Results 1 to 9 of 9

Thread: A few cool comp tricks

  1. #1
    Join Date
    Jul 2007
    Posts
    41
    Mentioned
    0 Post(s)
    Quoted
    0 Post(s)

    Default A few cool comp tricks

    Get an IP address.
    !!WARNING!! These can be used to send keyloggers and other virsues so be careful about giving yours away!!

    when you're talking to someone in aim or msn send to the contact a file while he is online , send him/her a photo or something else , doing that a peer-to-peer connection opens while your contact gets the file/photo no matter what it is , make sure that you have a DOS Prompt open (located at:start > programs > MS-DOS Prompt) and type the command: netstat while sending them the file and you will see a list in the DOS Prompt of all the connections your computer has that time , one of them must be your friend that is receiving the file.

    Sending an email using telnet, you can send it with any email address, great for pranks!

    Just as in POP3 connection, when you click on the 'Send' button, your e-mail client contacts the SMTP server of your mail service / ISP. It then uses a set of commands to transmit your e-mail. What we are going to do is try these commands ourselves, and get a first-hand experience of how things work. SMTP servers usually have the DNS address: smtp.<your_isp>.com, or mail.<web_mail_address>.com. Some samples are: mail.monitortools.com, mail.adminfavorites.com.

    In this document, we:
    shall use Telnet to connect to the SMTP server.
    shall give commands to the server, then type our e-mail, and finally tell the server, 'Okay, the e-mail is done. Send it.
    can then send more mails, or disconnect from the server.
    The steps are quite similar to what you do when you send an e-mail from - for instance - Outlook Express. We are going to use the SMTP server of monitortools.com with the ID 'webmaster'.


    Step 1

    Connect to the Internet in case you are a dial-up user. Open an MS-DOS prompt, and enter this command:
    C:\WINDOWS>telnet mail.monitortools.com 25
    This will open a Telnet window, and within a short time, you will be connected to the SMTP server, and the server says:
    220 PROTAGONISTNT Mailmax version 4. 8. 3. 0 ESMTP Mail Server Ready
    This varies, but you should definitely see the '220' part. It is an indication that the server is ready to service your request.


    step 2

    Now the server expects you to identify yourself. If you are a dial-up user, you can enter the name of your computer (the one Windows asks you when you intall Windows) or anything else you want. If you have a domain-name, then you should enter the domain-name here. My computer's name is dell01, so I say:
    helo dell01
    Note that it is 'helo' and not 'hello'. The commands are not case-sensitive, so you can also say HeLo or HELO or hELo. The server replies:
    250 HELO 217.120.215.201, How can I help you?
    This is like a shake-hand. You tell the server your name, and it says its name! Computers are quite friendly, you see!


    step 3

    Next give the server your e-mail address. Note that most SMTP servers require that your e-mail address belong to the same domain as the server. For example, if you send mail from Yahoo! SMTP server, you should have a Yahoo! address. You cannot use it if you give it a Hotmail address. Let me give the SMTP server some e-mail address:
    mail from: webmaster@monitortools.com
    'mail from:' is a SMTP command. Note that there is a space between 'mail' and 'from', followed by a colon (. The server says:
    250 Ok


    step 4

    Tell the server who you want to send the e-mail to. Let me send a mail to info@activexperts:
    rcpt to: info@activexperts.com
    There are no restrictions here. You can enter any e-mail address. If there is some problem with the recipient-address, your mail will bounce, but for now, the server doesn't complain. It will say:
    250 Ok


    step 5

    You have told the server your e-mail address, and the recipient's e-mail address, so now you can go ahead and type the e-mail. You have to do that with the data command:
    data
    The server asks you to go ahead with your e-mail:
    354 End data with .
    Don't worry with the thing. It'll be explained later.


    step 6

    Now type in your e-mail, like this:
    This is a test e-mail.
    Remember to type it all right. Backspace key doesn't work in Windows
    Telnet, though it does in Linux. If you make a mistake, try pressing
    CTRL-h. If it works, well and good.
    .
    When you finish your e-mail, press [ENTER], then a '.', and again an [ENTER]. This tells the server that you have finished the e-mail, and it can send it. It will say:
    250 Ok: queued as 6AB5150038
    Your mail was sent!


    step 7

    Now you can either send another mail, or disconnect from the server. If you want to send another mail, you should repeat the 'rcpt to:' and 'data' commands. There is no need for 'helo' and 'mail from:', because the server already knows who you are. If you want to disconnect, just say 'quit':
    quit
    The server will reply:
    221 Bye
    and you will lose connection with the server. Hurray, you sent a mail direct from the server! Try this in front of your friends who may be used to only GUIs and icons. They will begin to call you up for technical support!


    little add on to above:

    to make the emails look more authentic you can add a "Subject" to the email by using..... you guesed it a "subject:" command.

    the subject should be added after the data and before the email body (text)
    should look like this:

    C:\WINDOWS>telnet smtp.isp-domain.com 25
    helo
    mail from:you@domain.com
    rcpt to:them@domain.com
    data
    subject: a spoofed email
    helo this is a spoofed email
    .

    Writeing a buffer overflow and cuasing someone bad laggs

    Step 1

    Connect to the Internet in case you are a dial-up user. Open an MS-DOS prompt, and enter this command:
    C:\WINDOWS>telnet mail.monitortools.com 25
    This will open a Telnet window, and within a short time, you will be connected to the SMTP server, and the server says:
    220 PROTAGONISTNT Mailmax version 4. 8. 3. 0 ESMTP Mail Server Ready
    This varies, but you should definitely see the '220' part. It is an indication that the server is ready to service your request.


    Step 2

    Now the server expects you to identify yourself. If you are a dial-up user, you can enter the name of your computer (the one Windows asks you when you intall Windows) or anything else you want. If you have a domain-name, then you should enter the domain-name here. My computer's name is dell01, so I say:
    helo dell01
    Note that it is 'helo' and not 'hello'. The commands are not case-sensitive, so you can also say HeLo or HELO or hELo. The server replies:
    250 HELO 217.120.215.201, How can I help you?
    This is like a shake-hand. You tell the server your name, and it says its name! Computers are quite friendly, you see!


    Step 3

    Next give the server your e-mail address. Note that most SMTP servers require that your e-mail address belong to the same domain as the server. For example, if you send mail from Yahoo! SMTP server, you should have a Yahoo! address. You cannot use it if you give it a Hotmail address. Let me give the SMTP server some e-mail address:
    mail from: webmaster@monitortools.com
    'mail from:' is a SMTP command. Note that there is a space between 'mail' and 'from', followed by a colon (. The server says:
    250 Ok


    Step 4

    Tell the server who you want to send the e-mail to. Let me send a mail to info@activexperts:
    rcpt to: info@activexperts.com
    There are no restrictions here. You can enter any e-mail address. If there is some problem with the recipient-address, your mail will bounce, but for now, the server doesn't complain. It will say:
    250 Ok


    Step 5

    You have told the server your e-mail address, and the recipient's e-mail address, so now you can go ahead and type the e-mail. You have to do that with the data command:
    data
    The server asks you to go ahead with your e-mail:
    354 End data with .
    Don't worry with the thing. It'll be explained later.


    Step 6

    Now type in your e-mail, like this:
    This is a test e-mail.
    Remember to type it all right. Backspace key doesn't work in Windows
    Telnet, though it does in Linux. If you make a mistake, try pressing
    CTRL-h. If it works, well and good.
    .
    When you finish your e-mail, press [ENTER], then a '.', and again an [ENTER]. This tells the server that you have finished the e-mail, and it can send it. It will say:
    250 Ok: queued as 6AB5150038
    Your mail was sent!


    Step 7

    Now you can either send another mail, or disconnect from the server. If you want to send another mail, you should repeat the 'rcpt to:' and 'data' commands. There is no need for 'helo' and 'mail from:', because the server already knows who you are. If you want to disconnect, just say 'quit':
    quit
    The server will reply:
    221 Bye
    and you will lose connection with the server. Hurray, you sent a mail direct from the server! Try this in front of your friends who may be used to only GUIs and icons. They will begin to call you up for technical support!


    little add on to above:

    to make the emails look more authentic you can add a "Subject" to the email by using..... you guesed it a "subject:" command.

    the subject should be added after the data and before the email body (text)
    should look like this:

    C:\WINDOWS>telnet smtp.isp-domain.com 25
    helo
    mail from:you@domain.com
    rcpt to:them@domain.com
    data
    subject: You nooby
    you just got pranked, ya noob


    How to not get banned on runescape, or just hide your IP address for good!

    Anonymity stands for keeping ur privacy on the net. U never know who is watching u and what he/she is looking for. The main concern is to keep ur ip (Internet Protocol) hidden.
    NOTE: The major problem is about adsl and school connections which have a static ip (doesnt change). Easy to trace.

    Exploring the net.
    When visiting a site, ur ip date and hour is recorded in webserver's logs. Thats happens in every GET request. So, u can use proxies to stay anonymous.

    Anonymizer - http://www.anonymizer.com/

    The Cloak - http://www.the-cloak.com/

    NOTE: Proxies are caches that relay data. When u configure ur web browser to use a proxy, it never connects to the URL. Instead it always connects to the proxy server, and asks it to get the URL for u. It works similarly with other type of services such as IRC, ICQ etc. There'll won't be direct connection between u and the server, so ur real IP address won't be revealed to the server. When u view a website on the server, the server won't see ur IP.

    Cookies.
    When u login in a site or a service (ex. yahoo mail) and there is an option the PC to remember the username and password, if u accept this, those data will record in cookies. So, NEVER use a public PC and type username and password. If u have to do this, make sure that the option to remember the username and password s off (or if the msg box popups up, just click no).
    Services.
    When signing for services on the net, ALWAYS use fake informations. ex. when signing for yahoo, use a fake name and any other fakes data u like. U 'll be able to use the services again, but nobody 'll know who u really are.

    ICQ.
    Send and receive messages via ICQ server, not directly. Every direct connection enables attacker to learn ur IP. Encrypt ur messages by dedicated software, encryption addons.
    NOTE: There are addons which enhance ur ICQ with possibility to encrypt outcoming messages. The user on the other side needs to have the addon as well in order to decrypt your message.

    Top Secret Messenger (TSM) - http://www.encrsoft.com/products/tsm.html (trial version has only weak 8-bit encryption)

    Chat Buddy - http://www.planet-express.com/sven/t...y/default.html ( a freeware Windows application for encrypting chat sessions)

    SSL tunneling.

    SSL tunneling means, basically, encryption. U can identify it if the URL starts with https:// (usually a normal normal URL starts with http:// ). So, if a URL doesnt using SSL tunneling, not suggested to give sensitive private or business informations (ex. credit card number).
    NOTE: U can secure ur connections too with SSL tunneling. For windows http://www.totalrc.net/?s and for windows and unix http://mike.daewoo.com.pl/computer/stunnel .

    FTP transfers.
    When using an FTP client program to download files, assure yourself, that it's giving a bogus password, like guest@unknown.com , not your real one. If your browser lets you, turn off the feature that sends your e-mail address as a password for anonymous FTP sessions.

    Emailers and remailers.
    Do a search on the net and find anonymous mailers. With this way u wont give ur real email. Although be afraid that there is a risk for ur ip to be recorded in email headers. So, u can simply use remailers.

    Chain - http://www.obscura.com/crypto.html (is a menu-driven remailer-chaining script)
    Raph Levien's remailer availability page - http://www.sendfakemail.com/~raph/remailer-list.html (offers comprehensive information about the subject)
    The Cypherpunks Remailers - http://www.csua.berkeley.edu/cypherpunks/remailer/ (developed to provide a secure means of providing anonymity on the nets. Here you can find out about the available remailers, those which have been standard in existance for a long time as well as the new experimental remailers and anonymous servers)
    IRC.

    Well, u can use proxies or socks4 or socks5. With that way ur ip will be hidden behind the proxy.
    U can connect on a BNC, which 'll hide ur ip again.
    If u are connected on undernet, u can create a username on @x ( http://cservice.undernet.org/live/ ) join #cservice for help. When u create one, type /msg x@channels.undernet.org login username password. Then /mode urnickname +x .This 'll hide ur ip and ur host.
    Firewalls.
    U must have a firewall, so ur PC 'll be protected against attacks, trojans etc. Firewalls are listen on ports for incoming and outgoing requests (depends the firewall) blocks any attacks and give u a report.
    NOTE: Even if u have a firewall, there is a possibility to get hacked.

    Black Ice Defender - http://blackice.iss.net/
    Zonealarm - http://www.zonelabs.com/store/content/home.jsp
    NOTE: A good place to find all kinds of proxies, socks4 and socks5 is http://www.atomintersoft.com/product...xy/proxy-list/


    Finding a website users passwords
    Dont worry it wont work on runescape! srry if i got ur hopes up...

    Please know that hacking webpages is consitered lame
    in many's opinions, and it will most likly not give
    you a good reputation. People can always check logs
    once notified of hacking and most likly your address
    will come up and then at worst they will press charges
    for some elaborate computer crimes law and you will
    goto prison for up to 10 years and owe alot of $. So
    please attempt to refrain from abusing your knowlage
    on this subject. This is for informational purposes
    only.


    "Free" Web Pages

    Free webpages is web page hosting companies
    like Tripod and Geocities that host peoples web pages
    for free and make money off advertising. There is ways
    to hack these companies and have access to all users,
    but it would be to complex for most people. This way
    is simply social engineering which is not very hard to
    do, so don't proclaim yourself an Uberhacker because
    you vandalised a poor guy's webpage, who just happened
    to have his information on his site. All you have to do
    is set up an account with a free email service like
    hotmail and find your target. On your targets page up
    need to have the date of birth, name, and their old
    email, or instead of the DOB there address (I have lost
    my pass to a smaller company, and they needed the
    address i had registered with). All these free web page
    companies have their "verification" for people who have
    lost there password to their page. All their is to it
    is once you have this information is you either email
    the company telling them you changed your email address
    and once that is done wait about 2 weeks and then email
    them again saying that you lost your password. Most will
    email you telling you that you need some sort of
    verification, like the DOB or Address. In which you
    email them back and tell them and get a new password.
    On the other hand, companies like Geocities are too
    busy for email so they have set up a web site where
    members can get there password back
    (http://www.geocities.com/help/pass_form.html).


    Getting Passwords

    Okay suppose you found a page you want to hack,
    that is on someone elses server thats a basic server,
    light security. Okay very light security. I will be
    truthful. This pretty much works on servers with no
    security [=.
    Getting a passwd file is pretty easy. Simply telnet
    into the servers FTP anonymously and look in the ETC
    directory and get the file called Passwd.
    Another way to get them is to find your target and in
    a WWW browser type
    cgi-bin/phf?Qalias=x%0a/bin/cat%20/etc/passwd after
    the servers name. For example the name may be
    http://www.hackme.com/, you would goto
    http://www.hackme.com/cgi-bin/phf?Qa...%20/etc/passwd except instead of www.hackme.com you would replace that with your targets URL.
    You may get a passwd file that has no user accounds,
    but only defaults which where the encrypted password
    should be a * would be in its place. On certain servers
    with this you may have a shadowed passwd but on all
    passwd files i have come across there is some user
    names like FTP and NEWS that have no encrypted passwords
    which is replaced with *. If you find only this and no
    encrypted passwds you probably have found a fixed
    passwd file and you must try another method of hacking
    the server. You need to examine this file and look for
    a line in the text that looks like this:
    rrc:uXDg04UkZgWOQ:201:4:Richard Clark:/export/home/rrc:/bin/kshdoes not need to look exactly like that, the only important part it needs it the uXDg04UkZgWOQ and rcc, which is the login part. Get a program called John the Ripper whcih can be found on any hacking site on the web. If you are to lazy, or stupid to find one on the web heres a good place to go for newbies http://www.hackersclub.com/km/
    I will not go in depth right here on passwd files, but i
    have written a text on passwd's going good into the
    subject which can be found at
    http://www.xtalwind.net/~lmclaulin/ugpasswd.txt.
    Anyway, using John the Ripper is easy, if you want to
    quickly hack something give the command (in DOS prompt)
    "john passwd -single" Replace "passwd" in there with
    the name of the passwd file, you may have saved it as
    passwd.txt or something. An important thing to remember
    is that the passwd file needs to be in the same
    directory as John. To see a list of other methods for
    cracking a passwd file, just type John and it will give
    you a list of commands. I have found john won't work
    for me with wordlists but other people say that it
    works fine for them. You can use incremental mode
    (to use that the command is "John passwd -incremental"
    It takes like a few days to finish so I wouldn't really
    want it to let it go on forever and ever if it was
    just some normal passwd file. Unless its like NASA's
    passwd file (keep dreaming, they probably change
    passwords everyday and that file is very outdated)
    I wouldn't want to use that too much. To see a
    complete list of John's cracking capabilities, just
    type john and it will give you a list of commands
    that you may use.



    If you Have an Account with the Users Server

    The next section is on how you can get a webpage password if
    you already have an account with the server.

    Exploiting Net Adminstration CGI

    Well since nethosting.com either shutdown or whatever I figured what the hell before I forget
    how I did the more recent hacks etc... I'd tell you how so maybe you'll find the same sys
    elsewhere or be able to use it for ideas.

    Basically Nethosting.com did all it's administration via cgi's at net-admin.nethosting.com,
    well you need an account, card it if necessary, log in to net-administration, you'll see crap
    like ftp administration, email, etc... who really cares about e-mail so we'll go to ftp.
    Click on ftp administration. Lets say you were logged in as 7thsphere.com your url would be
    something like:
    http://net-admin.nethosting.com/cgi-...om+ljad32432jl

    Just change the 7thsphere.com to any domain on the sys or if in the chmod cgi just del that part
    but keep the + sign and you edit the /usr/home dir. In the ftp administration make a backdoor
    account to that domain by creating an ftp who's dir is / since multiple /// still means /.

    Once you have your backdoor have fun. Oh yeah and in the email you can add aliases like I did
    to rhad's e-mail account at 7thsphere, why the hell is he on that winsock2.2 mailing list?

    Well the basic theory of this type of exploitation is that:
    - the cgi is passed a paramater which we change to something else to edit it's info
    - since it uses the stuff after the + to check that it's a valid logged
    in account(like hotmail does), it dosen't check the password again.
    - multiple ///'s in unix just mean a /, thus we can get access to people's dir or the entire
    /usr/home dir


    I used this method for getting passes for a few well known places:


    Other Ways Of getting User Pages

    Another method that may work with really stupid
    Admins is sometimes, when you FTP to a server, you can
    leave your home directory and go back a few directories
    and find your targets directory. Once you have done
    that if you can access the HTML files and save them
    to disk and then "edit them". The HTML files may or
    may not be stored on FTP but with smarter admins they
    are not accessable by other users.

    Getting busted "hacking" will not be a fun process
    unless you like paying $10,000


    srry its super long just didnt want to double post threads lol, please post what you think
    Is that you John Wayne? Is this me?

    [/COLOR][/B]
    selling lvl 5 combat noob, 51 fishing and cooking, pm me offers!!
    Check This Out! http://www.runecore.net/forum/index....feral&key=1801

    http://www.danasoft.com/sig/sukomabawls22.jpg

  2. #2
    Join Date
    Mar 2007
    Posts
    1,700
    Mentioned
    0 Post(s)
    Quoted
    8 Post(s)

    Default

    Holy sh!t...That's a lot of info! We should use these methods to hack and bring down sythe >=]

  3. #3
    Join Date
    Feb 2007
    Location
    SparklesProd.com
    Posts
    2,406
    Mentioned
    1 Post(s)
    Quoted
    0 Post(s)

    Default

    lol, Most, if not all of that I knew already.

    Had some great times with e-mail address faking.

    Found out an old girlfriend was cheating on me...

    So, not such great times aswell

  4. #4
    Join Date
    Jun 2007
    Posts
    246
    Mentioned
    0 Post(s)
    Quoted
    0 Post(s)

    Default

    hey is it illegal to send an email with an email address that isnt yours?

  5. #5
    Join Date
    Jul 2007
    Location
    Riding the escalator to heaven.
    Posts
    506
    Mentioned
    0 Post(s)
    Quoted
    0 Post(s)

    Default

    We just wanna have some fun.






  6. #6
    Join Date
    Jul 2007
    Posts
    41
    Mentioned
    0 Post(s)
    Quoted
    0 Post(s)

    Default

    i was thinking of bringing down RSDemon before sythe but w/e they both suck

    EDIT: btw it's only illegal to send an email if you claim to be someone you arent thats fraud, say like you email someone from the email address gbush@whitehouse.gov and ask for their SSN you'd go to jail...
    Is that you John Wayne? Is this me?

    [/COLOR][/B]
    selling lvl 5 combat noob, 51 fishing and cooking, pm me offers!!
    Check This Out! http://www.runecore.net/forum/index....feral&key=1801

    http://www.danasoft.com/sig/sukomabawls22.jpg

  7. #7
    Join Date
    Aug 2007
    Location
    PA
    Posts
    15
    Mentioned
    0 Post(s)
    Quoted
    0 Post(s)

    Default

    haha those are pretty cool, some of them would be mean to do to people but still pretty cool lol.

  8. #8
    Join Date
    Sep 2008
    Posts
    72
    Mentioned
    0 Post(s)
    Quoted
    0 Post(s)

    Default

    Quote Originally Posted by lordsaturn View Post
    Holy sh!t...That's a lot of info! We should use these methods to hack and bring down sythe >=]
    lmao very nice XD

  9. #9
    Join Date
    May 2007
    Posts
    48
    Mentioned
    0 Post(s)
    Quoted
    0 Post(s)

    Default

    nice ... where did you learn this all ?

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Small Tips&Tricks in PhotoShop.
    By Dervish in forum Computer Help and Tutorials
    Replies: 13
    Last Post: 02-01-2009, 12:50 PM
  2. A Few Cool Comp Tricks **2nd Edition**
    By sukomabawls in forum Computer Help and Tutorials
    Replies: 8
    Last Post: 09-14-2008, 04:15 PM
  3. Helpful SCAR Tricks
    By Smartzkid in forum Outdated Tutorials
    Replies: 5
    Last Post: 06-12-2008, 05:53 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •