Pages

Tuesday, November 30, 2010

Disclaimer

All the posts in this blog are only for educational purpose. Any activities done by the reader is only performed by   his own risk. The writer is not responsible for any activities done by any reader.
Posted by Balakumaran at 10:16 PM 0 comments
Labels:

Windows password hack 1

Windows, the most widely used desktop operating system stores its password as a hash in a file. The file is named as SAM. You can find that file at the location C:\windows\system32\config\SAM. SAM file is not accessible by any user even the administrator. If you try to open this file, you will receive an error message as that file is being used by another program like this.


When a user adds his new password or changes his password to a new one, Windows generates the hash of that new password and stores it in the SAM file. When the user, boots the Windows machine, the process winlogon.exe ( you can see this in task manager ) will prompt him for the password. It generates the hash of the entered password and compares it with the saved hash at the SAM file. If only both are same, the user will be allowed to enter inside.

I found many of the people reading this bolg, looking at this blog. actually i gave just a simple introduction here about hacking windows password. the main dish is inside not here. read also other three articles in this series here. you will surely become a devil to microsoft-windows ;-)


Posted by Balakumaran at 9:51 PM 3 comments
Labels:

Sunday, November 28, 2010

DNS spoofing

DNS spoofing is nothing but while resolving the host name, instead of taking to the legitimate page taking to some other page. I know we everyone is not capable of hacking a Domain name server. But we can do it in our system. To do this you should have administrator privilege. 
In Windows there is a file at location c:\windows\system32\drivers\etc\hosts which is the first reference for any DNS resolving. Thus the Windows machine first look into that file before sending any DNS request. If any entry for the corresponding host is present, that particular IP address will be directly requested. No additional DNS lookup is needed. You can open that file in notepad and edit. But open as administrator.
That file will look like this (Microsoft copyrighted file)

# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

# localhost name resolution is handled within DNS itself.
# 127.0.0.1       localhost
# ::1             localhost



At present this file has no effect as every line in this file are comment line (started with a # symbol). You can add a line at the end like,
66.249.89.99    yahoo.com
This line has the IP address of Google but the host name is yahoo.com. Just add this line and save the file. Now if you enter yahoo.com in your browser, it will take you to google.com. It may seem as not so effective. But if you use it in a intelligent way, it'll serve a lot. For example, if you add entries for websites you visit frequently, every time you enter those websites in your browser, it won't need to resolve the name. So you can have a faster performance. And also not limited with it, you can do more.
DISCLAIMER: Information provided in this page and any of the page of this blog is only for informational purposes. Any activities done by the reader or any other person, the blog or the writer or the blog owner is not responsible for that.
Posted by Balakumaran at 10:24 PM 0 comments
Labels:

Saturday, November 27, 2010

Compile and Run code online

Recently I visited a website where we can comple and run our code. We need no compiler or additional software other than the browser. Just enter the code and run it. It'll show the results. It also shows compile and run time errors. You can run code for C, C++ and many other languages. Really help ful for learning and instant testing of our code. The url is,


But unfortunately it doesn't support Java. I searched the web for such a pad for Java. But I can't find it. If anyone know, please tell me.
Posted by Balakumaran at 2:22 AM 0 comments
Subscribe to: Posts (Atom)