Green Hackerz: March 2010

How to Find the IP Address of a Remote Computer

Posted by Jafar Tags Hacking

Most of you may be curious to know how to find the IP address of your friend’s computer or to find the IP address of the person with whom you are chatting in Yahoo messenger or Gtalk. In this post I’ll show you how to find the IP address of a remote computer in simple steps.

I have a PHP script to make it easier for you to find the IP address of the remote computer of your choice. Here is a step-by-step process to find out the IP address.

1. Download the IP Finder script (IP_Finder.ZIP) that I have from Here.

2. Open a new account in X10Hosting

or freehostia (or any free host that supports PHP).

3. Extract the IP_Finder.ZIP file and upload the two files ip.php and ip_log.txt into the root folder of your hosting account using the File Manager.

4. You can rename the ip.php to any name of your choice.

5. Set the permission to 777 on ip_log.txt.

Now you are all set to find the IP address of your friend or any remote computer of your choice. All you have to do is send the link of ip.php to your friend or the person with whom you’re chatting. Once the person click’s on the link, his/her IP address is recorded in the file ip_log.txt.

For your better understanding let’s take up the following example.

Suppose you open a new account in X10hosting.com with the subdomain as 123, then your IP Finder link would be

http://123.x10hosting.com/ip.php

You have to send the above link to you friend via email or while chatting and ask him to visit that link. Once your friend clicks on the link, his/her IP address will be recorded along with the Date and Time in the ip_log.txt file. After recording the IP address, the script will redirect the person to google.com so as to avoid any suspicion.

To find the recorded IP address check the logs using the following link.

http://123.x10hosting.com/ip_log.php

The sample log will be in the following format

79.92.144.237 Tuesday 30th of March 2010 05:31:27 PM
59.45.144.237 Tuesday 30th of March 2010 05:31:28 PM
123.92.144.237 Tuesday 30th of March 2010 05:31:31 PM

NOTE: You have to replace 123 with your subdomain name.

I hope this helps. Express your opinion and suggestions through comments..

MALWARE (Malicious+Software) & Demonstration Of Trojan

Posted by Jafar Tags Malware

Malware is a big problem today. Everyday thousands of innocent people are getting infected by different types of malware. The most common types of malware today are viruses, worms and Trojans. In this chapter we will discuss all the types of malware, and give you an example of a windows trojan in use. The reason we will use Windows is because malware is very rare in Linux and Mac computers.

Viruses – Viruses cannot spread without the help of us humans. They are like parasites because they need a host to attach themselves to. The host is usually a legitimate looking program or file. Once this program is launched, the virus is executed and infects other files on your computer. Viruses can be very destructive. They can do damage to your computer hardware, software and files. Viruses are spread through the sharing of files and are many times sent within emails via attachments.

Worms – A worm is a malicious program that can replicate itself onto other computers on a network. Unlike a virus, worms don’t need a human to be able to spread and infect systems. Once it infects a system, it uses that system to send out other copies of itself to other random systems attempting to infect them.

Trojan Horse – A trojan horse is a malicious program that can be used to do silly things to a system like changing its desktop, mess with the user interface, and take control of your mouse. It can also be used for some serious things like accessing your data, erasing your files, stealing your passwords, and capturing your keystrokes.

Logic Bombs – Logic bombs are usually pieces of code that are programmed into a program that lie dormant until a certain time or until a user does a certain action which causes it to be executed. When it is triggered it performs a certain function that the program wasn’t intended to do.

TROJAN DEMO

To show you an example of a malicious program, I will use a well known Windows Trojan, ProRat.
1. Download ProRat. Once it is downloaded right click on the folder and choose to extract it. A password prompt will come up. The password will be “pro”.
2. Open up the program. You should see the following:

3. Next we will create the actual Trojan file. Click on Create and choose Create ProRat Server.

4. Next put in your IP address so the server could connect to you. If you don’t know your IP address click on the little arrow to have it filled in for you automatically. Next put in your e-mail so that when and if a victim gets infected it will send you a message. We will not be using the rest of the options.

5. Click on the General Settings button to continue. Here we will choose the server port the program will connect through, the password you will be asked to enter when the victim is infected and you wish to connect with them, and the victim name. As you can see ProRat has the ability to disable the windows firewall and hide itself from being displayed in the task manager.

6. Click on the Bind with File button to continue. Here you will have the option to bind the trojan server file with another file. Remember a trojan can only be executed if a human runs it. So by binding it with a legitimate file like a text document or a game, the chances of someone clicking it go up. Check the bind option and select a file to bind it to. In the example I will use an ordinary text document.

7. Click on the Server Extensions button to continue. Here you choose what kind of server file to generate. I will stick with the default because it has icon support, but exe’s looks suspicious so it would be smart to change it.

8. Click on Server Icon to continue. Here you will choose an icon for your server file to have. The icons help mask what the file actually is. For my example I will choose the regular text document icon since my file is a text document.

9. Finally click on Create Server to, you guessed it, create the server file. Below is what my server file looks like.

10. A hacker would probably rename it to something like “Funny Joke” and send it as an attachment to some people. A hacker could also put it up as a torrent pretending it is something else, like the latest game that just came out so he could get people to download it.
11. Now, I will show you what happens when a victim installs the server onto his computer and what the hacker could do next.
12. I’m going to run the server on my own computer to show you what would happen. Once I run it the trojan will be installed onto my computer in the background. The hacker would then get a message telling him that I was infected. He would then connect to my computer by typing in my IP address, port and clicking Connect. He will be asked for the password that he made when he created the server. Once he types it in, he will be connected to my computer and have full control over it.

13. Now the hacker has a lot of options to choose from as you can see on the right. He has access to all my computer files, he can shut down my pc, get all the saved passwords off my computer, send a message to my computer, format my whole hard drive, take a screen shot of my computer, and so much more. Below I’ll show you a few examples.

14. The image below shows the message I would get on my screen if the hacker chose to message me.

15. Below is an image of my task bar after the hacker clicks on Hide Start Button.

16. Below is an image of what the hacker would see if he chose to take a screen shot of the victims screen.

As you saw in the above example, a hacker can do a lot of silly things or a lot of damage to the victim. ProRat is a very well known trojan so if the victim has an anti-virus program installed he most likely won’t get infected. Many skilled hackers can program their own viruses and Trojans that can easily bypass anti-virus programs.

Countermeasures

There are a couple things you can do to prevent yourself from being infected by the malware discussed in this chapter.
1. Make sure you have good and up-to-date anti-virus software installed on your computer. Also if there is an automatic update option on your anti-virus software, make sure it is enabled.
2. Make sure you have a firewall installed on your computer and make sure that it is actually enabled. Firewalls protect against unauthorized inbound and outbound connections.

How to Become a Hacker

Posted by Jafar Tags E-Book

Most of us are very curious to learn Hacking and want to become a Hacker, but don’t know where to start. If you are in the same situation, then this is the right place for you.

Everyday I get a lot of emails where people ask me – How to Become a Hacker?. In fact this question is not easy to answer because, hacking is not an art that can be mastered overnight. It requires knowledge, skills, creativity, dedication and of course TIME. Everyone can become a Hacker provided they learn it from the basics. So if you wanna become a hacker, then all you need is a good source that will teach you hacking from the basics.

What skill do I need to Become a Hacker?

There is no magic to become a Hacker, but like anything else that is worthwhile it takes dedication, a willingness to learn. It is most important to have a good knowledge of topics such as Operating system and it’s working, Computer networks, Computer security and of course Programming. It’s not possible to become a hacker overnight. All you need is a good source to start from the basics.

What is the best way to Become a Hacker?

The best way to become a Hacker is to start from the basics. You have to master the basics to build a strong foundation.And once this is done you’ll be in a position to explore new ideas and start thinking like a Hacker.

There exists tons of books on the market that teach you Hacking but unfortunately, it requires a set of pre-established skills and knowledge to understand the concepts explained in the book. Also these are not meant the for the beginners who doesn’t know anything about hacking. I have found an excellent Book for Beginners. This book is the first step to fulfil your dream to become a Hacker. Yes, this is the right source for the beginners who are interested to learn hacking from the basics. The good thing about this book is, any one can understand the concepts presented without the need for any prior knowledge. It’s called

The Hacker’s Underground Handbook

Download Link

The following skills are uncovered in this book

1. You will learn all the hacker underground tricks and learn to apply them in real world situations.

2. You will be put into a hacker mindset and learn to think like a Hacker.

3. By learning how a hacker thinks and acts, you will be able to protect yourself from future hack attacks.

4. You will acquire knowledge nonexistent to 99.9% of the people in the world!

5. This Underground handbook may get you interested in pursuing a career as an Ethical Hacker.

This book is of great value for all those who have a dream to become a Hacker.

Enable the (Hidden) Default Administrator Account on Windows 7 or Vista

Posted by Jafar Tags Windows 7

Many people familiar with prior versions of Windows are curious what happened to the built-in Administrator account that was always created by default. Does this account still exist, and how can you access it?

The account is created in Windows 7 or Vista, but since it’s not enabled you can’t use it. If you are troubleshooting something that needs to run as administrator, you can enable it with a
simple command.

Note: You really shouldn’t use this account for anything other than troubleshooting. In fact, you probably shouldn’t use it at all.

Enable Built-in Administrator Account

First you’ll need to open a command prompt in administrator mode by right-clicking and choosing “Run as administrator” (or use the Ctrl+Shift+Enter shortcut from the search box)

Now type the following command:

net user administrator /active:yes

You should see a message that the command completed successfully. Log out, and you’ll now see the Administrator account as a choice. (Note that the screenshots are from Vista, but this works on Windows 7)

You’ll note that there’s no password for this account, so if you want to leave it enabled you should change the password.

Disable Built-in Administrator Account

Make sure you are logged on as your regular user account, and then open an administrator mode command prompt as above. Type the following command:

net user administrator /active:no

The administrator account will now be disabled, and shouldn’t show up on the login screen anymore.

Remove SharingHand from Shared Items

Posted by Jafar Tags Registry tweak

Normally when we share a local resource on the network a hand icon is placed under the item to show it is shared.
You can remove the icon With this simple Registry Tweak
Open your registry (open run type regedit)
go to this path : HKEY_CLASSES_ROOT\Network\SharingHandler
delete the default value that is "ntshrui.dll"
Restart Windows for the changes to take effect.
You can also Download readymade reg files to do this by simply clicking on it.