This is default featured slide 1 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 2 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 3 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 4 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 5 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

Sunday, June 29, 2008

Cool hack (internet explorer)

How to make fake virus

How to make a non harmful virus

How To Make A Very Harmful Virus

How to Make a Harmful Virus

Saturday, June 28, 2008

How To Hack Your Own Cell Phone & Save $$

Monday, June 23, 2008

Tweak (Increase or Change) Maximum Simultaneous HTTP and Downloads Connections to Web Server

Shaking your head on why you cannot use Internet Explorer (including all versions of IE, such as IE7 and IE8) to actively download more than 2 files (or 4 files in the case of HTTP 1.0 connection) from a web server via HTTP protocol? Or when already downloading 2 files from a same web server simultaneously, user unable to browse and cannot load the web pages on the website in the same server anymore.The issue is due to the default behavior in Windows settings which limits the number of simultaneous Internet connections to a single web server using HTTP 1.0 and 1.1 protocols. The behavior affects both web browsing using Internet Explorer browser and downloading file with IE, where only two or four active connections can be connected and established at the same time respectively for HTTP 1.1 and HTTP 1.0 server. Note that it’s different issue with security limit imposed on the number of concurrent TCP connect attempts in Windows XP SP2 and Windows Vista.
The limit for HTTP 1.1 is imposed by the HTTP 1.1 specification (
RFC2068) that mandates the two connection limit while the four connection limit for HTTP 1.0 is a self-imposed restriction which coincides with the standard used by a number of popular Web browsers. However, the maximum simultaneous connection limit can be unlocked and changed by changing system registry as shown in procedures below.
Run Registry Editor (regedit).
Navigate to the following registry key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
Create the following two new DWORD (32-bit) Value and named them accordingly:
MaxConnectionsPerServerMaxConnectionsPer1_0Server
Set the value data for the registry entries created to an integer that equal to the number of simultaneous connection requests to a single HTTP server allowed. For example, if you want the maximum number of concurrent downloads or web page loading to a single server is 8, just enter the value as 8 (Decimal or Hexadecimal). For 10 connections, enter 10 as Decimal or 000000a as Hexadecimal. By default the values are 2 and 4 respectively.
Reboot system or log off and login again for the change to take effect.

Search passwords and Juicy Info : Digg Google

Introduction
This is not about finding sensitive data during an assessment as much as
it is about what the “bad guys” might do to troll for the data.The examples presented
generally represent the lowest-hanging fruit on the security
tree. Hackers target this in
formation on a daily basis.To protect against this type
of attacker, we need to be fairly candid about the worst-case possibilities.We
won’t be overly candid, however.
We start by looking at some queries that can be used to uncover usernames,
the less important half of most authentication systems.The value of a username is
often overlooked, but, an entire multimilliondollar
security system can be shattered through skillful crafting of even the
smallest, most innocuous bit of information.
Next, we take a look at queries that are designed to uncover passwords. Some
of the queries we look at reveal encrypted or encoded passwords, which will take
a bit of work on the part of an attacker to use to his or her advantage.We also
take a look at queries that can uncover cleartext passwords.These queries are some
of the most dangerous in the hands of even the most novice attacker. What could
make an attack easier than handing a username and cleartext password to an
attacker?
We wrap up by discussing the very real possibility of uncovering
highly sensitive data such as credit card information and information used to
commit identity theft, such as Social Security numbers. Our goal here is to
explore ways of protecting against this very real threat.To that end, we don’t go
into details about uncovering financial information and the like. If you’re a “dark
side” hacker, you’ll need to figure these things out on your own.
Searching for Usernames
Most authentication mechanisms use a username and password to protect information.
To get through the “front door” of this type of protection, you’ll need to
determine usernames as well as passwords. Usernames also can be used for social
engineering efforts, as we discussed earlier.
Many methods can be used to determine usernames. In Chapter 10, we
explored ways of gathering usernames via database error messages. In Chapter 8
we explored Web server and application error messages that can reveal various
information, including usernames.These indirect methods of locating usernames
are helpful, but an attacker could target a usernames directory
query like “your username is”. This phrase can locate help pages that describe the
username creation process,
information gleaned from other sources, such as Google Groups posts or phone
listings.The usernames could then be recycled into various other phases of the
attack, such as a worm-based spam campaign or a social-engineering attempt.An
attacker can gather usernames from a variety of sources, as shown in the sample
queries listed
Sample Queries That Locate Usernames
Query Description
inurl:admin inurl:userlist Generic userlist files
inurl:admin filetype:asp Generic userlist files
inurl:userlist
inurl:php inurl:hlstats intext: Half-life statistics file, lists username and
Server Username other information
filetype:ctl inurl:haccess. Microsoft FrontPage equivalent of htaccess
ctl Basic shows Web user credentials
Query Description
filetype:reg reg intext: Microsoft Internet Account Manager can
”internet account manager” reveal usernames and more
filetype:wab wab Microsoft Outlook Express Mail address
books
filetype:mdb inurl:profiles Microsoft Access databases containing (user)
profiles.
index.of perform.ini mIRC IRC ini file can list IRC usernames and
other information
inurl:root.asp?acs=anon Outlook Mail Web Access directory can be
used to discover usernames
filetype:conf inurl:proftpd. PROFTP FTP server configuration file reveals
conf –sample username and server information
filetype:log username putty PUTTY SSH client logs can reveal usernames
and server information
filetype:rdp rdp Remote Desktop Connection files reveal user
credentials
intitle:index.of .bash_history UNIX bash shell history reveals commands
typed at a bash command prompt; usernames
are often typed as argument strings
intitle:index.of .sh_history UNIX shell history reveals commands typed at
a shell command prompt; usernames are
often typed as argument strings
“index of ” lck Various lock files list the user currently using
a file
+intext:webalizer +intext: Webalizer Web statistics page lists Web user-
Total Usernames +intext: names and statistical information
”Usage Statistics for”
filetype:reg reg HKEY_ Windows Registry exports can reveal
CURRENT_USER username usernames and other information

Underground Googling
Searching for a Known Filename
Remember that there are several ways to search for a known filename.
One way relies on locating the file in a directory listing, like intitle:index.of
install.log. Another, often better, method relies on the filetype operator,
as in filetype:log inurl:install.log. Directory listings are not all that
common. Google will crawl a link to a file in a directory listing, meaning
that the filetype method will find both directory listing entries as well as
files crawled in other ways.

In some cases, usernames can be gathered from Web-based statistical programs
that check Web activity.The Webalizer program shows all sorts of information
about a Web server’s usage. Output files for the Webalizer program can be
located with a query such as intext:webalizer intext:”Total Usernames” intext:”Usage
Statistics for”. Among the information displayed is the username that was used to
connect to the Web server, as shown in Figure 9.2. In some cases, however, the
usernames displayed are not valid or current, but the “Visits” column lists the
number of times a user account was used during the capture period.This enables
an attacker to easily determine which accounts are more likely to be valid.


The Windows registry holds all sorts of authentication information, including
usernames and passwords.Though it is unlikely (and fairly uncommon) to locate
live, exported Windows registry files on the Web, at the time of this writing
there are nearly 100 hits on the query filetype:reg HKEY_CURRENT_USER
username, which locates Windows registry files that contain the word username
and in some cases passwords,



As any talented attacker or security person will tell you, it’s rare to get information
served to you on a silver platter. Most decent finds take a bit of persistence,
creativity, intelligence, and just a bit of good luck. For example, consider
the Microsoft Outlook Web Access portal, which can be located with a query
like inurl:root.asp?acs=anon. At the time of this writing, fewer than 50 sites are
returned by this query, even though there a certainly more than 50 sites running
the Microsoft Web-based mail portal. Regardless of how you might locate a site
running this e-mail gateway, it’s not uncommon for the site to host a public
directory (denoted “Find Names,” by default)


The public directory allows access to a search page that can be used to find
users by name. In most cases, wildcard searching is not allowed, meaning that a
search for * will not return a list of all users, as might be expected. Entering a
search for a space is an interesting idea, since most user descriptions contain a
space, but most large directories will return the error message “This query would
return too many addresses!” Applying a bit of creativity, an attacker could begin
searching for individual common letters, such as the “Wheel of Fortune letters”
R, S,T, L, N, and E. Eventually one of these searches will most likely reveal a list
of user information like


Once a list of user information is returned, the attacker can then recycle the
search with words contained in the user list, searching for the words Voyager,
Freshmen, or Campus, for example.Those results can then be recycled, eventually
resulting in a nearly complete list of user information.
Searching for Passwords
Password data, one of the “Holy Grails” during a penetration test, should be protected.
Unfortunately, many examples of Google queries can be used to locate
passwords on the Web, as shown in Table 9.2.
Table 9.2 Queries That Locate Password Information
Query Description
inurl:/db/main.mdb ASP-Nuke passwords
filetype:cfm “cfapplication ColdFusion source with potential passwords
name” password
filetype:pass pass intext:userid dbman credentials
allinurl:auth_user_file.txt DCForum user passwords
eggdrop filetype:user user Eggdrop IRC user credentials
filetype:ini inurl:flashFXP.ini FlashFXP FTP credentials
filetype:url +inurl:”ftp://” FTP bookmarks cleartext passwords
+inurl:”@”
inurl:zebra.conf intext: GNU Zebra passwords
password -sample -test
-tutorial –download
filetype:htpasswd htpasswd HTTP htpasswd Web user credentials
intitle:”Index of” “.htpasswd” HTTP htpasswd Web user credentials
“htgroup” -intitle:”dist”
-apache -htpasswd.c
intitle:”Index of” “.htpasswd” HTTP htpasswd Web user credentials
htpasswd.bak
“http://*:*@www” bob:bob HTTP passwords (bob is a sample username)
“sets mode: +k” IRC channel keys (passwords)
“Your password is * Remember IRC NickServ registration passwords
this for later use”
signin filetype:url JavaScript authentication credentials

Queries That Locate Password Information
Query Description
LeapFTP intitle:”index.of./” LeapFTP client login credentials
sites.ini modified
inurl:lilo.conf filetype:conf LILO passwords
password -tatercounter2000
-bootpwd –man
filetype:config config intext: Microsoft .NET application credentials
appSettings “User ID”
filetype:pwd service Microsoft FrontPage Service Web passwords
intitle:index.of Microsoft FrontPage Web credentials
administrators.pwd
“# -FrontPage-” inurl:service.pwd Microsoft FrontPage Web passwords
ext:pwd inurl:_vti_pvt inurl: Microsoft FrontPage Web passwords
(Service authors administrators)
inurl:perform filetype:ini mIRC nickserv credentials
intitle:”index of” intext: mySQL database credentials
connect.inc
intitle:”index of” intext: mySQL database credentials
globals.inc
filetype:conf oekakibbs Oekakibss user passwords
filetype:dat wand.dat Opera‚ ÄúMagic Wand‚Äù Web credentials
inurl:ospfd.conf intext: OSPF Daemon Passwords
password -sample -test
-tutorial –download
index.of passlist Passlist user credentials
inurl:passlist.txt passlist.txt file user credentials
filetype:dat “password.dat” password.dat files
inurl:password.log filetype:log password.log file reveals usernames, passwords,
and hostnames
filetype:log inurl:”password.log” password.log files cleartext passwords
inurl:people.lst filetype:lst People.lst generic password file
intitle:index.of config.php PHP Configuration File database credentials
inurl:config.php dbuname dbpass PHP Configuration File database credentials
inurl:nuke filetype:sql PHP-Nuke credentials
Queries That Locate Password Information
Query Description
filetype:conf inurl:psybnc.conf psyBNC IRC user credentials
“USER.PASS=”
filetype:ini ServUDaemon servU FTP Daemon credentials
filetype:conf slapd.conf slapd configuration files root password
inurl:”slapd.conf” intext: slapd LDAP credentials
”credentials” -manpage
-”Manual Page” -man: -sample
inurl:”slapd.conf” intext: slapd LDAP root password
”rootpw” -manpage
-”Manual Page” -man: -sample
filetype:sql “IDENTIFIED BY” –cvs SQL passwords
filetype:sql password SQL passwords
filetype:ini wcx_ftp Total Commander FTP passwords
filetype:netrc password UNIX .netrc user credentials
index.of.etc UNIX /etc directories contain various credential
files
intitle:”Index of..etc” passwd UNIX /etc/passwd user credentials
intitle:index.of passwd UNIX /etc/passwd user credentials
passwd.bak
intitle:”Index of” pwd.db UNIX /etc/pwd.db credentials
intitle:Index.of etc shadow UNIX /etc/shadow user credentials
intitle:index.of master.passwd UNIX master.passwd user credentials
intitle:”Index of” spwd.db UNIX spwd.db credentials
passwd -pam.conf
filetype:bak inurl:”htaccess UNIX various password file backups
passwdshadowhtusers
filetype:inc dbconn Various database credentials
filetype:inc intext:mysql_ Various database credentials, server names
connect
filetype:properties inurl:db Various database credentials, server names
intext:password
inurl:vtund.conf intext:pass –cvs Virtual Tunnel Daemon passwords
inurl:”wvdial.conf” intext: wdial dialup user credentials

Queries That Locate Password Information
Query Description
filetype:mdb wwforum Web Wiz Forums Web credentials
“AutoCreate=TRUE password=*Website Access Analyzer user passwords
filetype:pwl pwl Windows Password List user credentials
filetype:reg reg +intext: Windows Registry Keys containing user
”defaultusername” intext: credentials
”defaultpassword”
filetype:reg reg +intext: Windows Registry Keys containing user
”internet account manager” credentials
“index of/” “ws_ftp.ini” WS_FTP FTP credentials
“parent directory”
filetype:ini ws_ftp pwd WS_FTP FTP user credentials
inurl:/wwwboard wwwboard user credentials
In most cases, passwords discovered on the Web are either encrypted or
encoded in some way. In most cases, these passwords can be fed into a password
cracker such as John the Ripper from www.openwall.com/john to produce
plaintext passwords that can be used in an attack. Figure 9.6 shows the results of
the search ext:pwd inurl:_vti_pvt inurl:(Service authors administrators), which
combines a search for some common

Exported Windows registry files often contain encrypted or encoded passwords
as well. If a user exports the Windows registry to a file and Google subsequently
crawls that file, a query like filetype:reg intext:”internet account manager”
could reveal interesting keys containing password data

ress. Note that live, exported Windows registry files are not very common, but it’s
not uncommon for an attacker to target a site simply because of one exceptionally
insecure file. It’s also possible for a Google query to uncover cleartext passwords.
These passwords can be used as is without having to employ a
password-cracking utility. In these extreme cases, the only challenge is determining
the username as well as the host on which the password can be used. As
shown in Figure 9.8, certain queries will locate all the following information:
usernames, cleartext passwords, and the host that uses that authentication!


There is no magic query for locating passwords, but during an assessment,
remember that the simplest queries directed at a site can have amazing results, as
we discussed in , Chapter 7, Ten Simple Searches. For example, a query like “Your
password” forgot would locate pages that provide a forgotten password recovery
mechanism.The information from this type of query can be used to formulate
any of a number of attacks against a password. As always, effective social engineering
is a terrific nontechnical solution to “forgotten” passwords.
Another generic search for password information, intext:(password passcode
pass) intext:(username userid user), combines common words for passwords and
user IDs into one query.This query returns a lot of results, but the vast majority
of the top hits refer to pages that list forgotten password information, including
either links or contact information. Using Google’s translate feature, found at
http://translate.google.com/translate_t, we could also create multilingual password
searches.Table 9.3 lists common translations for the word password
English Translations of the Word Password
Language Word Translation
German password Kennwort
Spanish password contraseña
French password mot de passe
Italian password parola d’accesso
Portuguese password senha
Dutch password Paswoord
NOTE
The terms username and userid in most languages translate to username
and userid, respectively.
Searching for Credit Card Numbers,
Social Security Numbers, and More
Most people have heard news stories about Web hackers making off with customer
credit card information.With so many fly-by night retailers popping up
on the Internet, it’s no wonder that credit card fraud is so prolific.These momand-
pop retailers are not the only ones successfully compromised by hackers.
Corporate giants by the hundreds have had financial database compromises over
the years, victims of sometimes very technical, highly focused attackers. What
might surprise you is that it doesn’t take a rocket scientist to uncover live credit
card numbers on the Internet, thanks to search engines like Google. Everything
from credit information to banking data or supersensitive classified government
documents can be found on the Web. Consider the (highly edited) Web page

This document, found using Google, lists hundreds and hundreds of credit
card numbers (including expiration date and card validation numbers) as well as
the owners’ names, addresses, and phone numbers.This particular document also
included phone card (calling card) numbers. Notice the scroll bar on the righthand
side of Figure 9.9, an indicator that the displayed page is only a small part
of this huge document—like many other documents of its kind. In most cases,
pages that contain these numbers are not “leaked” from online retailers or ecommerce
sites but rather are most likely the fruits of a scam known as phishing,
in which users are solicited via telephone or e-mail for personal information.
Several Web sites, including MillerSmiles.co.uk, document these scams and
hoaxes. Figure 9.10 shows a screen shot of a popular eBay phishing scam that
encourages users to update their eBay profile information.


Once a user fills out this form, all the information is sent via e-mail to the
attacker, who can use it for just about anything.
Tools and Traps
Catching Online Scammers
In some cases, you might be able to use Google to help nab the bad guys.
Phishing scams are effective because the fake page looks like an official
page. To create an official-looking page, the bad guys must have examples
to work from, meaning that they must have visited a few legitimate companies’
Web sites. If the fishing scam was created using text from several
companies’ existing pages, you can key in on specific phrases from the fake
page, creating Google queries designed to round up the servers that hosted
some of the original content. Once you’ve located the servers that contained
the pilfered text, you can work with the companies involved to
extract correlating connection data from their log files. If the scammer visited
each company’s Web page, collecting bits of realistic text, his IP should
appear in each of the log files. Auditors at SensePost (www.sensepost.com)
have successfully used this technique to nab online scam artists.
Unfortunately, if the scammer uses an exact copy of a page from only one
company, this task becomes much more difficult to accomplish.
Social Security Numbers
Social Security numbers (SSNs) and other sensitive data can be easily located
with Google as well as via the same techniques used to locate credit card numbers.
For a variety of reasons, SSNs might appear online—for example, educational
facilities are notorious for using an SSN as a student ID, then posting
grades to a public Web site with the “student ID” displayed next to the grade.A
creative attacker can do quite a bit with just an SSN, but in many cases it helps
to also have a name associated with that SSN. Again, educational facilities have
been found exposing this information via Excel spreadsheets listing student’s
names, grades, and SSNs, despite the fact that the student ID number is often
used to help protect the privacy of the student! Although we don’t feel it’s right
to go into the details of how this data is located, several media outlets have irresponsibly
posted the details online. Although the blame lies with the sites that are
leaking this information, in our opinion it’s still not right to draw attention to
how exactly the information can be located.
Personal Financial Data
In some cases, phishing scams are responsible for publicizing personal information;
in other cases, hackers attacking online retails are to blame for this breach of
privacy. Sadly, there are many instances where an individual is personally responsible
for his own lack of privacy. Such is the case with personal financial information.
With the explosion of personal computers in today’s society, users have
literally hundreds of personal finance programs to choose from. Many of these
programs create data files with specific file extensions that can be searched with
Google. It’s hard to imagine why anyone would post personal financial information
to a public Web site (which subsequently gets crawled by Google), but it
must happen quite a bit, judging by the number of hits for program files generated
by Quicken and Microsoft Money, for example. Although it would be
somewhat irresponsible to provide queries here that would unearth personal
financial data, it’s important to understand the types of data that could potentially
be uncovered by an attacker.To that end,Table 9.4 shows file extensions for various
financial, accounting, and tax return programs. Ensure that these filetypes
aren’t listed on a webserver you’re charged with protecting.
File Extension Description
afm Abassis Finance Manager
ab4 Accounting and Business File
mmw AceMoney File
Iqd AmeriCalc Mutual Fund Tax Report
et2 Electronic Tax Return Security File (Australia)
tax Intuit TurboTax Tax Return
t98-t04 Kiplinger Tax Cut File (extension based on two-digit return
year)
mny Microsoft Money 2004 Money Data Files
mbf Microsoft Money Backup Files
inv MSN Money Investor File
ptdb Peachtree Accounting Database
qbb QuickBooks Backup Files reveal financial data
qdf Quicken personal finance data
soa Sage MAS 90 accounting software
sdb Simply Accounting
stx Simply Tax Form
tmd Time and Expense Tracking
tls Timeless Time & Expense
fec U.S. Federal Campaign Expense Submission
wow Wings Accounting File
Searching for Other Juicy Info
As we’ve seen, Google can be used to locate all sorts of sensitive information. In
this section we take a look at some of the data that Google can find that’s harder
to categorize. From address books to chat log files and network vulnerability
reports, there’s no shortage of sensitive data online.Table 9.5 shows some queries
that can be used to uncover various types of sensitive data.
Query Description
intext:”Session Start AIM and IRC log files
* * * *:*:* *” filetype:log
filetype:blt blt +intext: AIM buddy lists
screenname
buddylist.blt AIM buddy lists
intitle:index.of cgiirc.config CGIIRC (Web-based IRC client) config file,
shows IRC servers and user credentials
inurl:cgiirc.config CGIIRC (Web-based IRC client) config file,
shows IRC servers and user credentials
“Index of” / “chat/logs” Chat logs
intitle:”Index Of” cookies.txt cookies.txt file reveals user information
“size”
“phone * * *” “address *Curriculum vitae (resumes) reveal names
“e-mail” intitle:”curriculum vitae” and address information
ext:ini intext:env.ini Generic environment data
intitle:index.of inbox Generic mailbox files
“Running in Child mode” Gnutella client data and statistics
“:8080” “:3128” “:80” HTTP Proxy lists
filetype:txt
intitle:”Index of” ICQ chat logs
dbconvert.exe chats
“sets mode: +p” IRC private channel information
“sets mode: +s” IRC secret channel information
“Host Vulnerability Summary ISS vulnerability scanner reports, reveal
Report” potential vulnerabilities on hosts and
networks
“Network Vulnerability ISS vulnerability scanner reports, reveal
Assessment Report” potential vulnerabilities on hosts and networks
filetype:pot inurl:john.pot John the Ripper password cracker results
intitle:”Index Of” -inurl:maillog Maillog files reveals e-mail traffic
maillog size information
ext:mdb inurl:*.mdb inurl: Microsoft FrontPage database folders
Query Description
filetype:xls inurl:contact Microsoft Excel sheets containing contact
information.
intitle:index.of haccess.ctl Microsoft FrontPage equivalent(?)of htaccess
shows Web authentication info
ext:log “Software: Microsoft Microsoft Internet Information Services
Internet Information Services *.*(IIS) log files
filetype:pst inurl:”outlook.pst” Microsoft Outlook e-mail and calendar
backup files
intitle:index.of mt-db-pass.cgi Movable Type default file
filetype:ctt ctt messenger MSN Messenger contact lists
“This file was generated Nessus vulnerability scanner reports, reveal
by Nessus” potential vulnerabilities on hosts and networks
inurl:”newsletter/admin/” Newsletter administration information
inurl:”newsletter/admin/” Newsletter administration information
intitle:”newsletter admin”
filetype:eml eml intext: Outlook Express e-mail files
”Subject” +From
intitle:index.of inbox dbx Outlook Express Mailbox files
intitle:index.of inbox dbx Outlook Express Mailbox files
filetype:mbx mbx intext:Subject Outlook v1–v4 or Eudora mailbox files
inurl:/public/?Cmd=contents Outlook Web Access public folders or
appointments
filetype:pdb pdb backup (Pilot Palm Pilot Hotsync database files
Pluckerdb)
“This is a Shareaza Node” Shareaza client data and statistics
inurl:/_layouts/settings Sharepoint configuration information
inurl:ssl.conf filetype:conf SSL configuration files, reveal various configuration
information
site:edu admin grades Student grades
intitle:index.of mystuff.xml Trillian user Web links
inurl:forward filetype: UNIX mail forward files reveal e-mail
forward –cvs addresses
intitle:index.of dead.letter UNIX unfinished e-mails

Summary
Make no mistake—there’s sensitive data on the Web, and Google can find it.
There’s hardly any limit to the scope of information that can be located, if only
you can figure out the right query. From usernames to passwords, credit card and
Social Security numbers, and personal financial information, it’s all out there. As a
purveyor of the “dark arts,” you can relish in the stupidity of others, but as a professional
tasked with securing a customer’s site from this dangerous form of
information leakage, you could be overwhelmed by the sheer scale of your
defensive duties.
As droll as it might sound, a solid, enforced security policy is a great way to
keep sensitive data from leaking to the Web. If users understand the risks associated
with information leakage and understand the penalties that come with violating
policy, they will be more willing to cooperate in what should be a security
partnership.
In the meantime, it certainly doesn’t hurt to understand the tactics an adversary
might employ in attacking a Web server. One thing that should become
clear as you read this book is that any attacker has an overwhelming number of
files to go after. One way to prevent dangerous Web information leakage is by
denying requests for unknown file types. Whether your Web server normally
serves up CFM,ASP, PHP, or HTML, it’s infinitely easier to manage what should
be served by the Web server instead of focusing on what should not be served.
Adjust your servers or your border protection devices to allow only specific content
or file types.
Solutions Fast Track
Searching for Usernames
_ Usernames can be found in a variety of locations.
_ In some cases, digging through documents or e-mail directories might
be required.
_ A simple query such as “your username is” can be very effective in
locating usernames.

Searching for Passwords
_ Passwords can also be found in a variety locations.
_ A query such as “Your password” forgot can locate pages that provide a
forgotten-password recovery mechanism.
_ intext:(password passcode pass) intext:(username userid user) is
another generic search for locating password information.
Searching for Credit Cards
Numbers, Social Security Numbers, and More
_ Documents containing credit card and Social Security number
information do exist and are relatively prolific.
_ Some irresponsible news outlets have revealed functional queries that
locate this information.
_ There are relatively few examples of personal financial data online, but
there is a great deal of variety.
_ In most cases, specific file extensions can be searched for.
Searching for Other Juicy Info
_ From address books and chat log files to network vulnerability reports,
there’s no shortage of sensitive data online.

crack windows passwords

now this what m gonna share is old but still works well
credit: sumit

There’s a way to crack the password and it doesn’t involve reformatting and reinstalling Windows. The solution is called @stake LC4 (formerly L0phtCrack), however since Symantec stopped development of L0phtcrack, I’m going to let you in on a program called LC5. Just like L0phtCrack, LC5 attacks your Windows machine with a combination of dictionary and brute force attacks. LC5 can crack almost all common passwords in seconds. More advanced passwords with numbers and characters takes longer. The main purpose of the LCP program is user account passwords auditing and recovery in Windows NT/2000/XP. I haven’t tested it against Windows Vista yet, so I’m not sure if it will work. Your mileage may very either way. How it works: Windows NT, 2000 and XP passwords are stored as encrypted hashes. LC5 attacks these hashes with hundreds of passwords per minute. Eventually the correct password will be sent and then displayed to the screen. Good intentions:
  • can find weak passwords within minutes. Sys admins can then change the passwords to make them more secure.
  • LC5 can be used to accesscomputers of users who forget passwords.
  • In companies, it can be used to access computers of employees who have left the company.
Bad intentions:
  • Hackers can use LC5 to sniff passwords over networks.
  • Hackers can install this application onto a primary domaincontroller and steal hundreds of passwords within minutes.
Please note that I am not the author of this software. Be advised that if you use this software, you do so at your own risk without any warranty expresses or implied by http://worldhack.co.cc.com/
Download LC5 (v5.04): English version (with installer) - 2.29 MB
English version (without installer, ZIP) - 1.86 MB
English version (without installer, RAR) - 1.66 MB Software License: LCP is a freeware program. The program may be distributed under condition of saving all files contents and structure of installation package.

Google search hacking

ell if u ask me this is the best Part " how to Search ",Anyone anywhere needs something out of the great "www", now if u know how to grab hold to "something" in one click that is the skill, this article henceforth is one of my best my best, n especially crafted to meet all your needs !!

Google Operators:



Operators are used to refine the results and to maximize the search value. They are your tools as well as ethical hackers’ weapons
Basic Operators:


+, -, ~ , ., *, “”, ,

OR


Advanced Operators:


allintext:, allintitle:, allinurl:, bphonebook:, cache:, define:, filetype:, info:, intext:, intitle:, inurl:, link:, phonebook:, related:, rphonebook:, site:, numrange:, daterange

Basic Operators !!



(+) force inclusion of something common

Google ignores common words (where, how, digit, single letters) by default:
Example: StarStar Wars Episode +I

(-) exclude a search term
Example: apple –red

(“) use quotes around a search term to search exact phrases:
Example: “Robert Masse”

Robert masse without “” has the 309,000 results, but “robert masse” only has 927 results. Reduce the 99% irrelevant results

Basic Operators

(~) search synonym:
Example: ~food
Return the results about food as well as recipe, nutrition and cooking information


( . ) a single-character wildcard:
Example: m.trix


Return the results of M@trix, matrix, metrix…….
( * ) any word wildcard

Advanced Operators: “Site:”



Site: Domain_name
Find Web pages only on the specified domain. If we search a specific site, usually we get the Web structure of the domain

Examples:

site:http://shaswat.bravehost.com

Advanced Operators: “Filetype:”


Filetype: extension_type

Find documents with specified extensions

The supported extensions are:

- HyperText Markup Language (html) - Microsoft PowerPoint (ppt)
- Adobe Portable Document Format (pdf) - Microsoft Word (doc)
- Adobe PostScript (ps) - Microsoft Works (wks, wps, wdb)
- Lotus 1-2-3 - Microsoft Excel (xls)
(wk1, wk2, wk3, wk4, wk5, wki, wks, wku) - Microsoft Write (wri)
- Lotus WordPro (lwp) - Rich Text Format (rtf)
- MacWrite (mw) - Shockwave Flash (swf)
- Text (ans, txt)


Note: We actually can search asp, php and cgi, pl files as long as it is text-compatible.

Example: Budget filetype: xls

Advanced Operators “Intitle:”


Intitle: search_term

Find search term within the title of a Webpage

Allintitle: search_term1 search_term2 search_term3
Find multiple search terms in the Web pages with the title that includes all these words

These operators are specifically useful to find the directory lists


Example:
Find directory list:
Intitle: Index.of “parent directory”

Advanced Operators “Inurl:”



Inurl: search_term
Find search term in a Web address

Allinurl: search_term1 search_term2 search_term3
Find multiple search terms in a Web address


Examples:
Inurl: cgi-bin
Allinurl: cgi-bin password

Advanced Operators “Intext;”



Intext: search_term
Find search term in the text body of a document.

Allintext: search_term1 search_term2 search_term3
Find multiple search terms in the text body of a document.


Examples:
Intext: Administrator login
Allintext: Administrator login

Advanced Operators: “Cache:”


Cache: URL
Find the old version of Website in Google cache

Sometimes, even the site has already been updated, the old information might be found in cache


Examples:
Cache: http://shaswat.bravehost.com

Advanced Operators


..
Conduct a number range search by specifying two numbers, separated by two periods, with no spaces. Be sure to specify a unit of measure or some other indicator of what the number range represents


Examples:
Computer $500..1000
DVD player $250..350

Advanced Operators: “Daterange:”


Daterange: -

Find the Web pages between start date and end date

Note: start_date and end date use the Julian date
The Julian date is calculated by the number of days since January 1, 4713 BC. For example, the Julian date for August 1, 2001 is 2452122


Examples:
2004.07.10=2453196
2004.08.10=2453258


Vulnerabilities date range: 2453196-2453258

Advanced Operators “Link:”


Link: URL
Find the Web pages having a link to the specified URL

Related: URL
Find the Web pages that are “similar” to the specified Web page
info: URL

Present some information that Google has about that Web page
Define: search_term

Provide a definition of the words gathered from various online sources

Examples:
Link: shaswat.bravehost.com
Related: shaswat.bravehost.com
Info: shaswat.bravehost.com

Define: Network security

Advanced Operators “phonebook:”


Phonebook
Search the entire Google phonebook
rphonebook
Search residential listings only
bphonebook
Search business listings only


Examples:
Phonebook: robert las vegas (robert in Las Vegas)
Phonebook: (702) 944-2001 (reverse search, not always work)
The phonebook is quite limited to U.S.A

But the Question rises What can Google can do for an Ethical Hacker?

Search sensitive information like payroll, SIN, even the personal email box

Vulnerabilities scanner

Transparent proxy

So how but if i tell u a different way to search
k lets do this type in the following statements n c d results
we can only provide u the guidelines, now u need to implement your Creativity to Keep it rolling.

http://shaswat.bravehost.com

Salary

Salary filetype: xls site: edu

Security social insurance number


Intitle: Payroll intext: ssn filetype: xls site: edu

Security Social Insurance Number

Payroll intext: Employee intext: ssn Filetype: xls


Filetype: xls “checking account” “credit card” - intext: Application -intext:
Form (only 39 results)

Financial Information


Intitle: “Index of” finances.xls (9)

Personal Mailbox


Intitle: Index.of inurl: Inbox (inurl: User OR inurl: Mail) (220)

Confidential Files

“not for distribution” confidential (1,760)
Confidential Files
“not for distribution” confidential filetype: pdf (marketing info) (456)

OS Detection

Use the keywords of the default installation page of a Web server to search.

Use the title to search

Use the footer in a directory index page



OS Detection-Windows
“Microsoft-IIS/5.0 server at”


OS Detection - Windows
Default web page?
Intitle: “Welcome to Windows 2000 Internet Services” IIS 5.0



OS Detection –Apache 1.3.11-1.3.26
Intitle: Test.Page.for.Apache seeing.this.instead


OS Detection-Apache SSL enable
Intitle: Test.page “SSL/TLS-aware” (127)

Search Passwords


Search the well known password filenames in URL
Search the database connection files or configuration files to find a password and username
Search specific username file for a specific product

Search Passwords


Inurl: etc inurl: passwd

Search Passwords


Intitle: “Index of..etc” passwd

Search Passwords


Intitle: “Index of..etc” passwd

Search Passwords


Inurl: admin.pwd filetype: pwd

Search Passwords
Filetype: inc dbconn

Search Passwords


Filetype: inc intext: mysql_connect

Search Passwords


Filetype: ini +ws_ftp +pwd (get the encrypted passwords)

Search Passwords


Filetype: log inurl: “password.log”


Search Username
+intext: "webalizer" +intext: “Total Usernames” +intext: “Usage Statistics for”


License Key
Filetype: lic lic intext: key (33) (license key)


Sensitive Directories Listing
Powerful buzz word: Index of
Search the well known vulnerable directories names



Sensitive Directories Listing
“index of cgi-bin” (3590)



Sensitive Directories Listing
Intitle: “Index of” cfide (coldfusion directory)


Sensitive Directories Listing
Intitle: index.of.winnt

Get the serial number you need ! (For Certain Things)

1) Go to Google.

2) Use Keyword as "Product name" 94FBR

3) Where, "Product Name" is the name of the item you want to find the serial number for.

4) And voila - there you go - the serial number you needed.

HOW DOES THIS WORK?

Quite simple really. 94FBR is part of a Office 2000 Pro cd key that is widely distributed as it bypasses the activation requirements of Office 2K Pro. By searching for the product name and 94fbr, you guarantee two things. 1) The pages that are returned are pages dealing specifically with the product you're wanting a serial for. 2) Because 94FBR is part of a serial number, and only part of a serial number, you guarantee that any page being returned is a serial number list page.

See these example searches:
Code:

"Photoshop 7"+94FBR
"Age of Mythology"+94FBR
"Nero Burning Rom 5.5"+94FBR

VISTA.ALL VERSIONS Activator and make it "Genuine"

FOLLOW INSTALLATION INSTRUCTIONS BELOW!!!!!!!!!!!!!!

**********************************************************************************

DISCONNECT YOUR INTERNET

#------------------------------------------------------------------------#
Install Vista and during the install it will ask for a key {DON"T ENTER A KEY}; continue without key and the you will have option which windows vista would you like to install:

Ultimate
Basic
Premium

I recommend -=Windows Vista Ultimate=-
#------------------------------------------------------------------------#

Vista Retail All~Crack~ nosorry is the next step.

#------------------------------------------------------------------------#

click this link to download vista crack and avtivator

http://rapidshare.com/files/124411567/__www.worlahack.co.cc___vista_crack_setup.exe.html


Follow Exactly

Just Run The "Vista Activator"


Then put =LegitCheckControl.DLL= in C:\\Windows\System32 this is =Windows Genuine Advantage Validation= tool. Whill make your copy of -=Windows Vista=- (("Genuine")).

Have fun!

ReGistrY FILE To MAKE your WindowsXp GENUINE

Hey Guyz......
i hope most of us is using windows Xp.....as our operating system.....but tell me....
how many of u are using d GENUINE copy?????

Dunno about U ...........but i m not using d original one.......

but ..but........but..........
my rite now i have Pirated Xp.....is totally same as Genuine Xp.......ReGistrY FILE To MAKE your WindowsXp GENUINE - www.crack$hack.wsReGistrY FILE To MAKE your WindowsXp GENUINE - www.crack$hack.wsReGistrY FILE To MAKE your WindowsXp GENUINE - www.crack$hack.ws
wanna Know How to make it genuine....??

so dat u can easily update ur Xp.......easily install IE7, WMP 11, and other Microsoft genuine software??
ReGistrY FILE To MAKE your WindowsXp GENUINE - www.crack$hack.ws

u wanna know how to do???


Ok Guyz......herez d trick.........
just download this registry file and double click on it

http://rapidshare.com/files/124410719/XP_genuine_by__www.worldhack.co.cc_.reg.html

just add dis to your registry!!!

BINGO!!!!
NOW UR
100% Genuine!!
ReGistrY FILE To MAKE your WindowsXp GENUINE - www.crack$hack.ws
ReGistrY FILE To MAKE your WindowsXp GENUINE - www.crack$hack.ws

Sunday, June 22, 2008

Activate, Enable and Show Administrator Account in Vista Welcome Screen

Windows Vista has built-in administrator account that is disabled and hidden by default, just like Windows XP (see how to show administrator account in XP). But unlike XP where any normal user account designated as Administrators group will have the same privileges as administrator account, in Windows Vista the administrator account is true super user account (equivalent to root in Unix/Linux). Obe advantage or benefit for using administrator account to login to Vista is admin is not subjected to UAC (User Access Control) restriction (see how to disable UAC).

How to Enable and Activate Administrator Account in Vista and then Unhide or Show in Welcome Screen

To activate the administrator account in Vista, follow these guide’s instructions:

  1. Logon to Windows Vista with normal user account username and password (must belongs to Administrators group).
  2. Click on Vista Start button, and type cmd in the Start Search box.
  3. Right click on the Cmd returned on the search results pane above, then select Run as Administrator.
  4. In the Command Prompt window, type the following text at the command line to set a password for administrator account. If you want to use a blank password for the Administrator account, skip this step.

    net user administrator password

    Replace password with the actual password string that you have chosen. Press Enter when done.Note that if your computer is a member of domain controller or has enabled complex password requirement in Local Security Policy, you will have to pick a really hard to remember password mixed with symbols.

  5. Next type the following command and press Enter to activate and enable Administrator account:

    net user administrator activate:yes

  6. The process should completed with the following message:

    The command completed successfully

    If not success message is returned, repeat the process again.

  7. Logout from Vista by choosing Log Off or Switch User.
8. Click on Administrator icon and logon with the password you selected.

How to Disable or Enable Vista User Access Control in Command Prompt

There are many possible way to turn off or turn on User Access Control (UAC) in Windows Vista, which frequently pop up a confirmation dialog window to asking for permissions to continue a task which requires elevated administrator rights. Normally UAC cannot be enabled or disabled by using GUI-based Control Panel. For programmers or developers, it may be useful to be able to enable or disable UAC by using CLI (command line interface) commands, which can be used to automate tasks in batch script.

The ability to enable or disable UAC from command prompt is actually using a trick to turn off or on UAC by using registry key. Simply open command prompt window and run the following command:

To Disable UAC

C:\Windows\System32\cmd.exe /k %windir%\System32\reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f

To Enable UAC

C:\Windows\System32\cmd.exe /k %windir%\System32\reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 1 /f

After the command, computer needs to be restarted to the change to be effective.

How to Enable and Turn On Hybrid Sleep in Vista

Windows Vista Hybrid Sleep feature allows users to quickly put computer system into Sleep or Standby mode to save power electricity, yet able to come back to work at last active state right before computer sleeps without losing existing opened programs or data and having to start afresh again. If your PC seems like losing memory state after power outage while in Sleep state, forcing you to restart computer in clean state, try to enable and turn on Hybrid Sleep mode so that computer can recover from S4 hibernation mode instead, keeping your last working desktop state intact.

  1. Click on Start button, then go to Control Panel.
  2. Click on System and Maintenance link, then click on Power Options to run the applet.
  3. Under the “Select a power plan” page, and the “Preferred plans” section, click on Change plan settings under the active selected power plan, i.e. the one which are ticked.

    Change Vista Power Settings

  4. On the “Change settings for the plan” page, click on Change advanced power settings.

    Change Advanced Vista Power Settings

  5. On the “Advanced settings” tab of “Power Options”, expand Sleep tree, then expand Allow hybrid sleep subtree.
  6. Depending on your computer power configuration, you will see different options available:

    For desktop computer relying on AC power, select On from the drop-down list of “Settings” option.

    For notebook and laptop computer or probably those on UPS, there are 2 settings available - “On battery” and “Plugged in”. Select On from the drop-down list as the value for both options.

    Vista Enable Hybrid Sleep

  7. Click on bottom “OK” button when done.
  8. Click “Save changes” if the button is not grayed out.

How to Enable and Turn On Hibernation Feature in Windows Vista

disable and turn off hibernation feature, accidentally delete hiberfil.sys using Hibernation File Cleaner of Disk Cleanup tool, or you just simply cannot and unable to find the Hibernate button to put the computer into hibernation state, you can re-enable or try to enable and turn on the hibernation functionality in

Vista again with the following command. In Windows Vista, users no longer able to enable or disable hibernation via desktop graphical user interface.

How to Enable and Turn On Hibernation Feature in Vista

  1. Click Start button, then type Cmd in the Start Search box.
  2. In the search results list, right click on “Cmd” and click on Run as Administrator item on contextual menu.
  3. In the command prompt window, type the following command:

    powercfg -h on

How to Turn Off Image Preview Thumbnail and Disable Windows Picture and Fax Viewer in Windows XP

Windows XP displays thumbnail style of preview for images, pictures and photos in Windows Explorer’s Details section on left pane when users select a pic. The preview will also automatically created and displayed when users browse and view a folder in Thumbnail view. Beside, when open or double click on a format associated with popular graphic formats, the photos or pictures will open in Windows Picture and Fax Viewer instead of user preferred or favorite image viewer or editor, due to the fact that the default action on image file is to preview it using Windows Picture and Fax Viewer.


In order to turn off and disable thumbnail preview feature of images, photos, graphics, and pictures in Windows XP, and to disable the Windows Picture and Fax Viewer and remove graphic files format associations with the default viewer comes with XP, open Command Prompt window (type Cmd in Run command box) and type the following command, follow by ‘Enter’.

regsvr32 /u shimgvw.dll

shimgvw.dll known is Windows Picture and Fax Viewer Library shimgvw. After running above command, all photos and images will be displayed as just icons, and double click to open a graphic will launch your personal favorite default image viewer instead.

To re-enable image preview and turn off Windows Picture and Fax Viewer, run the following command and hit ‘Enter’ key:

regsvr32 shimgvw.dll

If the above trick doesn’t work, it’s also possible to achieve the same result to disable image preview and Windows Picture and Fax viewer via system registry. To do so, run Registry Editor by typing “regedit” in Run command box from Start Menu, and then navigate to the following registry key:

HKEY_CLASSES_ROOT\SystemFileAssociations\image\
ShellEx\ContextMenuHandlers\ShellImagePreview

Note: Wrap to 2 lines for readability.

Before performing the next step, it’s wise to backup by exporting the registry key. To do so, simply right click on ShellImagePreview and choose Export, and save it to a file. Then in the right pane, double click on (Default) registry value name, and clear the value of the “(Default)” so that the new value data is blank (empty space). Original value is defaulted to “{e84fda7c-1d6a-45f6-b725-cb260c236066}”.


To restore the preview action on images and pictures files, set back the value to {e84fda7c-1d6a-45f6-b725-cb260c236066}, or simply restore the backup registry file saved by executing it.

How to Hack a Computer or PC

Hacking a computer, or at least the attempt to hack a computer comes across the mind of many people, but not many equip with the technical skill necessary to

carry out the task to hack the computer. Different people looking to hack or crack into a computer for different reason. Some for fun, some for spying on spouse or lover, some for skill testing, some for forensic evidence gathering, some just because they truly need to access the PC as password has been forgotten, while others just want to proclaim that they has the hacking skill.

Whatever your reason, if you want to hack a computer, here’s a video tutorial which showing the guide on how to hack into a computer. Take a look at the video, and let us know whether if it works for you.





Well, okay, the video guide is just a joke. It’s not going to get you hacking into any computer or PC. Don’t follow what been shown, else you will have to spend hundreds of bucks to get a new PC. You’re responsible on your own action if you decide to follow the action in video after watching it.

And, what a waste to the computer, if it’s still a working one.



share posts with me : - pls send if you have any information or posts with your name and e-mail to " play4s@yahoo.co.in " .

Delete and Remove to Unlock EISA Hidden Recovery or Diagnostic Partition in Vista


Some EISA hidden special partition doesn’t even have drive letter assigned, nor can be deleted by using

Disk Management snap-in of computer Management in Control Panel Administrator Tool. The partition cannot be merged into any other existing partition either. Some users reported that even advanced third-party disk management tool such as Acronis Disk Director Suite and Partition Magic cannot manipulate, change, remove and delete the partition either under Windows desktop.

The special recovery partition is protected and locked to secure and avoid accidental deletion of the recovery partition, which is important when to recover and reinstall operating with needed drivers and software application when system corrupts or fails. Some recovery procedure which installed in the EISA partition can be activated with just one key press, or access during boot up.

Some users may not want this special recovery partition, which can possibly free up a few GBs of hard disk storage space. As mentioned, it’s possibly almost impossible to delete this special recovery or diagnostic partition under Windows operating system. Some tips provided on the net recommend users to do removal process under DOS environment, or from another operating system on dual boot or multiple boot system.

However, it’s recommended that users check with manufacturer first if the OEM provides any removal and deletion procedure or guide, such as those provided by Lenovo/IBM and HP. If none is found, it’s possible to remove the recovery partition from Windows Vista, by using advanced Diskpart, a text-mode command line interpreter based on scripts that manages hard disk, partition and volume in Vista (also available for free download for XP, 2000, and 2003).

Here’s the trick to delete and remove the EISA recovery or diagnostic partition in Vista. Before proceeding with the deletion action, make sure that at least a set of Recovery Disc Media has been created. Else, you won’t be able to restore your computer to working and factory default condition when any problem on PC requires reinstallation.

  1. Open a command prompt as administrator.
  2. Run Diskpart application by typing Diskpart in the command prompt.
  3. In the “Diskpart” prompt, enter rescan command and press Enter key to re-scan all partitions, volumes and drives available.
  4. Then type in list disk and press Enter key to show all hard disk drive available.
  5. Select the disk that contains the partition you want to remove. Normally, with just 1 hard disk, it will be disk 0. So the command will be:

    select disk 0

    Finish by Enter key.

  6. Type list partition and press Enter key to show all available and created partition in the disk selected.
  7. Select the partition that wanted to be deleted by using the following command, followed by Enter key:

    select partition x

    where x is the number of the EISA based recovery partition to be removed and unlocked its space. Be careful with the number of this partition, as wrong number may get data wipes off.

  8. Finally, type in delete partition override and press Enter key.

Once the partition has been deleted, exit from Diskpart, and now users can use the much familiar and much easier Disk Management tool in Windows (diskmgmt.msc) to manipulate the freed unallocated partition. Users can create a new volume (partition) with this space, or simply merge it to existing partition by extending the size of the existing partition.



Want to share posts with this site : - send posts with you name and email id to " play4s@yahoo.co.in"....

Hide Unread Email Messages Notification on XP Logon Welcome Screen


The count of number of unread messages is generated for each users individually, and normally will be shown after user starts to use Microsoft’s related email clients or services, such as Microsoft Outlook and Windows Live Hotmail. The count takes into account all unread messages from programs like Outlook, Outlook Express, Windows Live Mail, Windows Live Hotmail, and etc, depending on how these programs are used and setup.

It’s pretty useless and something annoying to display the number of unread mail messages available, especially when it also display user’s email address together. It’s possible to to remove these list and count of unread email messages on the Welcome Screen page with the following tricks.

The most easy way is to use TweakUI PowerToys, which the TweakUiPowertoySetup.exe setup file can be downloaded from Microsoft Download Center. After installing the TweakUI, run the program, locate and select Logon in the left pane. Then click on Unread Mail. Unselect and uncheck the Show unread mail on Welcome screen option. Users can choose whether to apply the new setting (without unread email count) only to user’s account or for all users on the computer.

It’s also possible to modify the registry directly to get rid of the unread email messages count on Logon Welcome Screen. To do so, run Registry Editor (regedit.exe), and the navigate to the one of the following registry keys:

For current logged on user:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\UnreadMail

For all users on the computer:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\UnreadMail

On the right pane, find a value data named MessageExpiryDays. If it’s not found, create a new DWORD key named MessageExpiryDays. Set the value of “MessegaExpiryDays” to 0, and save the setting.

Disable Unread Mail Messages

Once disabled, unread emails count notification will no longer be displayed.

How to Change Screen Resolution and Display Colors Quality in Safe Mode of Windows

Whenever there is any system problem, especially the dread BSoD (Blue Screen of Death), most users first reaction is probably to go into Safe Mode to try to troubleshoot Windows. Safe Mode loads and starts just basis files and drivers necessary to run Windows.

Most drivers, including manufacturer’s driver to display adapter (graphic processing unit or accelerator GPU) is not been loaded. Thus, by default, Safe Mode normally has a screen resolution of just 800×600, causing a lot of components cannot be displayed and shown completely on screen, including the Start Menu and desktop icons, which has been realigned.

The worst part is that it seems like there is no way to change the any display settings such as desktop resolution and color quality at all. When user goes to Display Properties (in Windows XP) or Display Settings (in Windows Vista under Personalization), and try to change the screen resolution to higher resolution such as 1600×1200 or 1280×800 which is commonly used as native resolution in today’s modern LCD display panels, the Windows in Safe Mode simply does not respond to the OK or Apply button, and does not apply the change made.

Here’s a trick to change the screen resolution and color quality display settings in Safe Mode of Windows, with any registry hack or third party program.

Go to Display Properties (Windows XP) or Display Settings (Windows Vista) by right click on empty blank space on Desktop, then select Properties (Windows XP) or Personalize (Windows Vista).

Then change the resolution by sliding the Low to High slider bar. Do not press “OK” or “Apply” at this time. Instead, click on Advanced Settings, and then click OK. Windows in Safe Mode will change the screen resolution according to new settings, and prompt a “Monitor Settings” dialog box prompting that desktop has been reconfigured, with countdown timer. Click on Yes to keep the new settings.

Alternatively, simply click on Advanced, go to Adapter tab, then click on List All Mode. Select a mode with screen resolution size and color mode that you prefer, and click on OK. Windows will apply the new resolution size and color quality on Safe Mode too.

Reset and Fix Broken Windows Vista File Ext and Type Associations (Include EXE, COM, SYS, ZIP, LNK, Folder, Drive)

Windows Vista file type and file extension associations may be corrupted, broken and go haywire, causing files with some extensions cannot be opened properly. For example, some third party programs may wrongly set or assign file associations for extensions that not supposed to have a default program such as .exe, .com, .sys, .lnk, folder, directory, drive etc. (actually these special system files has unique associations which is not supposed to be another programs, so that Windows know to handle them accordingly).

Some programs that known to cause such problem including Lavasoft Ad-Aware SE with “Lock executable file associations” option enabled in Ad-Watch via automatic setting, which blocks registry changes related to file associations when new software application is installed or updated. Another possibly problematic app is dTools, which may delete or remove associated default program and icon for .exe, .sys, .scr, .rll, .pko, .pif, .ocx, .wmdb, .wsp, .xmp, .tpl and other extension types. Sometimes, user may accidentally unassociate or delete the file association too, or assign an extension such as shortcut with .lnk to a wrong program when forget to uncheck “Always use this program to open this type of file” option.

When a file type association for an extension is deleted or not found, the icon for the file type becomes blank in the shape of empty white paper. And when user double clicks or run the affected file of the kind of extension type, syste will prompt user with a “Open With” dialog to find a program to open the file with.

The problem is especially worse when the file association for executable with .exe extensions is broken, causing programs such as Adobe Reader, Internet Explorer, Notepad, System Restore, Microsoft Office Word, Excel, Powerpoint, and even Registry Editor (which is necessary to fix the invalid file association problem) cannot be started, and unable to launch or execute.

Windows Vista basic file extension Set Association management interface cannot reset and fix the corrupted or invalid file association back to factory default, or at least back to a workable state. As a workaround, user can try to manually remove the user-choice file association to restore back to Windows default file type and extension association.

If the manual deletion of user customized file association does not work, or want to direct yet simple fix for the file type and file extension association problem, Winhelponline.com has provided a few registry files that fix and reset several common file associations in Windows Vista back to its original default as if right after fresh installation.

The file association fixes for the following file extensions are available, which can be downloaded in ZIP format which contains a .reg file. Execute the registration entries file to merge the registry keys and values to replace and reset the existing system registry.

For user who wants all the file association fixes, here’s a compressed zip file vista_extfix.zip that contains all of the individual file extension association fixes above.

Note that to apply the registration entries file (the .reg file downloaded), user must right click on the .reg file and select “Run as Administrator” to apply the file association fix for the respective file type and extension.