Monday, January 17, 2011

How to gain access to system account the most powerful account in Windows


How to gain access to system account the most powerful account in Windows.

There is an account in Microsoft Windows that is more powerful than the Administrator account in Windows Operating Systems. That account is called System account it is similar to the root OR super user in the Linux/Unix world . I will show you how to access this system account in this article.
You can use this facility for removing programs that are causing problems to your system, malware etc.
Introduction
If you look at the task manager (which can be launched by pressing [CTRL]+[ALT]+[DEL]) you will see some processes that are running with System level privileges. Even the Administrator account is unable to do some of the things a system account can do.
System is the highest account in Windows (like root),You can be a super power user by accessing the system account (even while you are logged in as a restricted user)
Note: Accessing system account may cause serious problems.
Leave this tread and don’t follow the rest of this topic
if you don’t know what you are doing. I am not liable for any problems caused by accessing the system account
Local system differs from an administrator account in that it has
full control of the operating system, similar to root on a Unix
machine. Most system processes are required by the operating
system, and cannot be closed, even by an administrator account;
attempting to close them will result in an error message.
In Windows NT and later systems derived from it (windows 2000,
Windows XP, Windows servers 2003 and Windows Vista), there may
or may not be a superuser. By default, there is a superuser named
Administrator, although it is not an exact analogy of the Unix
root superuser account. Administrator does not have all the
privileges of root because some superuser privileges are assigned
to the Local System account in windows NT/XP.
What you gain by accessing System account?
Local privilege escalation is useful on any system that a hacker
may compromise; the system account allows for several other
things that aren’t normally possible (you can reset passwords, resetting administrator passwords is also possible)
You can even login to System and lock administrator account out by
editing group policy or other tools in windows.
How to access System:
Note : Don’t follow the procedure bellow if you don’t know what you
are doing. You may harm your PC. If you follow, Do it on your own risk.
  1. Check the name of the account you’ve logged into (Click start. You
    will see the name of the account you’ve logged in.)
  2. Launch the command prompt. (Start | Run | cmd | [Enter] )
    in command prompt, create a schedule to run cmd.exe.
    To create a schedule type the following line and hit enter.
    at 10:41 /interactive “cmd.exe”
    this will create a schedule to run cmd.exe at 10:41.
    (Since you are testing, check the time in your system try and add two or three minutes.)Change this time according to your local time
    Hint: you can check if the schedule is placed by typing “at
    and hitting enter after the above step.
  3. Wait for the time you set for the schedule.
    cmd.exe would be launched at the specified time.
  4. After cmd.exe is launched by the scheduled time, press [CTRL] + [ALT] + [DEL] and launch task manager.
    Select “Process” tab, select explorer.exe in the process list and click “End Process” button.
    You will receive a confirmation dialogue. Click “Yes” to end the process.
  5. Close task manager by clicking the close (X) button.
    Close the first cmd window (be careful to close the first one not the second one.)
  6. Now you have only the second command prompt window and an empty desktop.
    In command prompt type the following line and hit “Enter”
    cd ..
  7. In command prompt type the following line and hit “Enter”
    explorer.exe
    If this is the first time you do it, windows creates the necessary
    components for you to access System ( Desktop, start menu,
    My document)
    when it’s finished you will have a new desktop.
  8. Close command prompt window. Click start and check your username.
    It’s changed to System.
    Now you are a super-power user. Be careful not to harm your PC and delete or modify system files if you don’t know what you are doing.
Am once again saying, don’t attempt accessing system account, unless you are an experienced Windows user.

Friday, January 14, 2011

FireFox Addons to Easier Copy Links and Anchor Texts


FireFox Addons to Easier Copy Links and Anchor Texts

Do you copy-paste links a lot? Most of our readers are most likely to.
This post offers a few useful FireFox addons that will let you copy links from the web easier and faster. Enjoy!

Do you copy-paste links a lot? Most of our readers are most likely to.
This post offers a few useful FireFox addons that will let you copy links from the web easier and faster. Enjoy!

1. Copy Links


Copy Links addon allows to quickly copy all or selected URLs with anchors to clipboard


A very similar addon: Copy Link URL: this addon lets you select a few links on a page and copy the URLs of them to clipboard (unlike in the above addon, there’s no option to copy ALL URLs on the current page):
 

With either of the two, if you copy the selected URLs in the above screenshots, you’ll get the following



Download from here:-https://addons.mozilla.org/en-US/firefox/addon/10552/



Copy Link Text

Unlike with the above two, this addon lets you copy the visible text of the selected link (one link only). With it, you won’t have to use your mouse to highlight the link to copy its text (If you are a heavy FireFox user, you may have noticed that highlighting links there is pain): this tool adds an option to the context menu so that when right-clicking a link, its text can be immediately copied – without the trouble of using the mouse to highlight the text exactly or the annoyance of unintentionally visiting the page of the link.

 

Copy URLs and Text for Multiple Links

If you copy links a lot, consider MultiLinks which adds plenty of possible actions for multiple links. It seems to be primarily used for opening multiple links but can as well be configured to copy multiple links. From addon options, click “Actions” tab and choose what you want to do with the selected links. In our case we may want to select one of the three options:
  1. Copy URLs and titles of the selected links
  2. Copy only URLs of the selected links
  3. Copy only titles (link text) of the selected links

 



Links are selected with the set combination of keys and mouse buttons: you can customize these in the options as well. In my options these are:
 



After all the settings are customized, you will be able to select your links using the combination of keys and buttons you have created:
 
 

Extract Firefox Addon Source Code

This instruct table will show you how to extract the source code from any Firefox addon. It requires nothing more than a ZIP extraction utility and a text editor if you choose to edit and repack the source.

NOTE : Some addons require a license agreement to be accepted beforehand. In that case, the XPI file can be saved from the button on the license acceptance page, and not the addon page itself.

Instead of just clicking the button and having Firefox take over, right click and choose "Save Link As...". Once the file transfer is done, you will have the addon package right on your computer.

step 2Extracting XPI File
Now that the file is on your computer, open up your personal ZIP extraction utility, and point it to the XPI file. In reality, XPI files are merely ZIP files renamed, so you can go ahead and extract the contents to a folder someplace. Common files outputted are...

install.js
install.rdf
/chrome/
/defaults/

With these files present, you're ready to move on.


step 3Extracting the Main JAR Code
Most of the core addon code is present in a JAR file found in the /chrome/ directory. You'll find that just as XPI is a rename of ZIP, so is JAR (but to a lesser extent). Using the same extraction utility, you should be able to extract the main addon files from the JAR.


step 4That's It!
What you have now are most of the raw source files from the addon. You can modify them as you wish, and repackage them with the modifications. Opening XPI files in Firefox will install them for you.

Always respect an authors work, and make sure they allow you to use their code. Don't just take a popular addon, change the credits, and rehost it. That is just simply stealing.




Exploit packs

Exploit packs

Exploit packs are very commonly used in today’s drive-by attacks. An exploit pack is a set of programs that exploit vulnerabilities in legitimate software programs running on the victim machine. In other words, the exploits open a sort of back door via which malicious programs can infect the computer. Since attacks on the web take place through the browser, cybercriminals need to exploit vulnerabilities in the browser, in browser add-ons, or in third-party software which is used by the browser to process content. The main purpose of exploit packs is to download and launch executable malicious files without the user noticing.
The screenshot below shows a typical set of add-ons for Firefox. The versions with vulnerabilities that have been exploited in previous attacks against users are highlighted. Furthermore, other vulnerabilities have been identified (and exploited) in Firefox itself.

Today, exploit packs represent the evolutionary peak of drive-by download attacks, and are regularly modified and updated. This is to ensure that they both include exploits for new vulnerabilities and are able to effectively counteract security measures.
Exploit packs have consolidated their niche on the cybercrime services market. At present, there are a great many exploit packs for sale on the black market; they differ in terms of price, the number of exploits included, the usability of the admin interface, and the level of customer service offered. In addition to the “off-the-shelf” exploit packs offered for sale, exploit packs can also be made to order, a service that is used by some cybercrime gangs.

s an example, let’s take a look at one of the most common exploit packs currently on open sale: Crimepack Exploit System.
Crimepack features its own control panel with a high-quality user interface.


Crimepack admin panel: the authentication screen
The admin panel web interface can be used to modify the configuration of the exploit pack. It also provides statistics on the number of downloads, successful exploits, and the operating systems and browsers running on victim computers.
Crimepacks statistics page in the admin panel The exploit pack itself is an encrypted and obfuscated HTML page that includes JavaScript.


Crimepack exploits: source code Analysis of the decrypted page makes it possible to trace Crimepack’s main functionality. The script within the page attempts, at set intervals, to exploit vulnerabilities in Internet Explorer, DirectX, Java, and Adobe Reader. During exploit attempts, a range of components are used, including malicious PDF and JAR files, which are loaded as the original script runs.

Crimepack exploits: main functionality By early July 2010, Crimepack Exploit System had reached its third version, which contains 14 exploits targeting Microsoft, Adobe, Mozilla, and Opera products.

Black hat SEO

SEO (Search Engine Optimization) refers to methods used to improve a website’s position in search results returned by search engines in response to specific search terms. Today, search engines are a key resource when looking for information; the easier it is to find a website, the more demand there will be for services offered by the site.
There are numerous SEO methods – legitimate and prohibited by search engines.   These techniques are commonly used by cybercriminals to promote malicious resources.
Here is a general overview of how users come into contact with “optimized” resources, and how cybercriminals make their resources more visible.
By using keywords, which can be entered either manually or automatically (for example, using Google Trends), cybercriminals create websites containing relevant content. Usually, this is done automatically: bots create search engines queries and steal content (fragments of text, for example) from pages that come top of the search results.
In order to ensure that a new website falls among the top search results, first and foremost, the creators have to force web crawlers, or spiders, to index it. The simplest way to initiate the indexing process is manually, by using, for example, the pages on Add your URL to Google, where users can enter their website into the search engine’s index. In order to push the site up toward the top of the results more quickly, a link to the site may be posted on resources that are already known to search engines, such as forums, blogs, or social networks. The link to the target page on these websites will make it appear more prominent during the indexing process. Furthermore, a site can be “optimized” with the help of botnets: infected computers conduct a search using specific keywords, and then select the cybercriminal website from the results.
A script is then put on the newly-created web page that, with the help of HTTP header processing, can be used to identify visitors. If the visitor is a web crawler, it will be “shown” a page with content associated with the chosen keywords. As a result, the page will be pushed up the list of search results returned. If a user is led to the site from a search engine, then s/he will be redirected to a malicious site.



                                             Black hat SEO: creating and presenting data
Websites that are promoted using illegal or dubious methods are promptly removed by search engines from search results. This is why cybercriminals, as a rule, use automated processes to create and optimize such sites; this speeds up the process and multiplies the number of new malicious web resources.
Automatically created web pages can be placed anywhere: on cybercriminal resources, on legitimate resources that have been infected, or on free hosting services or blog platforms.