Professional Documents
Culture Documents
Windows Hacking and Security PDF by SDG777
Windows Hacking and Security PDF by SDG777
and
Security
Measures
During the local logon to a machine, a person enters his name and
password to the logon dialog. This information is passed to the LSA,
which then calls the appropriate authentication package. The password
is sent in a non-reversible secret key format using a one-way hash
function. The LSA then queries the SAM database for the Users
account information. If the key provided matches the one in the SAM,
the SAM returns the users SID and the SIDs of any groups the user
belongs to. The LSA then uses these SIDs to generate the security
access token.
The reference monitor verifies the nature of the request against a table
of allowable access types for each process on the system. For example,
Windows 3.x and 9x operating systems were not built with a reference
monitor, whereas the Windows NT line, which also includes Windows
2000 and Windows XP, was designed with an entirely different
architecture and does contain a reference monitor.
OphCrack
Type the Username as Hiddenuser and Hit Enter, you will get Logged In
Note: This trick will not work in Windows Vista and Windows 7
Command Prompt on
the User Login Screen
Click on Update
Registry Editing
What is the Registry?
The Registry is a database used to store settings and options for the
32 bit versions of Microsoft Windows. It contains information and
settings for all the hardware, software, users, and preferences of the
PC. Whenever a user makes changes to a Control Panel settings, or
File Associations, System Policies, or installed software, the changes
are reflected and stored in the Registry.
Registry Editing
Registry Editing
The physical files that make up the registry are stored differently
depending on your version of Windows; under Windows NT/XP/Vista the
files are contained separately in the %SystemRoot%\System32\Config
directory. You cannot edit these files directly, you must use a tool
commonly known as a "Registry Editor" to make any changes.
Registry Editing
The Structure of Registry:
Registry Editing
There are five main Hives (branches), each containing a specific portion of
the information stored in the Registry. They are as follows:
Registry Editing
Registry Editing
REG_BINARY - This type stores the value as raw binary data. Most
Registry Editing
Start C:\Info:Secret.txt
To search the hidden files, ADS Tool Streams can be used.
To Search the Hidden Files: Streams S C:\Info
To Delete the Hidden Files: Streams D C:\Info
Steganography
Steganography is the technique to place
text content behind the images.
This is generally performed by the
terrorists to hide the secret messages
behind the images and conveying the
message via sending the Image via
Internet.
Windows Internal Commands as well as
Steganography tools can be used to
perform this technique.
Application Monitoring
User should always check that How many Application are
installed in the Computer.
This can be done using the Add/Remove Program Utility
available in Control Panel.
Uninstall all the Applications which you have not installed or you
do not use.
Process Monitoring
Process Explorer is a free GUI-based process viewer utility that
displays detailed information about processes running under
Windows.
For each process it displays memory, threads, and module usage.
For each DLL, it shows full path and version information.
User can check the processed running under Explorer.exe and
Kill all the suspicious processes