Friday, 28 September 2012

List of Run Commands for Windows 7

 Shortcut Key- Windows Logo Key + R

Administrative Tools-

Administrative Tools = control admintools
Authorization Manager = azman.msc
Component Services = dcomcnfg
Certificate Manager = certmgr.msc
Direct X Troubleshooter = dxdiag
Display Languages = lpksetup
ODBC Data Source Administrator = odbcad32
File Signature Verification Tool = sigverif
Group Policy Editor = gpedit.msc
Add Hardware Wizard = hdwwiz.cpl
iSCSI Initiator = iscsicpl
Iexpress Wizard = iexpress
Local Security Settings = secpol.msc
Microsoft Support Diagnostic Tool = msdt
Microsoft Management Console = mmc
Print management = printmanagement.msc
Printer User Interface = printui
Problems Steps Recorder = psr
People Near Me = p2phost
Registry Editor = regedit or regedt32
Resoure Monitor = resmon
System Configuration Utility = msconfig
Resultant Set of Policy = rsop.msc
SQL Server Client Configuration = cliconfg
Task Manager = taskmgr
Trusted Platform Module = tpm.msc
TPM Security Hardware = TpmInit
Windows Remote Assistance = msra
Windows Share Folder Creation Wizard = shrpubw
Windows Standalong Update Manager = wusa
Windows System Security Tool = syskey
Windows Script Host Settings = wscript
Windows Version = winver
Windows Firewall with Advanced Security = wf.msc
Windows Memory Diagnostic = MdSched
Windows Malicious Removal Tool = mrt

Computer Management-

Computer Management = compmgmt.msc or CompMgmtLauncher
Task Scheduler = control schedtasks
Event Viewer = eventvwr.msc
Shared Folders/MMC = fsmgmt.msc
Local Users and Groups = lusrmgr.msc
Performance Monitor = perfmon.msc
Device Manager = devmgmt.msc
Disk Management = diskmgmt.msc
Services = services.msc
Windows Management Infrastructure = wmimgmt.msc

Control Panel-

Control Panel = control
Action Center= wscui.cpl
Autoplay = control.exe /name Microsoft.autoplay
Backup and Restore = sdclt
Create a System Repair disc = recdisc
BDE Administrator = bdeadmin.cpl
Color Management = colorcpl
Credential Manager = control.exe /name Microsoft.CredentialManager
Credential Manager Stored User Names and Passwords = credwiz
Date and Time Properties = timedate.cpl
Default Programs = control.exe /name Microsoft.DefaultPrograms
Set Program Access and Computer Defaults = control appwiz.cpl,,3 or ComputerDefaults
Devices and Printers = control printers
Devices and Printers Add a Device = DevicePairingWizard
Display = dpiscaling
Screen Resolution = desk.cpl
Display Color Calibration = dccw
Cleartype Text Tuner = cttune
Folders Options = control folders
Fonts = control fonts
Getting Started = GettingStarted
HomeGroup = control.exe /name Microsoft.HomeGroup
Indexing Options = control.exe /name Microsoft.IndexingOptions
Internet Properties = inetcpl.cpl
Keyboard = control keyboard
Location and Other Sensors = control.exe /name Microsoft.LocationandOtherSensors
Location Notifications = LocationNotifications
Mouse = control mouse or main.cpl
Network and Sharing Center = control.exe /name Microsoft.NetworkandSharingCenter
Network Connections = control netconnections or ncpa.cpl
Notification Area Icons = control.exe /name Microsoft.NotificationAreaIcons
Parental Controls = control.exe /name Microsoft.ParentalControls
Performance Information = control.exe /name Microsoft.PerformanceInformationandTools
Personalization = control desktop
Windows Color and Appearance = control color
Phone and Modem Options = telephon.cpl
Power Configuration = powercfg.cpl
Programs and Features = appwiz.cpl or control appwiz.cpl
Optional Features Manager = optionalfeatures or control appwiz.cpl,,2
Recovery = control.exe /name Microsoft.Recovery
Regional and Language = intl.cpl
RemoteApp = control.exe /name Microsoft.RemoteAppandDesktopConnections
Sound = mmsys.cpl
Volume Mixer = sndvol
System Properties = sysdm.cpl or Windows logo key + Pause/Break
SP ComputerName Tab = SystemPropertiesComputerName
SP Hardware Tab = SystemPropertiesHardware
SP Advanced Tab = SystemPropertiesAdvanced
SP Performance = SystemPropertiesPerformance
SP Data Execution Prevention = SystemPropertiesDataExecutionPrevention
SP Protection Tab = SystemPropertiesProtection
SP Remote Tab = SystemPropertiesRemote
Windows Activation = slui
Windows Activation Phone Numbers = slui 4
Taskbar and Start Menu = control.exe /name Microsoft.TaskbarandStartMenu
Troubleshooting = control.exe /name Microsoft.Troubleshooting
User Accounts = control.exe /name Microsoft.UserAccounts
User Account Control Settings = UserAccountControlSettings
User Accounts Windows 2000/domain version = netplwiz or control userpasswords2
Encryption File System = rekeywiz
Windows Anytime Upgrade = WindowsAnytimeUpgradeui
Windows Anytime Upgrade Results = WindowsAnytimeUpgradeResults
Windows CardSpace = control.exe /name Microsoft.cardspace
Windows Firewall = firewall.cpl
WindowsSideshow = control.exe /name Microsoft.WindowsSideshow
Windows Update App Manager = wuapp


Calculator = calc
Command Prompt = cmd
Connect to a Network Projector = NetProj
Presentation Settings = PresentationSettings
Connect to a Projector = displayswitch or Windows logo key + P
Notepad = notepad
Microsoft Paint = mspaint.exe
Remote Desktop Connection = mstsc
Run = Windows logo key + R
Snipping Tool = snippingtool
Sound Recorder = soundrecorder
Sticky Note = StikyNot
Sync Center = mobsync
Windows Mobility Center (Only on Laptops) = mblctr or Windows logo key + X
Windows Explorer = explorer or Windows logo key + E
Wordpad = write
Ease of Access Center = utilman or Windows logo key + U
Magnifier = magnify
Narrator = Narrator
On Screen Keyboard = osk
Private Character Editor = eudcedit
Character Map = charmap
Ditilizer Calibration Tool = tabcal
Disk Cleanup Utility = cleanmgr
Defragment User Interface = dfrgui
Internet Explorer = iexplore
Rating System = ticrf
Internet Explorer (No Add-ons) = iexplore -extoff
Internet Explorer (No Home) = iexplore about:blank
Phone Dialer = dialer
Printer Migration = PrintBrmUi
System Information = msinfo32
System Restore = rstrui
Windows Easy Transfer = migwiz
Windows Media Player = wmplayer
Windows Media Player DVD Player = dvdplay
Windows Fax and Scan Cover Page Editor = fxscover
Windows Fax and Scan = wfs
Windows Image Acquisition = wiaacmgr
Windows PowerShell ISE = powershell_ise
Windows PowerShell = powershell
XPS Viewer = xpsrchvw

Open Documents folder = documents
Open Pictures folder = pictures
Open Music folder = music
Open Videos folder = videos
Open Downloads folder = downloads
Open Favorites folder = favorites
Open Recent folder = recent
Logs out of Windows = logoff
Locks User Account = Windows logo Key + L 


Monday, 24 September 2012

Complete Hacking Information


We see a millions of people going to different forums and websites and asking "how do i hack an email?", "Can you hack blah for me?". So thought to create a tutorial which will give you the basic idea about what the heck is a "HACK", and how to DEFEND YOUR SELF AGAINST HACKERS. 


Hacking started way too far when the windowsd 98 was designed. Hacking is basically finding out the loop holes and trying leak some information out of it, which may lead you to get some critical information like passwords, credit card details. Sometimes hacking is done just because of the personal offesnses.


Getting back to the main point, I am going to discuss some of the ways of hacking in brief. Hacking is basically bifurcated in 2 major parts.

1. Email or the user information
2. Web based hacking.

Email or user information:

These days the most commonly used and famous way of hacking user information like Emails, Passwords, Credit card details are as follow:

a. Phishing
b. Brute Forcing
c. Keylogging
d. Trojans

a. Phishing:

Phishing is basically a massive attack. What a hacker does is, they created an absoulutely look alike page of some website like yahoo or gmail. They upload it to their own server. And give the link to any n00b user. When they open it, they think that they are on the yahoo or gmail page, they put in their username and password, click on submit and WHOA! your information has been submitted. This is widely used by new people trying to entering into ahcking world.
Most recent example in india was some scam with ICICI bank, lots of user info was stolen as far as i remember. I read it somewhere in the news paper and was thinking what the hell! ?

Disadvantages: Still many people give it a try before going for phishing, because the only problem in phishing is, even if the victim knows a little about internet, he will read the URL and understand that it is not a genuine website.
b. Brute Forcing
Brute forcer is basically a program which could be called as a "cracker". In brute forcer you put the username you want to hack, and as a password you put a notepad file which has almost all of the existing english words in it. So what it does is, it will try each and every word from that file and see if anything matches. You might have noticed some topics like "huge pass list" on different forums, they are nothing but the password list to put into your bruteforcer.!

1. Sometimes brute forcing may just go for ages!
2. It isnt guaranteed
3. These days many people have alpha-numeric-symbol password which is real tough for brutefocer to detect
4. Most of the famous sites like yahoo, gmail are designed in such a way that it will put the "image captcha" after 3 incorrect login attempts, which stops the bruteforcer.

P.S:- I have made some focused FTP, Gmail & Yahoo bruteforcers which are avilable on my website.
c. Keylogging
Keylogger helps you to create a little filed which is known as "server". You gotta send your server to the victim. he has to click on it and then YOUR DONE! this is what happens.
Best possible way to hack someone. Keyloggers are basically a program which will install themselves in your victim's computer and will keep on recording each and every keystroke pressed by the victim on his keyboard and it will send it to the hacker. There are many ways to receive the keystroke i.e. FTP, Email, Messengers. According to me this is the best way to trick your victim and get their information.

Disadvantages :
1. When victim receives the keylogger, in most of the cases, their anti virus would auto delete them. So you have to convince them to desable the anti virus by bluffing something.
2. Sometimes firewall blocks the keylogs from being sent.

Tips :
1. There are some programs which are known as "crypters" which will help you to make your server's undetectable. So your victim's anti-virus would not be able to detect them.
d. Trojans:
Trojans are like father of keyloggers. Trojan sends you the keylogs just as keyloggers, on top of that, it lets you take the control of victim's computer. Edit / delete/ upload / download files from or to their computer. Some more funny features like it will make their keyboard go mad, it may kep on ejecting and re-inserting the cd ROM. Much more..

Disadvantages :
Same as keyloggers.

Tips :
Same as keylogger.

Web Hacking:

I will discuss some most commonly used web hacking techniques which helps hackers to hack any website. This will help you to SAVE YOUR SITE!

1. SQL Injection
2. XSS
3. Shells
4. RFI
5. There are some more but they are TOOO big to be discussed in here.

1. SQL Injection:

Most of the websites these days are connected to an SQL Database. Which helps them to store usernames and passwords [encrypted] when a guest registers to their website. SQL database processes a querie everytime a user logs in. It goes to the database, validates the password, if its correct then it logs in the user and if its not then it gives an error.
So the basic funda is executing a command to parase a query in the database to try to exploit the internet information of the database. I cant really put the entire tutorial about because this is the most complicated way to hack the website!

P.S.:- If you wanna check if YOUR website is vulnerable to RFI attach or not then do the following .

If your site's URL is:

           just add a ' like this at the end 
2. XSS:
XSS is another nice way to hack some website. Suppose if some website/ forum is allowing HTML in the post or articles, then a hacker can post a malicious script into the content. So whenever a user opens up the page, the cookies would be sent to the hacker. So he can login as that user and shit the website up. 
3. Shells:
Shell is a malicious .php script. What you have to do is, find a place in any website where you can upload any file like avatars, recepie, your tricks, your feedbacks. And you try to upload your shell files from there. And if its uploaded then WHOA!you open it from the URL bar and u can see the entire "FTP" account of that webhosting. You can rename/edit / upload/download anything u want including the index page.
This is also known as deface.
4. RFI:
RFI is a good way to deface a website. It is used with shell. Suppose you have uploaded your shell on:

           and you found a vulnerable site to RFI... then you can do as follow: 
          This will again give u the access of your victim's sites FTP , just as shell so you can do anything you want.

P.S.:-If you wanna check if YOUR website is vulnerable to RFI attack or not then do the following:

If your site's URL is:

          just add something like this at the end  
         And if it includes the google page into your page, that means its vulnerable to RFI.