most common file formats on the Web is called "JPEG." It is commonly used with photographs, paintings, and any image which requires many shades of color. JPEG images have a relatively small file size compared to other digital file formats.
  • From the File menu, select Save As . . .
  • Select a new name for the file, making sure to add the file extension ".jpg" to the end of the file name.

caution
Image Formatting tips - The Ethical Hacking
Be sure to save your file under a different name from the original scanned image, since the following process cannot be undone.
  • Make certain that "JPEG" appears in the "Format" or "Save as" pull-down menu, and select it from the menu if it does not.
  • Click the "Save" button, which will bring up a '"JPEG Options" dialog box.
  • In the "Format Options" section, select "Progressive."
  • In the '"Image Options" section, enter a number from 0 (lowest quality) to 10 (highest quality) in the "Quality" field. Most images look fine saved between 3 and 5.
  • Click "OK."
  • If the new image looks satisfactory, you can return to the original and try repeating the above steps with a lower "Quality." If the new file looks bad, return to the original and repeat the above steps with a higher "Quality."
  • When you have finished, save the final copy of your image, remembering to add the ".jpg" file extension to its name.


Step FourChange the number of colors for GIF files.

Image Formatting tips - The Ethical Hacking
The other common Web file format is the "GIF" format, which uses a more limited color palette than the "JPEG" format. GIF is used for files with small numbers of colors, such as line drawings, icons, and graphs. The most common technique for shrinking these files is to remove any excess colors.
  • Select Image > Mode > Indexed Color . . . from the menu bar. If this is already selected, select Image > Mode > RGB Color, then return to this menu and select Indexed Color . . .
  • Select "Adaptive" from the "Palette" pull-down menu.
  • Select "8 bits/pixel" from the "Color Depth" pull-down menu.
  • From the "Dither" pull-down menu, select "None."
  • Click the "OK" button.
  • Choose Image > Mode > RGB Color from the menu bar, then return to this menu and select Indexed Color . . .
  • The "Palette" drop-down menu should now default to "Exact." At this point, you can click "OK" and then save your file. However, if you need further space saved, continue while preserving the original. The following steps can drastically reduce file size, but they can cause a loss of quality, so it is best not to work with the original.
  • Select "Adaptive" from the "Palette" drop-down menu in the "Indexed Color" dialog box.
  • Look at the number in the "Colors" field and remember it or write it down.
  • Under "Color Depth," select the "bits/pixel" level so that the number of "Colors" is half the number you wrote down.
  • Click the "OK" button and examine the image. If it looks fine, save it under a new file name and repeat the process for the next lowest number of "Colors."
  • When you have finished, save the final copy of your image by choosing File > Save as . . . from the menu bar, selecting "CompuServe GIF" as the file format, adding the ".gif" file extension to its name, and clicking the "Save" button.

Transparent GIFs Using Adobe Photoshop, the image below was drawn against a white background. The copy on the left was saved in GIF format without using transparency - notice how the background of the image remains white although the background of the table is set to yellow. The copy on the right was also saved in GIF format, but with a transparent background.
Image Formatting tips - The Ethical Hacking
face.gif


Image Formatting tips - The Ethical Hacking
facetrans.gif

Color Palettes
To display a full-color image on a 256-color computer, an application must simulate colors it can't actually display. The computer does this by dithering: combining pixels from its 256-color palette into patterns that approximate other colors. At a distance the human eye merges these dithered patterns into another color, but up close the image appears speckled. Because different operating systems and applications build color palettes according to their particular needs, color variance arises when moving across platforms and programs. You should prepare for the fact that visitors to your website will be using different systems with various color settings.
There is, in fact, no one universal 8-bit palette that will not dither on all platforms. However, there is a 216-color palette that will not dither on most. The web-safe palette (or browser-safe palette) consists of 216 colors that display the same on both Macintosh and PC operating systems. These colors will also display the same on PC systems using a low color depth. By using the web-safe palette you will ensure that the graphics you create look the same no matter what system or browser the viewer is using. When displaying graphics created with non web-safe palettes, the browser tries to approximate the color through dithering. This may work fine for some graphics, but will often produce results far from what you intended.
Web-safe colors should be used for creating images with large blocks of solid color. Photographs should not be remapped to web-safe color, as they will take on a blocky appearance.
Choosing a web-safe palette in
Adobe Photoshop

Image Formatting tips - The Ethical Hacking
  1. Open Adobe Photoshop

  2. Click on the Swatches tab of the floating palette for Color, Swatches, Brushes

  3. Click on the arrow in the upper right, on the same line as the Swatches tab.

  4. Choose Replace Swatches. (Note: "Load Swatches" will just add the new palette to the end of the current palette, without indicating which palette is which).

  5. Open the Color Palettes folder: c:\program files\adobe\photoshop 5.0\goodies\color palettes

  6. Choose the file Web Safe Colors.aco, and click Load.
A web-safe color palette is now loaded.

Image Formatting tips - The Ethical Hacking
true color
(millions of colors)


Image Formatting tips - The Ethical Hacking
Screen shot of image using
lower color depth (256 colors)

When web-safe colors are used to create the image, it looks the same when
displayed in either mode.
Image Formatting tips - The Ethical Hacking
true color
(millions of colors)


Image Formatting tips - The Ethical Hacking
Screen shot of image using
lower color depth (256 colors)


Although web-safe colors work well for creating images with large blocks of color, photographs
should not be remapped to web-safe color. The reason the first image looks better is because
dithering works quite nicely with continuous tone images. In fact, all JPEGs are dithered.
Look at the difference below:
Image Formatting tips - The Ethical Hacking
Saved as a jpg,
using millions of colors


Image Formatting tips - The Ethical Hacking
Saved as a jpg,
after conversion to web safe colors













GIF Cruncher and JPEG Cruncher
Free on-line tools for compressing GIFs and JPEGS are available at www.gifcruncher.com and www.jpegcruncher.com. These tools are very useful for automatically reducing file size and comparing different levels of quality. Each tool will return several versions of your image, ranging from high quality and large file size, to low quality and low file size. Choose the file which best suits your needs, and save it to your disk.
UsefulLinks: