Prepared By:- Kishor M. Thnath Std: - S.Y.B.C.A. Roll No.:-166 Guided By: - Mr. Ankit Patel (Faculty-S.V.C.C.S.

)

Hacking…

Introduction
 Although this book cannot teach you everything you need to know, the references contained within this book can. Therefore, if you know very little about Internet security, you will want to maximize the value of this book by adhering to the following procedure  Those readers who want only a casual education in Internet security may read the book without ever retrieving a single document from the Internet. But if you are searching for something more, something deeper, you can obtain it by adhering to this procedure.

Why, I choose this Topic?
Hacking and cracking are activities that generate intense public interest. Stories of hacked servers and downed Internet providers appear regularly in national news. Today, thousands of institutions, businesses, and individuals are going online.  For companies, education is an economical way to achieve at least minimal security

Difference between hacker and Cracker…
Hacker
 The term hacker refers to programmers and not to those who unlawfully breach the security of systems. A hacker is any person who investigates the integrity and security of an operating system. Most commonly, these individuals are programmers. They usually have advanced knowledge of both hardware and software and are capable of rigging (or hacking) systems in innovative ways. Often, hackers determine new ways to utilize or implement a network,

2.

Prepared By: - Kishor M. Thanth

Hacking…
ways that software manufacturers had not expressly intended  A hacker is a person intensely interested in the arcane and recondite workings of any computer operating system. Most often, hackers are programmers. As such, hackers obtain advanced knowledge of operating systems and programming languages. They may know of holes within systems and the reasons for such holes. Hackers constantly seek further knowledge, freely share what they have discovered, and never, ever intentionally damage data  Modern Hackers write programs to check the integrity of other programs.  In other technical fields, hacker is extended to mean a person who makes things work beyond perceived limits through their own technical skill, such as a hardware hacker, or reality hacker.

Cracker
 A cracker is any individual who uses advanced knowledge of the Internet (or networks) to compromise network security. Historically, this activity involved cracking encrypted password files, but today, crackers employ a wide range of techniques. Hackers also sometimes test the security of networks, often with the identical tools and techniques used by crackers. To differentiate between these two groups on a trivial level, simply remember this: Crackers engage in such activities without authorization. As such, most cracking activity is unlawful, illegal, and therefore punishable by a term of imprisonment.  A cracker is a person who breaks into or otherwise violates the system integrity of remote machines, with malicious intent. Crackers, having gained unauthorized access, destroy vital data, deny legitimate users service, or basically cause problems for their targets. Crackers can easily be identified because their actions are malicious.

3.

Prepared By: - Kishor M. Thanth

Hacking…

Crackers rarely write their own programs. Instead, they beg, borrow, or steal tools from others. They use these tools not to improve Internet security, but to subvert it. They have technique, perhaps, but seldom possess programming skills or imagination. They learn all the holes and may be exceptionally talented at practicing their dark arts, but they remain limited. A true cracker creates nothing and destroys much. His chief pleasure comes from disrupting or otherwise adversely effecting the computer services of others.

What damage can a Hacker do?
 This depends upon what backdoor program(s) are hiding on your PC. Different programs can do different amounts of damage. However, most allow a hacker to smuggle another program onto your PC. This means that if a hacker can't do something using the backdoor program, he can easily put something else onto your computer that can. Hackers can see everything you are doing, and can access any file on your disk. Hackers can write new files, delete files, edit files, and do practically anything to a file that could be done to a file. A hacker could install several programs on to your system without your knowledge. Such programs could also be used to steal personal information such as passwords and credit card information

Why Do Crackers Exist?
 Crackers exist because they must. Because human nature is just so, frequently driven by a desire to destroy instead of create. No more complex explanation need be given. The only issue here is what type of cracker we are talking about.

4.

Prepared By: - Kishor M. Thanth

These may land on the battlefield. such as retrieving lists of TRW profiles. cracked refers to that condition in which the victim network has suffered an unauthorized intrusion.Kishor M. perhaps denying access even to privileged users. squarely between two competing companies. They will break into almost any type of system you like. Perhaps Company A wants to disable the site of Company B. Other common pursuits are cell-phone cloning. There are crackers for hire. and garden-variety fraud. The intruder gains access and destroys. corrupts. piracy schemes. Thanth . each of which is discussed at length within this book. They may just be getting their kicks at the expense of their targets. These are then used to apply for credit cards under the names of those on the list. • The intruder gains access and seizes control of a compartmentalized portion of the system or the whole system.Hacking…  Some crackers crack for profit. There are various degrees of this condition. Some of these crackers get involved with criminal schemes. Prepared By: . entry that is unauthorized on a network that requires--at a minimum--a login and password). Here. What Is Meant by the Term Cracked?  For our purposes. or otherwise alters data. • 5. Other crackers are kids who demonstrate an extraordinary ability to assimilate highly technical computer knowledge. I offer a few examples of this cracked condition: • The intruder gains access and nothing more (access being defined as simple entry. for a price.

To drive that point home. •  To be fair. Hacker: Highly skilled programmer  The positive usage of hacker is one who knows a (sometimes specified) set of programming interfaces well enough to program rapidly and expertly. However. In fact. Today. modern security techniques have made cracking more difficult. the gorge between the word difficult and the word impossible is wide indeed. They. hang. The hacker community. must be secure. defense and intelligence agencies form the basis of our national security infrastructure. Thanth . I will begin with governmental entities. falls into at least four partially overlapping categories.Hacking… The intruder does NOT gain access. This type of hacker is well-respected (although the term still carries 6. that gap is closing each day. Prepared By: .Kishor M. After all. much of which is freely available on the Internet. Categories of hacker  Here I list out few types of Hacker. but instead implements malicious procedures that cause that network to fail.  The purpose of this chapter is to show you that cracking is a common activity: so common that assurances from anyone that the Internet is secure should be viewed with extreme suspicion. more than any other group. The balance of knowledge between these individuals and bona-fide security specialists is not greatly disproportionate. crackers have access to (and often study religiously) a wealth of security information. either permanently or temporarily. the set of people who would describe themselves as hackers or described by others as hackers. reboot. or otherwise manifest an inoperable condition.

In other cases.Hacking… some of the meaning of hack). and is capable of developing programs without adequate planning or where pre-planning is difficult or impossible to achieve. This attitude can cause friction in environments where other programmers are expected to pick up the half finished work.Kishor M. where a hacker is willing to maintain their own code. Very talented hackers may become bored with a project once they have figured out all of the hard parts. This includes individuals who work toward maintaining and improving the integrity of such mechanisms. the most common usage of hacker 7. Thanth . documentation. and be unwilling to finish off the "details". decipher the structures and ideas. Prepared By: .  Additionally. there is sometimes a social downside associated with hacking. At their best. On the other hand. a hacker is one who specializes in work with the access control mechanisms for computer and network systems. While not universal. This zugzwang gives freedom and the ability to be creative against methodical careful progress. The technical downside of hacker productivity is often in maintainability. it is not uncommon for hackers to thrive on social interaction Hacker: Computer and network security expert  In the networking sense. a company may be unable to find anyone else who is capable or willing to dig through code to maintain the program if the original programmer moves on to a new job. and bullet-proof the code. the difficulty in relating to others and the often abrasive personalities of some hackers makes some of them difficult to work with or to organize into teams. nor even restricted to hackers. The stereotype of a hacker as having gained technical ability at a cost in social ability has historical basis in an uncomfortable amount of factual foundation in many individuals. However. and completion. hackers can be very productive.

At the most basic end of this spectrum are those who make frequent changes to the hardware in their computers using standard components. This use of hacker as intruder (frequent in the media) generally has a strong negative connotation.Hacking… in this respect refers to someone who exploits systems or gains unauthorized access by means of clever tactics and detailed knowledge. resulting in the modern Hacker definition controversy. An example of such modification includes the addition of TCP/IP Internet capabilities to a number of vending 8. and is disparaged and discouraged within the computer community. and many enjoy LAN parties. These people often show off their talents in contests. This type of Hacker modifies his/her computer for performance needs and/or aesthetics. Hacker: Hardware modifier  Another type of hacker is one who creates novel hardware modifications. or who exclusively use programs developed by others to achieve a successful security exploit.  For such hackers specializing in intrusion.Kishor M. These changes often include adding memory. while taking advantage of any carelessness or ignorance on the part of system operators. Prepared By: . Thanth . this group blurs into the culture of hobbyist inventors and professional electronics engineering. or make semicosmetic themed modifications to the appearance of the machine. the highly derogatory term script kiddies is often used to indicate those who either claim to have far more skill than they actually have. storage or leds and cold cathode tubes for light effects. At the more advanced end of the hardware hackers are those who modify hardware (not limited to computers) to expand capabilities.

 Hackers who have the ability to write circuit-level code.Hacking… machines and coffee makers during the late 1980s and early 1990s. and almost always considered to be wizards or gurus of a very high degree. This is primarily due to the enormous difficulty. (and even more impressively. firmware. device drivers. 9. are typically in very high regard among hacker communities. Thanth . low-level networking. Such hackers are rare. as well as the electrical engineering expertise that plays a large role. complexity and specialized domain knowledge required for this type of work. using these techniques to make devices do things outside of their spec sheets).Kishor M. Prepared By: .

Thanth . Some are as follows :  netbios  ICMP Ping  FTP  rpc. Netbios is meant to be used on local area networks. Unfortunately. so machines on that network can share information.statd  HTTP Netbios  Netbios hacks are the worst kind.  How do Hackers hack? There are many ways in which a hacker can hack. Biohackers are similar to computer hackers who are hobbyists and like to tinker with DNA and other aspects of genetics. since they don't require you to have any hidden backdoor program running on your computer. both within and outside an academic.Hacking… Biohacker Biohacker is a term used to describe an individual who experiments with DNA and other aspects of genetics. This kind of hack exploits a bug in Windows 9x.Kishor M. Prepared By: . the bug is that netbios can also be used 10.  The exponential advances in biological technology typified by the approximate doubling of DNA sequencing and synthesis efficiencies on an annual basis without cost increases is likely to create a subculture of Biohackers who will increasingly tinker with available genes and even create completely new genes with novel functions. governmental or corporate laboratory.

Prepared By: .so a hacker can access your machine remotely. 11.Kishor M.Hacking… across the Internet . Thanth .

If data is received that is larger than this buffer. Also.Kishor M. the data overflows the memory that has 12. but a large number of pings can make a Denial-of-Service attack. This is where a fixed amount of memory is set aside for storage of data. which overloads a computer.Hacking… ICMP ‘Ping’ (Internet Control Message Protocol)  ICMP is one of the main protocols that make the Internet work. Pings may seem harmless enough. FTP can also be used by some hackers. hackers can use pings to see if a computer exists and does not have a firewall (firewalls can block pings). FTP normally requires some form of authentication for access to private files. Prepared By: . It standards for Internet Control Message Protocol. This is all pings are meant to do. Thanth .. If you have a web page of your own. the program should truncate the data or send back an error. 'Ping' is one of the commands that can be sent to a computer using ICMP. standing for File Transfer Protocol. you may use FTP to upload it from your home computer to the web server. then the hacker could then launch a more serious form of attack against a computer. The problem is the infamous unchecked buffer overflow problem. or for writing to files Rpc. FTP (File Transfer Protocol)  FTP is a standard Internet protocol. If a computer responds to a ping. However.statd  This is a problem specific to Linux and Unix. a computer would respond to this ping. You may use it for file downloads from some websites. telling the sender that the computer does exist. Unfortunately.. Ordinarily. or at least do something other than ignore the problem.

such as Personal Web Server. you need only understand how password generators work. A malicious user could use this to run any program they want on the server. A password cracker need not decrypt anything. This can cause crashes of various different kinds. Real encrypted passwords  Many so-called password crackers are nothing but bruteforce engines--programs that try word after word. What Is a Password Cracker?  A password cracker is any program that can decrypt passwords or otherwise disable password protection. However. These rely on the theory that eventually. There is a bug in this software called an 'unchecked buffer overflow'. a skilled hacker could write bits of program code into memory that may be executed to perform the hacker's evil deeds.Kishor M. this is not always the user's fault: How Do Password Crackers Work?  To understand how password crackers work. often at high speeds. most of them don't. part of the request gets written into parts of memory that contain active program code. HTTP hacks can only be harmful if you are using Microsoft web server software. primarily due to the factor of human laziness.. Most password 13.Hacking… been allocated to it. and the data is written into parts of memory it shouldn't be in. If a user makes a request for a file on the web server with a very long name. Prepared By: . HTTP  HTTP stands for Hyper Text Transfer Protocol. you will encounter the right word or phrase. Humans simply do not take care to create strong passwords. Thanth . In fact. However. This theory has been proven to be sound.

Imagine that you created your own code. veiled. An excellent and concise description of cryptography is given by Yaman Akdeniz in his paper Cryptography & Encryption:  Cryptography defined as "the science and study of secret writing. To illustrate this process. Crypto stems from the Greek word kryptos. so that only certain people can see the real message  Most passwords are subjected to some form of cryptography. Cryptography is the practice of writing in some form of code. The etymological root of the word cryptography can help in this regard. passwords are encrypted." concerns the ways in which communications and data can be encoded to prevent disclosure of their contents through eavesdropping or message interception. cryptography is the art of secret writing. which means writing. Cryptography  This definition is wide. Thanth . That is. Graph is derived from graphia. or mysterious. using codes. Kryptos was used to describe anything that was hidden. ciphers. and I want to narrow it. where each letter of the alphabet corresponded to a number 14. secret. obscured. and other methods.Hacking… generators use some form of cryptography. let me reduce it to its most fundamental. Thus.Kishor M. Prepared By: .

Thanth . a daemon or a server is a program that runs on the box. Commonly. It's based on the TPC/IP protocol.  Here are some common ports and their usual services (there are a lot more): Port number 21 23 25 80 110 Example: Common service FTP Telnet SMTP HTTP POP3 Example daemon (d stands for daemon) Ftpd Telnet Sendmail Apache GPOP 15. Prepared By: .  So you can open a connection and send data to any these ports.Hacking… TCP ports and scanning  First of all. Some of them are opened and waiting for your data to be sent.Kishor M. opens its port and offers their damn service. you should know some things about the internet. Those ports are associated with a service:  Every service is hosted by a DAEMON.(and others)  It works like this: every box has 65k connection PORTS.

html.We need to know what ports are opened in the box we want to hack. Prepared By: .html" plus two 'intro' (it really sends a lot of things more. and it has worked: 1.host. your browser does this: • • It connects to the TCP port 80 It sends the string: "GET /HTTP/1. so.. Click on "Start" than 16. but that is the essential) • The host sends the html file  The cool thing of daemons is they have really serious security bugs. How could we get that information? We got a use a scanner.com/luser/index. That's why we want to know what daemons are running there. or on gunbound if your IP get's blocked.1 /luser/index.Kishor M. How to Change IP Address ?  The following is a guide on how to change your IP in 30 seconds or less.. The best scanner i can think of is nmap. created by Fyodor. Thanth . A scanner is a program that tries to connect to every port on the box and tells which of them are opened.Hacking… When you visit the website http://www. This can be used if your IP has been banned from a game server. I've tried this on both Windows XP and Windows 2000.

Right-click back on "Local Area Connection" and go to properties again. Click on "properties" You should now be on a screen with something titled "Local Area Connection". Create an IP address (It doesn't matter what it is. Type in "command" and hit ok You should now be at an MSDOS prompt screen. 7. 16. 4. Double-click on the "Internet Protocol (TCP/IP)" from the list under the "General" tab 10. Prepared By: . Click on "Run" 3.Hacking… 2. Right click on "Local Area Connection" and click "properties" 9. I just type 1 and 2 until i fill the area up). Click on "Use the following IP address" under the "General" tab 11. all of your other networks. Right-click on "Network Places" or "My Network Places" on your desktop. and. 12. Hit the "Ok" button here 14. Go back to the "TCP/IP" settings 17.Kishor M. Type "exit" and leave the prompt 6. 15. select "Obtain an IP address automatically" 17. Press "Tab" and it should automatically fill in the "Subnet Mask" section with default numbers. Thanth . or something close to that. Type "ipconfig /release" and hit "enter" 5. 13. This time. if you have a network hooked up. 8. Hit the "Ok" button again You should now be back to the "Local Area Connection" screen.

Hacking… 18. can an anonymous user log in?). How Do Scanners Work?  True scanners are TCP port scanners. The purpose of the sniffer to place the network interface--in this case.Kishor M. Thanth . These are not true scanners. Hit "Ok" again 20. common to UNIX platforms. (Good examples of such utilities are the rusers and host commands. but might also be used to collect information about a target host. a user in Los Angeles can uncover security weaknesses on a server in Japan without ever leaving his or her living room. for example) and record the response from the target. Hit "Ok" 19. Prepared By: .) Sniffers  A sniffer is any device. You now have a new IP address. that grabs information traveling along a network. By deploying a scanner. In this way. they glean valuable information about the target host (for instance.  Other so-called scanners are merely UNIX network utilities. the 18. That network could be running any protocol: Ethernet. which are programs that attack TCP/IP ports and services (Telnet or FTP. TCP/IP. whether software or hardware. Scanners What Is a Scanner?  A scanner is a program that automatically detects security weaknesses in a remote or local host. These are commonly used to discern whether certain services are working correctly on a remote machine. or others (or any combination of these). IPX.

Essentially. With relatively few exceptions. which grab keystrokes and nothing more. Sniffers are designed to capture and archive that data for later inspection. that sniffer could be placed anywhere within that block 19. This peering might or might not reveal important information. or it might be a real sniffer. In this respect. However. a key capture utility is the software equivalent of peering over someone's shoulder.  A sniffer is nothing more than hardware or software that hears (and does not ignore) all packets sent across the wire. The software might be a general network analyzer enabled with heavy debugging options.  A sniffer can be (and usually is) a combination of both hardware and software.  A sniffer must be located within the same network block (or net of trust) as the network it is intended to sniff.  When one discusses sniffers.Kishor M. each of these devices could be a sniffer). Prepared By: . but what about other terminals? In contrast.Hacking… Ethernet adapter--into promiscuous mode and by doing so. This network traffic (irrespective of what protocol is running) is composed of packets (these might be IP datagrams or Ethernet packets). These are exchanged between machines at a very low level of the operating-system network interface. True. every machine and every router is a sniffer (or at least. one is not discussing key capture utilities. sometimes very sensitive data. Thanth . these also carry vital data. to capture all network traffic. it might capture passwords typed into the console of the local terminal. sniffers capture network traffic. This information is then stored on some media and archived for later viewing.

When this occurs. Thanth .  To circumvent this problem. if you have the storage media to handle that kind of volume. Trojan What Is a Trojan?  The unauthorized functions that the trojan performs may sometimes qualify it as another type of malicious device as well. the outfile of a sniffer could easily fill a hard disk drive to capacity (if you logged every packet). certain viruses fit into this category.Kishor M. the program can be correctly referred to as both a trojan and a virus. crackers typically sniff only the first 200-300 bytes of each packet.Hacking… What Information Is Most Commonly Gotten from a Sniffer?  A sniffer attack is not as easy as you might think. However. 20. Contained within this portion is the username and password. The file that harbors such a trojan/virus has effectively been trojaned. Simply setting up a sniffer and leaving it will lead to problems because even a five-station network transmits thousands of packets an hour. it is true that you could sniff all the packets on a given interface. Within a short time. Prepared By: . which is really all most crackers want. It requires some knowledge of networking before a cracker can effectively launch one. For example. you would probably find some interesting things. Such a virus can be concealed within an otherwise useful program.

In such a climate. Thus. a cracker with root privileges could alter the entire system to suit his or her needs. • • Trojans can affect many machines. Trojans are found in binaries. the term trojan is sometimes used as a verb. 21. mainly for reasons already stated: • Trojans are difficult to detect. Thanth . This unauthorized program performs functions unknown (and probably unwanted) by the user.Hacking… Thus. A legitimate program that has been altered by the placement of unauthorized code within it. In most cases. In that time. this code performs functions unknown (and probably unwanted) by the user. as in "He is about to trojan that file. • What Level of Risk Do Trojans Represent?  Trojans represent a very high level of risk. Trojans are a perfect example of the type of attack that is fatal to the system administrator who has only a very fleeting knowledge of security. a Trojan can lead to total compromise of the system.Kishor M. Prepared By: . The Trojan may be in place for weeks or even months before it is discovered." • An unauthorized program contained within a legitimate program. • Any program that appears to perform a desirable and necessary function but that (because of unauthorized code within it that is unknown to the user) performs functions unknown (and probably unwanted) by the user. new holes may exist of which the system administrator is completely unaware.  Let me elaborate. which remain largely in non-human-readable form. even when the Trojan is discovered.

Thanth . 1. But the situation changes radically when you want to alter a binary file. When editing plain text files. let me explain the process by which a file becomes trojaned. Briefly. Conversely. size is probably a slightly more reliable index than time. to alter a binary file (and still have the program function) is a more complicated process. Thus. if no such information exists on your server. some knowledge of encryption can help.Kishor M.Hacking… How Does One Detect a Trojan?  Detecting trojans is less difficult than it initially seems. It takes cutting a bit here and adding a bit there.024KB and end up with that same size. say. you might feel comfortable employing less stringent methods  Another way to check the integrity of a file is by examining its size. also. Binary files usually involve the inclusion of special function libraries and other modules without which the program will not work.  If your environment is such that sensitive data resides on your server (which is never a good idea). it is simple to start out with a size of. you will want to take advanced measures. Prepared By: . But strong knowledge of your operating system is needed. However. The programmer must preserve all the indispensable parts of the program and still find room for his or her own code. How hackers Trace IP Address?  Getting the Internet Protocol or the IP Address of a remote system is said to the most important step in hacking of 22. Therefore. this method is extremely unreliable because of how easily this value can be manipulated. before I continue.

Prepared By: . that particular individual can be contacted on that number or address. But. however we get an IP in order to get more information on someone or some host.Hacking… asystem. the IP address (Actually the entire TCP/IP Protocol) is structured or designed such that one cannot tell as to in which country a system having the given IP is situated. everyone has got an individual Home Address or telephone number so that.  However. similarly all computers connected to the Internet are given a unique Internet Protocol or IP address which can be used to contact that particular computer.49. An IP Address has no fields. yes sometimes one can guess or deduce as to in which country and even in which city the system using an IP resides in. 202 is the Network number or the Network Prefix. before I move on the example.  Actually. by simply looking at the first three fields of the IP. The second part i.Kishor M. all myths like ‘The Second or the third field of an IP stands for the country in which the system using it resides’ are definitely false and untrue.e. the numbers before the first decimal i.  Let take the example of the following IP address: 202. by simply looking at it. Let us take an example to understand what I mean to say by this.110 Now the first part.e. Now. how can an IP Address be used to get more information on the location  Like in the real world. let us understand how exactly IP Addresses are awarded to you. So.  This means that it identifies the number of the network in which the host is. which tell you the country in which the computer using it resides in. 144 is the Host 23. Sometimes. Thanth .144.

 Now if your ISP is a big one and if it provides you with dynamic IP addresses then you will most probably see that 24.255.xxx  Each Class A Network Address contains a 8 bit Network Prefix followed by a 24-bit host number. It is referred to as "24's" and is commonly used by most ISP's. They are referred to as "/8''s" or just "8's" as they have an 8-bit Network prefix.0.xxx. It is referred to as "16's".xxx through 191.255.  This means that in the same Network. the network number is same. Prepared By: .  Due to the growing size of the Internet the Network Administrators faced many problems. Here are different classes of IP addresses: Address Class Dotted Decimal Notation Ranges Class A ( /8 Prefixes) 1.xxx Class C ( /24 Prefixes) 192.  A class C Network address contains a 24-bit Network Prefix and a 8 bit Host number.  In a Class B Network Address there is a 16 bit Network Prefix followed by a 16-bit Host number.xxx.xxx.xxx Class B ( /16 Prefixes) 128. This is where sub-netting came in.xxx.xxx through 223.xxx through 126. The Internet routing tables were beginning to grow and now the administrators had to request another network number from the Internet before a new network could be installed at their site.0.0.  They are considered to be primitive. Thanth .Kishor M.xxx.Hacking… Number that is it identifies the number of the host within the Network.255.xxx. In order to provide flexibility in the size of the Network.

Yyy is variable.e. then the first this to do is to locate where the nslookup command is hidden by issuing the following command: ' whereis nslookup '  We can use ‘nslookup’ to perform a reverse DNS lookup by mentioning the IP of the host at the prompt. For Example. This in effect would mean that all people using the same ISP are likely to have the same first three fields of their IP Addresses. $>nslookup IP Address 25. will have to be in this range.98. Thanth .98.xxx.Hacking… whenever you log on to the net. whose first three fields are 203.  The popular and wonderful Unix utility ‘nslookup’ can be used for performing Reverse DNS lookups.12.12. if you using a *nix box or if you have access to a shell account.  So you are always connected to the same Subnet within the same Network. For Example. all subscribers or all people connected to the internet using the same ISP. Or in other words. if say an ISP xyz is given the IP: 203. your IP address will have the same first 24 bits and only the last 8 bits will keep changing.yyy Where the first 2 parts are Network Prefix numbers and the zzz is the Subnet number and the yyy is the host number. Get it?  So.zzz. This is due to the fact that when sub-netting comes in then the IP Addresses structure becomes: Xxx. As a result the first 3 parts will remain the same and only the last part i. Prepared By: .xx Network address then you can be awarded any IP.  So. basically this means that each ISP has a particular range in which to allocate all its subscribers.Kishor M.

il Britain .uk Other Way to locate some ones IP WHOIS  Another method of getting the exact geographical location of a system on the globe is by making use of the WHOIS database. The WHOIS database is basically the main database. You see. which contains a variety of information like 26. the ‘.au Indonesia .12. if a person has an email address ending in .id India . Prepared By: . if you carefully look at the hostname that the Reverse DNS lookup.in  Now. instead of IP Address.12.01  Then.ph then he probably lives in Philippines Here are Few Country Codes Australia .bol. you would receive a response similar to: mail2.net.94.in’ part signifies that the system is located in India.01 (which would be the IP I want to trace.Hacking…  Note: The below IP’s and corresponding hostnames have been made up.94. For Example. gave us. if you know his email address. then the last part reveals the country in which system resides in. Thanth . $>nslookup 203.Kishor M.in Japan .  Let us say. They may not actually exist. All countries  This method can also be used to figure out as to which country a person lives in.).jp Israel . that above. we type 203.

25. Thanth .  This method cannot be used to get the contact address of a person. Traceroute / tracert  Yet another and probably the second most efficient method (after Reverse DNS queries) of tracing an IP to its exact geographical location. belongs to his ISP. name etc on the person who owns a particular domain name. So. before reaching the destination. is to carry out a ‘traceroute’ on it.  Windows users can perform a trace of an IP. if the IP that you use to trace him. basically what one does in a WHOIS query  You could also directly enter the following in the location bar of your Browser and perform a WHOIS enquiry.177.9/cgi-bin/whois?Abc. The ‘tracert’ or ‘traceroute’ commands give you the names or IP’s of the routers through which it passes.com Note: Replace abc.Kishor M. by typing the following at the command line prompt: Example: C:\windows>tracert IP or Hostname WINDOWS XP HACKING 27. Prepared By: .com with the domain name on which you want to perform a WHOIS query.Hacking… contact details. either you need to know the domain name (which is registered on his name) or have to remain satisfied knowing only the city (and ISP) used by the person  The WHOIS service by default runs on Port 43 of a system. So.  Enter the following in the location bar of your browser: Example: Http://205.

The Create Shortcut Wizard appears. If you want. this topic will have you well on your way. speeding up file downloads. tools. and then choosing Shortcut. taking a bite out of cookies.    But you can do much more with a shutdown shortcut than merely shut down your PC. double-clicking on it will shut down your PC. and then select Shut Down or Restart.Kishor M. Thanth . The book delves into XP topics such as controlling the control panel. create a shortcut on your desktop by right-clicking on the desktop. displaying a specific message or automatically shutting down any programs that are running. stopping pop-up ads. like this: Shutdown -r -t 01 -c "Rebooting your PC" 28. After you create the shortcut. First.Hacking…  Windows XP Hacks here tips. Even if you're not a power user yet. In the box asking for the location of the shortcut. timesaving. Users of both Windows XP Home Edition and Windows XP Pro Edition will find smart. fun. Prepared By: . type shutdown. and more. changing unchangeable icons. protecting yourself with firewalls and proxy servers. and know-how to bend Windows XP to your will. choosing New. removing uninstallable XP components. Miscellaneous Startup and Shutdown Hacks Create One-Click Shutdown and Reboot Shortcuts  Turning off or rebooting XP involves a several-step process:  Click the Start menu. choose Shut Down. You can add any combination of several switches to do extra duty. and useful hacks for virtually every feature in their operating system.

A maximum of 127 characters can be used. Forces any running applications to shut down. Table 1-3 lists all of them and describes their use. Logs off the current user. Reboots the PC. in seconds. you'll have to log in to XP before you can begin to use it. before performing the action.Kishor M. and one for rebooting. Here are the ones I use: Shutdown -s -t 03 -c "See you later!" Shutdown -r -t 03 -c "You can't get rid of me that quickly!" Switches you can use with shutdown Switch -s -l -t nn What it does Shuts down the PC.Hacking…  Double-clicking on that shortcut will reboot your PC after a one-second delay and display the message "Rebooting your PC.  I use this technique to create two shutdown shortcuts on my desktop—one for turning off my PC." The shutdown command includes a variety of switches you can use to customize it. -c "messagetext" -f -r Control User Logins by Hacking the Registry Make better use of the XP login screen. Thanth . Displays a message in the System Shutdown window. Indicates the duration of delay.  If there is more than one user account on your system. Prepared By: . The message must be enclosed in quotation marks. But you needn't stay 29. or if you've set up XP to require logins.

Following are the most important values you can edit to customize logons.) The box has a title and text. all users will have to enter both their username and password in order to log on. If this String value is present and set to 1. which contains a variety of logon settings (as well as some settings not having to do directly with logons). For example. used in concert with the legalnoticetext value. The legalnoticecaption value will be the dialog box's title. Thanth . but this value is often used for that purpose.  To control logon options. It will be displayed only if the dontdisplaylastusername value is not present or is set to 0. Prepared By: . run the Registry Editor and go to the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\currentversion\Winlogon subkey. and you can remind anyone with an account on the PC to change their password a certain number of days prior to the password's expiration. Legalnoticecaption This String value. Defaultusername This String value contains the name of the last user who logged on. 30. displays a dialog box prior to logon that contains any text you want to display. (The text doesn't have to be a legal notice. you can display custom text before login. If the value is 0. you can use a single Registry key to customize how you log in. Dontdisplaylastusername This setting lets you control how the system logon dialog box is used.Kishor M.Hacking… with the default XP login rules. the name of the last user to log on will be displayed in the system logon dialog box.

Prepared By: . contains the text that you want to be displayed inside a dialog box displayed prior to logon. used in concert with legalnoticecaption. 31. Thanth .Hacking… Legalnoticetext This String value.Kishor M.

The default is Explorer.exe for Program Manager.exe for the Task Manager. It determines the shell—the user interface—that will be used by XP. Type in the name of the program—for example. click on the decimal button and enter the number of days. Progman. the Program Manager from older Windows versions. A value of 0 tells XP not to restart the shell. but it's another good one to know. Prepared By: .exe. Thanth . To edit the value. Shutdownwithoutlogon This String value enables or disables a button on the XP logon dialog box that lets the system be shutdown. but it can be another shell as well—for example. It lets you determine how many days ahead of time the warning should be issued. A value of 1 enables the button (so that it is shown). forcing you to log off and then back on again to restart it. 32. but it's one you should know about. It sets whether to automatically restart the Windows shell if the shell crashes. Autorestartshell This DWORD value doesn't have to do with logons either. A value of 1 automatically restarts the shell. Shell This String value really doesn't have to do with logons.Kishor M.Hacking… Passwordexpirywarning This DWORD value lets you display a warning message to users a certain number of days before their passwords are set to expire. a value of 0 disables the button (so that it is not shown). or Taskman.

 While you're at the HKEY_CURRENT_USER/Software/Microsoft/Windows/currentver sion/Policies/Explorer key. Assign it a value of 1. Thanth . so I'd prefer not to see the icons there.) Exit the Registry and reboot.  I don't find it a particularly intelligent use of screen real estate. this key controls the display of objects throughout XP. You can also delete the My Recent Documents icon on the Start menu. in which utilities and programs that run in the background. also called the Notification Area. run the Registry Editor and go to HKEY_CURRENT_USER/Software/Microsoft/Windows/currentver sion/Policies/Explorer.Hacking… Hacking Your Way Through the Interface Hide All Icons in the Notification Area  The System Tray. (A value of 0 will keep the icons displayed. Assign it a value of 1. Prepared By: .Kishor M. such as antivirus software. To hide them. Hack the Registry 33. is the small area on the far-right side of the Taskbar. Create a new DWORD called notrayitemsdisplay . Create a new DWORD called norecentdocsmenu. (A value of 0 will keep the icon displayed.) Exit the Registry and reboot. show their icons. Among other things.

In fact. settings in one hive mirror the settings in another hive. Editing the Registry database is often the best way to hack XP. The Registry is a hierarchical database of information that defines exactly how your system works. you may notice that many of the settings seem to be exact duplicates of one another—in other words. The Five Logical Registry Hives  The Registry has many thousands of settings.  The way to edit the Registry is by using the Registry Editor . Each of the hives has a different purpose. in fact. though. also called regedit. so that when you change those settings in one place. To run it.Kishor M. In fact. 34. When you start to delve into the Registry. there are many changes to the operating system that you can make in no other way. called Registry hives. Prepared By: . They are organized into five main Registry sections. frequently one set of settings is merely an alias (called a symbolic link) of another. Thanth . At first glance. you can easily be cowed by it. it's a maze of apparently incomprehensible settings. the changes are made in both hives. Think of each hive as a root directory. including virtually every part of XP and its applications. type regedit at the Run box or command line and press Enter. there's a method to the madness. In fact. it often has tens of thousands of them.Hacking…  If you haven't spent much time in the Registry.

filename extensions. such as file types or OLE objects. classes associated with file types contain the Shell subkey. This hive also includes class definitions (hence the word "CLASSES" in its name) of unique objects.Kishor M. Frequently. It instructs XP how to handle every different file type and controls basic user interface options. Thanth . such as double-clicking and context menus. and similar information. which defines actions. Prepared By: . that can be taken with that file type. such as opening and printing. 35.Hacking… Following are the five hives and what each does: HKEY_CLASSES_ROOT This hive contains information about file types.

HKEY_LOCAL_MACHINE This hive contains information about the computer itself. Thanth . It controls the current user's Desktop. drivers. HKEY_USERS This hive contains information about every user profile on the system. installed software. personal preferences such as screen colors. settings. printer ports.Kishor M. system startup. Prepared By: . including keyboard. it has information about security. as well as about the operating system. services. which uniquely identify users of the PC and which have information about each user's rights. and preferences. It includes specific details about all hardware. storage—the entire hardware setup. This hive also manages network connections and connections to devices such as printers. Also included in this hive are Security Identifiers (sids). as well as XP's specific appearance and behavior for the current user. and the machine's specific XP configuration. In addition. as well as security rights. Using Keys and Values 36. in the same way that HKEY_CURRENT_USER contains information about the current user of the system. HKEY_CURRENT_CONFIG This hive contains information about the current hardware configuration of the system.Hacking… HKEY_CURRENT_USER This hive contains configuration information about the system setup of the user that is currently logged into XP.

As a general rule. Prepared By: . REG_EXPAND_SZ (Expanded string value) This data type contains variables that Windows uses to point to the location of files.  Keys and subkeys contain a value. which controls a particular setting. is of this type. mentioned earlier in this hack. The Registry Editor will let you edit these values. and so on. which can in turn contain subkeys. REG_BINARY (Binary values) This data type is made up of binary data: 0s and 1s. you won't edit 37.Hacking…  Each hive is at the top of the hierarchy. Thanth . REG_MULTI_SZ (String array value) This data type contains several strings of plain text and numbers.Kishor M. It is one of the most common data types in the Registry. and those subkeys can contain subkeys. A key can contain one or more values. much like a hard drive. but it won't let you create them. and underneath each hive are keys. to point to the location of the Luna theme file. the expanded string value in the Registry is %systemroot%\resources\Themes\Luna. organized in folder-like fashion. Following are the five primary data types of values in the Registry: REG_SZ (String value) This data type is easy to understand and edit because it is made up of plain text and numbers. For example. The value for doubleclickspeed. Typical example of a binary value.theme.

1C8. such as 456.Kishor M. While you see and edit the value as a number. Sometimes a 0 turns on the key or 1 turns off the key. REG_DWORD (DWORD values) This data type is represented as a number.Hacking… binary values—instead you'll edit string values because they're made up of text and numbers. Thanth . the Registry itself views the number as a hexadecimal number. though it can use other numbers as well. 38. Prepared By: .

you can manually close down ports and block protocols. which also can give malicious users complete control of your PC. Highlight the Internet Protocol (TCP/IP) listing and choose Properties. To close down ports and protocols manually. Close Down Open Ports and Block Protocols You don't need a firewall to protect your PC. Firewalls can protect your PC and your network from intruders. And the infamous Back Orifice Trojan. But if you don't want to install a firewall and you still want protection. leaving open the port commonly used by Telnet (port 23) means that someone could use that service to take control of your PC. including 31337 and 31338 among others. click the Advanced button. On the General tab. you can manually close down ports and block certain protocols. uses a variety of ports. From the Advanced TCP/IP 39. For example.Hacking… Values you'll encounter in the Registry Value name String value Binary value DWORD value String array value Expanded string value Registry data type REG_SZ REG_BINARY REG_DWORD REG_MULTI_SZ REG_EXPAND_SZ Network Hacks. Prepared By: . Thanth . Right-click on the connection for which you want to close ports and choose Properties. right-click on My Network Places and choose Properties to open the Network Connections folder.Kishor M. Some of these ports and protocols are more dangerous than others.

Open the Registry key: 3. though.Kishor M. Click Add to add the ports or protocols that you will allow to be used.Hacking… Settings dialog box that appears. so you have to add the ports that you want to allow to pass—such as port 80 for web access. Doing this will effectively block all TCP ports. To block TCP ports. When you use My Network Places to browse for other machines on your network. Prepared By: . UDP ports. and IP protocols. You don't want to block all ports. choose the Permit Only option for each. Only the ports and protocols that are listed will be allowed to be used. The TCP/IP filtering dialog box appears. and IP protocols. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\currentversion\Explorer \ Remote Computer\namespace 4. Thanth . highlight TCP/IP filtering. Speed up your network browsing by tweaking your registry. You can decrease the time browsing takes by modifying the Registry to turn off this checking: 1. Invoke the Registry Editor by typing regedit at the command line. UDP ports. Delete the following key (the value for it is the Scheduled Tasks): 40. it usually takes a long time to display the list of shared resources for the target machine. and click OK when you're done. choose Options. Keep adding as many ports and protocols as you wish to be enabled. This is because Windows XP first checks for the scheduled tasks on the target machine before listing the shared resources present on the computer. You need to keep port 80 open if you want to browse the web. and choose Properties. This unnecessary checking can easily add 30 seconds of delay. 2.

you wouldn't get error messages and wouldn't have to 41. Thanth . but to give you a sense of the breadth of the kinds of hacks that you can accomplish using the Registry.Kishor M. That way. i've put a wide-ranging sample of Registry hacks here as well. It's a fairly pointless warning—better yet would be if XP automatically killed the programs without issuing the warning.Hacking… {D6277990-4C6A-11CF-8D87-00AA0060F5BF} 5. Seven great hacks that use the Registry to do their magic. You then have to close the program and tell XP again to shut down. Prepared By: . Close the Registry and reboot. Hacking Away at the Registry You'll find many dozens of Registry hacks sprinkled throughout this topic. if you have any programs running you'll get a message box warning you that a program is still running. Automatically Close Programs at Shutdown When you shut down Windows.

Exit the Registry and reboot in order for the change to take effect. and then using the Task Manager's Shut Down menu to 42. run the Registry Editor and go to HKEY_CURRENT_USER\Control Panel\Desktop. choosing Task Manager. Thanth . You won't be able to shut down Windows in the normal manner from now on. Disable XP Shutdown There may be times when you want to make sure that XP can't be inadvertently shut down. Edit the autoendtasks key so that is has a value of 1. or set the value to 0. To disable it. Run the Registry Editor and go to HKEY_CURRENT_USER\Software\Microsoft\Windows\currentversion\Policies\Explorer. you'll have to run Task Manager by pressing CtrlAlt-Delete or right-clicking on the Toolbar. To have XP automatically close programs at shutdown.Hacking… close each individual application before shutting down your computer. Create a new DWORD value named noclose with a data value of 1. Prepared By: .Kishor M. either delete the key. You can use a Registry hack to disable the normal Shut Down. If the key doesn't exist. create it as a DWORD value and give it the value of 1.

Run the Registry Editor.Kishor M.Hacking… close Windows. 43. Prepared By: . If you want to reenable normal shutdowns. a username and company name are entered as the owner of the system. Change the Names of the Registered User and Company When you install XP or when it comes factory-fresh on a PC. Thanth . And that's the way it stays. delete the noclose value. go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\currentversion. and look for the values registeredowner and registeredorganization. But a Registry hack will let you change both. like it or not. Edit their value data to whatever username and company name you want.

But you may be like me and not want a virtual nanny nagging you to clean up your mess.Kishor M. Exit the Registry and reboot. Prepared By: . the operating system will pop up a warning and recommend that you run Disk Cleanup. You can turn off the warning with a Registry hack. Thanth .Hacking… Disable the Disk Cleanup Warning If your hard disk has what XP decides is too little space left on it. 44. Run the Registry Editor and go to HKEY_CURRENT_USER\Software\Microsoft\Windows\currentversion\Policies\Explorer. Create a DWORD value called nolowdiskspacechecks and give it a value of 1.

Kishor M.Hacking… Change the Default Location for Installing Programs XP uses the C:\Program directory into which new can change the default using a Registry hack. Look for the value named programfilesdir. Edit the value to any valid drive or folder. 45. Thanth . the value will be C:\Program Files. Files directory as the default base programs are installed. Prepared By: . By default. However. XP will use that new location as the default installation directory for new programs. you installation drive and/or directory by Run the Registry Editor and go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\currentversion.

then exit the Registry and reboot. To increase your mouse buffer. 46. Thanth . To increase the keyboard buffer.Kishor M. go to HKEY_LOCAL_MACHINE\SYSTEM\currentcontrolset\Services\Mouclass\Parameters. When that happens. then exit the Registry and reboot. Prepared By: . You may need to try several different settings until you find the right one. Increase the number to increase the size of the buffer. and find the mousedataqueuesize subkey.Hacking… Change the Size of Your Mouse and Keyboard Buffer You sometimes may get an error message telling you that you have an overflow in your mouse buffer or keyboard buffer. Increase the decimal number to increase the size of the buffer. run the Registry Editor. The default setting is 100 (64 hex). look for the subkey HKEY_LOCAL_MACHINE\SYSTEM\currentcontrolset\Services\Kbdclass\Parameters. keyboarddataqueuesize in The default setting is 100 (64 hex). it means the buffer isn't large enough and you need to increase its size.

Prepared By: . you may need to try several different settings until you find the right one. Thanth .Hacking… Again. Edit the Registry key Manager\Memory HKEY_LOCAL_MACHINE\SYSTEM\currentcontrolset\Control\Session Management\disablepagingexecutive to 1 to disable paging and have the kernel run in RAM (set the value to 0 to undo this hack). Place Windows Kernel into RAM It's a given that anything that runs in RAM will be faster than an item that has to access the hard drive and virtual memory. Rather than have the kernel that is the foundation of XP using the slower Paging Executive functions. use this hack to create and set the disablepagingexecutive DWORD to a value of 1. Exit the Registry and reboot. Note: Perform this hack only if the system has 256 MB or more of installed RAM! 47.Kishor M.

Prepared By: .Kishor M. Thanth .Hacking… 48.

pcword.en.org/ www.com/ hacking Book (E-Book) ankit Fadia How to learn Hack (e-book) 49. Prepared By: .Hacking… Bibliography      www. Thanth .Kishor M.wikipedia.com www.realityhacking.